9 Appendix A -- NETBIOS transport over TCP

Previous page
Table of content
Next page

With respect to the 7-layer OSI reference model, NetBIOS is a session layer (layer 5) Application Programmer's Interface (API). The NetBIOS API has been implemented on top of a variety of transports (layer 4), including TCP/IP. NetBIOS over TCP/IP transport is specified in RFC 1001 and RFC 1002 (IETF Standard #19).

NetBIOS is the traditional session layer interface for SMB/CIFS. For backward compatibility with older systems, CIFS implementations SHOULD provide support for RFC 1001/1002 transport.

9.1 Connection Establishment

Connections are established and messages transferred via the NetBIOS session service (see section 5.3 of RFC 1001 and section 4.3 of RFC 1002). The system that originates the connection is the "calling" node; the target node is the "called" node. In order to establish an SMB session, a TCP connection must be established between the calling and called nodes. If a TCP connection already exists, the SMB session may make use of the existing connection.

9.2 Connecting to a server using the NetBIOS name

Before a NetBIOS session can be established, the node initiating the session (the "calling" node) must discover the IP address of the target node (the "called" node). This is done using the NetBIOS name service (see section 5.2 of RFC 1001 and section 4.2 of RFC 1002). NetBIOS names are always 16 bytes, padded with spaces (0x20) if necessary, as specified in the RFCs. The 16th byte has been reserved, however, for use as a service indicator. This field is known as the "suffix byte".

The NetBIOS session service requires that the client provide the NetBIOS names of both the calling and called nodes. The calling name is the default NetBIOS name of the client, space padded as described, with a suffix byte value of 0x00. The called name is the NetBIOS name of the server with a suffix byte value of 0x20. Server implementations which support SMB via NetBIOS over TCP/IP MUST support the registration and use of the server NetBIOS name.

The calling name is not significant in CIFS, except that an identical name from the same transport address is assumed to represent the same client. SMB session establishment is initiated using a "Session Request" packet sent to port 139 (see section 4.3.2 of RFC 1002).

9.3 Connecting to a server using a DNS name or IP address

Implementations MAY support the use of DNS names or IP addresses in addition to NetBIOS names when initiating SMB connections via NetBIOS over TCP/IP transport. This functionality is an extension to the NetBIOS over TCP/IP behavior specified in RFC 1001 and RFC 1002, and is not part of that standard.

As stated above, the Session Request packet requires a called and a calling name, both of which are NetBIOS names. In order to create a Session Request packet, the DNS name or IP address of the server must be reverse-mapped to the server's NetBIOS name. Mechanisms for doing so are as follows :

9.3.1 NetBIOS Adapter Status

A NetBIOS Adapter Status Query is sent to the target IP address. If a response is received and the target is offering SMB services via NetBIOS over TCP, then the response will include a NetBIOS name with a suffix byte value of 0x20. This NetBIOS name may be used as the called name in a Session Request packet.

9.3.2 Generic Server Name

Servers offering SMB services via NetBIOS over TCP/IP MAY accept the generic SMB server name "*SMBSERVER". A client can simply use the name "*SMBSERVER" as the called name in a Session Request packet. As with all SMB server NetBIOS names, the "*SMBSERVER" name must be space padded and terminated with a suffix byte value of 0x20.

The "*SMBSERVER" name MUST NOT be registered with the NetBIOS name service, as it is an illegal NetBIOS name (see section 5.2 of RFC 1001).

The target may return a CALLED NAME NOT PRESENT error. This may simply indicate that the server does not support the "*SMBSERVER" generic name.

9.3.3 - Parsing the DNS Name (guessing)

Systems which support NetBIOS transport over TCP/IP will often use the same base name within the DNS and NetBIOS name spaces. Thus, the first label of the DNS name represents a good guess at the NetBIOS name of the server.

The first label of the DNS name consists of the initial portion of the DNS name string, up to but not including the first dot character (' . '). If the label is greater than 15 bytes in length, it must be truncated to 15 bytes. The result is then space padded to a total of 15 bytes, and a suffix value 0x20 is used. This forms a valid NetBIOS name that may be used as a called name in a Session Request packet.

If the target returns a CALLED NAME NOT PRESENT error, then the DNS name guess is incorrect. If the original user input was an IP address, the DNS name can be determined using a reverse lookup against the DNS. Any or all of the above MAY be tried in any order.

9.4 NetBIOS Name character set

There is no standard character set for NetBIOS names. NetBIOS names are simply strings of octets, with the following restrictions:

  • Names which are to be registered with the NetBIOS Name Service must not begin with an asterisk (0x2A). (The *SMBSERVER name is never registered.)

  • Names should not contain a NUL (0x00) octet. Common implementation languages may interpret the NUL octet value as a string terminator.


Previous page
Table of content
Next page
Implementing CIFS. The Common Internet File System
Implementing CIFS: The Common Internet File System
ISBN: 013047116X
EAN: 2147483647
Year: 2002
Pages: 210
Authors: Christopher Hertel
BUY ON AMAZON
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Web Systems Design and Online Consumer Behavior
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Java Concurrency in Practice
Special Edition Using FileMaker 8
Programming .Net Windows Applications
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy