Internet Interview

The difference between Session and cookie

Session Stores user information on the server. The Session works by creating a unique ID (UID) for each visitor and storing variables based on that UID. Cookies are small pieces of text that the server stores on the local machine and sends to the same server with each request. The Web server sends cookies to the client using an HTTP header. At the client’s end, the browser parses these cookies and saves them as a local file, which automatically adds them to the request that meets the requirements. The function of cookies is to solve the HTTP protocol stateless defects. The difference between

type Session Cookie
security The security of Session data can be effectively protected on the storage server Cookies are stored in the customer service and are visible to users. Sensitive information is encrypted
Valid time Seesion is disabled when the browser is closed because PHPSESSID is not set to expire Set the expiration time to the specified expiration time. If the expiration time is not set, the expiration time becomes invalid
Server pressure Consumes a lot of server memory Storage in the customer side has no pressure on the server

HTTP Packet Format

HTTP packets are text-oriented. Each field in an HTTP packet is an ASCII code string, and the length of each field is uncertain. HTTP has two types of packets: request packets and response packets.

HTTP request packet

An HTTP request packet consists of four parts: request line, header, blank line, and request data. The following figure shows the general format of a request packet.

HTTP response packet An HTTP response consists of the status line, message header, blank line, and response body.

* underway URL to: www.baidu.com/ * Trying 110.242.68.3... * TCP_NODELAY set * Connected to www.baidu.com (110.242.68.3) port 80 (#0) > GET/HTTP/1.1 > Host: www.baidu.com > user-agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK < accept-ranges: bytes < cache-control: private, no-cache, no-store, proxy-revalidate, no-transform < Connection: keep-alive < Content-Length: 2381 < Content-Type: text/html < Date: Sun, 28 Feb 2021 13:56:48 GMT < Etag: "588604c1-94d" < Last-Modified: Mon, 23 Jan 2017 13:27:29 GMT < Pragma: no-cache < Server: BFE /1.0.8.18 < set-cookie: BDORZ=27315; max-age=86400; domain=.baidu.com; path=/ < <! DOCTYPE html> <! --STATUS OK--><html> <head><meta http-equiv=content-type content=text/html; charset=utf-8><meta http-equiv=X-UA-Compatible content=IE=Edge><meta content=always name=referrer><link rel=stylesheet Type = "text/CSS href=http://s1.bdstatic.com/r/www/cache/bdorz/baidu.min.css > < title > baidu once, </title></head> <body link=#0000cc> <div id=wrapper> <div id=head> <div class=head_wrapper> <div class=s_form> <div class=s_form_wrapper> <div id=lg> <img hidefocus=true src=//www.baidu.com/img/bd_logo1.png width=270 height=129> </div> <form id=form name=f action=//www.baidu.com/s class=fm> <input type=hidden name=bdorz_come value=1> <input type=hidden name=ie value=utf-8> <input type=hidden name=f value=8> <input type=hidden name=rsv_bp value=1> <input type=hidden name=rsv_idx value=1> <input type=hidden name=tn value=baidu><span class="bg s_ipt_wr"><input id=kw name=wd class=s_ipt Value maxlength=255 autocomplete=off autofocus></span><span class="bg s_btn_wr">< form type=submit ID =su value= class="bg s_btn"></span> </form> </div> </div> <div id=u1> <a href=http://news.baidu.com name=tj_trnews Class =mnav> news </a> <a href=http://www.hao123.com name=tj_trhao123 class=mnav>hao123</a> <a href=http://map.baidu.com Name =tj_trmap class=mnav> map </a> <a href=http://v.baidu.com name=tj_trvideo class=mnav> Video </a> <a Href =http://tieba.baidu.com name=tj_trtieba class=mnav> </a> <noscript> <a href=http://www.baidu.com/bdorz/login.gif?login&amp; tpl=mn&amp; U = HTTP %3A%2F%2Fwww.baidu.com% 2F% 3fbdorz_come%3d1 Name =tj_login class=lb> login </a> </noscript> <script>document.write('<a href="http://www.baidu.com/bdorz/login.gif?login&tpl=mn&u='+ encodeURIComponent(window.location.href+ (window. The location. The search = = = ""??" ":" & ") + "bdorz_come = 1") + 'tj_login "name =" "class =" lb "> login < / a >'); </script> <a href=//www.baidu.com/more/ name=tj_briicon class=bri style="display: block;" </a> </div> </div> <div id=ftCon> <div id=ftConw> <p id=lh> <a href=http://home.baidu.com href=http://ir.baidu.com>About Baidu</a> </p> <p id=cp>&copy; 2017&nbsp; Baidu&nbsp; < a href=http://www.baidu.com/duty/ > before using baidu required < / a > & have spent <a href=http://jianyi.baidu.com/ class=cp-feedback> </a>&nbsp; Beijing ICP Certificate 030173 & NBSP; <img src=//www.baidu.com/img/gs.gif> </p> </div> </div> </div> </body> </html>Copy the code

Whether keep-alive is used and explain its function

The basic characteristic of HTTP protocol is “once and for all “. The client initiates a TCP connection, sends an HTTP Request on the connection to the server, the server returns an HTTP Response, and the connection is closed. For each request, a connection is opened, the request is completed, and the connection is closed. Establishing and closing the connection is a time-consuming operation that can cause performance problems. HTTP1.0 designed a keep-alive mechanism to implement TCP reuse. Implementation: Add Connection: keep-alive to HTTP request header

