IPX Demand-Dial Connections

IPX-based demand-dial connections have two different ways in which the IPX parameters of the connection are negotiated, corresponding to two different IPX control protocols:

    IPX Control Protocol (IPXCP) is the Link Control Protocol (LCP) for IPX negotiation for PPP connections and is documented in RFC 1552. IPXCP is the default control protocol for IPX connections. For more information about IPXCP, see "Remote Access Server" in this book.

    IPX WAN is a control protocol used by Novell NetWare and compatible remote access servers and routers. Use IPX WAN when calling a Novell NetWare server or router or other router that supports the IPX WAN control protocol.

To change the IPX control protocol on a demand-dial interface

  1. Use the Routing and Remote Access snap-in and open IPX Routing and then click General .

  2. Right-click the desired demand-dial interface.

  3. Click either IPX CP or IPX WAN and click OK .

NCP Watchdog Spoofing

Novell NetWare clients communicate with Novell NetWare servers using a file sharing protocol called NetWare Core Protocol (NCP). NetWare Core Protocol is a connection-oriented, reliable protocol that provides file and printer sharing on NetWare networks. Once an NCP connection is made, the connection is maintained using the NCP Watchdog protocol. The NCP Watchdog protocol is a simple protocol that a NetWare server uses to poll a NetWare client to verify that the client is still present and operating over the open NCP connection.

The NCP Watchdog packet is a message sent by the internal adapter of the NetWare server to the NetWare client consisting of the NCP connection number and a signature character (0x3F). If the client is still active on the connection, the client returns the connection number and signature character back to the NetWare server.

By default, if a client has not sent any NCP connection data for 4 minutes and 56.6 seconds, the NetWare server sends a NCP Watchdog packet. If no response is received, then the NetWare server sends up to 10 more NCP Watchdog packets at intervals of 59.3 seconds. This behavior is configurable on the NetWare server. Consult your NetWare server documentation for more information.

The NCP Watchdog protocol keeps a demand-dial connection open even though the client or server are not sending data on the NCP connection. To keep the NCP Watchdog protocol from keeping time-sensitive on-demand connections open, the Windows 2000 Routing and Remote Access service spoofs, or answers on behalf of NetWare clients, the replies to NCP Watchdog packets across a demand-dial connection.

If the demand-dial router receives a NCP Watchdog packet sent from a NetWare server to a NetWare client that is reachable through a route that uses a demand-dial interface, it replies to the NCP Watchdog packet for the NetWare client. By spoofing the NCP Watchdog protocol, NCP Watchdog packets do not keep the demand-dial connection open, incurring additional costs. Spoofing the NCP Watchdog packets on behalf of the NetWare client does not cause the NetWare client to time out the NCP connection.

After the configured idle time, the demand-dial connection is terminated and the Windows 2000 Routing and Remote Access service continues to spoof NCP Watchdog packets. When either the NetWare server or the NetWare client sends data on the NCP connection, the on-demand connection is made and the data is forwarded.