TCP/IP protocol suite-analysis of the complete working process (the latest version in 2021)

1. What is TCP/IP

TCP/IP is a set of protocols or systems used for network communication. The TCP/IP protocol model is divided into 7 layers with the OSI model. But in fact, what we are generally talking about is the four-layer TCP/IP protocol stack.

Network interface layer: mainly refers to some physical layer-level interfaces, such as cables, etc.

Network layer: Provides logical addressing independent of hardware and realizes the conversion between physical address and logical address. Network layer protocols include IP protocol (Internet Protocol), ICMP protocol (Internet Control Message Protocol), IGMP protocol (Internet Group Protocol Management)

Transport layer: Provides flow control, error control and confirmation services for the network. The transport layer has two different transport protocols: TCP (Transmission Control Protocol), UDP (User Datagram Protocol)

Application layer: Provide specific program applications for file transfer, network troubleshooting and Internet operation

2. Data packet

In the TCP/IP protocol, data is encapsulated into packets from top to bottom, and then unpacked from bottom to top. So how is the data packaged?

When packing, each layer will add some information for transmission, this part of information is called the header. When the upper layer data arrives at this layer, the data plus the header are packed together to form a new data packet and continue to be passed on to the next layer. When unpacking, it is the other way around, just like a matryoshka. After unpacking the outermost layer, you get the required headers and pass them up.

Next, analyze the working process of the entire TCP/IP protocol from top to bottom

1. Application layer

As the uppermost layer of the TCP/IP protocol, the application layer is actually the one we touch the most.

Since the transmission protocol at the transport layer is roughly divided into TCP and UDP, the corresponding protocol at the application layer is also divided into two parts.

Protocol running on TCP protocol:

HTTP (Hypertext Transfer Protocol), mainly used for ordinary browsing.
HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP overSSL) The secure version of the HTTP protocol.
FTP (File Transfer Protocol, File Transfer Protocol), known by its name, is used for file transfer.
POP3 (Post Office Protocol, version 3, post office protocol), used for receiving mail.
SMTP (Simple Mail Transfer Protocol) is used to send e-mails.
TELNET (Teletype over the Network, network telex), log in to the network through a terminal (terminal).
SSH (Secure Shell, used to replace the poorly secured TELNET), used for encrypted secure login.

Protocol running on UDP protocol:

BOOTP (Boot Protocol), applied to diskless devices.
NTP (Network Time Protocol) is used for network synchronization.
DHCP (Dynamic Host Configuration Protocol, dynamic host configuration protocol), dynamically configure the IP address.

Http protocol workflow

An Http operation is called a transaction, and its entire workflow is as follows:

1) Address resolution

For example, the client browser requests to browse the page: www.baidu.com. In fact, this is a default path, because the protocol name and port number are usually omitted by default, and the path is also omitted when visiting the homepage, so the full path is written as http://www.baidu.com:80/index.html. This is the URL Uniform Resource Locator we often say, which is used to locate the location on the server where we access resources.

From this URL, the protocol name, host name, port number, and path of the access object can be decomposed

Protocol name: http
host name: www.baidu.com
port number: 80 (default port of http protocol)
path: /index.html
At this time, the domain name system DNS protocol is needed to resolve the domain name to get the host's ip.

2) Encapsulate the http request packet

Combine the above part (the server page resource we want to access) to generate a request data packet with your own local information, and encapsulate it into an HTTP request packet. As for the HTTP request data message, click this.

DNS protocol workflow

1) Access the webpage through the domain name

2) The computer will first send the domain name to a server that resolves the domain name

 在其服务器上有很多服务器，能解析各种各样的域名，比如有专门解析.org的，解析.com的，解析.net的。等等，最主要的有一个根域名服务器
 
 域名解析(在服务器上查找IP地址)的过程有两种算法，迭代查询，递归查询。一般是两种查询的结合
 
本机计算机找到其中一台解析域名的服务器(可能是.com)，如果没有找到对应的IP地址，那么就会去找根域名服务器，根域名服务器知道所有的子服务器，所以他肯定知道该域名所对应的IP地址在那个子服务器中，所以告诉第一次查询的服务器要他去另一台服务器上找，找到了，就将其返回给计算机，以后在有另一台计算机也通过这个域名访问，那么第一台服务器会有原来的域名IP地址的缓存，就不用去找根服务器了。

3) Find the server ip address and you can visit

2. Transport layer

The http encapsulation request data packet is then passed to the transport layer, and the tcp protocol part starts to operate. Here, the data packet and the TCP header are generated into a TCP message and packaged into a new data packet.

