View: 🌟🌟🌟🌟🌟

"Taste: Chopped fish head with pepper"

"Cooking time: 20min"





This article has been featured on Github github.com/Geekhyt, thanks to Star.

In her yellowish dress and shaggy hair, I sensed that the woman sitting in front of me was on to something. My introduction became emotional. Skr~~~ during this period, little sister looked at my resume without changing color. But it doesn’t matter. It doesn’t matter.

It’s still our original plan to get the interviewer into our area of expertise.

What do you think you are good at?

HTTP protocol, I know a little bit about it.

0. How do you describe the layered OSI network model?

Application layer, presentation layer, session layer, transmission layer, network layer, data link layer, and physical layer

Application Layer, Presentation Layer, Session Layer, Transport Layer, Network Layer, Data Link Layer, physical Layer

1. How is the LAYERED TCP/IP network model?

Application layer, transport layer, Internet layer, link layer

Application Layer, Transport Layer, Internet Layer, Link Layer

2. Are TCP and UDP different?

TCP and UDP are both transport-layer protocols, but they have very different genes.

TCP:

  • connection-oriented
  • Word oriented stream
  • A stateful
  • Ensure reliable delivery
  • Congestion control is available
  • Point-to-point transmission
  • The orderly

UDP:

  • There is no connection
  • Datagram oriented
  • stateless
  • Reliable delivery is not guaranteed
  • There is no congestion control
  • Broadcast, multicast
  • A disorderly

3.TCP three-way handshake and four-way wave

Three-way handshake

  • 1. The client initiates the SYN

  • 2. The server receives and returns a SYN from the ACK client

  • 3. After receiving the SYN and ACK from the server, the client sends the ACK to the server. After receiving the ACK, the server establishes a connection

  • Client -> SYN -> Server

  • Server -> SYN/ACK -> Client

  • Client -> ACK -> Server

Four times to wave

  • 1. The client sends the FIN to the server

  • 2. The server sends an ACK to the client

  • 3. The server sends the FIN to the client

  • 4. After receiving the ACK, the client sends the ACK to the server. The server shuts down and the client shuts down after 2MSL

  • Client -> FIN -> Server

  • Server -> ACK -> Client

  • Server -> FIN -> Client

  • Client -> ACK -> Server -> CLOSED

  • Client -> 2MSL time -> CLOSED

4. What is HTTP protocol?

(Small white answer version)

HTTP is HyperText Transfer Protocol.

On the blackboard!

(Luo Jianfeng’s perfect answer)

HTTP is a convention and specification for the transfer of hypertext data, such as text, pictures, audio, and video, between two points in the computer world.

(Interviewer: Good point.)

5. What HTTP request methods do you know?

  • GET Obtain resources(power, etc.)
  • POST New resources
  • HEAD Obtains the HEAD metadata(power, etc.)
  • PUT Updates resources(Idempotent with conditions)
  • DELETE DELETE a resource(power, etc.)
  • CONNECT Establishing a Tunnel
  • OPTIONS Gets the methods supported by the server to access resources(power, etc.)
  • The request received by the server can be traced to locate faults.(Security risk)

6. What are the differences between HTTP/0.9, HTTP/1.0, HTTP/1.1, HTTP/2, and HTTP/3?

Please move on to my other column

7. Tell me what you know about HTTPS

HTTPS is the SSL/TLS protocol between HTTP and TCP.

Combined with the respective advantages of asymmetric encryption and symmetric encryption, with the certificate. It ensures both security and transmission efficiency.

At present, TLS1.2 is the most widely used, and the implementation principle is as follows:

  • 1. The Client is sentRandom1 + list of symmetric encryption suites + list of asymmetric encryption suites
  • 2. The Server receives the message and selectsSymmetric encryption suite + asymmetric encryption suite with Random2 + certificate (public key in certificate)Back together
  • 3. The Client verifies the validity of the certificate and uses itRandom1 +random2 generate pre-master through server public key encryption + browser confirmationSent to the Server
  • 4. The Server receivespre-master, according to the convention encryption algorithm pairRandom1 +random2+pre-master generates master-secretThen send the server for confirmation
  • 5. The Client receives the same messagemaster-secertThe symmetric encryption key is transferred

TLS1.3 simplifies the handshake process and requires only one message to complete the handshake, improving performance. Not only that, but also some of the insecure encryption algorithms were cut.

8. The encryption algorithm you mean by convention should be the ECDHE ellipse algorithm, right? HTTP transmission messages are plaintext, hackers can act as a middleman to hijack the message, using the ECDHE algorithm, so not the key * solution?

