Detailed explanation of Telnet protocol
I. Overview
============================================================
Telnet protocol is the most widely used protocol in TCP/IP protocol suite.
It allows users (Telnet clients) to communicate with a remote device through a negotiation process.
Telnet protocol is based on the realization of network virtual terminal NVT (Network Virtual Terminal1).
NVT is a virtual device, both sides of the connection (client and server) must convert their physical terminals and NVT to each other.
============================================================
Telnet protocol has the following characteristics:
(1) Adapt to heterogeneity
In order to make Telnet interoperability between multiple operating systems possible, a detailed understanding of heterogeneous computers and operating systems is required. For example, some operating systems require each line of text to be terminated with an ASCII carriage return control (CR), others require an ASCII linefeed (LF), and still others require the two-character sequence carriage return-linefeed (CR) -LF); for another example, most operating systems provide users with a shortcut key to interrupt the running of the program, but this shortcut key may vary from system to system (some systems use CTRL+C, while others use ESCAPE). If the heterogeneity between systems is not taken into account, characters or commands issued locally, transmitted to a remote location and interpreted by a remote system are likely to be inaccurate or erroneous. Therefore, the Telnet protocol must solve this problem.
In order to adapt to the heterogeneous environment, the Telnet protocol defines the transmission method of data and commands on the Internet. This definition is called Network Virtual Terminal (NVT). Its application process is as follows:
For the sent data: the client software converts the sequence of keys and commands from the user terminal into NVT format and sends them to the server, and the server software converts the received data and commands from NVT format to the format required by the remote system;
For the returned data: the remote server converts the data from the remote machine's format to NVT format, and the local client converts the received NVT format data back to the local format.
(2) Send remote command
We know that most operating systems provide various shortcut keys to implement corresponding control commands. When the user types these shortcut keys in the local terminal, the local system will execute the corresponding control commands without taking these shortcut keys as input. So for Telnet, what does it use to realize the remote transmission of control commands?
Telnet also uses NVT to define how control functions are transferred from the client to the server. We know that the USASCII character set includes 95 printable characters and 33 control codes. When the user types a normal character locally, NVT will transmit it according to its original meaning; when the user types a shortcut key (key combination), NVT will convert it into a special ASCII character and transmit it over the network, and when it reaches the remote machine and then converted into corresponding control commands. There are two main reasons for distinguishing the normal ASCII character set from control commands:
This distinction means that Telnet has greater flexibility: it can transmit all possible ASCII characters and all control functions between client and server;
This distinction allows clients to specify signaling without ambiguity without the confusion of control functions and common characters.
(3) Data flow
There is one disadvantage of designing Telnet as application-level software: it is not efficient. Why is this? The data flow in Telnet is given below:
The data information is typed by the user from the local keyboard and transmitted to the client program through the operating system. The client program processes it and returns it to the operating system, and the operating system transmits it to the remote machine through the network, and the remote operating system transmits the received data. given to the server program, and processed again by the server program to return to the pseudo-terminal entry point on the operating system. Finally, the remote operating system transmits the data to the user's running application, which is a complete input process; the output will be From the server to the client along the same path.
Because for each input and output, the computer will switch process contexts several times, which is expensive. Fortunately, the user's typing rate is not high, we can still accept this shortcoming.
(4) Mandatory order
We should take into account the situation where if the local user runs an endlessly looping erroneous command or program on the remote machine, and the command or program has stopped reading input, the operating system's buffers may be occupied as a result If this happens, the remote server can no longer write data to the pseudo-terminal, and eventually stops reading data from the TCP connection, and the TCP connection's buffer eventually fills up, preventing data flow from flowing into this connection. If the above things do happen, the local user will lose control of the remote machine.
To solve this problem, the Telnet protocol must use out-of-band signaling in order to force the server to read a control command. We know that TCP uses the urgent data mechanism to implement out-of-band data signaling, so Telnet only needs to append a reserved octet called a date mark, and notify by letting TCP send a segment with the urgent data bit set The server is fine, and segments carrying urgent data will bypass flow control and go directly to the server. In response to emergency signaling, the server will read and discard all data until a data marker is found. The server will return to normal processing after encountering a data token.
(5) Option Negotiation
Due to the heterogeneity of machines and operating systems at both ends of Telnet, it is impossible and should not strictly stipulate the detailed configuration of each Telnet connection, otherwise it will greatly affect the adaptability of Telnet to heterogeneity. Therefore, Telnet uses an option negotiation mechanism to solve this problem.
The range of Telnet options is wide: some options expand the functionality in general, while others go into small details. For example: there is an option to control whether Telnet works in half-duplex or full-duplex mode (general direction); there is an option to allow the server on the remote machine to decide the user terminal type (small details).
The way Telnet options are negotiated is also interesting. It is symmetrical for each option, that is, either side can send a negotiation request; either side can accept or reject the request. Alternatively, if one end attempts to negotiate options that the other end does not understand, the end accepting the request may simply refuse to negotiate. Therefore, it is possible to interoperate newer, more complex Telnet client server versions with older, less complex versions. If both the client and server understand the new options, the interaction may improve. Otherwise, they will go together to run in a less efficient but workable way. All these designs are aimed at enhancing adaptive heterogeneity, which shows how important Telnet's adaptive heterogeneity is to its application and development.
2. Principle
The body of the Telnet protocol consists of three parts:
Definition of Network Virtual Terminal (NVT, Network Virtual Terminal);
Operational negotiation definition;
Negotiating finite automata;
2.1 Network Virtual Terminal (NVT)
2.1.1. The working principle of NVT
As the name suggests, a network virtual terminal (NVT) is a virtual terminal device that is employed by clients and servers to establish consistency in data representation and interpretation.
2.1.2. Definition of NVT
(1) Composition of NVT
The network virtual terminal NVT consists of two parts:
Output device: output remote data, usually a display
Input device: local data input
(2) Data format transmitted on NVT
The data transmitted on the network virtual terminal NVT adopts 8-bit byte data, of which the byte with the highest bit 0 is used for general data, and the byte with the highest bit 1 is used for NVT commands.
(3) The use of NVT in TELNET
TELNET uses a symmetric data representation. When each client sends data, it maps the character representation of its local terminal to the character representation of the NVT, and when receiving data, it maps the NVT representation to the local character set. superior.
At the beginning of communication, both communicating parties support a basic subset of NVT terminal features (only distinguish what is data and what is command) to communicate at the lowest level. Features at a higher level to implement extensions to NVT functions.
There are a large number of sub-protocols in TELNET for negotiating and extending the functions of the basic network virtual terminal NVT. Due to the diversification of terminal types, the TELNET protocol family becomes huge.
2.2. Operational Negotiation
2.2.1. Why Negotiate Operational Options
When the network virtual terminal device is defined, the two parties of the communication can realize data communication at a lower level, but the basic NVT device has very limited characteristics, it can only receive and display 7-bit ASCII code. , there is no basic editing ability, so simple NVT equipment is of no practical significance; for this reason, TELNET protocol defines a family of protocols to extend the functions of basic NVT, the purpose is to enable NVT to maximize the performance of user terminals. Function.
In order to support a variety of terminal features, the TELNET protocol stipulates that the negotiation mechanism is used when extending the NVT function. Only the features that are agreed upon by both parties through negotiation can be used, and the NVT feature can be given. Characteristic end devices can be interconnected, ensuring that they are operating within their capabilities.
2.2.2. Operation Negotiation Command Format
The operation negotiation of TELNET uses NVT command, that is, the byte stream whose highest bit is 1, and each NVT command starts with byte IAC (0xFF). The principle is as follows:
Whenever a client or server wants to send a sequence of commands rather than a stream of data, it inserts a special reserved character into the stream of data called an Interpret As Command (IAC) character. When the receiver finds an IAC character in an incoming data stream, it processes the following bytes as a command sequence.
All Telnet NVT commands are listed below.
Table 1 TELNET commands
| name | coding | illustrate |
|---|---|---|
| EOF | 236 | end of file |
| SUSP | 237 | Suspend the current process |
| ABORT | 238 | abort process |
| THEIR | 239 | record terminator |
| I KNOW | 240 | end of suboptions |
| NOP | 241 | no-op |
| DM | 242 | data tag |
| BRK | 243 | terminator (break) |
| IP | 244 | kill process |
| TO THE | 245 | Terminate output |
| AYT | 246 | request response |
| EC | 247 | terminator |
| THE | 248 | erase a line |
| GA | 249 | continue |
| SB | 250 | sub option start |
| WILL | 251 | option negotiation |
| WONT | 252 | option negotiation |
| DO | 253 | option negotiation |
| DONT | 254 | option negotiation |
| IAC | 255 | character 0XFF |
The commonly used TELNET options are negotiated as follows:
- WILL (option code) 251 Indicates that you want to start execution, or confirm that the indicated option is now being operated.
