The TELNET Protocol (231866)



The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional
  • Microsoft Windows NT Services for UNIX Add-On Pack
  • Microsoft Windows NT Server 3.5
  • Microsoft Windows NT Server 3.51
  • Microsoft Windows NT Server 4.0
  • Microsoft Windows NT Workstation 3.5
  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Workstation 4.0

This article was previously published under Q231866

SUMMARY

Telnet offers users the capability of running programs remotely and facilitates remote administration. Telnet is available for practically all operating systems and eases integration in heterogeneous networking environments.

MORE INFORMATION

Telnet is best understood in the context of a user with a simple terminal using the local Telnet program (known as the client program) to run a logon session on a remote computer where the user's communications needs are handled by a Telnet server program.

It should be emphasized that the Telnet server can pass on the data it has received from the client to many other types of processes including a remote logon server. This is described in RFC854 and was first published in 1983.

The Network Virtual Terminal

Communication is established using TCP/IP and is based on a Network Virtual Terminal (NVT). On the client, the Telnet program is responsible for translating incoming NVT codes to codes understood by the client's display device as well as for translating client-generated keyboard codes into outgoing NVT codes.

The NVT uses 7-bit codes for characters. The display device, referred to as a printer in the RFC, is only required to display the standard printing ASCII characters represented by 7-bit codes and to recognize and process certain control codes. The 7-bit characters are transmitted as 8-bit bytes with the most significant bit set to zero. An end-of-line is transmitted as a carriage return (CR) followed by a line feed (LF). If you want to transmit an actual carriage return, this is transmitted as a carriage return followed by a NUL (all bits zero) character.

NVT ASCII is used by many other Internet protocols like SMTP and FTP.

The following control codes are required to be understood by the NVT.

NameCodeDecimal ValueFunction
NULLNUL0No operation
Line FeedLF10Moves the printer to the next print line, keeping the same horizontal position.
Carriage ReturnCR13Moves the printer to the left margin of the current line.


The following further control codes are optional but should have the indicated defined effect on the display.

NameCodeDecimal ValueFunction
BELLBEL7Produces an audible or visible signal (which does NOT move the print head.
Back SpaceBS8Moves the print head one character position towards the left margin. (On a printing device, this mechanism was commonly used to form composite characters by printing two basic characters on top of each other.)
Horizontal TabHT9Moves the printer to the next horizontal tab stop. It remains unspecified how either party determines or establishes where such tab stops are located.
Vertical TabVT11Moves the printer to the next vertical tab stop. It remains unspecified how either party determines or establishes where such tab stops are located.
Form FeedFF12Moves the printer to the top of the next page, keeping the same horizontal position. (On visual displays, this commonly clears the screen and moves the cursor to the top left corner.)
The NVT keyboard is specified as being capable of generating all 128 ASCII codes by using keys, key combinations, or key sequences.

Commands

The Telnet protocol uses various commands to control the client-server connection. These commands are transmitted within the data stream. The commands are distinguished from the data by setting the most significant bit to 1. (Remember that data is transmitted as 7-bits with the eighth bit set to 0) Commands are always introduced by the Interpret as command (IAC) character.

Here is the complete set of commands:

NameDecimal CodeMeaningComment
SE240End of subnegotiation parameters
NOP 241No operation
DM242Data markIndicates the position of a Synch event within the data stream. This should always be accompanied by a TCP urgent notification.
BRK243BreakIndicates that the "break" or "attention" key was hi.
IP244SuspendInterrupt or abort the process to which the NVT is connected.
AO245Abort outputAllows the current process to run to completion but does not send its output to the user.
AYT246Are you thereSend back to the NVT some visible evidence that the AYT was received.
EC247Erase characterThe receiver should delete the last preceding undeleted character from the data stream.
EL248Erase lineDelete characters from the data stream back to but not including the previous CRLF.
GA249Go ahead Under certain circumstances used to tell the other end that it can transmit.
SB250SubnegotiationSubnegotiation of the indicated option follows.
WILL251willIndicates the desire to begin performing, or confirmation that you are now performing, the indicated option.
WONT252wontIndicates the refusal to perform, or continue performing, the indicated option.
DO253doIndicates the request that the other party perform, or confirmation that you are expecting the other party to perform, the indicated option.
DONT254dontIndicates the demand that the other party stop performing, or confirmation that you are no longer expecting the other party to perform, the indicated option.
IAC255Interpret as commandInterpret as a command

Telnet Options

Options give the client and server a common view of the connection. They can be negotiated at any time during the connection by the use of commands. They are described in separate RFCs.

The following are examples of common options:

Decimal codeNameRFC
3suppress go ahead858
5status859
1echo857
6timing mark860
24terminal type1091
31window size1073
32terminal speed1079
33remote flow control1372
34linemode1184
36environment variables1408

Either end of a Telnet conversation can locally or remotely enable or disable an option. The initiator sends a 3-byte command of the form:
IACType of OperationOption

The response is of the same form. Operation is one of:

DescriptionDecimal CodeAction
WILL251Sender wants to do something.
DO252Sender wants the other end to do something.
WONT253Sender does not want to do something.
DONT254Sender wants the other not to do something.


