Tcp/ip protocol stack

TCP/IP standard

• TCP/IP:Transmission Control Protocol/Internet Protocol Transmission control protocol / Internet Interconnection Protocol

• TCP/IP Is a protocol stack , It consists of many agreements .TCP and ip Are the two most important agreements , So it is used as the name of the protocol stack .

• This protocol was first used on the Internet , The most widely used LAN is IPX、SPX agreement .
  Ethernet works in the data link layer and physical layer

TCP/IP layered

  TCP/IP Four layers defined ： Network interface layer 、 The Internet layer 、 Transport layer 、 application layer . To simplify the OSI The layered

TCP/IP application layer

TCP/IP Working logic

When the packet is sent , You need to add the header of each layer , The other party will unpack after receiving .

transport layer

The functions of the transport layer are realized by two protocols ：tcp and udp. Reliable and fast communication can be achieved .

TCP and UDP

tcp：

• High reliability 、 Low performance 、

• Connection oriented 、

• With sequence

• Retransmission 、

• Half closed （ Four waves ）、

• Acknowledgement mechanism （ Send a package and confirm a package ）、

• The sliding window （ Control the sending of data packets according to the network conditions , How many packets can be processed at a time is variable ）、

• Congestion control .
  It is mainly used for ： Mail communication 、 File sharing 、 download

udp：

• High performance 、

• Poor reliability 、

• Nonsequential
  It is mainly used for ： voice 、 Video communication

TCP：Transmission Control Protocol（ Transmission control protocol ）

TCP characteristic

   Transport layer protocol 、 Acknowledgement mechanism 、 full duplex 、 Connection oriented

TCP Baotou structure

• first line ： Source port 、 Target port （ Each account 16 position ）

• The second line ： Serial number , Indicates the number of the data message （ Because the documents need to be broken into small packages for transmission , After numbering , After receiving the documents, the target device will be assembled in sequence ）

• The third line ： Confirmation no. , Confirm that the package sent by the other party has been received , To

• In the fourth row ：

 Data migration ： Indicates the length of the head .
URG、ACK、PSH、RST、SYN、FIN：TCP Of 6 Status flag bits , a key ：ACK、SYN、FIN
ACK： Request communication flag bit 
SYN： Message confirmation flag bit 
FIN： Break up status flag bit 

Generally, the source port is random , The target port is commonly known as .
linux List the port numbers of commonly used applications ： cat /etc/service

TCP agreement PORT

   adopt Ip Address can find the corresponding device , But there is more than one communication application on the device , To distinguish between specified applications , So the port number is used to distinguish , Each application has a unique port number （ Unique identity of the application ）.
Port number range ：0--65536
0-1023： It is for important services , Already assigned . Use other ports at will

Example ：linux Check the port currently used by the service

ss -ntl  #n: Do not resolve service name , The port number is displayed digitally   t：tcp l: Show all ports opened locally 

Example ： Check which application is using a port

 Method 1 ： ss -ntlp  #（p: Show the process using socket and process label ）

 Method 2 ： lsof -i : Port number 

TCP Port number communication process

Three handshakes

The connection oriented process is called triple handshake ：

Why do I need three handshakes , Not two handshakes ？

   Because a complete computer communication is back and forth . So you can get in or out . So it's three handshakes .
Yes A： Need to go back ,B It's the same thing .

Concrete realization ：（ The three step A and B Both need to go and return ）

A Communication for ：

1. The client sends the request （ Go to ）：SYN Mark as set as 1（ Request communication ）, For the other 0, And record the serial number of the current package （seq=x）.
2. The server responds to the request （ return ）：SYN=1（ Request communication ）,ACK=1（ Confirm the information sent by the client ）, Current packet number （seq=y）,ack=x+1（ The confirmation number of the packet , Tell the other party that I hope you send it next time x+1, Disguised description received x This numbered bag ）

B Communication for ：

3. return ：ACK=1, For the other 0.seq=x+1（ because x It has been posted , Send it this time x+1）,ack=y+1（ Illustrates the y Package received , Hope next time you send y+1）

state

client ：

• CLOSED： Initiate a connection request from the disconnected state , After sending the request, whether the other party receives it or not , Immediately enter SYN-SENT state .

