• It’s hard to find an application that doesn’t need the web at all. Even stand-alone applications have all kinds of requests for data reporting, advertising, and so on

Network based

Http & Https

Definition:
  1. HTTPS :Hypertext Transfer Protocol over Secure Socket Layer
  2. HTTP: The rules that specify how browsers and Web servers communicate with each other
The difference between:
  1. For HTTPS, you need to apply for a certificate from the CA. Generally, there are few free certificates, so a certain fee is required.
  2. HTTP is a hypertext transfer protocol, and information is transmitted in plain text. HTTPS is secure SSL/TLS encryption

Transport protocol (between HTTP and TCP). (The common open source implementation of SSL/TSL is OpenSSL.) 3. HTTP and HTTPS use completely different connection modes and default port (80 for the former and 443 for the latter). 4. HTTP connections are simple and stateless; HTTPS is a network protocol based on SSL and HTTP for encrypted transmission and identity authentication. It is more secure than HTTP. 5. The difference in writing method is that the prefix is different, and the client processes the prefix differently.

Secure Sockets Layer (SSL)
  • SSL is a sub-layer between the transport layer and the application layer. It serves two main functions:
  1. Data security (guarantee that the data will not be leaked) and data integrity (guarantee that the data will not be tampered with);
  2. Encrypt the data before transmission;
HTTPS purpose:
  • Provide identity authentication to the website server to protect the privacy and integrity of the exchanged data;
HTTPS solves the following problems:
  1. Trusted host problems (applying for a certificate from a CA);
  2. Prevent data disclosure and tampering in the process of communication;
HTTPS implementation principle:
  1. The client accesses the Web server using an HTTPS URL and must establish an SSL connection with the Web server.
  2. After receiving the request from the client, the Web server sends the certificate information (including the public key) of the website to the client.
  3. The browser on the client and the Web server begin to negotiate the security level (exchange protocol version number) of the SSL connection, that is, the level of information encryption.
  4. The client’s browser creates a temporary session key based on the agreed security level, and then encrypts the session key using the site’s public key.

And send it to the web site. 5. The Web server uses its private key to decrypt the session key. 6. The Web server uses the session key to encrypt the communication with the client.

HTTPS Encryption Principle

  • Compared with symmetric encryption, asymmetric encryption is more secure, but it takes longer time to encrypt and decrypt, and the speed is slower.
The CA certificate:

A digital certificate is issued by the CA, including the issuer, version, user, public key, validity period, Hash value of the digital signature, and Hash algorithm of the signature.

How do I verify a CA certificate on a client

The Hash value in the CA certificate is actually the encrypted value using the private key of the certificate (the private key is not in the CA certificate). After obtaining the certificate, the client uses the public key in the certificate to decrypt the Hash value to obtain Hash -A. Then the signature Hash algorithm in the certificate is used to generate a Hash -B. Finally, compare the values of Hash-a and Hash b. If yes, then the certificate is correct and the server can be trusted. If not, then the certificate is incorrect and may have been tampered with, and the browser will tell you that an HTTPS connection cannot be established. In addition, it verifies the validity time of the CA certificate and matches the domain name.

SSL handshake setup in HTTPS
  1. An SSL handshake is established between the client and the server. The client uses the CA certificate to confirm the identity of the server.
  2. Pass three random numbers to each other, and then generate a key from the random numbers;
  3. Each other to confirm the key, and then handshake;
  4. Data communication begins, using the same conversation key for encryption and decryption;

(In short, asymmetric encryption algorithm is used to generate symmetric encryption key, and symmetric encryption algorithm is used to encrypt communication content)

Layer:

  • OSI 7-layer model (Iot network transmission table should be)
    • Application layer: provides interfaces and services to computer users.
    • Presentation layer: data processing: codec, encryption and decryption, etc.
    • Session layer: manages (establishes, maintains, reconnects) communication sessions.
    • Transport layer: Manages end-to-end communication connections.
    • Network layer: Data routing: Determines the path of data across the network.
    • Data link layer: Manages data communication between adjacent nodes.
    • Physical layer: photoelectric physical properties of data communication.
  • TCP/IP four-layer model
    • Application layer: the meeting table in the OSI should be at layer 3. HTTP, FTP, SMTP, POP3, NFS, DNS and other protocols belong to the application layer.
    • Transport layer. TCP/UDP belongs to the transport layer
    • Network layer: The IP protocol belongs to the network layer
    • Network interface layer: including the object count layer in OSI,
  • HTTP (Application layer) TSL/SSL (security layer) TCP (Transport layer) IP (network layer) Network Interface (Data link layer)
  • Domain Name System (DNS) Domain Name System (DNS) service
    • By translating IP addresses from non-regular dotted decimal notation into comprehensible domain names (domain names can be translated into IP addresses through DNS services). ;
    • Domain name: can be divided into top-level domain, second-level domain, third-level domain… , for example, www.taobao.com => – Three-level domain. Level-2 domain. Top-level domain.
  • Dynamic Host Configuratin Protocol (DHCP) Dynamic Host configuration Protocol
    • The network administrator only needs to configure a shared IP address. Each newly connected machine can apply for an IP address from the shared IP address through DHCP. Then the network administrator can automatically configure the IP address. Other machines can also be used after using;
    • DHCP is a LAN protocol that applies the UDP protocol at the application layer.

Why does TCP go through three handshakes and four waves

Three handshakes:
  1. First handshake: Establishes a connection. The client sends a connection request segment with SYN position 1,

Sequence Number is x; The client then enters the SYN_SEND state and waits for confirmation from the server. 2. Second handshake: The server receives the SYN packet segment. When receiving the SYN packet segment from the client, the server needs to acknowledge this Acknowledgment by setting the Acknowledgment Number to X +1(Sequence Number+1). In addition, you also send SYN request information with the SYN position as 1 and Sequence Number as y. The server puts all the above information into a packet segment (SYN+ACK packet segment) and sends the packet to the client. At this time, the server enters the SYN_RECV state. 3. Third handshake: The client receives the SYN+ACK packet from the server. Then set the Acknowledgment Number to Y +1, and send an ACK packet segment to the server. After this packet segment is sent, both the client and server enter the ESTABLISHED state and complete the TCP three-way handshake.

