【计算机网络笔记十】计算机网络面试问题总结

1. 计算机网络的各层协议及作用？

计算机网络体系可以大致分为一下三种，OSI 七层模型、TCP/IP 四层模型和五层模型。

• OSI 七层模型：大而全，但是比较复杂、而且是先有了理论模型，没有实际应用。
• TCP/IP 四层模型：是由实际应用发展总结出来的，从实质上讲，TCP/IP 只有最上面三层，最下面一层没有什么具体内容，TCP/IP 参考模型没有真正描述这一层的实现。
• TCP/IP 五层模型：五层模型只出现在计算机网络教学过程中，这是对七层模型和四层模型的一个折中，既简洁又能将概念阐述清楚。

七层网络体系结构各层的主要功能：

• 应用层：为应用程序提供交互服务。在互联网中的应用层协议很多，如域名系统DNS，支持万维网应用的HTTP协议，支持电子邮件的SMTP协议等。

• 表示层：主要负责数据格式的转换，如加密解密、转换翻译、压缩解压缩等。

• 会话层：负责在网络中的两个节点之间建立、维持和终止通信，如服务器验证用户登录便是由会话层完成的。

• 运输层：有时也译为传输层，向主机进程提供通用的数据传输服务。该层主要有以下两种协议：

  • TCP：提供面向连接的、可靠的数据传输服务；
  • UDP : Provides connectionless, best-effort data transmission service, but does not guarantee the reliability of data transmission .

• Network layer : Select appropriate routing and switching nodes to ensure timely transmission of data . Mainly includes IP protocol.

• Data Link Layer : The data link layer is often referred to simply as the link layer . Assemble the IP data packets passed down from the network layer into frames and transmit the frames on the links of adjacent nodes.

• Physical layer : realizes the transparent transmission of bit streams between adjacent nodes , and shields the differences in transmission media and communication means as much as possible.

2. What is the difference between TCP and UDP?

The comparison is as follows:

	UDP	TCP
Connect or not	no connection	connection oriented
Is it reliable?	Unreliable transmission, no use of flow control and congestion control	Reliable transport, using flow control and congestion control
Is it in order?	disorder	In order, messages may be out of order during transmission and TCP will reorder them.
transfer speed	quick	slow
Number of connection objects	Support one-to-one, one-to-many, many-to-one and many-to-many interactive communication	Can only be one-to-one point-to-point communication
transfer method	Message-oriented	byte stream oriented
Initial overhead	The header overhead is small, only 8 bytes	The minimum header length is 20 bytes and the maximum length is 60 bytes.
Applicable scene	Suitable for real-time applications (IP telephony, video conferencing, live broadcast, etc.)	Suitable for applications requiring reliable transmission, such as file transfer

Summarize:

• TCP is used when reliable transmission is necessary at the transport layer, and UDP is used for communications that have high requirements for high-speed transmission and real-time performance . TCP and UDP should be used as needed based on the application purpose.

3. What are the application scenarios corresponding to UDP and TCP?

TCP is connection-oriented and can ensure reliable delivery of data , so it is often used for:

• FTP file transfer
• HTTP / HTTPS

UDP is connectionless , it can send data at any time , and the processing of UDP itself is simple and efficient, so it is often used for:

• Communication with a small total number of packets, such as DNS, SNMP, etc.
• Multimedia real-time communication such as video and audio
• Broadcast communications

4. Please introduce the three-way handshake mechanism of TCP in detail?

• First handshake: The client sends SYN = 1 seq = x to the server to request to establish a connection. SYN = 1 indicates that this is a TCP connection request message, seq = x indicates that the client process uses sequence number x as the initial sequence number . The client enters the SYN_SENT state and waits for confirmation from the server
• Second handshake: The server sends SYN = 1 ACK = 1 ack = x + 1 seq = y to the client. SYN = 1 ACK = 1 indicates that the current message is a confirmation message for the client request. The confirmation number is ack = x + 1. At the same time, seq = y is selected as the initial sequence number . At this time, the server enters the SYN_RECV state.
• The third handshake: the client sends ACK = 1 ack = y + 1 seq = x + 1 to the server. ACK = 1 indicates that the current message is a confirmation message for the server request . The confirmation number is ack = y + 1 and the sequence number is seq = x + 1. The client and server enter the ESTABLISHED state and complete the three-way handshake.

Ideally, once a TCP connection is established, the TCP connection will be maintained until either party actively closes the connection.

5. Why is a three-way handshake required instead of two?

TCP is a reliable transmission control protocol, and the three-way handshake is the minimum number of times to ensure reliable data transmission and improve transmission efficiency.

There are three main reasons:

1. A three-way handshake allows both parties to confirm that their own and the other party's sending and receiving capabilities are normal.

   The first handshake: the client only sends the request segment and cannot confirm anything, but the server can confirm that its own receiving ability and the other party's sending ability are normal;

   Second handshake: The client can confirm that its own sending and receiving capabilities are normal, and that the other party's sending and receiving capabilities are normal;

   The third handshake: the server can confirm that its own sending and receiving capabilities are normal, and that the other party's sending and receiving capabilities are normal;

   It can be seen that a three-way handshake can allow both parties to confirm that their own and the other party's sending and receiving capabilities are all normal, so that they can communicate happily.

2. Inform the other party of your initial serial number value and confirm receipt of the other party's initial serial number value.

   In order to achieve reliable data transmission, both parties communicating with the TCP protocol must maintain a sequence number and a confirmation number field to identify which of the sent data packets have been received by the other party . The values ​​of these two fields will be incremented based on the initial sequence number value.

   The three-way handshake process is a necessary step for both communicating parties to inform each other of the starting value of the sequence number and confirm that the other party has received the starting value of the sequence number. If there are only two handshakes, at most only the starting sequence number of the connection initiator can be confirmed, but the sequence number selected by the other party cannot be confirmed.

3. This prevents expired (such as timeout retransmission) connection request messages from being suddenly transmitted to the server, resulting in errors and resource waste.

   If a two-way handshake is used, the server confirms that the connection has been established after the first request. At this time, if the client closes the connection and the server receives the client's previously expired TCP connection request, it will send the request to the client. Send a confirmation request message. At this time, the client cannot respond to the server because it is closed. The server will continue to send confirmation request messages to the client because it does not know that the client is closed, resulting in waste. resource.

6. Why three handshakes instead of four?

Because the three-way handshake can already confirm that the sending and receiving capabilities of both parties are normal, both parties know that each other is ready, and can also complete the confirmation of the initial sequence number of both parties, so there is no need for a fourth handshake.

• First handshake: The server confirms that the "self-received, client-sent" message function is normal.
• Second handshake: The client confirms that the "self-sent, self-received, server-received, server-sent" message functions normally, and the client considers that the connection has been established.
• The third handshake: The server confirms that the "self-sent, client-received" message function is normal. At this time, both parties have established a connection and can communicate normally.

