Network Driver Interface Specification

Last updated

The Network Driver Interface Specification (NDIS) is an application programming interface (API) for network interface controllers (NICs).

Contents

Specification

It was jointly developed by Microsoft and 3Com Corporation and is mostly used in Microsoft Windows. However, the open-source NDISwrapper and Project Evil driver wrapper projects allow many NDIS-compliant NICs to be used with Linux, FreeBSD and NetBSD. magnussoft ZETA, a derivative of BeOS, supports a number of NDIS drivers.

The NDIS forms the logical link control (LLC) sublayer, which is the upper sublayer of the OSI data link layer (layer 2). Therefore, the NDIS acts as the interface between the media access control (MAC) sublayer, which is the lower sublayer of the data link layer, and the network layer (layer 3).

The NDIS is a library of functions often referred to as a "wrapper" that hides the underlying complexity of the NIC hardware and serves as a standard interface for level 3 network protocol drivers and hardware level MAC drivers.

The NDIS versions supported by various Windows versions are as follows: [1]

The traffic accepted by the NIC is controlled by an NDIS Miniport Driver [14] while various protocols, such as TCP/IP, are implemented by NDIS Protocol Drivers. [15] A single miniport may be associated with one or more protocols. This means that traffic coming into the miniport may be received in parallel by several protocol drivers. For example, Winpcap adds a second protocol driver on the selected miniport in order to capture incoming packets. Furthermore, it is possible to simulate several virtual NICs by implementing virtual miniport drivers that send and receive traffic from a single physical NIC. One example of virtual miniport driver usage is to add virtual NICs, each with a different VLAN. Because implementations cannot assume that other drivers received the same buffers, one must treat the incoming buffers as read-only and a driver that changes the packet content must allocate its own buffers. NDIS Miniport drivers can also use Windows Driver Model interfaces to control network hardware. [16]

Another driver type is NDIS Intermediate Driver. Intermediate drivers sit in-between the MAC and IP layers and can control all traffic being accepted by the NIC. In practice, intermediate drivers implement both miniport and protocol interfaces. The miniport driver and protocol driver actually communicate with the corresponding miniport and protocol interfaces that reside in the intermediate driver. This design enables adding several chained intermediate drivers between the miniport and protocol drivers. Therefore, driver vendors cannot assume that the interface that they send traffic to is implemented by the last driver in the chain. In order to write applications using NDIS, one can use samples that accompany Microsoft's Windows Driver Kit (WDK). The "PassThru" sample is a good starting point for intermediate drivers as it implements all the necessary details required in this driver type, but just passes the traffic through to the next driver in the chain.

See also

Related Research Articles

<span class="mw-page-title-main">Wake-on-LAN</span> Mechanism to wake up computers via a network

Wake-on-LAN is an Ethernet or Token Ring computer networking standard that allows a computer to be turned on or awakened from sleep mode by a network message.

In computing, Open Database Connectivity (ODBC) is a standard application programming interface (API) for accessing database management systems (DBMS). The designers of ODBC aimed to make it independent of database systems and operating systems. An application written using ODBC can be ported to other platforms, both on the client and server side, with few changes to the data access code.

In computing, the Windows Driver Model (WDM) – also known at one point as the Win32 Driver Model – is a framework for device drivers that was introduced with Windows 98 and Windows 2000 to replace VxD, which was used on older versions of Windows such as Windows 95 and Windows 3.1, as well as the Windows NT Driver Model.

<span class="mw-page-title-main">Server Message Block</span> Network communication protocol for providing shared access to resources

Server Message Block (SMB) is a communication protocol used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. On Microsoft Windows, the SMB implementation consists of two vaguely named Windows services: "Server" and "Workstation". It uses NTLM or Kerberos protocols for user authentication. It also provides an authenticated inter-process communication (IPC) mechanism.

<span class="mw-page-title-main">Windows NT 4.0</span> Fourth major release of Windows NT, released in 1996

Windows NT 4.0 is a major release of the Windows NT operating system developed by Microsoft and oriented towards businesses. It is the direct successor to Windows NT 3.51, and was released to manufacturing on July 31, 1996, and then to retail in August 24, 1996, with the Server versions released to retail in September 1996.

<span class="mw-page-title-main">Architecture of Windows NT</span> Overview of the architecture of the Microsoft Windows NT line of operating systems

The architecture of Windows NT, a line of operating systems produced and sold by Microsoft, is a layered design that consists of two main components, user mode and kernel mode. It is a preemptive, reentrant multitasking operating system, which has been designed to work with uniprocessor and symmetrical multiprocessor (SMP)-based computers. To process input/output (I/O) requests, it uses packet-driven I/O, which utilizes I/O request packets (IRPs) and asynchronous I/O. Starting with Windows XP, Microsoft began making 64-bit versions of Windows available; before this, there were only 32-bit versions of these operating systems.

<span class="mw-page-title-main">Link aggregation</span> Using multiple network connections in parallel to increase capacity and reliability

In computer networking, link aggregation is the combining of multiple network connections in parallel by any of several methods. Link aggregation increases total throughput beyond what a single connection could sustain, and provides redundancy where all but one of the physical links may fail without losing connectivity. A link aggregation group (LAG) is the combined collection of physical ports.

In the field of computer network administration, pcap is an application programming interface (API) for capturing network traffic. While the name is an abbreviation of packet capture, that is not the API's proper name. Unix-like systems implement pcap in the libpcap library; for Windows, there is a port of libpcap named WinPcap that is no longer supported or developed, and a port named Npcap for Windows 7 and later that is still supported.

