[cifs-protocol] Incoherent values in MS-FRS1.pdf in comparison to traces
Matthieu Patou
mat at samba.org
Wed Aug 24 10:35:01 MDT 2011
Hello Dochelp team,
Paragraph 3.3.4.4.3 COMM_COMMAND Is CMD_START_JOIN says:
"COMM_VVECTOR is the local member version vector. If the local member
knows m originators in its
version vector, there MUST be m COMM_VVECTOR elements in the packet, one
for each originator.
COMM_JOIN_TIME MUST be the current time."
Traces between Window servers show no COMM_VVECTOR packet and no
COMM_JOIN_TIME (for a SYSVOL replication), you can see it in the trace
http://imaps.matws.net/mat/misc/joinfrs.gz at packet 4643. To decode it
you'll also need the attached keytab. It's worth noting that example on
page 138 didn't show this packets as well.
Note in order to see the FRS packet you'll need a pretty recent version
of wireshark as I did the dissector for it not so long ago, you can get
a nightly build of wireshark at
http://www.wireshark.org/download/automated/win32/ and you need a
version with a SVN revision > 38476.
Can you explain ?
Matthieu.
--
Matthieu Patou
Samba Team http://samba.org
Private repo http://git.samba.org/?p=mat/samba.git;a=summary
-------------- next part --------------
A non-text attachment was scrubbed...
Name: w2k.keytab
Type: application/octet-stream
Size: 970 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20110824/a8de35af/attachment.obj>
More information about the cifs-protocol
mailing list