Download - 1 WNT Low Level Network Interfaces Tutorial NT015 Copyright, 1997 ©Mentec Inc Paul Fix Mentec Inc
1
WNT Low Level Network Interfaces Tutorial
NT015
Copyright, 1997 ©Mentec Inc
Paul FixMentec Inc.
2
Agenda
• Windows Sockets
• TDI Transport driver Interface
• Tools
3
Windows Sockets
• Socket API originally developed at UC Berkeley BSD Sockets
• Basic design structured like Unix file I/O– Under the Unix environment the standard file
I/O read and write used for sockets.
• Windows Sockets based on BSD Sockets 4.3 Winsock 2.0 latest version
4
Winsock Features
• Reliable connection oriented stream support
• Unreliable connectionless datagram support
• asynchronous / Non-blocking features
• Multiple protocol support
• SPI interface in 2.0 for third party interfaces
• QOS in 2.0
5
Winsock Features
• Protocol support– INET
– TCP Steam Reliable connection oriented– UDP Connectionless Datagram Transfer
– IPX– IPX Connectionless unreliable datagram– SPX Stream or message mode reliable connection oriented
– AppleTalk ADSP,PAP,DDP– Decnet Pathworks for Windows NT
6
socket
sock = socket( AF_INET, SOCK_STREAM, 0);
if (sock == INVALID_SOCKET)
MessageBox(hWnd, "socket()failed","Error",MB_OK);
7
Socket families,type, protocol
Family Type Protocol
AF_INET SOCK_DGRAM UDPAF_INET SOCK_STREAM TCPAF_IPX SOCK_DGRAM IPXAF_IPX SOCK_STREAM SPXAF_IPX SOCK_SEQPACKET IPX….OTHERS
8
Socket Interface overview
• Connections– socket, bind, listen() accept() Connect()
closesocket()
• Data Transfer– recv, send , sendto, recvfrom ...
• Socket control and information– ioctlsocket, setsockopt, getsockopt– select
9
Basic API Call example
• Server application– socket
– bind
– listen
– accept
– recv
• Client Application– socket
– bind
– connect
– send
10
Socket Datagram example
• SERVER– socket()
– bind()
– recvfrom
– sendto
• CLIENT– socket()
– bind()
– sendto()
– recvfrom
11
Socket Architecture
TDI Clients
Socketapplication
NetBIOSapplication
SocketInterface
NetBIOSInterface
Redirectors,Servers ,...
SocketEumulator
NetBIOSEmulator
other
TDI Interface
NetBT NBF Appletalk TCP/IP NWlink TransportProviders
NDIS NIC Driver
Ndis clients TDIproviders
12
Specific features
• WinSock is more flexible than RPC
• socket handle are native Windows NT file handle that is overlapped by default
• ReadFile, WriteFile DuplicateHandle – asynchronous read writes over the socket and
share sockets between threads and processes
13
High Performance tips
• Write Windows NT services– Read Writing Great Windows NT server
applications.– Tips
– Select() is not suitable for High Performance Inbound server applications
– Use Asynchronous I/O and completion Port notification
– Use NT design not just port of UNIX design
– Consider Native threads
» Tips from Mark Lucovsky Microsoft
14
DEMO
15
Winsock Summary
• Network API of choice for most low level network applications
• Industry Standard on Unix systems
• easy migration for BSD socket network applications.
• New enhanced features such as QOS in 2.0
16
TDI Transport Driver Interface
• Primarily Microsoft Internal use Not industry standard
• Most flexible and complex
• kernel mode driver
• Documentation in DDK
17
Why consider TDI
• writing a new transport driver
• Last resort for a network API because no other API will do what I want to do.
• Low level network filter etc.
• access to raw packets from NDIS driver• be careful not to chose TDI without investigating
other options like ISAPI filters for IIS for example.
18
Windows NT TDI clients
• Socket emulator
• NetBIOS emulator
• Redirectors
• Servers
19
TDI Interface
• kernel-mode network interface that is exposed at the upper edge of all Windows NT transport protocol stacks.
• TDI interface for still higher level kernel-mode network clients
– Standard kernel-mode intermediate driver Dispatch routines for IRP requests via IoCallDriver etc.)
– Tdixxx Functions
– TdiBuildxxx Macro’s and functions
– Set of structures, IOCTLS,Parameters,callback routines and rules
20
TDI Features
• Support for all Windows NT transports excluding the DLC protocol
• An open naming and addressing scheme
• Message and stream mode data transfer
• Asynchronous operation
• Support for unsolicited indication of events
• Extensibility so clients can submit private requests to a transport driver
21
How TDI fits in
TDI Clients
Socketapplication
NetBIOSapplication
SocketInterface
NetBIOSInterface
Redirectors,Servers ,...
