Blog

With the Samba 4.20 release in March 2024, SerNet-developer Stefan Metzmacher introduced significant enhancements to the SMB Witness Protocol, a crucial component for maintaining high availability in SMB server environments. SMB Witness continuously monitors the health and status of server clusters, alerting SMB clients about node or network failures and effectively minimizing downtime through dynamic connection failover.

At the recent sambaXP 2024, Metzmacher, a veteran in open-source networking technologies, highlighted these advancements. He discussed peculiarities and previously undocumented behaviors within the Windows Witness Protocol, aiming for improved interoperability and reinforcing the importance of open-source collaboration for digital sovereignty.

A significant portion of Metzmacher's presentation focused on configuring the witness service using the new command-line management interface. He emphasized essential steps, such as initiating the daemon before other services for optimal performance, and provided practical examples of managing connected Windows clients.

Watch the full conference session on YouTube: SMB Witness Service in Samba CTDB Clusters

Through these open-source innovations, SerNet continues to advocate for digital sovereignty by providing scalable, robust, and resilient network solutions for IT infrastructures.

SerNet Inc. will be participating as a Silver Sponsor at this year's Storage Developer Conference (SDC). The conference is hosted by the Storage Networking Industry Association (SNIA) in Fremont, CA on September 18-21.

Our Samba team will be presenting on September 20: 

Topic: Reparse Points Current Status
Speaker: Volker Lendecke, Developer at SerNet/Samba Team
8:30am - 9:20am (PST)

Topic: Samba io_uring Status Update
Speaker: Stefan Metzmacher, Developer at SerNet/Samba-Team
9:30am - 10:20am (PST)

Topic: net use //samba/cloud: Scaling Samba
Speaker: Ralph Böhme, Samba Team Lead at SerNet/Samba Team
10:35am - 11:25am (PST)

In addition to these sessions, we invite all attendees to meet our team, discuss our recent endeavors, and explore potential collaborations. To ensure in-depth discussions and address specific inquiries, we are offering scheduled appointments. Those interested can contact us in advance to secure a meeting slot. Please use the contact form or mail us at sales@remove-this.sernet.com – we look forward to a constructive dialogue and a successful conference.

The recently released Windows Update KB5028185/KB5028166 (July 11, 2023) breaks the client authentication against Samba AD DCs. Other implications are possible but require further investigation. The Samba Team and SerNet are already working on a solution. We will provide SAMBA+ updates as soon we have a fix.

Update: A fix for Samba 4.18.4 is already implemented and an update available.

Recordings from the 2021 Storage Developer Conference (SDC)  are now online, including those from the SerNet Samba Team. Ralph Böhme talked about "The new Samba VFS" and Stefan Metzmacher presented an Status Update on "Samba Multi-Channel/io_uring".

"The new Samba VFS" video by Ralph Böhme is on YouTube: https://youtu.be/D9EZO3gkT9U, also available are the slides.

Abstract: Starting with version 4.14 Samba provides core infrastructure code that allows basing all access to the server's filesystem on file handles and not on paths. An example of this is using fstat() instead of stat(), or SMB_VFS_FSTAT() instead of SMB_VFS_STAT() in Samba parlance. Historically Samba's fileserver code had to deal a lot with processing path based SMB requests. While the SMB protocol itself has been streamlined to be purely handle based starting with SMB2, large parts of infrastructure code remains in place that will "degrade" handle based SMB2 requests to path based filesystem access. In order to fully leverage the handle based nature of the SMB2 protocol we came up with a straight forward way to convert this infrastructure code, so it can be converted to make use of a purely handle based VFS interface. The talk presents what we have achieved so far and what is left to do. It's intended audience is anyone working on the Samba fileserver code and anyone working on Samba VFS modules.

The "Samba Multi-Channel/io_uring Status Update" by Stefan Metzmacher is also on YouTube: https://youtu.be/fnA4imgBsUo, slides are available.

Abstract: Samba had experimental support for multi-channel for quite a while. SMB3 has a few concepts to replay requests safely. We now implement them completely (and in parts better than a Windows Server). The talk will explain how we implemented the missing features. With the increasing amount of network throughput, we'll reach a point where a data copies are too much for a single cpu core to handle. This talk gives an overview about how the io_uring infrastructure of the Linux kernel could be used in order to avoid copying data, as well as spreading the load between cpu cores. A prototype for this exists and shows excellent results.

"ksmbd" is a new Linux kernel module which implements an SMB server. It's aimed at being low overhead, low footprint, performant fileserver covering many basic usecases, running on smaller devices with limited resources being the most apparent one: OpenWRT, the Linux distribution for embedded devices, adopted ksmbd already 18 months ago while ksmbd was still being developed.

ksmbd hit the public in November 2021 as part of the next Linux kernel version 5.15. It is not meant to replace the existing Samba fileserver "smbd", but rather be an extension and will integrate with Samba in the future. Samba's fileserver smbd is much broader in scope and supports various usecases and features that ksmbd does not:

• Running as a Active Directory domain member
• Scale-out clustering
• Optimize for specific filesystems like GlusterFS or Ceph via dedicated VFS modules
• Shadow Copy support

While being a mostly feature complete SMB3 server, lacking only some advanced features like Durable Handles, Directory Leases and Multi-Channel, ksmbd currently can only make use of local users and passwords which precludes use in corporate environments where typically Active Directory or similar identity sources are used.

ksmbd claims performance improvements on a wide range of benchmarks: the graphs on this page show a doubling of performance on some tests. There was also the notion that an in-kernel server is likely an easier place to support SMB Direct, which uses RDMA to transfer data between systems.

Clearly, those numbers are impressive, but at the same time recent improvements in Samba's IO performance put this into perspective: by leveraging the new “io_uring” Linux API Samba is able to provide roughly 10x the throughput compared to ksmbd.

Time will tell whether it's better to reside in kernel-space like ksmbd or in user-space like Samba in order to squeeze the last bit of performance out of the available hardware.

How mature is ksmbd? Given that its was primarily developed by a Samsung engineer, it is likely that it is being used in Samsung products today. However, the November release is a .0 release with all caveats that come with it. Some of the details, including various security issues that were found and fixed quite late in the game, are described in an article over at LWN.

All in all, ksmbd is an impressive work and in order to facilitate and encourage collaboration, the main ksmbd developer Namjae Jeon has been invited to join the international Samba team. ksmbd already adds interesting capabilities to the mix and the SerNet Samba team is looking forward to working with and on ksmbd!