MSDTC relies on RPC to communicate from peer to peer. In general situations, it is supposed to be transparent for most users. However, when we are facing network or communication issues between two transaction nodes, understanding how the MSDTC works on RPC layer from network traffic will become quite useful for us to quick narrow down and understand the failure point.
Here I’d like to explain the MSDTC communication flow as below:
In this sample, 10.0.0.254 is the client and 10.0.0.9 is the server.
Stage I: TCP 3 handshakes and RPC binding to End Point Mapping:
Client ——-3 way handshake —>135 Server
Client ——-RPC Bind to EPM—->Server
Client <———Bind Ack——– Server
Client ——-EPM Req————>Server
Client <——Resp————— Server
Stage II: TCP 3 handshakes, RPC binding to dynamic port, and RPC messages request/response. At this stage, the proxy, the TM core, the XATM — all of these are components that communicate with each other using this way for administration, transaction propagation, commit, and everything else.
Client ——-3 way handshake——>Server
Client ——–RPC Bind ———–>Server
Client ——–RPC request/resp OPnum=1/7——-> Server
Client ——–RPC request/resp OPnum=2——-> Server
Client ——–RPC request/resp OPnum=3——-> Server
Stage III: Server may tear down context after everything is done.
Client <—–Req opnum=4——-Server
From the above traffic sequence, we can see there are different OPnum numbers, They have special meanings during the DTC connection lifetime. Here is the list:
SendReceive OpNum 3
PokeW OpNum 6
BuildContextW OpNum 7
The UUID displayed in the trace also have certain meanings, here is some common UUIDs for MSDTC and test tools:
END POINT MAPPER:
If we are using Microsoft Network Monitor 3.3, and reload full windows parser (In Network Monitor, click Tools -> Options -> parser, save and reload)
The MSDTC trace can become clearer (it auto parsed Optnums, below sample is for Stage II):