Shulou(Shulou.com)06/01 Report--

The best known network protocol is the TCP/IP protocol. In fact, the TCP/IP protocol is a set of protocols, made up of many protocols. TCP and IP

There are two protocols in this set of protocols, and the TCP/IP protocol set is named after these two protocols.

The functions involved in each protocol in the TCP/IP protocol set are implemented by programs. TCP protocol and IP protocol have corresponding TCP program and IP range.

Preface.

According to the TCP protocol, we learned that the network protocol is a convention that stipulates:

What is the function of the program that ① implements this protocol?

How does ② accomplish this function?

The format of the communication packet required by ③ to implement this function.

If a network protocol involves the functions of the hardware, it is usually called a standard, not a protocol. Network standards also need to agree on hard.

The physical dimensions and electrical characteristics of the parts.

ISO released the annotated Open Systems Interconnection reference Model (Open System Interconnection Reference Model), referred to as OSI.

The OSI model specifies in detail the functions that the network needs to implement, the methods to achieve these functions, and the format of the communication packet. But, no.

A manufacturer follows the OSI model to develop network products. Whether it is a network operating system or network equipment, it does not follow the manufacturer's own formulation.

The agreement (Novell's Novell protocol, Apple's AppleTalk, Microsoft's NetBEUI, IBM's SNA) is

Follow an agreement made by a government department (such as the TCP/IP agreement). Now TCP/IP is in the mainstream.

4.1 OSI model

Figure 4.1 layer 7 protocols of the OSI model

When a data file needs to be sent to another host, the data is processed by each layer of the seven-layer protocol. Like me.

We are going to send an email to the server, and when we finish editing it in Outlook, after pressing the send button, Outlook will send our

The mail is delivered to a program written in layer 7 in accordance with the POP3 or SMTP protocol. POP3 or SMTP programs organize the data format according to their own protocols, and then

Send it to a program at the lower level. Each layer (except the physical layer, which is a hardware circuit and network cable, no longer processes data) will also respond to the data.

Format to do some processing, but also in the form of a header to add some information. The processed data is given to the physical layer in the form of frames.

The circuit of the management layer then sends data to the network in the form of a bit stream.

The process of the receiver is the opposite. After receiving the data, the physical layer traverses all the layers of the OSI in the opposite order so that the receiver receives this.

E-mail. For the host of the receiver, each layer will read the corresponding header of this layer, remove the header of its own layer and transmit the data to the previous one.

Layer.

Figure 4.2 functional description of layer 7 protocols for the OSI model

4.2 TCP/IP protocol

Figure 4.3 comparison between OSI model and TCP/IP protocol set model

TCP/IP protocol is a set of protocols, which consists of more than ten protocols.

Figure 4.4 individual protocols in the TCP/IP protocol set

The main TCP/IP protocols are:

. Application layer: FTP,TFTP,Http,SMTP,POP3,SNMP,DNS,Telnet

. Transport layer: TCP,UDP

. Network layer: IP,ARP,RARP,ICMP,RIP,IGRP,OSPF

4.2.1 Application layer Protocol

FTP: file transfer protocol. Used for file exchange between hosts. FTP uses TCP protocol for data transmission, which is a reliable,

Connection-oriented protocol. FTP supports binaries and the ASCII protocol.

TFTP: a simple file transfer protocol. It is simpler than FTP and is a non-connection-oriented protocol that uses UDP for transmission.

So the transmission speed is faster. This protocol is mostly used in local area network, where switches and routers transmit their own configuration files.

Send it to the mainframe.

SMTP: simple Mail transfer Protocol.

POP3: Mail transfer protocol, which is more scientific than SMTP and does not belong to the TCP/IP protocol set.

Telnet: remote terminal emulation protocol. You can enable a host to log in to another machine remotely and become a manifestation of that remote host.

Display and keyboard terminal.

DNS: domain name resolution protocol. Resolve the corresponding IP address according to the domain name.

SNMP: simple Network Management Protocol. The network management workstation collects and understands the working status of switches, routers and other devices in the network

The protocol used.

NFS: network file system protocol. A protocol that allows other hosts on a network to share a machine directory.

