TCP / IP Basics TCP / IP protocol called Transmission Control / Internet Protocol, which is the foundation of Internet International Internet Network. TCP / IP is the basic communication protocol used in the network.
Although TCP / IP includes two protocols, Transmission Control Protocol (TCP), and Internet Protocol (IP) from the name, TCP / IP is actually a set of protocols, including protocols of all kinds of functions, such as: Remote login, file transfer, and email, etc., and TCP protocols and IP protocols are two basic important protocols that ensure data complete transmission. TCP / IP is usually said to be an Internet protocol, not just TCP and IP.
The basic transmission unit of the TCP / IP protocol is a data package (DataGram), the TCP protocol is responsible for dividing the data into several packets, and adds the header to each packet (just like a letter plus envelope), The corresponding number to ensure that the data receiving end can restore the data to the original format, the IP protocol plus the receiving host address on each header, so that the data finds it is going, if the data loss occurs during the transmission process , Data Distortion, etc., the TCP protocol automatically requires data retransmission and re-package. In short, the IP protocol guarantees the transmission of data, the TCP protocol guarantees the quality of data transmission. The transfer of TCP / IP protocol data is based on the four-layer structure of TCP / IP protocol: application layer, transport layer, network layer, interface layer, data to add a header in data every time, data is added, where data is supplied The receiving end is used in the same layer protocol, and at the receiving end, each layer is removed, so that the format of the transmitted data is completely consistent.
We generally say TCP in the transport layer, while IP is in the Internet layer.
TCP / IP applications include ping, telnet, ftp, finger, usually usually used in us.
Configuring TCP / IP includes IP addresses, subnet masks, and default gateways
Correct TCP / IP four steps: ping 127.0.0.1 (loopback address) If the TCP / IP has been loaded, ping himself indicates that the client is normal (mainly the network card), the PING gateway indicates that the local area network is normal, the PING routing address Expressed is completely normal, of course, you can also carry out the fourth step, generally don't have this trouble, but theory is the foundation :-)
The IP address is composed of four-segment binary number, IP is divided into four types of addresses A, B, C, D, E E.
The high end of the A category is 0, from 1.xYZ ~ 126.xyz .b high end is 10, from 128.xYz ~ 191.xyz C high end of 110, from 192.xYz ~ 223.xyz D high end 1110 is reserved The IP address E high end is 1111, which is the IP address used by research.
Where 255 is a broadcast address, 127 is an internal return function
If the company is not in the Internet, it will not worry about iPaddress, because all iPaddress can be used, whether it is aclass or bclass, this time does not think of the Subnet, but if the Ipaddress is precious, it is precious. At present, IPAddress has become more and less, and IPAddress applied is currently conservative, and IPADRESS can only be used in Internet, but can apply to a cclass to a cclass, Ipaddress for some companies. But there are multiple points to use, then the Subnet is required, this short document shows the principle of the Subnet and how to plan.
Introduction to SubnetMask
Setting any equipment on any online whether you are host, PC, Router, etc. need to set ipaddress, and follow the iPaddress's so-called NetMask, this NetMask's main purpose is to get NetWorkNumber in ipaddress, that is, iPaddress And NetMask is given to NetWorkNumber, as shown below iPaddress 192.10.10.611000000.00001010.00000000000000001010.00001010.00000110
NetMask 255.255.255.011111111.11111111.11111111.00000000
AND ------------------------------------------------- ------------------
etworkNumber 192.10.10.011000000.00001010.00001010.00000000
Netmask has a so-called preset value, as shown below
ClassipAddress range Netmask
A 1.0.0.0-126.255.255.255255.0.0.0
B 128.0.0.0-191.255.255.255255.255.0.0
C 192.0.0-223.255.255.255255.255.255.0
In the pre-NetMask are only 255 value, this value will not necessarily when it comes to SubnetMask 255 a.
In a complete set of CCLASS, such as 203.67.10.0-203.67.10.255.0, 203.67.10.0 called NetWorkNumber (IPADDRESS and NETMASK as AND), and 203.67.10.255 is Broadcast's iPaddress, so this? Can't use, actually only 254 iPaddress, etc. 203.67.10.1--203.67.10.254, which is the result of Netmask at 255.255.255.0, and the so-called SubnetMSK can divide the entire set of C Class into the array of NetWorkNumber, which is in Netmask. Hand feet, if you want to divide the entire set of CCLASS to set to 255.255.255.192, if you want to divide the whole group CCLASS into 8 groups of NetWorkNumber, NetMask is 255.255.255.224, how come, from the above knowing NetWorkNumber is IP Address and make a NetMask aND come, and will NetMask expressed in binary will remain a method is known, and is removed 0
192.10.10.193--11000000.00001010.00001010.10000001
255.255.255.0--11111111.11111111.11111111.00000000
-------------------------------------------------- ----------------
192.10.10.0--11000000.00001010.00001010.0000000000
The above is the result of 255.255.255.0 to Netmask, NetWorkNumber is 192.10.10.0, if using 255.255.255.24, the Netmask results are different.
