Computer network common interview questions (on)

Basics of Computer Networks

#Network layered model

# What is the OSI seven-layer model? What is the role of each layer?

The OSI seven-layer model is a network layered model proposed by the International Organization for Standardization. Its general structure and the functions provided by each layer are shown in the following figure:

Each layer focuses on one thing, and each layer needs to use the functions provided by the next layer. For example, the transport layer needs to use the routing and addressing functions provided by the network layer, so that the transport layer knows where to transmit the data.

OSI's seven-layer architecture is conceptually clear and theoretically complete, but it is complex and impractical, and some functions are repeated across multiple layers.

The above picture may be more abstract, and then a more vivid picture. The following picture is what I saw on a foreign website, it is very good!

# What is the TCP/IP four-layer model? What is the role of each layer?

The TCP/IP four-layer model is a model widely used at present. We can regard the TCP/IP model as a simplified version of the OSI seven-layer model, which consists of the following four layers:

application layer
transport layer
Network layer
network interface layer

It should be noted that we cannot completely and accurately match the TCP/IP four-layer model and the OSI seven-layer model, but we can simply match the two, as shown in the following figure:

For a detailed introduction to the role of each layer, please see the OSI and TCP/IP network layered model detailed (basic) open in new windowThis article.

#Why is the network layered?

When it comes to layering, let’s start with the development of a background program using a framework. We often divide the system into three layers according to the principle that each layer does different things (more complex systems will have more layers):

Repository (database operations)
Service (business operation)
Controller (front-end and back-end data interaction)

Complex systems need layers, because each layer needs to focus on one class of things. The reason for network layering is the same, each layer only focuses on doing one type of thing.

Well, let's talk about it again: "Why is the network layered?". I think there are mainly 3 reasons:

Each layer is independent of each other : each layer is independent of each other, and each layer does not need to care about how other layers are implemented. You only need to know how to call the good functions provided by the lower layer (it can be simply understood as interface call) . This is the same as our layering of the development system.
Improved overall flexibility : each layer can be implemented using the most suitable technology, you only need to ensure that the functions you provide and the rules of the exposed interfaces have not changed. This corresponds to the principles of high cohesion and low coupling that we usually require when developing systems.
Reduce big problems to small ones : Hierarchy can decompose complex network problems into many smaller problems with clear and simple boundaries to handle and solve. This makes complex computer network systems easy to design, implement and standardize. This corresponds to when we usually develop system functions, and then decompose complex problems into smaller problems that are easy to understand. These smaller problems have better boundary (target and interface) definitions .

I thought of a very, very famous sentence in the computer world, let me share it here:

Any problem in the field of computer science can be solved by adding an indirect middle layer. The entire computer system is designed according to a strict hierarchical structure from top to bottom.

# Common network protocols

#What are the common protocols in the application layer?

HTTP (Hypertext Transfer Protocol, Hypertext Transfer Protocol) : Based on the TCP protocol, it is a protocol for transmitting hypertext and multimedia content, and is mainly designed for communication between Web browsers and Web servers. When we use a browser to browse the web, our web pages are loaded through HTTP requests.
SMTP (Simple Mail Transfer Protocol, Simple Mail Transfer Protocol) : Based on the TCP protocol, it is a protocol for sending emails. Note ⚠️: The SMTP protocol is only responsible for sending emails, not receiving them. To receive mail from a mail server, the POP3 or IMAP protocol is required.
POP3/IMAP (Mail Reception Protocol) : Based on the TCP protocol, both are protocols responsible for mail reception. The IMAP protocol is a newer protocol than POP3, and it is more powerful in function and performance. IMAP supports advanced features such as mail search, tagging, categorization, archiving, etc., and can synchronize mail status between multiple devices. Almost all modern email clients and servers support IMAP.
FTP (File Transfer Protocol, File Transfer Protocol) : Based on the TCP protocol, it is a protocol for transferring files between computers, which can shield the operating system and file storage method. Note ⚠️: FTP is an insecure protocol because it does not encrypt data during transfer. It is recommended to use a more secure protocol such as SFTP when transferring sensitive data.
Telnet (remote login protocol) : Based on the TCP protocol, it is used to log in to other servers through a terminal. One of the biggest disadvantages of the Telnet protocol is that all data, including usernames and passwords, is sent in clear text, which is a potential security risk. This is the main reason why Telnet is rarely used these days, instead a very secure network transport protocol called SSH is used.
SSH (Secure Shell Protocol, a secure network transmission protocol) : based on the TCP protocol, through encryption and authentication mechanisms to achieve secure access and file transfer services
RTP (Real-time Transport Protocol, real-time transport protocol) : usually based on the UDP protocol, but also supports the TCP protocol. It provides the function of end-to-end real-time transmission of data, but does not include resource reservation and does not guarantee the quality of real-time transmission. These functions are implemented by WebRTC.
DNS (Domain Name System, Domain Name Management System) : Based on the UDP protocol, it is used to solve the mapping problem between domain names and IP addresses.

