Network Driver Interface Specification

Last updated

The Network Driver Interface Specification (NDIS) is an application programming interface (API) for network interface controllers (NICs).

Contents

Specification

It was jointly developed by Microsoft and 3Com Corporation and is mostly used in Microsoft Windows. However, the open-source NDISwrapper and Project Evil driver wrapper projects allow many NDIS-compliant NICs to be used with Linux, FreeBSD and NetBSD. magnussoft ZETA, a derivative of BeOS, supports a number of NDIS drivers.

The NDIS forms the logical link control (LLC) sublayer, which is the upper sublayer of the OSI data link layer (layer 2). Therefore, the NDIS acts as the interface between the media access control (MAC) sublayer, which is the lower sublayer of the data link layer, and the network layer (layer 3).

The NDIS is a library of functions often referred to as a "wrapper" that hides the underlying complexity of the NIC hardware and serves as a standard interface for level 3 network protocol drivers and hardware level MAC drivers.

The NDIS versions supported by various Windows versions are as follows: [1]

The traffic accepted by the NIC is controlled by an NDIS Miniport Driver [17] while various protocols, such as TCP/IP, are implemented by NDIS Protocol Drivers. [18] A single miniport may be associated with one or more protocols. This means that traffic coming into the miniport may be received in parallel by several protocol drivers. For example, Winpcap adds a second protocol driver on the selected miniport in order to capture incoming packets. Furthermore, it is possible to simulate several virtual NICs by implementing virtual miniport drivers that send and receive traffic from a single physical NIC. One example of virtual miniport driver usage is to add virtual NICs, each with a different VLAN. Because implementations cannot assume that other drivers received the same buffers, one must treat the incoming buffers as read-only and a driver that changes the packet content must allocate its own buffers. NDIS Miniport drivers can also use Windows Driver Model interfaces to control network hardware. [19]

Another driver type is NDIS Intermediate Driver. Intermediate drivers sit in-between the MAC and IP layers and can control all traffic being accepted by the NIC. In practice, intermediate drivers implement both miniport and protocol interfaces. The miniport driver and protocol driver actually communicate with the corresponding miniport and protocol interfaces that reside in the intermediate driver. This design enables adding several chained intermediate drivers between the miniport and protocol drivers. Therefore, driver vendors cannot assume that the interface that they send traffic to is implemented by the last driver in the chain. In order to write applications using NDIS, one can use samples that accompany Microsoft's Windows Driver Kit (WDK). The "PassThru" sample is a good starting point for intermediate drivers as it implements all the necessary details required in this driver type, but just passes the traffic through to the next driver in the chain.

Since Windows 10 version 2004, a new driver framework for network adapters was created called Network Adapter WDF Class Extension (NetAdapterCx) which is meant to simply the driver development process. [20]

See also

Related Research Articles

<span class="mw-page-title-main">Wake-on-LAN</span> Mechanism to wake up computers via a network

Wake-on-LAN is an Ethernet or Token Ring computer networking standard that allows a computer to be turned on or awakened from sleep mode by a network message. It is based upon AMD's Magic Packet Technology, which was co-developed by AMD and Hewlett-Packard, following its proposal as a standard in 1995. The standard saw quick adoption thereafter through IBM, Intel and others.

In computing, Open Database Connectivity (ODBC) is a standard application programming interface (API) for accessing database management systems (DBMS). The designers of ODBC aimed to make it independent of database systems and operating systems. An application written using ODBC can be ported to other platforms, both on the client and server side, with few changes to the data access code.

<span class="mw-page-title-main">Network interface controller</span> Hardware component that connects a computer to a network

A network interface controller is a computer hardware component that connects a computer to a computer network.

In computing, the Windows Driver Model (WDM) – also known at one point as the Win32 Driver Model – is a framework for device drivers that was introduced with Windows 98 and Windows 2000 to replace VxD, which was used on older versions of Windows such as Windows 95 and Windows 3.1, as well as the Windows NT Driver Model.

IEEE 802.1X is an IEEE Standard for port-based network access control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN.

<span class="mw-page-title-main">Server Message Block</span> Network communication protocol for providing shared access to resources

Server Message Block (SMB) is a communication protocol used to share files, printers, serial ports, and miscellaneous communications between nodes on a network. On Microsoft Windows, the SMB implementation consists of two vaguely named Windows services: "Server" and "Workstation". It uses NTLM or Kerberos protocols for user authentication. It also provides an authenticated inter-process communication (IPC) mechanism.

Windows Management Instrumentation (WMI) consists of a set of extensions to the Windows Driver Model that provides an operating system interface through which instrumented components provide information and notification. WMI is Microsoft's implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF).

TCP offload engine (TOE) is a technology used in some network interface cards (NIC) to offload processing of the entire TCP/IP stack to the network controller. It is primarily used with high-speed network interfaces, such as gigabit Ethernet and 10 Gigabit Ethernet, where processing overhead of the network stack becomes significant. TOEs are often used as a way to reduce the overhead associated with Internet Protocol (IP) storage protocols such as iSCSI and Network File System (NFS).

NetBIOS over TCP/IP is a networking protocol that allows legacy computer applications relying on the NetBIOS API to be used on modern TCP/IP networks.

