Application Compatibility: Networking: TCP/IP Stack and the Windows Filtering Platform

Feature Impact

High

Brief Description

The Windows Vista® and Windows Server® 2008 networking stack has been completely rewritten. Instead of the dual stack model that exists in Windows XP® or Windows Server® 2003 (to support IPv4 and IPv6), the networking stack implements a new architecture in which there is a single transport and framing layer that supports multiple IP layers.

There are several new features along with several protocol enhancements. The new stack is modular, flexible, and extensible. While all attempts have been made to maintain application compatibility with the existing applications that interface with the stack at various layers, there are nevertheless changes (that are mostly side effects of the improvements) that might cause potential application-compatibility issues. Application developers must carefully evaluate to understand the impact of these changes on their applications.

The Windows Filtering Platform (WFP) API allows developers to create code that interacts with the filtering that takes place at several layers in the Windows Vista and Windows Server 2008 operating-system networking stack and throughout the operating system. WFP also integrates with and provides support for firewall features such as authenticated communication and dynamic firewall configuration, based on an application's use of the sockets API.

NoteNote:

WFP is not a firewall itself. It is a set of system services and APIs that enable firewalls to be implemented.

The following elements of the TCP/IP stack will not be supported on Windows Vista and Windows Server 2008:

  • The firewall-hook driver functions and the filter-hook driver functions. These functions have been deprecated.

  • The R-series tools, including rexec, rsh, finger, and so on. These tools are available from the Services for UNIX components, if needed.

  • The Internetwork Packet Exchange (IPX) protocol. IPX has been deprecated and is no longer available from Microsoft. There should be little if any impact on application compatibility because of this change.

Manifestation

  • If an application built for Windows XP was using only public functions for networking, it should not see any break in functionality. It should be tested on Windows Vista and Windows Server 2008 to verify its functionality.

  • Applications using any of the firewall-hook driver or filter-hook driver functions will not work.

  • Applications relying on internal structures and functions calls that were never published by Microsoft will fail.

  • Transport Driver Interface (TDI) filter drivers written in kernel mode might not work properly after an OS upgrade.

    NoteNote:

    The TDI feature is deprecated and will be removed in future versions of Microsoft Windows. Depending on how you use TDI, use either the Winsock Kernel (WSK) or Windows Filtering Platform (WFP). For more information about WFP and WSK, see Windows Filtering Platform and Winsock Kernel. For a Windows Core Networking blog entry about WSK and TDI, see Introduction to Winsock Kernel (WSK).

Remedies

Leverage Windows Vista capability:

WFP exposes a rich set of functions and services for network security developers and provides guidance and documentation on the available feature sets.

NoteNote:

Applications and scripts that rely on Services for UNIX and R-series must now install these tools first.

Links to Other Resources

Community Additions

Show:
© 2014 Microsoft