Four times to wave
  1. First breakup: Host 1 (either client or server), set Sequence Number and

Acknowledgment Number, send a FIN packet segment to host 2. Host 1 enters the FIN_WAIT_1 state. This means that host 1 has no data to send to host 2; 2. Second separation: Host 2 receives the FIN packet segment sent by host 1, and sends an ACK packet segment to host 1. This Acknowledgment Number is set to Sequence Number plus 1. Host 1 enters the FIN_WAIT_2 state. Host 2 tells host 1 that I “agree” to your shutdown request; 3. Third breakup: Host 2 sends a FIN packet to host 1 to close the connection, and host 2 enters the LAST_ACK state. 4. Fourth break: Host 1 receives the FIN packet segment sent by host 2 and sends an ACK packet segment to host 2. Then host 1 enters the TIME_WAIT state. After receiving an ACK packet from host 1, host 2 closes the connection. If host 1 does not receive a reply after waiting for 2MSL, it proves that the Server has been properly shut down. Then, host 1 can close the connection. (MSL is the abbreviation of Maximum Segment Lifetime. It is the Maximum duration of any packet on the network. If the duration exceeds this period, the packet is discarded.)

  • The purpose of the “three-way handshake” is “to prevent an invalid connection request segment from being suddenly retransmitted to the server

Error “. The main purpose is to prevent the server from waiting and wasting resources. In other words, the first two (first and second) handshakes are performed to ensure that the server receives the information from the client and makes the correct response, and the second and third (second and third) handshakes are performed to ensure that the client receives the information from the server and makes the correct response.

  • The reason for “four waves” is because TCP is in full-duplex mode. When FIN is received, no data will be sent, but still

You can continue sending data.

What is TCP doing at the IP and MAC layers during the three-way handshake?

Each time TCP sends a message, it takes the IP layer and MAC layer with it. Because every time TCP sends a message, all mechanisms at the IP and MAC layers are run.

What is the difference between TCP and UDP?

  1. TCP is connection-oriented, while UDP is connectionless (that is, no connection needs to be established before sending data).
  2. Requirements on system resources (more TCP, less UDP);
  3. The UDP program structure is simple. It does not process datagrams, that is, it does not merge or split data. Instead, it directly pushes application-layer data into packets.
  4. UDP is used to distribute multimedia information, such as video, voice, and real-time information. TCP is usually used for the transmission of reliable information, including financial transactions, reliable communication, MQ, and so on.
  5. TCP provides reliable services. That is to say, the data transmitted through the TCP connection, no error, no loss, no repetition, and in order to arrive;

UDP does not have congestion control. It will deliver the data regardless of whether the network is congested, but it does not guarantee reliable delivery. 6. 7. Each TCP connection can only be point-to-point. UDP supports one-to-one, one-to-many, many-to-one, and many-to-many interactions. 8. TCP is full-duplex communication: when two devices are connected, they can both send and receive data simultaneously. 9. TCP is a protocol for byte streams (sticky packet problems may occur), while UDP is a protocol for packet transmission. 10. The UDP header has a small overhead of only 8 bytes.

Reliable transmission of TCP protocol
  • The reliable transmission of TCP is based on the continuous ARQ protocol.
  1. The sliding window
  2. Cumulative confirmation
  3. Select the retransmission
TCP traffic control
  • Flow control refers to keeping the sender from sending too fast. TCP uses sliding Windows for flow control.
  1. Sliding window: The receiver can adjust the size of the sliding window to control how efficiently the sender sends data.
  2. Hold timer: set when the sliding window is used for flow control: when the message of window 0 is received, the hold timer is started; Keep the timer to send a window probe packet at intervals.
TCP congestion control
  • Unlike flow control, which considers point-to-point traffic control, congestion control considers the entire network and is a global consideration.
  1. Slow start algorithm: gradually increase the amount of data sent from small to large; One is added for each acknowledgement received. Beyond the slow start threshold (SSthresh), growth stops.
  2. Congestion avoidance algorithm: maintain a congestion window variable; As long as the network is not congested, try to expand the congestion window.
  • The congestion control of TCP uses the slow start algorithm to increase the window size exponentially in the early stage, until the slow start threshold (SSthresh) is exceeded, and then starts the congestion control algorithm to avoid the linear growth of the window.
Four timers of the TCP protocol
  1. Timeout timer;
  2. Stick to the timer;
  3. Time waiting timer;
  4. Retention timer:
TCP reliable transmission principle
  1. Acknowledgement and retransmission: The receiver acknowledges the packet after receiving it. The sender retransmits the packet if it does not receive acknowledgement within a period of time.
  2. Data verification.
  3. Data sharding and sorting: TCP slices the data. The receiver caches the incoming data in order and reorders the data before submitting it to the application layer.
  4. Process control: When the receiver fails to receive the sent data, it prompts the sender to slow down the sending speed to prevent packet loss.
  5. Congestion control: Reduces data transmission when network congestion occurs.

(blog.chinaunix.net/uid-2627598…).

