TCP three-way handshake waved four have done what?

What do three-way handshake

Three-way handshake and four are in the transport layer waving

1 to establish a connection

1. Call socket, create fd

2. Call to connect, sends a connection request to the server

3. connect will issue a SYN segment, and blocked waiting for the server response (first time)

4. The server receives a client's SYN, will acknowledge receipt of a response that is SYN + ACK segment to mean "agreed to establish connection" (second)

5. After the client receives the server SYN + ACK, will () returned from the connect, while answering an ACK to the server acknowledge receipt (third)

TCP client and server connection establishment, called the three-way handshake

2 during data transmission :

1., TCP protocol provides full-duplex communications service ; full-duplex (same time, same connection communicating parties can write data at the same time)

2. After the connection is established, the server () returned from the Accept , calling read immediately after return ( ), read socket like a pipeline, if the data does not arrive on the block and wait , arriving on () returned from the read

3. The client calls the write () blocked waiting for the server sends a request to the server , the server receives () Returns the read, client requests are processed. Server during the processing of a client request, the client calls the read block waiting for a reply from the server.

Server call write () after the results of the processing to the client, we continue to call read () waits for a blocking request from the client.

5. Client () returns from read, a data continue to send the next, so the cycle continues, otherwise ready to disconnect (four wave).

Four waving what they do

3 Disconnect

1. If the client does not request more, call close () closes the connection, then the client sends a FIN to the server (the first time)

2. This is the server receives FIN, will respond with an ACK, while the read () returns 0 (second)

3. read () before returning, the server knows the client closed the connection, also calls the close () closes the connection, this time the server sends a FIN (third time) to the client

4. Client receives FIN, and finally returns an ACK to the server (fourth)

Disconnection procedures called four wave

To clear: read () request is a read, write () is used to read the response.

TCP connect function and interaction is by issuing a SYN segment
() returns read, explain received the FIN segments

After connect successfully,
servers
accept returns, and allocate new file descriptors and client communications.
read (fd_, buf, size) blocked waiting for a client request for data
write (fd, buf, size) transmit data response.

Application layer

The role of application layer: It is said that the network programmers to write programs basically to write in the application layer, the application layer showing the importance of

Talk about the agreement: the agreement is an agreement, communicating parties laid down in advance

HTTP protocol

Although we say that the application layer protocol are our own custom programmers, in fact, has given me to develop a good big brother, we used to directly enough.
------- http protocol Hypertext Transfer Protocol. It is one of them.

Know URL
usually we are talking about is actually a website URL;
https://editor.csdn.net/md?articleId=104169840

Agreement Name: HTTPS
articleId: Query String
104 169 840: fragment identifier
csdn.net: server address
/ md ?: level with a file path

'+' Is translated become% 2B

urldecode: reverse translation
urlencode: translation

Look at a situation fiddler capture

Look to the right of the Raw

** 1 http request (above): **

1. The first line: Method + url + version

2. Header: the requested attributes, colon-separated value pairs ; used between each attribute \ n separated, i.e. split wrap
   the null line illustrates the end portion Header

SUMMARY 3.Body Body blank lines are behind, allowing the empty string Body, Body if present, then there will be a Header Content-length attribute to identify the length of the Body;

2 http response (lower side)

1. The first line: The version number + code + state explanation state

2. Header: the request attribute value pairs separated by colons, between each attribute \ n divider, dividing line, the end of the null rows represent Header

3. Body: blank line behind all Body, Body present, there is a Content-Length attribute identifies Body length after the Header, if the server returns a html page, the page content is in the Body;

HTTP methods

Method Description Support HTTP protocol version
GET access to resources 1.0, 1.1,
POST entity body transfer 1.0, 1.1,
PUT file transfer 1.0, 1.1,
the HEAD get the message header 1.0, 1.1,
DELETE Delete Files 1.0, 1.1,
the OPTIONS interrogation methods supported 1.1
the TRACE track path 1.1
cONNECT 1.1 requires a connection with the proxy tunneling protocol
link between resources and establish lINK 1.0
UNLINK disconnected relationship 1.0

One of the most common is the GET and POST

HTTP status code

Status Code Category reason
1XX informational request is being processed
2XX successfully processed normally
3XX redirect the need for additional actions to complete
4XX client server can not handle the error code
5XX server error code server processes the request fails

The most common status codes:
200 is (the OK)
404 (Not Found) client requests problematic
403 (Forbidden) Forbidden
302 (Redirect) redirector
504 (Bad GateWay) Gateway Timeout

The most common HTTP Header

Content-Type Data Type (text / html, etc.)

