| Windows Vista Networking Technologies |
Article Index for Windows Vista |
Website Links For Windows Vista |
Information AboutWindows Vista Networking Technologies |
| CATEGORIES ABOUT WINDOWS VISTA NETWORKING TECHNOLOGIES | |
| windows vista | |
| networking technologies | |
| computer networking | |
| windows server | |
|
USER INTERFACE The user interface for configuring, troubleshooting and working with network connections has changed significantly from prior versions of Windows as well. Users can make use of the new "Network and Sharing Center" to see the status of their network connections, and to access every aspect of configuration. A single icon in the notification area (system tray) represents connectivity through all network adapters, whether wired or wireless. The network can be browsed using ''Network Explorer'', which replaces Windows XP's "My Network Places". Network Explorer items can be a shared device such as a scanner, or a file share. The ''Network Location Awareness'' (NLA) service uniquely identifies each network and exposes the network's attributes and connectivity type so that applications can determine the optimal network configuration. However, applications have to use the NLA APIs explicitly to be aware of the network connectivity changes, and adapt accordingly. Windows Vista uses the LLTD protocol to graphically present how different devices are connected over a network, as a ''Network Map''. In addition, the ''Network Map'' uses LLTD to determine connectivity information and media type (wired or wireless), so that the map is topologically accurate. The ability to know network topology is important for diagnosing and solving networking problems, and for streaming content over a network connection. Any device can implement LLTD to appear on the ''Network Map'' with an icon representing the device, allowing users one-click access to the device's user interface. When LLTD is invoked, it provides metadata about the device that contains static or state information, such as the MAC Address , IPv4/IPv6 address, Signal Strength etc. NETWORK CLASSIFICATION Windows Vista classifies the networks it connects to as either ''Public'', ''Private'' or ''Domain'' and uses ''Network Location Awareness'' to switch between network types. Different network types have different firewall policies. An open network such as a public wireless network is classified as ''Public'' and is the most restrictive of all network settings. In this mode other computers on the network are not trusted and external access to the computer, including sharing of files and printers, is disabled. A home network is classified as ''Private'', and it enables file sharing between computers. If the computer is joined to a domain, the network is classified as a ''Domain'' network; in such a network the policies are set by the domain controller. When a network is first connected to, Vista prompts to choose the correct network type. On subsequents connections to the network, the service is used to gain information on which network is connected to and automatically switch to the network configuration for the connected network. Windows Vista introduces a concept of network profiles. For each network, the system stores the IP Address , DNS Server , Proxy Server and other network features specific to the network in that network's profile. So when that network is subsequently connected to, the settings need not be reconfigured, the ones saved in its profile are used. In the case of mobile machines, the network profiles are chosen automatically based on what networks are available. Each profile is part of either a ''Public'', ''Private'' or ''Domain'' network. INTERNET PROTOCOL V6 The Windows Vista networking stack supports the dual Internet Protocol (IP)) layer architecture in which the IPv4 and IPv6 implementations share common Transport and Framing layers. IPv6 is now supported by all networking components, services, and the user interface. In IPv6 mode, Windows Vista can use the Link Local Multicast Name Resolution (LLMNR) protocol, as described in RFC 4795, to resolve names of local hosts on a network which does not have a DNS Server running. This service is useful for networks without a central managing server, and for ad-hoc wireless networks. IPv6 can also be used over PPP -based dial-up connections. Windows Vista can also act as a client/server for file sharing or DCOM over IPv6. Support for DHCPv6 , which can be used with IPv6, is also included. IPv6 can even be used when full native IPv6 connectivity is not available, using Teredo Tunneling ; this can even traverse most IPv4 Network Address Translations (NATs). Full support for multicast is also included, via the MLDv2 and SSM protocols. WIRELESS NETWORKS Support for Wireless Networks is built into the network stack itself, and does not emulate wired connections, as was the case with previous versions of Windows. This allows implementation of wireless-specific features such as larger frame sizes and optimized error recovery procedures. It will also be easier to find wireless networks in range and tell which networks are open and which are closed. Hidden wireless networks, which do not advertise their Service Set Identifier (SSID) will be better supported. Security for wireless networks is being improved with improved support for newer wireless standards like 802.11i . EAP Transport Layer Security (EAP-TLS) is the default authentication mode. Connections are made at the most secure connection level