Introduction to Windows QoS Traffic Control

  • Article

Disclaimer: Traffic Control (TC) APIs have been marked as deprecated, and will be phased out (eventually removed) when a suitable replacement API is available. No advancements will be made to these APIs (including adding IPv6 support) in their deprecated state; however, application compatibility will be maintained until their eventual removal.

Since the introduction of a QoS platform in Windows 2000, there have been two models for applying prioritization and/or send-rate throttling to TCP/IP and UDP/IP network traffic sent from a Windows PC: host-based and application-based. These terms have been used in QoS documentation such as this recent CableGuy article; however, I acknowledge the meaning of these terms are not immediately obvious.

An application-based model means only the application which owns the socket handle can add/remove/modify a QoS flow for its traffic. Because the application sending data onto the wire (or air) is applying throttling or priority to its own traffic (the connected socket), no elevation of privileges is required. A host-based model means some other process (not the application sending traffic through the socket) on the PC is applying prioritization or throttling to this traffic it doesn't own. Because the process doesn't own the socket handle, elevation of privileges (administrator) is required. While it is certainly possible for the process that owns the socket handle to leverage a host-based model, the added complexity is unnecessary considering socket-based QoS APIs are available for this purpose. A host-based model is a much more complex model than application-based for the following reasons:

  1. The process applying QoS properties to traffic it doesn't own has to run as a service or some other out-of-band means (in typical use cases)
  2. Administrative privileges are required
  3. Because the socket handle is not known, a filter has to be applied to match the traffic of interest, based on: source/destination IPv4 address, source/destination port, and protocol (TCP or UDP)

In Windows, only the Traffic Control (traffic.h/traffic.dll) interface provides programmatic access to a host-based model. There is value gained from this complexity; however. Because this API requires administrative privileges, the caller can specify any arbitrary layer-2 (802.1p) or layer-3 (DSCP) priority value; whereas application-based API models abstract specific priority values with traffic-classes based on established industry standards. It is worth noting that a new policy-based feature has been added to Windows Vista and Windows Server 2008 which enables a host-based model for IT administrators (no coding necessary), which enables significantly richer classification than what TC provides. Policy-based QoS; however, does not provide programmatic access and does not allow for setting layer-2 802.1p tags, only layer-3 DSCP.

Innovation has been focused on application-based APIs such as qWAVE (qos2.h/qwave.dll) to significantly simplify *safely* adding prioritization and throttling to traffic, as well as policy-based mechanisms for host-based needs.

Stay tuned for follow-up posts on how to use TC for adding 802.1p tags to the Ethernet header, DSCP to the IPv4 header, and applying throttling to outgoing traffic.

-- Gabe Frost