Essentials
Home
- Supports client/server applications by defining a specific exchange information method for processes running on different machines.
- Provides a method for client computers to request services from a server.
- Permits servers to reply to requests for services.
- Facilitates distributed processing.
Windows NT Network Architecture
NT is designed for networking and includes all necessary elements to interact with a network. NT Architecture provides a foundation for conventional and distributed computing.
By design, NT consists of a modular collection of individual components. Services are delivered through components. Components are separated by well defined interfaces.
Microsoft calls these interfaces boundary layers.
Boundary layers separate components and specify communication methods. This is done in either of two ways.
-
A boundary may represent a collection of configuration settings that combine to define a network service. (As
seen in the network control panel applet.)
A boundary layer may also consist of an Application Programming Interface (API) designed to permit specific networking components to exchange information within NT (IPC and RPC).
Modular architecture ensures that NT can accommodate new technologies and standards. Specifically, new functionality can be implemented by adding new components as needed.
In design, NT's architectural model is analgous to the ISO/OSI model i.e. both can be seen as a collection of layers and boundaries. Each layer provides a particular service. Layers are separated by well defined boundaries.
While the ISO model was created in 1978, NT is more recent. Also, the ISO/OSI created a conceptual model to serve as a blueprint for network standardization. Microsoft created a specific implementation (that can be mapped to the ISO model). Lets look at the NT Network model.
The Windows NT Network Model
I/O Manager Component Architecture
| Type | Name | Example |
| Boundary | Programming Interfaces (APIs) | Net BIOS, WinSock, NetDDE, RPC |
| Component | File System Drivers (redirector(s), server) | Named Pipes, Mailslots |
| Boundary | Transport Driver Interface | TDI |
| Component | Transport Protocol | NetBEUI, SPX, TCP,UDP |
| Boundary | Network Driver Interface Specification (NDIS 4.0) | Operates at MAC sublayer |
| Component | Adapter Driver | Driver is the LLC sublayer |
Programming Interfaces Programming Interfaces give application programs an interface with the operating system. They provide a standardized method for applications to interact with system services (File System Drivers or Redirectors) or with the Transport Driver Interface (TDI).
Standard APIs include: NetBIOS, WinSock, NetDDE, and RPC.
File System Drivers
In NT, file system access across the network is exactly the same as local access. While the file system drivers look like drivers to application programs, they function as redirectors.
NT components that function as file system drivers are: named pipes, mailslots, Workstation and Server services. Microsoft originally developed Named Pipes and Mailslots for OS/2LAN Manager. Named pipes allows programs on different computers to establish a reliable 2-way communication link. Mailslots give programs an unreliable connectionless broadcast facility.
TDI
Shields redirectors from details concerning the transport protocol. Effectively makes NT services independent of any particular transport protocol. Allows NT to deliver NetBIOS based services across any, or all, of its 3 protocols(NetBIOS, TCP/IP, NWLink).
Transport Protocols
Perform services such as packet ordering, guaranteed delivery, connection maintenance, and data routing between networks. In this model, (i.e. NT I/O Manager Microsoft Component Architecture Model)transport protocols map to the transport and network levels of the OSI model.
NDIS
Developed by Microsoft and 3com(1989), NDIS permits device independent communications with the network interface card. It also, permits multiple transport protocols to be bound to the NIC.
Function at the MAC sublayer of the OSI Data Link layer.
Default Network Components
With the exception of name services, the default NT installation supplies a collection of components that should meet most users' networking requirements.
Default Components
| Name | Function |
| NetBIOS Interface | Until the 1990s, the most widely used PC API. |
| TCP/IP | Preeminent NT network protocol. |
| Workstation Service | Provides basic network client capabilities for NT for both Server and Workstation. |
| Server Service | Embraces advanced capabilities that NT can offer to clients across a network |
| Computer Browser | Creates and distributes, across the network, an available NetBIOS based resource listing. |
| NIC Driver | Link between NT network services and a computer's network interface |
| RPC configuration | Remote Procedure Call
A standard API, originally developed by SUN, that permits many applications to exchange data across a network. |
Network Protocols
Network transport protocols provide
complete seamless communication channels between computers. NT supports
three core transport protocols: NetBIOS/NetBEUI, NWLink, and TCP/IP. Each
has specific qualities. Consequently, each is most suitable for a particular environment.