supported by the wireless access point. WPA2 can be used even in ad-hoc mode. Windows Vista also provides a ''Fast Roaming'' service that will allow users to move from one access point to another without loss of connectivity. Preauthentication with the new wireless access point will be used to retain the connectivity. Wireless networks are managed from either the ''Connect to a network'' dialog box within the GUI or the netsh wlan command from the shell. Settings for wireless networks can also be configured using Group policy. Windows Vista enhances the security when joining a domain over a wireless network. It can use '' Single Sign On '' to use the same credentials to join a wireless network as well as the domain housed within the network. In this case, the same RADIUS server is used for both PEAP authentication for joining the network and MS-CHAP V2 authentication to log in to the domain. A bootstrap wireless profile can also be created on the wireless client, which first authenticates the computer to the wireless network and joins the network. At this stage, the machine still does not have any access to the domain resources. The machine will run a script, stored either on the system or on USB thumb drive, which authenticates it to the domain. Authentication can be done wither by using username and password combination or security certificates from a Public Key Infrastructure (PKI) vendor such as VeriSign . NETWORK PERFORMANCE Windows Vista's networking stack also uses several performance optimizations, which allow higher throughput by allowing faster recovery from packet losses, when using a high packet loss environment such as wireless networks. Windows Vista use the ''NewReno'' algorithm which allows a sender to send more data while retrying in case it receives a partial acknowledgement, which is acknowledgement from the receiver for only a part of data that has been received. It also uses Selective Acknowledgements ( SACK ) to reduce the amount of data to be retransmitted in case a portion of the data sent was not received correctly. It also includes ''Neighbour Unreachability Detection'' capability in both IPv4 and IPv6, which tracks the accessibility of neighboring nodes. This allows faster error recovery, in case a neighboring node fails. NDIS 6.0 introduced in Windows Vista supports improved manageability, scalability and performance with reduced complexity for NDIS miniports, and simpler models for writing intermediate and filter drivers. The TCP/IP stack also provides fail-back support for default gateway changes by periodically attempting to send TCP traffic through a previously detected unavailable gateway. This can provide faster throughput by sending traffic through the primary default gateway on the subnet. Another significant change that aims to improve network throughput is the automatic resizing of TCP Receive Window . The receive window ( RWIN ) specifies how much data a host is prepared to receive, and is limited by, among other things, the available buffer space. In other words, it is a measure of how much data the remote transmitter can send before requiring an Acknowledgement for the outstanding data. When the receive window is too small, the remote transmitter will frequently find that it has hit the limit of how much outstanding data it can transmit, even though there is enough bandwidth available to transmit more data. This leads to incomplete link utilization. So using a larger RWIN size boosts throughput in such situations; an auto-adjusting RWIN tries to keep the throughput rate as high as is permissible by the bandwidth of the link. Receive window auto tuning functionality continually monitors the bandwidth and the latency of TCP connections individually and optimize the receive window for each connection. The window size is increased in high-bandwidth (~5 Mbit/s+) or High-latency (>10ms) situations. Traditional TCP implementations uses the TCP Slow Start algorithm to detect how fast it can transmit without choking the receiver (or intermediate nodes). In a nutshell, it specifies that transmission should start at a slow rate, by transmitting a few packets. This number is controlled by the Congestion Window - which specifies the number of outstanding packets that has been transmitted but for which an acknowldgement of receipt from the receiver has not yet been received. As acknowledgements are received, the congestion window is expanded, one TCP segment at a time till an acknowledgement fails to arrive. Then the sender assumes that with the congestion window size of that instant, the network gets congested. However, a high bandwidth network can sustain a quite large congestion window without choking up. The slow start algorithm can take quite some time to reach that threshold - leaving the network under-utilized for a significant time. Windows Vista TCP/IP stack includes a component called '' Compound TCP '' (CTCP) which, if enabled, uses a different algorithm to modify the congestion window - borrowing from TCP Vegas and TCP New Reno . For every acknowledgement received, it increases the congestion window more aggressively, thus reaching the peak throughput much faster, increasing overall throughput.2 The new TCP/IP stack also supports Explicit Congestion Notification (ECN) to keep throughput hit due to network congestion as low as possible. Without ECN, a TCP message segment is dropped by some router when if its buffer is full. The sender detects the segment did not reach the destination; but