Reprinted from: juejin.cn/post/695340…

Introduction to TCP/IP

TCP/IP transport protocol, namely transmission control/network protocol, also known as network communication protocol. It is the most basic communication protocol in the use of network.

TCP/IP protocol specifies the standards and methods for communication between different parts of the Internet. And, TCP/IP transmission protocol is to ensure the network data information timely and complete transmission of two important protocols.

TCP/IP transport protocol is strictly a four-tier architecture, including the application layer, transport layer, network layer and network interface layer.

The application layer

  1. Provide an interface for the operating system or network applications to access network services;

  2. Main protocols: FTP (File Transfer Protocol), Telnet (remote login Protocol), DNS (Domain name resolution Protocol), SMTP (Mail Transfer Protocol), POP3 (Post office Protocol), HTTP (Hyper Text Transfer Protocol).

  3. The basic unit of data transmission is packet.

The transport layer

The main function of the transport layer is to enable communication and data exchange between applications at the application layer.

There are many applications running inside the computer, and each application has a port number. We usually use the port number to distinguish these applications.

Protocols at the transport layer are divided into connection-oriented protocol TCP and connectionless protocol UDP

TCP

  • TCP is a reliable protocol, which can ensure the reliable delivery of data packets.
  • TCP can correctly handle packet loss and transmission order disorder during transmission.
  • TCP also provides congestion control to ease network congestion.

UDP

  • UDP is an unreliable protocol that cannot ensure reliable data delivery. Compared with TCP, UDP does not check whether data packets arrive or whether the network is blocked. However, UDP is more efficient.
  • UDP is used for video communication and multimedia fields such as broadcasting and multicast with little packet data.

The network layer

The purpose of the network layer is to realize the transparent transmission of data between two end systems. The specific functions include addressing and routing, connection establishment, maintenance and termination, etc. It provides services that eliminate the need for the transport layer to understand data transfer and switching technologies in the network.

Main agreements included:

  • Internet Protocol (IP)
  • ICMP (Internet Control Message Protocol)

Network interface layer

The communication link layer can also be divided into physical layer and data link layer

Physical layer: The lowest layer of TCP/IP is the hardware responsible for transmission, which is equivalent to Ethernet or telephone lines and other physical layer devices.

Data link layer: Located between the physical layer and the network layer, the data link layer defines how data is transmitted over a single link.

The main protocols of the data link layer include ARP and RARP, which provide link management error detection and effectively deal with details related to different communication media.

Packet sending process

Let’s talk about the process of network packet sending: take our QQ chat as an example

Suppose THAT QQ1 communicates with QQ2, and QQ1 wants to send a packet to QQ2, what strange operations will it go through?

1. Application layer processing

QQ1 has opened a chat window is user to input the hello, and then click send, then the hello as a packet to navigate in the network, and that’s not all, the application layer also need to deal with the packet, including the character encoding, formatting, etc., in this layer is the OSI layer do the work, But in TCP/IP it all goes to the application layer.

At the moment a packet is sent, it establishes a TCP connection, which acts as a channel, after which other packets use the channel to transmit data.

2. Transport layer processing

TCP is responsible for establishing connections, sending data, and disconnecting connections according to the instructions of the application.

TCP adds a TCP header field to the front end of the application data layer. The TCP header contains the source port number and destination port number. These two port numbers are used to indicate where packets are sent and to which application. The TCP header also contains serial number, which is used to indicate that the data in the packet is the serial number of the number of bytes in the whole data of the sender. The TCP header also contains a checksum to determine whether data is corrupted. The TCP header is then appended to the header of the packet and sent to the IP address.

3. Network layer processing

The network layer is mainly responsible for the processing of data packets is the IP protocol, IP protocol TCP transmitted from the TCP head and data combined as their own data, and in the TCP head front add their OWN IP head. Therefore, IP packets are followed by TCP packets, followed by the data itself. The IP header contains the destination and source addresses, followed by information to determine whether TCP or UDP follows.

After the IP packet is generated, the routing control table determines which host it should be sent to. The IP modified packet is sent to the router or the driver of the network interface to realize real data transmission.

4. Processing of link layer

When packets are sent through IP, the Ethernet attaches the Ethernet header to the data and sends it. The Ethernet header contains the MAC address of the receiving end, the MAC address of the sending end, and the Ethernet data protocol that identifies the Ethernet type.

5. Link layer resolution

After receiving the packet, QQ2 will first find the MAC address from the Ethernet header to determine whether the packet is destined for itself. If the packet is not destined for itself, it will discard the packet.

If the packet is sent to the device, the device checks the Ethernet type and protocol. If the packet is IP, the device throws it to the IP protocol for processing. If the packet is ARP, the device throws it to the ARP protocol for processing. If the protocol type is an unrecognized protocol, the packet is discarded.

