TCP/IP

TCP/IP Reference model

TCP/IP Protocol cluster

• TCP/IP The protocol cluster is Internet The basis of , It is also the most popular form of networking today .

• TCP/IP Is a synonym for a group of agreements , Including many other agreements , Make up the TCP/IP Protocol cluster .

• TCP/IP The agreement is not entirely in line with OSI The seven level reference model of , The latter is a communication protocol 7 Layer abstract reference model , Each layer performs a specific task .

• TCP/IP The communication protocol uses 4 The hierarchy of layers , Each layer relies on the network provided by its next layer to complete its own needs .

application layer

• HTTP 80
  Hypertext transfer protocol , Provide web browsing Services

• Telnet 23
  Remote login protocol , Provide remote management services

• FTP 20、21
  File transfer protocol , Provide Internet file resource sharing services

• SMTP 25
  Simple mail transfer protocol （ email ）, Provide Internet e-mail service

• POP3 110
  Post office protocol （ Receive mail ）, Provide Internet e-mail service

• TFTP 69 (UDP)
  Simple file transfer protocol , Provide simple file transfer service

Transport layer

1. TCP( Transmission control protocol ) It belongs to connection oriented network protocol
2. UDP( User message protocol ) It belongs to connectionless network protocol

​ UDP You don't need to establish a connection before transferring data . The other side's transport layer is receiving UDP After the message ,
No confirmation required . although UDP No reliable delivery , But in some cases UDP It's a kind of
The most effective way to work , Such as media communication .

​ TCP Then provide connection oriented services .TCP No broadcast or multicast service . because TCP To provide
reliable 、 Connection oriented , So inevitably there's a lot of overhead . This not only makes the protocol data unit
The first part of is much larger , It takes up a lot of processor resources .

The network layer

• The network layer is also called Internet layer

  ​ Be responsible for sending packet messages from the source end to the destination end

• Network layer role

  ​ Provide logical addresses for devices in the network , namely IP Address

  ​ Responsible for packet routing and forwarding

• Internet layer tools ----Ping

  ​ Ping It's a network device 、Windows、Unix and Linux A command on the platform , It's actually a small and practical application , The application is based on ICMP（Internet Control Messages Protocol） agreement .

  ​ Ping It is often used to detect the network accessibility to the destination node .

Data link layer

​ In an Ethernet environment , When the data sender builds the data , You need to fill in the three-tier header of this data （IP head ） And the head on the second floor （ Ethernet frame header ） Related fields in , The purpose is IP Address and purpose MAC Address is two key information .

ARP（Address Resolution Protocol） It has two basic functions ：

• Analyze the target IP Address corresponding MAC Address .

• maintain ARP mapping （IP Address and MAC Correspondence of address ） The cache of .

notes ：ARP Cheating is by sending fake MAC Address of the arp Package implementation , Because Ethernet is based on MAC Address correspondence . For example, by cheating visitors in the LAN PC Gateway for MAC Address , Make visitors PC I mistakenly thought that after the attacker changed MAC The address is gateway MAC, Lead to network impassability .

TCP agreement

Message format

1. Source port (Source port) And the destination port (Destination port )

   Two bytes each , Write the source port number and destination port respectively .

2. Serial number (Sequence number)

   ​ Occupy 4 Bytes . Serial number range [0,2^32 -1], common 2^32 A serial number . The serial number increases to 2^32-1 after , The next sequence number will return to 0. Serial number use mod 2^32 operation . stay TCP Each byte in the byte stream transferred in a connection is numbered in order . Our receiving end will select the return number according to the messages received in sequence .

3. Confirmation no.

   ​ Occupy 4 byte , It is the sequence of the first data byte expected to receive the other party's next message segment . Depends on the packet length

   Be careful ： If the confirmation number is N, It means ： The serial number N-1, All the data so far have been received correctly .

4. Data migration

   ​ Occupy 4 position , It pays TCP Data distance of message segment TCP How far is the starting offset of the message segment . This field actually indicates TCP The first length of a message segment . Because there is an option field with uncertain length in the first part , Therefore, data offset fields are necessary . But it should be noted that , The unit of data offset is 32 position （4 byte ）, And we 4 The largest array of bit energy is 15（1 On behalf of 4 byte ）, So the maximum value of data offset is 60 byte , This is also TCP Maximum length of head .

5. Retain

   ​ Occupy 6 position , Reserved for future use , But now it should be set to 0.

6. Control bits

   • emergency URG

     When URG=1 when , Indicates that the emergency pointer field is valid . He told the system that there was emergency data in the sub message segment , It should be transmitted as soon as possible , And don't send it in the same order as the original queue . So the sender TCP Insert the emergency data at the beginning of the paragraph , But behind the emergency data is still the ordinary data . At this time, it should be used with the emergency pointer field in the header .

   • confirm ACK

     ​ Only when the ACK=1 The validation number field is valid when . When ACK=0 when , Invalid confirmation number .TCP Regulations , After the link is established, all transmitted message segments must be set 1.

