Read the directory
- 1. Divide network layers
- 2. OSI seven-layer network model
- 3. The IP address
- 4. Subnet mask and network division
- 5. The ARP/RARP protocol
- 6. Routing protocol
- 7. The TCP/IP protocol
- 8. The UDP protocol
- 9. The DNS protocol
- 10. NAT protocol
- 11. The DHCP protocol
- 12. The HTTP protocol
- 13. An example
The core content of computer network learning is network protocol learning. A network protocol is a set of rules, standards or conventions established for data exchange in a computer network. Because different user data terminal may adopt different character set, they need to communicate, must be carried out in a certain standard. A good analogy is our language. We are a vast country with a large population and rich local languages, and there are huge differences between dialects. The dialect of region A may not be acceptable to people in region B, so we have to establish A language standard for the communication of people’s names across the country, and that is the role of our Mandarin. Similarly, looking around the world, English is our standard language of communication with foreign friends, so we have to learn English reluctantly and painfully.
Computer network protocols are as diverse as our languages. And ARPA company and 1977 to 1979 launched a network protocol named ARPANET by a wide range of hot, the main reason is that it launched the well-known TCP/IP standard network protocol. TCP/IP has become the “universal language” in the Internet. The following figure shows the communication between different computer groups using TCP/IP.
Back to the top
1. Divide network layers
2. OSI seven-layer network model
1) Physical Layer
Activate, maintain, and close mechanical, electrical, functional, and process characteristics between communication endpoints. This layer provides a reliable physical medium for upper-layer protocols to transfer data. Simply put, the physical layer ensures that raw data can be transmitted over a variety of physical media. The physical layer remembers two important device names, Repeaters (also known as amplifiers) and hubs.
2) Data Link Layer
The data link layer provides services to the network layer on the basis of the services provided by the physical layer. The most basic service of the data link layer is to reliably transmit the data from the network layer to the target computer network layer of adjacent nodes. In order to achieve this goal, the data link must have a series of corresponding functions, mainly including: how to combine data into data blocks, which is called frame in the data link layer, frame is the transmission unit of the data link layer; How to control the transmission of frames on the physical channel, including how to deal with transmission errors, how to adjust the transmission rate to match the receiver; And management that provides the establishment, maintenance, and release of data link paths between two network entities. The data link layer provides reliable transport over unreliable physical media. The functions of this layer include: physical address addressing, data framing, flow control, data error detection, retransmission, etc.
Important facts about the data link layer:
1> The data link layer provides reliable data transmission for the network layer;
2> The basic data unit is frame;
3> Main protocol: Ethernet protocol;
4> Two important device names: bridge and switch.
3) Network Layer
The purpose of the network layer is to realize the transparent transmission of data between two end systems. The specific functions include addressing and routing, connection establishment, maintenance and termination, etc. It provides services that eliminate the need for the transport layer to understand data transfer and switching technologies in the network. If you want to remember the network layer in as few words as possible, it’s “path selection, routing, and logical addressing.”
Many protocols are involved in the network layer, including the most important protocol, which is also the core protocol of TCP/IP – IP protocol. The IP protocol is very simple and provides only unreliable, connectionless transport services. The main functions of IP protocol are connectionless datagram transmission, datagram routing and error control. The function of IP is realized by ARP, RARP, ICMP and IGMP. The specific protocols will be summarized in the following sections. The key points of the network layer are:
1> The network layer is responsible for routing packets between subnets. In addition, the network layer can also realize congestion control, Internet interconnection and other functions.
2> The basic data unit is IP datagram;
3> Main agreements included:
Internet Protocol (IP);
ICMP (Internet Control Message Protocol);
Address Resolution Protocol (ARP);
Reverse Address Resolution Protocol (RARP).
4> Important device: router.
4) Transport Layer
The first is the end-to-end, host-to-host level. The transport layer is responsible for segmenting the upper layer of data and providing end-to-end, reliable or unreliable transport. In addition, the transport layer deals with end-to-end error control and flow control.
1> The transport layer is responsible for segmenting the upper layer of data and providing end-to-end, reliable or unreliable transmission as well as end-to-end error control and flow control issues;
Transmission Control Protocol (TCP), User Datagram Protocol (UDP);
3> Important device: gateway.
