Network protocols underlying networks

Operating System Basics

Operating System (OS for short) is a computer program that manages and controls computer hardware and software resources. It is the most basic System software that runs directly on the “bare computer”, and any other software must run under the support of the Operating System.

Note: Computer (hardware)-> Operating system -> Application software

Principle of Network Communication

The Essence of the Internet is a set of protocols

  • One is hardwired with an operating system, then installed with software and you can use it normally, but you have to use it yourself

Everyone has their own machine, but they are isolated from each other, so how do you connect everyone together?

  • If you think of computers as people all over the world, thenThe Internet between two computers is really a set of unified standardsThese standards call itInternet protocolThe Internet is essentially a series of protocols,Internet Protocol Suite.
  • Internet protocol functions: Standards that define how computers access the Internet and how computers access the Internet communicate.

– Network hierarchy

  • In order to enable computers produced by different computer manufacturers to communicate with each other in order to establish computer networks over a larger area,
  • The international organization for standardization (ISO) in 1978, put forward the Reference Model of Open System Interconnection, the famous OSI/RM Model (Open System Interconnection Reference Model).

It divides the communication protocol of computer network architecture into seven layers, from bottom to top:

  • The Physics Layer,
  • Data Link Layer,
  • Network Layer,
  • Transport Layer,
  • Session Layer,
  • Presentation Layer,
  • Application Layer *.

Among them, the fourth layer completes the data transmission service, and the upper three layers to the user.

In addition to the standard OSI seven-layer model, common network layers are divided into TCP/IP four-layer protocol and TCP/IP five-layer protocol. The corresponding relationship between them is shown as follows:

— OSI Layer 7 protocol

Internet protocols are divided into OSI seven or TCP/IP five or TCP/IP four layers according to their functions

  • TCP/IP protocolThere is no doubt that it is the basic protocol of the Internet, without it it is impossible to access the Internet, any operation related to the Internet are inseparable from TCP/IP protocol.
  • Whether it is the OSI seven-layer model or the TCP/IP four-layer or five-layer model, each layer needs its own proprietary protocol to do its own work and communicate with the upper and lower layers
  • As the OSI seven-layer model is the standard level of network division, so we take OSI seven-layer model as an example from the bottom up to introduce one by one.

— TCP/IP five-tier model

  • We will application layer, presentation layer, session layer and make application layer, from the TCP/IP five layer protocol point of view to elaborate the origin and function of each layer, make clear the main protocol of each layer to understand the principle of the entire Internet communication.
  • First of all, the user is only aware of the top layer of application layer, from top to bottom each layer depends on the next layer, ‘
  • So let’s start at the bottom layer, just to understand that each layer runs a specific protocol, as you go up toward the user, and as you go down toward the hardware.

(1) Physical layer

Physical layer functions: mainly based on electrical characteristics to send high and low voltage (electrical signals), high voltage corresponding to the number 1, low voltage corresponding to the number 0

  • Activate, maintain, and close mechanical, electrical, functional, and process characteristics between communication endpoints.
  • This layer provides a reliable physical medium for upper-layer protocols to transfer data.
  • Simply put, the physical layer ensures that raw data can be transmitted over a variety of physical media.
  • The physical layer remembers two important device names, Repeaters (also known as amplifiers) and hubs.

(2) Data link layer

  • Data link layer origin: pure electrical signal0and1It doesn’t make any sense. You have to specify how many bits of an electrical signal are in a group. What does each group mean
  • Functions of data link layer: it defines the grouping mode of electrical signals
  • The data link layer provides services to the network layer on the basis of the services provided by the physical layer. The most basic service of the data link layer is to reliably transmit the data from the network layer to the target computer network layer of adjacent nodes.
  • To achieve this goal, the data link must have a series of corresponding functions, including:How do you combine data into blocksIn the data link layer, the data block is calledframe(frame),frameIs the transmission unit of the data link layer; How to control the transmission of frames on the physical channel, including how to deal with transmission errors, how to adjust the transmission rate to match the receiver; And management that provides the establishment, maintenance, and release of data link paths between two network entities.
  • The data link layer is on unreliable physical mediaProvide reliable transmission.
  • The functions of this layer include:Physical address addressing,Framing of data,Flow control,Error detection of data,resendAnd so on.

