I. Architecture

The set of layers and protocols of a computer network is called network architecture. According to different dimensions, it is often divided into seven layers, five layers and four layers of network structure:

1.1 Seven-layer network model

The Open System Interconnection Model (OSI) is a conceptual Model proposed by the International Organization for Standardization (ISO) to become the standard framework for the worldwide Interconnection of computers. The OSI Model has a seven-layer network structure.

1.2 Four-layer network model

The Internet Protocol Suite (IPS) is a collection of multiple network transport protocols that provide architectural support for basic communications over the Internet. TCP/IP Protocol Suite or TCP/IP Protocols is also known as TCP/IP Protocol Suite or TCP/IP Protocols, or TCP/IP for short. It has a four-layer network structure.

1.3 Five-layer network model

OSI seven – layer network model by the International Organization for Standardization, it is the orthodox sense of the international standard. But its implementation is too complex, and the formulation cycle is too long, before the launch of its whole set of standards, TCP/IP model has been widely used in the world, so TCP/IP model is the de facto international standard. TCP/IP model to define the application layer, transport layer, the layer, the network interface layer of the four layers of network structure, but does not give the specific content of the network interface layer, thus in the learning and development, usually will replace the network interface layer is the OSI seven layer model of the data link layer and physical layer to understand, this is the five layer network model:

  1. Application layer: Directly provides services for application processes. Application layer protocols define the rules for communication and interaction between application processes. Different applications have different application layer protocols, such as HTTP (World Wide Web service), FTP (file transfer), SMTP (email), and DNS (domain name query).
  2. Transport Layer: sometimes also referred to as the transport layer, which is responsible for providing communication services to processes on two hosts. This layer has the following two types of protocols:
    • Transmission Control Protocol (TCP) : Provides connection-oriented and reliable data Transmission services. The basic unit of data Transmission is the segment.
    • User Datagram Protocol (UDP) : Provides a connectionless data transmission service that tries its best, but does not guarantee the reliability of data transmission. The basic unit of data transmission is User Datagram.
  3. Internet layer: Sometimes translated as the Internet layer, it is responsible for providing communication services between two hosts and transmitting data to the target host by selecting appropriate routes.
  4. Data Link Layer: Encapsulates the IP datagram handed over by the network layer into frames and transmits frames between two adjacent nodes of the link. Each frame contains data and necessary control information (such as synchronization information, address information, error control, etc.).
  5. Physical Layer: Ensures that data can be transmitted over various physical media, providing a reliable environment for data transmission.

Physical layer

The physical layer considers how data is transmitted over various mediums. It defines the interface characteristics related to the transport medium, such as:

  • Mechanical properties: indicate the shape and size of the connectors used in the interface, the number and arrangement of leads, the fixing and locking devices, etc.
  • Electrical characteristics: Indicates the range of voltages occurring on each line of an interface cable.
  • Functional characteristics: the meaning of indicating the voltage at a certain level on a certain line.
  • Discipline features: Indicate the order in which various possible events occur for different functions.

2.1 Transmission Media

The physical layer does not refer to the specific medium of transmission, but rather the physical layer wants to mask the differences between different media as much as possible. These transmission media can be divided into the following two categories:

  • Guided transmission medium: The signal is guided along a solid medium, such as twisted pair, coaxial cable, optical cable.
  • Unguided transmission medium: signals propagate in free space, e.g. short wave communication, microwave communication.

2.2 Channel Classification

A channel is a basic channel for information transmission, which can be divided into the following three categories:

  • Simplex channel: only one direction of communication and no opposite direction of communication;
  • Half duplex channel: Both sides of the communication can send information, but neither side can send or receive information at the same time.
  • Full-duplex channel: Two communicating parties can send and receive information at the same time.

2.3 Channel Overcommitment

Channel multiplexing is the most commonly used technology in information transmission to improve the efficiency of information transmission. It can be divided into the following categories according to the different technologies used:

1. Frequency division multiplexing

Frequency Division Multiplexing (FDM, Frequency Division Multiplexing) is used to transmit the total bandwidth of a channel into a number of sub-frequency bands (or sub-channels), each sub-channel transmission one signal:

2. TDM

Time Division Multiplexing (TDM) refers to the use of the same physical connection to transmit different signals at different times:

As shown in the figure above, in a TDM frame, signals of different users appear periodically. If a user is in idle state, the corresponding frame will also appear idle:

In order to solve this shortcoming of TDM, statistical TDM is produced.

