Microsoft KB Archive/817778

= Overview of the Advanced Networking Pack for Windows XP =

Article ID: 817778

Article Last Modified on 10/26/2007

-

APPLIES TO


 * Microsoft Windows XP Professional
 * Microsoft Windows XP Home Edition
 * Microsoft Windows XP Tablet PC Edition
 * Microsoft Windows XP Media Center Edition 2002

-



Table of Contents

 * SUMMARY
 * MORE INFORMATION
 * Advanced Networking Pack for Windows XP
 * Download and install the Advanced Networking Pack for Windows XP SP1
 * Install the Advanced Networking Pack for Windows XP
 * Remove the Advanced Networking Pack for Windows XP
 * Verify that the Advanced Networking Pack for Windows XP is installed
 * Windows XP Peer-to-Peer Networking Component
 * Enable the Windows XP Peer-to-Peer Networking Component
 * Disable the Windows XP Peer-to-Peer Networking Component
 * IPv6 Teredo NAT traversal technology
 * Configure the IPv6 Teredo client
 * NAT and IPv6 Teredo interoperability
 * Additional information about how to configure NAT devices
 * UPnP support
 * ClientPort
 * EnterpriseClient
 * Enable IPv6 ICF
 * Manually enable IPv6 ICF
 * Disable IPv6 ICF
 * Known issues
 * REFERENCES



SUMMARY
This article discusses the Advanced Networking Pack for Microsoft Windows XP Service Pack 1 (SP1). The Advanced Networking Pack is an add-on for Windows XP SP1 that includes an updated Internet Protocol version 6 (IPv6) networking stack, an IPv6 Internet Connection Firewall (ICF), and the Microsoft Peer-to-Peer (P2P) networking platform. The optional Windows Peer-to-Peer networking component provides a framework for peer-to-peer programs to communicate directly between computers over Network Address Translation (NAT) devices and over the Internet.

This article contains information about how to install the Advanced Networking Pack for Windows XP and the Windows XP Peer-to-Peer networking component, discusses IPv6 Teredo NAT traversal technology, lists some known issues, and describes how to troubleshoot these issues.

back to the top



MORE INFORMATION
Important The Advanced Networking Pack is only for computers that are running Windows XP with SP1. The components that are included in the Advanced Networking Pack are included with Windows XP Service Pack 2 (SP2). Therefore, after you install SP2, you do not have to seperately install the Advanced Networking Pack. However, the IPv6 Internet Connection Firewall has been replaced with integrated IPv6 support in the new Windows Firewall.

Advanced Networking Pack for Windows XP
The Advanced Networking Pack for Windows XP updates IPv6 and installs the Internet Connection Firewall for IPv6. By default, no ports are automatically opened in the firewall after the update is installed. Use the Advanced Networking Pack for Windows XP if you have software that requires this functionality or if you want to develop custom programs that use the Windows Peer-to-Peer networking infrastructure.

back to the top

Download and install the Advanced Networking Pack for Windows XP SP1
To download and install this update, visit the Microsoft Windows Update Web site, and then install update 817778:

http://v4.windowsupdate.microsoft.com/en/default.asp

Administrators can download this update from the Microsoft download center or from the Windows Update Catalog to deploy to multiple computers. If you want to obtain this update to install later, search for this article ID number by using the Advanced Search Options feature in the Windows Update Catalog.

For additional information about how to download updates from the Windows Update Catalog, click the following article number to view the article in the Microsoft Knowledge Base:

323166 HOW TO: Download Windows updates and drivers from the Windows Update Catalog

download center
The following file is available for download from the Microsoft Download Center:

Download the WindowsXP-KB817778-x86-ENU.exe package now.

For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to Obtain Microsoft Support Files from Online Services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.

To install this update, run the file that you downloaded by using the appropriate setup switches.

