"Computer Network - top-down approach," the study notes, the first chapter, computer networks and the Internet

Disclaimer: On this blog series for record sum up their reading learning process. My purpose is to: practice and improve skills, knowledge comes down to ability. Share it with other readers of purpose: to help quickly learn the book knowledge architecture, not to encourage relevant for facing the front crash test.

Introduction:

Since it is the first computer network, we first have to know, What is a network? Network is a mesh structure of a plurality of nodes connected together. What is a computer network it? It is a computer network architecture to connect the nodes. Defined above, these also are very abstract structure, if you want to link to real life, then the Internet (that is, we usually say that Internet access) is now the largest computer network. Many behind the content of the book, are looking at this particular instance of a computer network - the Internet.

First, we can study two aspects separately from the Internet. That is, its hardware architecture (what things to do) and software architecture (what the rules of logic to exchange information)

Hardware configuration:

Since this is an Internet connected together to form a node, the network entity architecture can be divided into two parts so, nodes and nodes connected to edges (links) . The following are saying about the nodes and links about what it is.

node:

Since the Internet is a computer network, the most basic, it is the computer node sure thing. However, with the development of technology, in fact here that each node is a computer is not very appropriate, and now have more scope node has been expanded, such as: smart phones, game consoles dead fat house of the switch, and then small genius phone watches, etc., are also connected to the Internet, so also in the Internet can be seen as a node! So we put behind these devices collectively referred to as the host (host) or called end system (end system).

Edge (link):

In the real world, the task of connecting end system, carried out by two members together, respectively, communication links and the packet switch .

Communication link: The actual transmission line for information, there are many different physical structures, such as can be: coaxial cables, copper wire, fiber optic, radio spectrum and so forth. Some of them buried in the ground, some in the wall, and some wavy diffusion in heaven. Different cost, performance and other related transmission speeds are different (think about it, do not spend money you can become strong?).

Packet switch: in fact, for forwarding intermediate node, the simplest example is the family bought a router is a packet switch. So why such a forwarding an intermediate point of it, I now understand the fact, in order to reduce the length of the communication link, in addition to what good is it? Maybe later we will realize that other. (I guess there is ...

Internet Service Provider (ISP)

So this is a plus to it, neither nodes nor edges, but it and the actual construction of the network system has a great relationship. There is no doubt about it, who are buried underground cables go, maybe had been in the sea the sea, coupled with regular maintenance, even public facilities, the state pays, some organizations also need to manage Yeah. Here with our example, it is China Mobile, China Unicom, three telecom companies. They provide access to Internet services for users. You need to connect the physical level from your end devices to their network cable telephone lines, etc., and then to pay them, they will offer Internet service authorization, etc. for you. ISP will also appear in the back, now I understand it, it can be seen as a higher level than the user organization.

Software structure:

End systems, packet switches, and so on hardware in the Internet, if you need to exchange information between them, we need a consistent set of rules we all recognized, such as: send a message in what way, interpret information in what way ... we call this rule agreement .

protocol:

Using the Internet: the TCP (Transmission Control Protocol) and IP (Internet Protocol) to specify how to send and receive information.

Master of computer network in the field of process knowledge, is this: understand the composition of network protocols, principles, ways of working.

From the perspective of the hardware and software described above, the Internet, now, back to a way. In this network, from the network edge to the network core point of view to become more familiar with the network structure.

Network edge:

Probably some of the edge of the network end system (can be divided into customer (client) and server (Server) ) how to access the Internet. Then describe some of the physical structure of the access line network and the like. Types of knowledge accumulation.

Network Core:

This section describes the start packet when (some byte information) via transmission between end systems through packet switch when the packet switch-related operations. Now the movement information (link resource allocation), there are two strategies: circuit switching and packet switching .

Circuit switching:

Circuit switched preallocated fixed end link series path consisting of a well, during the both ends of the communication, has been occupying the resource, to ensure the stability of communication, but compared to another packet switching, but lower saturation of the link. So now gradually be eliminated.

Packet switching:

Packet switching is, a dividing data into a packet (similar to data packet), then sends each packet to a router (packet switch) and directly connected to the transmission side, the received packet to the router then according to its built-in forwarding continues to send the next packet switch which, in turn, until the packet reaches the receiver. Here it involves some concepts will be described in sequence, comprising: an output buffer , delay , packet loss , throughput .