4.2.2 Transport layer protocol

The TCP/IP protocol set has only two protocols at the transport layer: transmission Control Protocol (TCP) and user Datagram Protocol (UDP).

The TCP protocol has five main functions:

. Port address addressing

. Establishment, maintenance and dismantling of connections

. Flow control

. Error retransmission

. Data segmentation.

(1) Port address addressing

What is the use of a port address? When the Datagram arrives at the host, the link layer program will end through the frame of the Datagram

The CRC check is carried out, and the qualified data frame is removed and the frame header is handed up to the IP program. After the header is removed by the IP program

Then send the data up to the TCP program. After the TCP program removes the TCP header, who does it give the data to? At this time

The TCP program can learn from the port address indicated by the source host in the TCP header that the sending host wants the destination host

What application receives this Datagram.

Therefore, port address addressing is addressing the application layer program.

Figure 4.5 Common port addresses

The detailed port number arrangement can be found in the comment RFC1700 of TCP/IP.

TCP/IP specifies the method for arranging port numbers:

Numbers below 255are used for common application layer protocols such as FTP and Http.

Serial number from 255to 1023: provided to the operating system development company for the market-oriented application layer protocol number.

Numbers greater than 1023: general applications.

The coding range of port numbers is from 0 to 65535. The address range from 1024 to 49151 needs to be registered, 49152 to

65535 of the address range is free to use.

The port address is encapsulated by the source host in its TCP header or UDP header before data transmission. Figure 4.6 shows the TCP header

Format of:

Figure 4.6 TCP header format

It is stipulated in a computer network that when a host sends a connection request to another host, the machine that sends the request is

As a client, and the machine that accepts the request as a server. Usually, the client is giving its own programming end

For slogans, randomly use a number greater than 1023. For example, a host accesses the WWW server in its TCP header

The source port address is encapsulated as 1391, and the destination port address needs to be 80, indicating communication with Http.

(2) Establishment, maintenance and dismantling of TCP connections

TCP protocol is a connection-oriented protocol, which means that one host needs to communicate with another host.

When making a message, you need to call the other party first and request to establish a connection with the other party. Only with the consent of the other party can you start the communication.

The so-called call is that the initiator of the connection sends a "connection request" message to the other party, if the other party is the same as

Meaning this connection, simply send back a "connection response" response packet, and the connection is established.

Figure 4.7 depicts the process of establishing a connection for TCP.

Figure 4.7 establishing a TCP connection

Host A wants to establish a connection with host B to exchange data. Its TCP program first constructs a packet requesting a connection to the pair.

Party, the message quality code in the TCP header of the request connection packet is marked as SYN (see figure 4.8), which is declared to be a "connection request"

After receiving the connection request from host A, the TCP program of host B will send back a "confirm" if it agrees to the connection.

Acknowledge the connection packet and reply to host A. the message property code in the TCP header of host B is marked as

ACK .

Fig. 4.8 SYN marker and ACK marker

SYN and ACK are the connection flag bits of the message quality code in the TCP header (see figure 4.8). When the connection is established, the SYN flag is set

The 1Magine ACK flag is set to 0, which indicates that this package is a synchronization package; if you confirm the connection package, ACK sets 1century SYN to 1, which means this newspaper.

The paper bag is a confirmation bag.

As you can see from figure 4.7, the third packet that establishes the connection is the connection confirmation from host A to host B. Why should host A be sent?

What about the third bag?

Note: the third packet here is calculated as follows: host A connection request packet is the first packet, and host B's reply packet is

The second packet, the packet sent after host A receives the reply packet from host B (ACK=y+1) is the third packet.

Continue to discuss why the third package is sent. Consider a situation where host A sends a request packet, but this request

The packet is lost in the process of transmission, and host A resends the connection request packet, and the second connection request packet arrives at host B to ensure

Establishment of the connection. But what if the connection request packet is not lost but the network is slow, causing host A to time out? It will.

Host B receives two connection request packets, which makes host B think that the second connection request is another request from host A. The first

The three confirmation packages are designed to prevent such errors. Such a connection mechanism is called a three-way handshake.

From the perspective of TCP programming, the source host sends a "connection request packet" to trigger the TCP program of the other host.

