Introduction (Microsoft Windows Server 2003 TCP/IP Implementation Details)

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Microsoft has adopted TCP/IP as the strategic enterprise network transport for its platforms. In the early 1990s, Microsoft started an ambitious project to create a TCP/IP stack and services that would greatly improve the scalability of Microsoft networking. With the release of the Microsoft Windows NT 3.5 operating system, Microsoft introduced a completely rewritten TCP/IP stack. This new stack was designed to incorporate many of the advances in performance and ease of administration that were developed over the past decade. The stack was a high-performance implementation of the industry-standard TCP/IP protocol. It has evolved with each version of Windows based on the Windows NT code base to include new features and services that enhance performance, security, and reliability.

The goals in designing the TCP/IP stack were to make it:

• Standards-compliant and interoperable

• Portable

• Scalable and fast

• Versatile

• Self-tuning and easy to administer

In this article, the Windows Server 2003 TCP/IP protocol suite is examined from the bottom up. Throughout the article, network traces are used to illustrate key concepts. These traces were gathered and formatted using Microsoft Network Monitor 2.0, a software-based protocol tracing and analysis tool included in the Microsoft Systems Management Server product. Windows 2000 Server and Windows Server 2003 include a limited functionality version of Network Monitor. The primary difference between this version and the Systems Management Server version is that the limited version can only capture frames that would normally be seen by the computer that it is installed on, rather than all frames that pass over the network (which requires the network interface card to be in promiscuous mode). It also does not support connecting to remote Network Monitor Agents.