foreword
The following is the review knowledge points of the big black book "Computer Network Top-Down Method" (Seventh Edition) that I sorted out according to the exam scope drawn by the teacher. (Emmmm, to be precise, I read Daheishu according to the scope of the exam. The whole blog is not simplified, and I feel that it is not conducive to crash course, but I have to say, Dahei's writing is really good, seniors It's really beautiful)
Our exam questions are:
- Short answer (6 questions, 5 points/question)
- Application (6 courses, 5 points/course)
- Calculation (5 courses, 8 points/course)
Chapter 1: Computer Networks and the Internet
This chapter is mainly to understand various noun concepts.
1.1 What is the Internet
1.1.1 Composition description
Internet : A worldwide network of computers.
Host/End System : Devices (such as mobile phones, tablets, computers, etc.) connected to the Internet.
End systems are connected together by communication links and packet switches . A series of communication links and packet switches that a packet sent by an end system traverses from the sender to the receiver is called a path .
分组交换机(两种类型):① 路由器:② 链路层交换机:
ISP : (Internet Service Provider) Internet service provider.
Protocol : Used to control the receiving and sending of information on the Internet.
1.1.3 Agreement
Protocol : Defines the format and sequence of messages exchanged between two or more communicating entities, as well as the actions taken for message sending/receiving a message or other event.
协议三要素:
- 语法:定义交换信息的格式
- 语义:定义收发双方需要完成的操作
- 同步:定义收发双方的时序关系
Entity : Any hardware or software process that can send or receive information.
1.4 Latency, Packet Loss and Throughput in Packet Switched Networks
1.4.1 Latency and overview in packet-switched networks
The total node delay d nodal = node processing delay d proc + queuing delay d queue + transmission delay d trans + propagation delay d prop
- Processing delay dproc : The time it takes for a router to examine a packet header and decide where to direct the packet.
- Queuing delay d queue : When packets are transmitted through the network, they have to pass through many routers. Therefore, when the packet enters the router, it must be queued in the input queue for processing; after the router determines the forwarding interface, it must be queued in the output queue for forwarding.
- Transmission delay d trans : It is the time required for the host or router to send a data frame, that is, the time required to send the first bit of the data frame to the time required for the last bit of the frame to be sent - the length of the data frame (b) / channel bandwidth (b/s)
- Propagation delay d prop : The time spent in transporting a packet between two routers. This speed of propagation depends on the physical medium of the link (fiber optics, twisted pair copper wire, etc.).
1.4.2 Queuing delay and packet loss
The queuing delay d queue is the most complex and interesting, because it is different for different groups.
Flow intensity : La/R (in principle, the ratio is ≤1)
L:分组比特
a:分组到达队列的平均速率
R:路由器传输速率(带宽)
Packet Loss : A packet is lost. The loss ratio increases with traffic intensity.
1.4.3 End-to-end delay
Generally, when calculating the end-to-end delay, it is assumed that there is no queuing delay.
(N is the number of links, there are N-1 routers)
End-to-end delay = sending host (transmission delay) + propagation delay + (N-1) routers (processing delay + transmission delay + propagation delay to the next device) + receiving host (processing delay)
end-to-end delay = N processing delay + N transmission delay + N * propagation delay
d end-end = N(d proc + d trans +d prop )
1.4.4 Throughput in computer networks
Bandwidth is ideal, throughput is reality.
The transmission rate (bandwidth) of the link between the two hosts may be different, but the file transfer throughput of the two hosts must be =min{R 1,R 2 ,……R N }
1.5 Protocol layer and its service model
1.5.1 Layered Architecture
At present, there are 5 layers of structure (from top to bottom) that need to be mastered for teaching:
- Application layer : The place where network applications and their application layer protocols exist, that is, this layer will resolve network applications between processes through traffic and programs that can interact with users.
- Transport layer : Solve the communication problem of the process (such as the emergency situation of transmission error). There are two protocols - TCP and UDP.
- Network layer : identify each network and host (such as IP compilation; solve the problem of how routers forward packets for routing selection)
- Data link layer : Solve the problem of packet transmission on the link (such as distinguishing data and addresses from the bit stream identified by the signal; coordinating the requisition of the bus by the host)
- Physical layer : related to the actual transmission medium, which signal can be used to transmit bits (such as voltage, interface standards, etc.).
The legal international standard OSI architecture is 7 layers, and 2 are added between the transport layer and the application layer. The order is: physical layer, data link layer, network layer, transport layer, session layer , presentation layer , Application layer.
1.5.2 Packaging
In fact, in the computer network architecture, each layer will add some auxiliary information when providing services to the upper layer, so the necessary packaging work must be done well, which is encapsulation.
Chapter 2: Application Layer
2.1 Application layer protocol principle
At the heart of developing network applications is writing programs that can run on different end systems and communicate with each other over the network.
2.1.1 Web Application Architecture
主流两种:
- 客户-服务器体系结构
- 对等(P2P)体系结构
client-server architecture
1. 客户和服务器是指通信中所涉及的两个应用进程
2. 客户是服务请求方,服务器是服务的提供方
3. 服务器总是处于运行状态,并等待客户的服务请求
4. 服务集中型(应用服务主要集中在网络中比客户计算机少得多的服务器计算机上)
Peer-to-Peer (P2P) method
1. 没有固定的服务请求者和服务提供者
2. 服务分散型
3. 突出特性:可扩展性(系统性能不会因规模的增大而降低)
4. 成本更低
2.1.2 Process communication
In three steps:
- Identify the necessary client and server processes, the process that initiates the communication is the client
- Interface between process and computer network (implemented through sockets)
- Process addressing (the host is identified by the IP address, which is a 32-bit quantity that can uniquely identify the host)
2.1.3 Shipping services available for the application
Sockets are the interface between application processes and transport protocols. TCP uses the IP address of the host plus the port number on the host as the endpoint of the TCP connection. This endpoint is called a socket or socket.
A socket is represented by (IP address: port number).
When developing an application, you also need to choose an available transport layer protocol, and the transport protocol mainly provides the following four aspects of services (you can consider these aspects when choosing):
1. 可靠数据传输
2. 吞吐量
3. 定时(有些数据交付会有时延限制的需求)
4. 安全性
2.1.4 Transportation services provided by the Internet
The Internet provides two transport layer protocols for applications :
①TCP
TCP服务模型包括 面向连接服务、可靠数据服务。
- 面向连接服务:在报文流动之前,TCP让客户和服务器互相交换运输层的控制信息
(这个过程也叫做三次握手)。
- 这种连接是全双工的
即连接双方的进程可以在此连接上同时进行报文的收发。
- 该连接结束必须拆除。
- 可靠的数据传送服务:没有字节的丢失和冗余。
- TCP有拥塞控制机制,它能抑制发送进程。
②UDP
UDP服务模型仅提供最小服务、无连接没有握手过程、是不可靠数据传送服务。
- 没有拥塞控制机制
2.1.5 Application layer protocol
The application layer protocol defines how application processes running on different end systems transmit messages (protocol content) to each other:
- Message type exchanged
- Syntax of the telegram type
- Semantics of the fields
- Timing and response rules for sending messages
2.2 Web and HTTP
The Web is an Internet application.
