The OSI (Open System Interconnection, Open System Interconnection) seven-layer network model is called the Open System Interconnection Reference Model, which is a logical definition and a specification, which logically divides the network into seven layers. Each layer has related and corresponding physical devices, such as routers and switches. The OSI seven-layer model is a framework design method. The main purpose of establishing the seven-layer model is to solve the compatibility problems encountered in the interconnection of heterogeneous networks. Its main function is to help different types of hosts to realize data. transmission. Its biggest advantage is that it clearly distinguishes the three concepts of service, interface and protocol, and enables reliable communication between different systems and different networks through seven hierarchical structural models.
Model Advantages
The main purpose of establishing the seven-layer model is to solve the compatibility problems encountered in the interconnection of heterogeneous networks.
Its biggest advantage is that it clearly distinguishes the three concepts of service, interface and protocol: a service describes what functions a certain layer provides for the upper layer, an interface describes how the upper layer uses the services of the lower layer, and the protocol involves how to implement The service of this layer; in this way, each layer has strong independence, and there is no restriction on what protocol each entity in the interconnection network adopts, as long as the same service is provided upward and the interface of the adjacent layer is not changed. .
The division of the seven layers of the network is also to enable different functional modules (different layers) of the network to share different responsibilities, which brings the following benefits:
● Reduce the complexity of the problem. Once a network fault occurs, the fault layer can be quickly located, which is convenient for Find and correct errors;
● Define standard interfaces at each layer, so that different network devices with the same peer layer can achieve interoperability, and each layer is relatively independent, and a high-level protocol can be run on multiple low-level protocols ;
● It can effectively stimulate the innovation of network technology, because each update can be carried out in a small area, without major surgery on the entire network;
1. Physical Layer
The lowest or first layer of the OSI model, which includes the physical networking medium, such as a cable connector. Protocols at the physical layer generate and detect voltages in order to send and receive signals that carry data. Plug in a network interface card on your desktop PC, and you've established the foundation of computer networking. In other words, you provide a physical layer. Although the physical layer does not provide error correction services, it can set the data transfer rate and monitor the data error rate. Cyber-physical issues, such as disconnected wires, will affect the physical layer.
To transmit information, users need to use some physical media, such as twisted pair, coaxial cable, etc., but the specific physical media is not within the 7th layer of OSI. Some people regard physical media as the 0th layer, and the task of the physical layer is to The layer above it provides a physical connection, as well as their mechanical, electrical, functional and process characteristics. Such as specifying the type of cables and connectors to be used, the voltage of the transmitted signal, etc.
At this layer, the data is not yet organized and is only processed as a raw bit stream or electrical voltage, in units of bits.
two. Datalink Layer
The second layer of the OSI model, it controls the communication between the network layer and the physical layer. Its main function is how to reliably transmit data on unreliable physical lines. In order to guarantee transmission, the data received from the network layer is divided into specific frames that can be transmitted by the physical layer. A frame is a structured packet used to move data. It includes not only the original data, but also the physical addresses of the sender and receiver, as well as error detection and control information. The address in it determines where the frame will be sent, while error correction and control information ensures that the frame arrives error-free. If the receiving point detects that there is an error in the transmitted data when transmitting data, it will notify the sender to resend the frame.
The function of the data link layer is independent of the network and its nodes and the type of physical layer used, nor does it care whether Word, Excel, or the Internet is being used. Some connected devices, such as switches, work at the data link layer because they decode the frame and use the frame information to send the data to the correct recipient.
Data Link Layer (Data Link Layer): On the basis of the bit stream service provided by the physical layer, a data link between adjacent nodes is established, and error-free transmission of data frames (Frame) on the channel is provided through error control, and the Action series on each circuit.
The data link layer provides reliable transmission over unreliable physical media.
The role of this layer includes: physical address addressing, data framing, flow control, data error detection, retransmission and so on.
Protocols are: SDLC, HDLC, PPP, STP, Frame Relay, etc.
three. Network Layer
The third layer of the OSI model, its main function is to translate network addresses into corresponding physical addresses and decide how to route data from sender to receiver.
The network layer determines the best path from node A in one network to node B in another network by comprehensively considering sending priority, network congestion level, quality of service, and cost of alternative routing. Since the network layer processes and intelligently guides data transmission, routers connect all segments of the network, so routers belong to the network layer. In networking, "routing" directs the sending of data based on addressing schemes, usage patterns, and reachability.
The network layer is responsible for establishing the routes they use between the source and destination machines. This layer itself does not have any error detection and correction mechanism, therefore, the network layer must rely on the reliable transmission service provided by the DLL between the peers.
