[Linux] Basics of network programming including detailed explanation of TCP

network structure pattern

C/S structure

   Client-server structure. The server completes the management of data, and the client completes the interaction task with the user. The client is a machine that accesses other people's information on the Internet, and the server is a machine that provides information for people to access.

   The client is connected to the server through the LAN, accepts user requests, and makes requests to the server through the network to operate the database. The server accepts the client's request and submits the data to the client. The client calculates the data and presents the results to the user. The server must also provide complete security protection and data integrity processing and other operations, and allow multiple clients to access the server at the same time, which places high demands on the server's hardware data processing capabilities.

   In the C/S structure, the application program is divided into two parts: the server part and the client part.

   The server part is information and functions shared by multiple users and performs background services, such as controlling database operations.

   The client part is exclusive to the user and is responsible for performing foreground functions, such as error prompts, data calculations, etc.

advantage:

1. Flexible protocol selection
2. The client responds quickly (it can give full play to the processing capabilities of the client PC, and many tasks can be processed on the client before being submitted to the server)
3. The operation interface is beautiful and diverse. Can fully meet customers' own personalized requirements
4. The management information system with C/S structure has strong transaction processing capabilities and can realize complex business processes.
5. Security is high. C/S is generally oriented to a relatively fixed user group. The program pays more attention to processes. It can perform multi-level verification of permissions, provides a safer access mode, and has strong control over information security. Generally It is appropriate for highly confidential information systems to adopt a C/S structure.

shortcoming:

1. The client needs to install special client software. First of all, it involves the workload of installation, and secondly, any computer problem (virus, hardware damage) requires installation or maintenance. When the software is upgraded, each client computer needs to be reinstalled, which causes high maintenance and upgrade costs.
2. There are generally restrictions on the client's operating system and cannot be cross-platform.

B/S structure

    B/S structure (browser, server mode) is a network structure mode after the rise of the web. The WEB browser is the most important application software on the client. This model unifies the client and concentrates the core part of system function implementation on the server, simplifying the development, maintenance and use of the system. Only a browser is installed on the client and a database (MySQL, Oracle) is installed on the server. The browser interacts with the database through the Web Server.

advantage:

The biggest advantages of the B/S architecture are low overall cost of ownership, easy maintenance, strong distribution, and simple development. It can be operated anywhere without installing any special software. The client has zero maintenance and the system is very easy to expand. All you need is a computer with Internet access

shortcoming:

1. The communication overhead is large, and the security of the system and data is difficult to ensure.
2. Personality characteristics are significantly reduced, and specific and personalized functional requirements cannot be achieved.
3. Protocol fixed: http/https
4. The client-server interactive request-response mode usually refreshes the page dynamically and the response speed is significantly reduced.

MAC address

A network card is a piece of computer hardware designed to allow computers to communicate on a computer network. It is also called a network adapter or network interface card NIC. It has a MAC address and belongs to Layer 2 of the OSI model, which allows users to connect to each other via cable or wirelessly. Each network card has a unique 48-bit serial number called a MAC address. The main functions of the network card: 1. Data encapsulation and decapsulation 2. Link management 3. Data encoding and decoding

MAC address, also known as LAN address, Ethernet address, physical address or hardware address, is an address used to confirm the location of network equipment. It is produced and burned into the network card by the network equipment manufacturer. In the OSI model, the third network layer is responsible for IP addresses, and the second data link layer is responsible for MAC addresses. The MAC address is used to uniquely identify a network card in the network. If a device has one or more network cards, each network card needs and will have a unique MAC address.

The MAC address length is 48 bits (6 bytes) and is usually expressed as 12 hexadecimal numbers. For example: 00-16-EA-AE-3C-40 is a MAC address. The first 3 bytes, the hexadecimal number 00-16-EA represents the number of the network hardware manufacturer, which is assigned by IEEE, and the next 3 bytes Byte, the hexadecimal number AE-3C-40 represents the serial number of a certain network product manufactured by the manufacturer. As long as your MAC address is not changed, the MAC address is unique in the world. To put it figuratively, a MAC address is as unique as an ID card number.

IP address

The IP protocol is a protocol designed for computer networks to communicate with each other. In the Internet, it is a set of rules that enable all computer networks connected to the network to communicate with each other. It stipulates the rules that computers should follow when communicating on the Internet.

