1

WNT Low Level Network Interfaces Tutorial

NT015

Copyright, 1997 ©Mentec Inc

Paul FixMentec Inc.

2

Agenda

• Windows Sockets

• TDI Transport driver Interface

• Tools

3

Windows Sockets

• Socket API originally developed at UC Berkeley BSD Sockets

• Basic design structured like Unix file I/O– Under the Unix environment the standard file

I/O read and write used for sockets.

• Windows Sockets based on BSD Sockets 4.3 Winsock 2.0 latest version

4

Winsock Features

• Reliable connection oriented stream support

• Unreliable connectionless datagram support

• asynchronous / Non-blocking features

• Multiple protocol support

• SPI interface in 2.0 for third party interfaces

• QOS in 2.0

5

Winsock Features

• Protocol support– INET

– TCP Steam Reliable connection oriented– UDP Connectionless Datagram Transfer

– IPX– IPX Connectionless unreliable datagram– SPX Stream or message mode reliable connection oriented

– AppleTalk ADSP,PAP,DDP– Decnet Pathworks for Windows NT

6

socket

sock = socket( AF_INET, SOCK_STREAM, 0);

if (sock == INVALID_SOCKET)

MessageBox(hWnd, "socket()failed","Error",MB_OK);

7

Socket families,type, protocol

Family Type Protocol

AF_INET SOCK_DGRAM UDPAF_INET SOCK_STREAM TCPAF_IPX SOCK_DGRAM IPXAF_IPX SOCK_STREAM SPXAF_IPX SOCK_SEQPACKET IPX….OTHERS

8

Socket Interface overview

• Connections– socket, bind, listen() accept() Connect()

closesocket()

• Data Transfer– recv, send , sendto, recvfrom ...

• Socket control and information– ioctlsocket, setsockopt, getsockopt– select

9

Basic API Call example

• Server application– socket

– bind

– listen

– accept

– recv

• Client Application– socket

– bind

– connect

– send

10

Socket Datagram example

• SERVER– socket()

– bind()

– recvfrom

– sendto

• CLIENT– socket()

– bind()

– sendto()

– recvfrom

11

Socket Architecture

TDI Clients

Socketapplication

NetBIOSapplication

SocketInterface

NetBIOSInterface

Redirectors,Servers ,...

SocketEumulator

NetBIOSEmulator

other

TDI Interface

NetBT NBF Appletalk TCP/IP NWlink TransportProviders

NDIS NIC Driver

Ndis clients TDIproviders

12

Specific features

• WinSock is more flexible than RPC

• socket handle are native Windows NT file handle that is overlapped by default

• ReadFile, WriteFile DuplicateHandle – asynchronous read writes over the socket and

share sockets between threads and processes

13

High Performance tips

• Write Windows NT services– Read Writing Great Windows NT server

applications.– Tips

– Select() is not suitable for High Performance Inbound server applications

– Use Asynchronous I/O and completion Port notification

– Use NT design not just port of UNIX design

– Consider Native threads

» Tips from Mark Lucovsky Microsoft

14

DEMO

15

Winsock Summary

• Network API of choice for most low level network applications

• Industry Standard on Unix systems

• easy migration for BSD socket network applications.

• New enhanced features such as QOS in 2.0

16

TDI Transport Driver Interface

• Primarily Microsoft Internal use Not industry standard

• Most flexible and complex

• kernel mode driver

• Documentation in DDK

17

Why consider TDI

• writing a new transport driver

• Last resort for a network API because no other API will do what I want to do.

• Low level network filter etc.

• access to raw packets from NDIS driver• be careful not to chose TDI without investigating

other options like ISAPI filters for IIS for example.

18

Windows NT TDI clients

• Socket emulator

• NetBIOS emulator

• Redirectors

• Servers

19

TDI Interface

• kernel-mode network interface that is exposed at the upper edge of all Windows NT transport protocol stacks.

• TDI interface for still higher level kernel-mode network clients

– Standard kernel-mode intermediate driver Dispatch routines for IRP requests via IoCallDriver etc.)

– Tdixxx Functions

– TdiBuildxxx Macro’s and functions

– Set of structures, IOCTLS,Parameters,callback routines and rules

20

TDI Features

• Support for all Windows NT transports excluding the DLC protocol

• An open naming and addressing scheme

• Message and stream mode data transfer

• Asynchronous operation

• Support for unsolicited indication of events

• Extensibility so clients can submit private requests to a transport driver

21

How TDI fits in

TDI Clients

Socketapplication

NetBIOSapplication

SocketInterface

NetBIOSInterface

Redirectors,Servers ,...

