Unit OS A: Windows Networking Unit OS A: Windows Networking

(1)

Unit OS A: Windows Networking Unit OS A: Windows Networking

A.1. Networking Components in Windows

(2)

Copyright Notice Copyright Notice

© 2000-2005 David A. Solomon and Mark Russinovich

These materials are part of the

These materials are part of the Windows Operating Windows Operating System Internals Curriculum Development Kit,

System Internals Curriculum Development Kit, developed by David A. Solomon and Mark E.

developed by David A. Solomon and Mark E.

Russinovich with Andreas Polze Russinovich with Andreas Polze

Microsoft has licensed these materials from David Microsoft has licensed these materials from David Solomon Expert Seminars, Inc. for distribution to Solomon Expert Seminars, Inc. for distribution to academic organizations solely for use in academic academic organizations solely for use in academic environments (and not for commercial use)

environments (and not for commercial use)

(3)

Roadmap for Section A.1 Roadmap for Section A.1

General Concepts - Windows Networking General Concepts - Windows Networking

Domains & Active Directory Domains & Active Directory

The ISO/OSI Reference Model The ISO/OSI Reference Model

Networking APIs Networking APIs

Redirector/Server Operation Redirector/Server Operation

Transport Driver Interface (TDI) Transport Driver Interface (TDI)

Layered Network Services

(4)

Roots of Windows Networking Roots of Windows Networking

MS-DOS 3.1:

Added file-locking and record-locking to FAT file system Added file-locking and record-locking to FAT file system Product: Microsoft Networks (MS-NET; 1984)

Product: Microsoft Networks (MS-NET; 1984)

Uniform naming convention (UNC): NET USE X: \\SERVER\SHARE Uniform naming convention (UNC): NET USE X: \\SERVER\SHARE MS-NET established some traditions:

MS-NET established some traditions:

Redirector traps I/O requests destined to remote file, directory, printer Redirector traps I/O requests destined to remote file, directory, printer MS-NET redirector sends request to remote server

MS-NET redirector sends request to remote server NT networking supports multiple redirectors

NT networking supports multiple redirectors

Server Message Block protocol (introduced in MS-NET) Server Message Block protocol (introduced in MS-NET)

NetBIOS interface (API) to pass I/O requests in SMB format NetBIOS interface (API) to pass I/O requests in SMB format Network Server

Network Server

Accepts and handles SMB requests; peer-to-peer networking Accepts and handles SMB requests; peer-to-peer networking LAN Manager

LAN Manager

Network domains; share account/security info Network domains; share account/security info

(5)

Networking in Windows Networking in Windows

Design goals Design goals

Integral, application-transparent networking Integral, application-transparent networking

services services

Basic file and print sharing and using services Basic file and print sharing and using services

A platform for distributed applications A platform for distributed applications

Application-level inter-process communication (IPC) Application-level inter-process communication (IPC)

Windows should provide an expandable Windows should provide an expandable

platform for other network components

(6)

Domains Domains

Allow a shared security database across a group of computers Allow a shared security database across a group of computers

Each domain controller has a copy Each domain controller has a copy

Member computers refer to the domain controllers for authentication Member computers refer to the domain controllers for authentication

Two styles:

Legacy NT 4 Domains Legacy NT 4 Domains

Security database stored in Registry SAM & SECURITY hives Security database stored in Registry SAM & SECURITY hives Limited support for relationships between domains

Limited support for relationships between domains Netlogon for authentication

Netlogon for authentication

Windows 2000 Active Directory-based Domains Windows 2000 Active Directory-based Domains

Security database stored in Active Directory Security database stored in Active Directory

Win2000/XP/2003 domains support forests – domain hierarchies – for Win2000/XP/2003 domains support forests – domain hierarchies – for better scaling in large organizations

better scaling in large organizations Kerberos authentication

Kerberos authentication

(7)

Active Directory

(8)

Active Directory Active Directory

Active Directory is the Windows implementation of Lightweight Active Directory is the Windows implementation of Lightweight Directory Access Protocol (LDAP) directory services

Directory Access Protocol (LDAP) directory services

Active Directory’s core is a database that stores objects Active Directory’s core is a database that stores objects

representing resources defined by applications in a Windows representing resources defined by applications in a Windows network

network

File is ntds.dit File is ntds.dit

Active Directory supports a number of APIs Active Directory supports a number of APIs

LDAP C API LDAP C API

Active Directory Service Interfaces (ADSI) COM interface Active Directory Service Interfaces (ADSI) COM interface Messaging API (MAPI)

Messaging API (MAPI)

Security Account Manager (SAM) APIs

Windows NT 4 networking APIs (Net APIs)

(9)

OSI Reference Model OSI Reference Model

Computer network is an

Computer network is an interconnected collection of autonomous interconnected collection of autonomous computers

computers (Tanenbaum) (Tanenbaum)

Standardize and integrate networking software:

International Standards Organization defined a software model for International Standards Organization defined a software model for sending messages between machines

sending messages between machines

Open Systems Interconnection (OSI) reference model Open Systems Interconnection (OSI) reference model

Idealized scheme Idealized scheme

Each layer on one machine assumes that it is „talking“ to the same Each layer on one machine assumes that it is „talking“ to the same layer on the other machine

layer on the other machine

Each layer provides services to higher layers and abstracts from Each layer provides services to higher layers and abstracts from implementation of services at lower layers

implementation of services at lower layers

(10)

OSI Reference Model (contd.) OSI Reference Model (contd.)

