Hello, everyone, I am a public number: Java xiaojie to refuelling, today to share a knowledge point about the computer network — how is the network connected?

  • Don’t say a word. Just drive

The browser generates a message and sends it

  • The overall flow of sending a message is as follows

Generate an HTTP request message

For chestnut, when we are in the browser type https://www.jdl.cn/img/service.843585b7.png web address

  • The browser first parses the URL
    • HTTPS: indicates the mechanism (protocol) for accessing the data source
    • www.jdl.cn: indicates the web server name
    • Img: indicates the directory name
    • Service.843585b7.png: represents the file name and then generates the HTTP message, which looks something like this

What exactly are these fields for reference in this articleFive thousand words, yes, we do have an HTTP.

DNS domain names are resolved to IP addresses

Once the browser generates this HTTP message, where does it send it? Of course is the server, so we have to resolve this domain name corresponding to which server, what is the IP address, because the IP address is not easy to remember, so we have the corresponding domain name, for our human memory.

  1. The browser checks the cache for an IP address corresponding to the domain name
  2. The operating system checks the cache (the hosts file)
  3. The operating system sends a request to the DNS server in the local area to help parse the query received by the DNS server from the client, including the following three contents
  • Domain name: server, the name of the mail server
  • Class: When DNS was first designed, the use of DNS on networks other than the Internet was also considered. Class was designed to identify network information, but today there is no other network except the Internet, so the value of Class will always represent the IN of the Internet
  • Record type:Indicates the record type of the domain name
    • A A domain name directly corresponds to an IP address
    • For CNAME, this domain name corresponds to another domain name
    • MX indicates that the domain name corresponds to the mail server. The response data varies according to the record type

Hierarchy of domain names

  • The further to the right, the higher the level, from right to left: for example, www.jdl.cn is cn-> JDL -> WWW
  • Domain name information in this hierarchy is registered with the DNS server, and each domain is processed as a whole. The interaction process between the client and the DNS server is as follows
  • The IP address of the upper-layer DNS server must be registered with the IP address of the lower-layer DNS server, and then the IP address of the upper-layer DNS server must be registered with the UPPER-layer DNS server
  • The DNS server information of the root domain is saved to all DNS servers on the Internet, so that all DNS servers will find the root domain, and then search level by level until they find the desired domain name
  • Only 13 IP addresses are allocated to the root domain. They are the IP addresses corresponding to the top-level domain names (such as com and CN)The interaction looks like this

However, a single server can’t store this much, so the DNS server usually tries to find the IP address, as shown in the figure below


The root DNS server returns the IP address of the DNS server in the CN domain. Then, the root DNS server returns the IP address of the DNS server in the CN domain that it manages. The nearest DNS server goes back to the com domain, and so on, eventually finding the IP address of www.jdl.cn

Delegate the protocol stack to send messages

Once you know the IP address, you can delegate the protocol stack inside the operating system to send messages to that destination IP address

  • The internal structure of the protocol stack

  • Common applications such as browsers and mail use TCP to send and receive data
  • Use UDP to send and receive short control data, such as DNS query

The network layer


  • OSI seven layer model

Reference Model for Open Systems Intercommunication The Open System Interconnection Reference Model (OSI), a conceptual Model developed by the International Organization for Standardization (ISO) as a standard framework for attempting to network computers around the world. Defined in ISO/IEC 7498-1.

  • TCP/IP quad model
    • Application layer: HTTP, DNS, and FTP
    • Transport layer: TCP and UDP
    • Network layer: IP
    • Network interface layer

Transmission Control Protocol/Internet Protocol (TCP/IP) is more than just TCP and IP. It is a protocol cluster consisting of FTP, SMTP, TCP, UDP, and IP. It is called TCP/IP because TCP and IP are the most representative among TCP/IP protocols

The client server delivers the data flow


  • A packet needs to be processed at each level from the client to the server
  • The client side needs to continuously add headers to packets
  • The server side needs to constantly split the packet

Three-way handshake

When two computers want to transfer data, they must first connect through the TCP triple handshake. We usually say that the TCP connection requires a triple handshake


  • When the client wants to send, the server is actively opened from the Closed state and has been in the listening state since the server is started
  • The client sends SYN = 1 and SEq = X to the server, and the client is in SYN_SEND state.
  • The server sends SYN =1, ACK =1, SEq = Y,ACK = x+1 to the client. The server is in the SYN_RCVD state
  • Upon receipt, the client sends ACK =1, SEq = X +1, ACK = Y +1 to the server, in the estab-lished state
  • The state of the server changed to Estab-lished
  • After the three-way handshake passes, the client and server can pass packets to each other
  • We’re talking about SYN, ACK, SEQ, ACK. What’s that? These are actually properties in TCP packets, which we’ll look at further down (explained in transport layer)

The application layer

HTTP packet splitting


  • Generally HTTP request messages are not long enough to fit in a network packet
  • If the data in the send buffer exceeds the MSS length, it is split into separate network packets by MSS length
  • Maximum Transmission Unit (MTU) : Indicates the Maximum length of a network packet. On an Ethernet, the Maximum length is 1500 bytes
  • MSS (Maximum Segment Size) : indicates the Maximum length of TCP data in a network packet, excluding the header

The transport layer

  • And then the TCP header is added to the network packet at the application layer

