1. Network hierarchy division
In order to enable computers produced by different computer manufacturers to communicate with each other so as to establish a computer network on a larger scale, the International Organization for Standardization (ISO) proposed the "Open System Interconnection Reference Model" in 1978, the famous OSI/RM model ( Open System Interconnection/Reference Model). It divides the communication protocol of the computer network architecture into seven layers , from bottom to top: Physical Layer, Data Link Layer, Network Layer, Transport Layer ), session layer (Session Layer), presentation layer (Presentation Layer), application layer (Application Layer) . Among them, the fourth layer completes the data transmission service, and the upper three layers face users.
In addition to the standard OSI seven-layer model, common network layer divisions include TCP/IP four-layer protocol and TCP/IP five-layer protocol. The corresponding relationship between them is shown in the following figure:
2. OSI seven-layer network model
The TCP/IP protocol is undoubtedly the basic protocol of the Internet. Without it, it is impossible to surf the Internet. Any operation related to the Internet is inseparable from the TCP/IP protocol. Whether it is the OSI seven-layer model or the TCP/IP four-layer and five-layer model, each layer needs its own exclusive protocol to complete its own corresponding work and communicate with the upper and lower layers. Since the OSI seven-layer model is the standard layer division of the network, we will introduce the OSI seven-layer model from bottom to top.
1) Physical Layer (Physical Layer)
Activation, maintenance, and deactivation of mechanical, electrical, functional, and process characteristics between communication endpoints. This layer provides a reliable physical medium for transmitting data to the upper layer protocol. Simply put, the physical layer ensures that raw data can be transmitted on various physical media. The physical layer remembers two important device names, repeater (Repeater, also called amplifier) and hub .
2) Data Link Layer (Data Link Layer)
The data link layer provides services to the network layer on the basis of the services provided by the physical layer, and its most basic service is to reliably transmit data from the network layer to the target network layer of the adjacent node. In order to achieve this goal, the data link must have a series of corresponding functions, mainly including: how to combine data into data blocks, which is called a frame in the data link layer, and a frame is a data link The transmission unit of the layer ; how to control the transmission of frames on the physical channel, including how to deal with transmission errors, how to adjust the transmission rate to match the receiver; and provide the establishment and maintenance of data link paths between two network entities and release management. The data link layer provides reliable transmission over unreliable physical media. The functions of this layer include: physical address addressing, data framing, flow control, data error detection, retransmission, etc.
Important knowledge points about the data link layer:
1> The data link layer provides reliable data transmission for the network layer;
2> The basic data unit is frame;
3> The main protocol: Ethernet protocol;
4> Two important device names: bridge and switch.
3) Network Layer (Network Layer)
The purpose of the network layer is to realize the transparent transmission of data between two end systems , and its specific functions include addressing and routing, connection establishment, maintenance and termination, etc. It provides services so that the transport layer does not need to know the data transmission and switching technology in the network. If you want to remember the network layer in as few words as possible, it's "pathing, routing, and logical addressing".
There are many protocols involved in the network layer, including the most important protocol , which is also the core protocol of TCP/IP - IP protocol . The IP protocol is very simple and only provides unreliable, connectionless transmission services. The main functions of the IP protocol are : connectionless datagram transmission, datagram routing and error control. There are Address Resolution Protocol ARP, Reverse Address Resolution Protocol RARP, Internet Message Protocol ICMP, and Internet Group Management Protocol IGMP that are used together with the IP protocol to realize its functions. We will summarize the specific protocols in the next section. The key points about the network layer are:
1> The network layer is responsible for routing data packets between subnets. In addition, the network layer can also implement functions such as congestion control and Internet interconnection;
2> The basic data unit is IP datagram;
3> The main protocols included:
IP protocol (Internet Protocol, Internet Internet Protocol);
ICMP protocol (Internet Control Message Protocol, Internet Control Message Protocol); ARP (Address Resolution Protocol, Address Resolution Protocol);
RARP (Reverse Address Resolution Protocol, Reverse Address Resolution Protocol).
4> Important equipment: router.
4) Transport Layer (Transport Layer)
The first is end-to-end, that is, the host-to-host level . The transport layer is responsible for segmenting upper layer data and providing end-to-end, reliable or unreliable transmission. In addition, the transport layer also deals with end-to-end error control and flow control issues. The task of the transport layer is to make the best use of network resources according to the characteristics of the communication subnet, provide the functions of establishing, maintaining and canceling the transmission connection between the session layers of the two end systems, and be responsible for end-to-end reliable data transmission. At this layer, the protocol data unit for information transfer is called a segment or message. The network layer only transmits the data packet sent by the source node to the destination node according to the network address, while the transport layer is responsible for reliably transmitting the data to the corresponding port.