TCP message structure:

the three-way handshake and four-time wave operation are completed at the transport layer ( click here to view )

3. Network layer

TCP packets arrive at this layer, plus IP packets to generate new IP packets

As mentioned earlier, the network layer is mainly responsible for the conversion of physical addresses (mac) and logical addresses (ip).

ICMP (Internet Control Message Protocol: Internet Control Message Protocol): Mainly responsible for the data exchange between the network layer and the transport layer. It is to more effectively forward IP data messages and improve the chances of successful data message delivery. It is between the transport layer and the transport layer. Protocol between network layers.

ARP (Address Resolution Protocol: Address Resolution Protocol): It is mainly a protocol that resolves IP addresses into MAC addresses.

RARP (Reverse Address Resolution Protocol): On the contrary, it is a protocol that resolves MAC addresses into IP addresses.

IP protocol (Internet Protocol: Internet Protocol): It is the most core protocol in the TCP/IP protocol suite. It provides unreliable, connectionless services, that is, relying on other layer protocols for error control.

Message structure format:

Let’s talk about the IP address:

Each network adapter on the TCP/IP protocol network has a unique ip address

The IP address is a 32-bit address, this address is usually divided into 4 ends, each 8 binary is a segment, but for the convenience of reading, usually each segment is converted to decimal to display, for example, the familiar 192.168.0.1 (local local area network)

The IP address is divided into two parts, one part is the network ID, and the other part is the host ID. However, which part is the network D and which part is the host ID is not clearly defined. Because some networks require few hosts, they are shorter; and some are longer, so host IDs are longer.

Most IP addresses belong to the following categories

    A 类地址：IP 地址的前 8   位代表网络 ID ，后 24 位代表主机 ＩＤ
    B 类地址：IP 地址的前 16 位代表网络 ID ，后 16 位代表主机 ＩＤ
    C 类地址：IP 地址的前 24 位代表网络 ID ，后 8   位代表主机 ＩＤ

From the following figure, it is easy to distinguish which IP address belongs to. For example, my ip address 192.168.0.1 belongs to class C.

Note:
1. The first segment of the decimal number greater than 223 belongs to class D and class E addresses. The two types are special and uncommon, so I won't explain them in detail here.

    2.每一类都有一些排除地址，这些地址并不属于该类，他们是在一些特殊情况使用地址
    
    3.除了这样的方式来划分网络，我们还可以把每个网络划分为更小的网络块，称之为子网

4. Network interface layer

In fact, it can also be divided into data link layer and physical layer

This layer mainly involves some physical transmissions, such as Ethernet, wireless LAN, cables, etc.

When the IP data packet arrives at this layer, it is different! The data link will add a header and a tail to the beginning and the end of the IP datagram to represent the end of the data packet, and encapsulate it into a frame. The head and tail are both 8-digit binary representations, which can be the same or different.

So how are specific data packets transmitted at the link layer?

Link: A point-to-point physical line segment without any other switching nodes in the middle. The popular general is a line, which does not pass through anything. This is a link, and a link is just one part of a path. component

Data link: In addition to physical lines, there must be a communication protocol to control the transmission of these data. If the hardware and software that implement these protocols are added to the link, a data link is formed. In layman's terms, it just passed through some switches, or something.

In the final destination, all road sections are data links, and the data link contains multiple links.

Adapter: the network card, which is used to implement some protocols on the data link.

Frame: What is transmitted on the data link layer is a frame

What if we go down to the physical layer? It becomes a bitstream transmission.

knock off

Repost the original text: cccrush_