5) The session layer
The session layer manages session processes between hosts, that is, it is responsible for establishing, managing, and terminating sessions between processes. The session layer also implements data synchronization by inserting checkpoints into the data.
6) Presentation layer
The presentation layer transforms the upper-layer data or information to ensure that information from one host application layer can be understood by applications from another host. The data transformation of presentation layer includes data encryption, compression, format transformation and so on.
7) Application layer
Provides an interface for an operating system or network application to access network services.
Session layer, presentation layer and application layer
1> The basic unit of data transmission is packet.
2> Main protocols included: FTP (File Transfer Protocol), Telnet (remote login Protocol), DNS (Domain name resolution Protocol), SMTP (Mail Transfer Protocol), POP3 (Post office Protocol), HTTP (Hyper Text Transfer Protocol).
3. The IP address
1) Network address
An IP address consists of a network id (including a subnet id) and a host ID. The host ID of a network address is all zeros, and the network address represents the entire network.
2) Broadcast address
Broadcast addresses are often called direct broadcast addresses to distinguish restricted broadcast addresses.
The broadcast address is the opposite of the host ID of the network address. In a broadcast address, the host ID is all 1. When a message is sent to the broadcast address of a network, all hosts on the network can receive the broadcast message.
3) Multicast address
Class D addresses are multicast addresses.
Class A, B, C, D:
Class A addresses start with 0, and the first byte is the network number. The IP addresses range from 0.0.0.0 to 127.255.255.255. (modified @ 2016.05.31)
A class B address starts with 10 and the first two bytes are the network number. The IP address ranges from 128.0.0.0 to 191.255.255.255.
A class C address starts with 110 and the first three bytes are the network number. The IP address ranges from 192.0.0.0 to 223.255.255.255.
A Class D address starts with 1110 and ranges from 224.0.0.0 to 239.255.255.255. A Class D address is a multicast address (one-to-many communication).
A Class E address starts with 1111 and ranges from 240.0.0.0 to 255.255.255.255. A Class E address is reserved for future use.
Note: Only A,B and C have network numbers and host numbers. Class D addresses and class E addresses do not have network numbers and host numbers.
4) 255.255.255.255
This IP address refers to a restricted broadcast address. The difference between a restricted broadcast address and a common broadcast address (direct broadcast address) is that a restricted broadcast address can only be used on the local network. A router does not forward packets destined for the restricted broadcast address. A general broadcast address can be broadcast locally or across network segments. For example, after a broadcast packet is sent to host 192.168.1.1/30, another network segment 192.168.1.5/30 also receives the packet. If a restricted broadcast datagram is sent, it cannot be received.
Note: Regular broadcast addresses (direct broadcast addresses) can pass through some routers (not all routers, of course), while restricted broadcast addresses cannot pass through routers.
5) 0.0.0.0
It is often used to find its own IP address. For example, in OUR RARP, BOOTP and DHCP protocols, if a diskless machine with an unknown IP address wants to know its own IP address, it takes 255.255.255.255 as the destination address. Sends packets of IP requests to servers that are locally scoped (specifically, scoped by individual routers).
6) Loopback address
127.0.0.0/8 is used as the loopback address. The loopback address represents the local address and is often used for testing the local device, with 127.0.0.1 being the most common.
7) Class A, B, C private address
Private addresses are also called private addresses. They are not used globally but have local meaning.
Class A Private address: 10.0.0.0/8 the value ranges from 10.0.0.0 to 10.255.255.255
Class B private address: 172.16.0.0/12. The value ranges from 172.16.0.0 to 172.31.255.255
Class C Private address: 192.168.0.0/16. The value ranges from 192.168.0.0 to 192.168.255.255
4. Subnet mask and network division
With the expansion of the Internet application, the original IPv4 also gradually exposed the shortcomings, namely the network number to take too much, but the host position number is too little, so it can provide the host address is becoming more and more scarce, now in addition to using NAT in enterprise internal use reserved address allocation, usually of a high class of IP address to draw points, To form multiple subnets for user groups of different sizes.
In order to effectively use THE IP address in the case of network segmentation, the high part of the host number is taken as the subnet number, and the subnet mask is expanded or compressed from the common network bit boundary, so as to create more subnets of a certain type of address. However, as more subnets are created, the number of host addresses available on each subnet is reduced.