For a detailed introduction to these protocols, please see the article Summary of Common Protocols at the Application Layer (Application Layer) .

#What are the common protocols in the transport layer?

TCP (Transmission Control Protocol, Transmission Control Protocol) : Provides connection-oriented , reliable data transmission services.
UDP (User Datagram Protocol, User Data Protocol) : Provide connectionless , best-effort data transmission services (the reliability of data transmission is not guaranteed), simple and efficient.

#What are the common protocols at the network layer?

IP (Internet Protocol, Internet Protocol) : One of the most important protocols in the TCP/IP protocol. It belongs to the network layer protocol. Its main function is to define the format of data packets, route and address data packets so that they can cross the network Spread and reach the correct destination. At present, the IP protocol is mainly divided into two types, one is the past IPv4, and the other is the newer IPv6, both of which are currently in use, but the latter has been proposed to replace the former.
ARP (Address Resolution Protocol, Address Resolution Protocol) : The ARP protocol solves the conversion problem between the network layer address and the link layer address. Because an IP datagram always needs to know where the next hop (physical next destination) should go during the physical transmission process, but the IP address belongs to the logical address, and the MAC address is the physical address. The ARP protocol solves some problems of converting IP address to MAC address.
ICMP (Internet Control Message Protocol, Internet Control Message Protocol) : A protocol for transmitting network status and error messages, often used for network diagnosis and troubleshooting. For example, the Ping tool uses the ICMP protocol to test network connectivity.
NAT (Network Address Translation, Network Address Translation Protocol) : The application scenario of the NAT protocol is just like its name - network address translation, which is applied to the address translation process from the internal network to the external network. Specifically, in a small subnet (local area network, LAN), each host uses the IP address under the same LAN, but outside the LAN, in the wide area network (WAN), a unified IP address is required to Identifies the location of this LAN on the entire Internet.
OSPF (Open Shortest Path First, open shortest path first) ): an interior gateway protocol (Interior Gateway Protocol, IGP), is also a widely used dynamic routing protocol, based on the link state algorithm, considering the bandwidth of the link , delay and other factors to choose the best path.
RIP (Routing Information Protocol, Routing Information Protocol) : an interior gateway protocol (Interior Gateway Protocol, IGP), is also a dynamic routing protocol, based on the distance vector algorithm, using a fixed number of hops as a metric, select the least number of hops path as the best path.
BGP (Border Gateway Protocol, Border Gateway Protocol) : a routing protocol used to exchange network layer reachability information (Network Layer Reachability Information, NLRI) between routing domains, with high flexibility and scalability .

# HTTP

#What happened from entering the URL to displaying the page? (Very important)

Similar questions: Open a web page, which protocols will be used in the whole process?

Diagram (Source: "Graphic HTTP"):

There is an error in the above picture, please note that it is OSPF not OPSF. OSPF (Open Shortest Path First, ospf) is a routing protocol developed by the Internet Engineering Task Force

Generally speaking, it is divided into the following processes:

DNS resolution
TCP connection
send HTTP request
The server processes the request and returns an HTTP message
The browser parses and renders the page
connection ended

For details, please refer to the following two articles:

# What are the HTTP status codes?

The HTTP status code is used to describe the result of the HTTP request, for example, 2xx means that the request is successfully processed.