7. What is a SYN flood attack? How to prevent it?

SYN flood attacks are a type of DOS attack. They exploit TCP protocol flaws and consume CPU and memory resources by sending a large number of semi-connection requests.

principle:

• During the three-way handshake, the TCP connection after the server sends the [SYN/ACK] packet (the second packet) and before receiving the client's [ACK] packet (the third packet) is called a half-open connect. , at this time the server is in the SYN_RECV (waiting for client response) state. If the [ACK] from the client is received, the TCP connection is successful. If not, the request will be resent until successful.
• The attacker of the SYN attack forges a large number of non-existent IP addresses in a short period of time, continuously sends [SYN] packets to the server, and the server replies with [SYN/ACK] packets and waits for the client's confirmation. Since the source address does not exist, the server needs to continue to resend until it times out.
• These forged [SYN] packets will occupy the unconnected queue for a long time, affecting normal SYN, causing the target system to run slowly, network congestion, and even system paralysis.

Detection: When you see a large number of semi-connected states on the server, especially if the source IP address is random, you can basically conclude that this is a SYN attack.

Precautions:

• Filter gateway protection through firewalls, routers, etc.
• Prevention by strengthening the TCP/IP protocol stack, such as increasing the maximum number of half connections and shortening the timeout.
• SYN cookies technology. SYN Cookies are a means of making some modifications to the three-way handshake on the TCP server side, specifically to prevent SYN flooding attacks.

8. During the three-way handshake connection phase, what will happen if the last ACK packet is lost?

Server:

• The third ACK is lost in the network, then the status of the TCP connection on the server side is SYN_RECV , and according to the TCP timeout retransmission mechanism, it will wait for 3 seconds, 6 seconds, and 12 seconds before resending the SYN + ACK packet , so that The client resends the ACK packet.

• If no ACK response is received from the client after retransmitting the specified number of times, the server will automatically close the connection after a period of time.

Client:

• The client thinks that the connection has been established. If the client sends data to the server, the server will respond with an RST packet (Reset, indicating reset, used to close the connection abnormally). At this point, the client knows that the third handshake failed.

9. Please introduce in detail the four wave processes of TCP?

• The first time: the client sends FIN = 1 ACK = 1 seq = u ack = v to the server. FIN = 1 indicates that this is a TCP request message to release the connection .

• The second time: the server sends ACK = 1 seq = v ack = u + 1 to the client. Indicates confirmation of the client's first release connection request message.

  At this time , the connection in the A → B direction is released, and TCP is in a semi-closed state . Although B confirms that A will no longer send data, B may still send data to A.

• The third time: The server sends FIN = 1 ACK = 1 seq = w ack = u + 1 to the client, indicating that the server releases the connection request message.

  • Sequence number seq = w , which is the sequence number of the last byte of the last message sent by the server + 1 .
  • Confirmation number ack = u + 1 , the same as the second wave, because the client did not send data during this time

• The fourth time: the client sends ACK = 1 seq = u + 1 ack = w + 1 to the server. Indicates that the server's shutdown request is confirmed .

  At this time , the server directly enters the closed state , and the client enters the TIME_WAIT waiting state. The waiting time is 2MSL , which is twice the longest message life cycle . If no message from the other party is received during this period, the client finally enters the closed state. .

It can be seen that the server ends the TCP connection earlier than the client.

10. Why is there a three-way handshake when connecting, but a four-way handshake when closing?

1. After receiving the client's FIN segment, the server may still have some data to transmit, so it cannot close the connection immediately, but it will respond and return an ACK segment.

   Next, data may continue to be sent. After the data is sent, the server will send a FIN message to the client, indicating that the data has been sent and requesting to close the connection. The server's ACK and FIN are usually sent separately, resulting in one more wave, so a total of four waves are required.

2. TCP is a full-duplex connection, and both ends must close the connection at the same time for the connection to be truly closed.

   If A is ready to close writing, it can still read the data sent by B. At this time, A sends a FIN message to B. After receiving it, B replies an ACK message to A.

   When B is also ready to close writing, it sends a FIN message to A, and A replies ACK to B. At this time, both ends are closed, and the TCP connection is closed normally.

   Therefore, for the full-duplex mode, in order to completely shut down, four interactions between the two ends of the communication are required to confirm each other's shutdown status.

11. Why does the client's TIME-WAIT state have to wait for 2MSL?

1. Ensures reliable termination of TCP connections. Ensure that the ACK message can reach the server, so that the server can close the connection normally.

   If the confirmation message sent by the client to the server for the fourth time is lost, the server will time out and retransmit the FIN/ACK message to the client because it has not received the confirmation message.

   However, if the client is closed at this time, it will not be able to respond to the server, and the server will keep retransmitting FIN/ACK messages, which means that the server will never get confirmation and will eventually be unable to enter the CLOSED state. .

   MSL is the maximum time a segment can survive on the network. The client waits for 2MSL time, that is, "client ACK message 1MSL timeout + server FIN message 1MSL transmission", then it can receive the FIN/ACK message retransmitted by the server, and then the client retransmits the ACK message. and restart the 2MSL timer. This ensures that the server can be shut down normally.

   If the FIN resent by the server is not successfully transmitted to the client within 2MSL time, the server will continue to timeout and retry until the connection is disconnected.

2. Prevent expired connection request segments from appearing in subsequent connections.

   TCP requires that the same sequence number is not used within 2MSL. After the client sends the last ACK segment and 2MSL elapses, it can ensure that all segments generated during the duration of this connection disappear from the network . This will prevent such old connection request segments from appearing in the next connection. Or even if these outdated messages are received, they may not be processed.

12. What if the connection has been established but the client fails?

Through the timer + timeout retry mechanism , try to obtain confirmation until the connection is automatically disconnected at the end.

Specifically, TCP has a keep-alive timer . Every time the server receives data from the client, it will reset this timer . The time is usually set to 2 hours . If it has not received any data from the client for 2 hours , the server starts to retry: sending a detection message segment every 75 seconds. If the client still does not respond after sending 10 detection messages in a row, the server considers the connection Already disconnected .

13. What are the consequences of too many TIME-WAIT states? How to deal with it?

From the server's perspective, closing a large number of Client connections in a short period of time will cause a large number of TIME_WAIT connections to appear on the server, which will seriously consume the server's resources . At this time, some clients will show that they cannot connect .

From the client's perspective , too much client TIME_WAIT will cause port resources to be occupied , because there are only 65536 ports , and if they are full, new connections cannot be created .

Solution:

• The server can avoid the TIME_WAIT state by setting the SO_REUSEADDR socket option. This socket option tells the kernel to continue and reuse this port even if it is busy (in the TIME_WAIT state).
• Adjust system kernel parameters and modify /etc/sysctl.conffiles, that is, modify net.ipv4.tcp_tw_reuseand tcp_timestamps

net.ipv4.tcp_tw_reuse = 1 表示开启重用。允许将TIME-WAIT sockets重新用于新的TCP连接，默认为0，表示关闭；
net.ipv4.tcp_tw_recycle = 1 表示开启TCP连接中TIME-WAIT sockets的快速回收，默认为0，表示关闭。

• Forced to close, send RST packets to bypass the TIME_WAIT state and directly enter the CLOSED state.

14. Is TIME_WAIT a server-side state? Or a client-side state?

TIME_WAIT is the state that the party that actively disconnects will enter . Under normal circumstances, it is the state that the client is in; the server is generally set not to actively close the connection.

TIME_WAIT needs to wait for 2MSL. In the case of a large number of short connections, TIME_WAIT will be too much, which will also consume a lot of system resources. For the server, specifying KeepAlive in the HTTP protocol (the browser reuses a TCP connection to handle multiple HTTP requests), and the browser actively disconnecting, can reduce this problem of the server to a certain extent.

15. How does the TCP protocol ensure reliability?

TCP mainly provides methods such as checksum, sequence number/confirmation response, timeout retransmission, sliding window, congestion control and flow control to achieve reliable transmission.

• Checksum : Through the checksum method, the receiving end can detect whether there are errors or exceptions in the data. If there are errors, the TCP segment will be discarded and resent.

• Serial number / confirmation response :

  The function of the sequence number is not only the response. The sequence number can sort the received data according to the sequence number and remove data with repeated sequence numbers.

  During the TCP transmission process, each time the receiver receives data, it will confirm and respond to the transmitter. That is to say, an ACK message is sent. This ACK message contains a corresponding confirmation sequence number, telling the sender what data has been received and where the next data will be sent from.

• Sliding window : The sliding window not only improves the efficiency of message transmission, but also avoids exceptions where the sender sends too much data and the receiver cannot process it normally.

• Timeout retransmission : Timeout retransmission refers to the time between sending a data packet and receiving a confirmation packet. If this time is exceeded, the packet will be considered lost and needs to be retransmitted. The maximum timeout is calculated dynamically.

• Congestion control : During the data transmission process, network congestion may occur due to network status problems. At this time, a congestion control mechanism is introduced to improve performance while ensuring TCP reliability.

• Flow control : If host A keeps sending data to host B, regardless of host B's receiving capability, host B's receiving buffer may become full and cannot accept data anymore, which may result in a large amount of data packet loss and trigger retransmissions. mechanism. During the retransmission process, if the condition of host B's receiving buffer has not improved, a lot of time will be wasted on retransmitting data, reducing the efficiency of data transmission. Therefore, a flow control mechanism is introduced. Host B allows host A to control the amount of data sent by telling host A the size of its receiving buffer . Flow control is related to the window size in the TCP protocol header.

16. Tell us in detail about TCP’s sliding window?

When transmitting data, if the transmitted data is relatively large, it needs to be split into multiple data packets for sending. The TCP protocol requires confirmation of the data before it can send the next data packet. In this way, time will be wasted waiting for the confirmation response packet.
To avoid this situation, TCP introduced the window concept. The window size refers to the maximum value that can continue to send data packets without waiting for acknowledgment response packets.

From the above figure, you can see that the left side of the sliding window is the packets that have been sent and confirmed , and the right side of the sliding window is the packets that have not yet had their turn .

The sliding window is also divided into two parts, one is the packets that have been sent but not confirmed, and the other is the packets waiting to be sent within the window. As sent packets continue to be acknowledged, packets waiting to be sent within the window will continue to be sent. The entire window will move to the right, allowing groups that have not yet had their turn to enter the window.

It can be seen that the sliding window plays a current limiting role , that is to say, the size of the current sliding window determines the current rate at which TCP sends packets , and the size of the sliding window depends on the minimum between the congestion control window and the flow control window. value .

17. Tell us about congestion control in detail?

TCP uses a total of four algorithms to implement congestion control:

• slow-start;
• congestion avoidance;
• Fast retransmit (fast retransmit);
• fast recovery

The sender maintains a state variable called congestion window cwnd (congestion window).

• When cwnd<ssthresh, the slow start algorithm is used.
• When cwnd>ssthresh, the congestion avoidance algorithm is used instead.
• When cwnd=ssthresh, the slow start and congestion avoidance algorithms are arbitrary.

Slow start: Do not send a large amount of data at the beginning, and gradually increase the size of the congestion window from small to large.

Congestion avoidance : The congestion avoidance algorithm makes the congestion window grow slowly , that is, every time a round trip time RTT passes , the sender's congestion window cwnd is increased by 1 instead of doubled. In this way, the congestion window grows slowly and linearly.

Fast retransmission : We can eliminate some unnecessary congestion messages and improve network throughput . For example, the receiver immediately sends a duplicate confirmation after receiving an out-of-order message segment, rather than waiting for the confirmation when sending data. Fast retransmission rules: As long as the sender receives three repeated acknowledgments in a row, it should immediately retransmit the message segments that the other party has not received, without having to wait for the set retransmission timer to expire .

Fast recovery : Mainly to cooperate with fast retransmission. When the sender receives three consecutive repeated acknowledgments, it executes the "multiplicative reduction" algorithm and halve the ssthresh threshold (in order to prevent network congestion), but then does not execute the slow start algorithm, because if the network is congested , You will not receive several duplicate confirmations. Receiving three duplicate confirmations indicates that the network condition is okay.

18. What are the common HTTP status codes?

Common status codes:

• 200: The request was successfully processed by the server
• 204: The request was accepted but no resources can be returned.
• 206: The client only requests part of the resources, and the server only executes the GET method on part of the requested resources. The corresponding message contains resources within the specified range through Content-Range.
• 301: Permanent redirect
• 302: Temporary redirect
• 400: The client request message has a syntax error and cannot be recognized by the server.
• 401: Request requires authentication
• 403: The requested resource is prohibited from being accessed. The server received the request but refused to provide the service.
• 404: The server cannot find the corresponding resource.
• 500: Internal server error. The server encountered an error and could not complete the request.
• 503: Server is busy

The beginning of the status code represents the type:

19. What is the difference between status code 301 and 302?

What they have in common: Both 301 and 302 status codes indicate redirection , which means that the browser will automatically jump to a new URL address after getting the status code returned by the server. This address can be obtained from the Location header of the response ( user The effect he sees is that the address A he entered instantly changes to another address B ).

Differences :

• 301 indicates that the resource at the old address A has been permanently removed (this resource is no longer accessible) . The search engine will also exchange the old URL for the redirected URL while crawling the new content;

• 302 means that the resource at the old address A is still there (still accessible) . This redirect only temporarily jumps from the old address A to the address B. The search engine will crawl the new content and save the old URL. 302 is better than 301 in SEO.

Reason for redirection:

1. Website adjustments (such as changing the web directory structure);
2. The web page was moved to a new address;
3. The web page extension is changed (for example, the application needs to change .php to .Html or .shtml).

20. Commonly used HTTP request methods?

In order to facilitate memory, PUT, DELETE, POST, and GET can be understood as the addition, deletion, modification and query of the client to the server.

