Shulou(Shulou.com)06/02 Report--

1.1. Network components

Generally speaking, two or more computers can be called computer networks by using any medium (cable, optical fiber or radio wave) or any network (TCP/UDP, NetBEUI or IPX/SPX) to connect, share resources and communicate. Network protocol is a communication standard that must be obeyed by both parties who establish communication and transmit data on the network. it defines the rules that must be followed by the receiver and the sender to communicate, and the protocols at the same layer must be the same. otherwise, there can be no communication or data errors. In order to build a communication network, some special equipment is usually needed. The following figure is a common network connection diagram.

Node (node): a node is mainly a device with a network address (IP).

Server host (server): a host that provides data in response to a user can be called a server.

Workstation (workstation) or client (client): the one who initiates the online request for data can be called a client.

Network card (Network Interface Card,NIC): a device that mainly provides network access.

Network interface: a task that provides a network address (IP). The host also has an internal network interface, that is, loopback, a circular test interface!

Network form or topology: the connection mode of each node on the network, generally speaking, is the physical connection mode.

Route: the process in which a router receives a packet from one interface, directs it according to the destination address of the packet and forwards it to another interface. It works in the packet forwarding device of the network layer, the third layer of the OSI reference model.

Gateway (gateway): also known as inter-network connector, protocol converter. The gateway implements network interconnection above the network layer and is the most complex network interconnection device, which is only used for network interconnection with two different high-level protocols.

OSI Network Model and TCP/IP Network Model

OSI (Open System Interconnect, Open Systems Interconnection), a seven-layer network model defined by ISO, is an important milestone in network development. Its appearance provides a reference basis for various network technologies and devices, and plays a certain role in the design and unification of network protocols.

Each layer of OSI's seven-tier model has clear characteristics. Layers 7-4 deal with communication between data sources and data destinations, and layers 3-1 deal with communication between network devices. The functions of each layer are:

Physical layer: a standard specification for the characteristics of transmission media is defined.

Data link layer: physical links are not reliable and errors may occur. The data link layer divides the data into frames and transmits the data frames as the most basic unit. Through the reordering and arrangement of the received data frames, the unreliable physical links are transformed into reliable data links in the upper protocol of the network model.

Network layer: data is grouped according to a certain length, and the addresses of the source and destination hosts are recorded in the header of each packet, and then the path from the source host to the destination host is determined according to these addresses. If there are multiple paths, it is also responsible for routing.

Transport layer: the functions of this layer include selecting error recovery protocol or error-free recovery protocol, multiplexing the input of data streams from different applications on the same host, and reordering packets received in the wrong order.

Session layer: establish, manage and terminate communication application service requests and response sessions between network entities.

Presentation layer: transcoding is performed to ensure that the data of the source host can also be identified on the destination host.

Application layer: the highest layer of the OSI model, which realizes the direct dialogue between the network and users.

The seven-layer model of OSI is a theoretical model, which has been criticized because it is too large and complex, while the TCP/IP protocol stack developed by technicians has been more widely used. Different from OSI's seven-tier model, TCP/IP model does not focus on strict hierarchical division, but focuses on data transmission between devices. The functions of each layer of the TCP/IP model:

Network interface layer (link layer): defines how to transfer data over existing physical network media, including Ethernet, token Ring, frame Relay, and asynchronous transfer modes.

Network layer: encapsulates data into IP (Internet Protocol) packets and sends them to the destination network or host. This layer contains IP,

ICMP, IGMP, and ARP protocols.

Transport layer: defines the quality of service and connection status used in data transmission, and realizes the session between the peer entity on the source host and the target host. There are two different protocols at the transport layer: TCP and UDP.

Application layer: the TCP/IP model combines the session layer and presentation layer of the OSI reference model into the application layer, which defines TCP/IP application communication protocols, including HTTP, FTP, DNS, SMTP and so on. Among them, the missing protocols all correspond to different network services, and they generally have special port numbers.

1.2.The packets and data related to the network layer of TCP/IP

At present, there are two versions of IP in the Internet environment, one is the most widely used IPv4, and the other is that the addresses recorded by IPv6.IPv4, which is expected to be popular in the future, are expected to be allocated around 2012, so that there will be no network available in emerging countries or new Internet companies. To avoid this problem, IPv6,IPv6 addresses can reach 128bits, and the number of IP is almost inexhaustible. Although IPv6 is forward-looking, most of the mainstream uses IPv4 at present.

Encapsulation of IP packets:

TCP/IP protocol defines a packet transmitted over the Internet, which is called IP packet, while IP Datagram (IP Datagram) is an abstract content that analyzes the structure of the packet. It consists of a header and data, and its format is shown in the figure. The first part of the header is a fixed length, a total of 20 bytes, which is a must for all IP datagrams. Behind the fixed part of the header are some optional fields whose length is variable. The source and destination addresses in the header are both IP protocol addresses.