For a more detailed summary of HTTP status codes, you can read this article I wrote: Summary of Common HTTP Status Codes (Application Layer) .

# What are the common fields in HTTP Header?

request header field name	illustrate	example
Accept	Acceptable response content types (Content-Types).	Accept: text/plain
Accept-Charset	Acceptable character set	Accept-Charset: utf-8
Accept-Datetime	Acceptable versions expressed in terms of time	Accept-Datetime: Thu, 31 May 2007 20:35:00 GMT
Accept-Encoding	A list of acceptable encodings. See HTTP compression.	Accept-Encoding: gzip, deflate
Accept-Language	A natural language list of acceptable responses.	Accept-Language: en-US
Authorization	Authentication information for authentication of Hypertext Transfer Protocol	Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Cache-Control	Used to specify instructions that all caching mechanisms in this request/response chain must obey	Cache-Control: no-cache
Connection	The type of connection that the browser wants to prioritize	Connection: keep-alive Connection: Upgrade
Content-Length	The length of the request body expressed as an octet array (8-bit bytes)	Content-Length: 348
Content-MD5	The binary MD5 hash value of the content of the request body, the result encoded in Base64	Content-MD5: Q2hlY2sgSW50ZWdyaXR5IQ==
Content-Type	The multimedia type of the request body (used in POST and PUT requests)	Content-Type: application/x-www-form-urlencoded
Cookie	A HTTP cookie previously sent by the server via Set-Cookie (detailed below)	Cookie: $Version=1; Skin=new;
Date	The date and time the message was sent (sent in "Hypertext Transfer Protocol Date" format as defined in RFC 7231)	Date: Tue, 15 Nov 1994 08:12:31 GMT
Expect	Indicates that the client requires the server to perform a specific action	Expect: 100-continue
From	The email address of the user who initiated this request	From: [email protected]
Host	The domain name of the server (for virtual hosting), and the TCP port number the server is listening on. The port number may be omitted if the requested port is the standard port of the corresponding service.	Host: en.wikipedia.org:80
If-Match	The corresponding operation is only performed if the entity provided by the client matches the corresponding entity on the server. Mainly used in methods like PUT to only update a resource if it has not been modified since the user last updated it.	If-Match: “737060cd8c284d8af7ad3082f209582d”
If-Modified-Since	It is allowed to return 304 unmodified ( 304 Not Modified ) if the corresponding content has not been modified	If-Modified-Since: Sat, 29 Oct 1994 19:43:31 GMT
If-None-Match	It is allowed to return 304 unmodified ( 304 Not Modified ) if the corresponding content has not been modified	If-None-Match: “737060cd8c284d8af7ad3082f209582d”
If-Range	If the entity hasn't been modified, send me the part or parts that I'm missing; otherwise, send the whole new entity	If-Range: “737060cd8c284d8af7ad3082f209582d”
If-Unmodified-Since	Only send a response if the entity has not been modified since a certain time.	If-Unmodified-Since: Sat, 29 Oct 1994 19:43:31 GMT
Max-Forwards	Limits the number of times this message can be forwarded by proxies and gateways.	Max-Forwards: 10
Origin	Make a request for cross-origin resource sharing.	Origin: http://www.example-social-network.comopen in new window
Pragma	Depending on the specific implementation, these fields may have various effects at any point in the request/response chain.	Pragma: no-cache
Proxy-Authorization	用来向代理进行认证的认证信息。	Proxy-Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
Range	仅请求某个实体的一部分。字节偏移以 0 开始。参见字节服务。	Range: bytes=500-999
Referer	表示浏览器所访问的前一个页面，正是那个页面上的某个链接将浏览器带到了当前所请求的这个页面。	Referer: http://en.wikipedia.org/wiki/Main_Pageopen in new window
TE	浏览器预期接受的传输编码方式：可使用回应协议头 Transfer-Encoding 字段中的值；	TE: trailers, deflate
Upgrade	要求服务器升级到另一个协议。	Upgrade: HTTP/2.0, SHTTP/1.3, IRC/6.9, RTA/x11
User-Agent	浏览器的浏览器身份标识字符串	User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/21.0
Via	向服务器告知，这个请求是由哪些代理发出的。	Via: 1.0 fred, 1.1 example.com (Apache/1.1)
Warning	一个一般性的警告，告知，在实体内容体中可能存在错误。	Warning: 199 Miscellaneous warning

