Table of contents
Network Architecture Patterns (Web Application Design Patterns)
TCP sliding window (TCP flow control)
Difference Between Router and Switch
Network Architecture Patterns (Web Application Design Patterns)
C/S structure
Client - server (client-server) structure. The server completes the management of the data, and the client completes the interactive tasks with the user . A client is a machine that accesses other people's information on the Internet, and a server is a machine that provides information for people to access.
The client is connected to the server through the local area network, accepts the user's request, and makes a request to the server through the network to operate the database. The server accepts the client's request, submits the data to the client, and the client calculates the data and presents the result to the user . The server also needs to provide comprehensive security protection and data integrity processing, and allows multiple clients to access the server at the same time, which puts forward high requirements on the server's hardware processing data capabilities.
In the C/S structure, the application program is divided into two parts: the server part and the client part.
The server part is the information and functions shared by multiple users, and performs background services, such as controlling the operation of the database
The client part is exclusive to the user and is responsible for performing front-end functions, such as error prompts, data calculations, etc.
advantage:
1. Flexible protocol selection
2. The client responds quickly (it can give full play to the processing capacity of the client PC, and many tasks can be submitted to the server after the client processes)
3. Beautiful operation interface and various forms. Can fully meet the individual requirements of customers themselves
4. The management information system with C/S structure has strong transaction processing capabilities and can realize complex business processes
5. High security, C/S is generally oriented to a relatively fixed user group, and the program pays more attention to the process. It can perform multi-level verification of permissions, provide a safer access mode, and have a strong ability to control information security , General highly confidential information system adopts C/S structure suitable.
shortcoming:
1. The client needs to install special client software. First of all, it involves the workload of installation, and secondly, any computer with problems (viruses, hardware damage) needs to be installed or maintained. When the software is upgraded, each client needs to be reinstalled, and the maintenance and upgrade costs are high.
2. There are generally restrictions on the operating system of the client, and it cannot be cross-platform
B/S structure
The B/S structure (browser, server mode) is a network structure mode after the rise of the web, and the WEB browser is the most important application software for the client. This model unifies the client, concentrates the core part of system function realization on the server, simplifies the development, maintenance and use of the system, only needs to install a browser on the client, and install the database (MySQL, Oracle) on the server. The browser interacts with the database through the Web Server.
advantage:
The biggest advantages of the B/S architecture are low overall cost of ownership, convenient maintenance, strong distribution, and simple development. It can be operated anywhere without installing any special software. The client has zero maintenance and the system is very easy to expand. All you need is a computer with internet access
shortcoming:
1. The communication overhead is large, and the security of the system and data is difficult to guarantee
2. Personality characteristics are significantly reduced, and specific and personalized functional requirements cannot be realized
3. Fixed protocol: http/https
4. The interactive request-response mode of the client server usually refreshes the page dynamically, and the response speed is significantly reduced
MAC address
Network card A piece of computer hardware designed to allow computers to communicate on a computer network, also known as a network adapter or network interface card (NIC). It has a MAC address and belongs to layer 2 of the OSI model, which allows users to connect to each other through cables or wirelessly. Every network card has a unique 48-bit serial number called a MAC address. The main functions of the network card: 1. Data encapsulation and decapsulation 2. Link management 3 Data encoding and decoding
MAC address, also known as LAN address, Ethernet address, physical address or hardware address, is an address used to confirm the location of network equipment, and is produced and burned into the network card by the network equipment manufacturer. In the OSI model, the third layer of the network layer is responsible for the IP address, and the second layer of the data link layer is responsible for the MAC address . The MAC address is used to uniquely identify a network card in the network. If a device has one or more network cards, each network card needs and has a unique MAC address .
The length of the MAC address is 48 bits (6 bytes), usually expressed as 12 hexadecimal numbers. For example: 00-16-EA-AE-3C-40 is a MAC address, in which the first 3 bytes, the hexadecimal number 00-16-EA represents the number of the network hardware manufacturer, which is assigned by IEEE, and the last 3 bytes Byte, the hexadecimal number AE-3C-40 represents the serial number of a certain network product manufactured by the manufacturer. As long as you don't change your MAC address, the MAC address is unique in the world. Visually speaking, the MAC address is unique, just like the ID card number.
IP address
The IP protocol is a protocol designed for computer networks to communicate with each other. In the Internet, it is a set of rules for all computer networks that can be connected to the network to communicate with each other, and it specifies the rules that computers should follow when communicating on the Internet.
The IP protocol is actually a set of protocol software composed of software programs. It converts various "frames" into the "IP datagram" format. This conversion is one of the most important features of the Internet, making all kinds of computers can communicate on the Internet. It is precisely because of the IP protocol that the Internet can rapidly develop into the world's largest and open computer communication network. Therefore, the IP protocol can also be called "Internet Protocol".
An IP address refers to an Internet Protocol address (also known as an Internet Protocol address). The IP address is a unified address format provided by the IP protocol. It assigns a logical address to each network and each host on the Internet to shield the difference in physical addresses .
The IP address is a 32-bit binary number, usually divided into four 8-bit binary numbers. IP addresses are usually expressed in "dotted decimal".
