Implementing CIFS

Bombcar writes "Anyone who has used Microsoft products in the last ten years has used the SMB protocol (now known as CIFS). Some have become experts in the usage of Windows file sharing, Samba, and more. We know that there can be a 15 minute delay before new machines appear in 'Network Neighborhood'. We've read the Official Samba 3 book, and follow the Samba mailing list once in a while, perhaps even answering questions. But there is a limit to the knowledge given by these sources." Read on for Bombcar's review of Implementing CIFS from Prentice Hall. Implementing CIFS author Christopher R. Hertel pages 642 publisher Prentice Hall rating 8 of 10 reviewer Tom Dickson ISBN 013047116X summary In-depth (but not too deep) coverage of the CIFS/SMB protocol

It is one thing to be able to use Samba, Windows, and the Common Internet File System (CIFS) protocol. It is another thing entirely to understand CIFS with sufficient depth to begin coding using it. This is where Christopher Hertel's Implementing CIFS begins.

This thick book (over 600 pages) begins with a history of NetBIOS in the DOS era. It quickly progresses to NetBIOS over TCP/IP (which evolved into the current CIFS protocol). Hertel documents the beginnings of quirks that will last throughout the life of the protocol. There is an RFC that was proposed in 1987, but many vendors have added extensions to this. (It might surprise you to learn that Samba has added extensions, which are covered in Chapter 24).

After the basic overview, he quickly dives into real coding of an actual (though simple) implementation. This will be his style for the rest of the book (except for humorous asides now and then). An aspect of the protocol, such as Name Resolution, will be explained in some detail, and then expounded in actual code (and in a few cases pseudocode).

The detail is good but not overwhelming. Some people (with names like Jerry Carter or Andrew Tridgell) will want more depth than this book provides, but for with a protocol as varied as CIFS, choices have to be made. As the Samba website mentions, this book is written in "Geekish." The book covers aspects of older and newer SMB/CIFS implementations, including a description of the NTLM2 challenge/auth system.

One thing that should be noted is that the code examples work, but as the author points out, they usually have little or no error handling. This is common to many books, but it is something to remember.

Now, should you get this book? If you're just a user, you probably don't need it. But if you've ever wished you could understand the Samba technical mailing list, or wanted to know why it takes up to 15 minutes to see a new machine, then you'll enjoy this book. If you want to utilize CIFS in any manner (even if just implementing Samba for clients), I'd highly recommend reading this. It will help you to understand what is going on on your network, even if you're not writing the code yourself. And if you want to be a Samba coder, it is required reading.

What didn't I like? I first read the book in an airport, and found that it relies heavily on having access to a computer. I would have preferred more explanations of code fragments than was given. However, this is a minor issue; most people who are implementing CIFS will be using a computer! I was also left with a desire for more information, but the large Appendix D along with many sources recommended provide for further study.

As a bonus, Appendix A tells you how to make a good cup of Earl Grey tea! That alone to some would be worth the price of admission.

You can purchase Implementing CIFS from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

But who likes CIFS?

[bbsguru]

I know this is a difficult topic, but...Can't we just let CIFS to die, already?Alright, barring that, this really is a useful book. I wish I hadn't already learned it in the usual too-much-caffeine-for-rational-thought method.

Re:But who likes CIFS?

[smharr4]

It's all very well saying 'let it die', but just what would you replace it with?

Re:But who likes CIFS?

[El]

Can't we just let CIFS to die, already? As long as people are still running Windows and Windows is still using CIFS, it will be necessary to support CIFS for Windows interoperability. No argument from me that it is a horrible protocol for file sharing; but then NFS isn't much better.

Re:But who likes CIFS?

[azzy]

Easy, with the Posh Internet File System

Re:But who likes CIFS?

[smharr4]

Exactly the point I was trying to make above.

As much as the slashdot crowd would probably hate to admit that Microsoft got something right, SMB/CIFS is the 'killer app' for sharing files and printers over a LAN.

If there's another application that does the same job as SMB/CIFS and is:

• Free
• easy to use client
• easy to configure server
• multiplatform - Windows, OS X, varying strains of Unix, and linux

then bring it on. Until then, we're stuck with CIFS.

Re:But who likes CIFS?

[Kethinov]

Replace it with nfs unix file sharing maybe? Oh I forgot. We're talking about Windows here. God forbid Microsoft should support nfs. It's not as if it's better than smb or anything and it's not as if Mac and the rest of the Unix world already support it

Re:But who likes CIFS?

NFS is cool so long as you don't need passwords or authentication on your network resources. For other people that might be a little issue.

Re:But who likes CIFS?

[Laur]

Replace it with nfs unix file sharing maybe? Oh I forgot. We're talking about Windows here. God forbid Microsoft should support nfs.