Important points about the network layer:
1> The transport layer is responsible for segmenting the upper layer data and providing end-to-end, reliable or unreliable transmission, as well as end-to-end error control and flow control issues; 2> The main protocol included: TCP protocol (Transmission Control
Protocol , transmission
control protocol),
UDP protocol (UserDatagram Protocol, User Datagram Protocol);
3> important equipment: gateway .
5) Session layer
The session layer manages session processes between hosts, that is, it is responsible for establishing, managing, and terminating sessions between processes. The session layer also implements data synchronization by inserting checkpoints in the data.
6) Presentation layer
The presentation layer transforms the upper layer data or information to ensure that the application layer information of one host can be understood by the application program of another host. Data conversion at the presentation layer includes data encryption, compression, and format conversion.
7) Application layer
Provides an interface for operating systems or network applications to access network services.
Session layer, presentation layer and application layer focus :
1> The basic unit of data transmission is the message;
2> The main protocols included :
FTP (File Transfer Protocol), Telnet (Remote Login Protocol), DNS (Domain Name Resolution Protocol), SMTP (Mail Transfer Protocol), POP3 Protocol (Post Office Protocol ), HTTP protocol (Hyper Text Transfer Protocol).
3. IP address
1) Network address
An IP address is composed of a network number (including a subnet number) and a host number. The host number of a network address is all 0, and the network address represents the entire network.
2) broadcast address
The broadcast address is usually called the direct broadcast address to distinguish the restricted broadcast address.
The host number of the broadcast address is exactly the opposite of that of the network address. In the broadcast address, the host number is all 1s. When a message is sent to the broadcast address of a network, all hosts in the network can receive the broadcast message.
3) Multicast address
Class D addresses are multicast addresses.
First recall the addresses of types A, B, C, and D:
A type of address starts with 0, the first byte is used as the network number, and the address range is: 0.0.0.0~127.255.255.255; ( modified @2016.05.31 )
B The class address starts with 10, the first two bytes are used as the network number, and the address range is: 128.0.0.0~191.255.255.255; the
C class address starts with 110, and the first three bytes are used as the network number, and the address range is: 192.0.0.0 ~223.255.255.255.
Class D addresses start with 1110, and the address range is 224.0.0.0~239.255.255.255. Class D addresses are used as multicast addresses (one-to-many communication); Class E addresses start
with 1111, and the address range is 240.0.0.0~255.255.255.255 , Class E addresses are reserved for future use.
Note: Only A, B, and C are divided into network numbers and host numbers, and class D addresses and class E addresses do not have network numbers and host numbers.
4)255.255.255.255
This IP address refers to a restricted broadcast address . The difference between the restricted broadcast address and the general broadcast address (direct broadcast address) is that the restricted broadcast address can only be used in the local network , and the router will not forward the packet with the restricted broadcast address as the destination address;
the general broadcast address can be used in the local Broadcasting can also be broadcast across network segments. For example: after the direct broadcast datagram on the host 192.168.1.1/30, another network segment 192.168.1.5/30 can also receive the datagram; if the restricted broadcast datagram is sent, it cannot be received.
Note: General broadcast addresses (direct broadcast addresses) can pass through some routers (of course not all routers), while restricted broadcast addresses cannot pass through routers.
5)0.0.0.0
It is often used to find its own IP address . For example, in our RARP, BOOTP and DHCP protocols, if a diskless machine with an unknown IP address wants to know its own IP address, it uses 255.255.255.255 as the destination address to send the local The server in the range (specifically, the range shielded by each router) sends an IP request packet.
6) Loopback address
127.0.0.0/8 is used as the loopback address, and the loopback address indicates the address of the local machine. It is often used for testing the local machine, and 127.0.0.1 is the most used .
7) Class A, B, and C private addresses
Private addresses are also called private addresses, they will not be used globally and only have local significance.