IP addressing method
In order to facilitate addressing and construct a network hierarchically, each IP address includes two identification codes (ID), namely, a network ID and a host ID. All hosts on the same physical network use the same network ID, and a host on the network (including servers, routers, etc.) has a corresponding host ID.
Class A IP address
A Class A IP address means that among the four segments of the IP address, the first segment is the network number, and the remaining three segments are the numbers of the local computer. If the IP address is expressed in binary, the Class A IP address is composed of a 1-byte network address and a 3-byte host address, and the highest bit of the network address must be "0". In class A IP addresses, the network identification length is 8 bits, and the host identification length is 24 bits. The number of class A network addresses is relatively small. There are 126 networks, and each network can accommodate more than 16 million hosts. Class A IP addresses address range 1.0.0.1 - 126.255.255.254 (binary representation: 00000001 00000000 00000000 00000001 - 01111111 11111111 11111111 11111110). The last one is the broadcast address. The subnet mask of a class A IP address is 255.0.0.0, and the maximum number of hosts supported by each network is 256 to the power of 3 - 2 = 16777214 hosts.
Class B IP address
A Class B IP address means that among the four segments of the IP address, the first two segments are network numbers. If the IP address is expressed in binary, the Class B IP address is composed of a 2-byte network address and a 2-byte host address, and the highest bit of the network address must be "10". The length of network identification in class B IP address is 16 bits, and the length of host identification is 16 bits. Class B network address is suitable for medium-scale networks. There are 16384 networks, and each network can accommodate more than 60,000 computers tower. Class B IP addresses address range 128.0.0.1 - 191.255.255.254 (binary representation: 10000000 00000000 00000000 00000001 - 10111111 11111111 11111111 11111110). The last one is the broadcast address. The subnet mask of class B IP address is 255.255.0.0, and the maximum number of hosts supported by each network is 256 to the power of 2 - 2 = 65534 hosts.
Class C IP address
A Class C IP address means that among the four segments of the IP address, the first three segments are network numbers, and the remaining segment is the number of the local computer. If the IP address is expressed in binary, the Class C IP address consists of a 3-byte network address and a 1-byte host address, and the highest bit of the network address must be "110". In class C IP addresses, the network identification length is 24 bits, and the host identification length is 8 bits. There are more than 2.09 million networks in class C network addresses. Suitable for small-scale local area networks, each network can only contain up to 254 computers. Class C IP address range 192.0.0.1-223.255.255.254 (binary representation: 11000000 00000000 00000000 00000001 - 11011111 11111111 11111111 11111110). The subnet mask of a class C IP address is 255.255.255.0, and the maximum number of hosts supported by each network is 256 - 2 = 254.
Class D IP address
Class D IP addresses are historically called multicast addresses, that is, multicast addresses . In Ethernet, a multicast address names a group of stations on the network that should receive a packet. The highest digit of the multicast address must be "1110", ranging from 224.0.0.0 - 239.255.255.255 .
special url
The address with every byte of 0 ("0.0.0.0") corresponds to the current host; the IP address with every byte of 1 in the IP address ("255.255.255.255") is the broadcast address of the current subnet; All IP addresses of class E starting with "11110" in the IP address are reserved for future and experimental use. The IP address cannot start with the decimal "127". The numbers 127.0.0.1 to 127.255.255.255 in this type of address are used for loop testing, such as: 127.0.0.1 can represent the local IP address.
subnet mask
Subnet mask (subnet mask) is also called network mask, address mask, and subnet mask. It is a method used to indicate which bits of an IP address identify the subnet where the host is located and which bits identify it. is the bitmask of the host. The subnet mask cannot exist alone, it must be used in conjunction with the IP address. The subnet mask has only one function, which is to divide an IP address into two parts, the network address and the host address. A subnet mask is a 32-bit address that is used to mask part of an IP address to distinguish network identification from host identification, and to indicate whether the IP address is on a local area network or a wide area network .
The subnet mask is a virtual IP technology created to solve the allocation of IP addresses under the background of IPv4 address resource shortage. Through the subnet mask, the three types of addresses A, B, and C are divided into several subnets, thereby significantly improving the IP address. The efficiency of address allocation effectively solves the shortage of IP address resources. On the other hand, in order to better manage the network in the enterprise intranet, network administrators also use the role of subnet masks to artificially divide a larger enterprise intranet into more small-scale subnets, and then use The routing function of the three-layer switch realizes the interconnection of subnets, thus effectively solving many network management problems such as network broadcast storms and network viruses.
port
The port is bound to each process, or the server monitors through this port whether a client is connected to it.
Port classification:
1. Well-known ports
Well-known ports are many well-known port numbers (also known as well-known ports, well-known ports, or common ports), ranging from 0-1023 , and they are tightly bound to some specific services. [ Port 80 is allocated to WWW service, port 21 is allocated to FTP service, port 23 is allocated to Telnet, etc. ]
The network service can use other port numbers. If it is not the default port number, you should specify the port number in the address bar. The method is to enter "URL: port number" in the address bar. However, some system protocols use fixed port numbers, which cannot be changed. For example, port 139 is specially used for communication between NetBIOS and TCP/IP, and cannot be changed manually .
