Vista's 'Next Gen' TCP/IP Stack

boyko.at.netqos writes "Microsoft's new Vista TCP/IP stack might be beneficial to businesses looking to increase use of their IT infrastructure... if they did it right. Ted Romer at Network Performance Daily writes: '[Vista] now allows us to throttle outbound traffic at a client or server. For example, you can throttle the bandwidth of a particular subnet to a particular server, giving some departments more access to the servers that they need. You can even restrict outgoing bandwidth for certain peer-to-peer applications like bit torrent. This shaping can also be handy when applied to servers, allowing less bandwidth for certain users/departments, and more for others. While consumers may debate whether Vista is a worthwhile upgrade, I believe it to be important for enterprise customers who will best be able to put Vista's capabilities to their fullest potential. Of course, I'm getting it for DirectX 10 games, but that's just me.'"

Re:Will it...

[TheRaven64]

It's quite tricky because, typically, the TCP/IP stack has no knowledge of which application is the originator of a particular packet. The application talks to the very top layers of the network stack, and says 'send this buffer to this socket.' This then talks to the lower levels of the stack. On OpenBSD[1] you could conceivably create a virtual network interface for each application that was bridged with the real one and added a tag to all packets, which could then be used for filtering. It would be possible to add an mbuf tag to the packet with the originating process as soon as it was created, although I don't believe this is currently supported. I might have a poke at the code and see how hard it would be...

And, probably, other systems. I'm just most familiar with OpenBSD's filtering.

Interesting discussion of this at SecurityNow

[AngusSF]

GRC | Security Now! Transcript of Episode #51 "Vista's Virgin Stack" http://www.grc.com/sn/SN-051.htm

Re:Is this a slashvertisment ?

[dbIII]

unless this Vista can make workers type faster or calc spreadsheets quicker or email faster than there is NO productivity gains

Actually there probably will be. My coworkers on XP spend surprising amounts of time staring at the screen waiting for the machine to allow user input again - inproving this WILL improve productivity by a few minutes a day. The ones that do not suffer this have dual processor systems.

That said - moving to *nix the gnome desktop with remote appications open can suck intensely if the network is busy - one window that is slow to refresh can lock the screen up for minutes which should never happen under X windows.

Window Scaling and ECN!

[amorsen]

Yay! Now people will hopefully fix their firewalls so I can turn those on again in my Linux boxes.

For anyone interested in enabling Compound TCP

[PhrostyMcByte]

The Compound TCP talked about in TFA is disabled in Vista by default. If you want to turn it on, you can open a console with admin privs (right click Command Prompt -> Run as Administrator) and enter:

netsh interface tcp set global congestionprovider=ctcp

This was one of the first commands I ran after Vista installed, and the difference is noticable.

Re:Will it...

[beuges]

Windows' OS updates already assume lowest priority, via BITS. BITS is available to be used by any application that wants to use it, so if antivirus/firewall vendors decided to make use of it, rather than rolling their own solutions, all those updates can happen at lowest priority also. It's QOS requesting lowest priority, rather than highest priority.

I'm not sure if you can specify individual priority levels, but the OS already allows applications to download using the lowest priority.

Re:Wondershaper

[vadim_t]

Well, it's expensive. Are you going to waste a box that can run Vista on that? A box that can run shorewall and traffic shaping is a P100 with 64MB RAM, which can be found for free.

You have two options:
1. The Vista box shapes traffic for itself and nothing else. This isn't terribly effective as to have a good effect you need to shape all of the traffic, giving different hosts different priority.

2. You have the Vista box as a firewall for the network. In this case it's expensive, can be broken into, and if it is, you have a major mess because all your traffic will be going through it.

An old P100 with 64MB RAM running shorewall is practically invulnerable. No ports need to be open, excepting for SSH from the internal network, or not even that. You can run it from CompactFlash and have it with no moving parts at all. It'll quietly sit there for years shoveling packets back and forth with zero problems. It doesn't accept connections, it has no open ports of public services -- it's impossible to break into barring a kernel bug in the TCP stack.

Re:Wondershaper

[Ferzerp]

It's obvious that no one has RTFA....

"(Granted, this QoS doesn't guarantee anything, it just marks the packet in Windows and it is up to your network infrastructure to honor those tags.) "

Vista supports Diffserv tagging based on the user/application/whatever, enforced via group policy. It's up to your network hardware to actually do the shaping.

Re:Quoted portion leaves out important bit

[BrianRoach]

And now that I've actually had some coffee ... this is just silly.

They're breaking rule #1: Never trust the client.

If your QoS network equipment is using these tags instead of actual port numbers, well, it's pretty easy to reconfigure how a client tags its packets.

- Roach

Re:Netlimiter

[jZnat]

You can use its firewall, ipfw(8), to do QoS packet shaping (which is essentially what you're asking for). Some details are available on the MacShadows KB.

Re:-1 Linux Zealot (well... in slashdot might be +

[jedidiah]

Lack of interest.

Someone interested in SELLING you a dancemat has done the work for you in the WinDOS environment.

Networking, OTOH, is not that sort of thing. It's been well supported in Linux before there was any TCP/IP libraries even included in Windows.