Class A private address: 10.0.0.0/8, range: 10.0.0.0~10.255.255.255
Class B private address: 172.16.0.0/12, range: 172.16.0.0~172.31.255.255
Class C private address: 192.168.0.0 /16, the range is: 192.168.0.0~192.168.255.255
4. Subnet mask and network division
With the continuous expansion of Internet applications, the disadvantages of the original IPv4 are gradually exposed, that is, the network number occupies too many places, and the host number is too small, so the host addresses it can provide are becoming more and more scarce. At present, in addition to using NAT In addition to using reserved addresses for self-allocation within the enterprise, a high-level IP address is usually subdivided to form multiple subnets for user groups of different sizes.
The main purpose here is to effectively use the IP address in the case of network segmentation. By taking the high part of the host number as the subnet number, the subnet mask is expanded or compressed from the usual network bit boundaries to create certain types of addresses. more subnets. But when more subnets are created, the number of available host addresses on each subnet is reduced than before.
What is a subnet mask?
The subnet mask is to mark whether two IP addresses belong to the same subnet, and it is also a 32-bit binary address, each of which is 1 means that the bit is a network bit, and 0 means a host bit. It is expressed in dotted decimal notation like an IP address. If two IP addresses have the same result under the bitwise AND calculation of the subnet mask, it means that they belong to the same subnet.
When calculating the subnet mask, we should pay attention to the reserved addresses in the IP address, that is, the "0" address and the broadcast address, which refer to the IP address when the host address or network address is all "0" or "1". Represents the local network address and broadcast address, which generally cannot be counted.
Calculation of subnet mask
For IP addresses that do not need to be divided into subnets, the subnet mask is very simple, that is, it can be written according to its definition: if a class B IP address is 10.12.3.0, there is no need to divide subnets, then the IP address The subnet mask is 255.255.0.0. If it is a class C address, its subnet mask is 255.255.255.0. Other analogies will not be described in detail. The key thing we want to introduce below is an IP address, and its high-order host bits need to be used as the divided subnet network number. The rest is the host number of each subnet. How to mask each subnet at this time calculate.
Here is a summary of common interview questions about subnet masks and network division:
1) Use the number of subnets to calculate
Before finding the subnet mask, you must first figure out the number of subnets to be divided and the number of hosts required in each subnet.
(1) Convert the number of subnets into binary to represent;
if you want to divide the class B IP address 168.195.0.0 into 27 subnets: 27=11011;
(2) Get the number of binary digits, which is N;
the binary is five number of digits, N = 5
(3) Obtain the class subnet mask of the IP address , and set the first N bits of the host address part to 1 to obtain the subnet mask of the subnet of the IP address.
Set the first 5 bits of the host address of the subnet mask 255.255.0.0 of the class B address to 1 to get 255.255.248.0
2) Use the number of hosts to calculate
If you want to divide the class B IP address 168.195.0.0 into several subnets, and there are 700 hosts in each subnet:
(1) Convert the number of hosts into binary representation;
700=1010111100
(2) If the number of hosts is less than or equal to 254 (Note that the two reserved IP addresses are removed), then the binary digit of the host is obtained, which is N, where N<8 must be. If it is greater than 254, then N>8, which means that the host address will occupy more than 8 bits;
the binary number is ten digits, N=10;
(3) Use 255.255.255.255 to use all the host address bits of this type of IP address Set to 1 , and then set all N bits to 0 from the back to the front, which is the subnet mask value.
Set all the host addresses of the subnet mask 255.255.0.0 of the class B address to 1 to obtain 255.255.255.255, and then set the last 10 positions to 0 from the back to the front, which is: 11111111.11111111.11111100.00000000, which is 255.255.252.0. This is the subnet mask of the class B IP address 168.195.0.0 to be divided into 700 hosts.
3) There is another question type that requires you to plan the subnet address and calculate the subnet mask according to the number of hosts in each network. This can also be calculated according to the above principles.
For example, there are 10 hosts in a subnet, then the IP address required for this subnet is:
10+1+1+1=13
Note: the first 1 added refers to the gateway address required for this network connection, and the next two 1s are Refers to network address and broadcast address.
Because 13 is less than 16 (16 is equal to 2 to the 4th power), the host bits are 4 bits. And 256-16=240, so the subnet mask is 255.255.255.240.
If a subnet has 14 hosts, many people often make the mistake of: still assigning a subnet with 16 address spaces, but forgetting to assign an address to the gateway. This is wrong, because 14+1+1+1=17, 17 is greater than 16, so we can only allocate a subnet with space for 32 addresses (32 is equal to 2 to the 5th power). At this time, the subnet mask is: 255.255.255.224.