2. Register port
Port numbers range from 1024 to 49151 , they are loosely bound to some services and assigned to user processes or applications, these processes are mainly some applications that the user chooses to install. When these ports are not occupied by server resources, the bit source port can be dynamically selected by the client. [ Ports that can be used when writing programs between us ]
3. Dynamic port/private port
Dynamic ports range from 49152 to 65535. It is called a dynamic port because it generally does not allocate a certain service fixedly, but dynamically allocates it.
network model
OSI seven layer model
The seven-layer model, also known as the OSI (Open System Interconnection) reference model, is the open system interconnection. The reference model is a standard system developed by the International Organization for Standardization (ISO) for the interconnection between computers or communication systems, generally known as the OSI reference model or the seven-layer model. It is a seven-layer, abstract model body, including not only a series of abstract terms or concepts, but also specific protocols.
Application layer : An interface between web services and end users. This layer provides network services to user applications such as e-mail, file transfer, and terminal emulation .
application layer Serving the application presentation layer Data format conversion, data encryption session layer Establish, manage and maintain sessions transport layer Establish, manage and maintain end-to-end connections Network layer IP Addressing and Routing data link layer Provides media access and link management physical layer Standards for Physical Devices Presentation layer : presentation, security, and compression of data. It mainly interprets the received data, encrypts and decrypts, compresses and decompresses , etc. The information sent can be read by another system's application layer.
Session layer : establish a data transmission path through the transport layer (port number: transmission port and receiving port) . Primarily initiates sessions or accepts session requests between your systems.
Transport layer : defines some protocols and port numbers for transmitting data. It is mainly to segment and transmit the data received from the lower layer, and reassemble after reaching the destination address . This layer of data is often called a segment.
Network Layer : Performs logical addressing, providing connectivity and path selection between two host systems in a network located in different geographic locations . The development of the Internet has greatly increased the number of users accessing information from various sites in the world, and the network layer is the layer that manages this connection.
Data link layer : establish logical connections, perform hardware address addressing, error checking and other functions. Defines how formatted data is transmitted in frames and how access to physical media is controlled . Combining bits into bytes and then into frames, using MAC addresses to access the medium.
Physical layer : mainly defines the physical equipment standard, such as the interface type of the network cable, the interface type of the optical fiber, the transmission rate of various transmission media, etc. Its main function is to transmit bit stream (that is, 1, 0 is converted into current strength for transmission, and then converted into 1, 0 after reaching the destination, which is what we often call digital-to-analog conversion and analog-to-digital conversion). The data in this layer is called bits.
TCP/IP four-layer model
The mainstream protocol family used by the Internet is the TCP/IP protocol family, which is a layered and multi-protocol communication system. The TCP/IP protocol family is a four-layer protocol system, which consists of data link layer, network layer, transport layer and application layer from bottom to top . Each layer performs different functions and is completed through several protocols, and the upper-layer protocol uses the services provided by the lower-layer protocol .
Application layer: The application layer is the first layer of the TCP/IP protocol, which directly provides services for the application process
(1) For different types of applications, they will use different protocols of the application layer according to their own needs
(Mail Transfer Protocol: SMTP World Wide Web Application: HTTP Remote Login Service: TELNET)
(2) Encryption, decryption, and formatting data (turning things that computers can understand into those that humans can understand)
(3) Establish or release connections with other nodes, which can fully save network resources
Transport layer: defines some protocols and port numbers for transmitting data. It is mainly to segment and transmit the data received from the lower layer, and reassemble after reaching the destination address . This layer of data is often called a segment.
Network layer: It can perform functions such as establishing and terminating network connections and searching for IP addresses.
Network interface layer: Due to the merger of the physical layer and the data link layer, the network interface layer is not only the physical medium for transmitting data, but also provides an accurate route for the network layer.
communication process
The process of two computers communicating through the TCP/IP protocol:
The above figure shows the situation that two computers are in the same network segment, if the two computers are in different network segments. Then data travels through one or more routers as it travels from one computer to another.
The link layer has standards such as Ethernet and token ring network. The link layer is responsible for the driver of the network card device, frame synchronization (that is, what signal is detected from the network line is counted as the beginning of a new frame), conflict detection (if a conflict is detected, the Automatic retransmission), data error checking, etc. A switch is a network device that works at the link layer and can forward data frames between different link layer networks. Since the frame formats of different link layers are different, the switch needs to remove the link layer header of the incoming data packet and repackage it. Retweet later.
The IP protocol at the network layer is the foundation of the Internet. Hosts on the Internet are identified by IP addresses. There are a large number of routers on the Internet that are responsible for selecting appropriate paths to forward data packets based on IP addresses. Data packets often need to pass through more than ten routers from the source host to the destination host on the Internet. A router is a network device that works on the third layer and also has the function of a switch, which can forward data packets between different link layer interfaces. Therefore, the router needs to remove the incoming data packets from both the network layer and the data link layer. Layer header and repackage. The IP protocol does not guarantee the possibility of transmission, data packets may be lost during transmission, and reliability is supported in upper layer protocols or applications.
The network layer is responsible for point-to-point transmission (host or router), and the transport layer is responsible for end-to-end transmission (source host and destination host). The transport layer can choose TCP or UDP protocol.