The network layer is used to establish communication between computer systems on the local LAN segment. It can do this because it has its own routing address structure, which is separate and independent from the second layer machine address. Such protocols are called routing or routable protocols. Routing protocols include IP, Novell's IPX and Apple Talk protocols.
The network layer is optional and is only used when two computer systems are on different network segments separated by routers, or when the communication application requires certain services, features, or capabilities provided by the network or transport layer . For example, when two hosts are directly connected to the same LAN segment, the communication between them can only use the communication mechanism of the LAN.
Protocols are: ICMP IGMP IP (IPV4 IPV6) ARP RARP
four. Transport Layer
The most important layer in the OSI model. The transport protocol also performs flow control or dictates an appropriate sending rate based on how quickly the receiver can receive data. In addition to this, the transport layer forces long packets to be split according to the largest size the network can handle. For example, Ethernet cannot receive packets larger than 1500 bytes. The transport layer of the sender node divides the data into smaller pieces, and assigns a sequence number to each piece, so that when the data arrives at the transport layer of the receiver node, it can be reassembled in the correct order. This process is called sorting.
One service that works at the transport layer is TCP (Transmission Control Protocol) in the TCP/IP protocol suite, and another transport layer service is SPX (Sequenced Packet Exchange) in the IPX/SPX protocol suite.
Protocols are: TCP UDP
Five. The Session Layer
is responsible for establishing, maintaining and terminating communication between two nodes in the network. The functions of the session layer include: establishing a communication link, keeping the communication link open during the session, synchronizing the dialogue between two nodes, deciding whether the communication is interrupted and deciding where to resend when the communication is interrupted.
You may often hear someone refer to the session layer as the "traffic cop" of network communications. When you dial in to your ISP (Internet Service Provider) to request a connection to the Internet, the session layer on the ISP server negotiates the connection between you and the session layer on your PC client. If your phone line accidentally falls out of the wall jack, the session layer on your terminal will detect the disconnection and reconnect. The session layer sets the communication period by determining the priority of the node communication and the length of the communication time.
VI . Presentation Layer
The translator between the application and the network, where the data is formatted according to a scheme that the network understands; this formatting also varies depending on the type of network used.
The presentation layer manages the decryption and encryption of data, such as the handling of system passwords. For example, looking up your bank account on the Internet uses a secure connection. Your account data is encrypted before being sent, and on the other side of the network, the presentation layer decrypts the received data. In addition to this, the presentation layer protocol also decodes and encodes picture and file format information.
seven. Application layer (Application Layer)
The application layer is also called application entity (AE), which consists of several specific application service elements (SASE) and one or more common application service elements (CASE). Each SASE provides specific application services, such as file transport access and management (FTAM), electronic text and message processing (MHS), virtual terminal protocol (VAP) and so on. CASE provides a set of common application services, such as Contact Control Service Element (ACSE), Reliable Transport Service Element (RTSE) and Remote Operation Service Element (ROSE).
Mainly responsible for providing an interface to the software so that the program can use network services.
The term "application layer" does not refer to a particular application running on the network. The services provided by the application layer include file transfer, file management, and e-mail information processing.
Protocols are: HTTP FTP TFTP SMTP SNMP DNS
IP packet format: The
relevant fields are described as follows:
IP version: Indicates the version number of the IP protocol. The IP protocol version includes IPv4 and IPv6 version numbers, accounting for 4 bits
(Hdr Len) Herader Length: The length of the header, this field mainly describes ip How many 32-bit bytes are included in the protocol header. The ip protocol header is basically 20 bytes (4byte*5), where 5 means 5 lines. That is to say, if the options option does not contain other data, the length of the header of the ip protocol message is 20 bytes. Since the length of the header occupies 4 bits, the maximum length of the header is 15*4=60 bytes.
TOS: Type of service. It is used to indicate the service type of the ip data packet. This field is related to qos. For different ip data packets, given different service types, the data packets are processed in different ways. 8bit
Total Length: The total length of the ip packet, which is the length of the header plus the data. This part is the total length. Therefore, the total length of the packet and the length of the header can be used to calculate the size of the data, accounting for 16bit
Identification (Fragment ID): This is The identifier of the ip data packet. If the ip data packet is too large, the data packet will be fragmented. This identifier is to determine which fragments are the same data packet. 16bit
R: Reserved, 1bit
DF: Indicates that fragmentation is prohibited, 1bit
MF: 1 means there are more fragments, 1bit
Fragment Offset: Fragment offset, indicating that each fragment is in the entire packet The location of the TTL is 13 bits in order to reorganize the data packets. The
time to live is reduced by one every time it passes through a router to prevent loops. It takes 8 bits.
