[Computer Network] Network Layer—IP

1. Concept

introduce

Application layerThe http protocol is used to construct and parse request and response.

The TCP/UDP protocol of Transport layer does not provide data transportation. The transport layer specifies rules for data transmission. However, the UDP protocol does not guarantee the reliability of data transmission. The TCP protocol has formulated acknowledgment response mechanisms, timeout retransmission mechanisms, connection management mechanisms, congestion control, etc. to ensure the reliability of data. It has also formulated piggyback responses, delayed responses, fast retransmission mechanisms, etc. to ensure the efficiency of data transmission

The actual data transmission capabilities arenetwork layerIP protocol and data link layer (discussed later), which provide the ability to transfer data from the host to The ability of A to send to host B across the network.

concept

At the network layer, there is a very important device, the router. The router can connect two LANs and has the function of routing data in the network.

A router is also equivalent to a host in a LAN, containing the network layer and its lower layers. However, current routers are very powerful and already have the application layer and its lower layers.

• Host: A device that is equipped with an IP address but does not perform routing control.
• Router: It is equipped with an IP address and can perform routing control.
• Node: the collective name for hosts and routers

The main function of the network layer is to implement communication between terminal nodes. This kind of communication between terminal nodes is also called point-to-point communication.

2.Protocol format

• 4-digit version number: Specifies the version of the IP protocol. For IPv4, it is 4.

• 4-bit header length: The length of the IP header is based on 32 bits (4 bytes) as the basic unit, that is, the number of header bytes is equal to the 4-bit header length times 4 words Festival. The minimum header length is equal to 20 bytes, and the maximum number represented by 4 bits is 15, so the maximum header length is equal to 60 bytes, and the excess is optional.

• 8-bit service type: 3-bit priority field (deprecated), 4-bit TOS field and 1-bit reserved field (must be set to 0). The 4-digit TOS respectively represents: minimum delay, maximum throughput, maximum reliability, and minimum cost. These four conflict with each other, and you can only choose one. Which one you choose depends on the application layer protocol.

• 16-bit total length: How many bytes does the IP datagram occupy as a whole. Includes data and headers.

• 8-bit time to live (TIME TO LIVE, TTL): The maximum number of message hops for a datagram to reach its destination, that is, the number of routers it passes through. Usually 64. Each time a route is passed, the TTL is decremented by 1. Generally, it is lost before it reaches 0. This field is to prevent routing loops.

• 8-bit protocol: Identifies the upper layer protocol type. Which protocol is transmitted to the upper layer.

• 16-bit header checksum: Use CRC check to check whether the header is damaged. You only need to check the header, and the data is checked at the TCP layer.

• 32-bit source IP address and 32-bit destination IP address: Identifies the receiving host and the sending host.

• Options: The options are up to 40 bytes, and the header exceeds 20 bytes.

What you need to know here is slicing:

Fragmentation concept: Fragmentation is to divide the data discovered by the transport layer into several segments and then send them.

Why sharding?
The maximum transmission unit (MTU) of each data link is different. The IP of the network layer is the upper layer of the data link. IP shields the differences of data links through fragmentation to realize different data Link interoperability. From the upper layer of IP, it can completely ignore the MTU on each data link and only need to receive data packets according to the length sent by the source IP address.

Ethernet is the most commonly used data link layer protocol, and its MTU is 1500.

Note: Fragmentation is transparent to the transport layer, and the transport layer does not know about fragmentation. Only the network layer knows about sharding.

So the network layer IP protocol at thereceiving end also needs to assemble the fragmented data.

The data received by the receiving end may include unfragmented data, different groups of data, and fragmented data. Assembly first requires separating the fragmented data without fragmentation, and then assembling the same set of data.

Disadvantages of sharding

• The message needs to be sent multiple times, which increases the processing performance of the router.
• During fragmented transmission, one of the fragments is lost, and the entire message cannot be assembled during assembly. At this time, the IP layer will not deliver it upwards, and the TCP layer will consider the message to be lost and timeout to retransmit.

