computer network --- IP

1. IP

1.1 Format of IP header

• Version : Indicates the version number of the IP header. The version number for IPv4 is 4
• Header length : When there is no option, the length of the IP header is 20 bytes.
• Service Type : Consists of 8 bits, a 3-bit priority field (deprecated), a 4-bit TOS field, and a 1-bit reserved field (must be set to 0). The 4-bit TOS represents: minimum delay, maximum throughput, maximum reliability, and minimum cost. These four conflict with each other, only one can be chosen
• Total length : The field is 16 bits long, so the maximum length of an IP packet is 65535 bits.
• Identifier : (ID) is used for shard reorganization. The identifier value of the same shard is the same, and the identifier value of different shards is different.
• Flags : (Flags) is 3 bits long. The first bit reserved (unused) must now be 0. The second bit is 1 to prohibit fragmentation. At this time, if the packet length exceeds the MTU, the IP module will discard the packet. The third bit means "more shards", if bit 0 is the last shard, and 1 means there is more.
• Fragment offset : used to identify the position of each fragment to be fragmented relative to the original data. The value corresponding to the first fragment is 0
• Time to Live : (TTL) This field indicates how long an IP datagram can survive on the network at most. Each time it passes through a router, the TTL will decrease by 1, and the packet will be discarded until it becomes 0.
• Protocol : Refers to which protocol of the transport layer to send the payload content to when the current data is received by the receiver and shared.
• Header checksum : Similar to CRC, only the header needs to be checked here, and the payload part has been checked by other protocols.
• Source address : composed of 32 bits, indicating the IP address of the sender
• Destination address : composed of 32 bits, indicating the IP address of the receiver

Note: IPv6 uses 16 bytes to represent IP addresses.

1.2 Solve the problem of insufficient IP address.

① Dynamic IP allocation

When a device is connected to the network, it will be allocated. If it is not connected to the network, it will not be allocated.
(It does not completely solve this problem)

② NAT mechanism. Network address replacement

Use an IP address to represent a group of hosts.

• NAT can convert private IP to global IP when communicating externally. That is, a technical method to convert private IP and global IP to each other:
• Many schools, families, and companies use each terminal to set a private IP, and set a global IP on the router or necessary server
  ;
• The global IP is required to be unique, but the private IP is not required; the appearance of the same private IP in different LANs is completely unaffected;

LAN IP :

1. 10.*
2. 172.16.* ~ 172.31.*
3. 192.168.*

The process of NAT IP translation

• The NAT router replaces the source address from 10.0.0.10 with the global IP 202.244.174.37;
• When the NAT router receives external data, it will replace the target IP from 202.244.174.37 back to 10.0.0.10;
• Inside the NAT router, there is an automatically generated table for address translation;
• When 10.0.0.10 sends data to 163.221.120.9 for the first time, the mapping relationship in the table will be generated;

NAPT

Then the problem comes, if there are multiple hosts in the LAN accessing the same external network server, then the destination IP is the same in the data returned by the server. So how does the NAT router determine which LAN host to forward the packet to?
Use IP+port to establish this association

Defects of NAT Technology

• A connection cannot be established from outside the NAT to the internal server;
• The generation and destruction of the conversion table requires additional overhead;
• Once the NAT device is abnormal during the communication process, even if there is a hot backup, all TCP connections will be disconnected;

1.3 Network segment division

It is required that the hosts in a LAN must have the same network number and different host numbers.
Two adjacent LANs must have different network numbers.

• Network number : identifies the network segment , and ensures that the two network segments connected to each other have different identifiers
• Host number : identifies the host , within the same network segment, the hosts have the same network number, but must have different host numbers

1.4 Subnet mask

The subnet mask is very characteristic. The left half is all 1, and the right half is all 0.
Then perform a bitwise AND operation on the subnet mask and the ip address, and the result is the network number.