Set up a corresponding TCP process. Your host can invite each other to open multiple TCP processes and communicate with each other at the same time.

FLOOD* is to invite the other party to establish a connection endlessly, so that the host computer of the other side can open up numerous TCP processes and

The connection finally depletes the host resources of the other party.

It is understandable that when the communication ends, the host initiating the connection should send a packet to remove the connection and notify the other host.

Close the responding TCP process and release resources. Remove the FIN flag of the message quality code in the TCP header of the connection message packet

Set 1.

In order to prevent the abnormal shutdown after a failure on one side of the connection, while the TCP process of the other party resides endlessly, any

If either party finds that the other has no communication traffic for a long time, it will remove the connection.

But sometimes there is no traffic for a period of time, but you still need to keep the connection, so you need to send an empty packet to

Hold this connection. The packet that maintains the connection is called keepalive. In order to have no data to send for a period of time, but also

Sending keepalive packets that need to maintain a connection is called connection maintenance.

(3) the message sequence number in the TCP header

TCP is sent after segmenting the data handed over by the application layer. To support data error retransmission and segment assembly, TCP is

In the header encapsulated by each data segment, two Datagram sequence number fields are designed, which are called the sending sequence number and the acknowledgement order respectively.

No.

Error retransmission means that once a missing data segment is found, the lost data can be retransmitted to ensure the integrity of data transmission.

Sex. If the data is not segmented, the source host will have to resend the entire data after the error. To confirm that the missing data is

Which data segment, the message needs to install the serial number.

Data segmentation can make the transmission of messages in the network very flexible. Each segment of a data, you can choose different

The path reaches the target host. Due to the inconsistency of the transmission speed among the paths in the network, it is possible that the number sent out earlier

The data segment arrives after the segment, and the data segment that leaves arrives first. In order to enable the target host to be reassembled in the correct order

Data, you also need to install the sequence number in the header of the data segment.

The third and fourth fields in the TCP header are the sending sequence number and the acknowledgement sequence number, respectively. The sending sequence number refers to the number of this data segment.

Packet, confirm that the serial number refers to the number of the next data segment sent by the other party.

Figure 4.9 send sequence number and confirm sequence number

(4) PAR error retransmission mechanism

There are two situations in which packets are lost in a network. If the load on a network device is too high, when its packet buffer is full

At that time, the packet is lost. Another situation is that if in transmission due to noise interference, data collision or setting

If you prepare for a failure, the packet will be damaged. It is discarded when the link layer of the receiving host is checked.

The sending host should find the missing data segment and resend the error data.

TCP uses the error retransmission scheme of PAR (Positive Acknowledgement and Retransmission).

When sending data, the TCP program first puts all the data segments in its sending window, and then sends them out. And then, PAR will

Start a timer for each sent data segment in the send window, and the data received by the host of the other party will be sent from the

Delete from the window. If the scheduled time of a data segment expires and still does not receive an acknowledgement, PAR will resend the data.

Duan.

Figure 4.10 PAR error retransmission mechanism

In figure 4.10, segment 2 of the sending host is lost, while segment 1 is only confirmed by the receiving host. The sending host sends from

Delete the confirmed No. 1 packet in the send window, put it into 4 good data segments, and send it out on the 2nd and 3rd repost. Among them, 2Jing 3 is a retransmission.

The data segment of. You will find that although segment 3 has been received by the receiving host, it is still retransmitted, which is obviously a

Waste. But the PAR mechanism can only handle this, because there is only one confirmation sequence number field, and if there is a loss greater than one number

According to the segment, one acknowledgement number cannot record multiple missing packets. It is not necessary to design a separate package to notify the source host.

OK, what should I do because this notification package is also lost?

(5) TCP flow control

If the receiving host communicates with multiple TCP at the same time, the reassembly of the received packets needs to be queued in memory. If

The load on the receiving host is too high, because the memory buffer is full, it is possible to lose data. Therefore, when the receiving host is unable

When bearing the sending speed of the sending host, it is necessary to notify the sending host to slow down the sending speed of the data. In fact, receive

The host does not tell the sending host to slow down the sending speed, but directly controls the sending window size of the sending host. Receive

If the host needs the other party to slow down the sending speed of the data, reduce the "send window" field in the TCP header of the Datagram.