Setup switches
This update package supports the following setup switches:
 * /? Show the list of installation switches.
 * /u Use Unattended mode.
 * /f Force other programs to quit when the computer shuts down.
 * /n Do not back up files for removal.
 * /o Overwrite OEM files without prompting.
 * /z Do not restart when installation is complete.
 * /q Use Quiet mode (no user interaction).
 * /l List installed hotfixes.
 * /x Extract the files without running the Setup program.

For example, to install the package without any user intervention, use the following command:

windowsxp-kb817778-x86-enu.exe /u /q

To install the package without forcing the computer to restart, use the following command:

windowsxp-kb817778-x86-enu.exe /z

Note You can combine these switches into one command.

Administrators can also deploy this update by using Microsoft Software Update Services (SUS).

For more informationabout SUS, click the following article number to view the article in the Microsoft Knowledge Base:

810796 Software Update Services Overview white paper available

back to the top

Install the Advanced Networking Pack for Windows XP
To Install the Advanced Networking Pack for Windows XP, follow these steps:
 * 1) Log on to Windows as an administrator.
 * 2) If Windows XP Peer-to-Peer Update Beta is installed on your computer, remove it.
 * 3) Start Microsoft Windows Explorer, and then open the folder that contains the Setup file that you downloaded.
 * 4) Run the Setup program. To do this, double-click the executable (.exe) file.
 * 5) Follow the instructions on the screen to install the Advanced Networking Pack for Windows XP on the computer.
 * 6) After the Setup program is complete, restart the computer.

back to the top

Remove the Advanced Networking Pack for Windows XP
To remove the Advanced Networking Pack for Windows XP, follow these steps:
 * 1) Click Start, and then click Control Panel.
 * 2) Click Add or Remove Programs.
 * 3) In the list of currently installed programs, click Advanced Networking Pack for Windows XP, and then click Remove.
 * 4) Follow the instructions on the screen to remove the Advanced Networking Pack for Windows XP from your computer.
 * 5) After the removal is complete, restart the computer.

Administrators can also use the Spunist.exe utility to remove this package. The Spuninst.exe program file is located in the \$NTUninstallKB817778$\Spuninst folder. This utility supports the following setup switches:
 * /? Show the list of installation switches.
 * /u Use Unattended mode.
 * /f Force other programs to quit when the computer shuts down.
 * /z Do not restart when installation is complete.
 * /q Use Quiet mode (no user interaction).

back to the top

Verify that the Advanced Networking Pack for Windows XP is installed
To verify that the Advanced Networking Pack for Windows XP is installed, compare the files on your computer with the following file information or verify that an Installed DWORD value exists and is set to 1 in the following registry key:

The English version of this hotfix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time   Version            Size    File name --  10-Jul-2003  16:19  5.1.2600.1240      95,232  6to4svc.dll 10-Jul-2003 16:19  5.1.2600.1240      31,232  Inetmib1.dll 30-Jun-2003 17:56                      3,397  Ip6fw.inf 30-Jun-2003 20:35  5.1.2600.1240      29,952  Ip6fw.sys 30-Jun-2003 20:35  5.1.2600.1240      49,152  Ip6fwapi.dll 30-Jun-2003 20:35  5.1.2600.1240      16,384  Ip6fwcfg.dll 30-Jun-2003 20:35  5.1.2600.1240      40,448  Ip6fwhlp.dll 10-Jul-2003 16:19  5.1.2600.1240      79,872  Iphlpapi.dll 30-Jun-2003 20:30  5.1.2600.1240      48,640  Ipv6.exe 10-Jul-2003 16:19  5.1.2600.1240      54,272  Ipv6mon.dll 30-Jun-2003 17:56                      6,157  Netip6.inf 10-Jul-2003 16:19  5.1.2600.1240      71,168  Netoc.dll 30-Jun-2003 20:10                      9,328  Netoc.inf 30-Jun-2003 20:33  5.1.2600.1240      83,456  Netsh.exe 30-Jun-2003 20:38  5.1.2600.1240     109,056  P2p.dll 30-Jun-2003 17:56                      6,592  P2p.inf 30-Jun-2003 20:38  5.1.2600.1240      79,872  P2pgasvc.dll 30-Jun-2003 20:38  5.1.2600.1240     294,912  P2pgraph.dll 30-Jun-2003 20:38  5.1.2600.1240      81,408  P2pnetsh.dll 30-Jun-2003 20:38  5.1.2600.1240     494,080  P2psvc.dll 30-Jun-2003 20:38  5.1.2600.1240      45,568  Pnrpnsp.dll 12-Jun-2003 20:36  2.1.4701.0        151,552  Sqldb20.dll 12-Jun-2003 20:36  2.1.4701.0        462,848  Sqlqp20.dll 12-Jun-2003 20:36  2.1.4701.0        110,592  Sqlse20.dll 30-Jun-2003 20:30  5.1.2600.1240     203,008  Tcpip6.sys 30-Jun-2003 20:35  5.1.2600.1240      11,776  Tunmp.sys 10-Jul-2003 16:19  5.1.2600.1240      70,656  Ws2_32.dll 10-Jul-2003 16:19  5.1.2600.1240      13,312  Wship6.dll 30-Jun-2003 17:49  5.1.2600.1240     172,544  Xpob2res.dll 30-Jun-2003 20:38  5.1.2600.1240      26,624  Npcustom.dll back to the top

