Network Protocol (NetworkProtocol): regular computer network for data exchange established set of standards or conventions;
TCP / IP: Transmission Control Protocol / Internet Protocol (Transmission Control Protocol / Internet Protocol)
The IP : providing communication between the host and the host
TCP : On the basis of host communication on the completion of two communications on the host process and the process of
IP protocol is a network layer protocol , which is to achieve interconnected computers designed for communication protocol, which implements the automatic routing function, i.e., automatic routing function.
TCP is a transport layer protocol , which shields the properties of the IP protocol unreliable transport downwardly to provide reliable data transmission connection-oriented point upwards. TCP superior in reliability and safety assurance. UDP is a transport layer protocol, it provides a non-connection-oriented, unreliable data transmission, mainly some applications require faster data transmission, such as most file transfers within the LAN is based on UDP. UDP on the transfer rate faster, with less overhead.
TCP / IP core protocol is TCP , UDP and IP protocol;
TCP / IP is a packet switching protocol, is divided into a plurality of information packets transmitted over the Internet, and then reach the receiving side combinations of these packets into the original message
² STMP protocols: SMTP is a reliable and efficient transmission of e-mail protocol provided. SMTP is to establish a mail service on FTP file transfer services, mainly for e-mail transmission of information between systems and provides notification of an incoming call.
² POP3: full name "PostOfficeProtocol-Version3", or "Post Office Protocol version 3." It is the TCP / IP protocol suite one. This protocol is mainly used to support the use of client remote management server e-mail on. Providing SSL encryption POP3 protocol is called POP3S.
² ICMP is (Internet Control Message Protocol) Internet Control Message Protocol. It is a sub-protocol TCP / IP protocol suite, for passing control messages between IP hosts, routers. Belonging to the network layer protocol; refers to the network through a control message fails, whether the host is reachable, a message such as whether the available route network itself. These control messages, while not transmitting user data, but for the transfer of user data plays an important role.
Port number: To identify the data belonging to that process, the need for TCP communications process to assign a unique number to identify it, this number is, we often say that the port number. Port and corresponding services:
21: FTP (File Transfer Protocol),
22:SSH、
23: Telnet (remote login) service,
25: SMTP (Simple Mail Transfer Protocol)
53: DNS domain name server,
80: HTTP Hypertext Transfer Protocol
110: POP3 mail protocol 3,
443:HTTPS、
1080:Sockets
1521: Oracle Database default interface,
3306: MySQL Service
TCP three-way handshake, waving four times;
Three-way handshake:
The first handshake: a client sends syn packets (syn = x) to the server, and enters SYN_SEND state, waiting for the server to confirm;
Second handshake: server receives syn packets, must confirm the customer SYN (ack = x + 1), while themselves sends a SYN packet (syn = y), i.e., SYN + ACK packet, then the server enters a state SYN_RECV;
Third handshake: the client receives the SYN + ACK packet to the server, the server sends an acknowledgment packet ACK (ack = y + 1), this packet is sent, the client and server into the ESTABLISHED state, complete the three-way handshake.
Bag handshake does not include the transfer of data, after three-way handshake is completed, the client and server before the official start transferring data. Ideally, TCP connection, once established, before any party in the communication of the two parties take the initiative to close the connection, TCP connection will be kept down.
Confirmation Number: transmitting the transmission sequence number equal to its value +1 side (i.e., the receiver expects to receive next sequence number).
Four wave:
Establish a connection with the "three-way handshake" Similarly, disconnect a TCP connection is required "waved four times."
The first wave: Active close sends a FIN, for closing the active side to the closed side of the passive data transfer, that is, take the initiative to close the square to tell passive close side: I've made will not give you the data (of course, the fin before the packet data sent out, without receiving a corresponding acknowledgment message ack, still actively closed side retransmits the data), but, this time actively closed side can accept data.
Second wave: passive shutdown has received the FIN packet, sends an ACK to each other, for the receipt of the acknowledgment number No. + (the same SYN, FIN a occupy a sequence number).
Third Wave: Passive closed sends a FIN, for closing the passive side to take the initiative to close the closed side of the data transfer, that is, to tell the initiative to close the party, I also send the data over, will not give you send the data.