Important facts about the data link layer:

  • Data link layer provides reliable data transmission for network layer.
  • The basic data unit is frame;
  • Main protocols: Ethernet protocol;
  • Two important device names: bridge and switch.

In the early days of the Ethernet protocol, each company had its own grouping method, which later formed an agreed standard, namely the Ethernet protocol Ethernet

Ethernet rules

  • A group of electrical signals constitutes a packet, called a frame
  • Each data frame is divided into two parts: header head and data data

Head includes (fixed 18 bytes)

  • Sender/source address, 6 bytes
  • Receiver/destination address, 6 bytes
  • Data type, 6 bytes

Data includes (minimum 46 bytes, maximum 1500 bytes)

  • The content of the packet

Head length +data length = The minimum length is 64 bytes; the maximum length is 1518 bytes. If the head length exceeds the upper limit, fragments are sent

MAC address:

  • Ethernet provides that devices that access the Internet must have a network adapter. The address of the sending end and receiving end is the address of the network adapter, that is, the MAC address

  • MAC address: Each NIC is delivered with a unique MAC address in the world. The length of the MAC address is 48 digits, usually represented by 12 hexadecimal digits (the first six digits are the manufacturer number and the last six are the pipeline number).

Radio:

  • With a MAC address, two hosts on the same network can communicate with each other. (One host obtains the MAC address of another host through ARP.)
  • Ethernet uses the most primitive way, the way of broadcasting carries on communication, namely computer communication basically depends on roar

(3) Network layer

The purpose of the network layer is to realize the transparent transmission of data between two end systems. The specific functions include addressing and routing, connection establishment, maintenance and termination, etc. It provides services that eliminate the need for the transport layer to understand data transfer and switching technologies in the network. If you want to remember the network layer in as few words as possible, it’s “path selection, routing, and logical addressing.”

  • Many protocols are involved in the network layer, including the most important protocol, which is also the core protocol of TCP/IP – IP protocol.
  • The IP protocol is very simple and provides only unreliable, connectionless transport services.
  • The IP protocol provides the following functions:No connection datagram transmission,Datagram routing and error control.
  • And IP protocol supporting the use of its functionsAddress resolution protocol ARP,Reverse address resolution protocol RARP,Internet Message Protocol, ICMP,Internet Group management protocol IGMP.

The key points of the network layer are:

  1. The network layer is responsible for routing packets between subnets. In addition, the network layer can also realize congestion control, Internet interconnection and other functions.
  2. The basic data unit is IP datagram.
  3. Main agreements included:
  • Internet Protocol (IP);
  • ICMP (Internet Control Message Protocol);
  • Address Resolution Protocol (ARP);
  • Reverse Address Resolution Protocol (RARP).
  • Important equipment: routers.

(4) Transport Layer

  • The first is the end-to-end, host-to-host level. The transport layer is responsible for segmenting the upper layer of data and providing end-to-end, reliable or unreliable transport. In addition, the transport layer deals with end-to-end error control and flow control.
  • The task of the transport layer is to make the best use of network resources according to the characteristics of the communication subnet, provide the function of establishing, maintaining and canceling the transmission connection between the session layer of two end systems, and be responsible for end-to-end reliable data transmission. At this level, the protocol data units through which information is transmitted are called segments or messages.
  • The network layer only transmits the packets from the source node to the destination node according to the network address, while the transport layer is responsible for transmitting the data reliably to the corresponding port.

Key points about the network layer:

  1. The transport layer is responsible for segmenting the upper layer of data and providing end-to-end, reliable or unreliable transmission as well as end-to-end error control and flow control issues;
  2. Protocols include Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).
  3. Important device: gateway.