• PUT: Upload files and add data to the server, which can be regarded as adding
• DELETE: delete files
• POST: Transmit data, submit data to the server, and update server data.
• GET: Get resources and query server resources

21. What is the difference between GET request and POST request?

Differences in usage:

• GET uses URL or Cookie to pass parameters, while POST puts the data in the BODY . This is because of the convention of HTTP protocol usage.
• The data submitted by GET has a length limit, while the data submitted by POST can be very large . This is due to differences in the operating systems and browser settings they use.
• POST is safer than GET because the data is not visible on the address bar. There is nothing wrong with this statement, but it is still not the difference between GET and POST itself.

essential difference

• The biggest difference between GET and POST is that the GET request is idempotent, while the POST request is not . This is their essential difference.

• Idempotence means that requesting a resource once and multiple times should have the same side effects. Simply put it means that multiple requests to the same URL should return the same result.

22. Explain HTTP long connection and short connection?

In HTTP/1.0, short connections are used by default . In other words, every time the browser and server perform an HTTP operation, a TCP connection is established, but the connection is interrupted when the task is completed. If an HTML or other type of Web page accessed by the client browser contains other Web resources, such as JavaScript files, image files, CSS files, etc.; every time the browser encounters such a Web resource, it will create a HTTP session.

But starting from HTTP/1.1, long connections are used by default to maintain connection characteristics. When using the HTTP protocol with long connections, this line of code will be added to the response header : Connection: keep-alive

When a long connection is used, when a web page is opened, the TCP connection used to transmit HTTP data between the client and the server will not be closed . If the client accesses the web page on the server again, it will continue to use this link. connection established. Keep-Alive does not maintain the connection permanently. It has a retention time that can be set in different server software (such as Apache). To implement long connections, both the client and the server must support long connections.

The long connections and short connections of the HTTP protocol are essentially the long connections and short connections of the TCP protocol.

23. What are the formats of HTTP request messages and response messages?

Request message format:

1. Request line (request method + URI + protocol version)
2. Request header
3. Blank line + CRLF carriage return and line feed
4. Request body

GET /sample.jsp HTTP/1.1 请求行
Accept:image/gif.image/jpeg, 请求头部
Accept-Language:zh-cn
Connection:Keep-Alive
Host:localhost
User-Agent:Mozila/4.0(compatible;MSIE5.01;Window NT5.0)
Accept-Encoding:gzip,deflate

username=jinqiao&password=1234 请求主体

Response message:

1. Status line (protocol version + status code + reason phrase)
2. response header
3. Blank line+CRLF
4. response body

HTTP/1.1 200 OK
Server:Apache Tomcat/5.0.12
Date:Mon,6Oct2003 13:23:42 GMT
Content-Length:112

<html>
<head>
<title>HTTP响应示例<title>
</head>
<body>
Hello HTTP!
</body>
</html>

24. What is the difference between HTTP 1.0 and HTTP 1.1?

HTTP1.0 was first used in web pages in 1996. At that time, it was only used for some simpler
web pages and network requests, while HTTP1.1 only began to be widely used in network requests of major browsers in 1999. , and HTTP1.1 is currently the most widely used HTTP protocol.

The main differences are mainly reflected in:

• Long connection : HTTP 1.1 supports long connections and request pipeline processing . Multiple HTTP requests and responses can be transmitted on a TCP connection, reducing the consumption and delay of establishing and closing connections . Connection: keep-alive is enabled by default in HTTP 1.1 , to a certain extent, it makes up for the shortcoming of HTTP1.0 that a connection must be created for every request.
• Cache processing : In HTTP 1.0, If-Modified-Since and Expires in the header are mainly used as the standard for cache judgment. HTTP 1.1 introduces more cache control strategies such as Entity tag, If-Unmodified-Since, If -Match, If-None-Match and more optional cache headers to control the cache
  strategy.
• Bandwidth optimization and use of network connections : In HTTP 1.0, there are some phenomena of wasting bandwidth. For example, the client only needs a part of an object, but the server sends the entire object, and does not support the resume function. HTTP1.1 introduces the range header field in the request header, which allows only a certain part of the resource to be requested , that is, the return code is 206 (Partial Content), which facilitates developers to freely choose to make full use of bandwidth and connections.
• Error notification management : 24 new error status response codes have been added to HTTP 1.1, such as 409 (Conflict) indicating that the requested resource conflicts with the current status of the resource; 410 (Gone) indicating that a resource on the server has been permanently deleted sexual deletion.
• Host header processing : In HTTP 1.0, each server is considered to be bound to a unique IP address. Therefore, the URL in the request message does not pass the host name (hostname). However, with the development of virtual host technology, multiple virtual hosts (Multi-homed Web Servers) can exist on a physical server, and they share an IP address. HTTP 1.1 request messages and response messages should support the Host header field, and if there is no Host header field in the request message, an error (400 Bad Request) will be reported .

25. What is the difference between HTTP 1.1 and HTTP 2.0?

Features supported by HTTP2.0 compared to HTTP1.1:

• New binary format : HTTP 1.1 parsing is text-based. There are natural flaws in format parsing based on text protocols. Text expressions are diverse, and there must be many scenarios to consider for robustness. Binary is different, and only combinations of 0 and 1 are recognized. Based on this consideration, the protocol parsing of HTTP2.0 is decided to use binary format, which is convenient and robust to implement.
• Multiplexing, that is, connection sharing , that is, each request is used as a connection sharing mechanism. A request corresponds to an id, so there can be multiple requests on one connection, and the requests of each connection can be randomly mixed together. The receiver can then attribute the request to different server requests based on the request id.
• Header compression , the header of HTTP1.1 contains a large amount of information, and must be sent repeatedly every time; HTTP2.0 uses an encoder to reduce the size of the header that needs to be transmitted , and each communication party caches a table of header fields , both This avoids repeated header transmission and reduces the size that needs to be transmitted.
• Server push : In addition to the server's response to the initial request, the server can also push additional resources to the client without explicit request from the client.

What is the difference between multiplexing in HTTP2.0 and long connection multiplexing in HTTP1.X?

• HTTP/1.0 is a request-response, establishes a connection, and closes it when finished; a connection must be established for each request;
• The HTTP/1.1 Pipeling solution is to queue several requests for serial single-thread processing, and subsequent requests wait for the return of the previous request before they can get the opportunity to execute. Once a request times out, subsequent requests can only be blocked, and there is no way . This is often referred to as head-of-line blocking ;
• HTTP/2 Multiple requests can be executed in parallel on a single connection at the same time. A certain request task is extremely time-consuming and will not affect the normal execution of other connections;

26. What is the difference between HTTP and HTTPS?

HTTPS protocol (HyperText Transfer Protocol over Secure Socket Layer): Generally understood as HTTP + SSL/TLS , the identity of the server is verified through the SSL certificate and the communication between the browser and the server is encrypted.

• HTTP URLs begin with http:// , while HTTPS URLs begin with https://
• HTTP is insecure but HTTPS is secure
• The standard port for HTTP is 80, while the standard port for HTTPS is 443
• In the OSI network model, HTTP works at the application layer, while the secure transmission mechanism of HTTPS works at the transport layer
• HTTP cannot be encrypted, while HTTPS encrypts transmitted data
• HTTP does not require a certificate, while HTTPS requires an SSL certificate issued by a CA authority

27. What are the advantages and disadvantages of HTTPS?

Advantages :

• Security :
  • Use the HTTPS protocol to authenticate users and servers to ensure that data is sent to the correct client and server;
  • The HTTPS protocol is a network protocol built from the SSL+HTTP protocol that can perform encrypted transmission and identity authentication . It is more secure than the HTTP protocol and can prevent data from being stolen or changed during transmission, ensuring the integrity of the data .
  • HTTPS is the most secure solution under the current architecture. Although it is not absolutely secure, it greatly increases the cost of man-in-the-middle attacks.

• SEO: Google adjusted its search engine algorithm in August 2014 and stated that "compared to equivalent HTTP websites, websites using HTTPS encryption will rank higher in search results."

shortcoming:

• In the same network environment, HTTPS has a significant increase in response time and power consumption compared to HTTP.
• The security of HTTPS is limited, and it is almost useless in cases of hacker attacks, server hijacking, etc.
• Under the existing certificate mechanism, man-in-the-middle attacks are still possible.
• HTTPS requires more server resources and will also lead to higher costs.

28. Tell me about the principles of HTTPS?

The encryption process is divided into: according to the serial number in the figure:

• ① The client requests an HTTPS URL, and then connects to the server's port 443 (HTTPS default port, similar to HTTP's port 80 ).

• ② Servers that use the HTTPS protocol must have a set of digital CA (Certification Authority) certificates. When a certificate is issued, a private key and a public key are generated . The private key is kept by the server itself and cannot be leaked . The public key is included in the certificate information and can be made public. The certificate itself also comes with a certificate electronic signature. This signature is used to verify the integrity and authenticity of the certificate and prevent the certificate from being tampered with.

• ③ The server responds to the client's request and passes the certificate to the client. The certificate contains the public key and a large amount of other information, such as certificate authority information, company information and certificate validity period.

• ④ The client parses the certificate and verifies it. If the certificate is not issued by a trusted authority, or the domain name in the certificate is inconsistent with the actual domain name, or the certificate has expired, a warning will be displayed to the visitor, who can choose whether to continue communication.

  If there is no problem with the certificate, the client will retrieve the server's public key A from the server certificate . Then the client will also generate a random code KEY and encrypt it using public key A.

• ⑤ The client sends the encrypted random code KEY to the server as the key for subsequent symmetric encryption .

• ⑥ After receiving the random code KEY , the server will use private key B to decrypt it .

  After the above steps, the client and server finally establish a secure connection, which perfectly solves the problem of key leakage of symmetric encryption , and then you can happily communicate using symmetric encryption.

• ⑦ The server uses a symmetric key ( random code KEY ) to symmetrically encrypt the data and sends it to the client . The client uses the same key (random code KEY) to decrypt the data .

• ⑧ Both parties use symmetric encryption to happily transmit all data.

29. What is the entire process performed after entering www.baidu.com into the browser?

1. Domain name resolution (the domain name www.baidu.com becomes an IP address).

   The browser searches its own DNS cache (maintains a correspondence table between domain names and IPs);
   if not, searches the operating system's DNS cache (maintains a correspondence table between domain names and IPs);
   if not, searches the hosts of the operating system File (maintain a correspondence table between domain names and IPs).

   If there is none, then look for the preferred dns server set in the tcp/ip parameters , that is, the local dns server ( recursive query ). The local domain name server queries its own dns cache . If not, it performs an iterative query . The local dns server returns the IP to the operating system and caches the IP at the same time.

2. Initiate TCP three-way handshake and establish TCP connection. The browser will initiate a TCP connection to the server's web program port 80 with a random port (1024-65535).

3. After establishing the tcp connection, initiate an http request.

4. The server responds to the http request and the client gets the html code. After the server web application receives the http request, it starts processing the request and returns the html file to the browser after processing.

5. The browser parses the html code and requests the resources in the html.

6. The browser renders the page and presents it to the user.

Normally, once the server returns the request data to the client, it will close the TCP connection. Then if the client or server adds this line of code Connection: keep-alive in its header information, the TCP connection will still be maintained after sending . Open state, so the client can continue to send requests through the same connection, that is to say, the previous 3 to 6 can be repeated. Keeping connections saves the time required to establish a new connection for each request and also saves network bandwidth.

30. What are Cookies and Sessions?

What are cookies

HTTP Cookie (also called Web Cookie or browser Cookie) is a small piece of data sent by the server to the user's browser and saved locally. It will be carried and sent to the server the next time the browser makes a request to the same server. . Usually, it is used to tell the server whether two requests come from the same browser, such as keeping the user logged in. Cookies make it possible to record stable state information based on the stateless HTTP protocol.

Cookies are mainly used in the following three aspects:

• Session state management (such as user login status, shopping cart, game scores or other information that needs to be recorded)
• Personalized settings (such as user-defined settings, themes, etc.)
• Browser behavior tracking (such as tracking and analyzing user behavior, etc.)

What is Session

Session represents the process of a session between the server and the client . The Session object stores the properties and configuration information required for a specific user session. In this way, when the user jumps between the application's Web pages, the variables stored in the Session object will not be lost , but will persist throughout the user session . The session ends when the client closes the session or the Session timeout expires .

31. How do Cookie and Session cooperate?

When the user requests the server for the first time, the server creates the corresponding Session based on the relevant information submitted by the user. When the request returns, the unique identification information of this Session, SessionID, is returned to the browser. After the browser receives the SessionID information returned by the server, it will This information is stored in Cookie , and Cookie records which domain name this SessionID belongs to.

When the user visits the server for the second time, the request will automatically determine whether there is cookie information under this domain name. If there is, the cookie information will be automatically sent to the server. The server will obtain the SessionID from the Cookie, and then find the corresponding Session based on the SessionID . Information, if not found, it means that the user is not logged in or the login is invalid. If the Session is found, it proves that the user has logged in and can perform the following operations.

According to the above process, SessionID is a bridge connecting Cookie and Session . Most systems also verify user login status based on this principle.

32. What is the difference between Cookie and Session?

• The scope of action is different. Cookie is saved on the client (browser), and Session is saved on the server side.
• The access methods are different. Cookie can only save ASCII, while Session can store any data type. Generally, we can keep some common variable information in Session, such as UserId, etc.
• The validity period is different, and the cookie can be set to be kept for a long time. For example, the default login function we often use, the Session generally has a short expiration time, and it will expire when the client is closed or the Session times out.
• The privacy policies are different. Cookies are stored on the client side and are more susceptible to illegal acquisition. In the early days, some people stored the user's login name and password in Cookies, resulting in information theft; Sessions are stored on the server side, and the security is better than Cookies.
• The storage sizes are different. A single cookie cannot store more than 4K data, but a session can store much more data than a cookie.

