Common options of ping command in windows system:
-t 参数会一直不停的执行ping
-a 参数可以显示主机名称
-l 参数可以设定ping包的大小 ###在Linux系统下为:-s
–n 指定发送包的个数 -c
–S 指定源IP去ping -I
跟踪路由路径命令:
WIN: tracert IP/域名
Linux: traceroute IP/域名
Functions of the network layer
- Defines the logical address based on the IP protocol
- Connect different media types
- Choose the best path for data to travel through the network
IP packet format
Version field: Version (Version): This field contains the version number of the IP, 4bit. The current IP version is 4 (ie IPv4).
Header
Length: This field is used to indicate the length of the IP data packet header, 4 bits. The minimum length of the IP packet header is 20 bytes, but its length is variable. The specific length depends on the length of the optional field.Priority and Type of
Service (Priority, Type of Service): This field is used to indicate the priority and service type of the data packet, 8bit. By dividing a certain priority in the data packet, it is used to achieve Qos (Quality of Service) requirements.Total Length: This field is used to indicate the length of the entire IP data packet, 16 bits. The longest is 65535 bytes, including the header and upper layer data.
Identifier (Identification): This field is used to indicate the identifier of the IP data packet, 16bit. When IP fragments the same data of the upper layer data, assigns the same group of numbers, and then puts these numbers in the identifier field to ensure that the fragments will not be reorganized by mistake.
Flags: Standard field, 3bit. The current packet cannot be fragmented, or whether the last fragment has been sent after a packet is fragmented.
Fragment Offset: This field is used to indicate the fragment offset, 13 bits. The information contained refers to how to reconnect the fragments in a fragment sequence.
TTL (Time to
live): Used to indicate the life cycle of IP data packets, 8bit. Every time a packet passes through a router, the TTL will be reduced by 1. When the value is 0, the packet will be discarded. It can prevent data packets from circulating wirelessly in the network, causing network congestion.Protocol number (Protocol): Protocol field, 8bit. It is used to indicate which protocol is encapsulated in the IP packet, is it TCP or UDP, the protocol number of TCP is 6, and the protocol number of UDP is 17.
Header Checksum: This field is used to indicate the checksum, 16bit. Used to verify whether the data has been changed.
Source IP Address: This field indicates the source address of the data packet, 32 bits.
Destination IPAddress: This field is used to indicate the destination address of the data packet, 32bit.
Options (Options): The optional field can be lengthened according to actual conditions, and there are multiple options that can be used with IP. After the option is the upper data.
ARP working principle:
- 1. PC1 wants to send data to PC2, it will first check its own ARP cache table.
- 2. If it is found that the MAC address to be searched is not in the table, an ARP request broadcast will be sent to find the MAC address of the destination. The ARP request message includes the IP address and MAC address of PC1 and the IP address and destination MAC address of PC2 (in this case, the broadcast MAC address FF-FF-FF-FF-FF-FF).
- 3. After the switch receives the broadcast, it performs flooding processing. All hosts except PC1 receive the ARP request message, and PC2 sends the ARP response in unicast mode, and caches the correspondence between PC1's IP address and MAC address in its ARP table , And other hosts discard the ARP request message.
- 4. PC1 adds the correspondence between PC2's IP address and MAC address in its own ARP table, and communicates with PC2 in unicast mode.
ARP command in windows system:
arp -a ###查看ARP缓存表
arp -d [IP] ###清除ARP缓存
arp -s IP MAC ###ARP静态绑定
If it prompts that the ARP entry failed to be added, the solution:
a、用管理员模式:电脑左下角“开始”按钮右键,点击“Windows PowerShell(管理员)(A)” 或者 进入C盘windows\system32文件夹找到cmd.exe,右键“以管理员身份运行” 再执行arp -s命令
b、 (1)netsh interface ipv4 show neighbors 或者netsh i i show in <查看网卡接口序号/Idx>
(2)netsh interface ipv4 set neighbors <接口序号> <IP> <MAC>
解除静态绑定
netsh -c i i delete neighbors 'Idx'
动态学习到的ARP的老化时间是120s,并且静态绑定的ARP条目在计算机关机或重启后会消失。
华为系统中的ARP命令
[Huawei]dis mac-address ###查看mac 地址信息
[Huawei]arp static <IP> <MAC> ###绑定ARP
[Huawei]undo arp static <IP> <MAC> ###解绑定
<Huawei>reset arp all ###清除mac地址表