Vista's 'Next Gen' TCP/IP Stack 259
boyko.at.netqos writes "Microsoft's new Vista TCP/IP stack might be beneficial to businesses looking to increase use of their IT infrastructure... if they did it right. Ted Romer at Network Performance Daily writes: '[Vista] now allows us to throttle outbound traffic at a client or server. For example, you can throttle the bandwidth of a particular subnet to a particular server, giving some departments more access to the servers that they need. You can even restrict outgoing bandwidth for certain peer-to-peer applications like bit torrent. This shaping can also be handy when applied to servers, allowing less bandwidth for certain users/departments, and more for others. While consumers may debate whether Vista is a worthwhile upgrade, I believe it to be important for enterprise customers who will best be able to put Vista's capabilities to their fullest potential. Of course, I'm getting it for DirectX 10 games, but that's just me.'"
Words to strike fear into any heart (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Interesting)
Will it... (Score:5, Interesting)
Re:Will it... (Score:5, Informative)
And, probably, other systems. I'm just most familiar with OpenBSD's filtering.
Re: (Score:2)
Mostly it works by discriminating on the basis of source or destination port. A couple apps are nice enough to set the "type of service" bits in the ip header, so you don't need to look at port numbers.
Re: (Score:2)
So, if my torrent-client marks its packets as "ssh", your setup will grant them a higher priority whatever the port they are heading to? I'll make a note of this...
Joking aside, what this means is that this tag-based shaping only makes sense only on systems/networks within the same administrative domain
Re: (Score:2)
Re: (Score:2, Interesting)
That way, I can set the priority based on what the traffic is, at the router level
works pretty well too
L7-Filter makes it easy, as parent says (Score:2)
Re: (Score:2)
Re:Will it... (Score:5, Informative)
I'm not sure if you can specify individual priority levels, but the OS already allows applications to download using the lowest priority.
Netlimiter (Score:2)
http://www.netlimiter.com/ [netlimiter.com]
Back when I worked at an ISP with a shared bandwidth broadband solution, we would politely suggest that to the college jackasses downloading Bittorrent without setting it up to be network friendly (like we asked/demanded/etc). It really does work quite well.
Re: (Score:2)
Re: (Score:3, Informative)
Re: (Score:2)
Re: (Score:3, Insightful)
You can do that - XP has a QoS service that can do exactly what you want. I use it when I'm at work to prioritise my RDP over any torrents downloading, and to make sure my mp3 streams from home don't get choked.
WinTC [vector.co.jp] - a small service used to configure the Windows QoS service.
If that doesn't do it for you, you could download something like NetLimiter, and use that to manage your bandwidth.
Is this a slashvertisment ? (Score:5, Insightful)
because it sure reads like one
Microsoft is desperate to get business interested in their Vista product so will trot about all manner of reasons to buy it, but business are not biting, unless this Vista can make workers type faster or calc spreadsheets quicker or email faster than there is NO productivity gains unless wowing the coworker with a 3D AIGLX/Beryl like desktop counts as productive
if an Enterprise is worried about client bandwidth they would already be using a tool dedicated for the job like, say a Router
Re: (Score:3, Informative)
Actually there probably will be. My coworkers on XP spend surprising amounts of time staring at the screen waiting for the machine to allow user input again - inproving this WILL improve productivity by a few minutes a day. The ones that do not suffer this have dual processor systems.
That said - moving to *nix the gnome desktop with remote appications open can suck intensely if
Re: (Score:2)
Well, at work I use Access and am frequently staring at the screen waiting for it to allow input (and frequently hoping it won't hang the rest of the system). I have a feeling that Vista won't stop that behavior unless they ha
Re: (Score:3, Interesting)
I have noticed this in a lot of Windows apps as well and it dumbfounds me that, after all these years, Microsoft programmers still haven't got threaded programming into their heads.