Calculation

Perform a "bitwise AND" operation on the IP address and the subnet mask (binary same bits, AND operation, both are 1, the result is 1, otherwise it is 0), and the result is the network number.
Invert the subnet mask binary bit by bit, and then calculate it with the IP address bit to get the host number.

	decimal	binary
IP address	180.210.242.131	10110100.11010010.11110010.10000011
subnet mask	255.255.248.0	11111111.11111111.11111000.00000000
network number	180.210.240.0	10110100.11010010.11110000.00000000
host number	0.0.2.131	00000000.00000000.00000010.10000011

1.5 Special IP addresses

1. If the host number is all 0, this IP represents the network number, which means the current network segment
2. If the host number is 1, this IP usually represents the "gateway" of the current network segment. (The entrance and exit of the router)
3. If the host number is all 1, this IP means "broadcast IP"
4. 127.* (127.0.0.1 loopback IP means this machine)

2. Data link layer

2.1 Ethernet Frame Format

• The "destination address" here refers to the mac address
• The "source address" here refers to the IP address
• The frame protocol type field has three values, corresponding to IP, ARP, and RARP respectively;
• The end of the frame is the CRC check code

2.2 MAC address

• MAC addresses are used to identify connected nodes in the data link layer;
• The length is 48 bits, and 6 bytes. It is generally expressed in the form of a hexadecimal number plus a colon (for example: 08:00:27:03:fb:19)
• It is determined when the network card leaves the factory and cannot be modified. The MAC address in the virtual machine is not the real MAC address and may conflict; some network cards also support the user to configure the MAC address

2.3 MAN

MTU is equivalent to the limit on the size of the package when sending express. This limitation is the limitation caused by the physical layers corresponding to different data links.

• The data length in the Ethernet frame specifies a minimum of 46 bytes and a maximum of 1500 bytes. The length of the ARP data packet is less than 46 bytes, and padding bits should be added later;
• The maximum value of 1500 is called the maximum transmission unit (MTU) of Ethernet, and different network types have different MTUs;
• If a data packet is routed from the Ethernet to the dial-up link, and the length of the data packet is greater than the MTU of the dial-up link, the data packet needs to be fragmented;
• The MTU of different data link layer standards is different;

The effect of MTU on IP protocol.

Due to the limitation of the MTU of the data link layer, the larger IP data packets need to be sub-packaged.

• Divide larger IP packets into multiple small packets and label each small packet;
• The 16-bit identifier (id) of each packet IP protocol header is the same;
• In the 3-bit flag field of the IP protocol header of each small packet, the second bit is 0, indicating that fragmentation is allowed, and the third bit is the end marker (whether the current is the last small packet, if it is, it is set to 0, otherwise it is set to 1 );
• When arriving at the opposite end, these small packets will be reorganized in order, assembled together and returned to the transport layer;
• Once any of these packets is lost, the reassembly at the receiver will fail. But the IP layer will not be responsible for retransmitting the data;

The effect of MTU on the UDP protocol.

• Once the data carried by UDP exceeds 1472 (1500 - 20 (IP header) - 8 (UDP header)), it is split into multiple IP datagrams at the network layer.
• If any one of these multiple IP datagrams is lost, it will cause the network layer reassembly of the receiver to fail. Then this means that if the UDP datagram is fragmented at the network layer, the probability of the entire data being lost is greatly increased

The effect of MTU on the TCP protocol.

• A datagram of TCP cannot be infinitely large, and it is still subject to MTU. The maximum message length of a single datagram of TCP is called MSS (Max Segment Size);
• In the process of establishing a connection in TCP, both parties will conduct MSS negotiation.
• Ideally, the value of MSS is exactly the maximum length at which the IP will not be fragmented (this length is still subject to the MTU of the data link layer).
• When sending SYN, both parties will write the MSS value they can support in the TCP header.
• Then, after both parties know the MSS value of the other party, they choose the smaller one as the final MSS.
• The value of MSS is in the 40-byte variable length option in the TCP header (kind=2);

2.4 ARP protocol

The ARP protocol establishes a mapping relationship between host IP addresses and MAC addresses.