3. Time division multiplexing for statistics

In Statistic TDM mode, each user sends the data to the input cache of the concentrator, and then the concentrator scans the data sequentially and puts them into STDM frames:

4. Wavelength division multiplexing

Wavelength Division Multiplexing (WDM, Wavelength Division Multiplexing) is the transmission of two or more different wavelengths of optical carrier signals at the sending end through the multiplexer together, and coupled to the optical line of the same optical fiber transmission; At the receiving end, the optical carriers of various wavelengths are separated by a divider and then further processed by an optical demodulator to recover the original signal:

5. Code division reuse

Code Division Multiplexing (CDM, Code Division Multiplexing) is a way to distinguish the original signal by different codes.

Data link layer

3.1 Basic Functions

1. Encapsulate into frames

The data link layer splits the data transmitted by the network layer into multiple segments, and adds the head and tail respectively before and after each segment of data to form a completed frame, which is the basic data unit transmitted by the link layer. The frame header is represented by the control character SOH and the frame tail by the control character EOT:

2. Transparent transmission

Transparent transmission means that data of any kind should be able to be transmitted securely over the link. Since we use control characters to seal frames, when the control characters appear in the transmitted data, the first and last frames cannot be correctly distinguished. In this case, we need to use the transfer character ESC to escape:

3. Error detection

Since communication links in the real environment are not ideal, bits may have errors during transmission: 1 May become 0, and 0 May also become 1, which is called bit errors. The ratio of the bits that are transmitted incorrectly to the total number of bits transmitted over a period of time is called ber. To solve this problem, the data link layer divides the data to be sent into multiple groups, and uses the Cyclic Redundancy Check (CRC) technology to generate a Redundancy Check code for each group of data, and then each group of data and its Check code together constitute a frame before sending.

3.2 the PPP protocol

Point-to-point Protocol (PPP) is the most widely used data link layer Protocol. It is mainly used to establish point-to-point connections to transmit data units. It consists of the following three parts:

  • A method to encapsulate IP datagrams into serial links;
  • Link Control Protocol (LCP) : An extended link control protocol used to establish, configure, test, and manage data link connections.
  • Network control Protocol (NCP) : Negotiates the format and type of packets transmitted over the link, and establishes and configures different network layer protocols.

3.3 the Mac address

A Media Access Control Address (MAC) is also called a LAN Address or a Physical Address. A MAC address uniquely identifies a nic on a network. If a device has multiple nics, each NIC has a unique MAC address. The link layer identifies the target node that needs to send data by Mac address.

The MAC address is a 48-bit number (6 bytes). It is usually represented as 12 hexadecimal numbers. Each two hexadecimal numbers are separated by colons, for example, 08:00:20:0a: 8C: 6D, the first 3 bytes are OUI (Organizationally Unique Identifier) of an organization, which are uniformly allocated to hardware manufacturers by the IEEE registration and management organization to ensure that the hardware is Unique worldwide; The last three bytes are allocated by the manufacturer.

3.4 LAN

A Local Area Network (LAN) is a Network that connects computers in a limited Area, such as homes, schools, laboratories, university campuses, or office buildings. According to IEEE802 standard, LAN architecture is divided into three layers, namely, physical layer, media link control layer (MAC), logical link control layer (LLC). There are actually two layers, the standard splits the data link layer into the more specific media link control layer and the logical link control layer.

3.5 Ethernet

Ethernet (Ethernet) is the most widely used LAN. Take the commonly used Ethernet V2 standard as an example. Its frame format is as follows:

The Mac Header records the Mac address of the destination and the Mac address of the source respectively.

4. Network layer

4.1 Internet Protocol IP

Internet Protocol is the most important Protocol in the network layer. It is also one of the two core protocols of TCP\IP. All computer networks that need to be connected need to follow this Protocol in order to be able to connect different networks in the world. The basic data unit transmitted by this layer is the IP datagram. Its format is as follows:

The meanings of each field are as follows:

