2.2.16.1 Server Heartbeat PDU

The Heartbeat PDU is sent by the server to the client and allows the client to monitor the state of the connection to the server in real time.

This PDU MUST only be sent over the MCS message channel. The ID of the message channel is specified in the Server Message Channel Data (section 2.2.1.4.5). It SHOULD only be sent when no other PDUs have been sent to the client in a given heartbeat interval.


0


1


2


3


4


5


6


7


8


9

1
0


1


2


3


4


5


6


7


8


9

2
0


1


2


3


4


5


6


7


8


9

3
0


1

tpktHeader

x224Data

mcsSDin (variable)

...

securityHeader (variable)

...

reserved

period

count1

count2

tpktHeader (4 bytes): A TPKT Header, as specified in [T123] section 8.

x224Data (3 bytes): An X.224 Class 0 Data TPDU, as specified in [X224] section 13.7.

mcsSDin (variable): A variable-length PER-encoded MCS Domain PDU (DomainMCSPDU) that encapsulates an MCS Send Data Indication structure (SDin, choice 26 from DomainMCSPDU), as specified in [T125] section 11.33 (the ASN.1 structure definitions are given in [T125] section 7, parts 7 and 10). The userData field of the MCS Send Data Indication contains a security header and heartbeat information.

securityHeader (variable): Security header. The format of the security header depends on the Encryption Level and Encryption Method selected by the server (sections 5.3.1 and 2.2.1.4.3). This field MUST contain one of the following headers:

  • Basic Security Header (section 2.2.8.1.1.2.1) if the Encryption Level selected by the server is ENCRYPTION_LEVEL_NONE (0) or ENCRYPTION_LEVEL_LOW (1) and the embedded flags field does not contain the SEC_ENCRYPT (0x0008) flag.

  • Non-FIPS Security Header (section 2.2.8.1.1.2.2) if the Encryption Method selected by the server is ENCRYPTION_METHOD_40BIT (0x00000001), ENCRYPTION_METHOD_56BIT (0x00000008), or ENCRYPTION_METHOD_128BIT (0x00000002) and the embedded flags field contains the SEC_ENCRYPT (0x0008) flag.

  • FIPS Security Header (section 2.2.8.1.1.2.3) if the Encryption Method selected by the server is ENCRYPTION_METHOD_FIPS (0x00000010) and the embedded flags field contains the SEC_ENCRYPT (0x0008) flag.

If the Encryption Level is set to ENCRYPTION_LEVEL_CLIENT_COMPATIBLE (2), ENCRYPTION_LEVEL_HIGH (3), or ENCRYPTION_LEVEL_FIPS (4) and the flags field of the security header does not contain the SEC_ENCRYPT (0x0008) flag (meaning the PDU is not encrypted), then the field MUST contain a Basic Security Header.

The flags field of the security header MUST contain the SEC_HEARTBEAT (0x4000) flag (section 2.2.8.1.1.2.1).

reserved (1 byte): An 8-bit unsigned integer reserved for future use. This field MUST be set to zero.

period (1 byte): An 8-bit unsigned integer that specifies the time (in seconds) between Heartbeat PDUs.

count1 (1 byte): An 8-bit unsigned integer that specifies how many missed heartbeats SHOULD trigger a client-side warning. The client MAY ignore this value.

count2 (1 byte): An 8-bit unsigned integer that specifies how many missed heartbeats after the warning SHOULD trigger a client-side reconnection attempt. The client MAY ignore this value.