- Three-way handshake tcp / ip and four waving What is the concept, and the status of the change process?
Three-way handshake: the reliability of TCP message from the first valid connection is established, it is carried out before the transfer, a handshake to establish a connection data by three times in the so-called three-way handshake TCP connection is established, the client and the server needs a total of 3 packets sent to confirm the establishment of the connection.
State changes: The first handshake: The client sent to the server, the client enters SYN_SENT after sending state; second handshake packet server sends back an acknowledgment (ACK) response, after sending is completed, the service
end enters SYN_RCVD state; third handshake: the client sends a packet acknowledgment (ACK) again, the client enters ESTABLISHED state, when the server receives the packet, it enters ESTABLISHED state, the end of the TCP handshake.
Four wave: Four waving indicate when TCP disconnected, the client and the server needs to send a total of four packages to confirm the connection is disconnected; the client or the server can initiate wave action (because TCP is a full-duplex Engineering protocol), the socket programming, either performing close () operation to produce hand-waving operation.
State changes:
the first wave (FIN = 1, seq = x )
assumes that the client wants to close the connection, the client sends a FIN flag for the package 1, he said he had no data can be sent, but still can accept data . After the transmission is completed, the client enters FIN_WAIT_1 state.
The second wave (ACK = 1, ACKnum = x + 1)
server client acknowledgment FIN packet, sends an acknowledgment packet, that he receives the client's request to close the connection, but not ready to close the connection. After the transmission is completed, the server enters CLOSE_WAIT state, after the client receives the acknowledgment packet enters FIN_WAIT_2 state, waiting for the server closes the connection.
The third wave (FIN = 1, seq = w )
when the server is ready to close the connection, sends a connection request to the client end, FIN is set to 1. After the transmission is completed, the server enters LAST_ACK state, a wait for the final ACK from the client.
The fourth wave (ACK = 1, ACKnum = w + 1)
client receives a close request from the server, sends an acknowledgment packet, and enters the TIME_WAIT state, waiting for an ACK packet requires retransmission may occur.
After the server receives the acknowledgment packet, the connection is closed, enters the CLOSED state.
Establishing a connection requires three times, four times the need to disconnect Why?
Because when the three-way handshake is because Client Server side terminal receives a connection request SYN packet, it can be sent directly SYN + ACK packet. Wherein the ACK message is used for response, SYN etc is used to synchronize the packet. But the connection is closed, when the Server side FIN packet is received, probably does not close SOCKET immediately (because there may be a message not processed), we can only respond to a first ACK packet, told Client-side, "you issued FIN message I received. " Only until the end of all my Server messages are sent over, I can send FIN packets, and therefore can not be sent together. It requires a four-step handshake.Three-way handshake What are unsafe?
It will be SYN attack.
In the three-way handshake process, Server after sending the SYN-ACK, before receiving the ACK TCP connection is called the Client connection half (half-open connect), Server SYN_RCVD state at this time, when the ACK is received, Server into ESTABLISHED status. Client SYN attack is a large number of forged IP address does not exist in a short time, and continue to send Server SYN packet, Server reply to the confirmation packet, and wait for confirmation of the Client, since the source address does not exist, therefore, Server requires constant weight hair until the timeout, the forged SYN packet will take up production time is not connection queue, leading to the normal SYN requests because the queue is full are discarded, thereby causing network congestion or even system failure. When a typical SYN attack DDOS attack, attack detection SYN very simple way, i.e. when the half-Server connected state and a large number of the source IP address is random, it can be concluded SYN were attacked.TCP and UDP difference? TCP is by what means to ensure the reliability of
1, the difference connectivity
The TCP [connection-oriented] (e.g., dial-up connection is established first call).
Without establishing a connection before the UDP is a connectionless, i.e., the transmission data.
2, the difference between safety
TCP provides reliable service, data transfer via TCP, error-free, not lost, not repeat, and arrive in order.
UDP best effort, that does not guarantee reliable delivery.
3, the difference in transmission efficiency
TCP transmission efficiency is relatively low.