2.2.1 Overview of HTTP
The application layer protocol used by the Web is the Hypertext Transfer Protocol (HyperText Transfer Protocol, HTTP )
HTTP由两个程序实现:一个客户程序+一个服务器程序;
HTTP定义了Web客户向Web服务器请求Web页面的方式,以及服务器传回Web页面的方式;
HTTP使用Tcp协议作为它的支撑运输协议;
HTTP是一个无状态协议,因为HTTP服务器不保存客户的任何信息
它使用客户-服务器的应用体系结构,Web服务器总是打开,有固定的IP地址。
2.2.2 Non-persistent and persistent connections
往返时间(Round-Trip Time,RTT)
指一个短分组从客户到服务器然后再返回客户所花费的时间。
Non-persistent connection: When the client-server interaction is performed through Tcp, each request/response is sent through a separate Tcp connection.
总的响应时间=2*RTT + 服务器传输HTML文件的时间
因为非持续连接每次首先要完成Tcp的标志性三次握手动作:
①客户发起Tcp连接的一个小报文段
②服务器接收到后返还一个确认和响应
③客户向服务器再返回确认,表示自己状态ok
④服务器接收到确认,开始传输文件
⑤文件传输到结束,连接中断
①②和③④各是一次完整的RTT,所以总的响应时间是(2*RTT+文件传输时间)
以上我们也能看出非持续连接的缺点:
- 每一个请求的对象都要建立和维护一个全新的连接
- 每个连接都要经受两倍RTT的交付时延(一个创建TCP,一个用于请求和接受对象)
Persistent connection: All requests/responses are sent through the same Tcp connection.
一般来说,如果一条连接经过一定的时间间隔未被使用,HTTP就关闭该连接。
实际上,HTTP的默认模式就是带流水线的持续连接。
2.2.3 HTTP message format
HTTP has two kinds of messages
① request message
第一行(请求行):
方法字段/URL字段/HTTP版本字段
补充说明方法字段的取值:GET POST HEAD PUT DELETE
GET和POST有实体的区别:
使用GET时实体为空
使用POST时实体体中包含用户在表单字段中的输入值;
HEAD用于调试跟踪,因为HEAD请求会使服务器不返回响应对象;
PUT常与Web发行工具连用,允许用户上传资料到指定的Web路径中;
DELETE允许用户删除Web服务器上的对象。
后继行(都叫首部行)
Host :指明对象所在的主机
Connection :值为close时该行告诉浏览器不要麻烦地使用持续连接
并要求服务器在发送完被请求的对象后就关闭该连接
User-agent :用来指明用户代理(向服务器发送请求的浏览器的类型)
Accept-language:表示用户想得到该对象的语法版本
②Response message
初始状态行:
协议版本字段/状态码和相应的状态信息
补充说明状态码相关的短语:
- 200 ok :请求成功
- 301 Moved Permanently:对象被转移了
- 400 Bad Request:一个通用的差错代码
- 404 Not Found:请求对象不在服务器上
- 505 HTTP Version Not Supported:不支持该版本协议
首部行(有6个):
Connection :值为close时该行告诉客户,发送完报文后关闭Tcp连接
Date :指示服务器产生并发送该响应报文的日期和时间
Server :指示该报文由xxx服务器产生
Last-Modified :指示了对象创建或者最后修改的日期和时间
Content-Length:指示了被发送对象中的字节数
Content-Type :指示对象的文本类型
实体体(为主要部分)
2.2.4 Interaction between user and server: cookie
The previous section mentioned that HTTP is often stateless, but the server wants to identify the user, so HTTP uses cookies to allow the site to track users.
A cookie has 4 components :
- Add a cookie to the header line of the HTTP request message
- Add a cookie header line to the header line of the HTTP response message
- Keep a cookie file in the client system, managed by the user's browser
- A backend database located at the Web site
2.2.5 Web caching
A web cache, also known as a proxy server , is a network entity that satisfies HTTP requests on behalf of the original web server. It keeps a copy of the most recently requested object.
(In fact, a web cache is like a cache. When my client (cpu) wants to request object data from the server (memory), it first checks whether the web cache (cache) hits. If it hits, it returns the data directly. If it does not hit, then Obtain objects from the server (memory) and store them in the web cache (cache))
要是客户端请求的对象在Web中有副本,那么它就直接给客户返回响应报文
如果没有,Web就打开一个与目的服务器的Tcp连接
(Web发送请求,服务器收到回应
Web收到后存储一个副本,并将该副本用响应报文返回给客户)
Web缓存通常由ISP购买并安装
Web存在的原因:
- 可以大大减少对客户请求响应的时间
- 可以减少接入链路到因特网的通信量,减少成本
2.2.6 Conditional GET method
The web cache can send a request message to the server, which uses the GET method to include an "If-Modified-Since:" header line in the request message to the server to query whether an object has been changed on the server , so as to prove to the client whether the object stored in the Web cache is the latest object.
2.3 Email on the Internet
- user agent
- Mail Server
- Simple Mail Transfer Protocol (SMTP)
2.3.1 SMTP
SMTP is the main application layer protocol in Internet e-mail, using Tcp reliable transmission service.
In its message content, C:the lines beginning with the client are the lines handed over to the TCP socket; S:the lines beginning with the server are those lines sent to the TCP socket.
2.3.2 Comparison with HTTP
HTTP is a pull protocol. When someone loads information on a web server, the user uses this protocol to pull the desired information from the server. The TCP connection is initiated by the machine that wants to receive the file.
SMTP is a push protocol. The sender's server pushes information to the receiver's server. This TCP connection is initiated by the machine that wants to send the file.
2.3.3 Mail message format
A typical message header includes:
- From: xxxxx
- To: xxxxx
- Subject: can be empty
2.3.4 Mail Access Protocol
Because SMTP is a push protocol, if the recipient wants to view the communication content from other media, he needs to fetch the mail from the current user agent browser to the mail server that received the letter. Obviously, SMTP is no longer applicable, so add A special mail access protocol was created to solve this problem:
- POP3 (Post Office Protocol——Version3, POP3) third edition of the post office protocol
- IMAP (Internet Mail Access Protocol, IMAP) Internet mail access protocol: stronger than POP3, users can create remote folders and assign folders to messages
- HTTP
2.4 DNS: Directory Service for the Internet
There are two main ways to identify a host, by hostname or IP address. In practice, the host name is often indefinite and incomplete, while the IP address has a fixed length and the fixed field identifies different meanings, so we hope to obtain its IP address when obtaining a host name to obtain more complete information about the host.
2.4.1 Services provided by DNS
主要有三种重要服务:
- 主机别名(或者说因为有了DNS,一个主机才有规范主机名和别名的说法)
- 邮件服务器别名
- 负载分配
And we need a directory service that can convert hostnames to IP addresses——Domain Name System, DNS
DNS:
- 本身是一个应用层协议
- 是一个由分层的DNS服务器实现的分布式数据库
- 一个使得主机能够查询分布式数据库的应用层协议
- 运行在UDP运输协议上,使用53端口
- 可以将用户提供的主机名解析为IP地址
2.4.2 Overview of DNS working mechanism
The core is: distributed, hierarchical database + DNS cache
为了处理扩展性问题,dns以层次方式组织,大致有三层:
- 根DNS服务器:提供TLD服务器的IP地址
- 顶级域DNS服务器(Top-Level-Domain,TLD):提供权威DNS服务器的IP地址
- 权威DNS服务器
除此之外还有一个本地DNS服务器
- 但它不属于层次结构它起代理作用
- 可以避免太多主机查询的通信和根服务器连接
- 请求主机需要先跟本地DNS获取,跟Web缓存的设置目的差不多。
2.4.3 DNS records and packets
All DNS servers in the DNS distributed database store resource records (Resource Record, RR), and RR provides the mapping from host names to IP addresses.