Application Presentation

Session Transport

Network Data Link

Physical

Application Presentation

Session Transport

Network Data Link

Physical Virtual

communication

Client Machine Server Machine

Transmission medium

Protocol stack

(11)

Layers in the OSI Model Layers in the OSI Model

Application layer (7) Application layer (7)

Information transfer between network apps.,Initiation of data Information transfer between network apps.,Initiation of data exchange

exchange

Security checks, identification of participating machines Security checks, identification of participating machines

Presentation layer (6) Presentation layer (6)

Data formatting, data compression, encoding, etc.

Session layer (5) Session layer (5)

Manages connection between cooperating applications Manages connection between cooperating applications

High-level synchronization and monitoring: who is talking/listening High-level synchronization and monitoring: who is talking/listening

Transport layer (4) Transport layer (4)

Divides messages into packets, assigns sequence numbers Divides messages into packets, assigns sequence numbers

Segmentation, assembly; hides changes in networking hardware

(12)

Layers in the OSI Model (contd.) Layers in the OSI Model (contd.)

Network layer (3) Network layer (3)

Routing, congestion control, internetworking Routing, congestion control, internetworking

Highest layer, that understands network topology Highest layer, that understands network topology

(physical configuration of machines, type of cabling, bandwidth limits) (physical configuration of machines, type of cabling, bandwidth limits)

Data-link layer (2) Data-link layer (2)

Transmits low-level data frames, waits for acknowledgements Transmits low-level data frames, waits for acknowledgements Re-transmission of lost packets

Re-transmission of lost packets

Physical layer (1) Physical layer (1)

Passes bits to the network cable/physical transmission medium Passes bits to the network cable/physical transmission medium

(13)

OSI Model and Windows Networking OSI Model and Windows Networking

Application (7) Presentation (6) Session (5) Transport (4) Network (3) Data Link (2) Physical (1)

File I/O, Named Pipes, or Mailslots

Environment Subsystem Redirector

Ethernet, Token Ring,...

Provider Interface TDI

NetBIOS Windows Sockets

NDIS Environment and Drivers NDIS 5.0 Interface

TCP/IP NetBEUI

SMB protocol

Various transport protocols NDIS protocol

Server

Transmission medium

Client Machine Server Machine

(14)

Networking APIs Networking APIs

Windows I/O API Windows I/O API

Open, close, read, write with UNC names referring to remote files Open, close, read, write with UNC names referring to remote files

Windows network (WNet) API Windows network (WNet) API

Browse file systems via LAN Manager, NetWare, VINES, nfs,...

Windows named pipe and mailslot APIs Windows named pipe and mailslot APIs

Message passing between apps., broadcasting Message passing between apps., broadcasting

NetBIOS API NetBIOS API

Backward compatibility for MS-DOS, 16-bit Windows, OS/2 apps.

Windows Sockets API Windows Sockets API

16/32-bit UNIX-style standard interface for networking 16/32-bit UNIX-style standard interface for networking

Remote Procedure Call (RPC) facility Remote Procedure Call (RPC) facility

Compatible with Distributed Computing Environment (DCE) RPC

(15)

Networking APIs Networking APIs

Applications link with user- Applications link with user- mode DLLs that present the mode DLLs that present the networking API

networking API Example:

Example:

Winsock, WS2_32.DLL Winsock, WS2_32.DLL

Networking API DLLs often rely on kernel-mode drivers Networking API DLLs often rely on kernel-mode drivers (TDI clients) to interface to network protocol drivers

(TDI clients) to interface to network protocol drivers

The Winsock libraries maintain socket state information, but The Winsock libraries maintain socket state information, but also rely on an API driver, AFD, in kernel mode as a foundation also rely on an API driver, AFD, in kernel mode as a foundation Kernel-mode integration with I/O Manager allows file system Kernel-mode integration with I/O Manager allows file system APIs to also work for networking

APIs to also work for networking

Application

ReadFile

I/O Manager

Ws2_32.dll

AFD.SYS

User mode kernel mode

(16)

Named Pipes Named Pipes

Microsoft originally developed these APIs for OS/2 LAN Microsoft originally developed these APIs for OS/2 LAN Manager

