Network and Storage Protocols
Network and Storage Protocols
Hello anyone,
Today I enabled SMB2 (options cifs.smb.enable on) on our FAS3070 but it don't work.
Wireshark tells me that only SMB1 is used.
On the partner node I enabled SMB2, too. Here it works.
There, Wireshark tells me SMB2 is used.
The options of filer1 are:
Filer1> options cifs cifs.LMCompatibilityLevel 1 cifs.audit.account_mgmt_events.enable off cifs.audit.autosave.file.extension cifs.audit.autosave.file.limit 0 cifs.audit.autosave.onsize.enable off cifs.audit.autosave.onsize.threshold 75% cifs.audit.autosave.ontime.enable off cifs.audit.autosave.ontime.interval 1d cifs.audit.enable off cifs.audit.file_access_events.enable on cifs.audit.liveview.allowed_users cifs.audit.liveview.enable off cifs.audit.logon_events.enable on cifs.audit.logsize 524288 cifs.audit.nfs.enable off cifs.audit.nfs.filter.filename cifs.audit.saveas /etc/log/adtlog.evt cifs.bypass_traverse_checking on cifs.client.dup-detection ip-address cifs.comment cifs.enable_share_browsing on cifs.gpo.enable off cifs.gpo.trace.enable off cifs.grant_implicit_exe_perms off cifs.guest_account cifs.home_dir_namestyle cifs.home_dirs_public_for_admin on cifs.idle_timeout 1800 cifs.ipv6.enable off cifs.max_mpx 1124 cifs.ms_snapshot_mode xp cifs.neg_buf_size 65340 cifs.netbios_aliases <OUR NETBIOS NAMES> cifs.netbios_over_tcp.enable on cifs.nfs_root_ignore_acl off cifs.oplocks.enable on cifs.oplocks.opendelta 0 cifs.per_client_stats.enable on cifs.perfmon.allowed_users cifs.perm_check_ro_del_ok off cifs.perm_check_use_gid off cifs.preserve_unix_security off cifs.restrict_anonymous 0 cifs.restrict_anonymous.enable off cifs.save_case on cifs.scopeid cifs.search_domains <our domains> cifs.show_dotfiles on cifs.show_snapshot off cifs.shutdown_msg_level 2 cifs.sidcache.enable on cifs.sidcache.lifetime 1440 cifs.signing.enable off cifs.smb2.client.enable off cifs.smb2.durable_handle.enable on cifs.smb2.durable_handle.timeout 16m cifs.smb2.enable on cifs.smb2.signing.required off cifs.snapshot_file_folding.enable off cifs.symlinks.cycleguard on cifs.symlinks.enable on cifs.trace_dc_connection off cifs.trace_login off cifs.universal_nested_groups.enable on cifs.weekly_W2K_password_change off cifs.widelink.ttl 10m
and the options of filer2
Filer2> options cifs cifs.LMCompatibilityLevel 1 cifs.audit.account_mgmt_events.enable off cifs.audit.autosave.file.extension cifs.audit.autosave.file.limit 0 cifs.audit.autosave.onsize.enable off cifs.audit.autosave.onsize.threshold 75% cifs.audit.autosave.ontime.enable off cifs.audit.autosave.ontime.interval 1d cifs.audit.enable off cifs.audit.file_access_events.enable on cifs.audit.liveview.allowed_users cifs.audit.liveview.enable off cifs.audit.logon_events.enable on cifs.audit.logsize 524288 cifs.audit.nfs.enable off cifs.audit.nfs.filter.filename cifs.audit.saveas /etc/log/adtlog.evt cifs.bypass_traverse_checking on cifs.client.dup-detection ip-address cifs.comment Netapp Filer cifs.enable_share_browsing on cifs.gpo.enable off cifs.gpo.trace.enable off cifs.grant_implicit_exe_perms off cifs.guest_account cifs.home_dir_namestyle cifs.home_dirs_public_for_admin on cifs.idle_timeout 1800 cifs.ipv6.enable off cifs.max_mpx 1124 cifs.ms_snapshot_mode xp cifs.netbios_aliases <OUR NETBIOS NAMES> cifs.netbios_over_tcp.enable on cifs.nfs_root_ignore_acl off cifs.oplocks.enable on cifs.oplocks.opendelta 0 cifs.per_client_stats.enable off cifs.perfmon.allowed_users cifs.perm_check_ro_del_ok off cifs.perm_check_use_gid off cifs.preserve_unix_security off cifs.restrict_anonymous 0 cifs.restrict_anonymous.enable off cifs.save_case on cifs.scopeid cifs.search_domains <OUR DOMAINS> cifs.show_dotfiles on cifs.show_snapshot off cifs.shutdown_msg_level 2 cifs.sidcache.enable on cifs.sidcache.lifetime 1440 cifs.signing.enable off cifs.smb2.client.enable off cifs.smb2.durable_handle.enable on cifs.smb2.durable_handle.timeout 16m cifs.smb2.enable on cifs.smb2.signing.required off cifs.snapshot_file_folding.enable off cifs.symlinks.cycleguard on cifs.symlinks.enable on cifs.tcp_window_size 64240 cifs.trace_dc_connection off cifs.trace_login off cifs.universal_nested_groups.enable on cifs.weekly_W2K_password_change off cifs.widelink.ttl 10m Filer2>
So why SMB2 is only available at filer2 and not on filer1?
What have to be done to enable SMB2 correctly?
System Specs:
FAS3070
Data Ontap 7.3.7P1
Tanks for any help,
jenoptik
additional info:
on filer1:
Filer1> cifs domaininfo Type: NT4
on filer2:
Filer2> cifs domaininfo Type: Windows 2003
Is perhaps the fact that both domains have different domain types the problem?
All you have to from the filer side is enable it. That's it.
The client will negotiate SMB2 if it's supported on the client and if SMB1 connections aren't already established to the filer.
Win2k3 and XP, for example, do not support SMB2. Win2K8 and later does.
If you have a supported client, it's possible the client has already negotiated SMB1 to the filer. If that's the case, reboot the client and try again.
Hi Sir,
One doubt I have,
According the article, user enabled SMB2 on single controller and some how forgot to enable it on partner node.
Why it blocked node01 to server SMB2 request?
As per my understanding, client request will come to node01 and it may not verify settings on partner node. Will it verify in any scenario?
I think, as per HA recommendataions, we need to have same settings on both the controller. But some how it was missed.
Why I am discussing on this is, I have seen similar situation after enabling smb2 on both the controllers and just because, cifs netbios over tcp option is not have equal values in both the controllers.
Later it was fixed after making it equal.
So, Kindly need your help to understand the behavior, how the DIFFERENCE IN THE OPTIONS causing the issue.