Resource record format: {Name,Value,Type,TTL}
- TTL is the time to live of the record
- The value of Name and Value depends on Type
Type=A,Name是主机名,Value是该主机名对应的IP地址
Type=NS,Name是域,Value是个知道如何获得该域中主机IP地址的权威DNS服务器的主机名
Type=CNAME,则Value是别名为Name的主机对应的规范主机名
Type=MX,Value是个别名为Name的邮件服务器的规范主机名
Chapter 3: Transport Layer
The transport layer plays a vital role in providing direct communication services for application processes running on different hosts.
3.1 Overview and transport layer services
The transport layer protocol provides logical communication functions between application processes running on different hosts . (It means that it feels like the hosts of two processes with communication needs are directly connected)
(You can compare: the network layer provides logical communication between hosts )
3.1.1 The relationship between transport layer and network layer
The examples in the book are very good, I will briefly describe them here
有两个家庭,每个家庭12个孩子,每周每个家庭中的小孩都要给对方家庭的小孩写信。
A家庭中的a1负责去邮局取回B家庭寄来所有的信、并寄去自家的信
B家庭中的b1负责去邮局取回A家庭寄来所有的信、并寄去自家的信
应用层报文 = 信封上的字符内容
进程 = 两个家庭里的小孩(它们是活动具体运行的单位)
主机(端系统) = 家庭(所以每个主机可以有好多进程)
运输层协议 = a1 和 b1
网络层协议 = 邮局提供的服务
①同时我们也可以注意到运输层协议的一个特性:只工作在固定的端系统中
(可以看到a1、b1肯定只为自己家服务,不会去给别人家送信)
并且我们假设一下,如果a1、b1生病了,这肯定要换人,假设换了a2、b2(他俩年纪更小)
那a2和b2完成的工作量肯定比不上a1、b1(比如a2、b2因为年纪小,拿信不专心造成丢失)
②所以计算机网络可以安排多种运输层协议,它们为应用程序提供的服务不尽相同
另外,a2和b2是受制于邮局的,他们不能想什么时候去拿就什么时候去拿,总得邮局开门吧
③所以运输协议能够提供的服务受制于底层网络层协议的服务模型
3.1.2 Overview of the Internet Transport Layer
Here is a brief description of the protocol used by the network layer: IP. Its service model is best-effort delivery service—that is, it will try its best to deliver message segments between hosts, but it does not guarantee successful delivery or message delivery. The sequence of segments is correct and data integrity is not guaranteed, so IP is also called an unreliable service.
Therefore, the most basic task of the transport layer protocol (TCP or UDP) is to expand the delivery service of IP between two hosts to the delivery service between two processes running on the host. They both check the integrity of the message segment header through error checking.
TCP (Transmission Control Protocol): It provides a reliable, connection-oriented service to applications that call it.
TCP:
- 提供进程交付和差错检查
- 提供可靠传输:确保正确地、按序地把数据从发送进程交给接收进程
- 拥塞控制
UDP (User Datagram Protocol): It provides an unreliable, connectionless service to the application calling it.
UDP:
- 只提供进程交付和差错检查,所以UDP也不可靠
The following normative terms:
- The packets transmitted by TCP and UDP are called segments .
- A packet at the network layer is called a datagram
3.2 Multiplexing domain demultiplexing
The essence is to extend the host-to-host delivery service provided by the network layer to provide process-to-process delivery services for applications running on the host.
Demultiplexing: the work of delivering the data in the transport layer segment to the correct socket.
Multiplexing: The source host collects data blocks from different sockets, and encapsulates header information for each data block (which will be used for decomposition later) to generate message segments, and then passes the message segments to Network layer.
比如前面举的例子中
a1将取回的所有信件按照收信人的姓名交给自己对应的兄弟姐妹,这个过程就是多路分解;
a1将兄弟姐妹写好的信一起打包装好交去邮局,这个就是多路复用。
Therefore, in the transport layer, each socket on the host can be assigned a port number. When the message segment arrives at the host, the transport layer checks the destination port number in the message segment. If it matches, it throws it to the corresponding socket. Then the data in the segment enters the connected process through the socket. (The host can run multiple processes, and each process has its own socket and port number, making it feel like everyone is going home)
UDP socket = destination IP address + destination port number
TCP socket = source IP address + source port number + destination IP address + destination port number
3.3 Connectionless transport: UDP
UDP only does the minimum work that the transport protocol can do. Except for decomposition and multiplexing, it is actually similar to IP. Using UDP is almost to let the application directly deal with IP. UDP only completes the data obtained from the application and attaches the required source. and the destination port number field to form the work of the segment. In this process, the sender and the receiver's transport layer entity do not shake hands, so UDP is called connectionless.
但UDP存在也有很多优点
- 关于发送什么数据以及何时发送的,应用层能控制更为精细
- 无需建立连接,意味着开销和延时小
- 无连接状态,能支持更多的活跃用户
- 分组首部开销小
3.3.1 UDP segment structure
|<-----32bit----->|
源端口号 目的端口号
长度 检验和
应用数据
(报文)
3.3.2 UDP checksum
The sender’s UDP performs an inverse operation on the sum of the 3 16bits (source port number, destination port number, and length) of the message segment. Any overflow during the summation will be rolled back, and the result will be placed in the checksum field. Then on the receiving side, the receiving side will add 4 16bits (source port number, destination port number, length, checksum) together, if the sum is 1111111111111111, there is no error, as long as 0 appears, it means that there is an error.
Although UDP can be checked, there is no way to recover from the error. It either discards it, or gives the damaged segment to the application program and attaches a warning.
3.4 Principles of Reliable Data Transmission
The understanding assumption in the third section is based on the premise of a single data transmission.
- rdt stands for Reliable Data Transfer Protocol
- _send indicates that the sender is being called
- udt stands for unreliable data transfer
3.4.1 Constructing a reliable data transmission protocol
1. Reliable data transmission via a completely reliable channel: rdt1.0
is an ideal state, and the basic content settings of the initial protocol are based on the ideal state.
2. Reliable data transmission over channels with bit errors: rdt2.0
This case is to address bit corruption.
自动重传请求协议(Automatic Repeat reQuest,ARQ):
- 增加一些控制使得发送方知道哪些内容被正确接收、哪些内容接受有误并因此需要重传
- ACK 肯定确认
- NAK 否定确认
- 包括了停等协议,stop-and-wait
- 当发送方处于等待接收方确认状态时,它不能从上层获得更多数据
但是ACK和NAK的传输是有可能受损的!
解决方法:
- 在数据分组中添加一个新字段,让发送方对其数据分组编号
- 接收方检查序号即可确定是否重传
所以rdt2的核心就是
- 检验和
- 序号
- ACK分组确认
- 重传
3. Reliable data transmission over packet loss channels with bit errors: rdt3.0
now assumes that in addition to bit corruption, the underlying channel also loses packets.
所以设定的协议的主要内容就是:
发送方愿意等待足够长的时间等接收方返回信息,以确定分组是否丢失,丢失则重传。
而这个足够长的时间 = 一个往返时延+接收方处理一个分组的时间
实际运用中,发送方会使用倒计数定时器在一定时间值内进行等待
若没有收到传回确认立即重发
(虽然引入了冗余分组,但rdt2.0中的序号设置能够解决冗余的问题)
所以rdt3.0也被称为比特交替协议
所以rdt3.0的核心就是
- 检验和
- 序号
- 定时器
- 肯定和否定确认分组
- 重传
Above, by summarizing, we have obtained a reliable data transmission protocol!
3.4.2 Pipeline reliable data transmission protocol
Although rdt3.0 guarantees the correctness of data, performance problems become hidden dangers.
