Beware of the Firewall In Windows Vista

The Internet Engineering Task Force recently held its 68th meeting in the beautiful-but-cloudy city of Prague. At that meeting, Dave Thaler, who works at Microsoft and is a member of the IETF's architecture board, the IAB, talked about what Microsoft ran into when revising the Windows TCP/IP stack for Vista. The result: Network connectivity may […]

The Internet Engineering Task Force recently held its 68th meeting in the beautiful-but-cloudy city of Prague. At that meeting, Dave Thaler, who works at Microsoft and is a member of the IETF's architecture board, the IAB, talked about what Microsoft ran into when revising the Windows TCP/IP stack for Vista. The result: Network connectivity may fail when you try to use Windows Vista behind a firewall device (Microsoft Knowledge Base article 934430).

What's this all about? There are actually two issues at play.

After XP shipped, Microsoft wanted to take the opportunity to add some new TCP features to Longhorn/Vista's IP stack. The most troublesome new feature is ECN, or Explicit Congestion Notification. ECN is specified in RFC 3168, published shortly after Windows XP's release in 2001. The idea is that when there is congestion on the network because too much traffic wants to flow through a certain connection, it would be good if the router would tell the hosts sending all this traffic that there's congestion so they can slow down a bit.

View: Full post

Microsoft, Windows Vista, Security, Firewall, Article