What is a subnet mask?
A subnet mask is a 32-bit binary address that indicates whether two IP addresses belong to the same subnet. A 1 indicates that the IP address is a network bit, and a 0 indicates that the IP address is a host bit. Like IP addresses, it is expressed in dotted decimal notation. If two IP addresses are the same in bitwise and of the subnet mask, they belong to the same subnet.
When calculating the subnet mask, we should pay attention to the reserved IP address, that is, the “0” address and the broadcast address. They refer to the IP address when the host address or the network address are all “0” or “1”. They represent the local network address and the broadcast address, and generally cannot be counted.
Calculation of subnet mask:
For an IP address that does not need to be divided into subnets, the subnet mask is as follows: For example, if the CLASS B IP address is 10.12.3.0 and the subnet does not need to be divided, the subnet mask of the IP address is 255.255.0.0. If it is a class C address, the subnet mask is 255.255.255.0. Other analogies are not detailed. The following is the key to introduce an IP address, but also need to use its high host bits as the subnet network number, the rest is the host number of each subnet, then how to calculate the mask of each subnet.
Here are some common interview questions about subnet masks and network partitioning:
1) Use the number of subnets to calculate
Before obtaining a subnet mask, you must know the number of subnets to be divided and the number of hosts in each subnet.
(1) Convert the number of subnets to binary to represent;
If you want to divide class B IP address 168.195.0.0 into 27 subnets: 27=11011;
(2) Get the bits of the binary, which is N;
The binary is a five-digit number with N = 5
(3) Obtain the class subnet mask of the IP address, and obtain the subnet mask of the subnet of the IP address by the first N position 1 of the host address part.
Set subnet mask 255.255.0.0 to 255.255.248.0
2) Use the number of hosts to calculate
If you want to divide class B IP address 168.195.0.0 into subnets, each subnet contains 700 hosts:
(1) Convert the number of hosts into binary to represent;
700 = 1010111100;
(2) If the number of hosts is less than or equal to 254 (note that the two reserved IP addresses are omitted), then obtain the binary number of the host, which is N, where N is definitely <8. If it is greater than 254, then N>8, which means that the host address will occupy more than 8 bits;
The binary is ten digits, N=10;
(3) Use 255.255.255.255 to set all the host address bits of this IP address to 1 and set all the N bits to 0, that is, the subnet mask value.
Will the class B IP address subnet mask 255.255.0.0 host address all buy 1, get 255.255.255.255, then from the back forward to 0 after 10 position, namely: 11111111.11111111.11111100.00000000, namely 255.255.252.0. This is the subnet mask of the class B IP address 168.195.0.0 that is to be divided into 700 hosts.
3) There is also a type of question that asks you to plan the subnet address and calculate the subnet mask according to the number of hosts in each network. This can also be calculated according to the above principles.
For example, if a subnet has 10 hosts, the following IP addresses are required for the subnet:
The 10 + 1 + 1 + 1 = 13
Note: the first 1 added refers to the gateway address required for this network connection, followed by two 1’s for the network address and broadcast address respectively.
Since 13 is less than 16 (16 is 2 ^ 4), the host bit is 4 bits. If 256-16 is 240, the subnet mask is 255.255.255.240.
If a subnet has 14 hosts, a common mistake many people make is to still assign a subnet with 16 address Spaces and forget to assign addresses to gateways. This is wrong, because 14+1+1+1 = 17, which is greater than 16, so we can only allocate subnets with space of 32 addresses (32 = 2 ^ 5). The subnet mask is 255.255.255.224.
5. The ARP/RARP protocol
Address Resolution Protocol (ARP) is a TCP/IP Protocol that obtains physical addresses based on IP addresses. The host broadcasts the ARP request containing the target IP address to all hosts on the network and receives the return message to determine the physical address of the target. After receiving the return message, the IP address and physical address are stored in the LOCAL ARP cache for a period of time. In the next request, the IP address and physical address are queried in the ARP cache to save resources. The IP address resolution protocol is based on the mutual trust between hosts on the network. A host on the network can send AN ARP reply message automatically. When receiving the reply packet, other hosts record it in the LOCAL ARP cache without detecting its authenticity. In this way, an attacker can send a pseudo ARP reply packet to a host, so that the message cannot reach the expected host or the wrong host, which constitutes an ARP spoofing. The ARP command is used to query the mapping between IP addresses and MAC addresses in the LOCAL ARP cache and add or delete static mapping.