<span class="mw-page-title-main">Architecture of Windows NT</span> Structure of the operating system

The architecture of Windows NT, a line of operating systems produced and sold by Microsoft, is a layered design that consists of two main components, user mode and kernel mode. It is a preemptive, reentrant multitasking operating system, which has been designed to work with uniprocessor and symmetrical multiprocessor (SMP)-based computers. To process input/output (I/O) requests, it uses packet-driven I/O, which utilizes I/O request packets (IRPs) and asynchronous I/O. Starting with Windows XP, Microsoft began making 64-bit versions of Windows available; before this, there were only 32-bit versions of these operating systems.

<span class="mw-page-title-main">Link aggregation</span> Using multiple network connections in parallel to increase capacity and reliability

In computer networking, link aggregation is the combining of multiple network connections in parallel by any of several methods. Link aggregation increases total throughput beyond what a single connection could sustain, and provides redundancy where all but one of the physical links may fail without losing connectivity. A link aggregation group (LAG) is the combined collection of physical ports.

In the field of computer network administration, pcap is an application programming interface (API) for capturing network traffic. While the name is an abbreviation of packet capture, that is not the API's proper name. Unix-like systems implement pcap in the libpcap library; for Windows, there is a port of libpcap named WinPcap that is no longer supported or developed, and a port named Npcap for Windows 7 and later that is still supported.

Monitor mode, or RFMON mode, allows a computer with a wireless network interface controller (WNIC) to monitor all traffic received on a wireless channel. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an access point or ad hoc network first. Monitor mode only applies to wireless networks, while promiscuous mode can be used on both wired and wireless networks. Monitor mode is one of the eight modes that 802.11 wireless adapter can operate in: Master, Managed, Ad hoc, Repeater, Mesh, Wi-Fi Direct, TDLS and Monitor mode.

A Bluetooth stack is software that is an implementation of the Bluetooth protocol stack.

In computing, Microsoft's Windows Vista and Windows Server 2008 introduced in 2007/2008 a new networking stack named Next Generation TCP/IP stack, to improve on the previous stack in several ways. The stack includes native implementation of IPv6, as well as a complete overhaul of IPv4. The new TCP/IP stack uses a new method to store configuration settings that enables more dynamic control and does not require a computer restart after a change in settings. The new stack, implemented as a dual-stack model, depends on a strong host-model and features an infrastructure to enable more modular components that one can dynamically insert and remove.

Microsoft Windows is the name of several families of computer software operating systems created by Microsoft. Microsoft first introduced an operating environment named Windows in November 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces (GUIs).

Microsoft Network Monitor (Netmon) is a deprecated packet analyzer. It enables capturing, viewing, and analyzing network data and deciphering network protocols. It can be used to troubleshoot network problems and applications on the network. Microsoft Network Monitor 1.0 was originally designed and developed by Raymond Patch, a transport protocol and network adapter device driver engineer on the Microsoft LAN Manager development team.

Remote Desktop Services (RDS), known as Terminal Services in Windows Server 2008 and earlier, is one of the components of Microsoft Windows that allow a user to initiate and control an interactive session on a remote computer or virtual machine over a network connection.

Network Device Interface (NDI) is a software specification developed by the technology company NewTek. It enables high-definition video to be transmitted, received, and communicated over a computer network with low latency and high quality. This royalty-free specification supports frame-accurate switching, making it suitable for live video production environments.

XDP is an eBPF-based high-performance network data path used to send and receive network packets at high rates by bypassing most of the operating system networking stack. It is merged in the Linux kernel since version 4.8. This implementation is licensed under GPL. Large technology firms including Amazon, Google and Intel support its development. Microsoft released their free and open source implementation XDP for Windows in May 2022. It is licensed under MIT License.

References

  1. "Overview of NDIS versions - Windows drivers". docs.microsoft.com. Retrieved 2020-03-24.
  2. Network Drivers (Windows Embedded CE 6.0), 5 January 2012
  3. What's New (Windows Embedded Compact 7), 14 March 2014
  4. 1 2 aviviano. "Introduction to NDIS 6.50 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  5. aviviano. "Introduction to NDIS 6.60 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  6. aviviano. "Introduction to NDIS 6.70 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  7. aviviano. "Introduction to NDIS 6.80 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  8. aviviano. "Introduction to NDIS 6.81 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  9. aviviano. "Introduction to NDIS 6.82 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  10. aviviano. "Introduction to NDIS 6.83 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  11. aviviano. "Introduction to NDIS 6.84 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  12. aviviano. "Introduction to NDIS 6.85 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  13. aviviano. "Introduction to NDIS 6.86 - Windows drivers". docs.microsoft.com. Retrieved 2022-07-12.
  14. aviviano (2024-05-22). "Introduction to NDIS 6.87 - Windows drivers". learn.microsoft.com. Retrieved 2024-06-19.
  15. aviviano (2024-05-22). "Introduction to NDIS 6.88 - Windows drivers". learn.microsoft.com. Retrieved 2024-06-19.
  16. aviviano (2024-05-22). "Introduction to NDIS 6.89 - Windows drivers". learn.microsoft.com. Retrieved 2024-06-19.
  17. "Deserialized NDIS Miniport Drivers - Windows drivers". 14 March 2023.
  18. "Introduction to NDIS Protocol Drivers - Windows drivers". 14 March 2023.
  19. "NDIS Miniport Drivers with a WDM Lower Edge - Windows drivers". 14 March 2023.
  20. "Network Adapter WDF Class Extension (NetAdapterCx)". 22 May 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.