Article Directory
foreword
This article mainly records the key protocols of each layer in the TCP/IP five-layer model, focusing on the TCP/UDP protocol (including the three-way handshake and four-way handshake that are often tested).
1. Key protocols of the application layer
1.DNS
DNS (Domain Name System) domain name system is a system that maps domain names to IPs. It is a character string, such as: www.baidu.com, etc.
2.NAT
NAT is an important means to solve the shortage of IP addresses and an important function of routers.
NAT/IP conversion process: The NAT router replaces the source address with the global IP; when the router receives external data, it replaces the target IP back to the source address. There is an automatically generated table for address translation inside the NAT router.
Defects of NAT: (1) It is impossible to establish a connection from the outside of NAT to the internal server; (2) The generation and destruction of the translation table require additional overhead; (3) Once the NAT is abnormal, all TCP connections will be disconnected.
3.HTTP/HTTPS
(HTTP and HTTPS are the key protocols of the application layer, which are recorded in web development)
2. Key protocols of the transport layer
1.TCP
1. TCP format
The format of TCP is shown in the figure above, and it will be mentioned interspersed in the properties.
2. Attributes
TCP provides a control mechanism for data at the transport layer. As long as it is safe and efficient, in order to improve the transmission efficiency under the premise of reliability, set the following attributes: (1) Confirmation response (security mechanism): the process of data
transmission In order to avoid repeated transmission of data, each byte of data is numbered, which is the serial number, and each ACK has a corresponding confirmation serial number, telling the sender that the data has been received.
(2) Timeout retransmission (safety mechanism): During data transmission, ACK may be lost, and the receiver will receive many duplicate data. The TCP protocol does not solve this problem, and the serial number mentioned above will be deduplicated. The effect; how should the overtime be determined? In order to ensure high-performance communication in any environment, TCP will dynamically calculate the maximum timeout period. If it times out m for the first time, it will wait for 2*m before retransmitting, increasing exponentially. After a certain number of times, it will Force close.
(3) Connection management (security mechanism)
Three-way handshake to establish a connection: the sender requests a connection, SYN=1, and the receiver sends ack=1 at the same time after receiving the request, syn=1 to the sender to confirm the connection, and the sender then sends the receiver Send an acknowledgment signal that a connection has been established. The three-way handshake can also be four times, but it is unnecessary and a waste of time.
Two important states:
LISTEN: After the server is started, after the port is bound.
ESTABLISHED: The stable state after the connection is established.
Wave four times to disconnect: After the sending end sends FIN to the receiving end to indicate disconnection, the receiving end responds to the sending end are you sure you want to disconnect, and the sending end responds with a confirmation signal to disconnect. Among them, the four times of waving, the separation is mainly due to the fact that the ACK is triggered immediately after the operating system kernel receives the FIN, and the other is triggered by the application program calling the close method of the Socket, and the timing is different. It may also be three times. If the two in the middle are at the same time, they may be merged.
Two important states:
CLOSE_WAIT: Generally used on the receiving end, when a large number of close states appear, it means that the code logic may be wrong and it was not called in time.
TIME_WAIT: The sender enters the state after receiving the end segment, and enters the CLOSED state after waiting for 2MSL time. This state is more important, for example: when the last ACK is lost, it will wait for 2MSL to enter the CLOSED state.
(4) Sliding window (efficiency mechanism): When we send a message, if we send a sentence and wait for the other party to reply, and then send the next sentence after confirming the other party's response, the transmission efficiency is too low. Next, to improve the transmission efficiency, the sliding window can solve this problem well. The size of the window is the maximum value that can continue to send data without orderly waiting for confirmation . Set the sending buffer to record unconfirmed data; the larger the window, the higher the network throughput.
If the ACK is lost during the transmission, it doesn't matter, because it can be confirmed by the subsequent ACK.
If the data is lost during the transmission, the sender will always receive repeated reminders of what data packet ACK is needed. After three consecutive times, the corresponding data will be resent, and then directly return to the position of the last transmission through the receiving buffer.
(5) Flow control (safety mechanism): Since the processing speed of the receiving end is limited, if the sending end sends too fast, it will cause the receiving buffer to be too full, and if it continues to receive, it will cause some problems such as packet loss. In order to control the sending speed of the sending end , TCP sets the flow control mechanism to support the control of the sending end according to the processing capability of the receiving end.
(6) Congestion control (safety mechanism): The sliding window can solve the problem of transmission efficiency very well, but if the sliding window is very large at the beginning, it will cause a series of problems. All for safety, TCP uses the congestion window, and it is very slow to send at the beginning. If there is less data, it detects whether the network is unobstructed, and then increases exponentially to a threshold and then grows linearly.
(7) Delayed response (efficiency mechanism): If the host receiving data returns an ACK response immediately, the window at this time may be smaller. In order to improve transmission efficiency when the network is not congested, let it delay the response. After reaching the maximum delay time Just one time.
(8) Piggyback acknowledgment (efficiency mechanism): The receiving end and the sending end mostly send and receive once, and the ACK can be responded together when the receiving end responds to the sender.
(9) Byte stream-oriented (sticky packet problem): The data packets received by the application layer are sorted by serial numbers at the transport layer, but the application layer is a series of byte data, and it is not known where to start and where to end. In order to avoid this situation, it is necessary to clarify the boundary between the two packets, which can be improved by setting identifiers, data length, etc.
