Redirector 将远程系统资源展现为本地资源。Windows本身不提供特殊的文件 I/O API 访问远程资源，应用程序也无需关心所访问的资源是位于本地还是远端。The term redirector is used because it redirects an I/O request to a remote system.     

In this section, we’ll examine the software that decides which redirector to invoke for file access using UNC paths (\\servername\sharename\file): 

■ Multiple Provider Router (Mpr.dll) determines which network to access when an application uses the Windows WNet API for browsing remote file resources.

■ Multiple UNC Provider (Mup.sys)  determines which network to access when an application uses the Windows I/O APIs to open remote files through UNC paths or drive letters mapped to UNC paths.

---

Multiple Provider Router

Windows WNet APIs 允许应用程序（包括网络和共享中心）连接各种网络资源（如文件服务器，打印机）、浏览不同的 share points。调用 WNet API 可访问使用不同传输协议的不同网络。

A provider is software that establishes Windows as a client of a remote network server. 

WNet provider 执行的一些操作包括建立和断开网络连接、网络打印等。系统内置的 SMB WNet provider 包括： Ntlanman.dll、the Workstation service, and the redirector。

应用程序发出的 WNet 函数调用首先传递到 MPR，由 MPR 确定哪一个provider 可识别被访问的资源。所有的 provider DLLs 都实现 network provider interface which allows MPR to determine which network the application is trying to access and to direct the request to the appropriate WNet provider software. 

应用程序调用 WNetAddConnection2 or WNetAddConnection3 连接网络资源时，MPR 首先会检查注册表项  "HKLM\SYSTEM\CurrentControlSet\Control \NetworkProvider\HwOrder\ProviderOrder" ，确定有哪些 network providers可供加载。You can change the ProviderOrder by using the Advanced Settings dialog box.

WNetAddConnection 还可为远程资源赋予一个盘符（drive letter）或设备名称（device name）。When called to do so, WNetAddConnection routes the call to the appropriate network provider. The provider, in turn, creates a symbolic-link object in the object manager’s namespace that maps the drive letter being defined to the redirector (that is, the remote FSD) for that network.

Figure 7-21 shows the Session 0 DosDevices directory corresponding to the LUID of the user who performed the drive-letter mapping, which is where connections to remote file shares are stored. The symbolic link created by network providers relies on MUP to serve as the connection between a network path and the corresponding redirector。 下图的 MUP 创建了名为 \Device\LanmanRedirector 的设备对象，其本身是一个指向 \Device\MUP 的符号链接（符号链接位于 \Device 目录）。

接下来，当 WNet API 调用对象管理器打开位于不同网络的资源时，对象管理器将以 device object 作为进入远程文件系统的起点，即调用该 device object 关联的  I/O manager parse method ，定位能够处理远程资源访问请求的 redirector FSD（File System Driver）。

---

Multiple UNC Provider

Multiple UNC Provider (Mup.sys) is a file-system driver that exposes remote file systems to Windows.

MUP 接收访问远程文件系统的 I/O 请求（通过 UNC 路径或 UNC路径映射的盘符），确定能够处理该请求的 redirector。Before, and optionally after, calling the redirector, MUP will call any registered surrogate providers that might provide file caching and path rewriting.

There is a list in the registry  (HKLM\System\CurrentControlSet\Control\NetworkProvider\Order\ProviderOrder) containing a comma-separated list of the priority order in which MUP forwards requests to the redirectors. 该列表同时也用于加载 providers，典型取值如下：

        ProviderOrder  REG_SZ   RDPNP,LanmanWorkstation,webClient

上述列表中各成员（RDPNP，LanmanWorkstation, webClient）分别对应以下注册表路径中的一个 service name:

        HKLM\System\CurrentControlSet\Services

例如，HKLM\System\CurrentControlSet\Services\LanmanWorkstation\NetworkProvider  中：

    DeviceName value is the name assigned to the kernel-mode redirector’s device object. 

    DisplayName is the formal name of the provider.  (This can be either a string or the location of a string in the resource section of a DLL).

    ProviderPath specifies the path where the provider DLL is located.

    Name is the name that will be displayed by net use to identify which redirector owns a particular drive.

MUP 依赖 ProviderOrder 键值获取实现了某 redirector 的 device name，即通过查找注册表键值 HKLM\System\CurrentControlSet\Services\<redirector name>\NetworkProvider\DeviceName. 

The relationships between MUP and the other components that are part of the remote file system are shown .

---

Surrogate Providers

        在 Windows Vista 之前，远程文件系统缓存（脱机文件）由 SMB mini-redirector 实现，而 DFS-N（Distributed File System Namespace）Client 则由 MUP 实现。Vista 时期重新设计了远程文件系统体系结构，以统一缓存的实现：1）DFS-N client was moved into a separate driver component known as a MUP surrogate provider。 2）Offline Files became a separate driver acting both as a mini-redirector and a surrogate provider.

        Currently, there are two surrogate providers:

        Offline Files (csc.sys) determines whether a requested file should be or has been cached locally. Offline Files is hard coded to be the highest priority surrogate.

        Distributed File System Client (dfsc.sys) determines whether the path to a requested file needs to be changed(rewritten) to point to another server or share. (The essence of DFS-N is that it collects one or more network shares in the same namespace.) DFSCDFS is hard coded to be the second highest priority surrogate.

