[Reviewing the old and learning the new] Computer network shorthand of computer 408

Knowledge is learned and forgotten, and knowledge is forgotten and learned, so I made a shorthand version, using my own understanding to record the knowledge points I think are more important in various disciplines, so as to facilitate review and memory.

ISO/OSI reference model and TCP/IP model?

Answer: The OSI reference model contains a total of seven layers, from top to bottom, the application layer, the presentation layer, the session layer, the transport layer, the network layer, the data link layer and the physical layer. The application layer is mainly to provide data transmission services for specific applications, including file transfer, file management, e-mail information processing, etc.; the presentation layer is mainly to ensure that messages sent by the application layer of one system can be read by the application layer of another system. , including data format processing, data encryption, data compression and recovery, etc.; the session layer is mainly responsible for establishing, maintaining and terminating communication between two nodes in the network; the transport layer is mainly to provide general data transmission services for the process, including reliable and unreliable Transmission, error control, flow control, multiplexing and demultiplexing, etc.; the network layer mainly provides data transmission services for the host, including routing, error control, flow control, congestion control, etc.; the data link layer is mainly for the same link The host provides data transmission services, including framing, error control, flow control, access control, etc; difference in means.

What is the difference between circuit switching, message switching and packet switching?

Answer: Circuit switching: The bit stream of the entire message goes from the source point to the destination point continuously, like being transmitted in a pipeline, including three stages of establishing a connection, transmitting data and disconnecting the connection. The most typical circuit-switched network is the traditional telephone network. ; Its advantages are small delay, orderly transmission, and no conflict; but it has the disadvantage of long connection time and exclusive line. Message exchange: forward the entire message to adjacent nodes, store them all, look up the forwarding table, and forward to the next node, which is a store-and-forward network; its advantages are that there is no need to establish connections, dynamically assign routes, and line utilization. High; but it has the disadvantage of requiring large storage and buffer space due to the forwarding delay and the lack of control over the packet size. Packet switching: forwards packet packets to adjacent nodes, looks up the forwarding table, and forwards to the next node, which is also a store-and-forward network; its advantages are to speed up transmission and simplify storage management; but it has the disadvantage of large workload and possible packet switching. Lost, need group sorting.

computer network architecture? (Summary of basic knowledge)

Answer: A computer network is a system that connects various decentralized computer systems with independent functions through communication equipment and lines, and realizes resource sharing and information transmission by well-functioning software. The main components are the core part and the edge part: the core part is composed of a large number of networks and routers, which are responsible for providing connectivity and switching services for the edge part; the edge part is composed of hosts directly used by users for communication and resource sharing. The main functions are data communication (transmission of various information between Internet computers) and resource sharing (software sharing, hardware sharing, data sharing). The main categories are: wide area network, metropolitan area network, local area network, personal area network according to the distribution range; broadcast network according to transmission technology (all networked computers share a common communication channel, when a computer uses the channel to send messages, All other computers will listen to the packet) and point-to-point networks (each physical line connects a pair of computers, and if there is no direct connection between the two hosts in communication, the packet transmission between them will go through an intermediate node. According to the topology, there are bus, star, ring, and mesh; according to users, there are public networks and private networks; according to switching technology, there are circuit switching, message switching, and packet switching. ; According to the transmission medium, there are wired network and wireless network. Service classifications are: connection-oriented service (TCP) and connectionless service (UDP), reliable service (error detection, error correction, response) and unreliable service (cannot guarantee data correctness), response service (file transfer service) and no Answer service (WWW service). End-to-end communication and point-to-point communication: The communication subnet composed of physical layer, data link layer and network layer provides point-to-point services for hosts in the network environment, and is composed of session layer, presentation layer and application layer. The resource subnet provides end-to-end communication for processes in the network. Point-to-point communication can distinguish hosts. End-to-end communication is based on point-to-point communication and can distinguish processes. Communication mode: one-way communication, that is, only one direction of communication and no interaction in the opposite direction; half-duplex communication, that is, both parties of the communication can send messages, but not at the same time; full-duplex communication: that is, both parties can communicate at the same time Send or receive messages.