If fragmentation is avoided
The root cause of actual data fragmentation is that the transport layer delivers too much data at one time, causing IP to be unable to directly hand the data down to the MAC frame , if the transport layer controls the amount of data handed over to IP at one time not to be too large, then the data will naturally not need to be fragmented at the IP layer.

• Therefore, TCP, as a transmission control protocol, needs to control that the data delivered at one time cannot exceed a certain threshold. This threshold is called MSS (Maximum Segment Size, maximum segment length).
  When the communicating parties establish a TCP connection, in addition to negotiating concepts such as their own window size, they also negotiate the maximum segment length MSS that each segment can carry during subsequent communications.
• The maximum payload of a MAC frame is MTU, and the maximum payload of TCP is MSS. Since the header length of TCP and IP is usually 20 bytes, generally MSS = MTU - 20 - 20, and the value of MTU is generally is 1500 bytes, so the value of MSS is generally 1460 bytes.

Therefore, it is generally recommended that TCP control the data sent within 1460 bytes, which can reduce the possibility of data fragmentation. The reason why it is said to reduce the possibility of data fragmentation is because the MTU corresponding to the link layer of each network may be different. If the data enters a network with a smaller MTU during transmission, the data may still need to be Sharding in the router.

Fragmented fields in header

• 16-bit identification (id): uniquely identifies the message sent by the host. If the IP message is fragmented at the data link layer, then the id in each fragment same.
• 3-bit flag: The first bit is reserved (not used now). If the second bit is set to 1, it means that fragmentation is prohibited. At this time, if a message exceeds the MTU comes Data, IP module will discard the packet, set to 0 to indicate that it can be fragmented. The third bit represents "more fragments". If it is fragmented, if there are fragments after this fragment, the current position is 1. If there is no fragment or no fragments, the current position is 0. It means that it is set to 1 if it is fragmented, and it is set to 0 if there is no fragmentation or the end of the data fragmentation.
• 13-bit offset: Indicates where the current fragment is in the original message. The actual number of offset bytes is equal to the current value multiplied by 8, so except for the last message, the length of other messages must be an integer multiple of 8.

Many problems arise when using sharding technology

How does IP separate header and payload?

The IP protocol also has a 16-bit packet size in the header. The standard header size (without options) is 20 bytes. The payload size can be obtained by subtracting the header size from the packet size.

How does IP deliver the message to the upper layer protocol?

The IP protocol has an 8-bit protocol type in its header.

3.Network division

IP composition

The IP address is divided into two parts: network number and host number

• Network ID: Ensure that two network segments connected to each other have different identities.
• Host number: In the same network segment, hosts have the same network number but different host numbers. Identify different hosts in the same network segment.
  

The network number is an identifier of the area where the device is located. Devices with the same network number are located in the same network segment. Devices with different network numbers communicate through routers. The host number is the identification of different devices in the same network segment. Duplicate host numbers are not allowed in the same network segment.

• Different subnets actually connect hosts with the same network number together.
• If a new host is added to the subnet, the network number of the host must be the same as the network number of the subnet, but the host number must be different and repeated for other hosts in the subnet.
• It can be seen from the above that when a new host is added to the subnet, a corresponding and correct IP needs to be assigned to it. If a host is removed, the IP needs to be recycled. But manually managing subnet IPs is troublesome.

There is a technology called DHCP that can automatically assign IP addresses to new host nodes in the subnet, avoiding the inconvenience of manual management.
Generally, current routers have DHCP function, so the router can be regarded as a DHCP server.

IP address classification

The above is to divide the IP address according to whether the binary digits 1 to 5 are 0. The range divided into dotted decimal is:

• Class A 0.0.0.0 to 127.255.255.255
• Class B 128.0.0.0 to 191.255.255.255
• Class C 192.0.0.0 to 223.255.255.255
• Class D 224.0.0.0 to 239.255.255.255
• Class E 240.0.0.0 to 247.255.255.255

Categories A, B, and C represent more and more network numbers as they go down, and less and less host numbers. With the development of the Internet, most organizations applied for Class B network addresses, causing Class B to be used up quickly.