We define the utilization rate of the sender as: the part of time when the sender is actually busy sending bits into the channel/send time:
U sender = ( L/R )/(L/R + RTT)
L is the length of packet bits, R is bandwidth, RTT is a round trip time
解决办法:不以停等协议运行,而是允许发送方发送多个分组无需确认
因为许多从发送方 向 接收方 输送的分组可以被看作是一条流水线,所以这种技术叫流水线
- 必须增加分组的序号范围
- 协议的发送方和接收方两端需要能够缓存多个分组
- 对于差错恢复选用 回退N步 或 选择重传
3.4.3 Back N steps
Go-Back-N, GBN: Allows the sender to send multiple packets without waiting for confirmation, but it also limits the number of unacknowledged packets in the pipeline to not exceed N.
GBN中序号范围的理解:
- base(基序号):最早未确认分组的序号
- N:窗口长度,所以GBN也叫做滑动窗口协议,设置N也是为了限制发送方进而实现拥塞控制
[0,base-1]:已发送并确认的分组
[base,next-1]:已经发送但未被确认的分组
[next,base+N-1]:准备发送的分组
可能为空,这一部分其实是预留给上层应用程序录入新数据的
GBN的工作过程:
- 上层调用rdt_send()检查发送窗口是否已满 :
- 未满:产生一个分组准备发送
- 满了:将数据返回,并告知窗口状态,隔一会儿再尝试
- 发送方等待传回信号,这里分两种情况:
- ①收到一个ACK
表示接收方已经正确收到序号为n的分组包括n以前的所有分组
窗口向后移动到序号为n的分组的下一个分组
- ②超时
发送方重传所有已发送但未确认的分组
- 接收方的动作也分两种情况:
- ①正确接收序号为n的分组,并且n之前的分组序号顺序都正确,返回ACK
并将数据交付给上层应用程序
- ②分组失序,接收方丢弃未确认的所有分组
3.4.4 Select retransmission
Although pipelining improves channel utilization, it is actually silly for the receiver to discard all unacknowledged packets, because some packets are correct but in the wrong order.
Selecting retransmission (SR protocol) is to optimize this problem. The protocol allows the sender to retransmit only those packets that it suspects to be wrong, so the granularity of the sending status of the packet in the sending window will be finer.
SR发送方:
- 从上层收到数据,检查N之后发送
- 超时重传单个分组(这一步需要让每个分组都有自己的逻辑定时器)
- 收到某个分组的ACK
- 若返回的ACK是窗口的第一个,则窗口向后移动并将该分组确认
- 若返回的分组确认不是第一个分组,那就先确认但不移动
- 如果有分组超时,就只发送超时分组
SR接收方:
- 接收方接收一个分组n
- 检查n之前的是否都上传了
- 是的,说明n的顺序正确,也交付给上层,并返回ACK(累计确认)
- 不是,先缓存(最多缓存N个)
- 这就保证了当前的[base,base+N-1]内的分组一定会被强行排序)
Note: The window length must be less than or equal to half of the serial number space (efficiency issue)
3.5 Connection-Oriented Transport: TCP
Based on the above foreshadowing, the core of TCP is actually the header fields of error checking, retransmission, cumulative confirmation, timer, sequence number, and confirmation number.
3.5.1 Tcp connection
Tcp features:
- 面向连接(三次握手)
- 只在端系统运行,TCP是运输层协议
- 提供全双工服务
- 连接是点对点的(一对一)
3.5.2 TCP segment structure
|<-------------------------32bit------------------------------>|
源端口号 目的端口号
序号
确认号
(首部长度 保留未用 CWR ECE URG ACK PSH RST SYN FIN) 接收窗口
因特网检验和 紧急数据指针
选项
数据
- 源端口号和目的端口号:用于多路分解和复用
- 序号+确认号:用于发送方和接收方实现可靠数据传输服务
- 首部长度(4bit)
- 接收窗口字段:设置N,用于流量控制
- 选项(可变长):用于发送方和接收方协商最大报文段长度(MSS)
- 标志字段
- URG 指示报文段存在被发送端的上层实体置为“紧急”的数据,一般不用
- ACK 确认字段中的值是有效的
- PSH 指示接收方应立即将数据交给上层,一般不使用
- RST、SYN、FIN:用于连接建立和拆除
3.5.3 Round-trip time estimation and timeouts
EstimateRTT = (1-a)* EstimateRTT + a * SampleRTT
3.5.4 Reliable data transmission
The error recovery mechanism of TCP is a mixture of GBN protocol and SR protocol.
3.5.5 Flow Control
Here we focus on the difference between congestion control and flow control in TCP. We have always said that TCP has the ability to control congestion, but when it comes to TCP packets, the setting of the window size function is for flow control. Are the two the same thing? How is congestion control implemented?
We can first understand the two in this way:
- Congestion control is to avoid the problem of exhaustion of network resources, through the congestion window (its development is beneficial to the Internet as a whole, and it is global)
- Flow control focuses on the essential requirements of TCP transmission. Its purpose is to solve the problem of mismatch between the rate of the sender and the receiver. It is implemented through a sliding window (controlling the number of packets that have been sent but not ACKed)
Then let's look at how the two are implemented and run:
拥塞控制
- A与B之间的网络发生堵塞导致传输过慢或者丢包,来不及传输。
- 通过拥塞窗口实现
- 拥塞窗口指 发送端 在RTT内可以发送的最大数据包数
- 拥塞窗口根据网络情况一直动态变化
- 实现过程经历两个阶段:
- 1. 慢启动(指从1开始指数增长到限定大小的过程)
- 2. 拥塞避免(超过限定大小后出现丢包,将拥塞窗口改为1,限定大小减半)
流量控制
- A给B发数据,A发送的太快导致B没法接收(B缓冲窗口过小或者处理过慢)
- 通过滑动窗口实现,有发送端窗口和接收端窗口之分
- 窗口的大小在 接收端 指能够接收的最大字节数!
- 窗口的大小在 发送端 指能够发送的数据的大小
- 窗口大小在TCP报文中设置
- 窗口大小可以根据设置动态变化,但在某通信过程中,确定了就不变了
3.5.6 TCP connection management
1. 客户端的TCP首先向服务器端发送一个特殊的TCP报文段:
SYN=1,seq = client_isn
2. 当TCP SYN报文段的IP数据报到达服务器主机,服务器会为该TCP连接分配缓存和变量
然后服务器发回:
SYN=1, seq = server_isn, ack=client_isn+1
3. 客户接受后也要准备分配缓存和变量,准备好之后,给服务器发,此时标志连接建立:
SYN=0, seq = client_isn+1, ack=server_isn+1
4. 可以开始传输数据
3.6 Congestion Control Principles
The cost of a congested network
- When the packet arrival rate is close to the link capacity, there will be a huge queuing delay
- The sender must perform retransmissions to compensate for dropped packets due to buffer overflows
- When a packet is dropped along a path, the transmission capacity used by each upstream router to forward the packet to drop the packet is ultimately wasted
Receiver Window (Reciver Window) is the latest window value promised by the receiver based on the current receive buffer size, and is the flow control from the receiver.
The congestion window cwnd (Congestion Window) is a window value set by the sender according to its own estimated network congestion level, and is a flow control from the sender.
We know that congestion control is global, so when does congestion occur?
在实际运用中我们发现
如果B给A发送零窗口报文段不久后,B的接收缓存又有了一些存储空间
于是B再次向A发送空余信号,但这个信号很可能丢失!那么就会出现死锁状态!
