Network layer
Function
Heterogeneous network interconnection
Routing and forwarding: route selection (determine which path), packet forwarding (action to take when a packet arrives)
Congestion control: open-loop control, which does not consider the current network status when making decisions; closed-loop control, based on the concept of feedback loop, is a dynamic algorithm
Make sure the subnet can carry the traffic it reaches
routing algorithm
Static routing and dynamic routing.
Static routing algorithm ( non-adaptive routing algorithm), the routing information is manually configured by the network administrator, which is simple and reliable;
Dynamic routing algorithm (adaptive routing algorithm), which is helpful for flow control, commonly used are: distance-vector routing algorithm and link state routing algorithm, optimized according to a certain algorithm
distance-vector algorithm
All nodes periodically transmit their entire routing table to all directly adjacent nodes. The routing table includes destinations and costs (hop counts), and there is slow convergence, so loops can occur. The common one is the RIP algorithm
Link State Routing Algorithm
In the distance-vector algorithm, each node only talks to its neighbors; in the link state algorithm, each node talks to other nodes by broadcasting
hierarchical routing
The routing protocol used inside an autonomous system is called an interior gateway protocol (IGP), specifically RIP and OSPF; the routing protocol used between autonomous systems is called an exterior gateway protocol, specifically BGP
IPv4
IPV4 packets
Format
Header length:
Occupying 4 bits, the maximum decimal number that can be represented is 15. In 32-bit units, the maximum value is 60B (15×4B). The most commonly used header length is 20B, and no options are used at this time (that is, optional fields)
Overall length:
Takes 16 places. Refers to the length of the sum of the header and the data, in bytes , so the maximum length of the datagram is 65535B. The maximum transmission unit (MTU) of an Ethernet frame is 1500B, so when an IP datagram is encapsulated into a frame, the total length of the datagram (header plus data) must not exceed the MTU value of the data link layer below
ID:
Add 1 every time a datagram is generated. When the length of a datagram exceeds the MTU of the network, it must be fragmented. At this time, the identification number is copied once for each datagram fragment, so that it can be reassembled into the original datagram correctly.
logo:
Takes 3 places. The lowest bit of the flag field is MF, and MF=1 indicates that there are fragments behind; the middle bit of the flag field is DF, and only when DF=0, the fragment offset is allowed.
Fragment offset:
It indicates the relative position of a piece in the original packet after the longer packet is fragmented. The slice offset takes 8 bytes as the offset unit, that is, the length of each slice must be an integer multiple of 8B
IP datagram fragmentation
The maximum amount of data that a data link layer datagram can carry is called the maximum transmission unit (MTU). Because the IP datagram is encapsulated in the data link layer datagram, the MTU of the data link layer strictly limits the length of the IP datagram, and the links on the source and destination paths of the IP datagram may use different data link layer protocols and have different MTUs
The process of forwarding packets
The process of forwarding packets at the network layer
1. Extract the IP address D of the destination host from the header of the datagram to obtain the destination network address N
2. If the network N is directly connected to the router, then the datagram is directly delivered to the destination host D, which is called the direct delivery of the router; otherwise, it is indirect delivery, and proceed to step 3
3. If there is a specific host route with a destination address of D in the routing table (specify a specific route to a specific destination host, usually in order to control or test the network, or just adopt for security considerations), then the datagram is sent to the specified next-hop router in the routing table; otherwise, step 4 is performed.
4. If there is a route to network N in the routing table, then send the datagram to the next-hop router specified in the routing table: otherwise, go to step 5
5. If there is a default route in the routing table, the datagram is sent to the default router specified in the routing table; otherwise, go to step 6
6. Report an error in forwarding packets
IPV4 address and NAT
IPV4 address
127.0.0.0 is reserved as the loopback self-test (LoopbackTest) address, which represents any host itself, and the IP datagram whose destination address is the loopback address will never appear on any network;
32 bits are all 0 , that is, 0.0.0.0 means this host on this network;
All 32 bits are 1 , that is, 255.255.255.255 represents the broadcast address of the entire TCP/IP network, also known as the restricted broadcast address. In actual use, due to the isolation of broadcast domains by routers, 255.55255.255 is equivalent to the broadcast address of this network
network address translation
Network Address Translation (NAT) refers to hiding the internal management IP address from the outside by converting the private network address into a public address.
