Architecture 1.OSI, TCP / IP, five protocols, and protocol layers
OSI layer (layer 7): physical layer, data link layer, network layer, transport layer, session layer, presentation layer, application layer.
TCP / IP layered (Layer 4): a network interface layer, an Internet layer, a transport layer, application layer.
Five-layer protocol (layer 5): physical layer, data link layer, network layer, transport layer and application layer.
Each layer of the protocol are as follows:
Physical Layer: RJ45, CLOCK, IEEE802.3 (repeaters, hubs)
data link: PPP, FR, HDLC, VLAN , MAC ( bridges, switches)
Network layer: IP, ICMP, ARP, RARP, OSPF, IPX, RIP, IGRP, ( router)
transport layer: TCP, UDP, SPX
session layer: NFS, SQL, NETBIOS, RPC
presentation layer: JPEG, MPEG, ASII
application layer: FTP, DNS, Telnet, SMTP, HTTP, WWW, NFS
role of each layer is as follows:
the physical layer: the transmission bit through the media, to determine the mechanical and electrical specifications (bits bit)
data link layer: the framing bit and transfer assembly point (frame frame )
network layer: for data packet transmission from the source to the sink and internetworking (packet packet)
transport layer: provides reliable end to end error recovery and message delivery (Duan segment)
session layer: establishing, managing and terminating a session (session protocol data unit SPDU)
presentation layer: data translation, encryption, and compression (protocol data unit indicates PPDU)
application layer: means for allowing access OSI environment (application protocol data unit APDU)
Classification 2.IP address
Class A addresses: starts with 0, the first byte range: 1 ~ 127 (1.0.0.0 - 127.255.255.255);
Class B addresses: beginning 10, a first byte range: 128 ~ 191 (128.0.0.0 - 191.255.255.255);
Class C addresses: beginning 110, a first byte range: 192 ~ 223 (192.0.0.0 - 223.255.255.255);
Class D Address: 1110 starts with the first byte range: 224 ~ 239 (224.0.0.0 - 239.255.255.255); (used as a multicast)
Class E Address: Reserved
Wherein A, B, C is the base class, D, E type and reserved for use as a multicast.
The following is retained in the internal private address:
A Class 10.0.0.0--10.255.255.255
Class B 172.16.0.0--172.31.255.255
Class C 192.168.0.0--192.168.255.255
IP address and subnet mask phase and get the network number:
ip : 192.168.2.110&Submask : 255.255.255.0
----------------------------
Network number: 192.168.2 0.05
Note:
Host number, all 0 is the network number (e.g.: 192.168.2.0), host ID are all broadcast address (192.168.2.255) 1 of
3.ARP is ARP, simple language to explain the working principle
1: First, each host will establish a list of their ARP ARP buffer to indicate correspondence between IP address and MAC address.
2: When a source host to send data, corresponding to first checks whether the destination host IP address in the ARP table MAC address, and if so, send data directly, if not, sends ARP packets to all hosts on the network segment the contents of the data packet includes: the source host IP address, the IP address of the source host MAC address, the destination host.
3: When all the hosts of this network received ARP packet, checks whether the IP address of the first data packet is the own IP address, if not, the packet is ignored, if so, is first removed from the packet the source host IP and MAC address into the ARP list, if it already exists, it is overwritten, and then writes the ARP response packet own MAC address, a source told the host that he is the MAC address of its're looking for.
4: the source host receives the ARP response packet. The destination host IP and MAC address is written ARP list, and use this information to transmit data. If the source host has not received ARP response packet, it represents an ARP query failed.
ARP request broadcast transmission, unicast transmission ARP response.
4. Introduction of various protocols
ICMP protocol: Internet Control Message Protocol. It is a sub-protocol TCP / IP protocol suite, for passing control messages between IP hosts, routers.
TFTP protocol: the TCP / IP protocol suite, is used for trivial file transfer protocol between the client and server, providing less complex, less overhead file transfer service.
Protocol HTTP: Hypertext Transfer Protocol, it is a protocol belonging to the object-oriented application layer, due to its simple, fast way for distributed hypermedia information system.
NAT protocol: Network Address Translation genus access to wide area network (WAN) technology, is a kind of private (reserved) address conversion technology into a legitimate IP address,
the DHCP protocol: Dynamic Host Configuration Protocol, is a way for the system to be connected to the network on the configuration parameters and obtain the means required, using the UDP protocol work. Specific purposes: automatically assigns IP addresses to the internal network or Internet service provider to the user or an internal network administrator as a means for central management of all computers.
The RARP protocol is described
Reverse Address Resolution Protocol RARP is, is to be accomplished hardware address to IP address mapping, mainly for the diskless workstation, as a diskless workstation configured IP address can not be saved. Workflow: disposed in a RARP server in the network, which holds the mapping between IP addresses and MAC addresses, when the diskless workstation starts, wrapping an RARP packet, which has the MAC address, and then broadcast to the network up, when the server receives the IP address request packet, the MAC address Find charged response packet sent back to the requester. Because of the need broadcast request message, and therefore can only be used for RARP network has broadcast capability.
6.TCP four three-way handshake and waved the whole process
Three-way handshake:
first handshake: a client sends syn packets (syn = x) to the server, and enters SYN_SEND state, waiting for the server to confirm;
second handshake: server receives syn packets, must confirm the customer SYN (ack = x +1), while themselves sends a SYN packet (syn = y), i.e., SYN + ACK packet, then the server enters a state SYN_RECV;
third handshake: the client receives the SYN + ACK packet to the server, the server sends an acknowledgment packet ACK (ack = y + 1), this packet is sent, the client and server into the ESTABLISHED state, complete the three-way handshake.
Bag handshake does not include the transfer of data, after three-way handshake is completed, the client and server before the official start transferring data. Ideally, TCP connection, once established, before any party in the communication of the two parties take the initiative to close the connection, TCP connection will be kept down.
Four wave:
the establishment of a "three-way handshake" connection similar to disconnect a TCP connection is required "four-way handshake."
The first wave: Active close sends a FIN, for closing the active side to the closed side of the passive data transfer, that is, take the initiative to close the square to tell passive close side: I've made will not give you the data (of course, the fin before the packet data sent out, without receiving a corresponding acknowledgment message ack, still actively closed side retransmits the data), but, this time actively closed side can accept data.
Second wave: passive shutdown has received the FIN packet, sends an ACK to each other, for the receipt of the acknowledgment number No. + (the same SYN, FIN a occupy a sequence number).
Third Wave: Passive closed sends a FIN, for closing the passive side to take the initiative to close the closed side of the data transfer, that is, to tell the initiative to close the party, I also send the data over, will not give you send the data.
The fourth wave: the initiative has received close after FIN, ACK to send a passive closed party, numbered receipt confirmation number +1 This completes the four wave.
7. Enter the whole process is executed after www.baidu.com in the browser
1, the client browser resolves to the IP address of 220.181.27.48 www.baidu.com by DNS, find the path through the client to the server IP address. The client browser makes an HTTP session to 220.181.27.48, then encapsulating packets via TCP, input to the network layer.
2, the transport layer of the client, the HTTP session request is divided into segments, to add the source and destination ports, such as a server port 80 to listen for client requests, the client by the system randomly selects a port such as 5000, are exchanged with a server, the server the corresponding request back to the client port 5000. Then use the IP layer destination IP address lookup.
3, client network layer do not care about what the application layer or the transport layer, the main job is to determine how to get through the routing table lookup server, you may go through multiple routers period, these are done by the router to work, I do not make too much description, nothing more than a decision by the routing table to reach the server through that path.
4, the client link layer packet sent to the router through the link layer, a MAC address to find the IP address given by the neighbor protocol, and then sends an ARP request to find the destination address, if after the response can be obtained using ARP request reply exchanges IP packets can now be transmitted, and then transmits the IP packet arrives at the address of the server.
And UDP difference 8.TCP
TCP provides a reliable connection-oriented data stream transmission, and unreliable transmission of UDP data stream to provide a non-connection-oriented.
TCP transmission unit segments called TCP packets, UDP user datagram transmission unit is called.
TCP require data security, UDP data transfer speed, since no connection waiting, much less operate, but its security, but in general.
Corresponding protocol and UDP protocol corresponding to TCP
TCP protocol corresponding to:
(. 1) the FTP: File Transfer Protocol is defined, using port 21.
(2) Telnet: one kind of remote landing port for using 23 ports, users can connect remotely to their identity to the computer-based communication services available in DOS mode.
(3) SMTP: mail transfer protocol for sending messages. Open server is port 25.
(4) POP3: and it corresponds SMTP, POP3 for incoming mail. POP3 protocol used is port 110.
(5) HTTP: Web server is transmitted from the hypertext transfer protocol to the local browser.
UDP protocol corresponding to:
(. 1) the DNS: Domain Name Service used to convert the domain name addresses to IP addresses. DNS is used in 53 ports.
(2) SNMP: Simple Network Management Protocol, use of port 161, is used to manage network devices. Because a lot of network equipment, connectionless service to reflect their superiority.
(3) TFTP (Trival File Transfer Protocal), trivial file transfer protocol, which is well known to use the service on UDP port 69.
9.DNS Domain Name System, a simple description of how it works.
When a DNS client needs to use the name in the program, it queries DNS servers to resolve the name. Each client sends the query information includes three pieces of information: including: The specified DNS domain name, specify the type of query, the DNS domain name specified category. Based on UDP service port 53. The user application is generally not used directly, but for applications to other services, such as HTTP, SMTP or the like which needs to be done to convert the host name of IP addresses.