5. ARP/RARP protocol
Address Resolution Protocol, or ARP (Address Resolution Protocol), is a TCP/IP protocol that obtains a physical address based on an IP address .
When the host sends information, it broadcasts the ARP request containing the target IP address to all hosts on the network, and receives the return message to determine the physical address of the target; after receiving the return message, store the IP address and physical address in the local ARP In the cache and keep it for a certain period of time, the next request will directly query the ARP cache to save resources. The address resolution protocol is based on the mutual trust of each host in the network. The hosts on the network can send ARP reply messages independently. When other hosts receive the reply message, they will not check the authenticity of the message and record it. In this way, the attacker can send a fake ARP response message to a certain host, so that the information sent by it cannot reach the expected host or arrive at the wrong host, which constitutes an ARP spoof. The ARP command can be used to query the correspondence between IP addresses and MAC addresses in the local ARP cache, add or delete static correspondences, etc.
Example of ARP workflow:
The IP address of host A is 192.168.1.1, and the MAC address is 0A-11-22-33-44-01; the
IP address of host B is 192.168.1.2, and the MAC address is 0A-11-22-33-44-02;
When host A wants to communicate with host B, the address resolution protocol can resolve the IP address (192.168.1.2) of host B into the MAC address of host B. The following is the workflow: (1) According to the content of the routing table on host A
, IP determines that the forwarding IP address used to access host B is 192.168.1.2. Host A then checks host B's matching MAC address in its local ARP cache.
(2) If host A does not find the mapping in the ARP cache, it will ask for the hardware address of 192.168.1.2, thus broadcasting the ARP request frame to all hosts on the local network. Both the IP address and the MAC address of source host A are included in the ARP request. Every host on the local network receives the ARP request and checks to see if it matches its own IP address. If the host finds that the requested IP address does not match its own IP address, it will discard the ARP request.
(3) Host B determines that the IP address in the ARP request matches its own IP address, and adds the mapping between host A's IP address and MAC address to the local ARP cache.
(4) Host B sends an ARP reply message containing its MAC address directly back to host A.
(5) When host A receives the ARP reply message from host B, it will update the ARP cache with host B's IP and MAC address mapping. The native cache has a lifetime. After the lifetime is over, the above process will be repeated again. Once the MAC address of host B is determined, host A can send IP traffic to host B.
Reverse Address Resolution Protocol, namely RARP , its function is relative to the ARP protocol, which converts the physical address of a host in the LAN into an IP address, For example, if there is a host in the LAN that only knows the physical address but not the IP address, then it can send a broadcast request for its own IP address through the RARP protocol, and then the RARP server is responsible for answering.
RARP protocol workflow:
(1) Send a local RARP broadcast to the host, in this broadcast packet, declare its own MAC address and request any RARP server that receives this request to assign an IP address; (2) The RARP server on the local network segment
receives After this request, check its RARP list to find the IP address corresponding to the MAC address;
(3) If it exists, the RARP server will send a response packet to the source host and provide this IP address to the other host for use;
(4) If If it does not exist, the RARP server will not respond to it;
(5) The source host will use the obtained IP address to communicate after receiving the response information from the RARP server; if it has not received the response information from the RARP server, it means that the initialization has failed .
6. Routing Protocols
Common routing protocols include: RIP protocol, OSPF protocol.
RIP protocol:
The bottom layer is the Bellman-Ford algorithm. Its metric for routing is the number of hops. The maximum number of hops is 15. If it is greater than 15 hops, it will discard the data packet.
OSPF protocol:
Open Shortest Path First is an open shortest path first. The bottom layer is the Dijkstra algorithm, which is a link state routing protocol. The metrics for selecting routes are bandwidth and delay.
7.TCP/IP protocol
The TCP/IP protocol is the most basic protocol of the Internet and the foundation of the Internet. It consists of the IP protocol at the network layer and the TCP protocol at the transport layer. In layman's terms: TCP is responsible for discovering transmission problems, and sends out a signal whenever there is a problem, requiring retransmission until all data is safely and correctly transmitted to the destination. And IP is to specify an address for every networked device on the Internet.
The IP layer receives data packets from lower layers (network interface layers such as Ethernet device drivers) and sends the data packets to higher layers—the TCP or UDP layer; conversely, the IP layer also sends packets received from the TCP or UDP layer. Incoming packets are passed to lower layers. IP data packets are unreliable because IP does not do anything to confirm whether the data packets are sent in order or whether they have been damaged. IP data packets contain the address (source address) of the host that sent it and the host that received it. address (destination address).