The value of the. The other host must obey this value and reduce the size of the sending window, thus reducing the sending speed.

Figure 4.11 TCP flow Control

In extreme cases, if the receiving host sets the window size field to 0, the sending host will suspend sending data. Interesting.

Yes, although the sending host's acceptance of the receiving host's window settings slows down the sending speed, the sending host gradually

Gradually expand the window, the purpose of this is to improve the speed of data transmission as much as possible. In other words, the sending host will drop

Low transmission speed, but does not necessarily reduce the window size.

In practice, the window field in the TCP header is not measured by the number of segments, but by the number of bytes

Ming is big and small.

(6) UDP protocol

TCP/IP protocol centrally designs another transport layer protocol: connectionless data transfer Protocol (Connectionless).

Data Transport Protocol). This is a simplified transport layer protocol. UDP removed 5 functions of TCP protocol.

Three of them can:

Connection establishment, flow control, error retransmission, only port addressing and data segmentation are retained.

UDP provides communication efficiency at the expense of reliability. For those data transmissions that do not require high data reliability

It can be done using the UDP protocol. Such as DNS,SNMP,TFTP,DHCP.

The header format of UDP is very simple, and the core content only has two fields: source port address and destination port address. DHCP's

See RFC768 for details.

Figure 4.12 UDP header format

The UDP program needs to complete the port address addressing and data segmentation functions like TCP. But it doesn't know that the packet is

If the target host is not reached, the receiving host cannot restrain the speed of sending data. Because there is no message order in the Datagram

Number, once the order of packets arriving at the target host along different paths changes, the target host will not be able to do so in the correct order

The preface corrects such mistakes.

4.2.3 Network layer protocol

The most important network layer protocols in the TCP/IP protocol set are IP and ARP. In addition to these two protocols, the network layer also has some of its

Its protocols, such as RARP,DHCP,ICMP,RIP,IGRP,OSPF, etc. The functions of these protocols are:

IP protocol:

Used to connect multiple packet-switched networks.

ARP (Address Resolution Protocol) protocol:

Obtain the MAC address based on the IP address.

RARP (Reverse Address Resolution Protocol) protocol:

Translates the MAC address of a host in the LAN to an IP address.

BOOTP (Bootstrap Protocol) protocol:

It is a bootstrap protocol based on IP/UDP protocol, also known as bootstrap protocol, which is the predecessor of DHCP protocol. For BOOTP

In the local area network of a diskless workstation, a diskless workstation can obtain an IP address from a central server. Pass through

The BOOTP protocol can assign dynamic IP addresses to diskless workstations in a local area network, so that there is no need for administrators to

Each user sets a static IP address.

DHCP (Dynamic Host Configuration Protocol) protocol:

Is a local area network protocol, using UDP protocol to work, mainly for two purposes: to the internal network or network

The network service provider automatically assigns IP addresses to users or internal network administrators as the center for all computers

Means of management are described in detail in RFC 2131. DHCP has three ports, including UDP67 and UDP68

It is a normal DHCP service port, which is used as the service port of DHCP Server and DHCP Client respectively.

The port is used for DHCPv6 Client, not for DHCPv4, but for DHCP failover services, which requires a special

For the enabled service, DHCP failover is used to do "dual-computer hot backup".

ICMP (Internet Control Message Protocol) protocol:

Internet control message protocol. It is a subprotocol of the TCP/IP protocol family and is used between IP hosts and routers.

Pass control messages. The control message refers to the network itself, such as whether the network is unreachable, whether the host is reachable, whether the route is available, etc.

Donovan's news.

RIP protocol:

Is an interior gateway protocol (IGP), a dynamic routing protocol for routing in autonomous systems (AS)

The transmission of information. The RIP protocol is based on the distance vector algorithm (DistanceVectorAlgorithms) and uses "hop count" (that is,

Metric) to measure the routing distance to the destination address. Routers of this protocol only care about the world around them, only with

Its neighboring routers exchange information, the range is limited to 15 hops (15 degrees), no matter how far, it does not care. RIP should

Used in the application layer of the seven-layer model of OSI network.