Frequency division multiplexing, time division multiplexing, wavelength division multiplexing, code division multiplexing?

Answer: Frequency Division Multiplexing (FDM): Different channels divided by frequency, all users of FDM occupy different bandwidth resources at the same time; Time Division Multiplexing (TDM): Different channels are divided according to time, time division multiplexing All the multiplexed users occupy the same frequency bandwidth at different times; wavelength division multiplexing (WDM): optical frequency division multiplexing, transmits a variety of optical signals of different wavelengths in one optical fiber. Optical signals do not interfere with each other, and finally use wavelength division multiplexer to separate different wavelengths; code division multiplexing (CDM): each user can use the same frequency band for communication at the same time, because each user uses a special selection different code patterns, so there will be no interference between users.

data link layer? (three basic questions)

Answer: The channels used by the data link layer: point-to-point channel and broadcast channel.

Encapsulation into a frame: Encapsulation into a frame is to add a header and a tail before and after a piece of data, and then form a frame to determine the boundaries of the frame. An important role of the header and the trailer is to delimit the frame.

Transparent transmission: The data link layer of the sender inserts an escape character "ESC" before the control character "SOH" or "EOT" appears in the data. The data link layer at the receiving end removes the inserted escape characters before sending the data to the network layer. If escape characters also appear in the data, then an escape character should be inserted before the escape character. When the receiving end receives two consecutive escape characters, it deletes the preceding one.

Error checking: Bit errors may occur during transmission: 1 may become 0 and 0 may become 1. In the frames transmitted by the data link layer, the error detection technique of cyclic redundancy check (CRC) is widely used.

Point-to-point channel: PPP protocol.
Broadcast channels: CSMA/CD, CSMA/CA.

"Carrier sense" means that each station must check whether there are other computers sending data on the bus before sending data. If so, do not send data temporarily to avoid collision.
"Multipoint access" means that many computers are connected to a bus in a multipoint manner.
"Collision detection" means that the computer detects the signal voltage on the channel while sending data.

Binary exponential type backoff algorithm: After the colliding station stops sending data, it must delay (backoff) a random time before sending data.

The base backoff time is taken as the contention period (end-to-end round-trip delay).
A number is randomly selected from the set of integers [0,1,..., (2k-1)], denoted as r, and the delay required for retransmission is r times the basic backoff time.
The parameter k is calculated according to the following formula: k = Min[number of retransmissions, 10].
When k<=10, the parameter k is equal to the number of retransmissions.
When the retransmission 16 times still fails, the frame is discarded and reported to the upper layer.

Ethernet switches: share network bandwidth.

Flow control: Due to the difference between the working speed and buffer space of the sender and receiver, it may happen that the sender's sending capacity is greater than the receiver's receiving capacity. Information flow), frames that are too late to receive will be "overwhelmed" by frames that are continuously sent later, resulting in loss of frames and errors.

Network layer? (network + routing)

Answer: Network: IP address classification, subnetting, subnet mask, CIDR without classification addressing.

IP address classification: each type of address consists of two fixed-length fields, one of which is the network number net-id, which identifies the network the host (or router) is connected to, and the other field is the host number host -id, which identifies this host (or router). (convenient to manage)

Subnet division: All IP datagrams sent from other networks to a certain host of the unit are still based on the destination network number net-id of the IP datagram, and the router connected to the unit's network is first found. Then the router finds the destination subnet according to the destination network number net-id and subnet number after receiving the IP datagram. Finally, the IP datagram is directly delivered to the destination host. (increase host utilization)

Subnet mask: From the header of an IP datagram, it is impossible to determine whether the network connected to the source host or the destination host is subnetted. Using the subnet mask can find out the subnet part of the IP address. (find the subnet number of the destination host)

Classless Addressing: CIDR eliminates the traditional concept of class A, B, and C addresses and subnetting, allowing for more efficient allocation of IPv4 address space. CIDR uses "slash notation", which is also known as CIDR notation, that is, add a slash "/" to the IP address, and then write the number of bits occupied by the network prefix (this value corresponds to the three-level addressing number of 1s in the subnet mask). (Solve the problem of inconvenient subnet mask and effectively allocate IPv4 address space)

Routing: Autonomous System, Interior Gateway Protocol, Exterior Gateway Protocol. (dynamic routing algorithm)

RIP: Distance vector based routing protocol.

