The overall
This article is a summary of what I have read in TCP/IP Volume 1: Protocols. The original book is more detailed, this article is only used for learning exchange. It contains 3,782 words and takes 12 minutes to read.
A PDF version of this article is available by sending TCP at the public id: Jacen technical Notes.
OSI seven layer model
Open System Interconnection Model (OSI) OSI model (short for OSI model) is a conceptual model developed by the International Organization for Standardization (ISO), a standard framework that attempts to network various computers worldwide. The Physical Layer transmits Data frames on the LOCAL area network (LAN) and manages the communication between computer communication devices and network media. It includes pins, voltages, cable specifications, hubs, Repeaters, network cards, host interface cards, and so on. The Data Link Layer is responsible for network addressing, error detection, and error correction. When the header and tail of a table are added to a packet, a Data Frame is formed. Data link headers (DLH) are methods that contain physical addresses and error detection and correction. A data linked list tail (DLT) is a string indicating the end of a packet. For example, Ethernet, wireless local area network (Wi-Fi) and general packet radio service (GPRS). It is divided into two sub-layers: logical Link Control (LLC) sub-layer and Media Access Control (MAC) sub-layer. The Network Layer determines the path selection and forwarding of data, and adds the Network header (NH) to the packet to form the packet. The network table header contains network data. For example, Internet Protocol (IP). The Transport Layer adds the Transport header (TH) to the data to form packets. The transport header contains the protocol used to send information. For example, transmission control Protocol (TCP). The Session Layer is responsible for setting up and maintaining communication connections between two computers in the computer network during data transfer. The Presentation Layer converts data into a format that is compatible with the receiver’s system format and suitable for transmission. The Application Layer provides an interface designed for an Application to set up communication with another Application. For example, HTTP, HTTPS, FTP, Telnet, SSH, SMTP, and POP3.
TCP layer 4 model
The TCP/IP protocol family is called the basis of the Global Internet or Internet. TCP/IP is usually a four-tier protocol system. 1) Link layer. It usually includes the device driver in the operating system and the corresponding network interface card in the computer. 2) Network layer. Handles the activities of groups in the network. Includes IP, ICMP, and IGMP. 3) Transport layer. Provides end-to-end communication for programs on two hosts. There are two different protocols :TCP transmission control protocol and UDP user datagram Protocol. TCP provides highly reliable end-to-end communication. UDP does not guarantee that a datagram will reach another host; reliability is provided by the application layer. In the TCP/IP protocol family, network layer IP provides an unreliable service. That is, it simply moves packets from the source to the destination as quickly as possible without providing any guarantee of reliability. TCP, on the other hand, provides a reliable transport layer over the unreliable IP layer. To provide this reliable service, TCP uses mechanisms such as time-out retransmission, sending and receiving end-to-end confirmation grouping. Thus, the transport layer and the network layer are responsible for different functions. Bridges interconnect networks at the link layer, while routers interconnect networks at the network layer. TCP and UDP are two of the most well-known transport-layer protocols, and both use IP as the network layer protocol. 4) Application layer. Responsible for specific application details.
IP Address Type
IP addresses are classified into five categories: A, B, C, D, and E. A Class A IP address indicates that the first segment of an IP address is the network number and the remaining three segments are the numbers of the local computer. A Class B IP address indicates that the first two segments of an IP address are network numbers. Class C IP address: The first three segments of an IP address are network numbers, and the rest segment is the number of the local computer. Class D IP addresses are historically known as multicast addresses. Class E IP addresses are reserved. The IP address starts with 1111.
Domain Name System (DNS)
The Domain Name System (DNS) is a service of the Internet. As a distributed database that maps domain names and IP addresses to each other, it makes it easier for people to access the Internet.
