Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Microsoft Networking IT

Vista's 'Next Gen' TCP/IP Stack 259

boyko.at.netqos writes "Microsoft's new Vista TCP/IP stack might be beneficial to businesses looking to increase use of their IT infrastructure... if they did it right. Ted Romer at Network Performance Daily writes: '[Vista] now allows us to throttle outbound traffic at a client or server. For example, you can throttle the bandwidth of a particular subnet to a particular server, giving some departments more access to the servers that they need. You can even restrict outgoing bandwidth for certain peer-to-peer applications like bit torrent. This shaping can also be handy when applied to servers, allowing less bandwidth for certain users/departments, and more for others. While consumers may debate whether Vista is a worthwhile upgrade, I believe it to be important for enterprise customers who will best be able to put Vista's capabilities to their fullest potential. Of course, I'm getting it for DirectX 10 games, but that's just me.'"
This discussion has been archived. No new comments can be posted.

Vista's 'Next Gen' TCP/IP Stack

Comments Filter:
  • "redesigned from the ground up"

  • Will it... (Score:5, Interesting)

    by Threni ( 635302 ) on Friday December 08, 2006 @08:32AM (#17161030)
    ...let me choose how much bandwidth to allocate to each app, and their relative priority? I want my browser to go first, then Google talk, then any updates (OS, virus checker, firewall) and finally P2P. It's quite annoying that I can't do that on XP. Perhaps it's a tricky problem though.
    • Re:Will it... (Score:5, Informative)

      by TheRaven64 ( 641858 ) on Friday December 08, 2006 @08:42AM (#17161164) Journal
      It's quite tricky because, typically, the TCP/IP stack has no knowledge of which application is the originator of a particular packet. The application talks to the very top layers of the network stack, and says 'send this buffer to this socket.' This then talks to the lower levels of the stack. On OpenBSD[1] you could conceivably create a virtual network interface for each application that was bridged with the real one and added a tag to all packets, which could then be used for filtering. It would be possible to add an mbuf tag to the packet with the originating process as soon as it was created, although I don't believe this is currently supported. I might have a poke at the code and see how hard it would be...


      And, probably, other systems. I'm just most familiar with OpenBSD's filtering.

      • Here's my script [theknack.net] to do this in Linux. What it does is prioritize these types of outbound traffic, in order: voip (vonage), ssh (to or from my domain), web browsing, scp, other people browsing my website, other (filesharing, mail).

        Mostly it works by discriminating on the basis of source or destination port. A couple apps are nice enough to set the "type of service" bits in the ip header, so you don't need to look at port numbers.

        • by mi ( 197448 )

          Mostly it works by discriminating on the basis of source or destination port. A couple apps are nice enough to set the "type of service" bits in the ip header, so you don't need to look at port numbers.

          So, if my torrent-client marks its packets as "ssh", your setup will grant them a higher priority whatever the port they are heading to? I'll make a note of this...

          Joking aside, what this means is that this tag-based shaping only makes sense only on systems/networks within the same administrative domain

          • by jZnat ( 793348 ) *
            I think the point of the script is for personal use. With it, you can browse the web and generally use your computer while also serving sshd, httpd, and bittorrent with minimal slowdown.
    • Re:Will it... (Score:5, Informative)

      by beuges ( 613130 ) on Friday December 08, 2006 @09:09AM (#17161452)
      Windows' OS updates already assume lowest priority, via BITS [microsoft.com]. BITS is available to be used by any application that wants to use it, so if antivirus/firewall vendors decided to make use of it, rather than rolling their own solutions, all those updates can happen at lowest priority also. It's QOS requesting lowest priority, rather than highest priority.

      I'm not sure if you can specify individual priority levels, but the OS already allows applications to download using the lowest priority.
    • No, but you can do that in XP and (presumably) Vista using the excellent Netlimiter program.

      http://www.netlimiter.com/ [netlimiter.com]

      Back when I worked at an ISP with a shared bandwidth broadband solution, we would politely suggest that to the college jackasses downloading Bittorrent without setting it up to be network friendly (like we asked/demanded/etc). It really does work quite well.
    • yes it will do that.
    • Re: (Score:3, Insightful)

      by dave420 ( 699308 )

      You can do that - XP has a QoS service that can do exactly what you want. I use it when I'm at work to prioritise my RDP over any torrents downloading, and to make sure my mp3 streams from home don't get choked.

