Fourth, the network layer
1 Comparison of virtual circuit services and datagram services
| Contrast | Virtual circuit service | IP datagram service |
|---|---|---|
| Ideas | Reliable communication is guaranteed by the network | Reliable communication is guaranteed by the user host |
| Connection establishment | have to | Not needed |
| Destination address | Only used when the connection is established, each packet uses a short virtual circuit signal | Each packet has the complete address of the end point |
| Packet forwarding | Packets belonging to the same virtual circuit are forwarded according to a fixed route | Independent routing for each group |
| When the node fails | The entire virtual circuit cannot continue to work | The failed node may lose packets, and some routes may change |
| Grouping order | Always arrive at the node in the order of sending | The order of arrival at the node is not necessarily the order of sending |
| End-to-end error handling | Responsible by the user host or network | Responsible by the user host |
Longest prefix matching priority: When retrieving the forwarding table, the entry with the longest prefix matching the packet destination address is selected first (entry)
IP data table service adopted by the most popular TCP/IP system today
Because the phone has a single function, the telecommunication network must be responsible for reliably transmitting the voice signal of the user's phone parameters to the other party's phone. Unlike the phone, the computer has a strong error handling capability, so it can be boldly reduced. The requirements of transmitting messages can reduce the success of network transmission, and the reliability of data can be guaranteed by the host system
When grouping occurs on the network, there is no need to establish a connection in advance. Each packet (ie IP datagram) is sent independently, and has nothing to do with the preceding and subsequent packets (no numbering). The network layer does not provide reliable connection services , and of course it cannot guarantee transmission in the network. The quality of the packet (may be wrong, out of order, repetitive, timeout), because the transmission network does not guarantee end-to-end reliable service, which makes the router in the network relatively simple and inexpensive (compared to the switch of the telecommunication network), If the process communication between the host and the end system needs to be reliable, then the transport layer in the host is responsible (error handling, flow control), which greatly reduces the network cost and makes the operation more flexible
Summary: Internet simplified network, complex edge, ATM network, complex network, simplified edge
The network layer of the Internet is a typical IP datagram service. The service mainly provides routing and forwarding. First, routers and other network devices run some routing protocols and store the resulting information in a forwarding table (routing table), and forwarding the information The protocol for the network layer (the network layer corresponds to the IP protocol) is used when processing and forwarding packets. The error information generated during the processing and forwarding process needs to be transmitted to the router/host through the ICMP protocol;
2 IP datagram
The version number field occupies 4 bits: the version number of the IP protocol Eg 4→IPv4, 6→IPv6
The header length field occupies 4 bits: the length of the IP packet header, in units of 4 bytes, and the length of the P header is 20 (5×4) bytes
The type of service (TOS) field occupies 8 bits: indicates what type of service is expected
The total length field occupies 16 bits: the total number of bytes of the IP packet (header + data)
The time-to-live (TTL) field occupies 8 bits: the number of routers (or the number of hops) that the IP packet can pass through in the network. The router forwards the packet once, TTL minus 1 If TTL=0, the router discards the IP packet
The protocol field occupies 8 bits: indicates which protocol data packet is encapsulated by the IP packet, and realizes multiplexing/decomposition. 6 is TCP, which means that the encapsulated is TCP segment; 17 is UDP, which means that the encapsulated is UDP datagram
The header checksum field occupies 16 bits: to realize the error detection of the IP packet header
The source IP address and destination IP address fields each occupy 32 bits: respectively identify the IP address of the source host/router (network interface) sending the packet and the destination host/router (network interface) receiving the packet
The length of the option field is variable, ranging from 1 to 40B: carrying security, source selection path, timestamp and routing records, etc.