Manager

Bi-directional, reliable connection-oriented Bi-directional, reliable connection-oriented communication

communication

Messaging mode for transmitting and receiving full messages Messaging mode for transmitting and receiving full messages

Fully implemented on Windows, only partially on Win9x Fully implemented on Windows, only partially on Win9x (only client support)

(only client support)

\\Server\Pipe\AppPipe

Server Application

Client Application

Named Pipe Instances Client Named Pipe Endpoint

(17)

Mail Slots Mail Slots

Like Named Pipes, are a LAN Manager API Like Named Pipes, are a LAN Manager API

Supports unidirectional, unreliable broadcast Supports unidirectional, unreliable broadcast

Fully implemented on Win9x Fully implemented on Win9x

\\Server1\Mailslot\AppSlot

Server Application

\\Server2\Mailslot\AppSlot

Server Application

\\*\Mailslot\AppSlot

Client

Application

Client Mailslot Endpoint

(18)

Winsock Winsock

Microsoft’s implementation of BSD Unix (Berkeley Microsoft’s implementation of BSD Unix (Berkeley Software Distribution) Sockets

Software Distribution) Sockets

BSD Sockets are the Internet API BSD Sockets are the Internet API

Used widely on UNIX Used widely on UNIX

Winsock consortium helps define Winsock API Winsock consortium helps define Winsock API

Reliable connection-oriented (streams) and unreliable Reliable connection-oriented (streams) and unreliable

connectionless (datagram) modes connectionless (datagram) modes

Listen Socket

Server Application

Client Socket

Client

Application

Accept

Connect

send, recv Listen

(19)

System Area Networks System Area Networks

System Area Networks (SAN) is a connection-oriented server interconnect System Area Networks (SAN) is a connection-oriented server interconnect

Not to be confused with Storage Area Networks (SAN) Not to be confused with Storage Area Networks (SAN)

Provides reliable, in-order delivery

Both network and bus semantics:

Messages Messages

Remote DMA (memory semantics) Remote DMA (memory semantics)

Segmentation/reassembly in hardware Segmentation/reassembly in hardware

Interconnect types include

InfiniBand

InfiniBand Ethernet Ethernet

FiberChannel FiberChannel Proprietary Proprietary

Even shared memory Even shared memory

(20)

System Area Networks System Area Networks

Data Center

Web Tier Front End

(Web Servers) Business Logic Database Backend

High-Speed SAN Fabric Internet Traffic via

Standard WAN

(21)

System Area Networks System Area Networks

WinSock Direct (WSD) allows applications to get WinSock Direct (WSD) allows applications to get

performance benefits of SANs performance benefits of SANs

No application modification needed No application modification needed

Provides third generation task offload

(22)

System Area Networks System Area Networks

Socket App Winsock

TCP/IP WinSock Provider

TCP/IP Transport Driver

NDIS Miniport

NIC

Socket App Winsock

TCP/IP WinSock Provider

TCP/IP Transport Driver

SAN NDIS Miniport

Winsock Switch

SAN Winsock Provider

SAN Proxy Driver User Mode

Kernel Mode

NDIS WinSock

SPI

Traditional Model Winsock Direct Model

SAN Hardware

Private interface

(23)

Client-Side View of Network I/O Client-Side View of Network I/O

Application, Subsystem,

or DLL

User mode Kernel mode System Services

I/O Manager

Transport driver interface (TDI)

Redirector File System

Network Transport

Drivers

Windows Drivers

Windows I/O system service

(24)

Server-side View of Network I/O Server-side View of Network I/O

User mode Kernel mode

System Services

I/O Manager

Local File System

Driver

Network Transport

Drivers

Windows Drivers

Server

„File System“

Copy data into buffer

Call next driver

Issue I/O

(25)

Network I/O - the complete Picture Network I/O - the complete Picture

Client

Application Kernel32.Dll

Rdbss.Sys

Protocol Driver (TDI Server) Cache Manager

Server

File System Driver

Protocol Driver (TDI Server) Cache Manager

Local File System Driver

(NTFS, FAT)

Disk File Data

Ntdll.Dll

(26)

Routes to the Network Routes to the Network

Each API finds its way to the network through a different route Each API finds its way to the network through a different route

Windows API I/O routines call I/O system services;

I/O manager sends IRPs to redirector I/O manager sends IRPs to redirector

Sockets API and NetBIOS API are DLLs, that call I/O services Sockets API and NetBIOS API are DLLs, that call I/O services

I/O manager sends IRPs to Sockets and NetBIOS drivers I/O manager sends IRPs to Sockets and NetBIOS drivers

Services – comparable to UNIX daemon processes Services – comparable to UNIX daemon processes

Service controller

manages loading and starting of NT services manages loading and starting of NT services Services may export an API to support specific functions, e.g.:

Services may export an API to support specific functions, e.g.:

Administering built-in redirector (LAN Man

Administering built-in redirector (LAN Man WS service WS service , , Server service) Server service ) Sending alert messages (disk full) to logged-on users (

Sending alert messages (disk full) to logged-on users ( alerter service) alerter service ) Receiving messages (print job notification) from other systems

Receiving messages (print job notification) from other systems

( ( messenger service messenger service ) )

(27)

Sockets DLL

NetBIOS DLL

Routes to the Network (contd.) Routes to the Network (contd.)