Windows XP Peer-to-Peer Networking Component
The Windows Peer-to-Peer Networking Component is a developer platform to create P2P programs for Windows XP-based computers. Program developers can use powerful personal computers connected to the Internet to create exciting distributed programs or to enhance existing programs to work together in new and useful ways.

The Windows Peer-to-Peer Networking Component enables IPv6 and the IPv6 ICF (if they are not already enabled on the computer) and opens ports 3587 (TCP) and 3540 (UDP) of the IPv6 ICF.

When you install the Advanced Networking Pack for Windows XP and enable the optional Windows Peer-to-Peer Networking Component on the computer, you enable the following technologies:
 * Windows Peer-to-Peer Networking Name Resolution

The Peer Name Resolution Protocol (PNRP) Name Space Provider provides an API that permits the peer-to-peer resolution of names to endpoints (IPv6 address or port number).
 * Windows Peer-to-Peer Networking Graphing

Graphing permits efficient multipoint communication among a tightly-coupled set of peers. Graphing permits programs to use their own security models and IP resolution mechanisms.
 * Windows Peer-to-Peer Networking Grouping

By default, grouping is the security layer that is provided on top of a graph. The security layer defines the security model behind group creation, invitation, and connection to the group. Additionally, grouping uses PNRP as the name resolution protocol, and permits multiple programs to share the same graph.
 * Windows Peer-to-Peer Networking Identity Manager

Identity manager permits the creation and use of peer-to-peer identities in PNRP and grouping.

back to the top

Enable the Windows XP Peer-to-Peer Networking Component
To enable the Windows XP Peer-to-Peer Networking Component, follow these steps.

Note Before you can enable the optional Windows Peer-to-Peer Networking component, you must install the Advanced Networking Pack for Windows XP on the computer if it is not already installed.
 * 1) Click Start, and then click Control Panel.
 * 2) Click Add or Remove Programs.
 * 3) Click Add/Remove Windows Components. The Windows Components wizard starts.
 * 4) Click Networking Services (but do not click to clear the check box), and then click Details.
 * 5) Click to select the Peer-to-Peer check box, and then click OK.
 * 6) Click Next.
 * 7) Follow the instructions on the remaining pages of the wizard to install the component on the computer.

back to the top

Disable the Windows XP Peer-to-Peer Networking Component
To disable the Windows XP Peer-to-Peer Networking Component, follow these steps:
 * 1) Click Start, and then click Control Panel.
 * 2) Click Add or Remove Programs.
 * 3) Click Add/Remove Windows Components. The Windows Components wizard starts.
 * 4) Click Networking Services (but do not click to clear the check box), and then click Details.
 * 5) Click to clear the Peer-to-Peer check box, and then click OK.
 * 6) Click Next.
 * 7) Follow the instructions on the remaining pages of the wizard to remove the component from the computer.