Examples of ARP workflow:
Reverse address resolution protocol, namely the RARP, function and the ARP protocol, it transforms the physical address of a host in the local area network (LAN) as the IP address, such as a host in the LAN only know the physical address and IP address, you can through the RARP protocol for its own IP address broadcast request, then the RARP server is responsible for the answer.
Workflow of RARP protocol:
(1) Send a local RARP broadcast to the host, in which the host declares its MAC address and asks any RARP server that receives this request to assign an IP address;
(2) After receiving the request, the RARP server on the local network segment checks the RARP list and searches for the IP address corresponding to the MAC address.
6. Routing protocol
Common routing protocols include RIP and OSPF.
RIP: Based on the Behrmanford algorithm, it selects routes based on the metric of hops. The maximum number of hops is 15. If the number of hops is greater than 15, it dismisses packets.
OSPF
agreement
Back to the top
7. The TCP/IP protocol
TCP/IP is the most basic protocol of the Internet and the basis of the Internet. It consists of IP at the network layer and TCP at the transport layer. In layman’s terms: TCP is responsible for detecting problems in transmission and signaling any problems, requiring retransmission until all data is safely and correctly transmitted to its destination. IP assigns an address to every networked device on the Internet.
TCP is a connection-oriented communication protocol. It establishes a connection through a three-way handshake and disconnects the connection when the communication is complete. Because TCP is connection-oriented, it can only be used for end-to-end communication. TCP provides a reliable data flow service, using the “positive confirmation with retransmission” technology to achieve the reliability of transmission. TCP also uses a method of traffic control called “sliding Windows,” which actually represent the ability to receive, to limit the speed of the sender.
TCP header format:
TCP three-way handshake and four-way wave:
Note: seq: serial number of “Sequance”; Ack :”acknowledge”; SYN:”synchronize” indicates a request for synchronization. A. acknowledge B. acknowledge C. acknowledge D. acknowledge FIN: “Finally” Indicates the end flag.
TCP connection establishment process: The Client sends a connection request packet. After receiving the connection, the Server replies with an ACK packet and allocates resources for the connection. After receiving an ACK packet, the Client sends an ACK packet to the Server segment and allocates resources. In this way, a TCP connection is established.
TCP connection disconnection process: Assume that the Client sends a REQUEST to interrupt the TCP connection, that is, a FIN packet. After the Server receives a FIN packet, it says, “I have no data to send to you from the Client.” If you have incomplete data to send, you can continue to send data without closing the Socket. So you send an ACK, “Tell the Client I received your request, but I’m not ready yet, please continue to wait for my message.” In this case, the Client enters the FIN_WAIT state and waits for the FIN packet from the Server. When the Server confirms that data has been sent, it sends a FIN packet to the Client to tell the Client that the data has been sent and that it is ready to close the connection. After receiving the FIN packet, the Client knows that it can close the connection. However, the Client still does not trust the network and is in TIME_WAIT state for fear that the Server will not close the connection. If the Server does not receive the ACK, it can retransmit the packet. When the Server receives an ACK, it knows it is ready to disconnect. If the Client waits for 2MSL and still does not receive a reply, then the Server is shut down normally. Well, the Client can close the connection. Ok, the TCP connection is closed!
Why wave three times?
In the case of only two “handshakes”, suppose the Client wants to establish a connection with the Server, but the datagram of the connection request is lost halfway through, so the Client has to send it again. At this time, the Server receives only one connection request, so the connection can be established normally. However, sometimes the Client resends the request not because the datagram is lost, but because the data transfer process is blocked due to the large amount of network concurrency. In this case, the Server will receive two requests successively, and continue to wait for two Client requests to send data to it. The problem is here, the Cient side actually only has one request, and the Server side actually has two responses, the extreme case may be because the Client side re-sends the request data for many times, resulting in the Server end to establish N multiple responses waiting, resulting in a great waste of resources! So, the “three handshakes” are necessary!
Why do you wave four times?