Application Process Application

Process Windows

Subsystem

I/O API

Workstation Service Server

Service

User mode Kernel mode Built-in

Redirector

Windows Sockets

Driver

NetBIOS Driver

Network Transports Network

Server

NTFS CDFS

I/O Manager Network

File I/O Network browsing

WNet DLL

Application Process

Transport Driver Interface (TDI) User-space

Services

(28)

Built-in Networking Components Built-in Networking Components

Redirector and network server:

Introduced with MS-NET (assembly lang.);

completely re-written (C) for Windows NT/2000 completely re-written (C) for Windows NT/2000 Implemented as loadable file system drivers Implemented as loadable file system drivers

Can coexist with other vendor‘s redirectors and servers Can coexist with other vendor‘s redirectors and servers

Implemented as file system drivers, that means:

Part of the Windows executive Part of the Windows executive

Access to I/O manager‘s driver interfaces Access to I/O manager‘s driver interfaces

Ability to call cache manager functions directly Ability to call cache manager functions directly

I/O manager‘s layered model reflects layering of network protocols I/O manager‘s layered model reflects layering of network protocols Redirector/server can be layered on top of any transport protocol Redirector/server can be layered on top of any transport protocol driver – modular components

driver – modular components

(29)

Redirector/Server Operation Redirector/Server Operation

Compatibility:

Works with existing MS-NET & LAN Manager servers (MS-DOS, OS/2, Works with existing MS-NET & LAN Manager servers (MS-DOS, OS/2, Windows)

Windows)

Can access remote files, named pipes, printers Can access remote files, named pipes, printers Initialization:

Initialization:

Driver‘s init routine creates object

Driver‘s init routine creates object \Device\Redirector\Device\Redirector

Registers dispatch routines for driver operations (open, close, read,..) Registers dispatch routines for driver operations (open, close, read,..) Reliability:

Reliability:

Periodic reconnect to servers; mask transient faults, if possible Periodic reconnect to servers; mask transient faults, if possible Maintains tables of open files; reopens files on reconnect

Maintains tables of open files; reopens files on reconnect Asynchronous operation: (support for asynch. I/O)

Asynchronous operation: (support for asynch. I/O) Return immediately to user-space process Return immediately to user-space process

Employ thread in initial system process to wait for I/O completion Employ thread in initial system process to wait for I/O completion

(30)

Resolving a Network Filename Resolving a Network Filename

Extend the reach of local I/O to include remote resources Extend the reach of local I/O to include remote resources

All these resources are objects All these resources are objects

Object manager gets involved in opening files Object manager gets involved in opening files

1. User assigns drive letter NET USE T: \\TOOLSERV\TOOLS;

workstation service creates symbolic link 2. Windows app. opens file T:\editor.exe

3. Windows subsyst. Translates name to NT object

\DosDevices\T:\editor.exe; calls NT executive to open file

4. Object manager substitutes symbolic link to \Device\Redirector

\

DosDevices Device

(31)

Name Resolution (contd.) Name Resolution (contd.)

Device objects:

Launching point into an object namespace that is not controlled by the NT object Launching point into an object namespace that is not controlled by the NT object manager

manager

Object manager calls parse method associated with the device object Object manager calls parse method associated with the device object In our case:

In our case:

Method is an I/O manager routine that calls redirector Method is an I/O manager routine that calls redirector Redirector builds SMBs (Server Message Blocks) Redirector builds SMBs (Server Message Blocks)

Remote SMB server opens file \editor.exe on \\TOOLSERV\TOOLS Remote SMB server opens file \editor.exe on \\TOOLSERV\TOOLS Locally:

Locally:

NT object manager creates local file object to represent opened file NT object manager creates local file object to represent opened file Returns object handle to caller; subsequent op. go directly to redirector Returns object handle to caller; subsequent op. go directly to redirector Remote object namespace:

Remote object namespace:

Contains \Device\Server; used to manage the server by name Contains \Device\Server; used to manage the server by name Not used when server receives request

Not used when server receives request

(32)

Open Architecture Open Architecture

Redirector, network server, transport drivers can be loaded/unloaded dynamically Redirector, network server, transport drivers can be loaded/unloaded dynamically

A variety of such components can coexist A variety of such components can coexist Windows supports multiple networks:

Windows supports multiple networks:

Access to file systems for resource connection, network browsing, and for Access to file systems for resource connection, network browsing, and for remote file and device I/O through common Windows WNet API

remote file and device I/O through common Windows WNet API

Multiple network transport protocol drivers can be loaded simultaneously;

redirectors access them through common interface redirectors access them through common interface

Supplies interface and environment (NDIS 3.0) for network card drivers to Supplies interface and environment (NDIS 3.0) for network card drivers to access NT transport drivers

access NT transport drivers Access to remote files systems via:

Access to remote files systems via:

Multiple provider router

Multiple provider router (MPR) – a DLL which determines which network to (MPR) – a DLL which determines which network to access when an app uses Windows WNet API

access when an app uses Windows WNet API

Multiple UNC provider (MUP) – a driver that determines which network to Multiple UNC provider (MUP) – a driver that determines which network to access when an app uses Windows I/O API to open remote files

access when an app uses Windows I/O API to open remote files

(33)

System Services

Multiple Provider Multiple Provider

Router (MPR) Router (MPR)

Built-In WNet Provider DLL

User mode Kernel mode Built-in

Redirector File System

Alternative Redirector File System Network Transports

I/O Manager

Network browsing

WNet DLL

Application Process

Alternative Redirector File System Transport Driver Interface (TDI)

Multiple Provider Router (MPR) DLL

WNet Provider DLLs (Novell, Banyan, ...) Provider Interface RPC

Workstation Service

(34)

System Services

Multiple UNC Provider (MUP) Multiple UNC Provider (MUP)

Windows Subsystem

I/O API

Built-in Redirector File System I/O Manager

Network File I/O

Multiple UNC Provider Router

Built-in Redirector File System Alternative Redirector File Systems Transport Driver Interface (TDI)

MUP driver is activated when

app first attempts to open remote file/device using an UNC name (instead of redirected drive letter)

I/O manager opens file with prefix

\Device\Mup\server\sharename

MUP driver receives request and

sends IRPs asynchronously to

(35)

Transport Driver Interface Transport Driver Interface

Transport protocols are implemented as drivers Transport protocols are implemented as drivers

Windows provides a single programming interface for redirectors and other Windows provides a single programming interface for redirectors and other high-level network drivers

high-level network drivers

Transport Driver Interface – TDI – allows redirectors and servers to remain Transport Driver Interface – TDI – allows redirectors and servers to remain independent from transports

independent from transports

A single version of a redirector or server can use any available transport A single version of a redirector or server can use any available transport mechanism

mechanism

TDI is asynchronous, TDI is asynchronous,

Implements generic addressing mechanism Implements generic addressing mechanism Variety of services and libraries

Variety of services and libraries

(36)

TDI Clients TDI Clients

Transport Device Interface (TDI) clients:

Support network interfaces Support network interfaces

Show up as file systems – have some characteristics of file systems Show up as file systems – have some characteristics of file systems

TDI is a kernel-mode interface TDI is a kernel-mode interface

The TDI interface is a convention for IRP device I/O commands and The TDI interface is a convention for IRP device I/O commands and formatting IRP buffers

formatting IRP buffers

A single interface allows a client use the same interface semantics to A single interface allows a client use the same interface semantics to communicate with multiple TDI protocol drivers

communicate with multiple TDI protocol drivers Example TDI clients:

Example TDI clients:

AFD – Winsock TDI client

MSFS – MailSlot TDI client

NPFS – Named Pipe TDI client

(37)

System Services

Transport Driver Interface (contd.) Transport Driver Interface (contd.)

I/O Manager

Network Server or Redirector

NetBEUI TCP/IP IPX/SPX

...

Transport Driver Interface (TDI)

Network Card Drivers NDIS interface NDIS:

Network driver

interface specification

(38)

TDI - The bigger Picture TDI - The bigger Picture

AFD File System Driver

WS2_32.Dll Application

NtReadFile, NtWriteFile,

NtCreateFile, NtDeviceIoControlFile

TCP/IP Mswsock.Dll

TDI IRPs

TDI

\Device\Afd

IPX/SPX

Protocol Drivers

NetBEUI Wshtcpip.Dll …

SPI

Service Providers

…

Ntdll.Dll

(39)

TDI Transports TDI Transports

API providers rely on TDI Transports (also called API providers rely on TDI Transports (also called transport protocol drivers) in kernel mode to take transport protocol drivers) in kernel mode to take

API requests and translate them into low-level API requests and translate them into low-level

network protocol requests for transmission network protocol requests for transmission

across the network

(40)

Transports supported by TDI Transports supported by TDI

NetBEUI transport NetBEUI transport

NetBIOS Extended User Interface – LAN transport protocol NetBIOS Extended User Interface – LAN transport protocol

developed by IBM to operate underneath the NetBIOS developed by IBM to operate underneath the NetBIOS

interface interface

TCP/IP transport TCP/IP transport

Transmission Control Protocol/Internet Protocol – wide-area Transmission Control Protocol/Internet Protocol – wide-area protocol developed for U.S. DoD to connect heterogeneous protocol developed for U.S. DoD to connect heterogeneous