Download Windows Services for UNIX for free from Microsoft, it contains a NFS client and server. I use this on my home network, no more Samba and its confusing config file (even with SWAT it is a nightmare). You can even choose to just install the nfs services and continue to use Cygwin for the rest of your Unix-on-Windows goodness.

Samba in Linux vs Windows

[mauriatm]

Maybe a bit offtopic, but on my network I notice that Windows machines in the Network Neighborhood are slower to access than samba shares on linux machines. Go figure.

O'Reilly Safari

[Erik_]

And best of all it's available on O'Reilly's Safari service.

Network Neighborhood

[frenetic3]

I've always wondered why on some machines it takes so damn long to browse the network on everything from 95 to XP -- most of the time I simply whimper and mumble incoherently waiting for it to eventually finish, but have never been able to diagnose the problem. Over the 'net it's even more agonizingly slow -- minute-long delays when pings are 30ms or less.

The post suggests that this book tells the answer, but do any enlightened here know some typical causes of the ridiculously poor performance?

-fren

Re:Network Neighborhood

[Bombcar]

The usual cause is badly synced browse lists.

If you add a samba server and tell it to run WINS (with wins=yes), and then tell EVERY windows machine that the wins server is at (IP address of Samba Server), things usually speed up considerably.

Also, there is (I believe), a C:\winnt\system32\drivers\etc\lmhosts file that works as a hosts file for WINS).

Re:Network Neighborhood

[droid_rage]

Not true. 2k and XP both fully support WINS. It's generally configured in the DHCP scope, but it can be explicitly defined on the client.
MS is trying to kill it off, but since 9x and NT boxes don't understand DNS for anything but internet name resolution, its demise is still a long way off.

Re:Network Neighborhood

Its hardly dying, in fact WINS is still very much alive and well in many Win2k networks. Those who don't use it get to enjoy wondering why nobody can see anything in network neighborhood and can lots of problems. That whole "WINS is dead" crap went out the window a few months after Windows 2000 came out.

With 2k/2003 MS took a HUGE step back in networking. In a technical sense AD in better in every single way. But in terms of ditching old things like WINS its a total failure. Back in the old days networking 98 to NT was moron proof. Try connecting a 98 to XP box some time.

Anyway based the fact that you didn't know that XP supports WINS I'll just assume your not an admin, but ask anyone who actually is a admin and works with Windows 2000 any they'll tell you WINS is far from dead.

My Take

[110010001000]

This book is simply the best reference available for CIFS. I only say that because I have spent $$$ getting everything on the subject I can. With the recent changes in Microsoft licensing every sensible IT professional should be exploring alternatives. A SAMBA server is a great alternative. This book is all you need to go from knowing next to nothing to knowing enough to impress your geeky Network Admin friends.

This book is well written, clear and expansive. I didn't read it cover to cover (not at first anyway) I found pieces I needed, applied it, digested it, reviewed it and then went on to the next morsel I needed. If I missed something it was easy to find. By the way, it works with Win2K and WinXP neither of which is well documented by anyone anywhere.

Book is open source as well

The full text of the book is available online as well; I don't want to slashdot the site, but google for "implementing cifs".

Re:Most implementations will be in written in C...

[110010001000]

For what purpose? Ruby is an esoteric language that hardly anyone uses and less people will use as the years goes on. This means that the code base will be unmaintainable.

Now Java or C# is a real option. Microsofts next implementation will be written in C# as a matter of fact.

This book is under an Open Source license

[Bruce+Perens]

Like all books in Bruce Perens Open Source Series, this book is under an Open Source license.

• Download the unencrypted PDF.
• Download the Docbook XML source for the book.
• Download the figures.

Thanks

Bruce

Re:This book is under an Open Source license

[Bruce+Perens]

Thanks. There are 10 books in the series now, all treated the same as this one - online source and PDF, Open Source license. As far as I can tell, all have at least broken even, and most have made money.

But the fact is that technical book authors are generally writing for some other reason than to get direct income from the book. Most do it for the intangibles - promotion of their own careers or projects they support, etc.

What I like about this series is that the books need never die, since anyone can edit and print them. They don't get into that state where the publisher sells a few hundred copies a year on order and doesn't revert the rights to the author for years. Authors hate that.

But we are careful with timing. We make sure the "pipeline" between the publisher and bookstores is full before the electronic copy is available. So, clone publishers don't have much incentive, as the stores have already filled their orders.

I have to admit that this would not work as well if people liked to curl up with e-books. If that day ever comes, we'll change the strategy, but the end product will still be Open Source books.

If you are very anti-open-source, it's probably because you don't yet understand the ways that Open Source works well for business and business people. I have a paper on the economic basis of Open Source that I'm working on, that you will probably find of interest. It should be out in a week or two.

Thanks

Bruce

Re:This book is under an Open Source license

[Bruce+Perens]

Yes, I will put it up on the web. I think I can show you that Open Source isn't damaging to individual software developers and is of benefit to business and the economy in general. But it is damaging to a Microsoft-style business. Home refrigerators were very damaging to the huge industry that harvested, stored, and transported ice.