Note If the IPv6 ICF is enabled, when you disable the Windows Peer-to-Peer Networking Component, ports 3587(TCP) and 3540 (UDP) automatically close.

back to the top

IPv6 Teredo NAT traversal technology
IPv6 is the next generation Internet Protocol that permits communication across a diverse set of networks. IPv6 Teredo is a transition technology that permits automatic IPv6 tunneling between hosts that are located across one or more IPv4 NAT devices.

IPv6 traffic from Teredo hosts can flow across NATs because an IPv4 User Datagram Protocol (UDP) message encapsulates the traffic. If the NAT supports UDP port translation, the NAT supports Teredo. The one exception is a &quot;Symmetric&quot; NAT. Use of a Symmetric NAT is not supported. Currently a Symmetric NAT is seldom used.

The Microsoft implementation of IPv6 Teredo is based on Internet Engineer Task Force (IETF) Internet Draft version 8, &quot;Teredo: Tunneling IPv6 over UDP through NATs&quot;. Teredo permits other hosts on the Internet to communicate directly with your computer, and, permits direct communication between peer clients on the Internet.

The following IPv6 Teredo NAT Traversal Technology components are included in the Advanced Networking Pack for Windows XP:
 * Teredo client

A Teredo client is a host that can obtain a Teredo address assignment, manage NAT mappings, and tunnel IPv6 traffic across the IPv4 Internet. Teredo clients forward NAT mapping initialization packets between Teredo clients and nodes on the IPv6 Internet.
 * Teredo Host-Specific Relay

A Teredo host-specific relay is a host that forwards packets between Teredo clients and IPv6 Internet nodes.

Note Currently, only Teredo clients are supported in the Advanced Networking Pack for Windows XP. The Teredo Host-Specific Relay is configured automatically when it is required. IPv6 Internet nodes must run the Advanced Networking Pack for Windows XP to provide a host-specific relay to reach the Teredo client, or use a public Teredo relay. If a public Teredo relay is not available, Teredo clients that connect to a non-Advanced Networking Pack for Windows XP-compatible IPv6 host may have to use IPv4.

back to the top

Configure the IPv6 Teredo client
When you install the Advanced Networking Pack for Windows XP, your computer is automatically configured to enable the IPv6 Teredo client. Typically, you do not have to modify this configuration. However, if you must change these settings, use the netsh interface ipv6 command-line utility. To do this, follow these steps:  Click Start, and then click Run. In the Open box, type cmd, and then press ENTER. At the command prompt, type the following lines, and then press ENTER after each line:

netsh

interface

ipv6



To configure the IPv6 Teredo client, use the set teredo command at the netsh interface ipv6 command prompt. The set teredo command uses the following syntax:

set teredo [[ type ] =disabled | client | enterpriseclient | default ] [[ =]  |  | default ] [[ RefreshInterval =]  | default ][[ ClientPort= ]  | default

The parameters that you can use with the set teredo command are listed as follows:
 * type: Specifies one of the following options:
 * disabled: Disable the Teredo service.
 * client: Enable the Teredo client.
 * enterpriseclient: Permit the Teredo client to work in a managed network
 *  : Specifies the name or IPv4 address of the Teredo server.
 * RefreshInterval: Specifies the Teredo client refresh interval (in seconds).
 * ClientPort: Permits users to specify a UDP port. If you do not use this option, the computer specifies the UDP.

For more information about when to use the enterpriseclient and ClientPort options, see the &quot;Additional information about how to configure NAT devices&quot; section.

