Public account: “Learning god is coming”

OSI seven layer reference model, TCP/IP four layer reference model

OSI seven-layer model: The OSI (Open System Interconnection) is a standard System developed by the International Organization for Standardization (ISO) for Interconnection between computers and communication systems.

TCP/IP Four-tier model: THE TCP/IP reference model is the reference model for computer networking’s grandfather, ARPANET, and its successor, Internet use.

Layered function: convenient management Advantages of seven-layer model: [CCNA]

1. Divide the complex network into more manageable layers (divide the whole large and complex problem into manageable sub-problems)

2. No manufacturer can provide a complete set of solutions and all equipment and protocols.

3, independently complete their respective tasks, do not affect each other, the division of labor is clear, the upper layer does not care about the specific details of the lower layer, stratification is also beneficial to the network

Functions and representative devices

The layer name function works on devices in that layer7Application layer provides user interface QQ, IE. The application6Presentation layer represents data, encryption and other processing QQ, IE. The application5The session layer separates data from different applications QQ, IE. The application4The transport layer provides reliable or unreliable transport and performs error correction before retransmission3The network layer provides logical addresses that routers use to select paths2The data link layer divides packets into bytes and combines bytes into frames. It uses MAC addresses to provide media access and performs error detection but does not correct errors on Layer 2 switches and network cards1The physical layer transfers bits between devices, specifying levels, cable speeds, and cable pin hubsCopy the code

Why is the TCP/IP four-layer model used in modern network communication rather than the OSI seven-layer model?

OSI seven-layer model is a theoretical model, generally used for theoretical research, his layered some redundancy, practical application, choose TCP/IP four-layer model. And the OSI itself has its flaws. Most people think that the number of layers and content of the OSI model is probably the best choice, but it’s not. The session and presentation layers are almost empty, while the data link and network layers contain too much content, with too many sub-layers inserted, each with a different function.

Common network-related protocols

Address Resolution Protocol (ARP) : resolves IP addresses into MAC addresses

Address Resolution Protocol (ARP) is a Protocol for obtaining physical addresses based on IP addresses.

The host broadcasts the ARP request containing the target IP address to all hosts on the network and receives the return message to determine the physical address of the target.

After receiving the return message, the IP address and physical address are stored in the LOCAL ARP cache for a period of time. In the next request, the IP address and physical address are queried in the ARP cache to save resources.

The IP address resolution protocol is based on the mutual trust between hosts on the network. A host on the network can send AN ARP reply message automatically. When receiving the reply packet, other hosts record it in the LOCAL ARP cache without detecting its authenticity.

In this way, an attacker can send a pseudo ARP reply packet to a host, so that the message cannot reach the expected host or the wrong host, which constitutes an ARP spoofing (the working principle of network enforcement software is ARP spoofing).

DNS: domain name resolution protocol www.baidu.com
SNMP(Simple Network Management Protocol)Simple Network Management protocolDHCP(Dynamic Host Configuration Protocol)Dynamic host configuration protocol, which is a protocol that enables the guest machine to obtain configuration information over a TCP/IP networkFTP(File Transfer Protocol)File Transfer Protocol, which is a standard protocol, is the simplest way to exchange files between computers and networks.HTTP(Hypertext Transfer Protocol ): Hypertext transfer protocolHTTPS(Secure Hypertext Transfer Protocol): secure hypertext transfer protocol, developed by Netscape and built into its browser for compression and decompression of data.ICMP(Internet Control Message Protocol)Ping IP Defines the types of messages: TTL timeout, address request and reply, information request and reply, and destination unreachableSMTP(Simple Mail Transfer Protocol)TELNET Protocol: indicates the virtual terminal ProtocolTFTP(Trivial File Transfer Protocol): small file transfer protocolUDP(User Datagram Protocol)Transmission Control Protocol (TCP) is a connection-oriented, reliable, and transport-layer Protocol based on byte streamslog2. To enable a protocol:tcp(Three handshakes and four waves)
Copy the code

TCP and UPD: The difference between TCP and UDP

(1) TCP: THE Transmission Control Protocol (TCP) is a connection-oriented Protocol. Before sending or receiving data, a reliable connection must be established with the peer party.