- WON'T (option code) 252 Indicates refusal to perform or continue the option indicated by the hospitality.
- DO (option code) 253 indicates the option that requires the counterparty to execute, or confirms that the counterparty is expected to execute the instruction.
- DON'T (option code) 254 indicates the option that requires the other party to stop the execution, or the diagnosis requires the other party to stop the execution of the instruction.
Then there are the following combinations for the receiver and the sender:
Table 2 Six cases of TELNET option negotiation
| sender | recipient | illustrate |
|---|---|---|
| WILL | DO | The sender wants to activate an option, and the receiver receives the option request |
| WILL | DONT | The sender wants to activate an option, and the receiver rejects the option request |
| DO | WILL | The sender wants the receiver to activate an option, and the receiver accepts the request |
| DO | DONT | The sender wants the receiver to activate an option, and the receiver rejects the request |
| WONT | DONT | The sender wishes to invalidate an option, the recipient must accept the request |
| DONT | WONT | The sender wants the other party to invalidate an option, the receiver must accept the request |
Option negotiation requires 3 bytes: IAC, followed by WILL, DO, WONT, or DONT; the last identifying byte is used to indicate options for the operation. Commonly used option codes are as follows:
Table 3 TELNET option codes
| Option ID | name | RFC |
|---|---|---|
| 1 | echo | 857 |
| 3 | Prohibited to continue | 858 |
| 5 | condition | 859 |
| 6 | clock logo | 860 |
| 24 | terminal type | 1,091 |
| 31 | window size | 1,073 |
| 32 | terminal rate | 1,079 |
| 33 | remote flow control | 1,372 |
| 34 | line mode | 1,184 |
| 36 | environment variable | 1,408 |
Typically, the client sends characters to the server and the server echoes them back to the user's terminal, but if the echo is too slow due to network latency, the user may prefer to have the local system echo the characters. Before the client allows the local system to echo, it sends the following sequence to the server:
IAC DONT ECHOAfter the server receives the request, it issues a 3-character response:
IAC WONT ECHOIndicates that the server has agreed to turn off echoing as requested.
2.3. Suboption Negotiation
除了“打开”或“关闭”以外,有些选项还需要更多的信息,例如对于指明终端类型来说,客户必须发送一个字符串来标识终端类型,所以要定义子选项协商。
RFC 1091 定义了终端类型的子选项协商。举个例子:
客户发送字节序列来请求打开选项:
<IAC, WILL, 24>24 是终端类型的选项标识符。如果服务器同意该请求,响应为:
<IAC, DO, 24 >接着服务器发送请求,要客户给出其终端类型。
<IAC, SB, 24, 1, IAC, SE>SB 是子选项开始命令,下一个字节24表示该子选项为终端类型选项。下一个字节1表示:发送你的终端类型。客户的响应为:
<IAC, SB, 24, 0, 'I', 'B', 'M', 'P', 'C', IAC, SE>第四个字节 0 的含义是“我的终端类型为”。
3. 实现
整个协议软件分为三个模块,各模块的功能如下:
与本地用户的输入/输出模块:处理用户输入/输出;
与远地系统的输入/输出模块:处理与远程系统输入/输出;
TELNET 协议模块:实现 TELNET 协议,维护协议状态机。
telnet 客户机要做两件事:
读取用户在键盘上键入的字符,并通过 tcp 连接把他们发送到远程服务器上
读取从 tcp 连接上收到的字符,并显示在用户的终端上
参考:
《Telnet 协议详解》:https://www.cnblogs.com/spinsoft/archive/2012/06/27/2566069.html
《RFC1073-Telnet窗口尺寸选项中文版》:https://blog.csdn.net/ghj1976/article/details/3438
《Java 实现 Telnet》:https://github.com/binarylei/netty/tree/master/netty04
每天用心记录一点点。内容也许不重要,但习惯很重要!