  • Version: Indicates the IP protocol version (IPv4 or IPv6), which contains four digits.
  • Header length: contains 4 digits. The maximum decimal number that can be represented is 15.
  • Differentiated services: This field is only useful if differentiated services are being used. It is not normally used.
  • Total length: indicates the sum of the header length and data length, in bytes. The field is 16 bits, so the Maximum length of the datagram is 65535 bytes. The data link layer defines the Maximum Transfer Unit (MTU) of the data field in a frame. Take the Ethernet as an example, the value is 1500. Therefore, when the length of a datagram exceeds the MTU, the data needs to be fragmented.
  • Identification: it takes 16 bits and is maintained by the internal counter of IP software. Every time a datagram is generated, the counter increases by 1, which is used to reassemble the fragments with the same identifier of the datagram into the original datagram when a fragment occurs.
  • mark: takes up three places, and only two are currently meaningful:
    • Lowest level More Fragment (MF) : if the value is 1, there are fragments after the Fragment. If the value is 0, the Fragment is the last one.
    • Don’t Fragment (DF) : indicates that Fragment cannot be fragmented. Only when DF is set to 1, Fragment can be fragmented.
  • Slice offset: 13 bits that identify the offset position of the slice in the original datagram.
  • Time to live: TTL. Each time it passes through a router, its value decreases by 1. When the value is 0, the datagram is discarded. This is to prevent unrestricted forwarding of datagrams on the network when the destination address of the datagram does not exist.
  • Protocol: An 8-bit format that specifies the protocol used for the data carried by the datagram.
  • Header checksum: a 16-bit checksum that verifies only the header of a datagram and does not include the data part.
  • Source ADDRESS: 32-bit IP address of the source data.
  • Destination ADDRESS: Specifies the destination IP address.

4.2 the ARP protocol

The source and destination addresses in an IP datagram are BOTH IP addresses, while the source and destination addresses in a frame on the data link layer are BOTH Mac addresses. How to obtain the Mac address based on the IP address? This requires the use of ARP. Each host on the Internet has an ARP cache table, which stores the MAPPING between the IP addresses and Mac addresses of hosts and routers on the LAN. The following is an example:

The host name The IP address The MAC address
A 192.168.38.10 00-AA-00-62-D2-02
B 192.168.38.11 00-BB-00-62-C2-02
C 192.168.38.12 00-CC-00-62-C2-02
D 192.168.38.13 00-DD-00-62-C2-02
E 192.168.38.14 00-EE-00-62-C2-02

You can also use arp-a to view your local ARP cache table.

After the ARP table is available, the process of sending frames at the data link layer is as follows:

  • Before sending data, host A checks whether there is A Mac address corresponding to the target IP address in its ARP table. If there is A Mac address, host A encapsulates it into A frame and then sends data.
  • If the IP address is not found, host A broadcasts the query to all hosts in the same network segment.
  • After receiving the message, the host with the corresponding IP address returns the CORRESPONDING Mac address to host A in unicast mode.

4.3 IP Address Classification

IP addresses are Assigned by ICANN (The Internet Corporation for Assigned Names and Numbers), which is a unique 32-bit identifier worldwide. The earliest IP addresses are classified into five categories: network number + host number.

A, B, and C are the most commonly used types, with category bits 0,10,110. Note that not all IP addresses can be assigned, with the following restrictions:

Network number restriction:

  • An IP address whose network ids are all zeros is a reserved IP address, which indicates local network. (The network ids of addresses B and C start with 1, so all zeros do not exist.)
  • Network number 127 (that is, 01111111) is also a reserved address for loopback tests (as above, this is also not the case for B and C addresses);
  • Class B address 128.0.0.0 (network number 10000000 00000000) cannot be assigned.
  • The Class C address 192.0.0.0 (network number 11000000 00000000) cannot be assigned.

Host number restriction:

  • All 0 host ID indicates that the IP address is a single network address connected to the host. For example, the network address of the host with IP address 5.6.7.8 is 5.0.0.0. This IP address cannot be assigned.
  • All 1 host numbers represent all hosts on the network and therefore cannot be assigned.

To sum up, each network type can be assigned IP addresses as follows:

Network class Maximum number of networks that can be allocated The first assignable network number The last assignable network number Maximum number of hosts per network
A 126 (27– 2) 1 126 16 777 215 (224– 2)
B 16, 383 (2141) 128.1 191.255 65, 534 (216– 2)
C 2 097 151 (2211) 192.0.1 223.255.255 254 (28– 2)

It can be seen from this table that the flexibility of two-level IP addresses is insufficient and the utilization rate is low. Suppose your current company has four computer rooms (20 hosts in each room). For the consideration of information security, the network of each room needs to be isolated from each other, so you can only apply for four class C addresses under the two-level IP architecture. In this case, the number of wasted IP addresses is (254-20)*4. To solve the problem of insufficient flexibility of the two levels of IP addresses, the three levels of IP addresses, namely subnets, are created. You just need to apply for a Class C address and divide it into four subnets.