For more information about netsh, see Windows XP Help and Support. To do this, click Start, click Help and Support, type using netsh in the Search box, and then press ENTER to view the topics.

back to the top

NAT and IPv6 Teredo interoperability
Teredo is an IPv6 technology that traverses NATs to provide end-to-end connectivity between IPv6 nodes. However, because of the wide range of NAT devices that are available from different vendors, Teredo may or may not function correctly with a particular NAT device. The following NAT devices have been thoroughly tested and are known to work with Teredo:

LinkSys BEFW11S4 v.1

Linksys BEFSR41

Linksys BEFSR1

D-Link DI-713 with Firmware version 2.53b9

NETGEAR RP614

NETGEAR RP114

NETGEAR MR314

NETGEAR FVS318

Microsoft MN-100 Wired Base Station

Siemens SpeedStream 2602 NAT Router

SMC 7004VBR

SMC 7004AWBR

Belkin F5D6230-3

3Com 3C855

Windows XP Internet Connection Sharing

You can update the following devices to work with Teredo:

D-Link DI-604

D-Link DI-614

You can configure the following device to work with Teredo:

Microsoft Broadband Wireless Base Station - MN-500

If your NAT device does not appear in the list, it does not mean that Teredo does not work with your NAT device. To verify whether Teredo is working correctly, you can use the netsh interface ipv6 command-line utility. To do this, follow these steps:  Click Start, and then click Run. In the Open box, type cmd, and then press ENTER.</li> At the command prompt, type the following, and then press ENTER:

netsh interface ipv6 show teredo

The output includes a list that displays the current status of Teredo. If your client cannot use Teredo, the State is listed as Offline and Error contains more information that explains why the client cannot use Teredo. You may be able to configure your device to use Teredo.</li></ol>

For more information about how to configure NAT devices, see the &quot;Additional information about how to configure NAT devices&quot; section.

The third-party products that are discussed in this article are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, regarding the performance or reliability of these products.

back to the top

UPnP support
You may have a device that supports Universal Plug and Play (UPnP). UPnP is a configuration protocol that many devices support. The Teredo client tries to automatically configure NAT devices that support UPnP but otherwise do not allow Teredo traffic. This process occurs automatically. You do not have to configure any additional settings. However, each NAT device is different and may support UPnP but may also require the user to enable it. To determine whether your device supports UPnP, see the documentation that is included with your NAT device.

ClientPort
You may also be able to manually configure a specific UDP port for the Teredo client to use. Some NAT devices require network programs to use the same port for each connection. If your NAT appears to be blocking Teredo, you can use the ClientPort option described earlier in the &quot;Configure the IPv6 Teredo client&quot; section to set a specific port. The port can be any number between 1024 and 65356.

EnterpriseClient
The Teredo client is automatically disabled if the computer is a member of a corporate domain or if a firewall is detected. If you want to use Teredo from a corporate network, contact your network administrator before you use the EnterpriseClient option. This setting overrides the typical behavior and tries to enable Teredo on the client computer even when the client is a member of a domain.

back to the top

Enable IPv6 ICF
When you install the Advanced Networking Pack for Windows XP, IPv6 and IPv6 Internet Connection Firewall (IPv6 ICF) are installed but are not yet enabled. When IPv6 is enabled, IPv6 ICF is automatically enabled for all network connections. IPv6 ICF is separate from the IPv4 Internet Connection Firewall that is included with Windows XP, and therefore, you cannot view IPv6 ICF configuration information and statistics in the Network Connections folder. You can only view information about the IPv4 ICF in the Network Connections folder.

IPv6 ICF provides the following capabilities:
 * Stateful filtering for outbound traffic
 * Unsolicited inbound traffic is automatically and silently dropped
 * Port configuration

When you install the Advanced Networking Pack for Windows XP, IPv6 ICF blocks all inbound ports. When you enable the optional Windows Peer-to-Peer Networking Component, ports 3540 (UDP) and 3587 (TCP) are opened for inbound traffic. Additionally, you can manually configure ports to accept unsolicited traffic from the network. For example, if you host an IPv6-enabled Web server, you can configure IPv6 ICF to permit unsolicited IPv6 traffic on TCP port 80.
 * ICMP configuration

You can configure Internet Control Message Protocol (ICMP) options.
 * Logging information

You can configure the logging of dropped packets, successful connections, or both. You can use the logs to help you troubleshoot security and performance issues.