      WinTC [vector.co.jp] - a small service used to configure the Windows QoS service.

      If that doesn't do it for you, you could download something like NetLimiter, and use that to manage your bandwidth.

  • by Anonymous Coward on Friday December 08, 2006 @08:32AM (#17161034)

    because it sure reads like one
    Microsoft is desperate to get business interested in their Vista product so will trot about all manner of reasons to buy it, but business are not biting, unless this Vista can make workers type faster or calc spreadsheets quicker or email faster than there is NO productivity gains unless wowing the coworker with a 3D AIGLX/Beryl like desktop counts as productive

    if an Enterprise is worried about client bandwidth they would already be using a tool dedicated for the job like, say a Router

    • Re: (Score:3, Informative)

      by dbIII ( 701233 )

      unless this Vista can make workers type faster or calc spreadsheets quicker or email faster than there is NO productivity gains

      Actually there probably will be. My coworkers on XP spend surprising amounts of time staring at the screen waiting for the machine to allow user input again - inproving this WILL improve productivity by a few minutes a day. The ones that do not suffer this have dual processor systems.

      That said - moving to *nix the gnome desktop with remote appications open can suck intensely if

      • by garcia ( 6573 )
        Actually there probably will be. My coworkers on XP spend surprising amounts of time staring at the screen waiting for the machine to allow user input again - inproving this WILL improve productivity by a few minutes a day. The ones that do not suffer this have dual processor systems.

        Well, at work I use Access and am frequently staring at the screen waiting for it to allow input (and frequently hoping it won't hang the rest of the system). I have a feeling that Vista won't stop that behavior unless they ha
        • Re: (Score:3, Interesting)

          I have noticed this in a lot of Windows apps as well and it dumbfounds me that, after all these years, Microsoft programmers still haven't got threaded programming into their heads.

          I mean, why does Access requesting data from a network database freeze up the entire machine (or at least the whole TCP/IP stack)? And nothing frustrates me more than Outlook. When you're typing an email message and Outlook "requests data from server" in the background, freezes your input into the current window. Damn, guys.

          • I mean, why does Access requesting data from a network database freeze up the entire machine ... Damn, guys.. do that crap in a background thread

            Good sign of a "mature code base" — it's so nasty, they'd rather put a workaround in the OS to support its bad habits than fix it. I remember under NT, Access would peg the CPU at 100% just sitting there. I assume it was actively polling for events it needed to service, probably due to some deficiency in the Win95 message handler (or more likely, to provide some feature). Anybody else remember how Word for the Mac wasn't available under (System 7.5?) for a long time, because apparently the same co

      • Actually there probably will be. My coworkers on XP spend surprising amounts of time staring at the screen waiting for the machine to allow user input again - inproving this WILL improve productivity by a few minutes a day. The ones that do not suffer this have dual processor systems.

        That sounds pretty far fetched to me. I don't know what you do, but most people don't spend that much time waiting on the OS. And if Vista has made a reputation for itself so far, it hasn't been for running faster on exis

        • by dbIII ( 701233 )
          That sounds pretty far fetched to me.

          If you find that far fetched you probably don't even notice you are doing it for a few seconds at a time dozens of times a day - just staring at the screen waiting for it to give you the keyboard and mouse back. Try using systems that do not have explorer.exe or MS Windows systems that have with more than one processor and you'll see that you won't be waiting for screen refreshes. Failing that try win2k or windows2003.

  • Enterprise (Score:5, Insightful)

    by dbIII ( 701233 ) on Friday December 08, 2006 @08:35AM (#17161060)
    Wouldn't enterprise customers have purchased routers that do this five years ago to handle the QoS - and managed switches ten years ago to handle the rest?

    OK - it is nice, but it certainly is not new.