In response to the above situation, a new solution called CIDR is proposed. It is only related to the subnet mask. The network number and the host number must be distinguished through the subnet mask.

• Introduce a subnet mask to distinguish network numbers and host numbers.
• The subnet mask is also a 32-bit positive integer, usually ending with a string of 0s.
• Perform a bitwise AND of the IP address and subnet mask, and the result is the network number.
• This division does not require the IP address to be limited to one of the above categories. It has nothing to do with categories A, B, and C. As for the subnet mask, it is related.

Number of IP addresses

The IP address of the IPv4 protocol is 32 bits, so there are only 2 to the 32nd power of IP addresses. The TCP/IP protocol stipulates that each host needs an IP address, which means that there can only be 2 to the 32nd power in total. Fangtai host is connected to the network.

However, due to the existence of some special networks, and the IP address is not configured according to the number of hosts, each network card needs to be configured with one or more IP addresses. , so the actual usable IP addresses are far less than 2 to the 32nd power.

Although CIDR has improved the utilization of IP address digits to a certain extent, the total number of IP addresses has not changed and may still be insufficient. There are three solutions at this time:

• Dynamic allocation of IP addresses only assigns IP addresses to devices connected to the network. For example, if a host is connected to the network and assigned an IP address, the IP address will be recycled when the host is disconnected from the network. Therefore, the IP address of a device with the same MAC address may not be the same every time it accesses the network, and will be assigned by other hosts accessing the network.
• NAT technology
• IPv6: The number of IPv6 bits is 16 bytes, and 128 bits represent an IP address. The total number of IP addresses is more. However, IPv6 is not an upgraded version of IPv4. The two are incompatible. Currently, IPv6 is not popular.

Private IP and public IP

If an organization establishes a LAN internally, the IP address is only used for communication within the LAN and is not directly connected to the Internet. In theory, any IP address can be used, but RFC 1918 stipulates private IP addresses for establishing a LAN.

• 10.*, the first 8 digits are the network number, a total of 16,777,216 addresses.
• 172.16. to 172.31., the first 12 digits are the network number, a total of 1,048,576 addresses.
• 192.168.*, the first 16 digits are the network number, a total of 65,536 addresses.

Those included in this range are called private IPs, and the rest are called public IPs (or global IPs).

When we use cloud servers, we use public IP

We can use the command ipconfig on cmd to view the private IP of the machine

data transmission

A router is a hardware device that connects two or more networks. There are two network interfaces on the router, namely the LAN port and the WAN port:

• LAN port (Local Area Network): Represents the port connected to the local network, mainly connected to the switch, hub or PC in the home network.

• WAN port (Wide Area Network): Indicates the port connected to the wide area network, generally refers to the Internet.
  We call the IP address of the LAN port LAN port IP, also called subnet IP, and the IP address of WAN port called WAN port IPO, also called external network IP.
  

• Different routers have the same subnet IP (usually 192.168.1.1). The host IP addresses within the subnet cannot be repeated, but the IP addresses between subnets can be repeated.

• Each home router is actually a node in the subnet of the operator's router. Such operator routers may have many levels. The WAN port IP of the outermost operator router is a public network IP.

• If we want the server program we implemented ourselves to be accessible on the public network, we need to deploy the program on a server with an external IP address. Such a server can be purchased on Alibaba Cloud/Tencent Cloud.

Since the private IP cannot appear in the public network, when the host in the subnet communicates with the external network, the router will continuously replace the source IP address in the IP header of the data packet with the WAN port IP of the router, so that the replacement is performed step by step. , the source IP address in the final data packet becomes a public network IP, and this technology becomes NAT (Network Address Translation).

Why can't private IP appear in the public network?