The network segment of the private IP address is as follows:
Class A: 1 class A network segment, namely 10.0.0.0~10.255.255.255.
Class B: 16 class B network segments, namely 172.16.0.0~172.31.255.255.
Class C: 256 Class C network segments, namely 192.168.0.0~192.168.255.255.
When using NAT, you need to install NAT software on the router connected to the Internet on the private network. The NAT router has at least one valid external global address
When the host using the local address communicates with the outside world, the NAT router uses the NAT translation table to translate the local address into a global address, or convert the global address into a local address
The mapping from { local IP address: port ) to { global IP address: port } is stored in the NAT translation table
Through the mapping method {ip address: port}, multiple private IP addresses can be mapped to the same global IP address
Subnetting and subnet mask, CIDR
subnetting
The basic idea of subnetting is as follows:
Subnetting is purely an internal matter of a unit. Externally, the unit still shows that the network without subnetting borrows several bits from the host number as the subnet number, and of course the host number is correspondingly reduced by the same bits. The structure of the third-level IP address is as follows: IP address={<network number>, <subnet number>, <host number>}
For all IP datagrams sent from other networks to a certain host computer of the unit, the router connected to the network of the unit is still found first according to the destination network number of the IP datagram. Then the router finds the destination subnet according to the destination network number and subnet number after receiving the IP datagram. Finally, the I datagram is delivered directly
subnet mask
The subnet mask is a 32-bit long binary string corresponding to the IP address, which consists of a string of 1s followed by a string of 0s
Among them, 1 corresponds to the network number and subnet number in the IP address, and o corresponds to the host number
The computer only needs to "AND" (logical AND operation) the IP address and its corresponding subnet mask bit by bit to obtain the network address of the corresponding subnet
Classless Inter-Domain Routing (CIDR)
Eliminates the concept of traditional A, B, and C addresses and subnetting, so that the IPv4 address space can be allocated more effectively
CIDR uses the concept of "network prefixes" instead of the concept of subnets. Therefore, the classless two-level addressing of IP addresses is
IP={<network prefix>,<host number>}.
When using CIDR, each entry in the routing table consists of a "network prefix" and a "next hop address". It is possible to get more than one match when looking up the routing table. At this point, the route with the longest network prefix should be selected from the matching results, because the longer the network prefix, the smaller its address block, and thus the more specific the route
ARP, DHCP and ICMP
IP address and hardware address
The IP address is the address used by the network layer, which is hierarchical
The hardware address is the address used by the data link layer. The IP address is used on the network layer and above the network layer. The IP address is placed in the header of the IP datagram, and the MAC address is placed in the header of the MAC frame.
Through data encapsulation, after the IP datagram packet is encapsulated into a MAC frame, the data link layer cannot see the P address in the datagram packet
Address Resolution Protocol ARP
IP works at the network layer, and its working principle is as follows: When host A wants to send an IP datagram to a host B on the local area network, it first checks whether there is an IP address of host B in its ARP cache
If there is, you can find out its corresponding hardware address, then write this hardware address into the MAC frame, and then send the MAC frame to this hardware address through the LAN
If not, then encapsulate and broadcast the ARP request packet with a frame whose destination MAC address is FF-FF-FF-FF-FF-FF, so that all hosts in the same LAN receive the ARP request
After host B receives the ARP request, it sends a response ARP packet to host A. The packet contains the mapping relationship between host B's IP and MAC address. After receiving the ARP request, host A writes the mapping into the ARP cache, and then sends the MAC frame according to the queried hardware address.
Dynamic Host Configuration Protocol (DHCP)
Dynamic host configuration protocol is often used to dynamically assign IP addresses to hosts. It provides a plug-and-play networking mechanism that allows a computer to join a new network and obtain an IP address without manual participation.