TCP/IP protocol

  • Physical devices use the IP protocol to mask the differences between physical networks.
role
  1. IP protocol makes the complex actual network into a virtual interconnection network;
  2. IP protocol makes the network layer can mask the details at the bottom layer and focus on the data forwarding at the network layer.
  3. IP protocol solves the problem of datagram transmission path in virtual network.
The IP address
  • Each unique network device has a unique IP address. Unlike the MAC address, which cannot be changed, the IP address changes according to the network environment connected to the device.
The difference between MAC address and IP address
  1. The MAC address of a data frame changes with each hop, while the IP address of an IP datagram remains the same with each hop.
  2. The IP address has the function of remote location, while the MAC address is more like the ID number. The uniqueness of the MAC address is to avoid the conflict between different network cards in the same network.

From the hardware point of view, ensure that different network adapters have different identifiers. 3. Compared with AN IP address, the communication range of a MAC address is smaller and is limited to a subnet. For example, you can access 192.168.0.1/24 from 192.168.0.1/24 using a MAC address.

Address Resolution Protocol (ARP) Indicates the Address Resolution Protocol
  • Translates a 32-bit IP address at the network layer to a 48-bit MAC address at the data link layer.
  • ARP protocol is directly encapsulated in the data link layer in the data frame.
Reverse Address Resolutioni Protocol (RARP) Indicates the Reverse Address resolution Protocol
  • Translates a 48-bit MAC address at the data link layer to a 32-bit IP address at the network layer
  • It is similar to ARP except that type 8035 is identified as RARP.
Network Address Translation (NAT) technology
  • The gateway that does not change the IP address is called the forwarding gateway. The gateway whose IP address is changed is called the NAT gateway.
  • Use NAT, which is used for multiple hosts to access the private network of the Internet through a public IP address, and reduces the consumption of IP addresses but increases the complexity of network communication.
  • Why use NAT?
    1. IPv4 has a maximum of 4 + billion IP addresses.
    2. Improper IP address planning resulted in IP number waste.
A network address
  • The IP address is used by an internal organization to avoid duplication with the IP address of the external network.
  • Three types of Intranet addresses:
    1. Class A: 10.0.0.0 to 10.255.255.255 (tens of millions of devices are supported)
    2. Class B: 172.16.0.0 to 172.31.255.255 (supporting millions of data-level devices).
    3. Class C: 192.168.0.0 to 192.168.255.255 (support tens of thousands of devices).
Internet Control Message Protocol (ICMP)
  • The ICMP protocol is mainly used to assist the IP protocol to send and receive data. It can report error messages or exceptions.
Application: Use the Ping command to troubleshoot network faults
  1. Ping the loopback address 127.0.0.1 fails. It indicates that the protocol stack used by the computer is faulty and the system or protocol stack needs to be reinstalled.
  2. Ping the gateway address (routing address), and Ping 192.168.0.1/192.168.1.1 from the internal network, indicating that the IP address from the local computer to the router is accessible. If no, the WIFI and network cable are faulty.
  3. Ping the remote IP address Ping www.wanandroid.com. If the Ping fails, the connection between the ISP network and the home is faulty. This time from telecom, Unicom, mobile and other ISP to troubleshoot the problem.
routing
  • Routing table: Contains the mapping between the destination IP address and the next hop IP address.

Difference between GET and POST

  1. The GET parameter is passed through the URL and the POST is placed in the request body.
  2. Get requests pass parameters in the URL with a length limit, while POST does not.
  3. Get is less secure than POST because the parameters are directly exposed in the URL and cannot be used to pass sensitive information.
  4. Get requests can only be URL-encoded, while POST supports multiple encoding modes.
  5. Get requests are cached actively by the browser, and the request parameters are kept in the browsing history, while the parameters in post are not.

6. GET and POST are essentially TCP links, no different. However, due to HTTP regulations and browser/server restrictions, they are different in the application process.

The wireless network

  • Network classification: according to the scope of action is divided into wan, MAN, local area network; According to the user can be divided into public network, private network; According to the transmission medium is divided into wired network, wireless network;
  • Wired communication: in the physical material transmission, using copper wire, optical fiber and other wired media
  • Wireless communication: using electromagnetic waves for communication, commonly used wireless network types: WiFi, cellular network, Bluetooth, NFC;
  • Wireless bottlenecks: A single fiber has a maximum speed of 26Tbps, and the current dominant mobile standard, 4G LTE, has a theoretical rate of 150Mbps (not including carrier aggregation).

This and wired is completely no way to compare, so, if 5G to achieve end-to-end high speed, the focus is to break through the wireless part of the bottleneck;

The electromagnetic wave

  • The functional characteristics of electromagnetic waves are determined by their frequency. Electromagnetic waves of different frequencies have different properties and characteristics, so they have different uses.

For example, high frequency gamma rays, which are so powerful, can be used to treat tumors.

  • Both radio waves and light waves belong to electromagnetic waves, which are mainly used for communication at present. Of course, light-wave communications are also on the rise, such as LiFi;

The frequency resources of the radio wave are limited, so to avoid interference and conflict, we further divide the road of the radio wave into lanes and allocate them to different objects and uses. At present, the global mainstream 4G LTE technology standard belongs to UHF and UHF.

The frequency of wireless communication

  • First, let’s say a formula: C =λ V, that is, the speed of light = wavelength × frequency, whether 1G, 2G, 3G, or 4G, 5G, all changes are based on it;
  • With the development of 1G, 2G, 3G and 4G, the frequency of radio wave is more and more high, mainly because the higher the frequency, the more abundant the frequency resources can be used. The more abundant the frequency resource, the higher the transmission rate that can be achieved.

(Frequency resources are like cars, the higher the frequency, the more cars, the more information can be loaded in the same time.)

  • Since high frequency is so good, you must ask, “Why didn’t we use high frequency before?” The reason is very simple, not do not want to use, but can not afford to use.

The remarkable characteristic of electromagnetic wave is that the higher the frequency, the shorter the wavelength, the closer to the straight line propagation (the worse the diffraction ability), the greater the attenuation in the propagation medium. If the mobile communication uses the high frequency band, then its biggest problem is that the transmission distance is greatly shortened, and the coverage ability is greatly weakened. Conversely, the lower the frequency, the cheaper the network is to build and the more competitive it is. That’s why, over the years, Telecom, Mobile and Unicom have been fighting tooth and claw for low frequency.

