First attach their concepts, conceptual things for us to have a general understanding, then the actual use and life and what are the scenes, to list some, to understand the charm of the Internet!
A, network
An Intranet, also called a Local Area Network (LAN), is a computer communication Network that connects various computers, external devices, and databases within a Local geographical Area (such as BAI), usually within a radius of several kilometers.
How to form an Intranet
- 1. The most common communication is through the router Intranet
A router only needs one external IP address to connect N PCS to the Internet. Each terminal connected to the router is assigned an internal IP address based on ipv4. When the firewall is disabled, devices connected to the same router can access each other
- 2. Intranet of the company
For less than 10 people, there is no need to divide vlans (virtual local area networks) due to the small number of people. Therefore, a multi-port switch is sufficient. For enterprises with 100 to 500 employees, layer-3 switches and Layer-2 switches are generally used.
- 3. Remote Intranet of the company
As an example, companies generally have their own Intranet login software. All login software clients log in to the same server, and bridge the server to all clients so that they have the same environment and can communicate with each other
- 4, telecommunications, mobile broadband
That’s right, telecom mobile broadband in fact we are joining their big Intranet, so some people ask, why can I access the Internet? Because we all use a public IP address on the extranet in the area, just like routers, they access the extranet and assign us an IP address.
Use value
- 1. LAN file sharing
- 2, high data security, high transmission rate, low bit error rate
- 3, save IP address, global ipv4 address is not enough
Second, the outside network
WAN (Wide Area Network, abbreviated as WAN), also known as WAN or Extranet. A remote network that connects computers in different local area networks or metropolitan area networks to communicate. Usually across a large physical range, covering a range from tens of kilometers to thousands of kilometers, it can connect multiple regions, cities and countries, or across several continents and can provide long-distance communication, forming an international long-range network.
In plain English, it is accessible whether you use wifi or 3G, 4G or 5G networks.
How to form an extranet
- 1. Cloud server
When we in Tencent Cloud, Ali cloud, Huawei cloud these enterprises after the purchase of cloud server, cloud server will have an external IP
- 2. Contact the carrier to install the Internet
Unless your money is much, the company is not poor money, need to build their own computer room, this path is basically equal to no
- 3. Use the third-party Intranet
Third party Intranet penetration, in fact, is to proxy our services to the third party, using the external IP of the third party to realize exposure to the external network
- 4, IPV6
Now IPV6 has been very mature, many broadband support, IPV6 with external IP, but the browser support is not enough, and to use IPV6, you have to ensure that all the hardware can support, which is also very demanding
Use value
- 1. Provide Web services, all kinds of services around the world
- It is difficult to cover the comprehensive, now the value of the Internet to the society is the best interpretation
3. Intranet penetration
Intranet penetration, also known as NAT penetration, enables the packets with a specific source IP address and source port number to be routed to the Intranet host without being masked by the NAT device. The following describes the Intranet penetration method based on the position of the host communicating with the NAT device on the network.
UDP Intranet penetration uses the NAT system on the router. NAT is a translation technology that translates private (reserved) IP addresses into legitimate IP addresses. It is widely used in various Internet access modes and networks. NAT can reuse addresses and hide internal network structures.
How do I implement Intranet penetration
- 1. Peanut shells
Peanut Shell is a software developed by Berry Technology, providing free network penetration is barely available, not speed friendly
- 2. Nail the Intranet penetrating tool
Download with Git
git clone https://github.com/open-dingtalk/pierced.git
Copy the codeEnable, subdomain fill in a paragraph of English, as the launch secondary domain name, 8080 is your service port, this depends on your service port is what
./ding -config=./ding.cfg -subdomain=subdomain 8080
Copy the code- 3, FRP
FRP is a high-performance reverse proxy application that enables you to easily penetrate the internal network, provide services to the external network, support protocols such as TCP, HTTP, and HTTPS, and enable routing and forwarding based on domain names for Web services.
