1. Fundamentals of computer network
1.1 Communication mode between hosts
- Client-Server (C/S)
The client is the requestor of the service, and the server is the provider of the service.
- Peer-to-peer
Without distinguishing between client and server, both parties can request and provide services to each other.
1.2 Circuit & Packet Switching
- Packet switching
Each group is composed of a head and a tail, containing control information such as source address and destination address. Simultaneous transmission of multiple groups on the same transmission line does not affect each other. Therefore, simultaneous transmission of multiple groups on the same transmission line is allowed, that is, packet switching will not occupy the transmission line.
- Circuit switching
Circuit switching is used in telephone communication systems where a dedicated physical link is required before communication is established between two users, and the link is always occupied during communication. Because transmission lines cannot be used all the time during communication, circuit switching has a low utilization of lines, usually less than 10%.
1.3 time delay
- Queuing delay
The time required for packets to queue up in the router’s input and output queues depends on the current network traffic volume;
- To deal with time delay
When a packet is received by a host or router, it takes time to process the packet, including analyzing the header, extracting data from the packet, checking errors, or finding the appropriate route, etc.
- Transmission delay
Time required for the host or router to transmit data frames:
$$delay = length(bit)/v(bit/s)$$
Where length represents the length of data frame, V represents the transmission rate;
- Propagation delay
The time required for electromagnetic wave to propagate in the channel, and the speed of electromagnetic wave propagation is infinitely close to the speed of light:
$$delay = length(m)/v(m/s)$$
Where length represents the length of the channel, V represents the propagation speed of electromagnetic wave in the channel;
1.4 Architecture
| architecture | agreement |
|---|---|
| The physical layer | RJ45, CLOCK, IEEE802.3 (repeater, hub) |
| The data link | PPP, FR, HDLC, VLAN, MAC (bridge, switch) |
| The network layer | IP, ICMP, ARP, RARP, OSPF, IPX, RIP, IGRP (router) |
| The transport layer | TCP (HTTP/S, FTP, POP3, SMTP, TENET, SSH), UDP (BOOTP, NTP, DHCP), SPX |
| The session layer | NFS, SQL, NetBIOS, RPC |
| The presentation layer | JPEG, MPEG, ASII |
| The application layer | FTP, DNS, Telenet, SMTP, HTTP, WWW, NFS |
- OSI seven-tier architecture
In order to connect the system developed under one network structure with the system developed under another network structure, so as to realize a higher level of application, make the communication between heterogeneous machines possible, and facilitate the standardization of network structure, The International Organization for Standardization (ISO) formed the official document of the Open Systems Interconnection Reference Model (OSI/RM) in 1984.
- Physical layer (PH) : Some Physical transmission media, such as twisted pair, coaxial cable and optical fiber, are needed to transmit information. The task of the physical layer is to provide a physical connection for the upper layer, as well as the mechanical, electrical, functional and process characteristics of the physical connection to achieve transparent bitstream transmission. At this layer, the data is not yet organized and is submitted only as raw bit streams to the upper layer, the data link layer.
- Data Link Layer (Data-Link, D) : The Data link layer is responsible for realizing error-free Data frame transmission on the link between two adjacent nodes. Each frame contains certain data and necessary control information. In case of data error received by the receiver, the sender should be informed to resend the data until the frame reaches the receiving node without error. The data link layer is to turn a real link that may be error-prone into a data link that makes the network layer look error-free. The main functions are frame synchronization, error control, flow control, addressing, frame delimiting, transparent bit combination transmission and so on.
- Network layer (Network, N) : There may be many nodes and links between two computers communicating in the Network, and there may also be several communication subnets. The unit of data transmission in the network layer is Packet. The main task of the network layer is to select a suitable path for the packets to be transmitted, so that the sending packets can find the destination host correctly according to the given destination address and deliver to the transport layer of the destination host.
- Transport layer (T) : The main task of the Transport layer is to make the best use of network resources through the characteristics of the communication subnet, and to establish a connection channel between the session layers of the two end systems in a reliable and economical way, so as to transmit messages transparently. The transport layer up provides a reliable end-to-end service, keeping the session layer unaware of the details of data communication below the transport layer. The transport layer only exists in the end system, and the above layers no longer consider the problem of information transmission.
- Session layer (S) : In the Session layer and above, data is transmitted on a packet basis. The Session layer does not participate in the specific transmission. It provides the mechanism for establishing and maintaining communication between applications, including access verification and Session management. For example, server verification of user login is done by the session layer.
