TCP/IP Layer 5 protocol

Before explaining TCP/IP communication transport flows, let’s review the five layer protocols of TCP/IP.

Application layer: The activities that determine communication when providing application services to users. The TCP/IP protocol family stores various common application services. For example, FTP, DNS, and HTTP.

Transport layer: Transport layer to upper application layer, providing data transfer between two computers in a network connection. At the transport layer, there are two different protocols: Transmission Control Protocol (TCP) and User Data Protocol (UDP).

Network layer: The network layer handles the packets that flow over the network. A packet is the smallest unit of data transmitted over a network. This layer defines the path through which the packets are sent to each other’s computers. When communicating with the other computer through multiple computers or network devices, the role of the network layer is to select a transmission route among many options.

Data link layer: on the basis of bitstream service provided by the physical layer, the data link between adjacent nodes is established, the error-free transmission of data frames on the channel is provided through error control, and the action series of each circuit is carried out. The units of data are called frames.

Physical layer: The physical layer is built on the basis of the physical communication medium. As the interface between the system and the communication medium, the physical layer is used to realize the transparent bit stream transmission between entities of the data link. Only this layer is the real physical communication, and other layers are virtual communication.

TCP/IP data transfer flow

The client makes an HTTP request at the application layer (HTTP protocol).

To facilitate transmission, the transport layer (TCP) divides the data (HTTP request packets) received from the application layer, marks the serial number and port number of each packet, and forwards the packets to the network layer.

At the network layer (IP protocol), add the MAC address as the communication destination and forward it to the data link layer. At this point, the request to the server is ready.

When the server receives data at the link layer, it sends the data to the upper layer in sequence until it reaches the application layer. The request sent by the client is received only when it is transmitted to the application layer.

What is a MAC address?

Media Access Control addresses, also known as LAN addresses, Ethernet addresses, or Physical addresses, It is an address used to confirm the location of devices on the Internet. The Address Resolution Protocol (ARP) is a Protocol used to resolve addresses. It can find out MAC addresses based on IP addresses.

The following figure shows the Intranet IP and MAC addresses of a PC. On the terminal (MAC OS), enter ifconfig and find EN0 to search for local Ethernet information.

So what is a MAC address? We know that IP addresses are mutable and can be assigned to a device in various ways, such as DHCP, PPP, static IP, etc. MAC addresses do not change. A device is branded with a unique identifier during production. This unique identifier is the MAC address.

Here’s an interesting example: if you order takeout at work at noon, the delivery address must be the address of the company; When you get home at night and order takeout, you have to write down your address (IP is dynamic). But wherever you order food, the name and phone number on the order must be your own (MAC address).

The delivery guy delivers lunch to the company’s front door, but you’re not the only one (multiple devices are on the same broadcast network), so he’ll find you by phone number and name.

UDP protocol.

The User Datagram Protocol (UDP) is a simple Datagram – oriented transmission Protocol. In the TCP/IP model, UDP provides a simple interface above the network layer and below the application layer. UDP provides only unreliable delivery of data and does not retain a backup of data once it has sent the data sent by the application to the network layer. UDP adds only reuse and validation to the header of an IP datagram.

Its characteristics are as follows

UDP lacks reliability. UDP does not provide the confirmation sequence number, sequence number, and timeout retransmission mechanism. UDP datagrams may be copied and reordered on the network. That is, UDP does not guarantee that datagrams will reach their final destination, the order of the datagrams, or that each datagram will arrive only once.

The UDP header has a low overhead and contains the following data:

Two hexadecimal port numbers: source port and destination port. The length of the entire data packet. The checksum of the entire data packet, used to find errors in header information and dataCopy the code

UDP is connectionless. The UDP client and server do not have to have a long-term relationship before. UDP also does not require a handshake to create a connection before sending datagrams.
UDP supports not only unicast, but also multicast and broadcast.

Domain Name System (DNS)

DNS uses TCP for zone transmission and UDP for other times.Copy the code

Simple Network Management Protocol (SNMP)

Dynamic Host Configuration Protocol (DHCP)

Routing Information Protocol (RIP)

TCP protocol

Transmission Control Protocol (TCP), defined by RFC 793 of the IETF, is a connection-oriented and reliable transport-layer communication Protocol based on byte stream services. The Byte Stream Service divides a chunk of data into packets based on segment for convenient transmission.

TCP provides a connection-oriented, reliable byte stream service
In a TCP connection, only two parties communicate with each other. Broadcast and multicast cannot be used with TCP
TCP uses checksum, acknowledgement, and retransmission mechanisms to ensure reliable transmission
TCP sorts data into sections and uses cumulative validation to ensure that the order of the data is constant and non-repetitive
TCP uses the sliding window mechanism to control traffic, and dynamically changes the window size to control congestion

TCP packet

The port number

Source port number: The source port and IP address identify the return address of the packet.