The fourth wave: the initiative has received close after FIN, ACK to send a passive closed party, numbered receipt confirmation number +1 This completes the four wave.
TCP four times and waved process (short): active passive close close direction sends the information you send will not give up the data; passive close parties to take the initiative to close the party segments received confirmation; passive closing direction send me the initiative to close the party will not give up the information you send data; initiative to close the party once again confirm the passive closed party for confirmation.
Difference between TCP and UDP
(1)UDP:
Connectionless-oriented protocol, UDP data including destination port number and source port number information.
Advantages: the UDP fast, simple, requires fewer system resources, since no connection communication, broadcast transmission can be realized.
Cons: Before sending UDP data does not establish a connection with each other, the received data does not send a confirmation signal, the sender does not know whether the data is correctly received, do not send repeat, is not reliable.
(2)TCP:
Connection-oriented protocol, through the three-way handshake to establish a connection, four wave communication is completed.
Advantages: the TCP when the data transfer with confirmation window, retransmission, obstruction control mechanism, to ensure data accuracy, more reliable.
Drawback: TCP UDP relative speed a bit slower, requires more system resources
( 3 ) the difference between: TCP and UDP
1.TCP focus on data security, UDP data transfer speed, since no connection waiting, much less operate, but its security, but in general;
2. TCP transmission unit segments called TCP packets, UDP user datagram transmission unit is called.
3.TCP provide reliable connection-oriented data stream transmission, and unreliable transmission of UDP data stream to provide a non-connection-oriented.
( 4 ) Why tcp communication protocol based on a ratio udp more reliable communication protocol?
tcp: a reliable partner to acknowledge receipt of the message, only to send the next one, if it did not receive a confirmation message retransmission;
udp: no reliable data has been sent, no response from the other side;
HTTP: HyperText Transfer Protocol (Hypertext Transfer Protocol)
HTTP is an application layer protocol, composed of a request and response, is a standard client-server model.
HTTP is a stateless protocol. Port 80, based on the TCP protocol package comprising a request (request) and response (Response);
HTTP is the most widely used on the Internet A network transport protocol, all WWW documents must comply with this standard.
Http request common request header?
User-Agent: browser type, if the contents of the return Servlet browser type related to the value very useful.
Cookie: This is one of the most important request header
Content-Type: Request Type
HTTP protocol communication flow:
[Common Gateway Interface (Common Gateway Interface, CGI)]
[CGI programs are stored on the HTTP server, provide each other "talk" means software applications other than the user and the HTTP server]
[CGI applications running on the server system, the browser may request, require the use of server CPU time and memory during execution. If there are thousands of such programs will be run at the same time, it will have enormous demands server system. To carefully consider this issue, in order to prevent the server from a system crash. ]
[Imperfect CGI application may become illegal to enter someone else's channel server system, may lead to important information is deleted or leakage. ]
Content Browser displays have HTML, XML, GIF, Flash and other browser through MIMEType distinguish between them, to decide what content to show in what form.
HTTP message structure
- HTTP is based on a client / server (C / S) architecture model, to exchange information via a secure link;
- HTTP uses uniform resource identifier (Uniform Resource Identifiers, URI) to transmit data and establish a connection.
- Uniform Resource Locator System (uniform resource locator, URL) on the Internet for Web service program representations specified location information; IMS IMS network is the user's "name", that is, the identity of the IMS user identity;
Client request message
The client sends a request to the HTTP server request message comprises the following format: request lines (requestline), the request header (header), a blank line, and a data portion composed of four requests, the figure shows the general format of the request packet.
Server response message
HTTP response also consists of four parts, namely: a status line, message header, and response body blank line.
The method of HTTP request
The standard HTTP, HTTP request can use several request methods.
HTTP1.0 request defines three methods: GET, POST, and HEAD method.
HTTP1.1 six new request methods: OPTIONS, PUT, PATCH, DELETE, TRACE, and CONNECT method.
