Summary of the knowledge points of network communication for non-college students

1. Network Model

There are two network models, one is the OSI model and the other is the TCP/IP model, which is more widely used. The TCP/IP model is also mainly introduced here.

(1) TCP/IP model

First, it is divided into 4 layers, from top to bottom, the application layer, the transport layer, the network layer, and the data link layer. The OSI model divides the network into: application layer, presentation layer, session layer, transport layer, network layer, data link layer, and physical layer. The application layer of TCP/IP is a collection of application layer, presentation layer, and session layer in the OSI model, and because the physical layer is not a problem we often consider, the TCP/IP model does not count the physical layer.

1. Data link layer

The core of the data link layer is the Ethernet protocol. The Ethernet protocol stipulates that a group of electrical signals is a data packet, called a vibration, each frame (frame) is divided into header (head) and data (data), the header contains some descriptive things, such as sender, receiver , and data types etc. For example, when a computer sends a data packet out, it will broadcast to the network cards of all computer devices in the local area network (subnet), and then each device obtains the receiver's mac address from the data packet and compares it with the mac address of its own network card. Explain that this is a packet sent to yourself.

2. Network layer

A set of IP protocols is defined, including IPV4 and IPV6. Taking IPV4 as an example, it consists of 32 binary digits and is represented by 4 decimal digits.

IP addresses are divided into three categories:

• Type A: The first byte is the network number, and the last three bytes are the host number. The first part of this type of IP address is "0", so the network number of the address ranges from 1 to 126. Generally used for large networks.
• Class B: The first two bytes are the network number, and the last two bytes are the host number. The prefix of this type of IP address is "10", so the network number of the address ranges from 128 to 191. Typically used for medium-sized networks.
• Class C: The first three bytes are the network number, and the last byte is the host number. The prefix of this type of IP address is "110", so the network number of the address ranges from 192 to 223. Generally used for small networks.

These three types of IP addresses form a three-tier network, which divides the network into three layers, and different subnets are forwarded through the upper-layer gateway.

communication between ip

• Communication on the same subnet:

How to communicate between ip, there is a concept of subnet and subnet mask. For example, 192.168.56.1 and 192.168.56.2 judge whether it is a subnet, the subnet mask is 255.255.255.0, the subnet mask is used to perform AND operation with the ip address, and whether a value obtained is exactly the same to judge whether it belongs to a subnet. The bitwise AND of 192.168.56.1 and 255.255.255.0 is the same as that of 192.168.56.2 and 255.255.255.0, both of which are 192.168.56.0, that is, they are the same subnet. Ip between the same subnet can directly communicate with the network, because all devices in the subnet will upload their own ip address and mac address mapping, and the device will cache the IP address and mac address mapping of other devices in the same subnet. When the IP protocol layer data packet is used, the ARP cache can be quickly queried with the target IP, and the data link layer data packet can be constructed with this mac address.

• Communication on different subnets

So how are different subnets connected? This is where the gateway comes into play, which has multiple NICs. Take the router at home as an example, which is also a gateway. The router has a network card connected to the gateway of the department, and a network card connected to the internal equipment. Of course, the router is connected to the gateway using a public network ip. There is a concept of NAT translation. The router is equipped with NAT software, which can connect the private network (that is, our own home is connected to all the network devices of this router) The private ip Converting to the same public network ip is mainly to solve the problem of insufficient ip, because the ipv4 protocol has only a few bits, and the ip is definitely not enough. The router plays the role of a forwarder between the internal network and the public network. Of course, there is also a gateway on the router. When we want to access an IP that is not in the subnet of all the network cards of the router, we need to forward multiple gateways. , this forwarding path is determined by the routing table. The generation method of the routing table can be dynamic (protocol sharing) or static (manual configuration). When the matching routing table fails, the default route is used to route to other connected gateways.

3. Transport layer

The protocol of the transport layer includes the TCP protocol or the UDP protocol. The TCP protocol is a set of port-based point-to-point communication protocols, including how to connect, how to send, and how to read messages. There is a connection, and data loss is not allowed. UDP does not need to establish a connection, and does not need to confirm the transmission of data, allowing data loss. For the operation of this layer protocol, SocketAPI can be used for programming, and its functions create, listen, accept, connect, read and write abstract some operations of the TCP/IP protocol.

4. Application layer

It combines the application layer session layer presentation layer in OSI. Protocols such as common HTTP protocol, mail protocol, etc., define the protocol for how to process data after getting data through TCP.