Output caching : Because the packet is sent as a unit, and no group can occupy a fixed link, and may receive a short time but was too late to send multiple packets, each packet switch requires a buffer function, received into a packet buffer queue, and then sequentially transmitted sequentially.
Delay : delay of four: node processing delay, queuing delay, transmission delay, propagation delay. There is the literal meaning, is well understood. Queuing delay and packet switching is generated by a key, because it is volatile, guaranteed not to exceed a certain threshold in a certain degree of probability on. All in all, a very worthy of further study part of the discussion.
Loss : because the packet switch comes with the cache is not infinite, so in theory there will be more than the storage limit of time, this is the switch can only choose to drop some packets, which are called packet loss. And we certainly want to reduce the packet loss rate. This algorithm has many worthy of study. (If then I work to address issues related to this, it is still very challenging.
Throughput : is simply, ~~Baidu network disk~~ , the Thunder download speed, because a path of multiple links serially connected to each other, so that transmission speed is transmitted in all links slowest Flanagan limit. Because the amount of fluctuation, so points instantaneous throughput, average throughput, etc. different evaluation.

Network of networks

This concept alone come up with, it describes this massive computer network architecture is how to build up little by little.

Network structure 1

This structure First consider the simplest case, only one global transport ISP (routers and communication links constituting the network) all access ISP. Global transport is considered to be ISP provider, access is considered to be ISP customers. All access to the ISP pay only global transmission ISP.
Network structure 2

To prevent only one global ISP transmission monopoly, naturally produces a number of different global transport ISP companies to establish, first of all to achieve a transmission interconnection between these global ISP, then the ISP can access a selection of which will be paid connections.
Network architecture 3

Because some companies limited strength and want to make money, or for the convenience of management, it creates a regional ISP. Down, which is responsible for connection to an ISP access to a region; upward, and it is connected to pay the ISP global transport. This creates a hierarchy of three basic. But because it is difficult to define how much the size of the area considered doing so might have large areas, small areas, small area and so on, so can muster to ISP ISP to connect to a small area, even small areas to large regional ISP ISP, ISP produce large area connected to the ISP global transport such a structure. So it becomes a hierarchical structure of a real variable height.
4 network architecture

Then because there everyone has their own ideas, they are by constantly Scrapped, it gave rise to some of these structures: point of presence (PoP), multi-host, peer, Internet exchange point (IXP). It also allows the structure of the network more complex.
1. Point of Presence (PoP): In addition to accessing the ISP, other arbitrary levels are present. It is the provider of a network router or a plurality of groups (same location), high-speed links to third-party telecommunications provider, a router that is connected to the PoP, and a customer network router, to the purpose of information exchange. (This structure now is not very good understanding, and so back again - Review
2. Multihoming: In order to ensure stability of the information transmission, and a layer of a plurality of upper ISP ISP can connected so that it can also be used after the spare one upper ISP problems. This is a naturally think of.
3. Peer: If two regularly exchange information with the ISP level, but each time through the upper ISP transit, in some cases, it is very worthwhile, so they decided to own a direct connection, thus eliminating the need to top ISP payment process, the long term economic benefits.
4. Internet exchange point (IXP): IXP is equivalent to a meeting point, here with a plurality of other ISP. It is usually a fixed architecture, we can provide services such as nearby ISP.
Network architecture 5

Then some rich and powerful company, with sufficient strength can really establish a connection to the network structure around the world geographically, but it also has strong product landing capability and so on, so that it can build a "content provider network "to profit. The most typical is Google Inc., which was built around the first global data center server, they have their own dedicated TCP / IP networking, independent of the public Internet, which first ensure the closure of their data, and they have a special set aside Some interface to comprising: a top ISP, IXP, regional ISP, ISP access the like. Providing them with their own content services, search services may be, may be email services.

Protocol layers

Because the fast pace of development of Internet technology, high complexity of these characteristics, in order to minimize the impact of technology on the overall architecture of the new generation, we built this hierarchy.

Note that here I think is very instructive for the design of structures: it provides us with this idea of a package structure for data if you want to be a very complex process, we can be divided into several steps independently of each other in layers, each layer a step to complete the operation, and then for each layer an intermediate, it will only receive the information layer, for setting a predetermined processing, and then sent to a layer. This ensures that each layer relative independence, including troubleshooting, etc., are very easy to operate.

