computer network protocol
Overview:
- TCP/IP four-layer model
- HTTP three-way handshake and four-way wave
- TCP and UDP; reasons for UDP packet loss
- The difference between HTTP0.9 / HTTP1.0 / HTTP1.1 / HTTP2.0
- HTTPS protocol, working principle and encryption algorithm.
- What happens in the browser from request to response?
1. The four-layer model of TCP/IP
![[External link picture transfer failed, the source site may have an anti-theft link mechanism, it is recommended to save the picture and upload it directly (img-QcNYPypY-1596516899294) (C:\Users\Angora Rabbit\AppData\Roaming\Typora\typora-user -images\image-20200804110514659.png)]](https://img-blog.csdnimg.cn/2020080412553869.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl80MDMwNzIwNg==,size_16,color_FFFFFF,t_70)
Data is transmitted from an application program on one terminal to an application program on another terminal in the network. It needs to go through many processes in the middle, and multiple parties participate in the layer-by-layer encapsulation and forwarding of the data. We logically divide this process into layers, and each layer performs its duties according to the rules and regulations (protocols) of this layer.
The TCP/IP protocol can be divided into application layer, transport layer, Internet layer, and network interface layer.
Application layer: The data format specification used by network-related programs to communicate with other programs through the network.
- HTTP (port 80), mainly used for normal browsing.
- HTTPS (port 443), a secure version of the HTTP protocol.
- FTP (ports 20 and 21), for file transfers.
- POP3 (port 110), for receiving mail.
- SMTP (port 25), used to send emails.
- SSH (port 22), used for encrypted and secure login.
- DHCP (port 67, Dynamic Host Configuration Protocol), dynamically configures IP addresses.
- DNS, used to complete address lookup, mail forwarding, etc. (running on TCP and UDP protocols).
- SNMP, used for network information collection and network management.
- ARP, used to dynamically resolve the addresses of Ethernet hardware.
Transport Layer: Addresses issues such as end-to-end reliability (whether the data has reached its destination) and ensuring that data arrives in the correct order.
TCP/UDP protocol
Internet Layer: Solve the problem of transmitting data packets on a single network.
IP protocol
Network interface layer: It is the specification followed by the transmission of data packets from the network layer of one device to the network layer of another device.
Such as Ethernet protocol, Wi-Fi protocol.
2. HTTP three-way handshake and four-way wave
- three handshake
![[External link picture transfer failed, the source site may have an anti-theft link mechanism, it is recommended to save the picture and upload it directly (img-Db0P34aJ-1596516899303) (C:\Users\Angola Rabbit\AppData\Roaming\Typora\typora-user -images\image-20200803094846916.png)]](https://img-blog.csdnimg.cn/20200804125607240.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl80MDMwNzIwNg==,size_16,color_FFFFFF,t_70)
The first handshake : the client sends the first packet, in which the SYN flag is 1, ACK=0, and the sending sequence number seq=x (random int). The client enters the SYN sending state and waits for the server to confirm.
The second handshake : the server sends the second packet after receiving this packet, in which the SYN and ACK flags are 1, the sending sequence number seq=Y (random int), and the receiving sequence number ack=x+1, at this time the server Enter the SYN receiving state.
The third handshake : After receiving the packet from the server, the client sends the third packet to the server, SYN=0, ACK=1, receiving sequence number ack=Y+1, sending sequence number seq=X+1. After the packet is sent, the client and server enter the ESTABLISHED state and complete the three-way handshake.
Why a three-way handshake?
In order to prevent the server from opening some useless connections to increase server overhead and prevent the invalid connection request segment from being suddenly transmitted to the server, resulting in an error.
Due to the delay in network transmission, during the transmission process, for example, the client initiates a SYN=1 request to create a connection (the first handshake), if the server directly creates the connection and returns a message containing SYN, ACK and Seq and other content data packets are sent to the client, and this data packet is lost due to network transmission.
The client thinks that the connection has not been successfully established, and will not transmit the message and close the connection request. The port on the server side will always be open. When the client re-sends the request due to timeout, the server will reopen a port connection, resulting in server-side overhead. Serious waste.
- waved four times
![[External link picture transfer failed, the source site may have an anti-theft link mechanism, it is recommended to save the picture and upload it directly (img-26vB8rCz-1596516899306) (C:\Users\Angola Rabbit\AppData\Roaming\Typora\typora-user -images\image-20200803095116022.png)]](https://img-blog.csdnimg.cn/2020080412562514.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3dlaXhpbl80MDMwNzIwNg==,size_16,color_FFFFFF,t_70)
The first wave: the active closing party (client) sends the first packet, in which the FIN flag is 1, and the sending sequence number seq is u.
The second wave: the passive closing party (server) sends the second packet after receiving the FIN packet, in which the sending sequence number seq is v, and the receiving sequence number ack is u+1.