Destination port number: The destination port specifies the application program interface on the receiving computer.

Serial number: It is the serial number of the first byte of the data set sent by the current message segment. In a TCP stream, each byte has a sequence number. For example, if the serial number of a packet segment is 300 and the data part of this packet segment is 100 bytes, the serial number of the next packet segment is 400. Serial numbers ensure the order of TCP transmission.

** Confirmation number: ** is the ACK(acknowledgement), indicating the next byte serial number expected to be received, indicating that all data before the serial number has been correctly received. The confirmation number is valid only when the ACK flag is 1. For example, when establishing a connection, the ACK bit of the SYN packet is 0.

Length of head: Since the header may contain optional content, the length of the TCP header is uncertain. If the header does not contain any optional fields, the length is 20 bytes. The maximum length of the 4-bit header field can be 1111, which is 15 in decimal notation, 15*32/8 = 60, so the maximum length of the header is 60 bytes. The header length is also called data offset because it actually indicates the starting offset of the data area in the packet segment.

Reserved: Reserved for defining new uses in the future, now set to 0.

Window: The sliding window size is used to inform the sender of the cache size of the receiver, so as to control the rate at which the sender sends data and achieve flow control. The window size is a 16bit field, so the maximum window size is 65535.

Checksum: The parity check. The checksum is calculated in 16-bit characters for the entire TCP packet segment, including the TCP header and TCP data. It is calculated and stored by the sender and verified by the receiver.

Emergency pointer: The emergency pointer is valid only when the URG flag is set to 1. The emergency pointer is a positive offset that is added to the value in the ordinal field to indicate the ordinal number of the last byte of the emergency data. TCP emergency mode is a way for the sender to send emergency data to the other end.

Options and padding: The most common optional field is the Maximum Segment Size (MSS). Each connection usually specifies this option in the first Segment of the communication (the Segment where the SYN flag is set to 1 to establish the connection). It indicates the Maximum length of the Segment that the local end can accept. The option length does not have to be a multiple of 32 bits, so padding bits are added, that is, adding an extra zero to the field to ensure that the TCP header is a multiple of 32.

Data part: The data part of the TCP packet segment is optional. When a connection is established and when a connection is terminated, only the TCP header is exchanged. If one party has no data to send, the header without any data is also used to acknowledge the received data. In many cases of processing timeouts, a segment of the message without any data is also sent.

Write so much above is not too easy to remember, in fact, do not have to remember all, remember a general processCopy the code

TCP setting up a connection (three-way handshake)

Three-way handshaking is when a TCP connection is built, a client and a server send three packets. Its purpose is to connect to the specified port of the server, establish a TCP connection, and synchronize the serial number and confirmation number of both sides, exchange TCP window size information. In socket programming, a three-way handshake is triggered when the client executes connect().

SYN: Indicates the Synchronize Sequence number. Is a handshake signal used by TCP/IP to establish a connection. When a normal TCP network connection is established between the client and server, the client sends a SYN message. The server uses a SYN+ACK response to indicate that it has received the message. Finally, the client responds with an ACK message. In this way, a reliable TCP connection can be established between the client and server, and data can be transferred between the client and server.

Seq: Serial number, what does that mean? When sending a piece of data, the data is broken up into multiple packets to be sent. The serial number numbers each packet so that the receiver can reassemble the packet.

Ack: This represents the number of the next packet, which is why on the second request, ack is seq+1,

First handshake

The client first sends a packet with the SYN value 1 to the server, specifying which interface the client wants to connect to and the initial sequence number X. After sending the packets, the client enters the SYN_SEND state.

Second handshake

The server replies with a SYN/ACK packet. SYN=1, ACK=1. The server selects its ISN sequence number, places it in seQ, and sets ack sequence number to the ISN+1 (x+1) of the client. After sending the packets, the server enters the SYN_RCVD state.

Third handshake

After receiving the acknowledgement, the client sends another packet with an ACK flag. That is, ACK=1, ACK= y+1, and its sequence number seq=x+1. After the sending is complete, the client and server enter the ESTABLISHED state. At this point, the three handshakes ended.

Why three handshakes? Why not two?

To ensure reliable data transmission, both parties of the TCP protocol must maintain a serial number to identify which packets have been received. The three-way handshake is a necessary step for communication parties to inform each other of the start sequence number and confirm that the other party has received the start sequence number

In the case of two handshakes, at most only the initial sequence number of the connection initiator can be confirmed, and the sequence number selected by the other party cannot be confirmed.

What if the connection has been established, but the client suddenly fails?

