Foundation series - Cheat sheet version of basic knowledge of computer network

Computer Basic knowledge building trilogy:

Part I: Foundation series – Cheat sheet version of basic computer knowledge

Including history, CPU, bus, memory, instruction system, controller, arithmetic, bit operation, etc

The second part: Base series – operating system basic knowledge cheat sheet edition

Including process and thread synchronization management, job management, storage management, virtual memory, Linux, file management and so on

The third part: Foundation series – computer network basic knowledge cheat sheet edition

It includes OSI seven layer model, IP protocol, TCP\IP protocol, Http protocol, DNS protocol, etc

1. Overview of computer networks

1.1 What is a computer network

Computer network refers to a computer system that connects a number of independent computers and their external devices with different geographical locations through communication lines. Under the management and coordination of network operating system, network management software and network communication protocol, resources sharing and information transfer can be realized
Computer networks are not software concepts, but also hardware devices
Computer networks are not only information communication, but also can support a wide range of applications

1.2 Classification of computer networks

classification	English	The scope of	area
wan	WAN(Wide Area Network)	Tens to thousands of kilometers	Inter-provincial and inter-national
Metropolitan area network	MAN(Metro. Area Network)	5KM-50KM	City to city
Local area network (LAN)	LAN(Local Area Network)	1 km	Within the region

The history of computer networks

World Internet development history
- Single network ARPANET
  - Computer –> switch <– computer
- Tertiary structure Internet
  - Backbone network –> Regional network –> campus network
- Multi-level ISP Internet
  - Internet Service Provider (ISP): indicates the network Service Provider
  - China Telecom, China Mobile, China Unicom, etc
  - Backbone ISP(submarine cable)–> Regional ISP(Shandong Mobile)–> Campus, family, company
  - Check out the global Web map: www.infrapedia.com/app
The development history of the Internet in China
- Internet experiments began in 1980
- The first public network was established in 1989
- Access to the Internet
- Chinese Internet companies
  - China Telecom Internet CHINANET
  - China Unicom Internet UNINET
  - China Mobile Internet CMNET
  - China Education and Research Computer Network CERNET
  - China Science and Technology Network CSTNET
  - In 1996, Zhang Chaoyang founded Sohu
  - Ding Lei founded netease in 1997
  - Wang Zhidong founded Sina in 1998
  - Tencent was founded in 1998 by Ma Huateng and Zhang Zhidong
  - Jack Ma founded Alibaba in 1999
  - Robin Li founded Baidu in 2000

1.4 Computer network hierarchy

Basic principles of hierarchy design
- Layered implementation of different functions
  - Ensure smooth data paths
  - Identification object computer
  - Destination computer state
  - Whether the data is wrong
  - Hierarchical division: Network application data (video, file, game)–> reliable data communication (data error, duplication)–> physical network access (photoelectric and other physical characteristics)
- The layers are independent of each other
- Each layer should be flexible enough
- The layers are completely decoupled
OSI seven layer model
- Application layer: Provides interfaces and services for computer users
- Presentation layer: data processing (encoding and decoding, encryption and decryption, etc.)
- Session layer: Manages (establishes, maintains, and reconnects) communication sessions
- Transport layer: Manages end-to-end communication connections
- Network layer: Data routing (determining the path of data across the network)
- Data link layer: Manages data communication between adjacent nodes
- Physical layer: photoelectric physical characteristics of data communication
- OSI had difficulties in marketization, and TCP/IP was running successfully around the world
- OSI wants to be the standard for computers around the world
- OSI did not eventually become the widely used standard model
- Why was it not accepted
  - The development cycle of OSI standards is too long, and the equipment manufactured according to OSI standards cannot enter the market in time
  - OSI experts lack practical experience
  - The OSI model was poorly designed and some functionality was repeated in multiple layers
TCP/IP four-tier model
- Application layer: HTTP/FTP/… , corresponding to OSI application layer, presentation layer, and session layer
- Transport layer: TCP/UDP, corresponding to OSI transport layer
- Network layer: IP/ICMP, corresponding to the OSI network layer
- Network interface layer: Ethernet/ARP/RARP, corresponding to OSI data link layer, physical layer

1.5 Network topology of modern Internet

edges
- Home: Terminal machine (mobile phone)–> router –> Gateway –> area ISP
- Enterprise: Terminal machine (computer) > Router > Internal Gateway > Unified Gateway > Area ISP
The core part of the
- Regional ISP–> Trunk ISP–> International router
The network connections are intricate
Access devices in the billions
The network covers the entire globe

Client-server (C/S) mode
- C requests the service –>S obtains the service
Peer-to-peer connection (P2P) mode

1.6 Performance indicators of computer networks

rate
- Rate unit: BPS =bit/s
- Why is the test peak speed of 100M/s fiber only 12M/s?
  - BPS to byte conversion
  - Common network unit: (Mbps)
  - 100M/s = 100Mbps = 100Mbit/s
  - 100 mbit/s = (100/8) MB/s = 12.5 MB/s
Time delay
- Total delay = sending delay + queuing delay + propagation delay + processing delay
- Send time delay
  - Transmission delay = Data Length (𝑏𝑖𝑡)/ Transmission rate (𝑏𝑖𝑡/𝑠)
  - The sending rate is limited by the computer network card
- Transmission delay
  - Transmission delay = Transmission path distance/Transmission rate (𝑏𝑖𝑡/𝑠)
  - The propagation rate is limited by the transmission medium, copper wire, light
- Queuing delay
  - The time a packet is waiting to be processed in a network device
- To deal with time delay
  - The time it takes for a packet to reach the device or destination machine to be processed
Round-trip time RTT
- RTT indicates the round-trip time of data packets in end-to-end communication
- Route-Trip Time (RTT) is an important indicator to evaluate network quality
- You can run the ping command to view the RTT

2. The physical

2.1 Roles of the physical Layer

Related equipment
- Twisted-pair cable
- Coaxial cable
- Optical fiber
- infrared
- wireless
- The laser
Transmission bitstream
Connect different physical devices
Physical properties
- Mechanical properties
- Electrical characteristics
- features
- Process characteristics

2.2 Basic Concepts of Channels

A communication circuit consists of a receiving channel and a transmitting channel
A channel is a medium that sends information in one direction
Simplex channel
- Cable TV, radio, etc
- Can only communicate in one direction, no feedback in the opposite direction of the channel
Half duplex channel
- Both parties cannot send or receive at the same time
- Both parties can send and receive messages
Full duplex channel
- Both parties can send and receive messages simultaneously
Divide – reuse technology
- Channel utilization is not high, right?
- Points with the device
- multiplexer
- Frequency division multiplexing
- Time-division multiplexing
- WDM
- Code division multiplexing