① Only exchange information with neighboring routers.
②The information exchanged is all the information currently known by the router, that is, its own routing table.
③ Exchange routing information at regular intervals, for example, every 30 seconds.

Distance vector algorithm: Receive a RIP packet from an adjacent router (its address is X):
(1) First modify all items in this RIP packet: change the address in the "next hop" field to X, And add 1 to all the "distance" fields.
(2) Repeat the following steps for each item in the modified RIP message:
if the destination network in the item is not in the routing table, add the item to the routing table.
Otherwise, if the router address given in the next hop field is the same, the received entry will be replaced with the entry in the original routing table.
Otherwise, if the distance in the received item is less than the distance in the routing table, update it.
Otherwise, do nothing.
(3) If the updated routing table of the adjacent router has not been received within 3 minutes, the adjacent router is recorded as an unreachable router, that is, the distance is set to 16 (distance of 16 means unreachable).
(4) Return.

OSPF: Based on Link State Protocol.

①Send information to all routers in this autonomous system. The method used here is the flooding method.
②The information sent is the link status of all routers adjacent to this router, but this is only part of the information that the router knows. "Link state" is to describe which routers this router is adjacent to, and the "metric" of the link.
③ Only when the link state changes, the router sends this information to all routers by flooding.

BGP: Based on Path Vector Protocol.

① To the BSP speaker of the neighboring station of other AS.
② Exchange network reachability information, that is, reach a series of ASs in a certain network.
③ Exchange only when there is a change.

The difference between IPv4 and IPv6: the address field of IPV4 has 32 bits, and the address field of IPV6 has 128 bits; and IPV6 does not allow fragmentation; the option field of IPv4 is also deleted; IPV6 adds flow labels, which can distinguish the type of flow;

ARP: The ARP protocol is a TCP/IP protocol that obtains the MAC physical address based on the IP address.

transport layer? (TCP+UDP)

Answer: The difference between TCP/UDP:

①TCP is connection-oriented, UDP is connectionless;
②TCP is reliable, but UDP is unreliable;
③TCP only supports point-to-point communication, while UDP supports one-to-one, one-to-many, many-to-one, and many-to-many communication modes;
④TCP is byte stream-oriented, UDP is packet-oriented;
⑤TCP has a congestion control mechanism; UDP has no congestion control and is suitable for media communication;
⑥TCP header overhead (20 bytes) is higher than UDP header overhead (8 bytes) to be large

The presence of too many packets in the network causes packets to be delayed or lost, thereby reducing the transmission performance of the entire network, a condition called congestion. If network congestion occurs, the performance of the network will drop significantly, and the throughput of the entire network will drop with the increase of the input load. Four algorithms for congestion control:

① Slow start algorithm ② Congestion avoidance algorithm ③ Fast retransmission algorithm ④ Fast recovery algorithm

Fast retransmission means that three consecutive acknowledgments are received and immediately retransmitted, so that there will be no timeout and the sender will not mistakenly believe that there is network congestion. (slow start threshold)

Three handshakes, four waves:

Why the three-way handshake: In order to prevent the failed connection request segment from being suddenly transmitted to the server, resulting in an error. Invalid connection request segment: The first connection request segment sent by the client was not lost, but stayed at a network node for a long time, so that it was delayed until a certain time after the connection was released. server. Originally this was a long-defunct segment. However, after the server receives the invalid connection request segment, it mistakenly believes that it is a new connection request sent by the client again. So it sends a confirmation segment to the client and agrees to establish a connection. Assuming that the "three-way handshake" is not used, as long as the server sends an acknowledgement, a new connection is established. Since the client has not issued a request to establish a connection now, it will ignore the confirmation of the server and will not send data to the server. But the server thinks that a new transport connection has been established and has been waiting for the client to send data. In this way, many resources of the server are wasted in vain. The "three-way handshake" approach can prevent the above phenomenon from happening.

