A, OSI RM model and TCP / IP model
1. OSI RM model
OSI RM (Open System Interconnect Reference Model, the Open Systems Interconnection Reference Model) is defined by the International Standards Organization ISO, interconnect standard specifications of the different systems, so that two different communication systems can more easily. The network in accordance with the OSI RM is divided into seven levels, followed by the physical layer, data link layer, network layer, transport layer, session layer, layer identifier, the application layer.
- The physical layer
is responsible for the bit-by-hop from (node) to another hop (node); definition of the physical characteristics of the interface and the media; a defined bit representation, data transmission rate, transmission mode signal; define physical network topology.- The data link layer
over unreliable physical link, to provide reliable data transmission services, the frame from hop (node) to another hop (node); framing, physical address, flow control, error control, then the control- The network layer
provides a logical address to a network device; routing, routing table maintenance; responsible for transmitting packet data from source to destination- Transport layer
is responsible for establishing the connection from end to end to ensure that packets are transmitted between service points addressed end to end, segmentation and reassembly, connection control, flow control, error control- The session layer
is responsible for establishing, managing and terminating the session connection between the layers represent entities, provided between the session control devices or nodes, the coordination process between the communication system- Represents a layer
over the encoding and decoding, data encryption and decryption, data compression and decompression of data- The application layer
provides the interface for the application software, enables applications to use network services
2. TCP / IP model
Practical applications typically use TCP / IP model. The seven layer model OSI RM simplified TCP / IP 4-layer model, i.e. the host to the network layer, the network interconnection layer, the transport layer, application layer
- Host-to-network layer
corresponding to the OSI RM model the physical layer and the data link layer, is responsible for monitoring data exchanged between the host and the network- Network interconnection layer
corresponding to the OSI RM network layer model, the packet is sent to the destination network or host- The transport layer
corresponding to the OSI RM model transport layer, so that the peer entity on the source host and the destination host can end a session- The application layer
corresponds to the session layer in the OSI RM model, presentation layer and application layer, providing network services for applications
Two, ICMP protocol
ICMP (Internet Control Message Protocol, Internet Control Message Protocol) is an important network layer protocol, the transfer between network devices error, control, query and other information.
- ICMP redirect
ICMP Redirect redirect messages to support routing functions. Packet transmitted from the source to the destination directly, without first sending to the gateway device, the gateway device and then transmitted to the destination- ICMP error detection
ICMP Echo message used in the communication network between the source and diagnostic purposes, for error detection.- ICMP error reporting
when the network can not access the target device, automatically sending ICMP destination unreachable packets to the end device occurs.- Ping command
Ping command is used to detect network connectivity tool. ping command specifying different parameters, such as length of ICMP packets, the number of transmitted ICMP packet, waits for a reply in response to timeout.- Tracert command
Tracert TTL value based on the packet header to track the path hop by hop forwarding messages. The source packets TTL value is 1, after reaching a first node, the TTL expires, sending TTL exceeded message to the source, the source and set the TTL value of the packet is 2, and so on until the destination ground.
Three, ARP protocol
ARP (Address Resolution Protocol, ARP), is used to resolve an IP address corresponding to the MAC address. ARP protocol used in radio networks, point to point link not using the ARP protocol. The data link layer encapsulation during data required destination MAC address. ARP packets can not pass through the router and can not be forwarded to another broadcast domain.
1. ARP packet type
Type of ARP packets and ARP Request into ARP Reply, packet structure is as follows
- In an Ethernet network type, the frame type field is 0x0806, 0x0800 protocol type field
- Operation op field indicates the type of four operations: ARP Request, ARP Reply, RARP Request, RARP Reply
2. ARP resolve
After shown, need to access PC1 PC3 below, PC1 is first sent ARP Request, the switch SW receives the ARP Request, broadcasts change ARP Request, PC2 and PC3 will receive ARP Request, PC3 receives the ARP Request, sending ARP Reply to the SW, and SW forwarded
ARP Reply to PC1, PC1 receives the ARP Reply, and normal communication can PC3.3. ARP Cache
ARP cache is used to store information associated with the IP address and MAC address. Before sending data. ARP cache lookup table the device, the other device if there is a cache table, the MAC address, the MAC address is used directly encapsulated frame; if the cache table does not exist, a request is sent ARP Request packets.
4. ARP proxy
If the ARP request is a physical network to a further physical network to another, then connecting the two network devices may respond to the ARP request, this process is called ARP proxy (Proxy ARP). Routed into Proxy ARP Proxy ARP, VLAN Proxy ARP and between the inner VLAN Proxy ARP.
- Routed Proxy ARP
scenario: The host needs to communicate (no default gateway is configured on the host computer) in the same network segment but not in the same broadcast domain- A VLAN Proxy ARP
scenario: hosts need to communicate in the same network segment, and belong to the same VLAN, but inter-port isolation is configured VLAN- Inter VLAN Proxy ARP
scenarios: hosts need to communicate in the same network segment, but belongs to a different VLAN
5. Free ARP
Gratuitous ARP to detect IP address is conflict. The host sends ARP Request broadcast packet, the destination IP address is the source IP address, destination IP address when in use, is received in response to the ARP Reply packets.
6. ARP aging time
Maintaining ARP cache on each host or device, ARP cache stored dynamic ARP entries. Host device or each transmission packet, the destination IP address to find the MAC address corresponding to the local cache. If there is a corresponding cache MAC address, or the device will not send an ARP request packet, but directly send the packet to the MAC address; cache if no corresponding MAC address, a host or device will broadcast sends an ARP request packet, an ARP address resolution. After reaching the device dynamic ARP entry aging time, the aging device sends probe packets (i.e. ARP request packet). Aging device sends probe packets can be unicast, broadcast packets can be. By default, the device only in the last send ARP aging detection message is broadcast mode, the rest are sent unicast mode. ARP aging time is normally 20 minutes.
Fourth, the transport layer protocol
Transport layer defines end to end between the host application connectivity, common transmission control protocol TCP and User Datagram Protocol.
-
The TCP
the TCP transport layer protocol is a connection-oriented, reliable transport service. TCP uses port numbers to distinguish between different network services. TCP three-way handshake to establish a reliable connection, through the four-way handshake to close the connection.
- The UDP
the UDP is a transport layer protocol-oriented, connectionless transmission reliability is not guaranteed.