(5) Session layer

  • The session layer manages session processes between hosts, that is, it is responsible for establishing, managing, and terminating sessions between processes.
  • The session layer also implements data synchronization by inserting checkpoints into the data.

(6) Presentation layer

  • The presentation layer transforms the upper-layer data or information to ensure that information from one host application layer can be understood by applications from another host.
  • The data transformation of presentation layer includes data encryption, compression, format transformation and so on.

(7) Application layer

  • Origin of application layer: Users are using applications, all work in the application layer, the Internet is developed,
  • Everyone can develop their own applications, and there is a variety of data, which must be organized well
  • Application layer functionality: Specifies the data format of the application.

Example: TCP can transfer data for a variety of programs, such as Email, WWW, FTP and so on. Then, different protocols must dictate the format of E-mail, web pages, and FTP data, and these application protocols constitute the “application layer.”

Session layer, presentation layer and application layer

  • The basic unit of data transmission isMessage;
  • Main agreements included:FTP (File Transfer Protocol),Telnet (Remote Login Protocol),DNS,SMTP (Mail Transfer Protocol).POP3 Protocol (Post Office Protocol).HTTP Hyper Text Transfer Protocol.

Network communication implementation

To achieve network communication, each host must have four elements

  1. IP address of the local host
  2. Subnet mask
  3. IP address of the gateway
  4. DNS IP address

There are two ways to capture these four elements

  1. Statically acquired (that is, manually configured)
  2. Dynamic obtain (Obtained through DHCP)
The etheric WangTou The IP header Udp header. DHCP packets

(1) In Ethernet header, set the MAC address of the sender (local host) and the MAC address of the receiver (DHCP server). FF-FF-FF-FF-FF-FF

(2) In the IP header, set the IP address of the sender and the IP address of the receiver. At this point, the machine does not know about either. Then, the IP address of the sender is set to 0.0.0.0 and that of the receiver is set to 255.255.255.255.

(3) The final “UDP header”, set the port of the sender and the port of the receiver. This part is specified by DHCP. The sender is port 68, and the receiver is port 67.

Once the packet is constructed, it can be sent out. Ethernet is broadcast sending, and every computer in the same subnetwork receives this packet. Because the MAC address of the recipient is ff-ff-ff-ff-ff, there is no telling who it is addressed to, so each computer that receives the packet must also analyze the IP address of the packet to determine if it is addressed to itself. When the IP address of the sender is 0.0.0.0 and that of the receiver is 255.255.255.255, the DHCP server knows that the packet is meant for me, and other computers can discard the packet.

The DHCP server then reads the packet, assigns an IP address, and sends back a “DHCP response” packet. The structure of the response packet is similar. The MAC address of the Ethernet header is the network adapter address of both parties, the IP address of the IP header is the IP address of the DHCP server (sender) and 255.255.255.255 (receiver), and the ports of the UDP header are 67 (sender) and 68 (receiver). The IP address assigned to the requestor and the specific parameters of the local network are contained in the Data section.

The new computer receives the response packet and knows its IP address, subnet mask, gateway address, DNS server, and so on

Network Communication flow

1. Local access

  • The LOCAL IP address is 192.168.1.100
  • The subnet mask is 255.255.255.0
  • Gateway IP address: 192.168.1.1
  • DNS IP address: 8.8.8.8

  

2. NAT protocol

Network Address Translation (NAT) is an access wide area Network (WAN) technology, which translates private (reserved) addresses into legitimate IP addresses. It is widely used in various Types of Internet access and networks. The reason is simple. NAT not only perfectly solves the problem of insufficient lP addresses, but also effectively prevents attacks from outside the network and hides and protects computers inside the network.

3. DNS protocol (based on UDP)

DNS stands for DomainNameSystem, the system used to name computers and network services organized into a domain hierarchy, and can be understood simply as translating urls into IP addresses. A domain name is a string of words or abbreviations separated by dots. Each domain name corresponds to a unique IP address. There is a one-to-one correspondence between domain names and IP addresses on the Internet. DNS naming is used to search for computers and services using user-friendly names on TCP/IP networks such as the Internet.