- A收到B的零窗口通知之后停止发送,并一直等待B传来新的通知
- B认为自己发送了更新信号,一直等待A发来数据
为了解决这样的问题,需要在A设置一个启动持续计时器:
- A在收到零窗口通知后开始倒计时
- 倒计时结束发送一个零窗口探测报文,确认B当前的窗口状态并采取相应的措施应对拥塞:
TCP采用了两种控制机制:
①慢开始和拥塞避免
②快重传和快恢复
Congestion control mechanism ①: slow start and congestion avoidance
- TCP initialization, the congestion window is set to 1 : When the host starts to send data, because it does not know the network situation, it will try first, so the value of the congestion control window is set to a small value.
- Execute the slow start algorithm, and cwind grows according to the law : every time an ACK confirmation for a new segment is received, the limit value cwind of the congestion window is increased, and more data can be transmitted than before
- When cwind==ssthress performs congestion avoidance : the initial setting value of ssthresh has been reached at this time, but the network has not been congested, indicating that ssthress can be increased to release more data
- The network is blocked, update the ssthresh value to half of the ssthresh value before the congestion, and reset cwnd to 1
Congestion control mechanism ②: fast retransmission and fast recovery
Because waiting for the retransmission timer to count will cause resource waste
- Fast retransmission algorithm:
- The purpose is to retransmit the lost message as early as possible (for example, after receiving three repeated ACKs, it is concluded that the packet is lost and retransmission starts)
- The fast retransmission algorithm first requires the receiver to send a repeated confirmation immediately after receiving an out-of-sequence segment (in order to let the sender know early that a segment has not reached the other party)
- Fast recovery algorithm:
- When the sender receives three repeated acknowledgments in a row, it executes the "multiplicative reduction" algorithm to halve the slow start threshold ssthresh, which is to prevent network congestion.
- Since the sender now thinks that the network is likely not to be congested, the slow start algorithm is not implemented now (cwind will start from 1), and the fast recovery is to set the cwnd value to half of the current updated ssthresh , and then start to perform congestion avoidance Algorithm that makes the congestion window grow linearly.
Chapter 4: Network Layer (Data Plane)
The network layer implements host-to-host communication services.
The data plane function of the network layer refers to the function of the router, which determines how a datagram (packet at the network layer) arriving at one of the router's input links is forwarded to one of the router's output links.
4.1 Network layer overview
The role of the network layer is to move packets from a sending host to a receiving host, using two important functions: ① forwarding; ② routing
Packet switch: Refers to a general packet switching device that transfers packets from the input link interface to the output link interface according to the value in the header field of the packet.
Routers: Make forwarding decisions based on header field values in network layer datagrams.
4.2 Working Principle of Router
首先明晰路由器的组成:
- 输入端口:含有转发表
- 交换结构
- 输出端口
- 路由选择处理器
4.2.1 Input port processing and destination-based forwarding
The packet enters the router through the port, and then is sent to the corresponding output port according to the address range set in the forwarding table.
It is worth mentioning that the forwarding table is: destination address range - link interface; and the destination address range matching adopts the longest prefix matching rule.
4.2.2 Exchange method
- memory swap
- bus switching
- internet switching
4.2.3 Output port processing
Output port processing includes: queuing (buffer management) --> data link processing (protocol, encapsulation) --> line termination
4.2.4 Where does the queuing occur
- input queuing
- output queuing
4.2.5 Group Scheduling
- first in first out
- priority queuing
- Round robin and weighted fair queuing (round robin queuing + priority)
4.3 Internet protocols: IPv4, addressing, IPv6 and others
There are two versions of IP in use today: ①IPv4; ②IPv6
Mastering IP addressing is mastering the network layer of the Internet!
4.3.1 IPv4 datagram format
|<------------------32bit------------------->|
版本 首部长度 服务类型 数据报长度(字符)
16bit标识 标志 13比特片偏移
寿命 上层协议 首部检验和
32比特源IP地址
32比特目的ip地址
选项(如果有的话)
数据
- 版本号:规定了数据报的IP协议版本,路由器才能知道按照哪个版本解释
- 首部长度:用来确定IP数据报中载荷
大多数IP数据报不包含选项,所以一般的IP数据报具有20字节的首部
- 服务类型:用于区别不同的IP数据报
- 数据报长度:IP数据报的总长度(首部+数据)
- 标识、标志、片偏移:与IP分片有关
- 寿命:Time-To-Live,TTL
每一台路由器处理数据报该值减1,为0是该数据报必须丢弃
- 协议:指明数据报的数据部分交给哪个特定的运输层协议
协议号可以理解为网络层和运输层的粘合剂
端口号是运输层和应用层的粘合剂
- 首部检验和:检测收到的IP数据报中的比特错误
- 选项:用于扩展IP首部
一般IP数据报首部是20位,但TCP报文段的首部则为40字节(20IP+20TCP)
4.3.2 IPv4 datagram fragmentation
Not all link layer protocols can carry network layer packets of the same length.
Maximum Transmission Unit (MTU): The maximum amount of data that a link layer frame can carry.
Solution: Fragment the data in the IP datagram into two or more smaller IP datagrams, and encapsulate these smaller IP datagrams with separate link-layer frames.
However, due to the consideration of router performance, the designers of IPv4 put the reassembly of datagrams into the end system instead of into the network routing. Therefore, the host will assemble the fragmented IP datagrams according to the flags, identifiers, and fragment offsets in the IP datagrams.
4.3.3 IPv4 addressing
IP地址长度为32bit(等价为4字节)
- 采用点分十进制技法:每一个字节的二进制转化为十进制表示,并且各字节间用句号隔开
- 每台主机和路由器上的每一个接口都必须唯一标识
- 互联主机接口和路由器接口的网络称为子网,子网的地址编址中/24记法称为子网掩码
CIDR无类别域间路由选择(Classless Interdomain Routing,CIDR)
- 形如:a.b.c.d/x 的地址
- x指示了地址的第一部分中的比特数,剩下的32-x比特被用于区分组织内部设备
- eg:a.n.c.d/21
前21比特定义了该组织的网络前缀,该组织中所有主机的IP前21位都相同
剩余11位用于划分子网
IP广播地址(255.255.255.255)
4.3.4 Network Address Translation
The rapid development of subnets makes the original address coding inapplicable, and a new method appears: network address translation
4.3.5 IPv6
It is to solve the problem that the 32bit IP space is about to be exhausted due to the astonishing growth rate of new subnets and IP nodes connected to the Internet.
|<------------------32bit------------------->|
版本 流量类型 流标签
有效载荷长度 下一个首部 跳限制
源地址(128bit)
目的地址(128bit)
数据
- 扩大了地址容量
- 很多IPv4被弃用或作为了选项
- 流标签:是IPv6最难以捉摸的,用于给属于特殊流的分组打上标签,能用于优先权
- 流量类型:也就是服务类型,用于区别不同的IP数据报
- 下一个首部:表示数据报中的内容需要交付给哪个协议,隐含了“选项”的功能
- 跳限制:每一台路由器处理数据报该值减1,为0是该数据报必须丢弃
Chapter 5: Network Layer (Control Plane)
As a network-wide logic, the control plane not only controls how routers forward datagrams along the end-to-end path from source host to destination host, but also controls how network layer components and services are configured and managed.
5.1 Overview
The forwarding table and flow table are the primary elements linking the data plane and control plane of the network layer.