due to lack of feedback from the congested router has no information on the extent of reduction in transmission rate it needs to make. Standard TCP implementations detect this drop when they time out waiting for acknowledgement from the receiver. The sender then resets the size of its Congestion Window , which denotes the amount of data allowed to be unacknowledged by the sender at any time, to TCP's Maximum Segment Size, and commences TCP Slow Start . This is to let the router recover from congestion. However, the sudden drop in throughput rate has noticeable impacts on time-sensitive streams like streaming media, and such a significant drop might not have been necessary. In that case, the bandwidth available is being left under-utilized. With ECN support enabled, the router sets two bits in the data packets that indicate the receiver it is experiencing congestion (but not yet fully choked). The receiver in turns lets the receiver know that a router is facing congestion and then the receiver lowers its transmission rate by some amount. If the router is still congested, it will set the bits again, and eventually the sender will slow down even more. The advantage of this approach is that the router does not get full enough to drop packets, and thus the sender does not have to lower the transmission rate significantly to cause serious delays in time-sensitive streams; nor does it risk severe under-utilization of bandwidth. The only caveat is that both sender and receiver, as well as all intermediate routers, have to be ECN-enabled. If any of them is not ECN-enabled, they might consider a ECN-marked packet invalid and drop them. For this reason, ECN is disabled by default. It can be enabled via the netsh interface tcp set global ecncapability=enabled command.3 In previous versions of Windows, all processing needed to receive or transfer data over one network interface was done by a single processor, even in a multi processor system. Windows Vista can distribute the job of traffic processing in network communication among multiple processors. This feature is called ''Receive Side Scaling''. Windows Vista also supports network cards with '' TCP Offload Engine '', that have certain hardware-accelerated TCP/IP-related functionality. Windows Vista uses its ''TCP Chimney Offload'' system to offload to such cards framing, routing, error-correction and acknowledgement and retransmission jobs required in TCP. However, for application compatibility, only TCP data transfer functionality is offloaded to the NIC, not TCP connection setup. This will remove some load from the CPU. Traffic processing in both IPv4 and IPv6 can be offloaded. Windows Vista also supports NetDMA, which uses the DMA engine to allow processors to be freed from the hassles of moving data between network card data buffers and application buffers. It requires specific hardware DMA architectures, such as ''Intel I/O Acceleration'' to be enabled. QUALITY OF SERVICE Windows Vista's networking stack includes integrated policy-based Quality Of Service (QoS) functionality to prioritize network traffic. Quality of Service can be used to manage network usage by specific applications or users, by throttling the bandwidth available to them, or it can be used to limit bandwidth usage by other applications when high priority applications, such as real time conferencing applications, are being run, to ensure they get the bandwidth they need. Traffic throttling can also be used to prevent large data transfer operations from using up all the available bandwidth. In Windows Vista, QoS policies can be applied to any application, thus eliminating the need to rewrite applications using QoS APIs to be QoS-aware. QoS policies can either be set on a per-machine basis or set by Active Directory Group Policy objects which ensures that all Windows Vista clients connected to the Active Directory container (a domain, a site or an organizational unit)4 will enforce the policy settings. Windows Vista also includes ''qWave'', which is a pre-configured Quality of Service module for time dependent multimedia data, such as audio or video streams. qWave uses different packet priority schemes for real-time flows (such as multimedia packets) and best-effort flows (such as file downloads or e-mails) to ensure that real time data gets as little delays as possible, while providing a high quality channel for other data packets. ''Web Services for Devices (WSDAPI)'' is a complete implementation of the Devices Profile For Web Services (DPWS) standard. DPWS describes a set of requirements that enable a device to be discovered by clients and describe available services to those clients. ''Function Discovery'' is a new technology that serves as an abstraction layer between applications and devices, allowing applications to discover devices by referencing the device's function, rather than by its bus type or the nature of its connection. With ''Windows Connect Now'', users can quickly and easily create wireless network configuration settings and transmit them to the access point. ''Plug and Play Extensions (PnP-X)'' allow network-connected devices to appear as local devices inside Windows connected physically. UPnP support has also been enhanced to include integration with ''PnP-X'' and ''Function Discovery''. See Also: Windows Rally NETWORK SECURITY Windows Vista also introduces Network Access Protection (NAP), which makes sure that computers connecting to a network conform to a required level of ''system health'' as