The IP protocol is actually a set of protocol software composed of software programs. It uniformly converts various "frames" into the "IP datagram" format. This conversion is one of the most important features of the Internet, enabling all kinds of computers to All can be interoperable on the Internet. It is precisely because of the IP protocol that the Internet has rapidly developed into the world's largest and open computer communication network. Therefore, the IP protocol can also be called "Internet Protocol".

An IP address refers to an Internet Protocol address (also known as an Internet Protocol address). The IP address is a unified address format provided by the IP protocol. It assigns a logical address to each network and each host on the Internet to shield the differences in physical addresses .

An IP address is a 32-bit binary number, usually divided into four 8-bit binary numbers. IP addresses are usually expressed in dotted decimal notation.

port

The port is bound to each process, or the server monitors whether a client is connected to it through this port.

Port classification:

1. Well-known ports
      Well-known ports are many well-known port numbers (also known as well-known ports, recognized ports or commonly used ports), ranging from 0-1023 . They are closely bound to some specific services. (Port 80 is allocated to the WWW service, port 21 is allocated to the FTP service, port 23 is allocated to Telnet, etc.)
      Network services can use other port numbers. If it is not the default port number, the port should be specified on the address bar. No. by entering "URL:port number" in the address bar. However, some system protocols use fixed port numbers, which cannot be changed. For example, port 139 is specifically used for communication between NetBIOS and TCP/IP and cannot be changed manually .
2. Registered port
      numbers 1024到49151are loosely bound to some services and assigned to user processes or applications. These processes are mainly applications that the user chooses to install. When these ports are not occupied by server resources, the client can be used to dynamically select source ports. [Ports that can be selected when writing programs]
3. Dynamic Ports/Private Ports
      Dynamic ports range from 49152 to 65535. It is called a dynamic port because it generally does not allocate a certain service fixedly, but dynamically.

network model

OSI seven-layer model

   The seven-layer model is also called the OSI (Open System Interconnection) reference model, which is open system interconnection. The reference model is a standard system for interconnection between computers or communication systems formulated by the International Organization for Standardization (ISO). It is generally called the OSI reference model or seven-layer model. It is a seven-layer, abstract model body that includes not only a series of abstract terms or concepts, but also specific protocols.

Application layer: An interface between network services and end users. This layer provides network services for user applications such as email, file transfer, and terminal emulation.

Presentation layer: data representation, security, and compression. It mainly performs interpretation, encryption and decryption, compression and decompression of received data (that is, converting things that computers can recognize into things that humans can recognize (such as pictures, sounds, etc.). Ensure that the application layer of a system The information sent can be read by the application layer of another system.

Session layer: establishes a data transmission path through the transport layer (port number: transmission port and receiving port). Mainly initiates sessions or accepts session requests between your systems.

Transport layer: Defines some protocols and port numbers for transmitting data. The main purpose is to segment and transmit the data received from the lower layer, and then reassemble it after reaching the destination address. This layer of data is often called a segment.

Network layer: Performs logical addressing to provide connectivity and path selection between two host systems in a network that are located in different geographical locations. The development of the Internet has greatly increased the number of users accessing information from sites around the world, and the network layer is the layer that manages this connection.

Data link layer: establishing logical connections, performing hardware address addressing, error checking and other functions. Defines how formatted data is transmitted in frames and how access to physical media is controlled. The bits are combined into bytes and then into frames, and the media is accessed using the MAC address.

Physical layer: Mainly defines physical equipment standards, such as network cable interface types, optical fiber interface types, transmission rates of various transmission media, etc. Its main function is to transmit bit streams (that is, converting 1 and 0 into current strength for transmission, and then converting into 1 and 0 after reaching the destination, which is what we often call digital-to-analog conversion and analog-to-digital conversion). The data at this level are called bits.

TCP/IP four-layer model

The mainstream protocol suite currently used on the Internet is the TCP/IP protocol suite, which is a layered, multi-protocol communication system. The TCP/IP protocol suite is a four-layer protocol system 自底而上分别是数据链路层、网络层、传输层和应用层. Each layer completes different functions and is completed through several protocols 上层协议使用下层协议提供的服务.

Application layer: The application layer is the first layer of the TCP/IP protocol and directly provides services to the application process. (1) For different types of applications, they will use different protocols of the application layer according to their own needs (mail transfer protocol: SMTP, World Wide Web application: HTTP, remote login service: TELNET). (2) Encrypt, decrypt, and format data (turn things that computers can understand into things that humans can understand) (3) Establish or dissolve connections with other nodes, which can fully save network resources

Transport layer: Defines some protocols and port numbers for transmitting data. 主要是将从下层接收的数据进行分段和传输，到达目的地址后再进行重组. This layer of data is often called a segment.

Network layer: It can establish and terminate network connections and search for IP addresses.

Data link layer: Due to the merger of the physical layer and the data link layer, the data link layer is not only the physical medium for transmitting data, but also provides an accurate route for the network layer.

communication process

The process of communication between two computers through TCP/IP protocol:

The above figure shows the situation when two computers are in the same network segment, if the two computers are in different network segments. Then the data must pass through one or more routers when transmitting from one computer to another.

    The link layer has standards such as Ethernet and Token Ring. The link layer is responsible for the driver of the network card device, frame synchronization (that is, what signal is detected from the network line is counted as the beginning of a new frame), and conflict detection (if a conflict is detected, Automatic retransmission), data error checking, etc. A switch is a network device that works at the link layer and can forward data frames between different link layer networks. Since the frame formats of different link layers are different, the switch must remove the link layer header of the incoming data packet and re-encapsulate it. Repost it later.

    The IP protocol at the network layer is the foundation of the Internet. Hosts on the Internet are identified by IP addresses. There are a large number of routers on the Internet that are responsible for selecting appropriate paths to forward data packets based on IP addresses. Data packets often need to pass through more than ten routers from the source host to the destination host on the Internet. A router is a network device that works on the third layer. It also has the function of a switch and can forward data packets between different link layer interfaces. Therefore, the router needs to separate the incoming data packets from the network layer and the data link layer. layer header and repackage. The IP protocol does not guarantee the possibility of transmission, data packets may be lost during transmission, and reliability is supported in the upper layer protocol or application.

    The network layer is responsible for point-to-point transmission (host or router), and the transport layer is responsible for end-to-end transmission (source host and destination host). The transport layer can choose TCP or UDP protocol.

    TCP is a connection-oriented, reliable protocol, a bit like making a phone call. After the two parties pick up the phone and exchange identities, a connection is established, and then they just speak. Make sure that the other party can hear what you say, and listen in the order they are spoken. When you're done, hang up and disconnect. That is to say, both parties of TCP transmission need to establish a connection first, and then the TCP protocol ensures the reliability of data transmission and reception. Lost datagrams are automatically retransmitted. The upper-layer application always receives a reliable data stream, and the connection is closed after communication.

    UDP is a connectionless transmission protocol and does not guarantee reliability. It is a bit like sending a letter. Once the letter is written and placed in the mailbox, there is no guarantee that the letter will not be lost during the mailing process, nor can it guarantee the order in which the letter is sent. Applications that use the UDP protocol require the host to complete packet loss retransmission, message queuing, etc.

    IP addresses are addresses that identify different hosts on the network, and port numbers are the addresses that identify different processes on the same host. The IP address and port number together identify a unique process on the network.

Although IP, ARP, and RARP datagrams all require Ethernet drivers to encapsulate frames, functionally speaking, ARP and RARP belong to the link layer, and IP belongs to the network layer. Although TCP, UDP, ICMP, and IGMP data all require IP protocols to encapsulate datagrams, from a functional perspective, ICMP and IGMP belong to the network layer together with IP, and TCP and UDP belong to the transport layer.

Packet encapsulation

Different protocol layers have different names for data packets. 在传输层叫做段，在网络层叫做数据报，在链路层叫做帧. The data is encapsulated into frames and sent to the transmission medium. After reaching the destination host, each layer of the protocol strips off the corresponding header, and finally the application layer data is handed over to the program application.

protocol

Network protocol, referred to as protocol, is a set of agreements that must be followed by both communicating computers. Including how to establish connections, how to identify each other, etc. As long as this agreement is followed, computers can communicate with each other.

Three elements: syntax, semantics, and timing

In order for data to reach the destination from the source on the network, the participants in the network communication must follow the same rules. This set of rules is called a protocol, which is ultimately reflected in the format of the data packets transmitted on the network.