Thanks

Bruce

M$ hides other half of knowledge

[superpulpsicle]

As good as Samba is... you know M$ is always hiding something about their network neighborhood protocol. It wouldn't surprise me if the code reads "If Samba wait 5 minutes"

Re:M$ hides other half of knowledge

[MacDaffy]

Don't be surprised; you're right! I was doing QA for a CIFS implementation when the engineer ran across a bug that he just couldn't corral. We checked the RFC. We checked the code. We checked installation. Couldn't pin anything down.

He finally put a sniffer on the network and analyzed the traffic between a Windows server, a Windows workstation and a workstation running our implementation. Turns out that the RFC instructs implementers to NEVER place anything other than zero into a certain location (LONGINT). However, that field was almost always non-zero when it was passed between the two Windows machines.

The engineer put the length of the data transfer in bytes into the field and it has worked ever since.

That incident cemented my negative attitude toward Microsoft. They don't try to win by looking good; they try to win by making everyone else look bad--even if that includes themselves. If you're uncertain about something that Microsoft is doing, use that premise as a reference point and you can't go wrong.

This is a great book for implementors

[dslamguy]

I read this book on Chris's web site even before it was published (yes, I have bought a copy) and it was an invaluable guide for me as I wrote a CIFS implementation. The book is fairly easy to read, even though it is highly technical. What it does cover, it covers extremely well.

However, I did need the sniffer method of reverse engineering for much of what the book did not cover. One complaint I had is that I needed more information on the higher level protocols such as LANMAN for handling printer queues and this information was either non-existent or schetchy in the book. Although the book is long, much of it is taken up by a CIFS document which you could download for free on the internet. So I do think that the description part of the book could be more extensive (Sorry Chris). Maybe in the next revision.

You might ask why I was implementing CIFS from scratch? Its a valid question, since Samba would/should be anyone's implementation of choice. I did it because we are developing a printer which is not GPL (and unfortunately not based on Linux). We are not using any GPL code in it, and so this was really the only choice besides buying it from someone (but where's the fun in that). I am planning on releasing this code under a BSD license, but it's not ready for prime time yet and I need to get back to it (in a couple of months).

So this was a really good book for CIFS implementors, but how many of those could there be?

Re:Windows XP network problems: Underlying sloppin

One thing that should be added to that document is that all the Win9x machines should have the ability to be a Master Browser disabled (so long as there's at least 1 NT machine on the net).

Otherwise, eventually one of the 9x machines with think it's won the browse election even when that should be impossible. This screws the network neighborhood. Very longstanding bug going back to WfW. You can check the state of your network using the "browstat" tool that comes with the resource kit.

(Also, yer correct that NetBIOS or IPX will be faster than NBT for whatever reason. Make sure to adjust the "binding order" so that these protocols come ahead of TCP/IP. Can't recall exactly how to do this, sorry.)

This might not be realistic for a home net, but install WINS/DHCP if possible and put the clients into p-mode. (no NetBIOS broadcasts)

Re:How come you have time to shill for your books.

[Bruce+Perens]

Oops. I thought I sent those off to roblimo. Are you sure?

Bruce

Re:Why CIFS/Samba at all?

[MarcQuadra]

Alright, I can give a good reason. NFS does NOT authenticate, it blindly trusts UIDs.

So when I log into my friend's machine with his password, I'd be able to access my files on my machine as long as our UID is the same. Big trouble.

CIFS, on the other hand, has authentication, so I can put my SAMBA server on the wide-open internet and be somewhat sure that someone would need my password to get my files. Try that with NFS and you'd be owned (or fileless) in minutes.

Granted, there ARE ways to lock NFS down, and there are good arguments that maybe the modern file server SHOULDN'T authenticate, it should rely on another layer to handle that, but until it's easy as pie to get a Kerberos/PAM/NFS system working (no small task today), I'll stick to CIFS.

What about patching?

[emil]

There will be bugs in the M$ nfs server code. Will Windows Update patch them?

The patch against SQL Slammer had been out for six months before Slammer took down South Korea and invaded a nuclear power plant. I don't want to install anything that requires special patching procedures.

Samba is a snappy name but

[LenE]

I was hoping that 3.0 would have been renamed as CIFiliS.

I mean, it would give the right impression about the Windows native file sharing protocol, and would be great for PHB's.

PHB: "Did you get that Samba thingy working on the server?"

IT Guy: "No, the server has CIFiliS"

PHB: "Oh. I'm sorry. You should run one of those virus checker things."

-- Len

Re:MacOSX Samba

[tupps]

Actually Apple gives away (BSD Style license) a code sample for implementing rendevous services. That should mean that anyone can/should implement rendevous if they need network discovery.