# HTTP 和 HTTPS 有什么区别？（重要）

端口号 ：HTTP 默认是 80，HTTPS 默认是 443。
URL 前缀 ：HTTP 的 URL 前缀是 http://，HTTPS 的 URL 前缀是 https://。
安全性和资源消耗 ： HTTP 协议运行在 TCP 之上，所有传输的内容都是明文，客户端和服务器端都无法验证对方的身份。HTTPS 是运行在 SSL/TLS 之上的 HTTP 协议，SSL/TLS 运行在 TCP 之上。所有传输的内容都经过加密，加密采用对称加密，但对称加密的密钥用服务器方的证书进行了非对称加密。所以说，HTTP 安全性没有 HTTPS 高，但是 HTTPS 比 HTTP 耗费更多服务器资源。
SEO（搜索引擎优化） ：搜索引擎通常会更青睐使用 HTTPS 协议的网站，因为 HTTPS 能够提供更高的安全性和用户隐私保护。使用 HTTPS 协议的网站在搜索结果中可能会被优先显示，从而对 SEO 产生影响。

关于 HTTP 和 HTTPS 更详细的对比总结，可以看我写的这篇文章：HTTP vs HTTPS（应用层）。

# HTTP/1.0 和 HTTP/1.1 有什么区别？

连接方式 : HTTP/1.0 为短连接，HTTP/1.1 支持长连接。
状态响应码 : HTTP/1.1 中新加入了大量的状态码，光是错误响应状态码就新增了 24 种。比如说，100 (Continue)——在请求大资源前的预热请求，206 (Partial Content)——范围请求的标识码，409 (Conflict)——请求与当前资源的规定冲突，410 (Gone)——资源已被永久转移，而且没有任何已知的转发地址。
缓存机制 : 在 HTTP/1.0 中主要使用 Header 里的 If-Modified-Since,Expires 来做为缓存判断的标准，HTTP/1.1 则引入了更多的缓存控制策略例如 Entity tag，If-Unmodified-Since, If-Match, If-None-Match 等更多可供选择的缓存头来控制缓存策略。
带宽：HTTP/1.0 中，存在一些浪费带宽的现象，例如客户端只是需要某个对象的一部分，而服务器却将整个对象送过来了，并且不支持断点续传功能，HTTP/1.1 则在请求头引入了 range 头域，它允许只请求资源的某个部分，即返回码是 206（Partial Content），这样就方便了开发者自由的选择以便于充分利用带宽和连接。
Host 头（Host Header）处理 :HTTP/1.1 引入了 Host 头字段，允许在同一 IP 地址上托管多个域名，从而支持虚拟主机的功能。而 HTTP/1.0 没有 Host 头字段，无法实现虚拟主机。

关于 HTTP/1.0 和 HTTP/1.1 更详细的对比总结，可以看我写的这篇文章：HTTP/1.0 vs HTTP/1.1（应用层）。

# HTTP/1.1 和 HTTP/2.0 有什么区别？

IO 多路复用（Multiplexing） ：HTTP/2.0 在同一连接上可以同时传输多个请求和响应（可以看作是 HTTP/1.1 中长链接的升级版本）。HTTP/1.1 则使用串行方式，每个请求和响应都需要独立的连接。这使得 HTTP/2.0 在处理多个请求时更加高效，减少了网络延迟和提高了性能。
二进制帧（Binary Frames） ：HTTP/2.0 使用二进制帧进行数据传输，而 HTTP/1.1 则使用文本格式的报文。二进制帧更加紧凑和高效，减少了传输的数据量和带宽消耗。
头部压缩（Header Compression） ：HTTP/1.1 支持Body压缩，Header不支持压缩。HTTP/2.0 支持对Header压缩，减少了网络开销。
服务器推送（Server Push）：HTTP/2.0 支持服务器推送，可以在客户端请求一个资源时，将其他相关资源一并推送给客户端，从而减少了客户端的请求次数和延迟。而 HTTP/1.1 需要客户端自己发送请求来获取相关资源。