• During network communication, the application program of the source host knows the IP address and port number of the destination host, but does not know the hardware address of the destination host;
• The data packet is first received by the network card and then processed by the upper-layer protocol. If the hardware address of the received data packet does not match the local machine, it will be discarded directly;
• Therefore, the hardware address of the destination host must be obtained before communication

The workflow of the ARP protocol

• The source host sends an ARP request, asking "what is the hardware address of the host whose IP address is 192.168.0.1", and broadcasts the request to the local network segment (the hardware address in the header of the Ethernet frame is filled with FF:FF:FF:FF:FF :FF for broadcast);
• When the destination host receives the broadcast ARP request and finds that the IP address is consistent with the local machine, it sends an ARP response packet to the source host, and fills in its own hardware address in the response packet;
• Each host maintains an ARP cache table, which can be viewed with the arp -a command. Entries in the cache table have an expiration time (usually 20 minutes). If an entry is not used again within 20 minutes, the entry will be invalid, and an ARP request will be sent next time to obtain the hardware address of the destination host.

3. DNS

What is DNS

DNS, the Domain Name System, domain name system. DNS is a complete system of mapping from domain names to IPs.

The domain name is a string, such as www.baidu.com, hr.nowcoder.com The
domain name system is a tree-structured system, including multiple root nodes. in:

1. 
   The root node is the root domain name server. The earliest IPv4 root domain name server was only 13 in the world, and IPv6 has expanded the number on this basis .
2. Sub-nodes are mainly composed of DNS servers at all levels, or DNS caches.
   DNS domain name server, that is, the server that provides domain name translation into IP address.
   DNS caches are stored in browsers, host systems, and routers.
   DNS for Windows systems is cached in the C:\Windows\System32\drivers\etc\hosts file , and DNS for Mac/Linux systems is cached in the /etc/hostsfile.

The current DNS server can not withstand the world's access.

Solution 1

The browser/client itself will cache the domain name resolution result.
This avoids a lot of unnecessary DNS requests

Solution 2

There is not only one DNS server! There are multiple ~ also known as the root domain name server.

Solution 3

In order to further reduce the pressure, various network operators will also build their own domain name server mirrors.

Solution 4

When mirroring the DNS server, it can be further divided according to the domain name.

4. Interview questions

What happens after entering a URL from a browser?

1. According to the input domain name, query the corresponding IP address

• Query whether the browser's own cache has a corresponding IP
• Query whether the system file (hosts file) has a corresponding IP
• Check whether the router cache has the corresponding IP
• Query DNS server

2. Construct an HTTP request

• First perform a TCP three-way handshake to establish a connection
• The transport layer encapsulates the TCP data to the network layer, the network layer encapsulates the TCP data into IP datagrams and hands it to the data link layer, and the data link layer encapsulates the data into Ethernet data frames. It involves the mapping of IP addresses to MAC addresses, and relies on the ARP protocol), handed over to the physical layer, and the physical layer converts the data into electrical signals and continues to transmit
• The physical layer sends the data to the data link layer, and the data link layer parses the data and then hands it to the network layer. The router gets the IP datagram in the network layer, takes out the destination IP, queries the routing table, and finds the next transmission. target, and then find the MAC address of the next target to be published. Encapsulate again.
• At this time, the data reaches the receiver again, and the data needs to be divided. The physical layer converts the photoelectric signal into an Ethernet data frame and sends it to the data link layer. The data link layer parses the IP datagram and sends it to the network layer. The IP protocol Then parse, parse out the TCP datagram, find the corresponding process according to the port number in the TCP datagram, and put the data into the receiving buffer of the corresponding socket

3. Parse HTTP request and respond

• The application calls the corresponding socket api to read the data from the TCP receiving buffer. The application layer parses the data according to the HTTP protocol and obtains the URL. According to the path specified in the URL, it is known to obtain / this root path
• The server will configure the path / and map it to a specific html file. The server will read the file, construct the content of the file into an HTTP response data, and then call the socket api to send
• It repeats the encapsulation and demultiplexing. Finally, it is sent to the user host.
• After the user host reuses it repeatedly, the data is taken out and handed over to the application.

4. According to the obtained HTTP response message, parse the message and get the HTML content.

5. Render according to HTML.