Well, this layer structure is how it? In fact, structured as follows:

5-layer structure of the Internet: The application layer -> Transport Layer -> Network Layer -> link layer -> physical layer

ISO OSI 7 Layer Reference Model: Application Layer -> presentation layer -> Session Layer -> Transport Layer -> Network Layer -> link layer -> physical layer

Let us first consider the five-layer structure in actual use of the Internet:

Application Layer: This layer packet information is called message (Message) , this layer protocols such as: HTTP, SMTP, FTP and the like. In simple terms, it defines how the sender information becomes compressed application packet, the receiver application how to understand the message.
Transport Layer: This layer packet information is referred segment (segment) , as this layer protocols: TCP, UDP. They are specified to each segment transfer rate destination, traffic and so on.
Network Layer: This layer is called the information packet datagram (Datagram) , this layer protocols such as: IP protocol. It specifies the data reported in the router, which is transmitted to each new router, which is the transfer of the provisions of the direction of the path.
Link Layer: This layer is called packet information frame (Frame) , this layer protocols include, for example: the DOCSIS protocol. Link layer is responsible for the implementation of the network layer of the hair down sending task, transmits the encapsulated data to the destination node.
Physical Layer: This layer is responsible for how the predetermined information moves from one end to the other end through a coaxial cable, fiber and the like. It is responsible for a network element frame network element to move from nearby.

For a deeper understanding of the actual transfer process, we give a very simple example to describe the actual process flow data:

First, data from the transmitting end system protocol stack downwardly and then up and down along the link layer protocol stack of the intermediate switches and routers, and then upwardly to the receiving end of the system protocol stack.

Here, then plug a undock the computer network itself, the design structure instructive significance of another sentence: Internet architecture to his complexity on the edge of the network. (Becoming larger, more complex, stronger specificity, and toward the intermediate portion will be as simple as possible, easy to access)

Face cyber attacks

See the title may cause some people's interest, I can not make a completion of a hacker! In fact, just following some basic introduction to the attack, this freedom is even another highly open structure of the Internet, to my current knowledge point of view, we want to develop a series of defense mechanisms than design a success the attack strategy a lot easier, at least ordinary website builder server maintainers can use their knowledge to protect their own server, the attacker often needs a strong capability in all aspects of business. So here I will take "inspired by the structure of how the Internet and feel out what kind of structure is safe difficult to break structure" continue to share such a purpose.

Here we divided into the following four categories according to the purpose of the attacker:

Control your computer to perform some action

Because the Internet is essentially transfer information with each other, so they can set up a program ( virus virus or worm WORM ), a program disguised as some other information sent to your computer to control your computer to complete some of his hopes complete things, such as: read your password, he specified server to send messages through your computer continues to infect other computers, and so on.

Virus (Virus) : Interactive infection requires that the user opening the software, which can run, and then complete it wants.

Worms (WORM) : Perhaps the user visited a low security site, the site has been compromised, you do not need the user to run it, he can produce its own process in the user's computer.
The server or network infrastructure does not work

Denial of Service (DoS) can make the network, host, or other infrastructure can not make legitimate users, a common attack points the following three categories:

Weakness attack: for one or a set of specific goals, seize the weaknesses of certain aspects of it, a series of precise design content is sent to the corresponding target, and sometimes just need to let the server exactly the order they are received each packet, we can achieve his purpose, the fine can imagine.

Bandwidth flooding: violence is both elegant, sending a large number of invalid information in the normal way to the server so that the server channel blockage, then lead to other users normal packet can not reach. Single sender may not generate enough traffic, where you can also control many other people's computer first, and then to send short, there are many optimization strategies, so let it harder to guard against attack.

Connected flooding: create as many full or half-open TCP connections, it will also lead to the normal TCP connection can not apply for it.
Access to information is sent on his way back up information

Packet sniffer : wireless transmission device placed in the vicinity of such a device, he can get the information transmitting or receiving the wireless transmission equipment and to then generate a backup, so only need to know how to decode, we can see that through this infinite All of the information transmission device.
Impersonate another person in order to gain trust

IP spoofing: using someone else's identity identifier, impersonate another person, that other person to receive this information received.