NetBEUI
- Best on small networks (Designed for networks between 2 and 200 machines)
Fastest with the lowest memory overhead
Easy to install and configure
Self tuning requires no maintenance
A busy protocol that creates traffic
Not Routable
NWLink
- Best for medium sized networks
Auto detects Ethernet frame type (When multiple frame types are present, it defaults to 802.2.)
Supports client server applications directly (For client/server applications allows NT to function as a client or server in an Novell IPX environment)
Easy to set up and maintain
Routable
Does not support SNMP
Due to lack of centralized management facility, can't scale well
TCP/IP
- Best for very large networks.
Collection of over 100 components including SNMP, DHCP, WINS and DNS.
Superior cross platform support
Internet Protocol
Slowest of the core protocols
Difficult to setup and configure
Data Link Control (DLC)
-
Supports IBM SNA mainframes and network attached HP printers
Interprocess Communications (IPC)
As the client server paradigm becomes more common, standards based distributed processing platforms become more important. An NT platform can divide applications into components; a front-end component that runs on a client, and a back-end component that runs on a server.
NT platforms use interprocess communication (IPC) mechanisms to create client/server connections that support distributed processing. IPC:
-
File systems
Programming Interfaces
Normally, this dialog is not related strictly to data streams or data files.
Where programming interfaces are concerned, individual APIs differ depending on what kinds of client server dialog they support; but where file systems are concerned, they must behave the same way, no matter how they employ Windows NT networked file systems and services.
File Systems support file sharing between clients and servers.
File Systems
Work through the redirector, which
distinguishes between local and network resource requests. Permits one
file I/O command set to handle both local and network access to file system
data.
Two NT file system IPC mechanisms
- Named pipes
Mailslots
Named Pipes
Provides connection oriented message passing between clients and servers.
- Receiver acknowledges messagereceipt.
Provide their own methods to ensure reliable data transfer, which makes them a good match for lightweight, unreliable transport protocols like User Datagram Protocol (UDP).
NT's version of named pipes includes a security feature called impersonation. When a client requests a service from a server, the named pipes mechanism on the server impersonates the client's security identifier to ensure that the client has the required permissions before returning data.
Mailslots File System
- Connectionless.
Does not support acknowledgement of receipt from the receiver.
Used as an internal method to support nonessential system to system communications.
Used less frequently than Named Pipes.
Programming Interfaces
- In order to communicate, the client side programming interface of a client/server application must match that of the server side.
Programmers normally choose the interface with which they are most familiar.
Interfaces supported by NT include: NetBIOS, Windows Sockets, RPC, and NetDDE.
NetBIOS
Widely used, simple, PC client/server IPC mechanism. NetBIOS services are required to permit a Windows network
to operate.
Works over all TDI compliant transports:
- NetBEUI (NBF)
NetBIOS over NWLink
NetBIOS over TCP/IP (NetBT)
Windows Sockets
Provides a standard Windows interface
to transports such as TCP/IP and IPX.
Appear in many programs that originated
as UNIX programs, including the majority of Internet Utilities.
- Written primarily to help port application
written for Berkley UNIX sockets.
Remote Procedure Calls
mplements IPC tools that can invoke
separate programs on remote computers, supplies them with input, and collects
whatever results they produce when they've finished execution.
- Permits a single processing task to
be distributed among multiple computers.
Indifferent to where client and server components reside. This permits applications to be developed on a single machine and then moved to separate machines.
Four major RPC components:
| Component | Function |
| Remote procedure stub | Acts as front end to a remote process. Packages the RPC request for transmission. |
| RPC runtime | Passes data and parameters between the local and remote computers. (or local and remote) |
| Application stub | Accepts RPC requests from the RPC runtime, formats the RPC request for the executing computer, and makes the appropriate call. (local or remote) |
| Remote procedure | Actual called procedure. |
Network Dynamic Data Exchange (NetDDE)
Creates ongoing data streams called exchange pipes, or more simply pipes,
between two Windows applications across a network.
- Designed to facilitate data sharing, Object Linking and Embedding (OLE), and dynamic updates between linked applications.
Redirectors
A redirector examines all requests for system resources and decides whether such requests are local or remote. If remote, the redirector handles transmission of such remote requests across the network.