has been set by the administrator of the network. With NAP enabled on a network, when a Windows Vista computer attempts to join a network, it is verified that the computer is up-to-date with security updates, virus signatures and other factors, including configuration of IPsec and 802.1x authentication settings, specified by the network administrator. It will be granted full access to the network only when the criteria is met, failing which it may be either denied access to the network or granted limited access only to certain resources. It may optionally be granted access to servers which will provide it with the latest updates. Once the updates are installed, the computer is granted access to the network. However, Windows Vista can only be a NAP client, i.e., a client computer which connects to a NAP enabled network. Health policy and verification servers have to be running Windows Server 2008 . NETWORK DIAGNOSTICS The ability to assist the user in diagnosing a network problem is expected to be a major new networking feature. There is extensive support for runtime diagnostics for both wired and wireless networks, including support for TCP Management Information Base (MIB)-II and better system event logging and tracing. It can inform user of most causes of network transmission failure, such as incorrect IP address, gateway failure, port in use, receiver not ready etc. Transmission errors are also exhaustively logged, which can be analyzed to better find the cause of error. Windows Vista has a greater awareness of the network topology the host computer is in, using technologies such as Universal Plug And Play . With this new network awareness technology it can provide help to the user in fixing network issues or simply provide a graphical view of the perceived network configuration. There is also a new "Network and Sharing Center", allowing the administration of the network topology. Windows Vista also provides a GUI module for configuration of both IPv4 and IPv6 properties. WINDOWS FILTERING PLATFORM PEER-TO-PEER COMMUNICATION Windows Vista includes support for Peer-to-peer communication and includes implementation of Peer-to-peer protocols out-of-the-box. It also includes a new version of the Peer Name Resolution Protocol (PNRPv2), which is faster and more scalable. Peer-to-peer networking functionality can be accessed from the WinSock API as well. The peer-to-peer networking subsystem can also discover other people running the same service in the local subnet, using a feature dubbed ''People Near Me''. This facility can be used to develop ad-hoc collaborative applications. A planned feature in Windows Vista would have taken advantage of Peer-to-peer technology to provide a new type of domain-like networking setup known as a Castle, but this did not make it into the release version. Castle would have made it possible to have an identification service, which provides user authentication, for all members on the network, without a centralized server. It would have allowed user credentials to propagate across the peer-to-peer network, making them more suitable for a home network. BACKGROUND INTELLIGENT TRANSFER SERVICE The new Background Intelligent Transfer Service (BITS) 3.0 has a new feature called ''Neighbor Casting'' which supports peer-to-peer file transfers within a Domain . This facilitates ''peer caching'' allows users to download and serve content (such as WSUS updates) from peers on the same subnet, receive notification when a file is downloaded, access the temporary file while the download is in progress, and control HTTP redirects. This saves bandwidth on the network and reduces performance load on the server. BITS 3.0 also uses Internet Gateway Device counters to more accurately calculate available bandwidth. SERVER MESSAGE BLOCK 2.0 SMB 2 has two big benefits to Microsoft. The first is clear intellectual property ownership. SMB 1 was originally designed by IBM and was shipped on a wide variety of non-Windows operating systems such as SCO Xenix, OS/2 and DEC VMS (Pathworks). It was partially standardised by X/Open and also had draft standards for IETF which lapsed. (See http://ubiqx.org/cifs/Intro.html for historical detail). The second benefit is a clean break. Microsoft's SMB1 code has to work with a huge variety of SMB clients and servers. A large number of items in the protocol are optional (such as short and long filenames), there are many infolevels for commands (selecting what structure is returned to a particular request), unicode was a later addition etc. With SMB2 there is significantly reduced compatibility testing (currently only other Vista clients and servers). Additionally the code is a lot less complex since there is far less variability (eg there is no need to worry about having Unicode and non-Unicode code paths as SMB2 requires Unicode support). WINSOCK KERNEL Winsock Kernel (WSK) is a new transport-independent kernel-mode Network Programming Interface (NPI) for that provides TDI client developers with a sockets-like programming model similar to those supported in user-mode Winsock. While most of the same Sockets programming concepts exist as in user-mode Winsock such as socket, creation, bind, connect, accept, send and receive, ''Winsock Kernel'' is a completely new programming interface with unique characteristics such as Asynchronous I/O that uses IRPs and event callbacks to enhance performance. TDI is supported in Windows Vista for backward compatibility. REFERENCES EXTERNAL LINKS
|
|
|