• The IP addresses of hosts in different LANs may be the same, so the private IP cannot uniquely identify a host. Therefore, the private IP cannot appear on the public network because the IP address must be able to uniquely identify a host on the public network.
• However, due to insufficient IP addresses, we cannot let the host directly use the public IP and let the host use the private IP. Because the private IP can be repeated, it means that we can use the same IP address in different LANs, which eases the IP shortcomings.
• However, due to insufficient IP addresses, we cannot let the host directly use the public IP and let the host use the private IP. Because the private IP can be repeated, it means that we can use the same IP address in different LANs, which eases the IP shortcomings.

subnet mask

Early network addresses used a fixed network bit length, which resulted in a large amount of waste of IPv4 addresses. Nowadays, the length of the network segment address is variable, and an identifier is also needed to obtain the network segment address so that the router can forward the data packet. This identification code is the subnet mask.

The subnet mask is represented by a 32-bit binary. The network segment address part of the IP address is set to 1, and the host address part of the IP address is set to 0. In other words, as many bits of the IP address as the network segment address, the subnet mask is set to 1, and the rest are set to 0. For the convenience of recording, each 8-bit group is separated by "." and then converted to decimal number.

For example: the subnet mask of 201.20.100.25 is 255.255.255.0, calculate its network segment address.

Perform AND operation on the subnet mask and IP address to get the network segment address of this IP address.

routing

① Default route refers to an entry that can be matched by any address in the routing table. All packets can use the default route for data forwarding. The default route is 0.0.0.0/0 or default

②"IP address/32" is calledhost route, which is a route in the routing table that points to a single IP address or host name entry. For example: 192.168.153.15/32 is a host route, which means that all bits of the entire IP address will participate in routing.

③IP addresses starting with 127 are allloopback addresses, and the loopback interface where they are located can be understood as a virtual network card. When using a loopback address, the data packet will be obtained directly by the IP layer of the host without going through the link layer and will not flow to the network. Generally used to check whether the network service running on the host is normal. We often use 127.0.0.1.

In the complex network structure, find a way to the end.

The routing process is a hop by hop "asking for directions" process.

The so-called "one hop" is an interval in the data link layer. Specifically, in Ethernet, it refers to the frame transmission interval from the source MAC address to the destination MAC address.

During the transmission process of IP data packets, many routers will be encountered. These routers will help the data packets to be routed and forwarded. Whenever a data packet encounters a router, the corresponding router will check the destination IP address of the data and inform the next step of the data. Where to jump.

There are three possible router search results:

• After querying the routing table, the router learns which subnet the next hop of the data should jump to.
• After the router queries the routing table and finds no matching subnet, the router will forward the data to the default route.
• After querying the routing table, the router learns that the target network of the data is the current network. At this time, the router will transfer the data to the corresponding host in the current network.

What is the process of routing table query?

Each router maintains a routing table internally, and we can view the corresponding routing table on the cloud server through the route command.

• Destination represents the destination network address.
• Gateway represents the next hop address.
• Genmask represents the subnet mask.
• In Flags, the U flag indicates that this entry is valid (some entries can be disabled). The G flag indicates that the next hop address of this entry is the address of a router. Entries without the G flag indicate that the destination network address is directly connected to the local interface. network without having to be forwarded through a router.
• Iface represents the sending interface.

When the IP data packet reaches the router, the router will use the destination IP address of the data to perform a "bitwise AND" operation with the subnet mask Genmask in the routing table, and then compare the result with the destination network corresponding to the subnet mask. The address Destination is compared. If it matches, the next hop of the data packet should jump to this subnet. At this time, the data packet will be sent through the corresponding sending interface Iface.

If no matching destination network address is found after performing a "bitwise AND" between the destination IP address of the packet and the subnet mask, the router will send the packet to the default route, which is the target in the routing table. default in the network address. You can see that the Flags corresponding to the default route are UG, which actually transfers the data to another router, allowing the data to continue routing on the other router.

After the data packet is continuously routed through the router, it will eventually reach the target network where the target host is located. At this time, the data packet is no longer routed based on the network number in the destination IP address, but based on the host number in the destination IP address. Routing, and finally the data can be sent to the target host based on the host number corresponding to the data packet.