SocketEumulator

NetBIOSEmulator

other

TDI Interface

NetBT NBF Appletalk TCP/IP NWlink TransportProviders

NDIS NIC Driver

Ndis clients TDIproviders

22

TDI Objects

• TDI uses file Objects for network Entities– Transport Address– Connection Endpoints– Control Channels

23

TDI Address object

• Identifies specific Process and Node for routable protocols can contain the network on which the node resides. Can also be a group address

• Common TDI Address types:– TDI_ADDRESS_NETBIOS– TDI_ADDRESS_IP– TDI_ADDRESS_IPX

24

TDI Connection Endpoint

• Uniquely identifies each connection between two TDI address identified processes

• The handle created associated with the connection is what is used to exchange data with remote process

25

TDI Control Channel Object

• Used for network Management – Statistics– Configuration Information– Adapter Status (netbios)

26

NDIS on the lower edge

Ndis Wrapper (ndis.sys)

Transport Driver

NIC Driver

Filter Library

TDI Interface

Long card

27

NDIS Filter Library

• TDI packet driver uses to specify address or address types for packets that it is interested in receiving.

• Incoming packets will be routed to one or several TDI protocol drivers based on packets destination address

• NIC driver passes packet by calling a single NDIS function

• NDIS does the work of routing packet to all TDI protocol drivers

28

Special Filter libraries

• Ethernet filter library (efilter.h)

• Token Ring filter library (tfilter.h)

• FDDI filter library (ffilter.h)

29

TDI driver calls to NDIS

– NdisOpenAdapter- open specific nic card binding

– NdisRegisterProtocol- returns handle that the transport driver uses

– NdisSend - Tell Nic driver to send packet– NdisTransferData- Ask NIC driver to to copy

received data – NdisDeregisterProtocol

30

TDI Interface Components– TDI IOCTLS InternalDeviceControl for

Kernel-Mode clients– TDI_QUERY_INFORMATION

– TDI_SEND

– TDI_SEND_DATAGRAM

– TDI functions -– TdiCopyMdlToBuffer

– TDI Build Macro’s– TdiBuildInternalDeviceControlIrp

31

Documentation roadmap to TDI with 4.0

• DDK Documentation online– Programmers Guide– Kernel-Mode Drivers Design Guide– Network Drivers Design Guide– Network Drivers Reference

• DDK examples

32

TDI trace

• Resource Kit

• NCPA install network protocol

• Command Prompt netshow

33

TDISHOW output example

• 1. Summary

• 2. Details (excluding HEX data)

• 3. Details (including HEX data)

• Select Option [1] => 2

• 00000000^ 0f 0c - 00000000 81308ae8 8067f230 TDI_QUERY_INFORMATION

• BytesReturned = 38

• 00000001> 0f 09 - 00000000 81fcaac8 8067f230 TDI_SEND_DATAGRAM

• SendLength = 80 MdlAddress = 80bcb008

• AddressType = 17 NetbiosNameType = 1 Name = <??__MSBROWSE__?[1]>

34

TDI Summary

• The ultimate low level power network programming interface.

• Maximum control and performance

• To be avoided unless required because of development time and complexity

35

demo

36

Programming tools

• Network Monitor

• TDI trace

• SMBtrace

• Performance Monitor

• Call Attributed Profiler

• Win32 API Profiler

• Win32 API Logger

• File I/O and Synchronization Profiler

• Pmon

• Working Set Tuner

• Virtual Address Dump

• The Windows NT symbolic debugger's wt command

37

ISAPI Filters

• The filter is between the network connection to the clients and the server and is the right method for reading raw data from the client not a TDI driver for example.

38

Windows Sockets 2.0

• Specification can be found on MSDN Library – QOS– SPI– Overlapped I/O with Scatter gather– Protocol-Independent Name Resolution– Protocol-independent Multicast

39

NT 5.0 beta 1

• If you are on Beta program Beta 1 release notes have details on following enhanced features of NT – Sockets Winsock 2.0 Improvements– RPC – CDO– TAPI 3.0– SNMP

40

Summary

• Review all upper level API's before deciding on a TDI level approach for your network application.

• Review third party options before creating custom extensions.

• Total flexibility and extensibility

• most complex network interface