Protocols are often divided into several layers for definition. The layered definition is to prevent changes in a certain layer of protocols from affecting other layers of protocols.

Common protocols:

Application layer: FTP (File Transfer Protocol), HTTP (Hypertext Transfer Protocol), NFS (Network File System)

Transport layer: TCP (Transmission Control Protocol), UDP (User Datagram Protocol)

Network layer: IP (Internet Internet Protocol), ICMP (Internet Control Protocol), IGMP (Internet Group Management Protocol)

Network interface layer: ARP (Address Resolution Protocol), RARP (Reverse Address Resolution Protocol)

Ethernet protocol

The destination address and source address refer to the hardware address (MAC address) of the network card, which is 48 bits in length and is solidified at the factory. You can view it through the ifconfig command. The type (that is, which protocol is in the data) has three values, corresponding to IP, ARP, and RARP. The end of the frame is the CRC check code.

类型：0x800表示IP、Ox806表示ARP、0x835表示 RARP

ARP protocol

    During network communication, the application program of the source host knows the IP address and port number of the destination host (notified in advance and included in the program), but does not know the hardware address of the destination host, and the data packet is first received by the network card and then sent Process the upper layer protocol. If the hardware address of the received data packet does not match the local machine, it will be discarded directly. Therefore, the hardware address of the destination host must be obtained before communication. The ARP protocol plays this role (that is, finding the mac address through the ip address).

    Each host maintains an ARP cache table in the kernel. The source host first searches the host's ARP table for the hardware address of the destination host. If found, it sends the data packet to the corresponding destination host. If not, then 源主机将会用一个以太网协议封装好的ARP协议通过数据链路层广播一个ARP请求到本地网段(the destination Ethernet (hardware) address of the APP protocol is filled in with 00:00:00:00:00:00, and the hardware address at the head of the Ethernet frame is filled with FF:FF:FF:FF:FF:FF to indicate broadcast ). When the destination host receives the broadcast ARP request and finds that the IP address matches its own, it sends an ARP response packet to the source host, updates its ARP cache table, and fills in its own hardware address in the response packet.

Request ARP is ip type, Ethernet is ARP type; reply ip, ARP

    Each host maintains an ARP cache table, which can be viewed with the arp -a command. The expiration time of entries in the cache table is generally 20 minutes.

When broadcasting: destination Ethernet address FF:FF:FF:FF:FF:FF

IP datagram format

4-digit version number: IPv4 or IPv6

4-bit header length (unit is 4 bytes): There are 4 bytes in one line, assuming that options are not included, there are 5 lines. Then one row (actually the entire protocol is one row, but it is divided into so many rows to form a table for the convenience of typesetting) is 20 bytes, and the length of the header is only 4 bits, and 2 to the 4th power can represent up to 15, there is no way to represent 20 bytes. Therefore, the unit of each bit of the header length is set to 4 bytes. In this way, the 4-bit header length can represent up to 60 bytes, so in addition to the required 20 bytes, the options are up to 40 bytes.

8-bit service type: generally not used, the value is 0

Total length: the total length of the header plus data, in bytes

TTL: A survival time set by the source host for the datagram. It is decremented by 1 every time it passes through a router. If it is reduced to 0, it means that the route is too long and the destination host's network cannot be found, so the packet is discarded. Therefore, this survival time Time is a hop.

8-bit protocol: The protocol field indicates that the upper layer protocol is TCP, UDP, ICMP, or IGMP.

Checksum: Only the IP header is checked, and the verification of data is handled by higher-layer protocols.

UDP protocol format

Source port number: Sender port number

Destination port number: receiver port number

Length: The length of the UDP user datagram, the minimum is 8 (including header only)

Checksum: Check whether there are any errors in the UDP user datagram during transmission, and discard it if there are errors.

TCP protocol format

1. Source port number: sender port number

2. Destination port number: receiver port number

3. Sequence number: The sequence number of the first byte of the data in this segment

4. Confirmation sequence number: The sequence number of the first data byte expected to be received in the next message segment from the other party

5. Header length (data offset): How far is the start of the data in the TCP segment from the start of the TCP segment, that is, the header length. Unit: 32 bits

6. Reserved: occupies 6 bits and is reserved for future use. It should be set to 0 currently.

7. Emergency URG: This bit is 1, indicating that the emergency pointer field is valid. It tells the system that there is urgent data in this segment and should be transmitted as soon as possible.