(UNIX) systems (UNIX) systems IPX/SPX transport IPX/SPX transport

Internet Packet Exchange/Sequenced Packet Exchange – Internet Packet Exchange/Sequenced Packet Exchange –

protocols used by Novell‘s NetWare (connectionless comm.) protocols used by Novell‘s NetWare (connectionless comm.) AppleTalk transport

AppleTalk transport

(41)

TDI operation TDI operation

1. 1. Client allocates/formats an address open Client allocates/formats an address open TDI IRP TDI IRP

TDI returns file object known as address object TDI returns file object known as address object Equivalent to winsock bind() function

Equivalent to winsock bind() function

2. 2. Client allocates/formats Client allocates/formats connection open connection open TDI IRP TDI IRP

TDI returns

TDI returns connection object connection object (equiv. to socket())(equiv. to socket())

3. 3. Client issues Client issues associate address associate address TDI IRP TDI IRP

This associates connection object to the address object This associates connection object to the address object

4. 4. TDI client issues TDI client issues listen TDI IRP and listen TDI IRP and accept accept TDI IRP TDI IRP

Equivalent to winsock listen() and accept() Equivalent to winsock listen() and accept()

5. 5. Other TDI client issues connect Other TDI client issues connect TDI IRP TDI IRP

Specifying connection object as parameter Specifying connection object as parameter Equivalent to winsock connect()

Equivalent to winsock connect()

(42)

TDI operation (contd.) TDI operation (contd.)

TDI also supports connectionless protocols (UDP) TDI also supports connectionless protocols (UDP) TDI supports registering

TDI supports registering event callbacks event callbacks

Functions directly invoked by TDI (event notification) Functions directly invoked by TDI (event notification) No need to pre-allocate resources (buffers)

No need to pre-allocate resources (buffers)

TDI uses NDIS 5 interface to talk to drivers TDI uses NDIS 5 interface to talk to drivers

Network Driver Interface Specification (Microsoft/3Com spec., 1989) Network Driver Interface Specification (Microsoft/3Com spec., 1989) NDIS hides IRP mechanism from network driver:

NDIS hides IRP mechanism from network driver:

same driver may work for Windows 2000/XP/ME same driver may work for Windows 2000/XP/ME

NDIS 4 did serialization of requests on driver level (MP scalability ??) NDIS 4 did serialization of requests on driver level (MP scalability ??) NDIS 5 allows driver to specify concurrency constraints

NDIS 5 allows driver to specify concurrency constraints

(43)

NDIS Miniport Drivers NDIS Miniport Drivers

NDIS drivers are also called NDIS NDIS drivers are also called NDIS Miniport drivers

Miniport drivers

Microsoft supplies the NDIS port Microsoft supplies the NDIS port driver

driver

The miniport interface hides the The miniport interface hides the

specifics of the Windows I/O model, specifics of the Windows I/O model, which allows miniport drivers function which allows miniport drivers function on Win9x as well

on Win9x as well

NDIS processes own I/O request NDIS processes own I/O request packets, NDIS packets

packets, NDIS packets

(44)

NDIS Intermediate Driver NDIS Intermediate Driver

Lie between the NDIS miniport driver and the TDI Lie between the NDIS miniport driver and the TDI transport driver

transport driver

Can add functionality such as load-balancing and quality Can add functionality such as load-balancing and quality of service

of service Examples:

Examples:

Windows 2000 QOS packet classifying driver Windows 2000 QOS packet classifying driver

Network Monitor driver

(45)

NDIS 5 Features NDIS 5 Features

Report whether network medium is active Report whether network medium is active

TCP/IP uses this information to reevaluate DHCP addressing info.

TCP/IP task offloading TCP/IP task offloading

Packet checksums or IPsec can be handled at network adaptor level Packet checksums or IPsec can be handled at network adaptor level

Fast packet forwarding Fast packet forwarding

Network adaptor may perform routing (without delivering them to Network adaptor may perform routing (without delivering them to CPU) CPU)

Wake-on-LAN Wake-on-LAN

Connection-oriented NDIS Connection-oriented NDIS

Manage connection-oriented media such as Asynchronous Transfer Manage connection-oriented media such as Asynchronous Transfer Mode (ATM) devices

Mode (ATM) devices

(46)

Microsoft TCP/IP - Overview Microsoft TCP/IP - Overview

Core protocol elements, services, and the interfaces Core protocol elements, services, and the interfaces between them.

between them.

Transport Driver Interface (TDI) and Network Device Transport Driver Interface (TDI) and Network Device Interface (NDIS) are public

Interface (NDIS) are public

specifications are available from Microsoft.

