Chapter 12: Networking YourComputer

Chapter 12: Networking Your Computer

In our increasingly connected world, networking and communications are critically important. Microsoft Windows Vista ensures that you can connect to a network wherever you are and from any device by giving you greater and more flexible options for accessing networks and managing network infrastructure. Not only does Windows Vista enhance support for standard networks, but it also fully supports the next generation of networks, whether you are using wired or wireless technologies.


This book was written using the Windows Vista Beta to provide an early introduction to the operating system. More so than any other area of Windows Vista, the security features discussed in this book are subject to change. Some of the features might not be included in the final product, and some of the features might be changed substantially.

Introducing TCP/IP Networking for Windows Vista

The networking components in Windows Vista have been extensively reworked. In this section, you’ll look at the changes to these components and how they are used to improve reliability while reducing transfer times. You’ll learn about:

  • The next generation of networking components.

  • The dual stack and the IP management enhancements.

Getting to Know the Next Generation TCP/IP Stack

Whether they are using wired or wireless technology, most networks use TCP/IP. TCP/IP is a protocol suite consisting of Transmission Control Protocol (TCP) and Internet Protocol (IP). TCP is a connection-oriented protocol designed for reliable end-to-end communications. IP is an internetworking protocol that is used to route packets of data over a network. Two versions of IP are in use:

  • IP version 4 (IPv4)  IPv4 is the primary version of IP used today on networks, including the Internet. IPv4 has 32-bit addresses.

  • IP version 6 (IPv6)  IPv6 is the next-generation version of IP. IPv6 has 128-bit addresses.

While many computers use only IPv4, IPv6 is increasingly being used, and eventually IPv4 may be phased out in favor of IPv6. Why? IPv4 allows only 2^32 unique addresses to be used. While 4,294,967,296 unique addresses might seem like a huge amount, it really isn’t when you look at the number of computing devices in our connected world. This is why we need IPv6, with its virtually unlimited address space, and why computers running Windows Vista have both IPv4 and IPv6 configured by default.

Windows Vista includes many other changes to the core networking components as well. Windows Vista provides a new implementation of the TCP/IP protocol stack known as the Next Generation TCP/IP stack. This stack is a complete redesign of TCP/IP functionality for both IPv4 and IPv6. The Next Generation TCP/IP stack supports:

  • Receive Window Auto Tuning  Optimizes TCP transfers for the host receiving data by automatically managing the size of the memory buffer (the receive windows) to use for storing incoming data based on the current network conditions.

  • Compound TCP (CTCP)  Optimizes TCP transfers for the sending host by aggressively increasing the amount of data sent in a connection while ensuring that other TCP connections are not impacted.

  • Neighbor Unreachability Detection  Determines when neighboring nodes, including routers, are no longer reachable and reports the condition.

  • Automatic Dead Gateway Retry  Ensures that an unreachable gateway is tried again periodically to determine whether it has become available.

  • Automatic Black Hole Router Detection  Prevents TCP connections from terminating due to intermediate routers silently discarding large TCP segments, retransmissions, or error messages.

  • Routing Compartments  Prevents unwanted forwarding of traffic between interfaces by associating an interface or a set of interfaces with a login session that has its own routing tables.

  • Network Diagnostics Framework  Provides an extensible architecture that helps users recover from and troubleshoot problems with network connections.

  • TCP Extended Statistics  Helps determine whether a performance bottleneck for a connection is the sending application, the receiving application, or the network.

  • Windows Filtering Platform  Provides application programming interfaces (APIs) for extending the TCP/IP filtering architecture so that it can support additional features.

To optimize throughput in high-loss environments, the Next Generation TCP/IP stack supports industry standard Requests For Comments (RFCs) 2582, 2883, 3517, and 4138. These changes allow the Next Generation TCP/IP stack to:

  • Modify how the TCP fast recovery algorithm is used. The new algorithm provides faster throughput by changing the way that a sender can increase its sending rate when multiple segments in a window of data are lost and the sender receives an acknowledgement stating that only part of the data has been successfully received. The old algorithm worked well for single lost segments, but it did not perform well when multiple lost segments were involved.

  • Extend the use of the Selective Acknowledgement (SACK) option for TCP. This option now allows a receiver to indicate up to four noncontiguous blocks of received data and to acknowledge duplicate packets. The sender can then determine when it has retransmitted a segment unnecessarily and adjust its behavior to prevent future retransmissions.

  • Introduce a conservative SACK-based loss recovery algorithm for TCP. This new algorithm makes it possible to use SACK information to perform loss recovery when TCP senders receive duplicate acknowledgements and to recover more effectively and quickly when multiple segments are not received at the destination.

  • Detect spurious retransmission time-outs (RTOs) with TCP. This provides correction for sudden, temporary increases in RTOs and prevents unnecessary retransmission of segments.

Learning About the Dual Stack and the IP Management Enhancements

As mentioned earlier, computers running Windows Vista have both IPv4 and IPv6 configured by default. This is a major change from earlier versions of Microsoft Windows, in which only IPv4 is used by default.

Windows Vista supports IPv4 and IPv6 by using the dual-layer Next Generation TCP/IP stack. This stack features an implementation of IP in which IPv4 and IPv6 share common transport and framing layers. Because Windows Vista enables IPv4 and IPv6 by default, there is no need to install a separate component to obtain IPv6 support.

To make IPv6 more dynamic, Windows Vista includes a number of enhancements. These enhancements include support for:

  • Symmetric network address translators (NATs)  A symmetric NAT maps the internal (private) address and port number to different external (public) addresses and ports, depending on the external destination address. This new behavior allows an IPv6 feature called Teredo to act as the go-between for a larger set of Internet-connected host computers.

  • IP Security in IPv6  Windows Vista supports IP Security for IPv6 traffic in the same way it supports IPv4 traffic. As a result, IPv6 can use Internet Key Exchange (IKE) and data encryption in the same way as IPv4. This ensures IPv6 traffic can be as secured as IPv4 traffic. When you configure an IP filter as part of an IP filter list in the IP Security Policies snap-in, you can now specify IPv6 addresses and address prefixes in IP Address or Subnet when specifying a specific source or destination IP address.

  • IPv6 over Point-to-Point Protocol (PPPv6)  PPPv6 allows native IPv6 traffic to be sent over PPP-based connections. This means that remote access clients can connect with an IPv6-based Internet service provider (ISP) through dial-up or PPP over Ethernet (PPPoE)–based connections.

  • Multicast Listener Discovery version 2 (MLDv2)  IPv6 routers use MLDv2 to identify the presence of multicast listeners and to provide support for source-specific multicast traffic. MLDv2 is equivalent to Internet Group Management Protocol version 3 (IGMPv3) for IPv4. (Multicast listeners are nodes that are configured to receive multicast packets.)

  • Link-Local Multicast Name Resolution (LLMNR)  LLMNR allows IPv6 hosts on a single subnet without a DNS server to resolve each other’s names. This feature is useful for single-subnet home networks and ad hoc wireless networks.

  • Random Interface IDs  Random Interface IDs prevent address scanning of IPv6 addresses based on the known company IDs of network adapter manufacturers. By default, Windows Vista generates Random Interface IDs for nontemporary autoconfigured IPv6 addresses, including public and local link addresses.

  • Dynamic Host Configuration Protocol version 6 (DHCPv6)  Windows Vista includes a DHCPv6-capable DHCP client. This client can use stateful address autoconfiguration with a DHCPv6 server. Or, the client can use stateless address autoconfiguration when a DHCPv6 server is not present.