Transmission Control Protocol/Internet Protocol (TCP/IP) has been adopted by Microsoft as the strategic enterprise transport protocol for Windows 2000. The Windows 2000 TCP/IP suite is designed to make it easy to integrate Microsoft enterprise networks into large scale corporate, government, and public networks, and to provide the ability to operate over those networks in a secure manner.

Several factors have lead to the success of TCP/IP. The protocol is routable, which means that data packets can be switched (routed to a different subnet) by use of the packet's destination address. TCP/IP's ability to be routed allows greater fault tolerance. If a network failure occurs, packets are transported by a different route. Another factor contributing to the success of TCP/IP is the massive interest in the Internet. TCP/IP is the standard for computer interconnectivity.

Windows 2000 TCP/IP includes several performance improvements for networking within high-bandwidth LAN and wide area network (WAN) environments. These features include the following:

Large Window Support

Large window support improves performance of TCP/IP when there are large amounts of data in transit or unacknowledged between two connected hosts. In TCP-based communication, the window size is the maximum number of packets that can be sent in a streamed sequence before the first packet must be acknowledged. Large window support allows for more data packets to be in transit on the network at one time and increases effective bandwidth.

Selective Acknowledgments

Selective acknowledgments is a TCP option that allows the receiver to selectively notify and request from the sender only those packets that were missing or corrupted during initial delivery. Selective acknowledgments allow networks to recover quickly from a state of congestion or temporary interference by requiring only lost packets to be resent. In previous TCP/IP implementations, if a receiving host failed to receive a single TCP packet, the sender might retransmit not just the corrupted or missing packet, but all subsequent packets. With selective acknowledgments, fewer packets are sent so better utilization of the network results.

RTT Estimation

Round Trip Time Estimation (RTT) is a technique of estimating packet transit times and adjusting for the optimum retransmission time for packets. Round Trip Time is the amount of time it takes for a round-trip communication between a sender and receiver on a TCP-based connection. Because performance depends on knowing how long to wait for a missing packet, improving the accuracy of RTT estimation results in better retransmission time-out values being set on each host. Better timing particularly improves performance over long round-trip network links, such as WANs that span large distances (continent-to-continent) or use either wireless or satellite links.

IP Security

Internet Protocol Security (IPSec) is an encryption process that allows data to be scrambled to make it virtually impossible to view its contents. IPSec uses cryptography-based security to provide integrity, data origin authentication, protection against replays, confidentiality, and limited traffic flow confidentiality. Because IPSec is provided at the IP layer, its services are available to the upper-layer protocols in the stack, and are transparently available to existing applications.

IPSec enables a system to select security protocols, decide which algorithm to use for the service, and establish and maintain cryptographic keys for each security relationship. IPSec can protect paths between hosts, between security gateways, or between hosts and security gateways. IPSec policy can be configured locally on a computer, or can be assigned through Windows 2000 Group Policy mechanisms using the Active Directory ™ directory service.

When IPSec is used to encrypt data, network performance is generally reduced due to the processing overhead of encryption. One method of reducing the processing overhead is to offload the processing to a hardware device. Since NDIS supports task offloading, it is feasible to include encryption hardware on network adapters.

For more information about IPSec, see "Internet Protocol Security" in this book.

For more information about TCP/IP, see "Introduction to TCP/IP" and "Windows 2000 TCP/IP" in this book.

Generic Quality of Service

Generic Quality of Service (GQoS) is implemented in Winsock, so Windows 2000 GQoS can run on any network that supports TCP/IP. GQoS ensures the quality of a connection. QoS allows developers to deploy real-time applications over IP networks while providing acceptable levels of bandwidth, latency, and jitter. GQoS allows TCP/IP to provide the benefits of ATM in a TCP/IP environment.

For more information about QoS, see "Quality of Service" in this book.