Imagine, now you’re the client and you want to disconnect all connections to the Server. What do you do? The first step is to stop sending data to the Server and wait for the Server to reply. However, this is not the end of the matter. Although you do not send data to the Server, he has the initiative to send data to you because you have established an equal connection before. Therefore, the Server must stop actively sending data to you and wait for your confirmation. In fact, to put it bluntly is to ensure the complete implementation of a contract of both parties!
TCP protocols include FTP (file transfer protocol), Telnet (remote login protocol), SMTP (Simple Mail transfer Protocol), POP3 (used to receive emails, as opposed to SMTP), and HTTP.
8. The UDP protocol
UDP user datagram protocol is connectionless communication protocol. UDP data includes destination port number and source port number information. Because communication does not need to be connected, it can be broadcast.
UDP communication does not require the recipient’s confirmation. Therefore, UDP communication is unreliable and may cause packet loss. In practical applications, programmers are required to verify UDP communication.
TCP
with
UDP
The difference between:
Back to the top
9. The DNS protocol
This can be simply interpreted as converting urls to IP addresses
Back to the top
10. NAT protocol
Network Address Translation (NAT) is an access wide area Network (WAN) technology, which translates private (reserved) addresses into legitimate IP addresses. It is widely used in various Types of Internet access and networks. The reason is simple. NAT not only perfectly solves the problem of insufficient lP addresses, but also effectively prevents attacks from outside the network and hides and protects computers inside the network.
11. The DHCP protocol
The Dynamic Host Configuration Protocol (DHCP) is a local area network (LAN) Protocol that uses UDP. It serves two purposes: Automatically assign IP addresses to internal networks or network service providers, giving users or internal network administrators centralized management of all computers.
12. The HTTP protocol
What requests are included in the HTTP protocol?
GET: Requests to read the information marked by the URL.
POST: Adds information (such as comments) to the server.
PUT: Stores a document at the given URL.
DELETE: Deletes the resource marked by the given URL.
The difference between POST and GET in HTTP
1) Get is to Get data from the server, and Post is to send data to the server.
2) Get is to add the parameter data queue to the URL pointed to by the Action attribute of the submitted form. The value corresponds to each field in the form, which can be seen in the URL.
3) The amount of data transmitted by Get is small and cannot be greater than 2KB; Post transfers a large amount of data and is generally considered unrestricted by default.
4) According to the HTTP specification, GET is used for information retrieval and should be secure and idempotent.
I. Safe means that the operation is used to retrieve information rather than modify it. In other words, GET requests should generally have no side effects. That is, it simply retrieves the resource information, just like a database query, without modifying, adding data, or affecting the state of the resource.
Ii. idempotent means that multiple requests to the same URL should return the same result.
13. An example
The entire process is executed after entering www.baidu.com in the browser
Now suppose that if we enter http://www.baidu.com in the browser of the client (client) and baidu.com is the server (server) to visit, the following is a detailed analysis of a series of operations about the protocol performed by the client in order to access the server:
1) The client browser resolves to the IP address 220.181.27.48 of www.baidu.com through DNS, and finds the path from the client to the server through this IP address. The client browser initiates an HTTP session to 220.161.27.48, then encapsulates the packet via TCP and enters it into the network layer.
2) In the transmission layer of the client, the HTTP session request is divided into packet segments and source and destination ports are added. For example, the server uses port 80 to monitor the request of the client, and the client randomly selects a port such as 5000 to exchange with the server. The server returns the corresponding request to port 5000 of the client. Then use the IP address of the IP layer to find the destination end.
3) client application layer and transport layer network layer without relations, mainly do is through the route table lookup to determine how to reach the server, during may take multiple routers, by the router to complete the work, do not make too much description, is through the route table lookup to determine through the path to the server.
4) the client the link layer, packets sent via the link layer to the router, through neighbor agreements to find the MAC address of a given IP address, and then sends an ARP request to find the destination address, if you get a response after you can use the ARP request response exchange of IP packets can transfer now, then send the IP packet to the address of the server.
Author: Poll notes blog reference: www.cnblogs.com/maybe2030/ all copyright belongs to the author in this paper and blog, welcome to reprint, reprint please indicate the source. < If you think this article is good and has brought some help to your study, please help click the recommendation in the lower right corner >