- Presentation layer (Presentation, P) : This layer mainly solves the problem of syntactic representation of user information. The data it will exchange is converted from an abstract syntax appropriate for a particular user to a transport syntax appropriate for OSI internal representation. That is, to provide formatted data presentation and transformation services. The presentation layer is responsible for data compression and decompression, encryption and decryption.
- Application layer (A) : This is the highest level of the OSI reference model. The application layer determines the nature of the communication between processes to meet the needs of the user and provides the interface services between the network and the user’s software.
- Five layer protocol
The architecture we use in the daily network can be divided into five layers, respectively:
- Application layer: provides data transfer services for specific applications, such as HTTP, DNS and other protocols. The data unit is the message.
- Transport layer: Provides a common data transfer service for the process. Since there are many application layer protocols, defining a common transport layer protocol can support an increasing number of application layer protocols. The transport layer includes two kinds of protocols: transmission control protocol TCP, which provides connection-oriented and reliable data transmission service. The data unit is a message segment; User datagram protocol UDP, provides connectionless, best effort data transmission service, the data unit is user datagram. TCP mainly provides integrity service, while UDP mainly provides timeliness service.
- Network layer: provides data transfer services for the host. The transport layer protocol provides data transfer services for processes in the host. The network layer encapsulates the packets or user datagrams passed down by the transport layer.
- Data link layer: the network layer is aimed at the data transmission service between hosts, and there can be many links between hosts. The link layer protocol is to provide data transmission service for hosts on the same link. The data link layer encapsulates the packets passed down from the network layer into frames.
- Physical Layer: Consideration of how bitstreams of data are transmitted over the transport medium, not the specific transport medium. The role of the physical layer is to screen out the differences in transmission media and means of communication as much as possible so that the data link layer does not feel these differences.
- TCP/IP
It does not strictly follow the OSI layering concept and has only four layers, which is equivalent to merging the data link layer and physical layer in the five-layer protocol into the network structure layer.
2. Detailed explanation of the five-layer agreement
2.1 the physical
The unit of data transmitted on the physical layer is the bit. Its function is to realize the transparent transmission of the bit stream between adjacent computer nodes, and to shield the differences between the specific transmission medium and the equipment in the room as much as possible. According to the direction of information transmission on the transmission line, it can be divided into the following three communication modes:
- Simplex communication: one-way transmission
- Half-duplex communication: Alternate two-way transmission
- Full duplex communication: two-way simultaneous transmission
2.2 the link layer
Data transmission between two hosts is always carried out on a segment of the link, which requires the use of a special link layer protocol. When transmitting data between two adjacent nodes, the data link layer will assemble the IP packets submitted by the network layer into frames, and transmit the frames on the links between two adjacent nodes. Each frame includes data and necessary control information (such as synchronization information, address information, error control, etc.).
2.3 the network layer
The core of the Internet, which provides datagram services upward, connects heterogeneous physical networks through IP protocols. Its task is to select the appropriate inter-network routing and switching nodes, so as to ensure the timely transmission of computer communication data, supporting the use of the following three protocols:
- Address resolution protocol ARP
- Internet Control Message Protocol (ICMP)
- Internet Group Management Protocol IGMP
2.4 the transport layer
The transport layer provides the logical communication between processes and is responsible for providing a common data transfer service to the communication between two host processes, shielding the core details of the network layer from the high-level users, which mainly involves UDP and TCP protocols.
2.5 the application layer
The task of application layer is to complete a specific network application through the interaction between application processes. The application layer protocol defines the rules of communication and interaction between application processes.
Different application layer protocols are needed for different network applications, such as DNS, HTTP, SMTP, etc.