3. Data link layer

3.1 Main Functions of the Data Link Layer

Encapsulated into a frame
- The sender adds a specific marker before and after a piece of data at the network layer to form a “frame”
- Frame is the basic unit of data at the data link layer
- The receiver identifies the “frame” according to the specific mark before and after it.
- The physical layer doesn’t care if you “frame” or not, the physical layer acts as a bit stream
- IP datagrams –> Data of “frame” [header of frame, data of “frame”, end of frame]
- The frame header and tail are specific control characters (specific bitstream) SOH: 00000001, EOT: 00000100
Transparent transmission
- “Something that’s real and yet looks like it’s not.”
- “Transparency” is a very important term in computing
- “That is, the control character is in the frame data, but is treated as if it does not exist.”
- There are also control characters in the data, the control characters in the data for special processing, escape
- “\n”, “\t” and other control characters. In programming languages, “\” is generally an escape character, “\”, “\\”
Error monitoring
- The data link layer is responsible for “error monitoring”
- The physical layer just transmits the bit stream and has no control over whether something goes wrong
- Cyclic redundancy check code CRC
  - Detect errors that may occur after data is transferred or saved
  - A method of generating a fixed – digit check code from transmitted or saved data
  - The resulting number is calculated and appended to the data
  - “2” division
    - Similar to arithmetic division, but without borrowing, division is actually an xor operation
    - Modular “2” division is division in binary
    - 0 xOR 0 = 0, 0 xor 1 = 1, 1 xor 0 = 1, 1 xor 1 = 0
  - Testing process
    - Select a polynomial G(x) for verification and add r zeros to the end of the data
    - To add r zeros to the data, divide by the polynomial bit string using modular “2” division
    - The remainder is filled with r zeros of the original data to give a checkable bit string
    - Example 1: Compute a checkable bit string of 101001 using CRC
      - The calculation process is a bit difficult!!
  - The data link layer only detects data but does not correct it. If an error occurs, the data is discarded
  - The error detection capability of CRC is related to the order r of the bit string
- Parity check code
  - Detection mechanism: add one bit (1 or 0) to the last bit of the bitstream, (add 1 in all bitstreams) even plus 0, odd plus 1
  - Defects: error two, parity check code can not detect errors

3.2 Maximum Transmission Unit MTU

MTU
- Data frames at the data link layer are also not infinite
- Maximum Transmission Unit (MTU)
- Data frames that are too large or too small can affect transmission efficiency
- Total delay = sending delay + queuing delay + propagation delay + processing delay
- An Ethernet MTU is usually 1500 bytes
The path MTU
- The MTU of a path is determined by the minimum MTU of the link
- Barrel effect

3.3 Ethernet Protocols

The MAC address
- A MAC Address is a Media Access Control Address, also called a LAN Address.
- Each device has a unique MAC address
- MAC address (physical address, hardware address)
- A MAC address contains 48 digits in hexadecimal notation
- Ipconfig /all Displays all MAC addresses of the host. Run the command 30-b4-9e-ed-85-ca
Ethernet protocol
- Ethernet is a protocol used at the data link layer
- Ethernet is a widely used local area network technology
- Ethernet can be used to transfer data frames between neighboring devices
- Ethernet data format
  - Type: 0800: IP packet. 0806: ARP request/reply. 8035: RARP request/reply
Destination address (MAC address) Unit byte Source address type The frame data CRC check code

6 6 2 46-1500. 4
- The MAC address table is held by the router
The MAC address Hardware interface

31-B4-9E-ED-85-CA Interface 1

32-B4-9E-ED-85-CB Interface 2

33-B4-9E-ED-85-CC Interface 4
- Terminal A sends data to terminal C through the router
  - A sends data frames through the network adapter
  - The data frame arrives at the router and the router retrieves the first 6 bytes (destination MAC address)
  - The router matches the MAC address table and finds the corresponding network interface
  - The router sends a data frame to the network interface
  - If the MAC address table does not match successfully
  - The router broadcasts A’s packet to A port other than A
  - The router checks the MAC address table and finds no information about C
  - The router receives the response from B and C and records the address
- The Ethernet protocol only provides transmission between adjacent physical nodes, but cannot be transmitted across devices. Therefore, the network layer is required

Destination address (MAC address) Unit byte	Source address	type	The frame data	CRC check code
6	6	2	46-1500.	4

The MAC address	Hardware interface
31-B4-9E-ED-85-CA	Interface 1
32-B4-9E-ED-85-CB	Interface 2
33-B4-9E-ED-85-CC	Interface 4

4. The network layer

4.1 Main Functions of the Network Layer

Network layer: Data routing (determining the path of data across the network)
The data link layer can only handle the transmission of adjacent physical nodes

4.2 IP Protocol Details

Virtual Internet
- Physical devices use IP to mask the differences between physical networks
- The actual computer network is intricate
- When hosts on the network use IP to connect, you do not need to pay attention to network details
- The IP protocol allows the network layer to focus on data forwarding at the network layer and shield the underlying details
- The IP protocol transforms the complex physical network into a virtual interconnection network
- IP protocol solves the problem of datagram transmission path in virtual network

TCP/IP protocol

The IP address
- MAC address: 30-B4-9E-ED-85-CA: 00110,000-11000020-11101101-01000101-11001010
  - 48 bits in hexadecimal notation
  - Unique, immutable
- P address: 192.168.11.11:11000000.10101000.00001011.00001011
  - 32-bit, usually divided into four 8-bits, expressed in dotted decimal notation, 2^32 = 4294961296
  - The IP address is often usedDotted decimalTo represent (0~~255.0~~255.0~~255.0~~255), for example, 255.255.255.255
  - Changes may occur due to network environment
IP Packet Format

The protocol layer	The data format
The physical layer	001010101001110110101010101010… 10101010101010101010101010101
Data link layer	[Frame header] [data of “frame”] [frame tail]
The network layer	[IP header] [IP datagram data]

Functions of parameters in the IP packet header

Four versions	4 bit head length	8-bit Service Type (TOS)
A 16-bit identification	Three signs	13 bit slice offset
8-bit survival time (TTL)	Eight agreement	16-bit head checksum
32-bit source IP address
32-bit destination IP address
Options (if any)
IP data

Each line contains 32 bytes. The sixth line is optional. Therefore, the header of an IP packet contains at least 20 bytes
The first line
- Version: contains four bits. The VERSION of the IP protocol must be the same as that of the communication party. Currently, the mainstream version is 4, that is, IPv4 and IPv6
- Length of header: contains 4 bits. The maximum value is 15, indicating the length of the IP header. The unit is 32-bit word (4 bytes)
- 8-bit service type (TOS) : THE TOS contains 8 bits, including 3 bits of the priority field (ranging from 000 to 111), 4 bits of the TOS subfield, and 1 unused bit that must be set to 0.
- Total length: 16 bits. The maximum value is 65535, which indicates the total length of an IP packet (IP header +IP data) and the MTU of the data link layer. If the data in an IP packet is more than the data in frames, the packet needs to be fragmented
The second line
- 16-bit identifier: used internally over IP protocols
- 3-bit flag: indicates whether sharding is possible
- 13 bit slice offset: the number of slices
The third line
- TTL: contains 8 bits, indicating the lifetime of an IP packet on the network. The TTL decreases by 1 for each device. When the TTL is 0, the network device must discard the packet to avoid unlimited data transmission on the network
- Protocol: 8 bits, indicating the protocol of the specific data carried by IP data (such as TCP and UDP)
  - Protocol name ICMP, IGMP, IP, TCP, UDP, OSPF… , field values 1, 2, 4, 6, 17, 89…
- Header checksum: 16 bits to check whether there are errors in the IP header
Source IP address: Indicates the sender
Destination IP address: Indicates the receiver