Content-Length Body length

Host: Client-Side server to request resources on that port;

Version Information Statement user's operating system and browser: User-Agent

Referer: current page statement which came from pages

location: With 3XX status code to use to tell the client where to go next visit

Cookie: a small amount stored in the client information, typically used to implement the conversation function. It is stored in the client browser, is a string of agreements programmers can own convention

IP protocol

1 地址管理
ipv4 32位
地址不够怎么办;  
		1  动态分配            主机联网才分配，断网就回收
		 2 ：NAT 机制		  局域网内共用一个IP
		 3	ipv6
	
2 路由选择

  IP地址为 点分十进制 192.169.1.106
  1 同一个网段内的主机网络好一定相同，主机号一定不同。（出现特例一定不能正常上网）
  2 相邻网段（连接在一个路由器上的）的主机，网络号一定不相同。
主机地址全0  就成为 了 网络号，代表此局域网
主机地址全1  就成了广播地址。（UDP能广播，TCP不能广播）

私网IP 和 贡丸IP
私网IP 局域网内部使用
1： 10.*前8位是网络号	
2：172.16.* --- 172.31.*  前12位是网络号
3：192.168.* 
其余 均为公网ip


路由选择（类似于导航）
路由选择的过程就是进行路由间相互问路的过程。

为了防止一台路由器挂掉导致整个体系瘫痪，我们常做多份备份路由，叫做冗余。	




route指令查看路由表

数据包 来到路由器后 ，跟子网掩码Genmask 相与，相与结果再在Destination中找目的IP，找到了一样的就发送，没有就找下一跳（default） ，

data link layer:

以太网，  以太网 不是一种具体的网络，而是一种技术标准。称为协议


以太网为什么存在MTU？
  因为硬件的缘故，必须要求数据帧在1500字节范围内	

MTU在数据链路层中 ，最大的数据帧为1500字节，不同协议中，MTU最大值也不同	



加入要发送的数据帧大于MTU，就会将数据帧分解，前几部分都是1500字节，后边余多少就是多少了。


**

DNS name resolution protocol

**

**DNS是一套从域名映射到IP的系统**

IP地址 + 端口号 来进行唯一确定一台主机上的一个进程
因为IP地址不好记，人们就发明了主机名（string），
并用hosts文件来管理维护主机名和IP的地址关系。

假如DNS服务器挂掉了，全世界的人民都上不了网了吗？
   大佬都想好方案：采用分布式的DNS服务器，在全球建立多个DNS系统（类似于路由冗余）	

DNS 地址;
8.8.8.8   谷歌维护的全球的根域名解析服务器  ---
114.114.114.114


在局域网中 ，路由器自己也维护了一个映射关系
内网IP和端口映射一个路由器IP和端口号   所以外网感知不到局域网内网（内部主机）
因为端口号的数量是有限的，所以  NAT只能维护端口号范围内的主机数量的网络


在浏览器中输入一个url都发生了什么？我们可以从以下几个角度进行分析：

1  从操作系统管理硬盘设备角度：

2  从网络通信的角度看: 
	1  进行DNS域名解析
	2  HTTP角度
	3  从自定制协议的角度（URL中关键字的query string怎么设计，body都包含了什么内容等等，cookie）

3 从传输层的角度
  	1  TCP连接建立的角度
	2  长短连接的角度（一个TCP连接涵盖好几个HTTP的交互过程  称为长连接）  好处：开销小效率高

4 从网络层和数据链路层的角度
	1 从IP地址的相关规则
	2 路由选择的角度
	3 数据链路层的相关规则

5 通信原理的角度（谨慎哦，不清楚别提）  

	浏览器 （外部也可连接一个CDN ）   
    	搜索入口服务器
		（1 分词服务器 
		 2 检索服务器 
		 3 物料服务器（查询最终数据）  
		 4 用户服务器（用户的一些信息） 
		 5 广告服务器（类似于搜索入口服务器））	
	
		分布式服务器使用大量的反向代理服务器 ：就像各种运营商提供的服务器一样

		负载均衡：

		1  提高效率
		2 提高可靠性
		3 可伸缩性（通过增加或减少服务器的数量来让负载均衡）

In TCP / IP, a source with the IP, source port, destination IP, destination port number, protocol number that pentad to represent a passage through netstat - n command to view;

Port numbers are divided into well-known port number and operating system dynamically assigned port numbers

Well-known port number 0--1023
operating system dynamically assigned port numbers; 1024--65535

ssh server: port 22
http server: port 80
ftp server: port 21
https server: 443 port
telnet server: port 23

cat / etc / services command to view all the well-known port numbers

UDP protocol

UDP protocol endian format

| -16-bit source port number - | 16-bit destination port number |
| -16 bit UDP length - | -16 bit UDP checksum -
| | ------ data (optional) - |

16 represents the length of the data portion UDP header + UDP, represents the maximum length of the entire datagram
it 16-bit checksum if equal, then discarded.

