preface

Computer network is an important course of computer science, the course details between the two computers is how to communicate, how to ensure the reliability of communication, how to guarantee the efficiency of communication and so on, in everyday coding may be less attention to this aspect, but in the real network problems cannot be solved, It is necessary to understand the principles of computer networks.

OSI seven-layer network model

  • Thumbnail of OSI seven-layer network model

  • Bottom-up understanding of the seven-layer network model

    Engineering is an iterative process, so the seven-layer protocol evolved roughly this way.

    • The physical layer

      The physical layer solves the problem of two machines communicating with each other. First machine A sends some bit streams, and machine B needs to receive those bit streams. That’s what the physical layer does. The physical layer mainly defines the standards of network devices, such as interface types, machine types, and network types. The data it transmits is mainly a bit stream, namely 010101…. This type of data is defined in terms of current strength, i.e., D/A or A/D conversion. The grouping at the physical layer is called a bit.

    • Data link layer

      In the process of bit stream transmission, error transmission and incomplete data transmission may occur, and the data link layer arises at the historic moment. The data link layer mainly defines data formatting and transmission, how to control access to physical media, and often error control and correction, and processing of faulty data. This layer will be grouped as frames.

    • The network layer

      In the process of data transmission, there need to be data sender and data receiver, and in the increasingly complex network changes, how to find the best path among multiple nodes to accurately find the receiver, which is what the network layer needs to do. The network layer translates the network address into the corresponding physical address, and then calculates the optimal path from node A to node B. The protocol at this layer is IP, and the packets are called datagrams at this layer.

    • The transport layer

      In the process of network layer transmission, there will be many times of interruption, so it is necessary to cut the sent information into one Segment, then one Segment fails to send or error, how to do, whether to retransmit, this is what the transport layer needs to do. The transport layer ensures the quality of transport. This layer is also known as the most important layer in the OSI seven-layer model. The protocol concerned at this layer is TCP/UDP. For example, Ethereum cannot receive a packet larger than 1500 bytes. Therefore, the transport layer splits the packet into multiple packet segments and sends them sequentially. The transport layer is responsible for end-to-end transmission.

    • The session layer

      The purpose of the session layer is to establish and manage communication between applications without requiring users to participate too much in TCP/IP.

    • The presentation layer

      The presentation layer can help us translate data on different types of networks, such as encryption and decryption, translation and translation, compression and decompression, etc.

    • The application layer

      At the application layer, the sender and receiver must use fixed-length message headers and encapsulate various packet information to facilitate the application of data received on the network. The protocol to be concerned at this layer is HTTP. Packets at this layer are called packets.

    The network data processing process is that the sender encapsulates the data from top to bottom and the receiver decapsulates the data from bottom to top. In fact, OSI does not really implement the network, and TCP/IP five-tier model is actually an implementation of OSI reference model.

TCP/IP protocol family

  • Introduction to Transmission Control Protocol

    • Connection-oriented, reliable, byte stream – based transport-layer communication protocol
    • The data flow at the application layer is divided into packet segments and sent to the TCP layer of the target node
    • Each packet segment has an ordered NUMBER. If the peer party receives the packet, it sends an ACK for confirmation. If the peer party does not receive the packet, it retransmits the packet

  • TCP header

  • Source port: indicates the port number of the sender

  • Destination port: indicates the port number of the receiver

  • Number: indicates the number of a TCP packet segment

  • Confirm serial number: The recipient receives the packet segment with the serial number x and expects to receive the packet segment with the serial number x+1.

  • Data offset: The number of bytes offset by a packet segment in the entire packet

  • Reserved zone: Standby zone

  • Flag bit: URG(emergency message), ACK(acknowledgement flag bit), PSH(if the value is 1, the message is immediately sent to the process without waiting in the queue), RST(reset the marker connection), SYN(request connection), FIN(end connection)

  • Verify and: Verify that the data is correct

  • TCP three-way handshake

Full duplex



The client
The server
First handshake
The server
The client
Send the ability
The client
The server
capacity
Send the ability
The server
The client
capacity















SYN
1
seq=x
X is a positive integer greater than or equal to 1
Listen
SYN-SENT






SYN
1
ACK
1
ack=x+1
SYN-RCVD
ESTABLISHED






ACK
1
seq
x+1
ack
y+1
ESTABLISHED

  • TCP’s four waves












The client
FIN
1
seq=u






The service side
ACK
1
seq
v
ack
u+1






The service side
FIN
1
ACK
1
seq=w
ack
u+1






The client
ACK
1
seq
u+1
ack
w+1
The server immediately closes the connection
The client waits for a period of time (2MSL, about one minute)





> why is there a 2MSL wait time? >1. Ensure that the peer receives its ACK. If the peer does not receive an ACK, it resends the FIN request. >2. Avoid old and new connection confusion. > < p style = "max-width: 100%; clear: both; > because ensure that both server and client have FIN and ACK.Copy the code

  • SYN Flood Flood attack

    The principle is as follows: In this example, after the client sends a request to the server and the server sends a SYN-ACK, the server goes offline. The server cannot receive an ACK, and the server tries again and again. The retry interval is 1s,2s,4s,8s,16s, and 32s. If a large number of connections repeat this process, the server connection queue will be exhausted, which is the principle of flood attack. Defense: The TCP_SYN_Cookies parameter is set in Linux. If the connection is normal, the client sends SYN cookies. If the connection is abnormal, the client does not send SYN cookies, but the connection queue is not affected. When a client suddenly fails after a connection is established, the server sends a request within a certain period of time by default. If no response is received after several requests, the client is identified as unreachable.

  • TCP is different from UDP

    UDP header:


  • The characteristics of UDP

    1. Non-connection-oriented, fast transmission speed.

    2. Supports simultaneous transmission of information to multiple clients.

    3. Packet segment The packet header contains only 8 bytes, which has low overhead.

    4. Throughput is limited only by data generation rate, transmission rate, and machine performance.

    5. Best effort delivery, no guarantee of reliable delivery, no need to maintain complex connection status tables.

    6. Packet oriented and does not split or merge the information submitted by the application program.

Conclusion:

TCP is reliable but UDP is unreliable.TCP is ordered but UDP may be disordered.TCP is slow but UDP is fastCopy the code

  • Sliding Windows in TCP

    Sliding window prevents the sender from sending too much data to the cache of the receiver so that the data is lost. In the Window field of the packet header, the receiver tells the sender how much data can be received by its cache, and the sender can adjust the data to be sent according to this information.



LastByteAcked



LastByteSent



LastByteWritten






LastByteRead



NextByteExpected



LastByteRcvd









calculation

















Four types of data of the sender sliding window:











Recipient sliding window of three types of data

2. Data that is not received but can be received

3. Data that is not received and cannot be received

When the sliding window of the receiver is insufficient, the sender will not move its sliding window. Only when all data before the sliding window of the sender is confirmed, the sliding window of the sender will move backward, which is also an important means of TCP to ensure data integrity.

The HTTP protocol

  • HTTP profile

    HTTP: Hypertext transfer protocol

    1. Support client/server mode

    2. Simple and efficient

    3. The flexible

    Connectionless: Limit processing to one request per connection, but as of HTTP1.1, long connections are used by default.

    5. A stateless

    There are commonly used HTTP versions 1.0 and 1.1, as well as 2.0. On the basis of 1.0, 1.1 makes keep-alive long connection technology. Although 2.0 is more reasonable in various ideas, 1.1 can basically meet daily needs and it consumes a lot of energy to replace 2.0, so 2.0 has not been promoted at present.

  • HTTP request packet

The request line 

> Request Mode URL Protocol Version > Header field name: Value >...... > Header field name: Value > request bodyCopy the code

Such as:

>POST /user HTTP/1.1 // request line >Host: www.baidu.com > Content-type: application/x-www-form-urlencoded >Connection: Keep-alive > user-agent: Mozilla/5.0Copy the code

  • HTTP packet header

  • Request/response step 1. The client connects to the Web server. 2. The server accepts the request and returns an HTTP response. 4. Release the TCP connection (if keep-alive is used, the TCP connection is held for a period of time) 5. The client parses the HTML content

  • Interview questions about HTTP

    1. Enter the URL in the address bar of the browser and press Enter. A: To a DNS lookup in the first place, will visit the DNS IP address, parsing is from near to far, first in the browser cache to find whether there is a corresponding IP, if not enter the system cache, if not in accordance with the router cache – > IPS server cache cache – > top – > root domain name server cache, so all the way to find, Until it finds it, it stops looking and returns. A TCP connection is made with port 80 as the default port. A three-way handshake is performed (the process of three-way handshake can be described briefly). An HTTP request is sent after the connection is established.

    2. Common HTTP status codes. Answer: First sort. 2xx indicates that the connection is successful. 3XX Redirection indicates that further operations must be performed to complete the request. 4xx indicates that the browser (client) has an error. 400 Bad Request 401: unauthorized 403: denial of service 404:Not Found 500 Internal server error 503: Cannot be processed currently, but may recover after a period of time.

    3. The difference between GET and POST requests. A: 1.HTTP packet layer: GET request information is placed after the URL (? XXX=XXX&XX=XXX), POST in the newspaper style, safer (but in fact there is no difference, you can directly capture the packet) 2. Database level: GET complies with idempotence (the results of one or more operations on the database are consistent) and security (the data in the database is not changed after one or more operations on the database). GET does query operations and does not change the data in the database. 3.POST inserts. Each request may be different. At other levels, GET can be CDN cache and stored. In an environment with a huge amount of services, and most of the data is read-only, we can use GET requests without requiring the server to process them completely, but POST is not allowed, and POST must be processed by the server.

    4. Difference between Cookie and Session Cookie is a client solution. Special information is sent by the server to the client and stored in the form of text on the client. The Cookie usage process is as follows: 1. A user sends personal identification information to the server, and the server sends a Cookie file to the client. 2. When the client sends the request again, it also sends the cookie back. 3. The server will obtain cookies to generate the corresponding content of the client. Session server solution,Session is the information stored on the server. The server parses client requests and manipulates session ids, saving state information as needed. If the client contains a SessionId, use it; if not, create one. Session implementation: 1. Use Cookie to realize the client to send a request to the server, the server returns a response message and SetCookie, Cookie contains jsessionID-xxxxx, each request after the client will carry this Cookie, The server provides the content of the response based on the Session in the Cookie. 2. Use URL write back Implement Use URL write back to carry the JSESSIONID parameter in the URL address. Tomcat supports both Cookie and URL write back. The default value is Cookie. If the browser rejects cookies, Session differences are realized using URL write back: The Cookie is stored in the form of a file on the client, while the Session is processed on the server. The Session is more secure than the Cookie, because the Cookie is stored on the client and can be easily modified, while the Session exists on the server and cannot be modified. However, sessions occupy server resources and affect server performance. If server performance is considered first, you can use cookies more often.

  • HTTP is different from HTTPS

    HTTPS: Hypertext transfer security protocol HTTP:HTTP+TCP+IP HTTPS:HTTP+(SSL OR TLS)+TCP+IP To distinguish HTTP from HTTPS, we must first mention SSL and encryption.

  • SSL: security-sockets -Layer

    SSL is a security protocol that improves the security and data integrity of network communication. It is an EXTERNAL API of the operating system. SSL3.0 was renamed TLS to ensure the security and data integrity of network communication by using identity authentication and data encryption.

  • Several forms of encryption

    • Symmetric encryption Symmetric encryption is an encryption method that can be decrypted. If a data is encrypted according to a certain process, the data can be decrypted according to the reverse process of the process. It is characterized by high efficiency but low security.
    • 2. The characteristics of asymmetric encryption asymmetric encryption is encrypted using a key to unlock and use the key is not the same, i.e., a data is encrypted according to certain process, in accordance with the process of the process and can not reverse back to encrypt data source data, and can only be decrypted by another specific, asymmetric encryption. Asymmetric encryption is more secure, but less efficient than symmetric encryption.
    • Hash encryption is used to convert information of any length into a value of a fixed length. The encrypted data is irreversible. MD5 encryption is commonly used.
    • 4. Digital signature A Hash value is added after the message to prove that the message or file was sent by someone and that the message or file has not been modified.

  • HTTPS Encryption mode used

    HTTPS Three-way handshake using the certificate and other encryption modes: 1. The browser sends the encryption algorithm information supported by the browser to the server. 2. The server selects an encryption method supported by the browser and sends the certificate to the browser. Contains CA authority, public key, validity period, owner, etc. 3. The browser verifies the validity of the certificate and sends the encrypted information to the server based on the certificate public key. 4. The server uses the private key to decrypt, verify the hash, and send the encrypted response message back to the browser 5. The browser decrypts and validates the response message before exchanging ciphertext data.

  • The difference between

    HTTPS requires the CA to apply for a certificate, but HTTP does not. HTTPS certificates are charged, but HTTP certificates are not. The default HTTPS port is 443, and the default HTTP port is 80. HTTPS is a stateful protocol, and HTTP is a stateless protocol.

Although HTTPS is a secure protocol, it may not be secure either. If the browser fills http:// with HTTPS by default, the request needs to be redirected, which risks hijacking. But you can use HSTS optimization (self-knowledge).

Socket

  • The Socket concept

    Socket is an abstraction of TCP/IP protocol and an interface open to the outside world of the operating system. If you must understand sockets by layers, sockets are located above the transport layer and below the application layer. It can be thought of as a door through which requests can communicate with the system.

  • Socket Communication Flow

  • Socket Communication Principle

    We know that we can communicate between processes through pipes, shared memory, and so on, but the essence of communication is that the object being communicated needs to have a unique identifier. In inter-process communication, the process identifier is PID, while in network communication, IP is used to identify the host and TCP+ port number is used to identify the process. A port number is a house number, and a Socket can listen on a port to allow the process to interact with a request. And Socket is based on Unix and born, Unix pursued the purpose is, everything is a file, so the essence of Socket is in reading and writing specific Socket files, in order to achieve the purpose of communication.

conclusion

From the above description, we can have a general understanding of the OSI seven-layer network model, understand the TCP/IP protocol family, and the whole process of three-way handshake and four-way wave, understand the principle of flood attack, the difference between TCP and UDP, and the sliding window of TCP congestion control. I also learned about the HTTP protocol and the HTTP security protocol, HTTPS, and talked a little about sockets. Computer network is a big subject, and the above mentioned is only 23 percent, only a few. But it can basically meet the needs of daily development.

The picture of this article is from the Internet.

Welcome to visit my personal Blog: Object’s Blog