ECDHE algorithm uses elliptic curve and discrete logarithm and other ideas, according to the current computer computing power, it is difficult to solve * in a short time. Each handshake generates a temporary pair of public and private keys, ensuring that each key pair is different.

Even if the key is solved with great effort, previous history messages are not affected, ensuring forward security.

Of course, the security of TLS protocol is limited by the current fastest computer speed, theoretically absolutely safe is the quantum communication key transfer.

(Interviewer: The guy has something.)

(Basic operation, not 6)

9. What do you understand about DNS?

The Domain Name System (DNS) is an important infrastructure on the Internet. It is responsible for resolving Domain names. To ensure high availability, high concurrency, and high distribution, it is designed as a tree-like hierarchy.

It consists of the root DNS server, top-level DOMAIN DNS server, and authoritative DNS server.

Search the browser cache, operating system cache, and local DNS cache (/etc/hosts) level by level, and then search the local DNS server, root DNS, top-level DNS, and authoritative DNS recursively.

You can also perform load balancing between Intranet and extranet based on domain names.

However, the traditional DNS has many problems (slow resolution, update is not timely), HTTPDNS through the client SDK and server coordination, directly through the HTTP call resolution DNS way, can bypass the traditional DNS these shortcomings, to achieve intelligent scheduling.

(Interviewer: The young man understands very well.)

10. What is your understanding of CDN?

Content Delivery Network (CDN) is a Content Delivery Network.

In order to break through physical limitations such as the speed of light and transmission distance in real life, CDN has invested a lot of money to establish computer rooms in major hub cities around the world, deploy a large number of nodes with high storage and high bandwidth, and build special high-speed transmission networks across operators and regions.

It is divided into central nodes, regional nodes and edge nodes. After users access the network, GSLB algorithm (Global Sever Load Balance) is used for scheduling to find the most suitable node from users. The cache is then cached through HTTP cache proxy technology. If the cache hits, it is returned to the user. Otherwise, it is returned to the source. CDN is good at caching static resources (images, audio, etc.), but also supports caching dynamic content.

11. What is your understanding of WebSocket?

WebSocket is a lightweight network communication protocol based on TCP. Like HTTP/2, both were created to address some of HTTP’s shortcomings. The solution is slightly different, however, with HTTP/2 targeting “queue head blocking” and WebSocket targeting “request-reply” communication.

We know that “request-reply” is a half-duplex communication mode without server push capability. This limits HTTP’s use in real-time communications. Polling can be used to continuously send HTTP requests to the server, but the disadvantage is also very large, repeated invalid requests take up a lot of bandwidth and CPU resources. So, WebSocket came into being.

WebSocket is a full-duplex communication protocol with the capability of active push by the server. Essentially, TCP is wrapped so that it can run in a browser environment.

As those of you who have read this column know, this protocol is used in the Webpack hot update. Of course, WebSocket is also used in instant messaging, games and visual large-screen displays.

(Too many details about Websockets are not covered here, but will be covered in a later column, if you are interested, you can learn on your own.)

12. Do you know HTTP cache policy?

Strong cache

The server uses cache-control to set the Cache policy. Max-age is commonly used to indicate the validity period of resources.

(In this case, the time calculation start point of max-age is the creation time of the response packet, not the time when the client receives the packet.)

(Browsers can also send cache-control fields and use max-age=0 or no-cache to refresh data.)

If you want more precise Control over the Cache policy, you can also use other attributes of cache-control:

  • No-store: cache is not allowed (for scenarios with very high frequency of change, such as seckill pages)
  • No-cache: it can be cached. Before using it, the server must check whether it is expired and the latest version
  • Must-revalidate: If the cache does not expire, it can continue to be used. If the cache expires, it must be verified by the server

Negotiate the cache

A conditional request is used to verify that a resource is invalid. If-modified-since and if-none-match are commonly used. If 304 status code is received, the resource in the cache can be reused.

(if-none-match has a higher priority than if-modified-since)

There are two conditions for verifying whether a resource is modified: Last-Modified and ETag (ETag is more accurate than last-Modified), which need to be set in the response packet of the server in advance and used together with the condition request.

13. How does HTTP negotiate content?

Content negotiation is the idea that each URI can refer to anything and can be expressed in many different ways. For documents, there can be different languages, different media formats, and different compression encodings for different browsers.