(2) UDP Protocol: UDP is short for User Datagram Protocol. It is a connectionless transport layer Protocol that provides transaction-oriented simple and unreliable information transmission service

Summary: The differences between TCP and UDP:

1. Connection-based and connectionless;

2. Requirements on system resources (more TCP and less UDP);

3.UDP program structure is simple; The header of a UDP packet is short, only 8 bytes, and the overhead is small compared to the 20 bytes of a TCP packet. So the transmission speed can be faster

4.TCP ensures data correctness, while UDP may lose packets. TCP guarantees data order, UDP does not

Scenario: Udp is used for video and voice communication, or the network environment is good, for example, UDP is used for communication on a LOCAL area network. The integrity of UDP data transmission can be checked by the software algorithm of the application layer.

TCP file transmission has high data integrity requirements.

Common TCP and UDP port names

(1) TCP port allocation

Port Number Service Service description21FTP file transfer service22SSH Secure remote connection service23Telnet Remote connection service25SMTP email service53DNS domain name resolution service, tcp53 also useful UDp53 port transmission80HTTP web service443HTTPS secure Web servicesCopy the code

What if you don’t know which port corresponds to which service? Which service does port 873 belong to?

[root@xuegod63 ~]This file contains all the common port numbers and service names
Copy the code

This file allows you to view the names of common ports. This file is used by iptables or netstat to parse ports into protocol names. In addition, the xinetd service will use this file to query the port number of a small service when it manages some small services.

Note: Some services are listened on both UDP and TCP ports

IP Address Classification

There are five types of IP addresses. Common IP addresses are A, B, and C

Class A addresses range from 0 to 127. 0 is reserved and represents all IP addresses. 127 is reserved and is used to test loopback ports. So the range of class A addresses available is actually from 1 to 126. Subnet mask: 255.0.0.0

Class A address: The network bits of class A addresses are represented by the first group of 8-bit binary numbers, and the host bits are represented by the next three groups of 8-bit binary numbers

Example 1.0.0.0 this class A IP address

1 is the network bit, 0.0.0 is the host bit, class A address is A large network, including 126 network segments, each network segment is allowed about 16.7 million hosts, usually allocated to the network with A large number of hosts (such as the backbone network).

Class B IP address: the network bit of class B IP address is represented by the first two groups of 8-bit binary numbers, and the host bit is represented by the last two groups of 8-bit binary numbers

Example 128.255.0.0 The class B IP address

128.255 is the network bit, 0.0 is the host bit, class B address is the medium network, including 16384 network segments, each network segment is allowed to 65534 hosts, suitable for the network with more nodes (such as the area network).

Class C address: the network bits of class C address are represented by the first three groups of 8-bit binary numbers, and the host bits are represented by the last group of 8-bit binary numbers

Example 192.255.255.0 Is the class C IP address

192.255.255 is the network bit, and 0 is the host bit. Class C addresses are small networks that allow 254 hosts. They are suitable for networks with few nodes (such as campus networks).

Class D addresses range from 224 to 239 and are used for Multicast. Multicast addresses are used to address a group of computers at a time and identify a group of computers that share the same protocol.

Class E addresses: range from 240 to 254, reserved for future use.

ABC class 3 private IP address range:

A: 10.0.0.0 to 10.255.255.255 The subnet mask is 255.0.0.0 or marked with /8 B: 172.16.0.0 to 172.31.255.255 The subnet mask is 255.255.0.0 or marked with /16 C: 192.168.0.0–192.168.255.255 If the subnet mask is 255.255.255.0 or /24, ping 127.0.0.1 can be pinged successfully. Ping 127.23.23.23 Can I be pinged through?

Conclusion: network segment 127 is used for loopback ports

You can contact our little sister if you want to consult network knowledge! Our little sister knows everything, you knowCopy the code