33. What is the HTTP protocol stateless protocol? How to solve it?

Stateless protocols have no memory for transaction processing. The lack of status means that if the previous information is needed for subsequent processing, that is, after the client completes an HTTP request, the client sends another HTTP request. HTTP does not know that the current client is an "old user".

Cookies can be used to solve stateless problems. Cookies are equivalent to a pass. When the client visits for the first time, a cookie is sent to the client. When the client comes again, it holds the cookie (passport), then the server will know this. Is an "old user".

34. The difference between URI and URL

URI is a uniform resource identifier, which is used to uniquely identify a resource. Every resource available on the Web such as HTML documents, images, video clips, programs, etc. is located by a URI .

URI generally consists of three parts:

• ① Naming mechanism for accessing resources
• ② Host name where resources are stored
• ③ The name of the resource itself, represented by the path, with emphasis on the resource.

URL is a uniform resource locator. It is a specific URI , that is, the URL can be used to identify a resource and also indicates how to locate the resource. URL is a string used to describe information resources on the Internet. It is mainly used in various WWW client programs and server programs, especially the famous Mosaic.

URLs can be used to describe various information resources in a unified format, including files, server addresses and directories, etc. URL generally consists of three parts:

• ① Agreement (or service method)
• ② The IP address of the host where the resource is stored (sometimes including the port number)
• ③ The specific address of the host resource. Such as directory and file names, etc.

URN , uniform resource name, unified resource naming, identifies resources by name, for example mailto:[email protected].

If URI is regarded as an abstract interface definition, then URL and URN are both concrete implementations of URI. Broadly speaking, every URL is a URI, but not every URI is a URL. This is because URIs also include a subclass, the Uniform Resource Name (URN), which names the resource but does not specify how to locate the resource. The mailto, news, and isbn URIs above are all examples of URNs.

在 Java 的 URI 中，一个 URI 实例可以代表绝对的，也可以是相对的，只要它符合 URI 的语法规则。而 URL 类则不仅符合语义，还包含了定位该资源的信息，因此它不能是相对的。在 Java 类库中，URI 类不包含任何访问资源的方法，它唯一的作用就是解析。相反的是，URL 类可以打开一个到达资源的流。

35. TCP 粘包/拆包的原因及解决方法？

TCP 是以流的方式来处理数据，一个完整的包可能会被 TCP 拆分成多个包进行发送，也可能把小的封装成一个大的数据包发送。

TCP 粘包/分包的原因：

• 应用程序写入的字节大小大于套接字发送缓冲区的大小，会发生拆包现象，

• 而应用程序写入数据小于套接字缓冲区大小，网卡将应用多次写入的数据发送到网络上，这将会发生粘包现象；

• 进行 MSS 大小的 TCP 分段，当 TCP 报文长度 - TCP 头部长度 > MSS 的时候将发生拆包

• 以太网帧的 payload（净荷）大于 MTU（1500 字节）进行 ip 分片。

解决方法：

• ① 消息定长，即每次发送固定长度字节。 这种方案简单，但是缺点是会浪费空间。 比如规定每10个字节表示一个消息，但是客户端发送的消息只包含1个字节，那么剩余9个字节就需要补空或者补0，浪费了。可以使用 FixedLengthFrameDecoder 类。
• ② 包尾使用特殊分隔符，比如使用回车符（\n）作为分隔符，再例如 HTTP 报文头中就使用了回车符、换行符作为 HTTP 协议的边界。可以使用行分隔符类 LineBasedFrameDecoder 或自定义分隔符类 DelimiterBasedFrameDecoder 。
• ③ The fixed-length field stores the length information of the content, that is, the message is divided into a message header and a message body. A fixed-length field is appended to the message header to store the length of the message content. For example, a fixed length of 4 is used in the header of each message . The size of bytes represents the length of the message content. When the receiver parses, it first reads the fixed-length field to obtain the length, and then reads the data content according to the length to accurately locate the data content without escaping. Disadvantages: The data content length is limited , and the number of bytes of the longest message needs to be known in advance. You can use LengthFieldBasedFrameDecoderthe class.

36. Please give an overview of serialization

Serialization (encoding) is to serialize objects into binary form (byte array), mainly used for network transmission, data persistence, etc.; while deserialization (decoding) is to read bytes from the network, disk, etc. The array is restored to the original object, which is mainly used for decoding network transmission objects to complete remote calls.

Key factors that affect serialization performance: serialized code stream size (network bandwidth usage), serialization performance (CPU resource usage); whether it supports cross-language (heterogeneous system docking and development language switching).

• The serialization provided by Java by default : cannot cross languages, the code stream after serialization is too large, and the performance of serialization is poor

• XML , advantages: good human-machine readability , can specify the name of elements or attributes.

  Disadvantages: Serialized data only contains the data itself and the structure of the class, excluding type identification and assembly information; only public properties and fields can be serialized; methods cannot be serialized; the file is huge, the file format is complex, and the transmission consumes bandwidth .

  Applicable scenarios: Use it as a configuration file to store data and perform real-time data conversion.

• JSON is a lightweight data exchange format,

  Advantages: high compatibility, relatively simple data format , easy to read and write, smaller data after serialization, good scalability , and good compatibility. Compared with XML, its protocol is relatively simple and its parsing speed is relatively fast.

  Disadvantages: The data is less descriptive than XML , not suitable for situations where performance requirements are at the ms level, and the extra space overhead is relatively large .

  Applicable scenarios (can replace XML): cross-firewall access, high adjustability requirements, Web browser-based Ajax requests, relatively small amount of data to be transmitted, and services with relatively low real-time requirements (such as second level).

• Fastjson uses an "assumed ordered fast matching" algorithm.

  Advantages: The interface is simple and easy to use , and it is currently the fastest json library in the Java language.

  Disadvantages: Too much emphasis on speed and deviation from "standards" and functionality, low code quality, incomplete documentation, and many security holes.

  Applicable scenarios: protocol interaction, Web output, Android client

• Thrift is not only a serialization protocol, but also an RPC framework.

  Advantages: Small size after serialization, fast speed, supports multiple languages ​​​​and rich data types, has strong compatibility for the addition and deletion of data fields, and supports binary compression encoding.

  Disadvantages: fewer users, unsafe and unreadable when accessed across firewalls, relatively difficult to debug code, cannot be used with other transport layer protocols (such as HTTP), and cannot support direct reading and writing of data to the persistence layer. That is, it is not suitable for data persistence serialization protocol.

  Applicable scenarios: RPC solutions for distributed systems

• Protobuf describes the data structure as .protoa file, and the code generation tool can generate POJO objects corresponding to the data structure and Protobuf-related methods and properties.

  Advantages: Small code stream after serialization, high performance, structured data storage format (XML JSON, etc.),
  forward compatibility of the protocol can be achieved by identifying the order of fields, and structured documents are easier to manage and maintain.

  Disadvantages: It needs to rely on tools to generate code and supports relatively few languages. Officially, it only supports Java, C++, and python.

