Microsoft KB Archive/840876

= Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference Comments and Corrections =

Article ID: 840876

Article Last Modified on 1/22/2005

-

APPLIES TO


 * MSPRESS Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference, ISBN 0-7356-1291-9

-



SUMMARY
This article contains comments, corrections, and information about known errors relating to the Microsoft Press book Microsoft Windows Server 2003 TCP/IP Protocols and Services Technical Reference, 0-7356-1291-9.

The following topics are covered:


 * Page 75: DEFENDING Should Be OFFENDING
 * Pages 75 And 76: Correction To ARP
 * Page 290: Corrections To Port Numbers
 * Page 623: Header Should Be Trailer



Page 75: DEFENDING Should Be OFFENDING
On page 75 there is an error in describing how DHCP Duplicate IP Address Detection is handled. The text states that after a DHCP conflict the DEFENDING system will broadcast an additional gratuitous ARP to reset the host in the broadcast domain. It is actually the OFFENDING system that sends the additional gratuitous ARP with a spoofed MAC address of the defending system.

Change:

&quot;DEFENDING&quot;

To:

&quot;OFFENDING&quot;

Pages 75 And 76: Correction To ARP
On page 75, in the last paragraph, through page 76, in the first two paragraphs,

Change:

&quot;When the ARP Reply is sent, it is sent to the defending node's MAC address. The unicast ARP Reply does not correct the improper ARP cache entries. Therefore, to reset the ARP cache entries that were improperly updated by the offending node's sending of the gratuitous ARP Request, the defending node sends another broadcast ARP Request. The defending node's ARP Request is a gratuitous ARP, as if the defending node were doing its own conflict detection. The defending node’s ARP Request contains the SHA set to the defending node's MAC address. Network segment nodes that have had their ARP cache entries improperly set to [conflicting IP address, offending node's MAC address] are reset to the proper mapping of [conflicting IP address, defending node’s MAC address]. The Network Monitor trace in Capture 03-02 (in the \Captures folder on the companion CD-ROM) shows the gratuitous ARP and address conflict exchange. Frame 1 is the offending node's gratuitous ARP. Frame 2 is the defending node's ARP Reply. Frame 3 is the defending node's gratuitous ARP. At the end of Frame 3, all network segment nodes that have the IP address 169.254.0.1 in their ARP caches have been reset to the proper MAC address of 0x00-60-97-02-6D-3D.&quot;

To:

&quot;When the ARP Reply is sent, it is sent to the defending node's MAC address. The unicast ARP Reply does not correct the improper ARP cache entries. Therefore, to reset the ARP cache entries that were improperly updated by the offending node's sending of the gratuitous ARP Request, the offending node sends another broadcast ARP Request. The offending node's ARP Request is a gratuitous ARP with a spoofed source MAC address set to the defending node's MAC address, as if the defending node were doing its own conflict detection. The offending node's ARP Request contains the SHA set to the defending node's MAC address. Network segment nodes that have had their ARP cache entries improperly set to [conflicting IP address, offending node's MAC address] are reset to the proper mapping of [conflicting IP address, defending node's MAC address]. The Network Monitor trace in Capture 03-02 (in the \Captures folder on the companion CD-ROM) shows the gratuitous ARP and address conflict exchange. Frame 1 is the offending node's gratuitous ARP. Frame 2 is the defending node's ARP Reply. Frame 3 is the offending node's gratuitous ARP with the spoofed source MAC address. At the end of Frame 3, all network segment nodes that have the IP address 169.254.0.1 in their ARP caches have been reset to the proper MAC address of 0x00-60-97-02-6D-3D.&quot;

Page 290: Corrections To Port Numbers
On page 290, in Table 12-1, the port numbers for NNTP and LDAP are wrong.

Change:

19 Network News Transfer Protocol (NNTP)

339 Lightweight Directory Access Protocol (LDAP)

To:

119 Network News Transfer Protocol (NNTP)

389 Lightweight Directory Access Protocol (LDAP)

Page 623: Header Should Be Trailer
On page 623, in the last bullet item,

Change:

&quot;All the fields in the ESP header except the Authentication Data field&quot;

To:

&quot;All the fields in the ESP trailer except the Authentication Data field&quot;

Microsoft Press is committed to providing informative and accurate books. All comments and corrections listed above are ready for inclusion in future printings of this book. If you have a later printing of this book, it may already contain most or all of the above corrections..

Additional query words: 0-7356-1291-9

Keywords: kbtshoot kbdocfix kbdocerr KB840876

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.