A number of higher level interfaces available to user- A number of higher level interfaces available to user- mode applications.

mode applications.

The two most commonly used are Windows Sockets and The two most commonly used are Windows Sockets and

NetBIOS.

(47)

TCP/IP Implementation in TCP/IP Implementation in

Windows Windows

Support for Standard Features Support for Standard Features

Ability to bind to multiple network cards with different media types Ability to bind to multiple network cards with different media types Logical multi-homing

Logical multi-homing

Internal IP routing capability Internal IP routing capability IGMP (IP Multicasting) support IGMP (IP Multicasting) support Duplicate IP address detection Duplicate IP address detection Multiple default gateways Multiple default gateways Dead gateway detection Dead gateway detection

Automatic Path Maximum Transmission Unit (PMTU) discovery Automatic Path Maximum Transmission Unit (PMTU) discovery Performance Enhancements

Performance Enhancements

Greatly reduced broadcast traffic Greatly reduced broadcast traffic

Shorter code paths/reduced CPU utilization Shorter code paths/reduced CPU utilization Self-tuning features

Self-tuning features

(48)

TCP/IP in Windows (contd.) TCP/IP in Windows (contd.)

Services Available Services Available

Dynamic Host Configuration Protocol (DHCP) client and server Dynamic Host Configuration Protocol (DHCP) client and server Windows Internet Name Service (WINS), a NetBIOS name server Windows Internet Name Service (WINS), a NetBIOS name server Domain Name Server (DNS) (added in Windows NT 4.0)

Domain Name Server (DNS) (added in Windows NT 4.0)

Point-to-Point Tunneling Protocol (PPTP) used for virtual private remote Point-to-Point Tunneling Protocol (PPTP) used for virtual private remote networks

networks

Dial-up (PPP/SLIP) support Dial-up (PPP/SLIP) support TCP/IP network printing (lpr/lpd) TCP/IP network printing (lpr/lpd) SNMP agent

SNMP agent

Wide Area Network (WAN) browsing support Wide Area Network (WAN) browsing support

High-performance Microsoft Internet Information Server High-performance Microsoft Internet Information Server

Basic TCP/IP connectivity utilities, including: finger, FTP, rcp, rexec, rsh, Basic TCP/IP connectivity utilities, including: finger, FTP, rcp, rexec, rsh, Telnet, and tftp

Telnet, and tftp

Server software for simple network protocols, including: Character Generator, Server software for simple network protocols, including: Character Generator, Daytime, Discard, Echo, and Quote of the Day

Daytime, Discard, Echo, and Quote of the Day

TCP/IP management and diagnostic tools, including: arp, hostname, ipconfig, TCP/IP management and diagnostic tools, including: arp, hostname, ipconfig, lpq, nbtstat, netstat, ping, route, and tracert

lpq, nbtstat, netstat, ping, route, and tracert

(49)

Windows Sockets 2 in Windows Windows Sockets 2 in Windows

Windows Sockets 2 Features Windows Sockets 2 Features

Access to protocols other than TCP/IP Access to protocols other than TCP/IP

Windows Sockets 2 allows an application to use the familiar socket Windows Sockets 2 allows an application to use the familiar socket interface to achieve simultaneous access to a number of installed interface to achieve simultaneous access to a number of installed transport protocols

transport protocols

Overlapped I/O with scatter/gather Overlapped I/O with scatter/gather

Windows Sockets 2 incorporates the overlapped paradigm for Windows Sockets 2 incorporates the overlapped paradigm for socket I/O and incorporates scatter/gather capabilities as well, socket I/O and incorporates scatter/gather capabilities as well, following the model established in Windows environments

following the model established in Windows environments

Protocol-independent name resolution facilities Protocol-independent name resolution facilities : :

Windows Sockets 2 includes a standardized set of functions for Windows Sockets 2 includes a standardized set of functions for querying and working with the myriad of name resolution domains querying and working with the myriad of name resolution domains that exist today (for example DNS, SAP, and X.500)

that exist today (for example DNS, SAP, and X.500)

(50)

Windows Sockets 2 (contd.) Windows Sockets 2 (contd.)

Protocol-independent multicast and multipoint Protocol-independent multicast and multipoint : :

Windows Sockets 2 applications discover what type of multipoint or Windows Sockets 2 applications discover what type of multipoint or

multicast capabilities a transport provides and use these facilities in a multicast capabilities a transport provides and use these facilities in a

generic manner.

Quality of service Quality of service

Window Sockets 2 establishes conventions applications use to Window Sockets 2 establishes conventions applications use to

negotiate required service levels for parameters such as bandwidth and negotiate required service levels for parameters such as bandwidth and

latency. Other QOS-related enhancements include mechanisms for latency. Other QOS-related enhancements include mechanisms for

network-specific QOS extensions.