4.3 IP Forwarding Process

By jumping (hop – by – hop)
The routing table
- A computer or router has a routing table
- MAC address table and routing table
The MAC address Hardware interface Destination IP address IP address of the next hop

A E1 IP1 IP4

B E2 IP2 IP5

C E3 IP3 IP6
Forwarding process: network layer
- A sends the datagram to E
- User A sends an IP packet destined for C and queries the routing table to find that the next hop is E
- E queries the routing table and finds that the next hop is F and sends the data packet to F
- F queries the routing table, finds that destination C is directly connected, and sends the data packet to destination C
The IP address of each hop of the IP packet remains unchanged
The MAC address of the data frame changes with each hop

The MAC address	Hardware interface	Destination IP address	IP address of the next hop
A	E1	IP1	IP4
B	E2	IP2	IP5
C	E3	IP3	IP6

4.4 ARP and RARP

ARP protocol
- Address Resolution Protocol (ARP) searches for MAC addresses based on IP addresses
- ARP cache table: [IP address, MAC address] For example, 192.168.83.254-00-50-56-E0-33-40
- The ARP cache table caches the mapping between IP addresses and hardware addresses
- ARP cache table is the key of ARP and RARP
- Records in the ARP cache table are not permanently valid and have a certain period of time
- Arp -a: displays the ARP cache table
- Datagram format, 28 bytes in total, encapsulated in the data link layer, for the network layer [type 0806, ARP request/reply, PAD]
  - Hardware type: 2 bits
  - Protocol type: 2 bits
  - Mark, 24
  - Ethernet address of the sending end, 6 bits
  - The sender IP address is a 4-bit IP address
  - Destination Ethernet address, 6 bits
  - The destination IP address is a 4-bit IP address
RARP protocol
- Reverse Address Resolution Protocol (RARP) Reverse Address Resolution Protocol
- Data link layer MAC48-bit address — network layer IP32-bit address
ARP and RARP operations are transparent to the programmer
(R)ARP is the basic protocol in the TCP/IP stack
Understanding ARP helps you understand the details of network layering
Forwarding process: network layer + data link layer + physical layer
- Step 1: A->E
  - User A sends an IP packet destined for C and queries the routing table to find that the next hop is E
  - A sends the IP packet to the data link layer and informs the destination MAC address of E
  - The source MAC address A and destination MAC address E are filled in the data link layer
  - The data link layer sends data to E through the physical layer
- Step 2: E–>F
  - The data link layer of E receives the data frame and delivers the frame data to the network layer
  - E Queries the routing table and finds that the next hop is F
  - E sends the packet to the data link layer and informs the destination MAC address F
  - The data link layer of E encapsulates the data frame and sends it
- Step 3: F–>C
  - The data link layer of F receives the data frame and delivers the frame data to the network layer
  - F Queries the routing table and finds that the next hop is C
  - F sends the datagram to the data link layer and informs the destination MAC address of C
  - The data link layer of F encapsulates the data frame and sends it

4.5 IP Address Classification

The LENGTH of the IP address is 32 bits, usually divided into four 8-bits. The IP address is usually expressed in dotted decimal notation (0 255.0 255.0 255.0 255). 2^32 = 4294961296
Planning and assigning IP addresses directly to more than 4.2 billion IP addresses is cumbersome
IP address = [Network number + Host number] = [Network number + (Subnet number + host number)] =

IP address of the class

The network number
- The number of bits of the network number directly determines the number of networks that can be allocated (calculation method =2^ Number of bits of the network number – number of special networks)
The host
- The number of host numbers determines the maximum number of hosts in the network (calculation method =2^ Number of host numbers – number of special hosts)

IP type	composition	Minimum network number	Maximum network number	Number of subnets (ideal)	Minimum host number	Maximum host number	The host number
A	8-bit network number (starting with 0) + 24-bit host number	0 (00000000).	127 (01111111).	2 ^ 7 = 128	0.0.0	255.255.255	2 ^ 24 = 16777216
B	16-bit network number (starting with 10) + 16-bit host number	128 (100000000). 0	191 (10111111). 255	2 ^ 14 + 8 (6) = 16384	0.0	255.255	2 ^ 16 = 65536
C	24-digit network number (starting with 110) + 8-digit host number	192 (110000000). 0.0	223 (11011111). 255.255	2 ^ 21 (5 + 8 + 8) = 2097252	0	255	2 ^ 8 = 256
D	Multicast address (starting with 1110)	224 (111000000). 0.0.0	239 (11101111). 255.255.255	2 ^ 4 = 16
E	Reserved for later use (beginning with 1111)	240 (111110000). 0.0.0	225 (11111111). 255.255.255	2 ^ 4 = 16

Special network number
- Class A Address The last seven digits of A network segment are all 1s (011111:127), indicating A loopback address
- Class A Address network segment all 0(00000000) indicates A special network
- The class B address segment (10000000.00000000:128.0) is not available
- Class C address network segments (192.0.0) are not available
- The number of available subnets for Class A IP addresses in the preceding table is 2^7-2, 2^14-1, and 2^21-1
Special host number
- Host ids with all 1s are broadcast addresses. Messages are sent to all hosts on the current network segment, for example, 1.0.0.0
- All 0s indicate the current network segment and cannot be assigned to a specific host, for example, 1.255.255.255
- The number of available host numbers for A\B\C in the table above is: 2^24-2, 2^16-2, 2^8-2
127.0.0.1, commonly known as a Loopback Address, does not belong to any of the classified Address classes. Localhost is a domain name
How to determine which type of IP address an IP address belongs to
- Take out the first eight:
- Class A :(0,127) / 0xxxxxxx,
- B类 : [128,19]) / 10xxxxxx,
- Class C: [192,223] / 110XXXXX

4.6 Subnets for IP Addresses

A company has 100 employees, each equipped with a computer, which network segment should the company apply for?
- The number of hosts that can be allocated to class C is 2^8-2=254
A company has 256 employees, each equipped with a computer, which network segment should the company apply for?
- The number of class B hosts that can be allocated is 2^16-2=65534
- This causes a lot of address space waste
Subnet number
- IP address = [Network number + Host number] = [Network number + (Subnet number + host number)] =
- For example, a class C IP 193.10.10.0 = 24-bit network number (starting with 110) + 8-bit host number
- The host number segment is.0=.00000000
- Divide the highest bit of the host number segment into.00000000 and.10000000 subnets
- .00000000 a subnet can represent hosts in the following range :(0).00000000 – (127).01111111
- .10000000 a subnet can represent the following hosts :(128).10000000 — (255).11111111
- A company with 100 employees, each equipped with a computer, can apply for a subnet of Class C IP to make full use of the number of IP addresses
Subnet mask
- With so many subnet numbers, is there a way to quickly determine the network mask number of an IP address?
- A subnet mask consists of consecutive ones and zeros
- The subnet mask and IP address are both 32 bits
- The subnet mask of a subnet has a number of consecutive 1’s
- Subnet mask of class A IP address: 255.0.0.0
- The subnet mask of class B IP addresses is 255.255.0.0
- The subnet mask of class C IP addresses is 255.255.255.0
- Subnet mask: subnet mask – Subnet ID – Host ID
  - For example, 193.10.10.0 = 24 bit network number (starting with 110) +1 seat network number +7 bit host number
    - The subnet mask is 255.255.255.128 (consisting of 24+1 and 7 0’s).
    - Find the subnet number corresponding to IP address 193.10.10.6
    - The first step in IP corresponding binary: 193.10.10.6-11000001.00001010.00001010.00000110
    - The second steps network corresponding binary mask: 255.255.255.128-11111111.11111111.11111111.10000000
    - Step 3: just a little step and get subnet number 11000001.00001010.00001010.00000000-193.10.10.0 operation

4.7 Non-Classified Address CIDR

IP address = [Network number + Host number] = [Network number + (Subnet number + Host number)]
Subnets are relatively complex and hence CIDR
Classless Inter-domain Routing
CIDR has no concept of class A, B, or C network numbers and subnets
CIDR refers to an IP address with the same network prefix as a “CIDR address block”
IP address = [Network Prefix + Host NUMBER]
Network prefixes are arbitrary digits

CIDR uses slash notation to represent an IP address

25 = = 11000001.00001010.00001010.10000001 193.10.10.129 /
25 indicates that the network prefix has 25 bits and the host bit has 7 bits
More flexible than the original subnet division
Hypernet – subnets

CIDR Prefix length	The mask is in dotted decimal notation	Address several
/ 13	255.248.0.0	2^19=512K
/ 14	255.252.0.0	2^18=256K
/ 15	255.254.0.0	2^17=128K
/ 16	255.255.0.0	2^16=64K
/ 17	255.255.128.0	2^15=32K
/ 18	255.255.192.0	2^14=16K
/ 19	255.255.224.0	2^13=8K

4.8 Network Address Translation NAT

IPv4 has at most 4 + billion IP addresses
Incorrect IP address planning causes IP number waste
Network topology: Edge segment: Home, how can multiple devices reuse the same IP address
A network address
- Internal use
- Avoid the same external address
- Three Types of Intranet Addresses
  - 10.0.0.0 to 10.255.255.255 (Supporting tens of millions of devices)
  - 172.16.0.0 to 172.31.255.255 (millions of devices supported)
  - 192.168.0.0 to 192.168.255.255 (support tens of thousands of devices)
Outside the web address
- Worldwide use
- Unique in global public network

Network address translation (NAT)

If multiple devices on the Intranet use the same IP address to request services from the Internet, how can the Internet know which device requests services?
Network Address Translation (NAT)
NAT is used in private networks where multiple hosts access the Internet through a single public IP address
NAT slows down the consumption of IP addresses but increases the complexity of network communication
Port (Port)
Port mapping table: NA(P)T table

Data transmission direction	Old address and port number	New address and port number
Out of the	92.168.2.11:6666	173.21.59.10:16666
Out of the	192.168.2.10:7777	173.21.59.10:17777
Into the	173.21.59.10:16666	192.168.2.11:6666
Into the	173.21.59.10:17777	192.168.2.10:7777

4.9 ICMP Details

Internet Control Message Protocol
ICMP can report error messages or exceptions, assisting IP protocols
Network layer [IP header] – [IP datagram data]
[IP header] Protocol: 8 bits, indicating the protocol of the specific data carried by IP data (such as TCP, UDP, ICMP, etc.)
ICMP data is encapsulated in IP datagram data
[ICMP header] – [ICMP packet data]
8-bit type + 8-bit code + 16-bit checksum +ICMP packet data

classification

Error report message
Ask a message

ICMP Packet Types	The value of the type	Message type	Specific code
Error report message	3 (The end point is unreachable)	The network or host is unreachable	0/1
	5 (Redirection)	Redirection the network/host	0/1
	11	Transmission timeout	–
	12	Bad IP header/missing other necessary parameters	0/1
Ask a message	0 or 8	Echo a request or reply	–
	13 or 14	Timestamp request or reply	–

Application of ICMP packets
- Ping application
  - Query message-0 or 8-echo request or reply
  - Ping loopback address 127.0.0.1. If the loopback address fails, the protocol stack on the computer may be faulty and the operating system needs to be reinstalled
  - If the Ping fails, the gateway router may be faulty
  - If the Ping fails, a problem may occur between the ISP and the home device, and you need to contact the ISP to resolve the problem
- Traceroute application
  - Traceroute can detect the path of IP datagrams across the network
  - [IP header] TTL: occupies 8 bits, indicating the lifetime of IP data packets in the network. For each device, the TTL decreases by 1. When the TTL is 0, the network device must discard the ICMP destination unreachable error packet
  - Commands: Windows: tracert github.com, Mac: traceroute to github.com
    - 221.179.159.20 Beijing Mobile
    - 111.24.3.17 from mobile
    - 223.119.2.21 From Hong Kong Mobile
    - 52.93.11.39 from Amazon Cloud Singapore

4.10 Overview of Routes at the Network Layer

Routing table problems
- Where do routing tables come from
- Is the next hop address unique?
- Where did the next-hop address come from?
- Is the next-hop address optimal?
- How many routers and how do they work together?
- It takes a good algorithm to solve these things
Routing algorithm
- Each edge represents a network path
- Each vertex represents a network, router, or computer
- The routing algorithm is actually a graph algorithm
- The routing algorithm is more complicated than graph theory in the complex network environment
- What are the features of the routing algorithm
  - The algorithm is correct and complete
  - The algorithm should be as computationally simple as possible
  - The algorithm can adapt to the changes in the network
  - The algorithm is stable and fair

4.11 Autonomous System (AS)

Divide the Internet
- The scale of the Internet is huge
- The Internet environment is very complex
- Autonomous System
- The protocols of as internal routing are called Internal Gateway Protocol (RIP, OSPF).
- As external routing protocol is called EXTERNAL Gateway Protocol (BGP).
- The two internal gateway protocols need to communicate through the external gateway protocol
An autonomous system (AS) is a group of network devices under a management authority
The internal network of an AS is managed by itself, and the AS provides one or more outbound (inbound) ports

4.12 RIP of Internal Gateway Routing Protocol

Distance vector (DV) algorithm
- DV=Distance vector
- Each node uses two vectors 𝐷𝑖 and S𝑖
- 𝐷𝑖 describes the distance between the current node and other nodes
- S𝑖 describes the next node from the current node to another node
- Each node exchanges information about the vectors 𝐷𝑖 and S𝑖 with its neighbors
- Each node updates its own node information based on the information exchanged
- Algorithm implementation process
  - todo
RIP process
- Routing Information Protocol (RIP)
- RIP is a routing protocol that uses the DV algorithm
- RIP takes the hop as the distance of the DV algorithm
- RIP exchanges routing information every 30 seconds
- RIP considers the route with a hop count greater than 15 as unreachable
- The specific process
  - The router initializes the routing information (two vectors 𝐷𝑖 and S𝑖)
  - Modify the content of the information sent from neighboring router X (set the next-hop address to X, and increase all distances by 1)
    - Retrieves local routes and inserts new routes from the information into the routing table
    - Retrieves the local route with the modified information for the next hop of X
    - Retrieves local routes, compares distances to the same destination, and updates the local routing table if the new information is smaller
  - If no adjacent route information is received within 3 minutes, the adjacent route is set to unreachable (16 hops).
Advantages and disadvantages of RIP
- Fault information is slowly transmitted
- RIP: Simple to implement and cost little
- RIP: Limits the network scale
- RIP: Bad message transmission is slow, and the update convergence takes a long time
Dijkstra algorithm
- Dijkstra is a famous graph algorithm
- Dijkstra algorithm solves the shortest path problem of power graph from one node to other nodes
- “Take the starting point as the center and spread out layers.”
- Shortest path problem
  - Initialize two sets (S, U) (S is the set with only the initial vertex point A, U is the set of other vertices)
  - If U is not empty, sort the vertices of U by distance and extract the vertex D nearest A
    - I’m going to put the vertex D into the set S
    - Updates the distance from vertex D to all points of the set U (updated if the distance is smaller, otherwise not updated)
    - Repeat step 2
  - We know that U is empty. We’re done

OSPF of the internal gateway routing protocol

Link state (LS) protocol
- Send messages to all routers
- The message describes the link status between the router and its neighbor
  - Distance, delay, bandwidth
- Update information is sent only when the link status changes
OSPF process
- OSPF(Open Shortest Path First)
- The core of OSPF is the Dijkstra algorithm
- Send messages to all routers
  - Get all the information in the network –> complete Network topology
  - Also known as “link State database”
  - Link-state database is consistent across the network
  - Dijkstra algorithm
- The message describes the link status between the router and its neighbor
  - OSPF is more objective and advanced
- Update information is sent only when the link status changes
  - Reduced data exchange, faster convergence
- Router access network
- The router sends a greeting message to the neighbor
- Communicates with the neighbor link state database
- Broadcast and update unknown routes
Five message types
- Greeting message (Hello)
- Description of the link-state database
- Link status request information
- Link status updates
- Link status confirmation information

RIP	OSPF protocol
Look at the network from your neighbor	The topology of the entire network
Add the distance between routers	Dijkstra computes the shortest path
Updates frequently and periodically, and convergence is slow	State changes are updated, convergence is fast
Copy routing information between routes	Routes transfer link status and calculate their own paths

4.13 External Gateway Routing Protocol BGP

Border Gateway Protocol (BGP)
BGP is a protocol between home-made systems (AS)
The Internet is huge
The AS uses different routing protocols internally
Factors other than network characteristics (politics, security…) need to be considered between ass.
BGP can find a good route to the destination
Speaker of BGP
- BGP does not care about the internal network topology
- Ass communicate with each other through the BGP spokesperson
- BGP speakers can manually configure policies

5. The transport layer

5.1 Main Functions of the Transport Layer

Essence: process to process communication across devices
- Single-machine interprocess communication mode: shared memory, Unix domain socket
Concepts of ports
- Use ports to mark different network processes
- Port indicates a 16-bit Port (0 to 65535).
FTP HTTP HTTPS DNS TELNET

21 80 443 53 23

FTP	HTTP	HTTPS	DNS	TELNET
21	80	443	53	23

5.2 Details about UDP

UDP is a very simple protocol
User Datagram Protocol (UDP)
A Datagram (Datagram)
- No merge, no split
Level position

The protocol layer	The data format
The physical layer	001010101001110110101010101010… 10101010101010101010101010101
Data link layer	[Frame header] [data of “frame”] [frame tail]
The network layer	[IP header] [IP datagram data]
The transport layer	[UDP header] [UDP datagram data (application layer data)]

Message structure
- 16-bit source port + 16-bit destination port
- 16-bit UDP length + 16-bit UDP checksum
- The header packet contains 8 bytes
- UDP data
- Meaning of each packet field
  - 16-bit source port number
    - The network process used by the source machine
  - 16-bit destination port number
    - The process used by the destination machine
  - 16-bit UDP length
    - The length of a UDP datagram, minimum 8 bytes including hands only
  - 6-bit UDP checksum
    - Detects whether errors occur in the transmission of datagrams
The characteristics of UDP
- UDP is a connectionless protocol
- UDP cannot guarantee reliable delivery of data, “just send”, “can not guarantee whether the data is lost in the network”
- UDP is packet – oriented
- UDP has no congestion control
- UDP’s header overhead is small

5.3 Details of TCP Packets

Transmission Control Protocol (TCP)
TCP is a very complex protocol in computer network
Level position

The protocol layer	The data format
The physical layer	001010101001110110101010101010… 10101010101010101010101010101
Data link layer	[Frame header] [data of “frame”] [frame tail]
The network layer	[IP header] [IP datagram data]
The transport layer	[TCP header] [TCP datagram data]

The characteristics of
- TCP is a connection-oriented protocol
- A TCP connection has two ends (point-to-point communication)
- TCP provides reliable transport services
- TCP provides full-duplex communication
- TCP is a byte stream – oriented protocol, merge and split

Message structure

16-bit source port 16-bit destination port
A 32-bit number
32-bit confirmation number
Data offset + reserved field +TCP tag + window
16-bit checksum + 16-bit emergency pointer
The above line is fixed to 20 bytes
TCP option (Optional) + Padding

Meaning of each packet field

16-bit source port number
- The network process used by the source machine
16-bit destination port number
- The process used by the destination machine
A 32-bit number
- 0 to 2 ^ 32-1
- Byte – oriented stream, sequence number per byte
- Number of the first byte of data
32-bit confirmation number
- 0 to 2 ^ 32-1
- An ordinal number per byte
- The first byte sequence number of the data expected to be received
- If the confirmation number is N, the data numbered N-1 has been received
Data migration
- The value ranges from 0 to 15 in 32-bit characters
- Distance of data from header
Keep field

TCP tag

Six, each with a different meaning
The TCP three-way handshake and four-way wave will use the notation here

tag	meaning
URG	Urgent: Indicates Urgent data, URG=1
ACK	Acknowledgement: Confirmation bit, ACK=1, confirmation number takes effect
PSH	Push: the Push bit, PSH=1, delivers data to the application layer as quickly as possible
RST	Reset: Resets the bit, RST=1, and reestablishes the connection
SYN	Synchronization: indicates the Synchronization bit. SYN=1 indicates connection request packets
FIN	Finish: Terminates the connection. FIN=1 indicates that the connection is released

window
- Occupy 16 bits: 0~2^16-1
- Window indicates the amount of data that the other party is allowed to send
- If the confirmation number is 500 and the window size is 1000, 501-1500 is acceptable
16-bit checksum
16 bit emergency pointer
- Emergency data (URG=1)
- Specifies the location of the emergency data in the message
TCP options (Optional)
- Up to 40 bytes
- Support future expansion
fill

5.4 Basic Principles of TCP Reliable Transmission

Stop waiting protocol
- An error-free situation
- A situation where something goes wrong
  - The sent message was lost on the way
  - The confirmation message was lost on the way
  - Confirmation took a long time to arrive
  - Timeout retransmission
  - Timeout retransmission timer
    - Each time a message is sent, a timer needs to be set
- The advantages and disadvantages
  - The stop-wait protocol is the simplest reliable transport protocol
  - The channel utilization efficiency of the stop-wait protocol is not high
Continuous ARQ protocol
- ARQ(Automatic Repeat reQuest)
- Since it is inefficient to send and confirm individually, is it possible to send and confirm in batches?
- The sliding window
  - Fixed a batch of bytes in the window, confirm a few Windows slide back a few
- The cumulative confirmation
  - Once a message is acknowledged, all previous messages are acknowledged

5.5 Reliable TCP Transmission

The reliable transmission of TCP is based on continuous ARQ protocol
TCP’s sliding window is in bytes
The sliding window
- [Confirmed byte sequence number] – [Window] – [Not allowed to send byte sequence number]
- Byte data in window: sent unacknowledged + available window
- If the acknowledgement messages at the beginning of the window are not received in sequence, but only the middle acknowledgement messages are received, the window does not slide, and timeout retransmission is performed
- Select the retransmission
  - Select retransmission to specify the bytes to be retransmitted
  - Each byte has a unique 32-bit ordinal number
  - Store in TCP option (optional)
  - A maximum of 40 bytes, serial number exhibition 4 bytes, a maximum of 10 serial numbers, each serial number represents the starting and ending position of a section, segmentation transmission

5.6 TCP Traffic Control

Flow control means to keep the sender from sending too fast
Flow control is achieved using a sliding window
Flow control flow
- ** Window (RWND) ** Specifies the amount of data that the other party is allowed to send
- ** Serial number (SEQ) ** Identifies the byte stream sent from the TCP source to the TCP receiver. It represents the first byte in the packet segment. If you think of the byte stream as a one-way flow between two applications, TCP counts each byte with an ordinal number. The serial number is a 32-bit unsigned number that starts from 0 when it reaches 232-1. sequence
- Acknowledgement sequence number (ACK) is the sequence number of the last successfully received data byte plus 1. The confirmation sequence number field is valid only when the ACK flag bit is 1. acknowledgement
- Acknowledgement bit: Acknowledgement bit, ACK=1, Acknowledgement number takes effect
- Sender: send 100 bytes of DATA (seq=1, DATA)
- Sender: send 100 bytes of DATA (seq=101, DATA)
- -> Receiver: confirm 200 bytes of data and tell the other side that the window is 300 (ACK=1, ACK= 201, RWND =300)
- Sender: send 100 bytes of DATA (SEq =301, DATA)
- Sender: send 200 bytes of DATA (seq=401, DATA)
- -> Receiver: confirm 300 bytes of data and tell the other side that the window is 0 (ACK=1, ACK= 601, RWND =0)
- -> The receiver needs to send the window size to the sender if it wants to receive data again
- Will there be a deadlock if the window adjustment request goes wrong
- Stick to timers to avoid deadlock situations
Hold timer
- When a message with window 0 is received, the persistence timer is started
- The persistence timer sends a window detection packet at intervals

5.7 TCP Congestion control

A data link passes through many devices
Each part of the data link may become the bottleneck of network transmission
Congestion control VS flow control
- Traffic control considers the control of point-to-point traffic
- Congestion control considers the entire network and is a global consideration
Congestion judgment: Packets that time out are considered to be congested
Congestion control algorithm
- Slow start algorithm
  - Gradually increase the amount of data sent from small to large
  - Each time a packet is received, it adds one, for example, 1, 2, 4, 8, 16 (exponential growth).
  - Slow Start Threshold (SSTHRESH)
- Congestion avoidance algorithm
  - Maintains a congestion window variable greater than the slow start threshold
  - As long as the network is not congested, we try to increase the congestion window, 17, 18, 19
  - Maximize the use of pipes

5.8 Establishing a TCP Connection

TCP flag: 6 bits, each with a different meaning

tag	meaning
SYN	Synchronization: indicates the Synchronization bit. SYN=1 indicates connection request packets
ACK	Acknowledgement: Confirmation bit, ACK=1, confirmation number takes effect
FIN	Finish: Terminates the connection. FIN=1 indicates that the connection is released
seq	Sequence (SEQ) Identifies the byte stream of data sent from the TCP source to the TCP receiver. It represents the first byte in the packet segment. 32 –
ack	Acknowledgement is the last data byte acknowledgement that has been successfully received plus 1. Indicates that the id expected from the sender is its value. The acknowledgement id field is valid only when the ACK flag bit is 1. 32 –

Three-way handshake The process of establishing a TCP connection
- Receiver: Listening
- Sender: SYN=1, seq=x
- Sender: Synchronized sending
- Recipient: SYN=1, ACK=1, SEq = Y, ACK= x+ 1
- Receiver: Synchronization accepted
- Sender: ACK=1, SEq =x+ 1, ACK= y+1
- Sender: Establish a connection
- Receiver: Establishes a connection

Why three handshakes
- Avoid sending invalid connection request messages to the peer party, which may cause errors
- Avoid multiple connections when two connections are established
- On the third handshake, the sender can check if a third handshake has already been initiated, and if so, ignore other connections that have timed out

TCP three-way handshake
- The two parties using TCP to communicate must establish a connection before data can be transmitted. To ensure the reliability of the two parties, TCP adopts the three-way handshake policy when the two parties establish a connection.
- First handshake: The client sends a connection request packet with the SYN flag and then enters the SYN SEND state for the server to confirm.
- Second handshake: After receiving a SYN packet from the client, the server sends an ACK message to confirm the SYN packet. You also send your own SYN request. The server puts the above information into a packet segment (SYN+ ACK packet segment) and sends it to the client. Then the server enters the SYN RECV state.
- Third handshake: After receiving a SYN+ ACK packet from the server, the client sends an ACK packet to the server. After the ACK packet is sent, the client and the server enter the ESTABLISHED state to complete the TCP three-way handshake.
Why the third time
- Confirm the sending and receiving capabilities of both parties, a total of eight capabilities: their own sending and receiving and the other party’s sending and receiving
- First time: The server can know that the client’s sending and receiving capabilities are normal
- Second: The client can know that the receiving and sending capabilities of the server and its own sending and receiving capabilities are normal
- Third time: The server knows that the client’s ability to receive (the second time) and its ability to send (the second time) are normal

5.9 Releasing TCP Connections

TCP flag: 6 bits, each with a different meaning

tag	meaning
SYN	Synchronization: indicates the Synchronization bit. SYN=1 indicates connection request packets
ACK	Acknowledgement: Confirmation bit, ACK=1, confirmation number takes effect
FIN	Finish: Terminates the connection. FIN=1 indicates that the connection is released
seq	Sequence (SEQ) Identifies the byte stream of data sent from the TCP source to the TCP receiver. It represents the first byte in the packet segment. 32 –
ack	Acknowledgement is the last data byte acknowledgement that has been successfully received plus 1. Indicates that the id expected from the sender is its value. The acknowledgement id field is valid only when the ACK flag bit is 1. 32 –

Four release
- The process of releasing TCP connections for four times
  - Sender: FIN=1,seq= U
  - Sender: Release WAIT state (FIN-WaIT-1)
  - Receiver: ACK=1, SEq = V, ACK= U +1
  - Sender: Release WAIT state (FIN-WaIT-2)
  - Receiver: CLOSE the WAIT state (close-wait)
  - Receiver: There may be unsent data that needs to be sent because it is passively closed
  - Receiver: FIN=1,ACK=1, SEQ = W,ACK= U +1
  - Recipient: LAST confirmation status (last-ACK)
  - Sender: ACK=1, SEq = U +1, ACK= w+1
  - Sender: Time-wait
  - Receiver: Closed
  - Sender: Disabled
- Waiting timer
  - Waiting time: 2MSL
    - Max Segment Lifetime (MSL): indicates the maximum Lifetime of a packet Segment
    - MSL recommends 2 minutes
  - Why wait 2MSL?
    - Ensure that the ACK from the sender can reach the receiver
    - The last message was not acknowledged
    - If the receiver does not receive it within 2MSL, the receiver will resend the acknowledgement of the release request datagram
    - Ensure that all packets currently connected have expired

5.10 Sockets and socket programming

Use ports to mark different network processes. Ports are 16 bits (0 to 65535).
Network socket
- 𝐼𝑃: 𝑃𝑜𝑟𝑡—— socket
- A Socket is an abstract concept that represents one end of a TCP connection
- Data can be sent or received through sockets
- TCP connection is composed of two sockets: TCP = {𝑆 𝑜 𝑐 𝑘 𝑒 𝑡 1: 𝑆 𝑜 𝑐 𝑘 𝑒 𝑡 2} = {{𝐼 𝑃 : 𝑃 𝑜 𝑟 𝑡} {𝐼 𝑃 : 𝑃 𝑜 𝑟 𝑡}}
- Client -TCP connection – Server
- The service side
  - Create a socket
  - Bind a socket
  - Listen socket
  - Receive & process information
- The client
  - Create a socket
  - Connect a socket
  - Send a message
Client-server programming
- Java, Pathy
Network socket VS domain socket
- Domain socket: a domain socket file that does not pass through TCP/IP cluster. You are advised to use this file in a single machine
- Network socket: Both single-machine and cross-machine TCP/IP protocols go through the TCP/IP stack. Cross-process in a single-machine is not recommended

6. The application layer

6.1 Application Layer Overview

The transport layer and the following layers provide complete communication services
The application layer is the user-facing layer
Existing application layer software, transmission layer oriented programming
UDP
- Multimedia information distribution
  - Real-time video and voice information
TCP
- Reliable message transmission
  - Financial transactions with reliable communications MQ

6.2 Application Layer Functions

Type of application process packets (request packets and reply packets)
The syntax and format of the packet
The timing and rules for the application process to send data
Define rules for communication between applications

6.3 DNS Service Details

DNS (Domain Name System)
- Domains: Domain, network end, autonomous Domain
- Name: Name, IP address
Host processes: Web service, network storage service, remote call service, mail service
IP address + Port: 14.215.177.39:80, 14.18.245.164:25, 161.23.37.215:8810
The function of the DNS
- Use domain names to help you remember
  - In dotted decimal notation, words are easily remembered
  - Domain name –>DNS service –>IP
The domain name,
- A domain name consists of dots, letters, and numbers
- Dot divides different domains
- Domain names can be classified into top-level domains, second-level domains, and third-level domains
  - For example: WWW (tertiary domain).taobao(secondary domain).com(top-level domain)
  - Top-level domain
    - countries
      - Cn: China
      - Us: the United States
      - UK: England
      - Ca: Canada
    - general
      - Com:
      - Net: Network service organization
      - Gov: government agency
      - Org: Other organizations
  - The secondary domain
    - Qq, Taobao, Baidu, Alibaba, Aliyun, Amazon, Google, Facebook
Domain name server
- It is generally established by international or institutional organizations
- The query process
  - Local query, return if there is
  - Didn’t go to the root DNS server
  - The root DNS server tells you which TOP-LEVEL DNS server to look up
  - The TOP-LEVEL DNS server looks it up and tells the DNS server which one
  - If the DNS server is not found, the system returns to the root DNS server and searches again
DNS Domain name Resolution
- Usually we visit a website, using a host name or domain name to access. That’s because domain names are easier to remember than IP addresses (a set of pure numbers). But TCP/IP uses IP addresses for access, so there must be a mechanism or service to convert domain names to IP addresses. The DNS service is designed to solve this problem. It provides domain name to IP address resolution service.
- User input – Browser – Domain name query – Get IP- Send request – Web server – Send back web content – browser – Render – User
DNS Resolution Process
- Nearby principle
- Native host file
- Local DNS service
- Remote 13 root domain name service
- Forwarding mode

6.4 DHCP Protocol Details

What is the DHCP
- Dynamic Host Configuration Protocol (DHCP)
- DHCP is a LAN protocol
- DHCP is an application-layer protocol that uses UDP
The function of the DHCP
- Plug and play networking
  - Temporary IP, Intranet address, translated to extranet
  - Lease term. Lease term will be collected
DHCP working mechanism
- The default port on which the DHCP server listens is 67
- The host broadcasts DHCP discovery packets using UDP
- The DHCP server sends DHCP provision packets
- The host sends DHCP request packets to the DHCP server
- The DHCP server responds and provides an IP address

6.5 HTTP Protocol Details

What is the HTTP
- HyperText Transfer Protocol (HTTP)
- Hypertext: “hypertext”, “hyperlinked text”, “rich text”
- HTTP (s)://< host >:< port >/< path >, for example, www.baidu.com/
- HTTP is a reliable data transmission protocol
  - Web content: text, pictures, files, giFs, audio and video
- C/S: client ->HTTP —-> server
The Web server
- Hardware part: Ali Cloud virtual server, mini computer
- Software: Apache, Nginx
  - NginxEngine X is a high-performance HTTP and reverse proxy Web server that also provides IMAP/POP3/SMTP services.
  - Apache(transliteration Apache) is the world’s number one Web server software. It runs on almost any widely used computer platform and is one of the most popular Web server software because it is widely used across platforms and security.
- Working mechanism
  - Accept client connections
  - Receiving request message
  - Handle the request
  - Accessing Web Resources
  - Structural response
  - Send a reply
- HTTP request methods
  - GET: obtains the specified server resource
  - POST: submits data to the server
  - DELETE: deletes the specified server resource
  - UPDATE: Updates the specified server resource
  - PUT
  - OPTIONS
  - PATCH
  - HEAD
  - TRACE
- HTTP Specified resource
  - Specified in the address
  - Specified in the request data
- HTTP request packet
  - [Request method] [request address] [HTTP version]
  - [Request header]
  - [Request content]
- HTTP reply packet
  - [HTTP version] [Status code] [Status Description]
  - [Reply head]
  - [Reply content]
- HTTP reply status code
  - Status code Meaning 200~~299 Success status code 300~~399 Redirection status code 400~~499 The client error status code is 500~~599 Server error status code
  Status code meaning
  
  200 ~ 299 Success status code
  
  300 ~ 399 Redirection status code
  
  400 ~ 499 Client error status code
  
  500 ~ 599 Server error status code

Status code	meaning
200 ~ 299	Success status code
300 ~ 399	Redirection status code
400 ~ 499	Client error status code
500 ~ 599	Server error status code

6.6 HTTP Work Structure

Web agent
- Forward agent
- The reverse proxy
CDN
- CDN (Content Delivery Network)
- Multimedia content
The crawler
- Increase network congestion
- Depleting server resources

6.7 HTTPS Protocol Details

Sensitive information: Account password, personal information, account amount, transaction information, sensitive information…
HTTPS(Secure) is a Secure HTTP protocol
HTTP (s)://< host >:< port >/< path >, port: 443
Working mechanism
- Encryption model
  - Symmetric encryption: Use the secret key to encrypt, use the secret key to decrypt, two secret keys “consistent”
  - Asymmetric encryption: Two secret keys are “inconsistent”
    - A and B are A set of secret keys with certain mathematical relationships
    - Private key: The private key is for private use
    - Public key: Public key for public use
- The digital certificate
  - Digital certificates are certificates issued to specific objects by trusted organizations
  - Certificate format and version number
  - Certificate serial number
  - Signature algorithm
  - The period of validity
  - The name of the object
  - Object public secret key
- SSL
  - Secure Sockets Layer (SSL)
  - SSL is located between the transport layer and the application layer
  - Data security and data integrity
  - Data at the transport layer is encrypted and transmitted
- HTTPS workflow
  - TCP connection on port 443
  - SSL security parameter handshake
  - The client sends data
  - The server sends data
- SSL security parameter handshake process
  - Client: random number 1, protocol version, encryption algorithm
  - Server: determine encryption algorithm, digital certificate, random number 2
  - Client:
    - Verify that the certificate is valid
    - Generate random number 3
    - Use the server’s public key to encrypt the random number 3
  - Generate symmetric secret keys according to random numbers 1, 2, 3 and the same algorithm
  - The two parties use symmetric secret keys for encrypted communication
  - Comprehensive use of symmetric encryption, asymmetric encryption
  - The two sides generate the secret key separately, without transmission

6.8 What is the Process of Entering a Domain name and Pressing Enter

Domain name resolution
- The CLIENT generates DNS UDP packets
- Example Query the DNS IP address configured on the local host
- UDP packets are sent through the local protocol stack
- Network layer Data link layer Physical layer
- Request a top-level domain name server
Establish a connection
- TCP three-way handshake
- The SSL handshake exchanges the key
HTTP communication
- GET
Release the connection
- Four waves end the connection

7.HTTP protocol details

7.1 The Story behind browser

www.basedev.cn/
User input – Browser – Domain name query – Get IP- Send request – Web server – Send back web content – browser – Render – User
HTTP
- Hypertext Transfer Protocol (HTTP) is a communication protocol that allows hypertext Markup Language (HTML) documents to be sent from a Web server to a client’s browser
- HTTP is an object – oriented protocol belonging to the application layer. Because of its simple and fast way, it is suitable for distributed hypermedia information system. It was put forward in 1990. After several years of use and development, it has been constantly improved and expanded
Web and HTTP
- WEB is a global, dynamic and cross-platform distributed graphic information system based on hypertext and HTTP
- A web service built on the Internet for visitors on the Internet. The web provides a graphical, easy-to-access, intuitive interface for finding and browsing information, with documents and super-level links that organize information nodes on the Internet into a network of interconnected structures

7.2 The history of HTTP

The HTTP protocol was first proposed in October 1990 by TimBerners-Lee, the father of the World Wide Web
HTTP0.9 was born in 1991
HTTP1.0 was released in May 1996
HTTP1.1 was released in January 1997
HTTP2.0 was introduced in May 2015
HTTP3.0, QUIC protocol

7.3 Viewing HTTP through TCP/IP

TCP/IP protocol family
- TCP/IP protocol is a series of protocols associated with the Internet
- Layered management is an important feature of TCP/IP
The application layer
- The application layer is generally the application we write, which determines the application services provided to users. The application layer can communicate with the transport layer through system calls. For example, FTP, DNS, and HTTP.
The transport layer
- The transport layer provides the data transfer function between two computers in a network connection to the application layer through system calls.
- There are two different protocols at the transport layer :TCP and UDP.
The network layer
- The network layer is used to deal with packets, the smallest unit of data transmitted over the network, that flow over the network. This layer defines the path (transmission path) through which to reach the other computer and transmit the packet to the other computer.
The link layer.
- The link layer processes the hardware that connects to the Network, including the control operating system, hardware device driver, Network Interface Card (NIC), and optical fiber. Hardware. Are within the scope of the link layer.
Packet encapsulation

HTTP data transfer process
- When the sender sends data, the data is transmitted from the upper layer to the lower layer, and each layer is typed with the header information of the layer.
- When receiving data, the data is transferred from the lower layer to the upper layer, and the header information at the lower layer is deleted before transmission.

8. Computer network practice

8.1 Network Sniffing Tool

The implementation process
- Build the basic service framework
- Python operates on byte sequences
  - Byte order
    - 1 255 = 00000000111111
    - Big-endian byte order: the first byte is 00000000,11111111
      - Network, easy to read
    - Small endian order: high after, 11111111, 00000000
      - The host CPU is efficient in small endian byte order processing
    - It is more efficient for computer circuits to process low-order bytes first
    - Humans are used to reading and writing large endian bytes
  - Format characters
    - %s string, %d integer, %x hexadecimal, %f floating point
    - Format character C++/Python type standard size (bytes)
    - B-unsigned char/ integer 1
    - H unsigned short/ integer 2
    - L Unsigned long/ integer 4
    - S char[]/ byte string
- Implement the IP packet parser
- Implements the UDP packet parser
- Implement the TCP packet parser
Network adapter pattern
- Mixed mode
  - Accepts all data passing through the nic device
- Nonpromiscuous mode
  - Only accept data whose destination address points to itself
IP Packet Parsing
TCP Packet Parsing
UDP Packet Parsing
Zero to one implementation of HTTP server development

9. About me

A small code farmers focusing on basic knowledge, in line with the basic, system, practice, sharing of the learning concept, in self-improvement at the same time to share their own experience, continuous improvement, cycle after cycle.

Personal website basedev.cn

Github

BaseDev series only sort out the knowledge program so far, without deep understanding; He who wishes to know why must return to books and practice

Reference 10.

Heavy learning operating system | retractor education

Network programming based | necessary for class

Foundation series – Cheat sheet version of basic knowledge of computer network

directory