10.TCP the three-way handshake? Why would three-way handshake, the use of secondary handshake can do?
Connection establishment procedure is to use client-server model, the client is assumed to host A, host B to the server.
(1) TCP three-way handshake procedure: Host A sends a connection request to B; segments host B receives the packet from Host A confirmation; Host A Host B again confirm acknowledgment.
(2) three-way handshake is to prevent the failure of the connection request packet to the host suddenly segment B, thereby generating an error. Failure connection request segment means: Host A sends a connection request acknowledgment is not received host B, so after a period of time, the host A transmits a connection request again to host B, and successfully established, the data transfer sequence is complete. Consider a special case, the connection request Host A first transmission was not lost, but because of the network nodes causes a delay to reach host B, host B that is connected to the host A has launched a new, so hosts B agree connections and a confirmation is sent back to the host, but this time the host a will not bother, host B has been waiting for the host a sends data, resulting in a waste of resources of the host B.
(3) the use of two-way handshake does not work, the reason special case is above that the effectiveness of the connection request.
11. understand the concept of switches, routers, gateways, and know the purpose of each
1) Switch
on the computer network system, the switch is for a shared mode of weakness and launched. And the switch has an internal high-bandwidth back bus switch matrix. All ports of the switch mounted on the back of this bus, When the control circuit receives the packet, the process looks port memory address table to determine the purpose of MAC (NIC hardware address) of the NIC (network card) linked connected to which port, quickly transferred through the internal switching matrix data packet to the destination port. Destination MAC if not, switch it broadcast to all ports, the switch will respond after receiving the port "learn" the new address, and add it into the internal address table.
Switch operating in the second layer of the OSI reference model, i.e., the data link layer. The interior of the CPU when the switch is successfully connected to each port, it is learned by the ARP protocol MAC address, saved as an ARP table. In future communications, destined to the MAC address packets sent to the corresponding port only, and not all ports. Thus, the switch can be used to divide the data link layer broadcast, i.e., collision domains; however, it does not divide network layer broadcast, i.e., broadcast domain.
Layer 2 network switches are widely used in the exchange, commonly known as "switcher."
Switch types are: switcher, three switches, four switches, each switch operate in seven of the OSI model in the second layer, third layer, fourth layer, the seventh layer boxes, and hence the name .
2) Router
router (Router) is a computer network equipment, provides two important mechanisms for routing and forwarding, from the source may decide to end the data packet routing path (transmission path between the host to host) through which the destination, this process is called route; router input packet is transferred to the appropriate output of the router (router in the inside), which is called transfer. Routing works on the third layer of the OSI model - i.e. a network layer, such as Internet Protocol.
The role of a router is different communication network and the other role is to select the information transmission lines. The difference between routers and switches, routers belonging to OSI layer product, switches the product (especially where the switcher) a second layer of OSI.
3) Gateway
Gateway (Gateway), the name suggests is a gateway device connected to two networks, different router (for historical reasons, the router (Router) a lot of literature on TCP / IP, once the network layer is called the gateway uses in many of today's local area network gateways are routed to the access network, now commonly refers to the IP router), or small business network is often used in the home for connecting local area networks and the Internet. Gateway also often refers to a protocol device transformed into another protocol, such as voice gateway.
In conventional TCP / IP terminology, a network device were divided into two, one for the gateway (Gateway), the other is the host (host). The gateway can transmit data packets between networks, but the host can not transfer the data packet. The host (also called end system, end system), the packet subject to TCP / IP four-layer protocol processing, but in the gateway (also known as intermediary system, intermediate system) only needs to reach Internet layer (Internet layer), then decision path it can transfer. At the time, the gateway (gateway) and routers (router) has no difference.
In modern network terminology, different gateways (Gateway) router (Router) definition. Gateway (Gateway) can move data between different protocols and a router (Router) is a mobile data between different networks, equivalent to the traditional said IP gateway (IP gateway).
A gateway is a device connected to two networks, for voice gateway, he can be connected to the PSTN network and Ethernet, which is equivalent to VOIP, analog signals of different phones and converted into a digital signal through the gateway, and go join the agreement transmission. And then reduced to an analog telephone signal through the gateway, and finally to hear on the phone at the receiving end of time.
For Ethernet gateway can only be forwarded more than three packets, and this route is the same. The difference is that gateway routing table does not, he can only follow pre-set different network segments to be forwarded. The most important thing is the gateway port mapping, subnet users outside the network seems to be just an IP address outside the network corresponds to a different port, so it seems it will protect users within the subnet.
Reproduced in: https: //my.oschina.net/u/1186503/blog/1632944