TCP also has a keep-alive timer, so if the client fails, the server cannot wait forever, wasting resources. The server resets this timer every time it receives a request from the client, usually for two hours. If it does not receive any data from the client within two hours, the server sends a probe segment, which is then sent every 75 seconds. If there is no response after 10 probe packets are sent, the server assumes that the client is faulty and closes the connection.

TCP closes the connection (four waves)

First wave

The client calls close() and sends a packet with FIN (Finish) flag 1 to the server to indicate that all data has been sent. At this point, the client enters the FIN_WAIT_1 state. According to TCP, FIN packets consume a sequence number even if they do not carry data.

Second wave

After receiving the release packet from the client, the server sends an ACK packet containing ACK=1 and ACK= U +1 and its serial number seq= V. Indicates that you have received the client’s request to close the connection, but are not ready to close the connection (half-closed), meaning that the client has no data to send, but the server may still send data. After sending the packet, the server enters the CLOSE_WAIT state.

After receiving the packet, the client enters the FIN-WaIT-2 state and waits for the server to send a connection release packet.

Third wave

When the server is ready to close the connection, it sends a connection release packet containing FIN=1 and ACK = U +1 to the client. Since the server is in the semi-closed state, it is likely that it sent some more data, assuming the serial number is seq= W. After sending, the server enters the last-ack state.

Fourth wave

After receiving the connection release packet from the server, the client needs to send an ACK packet with ACK=1 and ACK= W +1. The serial number of the client is SEq = U +1 and the client enters the time-wait state. The ACK packet that requires retransmission may occur during the waiting process.

In this case, the TCP connection is not released and the client can enter the CLOSED state only after the Maximum Segment Lifetime (MSL) period expires.

The server enters the CLOSED state immediately after receiving the confirmation from the client. Similarly, revoking the TCB terminates the TCP connection. Therefore, the server ends the TCP connection earlier than the client.

What means does TCP have to ensure reliable delivery

Differences between UDP and TCP

dns

DNS Message Format

The request packet and the reply packet returned by the DNS server are in the same format:

Session ID (2 bytes) : INDICATES the ID of a DNS packet. This field is the same for the request packet and the corresponding reply packet. It can be used to distinguish which DNS reply packet is the response to the request.

Flag (2 bytes) : It has 8 parts, as shown below:

Questions Query field

QNAME unsigned 8bit indicates the query name. The length is unlimited.

QTYPE An unsigned integer of 16 bits indicates the protocol type to be queried.

QCLASS An unsigned 16bit integer indicates the class to be queried.

Answer/Authority/Additional

All three have the same format, as follows:

DNS Resolution Record

If you have ever built a website, you must be familiar with DNS resolution records. Let’s review the table below.

Domain name Resolution Process

The system checks the browser cache for an IP address that has been resolved for the domain name. If it does, the resolution process ends. The browser cache is controlled by the expiration time of the domain name and the size of the cache.
If the user does not have one in the browser cache, the browser looks for the local Host file in the operating system cache.
The router may also have a cache.
If you can’t find it in the first few steps, you’ll go to the Local DNS (LDNS), which is the DNS (usually two) assigned to you by your ISP. In most cases, this is where the domain name will be resolved. Here are the two DNS provided to me by Cloudflare.

If not found in LDNS, the Root Server is requested to resolve the DNS. The root DNS Server returns to the local DNS Server a query for the master DNS Server (gTLD Server) address. GTLD is an international top-level domain name server, such as.com,.cn and.org. There are only about 13 gTLD servers in the world.
The local DNS Server will send a request to the gTLD Server address, and it will return the address of a Name Server. This Name Server is usually the Name Server from which your domain Name is registered, such as NameCheap, Dogdad, Wanwang, etc.
Name Server The DNS Server queries the mapping table between storage domain names and IP addresses. In normal cases, the DNS Server obtains the destination IP address records based on the domain Name and returns them together with a TTL to the local DNS Server.
The local DNS server caches the IP address based on the TTL and returns the resolution result to the client. The client then caches the IP address information to the local system cache based on the TTL. At this point, domain name resolution is complete.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

TCP/IP traffic

TCP/IP Layer 5 protocol

What is a MAC address?

UDP protocol.

TCP protocol

TCP setting up a connection (three-way handshake)

What means does TCP have to ensure reliable delivery

Differences between UDP and TCP

dns

DNS Message Format

DNS Resolution Record

Domain name Resolution Process

TCP/IP traffic

TCP/IP Layer 5 protocol

What is a MAC address?

UDP protocol.

TCP protocol

TCP setting up a connection (three-way handshake)

What means does TCP have to ensure reliable delivery

Differences between UDP and TCP

dns

DNS Message Format

DNS Resolution Record

Domain name Resolution Process

Related Posts

Five Canvas Advanced Tips you may need ❤

Pure dry, plugin implementations automatically format according to ESLint rules

Odd and even trees