The third wave: the passive closing party (server) sends a third packet, in which the FIN flag is 1, the sending sequence number seq is w, and the receiving sequence number ack is u+1.
The fourth wave: the active closing party (client) sends the fourth packet, in which the sending sequence number is u+1 and the receiving sequence number is w+1. At this point, complete four waves
Why wave four times:
When establishing a connection, the passive server ends the CLOSED stage and enters the "handshake" stage without any preparation, and can directly return SYN and ACK messages to start establishing a connection. When the connection is released, the passive server cannot release the connection immediately when it suddenly receives a request from the active client to release the connection, because there is still necessary data to be processed, so the server first returns ACK to confirm receipt of the message, and after CLOSE-WAIT After the stage is ready to release the connection, the FIN release connection message can be returned.
Why wait for 2MSL:
If the client receives the FIN message from the server again within 2MSL, it means that the server has not received the ACK confirmation message sent by the client due to various reasons. The client sends an ACK confirmation message to the server again, the timer is reset, and the timing of 2MSL is restarted; if the client does not receive the FIN message from the server again within 2MSL, it means that the server has received the ACK confirmation message normally , the client can enter the CLOSED stage and complete the "four waved".
3. TCP and UDP
TCP: Transmission Control Protocol
UDP: User Datagram Protocol (User Datagram Protocol)
Main difference :
| TCP | UDP | |
|---|---|---|
| Is it connected | connection-oriented | no connection |
| Is it reliable | reliable | Unreliable |
| Number of connection objects | one to one | Support unicast, multicast, broadcast |
| transfer method | stream-oriented | message-oriented |
| head overhead | 20-60 bytes | 8 bytes |
| program complexity | more complicated | Simple |
| system resource overhead | big | Small |
| speed | slow | quick |
| scenes to be used | Suitable for applications requiring reliable transfers, such as file transfers | Suitable for real-time applications (IP telephony, video conferencing, live broadcast, etc.) |
Main reasons for UDP packet loss
- Sent packet too large:
- If the 64K conference causes the UDP protocol sendto to return an error.
- If it is larger than the MTU, UDP packets are prone to packet loss at the receiving end, exceeding the receiver's cache and causing packet loss.
- The frequency of sending packets is too large:
- The receiving end is too late to receive, resulting in packet loss.
- The sending network card cannot handle it. Consider sleeping when the sending frequency is too fast.
- Receiver takes too long to process:
- The packets sent between the receiving end calling the recv method twice to receive data may be lost.
- Solution: You can modify the receiving end, store the package in a buffer after receiving it, and then quickly return to continue recv.
4. The difference between HTTP0.9 / HTTP1.0 / HTTP1.1 / HTTP2.0
| time | Version | Function and Difference |
|---|---|---|
| 1991 | HTTP/0.9 | Only GET requests are supported, and request headers are not supported; the server closes the TCP connection after sending the request. |
| 1996 | HTTP/1.0 | The default short connection (one request to establish a connection, the connection is disconnected after the request is completed); supports GET, POST, HEAD requests; added status code (status code), multi-character set support, multi-part sending (multi-part type), Authorization, cache, content encoding, etc. |
| 1999 | HTTP/1.1 | Default long connection (one TCP connection can be requested multiple times); add Host header, support virtual host; support breakpoint resume function; add five new request methods OPTIONS, PUT, PATCH, DELETE, TRACE, CONNECT. |
| 2015 | HTTP/2.0 | Multiplexing (one TCP connection can handle multiple requests at the same time); parsing is based on binary , with fewer parsing errors and more efficient (HTTP/1.X parsing is based on text); active push by the server allows the server to actively push resources to the client; Header compression to reduce overhead. |
5. HTTPS protocol
The HTTP protocol is usually carried on top of the TCP protocol, and the HTTPS protocol adds a security protocol layer (SSL or TSL) between HTTP and TCP.
effect:
①Encrypt data and establish an information security channel to ensure data security during transmission;
②Authenticate the identity of the website server. If the information is tampered with, both parties in communication can find out immediately;
③ Data integrity check
The difference between HTTPS and HTTP
| HTTP | HTTPS | |
|---|---|---|
| protocol | plaintext transfer protocol | encrypted transmission protocol |
| Certificate | Need not | SSL certificate required |
| standard port | 80 | 443 |
| position | Based on the application layer | Based on the transport layer |
| safety | Safety | unsafe |
HTTPS encryption method:
- Symmetric encryption (aka keyed encryption)
Both encryption and decryption use the same key. Common symmetric encryption algorithms include DES, 3DES, and AES.
Advantages: open algorithm, small amount of calculation, fast encryption speed, high encryption efficiency, suitable for encrypting relatively large data.