The administrative distance (AD, or priority) defined by each manufacturer is as follows:

Huawei defines a priority of 100 and Cisco defines 120.

IGRP (Interior Gateway Routing Protocol) protocol:

Is an interior gateway routing protocol designed by Cisco in the mid-1980s.

OSPF (Open Shortest Path First Open shortest path first) protocol:

Is an internal gateway protocol (Interior Gateway Protocol, or IGP), which is used in a single autonomous system

(Autonomous System,AS) internal decision routing.

4.3 IEEE 802 standard

TCP/IP does not implement the bottom two layers of the OSI model, and the TCP/IP protocol is mainly implemented in the network operating system. In the host

The tasks of the application layer, the transport layer and the network layer are completed by the TCP/IP program, while the data link layer and objects of the bottom two layers of the host OSI model

The function of the management layer is completed by the program and hardware circuit of the network card manufacturer.

When network equipment manufacturers manufacture network cards, switches and routers, the functions of their data link layer and physical layer are in accordance with IEEE

The 802 specification has not been developed according to the specific protocol of OSI.

The 802 specification standard developed by IEEE specifies that the functions of the data link layer and physical layer are:

. Physical address addressing

The sender needs to install the frame header on the packet and encapsulate the physical address in the frame header. The receiver can identify according to the physical address

Whether it is the data sent to yourself.

. Media access control

How to use shared transmission media to avoid media conflicts.

The well-known media access control technologies include Ethernet technology, token network technology, FDDI technology and so on.

. Data frame check

Whether the data frame is damaged during transmission and discard the damaged frame.

. Sending and receiving of data

Operate the process of sending data to be sent in memory to the physical layer circuit. Do the opposite at the receiver.

According to different functions, IEEE 802 has corresponding protocol specifications, which are collectively referred to as IEEE 802x standards.

Figure 4.13 lists the IEEE 802 standard that is now popular.

Figure 4.13 IEEE protocol standard

As you can see from figure 4.13, the OSI model divides the data link layer into two sublayers:

Logical Link Control (LLC: Logical Link Control) sublayer

And

Media access Control (MAC: Media Access Control) sublayer.

The task of the LLC sublayer is to provide the interface between the network layer program and the link layer program, so that the programming of the main MAC sublayer of the link layer is independent of

A specific protocol program at the network layer. Such a design is necessary, for example, when a new network layer protocol appears, only for the new

By writing the corresponding LLC sublayer interface program, the existing link layer program can be used without overturning all the existing link layer programs.

Past link layer programs.

The MAC sublayer performs all the functions required by OSI for the data link layer: physical address addressing, media access control, data frame checking,

Control of data transmission and reception.

The IEEE 802.2 protocol corresponds to the LLC sublayer of the OSI model.

The core standard of IEEE 802x is more than 10 design specifications that span MAC sublayer and physical layer. Here are some common IEEE 802s

Agreement:

IEEE 802.3

Ethernet standard protocol specification, which provides the media access control sublayer and physical layer design standard of 10m LAN.

IEEE 802.3u

Fast Ethernet standard specification, which provides the design standard of media access control sublayer and physical layer of 100m LAN.

IEEE 802.3ab

Gigabit Ethernet standard specification, which provides the media access control sublayer and physical layer design standard of 1000m LAN.

IEEE 802.5

The token ring network standard specification provides the media access control sublayer and physical layer design standard of the token ring network.

IEEE 802.11

Wireless LAN standard specification, provides 2.4G microwave band 1-2Mbps low-speed WLAN media access control sublayer and physical layer design standard.

IEEE 802.11a

Wireless local area network standard specification, provides 5G microwave band 54Mbps high-speed WLAN media access control sublayer and physical layer design standard.

IEEE 802.11b

Wireless LAN standard specification, provides 2.4G microwave band 11Mbps high-speed WLAN media access control sublayer and physical layer design standard.

IEEE 802.11g

Wireless LAN standard specification, which provides IEEE 802.11a and IEEE 802.11b compatible standards.

IEEE 802.14

The CATV network standard specification provides the media access control sublayer and physical layer design standard designed by Cable Model technology.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.