3. HTTP
3.1 HTTP based
- URI (Uniform Resource Identifier)
URI = URL + URN
URL: Uniform resource locator, which identifies a specific resource location
URN: Uniform resource name
- The request message
It mainly consists of the following three parts:
- Request line: includes request method, URL, protocol/version
- Request header:
Request Header - Request body
- The response message
It mainly consists of the following three parts:
- The status line
- Response headers
- In response to the body
3.2 HTTP methods
| methods | instructions |
|---|---|
GET |
Request specified page information and returns the entity body |
POST |
A transfer entity body that submits data to a specified resource for processing requests. The data is contained in the request body and may result in the creation of a new resource and/or modification of an existing resource |
PUT |
The data sent from the client to the server replaces the content of the specified document and uploads the file without authentication mechanism, which has security problems |
DELETE |
Ask the server to delete the specified page, usually a file |
HEAD |
Gets the header of a message, similar toGET, but does not return the body part of the packet entity, which is mainly used to confirm the validity of the URL and the updating time of the resource |
PATCH |
Make partial changes to the resource |
OPTIONS |
Query for methods supported by the specified URL, returnAllow: GET,POST,HEAD,OPTIONSThe content such as |
CONNECT |
The requirement is to establish a tunnel when the proxy server communicates, and use SSL and TLS protocols to encrypt the communication content and then transmit it through the network tunnel |
TRACE |
Tracing the path, the server returns the communication path to the client |
3.3 HTTP status code
The first line in the response message returned by the server is the status line, which contains the status code and the reason phrase to inform the client of the result of the request. It is mainly divided into the following types. The common status codes are as follows:
- 1XX – Information: The server receives a request and needs the requestor to continue the operation;
- 2XX – Successful: request received successfully, understood and processed;
- 3xx – Redirect: Need further action to complete the request;
- 4xx – Client error: request contains syntax error or cannot complete request;
- 5xx – Server error: An error occurred while the server was processing the request;
| Status code | state | instructions |
|---|---|---|
| 100 | Continue |
As normal as it has been so far, the client can continue sending the request or ignore the response |
| 200 | OK |
Indicates that the request succeeded |
| 204 | No Content |
The request has been successfully processed, but the response message returned does not contain the body part of the entity and is typically used only when information is sent from the client to the server, rather than when data is not returned |
| 206 | Partial Content |
Represents the scope request made by the client, and the response message contains the followingContent-RangeSpecifies the entity content of the scope |
| 301 | Moved Permanently |
Permanent redirection |
| 302 | Found |
Temporary redirection |
| 303 | See Other |
It has the same functionality as 302, but 303 explicitly requires that the client should adopt itGETMethod to obtain resources |
| 304 | Not Modified |
If the request message header contains some conditions, such asIf-match, If-Modified-Since, If-None-Match, If-Range, If-UnModified-Since, if the condition is not met, the server returns 304 |
| 307 | Temporary Redirect |
Temporary redirect, similar to 302, but 307 requires the browser not to change the POST method of the redirect request to the GET method |
| 400 | Bad Request |
There is a syntax error in the request packet |
| 401 | Unauthorized |
This status code indicates that the request being sent requires authentication information |
| 403 | Forbidden |
Request denied |
| 404 | Not Found |
The requested page does not exist |
| 500 | Internal Server Error |
An error occurred while the server was executing the request |
| 503 | Service Unavailable |
The server is temporarily overloaded or in maintenance downtime and cannot process requests |
3.4 the HTTP header
There are four types of leading fields:
- Generic header field
- Request the header field
- Respond to the leading field
- Entity header field
3.5 GET vs POST
- Effect of different
GET is used to retrieve a resource, typically a query, while POST is used to transfer the entity body, typically a submission.
- Different parameters
Both GET and POST requests can use additional parameters, but GET’s parameters appear in the URL as a query string and have no effect on the content on the server, while POST’s parameters are stored in the entity body. However, POST is not very secure, we can still use the packet capture tool to view. On the other hand, URLs only support ASCII, so GET parameters with characters such as Chinese need to be encoded first, but POST parameters support the standard character set.
- security
The GET method is safe because it does not change the state of the server. However, POST is not secure because the purpose of POST is to send the entity body content, which may be form data uploaded by the user. Once uploaded successfully, the server may store this data in the database and the state will change.
Safe methods: GET, HEAD, OPTIONS;
Unsecure methods: POST, PUT, DELETE;
- idempotence
In an idempotent HTTP method, the same request executed once has the same effect as if it were executed multiple times in a row. The state of the server is the same, i.e. the idempotent method has no side effects, so all safe methods are idempotent as well.
In general, methods such as GET, HEAD, PUT, DELETE, etc. are idempotent, but POST is not.
- cacheable
To cache the response, the following conditions should be met:
- The HTTP method of the request packet is itself cacheable, including
GET, HEAD,, butThe PUT and DELETENot cacheable,POSTIn most cases it is not cacheable; - The status code of the response message is cacheable, including: 200, 203, 204, 206, 300, 301, 404, 405, 410, 411, 501;
- Responding to a message
Cache-ControlIf the header field is not specified, it will not be cached.