    • This can be done pretty easily on a Catalyst switch by configuring VLANs, but it's nice to have this feature in Windows as well. Active Directory is a handy one-stop-shopping interface for centralized administration. Presumably you'll be able to push group policies and stuff to do minute tasks like allowing a subnet a higher percentage of bandwidth at certain times of day.
    • Routers don't know protocols. These days, every new application tunnels over HTTP. Routers can't prioritize VoIP-over-HTTP at the expense of Filesharing-over-HTTP.
  • games? (Score:5, Funny)

    by Anonymous Coward on Friday December 08, 2006 @08:36AM (#17161064)
    Of course, I'm getting it for DirectX 10 games, but that's just me

    Just you? Wow, those will be some disappointing sales figures.
  • by eclectro ( 227083 ) on Friday December 08, 2006 @08:36AM (#17161068)
    If that guy in accounting is spending all his time downloading movies off from bittorent, wouldn't it be better to fire him instead of shaping his packets??
  • <sarcasm>The innovation! What will MS think of next?<sarcasm>
  • by AngusSF ( 34059 ) <angussf.geoapps@com> on Friday December 08, 2006 @08:43AM (#17161172) Homepage
    GRC | Security Now! Transcript of Episode #51 "Vista's Virgin Stack" http://www.grc.com/sn/SN-051.htm [grc.com]
    • Re: (Score:3, Insightful)

      by vadim_t ( 324782 )
      Uhh, what the heck is that nonsense? I see no actual discussion of anything there.

      This is the "security expert" that never heard of SYN Cookies before, started the whole mess about raw sockets in XP, and ran (or maybe still runs, haven't checked) a port scanner's supposed to scan the ports of the one going to the website, but can be tricked into scanning somebody else.

      • It's an, uh, you know, article about, you know, Vista. And you know, it talks about the, you know, network stack. And you know, about Win2000's stack and, you know, where it may have come from, and, you know, about supposed problems in Vista's, you know, stack. And you know, those guys sure say 'you know' an awful, you know, lot.
  • by Giant Ape Skeleton ( 638834 ) on Friday December 08, 2006 @08:44AM (#17161188) Homepage
    Big deal. ______ has had this in the kernel since ______.
  • Throttle network traffic is great ... if either your network or your server capacity suck.
    • by eklitzke ( 873155 ) on Friday December 08, 2006 @10:13AM (#17162278) Homepage
      The bandwidth throttling may not be a big deal to you, but on high bandwidth high latency links you can get huge performance improvements (i.e. 10-100x) with proper use of TCP window scaling. In the original TCP spec the window size could be no more than 64 KB, but this behavior was later amended and a TCP option was added to allow you to increase this value.

      The optimal window size is (Round Trip Time)*(Bandwidth). For my internet connection (600 KBps) that means that a 64KB window is only adequate for sites whose ping time is no greater than 110 ms. For sites with a higher latency, the amount of bandwidth I can get in a TCP connection between me and this host is artificially limited by my TCP window size.

      Right now it generally isn't possible to get a reliable connection after increasing the window size past 64 KB because some older/cheapo routers will not work with TCP windows greater than 64K. But if this gets into Vista and TCP window scaling options started getting heavy use, there would be a lot of pressure on sites with broken routers to get them fixed, and then those of us with high bandwidth connections would reap the benefits.
  • by amorsen ( 7485 ) <benny+slashdot@amorsen.dk> on Friday December 08, 2006 @08:55AM (#17161306)
    Yay! Now people will hopefully fix their firewalls so I can turn those on again in my Linux boxes.
  • by rs232 ( 849320 ) on Friday December 08, 2006 @08:58AM (#17161340)
    What does Vista TCP/IP do that http://en.wikipedia.org/wiki/Ipv6 [slashdot.org]">IPV6 cannot and I don't mean such feetures that are welded to the Vista API.
    • by zootm ( 850416 )
      I think you're confused here. This is just a specific implementation of TCP/IP, not a different protocol or anything.
      • "I think you're confused here. This is just a specific implementation of TCP/IP, not a different protocol or anything"

        Then please go ahead and enlighten me. What does Vista TCP/IP do that requires a specific implementation

        was Re:IPV6 ..
        • by zootm ( 850416 )

          I'm not entirely sure, it all looks very much like algorithmic tweaks and stuff. I'm aware at least of Compound TCP [wikipedia.org], which supposedly has large benefits in some scenarios.