# HTTP/2.0 和 HTTP/3.0 有什么区别？

传输协议 ：HTTP/2.0 是基于 TCP 协议实现的，HTTP/3.0 新增了 QUIC（Quick UDP Internet Connections）协议来实现可靠的传输，提供与 TLS/SSL 相当的安全性，具有较低的连接和传输延迟。你可以将 QUIC 看作是 UDP 的升级版本，在其基础上新增了很多功能比如加密、重传等等。HTTP/3.0 之前名为 HTTP-over-QUIC，从这个名字中我们也可以发现，HTTP/3 最大的改造就是使用了 QUIC。
连接建立 ：HTTP/2.0 需要经过经典的 TCP 三次握手过程（一般是 3 个 RTT）。由于 QUIC 协议的特性，HTTP/3.0 可以避免 TCP 三次握手的延迟，允许在第一次连接时发送数据（0 个 RTT ，零往返时间）。
队头阻塞 ：HTTP/2.0 多请求复用一个 TCP 连接，一旦发生丢包，就会阻塞住所有的 HTTP 请求。由于 QUIC 协议的特性，HTTP/3.0 在一定程度上解决了队头阻塞（Head-of-Line blocking, 简写：HOL blocking）问题，一个连接建立多个不同的数据流，这些数据流之间独立互不影响，某个数据流发生丢包了，其数据流不受影响（本质上是多路复用+轮询）。
错误恢复 ：HTTP/3.0 具有更好的错误恢复机制，当出现丢包、延迟等网络问题时，可以更快地进行恢复和重传。而 HTTP/2.0 则需要依赖于 TCP 的错误恢复机制。
安全性 ：HTTP/2.0 和 HTTP/3.0 在安全性上都有较高的要求，支持加密通信，但在实现上有所不同。HTTP/2.0 使用 TLS 协议进行加密，而 HTTP/3.0 基于 QUIC 协议，包含了内置的加密和身份验证机制，可以提供更强的安全性。

# HTTP 是不保存状态的协议, 如何保存用户状态?

HTTP 是一种不保存状态，即无状态（stateless）协议。也就是说 HTTP 协议自身不对请求和响应之间的通信状态进行保存。那么我们保存用户状态呢？Session 机制的存在就是为了解决这个问题，Session 的主要作用就是通过服务端记录用户的状态。典型的场景是购物车，当你要添加商品到购物车的时候，系统不知道是哪个用户操作的，因为 HTTP 协议是无状态的。服务端给特定的用户创建特定的 Session 之后就可以标识这个用户并且跟踪这个用户了（一般情况下，服务器会在一定时间内保存这个 Session，过了时间限制，就会销毁这个 Session）。

在服务端保存 Session 的方法很多，最常用的就是内存和数据库(比如是使用内存数据库 redis 保存)。既然 Session 存放在服务器端，那么我们如何实现 Session 跟踪呢？大部分情况下，我们都是通过在 Cookie 中附加一个 Session ID 来方式来跟踪。

Cookie 被禁用怎么办?

最常用的就是利用 URL 重写把 Session ID 直接附加在 URL 路径的后面。

# URI 和 URL 的区别是什么?

URI(Uniform Resource Identifier) 是统一资源标志符，可以唯一标识一个资源。
URL(Uniform Resource Locator) 是统一资源定位符，可以提供该资源的路径。它是一种具体的 URI，即 URL 可以用来标识一个资源，而且还指明了如何 locate 这个资源。

URI 的作用像身份证号一样，URL 的作用更像家庭住址一样。URL 是一种具体的 URI，它不仅唯一标识资源，而且还提供了定位该资源的信息。

准确点来说，这个问题属于认证授权的范畴，你可以在认证授权基础概念详解open in new window 这篇文章中找到详细的答案。

# PING

# PING 命令的作用是什么？

PING 命令是一种常用的网络诊断工具，经常用来测试网络中主机之间的连通性和网络延迟。

这里简单举一个例子，我们来 PING 一下百度。

# 发送4个PING请求数据包到 www.baidu.com
❯ ping -c 4 www.baidu.com

PING www.a.shifen.com (14.119.104.189): 56 data bytes
64 bytes from 14.119.104.189: icmp_seq=0 ttl=54 time=27.867 ms
64 bytes from 14.119.104.189: icmp_seq=1 ttl=54 time=28.732 ms
64 bytes from 14.119.104.189: icmp_seq=2 ttl=54 time=27.571 ms
64 bytes from 14.119.104.189: icmp_seq=3 ttl=54 time=27.581 ms