I mean, why does Access requesting data from a network database freeze up the entire machine (or at least the whole TCP/IP stack)? And nothing frustrates me more than Outlook. When you're typing an email message and Outlook "requests data from server" in the background, freezes your input into the current window. Damn, guys.
Re: (Score:2)
I mean, why does Access requesting data from a network database freeze up the entire machine ... Damn, guys.. do that crap in a background thread
Good sign of a "mature code base" — it's so nasty, they'd rather put a workaround in the OS to support its bad habits than fix it. I remember under NT, Access would peg the CPU at 100% just sitting there. I assume it was actively polling for events it needed to service, probably due to some deficiency in the Win95 message handler (or more likely, to provide some feature). Anybody else remember how Word for the Mac wasn't available under (System 7.5?) for a long time, because apparently the same co
Re: (Score:2)
That sounds pretty far fetched to me. I don't know what you do, but most people don't spend that much time waiting on the OS. And if Vista has made a reputation for itself so far, it hasn't been for running faster on exis
Re: (Score:2)
If you find that far fetched you probably don't even notice you are doing it for a few seconds at a time dozens of times a day - just staring at the screen waiting for it to give you the keyboard and mouse back. Try using systems that do not have explorer.exe or MS Windows systems that have with more than one processor and you'll see that you won't be waiting for screen refreshes. Failing that try win2k or windows2003.
Re: (Score:2)
ip-tables and some way of managing and monitoring it.
I use http://www.adsl-optimizer.dk/ [adsl-optimizer.dk]
Which works great, i.e. it makes my VoIP phone usable.
Enterprise (Score:5, Insightful)
OK - it is nice, but it certainly is not new.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Vista is just where MS bundl
Re: (Score:2)
games? (Score:5, Funny)
Just you? Wow, those will be some disappointing sales figures.
Alternatively (Score:5, Funny)
Re:Alternatively (Score:5, Funny)
Re: (Score:2)
wow! (Score:2)
Re: (Score:2)
Here you go.
Re: (Score:2)
In general, it simply has no way of knowing what the semantics of some mounted file system are going to be, so if you're using it to manipulate file systems with non-UNIX semantics, all bets are off. The same is true i
Interesting discussion of this at SecurityNow (Score:5, Informative)
Re: (Score:3, Insightful)
This is the "security expert" that never heard of SYN Cookies before, started the whole mess about raw sockets in XP, and ran (or maybe still runs, haven't checked) a port scanner's supposed to scan the ports of the one going to the website, but can be tricked into scanning somebody else.
Re: (Score:2)
Create your own reply (Score:5, Funny)
Re:Create your own reply (Score:5, Funny)
Re: (Score:3, Funny)
Throttle network traffic is great ... (Score:2)
You Forgot TCP Window Scaling (Score:4, Insightful)
The optimal window size is (Round Trip Time)*(Bandwidth). For my internet connection (600 KBps) that means that a 64KB window is only adequate for sites whose ping time is no greater than 110 ms. For sites with a higher latency, the amount of bandwidth I can get in a TCP connection between me and this host is artificially limited by my TCP window size.
Right now it generally isn't possible to get a reliable connection after increasing the window size past 64 KB because some older/cheapo routers will not work with TCP windows greater than 64K. But if this gets into Vista and TCP window scaling options started getting heavy use, there would be a lot of pressure on sites with broken routers to get them fixed, and then those of us with high bandwidth connections would reap the benefits.
Window Scaling and ECN! (Score:3, Informative)
IPV6 .. (Score:3)
Re: (Score:2)
specific implementation .. (Score:2)
Then please go ahead and enlighten me. What does Vista TCP/IP do that requires a specific implementation
was Re:IPV6
Re: (Score:2)
I'm not entirely sure, it all looks very much like algorithmic tweaks and stuff. I'm aware at least of Compound TCP [wikipedia.org], which supposedly has large benefits in some scenarios.
Reading the article itself might be an idea here, though, since it is an article on the new features.