          Reading the article itself might be an idea here, though, since it is an article on the new features.

    • You know, that will be a useful argument when we're all using IPv6, which we are not. It's useful to wring more performance out of IPv4 since it will be here for a while.
  • by BrianRoach ( 614397 ) on Friday December 08, 2006 @09:00AM (#17161364)
    Rather interesting that the quote in the summary here on slashdot skipped this (emphasis mine):

    FTFA: "Vista's ability to use centrally configured group-policies to push out policies to specific users or servers, and allows tagging of packets with the Diffserv code point values, so that our network infrastructure can see the marking and react to it in different ways - whether it's VoIP traffic, or TCP/IP business critical traffic, or web-surfing traffic. (Granted, this QoS doesn't guarantee anything, it just marks the packet in Windows and it is up to your network infrastructure to honor those tags.)"

    So ... it really doesn't do much. It may be slightly more convenient to configure QoS on your routers based on the tags rather than port numbers ... but that's about it.

    - Roach
    • > So ... it really doesn't do much.

      It gives the MSCEs another reason to ban Linux because they won't be able to "push out policies" to Linux boxes.
      • by BrianRoach ( 614397 ) on Friday December 08, 2006 @09:29AM (#17161688)

        And now that I've actually had some coffee ... this is just silly.

        They're breaking rule #1: Never trust the client.

        If your QoS network equipment is using these tags instead of actual port numbers, well, it's pretty easy to reconfigure how a client tags its packets.

        - Roach
        • QoS based on port numbers a) does not work for all protocols, especially those which do not use fixed ports and b) does not work in all situations, because you can listen on nonstandard ports. The only way you can accurately do QoS without help from a trusted client is to snoop the packets and determine their type that way - which of course won't work for many types of encrypted traffic.
    • I wish your post could get moved, not modded, up to the top of the comments list. This little tidbit would save a lot of ignorant comments.
    • by leuk_he ( 194174 )
      QoS ms style does require authorization form the clients. All clients that do not get authorized correct go automatically in the lowest class. so in order to get VOIP working you need a chain of authorized network equipment.

      Port is only limited. More and more applications use random ports now adays.
  • ...of iptables or netfilter did they steal from Linux to make up their new traffic-shaping capabilities that has been in Linux and other *nix variants for years?

    Woot, MS just got a bit more professional in their offering. How nice.
  • by mwilliamson ( 672411 ) on Friday December 08, 2006 @09:04AM (#17161408) Homepage Journal
    Bandwidth management _must_ not rely on the host's cooperation. All will work beautifully until a virus totally rapes the network because QoS responsibility had been shifted from the network to the hosts. Damn, this isn't just stupid, it's freaking pathetic. What next Microsoft, pull in layer 2 into your stack as well?
  • by PhrostyMcByte ( 589271 ) <phrosty@gmail.com> on Friday December 08, 2006 @09:06AM (#17161420) Homepage

    The Compound TCP talked about in TFA is disabled in Vista by default. If you want to turn it on, you can open a console with admin privs (right click Command Prompt -> Run as Administrator) and enter:

    netsh interface tcp set global congestionprovider=ctcp

    This was one of the first commands I ran after Vista installed, and the difference is noticable.

    • Re: (Score:2, Funny)

      by Slashcrap ( 869349 )
      netsh interface tcp set global congestionprovider=ctcp

      This was one of the first commands I ran after Vista installed, and the difference is noticable.


      You could be a little bit more specific about what "noticeable" means. Was it good or bad?

      I recently tried to reduce the MTU size on a server 6000 miles away via the following command :

      ifconfig eth0 mtu 1200

      But I forgot to type the "mtu" part.

