6 Appendix A: Product Behavior
The information in this specification is applicable to the following Microsoft products or supplemental software. References to product versions include updates to those products.
Windows 2000 operating system
Windows XP operating system
Windows Server 2003 operating system
Windows Vista operating system
Windows Server 2008 operating system
Windows 7 operating system
Windows Server 2008 R2 operating system
Windows 8 operating system
Windows Server 2012 operating system
Windows 8.1 operating system
Windows Server 2012 R2 operating system
Windows 10 operating system
Windows Server 2016 operating system
Windows Server operating system
Windows Server 2019 operating system
Windows Server 2022 operating system
Windows 11 operating system
Windows Server 2025 operating system
Exceptions, if any, are noted in this section. If an update version, service pack or Knowledge Base (KB) number appears with a product name, the behavior changed in that update. The new behavior also applies to subsequent updates unless otherwise specified. If a product edition appears with the product version, behavior is different in that product edition.
Unless otherwise specified, any statement of optional behavior in this specification that is prescribed using the terms "SHOULD" or "SHOULD NOT" implies product behavior in accordance with the SHOULD or SHOULD NOT prescription. Unless otherwise specified, the term "MAY" implies that the product does not follow the prescription.
<1> Section 2.1: Source port used is 0x6A5.
<2> Section 2.2.1: The use of Microsoft vendor-specific AV pairs and the ATTR_VEN_MS_CorrID_Type are supported beginning with Windows Vista operating system with Service Pack 1 (SP1) and Windows Server 2008.
<3> Section 3.1.3: The registry subkey used by Windows to store configuration data for WAN Miniport devices using the Layer 2 Tunneling Protocol (L2TP) driver is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\<Device-number>, where <Device-number> is the number of one of the 4-digit numbered subkeys in the {4D36E972-E325-11CE-BFC1-08002BE10318} subkey. The particular subkey differs between computers. To determine which of the numbered subkeys stores L2TP driver data on your computer, look for the value "Wan Miniport (L2TP)" (without quotes), in the DriverDesc entry in each numbered subkey.
<4> Section 3.1.5.1: Applicable Windows releases send the congestion control bit R as specified in section 4.3 of [L2TP-draft]. The R bit sending mechanism can be controlled using the registry key HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\<Device-number>\PayloadReceiveWindow.
If the key is absent, or is present with value 0, sequencing is disabled and hence the R bit is not sent.
<5> Section 3.1.5.1: The LAC/LNS accepts messages with sequence number Ns from Nr up to Nr+Nx-1, where Nx is a number indicating how many out-of-order messages the receiver can buffer. The default value for Nx is 100, which can be changed by adding the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\MaxOutOfOrder. The acceptable values for this registry key are between 0 and 0x4000, both inclusive. The newly received out-of-order message is queued for reordering. If the newly received message is a duplicate of a message already in the out-of-order queue, it is silently discarded.
When a packet is received with the value of Ns being greater than or equal to Nr+Nx, the packet is silently dropped (the state machine behaves as though it never received this packet).
<6> Section 3.1.5.3: The SCCRQ message sent by Windows LAC/LNS would have the following optional AV pairs:
Bearer Capabilities
Receive Window Size
Challenge
Firmware Revision
Vendor Name: The vendor name is "Microsoft" (without quotes) in ASCII encoding.
The SCCRQ message received at LAC/LNS does not check for the presence of the Host Name AV pair.
If the SCCRQ message received has a Bearer Capabilities AV pair, then the tunnel's Bearer Capability is set to the received value; else it is set to 0.
If the received SCCRQ message has a Receive Window AV pair, then the tunnel's Send Window is set to the received value, else the Send Window is set to 4.
The Tie Breaker AV pair is not processed by the LAC/LNS.
<7> Section 3.1.5.4: The following AV pairs are present in the SCCRP message sent by LAC/LNS as specified in section 6.2 of [RFC2661].
Bearer Capabilities
Firmware Revision
Vendor Name: The vendor name is "Microsoft" (without quotes) in ASCII encoding.
Receive Window Size: This is sent with the M bit set to 1. The value of the Receive Windows Size is configurable with the default being 4.
Challenge
Challenge Response
The SCCRP message received at LAC/LNS does not check for the presence of the Host Name AV pairs.
If the SCCRP message received has Bearer Capabilities AV pairs, then the tunnel's Bearer Capability is set to the received value; else it is set to 0.
If the received SCCRP message has Receive Window AV pairs, then the tunnel's Send Window is set to the received value; else the Send Window is set to 4.
<8> Section 3.1.5.5: The following AV pair is present in the SCCCN message sent by a LAC/LNS:
Challenge Response: This AV pair is sent if a Challenge AV pair was received in the corresponding SCCRP message.
<9> Section 3.1.5.6: The LAC/LNS does not send an Error Message string in the Result Code AV pair of the StopCCN message.