(10) Abnormal situations
a. Program crash: The process exits abnormally, and the operating system will recycle the resources of the process, which is similar to the normal four-wave wave.
b. Normal shutdown: The system kernel will release the file descriptor and wave four times.
c. The machine is powered off: If the receiver is powered off, the sender will continue to send data, but there is no ACK. After several retransmissions, there is still no response. It will try to reset the connection, but it will fail, and it will give up the connection. If the sender is the one that loses power, the receiver will send a "heartbeat packet" after a while, which is a packet that does not carry any data. If the other party does not respond, the connection will be abandoned at this time.
d. The network cable is disconnected: it is the same as the power off of the machine.
这里主要记录TCP的是个属性,但TCP远不止这十个属性
2.UDP
1. Format
UDP does not need to establish a connection, and only needs the destination IP and port number for transmission. It is an unreliable transmission for datagrams.
3. TCP/UDP comparison
| TCP | UDP |
|---|---|
| connected | no connection |
| reliable | Unreliable |
| stream-oriented | Datagram Oriented |
| Both receive and transmit buffers have | receive buffer only |
interview question 1
How to implement a reliable transmission based on the transport layer UDP protocol?
You can refer to the logic implemented by TCP's reliable mechanism at the application layer: (1) introduce serial numbers to ensure the order of data; (2) introduce confirmation responses to ensure that the peer end has received the data; Resend data without reply, etc.
3. Network layer key protocols
1.IP
The format of the protocol header is as follows:
4-digit version number, such as IPv4, IPv6; 8-digit service type, the four main digits on the right indicate: minimum delay, maximum throughput, highest reliability, and minimum cost, only one of four can be selected .
The 8-bit time-to-live TTL is the maximum number of hops for a datagram to reach its destination, generally 64, after a route minus 1, until it reaches 0, it will be discarded.
The 8-bit protocol indicates the type of the upper layer protocol. The 16-bit header checksum uses CRC to check whether the header is damaged.
(1) Address management
The IP address consists of a network number and a host number.
Network number: identifies the network segment, and ensures that the two network segments connected to each other have different representations.
Host number: Identify the host. In the same network segment, hosts have the same network number, but must have different host numbers.
Subnet mask: used to divide from where to where is the network number, which is characterized in that the left half is all 1, and the right half is all 0; for example: 255.255.255.0 means that the host number has 24 bits. Classes A, B, C, D, and E do not make too many explanations.
Broadcast IP: The host number is all 1.
IP addresses are divided into two categories: external network IP/public network IP, internal network IP/private network IP/LAN IP; (agreement 10. , 172.16~172.31 . LAN IP)
Local loopback address: 127.0.0.1
Local IP address: 192.168.xxx.xxx
(2) Routing selection
is similar to "asking the way". From one point to another point, go all the way and ask until you reach the end point. There is a routing table data structure in the router. If the current IP router knows it, it will give a clear route , if the router does not recognize it, the router will send the datagram to a wider router (the default option next hop in the routing table), if it is not found in the end, the TTL will be exhausted and it will be over.
4. Key protocols of the data link layer
1. Ethernet
(1) The format of the Ethernet frame is as follows:
the destination address and the source address are the mac address (physical address), expressed in 6 bytes, mainly for forwarding between adjacent nodes at the data link layer, the mac address It can be used as a way to identify the host.
1500 of data is the maximum value of an Ethernet data frame.
The frame protocol type field has three values: IP, ARP, RARP.
The CRC checksum is calculated by the hardware (network card), and the UDP checksum is calculated by software.
(2) MTU
MTU is to limit the physical layer corresponding to different data links. The maximum data length of Ethernet is 1500 bytes; if the length of the data packet from the Ethernet route to the link is too long, the data packet needs to be fragmented , the MTU of different data link layer standards is different.
(3) ARP
The ARP protocol establishes the mapping relationship between the host IP address and the MAC address. RARP is the opposite relationship.
Interview question 2
From entering a URL in the browser to finally displaying the page, what will probably happen?
(1) Perform DNS domain name resolution: automatically convert the domain name into an IP address;
(2) Encapsulate: the browser constructs an HTTP datagram; hand it over to the transport layer TCP (first establish a connection three-way handshake), and then send the HTTP request just now , the data is handed over to the network layer, the IP protocol is encapsulated into an IP datagram, and the IP datagram is handed over to the data link layer, encapsulated into a corresponding data frame, and finally transmitted through the network card; (3) Transmission: there will be some switches in the
middle And the router, the switch will distribute the data to the data link layer (the upper layer will not be parsed), then repackage and continue to forward; the router will distribute the data to the network layer (the upper layer will not be parsed), and repackage , continue forwarding; the routing table matching process is that the router matches the destination IP in the routing table according to the datagram, and finds a suitable direction to send it out (each forwarding TTL-1); (4) After reaching the target server: the server performs
layer Layers are used until the HTTP layer; the server will find the resource it wants to access, and then construct the resource into an HTTP response (calculate the response according to the request); (5) The server repackages the response; (6) The response data
is
in Forward in the middle and return to the browser;
(7) The client is analyzing the data;
(8) Parse a web page and render it to the browser.