Article directory
1. IP protocol
(1) Concept and understanding of IP address protocol
IP is the abbreviation of Internet Protocol (Internet Interconnection Protocol), which is the network layer protocol in the TCP/IP system. The purpose of designing IP is to improve the scalability of the network:
one is to solve Internet problems and realize the interconnection
and intercommunication of large-scale and heterogeneous networks; Independent development. According to the end-to-end design principle, IP only provides a connectionless, unreliable, best-effort datagram transmission service for the host.
As shown in the figure below:
Because the current mainstream versions of the IP protocol include IPV4 and IPV6, but IPV6 is currently not popular enough and has little versatility, so I mainly write about the representative IPV4 in this blog.
Analysis :
What exactly does IP do? What role do you play?
The core work of the IP address:
The role of the IP layer is to locate the host, and it has the ability to send data A from the host to the B host across the network. Ability may not necessarily be able to do it, but it is reflected in a very high probability. In fact, it is only an actor in essence, and tcp provides it with a strategy to reliably send data A from host A to host B across the network . .
In the path selection, the target IP is very important. It determines how our path will be taken. Just like Tang Monk went to the West to learn Buddhist scriptures. Don’t ask him where he came from. He said that he came from the Eastern Tang (source IP address) and went to the West (target IP address). Learn from the scriptures, and if you ask him where he came from the last stop, for example, he said he came from the daughter country, this is the MAC address (described later).
But he specifically went to Leiyinsi (target host), IP = target network + target host .
Host : a device equipped with an IP address, but without routing control;
router : equipped with an IP address, but also capable of routing control;
node: General term for host and router
(2) IP address protocol format
The 4-digit header length is the same as the 4-digit header length in the TCP header, which represents the length of the IP header in 4 bytes. The maximum number that can be represented by 4 bits is 15, that is, the maximum length of the IP header is 15 *4 = 60 bytes The total length of 16 bits refers to how many bytes the IP datagram occupies as a whole. Use the total length - the header is the payload .
4-digit version number : used to identify the version number of the IP header, the common ones are IPV4 and IPV6, and the header format of each version is different.
4-bit header length : indicates the length of the IP header, the unit is 4 bytes or 32 bits, because the header length has 4 bits, the maximum data that can be represented is 15 or 2^4 - 1, so the maximum length of the IP header is 15 * 4 = 60 bytes, because the minimum length of the header is 5 (except options), so the minimum length of the IP header is 20 bytes.
8-bit service type : used to indicate the quality of service. Currently 0-2 bits are deprecated, and 7 bits are reserved. The 3-6 bits are the TOS field, which are the lowest delay, the maximum throughput, and the maximum reliability, respectively (the combination of these four bits also represents the maximum security).
16-bit datagram length : mark the sum of the IP header and the length of the sent data, the size is 2^16, which is 64K, 65535. Because the total size of the header and data of IPV4 is 65535 bytes, but the data contains the data passed down from the upper layer (transport layer), so the size of the upper layer such as UDP protocol data is limited to 65535-20 (ip protocol header) - 8 (UDP protocol header). IPV6 does not have this problem.
16-bit identifier : identifies which complete upper-layer message the current fragment belongs to, and is used for fragment reassembly. Due to the MTU limitation of the data link layer, if the IP packet is larger than the MTU but fits the datagram length field, the data will be fragmented at the network layer, and the data will be split and sent, and then Reassembly, which uniquely identifies the packet sent by the host. If the IP packet is fragmented at the data link layer, the id in each fragment is the same .
3-bit flag : the first bit is reserved (reserved means it is not used now, but it may be used in the future if it has not been decided yet). The second bit is 1, which means that fragmentation is prohibited. At this time, if the packet length exceeds the MTU, the IP module The message will be discarded. The third bit means "more fragments". If it is fragmented, the last fragment is set to 1, and the others are 0. It is similar to an end mark.
The first bit indicates a reserved bit.
The second bit indicates that fragmentation is prohibited.
The third bit indicates whether the fragmentation is over.
1: Indicates that there are fragments behind
0: Indicates that there are no fragments behind
13-bit slice offset : When the fragmented data is reassembled at the opposite end, it is used to confirm the position of the fragment in the original message. Because the maximum size that can be identified by 13 bits is 8192, and the datagram length is 65535, which is 16 bits. So if you want to use 13 to identify 16 bits, set the slice offset unit to 8 bytes, so that is to say, for example, the current slice offset bit is 1000, which means that it is at 1000*8 = 8000 in the original data . It is equivalent to the offset in the original data.