4. HTTP and HTTPS
4.1 What is HTTP/S protocol?
- HTTP
HTTP (Hyper Text Transfer Protocol) is a Protocol that transfers hypertext markup language (HTML) from a Web server to a local browser.
The original purpose of HTTP was to provide a way to publish and receive HTML pages;
- HTTPS
HTTPS (Hyper Text Transfer Protocol over Secure Socket Layer), a security-oriented HTTP channel, is a Secure version of HTTP, with SSL/TLS Layer added. SSL Certificates are used to authenticate the server and to encrypt communication between the browser and the server. SSL is the security basis of HTTPS, and its main functions are as follows:
- Establish an information security channel to ensure the security of data transmission;
- Confirm the authenticity of the website;
HTTP / 4.2 S characteristics
- HTTP
- HTTP supports C/S mode, is a request/response mode protocol;
- Simple and quick: When a client requests a service from the server, it only needs to transmit the request method and path. The common methods are as follows
Get, POST, HEAD; - flexibleHTTP allows any type of data object to be transferred
Content - TypeTo mark; - Connectionless: limit each connection to only handle one request, the server will be disconnected after processing the request and received a reply from the client, but it is not conducive to the client and the server to maintain the session connection;
- Stateless: The value protocol has no memory of the transaction and must be retransmitted if the previous information is needed for subsequent processing.
HTTP / 4.2 S principle
- HTTP
HTTP is based on TCP/IP communication protocol to transfer data, the transmission of data types such as HTML files, picture files, query results, etc. In addition, HTTP protocol is generally used for B/S architecture, the browser as the HTTP client through the URL to the HTTP server, that is, the Web server to send all requests;
- HTTPS
As shown in the figure above, the flow of data transfer using HTTPS is as follows:
- First, the client accesses the server through the URL to establish SSL connection;
- After receiving the client’s request, the server will send a copy of the certificate information supported by the website (including the public key) to the client.
- The server on the client side starts to negotiate the level of security of the SSL connection, that is, the level of information encryption;
- The browser of the client establishes the session secret key according to the security level agreed by both parties, and then encrypts the session secret key using the public key of the website and transmits it to the website.
- The server uses its own secret key to decrypt the session secret key;
- The server uses the session secret key to encrypt the communication with the client.
4.3 Differences between HTTP and HTTPS
The data transmitted by HTTP protocol is unencrypted, that is, plaintext, so it is not safe to transmit private information using HTTP protocol. In order to ensure that private data can be encrypted transmission, SSL protocol is used to encrypt data transmitted by HTTP protocol, namely HTTPS.
HTTPS protocol is a network protocol built by HTTP + SSL protocol that can carry out encrypted transmission and identity authentication. It is more secure than HTTP. The main differences between the two are as follows:
- HTTPS requires to apply for a certificate from CA. Generally, there are few free certificates, so there is a certain cost.
- HTTP is hypertext transmission of information, information is plaintext transmission; HTTPS is a secure SSL encrypted transport protocol.
- HTTP and HTTPS use completely different connections, which HTTP uses by default
80Port, which HTTPS uses by default443Port; - HTTP connections are simple and stateless; HTTPS is a network protocol built by SSL + HTTP, which can be used for encrypted transmission and identity authentication. It is more secure than HTTP protocol.
| The difference between | HTTP | HTTPS |
|---|---|---|
| agreement | Based on TCP, plaintext transmission,Neither client nor server can verify each other’s identity | HTTP + SSL, running over TCP,HTTP with added encryption and authentication mechanisms |
| port | 80 | 443 |
| Resource consumption | less | More CPU and memory resources are consumed due to encryption and decryption operations |
| overhead | Without the certificate | A certificate is required, usually purchased from a certification body |
| Encryption mechanism | There is no | A hybrid encryption mechanism that uses shared and public secret key encryption |
| security | weak | strong |
5. TCP VS UDP
5.1 Features of TCP and UDP
- TCP
TCP (Transmission Control Protocol) is connection-oriented, provides reliable delivery, has flow Control, congestion Control, provides full duplex communication, is oriented to byte streams (the packets that come down the application layer are treated as byte streams, and the byte streams are organized into blocks of varying sizes), Each TCP connection can only be point-to-point (one-to-one), which can be summarized as follows:
- connection-oriented
- Only unicast is supported
- Byte-oriented streams
- reliability
- Provides congestion control and full duplex communication
- UDP
UDP (User Datagram Protocol) is connectionless, delivery as far as possible, no congestion control, message-oriented (for the message from the application layer does not merge nor split, only add the UDP first part), support one-to-one, one-to-many, many-to-one and multi-point interactive communication. In summary, it has the following characteristics:
- Connectionless oriented
- It has the functions of unicast, multicast and broadcast
- For a message
- Unreliability.