Re: (Score:2)
Quoted portion leaves out important bit (Score:5, Interesting)
FTFA: "Vista's ability to use centrally configured group-policies to push out policies to specific users or servers, and allows tagging of packets with the Diffserv code point values, so that our network infrastructure can see the marking and react to it in different ways - whether it's VoIP traffic, or TCP/IP business critical traffic, or web-surfing traffic. (Granted, this QoS doesn't guarantee anything, it just marks the packet in Windows and it is up to your network infrastructure to honor those tags.)"
So
- Roach
Re: (Score:2)
It gives the MSCEs another reason to ban Linux because they won't be able to "push out policies" to Linux boxes.
Re:Quoted portion leaves out important bit (Score:5, Informative)
And now that I've actually had some coffee
They're breaking rule #1: Never trust the client.
If your QoS network equipment is using these tags instead of actual port numbers, well, it's pretty easy to reconfigure how a client tags its packets.
- Roach
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Port is only limited. More and more applications use random ports now adays.
So which parts... (Score:2)
Woot, MS just got a bit more professional in their offering. How nice.
This is a stupid idea (Score:4, Interesting)
For anyone interested in enabling Compound TCP (Score:5, Informative)
The Compound TCP talked about in TFA is disabled in Vista by default. If you want to turn it on, you can open a console with admin privs (right click Command Prompt -> Run as Administrator) and enter:
This was one of the first commands I ran after Vista installed, and the difference is noticable.
Re: (Score:2, Funny)
This was one of the first commands I ran after Vista installed, and the difference is noticable.
You could be a little bit more specific about what "noticeable" means. Was it good or bad?
I recently tried to reduce the MTU size on a server 6000 miles away via the following command :
ifconfig eth0 mtu 1200
But I forgot to type the "mtu" part.
The difference was definitely noticeable. No, not in a good way.
reasons to get vista. (Score:3, Insightful)
This article points out 1 cool thing, a new networking stack, but it isn't the only thing. And actually he doesn't even talk about IPv6. For example, my lab at home I has 3 Vista installs, and the communicate out of the box over IPv6. In a couple of years IPv6 will be main-stream because of MS, and we all know the benefits from using the upgraded protocol.
-I think it's cool that when you browse the network people can see a picture of the person instead of the Computer Icon.
-I also do photography, and you use to be able to open an image file on an OSX machine and XP and it would look better on the OSX box. Not with vista.
-For Remote Access: PNRP. Again, really cool... do a search if you don't know what it is.
-Even the average business user will benefit from little things like the snippet tool (prety cool by the way, it's in the accessories folder if you haven't tried it yet).
-I have clients that are going to love the way the Windows clock works now. They can jump around by month, year, or decade in seconds. Those little things are pretty cool.
These are just random features that popped into my head, but it seems that Vista has LOTS of things other than Aero to encourage upgrading on all fronts (Security, tools, toys, looks, games, etc.).
Seriously, apple announces multiple desktops and have this site has a heart attack.... then praises Steve Jobs for being an inventor, a genius, etc. Meanwhile Windows has had those features for years, hell, Unix has for decades!
MS may not have invented the notion of every new feature in Vista, but it's a good product, and way better than XP. A worthy upgrade. It's not one feature that makes it a good product, but the cumulative of many features. I think you anti-ms people lose a lot of credibility when you blindly bash MS and say Vista sucks and it offers no reasons to upgrade for anyone. For all users it has some pretty enticing plusses.
Re: (Score:2)
> attack.... then praises Steve Jobs for being an inventor, a genius, etc.
And the other half says "Unix has had this for decades".
Re: (Score:3, Funny)
Re: (Score:2)
ian
Re: (Score:2, Insightful)
What in the hell are you talking about?