The link layer
The link layer serves three purposes: Sending and receiving datagrams for the IP module Sending ARP requests and receiving ARP replies for the ARP module Sending RARP and receiving RARP replies
IP: Internet protocol
IP is the core protocol in the TCP/IP protocol family. All TCP, UDP, ICMP, and IGMP data is transmitted in IP datagrams format. IP provides only the best transport services. Any required reliability must be provided by the upper layer (such as TCP). Connectionless: IP does not maintain any state information about subsequent datagrams. Each datagram is handled independently of each other.
The IP header
The first length of a normal IP address is 20 bytes, unless it contains an option field. The current protocol version is 4, so IP is also called IPv4. Each IP datagram contains both source and destination IP addresses.
IP Routing
Each entry in the routing table contains the following information: Destination IP address. The IP address of the next router, or the IP address of the network with a direct connection. Mark. Specifies a network interface for the transmission of datagrams.
Subnet mask
Subnet mask: Bits 1 are reserved for the network number and subnet number, and bits 0 are reserved for the host number. In addition to the IP address, the host needs to know how many bits are used for the subnet number and how many bits are used for the host number. IP addresses are generally expressed in dotted decimal notation, but subnet masks are often expressed in hexadecimal notation, especially if the boundary is not a byte, since a subnet mask is a bit mask.
The ifconfig command
Ifconfig is typically run at boot time to configure each interface on the host. Ifconfig -a // All interfaces ifconfig eth0 // An interface
ARP: address resolution protocol
ARP provides dynamic mapping between IP addresses and hardware addresses. RARP is used by systems that do not have disk drives and requires manual Settings by system administrators. ARP sends an Ethernet data frame called an ARP request to each host on the Ethernet. TCP/IP has its own address: 32-bit IP address. Knowing the host’s IP address does not cause the kernel to send a frame of data to the host. The kernel (such as an Ethernet driver) must know the destination hardware address to send data. ARP provides dynamic mapping between 32-bit IP addresses and hardware addresses using different network technologies.
ARP cache
The ARP cache stores the most recent mapping between Internet addresses and hardware addresses. Arp -a // Displays all the contents in the ARP cache arp -d // Deletes an item from the ARP cache arp-s // adds the contents in the cache
RARP: reverse address resolution protocol
The RARP protocol is used by many diskless systems to obtain IP addresses at boot time. The RARP implementation of a diskless system reads a unique hardware address from an interface card and then sends an RARP request (a frame of data broadcast over the network) asking a host to respond to the IP address of the diskless system. The FORMAT of AN RARP packet is basically the same as that of an ARP packet. An RARP request, broadcast over the network, identifies the sender’s hardware address in a packet to request a response from the corresponding IP address. Replies are usually unicast.
The Ping program
The Ping program is used to test whether another host is reachable.
IP record routing option
Most versions of the ping program provide the -r option to record routes. It causes the ping program to set IPR R in the sent IP packet that contains the ICMP echo request message.
TCP: Transmission control protocol
TCP provides a set of connection-oriented, reliable byte stream services. TCP does not interpret the contents of the byte stream. Byte streams are interpreted by the application layer on both sides of the TCP connection.
TCP’s first
TCP data is encapsulated in an IP datagram. The TCP header is usually 20 bytes.
TCP’s first
The source IP address and destination IP address of the IP header and the source port number and destination port number of the TCP header uniquely determine a TCP connection. An IP address and a port number are also called a socket. A socket pair (a quadruple containing the client IP address, client port number, server IP address, and server port number) uniquely identifies the two parties of each TCP connection in an Internet network. The confirmation sequence number should be the last successfully received data byte number plus 1. TCP provides full-duplex services at the application layer. TCP traffic control is provided at each end of the connection through a declared window. Verifies and overwrites the entire TCP packet segment: TCP header and TCP data. This is a mandatory field that must be computed and stored by the originator and validated by the receiver. The most common optional field is the Maximum Segment Size (MSS).
Establishing and terminating a TCP connection
TCP is a connection-oriented protocol. Before either party can send data to the other, a connection must be established between the two parties.