--- www.a.shifen.com ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 27.571/27.938/28.732/0.474 ms

PING 命令的输出结果通常包括以下几部分信息：

ICMP Echo Request（请求报文）信息 ：序列号、TTL（Time to Live）值。
目标主机的域名或 IP 地址 ：输出结果的第一行。
往返时间（RTT，Round-Trip Time） ：从发送 ICMP Echo Request（请求报文）到接收到 ICMP Echo Reply（响应报文）的总时间，用来衡量网络连接的延迟。
统计结果（Statistics） ：包括发送的 ICMP 请求数据包数量、接收到的 ICMP 响应数据包数量、丢包率、往返时间（RTT）的最小、平均、最大和标准偏差值。

如果 PING 对应的目标主机无法得到正确的响应，则表明这两个主机之间的连通性存在问题。如果往返时间（RTT）过高，则表明网络延迟过高。

# PING 命令的工作原理是什么？

PING 基于网络层的 ICMP（Internet Control Message Protocol，互联网控制报文协议），其主要原理就是通过在网络上发送和接收 ICMP 报文实现的。

ICMP 报文中包含了类型字段，用于标识 ICMP 报文类型。ICMP 报文的类型有很多种，但大致可以分为两类：

查询报文类型 ：向目标主机发送请求并期望得到响应。
差错报文类型 ：向源主机发送错误信息，用于报告网络中的错误情况。

PING 用到的 ICMP Echo Request（类型为 8 ）和 ICMP Echo Reply（类型为 0）属于查询报文类型。

PING 命令会向目标主机发送 ICMP Echo Request。
如果两个主机的连通性正常，目标主机会返回一个对应的 ICMP Echo Reply。

# DNS

# DNS 的作用是什么？

DNS（Domain Name System）域名管理系统，是当用户使用浏览器访问网址之后，使用的第一个重要协议。DNS 要解决的是域名和 IP 地址的映射问题。

在实际使用中，有一种情况下，浏览器是可以不必动用 DNS 就可以获知域名和 IP 地址的映射的。浏览器在本地会维护一个hosts列表，一般来说浏览器要先查看要访问的域名是否在hosts列表中，如果有的话，直接提取对应的 IP 地址记录，就好了。如果本地hosts列表内没有域名-IP 对应记录的话，那么 DNS 就闪亮登场了。

目前 DNS 的设计采用的是分布式、层次数据库结构，DNS 是应用层协议，基于 UDP 协议之上，端口为 53 。

# DNS 服务器有哪些？

DNS 服务器自底向上可以依次分为以下几个层级(所有 DNS 服务器都属于以下四个类别之一):

根 DNS 服务器。根 DNS 服务器提供 TLD 服务器的 IP 地址。目前世界上只有 13 组根服务器，我国境内目前仍没有根服务器。
顶级域 DNS 服务器（TLD 服务器）。顶级域是指域名的后缀，如com、org、net和edu等。国家也有自己的顶级域，如uk、fr和ca。TLD 服务器提供了权威 DNS 服务器的 IP 地址。
权威 DNS 服务器。在因特网上具有公共可访问主机的每个组织机构必须提供公共可访问的 DNS 记录，这些记录将这些主机的名字映射为 IP 地址。
Local DNS server. Every ISP (Internet Service Provider) has its own local DNS server. When a host makes a DNS request, the request is sent to a local DNS server, which acts as a proxy and forwards the request up the DNS hierarchy. Strictly speaking, not part of the DNS hierarchy

# What is the process of DNS resolution like?

There are many steps in the whole process. I wrote a separate article to introduce it in detail: DNS Domain Name System Detailed Explanation (Application Layer) .