2. Frequently Asked Questions

(1) The entire process of requesting a URL

• Request the dns server, resolve to get the ip of the access domain name
• Start to package the data packets through the application layer (encapsulated into HTTP packets according to the HTTP protocol), the transport layer (encapsulated packets according to the TCP protocol - set the port), the network layer (encapsulated packets according to the IP protocol), the data link layer (according to the Ethernet protocol encapsulates packets) to send the packets to the gateway. Because the subnet mask is used to judge that it is not in a subnet at the network layer, it will be sent directly to the gateway. Ethernet packets are limited, and the above data packets may be cut into multiple packets.
• After the gateway receives the data packet, it will perform routing in the routing table
• After multiple routes, it reaches the server corresponding to the target IP.
• The corresponding server unpacks layer by layer, obtains the http request message, processes the request, and then returns the response by layer by layer packaging

(2) Three-way handshake and four-way wave of TCP protocol

First explain the key header information of the TCP packet involved.

Sign meaning

• SYN: synchronization, 1 and 0 indicate whether it is a packet to establish a connection
• ACK: acknowledgment, 1 and 0 indicate whether the acknowledgment number is valid
• FIN: Terminate, 1 and 0 indicate whether it is required to release resources, reset the connection, that is, release the transport connection

Serial number meaning

• seq sequence number. TCP serializes all bytes sent in a connection, and seq represents the sequence number of this segment.
• ack confirmation number, expecting to receive the sequence number of the next segment of the other party.

Note: Usually, the ack returned in the data transmission stage is the seq+len of the last received packet, but in the three-way handshake stage and the four-way wave, it is directly seq+1. That is, the sequence number calculation method of the three-way handshake and four-wave handshake ignores the packet length.

Note: The uppercase words of ACK, SYN and FIN represent flag bits, and their value is either 1 or 0; the lowercase words of ack and seq represent the serial number.

1. Three-way handshake,

• The first handshake client sends SYN, specifically SYN=1, seq = x (random value), and then the client is in the SYN_SENT state (sync has been sent)
• The second handshake server returns SYN+ACK, specifically SYN=1, ACK=1, seq=y (random value), ack=x+1, and then the server state is in the SYN_RECV state (synchronization has been received)
• Third handshake client sends ACK. Specifically, ACK=1, seq=x+1, ack=y+1. When the packet is sent, the client and the server enter the ESTABLISHED (TCP connection is successful) state.

Why three times? To let both parties know that each other is ready. Imagine a scenario where the client's first handshake a long time ago arrived at the server, but before that, the handshake request retried later has established a connection and sent data, then the client does not know the server's response at this time. So when the server returns a response, the client will not recognize the response and cannot establish a connection.

2, wave four times

• The first wave of the client sends FIN (FIN=1, seq=u)
• The second wave of server ACK (ACK=1, ack=u+1, seq=v)
• The third wave of server FIN(FIN=1,ack=u+1,seq=w)
• The fourth wave of client ACK (ACK=1, seq=u+1, ack=w+1)

Why is there a three-way handshake when connecting and a four-way handshake when closing? Because when the server receives the SYN connection request message from the client, it can directly send the SYN+ACK message. The ACK message is used for response, and the SYN message is used for synchronization. But when the connection is closed, when the server receives the FIN message, it is likely not to close the SOCKET immediately, so it can only reply an ACK message first, telling the client, "I received the FIN message you sent". I can only send FIN messages until all the messages on my server have been sent, so I cannot send them together. Therefore, a four-step handshake is required. In addition, after the fourth wave, the client will wait for a period of time to release the connection to ensure that it will not receive the third wave from the server again (if the server does not receive the fourth wave from the client, it will try to resend the third wave ).

(3) HTTP protocol

1. The difference between 1.0, 1.1, and 2.0

• 1.0 A request establishes and closes a TCP connection, and a lot of time and resources are spent in establishing and closing connections
• 1.1 After a TCP connection is established, it will not be closed immediately, and will be closed after a period of time
• 2.0 multiplexing, sending requests in parallel, while 1.1 is sending requests serially

2. HTTPS principle

That is, HTTP+SSL protocol, the specific process is shown in the figure:

question:

• How does the client verify the certificate returned by the website?

Use the public key of the local authority certificate to decrypt the developed certificate, obtain the information digest of the certificate, and compare the content of the certificate.

• Why is a digital envelope used in the middle (that is, a single-key encrypted message, the public and private keys are only used to encrypt a single key)?

Because single-key encryption and decryption is more efficient than asymmetric encryption. The core effect of asymmetric encryption is only used as a signature (to ensure that the information received by the receiver comes from the trusted owner of the private key password or that the message sent can only be decrypted by the party with the private key).

{{o.name}}

{{m.name}}