OSI seven-layer model and TCP / IP four-layer model
OSI seven-layer model: OSI (Open System Interconnection) OSI reference model is the International Organization for Standardization (ISO) to develop a standard system for communication between computer systems or interconnected.
TCP / IP four-layer model: TCP / IP reference model grandfather ARPANET computer network reference model and its subsequent use of the Internet.
Stratification: easy management
seven layer model advantages:
1, the complex network layer divided into a more manageable (dividing the entire large and complex problem into a number of smaller problems easy to handle)
2, a manufacturer can not complete provide complete solutions and all equipment, protocol
3, independently of each task to do, independently of each other, clear division of labor, lower the top do not care about the details, the same benefit hierarchical network troubleshooting
features and equipment on behalf of
the hierarchical name in the device of the work function layer
providing a user interface QQ, IE 7 the application layer. Application
6 represents a data presentation layer performs encryption processing
5 the session layer to the application data of different separation
4 or transport layer provides reliable and unreliable transmission, retransmission error correction is performed before the firewall
provides network layer logical address 3, router they three switches to select a path, the router
2 data link layer is split into byte packets, and byte combination framing speaking, using the MAC address providing medium access, performing error detection, but no error correction switcher, NIC
1 bit between the physical layer transmission device, a specified level, the hub pin cable speed and cable
interact: Why modern network communication process by TCP / IP four-layer model, rather than the OSI model do?
OSI seven-layer model is a theoretical model for the general theory, he layered some redundancy, practical application, select TCP / IP four-layer model. But OSI also has its own shortcomings, most people think the number of levels and the content of the OSI model may be the best choice, in fact not the case, in which the session layer and the presentation layer is almost empty, and the data link layer and the network layer contains the content too much, there are many sub-layer insert, each sub-layer has a different function.
Related common network protocols:
the DNS: Domain Name Resolution Protocol www.baidu.com
the SNMP (the Simple Network Management Protocol) network management protocol
DHCP (Dynamic Host Configuration Protocol) Dynamic Host Configuration Protocol, which is the client on the TCP / IP network to obtain protocol configuration information of
FTP (file transfer protocol) file transfer protocol, which is a standard protocol, is the simplest way to exchange files between computers and networks.
TFTP (Trivial File Transfer Protocol): File Transfer protocol
HTTP (Hypertext Transfer Protocol): Hypertext Transfer Protocol
HTTPS (Secure Hypertext Transfer Protocol): Secure Hypertext Transfer Protocol, which was developed by Netscape and built into its browser, for data compression and decompression operations.
the ICMP (the Internet the message control protocol): the Internet control message protocol, Internet control message protocol
ping ip defined message types: requests and responses with a response request, TTL timeout information, address, destination unreachable
SMTP (Simple Mail Transfer Protocol): Simple Mail Transfer Protocol
TELNET Protocol: a virtual terminal protocol
UDP (User Datagram Protocol): User Datagram Protocol, which is defined to provide packet-switched communication protocol of a computer interconnection network environment
TCP (transmission control protocol): transmission control protocol, a connection-oriented, reliable transport layer protocol based on the byte stream forwarding log: opening a protocol: TCP (four and three-way handshake wave)
the TCP and UDP the difference between
(1) TCP protocol: TCP (transmission control protocol, transmission control protocol) is a connection-oriented protocol, prior to sending and receiving data, the other party must establish a reliable connection.
(2) UDP protocol: UDP is the User Datagram Protocol short, the Chinese name is the User Datagram Protocol is a connectionless transport layer protocol that provides a simple unreliable transaction-oriented messaging services
Summary: The difference between TCP and UDP:
1. based linked to a connectionless;
2. the requirement of system resources (more TCP, UDP less);
3.UDP relatively simple program structure; UDP packet header is very short, only 8 bytes, relative to the TCP 20 bytes of overhead is small packets. Therefore, the transmission speed may be faster
4.TCP ensure data accuracy, UDP packet loss may; ensure that the TCP data sequence, UDP does not guarantee.
Scene: video, voice communications using udp, or a good network environment, such as LAN communications using udp. udp data transmission integrity, the software application can be proof layer on it.
tcp file transfer, high data integrity.
TCP and UDP port numbers commonly used name
(1) TCP port assignments
21 ftp file transfer service
22 ssh secure remote connectivity service
23 telnet remote connection service
25 smtp email service
53 DNS domain name resolution services, tcp53 is also useful udp53 port transmission
80 http web service
443 https secure web service
interactions : which service if you do not know which port corresponds to how to do? Such as port 873 which services?