4.4 Subnets

The divided subnet scheme was born in 1985. It borrows some bits from the host number as the subnet number. Therefore, IP addresses are divided into three levels: network number + subnet number + host number. Assume that the network address is 192.168.10.0 and subnet mask 255.255.255.224 is used to create a subnet. In this case, the subnet can be divided into four subnets:

Because the subnet is invisible to external users, you need to use the subnet mask to assist the route. Assume that the destination IP address is 192.168.10.198. To reach the destination IP address correctly, you must first reach the network address 192.168.10.192. The relationship between the network address, subnet mask, and host IP address is as follows:

IP address: 192.168.10.198 binary IP address: 11000000.10101000.00001010.11000110 subnet mask: binary mask 255.255.255.224: 11111111.11111111.11111111.11100000 network address: 192.168.10.192 bitwise logic and operation result is: the 11000000.10101000.00001010.11000000Copy the code

Modern Internet standards stipulate that all networks must use subnet masks, and the routing table of routers must contain the subnet mask. Because the routing table contains the IP address and the subnet mask, the network address can be quickly calculated by bit operation.

Finally, if a network does not have a subnet mask, the default subnet mask is used. The default subnet mask for all types of IP addresses is as follows:

category Binary value of the subnet mask The decimal value of the subnet mask
A 11111111 00000000 00000000 00000000 255.0.0.0
B 11111111 11111111 00000000 00000000 255.255.0.0
C 11111111 11111111 11111111 00000000 255.255.255.0

4.5 Forming a supernetwork

Classless Inter-domain Routing (CIDR) is an address categorization method that assigns IP addresses to users and effectively routes IP datagrams over the Internet. It eliminates the traditional concept of class A, B, and C addresses and subnets and adopts A classless two-level addressing:

IP address ::= {< Network prefix >,< Host NUMBER >}Copy the code

And use slash notation to indicate:

The decimal system binary
Minimum address 128.14.32.0 10000000 00001110 00100000 00000000
The biggest address 128.14.47.255 10000000 00001110 00101111 11111111

Each address block can be specified using the number of bits of the minimum address and network prefix in the address block. For example, the address block above can be denoted as 128.14.32.0/20 or simply as the /20 address block. To facilitate route selection, CIDR uses a 32-bit address mask. The number after the slash indicates the number of 1 in the address mask. For example, the address mask of the /20 address block is 11111111 111111 11110000 00000000.

Because a SINGLE CIDR block can contain multiple addresses, the routing table uses the CIDR block to look up the target network. This address aggregation is often called route aggregation, or forming a supernetwork. Route aggregation can greatly reduce the number of items in the routing table and improve the overall network performance.

4.6, ICMP and IGMP

At the network layer, in addition to the IP protocol and ARP protocol described above, the following two protocols are commonly used:

  • Internet Control Message Protocol (ICMP) : To improve the delivery rate of IP datagram, ICMP allows hosts or routers to report error situations and provide exception reports to the sender for compensatory behavior.
  • Internet Group Management Protocol (IGMP) : a communication Protocol used to manage members of a network Protocol multicast Group. IP hosts and neighboring routers can use IGMP to establish group membership in a multicast group.

4.7 Private Address

RFC 1918 identifies Private addresses that can only be used for internal communication within an organization, but not for communication with hosts on the Internet. All routers on the Internet do not forward datagrams whose destination address is a private address. Here are three dedicated address blocks:

  • 10.0.0.0 — 10.255.255.255 (or 10.0.0.0/8, also known as the 24-bit block);
  • 172.16.0.0 — 172.31.255.255 (or 172.16.0.0/12, also known as the 20-bit block);
  • 192.168.0.0 — 192.168.255.255 (or 192.168.0.0/16, also known as the 16-bit block).

Because different organizations can use the same dedicated address, it is also called a reusable address.

4.8 VPN

If a Private Network consisting of Private addresses is used in an organization, but the departments of the organization are located in different and remote locations, the public Internet can be used as the communication carrier among the Private networks in the organization. This Private Network is called a Virtual Private Network. In this case, the data on the public Internet can be encrypted using the IP Security (IPSec) protocol to ensure Security.