TCP three handshakes/four waves

TCP connection three-way handshake

  • First handshake: The client sends a connection request packet segment with the SYN flag bit set to 1 and sequence number seq= X. Then, the client enters the SYN_SEND state and waits for confirmation from the server.
  • Second handshake: After receiving the packet from the client, the server finds SYN=1 and knows that the packet is a connection request. The server needs to confirm the SYN segment received from the client. Set the ACK Number to X +1(Sequence Number+1). Set the SYN position to 1 and sequence number to seq=y. The server puts all the above information into a packet segment (namely, the SYN+ACK packet segment) and sends it to the client. At this time, the server enters the SYN_RCVD state.
  • Third handshake: The client receives a SYN+ACK packet from the server. Then set the ack number to Y +1 and send an ACK packet to the server. After the ACK packet is sent, both the client and server enter the ESTABLISHED state to complete the TCP three-way handshake.

Once the three-way handshake is complete, the client and server can begin transferring data. So that’s the overview of the TCP three-way handshake.

TCP disconnects four times and waves

  • First wave: After all data on host 1 is transmitted, host 1 sends a connection release packet to host 2. The FIN flag in the packet is FIN=1 and SEq = X. Host 1 cannot send data but can receive data after sending FIN packets. Host 1 enters the FIN_WAIT_1 state
  • Second wave: After receiving the FIN packet from host 1, host 2 sends a reply packet containing the ACK flag bit ACK=1, ACK id ACK= X +1, and sequence number SEQ = Y. At this point, host 2 enters the CLOSE_WAIT state, host 1 enters the FIN_WAIT_2 state, and host 2 May remain in this state for some time because there are still data to be sent.
  • Third wave: After data is sent, host 2 sends a FIN packet to host 1 to close the connection, and host 2 enters the LAST_ACK state
  • For the fourth time, host 1 receives the FIN packet from host 2 and sends an ACK packet to host 2. Then host 1 enters the TIME_WAIT state. Host 2 closes the connection after receiving the ACK packet from host 1. If host 1 still does not receive a reply after waiting for 2MSL, then the Server is shut down and host 1 can also close the connection.

TCP 的 TIME_WAIT

The party that invokes close() first to initiate active closing enters the time_wait state after receiving the last FIN packet, which means that the sender will remain in the initial state for 2MSL. MSL value is the maximum lifetime of a packet in the network. The result is that the TCP connection cannot be used by the quad that defines the connection while the 2MSL connection waits.

Why TIME_WAIT

  1. To achieve reliable release of TCP full-duplex connections

If the client does not wait long enough to re-establish a TCP connection with the server before receiving an ACK message, the following problems may occur: – The server does not receive an ACK message, so it still considers the connection valid. When a client resends a SYN message to request a handshake, it receives an RST message from the server, and the connection is terminated. 2. To ensure that old data packets expire on the network, the data segment of the new TCP connection does not duplicate the data segment of the historical connection that is still transmitted on the network

Why are TCP connections made 3 times? Can’t you do it twice

The problem of packet loss during connection needs to be considered. If the handshake is done twice, if the segment of the confirmation packet sent by the server to the client is lost during the second handshake, the server has prepared the data (it can be understood that the server has been successfully connected), but the client has not received the confirmation packet from the server. Therefore, the client does not know whether the server is ready or not. In this case, the client does not send data to the server and ignores the data sent by the server. For example, if the ack packet sent by the client for the third handshake is lost and the server does not receive the ACK packet for a period of time, the server resends the SYN packet segment. After receiving the retransmitted packet segment, the client sends an ACK packet to the server.

Why are TCP connections made 3 times and closed 4 times?

This is because TCP can only be disconnected when neither the client nor the server has data to send. When the client sends FIN packets, the client can only ensure that no data is sent. It is unknown whether the server sends data to the client. While the service side only after receipt of the client a FIN message to reply a confirmation message to the client first told me the client service side FIN of your message has been received, but I still have some data server didn’t send out, such as the data is sent over the server to send the client FIN packet (so cannot one-time to send confirmation message and FIN a message to the client, This is the extra one).

Why does the client wait 2MSL to release the TCP connection after sending the fourth wave acknowledgement packet?

Packet loss is also considered here. If the fourth wave packet is lost, the server will resend the third wave packet without receiving the ack packet. In this way, the longest time for the packet to go back is 2MSL, so it takes such a long time to confirm that the server has received the packet.

What does a web page do in the time between entering the address and entering it and displaying the full content of the page

  1. Parse url to get protocol, domain name, resource path
  2. Resolve IP addresses corresponding to domain names through local hosts, cache, and domain name servers
  3. The browser sends a TCP connection request packet
  4. The request packet reaches the router through the transmission layer, network layer and data link layer.
  5. The router forwards data packets to the carrier server.
  6. The carrier server reaches the specified IP address through the relay node through the addressing shortest path.
  7. Reverse proxy or load balancing may exist on the server to directly forward requests to the upstream server. You can also make security defense rules to directly discard request packets.
  8. After receiving the connection request, the upstream server sends a reply packet to approve the connection.
  9. The browser verifies the ACK and sends a reply packet again. The TCP connection is established. Procedure The packet is then transmitted on request
  10. Four waves, connection closed
  11. Render data complete