---

Redirector

        Redirector 所支持的资源类型依赖于该 redirector 本身以及协议系统提供的功能。实际中所有的 redirector 都支持UNC 名称，因而可支持远程共享文件、打印机、命名管道、以及邮件槽。

        Windows 中的各 redirector 包含两个组件（Required）：

         ■ User mode  由 MPR 加载的 DLL，执行非文件相关的操作：determining the capabilities of the network provider, enumerating remote network resources, logging on to a remote network, and mounting remote network shares. 

         ■ Kernel Mode  A driver known as a mini-redirector that imports the RDBSS (Redirected Drive Buffering Sub System) export driver (rdbss.sys). The mini-redirector services file I/O requests directed at remote systems.

         Redirector 还可包含以下组件（Optional）：

        ■ A service process to assist the DLL and possibly store sensitive information or information that is global across client applications using a particular network or share. For example, the Workstation service (running in an svchost process) keeps track of drive-letter to \\server\share mappings.

        ■ A network protocol driver that implements the legacy Transport Driver Interface (TDI) on its upper edge is required if the redirector uses a network protocol not supplied by Windows. (In essence, this means anything other than TCP/IP). Such a protocol driver is responsible for implementing communications with the remote system.

        ■ A service process to assist the redirector. For example, the WebDav redirector forwards file-access operations to the WebClient user-mode service, which in turn issues the actual WebDav network protocol requests using HTTP APIs.

        Windows中所有的 redirectors 都采用 mini-redirector 体系结构实现，特定于协议的代码由 mini-redirector driver 负责实现。各 mini-redirector 导入的 RDBSS 类似于一个 class driver, 而 mini-redirector 则类似 port driver. （https://en.wikipedia.org/wiki/Class_driver，https://en.wikipedia.org/wiki/Windows_Driver_Model）：

        1.  A mini-redirector  registers with RDBSS via RxRegisterMiniRdr,  RDBSS in turn registers with MUP by calling FsRtlRegisterUncProviderEx. 

        2. MUP routes requests (IRPs) to RDBSS, which performs processing that is common to all remote file systems, and then issues simplified requests via callback routines that mini-redirectors linked against it have registered. 

        3. RDBSS provides common functionality such as a data structure and locking model, Cache Manager and Memory Manager integration, and handling of IRPs. This simplifies the implementation of the mini-redirectors, and it vastly reduces the amount of code that needs to be written and debugged.

---

Mini-Redirectors

        A mini-redirector implements a protocol necessary to contact a remote system and access its shared resources. The mini-redirector tries to make access to remote resources as transparent as possible to the local client application. For example, if there are network problems, a redirector might retry a request multiple times before it returns an error to the client application.

        Windows 提供了以下 mini-redirectors:

        ■ RDPDR (Remote Desktop Protocol Device Redirection) allows access from a Terminal Server system to the client system’s files and printers (rdpdr.sys).

        ■ SMB (Server Message Block) is the standard remote file system used by Windows (also known as CIFS, or Common Internet File System) (MRxSMB.SYS). MRxSMB.SYS will load sub-redirectors.

        ■ WebDAV (Web Differencing and Versioning) enables access to files over the HTTP(S) protocol (MRxDAV.SYS).

        ■ MailSlot is part of MRxSMB.SYS.

        ■ Network File System (NFS) is an optional Windows component (available on all Server editions, but only Enterprise and Ultimate editions of Windows client) that can be installed using the Programs and Features control panel. (Click Turn Windows Features On Or Off, and then select Services For NFS.) NFS protocol versions 2 and 3 are supported.

---

Server Message Block and Sub-Redirectors

The Server Message Block (SMB) protocol is the primary remote file-access protocol used by Windows clients and servers, and dates back to the 1980s.

SMB 1.0 (generally referred to as just SMB) was designed to operate in a friendly LAN environment, where speeds were typically 10 Mb/s and no one was trying to steal your data.

In 1996, SMB was submitted to the IETF as the Common Internet File System (CIFS). Microsoft documents the CIFS/SMB protocol in the MS-CIFS and MS-SMB protocol documents.

SMB 2.0 protocol was released in Windows Vista and Windows Server 2008, and it was a complete redesign of the main remote file protocol for Windows. SMB 2.0 provides a number of improvements over SMB, such as the following: 

        ■ Greatly reduced complexity. The number of opcodes was reduced from over 100 to just 19.

        ■ Reduced the chattiness of the protocol to make it more suitable for running across WANs.

        ■ Compound requests allow multiple requests to be sent in a single network packet.

        ■ Pipelining requests allow multiple requests and data to be sent before the answer to a previous request is received (also known as credit-based flow control).

        ■ Larger reads and writes. 

        ■ Caching of folder and file properties.

        ■ Improved message-signing algorithm (HMAC SHA-256 replaced MD5).

        ■ Improved scalability of file sharing.

        ■ Works well with Network Address Translation (NAT).

        ■ Support for symbolic links.

SMB 2.1（released with Windows 7 and Windows Server 2008/R2，documented in the MS-SMB2 protocol specification）is a minor release, which adds the following improvemens：

        ■ A new opportunistic lock (oplock) leasing model, which allows greater file and handle caching opportunities — without requiring changes to existing applications.

         ■ Support for even larger transmission units (large MTU), from a previous maximum of 64 KB to 1 MB (by default, but configurable up to 8 MB via the registry).

The SMB mini-redirector contains all the functionality that is common between the different versions of the protocol, with a separate sub-redirector implementing each variant of the SMB protocol.

        ■ The common portions are implemented by MRxSMB.sys.

        ■ The SMB 1 protocol is implemented by MRxSMB10.sys.

        ■ The SMB 2 protocol is implemented by MRxSMB20.sys.