5.2 Routing Algorithm
按照算法是集中式还是分散式来划分:
- 集中式路由选择算法(其中具有全局状态信息的算法被称作链路状态算法——LS)
- 分散式路由选择算法
按照算法是静态还是动态来划分:
- 静态路由选择算法
- 动态路由选择算法
按照负载敏感或是负载迟钝进行划分:
- 负载敏感算法
- 负载迟钝算法
5.2.1 Link state routing algorithm
Dijkstra algorithm: Calculate the lowest cost path from a node (source node is set to u) to all other nodes in the network. It is an iterative algorithm.
5.2.2 Distance Vector Routing Algorithm
Distance vector algorithm (Distance-Vector, DV) is an iterative, asynchronous, distributed algorithm.
5.3 Routing within Autonomous Systems in the Internet: OSPF
Open Shortest Path First (OSPF): is a link state protocol. Each router runs Dijkstra's shortest path algorithm locally to determine a shortest path tree with itself as the root node to all subnets.
OSPF的优点:
- 安全:因为它能够鉴别OSPF路由器之间的交换(如链路状态更新)
- 多条相同开销路径:当到达某目的地的多条路径具有相同的开销时,OSPF允许使用多条路径
- 对单播和多播路由选择的综合支持
- 支持在单个自治系统中的层次结构
5.4 Routing between ISPs: BGP
AS-Autonomous system
AS inter-AS routing protocol involves coordination between multiple ASs, so AS communication must run the same AS routing protocol (Broder Gateway Protocol, BGP), BGP glues thousands of ISPs in the Internet together , is a distributed and asynchronous protocol.
5.6 ICMP: Internet Control Message Protocol
ICMP is used by hosts and routers to communicate with each other at the network layer. The most typical use of ICMP is error reporting.
ICMP通常被认为是IP的一部分,但从体系结构上讲它位于IP之上,因为它承载在IP分组中
Chapter 6: Link Layer and Local Area Networks
链路层信道有两种:
- 广播信道
- 用于连接有线局域网、卫星网和混合光纤同轴电缆接入网的主机
- 需要媒体访问协议来协调帧的传输
- 也可以使用中心控制器来协调传输
- 点对点通信链路
- 用于在长距离链路连接的两台路由器之间
- 用于用户办公室计算机与它们所连接的邻近以太网交换机之间等场合
6.1 Link Layer Overview
先规范术语:
- 节点:运行链路层协议的设备(包括主机、路由器、交换机和WIFI接入点)
- 链路:沿着通信路径连接相邻节点的通信信道
- 链路层帧:传输节点将数据报封装成的对象
6.1.1 Services provided by the link layer
- Framing: Before transmission, each network layer datagram is encapsulated by the link layer protocol using link layer frames. Frame = data field + several header fields; the network layer datagram is inserted in the data field.
- Link access: The Medium Access Control (MAC) protocol specifies the transmission rules of frames on the link.
- Reliable delivery: Reliable delivery at the link layer is achieved through acknowledgment and retransmission.
- Bit-level error checking and correction: When a bit in a frame is transmitted as a 1, the link layer hardware in the receiving node may incorrectly judge it as a 0. This bit difference is caused by signal attenuation and electromagnetic noise.
6.1.2 Where is the link layer implemented
The main body of the link layer is implemented in a network adapter (also known as a network interface card).
At the heart of a network adapter is the link layer controller (a chip).
This shows that the link layer is a combination of hardware and software, and the link layer is the place where software and hardware are handed over in the protocol stack.
6.2 Error detection and correction techniques
Data D can be enhanced with Error-Detection and-Correction (EDC) technology. Note that error detection bit techniques also run the risk of undetected bit errors.
There are three commonly used error checking techniques:
- Parity: generally used to describe the underlying idea behind error checking and correction
- Inspection and method: usually used in the transport layer
- Cyclic Redundancy Detection: Typically used at the link layer in adapters
6.2.1 Parity
偶校验
- 在有d个比特的发送信息末尾附加一个比特
- 选择它的值
- 使得这总共d+1比特的数据中1的个数为偶数。
- 接收方收到数据后检验这d+1个比特中1的个数是否为偶数
Therefore, it is not difficult to find that whether it is odd parity or even parity, the receiver can only detect one error at most, but this does not mean that there is only one error in the actual error, and even an even number of errors will not be detected.
6.2.2 Tests and methods
Treat d-bit data as a sequence of k-bit integers, add up the k-bit integers, and use the sum as an error detection bit.
The checksums in TCP and UDP packets use this principle.
6.2.3 Cyclic Redundancy Detection
Cyclic Redundancy Check (CRC)
CRC内容:
- 被发送的数据段D有d个比特
- D的末尾附加r比特的序列,这r个比特的编码称为R
- 收发双发约定一个固定的多项式G(生成多项式),长度为r+1比特
- CRC的过程:
-发送方:
①拿到准备发送的数据段D
②与接收方约定一个固定的多项式G
③ R = 结果的余数[(D * 2^r)/ G]
④ 将DR发送给接收方
- 接收方
①用接受到的DR共d+r个比特去除G,观察余数
不为0,发生错误
除数为0,无错误
举例:
- D = 101001
- 双方约定G = x^3 + x^2 + 1(对应的比特为:1101),得到r=3
- 所以发送方:
D’ = D * 2^3 =101001000(r有几个,就在D后面加几个0就好了)
R = remainder[D’ / G]
= 001
DR = 101001 001
发送
- 接收方:
DR =101001 001
已知G =1101
DR / G = 110101……0
余数为0,说明传输没有出错
6.3 Multiple Access Links and Protocols
First, understand the two types of network links
- Point-to-point link: Consists of a single sender at one end of the link and a single receiver at the other end of the link.
- Broadcast link: It enables multiple sending and receiving nodes to be connected to the same, single, shared broadcast channel.
Multi-access: It is to coordinate the access of multiple sending points and receiving points to a shared broadcast channel.
Collision: Refers to multiple nodes transmitting frames at the same time, causing information contradiction at the receiver. The signals of colliding frames get entangled and all frames are lost.
Multiple Access Protocols: Nodes use these protocols to regulate their own transmission behavior on a shared broadcast channel. Now more than three kinds of agreements: ① channel division agreement; ② random access agreement; ③ take turns agreement.
6.3.1 Channeling protocol
Mainly discuss 3 kinds
- Time Division Multiplexing (TDM): assigning time slots
- Frequency Division Multiplexing (FDM): Assigning Frequency
- Code Division Multiple Access (CDMA): Distributing codes
TDM
- 将时间划分为时间帧
- 并把每个时间帧再划分为N个时隙
- 然后把每个时隙分配给N个节点中的一个
- 这样当节点有数据分组想要发送的时候,他只会在被分配到的时隙里进行操作
- TDM的特点:
- 公平并且能够消除碰撞
- 它会限制节点的平均速率为R/N bps
- 节点总要等待自己的轮次
FDM
- 将传输速率为R bps 的信道划分为不同的频段
- 每个频段的带宽为R/N
- 然后把不同的频率分配给N个节点
- FDM特点
- 避免了碰撞,公平划分了带宽
- 限制了节点的带宽
CDMA
- 为每个节点分配不同的编码
- 然后节点用它唯一的编码来对它发送的数据进行编码
- 能做到不同节点同时传输,因为接收方能够通过数据中的编码对这些数据流进行区分
- CDMA贵,常用于军用系统,抗干扰性很强
6.3.2 Random Access Protocol
In the random access protocol, a transmission node always transmits at the full rate of the channel (R bps). When there is a collision, the nodes involved in the collision wait for a random time delay to retransmit repeatedly until there is no collision.
