Windows 2000 Network Architecture |
Named pipes and mailslots are high-level interprocess communication mechanisms used by networked computers. Named pipes and mailslots are written as file system drivers, so implementation of named pipes and mailslots differs from implementation of other IPC mechanisms. Local processes can also use named pipes and mailslots. As with all other file systems, remote access to named pipes and mailslots is accomplished through the Common Internet File System (CIFS) redirector. A redirector intercepts file input/output (I/O) requests and directs them to a drive or resource on another networked computer. The redirector allows a CIFS client to locate, open, read, write, and delete files on another network computer running CIFS.
Named pipes provide connection-oriented messaging by using pipes. Connection-oriented messaging requires that the communication occur over a virtual circuit and maintain reliable and sequential data transfer. A pipe is a portion of memory that can be used by one process to pass information to another. A pipe connects two processes so that the output of one can be used as input to the other. This technique is used for passing data between client and server. Named pipes are based on OS/2 API calls, which have been ported to the WNet APIs. Additional asynchronous support has been added to named pipes to pass data between client/server applications. Named pipes is included to provide backwards compatibility with Microsoft® LAN Manager and related applications.
The Windows 2000 operating system provides special APIs that increase security for named pipes. Using a feature called impersonation, the server can change its security identity to that of the client at the other end of the message. A server typically has more permissions to access databases on the server than a client requesting services. When the request is delivered to the server through a named pipe, the server changes its security identity to the security identity of the client. This limits the server to only those permissions granted to the client rather than its own permissions, thus increasing the security of named pipes.
Mailslots are a connectionless, high-level interprocess communication mechanism between networked computers, often used to locate and provide notification of services and computers. That is, mailslots are a broadcast service used for message delivery. The delivery of a message is not guaranteed, although the delivery rate on most networks is high.
The Windows 2000 operating system supports only second-class mailslots, not first-class mailslots. First-class mailslots are connection-oriented. Second-class mailslots provide connectionless messaging for broadcast messages.
A mailslot can be created on any networked computer. When a message is sent to a mailslot, the sending application specifies in the mailslot message structure whether the message is a first-class or second-class delivery. Connectionless messaging is most useful for identifying other computers or services on a network, such as the Browser service offered in the Windows 2000 operating system. Mailslots are included to provide backward compatibility with LAN Manager applications.