Redirectors include:
- Workstation Service
Server Service
Multiple Universal Naming Convention Provider (MUP)
Multi-Provider Router (MPR)
Workstation Service
Allows computers to access network resources
Facilitates functions such as logging in, connecting to shared directories and printers, and different interprocess communications.
Consists of two components:
- User mode interface determines which file system User requests references
Redirector translates file and print requests and passes them on to lower level components
Server Service
Manages the creation and security of shared resources, such as directories and printers and performs security checks against requests for resources.
Allows an NT computer to act as a server on a client/server network, up to the maximum number of licensed clients.
- Similar to Workstation service in that it is implemented as a file system driver and uses other file system drivers to satisfy I/O requests.
Configurable for different situations.
Choices include:
- Minimize Memory Used
Balance
Maximize Throughput for File Sharing
Maximize Throughput for Network Applications
- Server.exe Manages connection requests from clients
Srv.sys File system that interacts with the network
Supports multiple redirectors that can be active simultaneously.
- Allows applications to remain oblivious
to the number or type of redirectors that may be in use.
The single unified interface to all network resources.
Provides a link between applications that make Universal Naming Convention Requests (UNC) and the different redirectors in the system.
UNC names
UNC names consist of two backslashes
followed by the server name, the shared resource name, the directory path,
and the requested file name, all separated by backslashes.
\\comuter\share\dir-path\filename.ext
Multi-Provider Router
Not all programs use UNC names, for programs that use the older Win 32 API, the Multi-provider Router determines which redirector should handle the request.
Changing Network Settings
Requires Administrator privileges.
- Generally done through the network
control panel.
Five (tabs) areas:
- Identification -- Computer and Workgroup/Domain
Name
Services -- Active network services
Protocols -- Currently installed protocols
Adapters -- Currently installed adapters
Bindings -- Current binding order
Binding is the process of linking NT software components together to control how they communicate.
Linkages among components and the order in which multiple components link to a single boundary layer, affect how NT Workstation systems behave, and how well they perform. Changing the binding order on clients is what matters. Servers only respond to client requests.
NT performs connections according to the order in which protocols are bound. Whichever protocol appears higher in the services binding list will be bound first. Consequently, more frequently used protocols should be higher in the list.
You can increase the performance of the system and decrease the possibility of error if you disable any protocol bindings that you will not use.
TCP/IP
Each network operating system has a native protocol. NetBIOS/NetBEUI are NT's native protocol. Historically, IPX/SPX has been the native protocol for Netware. And TCP/IP is the native protocol for UNIX.
It is also the Internet's protocol suite. As such, it is the planet's most widely used protocol.
Designed to link networks rather than computers. Allows each network to be managed separately.
Based on a four layer model.
- Application
Transport
Internet
Network Interface
- Under NT, the interface that the Network
interface layer presents to TCP/IP is the Network Device Interface Standard
3 (NDIS3)
NDIS is a Microsoft sponsored open standard for network device drivers.
IP provides a connectionless best effort data delivery service for the data sent within and between networks. Specifically it provides addressing and routing in the TCP/IP environment.
The TCP/IP Internet Layer corresponds to the OSI network layer.
- Responsible for routing between different networks.
Its primary protocol is IP which can be supported by ICMP, ARP, RARP, and DHCP.
Internet Control Message Protocol (ICMP) uses IP to control the flow of data over networks and to report error and congestion conditions on the network links.
Ping Tests connectivity between computers. Uses ICMP
Determines a destination computer's physical hardware address when the source computer has the destination computer's IP address.
Reverse Address Resolution Protocol (RARP)a mechanism whereby a computer that does not yet have an IP address can obtain one. (Not used in Microsoft's implementation because DHCP provides the same functionality)
Dynamic Host Configuration Protocol (DHCP)newer protocol for obtaining an IP address as well as other TCP/IP information on an IP network. Dynamic assignments on a lease basis. Only available with server but can also be used from workstation.
Transport Layer
Provides end to end data delivery services for the TCP/IP Application layer above it. Services include:
- Network redirector
Server Services
Workstation Services
- User Datagram Protocol (UDP)
Used when an application is sending many small units of data and speed
is more important than guaranteed delivery. The application is responsible
for making sure datagrams are delivered.
