Preface: TCP/UDP is the transport layer, and IP/ICMP is the network layer.
(1)应用层:DNS(基于UDP)、ping(基于ICMP)、telnet(TCP)
注:应用层负责梳理应用程序的逻辑。
(2)传输层:TCP、UDP
注:传输层为两台主机上的应用程序提供端到端(end to end)的通信。传输层只关心通信的起始端和目的端,而不在乎数据包中转的过程。
(3)网络层:IP、ICMP(IP的重要补充:1)回应网络错误2)查询网络信息)
注:网络层实现数据包的路由和转发,强调的是逐跳的中转。通常数据包不能直接发送给目标主机,IP协议做的就是为他寻找合适的下一跳。
(4)数据链路层:以太网、ARP、RARP
注:实现了网卡接口的网络驱动程序,处理数据在物理媒介上的传输;驱动隐藏不同物理硬件的电气特性,为上层提供统一接口。
1. TCP:
2 bytes source port number + 2 bytes destination port number
4 byte serial number
4-byte confirmation response number
4bits data offset + 6bits reserved bits + 6bits control bits + 2 bytes window size
2 byte checksum + 2 byte urgent pointer
The total number of headers is 20 bytes.
Second, UDP:
2 bytes (16 bits) source port number
2 bytes (16 bits) destination port number
2 bytes (16 bits) packet length
2 bytes (16 bits) checksum 2^16=65536 bytes.
The total number of headers is 8 bytes.
Note: In fact, the upper limit of the received packet length of the udp protocol is about 65536 minus the header length of each link, which is about 6k. This is true in actual testing.
Use the 303203.py script tool to send a request through udp and accept the return packet data. The test result is that pulling 24 items can be successfully returned, and the data length is as follows.
But trying to pull 25 doesn't work. The specific performance is that the reply package is not received for a long time.
3. IP:
In the TCP/IP protocol, the packet that uses the IP protocol to transmit data is called an IP packet, and each packet contains the content specified by the IP protocol. These contents stipulated by the IP protocol are called IP datagrams (IP Datagram) or IP datagrams .
An IP datagram consists of two parts: a header (called a header) and data. The first part of the header is a fixed length, a total of 20 bytes, which is mandatory for all IP datagrams. Following the fixed portion of the header are optional fields of variable length.
Every IP datagram begins with an IP header. The source computer constructs this IP header, and the destination computer processes the data using the information encapsulated in the IP header. The IP header contains a lot of information, such as source IP address, destination IP address, datagram length, IP version number, etc. Each piece of information is called a field.
The IP datagram header fields are shown in the figure.
The minimum length of the IP header is 20 bytes. The meaning of each field in the above figure is as follows:
1) version (version)
Occupies 4 bits, indicating the version of the IP protocol. The IP protocol versions used by both communication parties must be consistent. The currently widely used IP protocol version number is 4, that is, IPv4.
2) Header length (Internet Header Length IHL)
Occupying 4 bits, the maximum representable decimal value is 15. The unit of the number represented by this field is a 32-bit word length (a 32-bit word length is 4 bytes). Therefore, when the IP header length is 1111 (that is, 15 in decimal), the header length reaches 60 bytes. When the length of the header of an IP packet is not an integral multiple of 4 bytes, it must be filled with the last padding field.
The data part always starts at an integer multiple of 4 bytes, which is more convenient when implementing the IP protocol. The disadvantage of limiting the length of the header to 60 bytes is that the length may not be sufficient sometimes. The reason why the length is limited to 60 bytes is to hope that users can minimize overhead. The most commonly used header length is 20 bytes (that is, the header length is 0101), and no option is used at this time.
3) differentiated services (tos)
Also known as service type, it occupies 8 bits and is used to obtain better service. This field is called service type in the old standard, but it has not been used in practice. In 1998, IETF renamed this field to Differentiated Services (DS). This field is only available when using DiffServ.
4) Total length (totlen)
The sum of header and data, in bytes. The total length field is 16 bits, so the maximum length of a datagram is 2^16-1=65535 bytes.
5) Identification
Used to identify the datagram, occupying 16 bits. The IP protocol maintains a counter in memory. Each time a datagram is generated, the counter is incremented by 1, and this value is assigned to the identification field. When the length of the datagram exceeds the MTU of the network and must be fragmented, the value of this identification field is copied to the identification field of all datagrams. Fragmented packets with the same identifier field value will be reassembled into the original datagram.
6) Flags
Takes 3 places. The first bit is unused and has a value of 0. The second bit is called DF (Don't Fragment), which indicates whether fragmentation is allowed. When the value is 0, fragmentation is allowed; when the value is 1, fragmentation is not allowed. The third bit is called MF (More Fragments), which indicates whether there are still fragments being transmitted. When it is set to 0, it means that there are no more fragments to send, or the datagram has no fragments.
7) slice offset (offsetfrag)
Takes 13 places. When the message is fragmented, this field marks the relative position of the fragment in the original message. The slice offset takes 8 bytes as the offset unit. Therefore, except for the last fragment, the offset values of other fragments are integer multiples of 8 bytes (64 bits).
8) Time to Live (TTL)
Indicates the lifetime of the datagram in the network, occupying 8 bits. This field is set by the originating host of the datagram. Its purpose is to prevent undeliverable datagrams from being transmitted indefinitely across the network, thereby consuming network resources.
The router decrements the TTL value by 1 before forwarding the datagram. If the TTL value decreases to 0, the datagram is discarded and not forwarded. Therefore, TTL indicates the maximum number of routers that the datagram can pass through in the network. The maximum value for TTL is 255. If the initial value of TTL is set to 1, it means that this datagram can only be transmitted in the local area network.
9) Agreement
Indicates the protocol type used by the data carried by the data packet, occupying 8 bits. This field can facilitate the IP layer of the destination host to know according to which protocol to process the data part. Different protocols have specific protocol numbers.
For example, TCP has a protocol number of 6, UDP has a protocol number of 17, and ICMP has a protocol number of 1.
10) Header checksum (checksum)
It is used to verify the header of the datagram, occupying 16 bits. Every time the datagram passes through a router, the fields in the header may change (such as TTL), so it needs to be rechecked. The data part does not change, so there is no need to regenerate the check value.
11) Source address
Indicates the source IP address of the datagram, occupying 32 bits.
12) Destination address
Indicates the destination IP address of the datagram, occupying 32 bits. This field is used to verify whether the sending is correct.
13) Optional fields
This field is used for some optional header settings, mainly for testing, debugging and security purposes. These options include strict source routing (datagrams must go through specified routes), Internet timestamping (timestamp records as they pass through each router), and security restrictions.
14) Filling
Since the length of the optional field is not fixed, filling this field with several 0s can ensure that the length of the entire header is an integer multiple of 32 bits.
15) Data part
Represents the data of the transport layer, such as saving data of TCP, UDP, ICMP or IGMP. The length of the data part is not fixed.