TCP is a connection-oriented and reliable protocol. It is a bit like making a phone call. After the two parties pick up the phone and exchange their identities, a connection is established, and then they can talk. If you speak here, you can hear it on the other side, and listen in the order of speaking. Yes, hang up and disconnect after speaking. That is to say, the two sides of TCP transmission need to establish a connection first, and then the TCP protocol ensures the reliability of data transmission and reception. Lost datagrams are automatically resent. The upper-layer application always receives reliable data streams, and the connection is closed after communication.
UDP is a connectionless transmission protocol that does not guarantee reliability. It is a bit like sending a letter. After writing the letter and putting it in the mailbox, it cannot guarantee that the letter will not be lost during the mailing process, nor can it guarantee the order in which the letter will be sent. Applications using the UDP protocol require the host to complete lost packet retransmission, message arrangement, and other work.
After the destination host receives the data packet, what if it goes through each layer of the protocol stack and finally reaches the application program?
The Ethernet driver first determines that the payload of the data (remove the data transmitted by the protocol header) is a datagram of the IP, ARP, and RARP protocols according to the "upper layer protocol" field of the Ethernet header, and then hands it over to the corresponding protocol for processing. If it is an IP datagram, the IP protocol determines whether the payload of the datagram is TCP, UDP, ICMP or IGMP according to the "upper layer protocol" field of the header, and then hands it over to the corresponding protocol for processing. If it is a TCP or UDP segment, TCP or UDP determines which user process should hand over the application layer data according to the "port number" field of the TCP header or UDP header. 【Division】
The IP address is the address that identifies different hosts in the network, and the port number is the address of different processes identified on the same host. Together, the IP address and port number identify a unique process on the network.
Although IP, ARP, and RARP datagrams all require an Ethernet driver to encapsulate them into frames, functionally, ARP and RARP belong to the link layer, and IP belongs to the network layer. Although the data of TCP, UDP, ICMP, and IGMP all require the IP protocol to encapsulate the datagram, but in terms of function, ICMP and IGMP belong to the network layer as IP, and TCP and UDP belong to the transport layer.
packet encapsulation
Different protocol layers have different names for data packets. It is called a segment at the transport layer, a datagram at the network layer, and a frame at the link layer . After the data is encapsulated into a frame, it is sent to the transmission medium. After reaching the destination host, each layer protocol strips off the corresponding header, and finally the application layer data is handed over to the program application.
protocol
A network protocol, referred to as a protocol, is a set of agreements that must be followed by both communicating computers. Including how to establish a connection, how to identify each other, etc. As long as this agreement is followed, computers can communicate with each other.
Three elements: syntax, semantics, timing
In order for the data to reach the destination from the source on the network, the participants in the network communication must follow the same rules. This set of rules is called the protocol, which ultimately reflects the format of the data packets transmitted on the network.
Protocols are often defined in several layers, and the definition of layers is to make the change of a protocol in one layer not affect the protocols in other layers.
Common protocols:
Application layer: FTP (File Transfer Protocol), HTTP (Hypertext Transfer Protocol), NFS (Network File System)
Transport layer: TCP (Transmission Control Protocol), UDP (User Datagram Protocol)
Network layer: IP (Internet Interconnection Protocol), ICMP (Internet Control Protocol), IGMP (Internet Group Management Protocol)
network interface layer: ARP (Address Resolution Protocol), RARP (Reverse Address Resolution Protocol)
Ethernet frame format
Wherein, the destination address and the source address refer to the hardware address (MAC address) of the network card, with a length of 48 bits, which are solidified when leaving the factory. You can view it through the ifconfig command. The protocol field has three values, corresponding to IP, ARP, and RARP. The end of the frame is a CRC check code.
The data length in the Ethernet frame stipulates a minimum of 46 bytes and a maximum of 1500 bytes. The length of the ARP and RARP data packets is not enough for 46 bytes, which will be supplemented later. The maximum value of 1500 is called the maximum transmission unit (MTU) of Ethernet. Different network types have different MTUs. If a data packet is from an Ethernet router to a dial-up link, and the length of the data packet is greater than the MTU of the dial-up link, you need to Packets are fragmented. [It can be seen in ifcong] The concept of MTU refers to the maximum length of the data frame payload, excluding the frame header length.
Supplement: TTL means the longest life cycle, one unit per hop (every time a router passes through TTL-1)
Question: Why not increase the payload of the Ethernet frame protocol (become super large)?
Because if the sent data is not received by the receiving end, it needs to be resent. Obviously, resending 1500 is more convenient (faster) than 60000.
ARP datagram format
During network communication, the application program of the source host knows the IP address and port number of the destination host (informed in advance, included in the program), but does not know the hardware address of the destination host, and the data packet is first received by the network card before going Process the upper layer protocol, if the hardware address of the received data packet does not match the local machine, it will be discarded directly. Therefore, the hardware address of the destination host must be obtained before communication. The ARP protocol plays this role.
An ARP cache table is maintained in the kernel of each host. The source host first searches the hardware address of the destination host in the ARP table of the host, and if found, sends the data packet to the corresponding destination host. If not, the source host will broadcast an ARP request to the local network segment (the hardware address of the Ethernet frame header is filled with FF:FF:FF:FF:FF:FF to indicate broadcast). When the destination host receives the broadcast ARP request and finds that the IP address matches that of the host, it sends an ARP response packet to the source host, updates its own ARP cache table, and fills in its own hardware address in the response packet.