[root @ ken ~] # vim / etc / services # This file contains all the common port numbers and service names
linux network-related debug commands
A bridge mode: bridge mode configured as an independent computer has virtual machine
1. The machine can be a virtual external networks
2 may be any computer communication and LAN
3. The host can communicate
within the local area network 4. The host Renyiyitai this virtual machine can communicate
two, nat modes: mode virtual machine configured nat using IP address (address conversion)
1. vmnet8 NIC physical machine must be turned
2. external networks may
3. The host can communicate
within the local area network 4 can not access the virtual machine
Third, only the host mode
1. The host can communicate and
can communicate with each other only in the virtual machine on the host mode 2. the same between the host computer
3. The above is not the external network
can not access each other within the LAN 4
1.修改IP相关信息
[root@ken ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:13:a1:49 brd ff:ff:ff:ff:ff:ff
inet 192.168.4.190/24 brd 192.168.4.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe13:a149/64 scope link
valid_lft forever preferred_lft forever
2. 修改网卡信息
修改配置文件 /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0 #指出设备名称
NM_CONTROLLED=yes #network mamager的参数,实时生效,不需要重启
ONBOOT=yes #设置为yes,开机自动启用网络连接
IPADDR=192.168.21.129 #IP地址
BOOTPROTO=none #设置为none禁止DHCP,设置为static启用静态IP地址,设置为dhcp开启DHCP服务
NETMASK=255.255.255.0 #子网掩码
DNS1=8.8.8.8 #第一个dns服务器
TYPE=Ethernet #网络类型为:Ethernet
GATEWAY=192.168.21.2 #设置网关
DNS2=8.8.4.4 #第二个dns服务器
IPV6INIT=no #禁止IPV6
USERCTL=no #是否允许非root用户控制该设备,设置为no,只能用root用户更改
HWADDR=00:0C:29:2C:E1:0F #网卡的Mac地址
PREFIX=24
NAME="System eth0" #定义设备名称
3.临时添加IP地址
[root@ken ~]# ip a a 192.168.4.191 dev eth0
[root@ken ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:13:a1:49 brd ff:ff:ff:ff:ff:ff
inet 192.168.4.190/24 brd 192.168.4.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 192.168.4.191/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe13:a149/64 scope link
valid_lft forever preferred_lft forever
4.查看端口监听状态
ss 命令
常用选项:
-t: 显示tcp链接
-n: 以数字形式显示当前链接的端口
-l: 只显示监听的
-a:显示全部
-p: 显示PID
常用组合:ss -tnl
[root@ken ~]# ss -tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
进程管理
程序:二进制文件,静态 /bin/date,/usr/sbin/sshd
进程:是程序运行的过程,动态,有生命周期及运行状态。
下图所示的是进程的生命周期:
描述如下:
父进程复制自己的地址空间(fork [fɔ:k] 分叉)创建一个新的(子)进程结构。每个新进程分配一个唯一的进程 ID (PID),满足跟踪安全性之需。PID 和父进程 ID (PPID)是子进程环境的元素,任何进程都可以创建子进程,所有进程都是第一个系统进程的后代。
centos5或6PID为1的进程是: init
centos7 PID为1的进程是: systemd
僵尸进程:一个进程使用fork创建子进程,如果子进程退出,而父进程并没有调用wait或waitpid获取子进程的状态信息,那么子进程的进程描述符仍然保存在系统中。这种进程称之为僵尸进程。
用自己的话表达:父进程退出了,子进程没有退出,那么这些子进程就没有父进程来管理了,就变成僵尸进程。
进程的属性
进程ID(PID):是唯一的数值,用来区分进程
进程状态:状态分为运行R、休眠S、僵尸Z(zombie)
使用ps查看进程工具
1、ps查看进程工具
例1:常用的参数:
a: 显示跟当前终端关联的所有进程
u: 基于用户的格式显示(U: 显示某用户ID所有的进程)
x: 显示所有进程,不以终端机来区分
[root@ken ~]# ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.3 125328 3832 ? Ss 20:40 0:01 /usr/lib/syst
root 2 0.0 0.0 0 0 ? S 20:40 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? S 20:40 0:00 [ksoftirqd/0]
root 5 0.0 0.0 0 0 ? S< 20:40 0:00 [kworker/0:0H
root 6 0.0 0.0 0 0 ? S 20:40 0:00 [kworker/u256
root 7 0.0 0.0 0 0 ? S 20:40 0:00 [migration/0]
root 8 0.0 0.0 0 0 ? S 20:40 0:00 [rcu_bh]
root 9 0.0 0.0 0 0 ? R 20:40 0:00 [rcu_sched]
root 10 0.0 0.0 0 0 ? S< 20:40 0:00 [lru-add-drai
root 11 0.0 0.0 0 0 ? S 20:40 0:00 [watchdog/0]
注:最后一列[xxxx] 使用方括号括起来的进程是内核态的进程。没有括起来的是用户态进程。
上面的参数输出每列含意:
USER: 启动这些进程的用户
PID: 进程的ID
%CPU 进程占用的CPU百分比;
%MEM 占用内存的百分比;
VSZ:进程占用的虚拟内存大小(单位:KB)
RSS:进程占用的物理内存大小(单位:KB)
STAT:该程序目前的状态,Linux进程有5种基本状态:
R :该程序目前正在运作,或者是可被运作;
S :该程序目前正在睡眠当中,但可被某些讯号(signal) 唤醒。
T :该程序目前正在侦测或者是停止了;
Z :该程序应该已经终止,但是其父程序却无法正常的终止他,造成 zombie (疆尸) 程序的状态
D 不可中断状态.