<10> Section 3.1.5.7: This message is implemented by the LAC/LNS. The Hello Timer value (in milliseconds) can be set by using the registry key HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\<Device-number>\HelloMs. If the registry key is present with value 0, then the Hello timer is disabled. If the registry key is absent, then the default value used is 40 seconds.
<11> Section 3.1.5.8: The Result Code AV pair sent by the LAC/LNS does not contain an Error Message string.
<12> Section 3.2.1: The LAC/LNS neither sends the Tie Breaker AV pair nor processes it. If the TunnelId present in the Start-Control-Connection-Request (SCCRQ) message received from the peer is the same as the TunnelId sent to the peer, the SCCRQ message is ignored and the state machine does not transition from the wait-ctl-reply state. If the TunnelId present in the SCCRQ message received from the peer is different from the TunnelId sent to the peer, the SCCRQ message received is treated as a new control connection request. The state machine for the new control connection will transition from idle to wait-ctl-conn state. This will result in two control channels which are agnostic of each other. Call sessions can be negotiated over either of these control tunnels. Since each tunnel provides a data channel between the LAC/LNS, the data packets can flow over either of them. The choice of the data channel for sending or receiving data packets is not deterministic.
<13> Section 3.2.5.1: The LAC sends the following AV pairs in the ICRQ message:
Bearer Type
Physical Channel ID
The LNS server ignores the Bearer Type AV pair, and the server's behavior is unaffected by the presence or absence of a Bearer Type AV pair.
If the LNS does not receive a Physical Channel ID AV pair, it assumes a value of 0xFFFFFFFF.
<14> Section 3.2.5.2: The LAC sends the following AV pairs in the ICCN message:
Proxy Authen Type (Proxy Authen Type = No Authentication = 4)
Sequencing Required
If the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\<Device-number>\PayloadReceiveWindow is present and has a non-zero value, then a Receive Window Size ([RFC2661] section 4.4.3) AV pair is sent by the Windows LAC. If this registry key is absent, which is the default case, or if the key has a value of zero, then the Receive Window Size AV pair is not sent.
<15> Section 3.2.5.3: LAC sends the Physical Channel ID AV pair in the OCRP message. If the LNS does not receive a Physical Channel ID it assumes a value of 0xFFFFFFFF.
<16> Section 3.2.5.4: The LAC sends a Receive Window Size AV pair in the OCCN message. The AV pair is sent with the M bit set to 1. The LAC sends the Sequencing Required AV pair in the OCCN message. The behavior of the LNS is defined in section 5.3 of [L2TP-draft].
<17> Section 3.2.5.5: The LAC does not send this message.
<18> Section 3.3.5.1: The LNS sends the Receive Window Size AV pair in the ICRP message if the registry key HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\<Device-number>\PayloadReceiveWindowhas a nonzero value. If the registry key is absent or has value zero, then the LNS does not send the Receive Window Size AV pair in the ICRP message. The LAC, not the LNS, checks for the absence of any of the required AV pairs in the ICRP message returned in response to the ICRQ (see section 6.7 of [RFC2661]).
<19> Section 3.3.5.2: The LNS does not check for the absence of any of the required AV pairs in the ICCN message. If the (Tx) Connect Speed AV pair is absent in the received ICCN message, then the Windows LNS uses 9600 bps as the default value.
The LNS supports only synchronous framing. The behavior when any other value is received in the Framing Type AV pair in the ICCN message depends on the value set for the registry key HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\<Device-number>\IgnoreFramingMismatch, as defined in the following table.
|
Value |
Meaning |
|---|---|
|
Key not present |
The error is ignored. |
|
0 |
Do not ignore framing mismatch. The tunnel is terminated. |
|
Any nonzero value |
The error is ignored. |
If the Receive Window Size AV pair is not received in the ICCN message, then the LNS does not support sequencing on this call. If the Receive Window Size AV pair is received with value 0, then the LNS uses a Send Window of 10000.
The LNS accepts the Packet Processing Delay AV pair [L2TP-draft] (not as defined in IETF [RFC2661]) and derives Round Trip milliseconds from the value of this AV pair.
<20> Section 3.3.5.3: The Windows LNS sends the Receive Window Size AV pair with the M bit set to 1 in the OCRQ message if it is configured to do so.
If the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}\<Device-number>\PayloadReceiveWindow is present and has a non-zero value, then a Receive Window Size ([RFC2661] section 4.4.3) AV pair is sent by the Windows LNS. If this registry key is absent, which is the default case, or if the key has a value of zero, then the Receive Window Size AV pair is not sent.
<21> Section 3.3.5.4: The Windows LNS disconnects the tunnel by sending a StopCCN message when it receives a zero value for Assigned Session ID AV pair in OCRP message.
<22> Section 3.3.5.5: Windows LNS does not check for the absence of any of the required AV pairs of the OCCN message.
<23> Section 3.3.5.6: Windows LNS does not check for the absence of any of the required AV pairs of the WEN message.