TCP / IP foundation ---- Prepare for Linux (1) ============================== Thank Jephe moderator stand by! Introduction to TCP / IP Protocol Architecture 1. TCP / IP Tariff Stack Layer 4 TCP / IP This protocol complies with a four-story model concept: application layer, transport layer, interconnect layer, and network interface layer. The base layer of the network interface layer model is a network interface layer. Responsible for the transmission and reception of data frames, frames are independent network information transmission units. The network interface layer puts the frame online or takes the frame from the Internet. The interconnected interconnect protocol encapsulates the data package into an Internet datagram and runs the necessary routing algorithm. There are four interconnected protocols: Internet Protocol IP: Responsible for addressing and routing packets between hosts and networks. Address Resolution Protocol ARP: Gets hardware host addresses in the same physical network. Internet Control Message Protocol ICMP: Sends a message and reports the transfer error of the packet. Interconnected Management Protocol IGMP: By the IP host to report to the local multi-channel broadcast router to report the host group member. The transport layer transport protocol provides a communication session between the computer. The choice of transport protocol is determined according to data transmission. Two transport protocols: Transfer Control Protocol TCP: Provides a reliable communication connection for the application. Suitable for a large number of data for transmitting a large number of data. And apply to requests to obtain responses. User Data News Protocol UDP: Provides unconnected communication without a reliable guarantee for the transfer package. Suitable for transmitting small amounts of data at a time, reliability is responsible for the application layer. The application layer application accesss the network through this layer. Network Interface Technology IP Use Network Device Interface Specification NDIS to the Network Interface Layer. IP supports WAN and local network interface technologies. Serial Line Protocol TCP / IPG typically communicates data transfer on serial lines over the serial line through the Internet Serial Line Protocol SLIP or Point-to-Point Protocol PPP. (Is that we usually call it asynchronous communication, friends who want to provide Linux to establish a remote connection, should study more knowledge)? TCP / IP foundation ---- Prepare for Linux (2) == ============================ 2, ARP wants to communicate on the network, the host must know the hardware address of the other host (we are not old The physical address of the network card is encountered. Address analysis is the process of maping host IP addresses as hardware addresses. Address Ethics Agreement ARP is used to obtain the hardware address of the host in the same physical network. Interpret local IP addresses (to understand how the address parsing work process is optimistic) Host IP address parsing to hardware addresses: (1) initialize ARP requests when a host is in communication with other hosts. When the IP determines the IP address, the source host finds the hardware address of the target host in the ARP cache. (2) If the mapping is not found, the ARP creates a request. The source host IP address and hardware address will be included in the request, which allows all local hosts to receive and process all local hosts. (3) Each host on the local network receives a broadcast and looks for a matching IP address. (4) When the IP address in the target host concluding request is consistent with his own, send an ARP reply to pass its hardware address to the source host. Update its ARP cache as the IP address of the source host and the hardware address. The source host has established communication after receiving an answer. Passion Remote IP Address Different networks communicate with each other, ARP broadcast is the default gateway of the source host. The target IP address is a remote network host, and the ARP will broadcast an address of a router. (1) When the communication request is initialized, the target IP address is known to the remote address.
The source host is looking for in the local routing table, if not, the source host considers the IP address of the default gateway. Find the IP address (hardware address) that matches the gateway record in the ARP cache. (2) If the record of the gateway is not found, the ARP will broadcast the address of the request gateway instead of the target host. Routers use their own hardware address response source host's ARP request. The source host sent the packet to the router to transmit the network of the target host, and finally reaches the target host. (3) On the router, the IP determines that the target IP address is local or remote. If it is local, the router gets the hardware address with ARP (cache or broadcast). If it is a remote, the router finds the gateway in its routing table, and then uses the ARP to get the hardware address of this gateway. The packet is sent directly to the next target host. (4) After receiving the request, the target host receives the ICMP response. Because the source host is on the remote network, the gateway of the source host network will be found in the local routing table. After finding the gateway, ARP gets its hardware address. (5) If the hardware address of this gateway is not in the ARP cache, it is obtained via ARP broadcast. Once it gets the hardware address, the ICMP response is sent to the router and then passes to the source host. The ARP cache is reduced, and the ARP saves the address mapping in the cache to standby. ARP cache is saved with dynamic items and static items. Dynamic items are automatically added and deleted, and the static item remains in Cache until the computer restarts. The ARP cache always retains the hardware broadcast address (0xfffffffffffh) as a permanent item for the local subnet. This enables the host to accept ARP broadcasts. This item is not displayed when viewed. The life cycle of each ARP cache record is 10 minutes, and it is deleted within 2 minutes. When the cache is full, remove the oldest record. Add Static (Permanent) Record to reduce the number of ARP requests to access the host by adding a static ARP item. The field of the ARP package is as follows: Hardware Type - Hardware (Network Access Layer) Type. Protocol Type - The protocol in the parsing process uses the Ethernet value. The hardware address length - the byte length of the hardware address, for the Ethernet and the token ring, its length is 6 bytes. The protocol address length - the length of the protocol address byte, the length of IP is 4 bytes. Action Number - Specifies the field where the current execution operation is executed. The sender's hardware address - the sender's hardware address. The sender's protocol address - the sender's protocol address. Destination Station Hardware Address - The hardware address of the target. Destination Stand Agreement Address - The target address of the target. ? TCP / IP base ---- preparation (3) 3 ============================== as Linux, ICMP and IGMP Internet Control Message Protocol ICMP is used to report errors and control the message on behalf of IP. IP uses the interconnected group management protocol IGMP to tell the router, and the available hosts in a guidance group on a network. ICMP ICMP Source Suppression Message: When the TCP / IP host sends data to another host, if the speed reaches the saturation state of the router or the link, the router issues an ICMP source suppression message. ICMP Packet Structure Type: A 8-bit type field indicating the ICMP packet type. Code: A 8-bit code domain indicates a feature in the specified type. If there is only one function in a type, the code field is set to 0. Test and: a 16-bit inspection on the ICMP section in the packet. The specified data of the type will be added with each ICMP type. The IGMP IGMP information is transmitted to another router to enable each host group that supports multiple broadcast routers and which network. IGMP package structure version: IGMP version, value is usually 0x1h. Type: The type of IGMP message.
The 0x1H type is called a host member request, and one network is used to specify any member in the multi-stage group on multiple broadcast routers. The 0x2h type is called the host member report, and the host is used to publish the member of the specified group or an answer to the host member request of a router. Unexpected: Unused domain names are zeroed by the sender and is ignored by the recipient. The inspection and: a 16-bit test of the IGMP header. Group Address: Host uses this group address to store IP multiplex addresses in a host member request. In the host member request, the group address is fully zero, and the hardware level multi-channel broadcast address is used to indicate the host group. 4, IP IP is an unconnected protocol, mainly responsible for addressing and setting the route for packets in the host, and does not establish a session before switching data. Because it does not guarantee correct delivery, on the other hand, the data does not need to be confident when it is received, so it is unreliable. There are some fields, when the data is passed down from the transport layer, will be attached to the packet, let's take a look at these fields: Source IP Address: Determine the Data Report by IP Address. Target IP Address: Determine the Data Report Target with IP Address. Agreement: Whether IP of the destination machine will be passed to TCP or UDP. Check and: A simple mathematical calculation is used to confirm the integrity of the received package. TTL Survival Effective Time: Specify how much time (in seconds) before the network is discarded. It avoids the loop in the network. The router will decrease TTL based on the time that the data is resident in the router. Data reported through a router, TTL is reduced at least one second. According to the knowledge about ARP, if the IP address target is a local address, IP passes the packet directly to that host; if the target address is the remote address, IP looks for the routing of the remote host in the local routing table ( It seems that we usually dial 114). If you find a route, IP uses it to transfer packets. If you have not found it, you will send the packet to the default gateway of the source host, also known as a router. (Many times, I have been engaged in gateways and routers. In fact, I feel that it is not necessarily dead to die in learning. Now the hardware and software combined products have more and more products, it is very clear, as long as we use it, you can solve the actual Question.) This package is uploaded to IP after receiving a package: (1) If traffic is blocked (it is very terrible), the package is stagnant in the router, TTL is at least 1 or more. If it falls to 0, the package will be abandoned. (2) If the package is too large for the next network, IP will split it into several packets. (3) If the package is decomposed, IP makes a new head for each new package, including: a flag, used to display other packets after it; a small package ID, used to determine all packets together; a small package Move, used to tell the receiving host how to re-combine them. (4) IP calculates a new inspection and. (5) IP gets a route target hardware address. (6) IP forwarding package. At the next host, the package is sent to TCP or UDP. Each router must repeat the process. Until the package reached the final place. When the package reaches the final destination, IP will be loaded into the original package. TCP / IP foundation ---- Prepare for Linux (4) ======================================= 5, TCP TCP is A reliable connection-oriented delivery service. It is done when transmitting data, and host exchange data must establish a session.
It communicates with bitstream, that is, data is used as a structural stream. The sequence number is specified by the field transmitted by each TCP to obtain reliability. If a segment is decomposed into a few small segments, the receiving main chance knows if all small segments have been received. By sending a response, confirming that other hosts have received data. For each small segment sent, the receiving host must return a confirmation at a specified time. If the sender does not receive a confirmation; the data will be resended; if the received data package is corrupted, the receiving host will discard it because it is not sent, the sender will resend the segment. Port Sockets utility uses a protocol port number to indicate the uniqueness of your application. The port can use any numbers between 0 and 65536. In the service request, the operating system dynamically assigns a port number for the client's application. Socket socket is similar to the file handle because its function is the endpoint of network communication. A application is customized to generate a socket: Host IP address, service type (connected service is TCP, unconnected service is UDP), the port used in the application. The TCP port TCP port provides a fixed location for information, and the port number is less than 256 is defined as a common port. TCP's three handshake TCP conversations initialize through three handshakes. The purpose of the three handshake is to synchronize the transmission and reception of the data segment; tell why it hosts the amount of data that can be received, and establishes a virtual connection. Let's take a look at the simple process of these three handshakes: (1) Initialization The host issues a session request through a data segment set by a synchronization flag. (2) The receiving host represents the reply by sending back the data segment having the following items: the synchronization flag is set, the order of the start bytes of the severned data segment, answers and with the words that will receive the next data segment Sequential sequence number. (3) Request the host to return a data segment and have confirmation sequence number and confirmation number. The TCP Slide window TCP sliding window is used to temporarily save the data to be transmitted between two mains, a bit similar to cache. Each TCP / IP host has two sliding windows: one for receiving data and the other for transmitting data. 6. UDP User Data News Agreement UDP provides connectionless data report services. It applies to applications that do not have to respond and usually transmit only a small amount of data. The UDP port port is used as a multiplexed message queue. 15 NetStat Network Status 53 Domain Domain Name Server 69 TFTP ordinary file transfer protocol 137 NetBIOS-NS NetBIOS command service 138 NetBIOS-DGM NetBIOS Datashers 161 SNMP SNMP Network Monitor TCP / IP Basics ---- Prepare for Linux (5) ============================== ip address assignment 1, the IP address IP address identifies the location of a system in the network. We know that each IP address is composed of two parts: the network number and host number. The network number identifies a physical network. All hosts on the same network require the same network number, which is unique in the Internet; the host number determines a work end, server, and router other TCP / IP hosts in the network. For the same network number, the host number is unique. Each TCP / IP host is determined by a logical IP address. There are two representations of the network number and host number IP address: binary representation (1 and 0 too much, it is unclear) and diverse decimal representation. Each IP address is 4 bytes, consists of four 8-bit domains, which is usually called an eighth body. The eighth body is brought by the period. Separate, representing a decimal number between 0-255. The four domains of an IP address indicate the network number and host number, respectively. 2. The address type is the network that adapts to different sizes, and the Internet defines five types of IP addresses.
