Alibaba Engineer Cultivation: From computer knowledge to landing ability, what do you lack?

A question-why the Internet is not working, to explain specifically how to turn the dead knowledge in books into our problem-solving ability)

Basic concepts learned in university

I believe the concepts in your mind about the basics of the network are in the picture below. The content of the knowledge is a bit messy, I feel familiar and vague, let alone transform the content into productivity or use it to solve practical problems. This is because knowledge is not connected, practiced, and organized.

So next we will demonstrate the process of carrying out book knowledge to practice, hoping to organize the connection between network concepts through practice.

Start with a problem

The recent environment encountered a problem of network ping failure. The network link at that time was (probably like this, slightly simplified):

phenomenon

● Ping physical machine 2 from container 1 cannot work;
● Ping physical machine 2 from container 2 on physical machine 1;
● At the same time, it is found that even if it works, some containers only need 0.1ms to ping physical machine 1, and some containers need 200ms The above (all on the same physical machine) is unreasonable;
● All containers can ping other external network IPs (such as Baidu) instead.
It took a week to solve this problem because the container network was configured by ourselves, and we did not have permission to contact the switch, and it was configured by the customer. When there is a problem, they will feel that they are okay and the other party has a problem. In addition, they don’t know enough about the basic knowledge of the Internet, so they feel that they are okay and do not look for evidence.
The answer to this question will be summarized after you read the basic knowledge of this article.

Before solving this problem, think about it first. If there is an interview question: input ping IP and press Enter, then what happened?

What happens after the carriage return?

Let's think about what happened to ping IP.

First, the OS protocol stack needs to encapsulate the ping command into an icmp packet, and fill in the header (including src-IP, mac address), then the OS first calculates which interface (network card) to use according to the target IP and the route rules of the machine, and then determine With routing, you basically know the src-ip and src-mac of the sending packet. Each routing rule basically includes several basic elements such as target IP range, gateway, MAC address, and network card.

If the target IP and the IP used by the machine are in the same subnet,
if the target IP and the machine IP are the same subnet (according to the netmask of each network card on the machine ifconfig to determine whether it is the same subnet-knowledge point: subnet The role of the mask), and the local arp cache does not have the mac record corresponding to this IP, then broadcast an arp query to all the machines in the entire subnet, for example, I ping 1.1.3.42, and then tcpdump captures the packet. An arp request:

The above is the broadcast message sent by this machine. What is the mac address of 1.1.3.42? Soon 1.1.3.42 responded to my mac address. After receiving this reply, cache it first, and the next ping packet does not need to be sent arp broadcast again. Then fill in the mac address into the target Mac (icmp package) in the header of the ping packet, and then send out this icmp request packet, according to the mac address, correctly reach the target machine, and then the other party correctly replies to the icmp reply (the other party’s reply should also check the routing rules, arp checks the sender's mac, so that the packet can be
routed back correctly, skip it).

Take a look at a complete ping 1.1.3.43. The result of tcpdump's packet capture:
I changed the IP address and then pinged the same IP address. If arp has a cache, I can't see the arp broadcast query process.

to sum up

Network packet loss, stuttering, and jitter are easy to be a bag-carrying man. Only by finding the real cause to solve the problem will it be faster, otherwise it will not be right to exert effort in the wrong direction. The exact direction depends on good basic knowledge and correct logic and evidence to support, not guesswork.
● Basic knowledge is a key factor in determining whether you can work until retirement;
● Having basic knowledge does not mean that you can truly transform into productivity;
● The more basic, the more important the foundation that has remained unchanged for decades;
● Knowledge to Flexible use depends on practice, and at the same time, the connection between knowledge can be established;
● In short, the lack of integration and application;
● Be a polite and respectful rejection man;
● When others don’t give evidence and ignorant rejection In this case, your chance is here.

Leave a few small questions:

1. How does the server determine the src-ip and dest-mac in the reply package when it replies to the client?
   Must the dest-ip in the request packet be treated as src-ip?
2. If the above question is TCP or UDP protocol, will the src-ip and dest-mac in their reply packet be different?
3. Since all local area networks rely on Mac addresses to locate, what is the role of IP?