UDP high transmission efficiency for a higher communication or broadcast communication and high-speed real-time transmission.
4, the difference between the number of objects connected
TCP connection can only point to point, one to one.
UDP support one to one, one to many, and many-to-many interactive communication.
Before sending data through the TCP to establish a connection to ensure reliability.
-
What tcp four-layer network model and osi seven layer network model are? And the role of each layer
image.png
Comprising the application OSI layer, presentation layer, session layer, transport layer, network layer, data link layer, physical layer.
TCP includes an application layer, transport layer, network layer, network interface layer.
OSI model:
an application layer
of the OSI reference model layer closest to the user, the application provides a user interface to a computer, also provides users with a variety of network services directly. Web services protocols our common application layer are: HTTP, HTTPS, FTP, POP3 , SMTP and so on.
2 shows a layer
The presentation layer provides a variety of coding and conversion functions for application-layer data, a system to ensure that the application layer data can be transmitted to another system to identify the application layer. If necessary, the layer may provide a standard representation for the plurality of data inside the computer
3 Session Layer
Session layer is responsible for establishing, managing and terminating represents a communication session between the layer entities. The communication layer by the service requests and responses between the different devices in the application of the composition.
Transport Layer 4
Transport Layer established the role of the host end of the link, the transport layer to provide reliable end to end data transmission services and transparent upper layer protocols, the processing comprising error control and flow control problems. The top layer to shield the details of the underlying data communication, so that the user sees only high in a host entity to transfer between two hosts, and control settings by the user, and reliable data path. We usually say, TCP UDP is at this level. Both the port number where "end."
5 Network layer
of the present layer is established by the connection IP address between two nodes, as the source of the transport layer packet sent, select the appropriate routing and switching node, without error according to a destination address to send the transport layer. It is often said that the IP layer. This layer is what we often say that the IP protocol layer. IP protocol is the foundation of the Internet.
6 the data link layer
the bits into bytes, then the byte combination framing, the use of link-layer address (Ethernet MAC address) to access the medium, and performs error detection.
The data link layer is divided into two sublayers: a logical link control sublayer (LLC) sublayer and the media access control (MAC).
The MAC sublayer handles CSMA / CD algorithm, error checking data, framing and the like; LLC. Sublayer defines the last field enables to share a data link layer protocol. In actual use, LLC sublayer is not necessary.
7 The physical layer
transmission of the final signal is actually realized by the physical layer. Bitstream transmitted via the physical medium. The provisions of the level, speed and cable pins. Common equipment (a variety of physical devices) hubs, repeaters, modem, cable, twisted pair, coaxial cable. These layers are the physical transmission medium.
https://www.cnblogs.com/qishui/p/5428938.html have Comments
- What is the sliding window protocol? What is its principle is to achieve?
Sliding window (Sliding window) is a flow control technique. Early in a communication network, the communication network congestion does not consider the two sides of the transmission data directly. Because we do not know the network congestion status, send data, resulting in an intermediate node blocks substitution, who also can not send data, so there is a sliding window mechanism to address this problem; sending and receiving party will maintain a data frame sequence, this sequence It is called the window
The principle
Sending window: Allow the transmission side continuously transmitted frame number table.
The transmit end can not wait for a response maximum number of frames transmitted continuously referred to as the send window size.
Receive window: allow the recipient received frame sequence number table, where the received frame falls within the window, the receiver must process the received frame to fall outside the window are discarded.
Each receiver is permitted to receive frames known as size of the receive window
TIME_WAIT state on the server too many connections, how to solve?
https://www.jianshu.com/p/88a2740a60ad
how best to handle excessive TIMEWAIT
sysctl two kernel parameter change on the line, as follows:
net.ipv4.tcp_tw_reuse. 1 =
net.ipv4.tcp_tw_recycle =. 1
simply, is opened TIMEWAIT reuse and rapid recovery system, as to how to reuse and recycle fast, I did not get to the bottom of this issue, the actual scene do indeed have an effect. You will be able to conclude with netstat or ss observed.