  • Active content negotiation
    • The client proposes the required representation in the request header, and the server makes a specific representation based on it
  • Reactive content negotiation
    • The server returns either 300 or 406, with the client choosing a representation

Negotiation elements

  • Quality factor Q: quality of content, priority of acceptable types
  • The MIME type of the media resource
  • Character encoding (UTF-8)
  • Content Encoding (Accept-Encoding:gzip, Deflate, BR)
  • Accept-language: zh-cn,zh; Q = 0.9, en – US; Q = 0.8, en. Q = 0.7)
  • Internationalization and Localization (I18N, L10N)

14. Talk about HTTP redirection

A redirect is a server-initiated jump that requires the client to resend the request using a new URI. The RESPONSE header field Location indicates the URI to jump to. The Refresh field also allows for delayed redirection.

301/302 is a commonly used redirection status code. They represent permanent and temporary redirects.

Among other things:

  • 303: Similar to 302, redirected request method changed toGETmethods
  • 307: similar to 302 and more explicit than 302, the method and entity requested after redirection is not allowed to change
  • 308: similar to 301, represents a permanent redirect, after which the requested method and entity are not allowed to change
  • 300: is a special redirection status code that returns a page with multiple link options, selected by the user
  • 304: indicates a special redirection status code. After the server verifies that the expired cache is valid, the client is required to use the cache

15. What header fields do you know are commonly used in HTTP?

(Some have been mentioned above, but here are just a few commonly used ones)

(Starts to name the dish)

Generic header field

  • Cache-ControlControl the cache
  • ConnectionConnection management
  • Transfor-EncodingTransmission code format of the packet body
  • DateTime when a packet is created
  • UpgradeUpgrade to another protocol

Request header field

  • HostThe server on which the requested resource resides (the only field required by the HTTP/1.1 specification)
  • AcceptThe type of media that a client or agent can handle
  • If-MatchCompare Entity Tag (ETag)
  • If-None-MatchCompare entity tags (ETag), as opposed to if-match
  • If-Modified-SinceCompare resource update times (last-Modified)
  • If-Unmodified-SinceCompares the resource update time last-modified, as opposed to if-modified-since
  • RangeByte range request for the entity
  • User-AgentClient Information

Response header field

  • Accept-RangesAcceptable range of bytes
  • LocationUris for command client redirection
  • ETagA string that can represent a resource unique to a resource
  • ServerServer information

Entity head field

  • AllowResources can support HTTP request methods
  • Last-ModifiedTime when the resource was last modified
  • ExpiresEntity body expiration time
  • Content-LanguageEntity Resource Language
  • Content-EncodingEntity encoding format
  • Content-LengthPhysical size
  • Content-TypePhysical media types

16. What HTTP status codes do you know?

(Some have been mentioned above, but here are just a few commonly used ones)

(Starts to name the dish)

1xx

  • 1xx: The request has been received and requires further processing to complete, not supported by HTTP/1.0
  • 100 Continue: Used before uploading large files
  • 101 Switch Protocols: used for protocol upgrade
  • 102 Processing: The server has received and is processing the request, but no response is available

2xx

  • 2xx: The request was successfully processed
  • 200 OK: Returns a successful response
  • 201 Created: A new resource is successfully created on the server
  • 202 Accepted: The server accepts and begins processing the request, but the request is incomplete
  • 206 Partial Content: Response code that returns part of the response when the range protocol is used

3xx

Please refer to the redirection section above, which will not be covered here.

4xx

  • 4xx: An error occurs on the client
  • 400 Bad Request: The server thinks that an error occurs on the client, but it is not clear. Usually, the format of the HTTP request is incorrect
  • 401 Unauthorized: The user authentication information is correct or incorrect
  • 403 Forbidden: The server understands the request, but does not have permission to execute it
  • 407 Proxy Authentication Required: The authentication information of the request that needs to be authenticated by the proxy server fails to be authenticated by the proxy server
  • 404 Not Found: The server did not find the corresponding resource
  • 408 Request Timeout: The server has timed out receiving requests

5xx

  • 5xx: An error occurs on the server
  • 500 Internal Server Error: Indicates an internal error of the server and does not belong to the following error types
  • 502 Bad Gateway: The proxy server failed to obtain a valid response
  • 503 Service Unavailable: Server resources are not ready to handle the current request
  • 505 HTTP Version Not Supported: The HTTP version used in the request is not supported

Sister picked up the cold yoo-bobo milk tea from the table and took a sip.

(Spirit boy)

reference

  • Perspective HTTP protocol (Luo Jianfeng)
  • An Interesting Discussion on Network Protocol (Liu Chao)
  • Web Protocol details and packet capture combat (Tao Hui)

❤️ Love triple punch

1. Please give me a “like” when you see this. Your “like” is the motivation for my creation.

2. Pay attention to the front canteen of the public account, “your front canteen, remember to eat on time”!

3. This article has been included in the front canteen Github github.com/Geekhyt, for a small Star, thanks to Star.