Windows Network Architecture and the OSI Model

This topic discusses the Windows network architecture and how Windows network drivers implement the bottom four layers of the OSI model.

If you are looking for general information on all seven layers of the model, see the OSI model.

The Microsoft Windows operating systems use a network architecture that is based on the seven-layer networking model developed by the International Organization for Standardization (ISO).

Introduced in 1978, the ISO Open Systems Interconnection (OSI) Reference model describes networking as «a series of protocol layers with a specific set of functions allocated to each layer. Each layer offers specific services to higher layers while shielding these layers from the details of how the services are implemented. A well-defined interface between each pair of adjacent layers defines the services offered by the lower layer to the higher one and how those services are accessed.»

The following diagram illustrates the OSI model.

Microsoft Windows network drivers implement the bottom four layers of the OSI model.

Physical Layer

The physical layer is the lowest layer of the OSI model. This layer manages the reception and transmission of the unstructured raw bit stream over a physical medium. It describes the electrical/optical, mechanical, and functional interfaces to the physical medium. The physical layer carries the signals for all of the higher layers.

In Windows, the physical layer is implemented by the network interface card (NIC), its transceiver, and the medium to which the NIC is attached.

Data Link Layer

The data link layer sends frames between physical addresses and is responsible for error detection and recovery occurring in the physical layer.

The data link layer is further divided by the Institute of Electrical and Electronics Engineers (IEEE) into two sublayers: media access control (MAC) and logical link control (LLC).

The MAC sublayer manages access to the physical layer, checks frame errors, and manages address recognition of received frames.

In the Windows network architecture, the MAC sublayer is implemented in the NIC. The NIC is controlled by a software device driver called the miniport driver. Windows supports several variations of miniport drivers including WDM miniport drivers, miniport call managers (MCMs), and miniport intermediate drivers.

The LLC sublayer provides error-free transfer of data frames from one node to another. The LLC sublayer establishes and terminates logical links, controls frame flow, sequences frames, acknowledges frames, and retransmits unacknowledged frames. The LLC sublayer uses frame acknowledgement and retransmission to provide virtually error free transmission over the link to the layers above.

In Windows, the LLC sublayer is implemented by a software driver known as a protocol driver.

Network Layer

The network layer controls the operation of the subnet. This layer determines the physical path that the data should take, based on the following:

Priority of service

Other factors, such as routing, traffic control, frame fragmentation and reassembly, logical-to-physical address mapping, and usage accounting

The network layer is implemented by a protocol driver.

Transport Layer

The transport layer ensures that messages are delivered error free, in sequence, and with no loss or duplication. This layer relieves the higher-layer protocols from being concerned about data transfer with their peers.

A minimal transport layer is required in protocol stacks that include a reliable network or LLC sublayer that provides virtual circuit capability. For example, because the NetBEUI transport driver for Windows is an OSI-compliant LLC sublayer, its transport layer functions are minimal. If the protocol stack does not include an LLC sublayer, and if the network layer is unreliable and/or supports datagrams (as with TCP/IP’s IP layer or NWLink’s IPX layer), the transport layer should include frame sequencing and acknowledgment, as well as retransmission of unacknowledged frames.

In the Windows network architecture, the transport layer is implemented by a protocol driver, which is sometimes referred to a transport driver.

Client Operating Systems (Workstation Operating Systems) and Network Operating Systems — NOS (Server Operating Systems)

You have to understand two key technical terms to move further, «Client» and «Server».

What is a Client Computer? You can think a client as a computer in your network, where a network user is performing some network activity. For Example: Downloading a file from a File Server, Browsing Intranet/Internet etc. The network user normally uses a client computer to perform his day to day work.

What is a Server Computer? The client computer establishes a connection to a Server computer and accesses the services installed on the Server Computer. A Server computer is not meant for a network user to browse the internet or to do spreadsheet data entry work. A Server computer is installed with appropriate Operating System and related Software to serve the network clients with one or more services, continuously without a break 24/7.

An Operating System (also known as «OS») is the most important set of software programs which are loaded initially into any computer-like device by a bootstrap program. Operating System controls almost all the resources in a computer, including networks, data storage, user & user password database, peripheral devices etc.

Operating System products are very complex software products. Operating System Software products are compiled from millions of lines of source code. Operating system products we have currently are created by the hard work of thousands of engineers for decades, internally in a company (Example: Windows) or by dedicated global volunteer communities (Example: GNU/Linux, BSD Unix).

Network Operating Systems — NOS (Server Operating Systems)

A Network Server computer offers its services to a group of Network Client devices. A Server computer typically has more computing resources like Processors & Processing Power, more Physical Memory (RAM), more Storage Space etc., compared to client computers. The Server computer machine runs on Server Operating System, also called as Network Operating System (NOS), which normally has more features and processing capabilities compared with the client computer’s Operating System. The server may be installed with special software, to function as a Server Role. The special software allows a Server Computer to function a particular server role, like a File Server, Web Server, Mail Server, Directory Server etc.