Associated with each of the these commands are various possible responses:

Sender SentReceiver RespondsImplication
WILL DOThe sender would like to use a certain facility if the receiver can handle it.Option is now in effect.
WILL DONTReceiver says it cannot support the option.Option is not in effect.
DO WILLThe sender says it can handle traffic from the sender if the sender wishes to use a certain option.Option is now in effect.
DO WONTReceiver says it cannot support the option.Option is not in effect.
WONT DONTOption disabled.DONT is only valid response.
DONT WONTOption disabled.WONT is only valid response.


For example, if the sender wants the other end to suppress go-ahead, it would send the byte sequence:

IACWILLSuppress Go Ahead

The final byte of the 3-byte sequence identifies the required action.

Some option's values need to be communicated after support of the option has been agreed. This is done using sub-option negotiation. Values are negotiated using value query commands and responses in the following form:

IACSBoption code1IACSE
and
IACSBoption code0IACSE


For example, if the client wants to identify the terminal type to the server, the following exchange might take place:

CLIENTIACWILLTerminal Type
SERVERIACDOTerminal Type
CLIENTIACSBTerminal Type1IACSE
SERVERIACSBTerminal Type0VT220IACSE

The first exchange establishes that terminal type (option number 24) is handled, the server then enquires of the client what value it wishes to associate with the terminal type.

The sequence SB,24,1 implies sub-option negotiation for option type 24, value required (1). The IAC,SE sequence indicates the end of this request.

The response IAC,SB,24,0,'V'... implies sub-option negotiation for option type 24, value supplied (0), the IAC,SE sequence indicates the end of the response (and the supplied value).

The encoding of the value is specific to the option but a sequence of characters, as shown above, is common.

Descriptions of Telnet Options

Many of those listed are self-evident, but some call for more information.

Suppress Go Ahead

The original Telnet implementation defaulted to half duplex operation. This means that data traffic could only go in one direction at a time and specific action is required to indicate the end of traffic in one direction and that traffic may now start in the other direction. [This similar to the use of "roger" and "over" by amateur and CB radio operators.] The specific action is the inclusion of a GA character in the data stream.

Modern links normally allow bi-directional operation and the "suppress go ahead" option is enabled.

Echo

The echo option is enabled, usually by the server, to indicate that the server echos every character it receives. A combination of "suppress go ahead" and "echo" is called character-at-a-time mode meaning that each character is separately transmitted and echoed.

There is an understanding known as kludge-line mode, which means that if either "suppress go ahead" or "echo" is enabled but not both, then Telnet operates in line-at-a-time mode meaning that complete lines are assembled at each end and transmitted in one "go".

Linemode

This option replaces and supersedes the line mode kludge.

Remote Flow Control

This option controls where the special flow control effects of Ctrl+S or Ctrl+Q are implemented.

Telnet Control Functions

The Telnet protocol includes a number of control functions. These are initiated in response to conditions detected by the client (usually certain special keys or key combinations) or server. The detected condition causes a special character to be incorporated in the data stream.

Interrupt Process

This is used by the client to cause the suspension or termination of the server process. Typically, the user types Ctrl+C on the keyboard. An IP (244) character is included in the data stream.

Abort Output

This is used to suppress the transmission of remote process output. An AO (238) character is included in the data stream.

Are You There

This is used to trigger a visible response from the other end of the connection to confirm the operation of the link and the remote process. An AYT (246) character is incorporated in the data stream.

Erase character

This is sent to the display to tell it to delete the immediately preceding character from the display. An EC (247) character is incorporated in the data stream.

Erase line

This option causes the deletion of the current line of input. An EL (248) character is incorporated in the data stream.

Data Mark

Some control functions such as AO and IP require immediate action and this may cause difficulties if data is held in buffers awaiting input requests from a (possibly misbehaving) remote process. To work around this problem, a DM (242) character is sent in a TCP Urgent segment, this tells the receiver to examine the data stream for "interesting" characters such as IP, AO, and AYT. This is known as the Telnet synchronization mechanism.
A DM not in a TCP Urgent segment has no effect.

The Telnet Command

On Windows NT and most UNIX systems, a Telnet session can be initiated using the Telnet command. Most users simply type:

telnet remote_host

However, if the user just types telnet, then various options and subcommands are available.

The following is an example of a Telnet session from sfuclnt to sfusrvr.

C:\>telnet

Microsoft (R) Windows NT (TM) Version 4.00 (Build 1381)
Welcome to Microsoft Telnet Client
Telnet Client Build 5.00.99034.1
Escape Character is 'CTRL+]'
Microsoft Telnet> open sfusrvr

**** The screen will clear and the following information is displayed:

Microsoft (R) Windows NT (TM) Version 4.00 (Build 1381)
Welcome to Microsoft Telnet Service
Telnet Server Build 5.00.99034.1
login: sfu
password: ********

**** The screen will clear again and the following information is displayed:

*===============================================================
Welcome to Microsoft Telnet Server.
*===============================================================
C:\>


Modification Type:MajorLast Reviewed:5/14/2003
Keywords:kbFAQ kbinfo KB231866