The padding field occupies a variable length, ranging from 0 to 3B: the purpose is to fill the entire header, conforming to 32-bit alignment, that is, to ensure that the header length is a multiple of 4 bytes
3 Three stages of IP address
IP address: 32-bit (IPv4) number identifies the interface of the host and router, and uniquely identifies a host in the network
IP address: Network ID (NetID)-high bits,; Host ID (HostID)-low bits
IP subnet: ①The device interface with the same IP address ②The interface that can physically communicate with each other without crossing the router (third and above network devices);
3.1 Classified ip address
1) Each ip address is composed of netid and hostid, benefits
①The ip address management agency only needs to be responsible for the allocation of ip network numbers, and the host number after allocation is divided by the organization
②The router only needs to consider the network number connected to the host to forward the packet, which greatly reduces the storage pressure of the routing table and the time for checking the table;
2) Multi-homing network, if a host is connected to different networks, there may be multiple IP addresses at the same time, because the essence of the IP address is to mark the interface between a host and a link, such as a building at the intersection of two roads It can be called No. 7 Shanda Road or No. 16 Yingxiong Road;
3) The only criterion for judging whether n hosts are in the same network is to see whether they have the same network number. As long as they have the same network number, multiple LANs connected by repeaters or bridges are still one network, and different networks must The LAN of the number must be interconnected by routers;
4) The IP of the host or router of the same LAN must be equal, and the network segment interconnected by the bridge is still a LAN, and there can only be one network number
5) On the network, data is transmitted from one place to another by IP addressing. Logically speaking, there are two steps. The first step is to find the network to which the person belongs from the IP, which is like finding which cell the person belongs to; the second step is to find the location of the host in the network from the IP, which is like finding the person in the cell.
Special IP address
| NetID | HOSTID | As the source address of the ip packet | As the destination address of the ip packet | use |
|---|---|---|---|---|
| All 0 | All 0 | can | Can't | Represents a host in this network, and represents the default (representing the entire Internet) route in the routing table |
| All 0 | host-id | Can't | can | Indicates a specific host in this network |
| All 1 | All 1 | Can't | can | This network broadcast address, router does not forward |
| net-id | All 0 | Can't | Can't | Network address, which represents a network |
| net-id | All 1 | Can't | can | Broadcast to hosts on a specific network |
| 127 | Any number that is not all 0s or all 1s | can | can | Used as a return address for local software testing |
Therefore: There are only 126 (2 to the 7th power minus 2) of the network number of the A type network , where all 0, that is, 0.xxx represents this, which means this network, and all 1s or 127.xxx are used as local software Loopback test, where if the host sends data using the 127.0.0.1 loopback address as the destination address, the data will not be transmitted to any network, but will be processed by the corresponding software in the machine. The address is not a network address at all , In short, sending data with 127.0.0.1 as the destination address is equivalent to letting the sending host process the relevant data. It is common in the case where Client and Server (using virtual host technology) are both served by one host. The same type of network is commonly used . The maximum number of hosts is (2 to the 24th power minus 2) . The host number field of all 0s indicates that the IP address is a single network address connected to the host, for example, the network address where the host 5.6.7.8 is located is 5.0.0.0; 1 means all, and the host number field of all 1s means all hosts in the network. For example, 5.255.255.255 means all hosts on the 5.0.0.0 network
Similarly, the network numbers of B and C are respectively (2 to the 14th power minus 1) (2 to the 21 power minus 1). Because the first few digits of the B and C networks are fixed 01 and 110, it is impossible to have all 0s. However,
128.0.0.0 is not assignable for type B networks, and 192.0.0.0 for type C networks is also not assignable.
3.2 Subnetting
1) Disadvantages of two-level ip address
①The utilization rate of the ip address is low, and the network number will be allocated soon. ②Not flexible enough. If the organization wants to open a new network, it must apply to the relevant organization.
③In order to make up for the above shortcomings, the network ID (NetID)-high bit; SubID-some bits of the original network host number; Host ID-low bit
2) Determine the number of subnets
Subnet address + subnet mask → accurately determine the subnet size
The default subnet mask of
A network is: 255.0.0.0 The default subnet mask of
B network is: 255.255.0.0
The default subnet mask of C network is: 255.255.255.0 Use 3 bits to divide the subnet The subnet mask of network B is: 255.255.224.0
3) Divide the subnet
Subnet 201.2.3.0, 255.255.255.0, divided into 4 subnets of equal length
4) IP address + subnet mask
Bitwise AND operation of the destination IP address and subnet mask of the IP packet to extract the subnet address
Destination IP address: 172.32.1.112, subnet mask: 255.255.254.0
Subnet address: 172.32.0.0
Subnet address range: 172.32.0.0~172.32.1.255
The address range of the subnet can be allocated: 172.32.0.1~172.32.1.254
Subnet broadcast address: 172.32.1.255
3.3 Form a supernet
3.4 Special IP address
The internal and external networks are relative to the firewall. Inside the firewall, they are called the internal network, and vice versa. To a certain extent, the external network is equivalent to the public network, and the internal network is equivalent to the private network. The public network address refers to the address that is directly reachable on the Internet. If you have a public network address, it means that you can not only access others, Can be visited by others. The public network address is an indispensable condition for setting up various servers. The classification of the public network is as follows
1) IP address (public network) classification
- Type A: 10.0.0.0 to 127.255.255.255 are mainly distributed to a large number of hosts and a large network with a small number of LAN networks
- Type B: 128.0.0.0 to 191.255.255.255 generally used for large international companies and government agencies
- Type C: 192.0.0.0 to 223.255.255.255 for general small company campus network research institutions, etc.