Protocol: used to identify the upper-layer protocol. Since tcp/udp and other protocols are transmitted from the four-layer protocol or the other three protocols through ip, this field is used to indicate which upper-layer protocol to process the data packet after it is processed. Occupies 8bit
Header Checksum: Checksum, used to verify whether the ip data packet is damaged during transmission. 16bits
Source IP Address: Source IP address, 32bits
Destination Ip Address: Destination address, 32bits
Options: Optional options, 32bits
Data: Data carried by ip, 32bits
TCP packet format: The
relevant fields are described as follows:
Source port Number: The source port number, if a service wants to communicate with an external host. You must listen on a certain port number in order to establish a connection. This field occupies 16 bits. So there are 65536 total ports.
Destination Port Number: Destination port number, occupying 16 bits. There are a total of 65536 destination ports.
sequence Number: sequence number, this field is used to identify the order in which the message is sent, and is sorted and processed according to the number of this field after it is received. Occupy 32bit.
Acknowledge NUMber: The confirmation number is used to confirm whether the information sent by the other party has been received. 32bit
confirmation number = (the other party's) serial number + 1
Header Length: header length, this field is similar to the header field in the ip protocol, this field indicates how many 32byte bytes the tcp message contains. The basic packet size of tcp is 4byte*5=20byte, occupying 4bit
Reserved: Reserved field, occupying 6 bits
ACK: When ACK is 1, it means the confirmation number is legal; if it is 0, it means that the data packet does not contain confirmation information, then the confirmation field will be omitted. Occupies 1bit
PSH: Indicates data with PUSH flag. The receiver therefore requests that the datagram be sent to the application as soon as it arrives without having to wait until the buffer is full.
RST accounts for 1bit: used to reset an erroneous connection due to a host crash or other reasons. It can also be used to reject illegal datagrams or connection requests, occupying 1 bit
. SYN: indicates a request to establish a connection, occupying 1 bit, SYN=1 means sending a connection establishment request
FIN: indicating whether to disconnect, occupying 1 bit, and 1 means disconnecting Connection
Windows Size: Window size, this field indicates the maximum number of bytes of the tcp packet during transmission, accounting for 16bit
TCP Checksum: tcp checksum, used to verify whether the tcp packet is damaged during transmission , accounting for 16 bits 16bit
Urgent Pointer: Urgent pointer
TCP three-way handshake:
In the TCP/IP protocol, the TCP protocol provides reliable connection services, using three-way handshake to establish a connection
, the client and the server are in the CLOSED state before the connection is established.
1. One handshake: First, client A initiates a SYN request to server B to establish a connection. At this time, client A's seq=100. At this time, client A is in the SYN SENT state, waiting for server B to confirm.
2. Second handshake: After server B receives the SYN request, it prepares to confirm the SYN request initiated by client A. And the ACK number of server B = (clientA) seq number + 1 = 101, and at the same time initiates the establishment of a SYN connection to client A. At this time, the seq of server B is 300. and send it to client A. At this time, server B is in the SYN RCVD state.
3. The third handshake: client A receives the SYN request sent by server B and prepares to confirm it. Therefore, the ACK number of client A at this time = (server B) seq number + 1 = 301, and it is sent to server B. At this point, both client A and server B are in the ESTABLISHED state, completing the three-way handshake.
Four disconnects of TCP:
Since TCP connections are full-duplex, each direction must be closed individually. The principle is that when a party completes its data transmission task, it can send a FIN to terminate the connection in this direction. Receiving a FIN only means that there is no data flow in this direction, a TCP connection can still send data after receiving a FIN. The side that shuts down first will perform an active shutdown, while the other side performs a passive shutdown.
1. When client A wants to disconnect from server B, it will send a FIN request, and FIN=1 in the message at this time. At this point client A enters the WAIT 1 state.
2. When server B receives the FIN request sent by client A, it will send an ACK message to confirm that it has received the message. At this time, server B is in the CLOSE WAIT state. At the same time, a FIN (FIN=1) message is also sent to client A, requesting to disconnect. At this point, server B is in the LAST ACK state.
3. When client A receives the ACK message sent by server B, client A is in WAIT 2 state. And send the ACK message to server B again to confirm that the FIN message has been received. At this point client A is in the TIME WAIT state. In fact, before client A is in the TIME WAIT state, there is a CLOSING state. This state is the FIN message sent by server B caused by network reasons, which only appears when client A does not receive it. Once server B retransmits, client A receives the FIN message. After that, it will become TIME WAIT state.
