Architectural Model

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Overview

The Windows TCP/IP suite contains core protocol elements, services, and the interfaces between them. The Transport Driver Interface (TDI) and the Network Device Interface Specification (NDIS) are public, and their specifications are available from Microsoft.1 In addition, there are a number of higher-level interfaces available to user-mode applications. The most commonly used are Windows Sockets, remote procedure call (RPC), and NetBIOS.

Figure 1. The Windows Server 2003 TCP/IP architectural model

Note

Figure 1 does not show the IPsec components. For more information, see How IPSec Works (https://go.microsoft.com/fwlink/?linkid=67907).

Sending and Receiving IP Packets

When the source sends an IP packet, the following components analyze or change the packet in the following order:

1. Routing and Remote Access service IP packet filters

2. IPsec

When a router running Windows Server 2003 forwards an IP packet, the following components analyze or change the packet in the following order:

1. Internet Connection Sharing of the Network Connections folder or the NAT/Basic Firewall component of the Routing and Remote Access service

2. Routing and Remote Access service IP packet filters

3. IPsec

When an IP packet is received for forwarding, the following components analyze or change the packet in the following order:

1. IPsec

2. Routing and Remote Access service IP packet filters

3. Internet Connection Sharing of the Network Connections folder or the NAT/Basic Firewall component of the Routing and Remote Access service

When an IP packet is received that is destined for the local host, the following components analyze or change the packet in the following order:

1. IPsec

2. Routing and Remote Access service IP packet filters

3. Internet Connection Firewall (for Windows Server 2003 with no service packs installed), Windows Firewall (for Windows Server 2003 with Service Pack 1), or the NAT/Basic Firewall component of the Routing and Remote Access service

4. TCP/IP filters

This discussion only includes components that are provided with Windows Server 2003. This does not include any Windows Sockets layered service providers or NDIS intermediate miniport drivers.

Plug and Play

Windows Server 2003 includes support for Plug and Play. Plug and Play has the following capabilities and features:

• Automatic and dynamic recognition of installed hardware. This includes initial system installation, recognition of static hardware changes that may occur between boots, and response to run-time hardware events, such as dock or undock, and insertion or removal of cards.

• Streamlined hardware configuration in response to automatic and dynamic recognition of hardware, including dynamic hardware activation, resource arbitration, device driver loading, drive mounting, and so on.

• Support for particular buses and other hardware standards that facilitate automatic and dynamic recognition of hardware and streamlined hardware configuration, including Plug and Play ISA, PCI, PCMCIA, PC Card/CardBus, USB, and IEEE 1394. This includes promulgation of standards and advice about how hardware should behave.

• An orderly Plug and Play framework in which driver writers can operate. This includes infrastructure, such as device information (INF) interfaces, APIs, kernel-mode notifications, executive interfaces, and so on.

• Mechanisms that allow user-mode code and applications to learn of changes in the hardware environment so that they can take appropriate actions.

Plug and Play operation does not require Plug and Play hardware. To the degree possible, the first two bullets above apply to legacy hardware, as well as Plug and Play hardware. In some cases, orderly enumeration of legacy devices is not possible because the detection methods are destructive or inordinately time-consuming.

The primary impact that Plug and Play support has on protocol stacks is that network interfaces can come and go at any time. Windows Server 2003 TCP/IP and related components have been adapted to support Plug and Play.