  Applicable scenarios: RPC calls with high performance requirements, good cross-firewall access properties, suitable for persistence of application layer objects

37. What is the difference between select, poll and epoll?

Select, poll, and epoll are all mechanisms by which the operating system implements IO multiplexing . We know that I/O multiplexing uses a mechanism to monitor multiple descriptors. Once a descriptor is ready (usually read-ready or write-ready), the program can be notified to perform corresponding read and write operations . So what are the differences between these three mechanisms?

1. Support the maximum number of connections that can be opened by a process

IO multiplexing name	The maximum number of connections that can be opened
select	The maximum number of connections that can be opened by a single process is FD_SETSIZEdefined by the macro, and its size is 1024. Of course, we can modify it and then recompile the kernel, but the performance may be affected.
poll	Poll is essentially the same as select, but it does not have a limit on the maximum number of connections because it is stored based on a linked list.
epoll	The number of connections is basically limited only by the memory size of the machine

2. IO efficiency problems caused by the sharp increase in FD

IO multiplexing name	IO efficiency
select	Because the connection will be linearly traversed every time it is called, as the FD increases, it will cause a "linear degradation performance problem" of slow traversal speed.
poll	Same as above
epoll	因为 epoll 内核中实现是根据每个 fd 上的 callback 函数来实现的，只有活跃的 socket 才会主动调用 callback， 所以在活跃socket 较少的情况下，使用 epoll 没有前面两者的线性下降的性能问题， 但是所有 socket 都很活跃的情况下，可能会有性能问题。

3、 消息传递方式

IO 多路复用名称	消息传递方式
select	内核需要将消息传递到用户空间，都需要内核拷贝动作
poll	同上
epoll	epoll 通过内核和用户空间共享一块内存来实现

总结：

综上，在选择 select，poll，epoll 时要根据具体的使用场合以及这三种方式的自身特点。

1. 表面上看 epoll 的性能最好，但是在连接数少并且连接都十分活跃的情况下，select 和 poll 的性能可能比 epoll 好，毕竟 epoll 的通知机制需要很多函数回调。
2. select 低效是因为每次它都需要轮询。但低效也是相对的，视情况而定，也可通过良好的设计改善。

38. 什么是水平触发(LT)和边缘触发(ET)？

Conditional triggering (Level_triggered): Also called level triggering , when a readable or writable event occurs on the monitored file descriptor, the handler epoll_wait()will be notified to read and write. If all the data is not read and written at once this time (for example, the read and write buffer is too small), then the next time you call it, epoll_wait()it will also notify you to continue reading and writing on the file descriptor that has not been read and written. Of course, if If you don't read or write, it will keep notifying you! ! ! If there are a large number of ready file descriptors in the system that you don't need to read or write, and they return every time, this will greatly reduce the efficiency of the handler in retrieving the ready file descriptors it cares about! ! !

Edge triggered (Edge_triggered) : When a readable and writable event occurs on the monitored file descriptor, the handler epoll_wait()will be notified to read and write. If all the data is not read and written this time (for example, the read and write buffer is too small), epoll_wait()it will not notify you the next time it is called, that is, it will only notify you once until the second time appears on the file descriptor. You will be notified only after read and write events! ! ! This mode is more efficient than horizontal triggering, and the system will not be flooded with a large number of ready file descriptors that you don't care about! !

A simple understanding is that one will notify the user continuously, and the other will only notify the user once .

Summarize:

• Conditional triggering: As long as the conditions of the event are met, such as data that needs to be read, the event will be continuously delivered to the user.
• Edge trigger: It is only triggered when the condition is met for the first time, and the same event will not be delivered again.
• The efficiency of edge triggering is higher than that of conditional triggering. epoll supports edge triggering and conditional triggering. The default is conditional triggering. Select and poll are both conditional triggering.

39. What is direct memory

In all network communications and applications, there is a send buffer (SO_SNDBUF) and a receive buffer (SO_RECVBUF) in the core of each TCP Socket. The buffer size can be changed using the relevant socket options.

When an application process calls write , the kernel copies all data from the application process's buffer to the send buffer of the socket being written. If the socket's send buffer cannot accommodate all the data of the application process (either the application process's buffer is larger than the socket's send buffer, or there is other data in the socket's send buffer), Assuming that the socket is blocking, the application process will be put to sleep.

The kernel will not return from the write system call until all data in the application process buffer has been copied to the socket send buffer. Therefore, a successful return from a write call to a TCP socket only means that we can reuse the original application process buffer, and does not indicate that the other party's TCP or application process has received the data.

Java programs naturally have to abide by the above rules. However, there are features such as heap and garbage collection in Java, so in actual IO, there is such a mechanism inside the JVM:

• In terms of IO reading and writing, if heap memory is used , JDK will first create a DirectBuffer and then perform the actual write operation.
• This is because when we pass an address to the underlying C library through JNI, there is a basic requirement that the content at this address cannot be invalidated.
• However, objects under GC management will be moved in the Java heap. In other words, it is possible that I pass an address to the underlying write , but this memory becomes invalid due to GC sorting the memory.
• Therefore, the data to be sent must be placed in a place beyond the control of the GC. This is why the data must be in off-heap memory before calling the native method .

It can be seen that DirectBuffer does not save any memory copy, just because HeapBuffer must make one more copy, using DirectBuffer will save one memory copy . Compared to Java programs that do not use heap memory, Java programs that use direct memory are certainly faster.

From the perspective of garbage collection, direct memory is not affected by GC (Minor GC of the new generation). Direct memory will be recycled only when the Full GC of the old generation is executed. The pressure of sorting the memory is also less than putting the data in the HeapBuffer. .

Advantages and disadvantages of off-heap memory

Off-heap memory has several advantages over on-heap memory:

1. Reduced garbage collection work, because garbage collection will suspend other work (may use multi-threading or time slice method, not felt at all)
2. Speeds up copying. Because when the heap is flushed to the remote, it will be copied to the direct memory (non-heap memory) first, and then sent; while the off-heap memory is equivalent to omitting this work.

The blessings and curses naturally have a bad side:
3. Off-heap memory is difficult to control. If memory leaks, it is difficult to troubleshoot.
4. Off-heap memory is relatively unsuitable for storing very complex objects . Generally, simple objects or flat ones are more suitable.

40. What is zero copy?

Zero-copy technology means that when the computer performs operations, the CPU does not need to first copy data from one memory to another specific area. This technique is commonly used to save CPU cycles and memory bandwidth when transferring files over a network.

• Zero-copy technology can reduce the number of data copies and shared bus operations and eliminate unnecessary intermediate copies of data between memories, thereby effectively improving data transmission efficiency.
• Zero-copy technology reduces the overhead caused by CPU context switching between the user process address space and the kernel address space.

It can be seen that zero copy does not mean that no copy is needed, but that redundant [unnecessary] copies are reduced.

Linux I/O mechanism and DMA

In early computers, the user process needed to read disk data, which required CPU interrupts and CPU participation, so the efficiency was relatively low. An IO request was initiated, and each IO interrupt resulted in a CPU context switch. Hence the emergence of - DMA.