Disadvantages: Both parties to the transaction need to use the same key, so the transmission of the key cannot be avoided, and the key cannot be guaranteed not to be intercepted during the transmission process, so the security of symmetric encryption cannot be guaranteed. Every time a pair of users uses a symmetric encryption algorithm, they need to use a unique key unknown to others, which will cause a sharp increase in the number of keys owned by both sender and receiver, and key management becomes a burden for both parties. Symmetric encryption algorithms are difficult to use in distributed network systems, mainly because key management is difficult and the cost of use is high.
- asymmetric encryption
The key used for encryption and the key used for decryption are different, and they are respectively called: public key and private key; both the public key and the algorithm are public, and the private key is kept secret. A common asymmetric encryption technology is RSA technology. The public key and the private key are a pair. If the data is encrypted with the public key, it can only be decrypted with the corresponding private key; if the data is encrypted with the private key, it can only be decrypted with the corresponding public key.
The basic process of asymmetric encryption algorithm to realize the exchange of confidential information is: Party A generates a pair of keys and discloses one of them as a public key; Party B who obtains the public key encrypts the confidential information with the public key and then sends it to Party A; Party A decrypts the encrypted information with its own private key.
Advantages: the algorithm is public, encryption and decryption use different keys, the private key does not need to be transmitted through the network, and the security is very high.
Disadvantages: The amount of calculation is relatively large, and the speed of encryption and decryption is much slower than that of symmetric encryption.
- Hybrid encryption:
Combining asymmetric encryption and symmetric encryption techniques. The client uses symmetric encryption to generate a key to encrypt the transmitted data, and then uses the asymmetric encrypted public key to encrypt the secret key, so the data transmitted on the network is the ciphertext encrypted by the secret key and the encrypted text encrypted by the public key. Therefore, even if it is intercepted by a hacker, since there is no private key, the secret key for encrypting the plaintext cannot be obtained, and the plaintext data cannot be obtained.
Workflow of HTTPS:
1. Establish a secure transmission
After the TCP connection is established, in the HTTPS protocol, the client and the server will initialize the SSL layer, which is the security layer.
2, SSL handshake
Before sending the message, the client and the server will perform an SSL handshake. During this process, the following tasks are mainly completed: exchanging the protocol version number—choosing a password that both ends understand—authenticating the identities of both ends— Generate a temporary session key to encrypt the channel (after the secure channel is established, symmetric encryption is used when transmitting the message);
The authentication here is carried out through digital certificates. After the client obtains the certificate, it will use the corresponding algorithm to verify the identity information of the server, including:
Date detection: the client will check whether the validity period of the certificate is legal;
Signature Issuer Credibility Detection: The browser will attach a trusted list of the signature authority, if the browser receives a certificate issued by the authority of the location, it will display a warning message;
Signature detection: the client uses the public key of the signing authority for the signature, and then compares it with the verification code to verify whether the certificate is legal;
Site identity detection: the client verifies whether the domain name in the digital certificate matches the domain name of the server;
After the identity authentication is completed, the client and the server conduct password negotiation to determine which encryption algorithm to use for this connection.
3. Start communication
After the SSL handshake is completed, the HTTPS channel is established, and the client and server will communicate according to the negotiated encryption algorithm.
[External link picture transfer failed, the source site may have an anti-theft link mechanism, it is recommended to save the picture and upload it directly (img-B5q64Alx-1596516899310) (C:\Users\Angora Rabbit\AppData\Roaming\Typora\typora-user -images\image-20200804113550456.png)]
6. Enter the URL in the address bar of the PC browser, and what happens from the time the request is initiated to the request page response is received?
1. First, enter the url in the address bar of the browser, first parse the url, and check whether the url address is legal
2. The browser first checks the browser cache-system cache-router cache-ISP cache. If there is one in the cache, it will directly display the page content on the screen. If not, skip to the third step.
Browser cache: The browser will record DNS for a period of time, so it is only the first place to resolve DNS requests;
Operating system cache: If this record is not included in the browser cache, the system will call the operating system to obtain the operating system record (save the latest DNS query cache);
Router cache: If the above two steps fail to obtain DNS records, continue to search the router cache;
ISP cache: If all the above fails, continue to search for ISP.
3. Before sending an http request, domain name resolution (DNS resolution) is required to obtain the corresponding IP address.
4. The browser initiates a tcp connection to the server, and establishes a tcp three-way handshake with the browser.
5. After the handshake is successful, the browser sends an http request to the server to request a data packet.
6. The server processes the received request and returns the data to the browser
7. The browser receives the HTTP response
8. The browser decodes the response, and if the response can be cached, store it in the cache.
9. The browser sends a request to obtain resources embedded in HTML (html, css, javascript, pictures, music...), for unknown types, a dialog box will pop up.
10. The browser sends an asynchronous request.
11. All pages are rendered.
A word to my 20-year-old self:
Whether you are poor or rich, whether you are sick or healthy, whether you are successful or frustrated, please keep learning something new every day until you die, the world is worth it.