4.8 NAT

When a host obtains a private Address, it cannot communicate with the external Internet. To communicate with the external Internet, the Network Address Translation (NAT) technology can be used. This method requires the installation of NAT software on the router connected to the Internet with a private network. The NAT router requires at least one valid global IP address. When the host using a private address communicates with the outside world, the NAT router will translate it into a global IP address.

It can also be seen from the above principle that a router with N global IP addresses can only allow n hosts to access the Internet at most at the same time. To solve this problem, today’s commonly used NAT tables also take advantage of transport layer port numbers.

4.9 IPv6

As described above, the length of IPv4 is 32 bits. Therefore, there are about 4.2 billion IP addresses available for allocation. By February 2011, all available IP addresses have been used up.

5. Transport layer

The transport layer is responsible for providing communication services for processes on two hosts. It uses 16-bit port numbers to identify ports. When processes on two computers want to communicate, they need to know the IP address of each other as well as the port of each other. This layer consists of the following two protocols: User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) :

5.1 the UDP

User datagram Protocol (UDP) has the following features:

  • UDP is connectionless;

  • UDP provides the best delivery service, but does not guarantee the reliability of delivery;

  • UDP is packet oriented.

  • UDP has no congestion control. Therefore, network congestion does not reduce the transmission rate of the source host.

  • UDP supports one-to-one, one-to-many, many-to-one and many-to-many interaction communication.

  • UDP’s header is 8 bytes, much less than TCP’s 20 bytes. The header consists of four fields of two bytes each:

    • Source port number: Set this parameter when you need a reply from the peer. If you do not need a reply, set this parameter to 0.
    • Target port number;
    • Length: Indicates the total length of UDP user numbers.
    • Checksum: Checks whether there are errors in the UDP user datagram during transmission. If there are errors, the datagram is discarded.

5.2 introduction of TCP

The transmission control protocol TCP has the following features:

  • TCP is connection-oriented;

  • TCP provides reliable delivery services.

  • TCP provides full-duplex communication. Both ends are equipped with caches to temporarily store communication data.

  • Byte streams, where a stream is a sequence of bytes flowing in or out of a process;

  • Each TCP connection is uniquely identified by two endpoints at both ends of the communication, namely:

    TCP connection ::= {socket1,socket2} = {(IP1,port1),(IP2,port2)}Copy the code

5.3 TCP packet header

Although TCP is byte stream oriented, the basic data unit of transmission is packet segment. A TCP packet segment consists of the header and data. The first 20 bytes of the TCP header are fixed, and the next 4N bytes are optional (n is an integer). The format is as follows:

The meanings of each field are as follows:

  1. Source port and destination port: 2 bytes each.

  2. Serial number: 4 bytes. The serial number ranges from 0 to 232-1. When the serial number increases to 232-1, it returns to 0. In a TCP connection, each byte in the byte stream passed is numbered in order.

  3. Acknowledgement number: The number of the first data byte in the next packet segment to be received is 4 bytes. For example, if B receives A packet from A with the serial number of 501 and the data length of 200 bytes (serial number 501-700), B correctly receives all the data with serial number 700 and before. Therefore, the value of the acknowledgement number in the packet sent by B to A is 701.

  4. Data offset: 4 digits, the maximum number it can express is 15. Data offset indicates the starting position of data in the datagram. Since a datagram consists of header + data, it is actually the header length of a packet segment. The unit of data offset is a 32-bit word (that is, the unit is 4 bytes). Therefore, the maximum length of data offset is 60 (15 x 4) bytes. That is, the length of the header of a TCP packet segment cannot exceed 60 bytes, and the length of the corresponding option cannot exceed 40 bytes.

  5. Reserved: 6 digits, reserved for future use, should be set to 0 at present.

  6. Six control bits: their functions are as follows:

    • URGent URG (URGent) : When the value is 1, it indicates that the URGent pointer field is valid, which means that the packet contains URGent data and should be transmitted as soon as possible rather than in the original queuing order.
    • ACKnowledgment ACK: When the value is 1, the ACKnowledgment number is valid; If the value is 0, the confirmation number is invalid. TCP specifies that all segments sent after a connection is established must have an ACK of 1.
    • PSH (Push) : When the value is 1, it indicates that the recipient should immediately deliver data to the application process, rather than wait until the cache is full.
    • Reset RST (Reset) : When the value is 1, it indicates that a serious error occurs in the TCP connection and must be released immediately before the connection is established again. It can also be used to deny an invalid segment or to deny opening a connection.
    • SYN: Used to synchronize the serial number when a connection is established. When SYN = 1 and ACK = 0, it indicates that this is a connection request segment. If the peer agrees to establish a connection, it should set SYN = 1 and ACK = 1 in the response segment.
    • Terminate FIN (FINis) : When the value is 1, it indicates that the data of the packet segment has been sent and the connection needs to be released.
  7. Window: 2 bytes. The value is an integer ranging from 0 to 216-1. The window fields remain dynamic and are used to indicate how much data the receiver allows the sender to send.