  • One of the technical features of 5G is millimeter wave, which will require far more 5G base stations than 4G to cover the same area.

The base station

  • There are two types of base stations, micro base stations and macro base stations. As the name suggests, microbase stations are small (common in urban areas and indoors, but will be seen everywhere in 5G era), while Acer stations are large (common outside, build one to cover a large area).
  • So many base stations are beside, can you cause an effect to human body? In fact, contrary to conventional wisdom, the more base stations there are, the less radiation there is!

Small base stations, low power, good for everyone. If you only use a large base station, close to the radiation, far away, no signal, but not good. (Frequency: radio wave < excessive band < infrared < visible light < ultraviolet < X ray <γ ray, the highest frequency of visible wave is still less than the visible frequency)

Where’s the antenna

  • Mobile phones used to have long antennae. Early mobile phones also had small antennae sticking out. Why don’t our mobile phones have antennae now?

In fact, we do not need the antenna, but our antenna is smaller, according to the characteristics of the antenna, the antenna length should be proportional to the wavelength, about 1/10~1/4, mobile phone communication frequency is getting higher and higher, wavelength is getting shorter, the antenna will also become shorter;

Massive MIMO

  • MIMO is “multiple-input multiple-output,” which is sent by Multiple antennas, received by Multiple antennas,

In LTE, we had MIMO, but there weren’t that many antennas, it was just a rudimentary version of MIMO. In 5G, we continued to take MIMO technology forward, and now it’s MassiveMIMO. 5G is millimeter wave communication, and the antenna becomes millimeter scale, so you can integrate many antennas in your phone);

Petascale LTE

  • This refers to cellular networks that can theoretically reach fiber-optic speeds of 1Gbps (125MB/s).

Although based on the 4G standard, it has now progressed to gigabit LTE through technologies such as MIMO (multiple input and multiple output) and LAA using carrier aggregation.

Link Turbo

  • In order to improve users’ network experience, mobile phone manufacturers also make various kinds of customization and optimization. Huawei’s Link Turbo network aggregation acceleration technology is one of the core “black technologies”.
  • From a hardware point of view, WiFi and cellular networks are different modules of baseband chips, and we can simply think of them as similar to the dual network card situation.

The so-called Link Turbo uses mobile network acceleration while using WiFi. While dual-channel technology has previously been used to automatically switch over to a mobile network when a wi-fi network is unstable, Link Turbo’s core feature is that it can use both channels simultaneously and supports BOTH TCP and UDP.

Network I/O

Socket descriptor (Socket FD)

  • Everything is a file. “The Linux kernel operates on all external devices as if they were a file. In network I/O, the system also has a corresponding descriptor for reading and writing a Socket, called Socket FD.

synchronous

  • Synchronization is a reliable sequence of tasks in which the completion of a task depends on the completion of another task and the dependent task is completed only after the dependent task is completed.

Either both succeed and both fail, and the state of the two tasks can be consistent

asynchronous

  • In asynchrony, you do not need to wait for the dependent task to complete. You just tell the dependent task what to do, and the dependent task will execute immediately. As long as you complete the whole task, it is finished.

It is an unreliable sequence of tasks because the tasks that depend on it cannot be determined whether the dependent task actually completes.

  • An asynchronous operation can be blocked, but it is blocked not while processing a message, but while waiting for a message notification

blocking

  • Before the call result is returned, the current thread is suspended, waiting for notification, and cannot perform other services. The function returns only when it has a result.

non-blocking

  • Non-blocking corresponds to the concept of blocking, in that the function does not block the current thread, but returns immediately, until the result is not immediately available.

Xiao Ming’s story

  • Take Xiaoming downloading files as an example
  1. Synchronous blocking: Xiao Ming keeps staring at the download progress bar and finishes at 100%.
  2. Synchronization is non-blocking: Xiaoming submits the download task and then moves on to something else. Every once in a while, he takes a look at the progress bar and sees 100%.
  3. Asynchronous blocking: Xiao Ming changed a software with download completion notification function, and it “ding” when the download is completed. But Xiao Ming has been waiting for the sound of “ding”
  4. Asynchronous non-blocking: it is still the download software that will “ding”, xiaoming will do something else after submitting the download task, and he will know it is finished when he hears the “ding”

Network I/O model

  • UNIX Network Programming divides UNIX network I/O models into the following five (the first four are synchronous) :
  1. Blocking I/O
    • Blocking I/O: A user-space application performs a system call that causes the application to block and do nothing until the data is ready,

    The data is copied from the kernel to the user process, and then processed by the process. During the two stages of waiting for the data to be processed, the whole process is blocked. Cannot handle other network IO.

  2. Non-blocking I/O
    • Non-blocking I/O: After a non-blocking recvForm system call, the process is not blocked, the kernel immediately returns to the process, if the data is not ready,

    An error is returned. After the process returns, it can do something else before making the recvForm system call. Repeat the above process, repeating the recvForm system call. This process is often referred to as polling. The kernel data is checked by polling until it is ready, and then copied to the process for data processing.

  3. Multiplexing I/O
    • Polling takes up a large part of the process because synchronous non-blocking methods require constant active polling, and polling consumes a lot of CPU time, whereas “in the background” there may be multiple tasks going on at once,

    The idea is to query the completion status of multiple tasks in a circular way, processing any task as it completes. It would be nice if polling wasn’t in the user mode of the process, but had someone to help. So this is called “IO multiplexing.” Select, poll, and epoll in UNIX/Linux do just that (epoll is more efficient than poll and select, and does the same thing).

