Windows XP Home Networking Dennis Morgan Program Manager

  • Slides: 42
Download presentation
Windows XP Home Networking Dennis Morgan Program Manager Core Networking Microsoft

Windows XP Home Networking Dennis Morgan Program Manager Core Networking Microsoft

Agenda § § § § Network Architecture Setup and Configuration Internet Connection Sharing Internet

Agenda § § § § Network Architecture Setup and Configuration Internet Connection Sharing Internet Connection Firewall Network Bridge Application Compatibility Network Address Translation Diagnostics

Network Architecture § § § There will be multiple networked PCs and Intelligent Appliances

Network Architecture § § § There will be multiple networked PCs and Intelligent Appliances (IA) in the home and small business PCs and devices will be connected over multiple network media that are bridged IP will be the dominant protocol inside the home Configuration and setup will be simple or automatic PCs and devices will securely connect to the Internet via dedicated or PC gateway

Network Architecture Internet Residential gateway (PC or device)

Network Architecture Internet Residential gateway (PC or device)

Why not this architecture? Internet § § Hub Insecure Network architecture is public

Why not this architecture? Internet § § Hub Insecure Network architecture is public

Setup and Configuration § Out of Box Experience (OOBE) § § § Auto Configuration

Setup and Configuration § Out of Box Experience (OOBE) § § § Auto Configuration Network Setup Wizard § § § Runs on first-boot Configuration tool for setting-up a Home or Small Business network Runs on down-level clients New Connection Wizard § Dial-up, VPN

Network Setup Wizard § Sets-up a machine as an ICS host or a client

Network Setup Wizard § Sets-up a machine as an ICS host or a client on the network § § § Configures network shares § § TCP/IP settings Unifies workgroup IE settings UPn. P File and Printer shares XP, Me, 98 SE and 98 Gold

Internet Connection Sharing § Provides Network Services § § § NAT – share a

Internet Connection Sharing § Provides Network Services § § § NAT – share a single Internet connection DHCP – allocation of private addresses DNS – resolution of home network addresses Simple checkbox UI Discovery and Control via Universal Plug and Play Location aware group policy

ICS Discovery and Control § ICS server announces itself on the network § §

ICS Discovery and Control § ICS server announces itself on the network § § § UPn. P service (UPn. P IG compliant) Beacon for auto-discovery ICS clients automatically discover and use the ICS server § § § Allows clients to discover ICS host and its connection state to the ISP Allows clients to control connection state of ICS host Down level client available via NSW

Internet Connection Firewall § § Uses connection flow information to prevent unsolicited inbound connections

Internet Connection Firewall § § Uses connection flow information to prevent unsolicited inbound connections Thwarts standard scans Simple checkbox UI Advanced Options § § § Logging ICMP Location aware group policy

Network Bridge § § Allows users to deploy multiple media types in the home

Network Bridge § § Allows users to deploy multiple media types in the home to create a seamless network Layer 2 media bridge built to IEEE 802. 1 D-1990 specification § § § Supports Ethernet, Home. PNA, IEEE 1394 and wireless network devices Includes Spanning Tree Algorithm (STA) Location aware group policy

Application Compatibility § Large test matrix of applications § § § Approx. 100 apps

Application Compatibility § Large test matrix of applications § § § Approx. 100 apps tested in Millennium Approx. 150 apps in XP matrix Application Layer Gateway (ALG) API § § Extensibility model for 3 rd party protocols Provided via the platform SDK

Network Address Translation

Network Address Translation

What Is NAT? Network Address Translation § § Multiplexes the address space behind the

What Is NAT? Network Address Translation § § Multiplexes the address space behind the NAT Edits source address and ports in IP traffic § All network traffic leaving the public side of the NAT appears originate from one IP address 192. 168. 0. 2 Internet 192. 168. 0. 3 192. 168. 0. 1 157. 55. 0. 1

Deployment Blockers § Peer to Peer applications § § Remote Assistance File Sharing Multi-player

Deployment Blockers § Peer to Peer applications § § Remote Assistance File Sharing Multi-player games XP and Broadband Enabled Experiences § Real Time Communication

What is the solution? § Program the NAT with Universal Plug and Play §

What is the solution? § Program the NAT with Universal Plug and Play § § UPn. P is an industry initiative Provides method for discovering services Provides methods for interacting with devices and services Internet Gateway Device working group defining schema for gateways § Includes method for creating and removing port mappings

Changes for Applications § Many applications will just work § § New applications use

Changes for Applications § Many applications will just work § § New applications use UPn. P § § § Direct. Play games Remote Assistance Windows Messenger Use UPn. P for port reservation Use the public address in exchanges with peers Existing applications § Provide script to create a static port mapping

Windows client support § § Windows XP has native support Windows Me has support

Windows client support § § Windows XP has native support Windows Me has support § § Windows 98 SE & 98 Gold § § requires update to UPn. P control point software; available via Windows Update control point available as part of XP Home Networking package APIs available in platform SDK

Diagnostics

Diagnostics

Repair Features § Multiple Entry Points § § Status Icon Connections Folder PC Health

Repair Features § Multiple Entry Points § § Status Icon Connections Folder PC Health Performs Common Repair Tasks § § IP Address Renew ARP and DNS Cache Flush WINS Refresh DNS re-register

Network Status Features § Network Connection Status Icon § § § Error icon shows

Network Status Features § Network Connection Status Icon § § § Error icon shows broken connection, no connection or signal, or invalid address Normal icon shows auto-config address, and Ad Hoc wireless mode Tool tips describe simple problems Network Monitor tab in Taskman Network information displayed on connection folder page Support Tab Added to Status Dialog of connection § Replaces Win. IPconfig.

