Freigeben über


MSDTC RPC COMMUNICATION

MSDTC is RPC application, so if you are running transaction between two machines, MSDTC will use RPC protocol to communicate with remote machine

RPC is heart of all Microsoft Distributed application (not in web service world),MSDTC,COM,COM+ will use RPC protocol to communicate with remote machine.

It is very easy to understand RPC basics, the way we did in C++, define the interface and server will implement this interface, client will use this Interface to reach remote server, in RPC world, they generate proxy/stub from this interface, and RPC will use proxy/stub to exchange data between client and server.

Any application (console/windows service) can be RPC application, they have to follow certain guide lines, you can know more about RPC here

https://msdn.microsoft.com/library/default.asp?url=/library/en-us/rpc/rpc/tutorial.asp

HOW TO MONITOR MSDTC COMMUNICATION:

=================================

(2)You can use Microsoft Network monitor or ethereal(https://www.ethereal.com) to monitor MSDTC traffic between two machines (once you got network trace, filter it by RPC or DCERPC)

(3)to reach remote machine,MSDTC will use NETBIOS to resolve remote machine name (This means you should be able to resolve remote machine name by NEBIOS name(Just resolving remote machine name by fully qualified name is not enough)

(4)so now we know MSDTC is windows service and it will use RPC protocol and it will use NETBIOS to resolve remote machine names.

(5)If you are not able to run Transactions between two machines, first make sure Name resolution, RPC communication is working between two machines

Name resolution:

==============

You can ping by short name (for example, my machine name is TESTMACHINE.REDMONDDOMAIN.MICROSOFT.COM), ping by TESTMACHINE(short name)

Name resolution has to work in both directions, on both machines; you should be able to resolve both machine names by NETBIOS name.

In cluster case, you should be able to resolve MSDTC/cluster virtual names from all cluster nodes and client machine.

Names and IP addresses that an MSDTC client in a cluster environment must have

https://support.microsoft.com/default.aspx?scid=KB;EN-US;q311846&

RPC COMMUNICATION:

================

If you have firewall between two machines, most likely they might have restricted number of ports, if you didn't configure these machines for RPC

Communication, RPC applications (MSDTC also RPC app) can choose any port between 1024-65000, these ports may not be in firewall range, so firewall may block RPC communication

 

What you have to do:

================
Please choose certain range (let’s say 5000-5020), and configure this range on both machines, and open the same range in firewall, so all RPC application will choose RPC port in this range, since firewall knows about this range, it will allow the communication

Using Distributed COM with Firewalls(DCOM also uses RPC)

https://msdn.microsoft.com/library/default.asp?url=/library/en-us/dndcom/html/msdn_dcomfirewall.asp

How to trouble shoot MSDTC firewall communication
https://support.microsoft.com/default.aspx?scid=kb;EN-US;Q306843

If you have windows firewall (most likely on xp, sp2 and 2003, sp1), open port 135 and add MSDTC to exception list

(6)My team wrote DTCPING tool to trouble shoot name resolution/RPC communication to trouble shoot MSDTC problems

You can download DTCPING from here

https://www.microsoft.com/downloads/details.aspx?FamilyID=5e325025-4dcd-4658-a549-1d549ac17644&DisplayLang=en

This KB article also gives you instructions on how to use DTCPing.

https://support.microsoft.com/default.aspx?scid=kb;EN-US;Q306843

HOW TO RUN DTCPING:

==================

(1) Start DTCPING.exe on both machines (let say on Machine1 and Machine2)

(2) from Machine1, ping Machine2

(3)from Machine2,ping Machine1

Once you are done with test, please close DTCPING.exe on both machines, if you want to test again, close current DTCPING.exe and start dtcping.exe again on both machines

Once you got dtcping log files, look for error message, mostly it will report following problems

(1)Name resolution problem (not able to resolve remote machine name by NEBIOS name)

(2)RPC communication problem (it will show us RPC communication went ok or not)

(3)it will read all ipconfig info and MSDTC security settings on XP,2003 machines

NOTE:

=======

DTCPING is working doesn't mean that MSDTC going to work, DTCPING will test RPC communication, so if DTCPING communication working means, DTC communication also may work, because of MSDTC security, we may still see transaction problem; I will cover more about MSDTC security in next blog.

I hope, I covered enough about MSDTC RPC communication, and How to trouble shoot MSDTC rpc communication problems, if you have any questions on MSDTC rpc communications, please let me know

Comments

  • Anonymous
    April 14, 2006
    //This content applies to windows 2003,sp1 and windows xp,sp2 machines
    Microsoft introduced MSDTC security...

  • Anonymous
    August 28, 2006
    Great article. Something to note about DTC ping. If netbios name is 15 characters or greater in length, DTCPing will fail and MSDTC will fail also.

  • Anonymous
    January 29, 2007
    Hello, I have configured every possible thing for MSDTC but still facing thie below issue when I run DTCPing.exe ++++++++++++++++++++++++++++++++++++++++++++++ RPC server is ready ++++++++++++Validating Remote Computer Name++++++++++++ 01-29, 18:33:16.265-->Start DTC connection test Name Resolution: hp-->192.168.100.10-->HP 01-29, 18:33:17.968-->Start RPC test (IS2-->hp) Problem:fail to invoke remote RPC method Error(0x6BA) at dtcping.cpp @303 -->RPC pinging exception -->1722(The RPC server is unavailable.) RPC test failed can u help me out ?? Thanks in advance

  • Anonymous
    January 11, 2008
    I am trying to setup DTC on a Win2003 Server R2, using DTCPing RPC seems to be fine. But DTC is still not working. Client has XP & DTC is running on both machines. I noted though that ports: 1433, 1434 , 5100 & 5200 are all blocked. Will unblocking these resolve the issue?

  • Anonymous
    July 29, 2009
    The comment has been removed

  • Anonymous
    July 31, 2009
    Dan, I didn't see RPC failure without error code, Can you please let me know what is the operating system and service pack you have on these machines?

  • Anonymous
    July 31, 2009
    Vinay, 1722 error means "The RPC server is unavailable", Please check you are able to ping remote machine and able to telnet to port 135.