I've been doing some checking to see if I could find an authoritative
answer to this.
The RFCs (1001, 1002) state that each of the services can use either TCP
or UDP. NT will never use UDP 139 since that is used to establish the
session and is always done via TCP. The RFCs make some useful
suggestions about how and when TCP vs. UDP should be used (UDP when the
data is small, TCP if its large). One would assume that TCP 137 would be
used when there is a very large Browse List that needs to be propagated,
as would be the case when there is no WINS and NT servers wish to
exchange browse lists. The same explanation is given for 138, although,
once again, I've never seen it actually used. Possibly during
replication efforts???
I'm going to try a little experiment, using NT 4.0's packet filter to
shut down UDP 137 and 138. According to the RFC, it should then use TCP,
we'll see.
Fact is they are there due to the RFC, not MS' implementation of NBT in
NT. Maybe some LanMan neophyte could shed some light, or somebody who
used Samba before I was born, where's Atilla when you need him...;-]
Cheers,
Russ
>
|
|
