["Willy" <willybo@xxxxxxxxxx>]

While monitoring LAN traffic today I noticed one of the controllers was spitting out DCERPC protocol packets as seen by Ethereal (Win ver). This only occurs when the fifth data byte is 5 (with 4 0's leading it). When the packet data is any of the other numbers we use (1-7) it is represented properly as an 80 byte data packet. All data in the packets is the same with the exception of the fifth byte which we use as a controller ID number.

  The question is what triggers a packet to be DCERPC? I can't seem to find a simple reference to this. We aren't (at the current time) experiencing any data problems (we know of) at the receive end. But there is some concern that our byte allocation in the data packet may be causing this. Is there a reference to this protocol somewhere that won't require wading through code to find the answer?

 

  Thank You

   Willy Borchardt