DHCP is an application layer protocol, it is based on UDP
The exchange process of the DHCP server aggregation DHCP client is as follows:
A DHCP client broadcasts a "DHCP Discovery" message, trying to find a DHCP server in the network in order to obtain an IP address from the DHCP server
After the DHCP server receives the "DHCP discovery" message, it broadcasts the "DHCP provides y" message to the network , which includes providing the IP address of the DHCP client and related configuration information
The DHCP client receives the "DHCP Offer" message, and if it receives the relevant parameters provided by the DHCP server, it requests the DHCP server to provide an IP address by broadcasting the "DHCP Request" message.
The DHCP server broadcasts a "DHCP Acknowledgment" message to assign the IP address to the DHCP client
Internet Control Message Protocol (ICMP)
There are two types of ICMP messages, ICMP error report messages and ICMP query messages
The ICMP error report message is used by the target host or the router on the path to the target host to report errors and exceptions to the source host
The endpoint is unreachable . When a router or host cannot deliver a datagram, it sends a Destination Unreachable message to the source
Source suppression . When a router or host drops a datagram due to congestion, it sends a Source Quench message to the source
time exceeded . When a router receives a datagram with a time-to-live of zero, in addition to discarding the datagram, it also sends a time-exceeded packet to the source.
Situations in which ICMP error report messages should not be sent
No longer send ICMP error report messages for ICMP error report messages
All subsequent datagram fragments of the first fragmented datagram fragment do not send ICMP error report messages
Do not send ICMP error report messages for datagrams with multicast addresses
IPv6
main feature
Adopt a new version with a larger address space
- Larger address space, address increased to 128 bits;
- Flexible header format;
- Allow the protocol to continue to expand;
- Support plug and play, that is, automatic configuration, no need for DHCP;
- Support resource pre-allocation; only the source node of the packet can be fragmented, which is end-to-end, and the routers in the transmission path cannot be fragmented;
- lPv6 header length must be an integer multiple of 8B;
- no parity
IPV6 address
When there are some consecutive zeros at the beginning of the 16-bit field, it can be abbreviated. When there are consecutive O fields, it can be abbreviated with double colons, but only one transition from IPv4 to IPv6 can occur in one address.
Mobile IP
concept
IPv4-based mobile IP defines three functional entities: mobile node, home agent (also known as home agent and foreign agent (also known as external agent) . Home agent and foreign agent are collectively referred to as mobile agent.
three functional entities
Mobile Node: A mobile node with a permanent IP address
Home Agent: The permanent "home" of a mobile node is the home network, and the entity representing the mobility management function of the mobile node in the home network becomes the home agent (principle), using tunneling technology
External Agent: An entity that assists the mobile node to perform management functions in the external network is called an external agent
Mobile IP communication process
Basic process:
When a mobile node roams to a foreign network , it still uses a fixed P address for communication. In order to be able to receive the IP packet sent to it by the corresponding end, the mobile node needs to register the current location address with the home agent , and this location address is the care-of address
After the home agent receives the registration from the care-of address, it will build a tunnel leading to the care-of address, and send the intercepted IP packets sent to the mobile node to the care-of address through the tunnel
Unencapsulate the tunnel at the care-of address, restore the original IP packets, and finally send them to the mobile node, so that the mobile node can receive these IP packets sent to it on the external network
IP multicast
concept
The reason for using multicast is that some applications want to send a packet to multiple destination hosts. Instead of having the source host send a separate packet to each destination host, have the source host send a single packet to a multicast address that identifies a group of addresses
Hosts join multicast groups using a protocol called IGMP (Internet Group Management Protocol) . They use this protocol to inform routers on the local network of their desire to receive packets addressed to a certain multicast group. By expanding the router's routing and forwarding functions, Internet multicast can be realized on a network that supports hardware multicast interconnected by many routers
multicast address
IP multicast address
РMulticast uses class D address format. The first four digits of the class D address are 1110, so the class D address range is 224.0.0.0 ~239.255.255.255. Each class D IP address flag → a multicast group
IP multicast can be divided into two types: one is for hardware multicast only on the local area network ; the other is for multicast within the scope of the Internet . In the final stage of multicasting on the Internet, the multicast datagram should be delivered to all members of the multicast group by hardware multicasting on the LAN
Hardware multicast:
IGMP and Multicast Routing Algorithm
Phase 1: When a host joins a new multicast group, the host should send an IGMP message to the multicast address of the multicast group, declaring that it wants to become a member of the group. After the local multicast router receives the IGMP message, it forwards the group membership to other multicast routers on the Internet
Phase 2: Because group membership is dynamic, the local multicast router periodically polls hosts on the local LAN to see if they continue to be members of the group. As long as a host responds to a group, the multicast router considers the group active. However, when a group still does not have a host response after several inquiries, the membership of the group will not be forwarded to other multicast routers.
Routing Protocol
autonomous system
Intra-domain routing and inter-domain routing
Routing Information Protocol (RIP)
RIP regulations
Each router in the network must maintain a distance record from itself to each other destination network. The distance is also called the hop count (Hop Count), which stipulates that the distance (hop count) from a router to the directly connected network is 1. And each time a router is passed, the distance (hop count) is increased by 1
RIP believes that a good route is that it passes through a small number of routers, that is, it prefers to choose a path with a small number of hops. RIP allows a path to contain a maximum of 15 routers (that is, a maximum of 15 hops is allowed)
So when the distance is equal to 16, it means that the network is unreachable
By default, RIP broadcasts RIP routing update information every 30 seconds between any two routers using RIP, so as to automatically establish and maintain routing tables (dynamic maintenance)
Features:
- Only exchange information with neighboring routers
- The information exchanged by the router is all the information that the current router knows, that is, its own routing table
- Exchange routing information at regular intervals, such as every 30 seconds
Distance Vector Algorithm
When there is no network N in the original routing table, add this item to the routing table Y When there is a destination network N in the original routing table, and the address of the next-hop router is X, replace the item in the original routing table with the received item
When there is a destination network N in the original routing table, and the address of the next-hop router is not X, if the distance d in the received item is less than the distance in the routing table, replace the item in the original routing table with the received item; otherwise do nothing
shortcoming:
When the network fails, there will be a slow convergence phenomenon (that is, it takes a long time to transmit this information to all routers), commonly known as "bad news is transmitted slowly", which makes the convergence time of the update process long
Open Shortest Path First (OSPF)
Basic Features
Send information to all routers in this autonomous system, the method used here is the flooding method
The information sent is the link state of all routers adjacent to this router, but this is only part of the information that the router knows
Only when the link state changes, the router sends this information to all routers by flooding, and the update process converges quickly
OSPF is a network layer protocol , it does not use UDP or TCP, but directly uses IP datagram transmission (the protocol field of the IP datagram header is 89); and RIP is an application layer protocol , it uses UDP in the transport layer
Because of the frequent exchange of link-state information between routers, all routers can eventually build a link-state database . This database is actually the topological structure diagram of the entire network, which is consistent across the entire network (called synchronization of the link state database). Then, each router uses Dijkstra's shortest path algorithm to calculate the optimal path from itself to each destination network according to the topology diagram of the whole network , so as to construct its own routing table
Protocol Border Gateway Protocol (BGP)
It is a protocol for exchanging routing information between routers of different autonomous systems, and it is an external gateway protocol. Border Gateway Protocol is commonly used between gateways of the Internet. The routing table contains a list of known routers, the addresses that the routers can reach, and the hop count of the path to each router
The Border Gateway Protocol (BGP) can only seek to find a better route that can reach the destination network (it cannot go around in circles), not an optimal route. BGP uses a path vector routing protocol , which is very different from distance vector protocols and link state protocols. BGP is an application layer protocol, it is based on TCP
The administrator of each autonomous system should select at least one router (there can be more than one) as the "BGP spokesperson" of the autonomous system