- Class D: 224.0.0.0 to 239.255.255.255 are used for special purposes, also known as broadcast addresses
- Type E: 240.0.0.0 to 255.255.255.255 temporarily reserved
2) Private address
The hosts in the network need to communicate and need to use an IP address. At present, the IPv4 addresses that we generally use are divided into five categories: A, B, C, D, and E, which have been listed above, of which A, B, and C are Our common IP address segment. Among these three types of addresses, most of them are public addresses and need to be registered with the Internet Information Center. Three IP address segments are reserved in the IPv4 address, which are used as private addresses for internal networking such as homes, enterprises, and schools.
Except for these three ip address segments which are private ip addresses, the others are public network ip. From the analysis of the above table, we can see that the private network IP is divided into three types of networks: A, B, and C.
These addresses have been declared privatized. Any device in the internal network can use these addresses at will, but IP addresses in these three ranges are not allowed to appear on the Internet (external network). Therefore, our platform is used more in internal networking, such as monitoring projects and company internal computer ip settings and home networks. The most used is 192.168.xx.
Usually, select the private address segment according to the number of hosts that need to be accommodated. The scale of the home network is relatively small, a class C address, 192.168.1.x can accommodate 254 terminals, enough for use.
3) Schools or large enterprises may use Class B or even Class A as the address segment of the internal network. For example, it is very likely that the mobile phone will obtain an internal network address starting with 10 instead of a public network address.
3) NAT address translation
The private network address can only be used in the local area network. Different local area networks can use the same private network address, and the private network address cannot appear on the Internet. So how does the private network address access the Internet? This requires NAT address translation to map internal network addresses to external network addresses. The NAT address translation realizes the mutual conversion between the internal network IP address and the public network address, and converts a large number of internal network IP addresses into one or a small number of public network IP addresses, reducing the occupation of public network IP addresses.
Home networks generally use port mapping. The core of NAT is a mapping table (source IP address, source port, destination IP address, destination port), which maps the source IP address and port of the internal network to the same public network address. Port as shown in the figure below.
In short, due to the relatively small network size of the home network, the private network address starting with 192.168 is usually used. The optical modem dials to obtain a public network address (or the private network address of the operator), which is mapped to this public network address through NAT. Port to access the Internet. Mainly note that the NAT mode and routing mode are different
4) Special IP address
①0.0.0.0
It is not a real IP address anymore, all unclear hosts and destination networks (there is no specific entry in the routing table of this machine to indicate how to reach it), for this machine, it is a " hospital ", all unknown All "three noes" personnel will be sent in;
②255.255.255.255
Restrict broadcast addresses. For this machine, this address refers to all hosts in this network segment (same broadcast domain). If translated into human language, it should look like this: " Everyone in this room pays attention !" Of course, this address cannot be forwarded by the router.
③127.0.0.1 (localhost in Windows)
127.0.0.1 is the IP address, the address of the machine, mainly used for testing. In Chinese, it means " myself ". The ip address cannot appear in the network interface. localhost is a domain name. In the Windows system, it is agreed that 127.0.0.1 is the local IP address. localhost is its corresponding domain name. The configuration is set in the hosts file, the location of the file under Windows is: the hosts file in the C:\Windows\System32\drivers\etc directory
④ 10.X.X.X、172.16.X.X~172.31.X.X、192.168.X.X
Private addresses, these addresses are widely used in the corporate internal network. Some broadband routers also often use 192.168.1.1 as the default address. Since the private network is not interconnected with the outside, it may use arbitrary IP addresses. Reserving such an address for its use is to avoid address confusion when accessing the public network in the future. When accessing the Internet, a private network using a private address must use address translation (NAT) to translate the private address into a public legal address. On the Internet, such addresses cannot appear. For a host on a network, there are three types of legitimate destination network addresses that it can normally receive: the IP address of the machine, the broadcast address and the multicast address