TCP three-way handshake
Step1: The requestor sends a SYN segment that indicates the port of the server to which the client intends to connect, and ISN. The SYN segment is packet segment 1. Step2: the server replies with a SYN packet segment (packet segment 2) containing the initial sequence number of the server. At the same time, set the ISN of the customer plus 1 to the SYN segment of the customer. Step3: the customer must set the ISN of the server to 1 to confirm the SYN segment (packet segment 3) of the server.
TCP waved four times
When the server receives the FIN, it sends back an ACK with the received sequence number plus one. As with the SYN, a FIN takes a sequence number. The TCP server also sends an end-of-file character to the application (that is, the discard server). The server program then closes its connection, causing its TCP side to send a FIN, and the client must send back an acknowledgement with the acknowledgement sequence set to receive plus 1.
TCP state transition diagram
TCP interactive data flow
A packet segment that blocks data is basically full length (usually 512 bytes). The interactive data is much smaller (less than 10 bytes). TCP needs to process both types of data.
Undergo delay confirmation
Typically TCP does not send an ACK immediately upon receiving data; Instead, it delays sending so that an ACK can be sent along with the data that needs to be sent in that direction (this is sometimes called data piggyback ACK). Most implementations use a delay of 200 ms, which means TCP waits for a maximum delay of 200 ms to see if data is sent together. For small message segments, the receiver uses a delay-within-time acknowledgement method to determine whether acknowledgement can be delayed to be sent with the echo data. This reduces the number of packet segments.
TCP block data flow
The most important method for efficient transmission of block data is TCP’s sliding window protocol.
Sliding window protocol
This protocol allows the sender to send multiple packets in succession before stopping and waiting for confirmation. Because the sender does not have to stop for confirmation with each packet, the protocol speeds up the transmission of data.
Slow start
Slow start: This algorithm works by observing that the rate at which new packets enter the network should be the same as the rate at which the other end returns confirmation. Slow starts add another window to the sender’s TCP: congestion window, denoted as CWND. When a TCP connection is established with a host on another network, the congestion window is initialized to 1 packet segment (that is, the size of the packet segment advertised on the other end). Each time A C K is received, the congestion window increases by A segment (CWND in bytes, but slow start increases by segment size). The sender takes the minimum value in the congestion window and the notification window as the upper limit of sending. The congestion window is the flow control used by the sender, and the notification window is the flow control used by the receiver.
TCP timeout and retransmission
TCP solves this problem by setting a timer when sending. If no acknowledgement is received when the timer overflows, it retransmits the data.
Congestion avoidance algorithm
The slow start algorithm is a way to initiate a data stream over a connection, but sometimes we reach the intermediate router limit where packets are discarded. Congestion avoidance algorithm is a method to deal with lost packets. The congestion avoidance algorithm and the slow start algorithm need to maintain two variables for each connection: a congestion window CWND and a slow start threshold SSthRESH.
Fast retransmission and fast recovery algorithm
1. When the third repeated ACK is received, set SSTHRESH to half of the current congestion window CWND. Retransmitting the lost packet segment. Set CWND to SSTHRESH plus 3 times the packet segment size. 2. Each time it receives another duplicate ACK, CWND increases the size of the packet segment by 1 and sends a packet (if the new CWND allows it to send). 3. When the next ACK arrives confirming new data, set CWND to SSTHRESH (the value set in Step 1). This ACK should be an acknowledgement of the retransmission in Step 1 within a round-trip time after the retransmission. In addition, this ACK should also be an acknowledgement of all intermediate packet segments between the missing packet and the first duplicate ACK received. This step uses congestion avoidance because we halve the current rate when packets are lost.
regrouping
When TCP times out and retransmits, it does not have to retransmit the same packet segment. TCP, in contrast, allows regrouping to send a larger segment, which helps performance.
Source: Public id “Jacen Technical Notes”
Author: Jacen
TCP/IP protocol