DGNet Features § § § Works with PC Health to gather system information Three

DGNet Features § § § Works with PC Health to gather system information Three Levels of Display Results User Selectable Test § System Properties § Network Adapter, modem and VPN information § Application Test § IE Proxy, News Server, Mail Server

Wireless

Wireless

Wireless LAN Trends § Increased WLAN bandwidth § § § Reduced cost of equipment

Wireless LAN Trends § Increased WLAN bandwidth § § § Reduced cost of equipment § § § $95 per Wi-Fi card, $200 per Access Point Increased use of laptops and PDAs § § 11 Mbps for Wi-Fi 22 Mbps and 54 Mbps coming Mobile users Growth of Wi-Fi embedded in laptops Wi-Fi is growing rapidly

Wireless LAN Scenarios § Enterprise § § § Public places (Airports, Malls, etc) §

Wireless LAN Scenarios § Enterprise § § § Public places (Airports, Malls, etc) § § Want user authentication for billing Home § § Want secure user authentication and key distribution Want to support guest access to the Internet Want simple, no new wires network Roaming § Want transparent roaming

Windows XP Simplifies Wireless § Zero configuration § § § Secure LAN access §

Windows XP Simplifies Wireless § Zero configuration § § § Secure LAN access § § § Automatically scans for network Automatically configures Wi-Fi NIC IEEE 802. 1 X Supports different credentials, limited access & guest accounts Roaming § § Alternative IP configuration Network location awareness

Summary § § Windows XP brings Millennium parity to the 2000 code base Windows

Summary § § Windows XP brings Millennium parity to the 2000 code base Windows XP makes networking accessible to consumers § § § Simplified set-up and diagnostics Focus on key scenarios Windows XP is the best platform ever for always connected and broadband connectivity § § ICS, Bridge, Firewall Roaming, wireless support

Backup slides

Backup slides

Call to Action § IHVs/ISVs § § § Use UPn. P to detect and

Call to Action § IHVs/ISVs § § § Use UPn. P to detect and configure Internet gateway take NAT into consideration when writing protocols Compatibility: test early, test often Plan now for IPv 6 IHVs: ensure network cards report promiscuous mode properly

Resources § Home Networking feedback – hnetfb@microsoft. com § Writing NAT friendly apps –

Resources § Home Networking feedback – hnetfb@microsoft. com § Writing NAT friendly apps – § Universal Plug and Play website – http: //www. upnp. org http: //www. microsoft. com/Windows 2000/library/h owitworks/communications/networkbasics/natdoc 1. asp

Network Address Translation

Network Address Translation

What is Network Address Translation (NAT)? § § Multiplexes the address space behind the

What is Network Address Translation (NAT)? § § Multiplexes the address space behind the NAT Edits source address and ports in IP traffic § All network traffic leaving the public side of the NAT appears originate from one IP address

How NAT works Client 192. 168. 1. 5 § § § NAT Src: 192.

How NAT works Client 192. 168. 1. 5 § § § NAT Src: 192. 168. 1. 5: 3123 Dest: 212. 3. 2. 4: 80 Gateway: 192. 168. 1. 1 Server 192. 168. 1. 1 212. 3. 2. 10 212. 3. 2. 4 Src: 212. 3. 2. 10: 5205 Dest: 212. 3. 2. 4: 80 Default gateway is the NAT maps internal source address and port with specific external source address Modifies packet with NAT’s external address and new source port Forwards packet to server Response packet internal destination is resolved by NAT based on port state table

Working with NAT is critical § Many firewalls are based on NAT § §

Working with NAT is critical § Many firewalls are based on NAT § § § Windows® ICS is widely deployed There are lots of other NATs from lots of vendors § § § With 24 x 7 connectivity, the # of personal firewalls deployed will increase. Cable modems DSL modems ISDN routers Other combo router/gateway/edge devices Forcing NAT to edit protocols does not scale with either the # of protocols or the # of NAT solutions

Things that break with NAT § § § Using IP addresses in data payloads

Things that break with NAT § § § Using IP addresses in data payloads Using port numbers in payloads Assuming that you can always send or receive on a specific port, range of ports, or sequence of ports Assuming hosts will keep the same IP address throughout a conversation Assuming that your application can receive unsolicited inbound connections Assuming that all application clients have the same view of the network that you have

Building NAT friendly protocols § Don’t rely on embedded address and port information §

Building NAT friendly protocols § Don’t rely on embedded address and port information § § § § Use fully qualified domain names and/or user names where possible Let DNS do the work Don’t make assumptions about addresses and ports staying the same Avoid having unsolicited inbound connections in your protocol Encrypted protocols should avoid having the checksum cover the IP header Test your protocol with ICS and other NATs Remember IPv 6

Wireless Zero Configuration § Automatically scans for wireless LANs nearby § § Configure 802.