8. Confirm ACK: The confirmation number field is valid only when ACK=1. TCP stipulates that all messages transmitted after the connection is established must set ACK to 1

9. Push PSH: When two application processes communicate interactively, sometimes the application process at one end hopes to receive a response from the other party immediately after typing a command. In this case, TCP can use push operation. The sender TCP sets PSH to 1 and immediately creates a message segment to send. The receiver receives the message segment with PSH=1 and delivers it to the receiving application process as soon as possible. , instead of waiting until the entire buffer is filled before delivering upwards

10.Reset PST: used to reset the corresponding TCP connection

11. Synchronous SYN: only valid when the three-way handshake establishes a TCP connection. When SYN=1 and ACK=0, it indicates that this is a connection request segment. If the other party agrees to establish a connection, it should use SYN=1 and ACK=1 in the corresponding segment. SYN is set to 1 to indicate that this is a connection request or connection acceptance message.

encapsulation

Before the application data is sent to the physical network, it will be passed from top to bottom along the protocol stack. Each layer of the protocol will add its own header information (including the tail CRC of the Ethernet frame) based on the upper layer data. To realize the function of this layer, this process is called encapsulation

Divide

When the frame reaches the destination host, it will be passed along the protocol stack from bottom to top. Each layer of the protocol sequentially processes the header data responsible for this layer in the frame to obtain the required information, and finally hands the processed frame to the target application. This process is called decommissioning. Separation is achieved by relying on the type field in the header information.

TCP detailed explanation

TCP and UDP

TCP and UDP are both transport layer protocols.

UDP: User Datagram Protocol, connectionless oriented, capable of unicast, multicast, broadcast, datagram oriented, unreliable delivery

TCP: Transmission Control Protocol, connection-oriented, reliable, byte stream-based, only supports unicast transmission

TCP communication process

Service-Terminal:

1. Create a socket for listening

    -Listening: Listening for client connections

    -Socket: This socket is actually a file descriptor

2. Bind this listening file descriptor to the local IP and port (the IP and port are the address information of the server)

    -The client uses this IP and port when connecting to the server

3. Set up monitoring, and the monitoring fd starts to work.

4. Set blocking. When a client initiates a connection, unblock it. Accept the client's connection and get a socket (fd) for communicating with the client.

5.Communication

    -Accept data

    -send data

6. Communication ends, disconnect

Client:

1. Create a socket (fd) for communication

2. To connect to the server, you need to specify the IP and port of the connected server.

3. The connection is successful and the client can communicate directly with the server.

     -Receive data

    -send data

4. Communication ends, disconnect

TCP three-way handshake

TCP is a connection-oriented unicast protocol. Before sending data, both communicating parties must establish a connection with each other. The so-called "connection" is actually a piece of information about each other (IP address, port number) maintained in the memory of the client and server.

TCP can be viewed as a byte stream that handles packet loss, duplication, and errors at the IP layer or below. During the establishment process of the connection, both parties need to exchange some connection parameters. These parameters can be placed in the TCP header

TCP provides a reliable, connection-oriented, byte stream, transport layer service that uses a three-way handshake to establish a connection and a four-way wave to close a connection.

First handshake:
    1. The client sets the SYN flag position to 1.
    2. Generates a random 32-bit sequence number seq=J. This serial number can carry data (data size) after it. The second
handshake:
    1. Server side Receive the client's connection: ACK=1
    2. The server will send back a confirmation sequence number: ack = client's sequence number + data length (in the above figure, it is assumed that the transmission data is 0, only SYN occupies one byte) + SYN/FIN (press a Bytes count)
    3. The server will initiate a connection request to the client: SYN=1
    4. The server will generate a random sequence number: seq =K
The third handshake:
    1. The client responds to the server's connection request: ACK=1
    2 .The client replies that it has received the data from the server: ack = server’s serial number + data length + SYN/FIN (calculated as one byte)

seq is the sequence number, and ack is the confirmation sequence number. The sequence number seq is only useful when SYN=1. In the same way, the confirmation sequence number ack is only useful when ACK=1.

Why is there a 3-way handshake?

Only through three handshakes can it be determined that the client's sending data and data functions are normal. The server side receives and sends data normally. The two-way handshake obviously cannot be proved. For example, if the client sends a SYN connection request and the server responds with an ACK message and sends it, it can only prove that the client sends data normally, and the ability to receive data cannot be determined. It can also be achieved with 4 handshakes, but it can be done in 3 times, so there is no need to spend one more time. And during the three-way handshake, the two parties negotiated some information, such as the initial value of the sequence number sent by both parties and the maximum segment size.

TCP sliding window

Sliding window is a flow control technique. In early network communications, both communicating parties directly sent data without considering network congestion. Since everyone is unaware of the network congestion and sends data at the same time, the intermediate nodes are blocked and packets are lost, and no one can send data, so a sliding window mechanism is developed to solve this problem. The sliding window protocol is a technique used to improve throughput by allowing the sender to transmit additional packets before receiving any responses. The receiver tells the sender how many packets (window size) it can send at a certain time.

In another situation, when the sending end sends faster and the receiving end processes the data slower after receiving the data, and the size of the receiving buffer is fixed (generally using a circular queue), data will be lost. The TCP protocol solves a problem through the "sliding window" mechanism.

Look at the communication process above:

1. The sender (client) initiates the connection and declares that the maximum size is 1460. The initial sequence number is 0 and the window size is 4K, which means "My receive buffer still has 4K bytes of free area. The data you send should not exceed 4K". The receiving end responds to the connection request, stating that the maximum segment size is 1024, the initial sequence number is 8000, and the window size is 6K. The sender responds and the three-way handshake ends.

2. The sender sends segments 4-9, each segment contains 1K of data. The sender knows that the receiver's buffer is full based on the window size, so it stops sending data. (6*1024=6K)

3. The application at the receiving end has processed 2K data, the receiving buffer has 2K free, the receiving and sending segment is 10, and then responds that it has received 6K data and declares the window size to be 2K, and includes the sequence number of the next transmission.

4. The application at the receiving end has processed 2K data, the receive buffer has 4K free, and segment 11 has been received. Redeclare the window size to 4K.

5. The sender sends segments 12-13, each segment carries 1K data, and segment 13 also contains the FIN bit (FIN means disconnection)

6. The receiving end responds by receiving 2K data (6145-8192), plus the FIN bit occupies a sequence number 8193, so the sending end is informed that the next transmission will start from sequence number 8194, the connection is in a semi-closed state, and the receiving segment also declares that the window size is 2K

7. The application on the receiving end processed 2K data, and the receiving end re-declared the window size to 4K

8. The application on the receiving end processed 2K data, and the receiving end re-declared the window size to 6K

9. After the application on the receiving end processes all the data, it decides to close the connection and sends segment 17, which contains the FIN bit. The sending end responds and the connection is completely closed.
   As the application removes the data, the dotted box continues to slide to the right, so it is called a sliding window.

We can also analyze a phenomenon:
    the data seen by the application is a whole or a stream. In the underlying communication, the data may be split into data packets and sent, but how many bytes are in a data packet is very important to the application. It is invisible, so the TCP protocol is a byte stream-oriented protocol, while UDP is a message-oriented protocol. Each UDP segment is a message. The application must extract data in message units and cannot extract any byte at a time. Data, this is very different from TCP

TCP waves four times

Since TCP is half-duplex, each direction must be closed independently. The principle is that when one party completes its data sending task, it can send a FIN to terminate the connection in this direction. Receiving a FIN only means that there is no data flow in this direction. A TCP connection can still send data after receiving a FIN. The party that performs the shutdown first will perform an active shutdown, while the other party performs a passive shutdown. (Sending data is different from sending request responses. One is defined in the TCP header (FIN, ACK, SYN), and the other belongs to the data part)

1. The client sends the FIN bit to indicate a request to close the connection

2. The server responds to the client's request to close the connection

3. After the server has processed the data in the buffer (and made a corresponding response), it sends a FIN to the client to close the connection.

4. The client responds to the server's request to close the connection

The process of establishing a connection is a three-way handshake, and closing the connection usually requires four waves. The server's response and the connection closing request are usually not combined in one segment because there is a semi-closed state. Furthermore, A calls close() after sending the required data. There is still data in B's buffer that has not been processed, and it still needs to respond to the data sent by A, so B's write end cannot be closed temporarily) . In this case, the client can no longer send data to the server after closing the connection, but the server can still send data to the client until the server also closes the connection.