  4. Signal-driven I/O
    • First we allow the Socket to do signal driven IO and install a signal handler. The process continues to run without blocking. When the data is ready, the process receives a SIGIO signal and can call I/O operations within the signal handler to process the data.
  5. Asynchronous I/O
    • In contrast to synchronous IO, asynchronous IO is not executed sequentially. After the user process makes the AIO_read system call, kernel data is returned directly to the user process, whether it is ready or not.

    The user mode process can then do something else. When the socket data is ready, the kernel copies the data directly to the process and then sends a notification to the process from the kernel. I/O phase two, the process is non-blocking.

Network performance evaluation and optimization

Performance evaluation

Delay and bandwidth

  • Delay: The time required for data to be sent from the information source to the destination.
  • Bandwidth: Maximum throughput of a logical or physical communication path.
  • There are also many factors involved in delay and bandwidth, such as the strength of the signal, whether there is a base station nearby, how far is the distance, etc. It also depends on what kind of network you’re using, whether you’re using 3G, 4G or 5G, and how congested the network is
  • Different applications may have different priorities for latency and bandwidth. For live-streaming apps, or “King of Glory,” delays are more important; For Tencent video, iQiyi such on-demand applications, bandwidth will be more important.
Bandwidth and latency reference values of different network systems
Network system bandwidth (downlink/uplink) delay 2.75g 384KB/48KB 600 to 700ms 3 G 7MB/2MB 150 to 400ms 4 G 128MB/56MB 40 to 50ms 5G >100MB/>50MB <10msCopy the code

Weak network

  • High latency, low bandwidth network scenarios are often referred to as “weak networks”
  • Features:
    1. High packet loss rate: signal problems, too many users, bit error packets, user mobility, base station switching
    2. High bit error rate: environmental waves, user distance is far
    3. Erratic delays: number of users, signaling assignment, packet loss, bit error packets
    4. Unstable bandwidth: base station distance, number of users, congestion control

Performance measurement

  • Throughput: Bytes per second received and transmitted by a network interface.
  • Delay: system call send/receive delay, connection delay, first packet delay, network round trip time, etc.
  • Connections: Connections per second.
  • Error: packet loss count, timeout, etc.

Network performance analysis tool

  • Strace: Tracks system calls related to sockets
  • Netstat: indicates the statistics of multiple network stacks and interfaces
  • Ifconfig: indicates interface configuration
  • IP: indicates the statistics of a network interface
  • Ping: tests network connectivity
  • Traceroute: tests the network route
  • Tcpdump: network packet sniffer
  • Packet capture tools such as Wireshark, Fiddler, and Charles: Check network datagms graphically
  • If you’re more familiar with the Linux underbelly, you can go directly to /proc/net, which contains a lot of network statistics files.

For example, the TrafficState interface on Android uses the /proc/net/xt_qtaguid/stats and /proc/net/xt_qtaguid/iface_stat_fmt files to collect application traffic statistics.

TPC optimization

  • The Internet has two core protocols :IP and TCP. IP is responsible for routing and addressing between networked hosts. TCP is responsible for providing a reliable abstraction layer over unreliable transport channels.

TCP/IP is often referred to as the Internet Protocol Suite.

1. Reuse the connection
  • The delay caused by the three-way handshake makes it costly to create a new TCP connection. The key to improving the performance of TCP applications is to find ways to reuse connections.
TFO (TCP Fast Open)
  • TFO aims to reduce the performance penalty associated with new TCP connections. But it only works in certain circumstances.

For example, the net load of data sent with a SYN packet has a maximum size limit, can only send certain types of HTTP requests, and can only be applied to repeated connections because of the reliance on encrypted cookies.

2. Congestion prevention and control
Flow control
  • (Sliding Window) To achieve flow control, each party to a TCP connection advertises its own receive window (RWND), which contains information about the size of the buffer space in which data can be stored.

This process runs through the life cycle of each TCP connection: each ACK packet carries the latest RWND value so that both ends can dynamically adjust the data flow rate to accommodate the capacity and processing capabilities of both sender and receiver.

Slow start
  • Gradually increase the amount of data sent from small to large; One is added for each acknowledgement received. Beyond the slow start threshold (SSthresh), growth stops.
Congestion prevention
  • Congestion prevention algorithms use packet loss as a sign of network congestion, that is, a connection or router in a path that is congested,

So that it is necessary to delete packets. Therefore, you must adjust the window size to avoid packet loss and ensure smooth network flow

TCP PRR(Proportional Rate Reduction)
  • Initially, TCP used the Multiplicative Decrease and Additive Increase (Multiplicative Decrease and Additive Increase) algorithm, that is, when packet loss occurred,

Cut the congestion window in half, then slowly add a fixed value to the window each round trip. Then came PRR(Proportional Rate Reduction), a new algorithm specified by RFC 6937, which aims to improve the recovery Rate after packet loss. Using it reduces average connection latency due to packet loss by 3% to 10%. In addition, PRR is now the default congestion prevention algorithm for the Linux 3.2+ kernel.

Client optimization
  1. Send less or no network (request merge) : Eliminating unnecessary data transfers is a big optimization in itself. For example, reduce unnecessary download resources, or use compression algorithms to minimize the number of bits to send.
  2. Shorter communication distances with CDN: By deploying servers in different regions and placing data close to the client, TCP performance can be significantly improved by reducing network round-trip latency.
  3. Reuse TCP connections: Minimize the impact of slow start and other congestion control mechanisms.

