4 Protocol Examples

The following example shows the sequence of messages exchanged when a machine running Windows Vista operating system with Service Pack 1 (SP1) (name: "testclient.contoso.com") with IP address 1.1.1.1(client 100mbps connection) establishes an L2TP tunnel with a machine running Windows Server 2008 operating system (name: "testserver.contoso.com") with IP address 2.2.2.2(server, 100mbps connection).

Before starting L2TP protocol the following filters are applied:

Server plumbs following IPsec filters during its initialization.

Inbound Filters:

 Source Address: Any, Destination Address: 2.2.2.2, Protocol: UDP, Source port:1701, 
 Destination Port: Any
  
 Source Address: Any, Destination Address: 2.2.2.2, Protocol: UDP, Source port:1701, 
 Destination Port: 1701
  
 Source Address: Any, Destination Address: 2.2.2.2, Protocol: UDP, Source port: Any, 
 Destination Port: 1701

Outbound Filters:

  
 Source Address: 2.2.2.2, Destination Address: Any, Protocol: UDP, Source port: Any, 
 Destination Port: 1701
  
 Source Address: 2.2.2.2, Destination Address: Any, Protocol: UDP, Source port: 1701,
 Destination Port: 1701
  
 Source Address: 2.2.2.2, Destination Address: Any, Protocol: UDP, Source port: 1701,
 Destination Port: Any
  

Client plumbs following IPsec filters before it connects to VPN server.

Inbound Filters:

  
 Source Address: 2.2.2.2, Destination Address: 1.1.1.1, Protocol: UDP, 
 Source port: Any, Destination Port: 1701
  
  
 Source Address: 2.2.2.2, Destination Address: 1.1.1.1, Protocol: UDP, 
 Source port: 1701, Destination Port: 1701
  

Outbound Filters:

  
 Source Address: 1.1.1.1, Destination Address: 2.2.2.2, Protocol: UDP, 
 Source port: 1701, Destination Port: Any
  
  
 Source Address: 1.1.1.1, Destination Address: 2.2.2.2, Protocol: UDP, 
 Source port: 1701, Destination Port: 1701
  

Process:

  
 Start-Control-Connection-Request (SCCRQ) is a control message used to
 initialize a tunnel between an LNS and an LAC. LAC initiates the tunnel 
 establishment process in this example. A UDP packet with source IP address 
 1.1.1.1 and source port 1701 is sent by LAC to destination IP address 
 2.2.2.2  and destination port 1701 to begin the tunnel establishment process. 
 Following are the details of the L2TP packets:
  
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02
         Length field is set to 0x84
         All other fields in the header are set to 0
         
     The following AVPs are sent:
  
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, rest are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x0001 (SCCRQ)
         Length is set to 0x8
  
     Protocol Version:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x2 (Protocol Version)
         Ver field is set to 0x01
         Rev field is set to 0x0
  
     Framing Capabilities:
         Flags:  M is set to 0x1, length is set to 0x10, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x3 (Framing Capabilities)
         S bit is set to 0x1(Synchronous framing), all other bits are 0x0
         
     Bearer Capabilities:
         Flags:  length is set to 0x10, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x4 (Bearer Capabilities)
         all other fields are 0x0
  
     Firmware revision:
         Flags:  length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x6 (Firmware revision)
         Firmware version is set to (0x600) 
  
     Host name:
         Flags:  M is set to 0x1, length is set to 0x16 rest are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x7 (Host name)
         Hostname is set to ASCII string "testclient.contoso.com"
  
     Vendor name:
         Flags: length is set to 0x0F, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x8 (Vendor name)
         Vendor name is set to ASCII string "Microsoft"
  
     Assigned Tunnel
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x9 (Assigned Tunnel)
         Assigned tunnelID is set to 0xd (just a sample)
  
     Receive Window
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0xa (Receive Window)
         Window size is set to 0x8
  
 On Receiving the above packet, the server responds with SCCRP with the following details:
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02
         Length field is set to 0x68
         TunnelId is set to 0xD (this value is extracted from Assigned Tunnel 
           AVP in SCCRP)
         Sequence Number expected is set to 0x1
         All other fields in the header are set to 0
  
     The following AVPs are sent:
  
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x0002 (SCCRP)
         Length is set to 0x8
  
     Protocol Version:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x2 (Protocol Version)
         Ver field is set to 0x01
         Rev field is set to 0x0
  
     Framing Capabilities:
         Flags:  M is set to 0x1, length is set to 0x10, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x3 (Framing Capabilities)
         S bit is set to 0x1(Synchronous framing), all other bits are 0x0
  
     Bearer Capabilities:
         Flags:  length is set to 0x10, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x4 (Bearer Capabilities)
         All other fields are 0x0
  
     Host name:
         Flags:  M is set to 0x1, length is set to 0x16, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x7 (Host name)
          Hostname is set to ASCII string "testserver.contoso.com"
  
     Vendor name:
         Flags: length is set to 0x0F, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x8 (Vendor name)
         Hostname is set to ASCII string "Microsoft"
  
     Assigned Tunnel
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x9 (Assigned Tunnel)
         Assigned tunnelID is set to 0xd
  