4. When client A is in the TIME WAIT state, after 2s (2MSL), client A will disconnect and be in the CLOSED state, and then server B will also disconnect and be in the CLOSED state.
Note: The 2s here is also used to wait for the ack message sent by client A to reach server B. If it does not arrive, it will be retransmitted within this period. After this time, client A will disconnect.
In this way, client A and server B are disconnected after four disconnections.
[Note] The interrupted connection end can be the client end or the server end.
Suppose the client side initiates a disconnection request, that is, sends a FIN message. After the server receives the FIN message, it means "my client has no data to send to you", but if you still have data that has not been sent, you don't have to rush to close the Socket, you can continue to send data. So you send ACK first, "tell the client that I have received your request, but I am not ready, please continue to wait for my message". At this time, the client side enters the FIN_WAIT state and continues to wait for the FIN message from the server side. When the server side determines that the data has been sent, it sends a FIN message to the client side, "tell the client side, OK, I have finished sending the data here, and I'm ready to close the connection". After the client receives the FIN message, "it knows that the connection can be closed, but he still does not believe in the network, for fear that the server does not know to close, so it enters the TIME_WAIT state after sending ACK. If the server does not receive an ACK, it can restart. Pass.", after the server side receives the ACK, "it knows that the connection can be disconnected". After the client side waits for 2MSL and still does not receive a reply, it proves that the server side has been closed normally. Well, my client side can also close the connection. Ok, the TCP connection is closed like this!
In -depth understanding of TCP connection release:
Since TCP connections are full-duplex, each direction must be closed individually. The principle is that when a party completes its data transmission task, it can send a FIN to terminate the connection in this direction. Receiving a FIN only means that there is no data flow in this direction, a TCP connection can still send data after receiving a FIN.
The side that shuts down first will perform an active shutdown, while the other side performs a passive shutdown.
The connection of the TCP protocol is a full-duplex connection, and a TCP connection has a bidirectional read and write channel.
In short, it is "first off reading, then off writing", a total of four stages are required. Take the client initiates closing the connection as an example:
1.
2. The client write channel is closed
3. The client read channel is closed
4. The server write channel is closed
The closing behavior is to send a FIN (finish) data segment to the other party after the initiator data is sent. Until the FIN sent by the other party is received, and the other party has received the acknowledgment ACK, the data communication between the two parties is completely ended, and the confirmation data segment ACK needs to be returned for each reception in the process.
Detailed process:
The first stage: After the client sends the data, it sends a FIN data segment to the server with the serial number i;
1. After the server receives the FIN(i), it returns an acknowledgement segment ACK with the serial number i+1, Close the server read channel;
2. After the client receives ACK(i+1), close the client write channel;
(At this time, the client can still read the server's data through the read channel, and the server can still write data through the write channel )
The second stage: After the server sends the data, it sends a FIN data segment to the client, the serial number is j;
3. After the client receives the FIN(j), it returns the confirmation segment ACK, the serial number is j+1, close The client reads the channel;
4. After the server receives the ACK(j+1), the server closes the write channel.
This is a standard TCP shutdown in two phases, both server and client can initiate shutdown, completely symmetrical.
The bit code is the tcp flag bit, and there are 6 kinds of signs:
SYN (synchronous connection establishment)
ACK (acknowledgement confirmation)
PSH (push transmission)
FIN (finish end)
RST (reset reset)
URG (urgent emergency)
Sequence number (sequence number)
Acknowledge number (confirmation number)
Client TCP state transition:
CLOSED->SYN_SENT->ESTABLISHED->FIN_WAIT_1->FIN_WAIT_2->TIME_WAIT->CLOSED
server TCP State transition:
CLOSED->LISTEN->SYN received->ESTABLISHED->CLOSE_WAIT->LAST_ACK->CLOSED
The meaning of each state is as follows:
LISTEN - listening for connection requests from remote TCP ports;
SYN-SENT - sending connection requests then wait for a matching connection request;
SYN-RECEIVED - wait for an acknowledgment of a connection request after receiving and sending a connection request;
ESTABLISHED - represents an open connection, data can be sent to the user;
FIN-WAIT-1 - wait for remote TCP
FIN-WAIT-2 - waiting for a connection interruption request from the remote TCP; CLOSE
-WAIT - waiting for a connection interruption request from a local user;
CLOSING - waiting for the remote TCP to connect Confirmation of interruption;
LAST-ACK - wait for the confirmation of the connection interruption request originally sent to the remote TCP;
TIME-WAIT - waits enough time to ensure that the remote TCP receives an acknowledgment of the connection interruption request;
CLOSED - does not have any connection status;