UDP features:

• Connectionless
  know each other's IP and port to send directly, without establishing a connection, the code will not connect.

• Unreliable
  1 No acknowledgment mechanism
  2 has no retransmission mechanism.
  The network fault occurs, UDP protocol layer to the application layer does not return failure information.

• Data reported for
  not reading data flexibly control the frequency and quantity (length).
  Means for the application layer data packet to a UDP long packets, is transmitted as UDP, do not split, will not merge.
  eg: If the sender a sendto () 100 bytes of data, then the receiving end only once recvfrom () 100 bytes, but not received a plurality of times.

1. There is no real meaning UDP transmission buffer , data is transmitted, the sendto calls, data to be transmitted to the kernel, the kernel passes the data to the network layer protocols, and the subsequent operation.
2. UDP has a receiving buffer , but the buffer can not guarantee that the data sequence received and the received transmission sequence when consistent, and if the buffer is full, the subsequent data is discarded.

In addition, UDP read both the socket, can write that full-duplex

Since the UDP protocol header UDP16 said bit length, the maximum length + data length of the header portion of 2 ^ 16, i.e. 64K,
then if we want to send the data is greater than 64K, we have to manually sub at the application layer transmits a plurality of times also have manually assembled at the receiving end.

TCP protocol

TCP stands for Transmission Control Protocol.

TCP6 flag bits

1. URG: urgent pointer is valid
2. ACK: Confirm the validity
3. PSH: Tips receiver application will immediately go read data buffer.
4. SYN: request to establish a connection. We carry SYN identified called synchronization segment
5. RST: the other requirements to re-establish the connection. Reset segment
6. FIN: disconnection request. The end of the segment. .

16-bit checksum: filled by the sender, a CRC (cyclic redundancy check), the test does not pass through the receiving end, the received data is a problem.

16 urgent pointer: identify which part of the data is the emergent data.

The acknowledgment ACK mechanism

eg:
The client sends data 1-1000
server next acknowledgment 1001,

The TCP number data for each byte, i.e. the sequence number

Each comes with a corresponding acknowledgment ACK sequence number, mean to tell the sender what data we have received, the next time you where to begin.

From the timeout retransmission mechanism

Host A sends data to the host B, but may be because the network problems, the host B receives the data has not yet,
at this time, the host A certain period of time, the acknowledgment is not received host B, will be re- hair. .

but! ! A host does not receive the acknowledgment host B, host B may also be confirmed response ACK lost.

At this time, host B will receive duplicate data ,, so that the TCP protocol is needed which can identify duplicate data, data necessary to discard duplicate, then, we can use the sequence numbers, the sequence number can be easily the purpose of deduplication.

So, how retransmission timeout world setting?

	不同的网络环境，超时重传的时间会存在差异
	**TCP**为了保证在任何网络环境下都能最大效率的
	保证重传，**会动态计算**该网络情况下的**超时重传时间**。

Under Linux as a unit to 500ms timeout retransmission. ,
Retransmission, still can not get the response time will increase exponentially, (each ✖️2)

When the accumulated ,, TCP retransmits a certain number of problems that will (a network, or the peer host connectivity issues) host connection, and forced to close.

Connection management mechanism

Under normal circumstances, TCP three-way handshake to establish a connection to be four times waving disconnected.

Note: there is no so-called closed state

Status of the server changes:

closed-listen: listen server after a call to enter listen state, waiting for client connections

listen-SYN_RCVD: Once intercepted connect request SYN, connection to the core placed in the waiting queue, and sends a SYN + ACK acknowledgment segment client

SYN_RCVD-ESTABLISHED: Upon receipt of acknowledgment message server client enters this state, the connection can be successfully read the data.

ESTABLISHED-CLOSE_WAIT: Client wants to send a request to the service is close. Server receives FIN end segment, returns ACK acknowledgment segment and into CLOSE_WAIT;

CLOSE_WAIT-LAST_ACK: Into CLOSED_WAIT, the server (after processing this data) is ready to close the connection, sends FIN to the client, this time waiting for the arrival of the last ACK

LAST_ACK- CLOSED: ACK arrives last, completely close the connection.