Version (version): the version of the IP protocol.

IHL (Internet Header Length, length of IP header): tells the header length of this IP packet.

Type of Service (service type), and the field content is PPPDTRUU.

PPP: indicates the priority of this IP packet, which is rarely used at present

D: if 0 means delay, 1 means low delay

T: if 0 indicates general transmission volume (throughput), 1 indicates high transmission volume

R: if 0 means general reliability (reliability), if 1 means high reliability.

UU: retention has not been used yet.

Total Length (total length): refers to the total capacity of this IP packet, including header and content (Data) parts, up to 65535 bytes.

Identification (identification code): IP software maintains a counter in memory. Each time a Datagram is generated, the counter is incremented by 1 and this value is assigned to the identification field. But this "identity" is not a serial number, because IP is a connectionless service, and datagrams do not have the problem of receiving them sequentially. When the Datagram must be fragmented because it is longer than the MTU of the network, the value of this identity field is copied to the identity field of all datagrams. The same value of the identification field enables the fragmented Datagram to be correctly reassembled into the original Datagram.

Flags (Special Flag)

D: 0 means it can be segmented, and 1 means it cannot be segmented.

M: a value of 0 means the IP is the last segment, and a value of 1 means it is not the last segment.

Fragment Offset (Segmentation offset): indicates the current position of this IP segment in the original IP packet.

Time To Live (TTL, time to live) represents the time to live for this IP packet, ranging from 0 to 255.

Protocol Number (Agreement Code)

one

ICMP (Internet Control Message Protocol)

two

IGMP (Internet Group Management Protocol)

three

GGP (Gateway-to-Gateway Protocol)

four

IP (IP in IP encapsulation)

six

TCP (Transmission Control Protocol)

eight

EGP (Exterior Gateway Protocol)

seventeen

UDP (User Datagram Protocol)

Header Checksum (header check code): used to check the error checking of this IP header.

Source Address: IP address of the source

Destination Address: this is the IP address of the target.

Options (other parameters) this is an additional feature, including security handling mechanisms, routing records, timestamps, strict and loose source routing, and so on.

Padding (make-up project): since the content of Options is not necessarily big, but we know that every data in IP must be 32bits, so if the data in Options is not enough for 32bits, padding will take the initiative to fill it up.

The composition and classification of IP addresses:

IP address is actually a kind of network packet, and the most important thing in the header of this kind of packet is the 32-bit source and destination address. For the value of the 32bits, in order to facilitate memory, the IP of the 32bits is divided into four segments, each containing 8bits, eight bits are converted into decimal, and each segment is separated by a decimal point.

00000000.00000000.00000000.000000000.00000000 = "0.0.0.011111111.11111111.1111111111111111111111111111 =" 255.255.255.255

So IP can range from 0.0.0.0 to 255.255.255.255. However, this genetic number is divided into two parts: network segment (Net_ID) and host segment (Host_ID). For example, the class C address 192.168.0.0-192.168.0.255 is an example.

11000000.10101000.000000000.00000000 |-Net_ID- |-- host-- |

The limitation of Net_ID and Host_ID: within the same network segment, Net_ID is unchanged, while Host_ID is not repeatable. In addition, in binary representation, Host_ID cannot be 0 or 1 at the same time, because all zeros represent the address of the entire network segment, while all 1 represents the broadcast address.

Transmit data through IP broadcast in the local area network: if the hosts in the same physical network segment set the same domain IP range (can not be repeated), then these hosts can directly broadcast the network online in the area network through the function of CSMA/CD, that is, they can directly transfer data from the network card to the network card (through the MAC frame).

Set the situation of different area networks in the same physical network segment: within the same physical network segment, if the two hosts are set to different IP network segments, the broadcast address is different, which makes it impossible to go online by broadcast. At this point, you have to communicate through the router (router) to connect the two domains together.

Domain size: the larger the number of bits occupied by Host_ID, that is, the more Host_ID, the more IP can be used to set hosts in the same domain.

