There has been a lot of new enhancements done to the networking stack in Windows 10 and Server 2016, which I wanted to write a bit more about. Earlier I wrote a bit about TCP Fast Open which was available in Windows 10 and Microsoft EDGE to reduce the initial TCP SYN process http://msandbu.org/increasing-microsoft-edge-performance-using-tcp-fast-open-on-netscaler/ but looking at the rapid release cycle in Windows ther has been more new stuff that has been introduced over the last couple of years. Much of the functionality is defined is NDIS (https://docs.microsoft.com/en-us/windows-hardware/drivers/network/overview-of-ndis-versions) Which is the Windows specificiations on how drivers should be created for network communication. Now some of the new features that have been introduced are things as:
- CUBIC Support: In Windows 10 creators update they also came with support for the congestion algoritm CUBIC, which is actually the default congestion algoritm in Linux. The main goal behind CUBIC is to improve the scalability of TCP over fast and long distance networks, and also to keep the CW much longer at the saturation point.
The following commands can be used to enable CUBIC globally and to return to the default Compound TCP (requires elevation):- netsh int tcp set supplemental template=internet congestionprovider=cubic
- netsh int tcp set supplemental template=internet congestionprovider=compound
- Fast Connection Teardown: TCP connections in Windows are by default preserved for about 20 seconds to allow for fast reconnection in the case of a temporary loss of wired or wireless connectivity. However, in the case of such as docking and undocking this is long delay, Fast Connection Teardown feature can signal the Windows transport layer to instantly tear down TCP connections for a fast transition.
- ISATAP and 6to4 disabled by default: With the uptake in IPV6, these protocols are now disabled by default, but can be enabled using Group Policy, Teredo is the last transition technology that is expected to be in active use because of its ability to perform NAT traversal to enable peer-to-peer communication.
- Windows TCP AutoTuningLevel: Before the Creators Update the TCP receive Window autotuning algorithm depended on correct estimates of the connection’s bandwidth and RTT, the new algoritm adapts to BDP (Bandwidth-delay product) much more quickly than the old algorithm and has increased performance when it comes to converge on the maximum receive window value for a given connection.
- Recent ACKnowledgement (RACK): RACK uses the notion of time, instead of packet or sequence counts, to detect losses, for modern TCP implementations that can support per- packet timestamps and the selective acknowledgment (SACK) option. RACK is enabled only for connections that have an RTT of at least 10 msec in both Windows Client and Server 2016. This is to avoid spurious retransmissions for low latency connections. RACK is also only enabled for connections that successfully negotiate SACK.
- Windows Low Extra Delay BAckground Transport (LEDBAT): LEDBAT is a way to transfer data in the background quickly, without clogging the network. Windows LEDBAT transfers data in the background and does not interfere with other TCP connections. LEDBAT does this by only consuming unused bandwidth. When LEDBAT detects increased latency that indicates other TCP connections are consuming bandwidth it reduces its own consumption to prevent interference. When the latency decreases again LEDBAT ramps up and consumes the unused bandwidth. LEDBAT is only exposed through an undocumented socket option and can only be used by approved partners.
- RSSv2: Compared to RSSv1, RSSv2 shortens the time between the measurement of CPU load and updating the indirection table. This avoids slowdown during high-traffic situations. This is part of the Windows 10, version 1709 kernel.
This youtube video from Ignite last year goes into detail on the different improvements that have been introduced into Windows over the course of the last year –> https://www.youtube.com/watch?v=BlBWUGcYCQQ
And of course having a strong networking stack is important to handle the modern web applications and connections from different endpoints and different network connectivity. In the next blog post I will focus on a bit more on the container networking aspects that have been introduced in Windows.