In fact, the principle of this tool is: establish a connection between a terminal that has an extranet and a terminal that needs Intranet penetration, and then send the service of the terminal that needs Intranet penetration to the terminal that has an extranet
Use value
- 1. A distant leader wants a preview of your project
- 2, do not have a server, but want to let others take a temporary look at their own project
4. Port mapping
Port mapping is a type of NAT, which translates public addresses into private addresses. ADSL broadband routers in the routing mode have a dynamic or fixed public IP address. ADSL is directly connected to the HUB or switch, and all computers share the Internet access
Port 80 is the HTTP service, 443 is the HTTPS service, 3306 is the mysql service…
How to implement port mapping
1, nginx
Use nginx configuration
server{
listen 80; Port 80 is used for HTTP services
server_name www.baidu.com; # service domain name, do not include http://
rewrite^ (. *) $ https://www.baidu.com; # redirect to another url
root /www/; / WWW = / WWW = / WWW = / WWW = / WWW = / WWW = / WWW
location / {
proxy_pass http://127.0.0.1:3000; # Projects started on proxy servers, such as express projects started on port 3000}}Copy the code2, all kinds of programs to start services, back-end languages are basically their own function to start services
node
php
go
Copy the codeFive, the IPV4
For example: 192.168.1.1
Internet Protocol Version 4 (IPv4), also known as Internet Communication Protocol Version 4, is the fourth revision of the Internet Protocol development process and the first widely deployed version of this Protocol. IPv4 is the heart of the Internet and the most widely used version of the Internet protocol, followed by IPv6, which was still in its early stages of deployment when IANA IPv4 addresses were exhausted in 2011.
Originally only 2^32 addresses were available for the US military, but now civilian, commercial and ipv4 addresses are exhausted, so ipv6 is being pushed.
Six, IPV6
For example: 2001:0410-0000:0001-0000:0000-0000:45 ff
IPv6, short for Internet Protocol Version 6, is a next-generation IP Protocol designed by the Internet Engineering Task Force (IETF) to replace IPv4. It boasts enough addresses to put an address on every grain of sand in the world
- Compared with IPV4, IPV6 has the following advantages:
First, IPv6 has a larger address space. In IPv4, the length of an IP address is 32 and the maximum number of IP addresses is 2^32. In IPv6, the length of an IP address is 128, that is, the maximum number of IP addresses is 2^128. The address space is increased by 2^128-2^32 compared to the 32-bit address space.
IPv6 uses smaller routing tables. IPv6 address allocation follows the principle of Aggregation from the very beginning, which enables a router to represent a subnet with an Entry in the routing table, greatly reducing the length of the routing table in the router and improving the speed at which the router forwards packets.
Third, IPv6 adds enhanced Multicast support and Flow Control, which makes multimedia applications on the network have a great opportunity to develop, and provides a good network platform for QoS Control.
IPv6 added support for Auto Configuration. This is an improvement and extension of DHCP protocol, making network management (especially LAN) more convenient and fast.
Fifth, IPv6 has higher security. On an IPv6 network, users can encrypt data at the network layer and verify IP packets. The encryption and authentication options in IPv6 provide packet confidentiality and integrity. This greatly enhances network security.
Allow expansion. IPV6 allows the protocol to be extended if new technologies or applications require it.
Better header formatting. IPV6 uses a new header format with options that are separated from the base header and inserted between the base header and the upper-layer data if needed. This simplifies and speeds up the routing process because most options do not need to be selected by routing.
Nginx enables IPV6 services
Nginx supports ipv6 as long as it is not a very old version.
server{
listen[: :] :80; # Enable both IPV4 and IPV6
server_name localhost;
root/www/; thelocation/ { index.html; }}Copy the code- 1. The browser then accesses ipv6 directly
Need to use the ipv6 address [] package, such as: [2001, 0410:0000-0001:0000, 0000, 0000:45 ff]
If you want to access a port: [2001:0410-0000:0001-0000:0000, 0000:45 ff] : 8080
-
2. 4g networks support ipv6, but mobile and telecom may block ports 80, 443, and 8080, so don’t use those ports
-
3. The terminal that starts the service must have an ipv6 address. How to detect the access: www.test-ipv6.com/
-
4. Ipv6 function is enabled on the router. The mobile broadband installed in my home uses optical cat dialing, and the Mi 4A gigabit version used by the router does not have ipv6 function enabled by default
-
5, ipv6 address is too long to remember ah, can buy domain name, use domain name resolution, choose 4A mode
subsequent
Here is not detailed how to use ipv6, I will write a “idle computer build private cloud disk, using ipv6 exet use”, involving how to domain name resolution, ipv6 dynamic update synchronization to domain name resolution, router Settings, cloud disk construction.