The difference between GET, POST method
l get focused on access to resources from the server, post focusing on sending data to the server;
l get the transmission data is the URL request to the Field (Field) = value placed after the URL, and with the connection between the plurality of data requests "&" connected, such as http "?": //127.0. 0.1 / Test / login. ? Action name = admin & password = admin, the process visible to the user; post data transmitted via the post Http mechanism of the storage field corresponds to the value in the request sent to the server entity, this process is not visible to the user;
L Get a small amount of data transmission, because by the URL length limit, but a higher efficiency; Post can transmit large amounts of data, so the only way to upload files with Post;
l get is unsafe, because the URL is visible, it may reveal private information, such as passwords and so on; post higher than get security;
l get way can only support ASCII characters, transfer to the server Chinese characters may be garbled; post supports the standard character set, you can transfer Chinese characters correctly.
Common HTTP header fields
A , common header fields (header field request packets and response packets are used)
a Date: Create a message Time
Connection: managing connections
Cache-Control: cache control
Transfer-Encoding: The message body is transmitted encoding
B , a request header field (request packet will use header field)
the host: request resource is a server
Accept: media type can handle
the character set that can be received: the Accept-the charset
the Accept-encoding: acceptable content encoding
Accept- language: acceptable natural language
C , the response header field ( header field of a response packet will use)
the Accept-Ranges: bytes acceptable range
Location: make the client to redirect the URI
server: HTTP server installation information
d , the entity header field (header field of the request packet and response packet entities partially used)
the Allow: resources to support HTTP methods
Content-type: entity main class type
Content-encoding: the entity body of encoding to be
Content- language: entity body of natural language
Content-Length: the number of bytes of the entity body
Content-Range: entity-body position range, typically used for issuing a request portion
HTTP disadvantages as the HTTPS
A, using plaintext communication is not encrypted, the contents can be tapped
B, does not validate the identity of the communicating parties, may have been disguised
c, can not verify message integrity, may be tampered
HTTPS is HTTP plus encryption processing (SSL secure communication link typically) + + integrity protection certification
HTTP optimization
Load balancing optimization and application acceleration HTTP
HTTPCache to optimize the use of the site
http connection once the whole process:
From the user initiates a request- to user acceptance of the Response ;
DNS - "initiates a TCP three-way handshake -" Building initiate http request after a TCP connection - "Server response http request, the browser get html code -" browser parses the html code and requests html code resources ( as js, css, images, etc.) - "browser page rendering to the user.
http requests and feedback process:
l DNS
DNS checks in order: the browser itself DNS cache --- "OS own DNS cache -" read the host file - "Local Domain Name Server -" domain name server authority - the "root name servers. If there is and has not expired, the end of this DNS. After a successful domain name resolution, follow-up operation
l tcp3-way handshake to establish a connection;
L After connection is established, initiating the http request;
l http server in response to the request to obtain the contents of the browser http requests;
l browser parses the html code, and requests the html code resources;
l browser page rendering, demonstrated in front of the user;
The difference between http and https
ca https protocol needs to apply for a certificate (CA-certificateauthority certification authority);
http hypertext transfer protocol, information is transmitted in the clear, https is encrypted with a security ssl transfer protocol;
http and https use is completely different connections, with the port are not the same, the former is 80, which is 443.
Http connection is very simple, is stateless;
HTTPS protocol is the SSL (Secure Socket Layer) + construct the HTTP protocol may be encrypted transmission, network authentication protocol, the http protocol than security;
Note: the SSL (Secure Sockets Layer): to provide security and data integrity of a secure communications protocol for the network.
SSL protocol provides services mainly include:
1. Server and user authentication to ensure data is sent to the correct client and server;
2. Encrypting data to prevent the data from being stolen way;
3. Maintain data integrity to ensure that data is not changed during transmission
to sum up:
Https CA certificate needs ciphertext transmission, port 443; (encryption, authentication, integrity protection)
Http does not require a certificate, is transmitted in plaintext, using 80-port;
Http request common request way?
There are eight kinds of request methods, respectively:
GET: Request by the resource identified by the Request-URI.
POST: Additional new data in the resource identified by the Request-URI.
HEAD: Request Response message header by the resource identified by the Request-URI.
OPTIONS: Request query performance servers, or other relevant resource options and needs.
PUT: a storage resource request to the server, and as the Request-URI with its identity.
DELETE: requests the server to delete the resource identified by the Request-URI's.
TRACE: echo request server request information received, the main language test or diagnosis.
CONNECT: HTTP / 1.1 protocol can be reserved for connection to the proxy server Ducted
Http request common request header?