"cool" gimmicks != productive (Score:2)
Re: (Score:2)
Re:reasons to get vista. (Score:5, Insightful)
It seems that you must be a shill since even a fanboi would not make such an outrageous claim. MS Windows has _never_ had multiple desktops. They released a crappy powertoy for XP that supposedly emulates multiple desktops but the apps never play along nicely since MS Windows was _never_ designed with multiple desktops in mind.
strike
Re:reasons to get vista. (Score:5, Insightful)
Yes, and it looks like you've just proven this point yourself. Thanks for pointing it out yourself, here goes:
Has been available in every other OS I know of for years. Microsoft is finally catching up here.
Whatever. I think it's a privacy-sensitive thing that I'd want to disable ASAP, but ok. So, you can set an arbitrary picture as your login icon. Stop the presses! Groundbreaking developments!
See above, only even more so.
So again, if what you say is true, Microsoft is finally catching up to other OS's here once again. Btw. in fact I don't agree with you, I have used the same 19" CRT on a Mac Mini and a Windows/Linux machine, and the pictures look exactly the same (you just have to calibrate the screen right).
!? Since when has Windows had multiple desktop built into the OS (without installing 3rd party applications, specific video card drivers or funny power tools that nobody ever bothers with - not least because many applications tend to act in very strange ways when you try to use it)? Also, if Vista finally supports this, Microsoft is, once more (how often do you want to point this out?) finally catching up with what has been taken for granted in every other major OS for ages.
So far, my reaction to Vista (and yes, I tried to run RC2 on my AMD64 3500+ with 1GB RAM) is that it's completely underwhelming. The only thing that is overwhelming about it are the memory requirements - it managed to use 600+ MB right from booting it up!
By the way, you also forgot to mention a few more "features", such as the fantastic customer-friendly Digital Restriction Management schemes, activation schemes that might disable your computer, etc. etc. just to name a few.
Next Generation? (Score:2)
Hell my Linksys WRT54G with modded firmware at home does application-based traffic shaping (no way I would be able to use Vonage reliably while downloading huge ISOS if it didn't).
How is this next generation?
What a surprise... (Score:3, Interesting)
Microsoft astroturf [nwsource.com] in action.
What do you mean, "next-gen"!? (Score:5, Insightful)
Why is this called "next-gen"? There is nothing "next-gen" about this. If anything, Microsoft is finally catching up with the rest of the world in this department.
Such stuff was possible with Linux (and, I'm sure, BSD) servers for years. I know for sure because I used to have such a setup (to do traffic shaping on our -then- relatively slow internet connection shared by too many people) on a Linux server, more than 5 years ago!
Please stop this silly use of marketingspeak of calling something "next-gen" when in fact the company under consideration is just finally catching up with what the rest of the world has been doing for ages.
and the crackers are dancing in the streets (Score:3, Insightful)
This is another fine reason to delay your Vista "upgrade" until at least the second service pack -- assuming you upgrade at all.
I'm taking bets on how many critical patches will be on the ip stack this year (2007).
Re: (Score:3, Insightful)
Re: (Score:2)
Seriously, I did a cursory Google search on this and didn't find anything that provides feature details. Do you have any links?
Re: (Score:2)
I'm a linux fan, don't get me wrong- but if you can save yourself a box or two, why not use the vista shaper?
Re: (Score:2)
Re:Wondershaper (Score:4, Insightful)
Are you speaking from experience on both fronts? (honest question) Is the vista shaping that difficult?
Linux is great for many things and many people, but sometimes the simpler solution works for a lot of people.
Re: (Score:2)
I do not see myself setting up such an environment as described above and asking the server to do the shaping. I would shape it on the router or the switch.
And don't forget the network as a whole. (Score:5, Insightful)
The WAN routers see the low bandwidth, higher latency serial links and such.
The servers/workstations see the high bandwidth, low latency ethernet links.
Do you really want your server(s) calculating its(their) window(s) based upon whether the request is originating across the WAN or next to it on the LAN?
This sounds like a good idea when you're talking about a single workstation, at home, connected to a cable connection or xDSL or whatever. But it sounds like soooooo many problems in the corporate environment.