UDP optimization

  • UDP is characterized by its omission of connection status, handshakes, resends, reorganizations, rearranges, congestion control, congestion prevention, flow control, and even optional error detection.
In RFC 5405, many design suggestions are given for designing unicast UDP applications (WebRTC protocol is the design paradigm for the following rules), as follows: 1. Various Internet path conditions must be tolerated; 2. Transmission speed should be controlled; 3. Congestion control should be applied to all flows; 4. Use a bandwidth similar to that of TCP. 5. A retransmission counter based on packet loss should be prepared; 6. Do not send datagrams larger than the path MTU. 7. Datagram loss, duplication and rearrangement should be handled; 8. Should be stable enough to support delivery delays of more than 2 minutes; 9. IPv4 UDP checksum should be supported. IPv6 checksum must be supported. 10. Keep-alive can be used when needed (minimum interval of 15 seconds).Copy the code

Transport Layer Security (TLS)

  • When the IETF standardized the SSL protocol, it renamed it Transport Layer Security (TLS). Many people use TLS and SSL interchangeably, but they are not technically the same because they refer to different versions of the protocol.
  • TLS can also be implemented on top of UDP. DTLS(Datagram Transport Layer Security) (RFC 6347) is designed to build on THE TLS protocol while taking into account the Datagram delivery mode and providing similar Security.
The TLS protocol aims to provide three basic services for applications that run on top of it:
  1. Encryption: a mechanism for obfuscating data.
  2. Authentication: A mechanism for verifying the validity of an identity.
  3. Data integrity: a mechanism for detecting whether a message has been tampered with or forged.
The TLS optimization
  1. Finish the handshake early
  2. Use session caching with stateless recovery
  3. TLS record size (small records cause waste, large records cause delay)
  4. Length of certificate chain: If the length of the certificate chain exceeds TCP’s initial congestion window, we inadvertently add an extra round trip to the handshake: the length of the certificate exceeds the congestion window, causing the server to stop waiting for an ACK message from the client.

(Solution: increase the congestion window and reduce the certificate size.) 5. OCSP envelope: The server can include (envelope) the OCSP response from the certificate authority in the certificate chain, allowing the browser to skip the online query. Moving the query OCSP operation to the server allows the server to cache the signed OCSP response, thus saving many client requests. 6. HTTP Strict Transport Security: A Security policy mechanism that allows the server to declare access rules for applicable browsers using a simple HTTP header, such as strict-transport-security: max-age=31536000.

Mobile optimization

What is a Network library

  • In actual development, we rarely directly operate the underlying network interface, but use the network library;
  • The core role of network libraries
    1. Unified programming interface: easy to use, easy to unify policy management, flow parsing (JSON, XNML, etc.)
    2. Global network control: unified network scheduling, traffic monitoring, disaster recovery management (skip maintenance page), control log output, add interceptors, etc
    3. High performance:
Network library comparison
  • xUtils: This framework is very comprehensive, can undertake network request, you can load images processing, the data can be stored, you can also view for annotations, using this framework is very convenient, but the downside is also very obvious, use the project, leads to project of this framework is very serious, once this framework appear problem, It’s going to have a huge impact on the project.
  • Volley: Volley is Google official out of a set of small and smart asynchronous request library, the framework encapsulates very strong scalability, support HttpClient, HttpUrlConnection, and even support OkHttp, and Volley inside also encapsulates ImageLoader, So you don’t even need to use the image loading framework if you want to, but this is not as powerful as some of the specialized image loading frameworks, for simple needs can be used, slightly more complex needs still need to use a specialized image loading framework. Volley also has drawbacks, such as no support for POST big data, so it is not suitable for uploading files. But Volley was itself designed for frequent, low-volume network requests.
    • The advantage is better encapsulation
  • Retrofit: Retrofit is a RESTful web request framework from Square that is wrapped around OkHttp by default. Retrofit’s packaging is quite powerful, with a bunch of design patterns involved, the ability to configure requests directly through annotations, the ability to use different HTTP clients (although HTTP is the default), the ability to serialize data using different Json Converters, and support for RxJava. Retrofit + OkHttp + RxJava + Dagger2 can be said to be a relatively modern set of frameworks, but there is a relatively high threshold.
    • Retrofit decouples more thoroughly
    • OkHttp is used by default and has a performance advantage over Volley
  • OkHttp: okHttp encapsulates a high-performance HTTP request library for Java and Android applications. It supports synchronization, asynchrony, thread pooling, data conversion, parameter usage, error handling, and more. The API is much easier to use. But when we use in the project, we still need to do a layer of encapsulation, so that it can be used more smoothly.
    • The advantage of OkHttp is higher performance
    • DNS management: Supports DNS cache and interconnects with its own HTTPDNS
    • Concurrency model: Using multithreading to achieve concurrency, the actual number of threads executed by the queue mechanism control, the maximum 64, a single Host limit of 5;
    • Connection management: for HTTP connections, a maximum of 5 connections are cached per domain name. The default KeepTime is 5 minutes. For HTTP/2 connections, each domain name shares one H/2 connection.
    • IO model: Blocks sockets and uses OKio to wrap sockets for stream reading and writing.
    • Network quality monitoring: not supported by default, there are some third-party plug-ins;
    • Persistent connection: Not supported by default.
    • Cross-platform: Java implementation, not cross-platform;
    • Secondary development: easy;
    • Protocol support: HTTP / 1.1, HTTP / 2.0, TLS1.1, TLS1.2
  • Chromium Cronet:
    • Mogujie, headline, UC browser are secondary development on Chromium network library;
    • DNS management: support DNS cache, support to interconnect with their own HTTPDNS;
    • Concurrency model: each host corresponds to a thread, each thread can create six non-blocking socket request network;
    • Connection management: for HTTP connections, a maximum of 6 connections are cached per domain name. For HTTP/2 connections, each domain name shares one H/2 connection.
    • IO model: EPLL + non-blocking socket;
    • Network quality Monitoring: Predictor collects usage data and predicts network behavior. NQE provides an estimate of current network quality.
    • Persistent connection: Not supported by default.
    • Cross-platform: c++ implementation, cross-platform;
    • Secondary development: implementation complex, not easy to extend;
    • Protocol support: HTTP / 1.1, HTTP / 2.0, QUIC, TLS1.1, TLS1.2, TLS1.3
  • WeChat Mars:
    • A lot of optimization has been done in the weak network, Panyoduo, Huya, Lianjia, Meilishuo these applications are using Mars;
    • DNS management: support DNS cache, support to interconnect with their own HTTPDNS;
    • Concurrency model: each short thread is a thread, no thread limit;
    • Connection management: Support composite connection, no connection management;
    • IO model: EPLL + non-blocking socket;
    • Network quality monitoring: SDT module supports network detection and diagnosis;
    • Persistent connection: supported by default;
    • Cross-platform: c++ implementation, cross-platform;
    • Secondary development: easier than Cronet;
    • Protocol support: Signaling network, supports only TCP;
    • Check out more: github.com/Tencent/mar…
  • Large network platform
    • Alibaba’s ACCS, Ant’s mPaaS and Ctrip’s network services are all company-level network center services, so that all network optimization can benefit all access applications of the whole group.