TCP Packet Format


  • Source port number (16 bits) : indicates the port number for sending network packets
  • Destination port number (16 bits) : indicates the port number of the receiving side of the network packet
  • Serial number (sequential number of data to be sent) (32 bits) : The number of bytes in which the sender informs the receiver that all data has been received
  • Acknowledgement sequence number (sequential number of received data) (32 bits) : The receiver informs the sender of the number of bytes in which the receiver has received all data
  • Header length (4 bits) : Indicates the starting part of the data and the offset of the data
  • Reserved (6 bits) : This field is reserved and not currently in use
  • Control bit (6 bits) :Each bit in this field represents the following communication control meanings
    • URG: indicates that the emergency pointer field is valid
    • ACK: Indicates that the serial number field of received data is valid. Generally, it indicates that the data has been received by the recipient
    • PSH: indicates the data sent by flush
    • RST: Forced disconnection, used in the case of abnormal disconnection
    • SYN: The sender and receiver confirm the sequence number, indicating a connection operation
    • FIN: Disconnect operation
  • Window size (16 bits) : The receiver informs the sender of the window size (i.e. data that can be sent together without waiting for confirmation)
  • Checksum (16 bits) : Used to check for errors
  • Emergency pointer (16 bits) : Indicates the location of data for emergency processing
  • Optional fields (variable length) : In addition to the fixed header fields above, optional fields can be added, but they are rarely used except for join operations

Remember the various serial numbers mentioned in the three handshakes, the attributes in this message

The network layer

  • And then this network packet up here plus the IP header

IP Packet Format


  • Version (4 bits) : INDICATES the IP protocol version. The current version is 4
  • Header length (4 bits) : Specifies the length of the IP header. The optional field can cause the header length to change
  • Service Type (TOS) (8 bits) : Indicates the priority of packet transmission. The definition of this parameter was vague in the original protocol specification, but the DIFFServ rule has recently redefined its use
  • Total length (16 bits) : Indicates the total length of IP messages
  • ID number (16 bits) : Serial number used to identify packets. If a packet is fragmented by IP, all fragments have the same ID
  • Flag (3 bits) : This field has three bits, two of which are valid, indicating whether fragments are allowed and whether the current fragment is a fragment packet
  • Fragment offset (13 bits) : Indicates the number of bytes from which the current packet content starts in the entire IP message
  • TTL (8 bits) : Indicates the TTL of a packet. This is to prevent a packet from going around the network forever when a network loopback occurs. Each time it passes through a router, this value is reduced by one, and the packet that goes down to zero is hi and that packet is discarded
  • Protocol Number (8 bits) :Protocol number Indicates the protocol type (the following are hexadecimal numbers).
    • TCP: 06
    • UDP: 17
    • ICMP: 01
  • Header checksum (16 bits) : used to check for errors and is no longer in use
  • Sender IP address (32 bits) : IP address of the network packet sender
  • Receiver IP address (32 bits) : IP address of the network packet receiver
  • Optional fields (variable length) : In addition to the fixed header fields above, optional fields can be added, but they are rarely used except for join operations
  • And then the network packet plus the MAC header

MAC packets


  • Receiver MAC Address (48 bits) : Indicates the MAC address of the packet receiver. This address is used to transmit network packets on the LAN
  • Sender MAC Address (48 bits) : The MAC address of the network packet sender. The receiver uses this MAC address to determine who sent the network packet
  • Ethernet type (16 bits) :Protocol type used. The following are some common types, generally 0800 and 0806 are used for TCP/IP communication.
    • The 0000-05 dc: IEEE 802.3
    • 0800: IP protocol
    • 0806: INDICATES ARP
    • 86DD : IPV6

MAC address VS IP address

  • The IP header is preceded by the MAC header
  • Why do YOU need MAC packets? Because in the Ethernet world, the TCP/IP idea just doesn’t work.
  • The Ethernet determines the destination of network packets in a different way than TCP/IP does. Therefore, packets must be sent to the destination in a matching way, which is what MAC addresses do
  • Sender MAC address: The MAC address is written into the ROM during nic production. You only need to read this value and write it into the MA header

The MAC address of the sender is relatively easy to obtain, but the MAC address of the receiver is not

ARP broadcast

  • ARP :Addresss Resolution Protocal Address Resolution protocol
  • ARP broadcast is used to query the MAC address of the receiver based on the IP address
  • In the same subnet, use broadcast to ask all devices whose IP address is XXX. If other devices find that their IP address is XXX, they will tell the questioner their MAC address. In this way, the receiver’s MAC address will be detected. Then the message is discarded and ignored.
  • If we broadcast every time, there will be a lot of ARP packets in the network, so to improve efficiency, we have ARP cache in memory. The ARP cache is queried before the query.
  • When the DESTINATION IP address corresponds to a MAC address that changes, the MAC cache will have a problem. To avoid this problem, the cache will be deleted after a few minutes.
    • Static ARP: manually maintained and does not automatically become invalid
    • Dynamic ARP: Automatically expires after a period of time
  • The IP module is responsible for adding the following two headers:
    • MAC header: Ethernet header, including the MAC address
    • IP header: The header used for the IP address, including the IP address

Aggregate packet

At this point the packet looks like this

  • Maximum Transmission Unit (MTU) : Indicates the Maximum length of a network packet. On an Ethernet, the Maximum length is 1500 bytes

  • MSS (Maximum Segment Size) : indicates the Maximum length of TCP data in a network packet, excluding the header

  • The packet then travels along the network card, to the hub, the router, to the server, where it is skinned layer by layer.

disconnect

Four times to wave

When the two computers are finally connected, disconnect and wave four times

Three handshakes, four waves there’s so much more to it, like why does it take three handshakes and four waves, but I’ll talk to you about that separately, so watch