Wireless Zero Configuration § Automatically scans for wireless LANs nearby § § Configure 802. 11 NIC to match available network User can setup one or more preferred networks § Possible to disable non-preferred networks If no 802. 11 networks nearby configure 802. 11 NIC to peer-to-peer mode § Possible to disable peer-to-peer mode or force it Integrated with security § If security fails find another network to use

LAN Access Security § IEEE 802. 1 X § § § Supported on Ethernet

LAN Access Security § IEEE 802. 1 X § § § Supported on Ethernet and 802. 11 User and machine authentication using Radius § § § Same as used for dial-up and VPN authentication Windows 2000 Internet Authentication Server can be integrated with Active Directory user database Level of network access is under admin control § § Standard protocol for authenticated network access No access (don’t even get an IP address) Complete access Guest access Supports distribution of encryption keys to clients

Roaming § Alternative IP configuration § § § Extended Windows 2000 auto DHCP renew

Roaming § Alternative IP configuration § § § Extended Windows 2000 auto DHCP renew § § Check IP address on roaming Extended Windows 2000 reconfiguration support on IP address change § § § DHCP + static IP configuration Automatic switch between configurations Qo. S reservations updated IE proxy settings re-detected IP prefers fastest network interface § E. g. 11 Mbps wireless and 100 Mbps Ethernet

Roaming Network location extensions to Winsock § Applications that want to be network aware

Roaming Network location extensions to Winsock § Applications that want to be network aware § § E. g. Firewall, IE Information about the network connectivity the machine has § § Speed, interface type, network type (e. g. connected to the Interface), ICS information, 802. 1 X information Connectivity change notification

Windows XP Home Networking Windows XP Home NetworkingWindows XP Home Networking Windows XP Home Networking
Windows Windows Windows XP Windows Vista Windows 7Windows Windows Windows XP Windows Vista Windows 7
Windows Windows 951995 Windows 981996 Windows 20002000 WindowsWindows Windows 951995 Windows 981996 Windows 20002000 Windows
LOGO v Windows 7 Windows Windows 7 WindowsLOGO v Windows 7 Windows Windows 7 Windows
Windows Windows 710 Windows 32UFRII 30 15 WindowsWindows Windows 710 Windows 32UFRII 30 15 Windows
windows 1 1 Windows Windows 95 Windows 98windows 1 1 Windows Windows 95 Windows 98
Windows 8 Windows Phone 8 Windows 8 WindowsWindows 8 Windows Phone 8 Windows 8 Windows
xp Windows Microsoft Windows xp Windows Microsoft Windowsxp Windows Microsoft Windows xp Windows Microsoft Windows
Backup Windows Backup Windows Backup Windows Backup WindowsBackup Windows Backup Windows Backup Windows Backup Windows
Windows nyheter Morgan Persson Datordriftgruppen LTH Windows 8Windows nyheter Morgan Persson Datordriftgruppen LTH Windows 8
Windows Jonathan Hutchinson Senior Program Manager USe HomeWindows Jonathan Hutchinson Senior Program Manager USe Home
WINDOWS VISTA Windows Vista Windows Vista je imeWINDOWS VISTA Windows Vista Windows Vista je ime
Hacking Windows Damian Gordon Hacking Windows Most WindowsHacking Windows Damian Gordon Hacking Windows Most Windows
Windows 1 0 and later Windows 95 WindowsWindows 1 0 and later Windows 95 Windows
Windows Implementationof DIRAC ON WINDOWS Client on WindowsWindows Implementationof DIRAC ON WINDOWS Client on Windows
Casement windows Double hung windows Pivoted windows SlidingCasement windows Double hung windows Pivoted windows Sliding
WINDOWS 8 Windows 7 Windows 8 Pro 1WINDOWS 8 Windows 7 Windows 8 Pro 1
Windows 7 Windows 8 1 Update Windows 10Windows 7 Windows 8 1 Update Windows 10
Windows 7 Teclas de atalhos Windows 7 WindowsWindows 7 Teclas de atalhos Windows 7 Windows
INTRO TO WINDOWS 10 WHY WINDOWS 10 WindowsINTRO TO WINDOWS 10 WHY WINDOWS 10 Windows
Windows Desktop Windows Phone Windows 10 Xbox IoWindows Desktop Windows Phone Windows 10 Xbox Io
Windows 8 1 Windows Phone 8 1 WindowsWindows 8 1 Windows Phone 8 1 Windows
Introducing Microsoft Windows 7 What is WINDOWS WindowsIntroducing Microsoft Windows 7 What is WINDOWS Windows
MBL 201 Windows Mobile Windows Mobile Windows MobileMBL 201 Windows Mobile Windows Mobile Windows Mobile