192.10.10.193--11000000.00001010.00001010.10000000
255.255.255.224--11111111.11111111.11111111.11100000
-------------------------------------------------- ----------------
192.10.10.192--11000000.00001010.00001010.10000000
At this point, NetWorkNumber became 192.10.10.192, which is an Subnet.
How to decide that NetMask used, 255.255.255.224 in binary notation as 11111111.11111111.11111111.11100000, a change in the final set, 11100000 is 224 to 3 may represent three Bit 2 is 8 convenient two NetworkNumberNetMask The carry indication can be divided into several networks
255.255.255.0 11111111.11111111.11111111.000000001
255.255.255.128 11111111.11111111.11111111.100000002
255.255.255.192 11111111.11111111.11111111.110000004
255.255.255.224 11111111.11111111.11111111.111000008
255.255.255.240 11111111111111111111111111111111000016
255.255.255.248 11111111111111111111111111111111111111111111111111111111111111111111111111111111111
255.255.255.252 11111111.11111111.11111111.1111110064
The following use 255.255.255.224 will be divided into 8 groups of NetWorkNumber, each NetWorkNumber, and its BroadcastIPAddress and iPaddress.
NETWORKNUMBERBROADCAST iPaddress
1 203.67.10.0 203.67.10.31 203.67.10.1-203.67.10.30
2 203.67.10.32 203.67.10.63 203.67.10.33-203.67.10.62
3 203.67.10.64 203.67.10.95 203.67.10.65-203.67.10.94
4 203.67.10.96 203.67.10.127 203.67.10.97-203.67.10.126
5 203.67.10.128 203.67.10.159 203.67.10.129-203.67.10.158
6 203.67.10.160 203.67.10.191 203.67.10.161-203.67.10.190
7 203.67.10.192 203.67.10.223 203.67.10.193-203.67.10.222
8 203.67.10.224 203.67.10.255 203.67.10.225-203.67.10.254
Verify that the iPadDress used is as shown in the above table.
203.67.10.115--11001011.01000011.00001010.01110011
255.255.255.224--1111111111111111111111111111.11100000
-------------------------------------------------- ----------------
203.67.10.96--11001011.01000011.00001010.01100000
203.67.10.55--11001011.01000011.00001010.00110111
255.255.255.224--1111111111111111111111111111.11100000
-------------------------------------------------- ----------------
203.67.10.32--11001011.01000011.00001010.00100000
The other NetMask divided into NetWorkNumber can be built by the above method.
Subnet application
Using Subnet is to solve the problem with only a group of CCLASS but require a few networkNumber, not to solve the problem of iPadDress is not enough, because the iPaddress that can be used with Subnet can be used, Subnet is usually used in Taipei in Taipei, but The company uses the Router connection between the two, and also on the Internet, but only to a group of cclassipaddress, after ROUTER needs to use different network, so this must be used, of course the second office can Remotebridge, REMOTEBRIDGE Connection, there is no problem with Subnet, which does not discuss this, so online connection architecture and iPadDress use TCP / IP (Transfer Control Protocol / Network Protocol) in the above cases are a network communication protocol It standardizes all communication devices on the network, especially the data between the host and the other host, and the transmission method. TCP / IP is the foundation protocol of the Internet and a standard method for computer data packaging and addressing. In data transfer, it is possible to understand that there are two envelopes, TCP and IP are like envelopes. The information to be transmitted is divided into several segments. Each segment is plugged into a TCP envelope, and records on the letter cover The information of the section number, then put the TCP envelope into the IP large envelope, send the Internet. In the receiving end, a TCP package collects the envelope, extracts the data, restores the order before sending, and checks. If the error is found, the TCP will request retransmission. Therefore, TCP / IP can transmit data without error in the Internet.
In any physical network, each site has a machine identifiable address, which is called a physical address. There are two physical addresses.
Features:
The length, format, etc. of the physical address is part of the physical network technology, the physical network is different, the physical address is different.
Site on different networks may have the same physical address.
The above two points are determined, and network network communication cannot be performed with physical networks.
In the web terminology, the protocol is predetermined in advance to exchange data between two computers. TCP / IP is not one but a lot of agreements, which is why you often hear it represents a protocol set, while TCP and IP are just two basic protocols.