6. Network layer parsing

The packet processed by Ethernet is thrown to the network layer for processing. We assume that the protocol type is IP. Then, after receiving the packet, THE IP address in the IP header is parsed to determine whether the IP address in the IP header matches its own IP address. If yes, the device receives the data and determines whether the protocol of the upper layer is TCP or UDP. If no match is found, the packet is discarded.

Note: In the process of routing and forwarding, sometimes the IP address is not its own. In this case, the routing table is required to assist in processing.

7. Transport layer parsing

In the transport layer, we use TCP by default. During TCP processing, the checksum is calculated first to determine whether the data is corrupted. Then check whether the data is received by serial number, and finally check the port number to determine which application it is. Once the data is fully identified, it is passed to the application identified by the port number for processing.

8. Application layer parsing

The application program designated by the receiver will process the data transmitted by the sender, identify the content of the data through decoding operations, and then store the corresponding data on the disk. The application program will return a message indicating that the data is saved successfully to the sender. If the data fails to be saved, an error message will be returned.

TCP three handshakes four waves

Three-way handshake

  1. At the beginning, both the client and the server are in the closed state, and the server B has been in the monitoring state, always monitoring whether there is a request to establish a connection;

  2. When a client wants to establish a connection, it sends a packet to confirm the connection. This packet is a synchronization packet SYN = 1, and a random sequence number seq = X is generated. This is the first handshake.

  3. When receiving a connection request packet, the server sends a synchronous packet with SYN = 1 and ACK = 1. In addition, the server randomly generates a SEq = Y and sets ACK to X + 1 and sends it back to the client. This is the second handshake.

  4. After receiving the ACK packet from the server, the client replies with an ACK packet to confirm that the packet has been received. The ACK packet is ACK = 1, SEq = X + 1, ACK = Y + 1. This is the third handshake.

Note: The uppercase ACK indicates that the packet is an acknowledgement packet, and the lowercase ACK indicates the acknowledgement number in the packet. The acknowledgement number is obtained by adding 1 to the seQ value of the previous handshake.

Why three handshakes

Above is the whole three-way handshake process, now let’s analyze why the three-way handshake can reliably determine the sending and receiving data supported by both client and server.

First handshake: In the first handshake, the client sends synchronization packets to the server. In this case, the client knows that it has the ability to send data, but does not know whether the server has the ability to receive and send data.

Second handshake: After receiving a synchronization packet, the server replies and acknowledges the synchronization packet. In this case, the server knows that the client is capable of sending packets and receiving and sending data, but does not know whether the client is capable of receiving data.

Third handshake: After receiving the confirmation packet from the server, the client knows that the server is capable of receiving and sending data. However, the server does not know that it is capable of receiving data. Therefore, the client needs to send an acknowledgement packet to inform the server that it is capable of receiving data.

When the three-way handshake is complete, both the client and server know that they are capable of sending and receiving data, and then the connection is established and data can be transferred.

Four times to wave

The three-way handshake is used to establish a reliable data transmission channel, while the four-way wave is used to ensure that the connection is not closed until the data has been received. Since the need to ensure complete data transmission, it is necessary to ensure that both sides meet the conditions to close the connection to disconnect.

From the picture above, we can see:

  1. The client sends a FIN disconnection packet carrying a randomly generated SEQ value u to the server and is in the FIN-WSIT state. This is the first wave.

  2. After receiving a FIN packet, the server sends an acknowledgement packet containing ACK = 1, a seQ is generated randomly, and ACK = u + 1, indicating the second wave.

  3. When the server finishes sending data, it sends a FIN packet to the client to notify the client that the server is ready to close the connection. The packet contains FIN = 1, ACK = 1, ACK = U + 1, seq = W, which is the third wave.

  4. When receiving a FIN acknowledgement packet, the client sends a FIN acknowledgement packet with ACK = 1, seq = u + 1, and ACK = w + 1. The client enters time-wait state and closes the connection after 2MSL. This is the fourth wave. Note: The TCP connection has not been released at this time. The client can enter the CLOSED state only after the Maximum Segment Lifetime is set to 2MSL.

Why four waves

First wave: the client sends a request to the server to close the connection.

Second wave: When the server receives the shutdown request, the server may send an acknowledgement message indicating that it knows that the client wants to close the connection, but needs to wait because the data transmission is not complete.

Third wave: When data transmission is complete, the server sends a FIN packet to inform the client that data transmission is complete and the server is ready to close the connection.

Fourth wave: After receiving a FIN packet from the server, the client sends an ACK packet to inform the server that it knows about the packet and closes the connection after a while

Why does the client wait for 2MSL after the fourth wave?

Wait for 2MSL to ensure that the server receives an ACK packet. Because the network is complex, the ACK packet may be lost. If the server does not receive an ACK packet, it resends a FIN packet. The server receives an ACK packet only when the client does not receive a FIN packet after waiting for 2MSL. In this case, the client can be shut down.

This article refer to

Summary of TCP/IP basic knowledge

Summary of basic knowledge of computer network

Why does TCP need three handshakes and four waves

Reprinted from the author: First Love link: juejin.cn/post/695340… Source: Nuggets