Data link layer & some other protocols or technologies

gateway (getway)： From one network segment to another , Protocol conversion may be required , The gateway is responsible for protocol conversion . Now? , Gateways are generally routers IP Address .
The default gateway ： It is usually the router IP Address .

• We said to the IP The protocol can help us send data from one host to another , But the real work is the Ethernet protocol of the data link layer ,IP The agreement has a macro guiding role .
• MAC The address is used to control the location of the next hop ,IP The address is used to indicate the final direction .

LAN

chestnuts ：
I spoke to Zhang San in a classroom with many students , Then other students may chat with each other . Others may disturb me and Zhangsan , And we may disturb others .

• The classroom here can be understood as a local area network . Everyone is a host .
• We call mutual interference in communication as Collision .
• When Zhang San and I wanted to communicate with each other , You need to do it first collision detection , Check if any other host is communicating .
• When no one speaks , I'll write to Zhangsan again , It's called Collision avoidance .
• Collision avoidance is a loss of efficiency , But the signal travels at the speed of light , Loss can be ignored .
• To reduce collisions , We will use a device called a switch , Used to divide collision domain .

Ethernet

” Ethernet “ It's a protocol , LAN technical standards .“ Ethernet ” It's not a specific network . It includes the data link layer , It also contains some physical layer content .

Ethernet frame format

• Ethernet should add Ethernet fixed length header and CRC check .

• Because the header is fixed , So it's easy to communicate with Payload separation .

• front 6 Bytes is the purpose MAC Address . Next 6 Bytes are their own MAC Address .MAC The address is set when the host leaves the factory , It can be considered the only one in the world .

• Type is used to indicate that Which agreement is delivered to the upper layer , Immediate distribution .0800 Delegate to IP agreement ,0806 representative ARP request / The reply ,8035 representative RARP request / The reply .

• A host is sending MAC At the frame , It will directly MAC Frames are put into the LAN , All hosts in the LAN can receive this frame , Then all hosts begin to unpack at the data link layer , contrast MAC After the address, I found that it was not sent to me , Then just discard .

MAC Address

• MAC Address is used to identify the nodes connected in the data link layer ;
• The length is 48 position , And 6 Bytes . It's usually used 16 A decimal number plus a colon to indicate ( for example : 08:00:27:03:fb:19).
• In the network card factory to determine , Do not modify . mac The address is usually unique ( In the virtual machine mac The address is not real mac Address , There may be conflict ; Some network cards support user configuration mac Address ).

MAC Address and IP Address ：

• When the message is transmitted , Purpose MAC Address and source MAC The address has been changing , But the purpose IP The address will not change .
  （ Tang Monk's chestnuts ）

MTU

• I don't want to say more , I feel that the previous words are rotten ...
• Because the Ethernet protocol stipulates MTU, although IP Layers can be sliced , But we don't advocate partition , Because fragmentation will increase the packet loss rate . So we expect all the upper layer protocols to adapt to MTU, That is, the upper layer shall try not to send large packages to the lower layer .

tcp Of MSS

• TCP A datagram cannot be infinite , Or is it subject to MTU.TCP The maximum message length of a single datagram , be called MSS(Max Segment Size);
• TCP In the process of establishing the connection , Both sides of the communication will MSS negotiation .
• Ideally , MSS The value of is exactly at IP The maximum length that will not be sliced ( This length is still subject to the data link layer MTU).
• Both sides are sending SYN It will be TCP The header writes what it can support MSS value .
• Then both sides learn about each other's MSS The value of , Choose the smaller as the final MSS.
• MSS The value of is TCP The first 40 Byte variable length option .

Be careful ：MSS yes tcp Maximum length of message ！！！

ARP agreement

Ethernet can be through MAC Address to send data , But there's a problem ： How do I know the destination host MAC Address ？

• and ARP The purpose of the agreement is to IP Address converted to MAC Address .
• ARP The protocol also belongs to the link layer , But it is on the upper layer of Ethernet protocol . actually ,ARP It doesn't matter which layer the agreement is on . What is important is its function . You can understand it as MAC If the frame is ARP request / The reply , Then upward is not delivered to IP layer , It is delivered to ARP agreement .