5个基本状态后,还可以加一些字母,比如:Ss、R+,如下图:
它们含意如下::
<: 表示进程运行在高优先级上
N: 表示进程运行在低优先级上
L: 表示进程有页面锁定在内存中
s: 表示进程是控制进程
l: 表示进程是多线程的
+: 表示当前进程运行在前台
START:该 process 被触发启动的时间;
TIME :该 process 实际使用 CPU 运作的时间。
COMMAND:该程序的实际指令
uptime查看系统负载
[root@ken ~]# uptime
22:14:16 up 1:33, 2 users, load average: 0.00, 0.01, 0.04
弹出消息含意如下:
当前时间 系统运行时间 当前登录用户 系统负载1分钟,5分钟,15分钟的平均负载
top命令
[root@ken ~]# top
top - 22:19:03 up 1:38, 2 users, load average: 0.07, 0.03, 0.04
Tasks: 95 total, 1 running, 94 sleeping, 0 stopped, 0 zombie
%Cpu(s): 0.0 us, 0.0 sy, 0.0 ni,100.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 s
KiB Mem : 997956 total, 769528 free, 91376 used, 137052 buff/cache
KiB Swap: 2097148 total, 2097148 free, 0 used. 750772 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
638 root 20 0 298712 6120 4788 S 0.7 0.6 0:06.92 vmtoolsd
646 root 20 0 476188 8996 6748 S 0.7 0.9 0:00.30 NetworkMa+
1 root 20 0 125328 3832 2576 S 0.0 0.4 0:01.30 systemd
2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd
3 root 20 0 0 0 0 S 0.0 0.0 0:00.14 ksoftirqd+
5 root 0 -20 0 0 0 S 0.0 0.0 0:00.00 kworker/0+
6 root 20 0 0 0 0 S 0.0 0.0 0:00.14 kworker/u+
7 root rt 0 0 0 0 S 0.0 0.0 0:00.00 migration+
8 root 20 0 0 0 0 S 0.0 0.0 0:00.00 rcu_bh
9 root 20 0 0 0 0 S 0.0 0.0 0:00.40 rcu_sched
第1行:系统时间、运行时间、登录终端数、系统负载(三个数值分别为1分钟、5分钟、15分钟内的平均值,数值越小意味着负载越低)。
第2行:进程总数、运行中的进程数、睡眠中的进程数、停止的进程数、僵死的进程数。
第3行:用户占用资源百分比、系统内核占用资源百分比、改变过优先级的进程资源百分比、空闲的资源百分比等。其中数据均为CPU数据并以百分比格式显示,例如“97.1 id”意味着有97.1%的CPU处理器资源处于空闲。
第4行:物理内存总量、内存使用量、内存空闲量、作为内核缓存的内存量。
第5行:虚拟内存总量、虚拟内存使用量、虚拟内存空闲量、已被提前加载的内存量。
第6行:
PID — 进程id
USER — 进程所有者
PR — 进程优先级
NI — nice值。负值表示高优先级,正值表示低优先级
VIRT — 进程使用的虚拟内存总量,单位kb。VIRT=SWAP+RES
RES — 进程使用的、未被换出的物理内存大小,单位kb。RES=CODE+DATA
SHR — 共享内存大小,单位kb
S — 进程状态。D=不可中断的睡眠状态 R=运行 S=睡眠 T=跟踪/停止 Z=僵尸进程
%CPU — 上次更新到现在的CPU时间占用百分比
%MEM — 进程使用的物理内存百分比
TIME+ — 进程使用的CPU时间总计,单位1/100秒
COMMAND — 进程名称(命令名/命令行)
lsof命令
lsof命令用于查看你进程打开的文件,打开文件的进程,进程打开的端口(TCP、UDP)
-i<条件>:列出符合条件的进程。(4、6、协议、:端口、 @ip )
[root@ken ~]# lsof -i :22
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 867 root 3u IPv4 19361 0t0 TCP *:ssh (LISTEN)
sshd 867 root 4u IPv6 19370 0t0 TCP *:ssh (LISTEN)