Other frequently requested extensions Other frequently requested extensions

Windows Sockets 2 incorporates shared sockets and conditional Windows Sockets 2 incorporates shared sockets and conditional

acceptance; exchange of user data at connection setup/teardown time;

and protocol-specific extension mechanisms.

(51)

RPC RPC

Remote procedure call (RPC) is a network programming standard Remote procedure call (RPC) is a network programming standard originally developed in the early 1980s

originally developed in the early 1980s

The Open Software Foundation (now the Open Group) made RPC The Open Software Foundation (now the Open Group) made RPC part of the Distributed Computing Environment (DCE)

part of the Distributed Computing Environment (DCE)

Although there is a second RPC standard, SunRPC, the Microsoft Although there is a second RPC standard, SunRPC, the Microsoft RPC implementation is compatible with the OSF/DCE standard RPC implementation is compatible with the OSF/DCE standard

RPC builds on other networking APIs, such as named pipes or RPC builds on other networking APIs, such as named pipes or Winsock, to provide an alternate programming model that in some Winsock, to provide an alternate programming model that in some sense hides the details of networking programming from an

sense hides the details of networking programming from an application developer

application developer

An RPC compiler generates networking code that application An RPC compiler generates networking code that application executes as network-transparent functions

executes as network-transparent functions Examples of applications that use RPC:

Examples of applications that use RPC:

Remote Registry service

(52)

RPC RPC

(53)

Networking APIs Networking APIs

(summary) (summary)

Named Pipes and Mailslots Named Pipes and Mailslots Windows Sockets (winsock) Windows Sockets (winsock)

Extensible API on Windows (via service provider interface – SPI) Extensible API on Windows (via service provider interface – SPI) Transport service providers: TCP/IP, NetBEUI,

Transport service providers: TCP/IP, NetBEUI,

AppleTalk, IPX/SPX, ATM, IrDA (Infrared Data Association) AppleTalk, IPX/SPX, ATM, IrDA (Infrared Data Association) Namespace service providers: DNS, Active Directory, IPX/SPX Namespace service providers: DNS, Active Directory, IPX/SPX Remote Procedure Call (DCE RPC)

Remote Procedure Call (DCE RPC)

Common Internet File System (CIFS – SMB) Common Internet File System (CIFS – SMB) Network Basic Input/Output System (NetBIOS) Network Basic Input/Output System (NetBIOS) Telephony API

Telephony API

TAPI 2.2 for C Apps, TAPI 3.0 for COM Apps TAPI 2.2 for C Apps, TAPI 3.0 for COM Apps Component Object Model – COM+

Component Object Model – COM+

Message Queuing Message Queuing

(54)

Layered Network Services Layered Network Services

Remote Access Remote Access

Dial-up remote access via Telco-infrastructure Dial-up remote access via Telco-infrastructure Virtual private network (VPN):

Virtual private network (VPN):

virtual point-to-point connection via IP network (Internet) virtual point-to-point connection via IP network (Internet) Active Directory: Windows impl. of LDAP

Active Directory: Windows impl. of LDAP (Lightweight Directory Access Protocol) (Lightweight Directory Access Protocol)

LDAP C language API LDAP C language API

Active Directory Service Interfaces (ADSI) – COM Interface to AD Active Directory Service Interfaces (ADSI) – COM Interface to AD Messaging API (MAPI) – compatibility with Exchange/Outlook Messaging API (MAPI) – compatibility with Exchange/Outlook Security Account Manager (SAM) APIs interface with auth.

Security Account Manager (SAM) APIs interface with auth.

packages packages

MSVl_0 (\Winnt\System32\Msvl_0.dll – legacy LanManager auth.) MSVl_0 (\Winnt\System32\Msvl_0.dll – legacy LanManager auth.) Kerberos (\Winnt\System32\Kdcsvc.dll – Kerberos auth.)

Kerberos (\Winnt\System32\Kdcsvc.dll – Kerberos auth.)

(55)

Layered Network Services (contd.) Layered Network Services (contd.)

Network Load Balancing Network Load Balancing

With Windows Advanced Server, NDIS intermediate driver With Windows Advanced Server, NDIS intermediate driver Useful for certain TCP/IP-based cluster-aware applications Useful for certain TCP/IP-based cluster-aware applications

File Replication Service (FRS) File Replication Service (FRS)

Used to replicate a domain controller‘s \SYSVOL directory Used to replicate a domain controller‘s \SYSVOL directory Relies on NTFS change journal

Relies on NTFS change journal

Distributed File System (DFS) Distributed File System (DFS)

Location-transparent resource access Location-transparent resource access

TCP/IP Extensions TCP/IP Extensions

Network Address Translation (IP masquerading) Network Address Translation (IP masquerading) Internet Protocol Security (IPsec)

Internet Protocol Security (IPsec) Quality-of-Service

Quality-of-Service

(56)