ARP Protocol message format ：

• front 14 Bytes are Ethernet headers .
• The hardware type refers to the link layer network type ,1 For Ethernet ;
• Protocol type refers to the address type to be converted , 0x0800 by IP Address ,0x0860 by ARP request / The reply ,0x0835 yes RARP Request / The reply ;
• The length of the hardware address is... For the Ethernet address 6 byte ;
• Protocol address length for and IP The address is 4 byte ;
• op Field is 1 Express ARP request ,op Field is 2 Express ARP The reply . received ARP The message should first look at this field , Recognizing the ARP Request or answer .

ARP How the protocol works ：

• When communicating between hosts , Know each other's IP Address and port number , But we need to know all the nodes on the road MAC Address .

• ARP Used MAC The address of , namely 48 All the seats are F, Then all hosts in the LAN will receive the message , And it needs to be received . Deliver to ARP layer ,ARP The layer passes first op I can tell that this is a ARP request , And then through ARP Purpose IP Know it's sent to yourself , And then I put my MAC Address return .

• But if every time we want to communicate ARP Get each other's MAC Address , This is obviously stupid . So we have one ARP Cache table , There is the latest ( It's usually 20 minute ) Used MAC Address and IP Correspondence of address .

RARP agreement

RARP The agreement is through mac Address acquisition IP Address .

Other agreements or technology

DNS

• DNS Working in the application layer .

• DNS The bottom layer uses UDP agreement . Because of the simple .

• DNS Is used to resolve the domain name to IP Address .

• We need to know each other online IP Address of the , however IP The address is hard to remember . So we use strings ( Host name or domain name ) Follow IP Address builds a one-to-one mapping relationship . You only need a domain name to access the Internet .

• Before , We save this mapping table in each host . When we type in www.baidu.com, The system will scan the mapping table , find www.baidu.com Corresponding IP Address , And then visit IP The server corresponding to the address .

• But the domain name and IP There are too many correspondences of addresses ！！！

• So we use a special DNS The server , Save all domain names and IP A map of addresses . When you type www.baidu.com, The browser will DNS The server initiates a request ,DNS The server finds... Instead of you IP Address , Pass it on to you . Then the browser accesses IP The server corresponding to the address .

DNS System

• System management organization of an organization , Maintain the... Of each host in the system IP The corresponding relationship with the host name .
• If the new computer is connected to the network , Register this information in the database ;
• When a user enters a domain name , Will automatically query DNS The server , from DNS The server searches the database , Get the corresponding IP Address .

But every visit DNS Servers waste efficiency , So far , We still have... On our computer hosts file . In the process of domain name resolution, priority will still be given to finding hosts The content of the document .

cat /etc/hosts

Domain name Introduction ：

• com: First level domain name . This is an enterprise domain name . There are also “net”( Network provider ), “org”( Non profit organizations ) etc. .
• baidu: Two level domain name , Company name .
• www: It's just an idiom . Before, when people used domain names , Often named something similar to ftp.xxx.xxx/www.xxx.xxx This format , To represent the protocol supported by the host .（ In fact, it can also be omitted ）

Our own mainframe will be equipped with DNS Server's IP Address . We can also choose DNS The server , Such as 8.8.8.8

ICMP agreement

• Network layer protocol , Think of it as IP The upper . Bottom use IP.
• After setting up the network , We naturally want to know whether the network is connected . however IP There is no guarantee of reliability . If you lose your bag , IP The protocol does not inform the transport layer whether the packet is lost or not and the reason for the packet loss .