The TCP / IP software you put in computer provides a tool platform including TCP, IP, and TCP / IP protocol concentrated. In particular, it includes some high-level applications and FTP (file transfer protocols) that allow users to transmit network files on the command line.
TCP / IP is a research outcome of US government funded senior research programs (ARPA) in the 1970s, used to enabling a global research network to form a virtual network, which is an international Internet. original
The Internet is formed by converting existing networks, such as Arpanet to TCP / IP, and this Internet finally became a backbone network of today's Internet.
Today, TCP / IP is so important that it allows stand-alone grid to join the Internet or organization to form a private intranet (Intranet). Each network constitutes an internal network through one - do
The device of the router or IP router is physically coupled. The router is a computer used from a network to another network to transfer packets. In an inner network for use TCP / IP, information is transmitted by using a separate IP packet (IPPACKET) or IPDATAGRAMS). The TCP / IP software makes each other on the network to "see" on the network, in fact it hides the router and basic network architecture and makes it look like a big network. Like a 48-bit Ethernet address, it is necessary to confirm a 32-bit IP address as if you need to confirm an Ethernet address. We represent it with a point of decimal number, such as 128.10.2.3. Given the IP address of a remote computer, the local computer on an internal network or Internet can send data to the remote computer like two computers in the same physical network. TCP / IP provides a solution to solve how to exchange data between two computers belonging to the same internal network and sub-physical networks. This program includes a number of parts, while each member of the TCP / IP protocol set is used to solve some part of the problem. For example, the most basic protocol of the TCP / IP protocol-I -IP protocol is used to exchange data in the internal network and perform an important feature: Routing - Select Datashers From A Host to the path to the path, the path will pass, and use appropriate The router completes the span (HOP) between different networks.
TCP is a higher level it allows running data streams to run on different hosts. TCP scores data streams into small segments called TCP data segments (TCPSEGMENTS) and transmits using IP protocols. In most cases, each TCP data segment is installed in an IP datagram. However, if desired, TCP will divide the data segment into multiple datagrams, and the IP data decomposition is compatible with the physical data frame of transmitting bitstream and byte streams between different hosts in the same network. Since IP does not guarantee the order in which the received datagram, TCP will match the TCP data segment and form an uninterrupted data stream. FTP and Telnet are two TCP / IP applications that rely on TCP.
Another important TCP / IP protocol set is a user datagram protocol (
UDP), it is similar to TCP but is much larger than TCP. TCP is a reliable protocol because it has error checks and handshake confirmation to ensure the complete arrival destination. UDP is a "unreliable" protocol because it does not guarantee the same sequence of data reports, and even if they arrive. If there is a reliability requirement, the application avoids it. SNMP (Simple Network Management Protocol) with many TCP / IP tools is an application example of using UDP protocols.
Other TCP / IP protocols work after the TCP / IP network, but also play an important role. For example, Address Translation Protocol (ARP) converts IP addresses to physical network addresses such as Ethernet addresses. Instead, the corresponding reverse address conversion protocol (RARP) is the opposite work, the physical network address is converted to an IP address. Internet Control Packet Agreement (
ICMP) is a support protocol that utilizes IP to complete the control information and error information transmission when IP datagram is transmitted. For example, if a router cannot send an IP datagram, it will use ICMP to tell the sender here.
Network designers often use ISO / OSI (International Standardized Organization / Open System Interconnect) seven-layer model when solving network architecture, each of which represents a certain level of network function. The bottom is the physical layer, which represents the physical media that performs data transmissions, in other words, the network cable. It is the data link layer, which provides services through the network interface card. The uppermost layer is the application layer, which runs the application using the network service.
TCP / IP is equivalent to ISO / OSI model. When a data unit is flowing from the network application to the network interface card, it passes a list of TCP / IP modules. Each of this, the data unit will be packed together with the information required for the other end of the network. Thus when the data is finally transmitted to the NIC, it has become a standard Ethernet frame (assuming that the physical network is an Ethernet). The receiving TCP / IP software retakes the original data by stripping the Ethernet frame and transmitting the data over the TCP / IP stack to the receiving state (a method of understanding the TCP / IP work, It is information using the probe program to observe the information added by the different TCP / IP modules in the flow in the network). In order to outline TCP / IP played in the real network world, consider the web browser that uses HTTP (hypertext transfer protocol) from the web connected to the Internet
The situation that happens when a page HTML data is obtained on the server. In order to form a virtual link with the web server, the browser uses a high-level software called a socket in abstraction. In order to get the web page, it writes the command to the web server by writing the httpget command to the socket to the socket. Next, the interface software uses the TCP protocol to issue the byte stream and bitstream containing the get command, TCP segment the data and transmits each independent segment to the IP module, which converts the data segment into a data report and sends it to Web server.