Each host maintains an ARP cache table, which can be viewed with the arp -a command. The entry expiration time in the cache table is generally 20 minutes.
Hardware type: 1 means MAC address
Protocol type: 0x800 means IP address
Hardware address length: 6 (6*8 = 48)
Protocol address length: 4 (4*8 = 32)
Operation: 1 means ARP request, 2 means ARP reply, 3 means RARP request, 4 means RARP reply
When broadcasting: Destination Ethernet address FF:FF:FF:FF:FF:FF
IP datagram format
The header length and data length of an IP datagram are variable, but they are always integer multiples of 4 bytes . For IPV4, the 4-digit version field is 4. The value of the 4-digit header length is in units of 4 bytes, and the minimum value is 5, that is to say, the minimum value of the header length is 4*5=20, that is, without any In the IP header of the option, the maximum value that can be represented by 4 bits is 15, that is to say, the maximum length of the header is 60 bytes . The 8-bit TOS field has 3 bits used to specify the priority of the IP datagram (currently obsolete), and 4 bits to indicate the optional service type (minimum delay, maximum throughput, maximum reliability, minimum cost), and One bit is always 0.
The total length is the number of bytes in the entire datagram (including header and data)
Each time an IP datagram is transmitted, the 16-bit identifier is incremented by 1, which can be used for fragmentation and reassembly of the datagram.
A 3-bit flag and a 13-bit offset are used for sharding.
TTL: A time-to-live set by the source host for the datagram. It will be reduced by 1 every time it passes through a router. If it is reduced to 0, it means that the route is too long and the network of the destination host cannot be found, and the packet will be discarded. Time is a hop. The protocol field indicates that the upper layer protocol is TCP, UDP, ICMP, IGMP. Then there is the checksum, which only checks the IP header, and the data check is responsible for the higher layer protocol.
UDP protocol format
Source port number: sender port number
Destination port number: receiver port number
Length: the length of the UDP user datagram, the minimum is 8 (only the header)
Checksum: Detect whether there is an error in the transmission of UDP user datagram, and discard it if there is an error
TCP protocol format
1. Source port number: sender port number
2. Destination port number: receiver port number
3. Serial number: the serial number of the first byte of the data in this segment
4. Confirmation sequence number: Expect to receive the sequence number of the first data byte of the next segment of the other party
5. Header length (data offset): How far is the data start of the TCP message segment from the start of the TCP message segment, that is, the header length. Unit: 32 bits
6. Reserved: 6 digits, reserved for future use, should be set to 0 at present
7. Urgent URG: This bit is 1, indicating that the urgent pointer field is valid, and it tells the system that there is urgent data in this segment and should be transmitted as soon as possible
8. Confirmation ACK: The confirmation number field is valid only when ACK=1. TCP stipulates that after the connection is established, all transmitted messages must set ACK to 1
9. Push PSH: When two application processes communicate interactively, sometimes the application process at one end hopes to receive a response from the other party immediately after typing a command. In this case, TCP can use the push operation. The sender TCP sets PSH to 1, and immediately creates a segment to send out. The receiver receives the segment with PSH=1 and delivers it to the receiving application process as soon as possible. , instead of waiting until the entire buffer is filled before delivering upwards
10. Reset PST: used to reset the corresponding TCP connection
11. Synchronous SYN: It is only valid when the three-way handshake establishes a TCP connection. When SYN=1 and ACK=0, it indicates that this is a connection request message segment. If the other party agrees to establish a connection, SYN=1 and ACK=1 should be used in the corresponding message segment. SYN is set to 1 to indicate that this is a connection request or connection acceptance message
encapsulation
Before the application data is sent to the physical network, it will be passed along the protocol stack from top to bottom. Each layer of the protocol will add its own header information (including the tail CRC of the Ethernet frame) on the basis of the upper layer data. In order to realize the function of this layer, this process is called encapsulation
share
When the frame arrives at the destination host, it will be passed along the protocol stack from bottom to top. The protocols of each layer process the header data in the frame in order to obtain the required information, and finally deliver the processed frame to the target application. This process is called splitting. The sharing is realized by relying on the type field in the header information.
Detailed explanation of TCP
TCP and UDP
Both TCP and UDP are transport layer protocols.
UDP: User Datagram Protocol, connectionless-oriented, unicast, multicast, broadcast, datagram-oriented, unreliable delivery
TCP: Transmission Control Protocol, connection-oriented, reliable, based on byte stream, only supports unicast transmission
UDP TCP Whether to create a connection no connection connection-oriented Is it reliable Unreliable delivery (packet loss is not retransmitted) Reliable delivery (packet loss and retransmission) number of connection objects One-to-one, one-to-many, many-to-many one to one transfer method Datagram Oriented stream-oriented head overhead 8 bytes 20 bytes minimum Applicable scene Real-time applications (video conferencing, live broadcast) Applications with high reliability (file transfer) TCP communication process
Service-Terminal:
1. Create a socket for listening
- Listening: Listening for connections with clients
-Socket: This socket is actually a file descriptor
2. Bind the listening file descriptor to the local IP and port (the IP and port are the address information of the server)
-The client uses this IP and port when connecting to the server
3. Set up the monitoring, and the monitoring fd starts to work
4. Set blocking, when a client initiates a connection, unblock. Accept the connection from the client and get a socket (fd) to communicate with the client
5. Communications
- accept data
-send data
6. The communication ends and the connection is disconnected
client:
1. Create a socket (fd) for communication
2. To connect to the server, you need to specify the IP and port of the connected server
3. The connection is successful, and the client can directly communicate with the server
- Receive data
- send data
4. The communication ends and the connection is disconnected
TCP three-way handshake
TCP is a connection-oriented unicast protocol. Before sending data, both communicating parties must establish a connection between each other. The so-called "connection" is actually a piece of information (IP address, port number) about each other kept in the memory of the client and server.