The Accept : the browser can accept media types, the wildcard * to represent any type
-Encoding the Accept : Browser affirm their coding method of receiving, for example: Accept-Encoding: zh-CN , zh; q = 0.8
Language-the Accept : browser affirm their own language received,
Connection : As Connection: keep-alive after a page opens when completed, between the client and the server for TCP, HTTP data transmission connection is not closed, if the client again visit this page on the server, we will continue to use this one already connection establishment.
Referer : When the browser sends a request to the web server, usually bring Referer, I tell the server which page links from over, whereby you can get some information about the server for processing.
Agent-the User : tell the HTTP server, operating system and browser used by the client name and version.
Cookie : Cookie is used to store information in order to allow some users to the server to identify the user's identity (most sites need to log in above would be more common), such as cookie will store some user name and password when the user logs in the client will produce a cookie to store information, so that the browser reads the cookie to verify the information on the server and will be judged by after you are a legitimate user, allowing to view the page.
Http and Https difference?
Hypertext Transfer Protocol (HTTP) protocol is used between the Web browser and the web server to transmit information, HTTP protocol to send the content in plain text, data encryption does not provide any way, if an attacker intercepts a Web browser and a web server between transmission packets, it can directly read the information in it, therefore, HTTP transmission protocol is not suitable for sensitive information, such as: credit card numbers, passwords and other payment information.
To address this shortcoming HTTP protocol, you need to use another protocol: Secure Sockets Layer Hypertext Transfer Protocol HTTPS, for secure data transmission, HTTPS added SSL protocol based on HTTP, SSL relies on certificates to authenticate the server identity and encryption for communication between browsers and servers.
Get and Post
get is to obtain data from the server, post the data is transmitted to the server. In the client, get through the URL submission of data, the data can be seen in the URL; post way, data is placed in the HTML HEADER submitted. For get way, the server side with Request.QueryString variable value acquisition for post embodiment, the server acquires data submitted by Request.Form. Get data submitted data will bring some security issues, such as a login page when submitting data through Get way, the user name and password will appear in the URL, the page can be cached or if others can access the client machine, you can be obtained from the history of the user account and password, it is recommended that the form is submitted by the Post method; small amounts of data using a get, a lot of data to use post.
Http optimization? (Response header Content-Encoding: gzip)
1 , connected in parallel
It may be achieved by transmitting data in parallel to establish a plurality of connecting channels tcp, increase the response speed of the page. Parallel connections using TCP RTT delay can be reduced and further connected to a short delay of slow start affect to some extent;
2 , long connection
HTTP / 1.1 Keep-Alive option is enabled by default, and is pipeline mode. Such established TCP connection, you can take in multiple requests. (Note: pipline is currently limited to GET and HEAD requests)
3. Cache
3.1 Cache-control for controlling the cache. When a client sends a request contains max-age instruction, if it is determined caching layer, the cache time value of resources is smaller than the time data is specified, then the client can accept cached resource; when max-age = 0, it indicates the client does not accept the cache, the cache layer needs to forward the request to the application cluster (usually a demanding real-time requirements of service).
3.2 If-Modified-Since the cache is also about the role of this option is: If the server's resources updated after a certain time, then the client should download the latest resources, otherwise the server returns a response "304 Not Modified", and this can also save bandwidth.
Status Code Http request?
Common response status codes are as follows, are listed several common status codes in the various following:
1 at the beginning of (information)
2 beginning (successful)
200 (OK): request is successful, a successful operation
202 (Accepted): has accepted the request, not processed
204 (NoContent): the request succeeds, and does not need to return content
3 at the beginning (redirect)
301 (MovedPermanently): the requested resource has been permanently moved to a new location
301 (MovedTemporarily): The requested resource has been temporarily moved to a new location
4 beginning (Client Error)
400 (BadRequest): Semantic or wrong request parameters
403 (Forbidden): The server is refusing the request; restricted access, authorization expired (error)
404 (NotFound): requested resource is not found; resources, server not found
Beginning 5 (server error)
500 (InternalServerError): The server encountered an error and can not fulfill the request
502 (BadGetway): Error gateway, the server is typically connected to the pressure causes the timeout
503 (ServiceUnavailable): Server down
504: Gateway Timeout, as a gateway or proxy server, but the request is not received from the upstream server.