      The difference was definitely noticeable. No, not in a good way.
  • by CDPatten ( 907182 ) on Friday December 08, 2006 @09:09AM (#17161466) Homepage
    Many people on Slashdot have been screaming for over a year that Vista doesn't offer anything new, nothing worth upgrading for, etc. Well, it seems to me it does. I think anyone who is intellectually honest would agree... I might be on the wrong site?

    This article points out 1 cool thing, a new networking stack, but it isn't the only thing. And actually he doesn't even talk about IPv6. For example, my lab at home I has 3 Vista installs, and the communicate out of the box over IPv6. In a couple of years IPv6 will be main-stream because of MS, and we all know the benefits from using the upgraded protocol.

    -I think it's cool that when you browse the network people can see a picture of the person instead of the Computer Icon.

    -I also do photography, and you use to be able to open an image file on an OSX machine and XP and it would look better on the OSX box. Not with vista.

    -For Remote Access: PNRP. Again, really cool... do a search if you don't know what it is.

    -Even the average business user will benefit from little things like the snippet tool (prety cool by the way, it's in the accessories folder if you haven't tried it yet).

    -I have clients that are going to love the way the Windows clock works now. They can jump around by month, year, or decade in seconds. Those little things are pretty cool.
    These are just random features that popped into my head, but it seems that Vista has LOTS of things other than Aero to encourage upgrading on all fronts (Security, tools, toys, looks, games, etc.).

    Seriously, apple announces multiple desktops and have this site has a heart attack.... then praises Steve Jobs for being an inventor, a genius, etc. Meanwhile Windows has had those features for years, hell, Unix has for decades!

    MS may not have invented the notion of every new feature in Vista, but it's a good product, and way better than XP. A worthy upgrade. It's not one feature that makes it a good product, but the cumulative of many features. I think you anti-ms people lose a lot of credibility when you blindly bash MS and say Vista sucks and it offers no reasons to upgrade for anyone. For all users it has some pretty enticing plusses.
    • > Seriously, apple announces multiple desktops and have this site has a heart
      > attack.... then praises Steve Jobs for being an inventor, a genius, etc.

      And the other half says "Unix has had this for decades".
    • Re: (Score:3, Funny)

      by Blakey Rat ( 99501 )
      No intellectually honest person is saying Vista + new Office offer nothing new. The problem is that... well... you're reading this on Slashdot.
    • by igb ( 28052 )
      In a couple of years IPv6 will be main-stream because of MS, and we all know the benefits from using the upgraded protocol.
      And for those of us who don't know the benefits, even though we've been told every year for the past five that ``next year will be IPv6!'', what are they?

      ian

    • Re: (Score:2, Insightful)

      -I also do photography, and you use to be able to open an image file on an OSX machine and XP and it would look better on the OSX box. Not with vista.

      What in the hell are you talking about?
    • If you consider those gimmicks "cool" then good for you. But I don't see any bottom line productivity gain.
      • by SEMW ( 967629 )
        You're right; it's all cool gimmics. Especially the new networking stack TFA's about. And the new sound stack too; that'll be hours of fun. XPS is a laugh, and the completely new user-mode driver model is hilarious. The Dynamic System Address Space is way cool, as is Transactional NTFS. And don't get me started on the Communication Foundation, Workflow Foundation, are Cardspace! Many happy days to be wiled away...
    • by strikethree ( 811449 ) on Friday December 08, 2006 @10:44AM (#17162644) Journal
      Seriously, apple announces multiple desktops and have this site has a heart attack.... then praises Steve Jobs for being an inventor, a genius, etc. Meanwhile Windows has had those features for years, hell, Unix has for decades!

      It seems that you must be a shill since even a fanboi would not make such an outrageous claim. MS Windows has _never_ had multiple desktops. They released a crappy powertoy for XP that supposedly emulates multiple desktops but the apps never play along nicely since MS Windows was _never_ designed with multiple desktops in mind.

      strike
    • by Idaho ( 12907 ) on Friday December 08, 2006 @10:56AM (#17162786)

      Many people on Slashdot have been screaming for over a year that Vista doesn't offer anything new.