The client status changes:

CLOSED-SYN_SENT: Client tone connect, transmitting a synchronization packet;

SYN_SENT-ESTABLiSHED: server returns FIN + ACK; connect success. You can read and write the data

ESTABLISHED-FIN_WAIT1: The client calls the close function is active, send a FIN to the server;

FIN_WAIT1 -FIN_WAIT2: the client receives the server sends back ACK, acknowledgment segment.

FIN_WAIT2-TIME_WAIT: client receives FIN sent by the server end of the segment, receive, reply LAST_ACK. That last ACK

TIME_WAIT-CLOSED: The client sends LAST_ACK After waiting 2MSL; (prevent last ACK does not arrive, a retransmission timeout)

Why time is defined as 2MSL?

MSL is the maximum survival time of TCP packet, 2MS that can guarantee both directions of transmission has not been received / late segments have disappeared, (to prevent the server restarts immediately, received data on a process of).
Meanwhile 2MSL can also guarantee a final ACK can be reached, if the last one to see AC loss, because this is not tcp connection is disconnected, the server will then send a FIN, then the client process though gone, but still tcp connection, still can resend LAST - ACK;

Use setsockopt () function can be provided socket, the SO_REUSEADDR 1, showing wear member can be the same port number but different IP addresses socket

int opt =1 ；
setsockopt（listenfd，SOL_SOCKET，SO_）

** In the fourth wave in how to understand when the client receives FIN server

TIME - WAIT state **

When do the test, we also run the server and client, shut down the server, and then quickly opened, you can find
bind error;

Because, although the server program termination, but the underlying TCP connection protocol layer has not completely turned off, so the port number, IP address at this time is still occupied, so you can not monitor the same server port again.

We can look with the current port number command netstat -apn process information

TCP agreement: disconnect one party actively connected to the TIME_WAIT state, after waiting 2 * MSL time back to the CLOSED state

MSL is predetermined 2minutes ,, each implement different operating systems in the RFC1122, centos7 default configuration 60 seconds

By
/ tcp_fin_timeout view cat / proc / sys / net / ipv4

use setsockopt () function may be provided to produce the same port, but different port number IP

Option 1 SO_REUSEADDR, representation allows the same port, but different IP Socket;

eg：
int opt =1；
setsockopt（listenfd，SOL_SOCKET，SO_REUSEADDR，&opt，sizeof（opt））；

3: sliding window

Essence: data to be sent to a large section, the ACK is received, the sliding window is moved rearwardly.

At the same time opened up a period of kernel data transmission buffer to maintain the sliding window, the transmit buffer records unanswered, if the data is acknowledged, it is deleted from the buffer.

Role: To improve throughput, improve transmission efficiency
management: maintenance by the kernel

   　１　批量发送数据
		
		２　**批量发送的数据量称为窗口大小　，窗口越大，吞吐率越高，但一定要保证可靠性哦，所以不能无限大**。
		
		３　内核开辟一个发送缓冲区，保证没有收到ACK的数据别被删掉，随时可以进行超时重传，
		
		４　后边的ACK能够保证前边的数据已经正确到达，所以前边的ACK丢了有时也没关系，这也意味着，好多条数据才可能收到一条ＡＣＫ　，所以这样只会发保留发送失败数据的ACK，所以这称为**快速重传**。

Receiving correct data in the kernel buffer, the data transfer will continue to receive an ACK failure corresponding byte sequence, this mechanism is referred to as high-speed or fast retransmission mechanism ----- retransmission mechanism.

	最后，接收端怎么将滑动窗口大小告知发送端呢？

	在TCP报文首部，有一个16位的窗口字段，存放了窗口大小的信息。那么问题又来了，16位表示最大数据2^16次方，那么滑动窗口最大只有64K吗？
	
	并不是，TCP首部40字节选项中还包括一个窗口扩大因子M，实际窗口的大小为窗口字段左移M位；

5: Flow control mechanisms:

		设置原因：
		接收端处理数据的能力是有限的，假如发送端发送数据太快，导致接收端不能及时处理，就会使接收端缓冲区逐渐变满，再传输数据就会发生丢包。
		
		是什么：
		因此TCP协议支持根据接收端处理数据的能力，决定发送端的发送速度，这个机制称为流量控制机制

		如果接收缓冲区满了，就会使滑动窗口大小为0，这是发送方就不会发送数据了，然后发送端定期发送一个窗口探测数据端，获取接收端大的窗口大小

	接收缓冲区的空余空间大小用来衡量接收端的处理性能。（细想，空间越大，不就是接收端处理的越快吗？）
	TCP协议中有一个窗口大小字段，通过ACK端通知发送端

6: Congestion Control:

Introducing reasons :

	虽然TCP有滑动窗口这个宝贝，能高效提高传输效率，但是，网络上有很多计算机，当前的网络状态可能已经很糟糕了，这时若还是一下发送大量数据，对本就糟糕的网络来说无意雪上加霜了。

Thus, the TCP slow start mechanism is introduced , starting a beating Diudiu data path, touch current network state, and then decide what rate the data is transmitted.