Mainly understand 4 random access protocols:
①Slotted ALOHA
②ALOHA
③Carrier Sense Multiple Access (CSMA)
④Carrier Sense Multiple Access with Collision Detection (CSMA/CD)
时隙ALOHA
- 前置条件:
所有帧都是L比特
时间划分为L/R个时隙(一个时隙传输一帧)
每个节点设置一个概率p
要求所有节点同步它们的传输
- 时隙ALOHA的运作流程:
- 某个节点有一个帧要发送,它等到下一个时隙开始传输整个帧
- 若没有碰撞,正常传送
- 有碰撞,以概率p在后续的时隙中重传
- 时隙ALOHA是对信道划分的改进,它使得在固定时间段,该帧的传输速率是完整的R bps
- 但碰撞和概率等待会造成浪费
ALOHA
- 非时隙、完全分散的协议
- 当一个帧首次到达,节点立即将帧完整传输进广播信道
- 如果碰撞,先传输完与它碰撞的帧,然后立即以概率p重传,否则等待一个帧
- 等待后,再次以p概率重传,否则以1-p在另一个帧等待
载波监听多路访问(CSMA)
- 说话之前先听(载波侦听):一个节点在传输前先听信道,直到没有传输再发送
- 如果与他人同时开始说话,停止说话(碰撞检测):再重复载波侦听等待一段随机时间
- CSMA的缺陷在于它无法识别发送方正处于传输时延
它会误以为信道空,而实际上对方正在准备发送数据还没来得及占领信道
具有碰撞检测的载波侦听多路访问(CSMA/CD)
- 1.适配器从网络层一条获得数据报,准备链路层帧,并放入帧适配器缓存
- 2.适配器查看信道状态
- 若适配器帧听到信道空闲,开始传输
- 若信道忙,它等待
- 3.传输中,适配器监视其他适配器的信号能量(这一步是对CSMA的优化)
- 没有检测到其他信号能量,传输完自己的任务
- 检测到,立即停止,等待一个随机量,然后返回步骤2
- 关于CSMA/CD效率的定义:
1
效率 = ——————————————————————————
1 + 5*传播时延/传输时延
传播时延为0,效率为1,说明碰撞的节点会立即终止而不会浪费信道
传输时延很大,效率会趋近1,说明帧取得了信道时,它会使信道处于很长的有效状态
这里补充一起说一下CSMA/CA:全称是带冲突避免的载波侦听多址接入协议
ca主要用于wlan无线局域网,在后面会讲到,ca是对csma/cd的优化
两者最重要的区别就在于
- csma/cd是发生冲突后及时检测
- 而csma/ca是发送信号前采取措施避免冲突
csma/cd是通过检测物理信道上信号电平的值来判定信道上是否有信号在发送:
- 假设一个用户站发送数据时,信道上的电平范围在0~3v
- 当有多个用户站同时发送信号,信道上的各信号就会叠加使电平增大从而大于3v
- 一旦监测信道的用户站发现信道上的电平大于正常值的话就判定发生了冲突,立即停止发送
- 等待一个随机过程再对信道进行监听。
csma/ca适用于无线环境,因为无线信道存在隐蔽站和暴露站的问题:
- 工作站a如果要给c发送数据
- a会首先激励c
- 使其广播一个短信号告诉周围的用户站自己要接收信号数据
- 这时收到信号的用户站就知道c站正忙,不再向它发送数据,从而避免了冲突。
6.3.3 Rotation protocol
Its core is actually channel division + random access, that is, when only one node is active, the throughput of the node reaches R bps, and when multiple nodes are active, the throughput of each active node is close to R/ Mbps.
There are two types of round-robin protocols:
① polling protocol
② token passing protocol
轮询协议
- 要求节点之一为主节点,主节点循环轮询每个节点告诉它们能传输的帧的最多数量。
- 轮询协议消除了碰撞和空时隙,但缺点:
引入了轮询时延(就是通知时延);
主节点瘫痪整个信道玩儿完。
令牌传递协议
- 一个称为令牌 的小的特殊帧 以某种固定的次序 在节点间交换
- 持有令牌的帧能够发送最大数目帧数,发送完把令牌转交
- 缺点:一个节点故障也会使信道崩溃
6.4 Switched LAN
Because some switches operate at the link layer, they exchange link layer frames, do not recognize network addresses, and do not use routing algorithms such as RIP and OSPF to determine paths.
6.4.1 Link Layer Addressing and ARP
Hosts and routers also have link-layer addresses, and attention should be paid to distinguishing IP addresses in the network layer. The two are significantly different:
- The link layer address refers to the address of the adapter (network interface) of the host and the router, because a host can have multiple network interfaces
- The IP address is because a router can associate multiple hosts
The reason for this is because the task of the link layer switch is to transparently carry datagrams between hosts and routers.
There are many names for the link layer address: ①LAN address; ②physical address; ③MAC address
MAC addresses are used a little more, so below we use MAC addresses to represent all link addresses.
MAC的特点是:
- 适配器的MAC地址各不相同
- MAC地址不会随适配器的移动而变化,IP地址如果转换了区域就会变化
- 适配器会检查帧的目的MAC地址是否与自己的匹配:
匹配则提取数据报向网络层传递
不匹配就丢弃
Now that we know that there are MAC addresses and IP addresses, the two are not the same, so when we need to convert between the two, the Address Resolution Protocol (Address Resolution Protocol, ARP ) is used .
发送主机中的APR模块将取在相同局域网上的任何IP地址作为输入
然后返回相应的MAC地址
所以可以看出每个节点都维护着一张ARP映射表
- ARP只为在同一个子网上的主机和路由器接口解析IP地址
- DNS可以为因特网上任何地方的主机解析IP地址
6.4.2 Ethernet
Ethernet is a wired local area network. Ethernet technology provides unreliable services to the network layer. Although there is a CRC, no matter whether the transmission is successful or not, the receiver does not have an ACK confirmation.
以太网的优点:
- 第一个广泛部署的高速局域网
- 以太网成本便宜,实现简单
- 数据效率高
以太网帧结构:
前同步码 目的地址 源地址 类型 数据 …… CRC
- 前同步码(8字节):前7个字节用于唤醒接收适配器并同步时钟,且都是10101010
最后一个字节为10101011
- 数据字段(46~1500字节):承载了IP数据报
如果数据小于46,就用IP数据报首部填充
- 目的地址(6字节):该字段包含目的MAC地址 BB-BB-BB-BB-BB-BB
- 源地址(6字节):传输该帧到局域网上的适配器的MAC地址
- 类型字段(2字节):该类型允许主机复用多种网络层协议
- CRC(4字节):循环冗余检测码
6.4.3 Link layer switch
The switch's job is to receive incoming link-layer frames and forward them to outgoing links. The switch itself is transparent to the hosts and routers in the subnet (invisible, black box multiplexing).
交换机运行原理:
- 交换机的转发和过滤(借助交换机表实现)
- 过滤:决定一个帧应该转发到某个接口还是应当将其丢弃的交换机功能
- 转发:决定一个帧应该被导向哪个接口
————假设有一个从接口x到达的帧:
表中没有该帧MAC地址对应的表项,交换机广播该帧
该帧MAC跟x匹配,交换机丢弃该数据完成过滤操作
(这意味着该帧已经在包含目的地的局域网网段广播过了)
该帧MAC地址跟另一个接口y匹配,执行转发
- 交换机表是自动、动态建立的(自学习)。
- 交换机表初始为空
- 每次接收到帧自动记录:
- 记录该帧源地址MAC
- 该帧到达接口
- 当前时间
- 经历一段时间没有接受到该地址作为源地址的帧,就删除源地址
- 交换机和路由器的对比:
- 交换机:使用链路层的MAC地址转发分组(属于第二层的分组交换机)
- 路由器:是使用网络层地址转发分组的交换机(属于第三层的分组交换机)
6.4.4 Virtual Local Area Network
Virtual local area network (Virtula Local Network, VLAN)
VLAN-enabled switches allow multiple virtual LANs to be defined over a single physical LAN infrastructure.