     Receive Window
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0xa (Receive Window)
         Window size is set to 0x8
  
 On receiving the SCCRP the client responds with SCCCN with the following details:
  
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02
         Length field is set to 0x14
         TunnelId is set to 0xD 
         Sequence Number expected is set to 0x1
         Sequence Number is set to 0x1
         All other fields in the header are set to 0
  
     The following AVPs are sent:
     
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x0003 (SCCCN)
         Length is set to 0x8
  
 The client then sends ICRQ with the following details:
  
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02
         Length field is set to 0x46
         TunnelId is set to 0xD
         Sequence Number expected is set to 0x1
         Sequence Number is set to 0x2
         All other fields in the header are set to 0
         
     The following AVPs are sent:
     
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x000a (ICRQ)
         Length is set to 0x8
  
     Assigned Session Id: 
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0xE (Assigned Session Id)
         Assigned Session Id field is set to 0x01
  
     Call Serial Number:
         Flags:  M is set to 0x1, length is set to 0xa, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0xF (Call Serial Number)
         Call Serial Number  is set to 0x0
  
     Bearer Type:
         Flags:  length is set to 0xa, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x12 (Bearer Type)
         Bearer Type: A bit is set to 0x1 (Analog channel), all other bits are 0x0
  
     Correlation Id:
         Flags: length is set to 0x2D, all other flags are 0x0
         VendorId is set to 0x137 (Microsoft)
         Attribute Type is set to 0x1 (Correlation Id)
         Attribute value in this example is the following 16 bit value: 
           15 78 28 BF 3C 66 C0 4A 9D D9 6D 93 35 D4 32 B3 (randomly 
           generated value)
  
 The client logs the correlation ID so that tracing and debugging applications 
 can use this correlation ID to look at the logs on the server and correlate the 
 events on the client and server.
  
 The server then responds with ICRP with the following 
 details:
  
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02 
         Length field is set to 0x28
         TunnelId is set to 0xD 
         Session ID is set to 0x1 
         Sequence Number expected is set to 0x3
         Sequence Number is set to 0x1
         All other fields in the header are set to 0
  
     The following AVPs are sent:
     
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x000b (ICRP)
         Length is set to 0x8
  
     Assigned Session Id:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0xE (Assigned Session Id)
         Assigned Session Id field is set to 0x01
  
 The server logs the correlation ID received in ICRP request in its trace logs 
 so that if the connection is torn down, an administrator will be able to find 
 out why a particular client connection could not go through.
  
 The client then sends ICCN with the following details:
  
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02
         Length field is set to 0x48
         TunnelId is set to 0xD 
         Sequence Number expected is set to 0x2
         Sequence Number is set to 0x3
         All other fields in the header are set to 0
  
     The following AVPs are sent:
     
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x000c (ICCN)
         Length is set to 0x8
         Tx Connection Speed:
         Flags:  M is set to 0x1, length is set to 0xa, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0xE (Tx Connection Speed)
         Tx Connection Speed field is set to 0x5f5E100 (100 mbps)
  
     Framing type:
         Flags:  M is set to 0x1, length is set to 0xa, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x3 (Framing Type)
         S bit in Framing type is set to 0x1 rest are set to 0x0
         Proxy Authen Type:
         Flags:  length is set to 0xa, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x1D (Proxy Authen Type)
         Proxy Authen Type is set to 0x4  (No Authentication)
  
 The client sends CDN in order to disconnect with the 
 following details:
  
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02
         Length field is set to 0x38
         TunnelId is set to 0xD 
         Sequence Number expected is set to 0x2
         Sequence Number is set to 0x4
         All other fields in the header are set to 0
  
     The following AVPs are sent:
  
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x000E (CDN)
         Length is set to 0x8
  
     Assigned Session Id:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0xE (Assigned Session Id)
         Assigned Session Id field is set to 0x01
         
     Result Code
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x1 (Result Code)
         Result Code is set to 0x0003
         Error Code is set to  0x0000 
         Length is set to 0x0a
         
  
 The client then sends StopCCN the following details:
  
     Header:  
         T bit is set to 1 to indicate control message
         L bit is set to 1 to indicate length is present
         S bit is set to indicate Nr and Ns are present
         Version field is set to 0x02
         Length field is set to 0x26
         TunnelId is set to 0xD 
         Sequence Number expected is set to 0x2
         Sequence Number is set to 0x5
         All other fields in the header are set to 0
  
     The following AVPs are sent:
  
     Message Type:
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x0 (Message type)
         Message Type in Attribute Value is set to 0x0004 (StopCCN)
         Length is set to 0x8
  
     Assigned Tunnel
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x9 (Assigned Tunnel)
         Assigned tunnelID is set to 0xd 
         Length is set to 0x8
  
     Result Code
         Flags:  M is set to 0x1, length is set to 0x8, all other flags are 0x0
         VendorId is set to 0x0 (IETF)
         Attribute Type is set to 0x1 (Result Code)
         Result Code is set to 0x0001
         Error Code is set to  0x0000 
         Length is set to 0x0a
  
  
  
Show: