`
`This site uses cookies for analytica p€rsonalized content and ads. By continuing to browse this site. you agree to this
`L.earn rcre
`
`use
`
`,erv+r & Toots lloqs - 5e.ver & \,4aragen-eat d'oEs ' Asli rr:mi:r
`Field Enolnee'rnc (F FEI Platforrns
`
`Sign in
`
`Ask Premier Field Engineering
`(PFE) Platforms
`
`n g E
`
`Why Are We Deprecating Network Performance
`Features (K840141 93)?
`*****
`
`June'13, 2017 by Srerrdonrit/ilsorl ,.i/ ,'Ccnlmonts
`
`Shars 22
`
`0
`
`0
`
`Hello, Michael C. Bazarewsky here again, with another short clarification post.
`
`ln February, we published fsatures that are ren'ioved ct deprecated in \iJindc\ss l0 Credtcrs ijpdate
`(KB 4014193). Someone I follow on Twitten noticed this part:
`
`TCFCtrinrocy
`
`tP$e( tatk offl€ad
`
`x
`
`Y
`
`The X's here indicate those features are deprecated. This occasionally comes up still on Twitter, with at
`least one person seeing this as a real issue...
`
`tsut I was curious - what was the driving factor behind this deprecation? After all, you'd expect that if
`,eatures improve performance reliably, and are in heavy use. we wouldn't deprecate them, right? Well,
`irLturns out, by phrasing the question that way, l've walked y"ou down the garden path a bit.
`
`I reached out internally, and iound out some interesting information that l'm not sure was particularly
`widely known, although you can see hints of it.
`
`https://blogs.technet.microsoft.com/askpfeplat/2017/06/l3lwhy-are-we-deprecating-network...5/2/2018
`
`INTEL EX. 1230.001
`
`
`
`Why Are We Deprecatirng Network Performance Features (KB40l4l93X Ask PremierF... Page 2 of7
`
`Before explaining why they are deprecated, though, I should explain rvhat each of these features did, in
`theory, to explain why they were ever listed as featufes at all. After all, you c6n't really understand the
`implications of a cllrange without understanding tlle original statE, r.ight?
`
`First, let's talk about TCP Chimney, which is part of a larger concept knowrr as TCP Offload Engine
`(TOE.) TCP Chimney moves part of basic TCP processing to a dedicated circuit on a network card. There
`are different levels of TOE implementation; TCP Chirnney is a subset wher,e the basic setup of a TCP
`connection is still handled by the host operatjng system stack, but once a connection is active, the en-
`capsulation and de-e ncapsu la tion of data from tlhe network stack into TCP packets over the connec-
`tion is handled by the offload engine. The benefit is that it removes workload from the operating sys-
`tem and the host system procegsor cores. l{owever, this benefit comes with some noticeable cos;ts, as
`well:
`
`lf there is a flaw in the TCP implementation in the network card, for example a security issue,
`you are potentially looking at a firrnware update on the network card, or worse, you may be
`stuck with it, depending ofi the card implernentation and the vendor's support policy for the
`network card.
`. i.lnder heavy network loadt performance may actuallV drop, because you're limited to the
`resources on the network card, which may be a bottleneck relative to a fast operating system
`stack with {ast, available processor cores.
`. The cost for all TCP connertion offloaciing is fixed; there's no way forthe operating system to
`optimize specific use cases. The feature assumes that the fixed cost will be offset by the CPU
`savings, thus there will be an overall improvernent in performance, However, improvements in
`processor pe#ormance combined with what real-life TCP workloads look like suggest that, in
`2017, -99yo of real-liie conne{tions wiil send enough data for the performance arithmetic to
`work out.
`. The NIC code wasn't necessarily written with TCP in mi d; thus, not all TCP features are
`implemented, For example, the TCP performance enhancement known as Selective
`Acknowledgement (RFC 1018, from 1996 [!!]), can't be used witlt TCP Cl"rirnney.
`
`Windows first introduced TCP Chirnney support as part oI the Windows Server 2003 Scaiabie Net,,vcrk-
`ing Pack. As explained in KB 912122, even when first released, ICP Chimney had conflicts with other
`possible perfcrmance enhancements - so e\ren at release, a customer saw the issue o{ not beirrg able
`to leverage intelligence in the operating systeffi network stack. Over time, a6 users called in with sup-
`port cases, network card drivers were released to the Windows Updale Catalog, and operating systems
`and servers rnoved forward, we Iound that severalthirtgs were true:
`
`'1. Very {ew users act;vely used TCP Chimney supporl
`2. Very few network cards impiemented the furictianality.
`
`3. Over time, less and less customers cared, and less and less NlCs offered the ability.
`
`https://blogs.techn€r.microsoft.com
`
`laskpfeplat/2\'tr7106/l 3/why-are-we-deprecating-network-.. 5/2/201 I
`
`INTEL EX. 1230.002
`
`
`
`Why Are We Deprecating Network Performance Features (KB40l4l93X I Ask Premier F... Page 3 of7
`
`.1, ln the Windows 7 / Windows Ser'/er 2008 R2 timeframe, we {ound that the number of cusiomer
`support cases around this dr:opped to zero.
`
`5, ln Windows 8 / Windows Seruer 20-12, we changed the operatinq system to disable this
`functionality hy default. There was not a custom€r pushback on this.
`
`6- The industry in general has decided this is not a necessary feature. For exaffiple, the Linux kernel
`has never implemented this capability, although some speci{ic network card drivers did
`implement;t, generally poorly. You do not need to take my uJord for this - the \ni ikipeclia e:'ticle
`on l"CP 0ffirad covers it sufficiently.
`
`Thus, the end result of all of this is that the TCP Chimney deprecation in Windows 10 Creators Update
`is really not a new thing, because disabling it by default was a signal of the future direction. Further-
`more, there are no current mainstream networik cards that implement this feature, and customers are
`not reporting a need ior this fur.rctionality. So, aithough deprecation of a feature is something custorn-
`ers generally need to he aware of and pian for, in this case, tlhat's not a real life corrcern.
`
`But what about the second deprecated feature, lPsec Task Offload? WelL, this is another case of the
`concept of transferring computing responsibility from the host processor to the netvvork card. Howev-
`er, this is not basic processing of TCP packets in this case, lnstead, lPsec Task Offioad, as the name in't-
`plies, nroves the encryption and decryption tasks for network data protected with lPsec to the netlvork
`card. As you can imagine, this also requires a smarter network card, with more complicated {irmlvare.
`Thus, all of the issues around updates and patches thai wene present for TCP Chimney are also present
`hera Further, because the whole point of lPsec is to secure network communications, security issues
`are arquably more criti(al to conect in this scenario.
`
`Now, all of that may be okay if there was a sufJicient benefit to custorners. However, again hased on
`customer support cases and driver support, we know that several things are true:
`
`l. Processors and syste!'ns haue gotten fast enough, and have added enough supporting
`processor instructions, that in most cases lPsec can be done quickly and efficiently on the host
`(and for that matt€r, more cost effectively), and improves faster than network card offloading
`technology. (This does, admittedly, leave the possibility of a workload that is so ,tressful on the
`host CPU that offloadinE could improve performance, although that's an uncomlinon edge case
`That said, it's important to remember that "deprecated" does not mean "removed..)
`2. Management of lPsec secrets can be compticated, and needing to interact with the network
`card to manage those adds another la;rer of complexity.
`3. Conceptually; lPsec is a critical security feature in environmenits where it is used. All
`vulnerabilities that may exist are essentially critical vulnerabilities by defin;tion, thus, the ability
`to quickly deploy changes is critical. As a major operating system vendor o{fering lPsec
`functionality, Microsoft has the dedicated security staff and deployment capability (with
`Windows Update) to make this happen.
`
`https://blogs.technet.microsoft-cornlaskpfeplat/2017/06/13/why-are-we-deprecating-network"..5/2/2018
`
`INTEL EX. 1230.003
`
`
`
`Why Are We Deprecating Network Performance Features (K84014193)? AskPremierF... Page 4 of7
`
`4. Only one certified network card - an older Intel card - ever implemented this feature fully. No
`shipping mainstream network cards implement this functionality.
`
`',Todern
`5. ln the Windows 7 / Windows Server 2008 R2 timeframe, we found that the number of customer
`sti.rpport cases around this dropped to zero.
`
`6. Over time, the industry appears to be moviing to lill-S over lPsec for many use cases, such as VPN
`solutions, thus lowering the ;mportance of lPsec workloads on Windows nrachines.
`
`You may notice one of those points - the point around the number of support cases - is a duplicate
`{rom the llst for TCP Chimney. This ;s not a coincidence. In botlq cases, it's clear frorn f,ustomer interac-
`tion that real-world impact of deprecation of these features will he near zero. ,And, as mentioned
`above, because deprecation is not the same as removal - the whole point of deprecation is to act as a
`customer warning point and allow reaction from the user comr,nunity and ensure that we aTen't miss-
`ing sornething or breaking existing environrnents - there's always the chance for us to be proven
`wrong on this.
`
`I hope y:u find this in{ormation helpful in understanding some of the th;nking behind these features
`being deprecated (and, by extension, some of what we use in general for these decisions.)
`
`Thanks!
`
`p.s. What ii you feel you are indeed impacted by these changes? In that case, that's what suppoft
`channels are for. Open a support case, or, if you have Premier support, request a design change (DCR)
`through your accoui'rt team. That's why we have those channels ,t}
`
`p.p.s. special thanks to Daniel [-lavey, Mihai Peicu, Praveen Balasubramanian, Don Stanwyck, and Doug
`StampeI for technical review assistance and background informationl .
`
`Search MSDN with B;ng
`C Search this blog O Search al! blogs
`
`Tags
`
`#prou d r"n icrCIsoftem ployee Active D i recto r! nors
`AnnounCemgnt5 AZUfe Best practi(€s career Charig Shelbaurne deployment DNS Dcr.rg
`syrnata Fairovercri"rster Group Folicy Hyper-v Lab Mailbag Mafk MOfOWCZynSki
`
`https://blogs.technet.microsoft.comlaskpfeplattZ}nT/05/13/why-are-we-deprecating-network...5/2/2Al&
`
`INTEL EX. 1230.004
`
`
`
`Why Are We Deprecating Network Perforrnance Features (Kts4014193)? | .Ask Premier F.." Fage 5 of 7
`
`martin lucas Michael Hlldebrand Networking o365 Ferrormance PowgrShgll
`sBsL Security server 2008 Server 2008 RA Seruef 2012 Se rver 2012 R2
`Torn t\drserttroubleshooting WindowS Windows 7 Windows I
`Windows 8.1 Windows 1S wlndows s€ruerwindows server 2008
`Windows Server 2008 RA Windows Server eOtZ windows seruer }Afi. rZ
`Windcws Server 2016 wi,ao,,u update wFA xperr
`
`Recent Posts
`
`Delegartr \y'r'lL4i A..sss lD DcrT')aiil C'":liirolleis April 30, 2018
`rnfrasrruciure * :eclirii,: l'.loter,'c{ny i'iL'u.,j (Aoril. 2A':i1) April27, 2A18
`\'lakirg Sense r:f Repi:caiicr: Schecr-:ies ,n 2c,terSlell April 23,2C18
`
`\ano Ser./er 2C18 iJpdare April15, 20i8
`
`Live Now on Server & Tools Blogs
`
`ffi
`
`Archives
`
`,{pril 2C18 i6)
`l".1urc.r ll-118 (5)
`i:sbruar,v 20ii3 (5)
`lan,r;ry 2L) l8 (5)
`ilecen'aer 2t117 (6)
`L1: rf )l1t? t)1\
`Ali cf 2Cl7 (54)
`A1. 1I ll,j te ,r+:J
`r'.1i of jOl5 (53)
`,rll .ri 2ali r66i
`Ali 0i lij13 (90)
`Ali cf lt-i12 (64)
`Ali cf 2011 (4)
`
`TagS #prc'rdtt-.icrr:sitfien6:loyce feexi.ires iP
`
`llichae! Brza''eivskv I'ietwcrkinfi
`
`Perior:n.ance TCP I CPiP Wirdcrvs windcws 10
`
`https:i/blogs.tochnet-microsoft.oom/askpfep,lat/2017/06113/why-are-we-deprecating-nework...512l2018
`
`INTEL EX. 1230.005
`
`
`
`Why Are We Deprecating Network Performanoe Features (K84014193)? | Ask Prernier F... Page 6 of 7
`
`V'1inrio,/'rs i il CrEatcrs Upd;te
`
`loin the conversation
`
`ffi Codv Konior
`
`The aiticle says ofrloading r,rras disabled in lvindows 2012 but previous Llicrosoft
`. afticles state that by defaulrt it's on by defaLllt in 20-12 and 2012 R2 if certain conditions
`are met and that it should lre left in that confiqu ration.-.
`
`Add Comment
`
`11 months ago
`
`lr/ichael C. Bazarewsky [tr,4SFT]
`
`11 months a'go
`
`F
`
`Hello Cody,
`
`Co[lld you point cut where we have that gu,dance/information? lt may be we
`have something incorrect out there (it's been known to happenl)...
`
`Stefan
`
`Will it aiso be removed in Server 2016 (17C3 or above)?
`
`ffi victraelc. BazarewskY [lv4SFT]
`
`Hello Stefan,
`
`The situation is the sarnE in Server 2016 as well - deprecated. not yet removed,
`and disabled by default.
`
`Dar1247
`
`Why tre 'l!Ll" after 1996?
`
`Proper netlvork lD and brcadcast adciress assignment for Classless lnler-Domain Rourting
`was nct oroperly implemented in windorvs untii WlnT SPl / 2008 R.2 (i.e. late-summer
`2009). even though RtC'1518 came cut years before Win95 (the flrst version of windows
`
`17 months ogo
`
`1 I manths ago
`
`9 fionth's ago
`
`https:/iblogs.rechnet.microsofr.com/askpfeplat/2017/O6/13/why-are-we-deprecating-network...5l2l2018
`
`INTEL EX. 1230.006
`
`
`
`Why A,re We Depreoating Network Perfornaance Features (K84014193)? | Ask Fremier F... Page 7 of 7
`
`to come with a TCP stack) was released. so it's not like Redmond has a track recoir-d of
`prompdy fixinrg rep,lrted fietworking problenns iin windowq any*ay.
`
`TIW87
`
`#_ -s
`
`I nwnth:s ago
`
`-[he
`
`likely anrswer? The guy is probab]V in his 30s at the latest and ta him
`the very cor..rcept oif a pie(e of technology, hardware or software, still being used
`today is.just blasphemy. I truly believe wfirat's happening over at lvlicrosoft is just a
`tear'n of nu-male young rnlllennials coming in and n'veeping the rug out from
`Windows, replacing and removing as rnuch of the old guard's worlk to put their
`own cofitent up dn the slhelves to shrow off. There have been so rnany neediess
`and pointless deprecations artd outright remo,/als of aspects of Windours that are
`without an real benefit to get rid of hut can be of use to fringe case users-
`
`ln regards to lihis article, le{s talte a lock at what intel has to say about my brand
`new i219-V network adapten hltp:.i7ii.inglr:.ccrn/IlAiq6E.pnq
`
`Surprise surrprise' TCP offl'oadi:ng is stjll functional here ;n the Creators Update of
`Windows 10 and is still of benefit Removing features like this is just asinine and
`pornpous flaunt of young blood attennpts a"t standing above the crowd, rnaking a
`name for themselves. l'm absolutely disgusted,
`
`rim Mccaffrev
`
`ffi
`s{{. }tuwis
`lntel 10G NlCs implement lPSec offioad allthough the shipping driver may not
`support it.
`
`9 months ego
`
`O 2018 lv!icrosoft Corporationl
`
`Terms of Use I Trademarks I Privacy & Cookies
`
`h6ps:/lhlogs.tochnet"microsoft.oom/askpfeplat/2017/06/13/why-are-we-deprecating-network.-" 5/220tr8
`
`INTEL EX. 1230.007
`
`