A.r oot ` ` - ` ` servers.net 198. ` ` 41.0 ` `. ` ` 4 ` ` the United States B.r oot ` ` - ` ` servers.net 192. ` ` 228.79 ` `. ` ` 201 ` ` America (the other support IPv6) C.r oot ` ` - ` ` servers.net 192. ` ` 33.4 ` `. ` ` 12 ` ` France D.r oot ` ` - ` ` servers.net 128. ` ` 8.10 ` `. ` ` 90 ` ` the United States "E.r oot ` ` - ` ` servers.net 192. ` ` 203.230 ` `. ` ` 10 ` ` the United States F.r oot ` ` - ` ` servers.net 192. ` ` 5.5 ` `. ` ` 241 ` ` America (the other support IPv6) G.r oot ` ` - ` ` servers.net 192. ` ` 112.36 ` `. ` ` 4 ` ` the United States Practice oot ` ` - ` ` servers.net 128. ` ` 63.2 ` `. ` ` 53 ` ` America (the other support IPv6) I.r oot ` ` - ` ` servers.net 192. ` ` 36.148 ` `. ` ` 17 ` ` Sweden J.r oot ` ` - ` ` servers.net 192. ` ` 58.128 ` `. ` ` 30 ` ` the United States Written by K.r oot ` ` - ` ` servers.net 193. ` ` 0.14 ` `. ` ` 129 ` ` England (the other support IPv6) Their lives oot ` ` - ` ` servers.net 198. ` ` 32.64 ` `. ` ` 12 ` ` the United States M.r oot ` ` - ` ` servers.net 202. ` ` 12.27 ` `. ` ` 33 ` ` Japan (the other support IPv6)

Domain name definition: jingyan.baidu.com/article/197…

Top-level domain name:

  • .com,.net,.org,.cn and so on are international top-level domain names. According to the current international Internet domain name system, international top-level domain names are divided into two categories: gTLD and ccTLD.
  • Category TOP-LEVEL domain names end with “COM”, “NET”, “ORG”, “BIZ”, and “INFO”, which are managed by foreign companies. A geographic top-level domain is a domain name ending in a country or area code, such as “CN” for China and “UK” for the United Kingdom. Geographic top-level domains are generally managed by individual countries or regions.

Secondary domain name:

  • Is based on top-level domain geographic secondary domain name, metaphor in China there are secondary domain. Com. Cn,. Net. Cn,. Org. Cn,. Gd. Cn, etc. A subdomain name is a subdomain name of its parent domain. The parent domain name is abc.com. The subdomain name is www.abc.com or *.abc.com.\
  • Generally speaking, a second-level domain name is a record of a domain name. For example, alidiedie.com is a domain name, and www.alidiedie.com is a commonly used record. It is generally used by default, but domain names like *

4. The HTTP protocol

  • GET ``/ HTTP ` ` / ` ` 1.1
  • Host: www.google.com
  • Connection: keep``-``alive
  • The User ` ` - ` ` Agent: Mozilla ` ` / ` ` 5.0 (Windows NT ` ` 6.1 ` `)...
  • Accept:text``/``html,application``/``xhtml``+``xml,application``/``xml; 0.9 q ` ` = ` ` ` `,; Q ` ` = ` ` 0.8
  • Accept``-``Encoding: gzip,deflate,sdch
  • Accept``-``Language: zh``-``CN,zh; Q ` ` = ` ` 0.8
  • Accept``-``Charset: GBK,utf``-``8``; 0.7 q ` ` = ` ` ` `, ` ` * ` `; Q ` ` = ` ` 0.3
  • Cookie:... ...

We assume that this section is 4960 bytes long and will be embedded in the TCP packet.

HyperText Transfer Protocol (HTTP) is the most widely used network Protocol on the Internet. All WWW files must comply with this standard.

What requests are included in the HTTP protocol?