• SYN-SENT： After responding to the server's request , Enter immediately from the current state to ESTAB state .

• ESTAB-LISHED:

The server ：

• CLOSED： Disconnected state

• LISTEN： On the server side , Listen to the port of a service . After replying to the client's request , Just switch from this state to RVCD state

• SYN-RCVD： After receiving the request from the client , Also go in immediately ESTAB state .

• ESTAB-LISHED：

Four waves

After establishing the profile , The state becomes ESTAB This state .

technological process ：（ Ideal state ）

1. The client sends a breakup request to the server segment （FIN=1,FIN yes finsh Abbreviation ）, And send the number of the current packet （seq=u）.

2. The other party will reply to the confirmation message immediately after receiving it ,ACK=1,seq=v,ack=u+1 -- It means that the breakup request sent has been received
   So far, only the client does not want to communicate with the server , But the server can still communicate with the client .（ If the data has not been sent , Just continue to complete the data transmission ）-- One way transmission of data

3. When the server decides to break up with the client , The server offered to break up （FIN=1）,ACK=1,seq=w,ack=u+1

4. The client confirms immediately after receiving .ACK=1,seq=xx,ack=w+1（ Confirmation no. ）

state ：

client ：

• ESTAB-LISHED： At first, we established connections , Send a breakup request when you need to disconnect , Once this request is sent , Go in immediately WAIT-1 This state .

• FIN-WAIT-1： Once you receive the request sent by the server , To get into WAIT-2 This state

• FIN-WAIT-2： Received a breakup request from the server , Enter from the current state WAIT state . Then send a request

• TIME-WAIT： After sending the confirmation request , Need to wait for a while （ Because the network is complex , In order to ensure that the data before the server sends the breakup packet can arrive safely ） Only enter CLOSED state .

• CLOSED：

The server ：

• ESTAB-LISHED： After receiving the breakup request sent by the client , Respond immediately . From the current state to CLOSED-WAIT state .

• CLOSED-WAIT： There is no data to send here , Just send a breakup request , And then into LST-ACK This state .

• LAST-ACK： Received a breakup request , Enter the disconnected state .

• CLOSED：

Example ：linux Check the status of the connection

# Process socket relationship 
√  The process is like a house , Sockets are the gates of processes .

√  Processes send and receive messages over the network through sockets .

√  Send process ： Push the message out of the door （ Socket ）.

√  Send message ： Send the message to the door of the destination process through the following network .

√  Receiving process ： Through its door （ Socket ） Receive message .

ss -nta #-a: Show all sockets , Socket is the interface of process 

#linux Grab tool for ：tcpdump
#windows Grab tool for ：wireshark
#linux Use of bag grabbing tools ：
tcpdump -i  adapter name   -nn port 22    #-nn port 22： Grab the package with the specified port number in a digital way 

TCP Retransmission mechanism

Packet loss or network failure , It will automatically try again and again .

And TCP Two kernel parameters related to timeout retransmission ;

/proc/sys/net/ipv4/tcp_retries1 # Appoint TCP Minimum number of retransmissions performed , The default value is  3
/proc/sys/net/ipv4/tcp_retries2 # Appoint TCP The maximum number of retransmissions that can be performed , The default value is  15（ Generally corresponds to 13～30min）

UDP：User Datagram Protocol

UDP Characteristics of ：

Poor reliability （ There is no process of establishing a connection ）、 High performance .
udp The protocol is less used , Only use voice and video udp agreement . Most Internet applications use tcp agreement

UDP baotou

   Baotou composition ratio tcp Baotou is simpler . because tcp and udp Are two separate agreements , So even if tcp and udp Using the same port at the same time will not conflict .

form ：

• Source port ：

• Target port ：

• udp The length of ：

• udp Checksum ：

• Data section ：