Bug 13218 - SMB2 keepalive/echo terminates connection
Summary: SMB2 keepalive/echo terminates connection
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: libsmbclient (show other bugs)
Version: 4.7.0
Hardware: All Linux
: P5 normal (vote)
Target Milestone: ---
Assignee: Jeremy Allison
QA Contact: Samba QA Contact
Depends on:
Reported: 2018-01-13 15:51 UTC by Jan
Modified: 2020-05-22 10:48 UTC (History)
2 users (show)

See Also:

git-am fix for master. (1.94 KB, patch)
2019-12-11 23:17 UTC, Jeremy Allison
no flags Details
Corrected version that doesn't change the error return from 1 -> -1. (1.89 KB, patch)
2019-12-11 23:19 UTC, Jeremy Allison
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Jan 2018-01-13 15:51:43 UTC
I think I am experiencing a bug in the implementation of SMB2 keepalives. As 
libsmbclient does not set the session for the echo request, the server used in 
my environment responds with STATUS_USER_SESSION_DELETED, which is the 
expected behavior (see [1,2]). As the server response indicates an 
error, the client disconnects. Ultimately, this leads to a new 
connection for every operation, which introduces painful delays.

I first experienced this behavior using libsmbclient 4.7.0 on a Fedora Linux 27. It looks like older versions would behave the same, but 4.7 was the first using SMB2 in my setup.

Unfortunately, I am not able to share PCAPs publicly.

Best regards,

[1] https://msdn.microsoft.com/en-us/library/cc246324.aspx
[2] https://msdn.microsoft.com/en-us/library/cc246482.aspx
Comment 1 Björn Jacke 2019-12-11 11:36:19 UTC
SMB2 does not have keep avlives at all. We still have a very old but I think that we send SMBv1 keep alives on port 445, where keep alive pacakges from smbd to a windows client lead to connection terminations. We should probably fix that one also one day.

You could send a pcap from a test system, won't you? Without a pcap we can only make guesses what kind of issue you actually see in your case.
Comment 2 Björn Jacke 2019-12-11 12:37:15 UTC
the SMBv1 keepalive bug is https://bugzilla.samba.org/show_bug.cgi?id=6558
Comment 3 Jeremy Allison 2019-12-11 21:22:58 UTC
OK, I've followed up on this. smbd as a server doesn't require a valid sessionid to process an incoming keepalive packet, which is why the libsmbclient code doesn't bother to send one.

What server are you talking to ?
Comment 4 Jeremy Allison 2019-12-11 21:30:32 UTC
Samba torture test source4/torture/smb2/session.c:test_session_expire2i()

shows that a sessionid is not required to process an SMB2_ECHO (called SMB2_OP_KEEPALIVE in the samba code).

There's a simple fix for this I can add to libsmbclient, but I think your server shouldn't be returning STATUS_USER_SESSION_DELETED for an SMB2 echo request.

Can you run all the Samba smb2.session.expire tests against your server ?
Comment 5 Jeremy Allison 2019-12-11 21:34:20 UTC
Remember these tests (smb2.session.expire) pass against Windows, which show that SMB2_ECHO requests don't require a valid sessionid, unless the transport is encrypted I think.
Comment 6 Jeremy Allison 2019-12-11 23:17:18 UTC
Created attachment 15676 [details]
git-am fix for master.

Can you test this fix against your server and let me know if it fixes the problem ?
Comment 7 Jeremy Allison 2019-12-11 23:19:08 UTC
Created attachment 15677 [details]
Corrected version that doesn't change the error return from 1 -> -1.
Comment 8 Jan 2019-12-12 09:53:05 UTC
(In reply to Jeremy Allison from comment #7)
It will take me some time to do the testing. Thanks a lot for having a look!
Comment 9 Björn Jacke 2020-05-20 21:44:16 UTC
Jan: what were the results of your tests with the patch ?
Comment 10 Jan 2020-05-22 10:48:59 UTC
I am very sorry but I haven't found the time to test the patch in the environment in which I could verify it works as intended.