8-bit survival time : the longest life cycle of the message (also represents the number of routers that can be transferred), which will be reduced by one each time it passes through a router, and if it is 0, it will be discarded directly. It is mainly used to prevent routing loop problems (multiple routes are connected to each other to form a forwarding loop, and data is continuously forwarded in the loop).
The maximum number of hops for a datagram to reach its destination. Generally, it is 64. Every time it passes through a route, TTL-= 1, until it reaches 0, it will be discarded .
8-bit protocol : Record the protocol used by the transport layer. When used for data sharing, select the upper layer analysis protocol.
16-bit checksum : use CRC to verify whether the header is damaged.
32-bit source IP address/destination IP address : indicates the IP address of the sender/receiver, and is used to identify the two hosts for communication.
0-40 byte options : mainly negotiate and describe some information, such as security level, source path, path record, and timestamp. Because the IP header size is up to 60 bytes, and 20 bytes are required in front, the size of the option can be 0-40 bytes.
Padding bits : Ensure that the size of the IP header is an integer multiple of 4 bytes, if it is not enough, it will be filled.
8-bit service type diagram:
3-bit flag bitmap :
Question:
Explanation:
1. Recall the premise: MTU
MTU is the regulation of the data link layer on the size of the data arriving at the data link layer. When the data link layer sends data, it strictly follows the MTU. The size of the data sent by the data link layer must not exceed the MTU.
The data link layer will require the network layer ip protocol to submit data to the data link layer. The size of the data cannot exceed the MTU.
2. If the data transmitted by the IP protocol is larger than the data link layer for Data limit (MTU), the IP protocol needs to transmit data in fragments. Segment datagrams larger than the MTU to meet the requirements of the MTU.
The maximum data that can be identified by the 16-bit total length is 65536Byte. If the data submitted by the transport layer to the network layer ip protocol exceeds 65536Byte, how to deal with it?
The ip protocol at the network layer performs fragment transmission.
1. Each piece of data is an independent ip datagram
2. After these ip datagrams are transmitted to the peer, the peer assembles the 16-bit identifier, 3-bit flag, and 13-bit fragment offset of the IP protocol number header The same datagram
TCP needs to be fragmented by the ip protocol?
Fragmentation is not required, because when the TCP protocol transmits data, it is transmitted strictly according to the MSS, and the MSS must be smaller than the MTU, and the MTU of the general network card is 1500 characters In other words, TCP will not exceed 1500 bytes each time it transmits data. Therefore, the MSS is much smaller than 65536 bytes, so the ip protocol will not be triggered for fragment transmission.
Does UDP need ip protocol for fragmentation?
Fragmentation may be required, because the UDP protocol does not exist similar to MSS. Therefore, the maximum length of UDP data is 65536 bytes, and the size submitted by the network layer to the data link layer must be smaller than the MTU. Therefore, once UDP is submitted After adding the ip protocol header to the data of the network layer ip protocol, when the total length is greater than the MTU size of the current host, fragmentation transmission will be required.
Note: Because the UDP protocol is unreliable, when the ip datagram is forwarded, it has its own routing forwarding path, which may cause loss.
If a fragment is lost, will the fragment be resent or all data will be resent together?
If there is fragmentation, it means that UDP data must be fragmented.
The first one:
Fragment transmission must be UDP data + UDP protocol does not guarantee reliability + ip protocol does not guarantee reliable retransmission: retransmission can only be triggered
from the application layer protocol, and all data will be retransmitted together
(3) Network number and host number
IP address = network number and host number
Network number: ensure that the two network segments connected to each other have different identification
host numbers: in the same network segment, hosts have the same network number, but must have different host numbers and
different subnets In fact, the network is to put the hosts with the same network number together.
If a host is added in the subnet, the network number of the host is the same as that of the subnet, but the host number must not be the same as that of other hosts in the subnet.
By setting the host number and network number reasonably, it can be guaranteed that in the interconnected network, the IP address of each host is different.
(4) Address management
(1) Method of assigning IP addresses
Manual IP management in the subnet solution
There is a technology called DHCP, which can automatically assign IP addresses to new host nodes in the subnet, avoiding the inconvenience of manual IP management.
General routers have a DHCP function. Therefore, a router can also be regarded as a DHCP server.