  8. Checksum: 2 bytes. The range of checksum fields includes header and data.

  9. Emergency pointer: 2 bytes, only meaningful if URG = 1, and used to indicate the end of emergency data, followed by normal data.

  10. Option: Variable length up to 40 bytes. The available options include maximum segment length, window expansion, and timestamp.

5.4 Three-way Handshake

The process of establishing a TCP connection is called a handshake. The handshake requires the exchange of three TCP packet segments between the client and the server, as follows:

  1. Server process B first creates the transmission control module TCB, and then enters the LISTEN state, ready to accept the client connection request;

  2. The client process A first creates the transmission control module TCB, and then sends A connection request segment. At this time, the synchronization bit is SYN = 1, and an initial serial number is seq = x. Then, the client process A enters the syn-sent state.

  3. After receiving the connection request segment, IF B agrees to set up a connection, B sends an acknowledgement segment. In this case, BOTH SYN and ACK are set to 1, ACK = x + 1, seq =y, and syn-RCVD (synchronously received) state are selected.

  4. After receiving the acknowledgement from B, A sends the final acknowledgement. ACK of the acknowledgement segment is 1, ACK number = y + 1, seq = x + 1. According to the TCP standard, an ACK packet segment can carry data or no data. If no data segment is carried, the sequence number is not consumed and the sequence number of the next data segment is still SEq = x + 1. Then A enters the ESTABLISHED state.

  5. After RECEIVING the acknowledgement from A, B enters the ESTABLISHED state.

5.5 Four waves

After the data transmission is complete, both parties can release the connection as follows:

  1. Suppose that application process A closes the connection first and sends the connection release packet segment: the FIN control bit in the header is 1, and the serial number is U, where U is equal to the serial number of the last byte of the previously transmitted data plus 1. Then A enters the FIN-wait-1 state.

  2. Upon receiving the connection release packet segment, application process B immediately sends acknowledgement. The acknowledgement number is ACK = u + 1, and the sequence number is SEq = v, where V is equal to the sequence number of the last byte of the previously transmitted data plus 1. Then B enters the close-wait state and notifies high-level application processes. In this case, the TCP connection is half closed. That is, user A has no data to send. However, if user B sends data, user A still needs to receive it.

  3. After receiving the acknowledgement from B, A enters the FIN-wait-2 state and waits for B to send the connection release packet segment.

  4. If the higher-level application process has no data to send, it notifies B to release the TCP connection. In this case, B sends a release connection packet segment: the header termination control bit FIN is 1, the serial number SEq = w (IN the semi-closed state, B may send some more data), and the acknowledgement number ACK = U + 1 that has been sent last time needs to be repeated. Then B enters the last-ACK state;

  5. After receiving the connection release segment from B, A sends the final acknowledgement: ACK = 1, ACK = w + 1, seq = U + 1, and then enters the time-wait state.

  6. B enters the CLOSED state after receiving the final confirmation from A;

  7. A enters the CLOSED state only after the Maximum Segment Lifetime (MSL) is doubled.

RFC 793 recommends setting MSL to 2 minutes. Now that the network environment has improved, this value can be shortened as needed. The reason why A has to wait twice the MSL time before entering the CLOSED state is mainly based on the following two reasons:

  • To ensure that the last ACK packet segment sent by A can reach B. If B does not receive the final acknowledgement, it times out and resends the FIN+ACK packet segment. A responds to the packet segment and resends the final acknowledgement within the 2MSL waiting time.
  • Ensure that all segments generated in the current connection disappear from the network, and then ensure that the old connection request segment does not appear in the next new connection.

5.6 Principles of Reliable Transmission

1. Stop waiting for the agreement

To achieve reliable transmission, the most basic use of the stop-wait protocol: after sending a data unit, stop sending and wait for the other party to confirm.

There are two problems:

  • If A loses data in the process of sending it to B, B cannot receive the data and naturally does not return an acknowledgement, then the program will wait forever;
  • If B is missing or takes A long time to reach A in the process of sending an acknowledgement to A, the program will also continue to wait.

The solution to the first problem is to do a timeout retransmission if no acknowledgement is received within a given period of time:

For the second problem, the solution is still timeout retransmission, which can be divided into the following two cases:

  • If B receives M1, only the returned acknowledgement is lost. After the timeout retransmission, B needs to discard the repeatedly received M1.

  • If B’s return confirmation is not lost and only reaches A after the retransmission time is exceeded, THEN A may receive two confirmations, one is the confirmation of the supplementary transmission and the other is the original confirmation of the delayed arrival. A needs to discard the delayed arrival confirmation without any processing:

In the basic stop-wait protocol, only one data unit is sent at a time, and the channel utilization is very low at this time. To solve this problem, pipeline transmission can be adopted to send multiple data units at a time:

When pipeline transmission is used, continuous ARQ protocol and sliding window protocol need to be used together to ensure reliability.

2. Continuous ARQ protocol

The Automatic Repeat reQuest (ARQ) protocol means that the sender maintains a sending window of a certain size, and all the groups in the sending window can be sent out continuously. There is no need to wait for the acknowledgement of the other party. The sender slides the sending window forward by one group each time it receives an acknowledgement:

Generally, the receiver is generally in the form of cumulative confirmation. In this case, the receiver does not have to send an acknowledgement for each received packet. Instead, after receiving several packets, the receiver sends an acknowledgement for the last packet arriving in sequence, which indicates that this packet and all the previous packets have arrived correctly.

5.7 Reliable TRANSMISSION of TCP

The sliding window of TCP is measured in bytes. The Retransmission Time Out (RTO) is calculated using the following method:

RTO = RTT_S + 4 × RTT_D
Copy the code

Where, RTTS represents the weighted average round-trip time, which is calculated as follows:

New RTT_S = (1-α) × old RTT_S + α × new RTT valueCopy the code
  • Round Trip Time (RTT) indicates the Round Trip Time of a packet segment. It records the Time between sending and receiving the acknowledgement of a packet segment.
  • The first measurement, RTTSThe value of theta is going to be the value of RTT, and then RTTSThe above formula is used for calculation;
  • Where 0 ≤ α < 1, RFC 6298 recommends the value of 0.125.

RTTD is the weighted average of RTT deviation and is calculated as follows:

New RTT_D = (1 - beta) * old RTT_D + beta * | | RTT_S - new RTT valuesCopy the code
  • The first measurement, RTTDThe value of PI is equal to half of the value of RTT, and then the RTTDThe above formula is used for calculation;
  • The β value is a coefficient less than 1, and RFC 6298 recommends 0.25.

5.8 Flow Control

Flow control is to control the rate at which the sender sends packets so that the receiver receives the packets in time. Suppose that A sends data to B. When the connection is established, B will tell A the size of its own RWND (receiver Window), and A needs to ensure that the size of the sending window cannot exceed that of B’s receiving window. Through this mechanism, the flow control of the sender can be realized.

5.9 Congestion Control

Network congestion refers to the condition that the amount of data transmitted exceeds the capacity of nodes, resulting in the reduction of transmission capacity. Congestion control is to prevent excessive data injection into the network, causing router and link overload. TCP uses four algorithms for congestion control, which are slow start, congestion avoidance, fast Retransmit, and fast recovery:

1. Slow start

Both slow start and congestion avoidance are window-based congestion control: the sender will maintain a state variable named CWND (congestion Window), whose value depends on the degree of network congestion and changes dynamically, and the sender will make its sending window equal to the congestion window.

The idea of slow start is as follows: Since you do not know the load capacity of the network, the best choice is to detect increments, that is, to multiply the sending window from small to large, that is, to multiply the value of the congestion window from small to large.

2. Avoid congestion

The idea of the congestion avoidance algorithm is to make the congestion window CWND grow slowly: each round trip RTT increases the sender’s congestion window CWND by 1, instead of doubling as in the slow start phase. Slow start and congestion avoidance are usually used in combination to ensure the start speed, with slow start multiplied at the beginning and steady attempts to adopt congestion avoidance when a certain threshold ssthresh is reached:

3. Fast retransmission and recovery

The fast retransmission algorithm requires the recipient not to wait for the data to be sent before sending a piggy-back acknowledgement, but to send an acknowledgement immediately, and to immediately send a duplicate acknowledgement of the received segment even if it is received out of sequence. The following is an example:

As shown in the figure above, when M3 is lost, and then M4, M5 and M6 are sent, the sender receives repeated confirmation of M2. At this time, the sender can know that M3 has been lost and needs to retransmit immediately. Since only individual packets are lost at this point, not network congestion, fast recovery is performed: the sender adjusts SSTHRESH = CWND / 2 and sets CWND = SSTHRESH = 8 (point 5 in the figure) and starts to execute the congestion avoidance algorithm.

6. Application layer

6.1 Domain Name System DNS

Currently, we use easy-to-understand Domain names to access Internet applications, but the transport layer needs IP addresses, so we need to use the Domain Name System (DNS) to translate between Domain names and IP addresses.

Domain name is a logical concept. It is divided into multiple levels of domain names. The root domain name is the most basic one, followed by top-level domain names.

  • National top-level domain nTLD: cn for China, us for the United States;
  • Generic top-level domain name gTLD: com for corporate, org for non-profit, net for Web services.
  • Infrastructure domain name: Also known as reverse domain name, used for reverse domain name resolution. This top-level domain name has only one ARPA.
  • New gTLD: The ICANN Organization approved a New top-level domain name on June 20, 2011, allowing any company or organization that meets the criteria to apply.

6.2 File Transfer Protocol FTP

File Transfer Protocol (FTP) is a set of standard protocols for transferring files over a network. It allows customers to specify File types and formats and obtain File storage permission. The FTP server process consists of two parts:

  • A main process: receiving new requests;
  • Several dependent processes: responsible for handling a single request.

Therefore, an FTP server process can serve multiple client processes at the same time.

6.3 TELNET

Telnet is the standard protocol and main method for Internet remote login. It enables users to access remote hosts on local computers. Telnet can transmit the user’s keystrokes to the remote host and return the output of the remote host to the user’s screen through TCP connection. This service is transparent. Users feel that the keyboard and monitor are directly connected to the remote host.

6.4 World Wide Web WWW

The World Wide Web is a distributed hypermedia system, which is an extension of the hypertext system. It contains the following important concepts:

1. Uniform resource locator URL

A method used to locate and access resources on the Internet in the following format:

< protocol >://< Host >:< port >/< Path >Copy the code

Hypertext transfer Protocol HTTP

The HTTP protocol defines how a browser requests a document from the World Wide Web and how the server sends the document to the browser.

3. Hypertext Markup Language HTML

Hypertext Markup Language (HTML) is an identifying language that includes a series of tags that can be used to describe text, graphics, animations, sounds, tables, links, and other types of resources, and to unify web document formats.

6.5 Dynamic Host Configuration Protocol DHCP

Usually, the protocol software of the computer connected to the Internet needs to configure multiple items, such as IP address, subnet mask, IP address of the default router, IP address of the DOMAIN name server and so on. In order to save the trouble of configuration, Dynamic Host Configuration Protocol (DHCP) is widely used on the Internet, which provides a plug and play networking mechanism. At this point you just need to use the default configuration, as shown below:

When a host to be connected to the network starts, the host broadcasts A DHCP DISCOVER packet with the destination address 255.255.255.255 (that is, a restricted broadcast address). In this case, all hosts on the local network can receive the BROADCAST packet. Only the DHCP server responds to this broadcast by offering a DHCP OFFER. The DHCP server first searches for the configuration information of the computer in its database. If the configuration information is found, the DHCP server returns the configuration information directly. If no, an address from the server’S IP address pool is assigned to the computer.

Not every network has a DHCP server, but each network has at least one DHCP relay agent (usually a router) configured with the IP address of the DHCP server. After receiving A discovery packet from host A, the DHCP relay forwards the discovery packet to the DHCP server in unicast mode. Wait for the reply and forward the data to host A.

The IP address assigned by the DHCP server to the DHCP client is temporary and can only be used for a period of time. The period is called lease and is set by the DHCP server.

The resources

  1. Xie Xiren. Computer Network (7th edition). Publishing House of Electronics Industry. 2017-01
  2. James F. Kurose / Keith W. Ross . Computer Networks: A Top-down Approach (7th edition). China Machine Press, 2018-06
  3. Subnets and subnets detailed analysis of instance
  4. Network basics – IP datagram, sharding policy, routing table
  5. Fully understand ICMP protocol

For more articles, please visit the Full Stack Engineer Manual at GitHub:Github.com/heibaiying/…