  • GET: Requests to read the information marked by the URL.
  • POST: Adds information (such as comments) to the server.
  • PUT: Stores a document at the given URL.
  • DELETE: Deletes the resource marked by the given URL.

The difference between POST and GET in HTTP

  1. Get gets data from the server, and Post sends data to the server.
  2. Get adds the parameter data queue to the URL pointed to by the Action attribute of the submitted form. The value corresponds to each field in the form, which can be seen in the URL.
  3. The amount of data to be transmitted by Get is small and cannot be greater than or equal to2KB; Post transfers a large amount of data and is generally considered unrestricted by default. According to the HTTP specification, GET is used for information retrieval and should be secure and idempotent.
  • Safe means that the operation is used to retrieve information, not modify it. In other words, GET requests should generally have no side effects. That is, it simply retrieves the resource information, just like a database query, without modifying, adding data, or affecting the state of the resource.
  • Idempotent means that multiple requests to the same URL should return the same result.

5 TCP protocol

TCP packets require port Settings. The default HTTP port for the receiver (Google) is 80, and the port for the sender (local) is a randomly generated integer between 1024 and 65535, assumed to be 51775.

The TCP packet header is 20 bytes long, and the total length becomes 4980 bytes if the HTTP embedded packet is included.

TCP/IP is the most basic protocol of the Internet and the basis of the Internet. It consists of IP at the network layer and TCP at the transport layer. In layman’s terms: TCP is responsible for detecting problems in transmission and signaling any problems, requiring retransmission until all data is safely and correctly transmitted to its destination. IP assigns an address to every networked device on the Internet. **

The IP layer receives packets from lower layers (network interface layers such as Ethernet device drivers) and sends the packets to higher layers -TCP or UDP. Conversely, the IP layer also carries packets received from the TCP or UDP layer to the lower layer. IP packets are unreliable because IP does nothing to ensure that packets are sent in order or are not corrupted. IP packets contain the address of the host that sent them (source address) and the address of the host that received them (destination address).

TCP is a connection-oriented communication protocol. It establishes a connection through a three-way handshake and disconnects the connection when the communication is complete. Because TCP is connection-oriented, it can only be used for end-to-end communication. TCP provides a reliable data flow service, using the “positive confirmation with retransmission” technology to achieve the reliability of transmission. TCP also uses a method of traffic control called “sliding Windows,” which actually represent the ability to receive, to limit the speed of the sender.

TCP header format:

TCP three-way handshake and four-way wave:

Three handshakes:

  • The client sends a request to establish a channel.
  • The server receives the request and agrees, and also sends a request to set up a channel.
  • The client receives the request and agrees. The setup is complete

Four waves:

  • The client sends a request to disconnect the channel.
  • The server receives the request and agrees, and replies the client with a message.
  • The server also sends a request to disconnect the channel;
  • The client receives the message. Procedure

6 IP

TCP packets are then embedded into IP packets. IP packets need to be set to both IP addresses, which are known as 192.168.1.100 for sender (local) and 172.194.72.105 for receiver (Google).

The header length of the IP packet is 20 bytes, and the total length of the EMBEDDED TCP packet becomes 5000 bytes.

 

7 Ethernet Protocol

Finally, IP packets embed Ethernet packets. For Ethernet packets, you need to set the MAC addresses of both parties. The sender is the MAC address of the local network adapter, and the receiver is the MAC address of the gateway 192.168.1.1 (obtained through ARP).

The data portion of an Ethernet packet, with a maximum length of 1500 bytes, compared to the current IP packet length of 5000 bytes. Therefore, IP packets must be split into four packets. Because each packet has its own IP header (20 bytes), the length of IP packets for the four packets is 1500, 1500, 1500, 560, respectively.

8. The DHCP protocol

The Dynamic Host Configuration Protocol (DHCP) is a local area network (LAN) Protocol that uses UDP. It serves two purposes: Automatically assign IP addresses to internal networks or network service providers, giving users or internal network administrators centralized management of all computers.