Why to optimize

  • The waiting network is the biggest performance bottleneck of our App, which directly affects user experience, user engagement, user loyalty, and conversion rate.

What is the optimization

  • A packet from a mobile phone has to travel through the wireless network, the core network and the external network (the Internet) to reach our servers;

(Mobile phone => wireless network => Base station => carrier core network => Internet => server)

  • Factors affecting network request speed:
    1. Internal design and strategy of the client network library: IO concurrency model, optimization for network problems
    2. Server performance: concurrency capability, bandwidth capability
    3. Network related: user network (weak network, strong network), carrier, network link
  • The core of network optimization: speed, weak network, security, and others caused by power consumption, traffic problems;
  • Network request steps:
    1. DNS resolution: Obtain the IP address of the corresponding domain name through the DNS server. Pay attention to the time of DNS resolution, carrier LocalDns hijacking, and DNS scheduling.
    2. Creating a connection: Establishing a connection with the server, including TCP three-way handshake and TLS key negotiation, depends on how to select multiple IP addresses and ports, whether to use HTTPS, and whether to reduce the time for creating a connection.
    3. Send/receive data: data assembly, send, receive, parse, need to pay attention to the use of bandwidth according to the network condition, detect network delay, adjust packet size in weak network;
    4. Close connections: Both active and passive close cases need to be concerned;

HTTPDNS

  • DNS resolution is the first step for network requests. By default, the carrier’s LocalDNS service is used.
  • Problems with LocalDNS:
    1. The resolution is slow, about 100ms for 4G and 200~300ms for 3G
    2. Stability: UDP protocol, stateless, easy to domain name hijacking (hard to reproduce, hard to locate, hard to solve)
    3. Accuracy: Scheduling is often inaccurate, and cross-region and cross-carrier scheduling can cause slow or even inaccessible access
    4. Timeliness: The carrier may change the DNS TTL, resulting in a delay in taking effect
  • In order to solve the above problems, there is HTTPDNS, that is, to do their own domain name resolution, through the HTTP request background to get the domain name corresponding IP address, large network platform will have a unified HTTPDNS service,

And get through with the operation and maintenance system, but also increase accurate traffic scheduling, network dial/gray scale, network disaster recovery;

Connection reuse

  • If there is another request with the same domain name and port, it can be re-used, reducing the time required to establish a connection (TCP three-way handshake, TLS key negotiation, etc.).
  • How it works: Use keep-alive in HTTP, or multiplexing in HTTP/2.0 (multiple requests are made concurrently on the same connection)
  • Problem: Common OkHttp and HTTP/2.0 connections, the same domain name will retain only one connection, network congestion is prone to TCP queue congestion, this situation can be solved by modifying the network library or disabling HTTP/2.0;

Compression and encryption

  • The first important thing is to reduce the amount of data transmitted, which is data compression.

– There are three main parts to HTTP request data: 1. Request header: HTTP/2.0 itself has header compression technology 2. Request URL: Generally we will have a lot of public parameters, most of these parameters are invariable, can only upload once, in the unified access layer for parameter extension 3. The request body: The first is the choice of communication Protocol. In network transmission, the two most popular data serialization methods are JSON and Protocol Buffers. Protocol Buffers is more complex to use, but it has great advantages in data compression rate, serialization and deserialization speed. The other is the choice of compression algorithm. The general compression algorithm is such as GZIP, Google’s Brotli or Facebook’s Z-Standard, which is the algorithm with higher compression rate. – There are other compression methods for specific data, for example for images we can use webP, HEVC, SharpP and other higher compression formats. On the other hand, based on the IMAGE of AI ultra clear is also a great artifact, QZONE through this technology to save a lot of bandwidth costs.

security

  • Data security is also a key part of the network, in the large network platform is based on HTTPS HTTP/2 channel, has TLS encryption.
  • However, THE cost of HTTPS is not small. It requires the negotiation cost of 2-RTT and the delay is unacceptable on weak networks.

At the same time, the cost of background service decryption is also very high, in large enterprises need a separate cluster to do this thing.