A Network Operating System (NOS) includes much more capabilities than a normal client workstation (or Desktop) Operating System. Most popular Network Operating Systems are listed below.

Client Operating Systems (Workstation Operating Systems, or Desktop Operating Systems)

Most popular Client Workstation Operating Systems are listed below.

• Windows 95/98/ME Vista (obsolete)

• Windows NT Workstation / Windows 2000 Professional (obsolete)

• Windows XP (obsolete)

• Windows 7 (obsolete)

• Windows 8 / Windows 8.1 (obsolete)

• Windows 10 Desktop (Current)

Click the below logos to visit the respective Operating System vendor’s website. Most of the Operating System vendors have product trial downloads and related documentation. Download trial versions and get familiar with their products. Start learning the installation of different Client and Server Operating Systems by downloading trial versions from below links.

Network Operating System Features and Functions

This tutorial explains network operating system features and function in details. Learn what is a network operating system and features offered by popular network operating systems (such as Linux, UNIX, Netware, Apple Mac and Windows Server) with functions.

A network operating system (NOS) provides services to clients over a network. Both the client/server and peer-to-peer networking models use network operating systems, and as such, NOSes must be able to handle typical network duties such as the following:

• Providing access to remote printers, managing which users are using which printers when, managing how print jobs are queued, and recognizing when devices aren’t available to the network
• Enabling and managing access to files on remote systems, and determining who can access what—and who can’t
• Granting access to remote applications and resources, such as the Internet, and making those resources seem like local resources to the user (the network is ideally transparent to the user)
• Providing routing services, including support for major networking protocols, so that the operating system knows what data to send where
• Monitoring the system and security, so as to provide proper security against viruses, hackers, and data corruption.
• Providing basic network administration utilities (such as SNMP, or Simple Network Management Protocol), enabling an administrator to perform tasks involving managing network resources and users.

UNIX / Linux

UNIX, created originally by Bell Labs (under AT and T), is a powerful server operating system that can be used in peer-to-peer or client/server networks. UNIX was the first operating system written in the C programming language. Due to an antitrust ruling forbidding AT and T from releasing operating systems commercially, AT and T released UNIX upon its completion in 1974 to universities, mostly, enabling people to go in and actually view the source code to the system, which enabled coders to reconstruct the basic functions of the original UNIX operating system. From this practice, called reverse engineering, came Linux, which was first developed in the late 1980s by a young student at the University of Helsinki in Finland named Linus Torvalds.

UNIX (and Linux by extension) systems offer the following features:

• Fully protected multitasking: This means that UNIX can easily switch between tasks without the operating system crashing, because all UNIX processes are separate from those of the operating system. Even if an application crashes, unless it somehow manages to take down the X Windows system with it (which does happen), the operating system just keeps right on humming.
• High performance and stability : Many servers running UNIX or Linux have run for years without crashing once. The multitasking capabilities of UNIX, along with the rapid rate at which the operating system matures (especially with Linux, which is free and can be changed by anyone), make UNIX or Linux a powerful solution, especially for server systems.
• Multiuser capabilities : True multiuser systems enable different users to be logged in to the same system simultaneously. In UNIX and Linux, not only can a user log in to the same system at the same time as other users, that user can log in multiple times on the same system as the same user without the operating system batting an eyelash (such things are often necessary when administrating a network, particularly when managing users).
• Tons of high-quality software : From Apache Server (a Web server that’s used on a whopping 6 in 10 major Web servers on the Internet) to the long-awaited Mozilla.org Mozilla 1.0 open source Web browser/e-mail software (Mozilla is an open source version of the venerated Netscape Communicator) to the powerful free Gimp graphics manipulation software, Linux is packed with tons of free, high-quality software. The trick is that, with UNIX/Linux, you give up compatibility with commercial software that’s available only for Windows and/or Macintosh, currently.
• Easy customization : While other operating systems seem to offer less and less choice to the user about which applications to install with the operating system (Windows XP is this way), UNIX and especially Linux are the exact counterpoint to that model. With UNIX or Linux, you can actually customize your operating system kernel, stripping it down to just drivers and networking or installing everything possible.
• Modular architecture : The modular architecture of UNIX (and especially Linux) is directly responsible for how customizable UNIX is. Modular really means just what it sounds like: The operating system is built with a kernel that attaches modules to itself based on what the user needs.
• POSIX compliance: With a free operating system like UNIX, the different distributions (or flavors) of UNIX quickly became difficult to manage. Currently, hundreds of different implementations of UNIX are available. To enable programmers to have some idea of how to code their software such that it would run on any version of UNIX, the Institute of Electrical and Electronics Engineers, Inc. (IEEE) defined the Portable Operating System Interface (POSIX).
• Use of TCP/IP as the standard protocol stack: UNIX overwhelmingly uses TCP/IP as the protocol stack of choice. If you consider that the vast majority of the servers that help make up the Internet are UNIX computers of one form or another, you start to get the idea why TCP/IP is so popular.
• A shell interface: All versions of UNIX (at least those you care about for the exam) include a shell interface of some sort. If you have ever seen your computer use a completely black screen with white words written on it, that’s a shell interface. You simply type in commands at the prompt and hit Enter to execute those commands. The hard part in using these interfaces is simply the effort it takes to learn all of those rather cryptic commands. Making life even more difficult, UNIX is ultimately customizable and can use different shells. The bash shell (likely the most popular shell in use today) and the tcsh shell, for example, have different commands for the same action.
• A graphical user interface: Although most versions of UNIX (such as Red Hat Linux) include a graphical user interface (GUI) these days, this has not always been the case. Historically, UNIX has been derided for its cryptic interface, and the advent of the GUI into popular UNIX systems was a direct result of this. Popular UNIX GUIs include KDE and GNOME. KDE is mostly used with Linux, but GNOME has versions for the Sun Solaris operating system, and therefore crosses the border from Linux into UNIX proper.
• Support for dumb terminals: Traditionally, UNIX was used for dumb terminals, and just about all versions of UNIX still include this capability. The traditional dumb terminal model involves one central UNIX server that is used by remote terminals to execute applications. Basically, a user logs in to a UNIX system via Telnet or some other remote connectivity application and uses UNIX commands to tell the remote system what functions to perform. In this way, users can download and check e-mail via a text-based e-mail client such as Pine. The dumb terminal in this form isn’t used much anymore; Web browsers are definitely more than just dumb terminals— and Web browsers are now the clients most often seen by UNIX servers (at least those that make up the Internet). However, wireless devices such as cell phones and mobile Internet e-mail clients such as AOL’s Mobile Communicator device are good examples of modern dumb terminals. The devices have nearly no storage at all, and don’t carry large e-mail clients on the device; the message is simply transferred as text from one end to the other.

Interoperability
Open source software such as SAMBA is used to provide Windows users with Server Message Block (SMB) file sharing.

Authentication:-Centralized login authentication

File and Print Services
Network File System (NFS) is a distributed file system that allows users to access files and directories located on remote computers and treat those files and directories as if they were local.
LPR/LPD is the primary UNIX printing protocol used to submit jobs to the printer. The LPR component initiates commands such as «print waiting jobs,» «receive job,» and «send queue state,» and the LPD component in the print server responds to them.

Security
With most Unix operating systems, the network services can be individually controlled to increase security.

MAC OS X Server

Client Support
TCP/IP file sharing with Macintosh clients using Network File System (NFS), and File Transfer Apple File Protocol 3.0

Interoperability
Mac OS X Server uses the Open Source SAMBA to provide Windows users with Server Message Block (SMB) file sharing. Network File System (NFS) lets you make folders available to UNIX and Linux users.

File and Print Services
Mac OS X Server provides support for native Macintosh, Windows, UNIX, and Linux file sharing. Protocols supported include:

• Apple file services (AFP 3.0) from any AppleShare client over TCP/IP
• Windows (SMB/CIFS) file sharing using Samba
• Network File System (NFS) for UNIX and Linux file access
• Internet (FTP)

Built-in print services can spool files to any PostScript-capable printer over TCP/IP, AppleTalk, or USB. Macintosh customers can use the LPR support in Print Center or the Desktop Printer utility to connect to a shared printer. Windows users can use their native SMB/CIFS protocol to connect to a shared printer.

Print services for OS X Server

Macintosh and UNIX (LPR/LPD)

Security

• Multiple-user architecture and user-level access privileges.
• Secure Sockets Layer (SSL) support provides encrypted and authenticated client/server communications.
• Secure Shell (SSH) provides encryption and authentication for secure remote administration.
• Kerberos support for centralized login authentication.

Netware

NetWare has been a great LAN operating system for years, but only recently (with NetWare 5.x has NetWare moved beyond the LAN to where it can easily be a part of larger networks. Until quite recently, Novell NetWare used to be the single most-used network operating system (NOS). However, first Windows NT, and Windows 2000 and Linux, have steadily eaten into the NetWare market share for network operating systems. Currently, all three operating systems have a roughly equal share of the network operating system market, which means that NetWare is still used in at least one-third of all server systems.
NetWare features
NetWare offers the following features :

• Multiprocessor kernel: This feature enables one NetWare operating system to utilize multiple processors. This process is called symmetric multiprocessing (SMP). SMP enables processors to share memory and bus paths, even coordinating the processing of a single application in parallel.
• NLMs: Where UNIX uses daemons and Windows uses services, NetWare uses NetWare Loadable Modules (or NLMs) to provide services from the server. NLMs are programs that run in the background on the server to provide consistent services to the network.
• PCI Hot Plug: This feature enables administrators to dynamically configure PCI network components while the system is running. You can replace, upgrade, or add new cards with the Hot replace, Hot upgrade, and Hot expansion features, respectively.