Division of the network:

All 0: network addr

All 1: broadcast address

Class A: 0.xx.xx.xx ~ 127.xx.xx.xx # Net_ID begins with 0

Number of networks: 126127

Number of hosts per network: 2 ^ 24-2

Default subnet mask: 255.0.0.0

Private network address: 10.0.0.0Comp8

Class B: 128.xx.xx.xx ~ 191.xx.xx.xx # Net_ID begins with 10

Number of networks: 2 ^ 14

Number of hosts per network: 2 ^ 16-2

Default subnet mask: 255.255.0.0

Private address: 172.16.0.0Universe 16-172.31.0.0Universe 16

Class C: 192.xx.xx.xx ~ 223.xx.xx.xx # Net_ID begins with 110

Number of networks: 2 ^ 21

Number of hosts per network: 2 ^ 8-2

Default subnet mask: 255.255.255.0

Private network address: 192.168.0.0swap 24-192.168.255.0Universe 24

Class D: 224.xx.xx.xx ~ 239.xx.xx.xx # Net_ID begins with 1110

Special functions of multicast, such as network restoration of a large number of computers

Class E: 240.xx.xx.xx ~ 255.xx.xx.xx # Net_ID begins with 1111

Keep unused network segments

1.3, switches and routers

In the same local area network, the data can be transmitted by IP broadcast, but if it is not in the local area network. We need a router to help. To put it simply, the switch serves different hosts in the same LAN, while the router provides services for two hosts in different Lans.

Switch: a multi-port layer 2 network device based on bridge technology, which provides a low-latency and low-overhead path for forwarding data frames from one port to another. The switch can only recognize MAC addresses. Communication between different hosts in the same network, through the switch to find the optimal path, there can be no loop.

Router: a packet switching device (or network layer relay device) in the network layer of the OSI protocol model. the basic function of a router is to transmit data (IP messages) to the correct network. Identify the IP address. Hosts of different network segments need to be routed and forwarded when communicating. Broadcast domains can be isolated.

1.4.The TCP protocol packet

The IP packet of the network layer is only responsible for sending the data to the correct destination host, but whether the packet will be received, or whether it will be received correctly, is not the task of IP, that is one of the tasks of the transport layer. There are two protocols in the transport layer, one is the connection-oriented TCP packet, and the other is the connectionless UDP packet. Whether the data can be delivered to the destination correctly or not has a lot to do with these two packets.

Correlation between individual packets:

Header information for UDP packets:

Header information for TCP packets:

Sequence Number (packet serial number): when the TCP data is too large (greater than the allowable level of the IP packet), you have to segment it. This Sequence Number records the sequence number of each packet, allowing the receiver to reassemble the TCP data.

Acknowledge Number (response serial number): in order to confirm that the host side has indeed received the packet data sent by the client side, the client side certainly hopes to receive a response from the host side, which is the purpose of this Acknowledge Number. When the client side receives this confirmation code, it will be able to determine that the previously delivered packet has been correctly received.

Code (Control Flag, control marker)

URG (Urgent): if 1 means the packet is an emergency packet, the receiver should deal with it urgently, and the Urgent Pointer field will also be enabled.

ACK (Acknowledge): a value of 1 means that this packet is a response packet and is related to Acknowledge Number.

PSH (Push function): if 1, the representative asks the other party to send other corresponding packets in the buffer immediately without having to wait for the buffer to be full.

RST (Reset): if the RST is 1, the online connection will be terminated immediately without waiting for the termination confirmation procedure. This is a forced end online, and the sender has been disconnected.

SYN (Synchronous): 1 indicates that the sender wants both parties to establish synchronous processing, that is, requires the establishment of online. Usually a packet with the SYN flag indicates that it actively wants to connect to the other party.

FIN (Finish): 1 indicates that the transmission is over, so inform the other party that the data has been transmitted and whether to disconnect, but the sender is still waiting for the other party's response.

Three-way handshake and four disconnections:

The process of establishing a connection:

[1] the client sends a request, and the SYN bit represents the connection request. The serial number is 2000.This serial number is used as a temporary address in network communication.Each byte of data is sent, the serial number should be added 1, so that the receiver can discharge the correct order of data packets according to the serial number, and you can also find the situation of packet loss. in addition, it is stipulated that SYN bits and FIN bits also occupy a sequence number. although there is no data sent this time, due to the sending of SYN bits, the serial number should be used for next transmission.

[2] the server sends a message with the SYN bit, and sets the ACK bit to confirm that the confirmation sequence number is 500. it means "I have received the sequence number 500 and all the previous segments, please send the segment with sequence number 501 next time", that is, it answers the client's connection request and sends a connection request to the client at the same time.

[3] the client sends a message to reply to the connection request of the server, confirming that the serial number is 501. In this process, the client and the server respectively send connection requests to each other and answer each other's connection requests, in which the server's request and reply are sent in one segment, so there are a total of three segments used to establish a connection, which is called''three-way handshake (three-way-handshake)''. While establishing the connection, the two sides negotiated some information, such as the initial value of the serial number sent by both parties, the maximum segment size, and so on.

The closing process of the TCP connection:

[1] the client sends a message, and the FIN bit indicates a request to close the connection.

[2] the server sends a message to answer the client's request to close the connection.

[3] the server sends a message, which also contains the FIN bit, to the client to send a request to close the connection.

[4] the client sends a message to answer the server's request to close the connection.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.