If the browser and server are transported - on different physical networks (in general), the datagram passes from a network to another network until the network where the server is located. Finally, the data is transmitted to the destination address and is re-assemble so that the web server gets the data main dry by reading their own sockets, and then view the continuous data stream. For browser and servers, data is written to the socket at this end and the other end appears as magic, but this is only a variety of complex interactions that occur under the bottom, which creates data that is seamlessly transmitted by the network.
This is what TCP / IP is done: Many small nets into a big network. And on this big network is also the service of communication with each other's communication on the Internet.
comment:
There are many talks for TCP / IP, but only three key points here:
· TCP / IP is a protocol used to form different physical networks together to constitute the Internet. The TCP / IP is connected to separate networks form a virtual network, which is used to confirm that various independent is not physical network addresses, but an IP address.
· TCP / IP uses multi-layer architecture, which clearly defines the responsibility of each protocol. TCP and UDP provide high-level data transfer services to web applications and require IP to transfer packets. IP is responsible for selecting the right route to the packet to the destination.
• On the Internet host, there are two running applications to move up and down by the TCP / IP stack of the host. Information on the transmitting end TCP / IP module is added to the data will be filtered off on the TCP / IP module corresponding to the receiving end and will eventually restore the original data.
If you are interested in learning more TCP / IP knowledge, there are two higher levels of information source RFC (RequestForcomment) 1180 - called "TCP / IP Tutorial" documentation, you can use many popular RFC Internet nodes Upload. The other is the first volume of Internetworkingwithtcp / IP: Principles, Protocols, And Architectures, author Douglase.comer (1995, Prentice-Hall). As the first part of the three trilog, many people think as a TCP / IP Bible. (Original published in Vol.15NO.20)
Second, the safety of the transport layer
In the Internet Application programming, there is usually a generalized process communication (
The IPC) mechanism is derived with different levels of security protocol. The more popular two IPC programming interfaces are BSD Sockets and Transportation Terminal (TLI), which can be found in the UNIX system V command.
The first idea of providing secure services in the Internet is to strengthen its IPC interface, such as BSD sockets, etc., the specific practices include the authentication of the dual-end entity, the exchange of data encryption keys, etc. Netscape Communications Follow this idea to develop a security jacketed protocol (SSL) based on a reliable transmission service (such as TCP / IP). SSL Version 3 (SSL V3) was developed in December 1995. It mainly includes the following two protocols:
SSL Record Protocol It involves segmentation, compression, data authentication, and encryption of information provided by the application. The SSL V3 provides support for the MD5 and SHA and SHA and data encrypted by data authentication, which can be negotiated with the data to authenticate and encrypt data can be negotiated through the SSL's handshake protocol.
SSL handshake protocol is used to exchange version numbers, encryption algorithms, (mutual) authentication and switch key. SSL V3 provides support for the Defie-Hellman key exchange algorithm, RSA-based key exchange mechanism and another key exchange mechanism that implements on Fortezza CHIP.
Netscape Communications has launched an SSL reference implementation (called SSLREF) to the public. Another free SSL implementation is called SSLEAY. SSLREF and SSLEAY provide any TCP / IP application to provide SSL features. The Internet Number Assignment Authority (IANA) has allocated a fixed port number for an application with SSL function, for example, the port number of HTTP (HTTPS) assigned by SSL is 443, and the port number assigned by SSL SMTP (SSMTP) is 465. The port number assigned by the NNTP (SNNTP) with SSL is 563.
Microsoft launched an improved version of SSL2 called PCT (private communication technology). At least from the record format it uses, SSL and PCT are very similar. Their main differences are different on the most significant position of the version number field: SSL This bit takes 0, and the PCT is taken 1. After this, you can support these two protocols.
In April 1996, IETF authorized a transport layer safety (TLS) working group to set up a transport layer security protocol (TLSP) so as to be officially submitted to IESG as a standard proposal. TLSP will look like SSL in many places.
The main advantage of the Internet layer security mechanism, which has been described above is that its transparency, that is, the security service provides no change in the application layer. This is not available for the transport layer. In principle, any TCP / IP application, as long as the transport layer security protocol, such as SSL or PCT, you must perform several modifications to increase the corresponding function and use (slightly) different IPC interfaces. Thus, the main disadvantage of the transport layer safety mechanism is to modify the transmission layer IPC interface and the application. However, the modification here is quite small compared to the security mechanism of the Internet layer and the application layer. Another disadvantage is that UDP-based communications is difficult to establish a security mechanism in the transport layer. Compared with the network layer security mechanism, the main advantage of the transport layer security mechanism is that it provides process-based processes (rather than hosts) security services. This achievement can be quickly spanned forward if the application level security service is counted.