Why must wait 2MSL time: First, in order to ensure that the last ACK segment sent by A can reach B. Second, prevent the "invalid connection request segment" from appearing in this connection. After A has sent the last ACK segment, and 2MSL has elapsed, all segments generated within the duration of this connection can disappear from the network. In this way, the old connection request segment will not appear in the next new connection.

application layer?

A: The sequence of events that occurs after the user clicks the mouse is as follows (take the website of Tsinghua University as an example):

1) The browser analyzes the URL the link points to the page.
2) The browser requests the DNS to resolve the IP address.
3) The domain name system DNS resolves the IP address of the Qingbi University server.
4) The browser establishes a TCP connection with the server (the default port number is 80).
5) The browser makes an HTTP request.
6) The server sends the file to the browser via an HTTP response.
7) The TCP connection is released.
8) The browser interprets the file and displays the web page to the user.

The difference between HTTP and HTTPS: Port: HTTP URLs start with "http://" and use port 80 by default, while HTTPS URLs start with "https://" and use port 443 by default. Security and resource consumption: The HTTP protocol runs on top of TCP, and all transmitted content is in clear text, and neither the client nor the server can verify the identity of the other party. All transmitted content of HTTPS is encrypted. HTTP is not as secure as HTTPS, but HTTPS consumes more server resources than HTTP. Cost: The https protocol needs to go to ca to apply for a certificate. Generally, there are few free certificates, so a certain fee is required.

DNS (URL to IP): local, root, top-level, authority.
Recursion (let someone else do it) Iterative (do it yourself)

Client：socket connect send close
Server：socket bind listen accept recv close

Replenish

How does the host determine whether the destination host and itself are in the same network segment?

Answer: The host performs a "logical AND" operation on its own IP address and the subnet mask, and then performs a "logical AND" operation on the destination IP address and its own subnet mask. If the results of the two network numbers obtained are the same, then You can judge that the destination host and yourself are in the same network segment, otherwise, it means that the destination host and yourself are not in the same network segment.

What is the difference between synchronous communication and asynchronous communication?

Answer: Synchronous communication requires the clock frequency of the receiver to be the same as the clock of the sender, and the sender sends a continuous bit stream; asynchronous communication does not require synchronization of the clock of the receiver and the sender. After the sender sends a byte, it can The next byte is sent after an arbitrarily long time interval.

The efficiency of synchronous communication is high; the efficiency of asynchronous communication is low.

Synchronous communication is more complex, and the allowable error of the clocks of both parties is small; asynchronous communication is simple, and the clocks of both parties can allow a certain error.

Synchronous communication can be used for point-to-multipoint, and asynchronous communication is only suitable for point-to-point.

What is the difference between a virtual circuit and a datagram?

Answer: The characteristic of virtual circuit is that a virtual circuit must be set up through virtual call before data transmission, which is suitable for long-term data exchange between two ends.
The advantages are: reliable transmission, the data can be guaranteed to arrive in order.
The disadvantage is: if the channel is faulty, all data passing through the fault point will be lost. .

A characteristic of datagrams is that they need to be reassembled at the destination.
The advantage is that the point of failure can be bypassed if there is a failure.
The downsides are: there is no guarantee that the data will arrive in order, and data loss is not immediately known.

What is a subnet mask?

Answer: The subnet mask can indicate how the host address segment in the IP address is divided into subnet addresses and host numbers. The IP protocol specifies that the combination of all 0s and all 1s represents the network address and the broadcast address. The rule for formulating the mask is that each bit of the network number is all 1, and each bit of the host number is all 0.

Since the frames transmitted on the network link finally find the destination host according to the hardware address, why do we not directly use the hardware address for communication, but use the abstract IP address and call ARP to find the corresponding hardware address?

A: Since there are various networks around the world, they use different hardware addresses. To enable these networks to communicate with each other, it is necessary to perform very complex hardware address translation work. It is almost impossible for the user host to complete this work, but this complex problem can be solved by using a unified IP address. Hosts connected to the Internet all have a unified IP address, and the communication between them is as simple and convenient as connecting to the same network, because calling ARP to find the hardware address of a router or host is automatically performed by computer software. , the user is not responsible for this calling process.

Finished, sprinkle flowers.