- The overhead of the header is small and the data transmission is efficient
5.2 TCP VS UDP
| TCP | UDP | |
|---|---|---|
| Whether connection | connection-oriented | There is no connection |
| reliable | Reliable transmission, using flow control and congestion control | Unreliable transmission, no flow control and congestion control |
| Number of connected objects | Only one to one | Supports one-to-one, one-to-many, many-to-one and many-to-many |
| transport | Byte-oriented streams | For a message |
| The first overhead | The minimum header is 20 bytes and the maximum is 60 bytes | The overhead of the first part is small, only 8 bytes |
| scenario | Reliable transfer, such as file transfer, etc | Real-time applications, such as video conferencing, live streaming, etc |
5.3 Three handshakes and four waves
- Three-way handshake
- The First Shake: The client sends the connection request message segment to the server, which contains the initial serial number of its own data communication. After the request is sent, the client enters
SYN-SENTState; - The second handshake: The server receives the connection request message from the client. If it agrees, it will send a response, which will also contain its own data communication initial serial number. After sending, it will enter
SYN-RECEIVEDState; - The Third Shake: After the client receives the response from the server approving the connection, it sends an acknowledgement message to the server again. After the client sends the message
ESTABLISHEDThe server also enters after receiving the replyESTABLISHEDState, at which point the connection was established successfully.
- Four times to wave
- First wave: Once client A thinks the data has been sent, it sends A request to server B to release the request;
- Second wave:When server B receives a connection release request, it tells the application layer to release the TCP connection, then sends an ACK packet and enters
CLOST_WAITThis indicates that the connection between A and B has been released and no longer receives data sent by A. But TCP is two-way communication, so B can still send data to A; - Third wave:If B still has data to send at this time, it will continue to send until it is finished, and then send A connection release request to A, and then B enters
LAST-ACKState; - Fourth wave:After receiving the release request, A sends an acknowledgement to B, at which time A enters
TIME-WAITState and lasts for a period of time (usually 2MSL). If there is no retransmission request from B within this period, it will enterCLOSEDState. When B receives the acknowledgement, it also entersCLOSEState.
6. Session vs Cookie
6.1 Definition of Session and Cookie
6.1.1 What is a cookie
Cookies are small files (key-value format) that are kept by the Web server on the user’s browser and contain information about the user. The client makes a request to the server, and if the server needs to record the user’s state, it will issue a cookie to the client browser using response. The client browser saves the cookie, and when the browser requests the website again, the browser submits the requested URL together with the cookie to the server, and the server checks the cookie to confirm the user’s identity.
6.1.2 What is Session
The session depends on the cookie implementation. The session is a server-side object. Session A block of storage allocated by the server during the session between the browser and the server. The server defaults to the browser setting SESSIONID in the cookie. The browser transmits the cookie containing SESSIONID in the request process to the server. The server will obtain the stored information in the session according to SESSIONID, and then confirm the identity information of the session.
6.2 Differences between sessions and cookies
- The storage space: a single
cookieYou can’t save more than 4K of data, and many browsers limit how much a site can savecookieNumbers (usually 20), butsessionThere is no such limit; - Occupying server resources:
sessionA certain time to save on the server, when the increase in access, take up the server performance, considering the server performance, should be usedcookie; - Storage location and security:
cookieThe data is placed on the client side, which is less secure,sessionData on the server, relatively high security;
7. Meet the test often
7.1 Why is the TCP connection three times instead of two?
Because of considering the connection problem of packet loss, and if it is 2 times, then the second handshake if the server responds to the client’s confirmation message segment is missing, but right now the server is ready to receive data, and the client has received confirmation message from the server, the client is not clear whether the server is ready. In this way, the client will neither send data to the server nor ignore the data sent by the server.
7.2 Why does it take 2MSL to release the TCP connection after sending the acknowledgement message with 4 waves?
Also out of consideration for packet loss, if the message waved for the fourth time is lost, the server will resend the message waved for the third time without acknowledging the ACK message. The most common time for a message to come and go is 2 MSL, so it needs to wait such a long time to confirm that the server has indeed received it.