SocketEumulator
NetBIOSEmulator
other
TDI Interface
NetBT NBF Appletalk TCP/IP NWlink TransportProviders
NDIS NIC Driver
Ndis clients TDIproviders
22
TDI Objects
• TDI uses file Objects for network Entities– Transport Address– Connection Endpoints– Control Channels
23
TDI Address object
• Identifies specific Process and Node for routable protocols can contain the network on which the node resides. Can also be a group address
• Common TDI Address types:– TDI_ADDRESS_NETBIOS– TDI_ADDRESS_IP– TDI_ADDRESS_IPX
24
TDI Connection Endpoint
• Uniquely identifies each connection between two TDI address identified processes
• The handle created associated with the connection is what is used to exchange data with remote process
25
TDI Control Channel Object
• Used for network Management – Statistics– Configuration Information– Adapter Status (netbios)
26
NDIS on the lower edge
Ndis Wrapper (ndis.sys)
Transport Driver
NIC Driver
Filter Library
TDI Interface
Long card
27
NDIS Filter Library
• TDI packet driver uses to specify address or address types for packets that it is interested in receiving.
• Incoming packets will be routed to one or several TDI protocol drivers based on packets destination address
• NIC driver passes packet by calling a single NDIS function
• NDIS does the work of routing packet to all TDI protocol drivers
28
Special Filter libraries
• Ethernet filter library (efilter.h)
• Token Ring filter library (tfilter.h)
• FDDI filter library (ffilter.h)
29
TDI driver calls to NDIS
– NdisOpenAdapter- open specific nic card binding
– NdisRegisterProtocol- returns handle that the transport driver uses
– NdisSend - Tell Nic driver to send packet– NdisTransferData- Ask NIC driver to to copy
received data – NdisDeregisterProtocol
30
TDI Interface Components– TDI IOCTLS InternalDeviceControl for
Kernel-Mode clients– TDI_QUERY_INFORMATION
– TDI_SEND
– TDI_SEND_DATAGRAM
– TDI functions -– TdiCopyMdlToBuffer
– TDI Build Macro’s– TdiBuildInternalDeviceControlIrp
31
Documentation roadmap to TDI with 4.0
• DDK Documentation online– Programmers Guide– Kernel-Mode Drivers Design Guide– Network Drivers Design Guide– Network Drivers Reference
• DDK examples
32
TDI trace
• Resource Kit
• NCPA install network protocol
• Command Prompt netshow
33
TDISHOW output example
• 1. Summary
• 2. Details (excluding HEX data)
• 3. Details (including HEX data)
• Select Option [1] => 2
• 00000000^ 0f 0c - 00000000 81308ae8 8067f230 TDI_QUERY_INFORMATION
• BytesReturned = 38
• 00000001> 0f 09 - 00000000 81fcaac8 8067f230 TDI_SEND_DATAGRAM
• SendLength = 80 MdlAddress = 80bcb008
• AddressType = 17 NetbiosNameType = 1 Name = <??__MSBROWSE__?[1]>
34
TDI Summary
• The ultimate low level power network programming interface.
• Maximum control and performance
• To be avoided unless required because of development time and complexity
35
demo
36
Programming tools
• Network Monitor
• TDI trace
• SMBtrace
• Performance Monitor
• Call Attributed Profiler
• Win32 API Profiler
• Win32 API Logger
• File I/O and Synchronization Profiler
• Pmon
• Working Set Tuner
• Virtual Address Dump
• The Windows NT symbolic debugger's wt command
37
ISAPI Filters
• The filter is between the network connection to the clients and the server and is the right method for reading raw data from the client not a TDI driver for example.
38
Windows Sockets 2.0
• Specification can be found on MSDN Library – QOS– SPI– Overlapped I/O with Scatter gather– Protocol-Independent Name Resolution– Protocol-independent Multicast
39
NT 5.0 beta 1
• If you are on Beta program Beta 1 release notes have details on following enhanced features of NT – Sockets Winsock 2.0 Improvements– RPC – CDO– TAPI 3.0– SNMP
40
Summary
• Review all upper level API's before deciding on a TDI level approach for your network application.
• Review third party options before creating custom extensions.
• Total flexibility and extensibility
• most complex network interface