   • push PSH

     ​ The receiver TCP received PSH=1 Message of , Deliver to the application as soon as possible , Instead of waiting for the entire cache to fill before delivering it up . Make room for subsequent data .

   • Reset RST

     ​ When RST=1 when , indicate TCP Serious error in connection , Connection must be released , Then reestablish the transport connection .RST Set up 1 It is also used to reject an illegal message segment or to refuse to open a connection .（ If the browser suddenly closes ）

   • Sync SYN

     ​ Used to synchronize sequence Numbers when connection is established . When SYN=1 and ACK=0 when , Indicates that this is a connection request segment . The other party agrees to establish a connection , Then... Shall be made in the message segment of the response SYN=1 and ACK=1. therefore ,SYN Set up 1 It means that this is a connection message or connection acceptance message .

   • End FIN

     ​ Used to release a connection . When FIN=1 when , It indicates that the data of the sender of the secondary message segment has been sent , And asks to release the transport connection .

7. window

   ​ Window refers to the receiving window of the party sending the paragraph of this report . The window value is the basis for the receiver to let the sender set its sending window .

8. Inspection and

   ​ Occupy 2 Bytes , The scope of inspection and field inspection includes the first part and data .

9. Pointer to an emergency

   ​ Occupy 2 byte , Emergency pointer only in URG=1 Only when makes sense , It indicates the number of bytes of urgent data in the paragraph . It is a positive offset , It is added with the value of the sequence number field to represent the sequence number of the next byte of the last emergency pointer . Therefore, this field is also equivalent to the offset of the emergency pointer relative to the current sequence number . When all emergency data has been processed ,TCP Tell the application to return to normal operation . It is worth noting that , The window in time is 0 You can also send emergency data .

10. Options

    ​ Variable length , Up to 40 byte . When no options are used ,TCP The length of the first part of is 20 byte .

    ps： The maximum data offset is 60 byte

    Common options are ：Maximum segment size、SACK permited( Selective confirmation )、 Time stamps, etc

Three handshakes

​ Confirmation no. ack = Opposite end seq +１

Four waves

TCP/UDP Port number

1. One TCP The source port number of the session is usually randomly assigned by the client , The destination port number corresponds to the accessed service of the server .

2.TCP/IP The service port number in the protocol ranges from 0 To 65535, among 1-1023 It's famous （Well-knwon） Port number , for example Telnet Service usage TCP23 Port, etc .

​ Every one of them TCP The connection has two endpoints .TCP The end of the connection is called Socket (socket)

Socket socket = (IP Address ： Port number )

Every one of them TCP Connect the two endpoints that uniquely communicate ( Two sockets ) Determined .

TCP Sliding window mechanism

UDP agreement

Message format

IP agreement

Message format

One IP The datagram consists of two parts: the first part and the data part .

• The front part of the head is fixed length , common 20 byte , It's all IP Datagrams must have
• The fixed part of the header is followed by some optional fields , Its length is variable

1. edition ----------- Occupy 4 position , finger IP Version of protocol , at present IP The agreement version number is 4（ namely IPv4）
2. The length of the first ----------- Occupy 4 position , The maximum number that can be expressed is 15 A unit of （ A unit 4 byte ）
   therefore IP The maximum length of the head of 60 byte .
3. Distinguish between service ----------- Occupy 8 position , For better service , In the old standard, it was called service type ,
   But it's never been used ; ( Priority of sending data )
   Only in the use of differentiated services (DiffServ) when , This field works .
   In general, this field is not used QoS Service quality .
4. Total length ----------- Occupy 16 position , The length of the sum of the head and data , Unit byte , So datagram
   Maximum length is 665535 byte . The total length must not exceed the maximum transport unit (MTU).
5. identification ----------- Occupy 16 position , It's a counter , The identifier used to generate datagrams , Not a serial number ,
   Every time a datagram is generated , Increase 1.
6. sign (flag)----------- Occupy 3 position , At the moment, only the first two make sense . The lowest bit of the flag field
   yes MF(More Fragment).MF = 1 It means the back “ There are also slices. ”.
   MF = 0 It means the last fragment . The middle bit of the flag field is DF
   (Don’t Fragment). Only when DF = 0 Partition is allowed only when .
7. Slice offset -----------(13 position ) Pointed out that ： The longer groups are after fragmentation , The relative position of a piece in the original group .
   The piece is displaced by 8 Bytes are offset units .
8. Time to live ----------- Occupy （8 position ） Write it down as TTL (Time To Live)
   The maximum number of datagrams that can pass through the router in the network . windows commonly TTL by 127, Linux by 64.
9. agreement ----------- Occupy (8 position ) The field indicates which protocol is used for the data carried by this datagram to the destination host
   Of IP The layer hands over the data part to which process
10. Head check sum -----------16 position ) Field , Only check the first part of the datagram, not the data part
    It doesn't use CRC Check the code and use a simple calculation method

IP The variable part of the header of a datagram
IP The variable part of the header of is an option field , Used to support troubleshooting 、 Measurement and safety measures
The length of the option field is variable , from 1 Byte to 40 Different bytes , Depends on the selected item .