TCP conversion

Red line: client Green line (dashed line): server side (two lines are analyzed simultaneously)

CLOSED: Identity is in initial state

LISTEN: This status indicates that a SOCKET on the server side is in the listening state and can accept connections.

SYN_SENT: This state echoes STN_RCVD. When the client SOCKET performs a connection, it first sends a SYN message, then enters the SYN_SENT state, and waits for the server to send the second message in the three-way handshake. The SYN_SENT status indicates that the client has sent a SYN request

SYN_RCVD: This state indicates the receipt of a SYN message. Under normal circumstances, this state is an intermediate state during the three-way handshake session of the server-side SOCKET when establishing a TCP connection. It is very short-lived. In this state, after receiving the ACK message from the client, it will enter the ESTABLSHED state (both the client and the server enter the ESTABLSHED state after receiving the ACK)

ESTABLSHED: Indicates that the connection has been established

FIN_WAIT_1: Indicates that when in the ESTABLSHED state, the party that wants to actively close the connection sends a FIN message to the other party. At this time, the socket enters the FIN_WAIT_1 state (usually very quickly)

FIN_WAIT_2: The party that actively closes will enter this state after sending FIN and receiving ACK. It is called a semi-connected or semi-closed state. The socket in this state can only receive data and cannot send it.

TIME_WAIT: The party that actively closed received the other party's FIN message and sent an ACK message. It can return to the CLOSED available state after 2MSL.为什么要设置2MSL? 确保最后一次发送的ACK对方能够接收到。如果丢失，则重新发送ACK

2MSL (Maximum Segment Lifetime)
Party B who actively disconnects will eventually enter a TIME_WAIT state, which will last: 2msl

• msl: Official recommendation: two minutes, actually 30s, 2msl is 60s

When the active closing party of the TCP connection receives the FIN and final ACK sent by the passive closing party, the active closing party of the connection must be in the TIME_WAIT state for 2MSL.

This allows the active closing party of the TCP connection to resend the final ACK if the ACK it sends is lost (because after the passive closing party sends a FIN but does not receive the ACK sent by the active closing party, the passive closing party will Retransmit FIN so that the active closing party sends ACK again).
The final ACK resent by the active closing party 并不是因为被动关闭方重传了ACK(they do not consume sequence numbers, and the passive closing party will not retransmit it) 而是因为被动关闭方重传了它的FIN. In fact, the passive closing party always retransmits the FIN until it receives a final ACK.

CLOSING: This state is special and rare. Under normal circumstances, when you send a FIN message, you should receive the other party's ACK message first, and then receive the other party's FIN message. But the CLOSING status means that after you sent the FIN message, you did not receive the other party's ACK message, but instead received the other party's FIN message. (If both parties close at almost the same time, then both parties will send FIN at the same time, and they will enter the CLOSING state)

CLOSE_WAIT: This state indicates waiting to close. When the other party closes a SOCKET and sends a FIN message to itself, the system will respond with an ACK message to the other party and enter the CLOSE_WAIT state. Next, check whether there is still data that needs to be sent to the other party. If not, you can close the SOCKET and send a FIN message to the other party, that is, close the connection. Therefore, in the CLOSE_WAIT state, the connection needs to be closed.

LAST_ACK: In this state, the passively closed party waits for the other party's ACK message after sending the FIN message. After receiving the ACK message, you can enter the CLOSED available state.

Question: Why are the ACK and FIN on the server side not sent at the same time in the four waves, but sent separately?
Answer: Because only the client wants to disconnect, maybe the server doesn't want to disconnect at this time, and there may be some data that needs to be sent to the client. So it needs to be sent separately

Question: What will happen if the passive closing party still does not receive ACK after 2msl (that is, the fourth wave is lost)?
Answer: When the active party receives the FIN message resent from the passive party, 2msl will be reset. The number of times the server (passive closing party) resends FIN messages is controlled by the tcp_orphan_retries parameter. After the number of retransmissions exceeds tcp_orphan_retries, it will no longer send FIN messages and enter the close state directly.