Chapter 7: Wireless and Mobile Networks
7.1 Overview
Wireless Host: An end-system device that runs an application.
Wireless link: The host is connected to a base station or another wireless host through a wireless communication link.
Base station: Responsible for sending data to and receiving data from the wireless host associated with it.
Handover: A mobile host moves beyond the coverage of one base station to another, which changes its point of attachment to the larger network.
7.2 Wireless link and network characteristics
- Decreasing signal strength (path loss)
- interference from other sources
- multipath propagation
Signal -to-Noise Ratio (SNR): A relative measure of the strength of the received signal and noise.
Bit Error Rate (BER): The probability that the receiver receives transmitted bits with errors.
7.3 WiFi: 802.11 wireless LAN
IEEE 802.11 wireless LANs (also known as WiFi) all use the same medium access protocol (CSMA/CA)
7.3.1 802.11 architecture
基本服务集(Basic Service Set,BSS)
- 多个无限站点
每个无线站点都有一个6字节的MAC地址
- 一个称为接入点(Access Point,AP)的中央基站
802.11 标准要求
- 每个AP周期性发送信标帧,每个信标帧包括该AP的SSID和MAC地址。
7.3.2 802.11 MAC protocol
Using the CSMA/CA protocol
假设一个站点有一个帧要发送:
1. 若某站点最初监听到信道空闲,它将在一个 分布式帧间间隔(DIFS)后发送帧
2. 否则,选取一个随机回退值,并开始计数
3. 计数值减为0,该站点发送整个数据帧并等待确认
4. 如果收到确认,发送站点知道帧被正确接受。
7.3.5 Advanced features in 802.11
If a node sends two frames in a row without receiving an acknowledgment (an implicit indication of a bit error on the channel), the transmission rate is reduced to the previous lower rate. If 10 frames are acknowledged in a row, or if a timer used to track the time since the last slowdown expires, the transmission rate is increased to the last higher rate.
7.3.6 Personal Area Networks: Bluetooth and ZigBee
Chapter 8: Security in Computer Networks
Just understand the basic concepts and protocols
8.2 Principles of Cryptography
Suppose A sends a message to B.
The initial form of the message is called plaintext , and A uses an encryption algorithm to encrypt the plaintext to obtain the ciphertext . The secret information that can prevent an intruder from decrypting the transmitted data is called a key .
A provides B with a key K A , which is a string of numbers or characters, as one of the inputs of the encryption algorithm. An encryption algorithm takes a key and a plaintext message as input, and generates ciphertext as output. B will provide the key KB for the decryption algorithm . The ciphertext and key are the input of the decryption algorithm, and the output is plaintext.
We use symbols to describe the above events
- Plaintext message: m
- A uses the key to encrypt the plaintext: K A (m)
- B receives an encrypted message: K A (m)
- B uses the key to decrypt: K B (K A (m))=m
In a symmetric key system, A and B have the same key and keep it secret.
8.2.2 Public key encryption
In the public key system, a pair of keys is used, one key is K + B known to everyone , and the other key is K - B known only to A or B.
Suppose there is communication between AB
- A is the sender, B is the receiver (B has two keys, a public key K + B of the whole world, and a private key K - B of B himself )
- First, A needs to obtain B's public key K + B , and then use this public key and a well-known encryption algorithm to encrypt its own plaintext to obtain the ciphertext K + B (m)
- After B receives the ciphertext, he decrypts the ciphertext with his private key K - B and a well-known decryption algorithm: K - B (K + B (m)), and the original plaintext can be obtained
- K-B(K+B(m)) = K+B(K-B(m)) = m
8.3.1 Cryptographic hash functions
The nature of the cryptographic hash function: cannot be found: x is not equal to y, and H(x)=H(y) is satisfied,
so this ensures that the (m, H(m)) generated by the sender cannot be forged.
8.3.2 Message authentication code
Although password hashing can make the message unique, if the intruder claims to B that he is the real A, B cannot judge. Therefore, AB agrees on a string s— the authentication key , appends it to the plaintext and then obtains H(m+s) through the cryptographic hash function, which is called the message authentication code
AB. The communication becomes:
- A generates a message m, uses s to concatenate m to generate m+s, uses a cryptographic hash function to obtain H(m+s), and sends (m, H(m+s)) to B
- B receives (m, h), because he knows s, he can calculate H(m+s) according to the hash function, if h=H(m+s), everything is normal
8.4 Endpoint Authentication
8.4.1 Authentication protocol ap1.0
A sends a message directly to B, saying that he is A
An intruder can impersonate A
8.4.2 Authentication protocol ap2.0
A has an IP address, and B authenticates A by verifying that the source address of the IP datagram carried in the packet matches A's IP address
The intruder can obtain the IP address of A and impersonate A
8.4.3 Authentication protocol ap3.0
AB agrees on a secret password for communication
The intruder can eavesdrop on AB to obtain the password, and then impersonate A
8.4.4 Authentication protocol ap3.1
AB uses an encrypted password
An intruder can eavesdrop on A's communication, record the encrypted version corresponding to A, and then play back the encrypted version of the recording to B, thereby pretending to be A
8.4.5 Authentication protocol ap4.0
The reason for the failure of 3.0 is that B cannot judge whether A is active, so 4.0 chooses to use non-repeatable numbers —a number that can only be used once during the lifetime of a protocol.
- A sends a message to B
- B chooses a non-multiple number R and sends it to A
- A uses the symmetric key agreed with B to encrypt this non-multiple number: K A-B (R), and send it to B
- B receives the encryption key and decrypts it. If the result is equal to the R set by himself, B knows that A is active, and the previously received message is indeed sent by A, and starts to decrypt the message.
8.5.1 Secure Email
Security features we would like to have:
- Confidentiality (top priority)
- with sender authentication
- message integrity
- receiver authentication
Only when confidentiality is guaranteed and the efficiency is good:
- A chooses a random symmetric session key K s
- A encrypts plaintext m with this symmetric key: K s (m), and then uses B’s public key K + B to encrypt this key: K + B (K s )
- A concatenates the two parts obtained in the previous step to form a package (encrypted message + encrypted symmetric key)
- A sends the packet to B, and B decomposes the packet
- After receiving it, B uses his own private key K - B to unlock the encrypted symmetric key to get K s : K - B (K + B (K s )) = K s
- Use K s to decrypt the encrypted message to get the plaintext m
Don't care about confidentiality, only care about sender authentication and message integrity (digital signature and message digest are required):
- A uses the hash function H on the plaintext m to obtain the message digest H(m)
- A uses its own private key K - A to sign the message digest and obtain a digital signature K - A (H(m))
- Concatenate and package the plaintext m and the digital signature, and send it to B
- B accepts the packet, decomposes
- B uses A's public key K + A to decrypt the digital signature: K + A (K - A (H(m))) to get a result h
- B then uses the plaintext m obtained by decomposing the packet, and sends it to the hash function to obtain H(m)
- B compares whether h is consistent with the H(m) obtained by himself. If they are consistent, B can fully believe that the message comes from A and has not been tampered with
Can provide confidentiality, sender authentication and message integrity:
