[Network programming] DNS protocol, ICMP protocol, NAT protocol

1. DNS protocol

1.1 Domain name resolution service

In TCP/IP, the IP address and port number are used to determine a program of a host on the network . But the IP address is not convenient to remember. So people invented something called the host name, which is a character string, and used the hosts file to describe the relationship between the host name and the IP address.
cat /etc/hostsView the contents of the hosts file
insert image description here

We know that Baidu's domain name is, but this is not friendly to ordinary people, or www.baidu.com is friendly to ordinary people.

But the scope of this influence is too small, so later there was an organization that wrote all the mapping relationships between host names and IP addresses in the world into a set of network services. This network service allows anyone to request, and then converts the domain name into an IP address and returns it. go. Also called domain name resolution service .

After obtaining the IP address through the domain name, we initiate a request to the network. This work is done by the software we installed ourselves.

1.2 Domain name classification

A domain name is a hierarchical structure name used to identify a host name and the organization to which the host belongs, eg www.baidu.com.

com: The first-level domain name , indicating that this is an industrial and commercial domain name. .netThere are also (network provider) and .org(open source organization or non-profit organization) at the same level .
baidu: Second-level domain name , company name.
www: is just an idiom.

1.3 The process from entering the URL to obtaining the page

This is also a high-frequency interview question, and there is another way to ask: what happens after the browser enters the url?

1️⃣ DNS resolution to obtain the IP address
2️⃣ After the browser obtains the IP address corresponding to the domain name, the browser requests the server to establish a connection and initiates a three-way handshake;
3️⃣ After the TCP/IP connection is established, the browser sends an HTTP request to the server;
4️⃣ The server receives This request is mapped to a specific request processor for processing according to the path parameters, and the processing result and the corresponding view are returned to the browser;

Standing at the pure application layer first : introduce the request and response format of the HTTP protocol. After the connection is established, the request and response can be exchanged. Some browsers may need to do DNS domain name resolution before the request. Only after obtaining the IP can they send the destination IP and destination The port sends the request, and there are GET and POST methods for the request. The common fields in the request and response are: status code, cookie and session.
Then there may be problems with the connection process and information transmission process (data packet loss, congestion control, data routing), and then you can talk about the following layers.

2. ICMP protocol

2.1 ICMP protocol function

The IP protocol not only needs to have communication capabilities, but also needs to have troubleshooting capabilities .

ICMP is a protocol between the network layer and the transport layer , and it is mainly used to confirm whether the message is lost.

The main functions of ICMP include:

  • Confirm whether the IP packet reaches the destination address successfully.
  • Notify the reason of IP packet discard during sending.
  • ICMP can only be used with IPv4. If it is IPv6, ICMPv6 needs to be used.

For example, there are multiple routers between host A and host B, but the data cannot reach B at the last router. At this time, the router will send ARP requests multiple times. If there is no response, it will finally return information to host A. . At this time, host A knows that the data it sends cannot reach host B.

2.2 ping command

Under windows:
insert image description here
Under Linux:
insert image description here

  • Note that the ping here is the domain name, not the url ! A domain name can be resolved into an IP address through DNS.
  • The ping command can not only verify the connectivity of the network, but also count the response time and TTL (life cycle).
  • The ping command will first send an ICMP Echo Request to the peer.
  • After the peer end receives it, it will return an ICMP Echo Reply.

Therefore, the bottom layer of the ping command is to set the TTL (hop count) through the ICMP protocol to detect network connectivity.

2.3 Port number for ping?

Some interviewers may ask: The port number corresponding to telnet is 23, and the port number corresponding to ssh is 22. What is the port number corresponding to ping?

The ping command is based on ICMP, which is at the network layer. The port number is the content of the transport layer. In ICMP, information such as the port number is not . So ping has no port number at all. The ping command is actually a way to bypass the transport layer and directly access the underlying ICMP protocol.

3. NAT protocol

When talking about the IP protocol, I said that the number of IP addresses in the IPv4 protocol is insufficient, and NAT technology is currently the main means to solve the shortage of IP addresses, and it is an important function of the router:

NAT (Network Address Translation) technology is the main means to solve the shortage of IP addresses , and can effectively avoid attacks from outside the network, hide and protect computers inside the network.

3.1 NAT IP conversion process

  • The process of data packets from LAN to public network

This is mentioned in the network segment division of the previous IP protocol. In fact, when the data packet reaches the home router, the router will replace the source IP with the WAN port IP .

insert image description here

At this time, the target server receives the data packet, and then forms a response, and now it needs to return to our own host, but this response information can only be returned to the operator's router, so how to forward it from the operator's server to our own host?

Because multiple hosts in a LAN access an external server at the same time, all the destination IPs in the data returned by the server are the same (the source IP is replaced by the sending process), so it is not known where to return the data in the LAN. Taiwan host (router).

3.2 NAPT (Address Translation Table)

NATP can solve the problem of data return very well, and use IP + port to establish this association.

In fact, when the router forwards data, it not only changes the source IP, but also maintains an address conversion table .

Take this picture as an example:
insert image description here

When the two home routers forward to the operator router, the operator router will create an address translation table:
insert image description here

In the table on the left is the quaternion form of IP:port , which identifies the only host in the LAN .
The right side is the source address and target address after the replacement .

In this way, a set of mapping tables with mutual key values ​​is formed .

Here I will talk about the following problem with the same port number. It is possible that two hosts in the same LAN use the same client (with the same port number). At this time, they have entered the external network router and need to replace the source IP, which will lead to The two hosts can no longer be distinguished. The solution is to find that the two hosts have the same port number when forwarding, then change the port number when forwarding.

Therefore, in addition to replacing the IP of the WAN port, the NAT router will also replace the port number.

When data is forwarded, each router will maintain a NAPT address translation table.

Think about a question:
If a host has never accessed a server on the external network, can this server find this host?

No, because the router has not established a mapping relationship, so it cannot be found.
It is impossible to establish a connection to the internal server from outside the NAT, because the external cannot know the internal private network IP, so it cannot actively establish a connection with the internal server.

3.3 Proxy server

The function of the proxy server is to act as a proxy for network users to obtain network information , and the proxy server is divided into forward proxy and reverse proxy.

  • forward proxy

The client does not directly access the target server, but first accesses the proxy server , and the proxy server replaces the client to access the corresponding target server, and returns the response result of the target server to the client.
insert image description here

When multiple hosts want to access the same resource on the external network, the forward proxy server can cache the corresponding resource locally. At this time, when other hosts want to access the resource, they can obtain it directly on the forward proxy server. There is no need to access the external network again.

  • reverse proxy

For the client, the reverse proxy server is equivalent to the target server, the user does not need to know the address of the target server, and the user only needs to visit the reverse proxy server to obtain the service provided by the target server.

insert image description here
For example, www.baidu.comthe server corresponding to the domain name is actually a reverse proxy server.

There is actually not , but people in different regions can enjoy the services provided by Baidu by visiting www.baidu.com. In fact, what we visit is Baidu's reverse proxy server.
insert image description here
When this reverse proxy server receives the client's data request, it will forward our data request to a certain server inside Baidu for data processing, and then return the data processing result to the client.

  • The relationship between forward proxy and reverse proxy

For the client, the one closest to the client is the forward proxy, and the one closer to the server is the reverse proxy.

The forward proxy acts as the client, and the reverse proxy acts as the server. One serves the client and the other serves the server. The difference is very obvious, as shown in the figure below:
insert image description here


The forward proxy is the proxy of the client, helping the client to access server resources that it cannot access , while the reverse proxy is the proxy of the server, helping the server to do load balancing, security protection and other work .
In forward proxy, the server does not know who the real client is, and the server thinks that the forward proxy server is the real client, while in reverse proxy, the client does not know who the real server is, and the client thinks that the reverse proxy is the real client. A server is a real server.

3.4 The difference between NAT and proxy server

Both NAT and proxy server initiate data requests to the server instead of us, but they have the following differences:

  • In terms of application, NAT equipment is one of the basic network equipment ( necessary ), and it solves the problem of insufficient IP, while the proxy server is closer to the specific application, such as bypassing the wall through the proxy server, and other services like Xunyou The accelerator is also the proxy server (proxy in the wide area network) used.
  • In terms of underlying implementation, NAT works at the network layer and directly replaces IP addresses, while proxy servers often work at the application layer .
  • In terms of the scope of use, NAT is generally deployed at the egress of the LAN, and the proxy server can be used as a proxy in the LAN, or in the WAN, or across networks.

Guess you like

Origin blog.csdn.net/qq_66314292/article/details/131851890