TCP can be seen as a byte stream, and it will deal with packet loss, duplication, and errors at or below the IP layer. During the establishment of the connection, the two parties need to exchange some connection parameters. These parameters can be placed in the TCP header
TCP provides a reliable, connection-oriented, byte stream, and transport layer service, using three handshakes to establish a connection and four handshakes to close a connection.
The process of three-way handshake:
1. The client sends a TCP message with the SYN flag to the server . Segment 1 of this three-way handshake
The client sends segment 1, and the SYN bit indicates a connection request. The serial number is 0. This serial number is used as a temporary address in communication. Every time a secretary byte is sent, the serial number should be increased by 1, so that the correct sequence of data packets can be arranged at the receiving end according to the serial number, and packet loss can also be found. In addition, it is stipulated that the SYN bit and the FIN bit also occupy a serial number. Although no data is sent this time, the SYN bit is sent, so the next time the transmission should use the serial number 1001. mms indicates the maximum segment size. If a segment is too large, and after encapsulation into a frame exceeds the maximum frame length of the link layer, it must be fragmented at the IP layer. In order to avoid this situation, the client declares its own maximum segment size. It is recommended The segment sent by the server should not exceed this length.
2. The server responds with a response message with ACK and SYN flags . It represents the response to the client SYN just now, and at the same time sends SYN to the client, asking whether the client is ready for data communication. This is the second segment in the three-way handshake.
The server sends out segment 2, also with a SYN bit, and sets the ACK bit at the same time to indicate confirmation. The confirmation sequence number is 1, which means "I have received all segments with sequence number 0 and before, please send the segment with sequence number 1 next time", also It is to respond to the client's connection request, and at the same time send a connection request to the client, and at the same time declare that the maximum size is 1024
3. The client must respond to the server with an ACK message again. This segment 2
The client sends segment 3 to respond to the server's connection request, and the confirmation sequence number is 8001. In this process, the client and the server respectively sent connection requests to each other, and responded to each other's connection requests. While establishing the connection, the two parties negotiate some information. For example, the initial value of the serial number sent by both parties, the maximum segment size
Why is it a 3-way handshake?
Only through the 3-way handshake can it be determined that the function of the client's sending data and data data is normal. The receiving data and sending data on the server side are normal. The two-way handshake obviously cannot be proved. For example, the client sends a SYN connection request, and the server responds with an ACK message and sends it. Then it can only prove that the client sends data normally, and the ability to receive data cannot be determined. 4-way handshake can also be achieved, but 3-way handshake can be done, there is no need to spend one more time. And during the three-way handshake, the two parties negotiated some information, such as the initial value of the serial number sent by the two parties and the maximum segment size.
TCP sliding window (TCP flow control)
Sliding window is a flow control technique. In the early network communication, the communication parties will not consider the network congestion and send data directly. Since everyone does not know the network congestion and sends data at the same time, the intermediate node blocks and loses packets, and no one can send data, so there is a sliding window mechanism to solve this problem. The sliding window protocol is a technique used to improve throughput by allowing the sender to transmit additional packets before receiving any acknowledgments. The receiver tells the sender how many packets (window size) it can send at a certain moment .
In another case, when the sending end sends at a faster speed, the receiving end receives the data at a slower processing speed, and the size of the receiving buffer is fixed (generally using a circular queue), data will be lost. The TCP protocol solves this problem through the "sliding window" mechanism.
Look at the communication process above:
1. The sender (client) initiates a connection and declares that the maximum size is 1460. The initial sequence number is 0, and the window size is 4K, which means "my receiving buffer still has 4K bytes of free space, and the data you send should not exceed 4K". The receiving end responds to the connection request, stating that the maximum segment size is 1024, the initial sequence number is 8000, and the window size is 6K. The sender responds, and the three-way handshake ends.
2. The sender sends segments 4-9, each segment contains 1K data, and the sender knows that the buffer of the receiver is full according to the window size, so it stops sending data. (6*1024=6K)
3. The application program at the receiving end has processed 2K data, the receiving buffer has 2K free, receiving and sending segment 10, and then responds that 6K data has been received and declares that the window size is 2K, and contains the sequence number of the next transmission
4. The application program at the receiving end has processed 2K data, the receiving buffer has 4K free, and the receiving and sending segment is 11. Redeclare the window size to be 4K.