Right now it is easy to find the server/workstation that is flooding the network. It's going to be very difficult when you have hundreds(thousands?) of machines that are ALL trying to maximize their bandwidth usage.
Personally, I'd prefer the ability to set the LAN parameters for the machines
Re: (Score:3, Interesting)
Re:Wondershaper (Score:5, Insightful)
Even in Windows-centric environments, many businesses do not and will not use a Windows PC to do things like traffic shaping. Firewalls, routers, etc. of any type are generally going to be dedicated-purpose devices from companies like Cisco, Juniper, CheckPoint, etc., not PCs or other general-purpose computing devices, and usually not even PCs running Linux. Why? Better performance, better security, ease of maintenance, higher reliability, the list goes on.
Re: (Score:2)
Re:Wondershaper (Score:5, Funny)
Re:Wondershaper (Score:5, Insightful)
If "easier to use" means "requires less knowledge", then Linux might not be "easier to use". But if "easier to use" means "consistently behaves the way a knowledgable person expects", then Linux is much "easier to use".
Re: (Score:2, Flamebait)
Soo? any comments? Linux zealots please display your fury ahaha.
p.s. As I said I work and develop softw
Re: (Score:3, Funny)
Re: (Score:2)
There are so many providers, and so many good, inexpensive solutions, that there is no reason to even think of MS for that kind of stuff.
Re:Wondershaper (Score:5, Informative)
You have two options:
1. The Vista box shapes traffic for itself and nothing else. This isn't terribly effective as to have a good effect you need to shape all of the traffic, giving different hosts different priority.
2. You have the Vista box as a firewall for the network. In this case it's expensive, can be broken into, and if it is, you have a major mess because all your traffic will be going through it.
An old P100 with 64MB RAM running shorewall is practically invulnerable. No ports need to be open, excepting for SSH from the internal network, or not even that. You can run it from CompactFlash and have it with no moving parts at all. It'll quietly sit there for years shoveling packets back and forth with zero problems. It doesn't accept connections, it has no open ports of public services -- it's impossible to break into barring a kernel bug in the TCP stack.
Re:Wondershaper (Score:5, Informative)
"(Granted, this QoS doesn't guarantee anything, it just marks the packet in Windows and it is up to your network infrastructure to honor those tags.) "
Vista supports Diffserv tagging based on the user/application/whatever, enforced via group policy. It's up to your network hardware to actually do the shaping.
Re:Wondershaper (Score:4, Interesting)
Re:At least it's now easier to identify Vista (Score:4, Insightful)
Re: (Score:3, Funny)
Re: (Score:2)
Re: (Score:3, Funny)
None of the new features hold any draw for me. It's good to see that there's finally something worthwhile in it--traffic shaping at the machine level is a good thing.
When you say "It's good to see that there's finally something worthwhile in it"... This isn't a feature that's just been added the day before RTM; it's been there quite a while. Might I suggest that instead of saying that "none of the features hold any draw for me" and them immediately following that up with a stantement that you weren't even aware of at least one of the new features, you take the time to actually find out about the features new to Vista [wikipedia.org], and *then* decide whether any of the features inte
Re: (Score:3, Insightful)
The Internet doesn't have that.
Note also QoS doesn't actually solve all problems. For example, if you have two network applications running, and you want one of them to have priority such that it can take bandwidth from the other when it needs it - well, you're out of luck. QoS doesn't handle that situation.
Re:There MS goes again. re-inventing the wheel... (Score:5, Insightful)
It's a big deal because now, viruses and malware can slow your network access automagically, so that it'll take weeks for you to download those security patches and antivirus signatures that you should've already downloaded. :-)
Re: (Score:2)
You are absolutely correct. Unfortunately, if you read the article, Vista doesn't provide this. All it does is allow tagging of packets with values that QoS enabled network equipment can use.
FTA: "Vista's ability to use centrally configured group-policies to push out policies to specific users or se