DMA (Direct Memory Access) is an important feature of all modern computers, allowing hardware devices of different speeds to communicate without relying on a large interrupt load on the CPU.

The DMA controller takes over data read and write requests, reducing the burden on the CPU. In this way, the CPU can work efficiently. Modern hard drives basically support DMA.

Therefore, actual IO reading involves two processes:

1. DMA waits for the data to be ready and reads the disk data into the operating system kernel buffer;
2. The user process copies the data in the kernel buffer to user space.

Both processes are blocked .

Traditional data transfer mechanism

For example: reading a file and then sending it out using socket actually requires four copies. The pseudo code implementation is as follows:

buffer = File.read()
Socket.send(buffer)

1. The first time: read the disk file into the operating system kernel buffer;
2. The second time: copy the data in the kernel buffer to the application buffer;
3. Step 3: Copy the data in the application buffer to the socket network send buffer (a buffer belonging to the operating system kernel);
4. The fourth time: Copy the socket buffer data to the network card, and the network card performs network transmission.

Analyzing the above process, although DMA is introduced to take over the interrupt request of the CPU, there are " unnecessary copies " in the four copies. The second and third copies of the data are not actually needed. The application does nothing but cache the data and transfer it back to the socket buffer. Instead, data can be transferred directly from the read buffer to the socket buffer.

Obviously, the second and third data copies are not helpful in this scenario but bring overhead. This is the background and significance of zero copy.

At the same time, both read and send are system calls , and each call involves two context switches:

To sum up, the cost of traditional data transfer is: 4 copies, 4 context switches . Among the 4 copies, two are DMA copies and two are CPU copies .

Linux-supported (common) zero-copy

Purpose: Reduce unnecessary copies in the IO process. Of course, zero copy requires OS support, which means the kernel needs to expose the API.

• mmap memory mapping: The location of the file on the hard disk is mapped to the application buffers (establishing a
  one-to-one correspondence). Since mmap() maps the file directly to user space, the actual file is read according to this The mapping relationship directly copies the file from the hard disk to the user space. Only one data copy is performed, and the file content is no longer copied from the hard disk to a buffer in the kernel space.

  mmap memory mapping will go through: 3 copies: 1 cpu copy, 2 DMA copies ; and 4 context switches
  

• sendfile： linux 2.1 支持的 sendfile，当调用 sendfile() 时，DMA 将磁盘数据复制到 kernel buffer，然后将内核中的 kernel buffer 直接拷贝到 socket buffer。在硬件支持的情况下，甚至数据都并不需要被真正复制到 socket 关联的缓冲区内。取而代之的是，只有记录数据位置和长度的描述符被加入到 socket 缓冲区中，DMA 模块将数据直接从内核缓冲区传递给协议引擎，从而消除了遗留的最后一次复制。

  一旦数据全都拷贝到 socket buffer，sendfile() 系统调用将会 return，代表数据转化的完成。socket buffer 里的数据就能在网络传输了。

  sendfile 会经历：3 次拷贝，1 次 CPU copy ，2 次 DMA copy；硬件支持的情况下，则是 2 次拷贝，0 次 CPU copy， 2 次 DMA copy。 以及 2 次上下文切换
  

• splice： Linux 从 2.6.17 支持 splice，数据从磁盘读取到 OS 内核缓冲区后，在内核缓冲区直接可将其转成内核空间其他数据 buffer，而不需要拷贝到用户空间。

  如下图所示，从磁盘读取到内核 buffer 后，在内核空间直接与 socket buffer 建立 pipe 管道。

  和 sendfile() 不同的是，splice() 不需要硬件支持。

  Note the difference between splice and sendfile. Sendfile requires a CPU copy to copy to the socket buffer after loading the disk data into the kernel buffer. Splice goes a step further. It does not even need the CPU copy and directly pipes the buffers in the two kernel spaces.

  splice will go through 2 copies: 0 cpu copy, 2 DMA copies ; and 2 context switches
  

Summary of zero copy in Linux

The earliest definition of zero copy comes from:

The Linux 2.4 kernel adds a new sendfile system call, providing zero copy. After the disk data is copied to the kernel state Buffer through DMA, it is directly copied to the NIO Buffer (socket buffer) through DMA without CPU copying.

This is where the term zero copy comes from. This is zero copy in the true operating system sense (that is, zero copy in the narrow sense).

But we know that there are not many types of zero copies in the operating system sense provided by the OS kernel. So far, there are not many such zero copies. With the development, the concept of zero copies has been extended, and now it is The reduction of unnecessary data copies is included in the category of zero copy.

41. What are the IO models in Linux?

Five network IO models under Linux:

• ① Blocking IO (blocking IO)
• ② Non-blocking IO (noblocking IO)
• ③ IO multiplexing (select, poll and epoll) (IO multiplexing)
• ④ Signal-driven IO (signal-driven IO)
• ⑤ Asynchronous IO (asynchronous IO)

Except for type ⑤, the other four types are all synchronous IO.

Comparison of 5 I/O models:

The difference between different I/O models is actually mainly in the two time periods of waiting for data and data copying.

42. The principle of epoll efficiency

• When a process calls epoll_create()the method, the Linux kernel will create a eventpollstructure, and a red-black treecache will be built in the kernel to store incoming sockets . It will also create a doubly linked list to store ready events. , when called, just observe whether there is data in this doubly linked list . If there is data, it will return. If there is no data, it will sleep . When the timeout time is up, it will return even if there is no data in the linked list.epoll_ctl()rdllist epoll_wait()rdllist

• At the same time, all events added to epoll will establish a callback relationship with the device (such as network card) driver, which means that the callback method here will be called when the corresponding event occurs. This callback method is called in the kernel ep_poll_callback, and it will put such events into rdllistthe doubly linked list above.

• When calling epoll_wait()to check whether there is a connection where an event occurs, it just checks whether the doubly linked list eventpollin the object has an element. If the linked list is not empty, the events here are copied to user mode memory (using shared memory to improve efficiency), and the events are The quantity is returned to the user. Therefore, it is very efficient and can easily handle millions of concurrent connections.rdllistepitemrdllistepoll_wait()

43. If you were asked to design a QQ, how would you consider designing the network protocol?

The TCP protocol and HTTP protocol are used for login. UDP protocol is mainly used to send messages between you and your friends. P2P technology is used to transfer files on the intranet.

Generally speaking:

1. During the login process, the client uses the TCP protocol to send information to the server, and the HTTP protocol to download the information. After logging in, there will be a TCP connection to stay online.
2. To send messages to friends, the client uses the UDP protocol, but it needs to be forwarded through the server. In order to ensure the reliability of message transmission, Tencent uses upper-layer protocols to ensure reliable transmission. If the message fails to be sent, the client will prompt that the message has failed to be sent and can resend it.
3. If files are transferred between two clients on the intranet, QQ uses P2P technology and does not require server transfer.