5. The sender sends out segments 12-13, each with 1K data, and segment 13 also contains the FIN bit (FIN means disconnection)
6. The receiving end acknowledges that it has received 2K data (6145-8192), plus the FIN bit occupies a serial number 8193, so it informs the sending end that the next transmission will start from serial number 8194, the connection is in a half-closed state, and the receiving segment declares the window size as 2K
7. The application at the receiving end processed 2K data, and the receiving end re-declared the window size as 4K
8. The application at the receiving end processed 2K data, and the receiving end re-declared the window size as 6K
9. After the application program at the receiving end processes all the data, it decides to close the connection, sends segment 17, including the FIN bit, and the sending end responds, and the connection is completely closed
As the application fetches data, the dotted box keeps sliding to the right, hence the name sliding window
We can also analyze a phenomenon:
The data seen by the application program is a whole or a stream. In the underlying communication, these data may be split into data packets to be sent, but how many bytes a data packet has is invisible to the application program, so the TCP protocol It is a byte-stream-oriented protocol, while UDP is a message-oriented protocol. Each UDP segment is a message. The application must extract data in units of messages, and cannot extract any byte of data at a time. This is very different from TCP. different
TCP four waves
Since TCP is half-duplex, each direction must be closed separately. The principle is that when one party completes its data sending task, it can send a FIN to terminate the connection in this direction. Receiving a FIN only means that there is no data flow in this direction, and a TCP connection can still send data after receiving a FIN. The first party to perform the shutdown will perform an active shutdown, while the other party will perform a passive shutdown. ( Sending data is different from sending request responses, one is defined in the TCP header (FIN, ACK, SYN), and the other belongs to the data part )
1. The client sends a FIN bit to indicate a request to close the connection
2. The server responds to the client's request to close the connection
3. After the server finishes processing the data in the buffer (and makes a corresponding response), it sends FIN to the client to indicate that the connection is closed
4. The client responds to the server's request to close the connection
The process of establishing a connection is a three-way handshake, and closing the connection usually requires 4 handshakes. The server's response and the closing connection request are usually not combined in one segment, because there is a half-closed state (as shown in the above figure, and A will need to send After sending the data, call close() to close. There is still data in the buffer of B that has not been processed, and the area needs to respond to the data sent by A, so the write end of B cannot be closed for the time being). In this case, after the client closes the connection, it cannot send data to the server, but the server can still send data to the client until the server also closes the connection.
TCP state transitions
Red line: client side Green line (dotted line): server side (two lines are analyzed simultaneously)
CLOSED : The logo is in the initial state
LISTEN: This state indicates that a SOCKET on the server side is in the listening state and can accept connections
SYN_SENT: This state corresponds to STN_RCVD. When the client SOCKET performs a connection, it first sends a SYN message, then enters the SYN_SENT state, and waits for the server to send the second message in the three-way handshake. The SYN_SENT state indicates that the client has sent a SYN request
SYN_RCVD : This state indicates that a SYN message has been received. Under normal circumstances, this state is an intermediate state during the three-way handshake session of SOCKET on the server side when establishing a TCP connection, which is very short. In this state, after receiving the ACK message from the client, it will enter the ESTABLSED state (both the client and the server enter the ESTABLSED state after receiving the ACK)
ESTABLSHED: Indicates that the connection has been established
FIN_WAIT_1: Indicates that when in the ESTABLSED state, the party who wants to actively close the connection sends a FIN message to the other party. At this time, the socket enters the FIN_WAIT_1 state (usually very quickly)
FIN_WAIT_2: The party that actively closes, sends FIN and enters this state after receiving ACK. Call it a half-connected or half-closed state. The socket in this state can only accept data and cannot send
TIME_WAIT: The party that actively closes receives the other party's FIN message and sends an ACK message, and returns to the CLOSED available state after 2MSL. Why set 2MSL? Make sure that the last ACK sent can be received by the other party. If lost, resend ACK
CLOSING: This state is special and is a relatively rare state. Under normal circumstances, when you send a FIN message, it is reasonable to receive the other party's ACK message first, and then receive the other party's FIN message. But the CLOSING state means that after you sent the FIN message, you did not receive the other party's ACK message, but instead received the other party's FIN message. (If both parties close at the same time, then both parties will send FIN at the same time, and enter the CLOSING state)
CLOSE_WAIT: This state means waiting to close. When the other party closes a SOCKET and sends a FIN message to itself, the system will respond with an ACK message to the other party, and then enter the CLOSE_WAIT state. Next, check whether there is any data to be sent to the other party. If not, you can close the SOCKET and send a FIN message to the other party, that is, close the connection. So in the CLOSE_WAIT state, the connection needs to be closed.
LAST_ACK: This state is passively closed. After one party sends a FIN message, it finally waits for the other party's ACK message. After receiving the ACK message, it can enter the CLOSED available state
Let me add: sockets are essentially pseudo-files
half closed
When the end of the TCP connection that actively sends a FIN request to close receives the ACK response sent by the other party, and the other party has not sent a FIN, the party that actively closes enters the FIN_WAIT_2 state (half-closed state), and the end that actively closes can only read but not write.
Use close(): It is said to be half-closed, but it cannot be read or written. This state is not really a half-closed state, so use shutdown()
Use close to terminate a connection, but it only reduces the reference count of the descriptor, it does not close the connection directly, and only closes the connection when the reference count of the descriptor is 0. shutdown directly closes the descriptor regardless of the application count of the descriptor. You can also choose to abort the connection in one direction, only for reading or only for writing.
