The application layer works in the user mode, and the transport layer and below work in the kernel mode
Application layer, transport layer, network layer, data link layer, physical layer
1. HTTP articles
Basic concepts of HTTP
HTTP is a hypertext transfer protocol, which is a two-way protocol. Hypertext: text beyond ordinary text, including pictures, videos, compressed packages, etc.
Specifically: HTTP is a special transmission of text and pictures between two points in the computer world. , conventions and protocols for hypertext data such as audio and video
HTTP status codes
1xx type code belongs to prompt information, which is an intermediate state in protocol processing, and is actually used less.
The 2xx class indicates that the server successfully processed the client's request 200, 204 [the response header has no body data], 206 [applied to HTTP block download and breakpoint resuming]
The 3xx class indicates that the resource requested by the client has changed and needs to be redirected (use the new URL to resend the request to obtain the resource)
301 [permanent redirection] 302 [temporary redirection] 304 [cache redirection]
The 4xx class indicates that the message sent by the client is incorrect and the server cannot process it. 400 [Message Error] 403 [The server prohibits access to the resource] 404 [The requested resource does not exist]
The 5xx class indicates that the client requested the message correctly, but an error occurred inside the server.
500 [Unknown server error] 501 [The requested function is not yet supported, please look forward to it] 502 [Bad gateway] 503 [The server is busy]
HTTP common fields
- When the Host client sends a request, it is used to specify the server domain name
- Content-Length field The server returns data, indicating the data length of this response
- The Connection field is used by the client to ask the server to use a TCP persistent connection so that other requests can be reused
- The Content-Type field tells the client the format of this data when the server responds
- The Content-Encoding field indicates the compressed format of the data returned by the server
Difference between GET and POST
The meaning of the Get method is to obtain resources from the server. This resource can be static text, pages, pictures, videos, etc. The
Post method, which is safe and idempotent, is to submit data like the resource specified by the URI, and the data is placed in the body of the message. . is unsafe, not idempotent.
The get method is a read-only operation, no matter how many times the data on the server is safe, and each time the result is the same
Post is the operation of adding or submitting data, which will modify the resources on the server, which is not safe, and submit multiple times to create Multiple resources, so not idempotent
2. TCP articles
What is TCP
TCP is a reliable data transmission service that works at the transport layer, which ensures that network packets at the receiving end are undamaged, gap-free, non-redundant and in-order. TCP is a connection
-oriented, reliable, byte stream-based transport layer communication protocol Even if the path changes, TCP can guarantee that a packet will definitely reach the receiver .
What is a TCP connection
Establishing a TCP connection requires the client and the server to reach a consensus on three pieces of information:
- Socket: Composed of IP address and port number
- Serial number: used to solve out-of-order problems
- Window size: used for flow control
How to uniquely determine a TCP connection
The TCP quadruple can uniquely determine a connection: the source address, source port, destination address, destination port,
source port, and destination port fields (16 bits) are in the TCP header, and their function is to tell the TCP protocol that the message should be sent to the Which process
The fields (32 bits) of the source address and destination address are in the IP header, and the function is to send the message to the other host through the IP protocol
What is the difference between UDP and TCP? Application scenarios
UDP does not provide a complex control mechanism. It uses IP to provide connectionless communication services. The
UDP protocol is very simple, with only 8 bytes (64 bits) in the header.
Difference between TCP and UDP
1. Connection
TCP is a connection-oriented transmission protocol. You need to connect to
UDP before transmission. No connection is required, and data is sent immediately
. 2. Service object
TCP is a one-to-one two-point service, that is, a connection has only two endpoints.
UDP supports one One-to-one, many-to-one, many-to-many interactive communication
3. Reliability
TCP delivers data reliably, ensuring that data is error-free, not lost, not duplicated, and arrives on demand.
UDP is delivered to the best of its ability, and does not guarantee reliable delivery of
data4 .Congestion control, flow control
TCP uses congestion control and flow control mechanisms to ensure the security of data transmission
UDP does not have a complex control mechanism, even if the network is very congested, it does not affect the sending rate of UDP
5. Header overhead
The length of the TCP header is long, There is a certain overhead. The header is 20 bytes when the option field is not used, and it will be longer when used. The
UDP header is a fixed 8 bytes, and the overhead is small
. 6. Transmission mode
TCP is streaming, no boundaries, but guaranteed Sequential and reliable
UDP is a packet-by-packet transmission, which is bounded, and may lose packets and be out of order
7. Fragmentation is different
TCP connection establishment - three-way handshake
First, the server actively monitors a certain port,
the client sends the first SYN message, and the serial number of the message is randomly initialized. The
server receives the SYN message, and the server also randomly initializes its own serial number, and confirms the response number of the received client. +1 is filled in the TCP header and sent back.
The client receives the message, responds with a response message, and fills the confirmation response number field + 1 into the TCP header. This message can carry the data from the client to the server.
The first two handshakes do not carry data, and the third time can carry data. The
successful return of the client's connect is in the second handshake, and the successful return of the server's accept is after the successful three-way handshake.
Why three-way handshake
The three-way handshake prevents old duplicate connections from initializing, causing confusion.
If the network is blocked, the new connection request arrives first, the old one arrives later, and then the server can determine whether it is the old connection or the new connection by confirming the reply number.
The three-way handshake avoids wasting resources, and the three-way connection synchronizes the initial serial numbers of both parties
SYN attack
TCP requires a three-way handshake. The attacker forges SYN packets of different IP addresses in a short time. When the server receives a SYN packet, it will enter the SYN_RCVD state, and then send an ACK+SYN packet, but the ACK response from the unknown host cannot be obtained. , after a long time, the SYN receiving queue on the server side is full and cannot serve normal users.
TCP disconnect - wave four times
Both parties can actively disconnect, and the resources in the host will be released after disconnection.
The client intends to close the connection and send a FIN message. The client enters the FIN_WAIT_1 state.
The server receives the message and replies with an ACK response message to the client. The server enters the COLSED_WAIT state.
The client receives the ACK message and enters FIN_WAIT_2. Waiting for the server to process the data, it also sends a FIN message to the client, and then the server enters the LAST_ACK state.
The client receives the FIN message from the server, responds with an ACK response message, and enters the TIME_WAIT state.
The server receives the ACK response message and enters the CLOSED state. The server closes the connection and automatically enters the CLOSED state after waiting twice the maximum lifetime of the message.
Each direction requires a FIN and an ACK message, so it is called a four wave.
Why it takes four times to wave
When the connection is closed, when the client sends a FIN message to the server, it only means that the client is no longer sending data, but it can still receive data
. When the server receives the FIN message from the client, it first returns an ACK response message. There is still data that needs to be processed and sent. When the server is no longer sending data, a FIN message is sent to indicate that it agrees to close the connection now.
The server usually waits for data to be sent and processed, so he first sends an ACK response message, and then sends a FIN message after processing the data, so it is one more time than the three-way handshake.