      Yes, and it looks like you've just proven this point yourself. Thanks for pointing it out yourself, here goes:


      IPv6.

      Has been available in every other OS I know of for years. Microsoft is finally catching up here.


      -I think it's cool that when you browse the network people can see a picture of the person instead of the Computer Icon.

      Whatever. I think it's a privacy-sensitive thing that I'd want to disable ASAP, but ok. So, you can set an arbitrary picture as your login icon. Stop the presses! Groundbreaking developments!


      -I have clients that are going to love the way the Windows clock works now. They can jump around by month, year, or decade in seconds. Those little things are pretty cool.

      See above, only even more so.


      -I also do photography, and you use to be able to open an image file on an OSX machine and XP and it would look better on the OSX box. Not with vista.


      So again, if what you say is true, Microsoft is finally catching up to other OS's here once again. Btw. in fact I don't agree with you, I have used the same 19" CRT on a Mac Mini and a Windows/Linux machine, and the pictures look exactly the same (you just have to calibrate the screen right).


      Seriously, apple announces multiple desktops and have this site has a heart attack.... then praises Steve Jobs for being an inventor, a genius, etc. Meanwhile Windows has had those features for years, hell, Unix has for decades!


      !? Since when has Windows had multiple desktop built into the OS (without installing 3rd party applications, specific video card drivers or funny power tools that nobody ever bothers with - not least because many applications tend to act in very strange ways when you try to use it)? Also, if Vista finally supports this, Microsoft is, once more (how often do you want to point this out?) finally catching up with what has been taken for granted in every other major OS for ages.

      So far, my reaction to Vista (and yes, I tried to run RC2 on my AMD64 3500+ with 1GB RAM) is that it's completely underwhelming. The only thing that is overwhelming about it are the memory requirements - it managed to use 600+ MB right from booting it up!

      By the way, you also forgot to mention a few more "features", such as the fantastic customer-friendly Digital Restriction Management schemes, activation schemes that might disable your computer, etc. etc. just to name a few.
  • Is it just me or is this article describing abilities Linux + IPTables has had for years upon years?

    Hell my Linksys WRT54G with modded firmware at home does application-based traffic shaping (no way I would be able to use Vonage reliably while downloading huge ISOS if it didn't).

    How is this next generation?
  • What a surprise... (Score:3, Interesting)

    by QuietLagoon ( 813062 ) on Friday December 08, 2006 @09:49AM (#17161956)
    ... another 'Microsoft is wonderful' posting, coincident with a major product release.

    Microsoft astroturf [nwsource.com] in action.

  • by Idaho ( 12907 ) on Friday December 08, 2006 @10:36AM (#17162564)
    For example, you can throttle the bandwidth of a particular subnet to a particular server, giving some departments more access to the servers that they need. You can even restrict outgoing bandwidth for certain peer-to-peer applications like bit torrent. This shaping can also be handy when applied to servers, allowing less bandwidth for certain users/departments, and more for others.


    Why is this called "next-gen"? There is nothing "next-gen" about this. If anything, Microsoft is finally catching up with the rest of the world in this department.

    Such stuff was possible with Linux (and, I'm sure, BSD) servers for years. I know for sure because I used to have such a setup (to do traffic shaping on our -then- relatively slow internet connection shared by too many people) on a Linux server, more than 5 years ago!

    Please stop this silly use of marketingspeak of calling something "next-gen" when in fact the company under consideration is just finally catching up with what the rest of the world has been doing for ages.
  • by mr_death ( 106532 ) on Friday December 08, 2006 @02:25PM (#17165680)
    Given Microsoft's usual poor code quality, we should all be cowering in fear. The IP stack is something that needs to be battle-tested for years before we get comfortable with it. Uncle Bill and his minions have chosen to inflict an unproven stack on us for the sake of a few bells and whistles.

    This is another fine reason to delay your Vista "upgrade" until at least the second service pack -- assuming you upgrade at all.

    I'm taking bets on how many critical patches will be on the ip stack this year (2007).

The earth is like a tiny grain of sand, only much, much heavier.

Working...