From the perspective of the program, you can use the API to control the semi-connected state (actively realize the semi-closed state)
#include <sys/socket.h>
int shutdown(int sockfd,int how);
socket: the descriptor of the socket that needs to be closed
how:
SHUT_ED(0): Close the read function on sockfd, this option will not allow sockfd to read
The socket is no longer accepting data, any data currently in the socket's receive buffer will be silently discarded
SHUT_WR(1): Close the write function on sockfd, this option will not allow socked to write.
Processes cannot issue write operations to this socket.
SHUT_RDWR(2): Close the read and write function of sockfd
If there are multiple processes sharing a socket, every time close is called, the count will be decremented by 1 until the count is 0, that is, all the processes in use have called close, and the socket will be released
In multi-process, if a process calls shutdown(sockfd,SHUT_RDWR), other processes will not be able to communicate, but if a process calls close(sockfd), it will not affect other processes
2MSL
Reasons for the existence of the TIME_WAIT state:
1. Make the 4-way handshake closing process more reliable. The last ACK of the 4-way handshake is sent by the active closing party. If the ACK is lost, the passive party will send a FIN again. If the active closing party can maintain a 2MSL TIME_WAIT state, there is a greater chance for the lost ACK to be sent out again.
2. Prevent the lost duplicate from causing damage to the transmission of subsequent new normal links. Lost duplicates are very common in actual networks. Often, routers fail and paths fail to converge, causing a package to jump between routers A, B, and C like an infinite loop. (TCP overtime retransmission, TCP is streaming, the order of all packets arriving is inconsistent, TCP is spliced by sequence number, through 2MSL TIME_WAIT state, to ensure that all lost duplicates will disappear, to avoid errors for new connections)
Why is the design on the active closing side:
1. The one who sent the last ACK is the party that actively closed
2. As long as one party maintains the TIME_WAIT state, the incarnation connection can be avoided to be re-established within 2MSL, and there is no need for both parties
RFC 793 stipulates that the MSL is 2 minutes, and it is usually 30 seconds in practical applications
programming problems
To do a test, first start the server, then start the client, terminate the server with Ctrl-C, and run the server again immediately. The result of the operation is:
This is because, although the application program of the server is terminated, the connection of the TCP protocol layer is not completely disconnected, so the same server port cannot be monitored again. Let's check it out with the netstat command:
When the server terminates, the socket descriptor will automatically close and send the FIN segment to the client. After the client receives the FIN, it is in the CLOSE_WAIT state, but the client does not terminate, nor does it close the socket descriptor, so it will not send FIN to the server, so the server's TCP The connection is in FIN_WAIT2 state.
Now use Ctrl-C to terminate the client, and then observe the phenomenon:
When the client terminates, the socket descriptor is automatically closed, and the server's TCP connection is in the TIME_WAIT state after receiving the FIN segment sent by the client. The TCP protocol stipulates that the party that actively closes the connection must be in the TIME_WAIT state and wait for two MSL (maximum segment lifetime) before returning to the CLOSED state. Because we terminate the server with Ctrl-C first, the server is the party that actively closes the connection , still cannot listen to the same server port again during TIME_WAIT
port multiplexing
The most common uses of port multiplexing:
- Prevent the previously bound port from being released when the server restarts
- The program exits suddenly and the system does not release the port
It is unreasonable to not allow re-listening until the server's TCP connection is completely disconnected. Because the TCP connection is not completely disconnected, it means that connfd (127.0.0.1:6666) is not completely disconnected, and we are listening to lis-tenfd (0.0.0.0:6666), although it occupies the same port, but the IP The addresses are different, connfd corresponds to a specific IP address communicating with a certain client, and listenfd corresponds to the wildcard address. The solution to this problem is to use setsockopt() to set the SO_REUSEADDR option of the socket descriptor to 1, which means that multiple socket descriptors with the same port number but different IP addresses are allowed to be created.
#include<sys/types.h>
#include<sys/socket.h>
int setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen);
setsockopt() sets the option SO_REUSEADDR of the socket descriptor to 1, which means that multiple socket descriptors with the same port number but different IP addresses are allowed to be created.
Insert the following code between the socket() and bind() calls in the server code:
int opt = 1;
setsockopt(listenfd, SOL_SOCKET, SO_REUSEADDR, &opt, sizeof(opt));
point-to-point, end-to-end
Difference Between Router and Switch
The difference between a router and a switch: The switch is mainly to enable everyone to surf the Internet through a network cable, but everyone dials up separately and uses their own broadband to surf the Internet. It does not affect everyone's Internet access, even if other people are downloading, it has no effect on their own Internet access. And all computers using the same switch are in the same LAN. The router has a virtual dial-up function more than the switch. The computers that access the Internet through the same router share the same broadband account. The Internet access between everyone affects each other. For example, if a computer is downloading, other computers on the same router will be obvious. I feel that the Internet speed is very slow. The computers on the same router are also in the same LAN.
The switch works at the relay layer, the switch is addressed according to the MAC address, the router works at the network layer, and is addressed according to the IP address, the router can handle the TCP/IP protocol, but the switch cannot.