Some friends will also open syncookies this function, as follows:
net.ipv4.tcp_syncookies = 1
The purpose of this open syncookies actually: "In the server resources (not just talking port resources, denial of service there are many insufficient resources) insufficient, as far as not to reject the TCP syn (connection) request, try to syn request cached, the ability to keep after a while when processing TCP connection requests of these. "
If concurrency is really very, very high, in fact, open the little use.What is the NIO, BIO, AIO? The difference between them?
First, synchronous blocking I / O (BIO):
synchronous blocking I / O, server model to achieve a thread connection, that the client has a connection request to the server you need to start a thread for processing, if this connection will not do anything unnecessary thread overhead, can be improved by a thread pool mechanism. BIO method is applicable to a relatively small number of connections and fixed architecture, this way of server resource requirements are relatively high, limited concurrent applications, previously only io jdk1.4 now, but the program intuitive and easy to understand
Second, the synchronous non-blocking I / O (NIO):
Synchronous non-blocking I / O, the server requests a mode of realization of a thread, i.e. a connection request sent by the client are registered to the multiplexer, the multiplexer polling is connected to the IO request only start a thread for processing. NIO connection number suitable for multi-mode and connected to short (light operation) architecture, such as chat server, limited concurrent applications, more complex programming, jdk1,4 began to support
three asynchronous non-blocking I / O (AIO):
Asynchronous Non-blocking I / O, a server implementation mode is a valid request thread, the client IO request is completed by the operating system to the server for processing and then notifies the thread with its promoter. AIO method is applicable to more than the number of connections and the connection is relatively long (heavy operation) architecture, such as the album server, call the OS to fully participate in concurrent operation, programming is more complex, jdk1.7 start support.
If you want to eat a kung pao chicken rice bowl:
Synchronous blocking: you go to a restaurant meal, then wait for that, even shouted: Well, not ah!
Non-blocking synchronization: End point meal in a restaurant, went to walk the dog. However slipped for a while, went back to the restaurant to shout: Well, not ah!
Asynchronous blocking: walking the dog when the restaurant received a phone call that the rice well, allowing you to personally pick up.
Asynchronous non-blocking: the restaurant called to say, we know your position, you will get over a peace of mind to walk the dog on it.
- Find out about multiplexing it? It is a realization of what principle?
Multiplexers Selector, is the basis of the NIO, multiplexers provide selected
capability selection is ready tasks, in simple terms, Selector will continue wheel
Channel on the registration exercise, if a new TCP above Channel
connect the access, read, write event, the Channel is in a ready state,
do technical people guiding light, do career mentor
will be polled Selector out, and then you can get through SelectionKey
ready Channel for I / O operations ; simultaneously a multiplexer may
poll multiple Channel. Through this mechanism can access thousands of customer
client
common IO multiplexing methods are [select, poll, epoll]
- What is the difference epool and select that?
select: the process can be done by one or more fd passed to the select system call, the process will be blocked on select operation, so select help us detect more fd is in a ready state. This mode has two disadvantages 1. Since he was able to simultaneously monitor multiple file descriptors, said that if there is 1000, this time if one fd in a ready state, then the current process requires that all polling fd linear, that is listening the more fd, the greater the performance overhead. 2. At the same time, select in a single process can open fd is limited, the default is 1024, TCP connection for those who need the support of thousands of stand-alone, it is a bit less epoll: linux also provides epoll system calls, epoll is based event-driven approach instead of sequential scans, so performance is relatively higher, the main principle is that when the listening fd, there fd ready, which will inform the current process a specific fd ready, you just need to go from the current process in addition to reading the data, epoll fd on line can support a maximum file handle of the operating system on the specified fd, this figure is much larger than 1024
参考资料:
--------------------------------
https://www.cnblogs.com/qishui/p/5428938 .html
https://www.jianshu.com/p/88a2740a60ad
https://www.jianshu.com/p/a660c17bb9ea
https://bbym010.iteye.com/blog/2100868