TCP is a connection-oriented communication protocol. A connection is established through a three-way handshake. When the communication is completed, the connection must be removed. Since TCP is connection-oriented, it can only be used for end-to-end communication. What TCP provides is a reliable data stream service, using "positive confirmation with retransmission" technology to achieve transmission reliability. TCP also uses a method called "sliding window" for flow control. The so-called window actually represents the receiving capacity and is used to limit the sending speed of the sender.
TCP packet header format:
The three-way handshake and four-way handshake of the TCP protocol:
Note: seq : "sequance" sequence number; ack : "acknowledge" confirmation number; SYN : "synchronize" request synchronization flag; ACK : "acknowledge" confirmation flag"; FIN : "Finally" end flag.
TCP connection establishment process:
First, the client side sends a connection request message, and the server segment responds with an ACK message after accepting the connection, and allocates resources for this connection.
After receiving the ACK message, the client also sends an ACK message to the server segment, and allocates resources, so that the TCP connection is established.
TCP connection disconnection process:
Assume that the client initiates a disconnection request, that is, sends a FIN message. After the server receives the FIN message, it means " the client has no data to send to you ", but if you still have data that has not been sent, you don't need to close the Socket in a hurry, you can continue to send data. So you send ACK first, " tell the client that I have received your request, but I am not ready yet, please continue to wait for my message ". At this time, the client enters the FIN_WAIT state and continues to wait for the FIN message from the server. When the server determines that the data has been sent, it sends a FIN message to the client, " tell the client, well, I have finished sending the data here, and I am ready to close the connection ." After the client receives the FIN message, " knows that the connection can be closed, but he still doesn't trust the network, and is afraid that the server will not know to close it, so it enters the TIME_WAIT state after sending the ACK. If the server does not receive the ACK, it can restart Pass ." After the server receives the ACK, " you know you can disconnect ." After the client side waits for 2MSL and still does not receive a reply, it proves that the server side has been closed normally. Well, my client side can also close the connection . Ok, the TCP connection is closed like this!
Why the three-way handshake?
In the case of only two "handshakes", suppose the Client wants to establish a connection with the Server, but because the datagram of the connection request in the middle is lost, the Client has to resend it again; at this time, the Server only receives one connection request , so the connection can be established normally. However, sometimes the client resends the request not because the datagram is lost, but because the data transmission process may be blocked at a certain node due to the large amount of network concurrency. In this case, the server will receive two requests successively , and continue to wait for two Client requests to send data to him...
The problem is here, the Client end actually only has one request, but the Server end has 2 responses. In extreme cases, it may be caused by the Client resending the request data multiple times. In the end, more than N responses were established on the server side, which caused a huge waste of resources! Therefore, the "three-way handshake" is necessary!
Why wave four times?
Just imagine, if you are a client now and you want to disconnect all connections with the server, what should you do? In the first step, you stop sending data to the server and wait for the server's reply. But the matter is not over yet. Although you don’t send data to the server yourself, because you have established an equal connection before, he also has the initiative to send data to you at this time; so the server has to stop actively sending you data. data, and wait for your confirmation. In fact, to put it bluntly, it is to ensure the complete execution of a contract between the two parties!
Protocols using TCP: FTP (File Transfer Protocol), Telnet (Remote Login Protocol), SMTP (Simple Mail Transfer Protocol), POP3 (relative to SMTP, used to receive mail), HTTP protocol, etc.
8. UDP protocol
UDP User Datagram Protocol is a connectionless communication protocol . UDP data includes destination port number and source port number information. Since communication does not require connection, broadcast transmission can be realized. UDP communication does not require confirmation by the receiver, which is an unreliable transmission, and packet loss may occur. In practical applications, programmers are required to verify programming.
UDP is at the same layer as TCP, but it does not care about packet order, errors or retransmissions. Therefore, UDP should not be used for connection-oriented services that use virtual circuits. UDP is mainly used for query-response-oriented services, such as NFS. Compared to FTP or Telnet, these services need to exchange a smaller amount of information.
