This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

SMB2 stream being reset

0
  1. Initiate file transfer between 2 Win2k8R2 servers (or windows 7)
  2. A TCP Stream, say Stream 0 is created and the file starts to transfer
  3. The Stream is reset
  4. A new stream is created, say stream 1, and the file copy picks up where it left off due to the more robust nature of SMB2 dialect 0x0210 and its ability to recover from errors like a reset.
  5. More of the file is copied and the current stream is reset
  6. Repeat steps #4 & #5 until file copy completes.

This is a feature in this particular dialect and does not exist in previous versions of windows, hence why copying between servers that do not support 0x0210 fail and ones that do, work. So the $64 dollar question is, why are the streams being reset?

asked 28 Feb '14, 12:30

RTJ10's gravatar image

RTJ10
16449
accept rate: 0%

First question before the "why" is: Who is sending the reset? Is it the client or the server ore someone inbetween? Is it always the same amount of bytes that is getting through before the reset?

Without sample traces (on both client and server simultaneously) all we can do is just guess.

(28 Feb '14, 22:58) mrEEde