A lot like love feeling small and medium-lovers do?
Love, quarrel, reconciliation, love ......

1 how to determine whether congestion it?

   　　根据丢包的量来判定
   　　**少量丢包认为超时重传，大量丢包认为网络拥塞**

２　　慢开始：

	１　开始时设置一个比较小的窗口来发送数据。
	２　若没发生丢包，窗口大小指数增长，
	３　当到达一个指定的阈值时，变为线性增长
	４　这样到达一定大小时，就会发生丢包，这时立马将窗口大小设为一个特别小的值（１），阈值乘法减小（＊０．５）
	　　然后再重新慢开始循环

	
			

那么问题来了？窗口大小怎么控制呢？

A: + congestion control flow control　
TCP 16-bit window size Description header based sliding window size is 65535 at the same time, the first portion further comprises a factor M, he determines the maximum value of several sliding window can be moved to the right, two 229 oh.

Congestion control , in the final analysis or TCP protocol for data transmission as fast as possible to the past, but also to ensure that the network is not too much pressure as possible compromise .

When the communication start TCP throughput will gradually increase, once the network is congested, a sharp decline in throughput at once.

7: delay response

	为什么要延时应答？
	答：因为处理器处理数据的能力可能很大，若不延时应答，一次接收的数据可能还不够服务器处理时开胃菜，所以延时应答
	
	延时应答控制方法：	
		１：数量条件：每收几个包就应答一次
		２：时间条件，每过多久应答一次

	具体的数量和超时时间，根据操作系统而定，一般数量取2，超时时间为200ms。

8: piggybacking

eg:
How are you
i’m fine thanks and you

Piggybacking: may be changed to three times or four times and waved and waved.

	在延迟应答的基础上，服务器有可能将在收到FIN断开连接时，将  ACK　和　FIN一起发送过去，这时四次挥手变成三次挥手

	ＴＣＰ协议是操作系统内核实现的，不同的系统实现细节可能存在细微差异，
	这时fiddler抓包就不靠谱了，fiddleｒ只能抓HTTP协议　　　　
	ｗｉｒｅｓｈａｒｋ可以	抓TCP协议的数据包

9: byte-oriented stream

A complete packet may be sent or received multiple times during the TCP transport.

10: stick package problem

   由面向字节流传输方式导致，但应用程序需要一次取出一个完整的数据包，怎么来解决这个问题？
   
	       我们从应用层的角度来解决这个问题，只需要能够确定数据包的边界就可以了。
	       
		确定包的边界的方案： 1	分隔符    2 指定长度

	UDP会发生粘包问题吗？
	因为UDP是一个数据包一个数据包的提交数据，因此不可能发生提交半了包的情况，也就不可能出现粘包问题

Connection Exception:

	1 进程终止（正常----先关闭客户端）
	2 重启（相当于开始菜单的重启：即既定流程重启）
	3 机器断电/网线断掉：接收端认为连接还存在，很久了还么收到数据，就会超时重传,  重传次数过多服务器复位RST （reset）

　４内核自己也内置了一个保活定时器。保活定时器会定期发送一个询问信号，询问对方(客户端)是否存在。不存在就释放连接

Comparison of TCP and UDP

	１TCP使用在可靠传输的场合
	
	２UDP传输速度高，也可以使用在传输环境安全性本身就高的环境，达到可靠传输的目的。
	
	３数据包大的话只能使用TCP，　因为　UDP最大包只用６４K即16位UDP最大长度2^16
	
	４**如果要广播的话，只能用UDP**，不能用TCP。只有UDP可以将物理IP最后的几位全设置为１，代表广播地址。

	5TCP 面向字节流有粘包问题 UDP面向数据报，不存在粘包问题

6  UDP不存在真实的的发送缓冲区，只有内核创建接收缓冲区，而TCP都有。

Listen appreciated second parameter

We can remove the server program inside accept. Open multiple clients connect to the server, and then view the status of netstat, you will find some of the phenomena.

Linux kernel stack uses two queues for the connection management tcp:
Semi connection queue: in the semi-connected state save request SYN-SENT and SYN-RCVD state

Opposition fully connected: Connection established successfully in the request that accept queue which accept by the impact. = Full length of the queue is connected to the second parameter listen +1