Improvements in the SMB 3.0 and 3.02 Protocol Updates
Microsoft introduced version 3.0 of the Server Message Block (SMB) protocol—also known as the Common Internet File System (CIFS)—and many other file sharing/storage improvements in Windows 8 and Server 2012. And in Windows 8.1 and Server 2012 R2, Microsoft made even more additional SMB improvements, technically version 3.02 of SMB.
Here I'll introduce you to the new and improved SMB functions in both SMB versions, covering security, performance, and management enhancements.
SMB 3.0 introduces end-to-end encryption support of the SMB data, protecting it from any eavesdroppers on the network. Although the passwords weren’t sent in plain-text before this, the file transfers and other SMB data was. Thus without some other encryption on the network blocking user-to-user snooping (like IPsec or WPA-Enterprise for Wi-Fi), others could easily capture the SMB traffic, including full files being transferred.
The SMB encryption can be configured on a per-share basis, for the entire file server, and/or enabled for certain cases like when transferring over untrusted networks. And best of all, you don't have to implement anything special like IPsec or any hardware; the encryption is part of the SMB protocol.
Starting with Windows 8.1 and Server 2012 R2, SMB 1.0 support is now optional. Though it comes enabled by default, you can disable it to increase SMB security and performance if you don't have any SMB 1.0 clients (such as on Windows XP or Windows Server 2003) on the network.
SMB 3.0 includes many performance improvements, including, by default large Maximum Transmission Unit (MTU), which can significantly boost performance in large sequential transfers, such as SQL Server data warehouse, database backup or restore, deploying or copying virtual hard disks. Additionally, both the client and server sides now are optimized for small random read/write I/O, which is common in server applications such as SQL Server OLTP.
SMB 3.0 includes brand-new performance-enhancing features as well. The Scale Out feature uses Cluster Shared Volumes (CSV) version 2, enabling file shares to offer simultaneous direct I/O access to data files via all nodes in a file server cluster, providing better bandwidth utilization and load balancing. The new SMB Direct and SMB Multichannel features utilize multiple paths that may exist between SMB 3.0 clients and servers to increase the throughput and fault tolerance while also reducing the latency of the SMB connection and requiring less CPU usage on the server and client. However keep in mind, SMB Direct and SMB Multichannel requires network adapters that support the Remote Direct Memory Access (RDMA) capability.
Starting with Windows 8.1 and Server 2012 R2, SMB supports automatic rebalancing of Scale-Out File Server clients. Instead of analyzing client connections per server, they're analyzed per file share so clients can be redirected to the best cluster node. Plus now an additional instance is provided on each cluster node in Scale-Out File Servers specifically for CSV traffic. One instance can accept regular SMB traffic and the other instance can accept just the inter-node CSV traffic, improving scalability and reliability of traffic between CSV nodes.
Management and Administrative Features
SMB 3.0 also includes administrative improvements, including SMB-specific Windows PowerShell cmdlets so you can manage file shares on the file server via CLI. The new Transparent Failover feature enables you to perform hardware or software maintenance of nodes in a clustered file server without interrupting server applications storing data on these file shares. Additionally, it provides failover if a hardware or software failure occurs on a cluster node; SMB clients transparently reconnect to another cluster node.
SMB 3.0 also provides you with more detailed stats on performance, including per-share numbers on throughput, latency, and I/O per second (IOPS). And starting with Windows 8.1 and Server 2012 R2, SMB event messages include more detailed and useful information that allow you to perform troubleshooting quicker and easier.
In Windows 8.1 and Server 2012 R2, Microsoft also added the ability to perform live migrations of virtual machines via SMB 3.0, offering high speed migration with low CPU utilization when using the new functionality like SMB Direct and SMB Multichannel. Plus you can now set SMB bandwidth limitations based on the different SMB traffic types: default, live migration, and virtual machine.
We reviewed the changes to the Server Message Block (SMB) protocol in Windows 8 and Server 2012 (SMB 3.0) and in Windows 8.1 and Server 2012 R2 (SMB 3.02):
There’re major security enhancements in version 3.0, including end-to-end encryption, and in 3.02 you can optionally disable the earlier SMB version 1 to increase security. In version 3.0 there are significant performance enhancements, including Scale Out, SMB Direct and SMB Multichannel, and additional updates in version 3.02 as well. Features to help with SMB management and administrative functions were also added in both SMB versions, including PowerShell support, more detailed performance stats, transparent failover, and support for live VM migrations.