Transmission Control Protocol (TCP) A connection oriented Transport layer protocol that ensures that the data arrives and arrives in the correct order.
The TDI interface is a NT, not a TCP/IP, standard.
Above the Transport level lies the OSI Application levels The Internet Layer
Application Layer
The TCP/IP Application Layer contains the following Utilities. Many of these are included in the Microsoft TCP/IP suite.
Telenet Provides character mode interactive session
Rlogin Similar to telnet
Rsh Remote command execution
File Transfer Protocol (FTP)
File transfer utility
Trivial File Transfer Protocol (TFTP)
UNIX download utility
Simple Mail Transfer Protocol
(SMTP) used to send and receive Internet mail
Domain Name Service (DNS) translates
DNS names to IP addresses
Simple Network Management Protocol
(SNMP) The most widely used protocol for monitoring network devices
For specific functionality, Microsoft includes certain utilities that are not strictly part of TCP/IP. These
utilities include:
Windows Internet Name Service (WINS)
performs for a Windows LAN the same services that DNS performs for large
TCP/IP internetworks. NT Server 4 integrates WINS and DNS
Server responds to redirected
file requests from other computers on the Internet.
Reduces broadcast traffic.
Workstation or Network Redirector
Forwards file and print requests to the server over the network.
Programming APIs provide an
interface to network services other that a file system interface
IP addresses consist of 4 octets.
It contains both logical networkID
and hostID.
- Class A, First octet begins with a 0
Class B, First octet begins with a 10
Class C, First octet begins with a 110
The subnet mask is used to separate the two pieces of information.
The Default Gateway is used to specify the IP address of the router that attaches to a different network.
CIDR Classless Interdomain Routing is now used. Subnetting is also used.
NetWare Connectivity
NT workstations can connect to NetWare servers either of two ways.
When using a client side solution, the multiprovider router (MPR) shields the difference between NetWare servers and NT servers from the NT workstation.
In the same network, NT servers can function with and complement NetWare servers.
- NT 4 supports NetWare logon scripts.
NT servers can provide gateway services to NetWare file servers.
- Has a negative impact on server performance.
Making NetWare file services visible to NT clients requires NWLink and Client Services for NetWare (CSNW).
NWLink supports Windows Sockets and NetBIOS programming Interfaces.
- NWLink is easier to setup than TCP/IP.
Faster than TCP/IP.
- 802.2 is the standard.
802.3 is compatible with early versions of NetWare.
CSNW implements an NT compatible file system redirector for NetWare servers.
- The redirector implements NetWare
Core Protocols (NCP).
NCP is analogous to SMB.
Provides access to NetWare file and print servers.
NDS allows resources and account databases to be shared among a number of servers and managed from a central location, very much the way NT domains allow the same facility.
If you want an NT workstation to see the NDS tree, you must disable bindery emulation on the NetWare file server.
CSNW requires NWLink.
You will need to supply a NetWare account and password the first time you attach to a NetWare server. NT will remember your NetWare account name and password from that point on and will automatically log you on to NetWare resources when you log on to your Windows NT workstation.
Redirectors are searched in the order they are shown in the Services Setting tab of the Network control panel.
All CSNW settings are controlled through the Control Panel.
You can set
- Preferred server (NetWare 3.1x servers)
Default tree and context
Print options
Login script options
Workgroups, Domains, and Network Browsing Workgroups is Microsoft's name for peer to peer networks. The other networking model is server based. Both models have advantages and disadvantages.
NT LANs that are small and that do not need centralized network control or centralized data storage can be organized into workgroups.
In a server based network, a central computer stores network files, enforces network security, and maintains network data such as user account information and trust relationships between computers.
The primary domain controller maintains a database that contains the user and group account information and the account and security policies.
The backup domain controller can authenticate and log on domain users, and in the event that the network does not have a primary domain controller, it can be promoted to PDC.
A member server does not have a domain wide security data base.
Joining your workstation to the domain requires making changes in two places on the network: the primary domain controller must create an account for the workstation, and the workstation must be configured to join a domain and told which domain to join.
You must have a domain user account before you can log on to the domain.
Network Browsers
The Network browser maintains the list of currently available network resources for a workgroup or domain. Each computer periodically announces its availability to the network master browser.
Network browsers reduce the amount of traffic on the network by storing a list of network resources in a central location.