For more information about how to configure IPv6 ICF, visit the following Microsoft Web site:

http://www.microsoft.com/technet/itsolutions/network/security/ipv6fw/hcfgv601.mspx

back to the top

Manually enable IPv6 ICF
IPv6 ICF is automatically enabled when IPv6 is enabled on the computer. No additional action is required. However, if you disable IPv6 ICF, you can manually enable it.

To enable IPv6 ICF, follow these steps:
 * 1) Click Start, and then click Control Panel.
 * 2) Click Add or Remove Programs.
 * 3) Click Add/Remove Windows Components. The Windows Components wizard starts.
 * 4) Click Networking Services (but do not click to clear the check box), and then click Details.
 * 5) Click to select the IPv6 Internet Connection Firewall check box, and then click OK.
 * 6) Click Next.
 * 7) Follow the instructions on the screen to install the component on the computer.

back to the top

Disable IPv6 ICF
To disable IPv6 ICF, follow these steps:
 * 1) Click Start, and then click Control Panel.
 * 2) Click Add or Remove Programs.
 * 3) Click Add/Remove Windows Components. The Windows Components wizard starts.
 * 4) Click Networking Services (but do not click to clear the check box), and then click Details.
 * 5) Click to clear the IPv6 Internet Connection Firewall check box, and then click OK.
 * 6) Click Next.
 * 7) Follow the instructions on the screen to remove the component from the computer.

back to the top

Known issues
<ul> IPv6 connectivity issues when you use incorrect firewall settings.

You may have connectivity issues if firewall settings for ICF for IPv4 or ICF for IPv6 are not configured correctly. To resolve this behavior, use the following command at the command prompt to update the firewall settings:

netsh interface ipv6 set teredo client

</li> Windows XP peer-to-peer ports are not open when you install a new network adapter.

If Windows XP Peer-to-Peer Update Beta is installed on the computer, and you do not remove it before you install the Advanced Networking Pack for Windows XP, the appropriate ports for the Windows XP peer-to-peer networking infrastructure are not opened when you install a new network adapter. This behavior occurs because ports are not opened globally in Windows XP Peer-to-Peer Update Beta. To resolve this behavior, disable, and then and re-enable the Windows XP Peer-to-Peer Networking Component.</li> The guest account cannot use a Windows XP peer-to-peer networking program.

You must log on with a user account other than the Guest account to use the Windows XP peer-to-peer networking infrastructure.</li> A program, such as Microsoft Internet Explorer, may not be able to resolve domain names from some Domain Name System (DNS) servers after you enable IPv6. Because of this, you may not be able to access some Web sites. This problem may occur if the DNS server is queried for a non-&quot;A&quot; record, and the server replies with an authoritative response that returns NXDOMAIN or NAME_ERROR (Response Code, or RCODE, 3) although an &quot;A&quot; (or Internet Protocol version 4, or IPv4, host) record for the queried name exists on that DNS server. NXDOMAIN or NAME_ERROR in the response indicates that there are &quot;no records of any type for that name.&quot; Microsoft has found that some DNS server software does not support &quot;AAAA&quot; (Internet Protocol version 6 or IPv6) records and incorrectly responds with NXDOMAIN although an &quot;A&quot; record exists for the site.

For additional information about this issue, click the following article number to view the article in the Microsoft Knowledge Base:

815768 Application cannot resolve some domain names

</li> IPv6 traffic is not filtered by the IPv4 ICF in Windows XP. To filter IPv6 traffic, you must use the IPv6 ICF included with the Advanced Networking Pack.</li></ul>

back to the top

<div class="references_section">