9. The UDP protocol

UDP user datagram protocol is connectionless communication protocol. UDP data includes destination port number and source port number information. Because communication does not need to be connected, it can be broadcast. UDP communication does not require the recipient’s confirmation. Therefore, UDP communication is unreliable and may cause packet loss. In practical applications, programmers are required to verify UDP communication.

UDP is in the same layer as TCP, but it does not care about packet order, error, or retransmission. Therefore, UDP is not used for connection-oriented services that use virtual circuits, but for query-oriented, response-oriented services such as NFS. Compared with FTP or Telnet, these services need to exchange less information.

Each UDP packet consists of a UDP header and a UDP data area. The header consists of four 16-bit (2-byte) fields that specify the source port, destination port, packet length, and parity value of the packet. The UDP header consists of four fields, each of which occupies two bytes as follows: (1) Source port number;

(2) Target port number;

(3) Datagram length;

(4) Check value.

UDP protocols include TFTP, SNMP, DNS, NFS, and BOOTP.

TCP **** differs from ****UDP ****. TCP is a connection-oriented, reliable byte stream service. UDP is a connectionless, unreliable datagram service.

10. Routing protocol

Common routing protocols include RIP and OSPF.

RIP: Based on the Behrmanford algorithm, it selects routes based on the metric of hops. The maximum number of hops is 15. If the number of hops is greater than 15, it dismisses packets.

OSPF is an Open Shortest Path First routing protocol that uses the Dijkstra algorithm to select routes based on bandwidth and delay.

11. The ARP/RARP protocol

Address Resolution Protocol (ARP) is a TCP/IP Protocol that obtains physical addresses based on IP addresses. The host broadcasts the ARP request containing the target IP address to all hosts on the network and receives the return message to determine the physical address of the target. After receiving the return message, the IP address and physical address are stored in the LOCAL ARP cache for a period of time. In the next request, the IP address and physical address are queried in the ARP cache to save resources. The IP address resolution protocol is based on the mutual trust between hosts on the network. A host on the network can send AN ARP reply message automatically. When receiving the reply packet, other hosts record it in the LOCAL ARP cache without detecting its authenticity. In this way, an attacker can send a pseudo ARP reply packet to a host, so that the message cannot reach the expected host or the wrong host, which constitutes an ARP spoofing. The ARP command is used to query the mapping between IP addresses and MAC addresses in the LOCAL ARP cache and add or delete static mapping.

Examples of ARP workflow:

  • The IP address and MAC address of host A are 192.168.1.1 and 0A-11-22-33-44-01.
  • The IP address and MAC address of host B are 192.168.1.2 and 0A-11-22-33-44-02.
  • When host A wants to communicate with host B, the IP address resolution protocol resolves the IP address of host B (192.168.1.2) into the MAC address of host B. The workflow is as follows:

(1) Based on the routing table on host A, IP determines that the forwarding IP address used to access host B is 192.168.1.2. Host A then checks host B’s matching MAC address in its local ARP cache.

(2) If host A does not find A mapping in the ARP cache, it will ask for the hardware address of 192.168.1.2, thereby broadcasting ARP request frames to all hosts on the local network. The IP address and MAC address of source host A are included in the ARP request. Each host on the local network receives the ARP request and checks if it matches its OWN IP address. If the host finds that the requested IP address does not match its own IP address, it discards the ARP request.

(3) If host B determines that the IP address in the ARP request matches its own IP address, the IP address and MAC address mapping of host A are added to the local ARP cache.

(4) Host B directly sends an ARP reply message containing its MAC address to host A.

(5) When host A receives an ARP reply message from host B, the ARP cache is updated using the IP address and MAC address mapping of host B. The native cache is lifetime, and the process is repeated once the lifetime is over. Once the MAC address of host B is determined, host A can send IP communication to host B.

Reverse address resolution protocol, namely the RARP, function and the ARP protocol, it transforms the physical address of a host in the local area network (LAN) as the IP address, such as a host in the LAN only know the physical address and IP address, you can through the RARP protocol for its own IP address broadcast request, then the RARP server is responsible for the answer.