Question: What will happen if the three-way handshake and the four-way wave are lost respectively?
Answer: What will happen if the TCP three-way handshake and four-way wave fail?

Question: Why does the first wave of the four waves have ACK?
Answer: When sending a FIN, you also need to bring an ACK. This ACK is to confirm the previous data sent by the passive closing party. ACK ： TCP协议规定，只有ACK=1时表示对方数据发送有效，也规定连接建立后所有发送的报文的ACK必须为1. You can refer to this article: The ACK mechanism you still don’t know about the four waves

half closed

When A sends a FIN request to B in the TCP link and the other end B responds with ACK (A enters the FIN_WAIT_2 state), the FIN is not sent to A immediately. Party A is in a semi-connected state (half-switch), and A can receive at this time B sent data, but A can no longer send data to B.

From a program perspective, you can use the API to control the semi-connected state:

#include <sys/socket.h>
int shutdown(int sockfd,int how);
socket:需要关闭的socket的描述符
how:   
     SHUT_ED(0):  关闭sockfd上的读功能，此选项将不允许sockfd进行读操作
     该套接字不再接受数据，任何当前在套接字接受缓冲区的数据将被无声的丢弃掉
     SHUT_WR(1):  关闭sockfd上的写功能，此选项将不允许socked进行写操作。
                  进程不能对此套接字发出写操作。
     SHUT_RDWR(2)：关闭sockfd的读写功能

Port reuse

The most common uses of port reuse:

• Prevent previously bound ports from being released when the server is restarted
• The program suddenly exits without the system releasing the port

Commonly used commands to view network-related information:
netstat
    parameters:
        -a all sockets
        -p displays the name of the program using the socket
        -n uses the IP address directly without going through the domain name server

Use close to terminate a connection, but it only reduces the descriptor's reference count and does not directly close the connection. The connection is closed only when the descriptor's reference count reaches 0. shutdown does not consider the reference count of the descriptor and directly closes the descriptor. You can also choose to abort the connection in one direction, abort only reading or only abort writing.

1. If there are multiple processes sharing a socket, each time close is called, the count will be decremented by 1 until the count reaches 0, that is, all processes used have called close, and the socket will be released.
2. In multi-process, if one process calls shutdown(sockfd,SHUT_RDWR), other processes will not be able to communicate, but if one process calls close(sockfd), it will not affect other processes.

Do a test:
1. First start the server, and then check the network related information. The running results are as follows:

The protocol is tcp, the ip address is 0.0.0.0, the port number is 9999, the status is LSTEN, and server is the name of the application

2. Then continue to start the client.

The first one is the socket specially used for monitoring. The following two shows are the connections established between the server and the client. Because two sockets are required to establish a link, there are two.

3. Then I use Ctrl+C to terminate the server.

At this time, you can see that because the server has been closed, even the name is no longer displayed, but because the client has not actively initiated shutdown, the status of the server is FIN_WAIT2. The client is in a state of waiting to be closed.

Next, wait for a period of time without performing any operations. You will find that the server information is gone.

4. Start the server again. (In the teacher’s video, bind reported an error. This is to prove that the port 127.0.0.1:9999 is still in FIN_WAIT2 at this time. This port has not been released yet, thus causing inconvenience and error reporting, which leads to port reuse) I am using ubuntu20.04. When the server is started again, as shown below, it allocates a port on 0.0.0.0, so No error was reported

. 4. At this time, I first closed the server and then the client. According to the teacher, it should be like the picture below ( 6666应该是9999，这里用下别人的图)

At this time, we have to wait for the TIME_WAIT time to pass, which is 1 minute, and then the port is released. It can be used again. If you start the server immediately, an error will occur.

Port multiplexing function

#include<sys/types.h>

#include<sys/socket.h>
//设置套接字的属性（不仅仅能设置端口复用）
int setsockopt(int sockfd, int level, int optname, const void *optval, socklen_t optlen);
参数：
	-sockfd：要操作的文件描述符
	-level：级别 - SOL_SOCKET（端口复用的级别）
	-optname：选项的名称
		-SO_REUSEADDR
		-SO_REUSEPORT
	- optval：端口复用的值（整形）
		- 1：要复用端口
		- 0：不要复用端口
	- optlen：optval参数的大小

端口复用，设置的时机是在服务器绑定端口之前。
setsockopt();
bind();