Windows Server 2012 R2 Inside Out: Networking with TCP/IP

  • 5/7/2014

Using TCP/IP

The TCP and IP protocols make it possible for computers to communicate across various networks and the Internet using network adapters, including network-interface cards, USB-attachable network adapters, PC Card network adapters, or built-in adapters on the motherboard. Since the introduction of Windows Vista and Windows Server 2008, Windows has had a dual IP layer architecture in which both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) are implemented and share common Transport and Frame layers.

IPv4 and IPv6 are used in very different ways. IPv4 has 32-bit addresses and is the primary version of IP used on most networks, including the Internet. IPv6 has 128-bit addresses and is the next-generation version of IP.

When networking hardware is detected during installation of the operating system, both IPv4 and IPv6 are enabled by default in Windows Vista and later and you don’t need to install a separate component to enable support for IPv6. The modified IP architecture is referred to as the Next Generation TCP/IP stack. Table 2-1 summarizes the key TCP/IP enhancements implemented in the Next Generation TCP/IP stack. Table 2-2 summarizes the key TCP/IP enhancements that are specific to IPv6.

Table 2-1 Key TCP/IP enhancements in the Next Generation TCP/IP stack

Feature Supported


Automatic Black Hole Router Detection

Prevents TCP connections from terminating due to intermediate routers silently discarding large TCP segments, retransmissions, or error messages.

Automatic Dead Gateway Retry

Ensures that an unreachable gateway is checked periodically to determine whether it has become available.

Compound TCP

Optimizes TCP transfers for the sending host by increasing the amount of data sent in a connection while ensuring that other TCP connections are not affected.

Extended Selective Acknowledgments

Extends the way Selective Acknowledgments (SACKs) are used, enabling a receiver to indicate up to four noncontiguous blocks of received data and to acknowledge duplicate packets. This helps the receiver determine when it has retransmitted a segment unnecessarily and adjust its behavior to prevent future retransmissions.

Modified Fast Recovery Algorithm

Provides faster throughput by altering the way that a sender can increase the sending rate if multiple segments in a window of data are lost and the sender receives an acknowledgment stating that only part of the data has been received.

Neighbor Unreachability Detection for IPv4

Determines when neighboring nodes and routers are no longer reachable and reports the condition.

Network Diagnostics Framework

Provides an extensible framework that helps users recover from and troubleshoot problems with network connections.

Receive Window Auto Tuning

Optimizes TCP transfers for the host receiving data by automatically managing the size of the memory buffer (the receive windows) to use for storing incoming data based on the current network conditions.

Routing Compartments

Prevents unwanted forwarding of traffic between interfaces by associating an interface or a set of interfaces with a login session that has its own routing tables.

SACK-Based Loss Recovery

Makes it possible to use SACK information to perform loss recovery when duplicate acknowledgments have been received and to more quickly recover when multiple segments are not received at the destination.

Spurious Retransmission Timeout Detection

Provides correction for sudden, temporary increases in retransmission timeouts and prevents unnecessary retransmission of segments.

TCP Extended Statistics

Helps determine whether a performance bottleneck for a connection is the sending application, the receiving application, or the network.

Windows Filtering Platform

Provides application programming interfaces (APIs) for extending the TCP/IP filtering architecture so that it can support additional features.

Table 2-2 Key TCP/IP enhancements for IPv6

Feature Supported


DHCPv6-Capable DHCP client

Extends the Dynamic Host Configuration Protocol (DHCP) client to support IPv6 and allows stateful address autoconfiguration with a DHCPv6 server.

IP Security

Allows use of Internet Key Exchange (IKE) and data encryption for IPv6.

IPv6 over Point-to-Point Protocol (PPPv6)

Allows native IPv6 traffic to be sent over PPP-based connections, which in turn allows remote-access clients to connect with an IPv6-based Internet service provider (ISP) through dial-up or PPP over Ethernet (PPPoE)-based connections.

Link-Local Multicast Name Resolution (LLMNR)

Allows IPv6 hosts on a single subnet without a Domain Name System (DNS) server to resolve each other”s names.

Multicast Listener Discovery version 2 (MLDv2)

Provides support for source-specific multicast traffic and is equivalent to Internet Group Management Protocol version 3 (IGMPv3) for IPv4.

Random Interface IDs

Prevents address scanning of IPv6 addresses based on the known company IDs of network-adapter manufacturers. By default, Windows Vista and later generate random interface IDs for nontemporary autoconfigured IPv6 addresses, including public and link-local addresses.

Symmetric Network Address Translators

Maps the internal (private) address and port number to different external (public) addresses and ports, depending on the external destination address.

Windows 8.1 and Windows Server 2012 R2 have several enhancements in their built-in DNS clients that improve name resolution on IPv4 and IPv6 networks, including the following:

  • Adaptive query timeout. With adaptive query timeout, the DNS client adapts the timeout interval based on the time required for previous queries. Thus, instead of waiting 1000 milliseconds (ms) before timing out a query, the timeout is adjusted based on past performance for the network, resulting in timeouts between 25 ms and 1000 ms.
  • Query coalescing. With query coalescing, the DNS client combines multiple DNS queries for the same name. This results in only one query and optimizes performance.
  • Parallel queries. With parallel queries, the DNS client issues IPv4 and IPv6 queries for A and AAAA records in parallel when both IP interfaces are enabled, which streamlines the query process and improves performance. Link-local multicast name resolution (LLMNR) and NetBIOS queries also are issued in parallel for IPv4 and IPv6.
  • Persistent caching. With a persistent cache, the DNS client maintains the DNS cache across changes that occur on the same network. For example, the DNS client now persists the cache after address change notifications and when the computer is resuming from the sleep or standby state.

Windows PowerShell 3.0 includes the NetTCPIP module for working with TCP/IP from the command line and in scripts. This module is imported automatically when you open a Windows PowerShell prompt. Cmdlets you might want to use for TCP/IP troubleshooting include the following:

  • Get-NetIPAddress. Lists information about IP address configuration
  • Get-NetIPInterface. Provides summary information about IP interface properties
  • Get-NetIPv4Protocol. Provides summary information about the IPv4 protocol configuration
  • Get-NetIPv6Protocol. Provides summary information about the IPv6 protocol configuration
  • Get-NetNeighbor. Displays information about the neighbor cache for IPv4 and IPv6
  • Get-NetOffloadGlobalSetting. Lists the status of the global TCP/IP offload settings, including receive-side scaling, receive-segment coalescing, and TCP/IP chimney
  • Get-NetRoute. Lists the IP routing table
  • Get-NetTCPConnection. Lists details about current TCP connection statistics
  • Get-NetTCPSetting. Displays TCP settings and configuration

To list all of the available NetTCPIP cmdlets, type Get-Command –Module NetTCPIP at a Windows PowerShell prompt. Alternatively, you can get a sorted list of commands by entering the following:

Get-Command –Module Net-TCPIP | Sort Noun,Verb | ft -auto Verb,Noun