Client Support
NetWare 5 comes with Novell Client software for three client platforms: DOS and Windows 3.1x, Windows 95/98, and Windows NT.

Interoperability
You can set the Novell Clients for Windows 95/98 and Windows NT to work with one of three network protocol options: IP only, IP and IPX, or IPX only.

Authentication
Centralized login authentication

File and Print Services
File Services NetWare offers two choices of mutually compatible file services: Novell Storage Services (NSS) and the traditional NetWare File System. Both kinds of file services let you store, organize, manage, access, and retrieve data on the network. NSS gathers all unpartitioned free space that exists on all the hard drives connected to your server, together with any unused space in NetWare volumes, and places it into a storage pool. You create NSS volumes from this storage pool during server installation or later through NWCONFIG. Novell Distributed Print Services (NDPS) is the default and preferred print system in NetWare. NDPS supports IP-based as well as IPX-based printing.

Security
Novell has support for a public key infrastructure built into NetWare 5 using a public certificate, developed by RSA Security.

Windows

Directory Services
A directory service is a database of user accounts and other information that network administrators use to control access to shared network resources. When users connect to a network, they have to be authenticated before they can access network resources. Authentication is the process of checking the user’s credentials (usually a user name and a password) against the directory. Users that supply the proper credentials are permitted access according to the permissions specified by the network administrator.

Client Support
Windows 3.x, Windows 95, Windows 98, and Windows NT Workstation 4.0 Windows 2000 Professional, Xp Pro. Vista Ultimate, Vista Business.

Interoperability
Windows 2000,2003,2008 Server supports UNIX, Novell NetWare, Windows NT Server 4.0, and Macintosh.

Authentication
Successful user authentication in a Windows 2000,2003,2008 computing environment consists of separate processes: interactive logon, which confirms the user’s identification to either a domain account or a local computer, and network authentication, which confirms the user’s identification to any network service that the user attempts to access.

Types of authentication
Kerberos V5 is used with either a password or a smart card for interactive logon. It is also the default method of network authentication for services.The Kerberos V5 protocol verifies both the identity of the user and network services Secure Socket Layer/Transport Layer Security (SSL/TLS) authentication, is used when a user attempts to access a secure Web server.

File and Print Services
You can add and maintain printers in Windows server using the print administration wizard, and you can add file shares using Active Directory management tools. Windows server also offers Distributed File Services, which let you combine files on more than one server into a single share.

Active Directory
After many years of anticipation, Microsoft introduced an enterprise directory service in the Windows 2000 Server product line, called Active Directory. It uses a hierarchical tree design comprised of container and leaf objects. The fundamental unit of organization in Active Directory directory service is the domain, but; you can group domains together into a tree, and even group multiple trees together into a forest. Domains that are in the same tree automatically have bidirectional trust relationships established between them, which eliminates the need for administrators to create them manually. The trust relationships are also transitive , meaning that if Domain A trusts Domain B and Domain B trusts Domain C, then Domain A trusts Domain C.

Security
User-level security protects shared network resources by requiring that a security provider authenticate a user’s request to access resources. The domain controller , grants access to the shared resource by verifying that the user name and password are the same as those on the user account list stored on the network security provider. Because the security provider maintains a network-wide list of user accounts and passwords, each client computer does not have to store a list of accounts. Share-level security protects shared network resources on the computer with individually assigned passwords. For example, you can assign a password to a folder or a locally attached printer. If other users want to access it, they need to type in the appropriate password. If you do not assign a password to a shared resource, every user with access to the network can access that resource.

Appleshare IP (Internet Protocol)

Client Support
TCP/IP file sharing with Macintosh clients using Network File System (NFS), and File Transfer Apple File Protocol 3.0.

Interoperability
Windows Server Message Block (SMB) file sharing.

File and Print Services
File Services:

• Apple Filing Protocol (AFP) over TCP/IP and AppleTalk
• Server Message Block (SMB) over TCP/IP
• File Transfer Protocol (FTP) over TCP/IP

Application Support

• HTTP
• Mail (SMTP, POP, IMAP and Authenticated Post Office Protocol APOP)
• Mac CGI

By ComputerNetworkingNotes Updated on 2018-05-09 09:52:31 IST

ComputerNetworkingNotes Networking Tutorials Network Operating System Features and Functions