table of Contents
1. Network
Local area network (campus, company level)
Coverage is small, spend money to buy equipment bandwidth, fix and maintain by yourself
For example, the college’s local area network:
The convergence layer switch in the computer room is connected to the switches in each classroom, and the access layer switch in the classroom is connected to the computers.
The network cable between the two is not more than 100 meters, 10M 100M 1000M
The bandwidth of the access layer switch is 100M, and each port is 100M. The bandwidth of the aggregation layer switch is larger than that of the access layer switch.
The standardized LAN should be hierarchical
Wide area network (province, national level)
More than 100 meters, such as telephone line dial-up Internet access, the bandwidth is not fixed, spend money to buy bandwidth, maintenance and other services
Internet (International Class)
It is composed of many ISPs, which are Internet Service Providers.
Each provider has its own computer room to provide Internet connection to netizens.
There is at most one wire connection between the providers, so it may be very slow for me to use the mobile network to access the telecom server.
Some websites will buy a server in each operator's computer room, or a two-line computer room (there are two types of operators in the computer room).
2. IP and MAC
The computer has an IP address.
network segment.
The subnet mask tells the computer where is the network part and where is the host part.
Router role: responsible for forwarding data on different network segments
The router’s port also has a MAC address
The port of the router is equivalent to a network card of the computer, and it also has an address
Gateway: Tell the computer which network segment to go to,Point to the router。
Network card: MAC address (physical address, unique), fixed in the network card at the factory, 48-bit binary.
MAC and IP are physical and logical concepts respectively
The computer sends data packets to the DNS server (the computer is equipped with), DNS resolves the domain name into IP, and returns it to the computer
data pack
Data, source IP, destination IP
Like a letter
The computer data packet has a maximum size of 1500 bytes.
If the data cannot be transmitted at one time, the data frame is numbered.
Data Frame
The data packet plus the source MAC and destination MAC is a data frame.
If you want to send the data packet to the target IP, you need a router. Use MAC to find the router.
Then the router updates the source MAC and target MAC according to the target IP, the shortest path.
The data frame is transmitted to the switch, the switch to the router, the router to the router, finally to the switch, and the switch to the computer.
Client: Give me data
Server: Okay, here you are
Client: Received, give me the next data
Server: Okay, here you are
The server does not know the MAC address of the client, but can know the IP of the client.
Why can't I only use MAC to identify the computer?
If computers all over the world are connected by switches, and routers are not needed, the computers can be identified by MAC only. But this is impossible.
The network card has a buffer, a sending buffer, and a receiving buffer.
3. OSI Reference Model
The 7th floor is derived from the analysis of computer communications by the International Organization for Standardization.
benefit:
Production equipment from different manufacturers can be used together
Each layer is relatively independent, and each module has changes that will not affect another module. This does not mean that there is no relationship between the layers.
The k layer provides services for the k+1 layer.
The idea of stratification is the guiding principle for using the network.
Application layer
All programs that can generate network traffic are not Notepad, but QQ is.
Presentation layer
Something done before transmission.
For example, whether to compress, encrypt, and encode before cutting into data packets for transmission
Session layer
session, which specifies which server interacts with which window of the client.
Enter in cmd to netstat -n
view the session.
As long as there is data transmission with other computers, a session will be established. We can find it.
Enter netstat -nb
who established the conversation.
Transport layer
Realize reliable transmission, flow control, and unreliable transmission.
Reliable transmission: retransmission over time
Flow control: the client sends a data packet to the server to say slower
Unreliable transmission: For example, to check the IP through the domain name to the DNS, the problem can be solved by one data packet of both parties. This kind of communication does not need to establish a session or number the data packet. There is no need to retransmit over time, just do it again.
Network layer
Choose the best path and plan the IP address.
Manually specify the path: through static routing
data link layer
Define the start and end of the frame, transparent transmission, and error checking.
Use special bits to indicate the beginning and the end. When you see the start sign, you receive it and you end when you see the end sign.
Start codon stop codon
Transparent transmission: part of the data is the same as the end bit, a special bit will be inserted in the data, indicating that this is not the real end. The receiving end removes the inserted bit after receiving it.
Error inspection: detect errors, but will not correct them, the correction is done by the transport layer
Physical layer
Define network equipment interface standards, electrical standards, and how to transmit faster on physical links
Interface standard: network cables and network cards produced by different companies can be used
Electrical standards: For example, a few volts represent 1.
4. OSI and network troubleshooting
It should start from the bottom.
Physical layer
Check the connection status, check the size of the data packet sent and received.
data link layer
MAC address conflict, ADSL arrears, network speed cannot be negotiated, computer is connected to the wrong VLAN
Network layer
Wrong IP address, subnet mask, and gateway are configured
There is no route to the destination network on the router
Application layer
Application layer here refers to above the network layer
Application configuration error
5. OSI and cyber security
Physical layer
Unplug the network cable from the unused port of the switch
data link layer
ADSL account password, wireless AP, VLAN, switch port binding MAC address
Network layer
Use ACL on the router to control packet traffic, Windows Advanced Firewall
Application layer
The application layer here refers to above the network layer.
The developed application has no loopholes
SQL injection