It’s been quiet on the Windows Server front in recent months. But in the last few weeks Microsoft has released two new preview builds of Windows Server vNext, which will become Windows Server 2021 on the Long-Term Servicing Channel (LTSC). Not only that, we got to see a list of new features. Both new builds include the full Desktop Experience and Server Core installation options. Because Windows Server 2021 is an LTSC release, it will get 10 years of security patches but no feature updates.
For more regular Windows Server feature updates, you need to be on the Semi-Annual Channel (SAC). SAC builds don’t contain the Desktop Experience or Server Core options. For more information on Windows Server servicing channels, check out Microsoft’s website here.
Some of the new features in Windows Server 2021 are from current builds of Windows Server on SAC. SAC builds are designed for customers needing access to new features as quickly as possible. In the new preview builds, there’s a big focus on networking, clustering, containers, and Kubernetes.
Windows Server vNext Preview Build 20201
Microsoft announced Windows Server vNext Preview Build 20201 at the end of August. Here are some of the highlights:
- MsQuic is Microsoft’s implementation of QUIC, a general-purpose transport layer network protocol originally designed by Google’s Jim Roskind. QUIC is still an Internet draft protocol but it is used by Google Chrome against connections to Google’s own servers. Microsoft Edge and Firefox support QUIC but it is turned off by default. QUIC uses HTTP/3’s multiplexed connections and UDP to improve web application performance where TCP is currently used. Microsoft says that QUIC powers HTTP/3 web processing and SMB file transfers.
- Improvements in Windows Server 2021 are designed to bring UDP to the same performance level as TCP. QUIC is built on top of UDP, and the increase in use of RTP, and custom UDP-based streaming protocols require a new level of performance. UDP Segmentation Offload (USO) moves most of the workload for sending UDP packets from the processor to the network card’s specialized hardware.
- Windows Server 2021 introduces TCP HyStart++, which is designed to reduce packet loss during the connection start up of TCP connections. It provides a smoother network data flow with better performance at high speeds.
- Receive Segment Coalescing (RSC) in the vSwitch, first introduced in Windows Server 2019, gets improvements so that segments stay coalesced across the full data path.
- Direct Server Return (DSR) load balancing support for Containers and Kubernetes first entered preview in Windows Server 19H1. DSR routing provides asymmetric network load distribution in load balanced systems, forcing request and response traffic to use a different network path. DSR works with overlay and I2bridge software-defined networks (SDN).
- Virtual Machine (Role) Affinity/AntiAffinity rules with Failover Clustering will have site-specific awareness. An affinity rule establishes a relationship between two or more roles, like virtual machines and resource groups, to make sure they stay together. AntiAffinity is the opposite, making sure roles stay apart from each other.
- Flexible BitLocker Protector for Failover Clusters. Now clusters without access to Active Directory (AD) use a BitLocker key that is stored and encrypted locally to provide data-at-rest protection.
- New Cluster Validation network tests
- Server Core Container images are 20 percent smaller. For more information, see this blog post on Petri.
For the full list, check out Microsoft’s site here.
Windows Server vNext Preview Build 20206
Just a few days later, on September 2nd, Microsoft released another Windows Server vNext preview build with more information about new features.
- SMB compression is now available with the robocopy and xcopy command line tools and the /compress If the destination device also supports SMB compression, file transfers should see significant performance improvements. Up-to-date Windows Server 2019 and Windows 10 devices already support compression. Windows Server vNext brings the tools so that admins can make use of it.
- AES-256 for SMB encryption and signing. When connecting to another device, Windows will automatically negotiate AES-256-GCM and AES-256-CCM if the device supports it. AES-256 can be enforced using Group Policy.
- SMB Direct over RMDA networks now supports encryption. Microsoft says in this release that data is encrypted before placement, resulting in a minor performance tradeoff in exchange for AES-256 packet encryption.
- Storage Spaces Direct get encryption for east-west communications within the cluster for improved security.
- Storage Migration Services gets Azure File Sync (AFS) Tiering support.
Again, for a full list of the new features in this build, see Microsoft’s website here.