That's exactly what it is. ICMP The role of ：

• confirm IP Whether the packet successfully arrived at the destination address .
• Notification in progress IP Why the packet was discarded .
• ICMP Is based on IP Agreement working . But it's not a transport layer function , Therefore, people still attribute it to network layer protocol ;
• ICMP Only with IPv4 Use . If it is IPv6 Under the circumstances , Need is to use ICMPv6;

ping command ：

• ping The order is based on ICMP agreement .
• here ping Yes. domain name , instead of url！ A domain name can be through DNS It can be interpreted as IP Address .
• ping The command can not only verify the connectivity of the network , At the same time, the response time and TTL(IP In bag Time To Live, Life cycle ).
• ping The command will first send a ICMP Echo Request To the opposite end ;
• After receiving by the opposite end , Will return a ICMP Echo Reply;
• ping Command this detection every few seconds , It's called heartbeat detection .

traceroute command

• be based on ICMP Protocol implementation .
• Be able to print out executable programs from the source host , How many routers go through up to the target host .

NAT && NAPT technology

• NAT Technology and NAPT Technology is used to solve IPv4 The problem of inadequacy .
• Let's talk about NAT technology . We know about LAN IP The address is a private address , Unable to access the Internet .NAT Technology solves this problem . A LAN will be equipped with a router ( A server can also ), And this router will have a WAN mouth IP Address , This IP The address is the Internet address .
• When we want to access the Internet , The router will create a A The host IP Address and router extranet IP Address translation table , So we wear the skin of the router , By switching IP Source in packet IP Address , You can access the server of the external network .
• If the Internet wants to reply to us , Then go through the router's conversion table , Just turn back .
  

however , There is a question ： A LAN usually has only one router , A router is usually equipped with only one WAN Address . If A The host and B The host communicates with the server at the same time , Then it cannot be achieved .** Because the server replies to both hosts in the LAN at the same time , Then according to the conversion table , Unable to determine that the router's Internet address should be translated to A still B.** therefore , To solve the problem of Internet IP Too few addresses , And then there is NAPT technology .

NAPT：

• NAPT technology , In replacement IP At the address , Not only replace the external network IP Address , The router will also send messages The corresponding port number is also replaced ！！！
• The conversion table established by the router also includes the port number , such , Even if there is only one extranet IP, But because there are a lot of port numbers , Can solve NAT The problem of .

This relationship is also caused by NAT Router automatic maintenance . For example, in TCP Under the circumstances , When establishing a connection , This table item will be generated ; After disconnecting , Will delete this table entry .

NAT&&NAPT Technical defects ：

• from NAT Establish a connection from the outside to the internal server ; namely NAT Routers do not actively establish connections , The connection must be initiated by the LAN , The server of the LAN cannot be accessed directly through the external network ; Direct communication between two LANs cannot be realized ; The technology of breaking through LAN from the outside is called intranet penetration
• The generation and destruction of conversion tables require additional overhead ;( obviously )
• Once... In the communication process NAT The equipment is abnormal , Even if there is a hot standby , be-all TCP The connection will also be disconnected ;

According to my observation , What we are talking about now NAT Technology is NAPT technology , There is no strict division .

proxy server

• The proxy server and NAT The technology is a bit similar .
  The proxy server and NAT The difference between ：
• In terms of application , NAT Equipment is one of the basic network equipment , The solution is IP The problem of inadequacy . The proxy server is closer to the specific application , For example, climbing over a wall through a proxy server , In addition, accelerators like Xunyou , Also use a proxy server .
• In terms of the underlying implementation , NAT It works at the network layer , Direct pair IP Address to replace . Proxy servers often work in the application layer .
• In terms of scope of use , NAT It is generally deployed at the exit of the LAN , The proxy server can do... In the LAN , You can also do it on the WAN , You can also cross the network .
• From the deployment location , NAT Generally integrated in the firewall , On hardware devices such as routers , The proxy server is a software program , It needs to be deployed on the server .

Agents are also divided into forward agents and reverse agents .

• Forward agency ： such as , I want to visit facebook, But it is not possible to visit directly from the mainland . At this time, a server in Hong Kong can access facebook, So we first send the request to the server in Hong Kong , The server in Hong Kong will represent me to request facebook. The Hong Kong server here is a forward proxy .
• Reverse proxy ： I want to access some information on the server , The server provides me with information , I don't care where this information comes from .

Forward agency , The client knows who your destination host is , And the reverse proxy doesn't know . Forward proxy , I know we want to visit facebook, In reverse proxy, I don't need to know who gave me the message .