In the past, a scheme of dividing network numbers and host numbers was proposed, and all IP addresses were divided into five types
: Class A
: Class B:
Class C:
ABCDE:
Class A: 0.0.0.0 to 127.255.255.255
Class B: 128.0.0.0 to 191.255.255.255
Type C: 192.0.0.0 to 223.255.255.255
Type D: 224.0.0.0 to 239.255.255.255
Type E: 240.0.0.0 to 247.255.255.255
(2) CIDR assigns IP addresses
However, this division method has limitations, because there are too many Class A hosts (tens of millions of hosts cannot be used up), and Class C is too small (254 hosts can be used up at once). Therefore, governments, enterprises, schools and other organizations all apply for relatively moderate Class B addresses. However, in actual use, it is impossible for every organization to use up all of them, resulting in a lot of waste of IP addresses.
For example, if a class B address is applied for, more than 65,000 hosts can be allowed in a subnet theoretically. The number of hosts in a class A address subnet is more.
However, in actual network construction, there will not be so many cases in one subnet. Therefore, a large number of IP addresses are wasted.
So in order to solve this situation.
A new division method is proposed: CIDR (Classless Interdomain Routing) .
- Introduce an additional subnet mask (subnet mask) to distinguish the network number and host number.
- The subnet mask is also a 32-bit positive integer. It usually ends with a string of "0".
- Perform the "bitwise AND" operation on the IP address and the subnet mask, and the result is the network number.
- The division of the network number and the host number has nothing to do with whether the IP address is class A, class B or class C.
The current IP addresses are all allocated through CIDR. There is no such thing as Class A, Class B, or Class C IP addresses. The IP address is allocated by the router device to the connected machine. netmask.
Take the following example:
the subnet mask is a continuous binary 1. The subnet mask and the IP address can be combined to get the network number, and the inversion of the subnet mask can get the range of the host number. After the inversion, how many bits are 1, which means the ip address in the current subnet How many bits to use as the host number.
example:
(3) Subnetting
The IP network based on each class can be further divided into smaller networks. Each subnet is defined by a router and assigned a new subnet network address. The subnet address is created by borrowing the host part of the network address based on each class. After the subnet is divided, the subnet is hidden by using a mask so that the network does not change from the outside. This is the subnet mask.
Example:
A company has applied for a class C network address: 192.168.2.0/24. The company has 4 departments and hopes to divide the network into four subnets on average. Please list the network number and subnet mask of each subnet. Code, IP address range, take two bits from 8 bits as the network number, so the subnet mask is, and 192.168.2.00 -> 0 192.168.2.01 -> 64
192.168.2.10
-> 128
192.168.2.11 -> 192
According to the number of hosts required for each subnet is 62, it can be calculated that the subnet mask of each subnet is 26 bits (because 2^6=64, and the actual number of available hosts is 62, so 6 binary bits are required to represent host number).
Subnet 1 :
Network number: 192.168.2.0
Subnet mask: 255.255.255.192
IP address range: 192.168.2.1 - 192.168.2.62
Subnet 2 :
Network number: 192.168.2.64
Subnet mask: 255.255.255.192
IP address range : 192.168.2.65 - 192.168.2.126
Subnet 3:
Network Number: 192.168.2.128
Subnet Mask: 255.255.255.192
IP Address Range: 192.168.2.129 - 192.168.2.190
Subnet 4 :
Network Number: 192.168.2.192
subnet mask Code: 255.255.255.192
IP address range: 192.168.2.193 - 192.168.2.254
In each subnet, the first IP address and the last IP address are the network number and the broadcast address respectively, so the number of available hosts is 62.
(4) Special class IP address
In a network segment, there will be a network number and broadcast number, that is, 192.0.0.0 ~ 192.0.0.255
network number : the ip address whose host number is all 0, is the network number in the network segment
broadcast number : host number The ip address with all 1s is the broadcast number in this network segment
127.0.0.1 : Local loopback network card address (usually used to test the network connectivity of your own machine)
0.0.0.0 : Represents all local network card addresses
(5) Limitation on the number of IP addresses
Because the IP address (IPv4) is a 4-byte 32-bit positive integer. Then there are only 2 to the 32nd power of IP addresses, which is about 4.3 billion. The TCP/IP protocol stipulates that each host needs to have an IP address, which means that only 4.3 billion hosts can access the network?
In fact, due to the existence of some special IP addresses, the number is far less than 4.3 billion; in addition, IP addresses are not configured according to the number of hosts, but Each network card needs to be configured with one or more IP addresses.
