This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.
  1. Initiate file transfer between 2 Win2k8R2 servers (or windows 7)
  2. A TCP Stream, say Stream 0 is created and the file starts to transfer
  3. The Stream is reset
  4. A new stream is created, say stream 1, and the file copy picks up where it left off due to the more robust nature of SMB2 dialect 0x0210 and its ability to recover from errors like a reset.
  5. More of the file is copied and the current stream is reset
  6. Repeat steps #4 & #5 until file copy completes.

This is a feature in this particular dialect and does not exist in previous versions of windows, hence why copying between servers that do not support 0x0210 fail and ones that do, work. So the $64 dollar question is, why are the streams being reset?

asked 28 Feb '14, 12:30

RTJ10's gravatar image

RTJ10
16449
accept rate: 0%

First question before the "why" is: Who is sending the reset? Is it the client or the server ore someone inbetween? Is it always the same amount of bytes that is getting through before the reset?

Without sample traces (on both client and server simultaneously) all we can do is just guess.

(28 Feb '14, 22:58) mrEEde
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×82
×81
×27

question asked: 28 Feb '14, 12:30

question was seen: 3,380 times

last updated: 28 Feb '14, 22:58

p​o​w​e​r​e​d by O​S​Q​A