<span class="mw-page-title-main">Trusted Platform Module</span> Standard for secure cryptoprocessors

Trusted Platform Module (TPM) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a chip conforming to the standard ISO/IEC 11889.

Monitor mode, or RFMON mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received on a wireless channel. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first. Monitor mode only applies to wireless networks, while promiscuous mode can be used on both wired and wireless networks. Monitor mode is one of the eight modes that 802.11 wireless adapter can operate in: Master, Managed, Ad hoc, Repeater, Mesh, Wi-Fi Direct, TDLS and Monitor mode.

A Bluetooth stack is software that is an implementation of the Bluetooth protocol stack.

In computing, Microsoft's Windows Vista and Windows Server 2008 introduced in 2007/2008 a new networking stack named Next Generation TCP/IP stack, to improve on the previous stack in several ways. The stack includes native implementation of IPv6, as well as a complete overhaul of IPv4. The new TCP/IP stack uses a new method to store configuration settings that enables more dynamic control and does not require a computer restart after a change in settings. The new stack, implemented as a dual-stack model, depends on a strong host-model and features an infrastructure to enable more modular components that one can dynamically insert and remove.

Microsoft Windows is the name of several families of computer software operating systems created by Microsoft. Microsoft first introduced an operating environment named Windows in November 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces (GUIs).

<span class="mw-page-title-main">Hyper-V</span> Native hypervisor by Microsoft

Microsoft Hyper-V, codenamed Viridian, and briefly known before its release as Windows Server Virtualization, is a native hypervisor; it can create virtual machines on x86-64 systems running Windows. Starting with Windows 8, Hyper-V superseded Windows Virtual PC as the hardware virtualization component of the client editions of Windows NT. A server computer running Hyper-V can be configured to expose individual virtual machines to one or more networks. Hyper-V was first released with Windows Server 2008, and has been available without additional charge since Windows Server 2012 and Windows 8. A standalone Windows Hyper-V Server is free, but has a command-line interface only. The last version of free Hyper-V Server is Hyper-V Server 2019, which is based on Windows Server 2019.

Microsoft Network Monitor is a deprecated packet analyzer. It enables capturing, viewing, and analyzing network data and deciphering network protocols. It can be used to troubleshoot network problems and applications on the network. Microsoft Network Monitor 1.0 was originally designed and developed by Raymond Patch, a transport protocol and network adapter device driver engineer on the Microsoft LAN Manager development team.

<span class="mw-page-title-main">Windows Subsystem for Linux</span> Compatibility layer for running Linux binary executables natively on Windows

Windows Subsystem for Linux (WSL) is a feature of Windows that allows developers to run a Linux environment without the need for a separate virtual machine or dual booting. There are two versions of WSL: WSL 1 and WSL 2. WSL 1 was first released on August 2, 2016, and acts as a compatibility layer for running Linux binary executables by implementing Linux system calls on the Windows kernel. It is available on Windows 10, Windows 10 LTSB/LTSC, Windows 11, Windows Server 2016, Windows Server 2019 and Windows Server 2022.

Network Device Interface (NDI) is a software specification developed by the technology company NewTek that enables high-definition video to be delivered, received, and communicated over a computer network in a low-latency, high-quality manner. The specification is royalty-free and allows for frame accurate switching, making it suitable for use in live production environments.

DNS over HTTPS (DoH) is a protocol for performing remote Domain Name System (DNS) resolution via the HTTPS protocol. A goal of the method is to increase user privacy and security by preventing eavesdropping and manipulation of DNS data by man-in-the-middle attacks by using the HTTPS protocol to encrypt the data between the DoH client and the DoH-based DNS resolver. By March 2018, Google and the Mozilla Foundation had started testing versions of DNS over HTTPS. In February 2020, Firefox switched to DNS over HTTPS by default for users in the United States.

XDP is an eBPF-based high-performance data path used to send and receive network packets at high rates by bypassing most of the operating system networking stack. It is merged in the Linux kernel since version 4.8. This implementation is licensed under GPL. Large technology firms including Amazon, Google and Intel support its development. Microsoft released their free and open source implementation XDP for Windows in May 2022. It is licensed under MIT License.

References

  1. "Overview of NDIS versions - Windows drivers". docs.microsoft.com. Retrieved 2020-03-24.
  2. Network Drivers (Windows Embedded CE 6.0)
  3. What's New (Windows Embedded Compact 7)
  4. 1 2 aviviano. "Introduction to NDIS 6.50 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  5. aviviano. "Introduction to NDIS 6.60 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  6. aviviano. "Introduction to NDIS 6.70 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  7. aviviano. "Introduction to NDIS 6.80 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  8. aviviano. "Introduction to NDIS 6.81 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  9. aviviano. "Introduction to NDIS 6.82 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  10. aviviano. "Introduction to NDIS 6.83 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  11. aviviano. "Introduction to NDIS 6.84 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  12. aviviano. "Introduction to NDIS 6.85 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  13. aviviano. "Introduction to NDIS 6.86 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  14. "Deserialized NDIS Miniport Drivers - Windows drivers".
  15. "Introduction to NDIS Protocol Drivers - Windows drivers".
  16. "NDIS Miniport Drivers with a WDM Lower Edge - Windows drivers".
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.