CIDR has alleviated the problem of insufficient IP addresses to a certain extent (increased utilization and reduced waste, but the absolute upper limit of IP addresses has not increased), but it is still not enough.
There are three ways to solve it :
1. Dynamic IP address allocation: IP addresses are only allocated to devices connected to the network. Therefore, devices with the same MAC address may not necessarily get the same IP address every time they connect to the Internet.
3. IPv6: IPv6 is not a simple upgraded version of IPv4. These are two irrelevant protocols that are not compatible with each other. IPv6 uses 16 bytes and 128 bits to represent an IP address; but IPv6 is not popular yet.
2, NAT technology (later blog will be introduced separately).
(5) Private IP address and public IP address
If a local area network is established within an organization, the IP address is only used for communication within the local area network, and is not directly connected to the Internet. In theory, any IP address can be used, but RFC 1918 stipulates the private IP address used to establish a local area network.
10.*, the first 8 digits are the network number, a total of 16,777,216 addresses
172.16. to 172.31., the first 12 digits are the network number, a total of 1,048,576 addresses
192.168.*, the first 16 digits are the network number, a total of 65,536 addresses are included in this In the range, all become private IPs, and the rest are called global IPs (or public IPs);
When we check the local IP address through ipconfig, we often see 192.168.0.x. In fact, this is our private ip address. For example, in a certain area, many network segments are divided, and these network segments are our private network ip. This ip address is only used for our internal communication.
To put it simply, under this large network, there may be countless such subnets, which is why the ip addresses we see are almost the same whether we are at home or at school.
This private IP address can only communicate internally. If you want to communicate with the outside world, you need to use NAT technology to convert the private IP address into a public IP address. In other words, all private services under this network need to use a unified public IP address for external communication.
(6) Routing selection
The main role of the IP network layer is to "realize communication between terminal nodes". This communication between terminal nodes is also called "point-to-point communication".
The next layer of the IP network layer - the main function of the data link layer is to transfer packets between nodes interconnected with the same data link. And once multiple data links are crossed, the network layer is needed. The network layer can span different data links, even on different data links, it can realize data packet transmission between nodes at both ends.
First of all, you need to know that a router can be configured with two IP addresses, one is the WAN port IP, and the other is the LAN port IP (subnet IP). 1. Routing selection
is to select the appropriate device for forwarding network data.
WAN
: It is the network port where the current router connects to the superior router.
LAN: It is the network port where the machines in the subnet connect to the router.
The hosts connected to the LAN port of the router belong to the current subnet of the router. It can be seen from the figure that the network cable pulled out from the operator’s computer room (101.1.1.1) is plugged into the WAN port of the home router. On the LAN port of the home router.
In other words, each home router is actually a node in the subnet of the carrier router. Such carrier routers may have many levels, the outermost carrier router, WAN port IP is a public network IP, when the host in the subnet needs to communicate with the external network, the router will use the IP address in the IP header Replacement (replacement with WAN port IP), this step by step replacement, the IP address in the final data packet becomes a public network IP. This technology is called NAT (Network Address Translation, Network Address Translation).
There will be a routing table in the routing device, which records the current routing items and how the router performs network forwarding. As shown in the figure below:
First, use the destination ip in the network data and the subnet mask in the routing item to perform a bitwise AND operation (it should be noted that the destination ip is first operated with the non-gateway routing item, and finally with the gateway routing item to operate).
Next, compare the result of the bitwise AND operation with the Destination of the routing item
. If there is no comparison, it means that the data is not forwarded to the subnet, but will be sent to the superior route through the default gateway.
2 If it is compared, it means that the piece of data is forwarded to a certain host in the subnet
, which implies that the destination host and the source host are in the same subnet.
The routing process is such a process of "asking for directions" hop by hop (Hop by Hop). The so-called "one hop" is an interval in the data link layer. Specifically, in Ethernet, it refers to the frame transmission interval from the source MAC address to the destination MAC address, and the transmission process of IP data packets is the same as asking for directions. When the IP data packet arrives at the router, the router will check the destination IP first.
The router decides whether the packet can be sent directly to the destination host, or whether it needs to be sent to the next router. Repeat in turn until reaching the target IP address.
Why is there subnetting?
Every host in the Internet must belong to a subnet. In order to facilitate the positioning of the host, the elimination efficiency is high, because each route needs to search the corresponding IP address in the routing table to see which subnet it belongs to, and then quickly and directly Or indirect positioning, and the essence of searching is exclusion. With subnets, he can exclude a batch of routers or subnets.