The optimization of the HTTPS

  1. Connection reuse rate: Multiple domain names share the same HTTP/2 connection or persistent connection mode
  2. Reduce the number of handshakes: TLS 1.3 can achieve 0-RTT negotiation, in fact, before TLS 1.3 release, wechat MMTLS, Facebook Fizz, Alibaba’s SlightSSL have been deployed in enterprises on a large scale.
  3. Performance improvement: Using ECC certificates instead of RSA improves server signature performance by 4 to 10 times, but client verification performance decreases by about 20 times, from 10 microseconds to 100 microseconds. On the other hand, Session Ticket Session reuse saves RTT time.
  4. Other optimization: some solutions may need money heap out, such as the deployment of transnational dedicated line, accelerated point, multiple IDC nearby access. In addition, the use of CDN service, P2P technology is also a common means, especially in live broadcast such scenes.
    1. Remote multi-work: Multiple equipment rooms in multiple regions are equal to each other. The equipment rooms are divided into user dimensions and share the traffic of all users.
    2. Anti-jitter optimization: Applies a structured retry mechanism that splits network requests by whether they are sent to the socket buffer
    3. SYNC mechanism: synchronizes differential data to save traffic and improve communication efficiency and request success rate. When the client user is offline, the SYNC server keeps the differential data in the database. When the client connects to the server next time, the differential data is synchronized to the user.
    4. High concurrent traffic processing: multi-stage traffic limiting at the server access layer,
    5. JobScheduler: Combines the JobScheduler to make network requests according to the actual situation. For example, Splash screen advertisement images can be downloaded and cached locally when connected to Wifi. News App can be used as offline cache under charging and Wifi state.
    6. Prioritize network requests: The app should prioritize network requests to present the most useful information to the user as quickly as possible. (High priority services are preferred to use persistent connections)
    7. Establish long link channel: put a lot of requests into the queue to be sent, wait for the long link channel is established and then wait for the queue of requests in the long link channel to be sent out in turn.
    8. Reduce domain names and avoid redirects
    9. A request without a request is the fastest request.

Mobile Monitoring

  • Whether the base station is faulty, the optical fiber is cut off, the operator is held hostage, or the machine room or the CDN service provider is faulty, it may cause the user network problems.
  • Even if we use the OkHttp network library, there may be some developers or third-party components that use the system’s network library. How do you monitor all network requests from clients uniformly?
  1. Insert the pile:
    • ArgusAPM, 360’s open source performance monitoring tool, uses Aspect switching pilings to monitor system and OkHttp network library requests. (Refer to its TraceNetTrafficMonitor, OkHttp3Aspect)
    • The piling method looks good, but it is not comprehensive. Network requests that do not use the system and OkHttp network libraries, or that use Native code, will not be monitored.
  2. Native Hook:
    • Reference github.com/AndroidAdva…
    • The downside of this approach is that it will take over the Local Socket of the system at the same time, so you need to add filters in the code.
  3. Unified Network library
    • Despite all the network calls, what use scenarios do you think there are? Simulate network data, collect application traffic, or proxy network requests for WebView alone.

How to Monitor Traffic

  • The way to apply traffic monitoring is very simple, usually through the TrafficStats class. TrafficState is an interface added to Android API 8 to obtain the network traffic of the entire phone or a UID from the time it is turned on.

For details on how to use it, please refer to github.com/facebook/ne…

GetMobileRxBytes () // Total number of bytes received by the Mobile network since startup, excluding Wifi getTotalRxBytes() // Total number of bytes received by all networks since startup, GetMobileTxBytes () includes Wifi getMobileTxBytes() // Total number of bytes sent by the Mobile network since startup, excluding Wifi getTotalTxBytes() // Total number of bytes sent by all networks since startup, including Wifi // How it works: Read the proc and add up the traffic for all network interfaces under the target UID. // After Android 7.0, you will only be able to get TrafficStats for your own applicationCopy the code
  • Android phones and iphones have a web test mode:
    • IPhone: Open the dial screen and enter”3001 # 12345 #“And press the dial button.
    • Android phone: Open the dial screen and enter”## 4636 ##“, then press the dial button (enter engineering test mode, some versions may not support).

reference

  • Network optimization (1) : The essential knowledge of network optimization for mobile development engineers
  • Network Optimization (MIDDLE) : How to optimize complex mobile Networks?
  • How to Monitor the Network under big Data?
  • This is probably the most down-to-earth article on 5G
  • Five IO models for Linux
  • Unix network I/O model and Linux I/O multiplexing model
  • Nic packet receiving process
  • Linux networking – The process of receiving packets
  • Linux networking – The process of sending packets
  • Strengthen your knowledge of HTTP
  • The soul of the TCP protocol is to consolidate the underlying foundation of your network
  • Authoritative Web Performance Guide
  • Network Programming for UNIX
  • TCP/IP Detail Volume 1: Protocols
  • Mogujie App Chromium network stack practice
  • In-depth exploration of Android network optimization (one, network building foundation)
  • In-depth exploration of Android network optimization (one, network building foundation)
  • In-depth exploration of Android network optimization (two, network optimization foundation)
  • In-depth exploration of Android network optimization (two, network optimization foundation)
  • In-depth exploration of Android network optimization (three, network optimization)
  • In-depth exploration of Android network optimization (three, network optimization)
  • Aliaccs: The road to the evolution of mobile Terminal Access gateway infrastructure of Taobao
  • Ant mPaaS: Analysis of mobile end-to-end network access architecture under 100-level Concurrency of Ant Financial
  • Ctrip App network performance optimization practice
  • Baidu App network depth optimization series “one” DNS optimization
  • Introduction to HTTP/2 header compression technology
  • Google’s Brotli
  • Facebook’s Z – standard
  • The application of deep learning in image superdefinition
  • TLS protocol analysis and modern encryption communication protocol design
  • TLS1.3 VS TLS1.2, let you understand the power of TLS1.3
  • Introduction of TLS1.3 based wechat security communication protocol MMTLS
  • How did Facebook make TLS connections much more efficient?
  • The technical practice of CDN + P2P in large-scale live broadcasting & real-time live broadcasting
  • How does P2P reduce live video bandwidth by 75%?
  • How does wechat client deal with weak network
  • Alibaba’S PRACTICE of HTTP 2.0 and evolution of wireless communication protocol
  • 360 performance monitoring tool ArgusAPM
  • geektime-webprotocol

I am Jinyang, if you want to advance and learn more about dry goods, welcome to follow the wechat public account “jinyang said” to receive my latest articles