Each UDP message is divided into two parts: UDP header and UDP data area. The header consists of four 16-bit long (2-byte) fields, which respectively describe the source port, destination port, message length and check value of the message. The UDP header consists of 4 fields, each of which occupies 2 bytes, as follows:
(1) Source port number;
(2) Destination port number;
(3) Datagram length;
(4) Check value.
Using the UDP protocol includes:
TFTP (Trivial File Transfer Protocol), SNMP (Simple Network Management Protocol), DNS (Domain Name Resolution Protocol), NFS, BOOTP.
The difference between TCP and UDP:
TCP是面向连接的,可靠的字节流服务;
UDP是面向无连接的,不可靠的数据报服务。
9. DNS protocol
DNS is the abbreviation of Domain Name System (Domain Name System), which is used to name computers and network services organized into domain hierarchies, which can be simply understood as converting URLs into IP addresses.
A domain name is composed of a string of words or abbreviations separated by dots. Each domain name corresponds to a unique IP address. There is a one-to-one correspondence between domain names and IP addresses on the Internet. DNS is the server for domain name resolution. DNS naming is used in TCP/IP networks such as the Internet to look up computers and services by user-friendly names.
10. NAT protocol
NAT Network Address Translation (Network Address Translation) belongs to the technology of accessing the wide area network (WAN). It is a conversion technology for converting private (reserved) addresses into legal IP addresses. It is widely used in various types of Internet access methods and types of networks.
The reason is very simple, NAT not only perfectly solves the problem of insufficient IP addresses, but also can effectively avoid attacks from outside the network, hide and protect computers inside the network.
11. DHCP protocol
DHCP Dynamic Host Configuration Protocol (Dynamic Host Configuration Protocol) is a LAN network protocol, using UDP protocol to work, mainly for two purposes :
to automatically assign IP addresses to internal networks or network service providers, to users or internal network administrators as A means of centrally managing all computers.
12. HTTP protocol
Hypertext Transfer Protocol (HTTP, HyperText Transfer Protocol) is the most widely used network protocol on the Internet. All WWW documents must comply with this standard.
What requests does the HTTP protocol include?
GET: Request to read the information identified by the URL.
POST: Add information (such as comments) to the server.
PUT: Store a document under the given URL.
DELETE: Delete the resource marked by the given URL.
In HTTP, the difference between POST and GET
1) Get is to obtain data from the server, and Post is to transmit data to the server.
2) Get is to add the parameter data queue to the URL pointed to by the Action attribute of the submitted form. The value corresponds to each field in the form and can be seen in the URL.
3) The amount of data transmitted by Get is small and cannot exceed 2KB; the amount of data transmitted by Post is relatively large, which is generally defaulted as unlimited.
4) According to the HTTP specification, GET is used for information acquisition and should be safe and idempotent.
I. The so-called safe means that the operation is used to obtain information rather than modify information. In other words, GET requests should generally not have side effects. That is to say, it only obtains resource information, just like database query, it will not modify or add data, and will not affect the status of resources.
II. Idempotent means that multiple requests to the same URL should return the same result.
More detailed difference reference: https://blog.csdn.net/weixin_37600187/article/details/128190988
13. An example
The whole process after entering www.baidu.com in the browser
Now assume that if we enter http://www.baidu.com in the client (client) browser, and baidu.com is the server to be accessed ( Server), the following is a detailed analysis of a series of protocol-related operations performed by the client in order to access the server:
1) The client browser resolves to the IP address 220.181.27.48 of www.baidu.com through DNS, and finds the client through this IP address path to the server. The client browser initiates an HTTP session to 220.161.27.48, then encapsulates the data packet through TCP, and inputs it to the network layer.
2) In the transport layer of the client, the HTTP session request is divided into message segments, and the source and destination ports are added. For example, the server uses port 80 to monitor the client's request, and the client randomly selects a port such as 5000 by the system to exchange with the server. Return the corresponding request to port 5000 of the client. Then use the IP address of the IP layer to find the destination.
3) The network layer of the client does not need to be related to the application layer or the transport layer. The main thing to do is to determine how to reach the server by looking up the routing table. During this period, it may pass through multiple routers. These are all done by the router, so there is no need to do too much The description is nothing more than determining the path to reach the server by looking up the routing table.
4) The link layer of the client, the packet is sent to the router through the link layer, the MAC address of the given IP address is found through the neighbor agreement, and then the ARP request is sent to find the destination address, and if the response is obtained, the ARP request can be used to reply the exchange The IP packet is now ready for transmission, then send the IP packet to the address of the server.