You can determine the type of address by the first eight digits of the IP address: Type IP Form Number A Class A WXYZ W XYZ Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class Class 5 Address: A Class Address: Yes With a large number of hosts, the highest bit is 0, the 7th digits that are immediately represented by the network number, and the remaining 24 represents the host number, and 126 networks are allowed to have a total of 126 networks. Class B Address: Assigned to a medium-size and large-scale network, the highest two are always placed in binary 10, allowing 16384 networks. Class C Address: It is used for local area networks. The high three is set to a binary 110, allowing approximately 2 million networks. Class D Address: It is used for multiple broadcast group users, and the high four bits are always set to 1110, and the remaining bits are used to indicate the group to which the client belongs. The E-address is an address only for the test. 3. Address Assignment Guide to comply with the following guidelines when assigning the network number and host number: (1) The network number cannot be 127. Everyone knows that the identification number is reserved for loop and diagnostic function, remember usually ping 127.0.0.1? (2) You cannot use all between the network number and the host number 1. If each bit is 1, this address will be interpreted as the network broadcast instead of a host number. (TCP / IP is a broadcast protocol) (3) Corresponding to one, you can not set 0, otherwise the address is interpreted as "this network". (4) For this network, the host number should be unique. (Otherwise, an IP address has been assigned or conflicted.) Assigning the network number for each network, wide-area connection, must have a unique network number, the host number is used to distinguish between the same physical network. If the network is connected by a router, each wide area connection requires a unique network number. Allocating host number host numbers is used to distinguish different hosts in the same network, and the host number should be unique. All hosts include the interface between the routers, and should have a unique network number. The host number of the router is configured as the default gateway address of the workstation. Effective host number A: W.0.0.1 - W.255.255.254 C Class: WX0.1 - WX255.254 C Class: WXY1 - WXY254 TCP / IP foundation ---- Prepare for Linux ( 6) ============================== 4, every host on the subnet shield and IP address TCP / IP need Use a subnet screen. It is a 4-byte address that is used to encapsulate or "screen" part of the IP address to distinguish between network numbers and host numbers. When the network has not been divided into subnets, the default subnet is shielded; when the network is divided into several subnets, it is necessary to use custom subnets. Defaults Let us take a look at the default subnet shield value, which is used for a network that has not been divided into subnet. Even in a single network, each host also needs such a default. Its form relies on the address type of the network. In its 4 bytes, all the bits of the corresponding network number are set to 1, so the decimal value of each eighth body is 255; all the bits of the host number are set to 0. For example: C-network address 192.168.0.1 and the corresponding default shield value 255.255.255.0. Determine the destination address of the packet We said that the operation of "with" and "the shield value and IP address value is actually an internal process, which is used to determine a host that is transmitted to the local or remote network. Its corresponding operational process is this: When TCP / IP is initialized, the IP address of the host "and" the host's IP address and the subnet screen.
Before the packet is sent, then the destination address and the shield value are "and" so if the source IP address and destination IP address match, the IP protocol knows the packet to belong to a host on the local network; otherwise the packet Will be sent to the router. Note: We know that "and" operations are compared to the corresponding bits in each bit in the IP address with the subnet. Establish a subnet 1. Introduction to the subnet, a network may actually have multiple physical network segments. We call these network sections as subnets, and the IP address used is derived from a network number. Divide a network into a number of subnets, you need to use different network numbers or subnet numbers. Of course, the division is the advantage of it. By dividing the subnet, each unit can connect complex physical network segments into a network, and can: (1) mixing using multiple technologies, such as Ethernet and token rings network. (The most popular interfaces are supported) (2) overcome the limitations of current technologies, such as breaking through the maximum number of restrictions per segment. (3) Redirect transmission and reduce the transmission of the network to mitigate the crowding of the network. Before the subnet is divided into the universal network, we must first analyze your needs and future planning. Under normal circumstances, we follow this guidelines: (1) Determine the number of physical segments in the network. (Is the number of subnets) (2) Determine the number of hosts required for each subnet. Pay attention to at least one IP address of a host. (3) Based on this requirement, definition: The subnet mask of the entire network, the unique subnet number of each subnet and the host number of each subnet. Before defining a subnet, the subnet is defined before defining a subnet mask, it is important to determine the number of subnets needed in the future and the number of hosts per subnet is essential. Because when more bits are used for subnet masking, there are more available subnets, but the number of hosts in each subnet will be reduced. (This and the concept of defining the IP address) TCP / IP foundation ---- Prepare for Linux (7) ======================== ====== 2, defined subnet shields When the network is divided into several subnets, they must define a subnet mask. Let's take a look at the definition step: (1) Determine the number of physical networks is the number of subnets, and convert this number into binary numbers. For example, the class B address, 6 subnets are 110. (2) Calculate the number of binary positions (number of subnets) of the physical network segment, here is 110, so it takes 3 bits. (3) Convert this back code to the corresponding decimal value in a high order (from left to right), because three digits are required, the top 3 of the host number as the subnet number, here is 11100000, so shield is 255.255.254.0 . 3. The definition subnet number subnet number is the same as the number of bits of the subnet. (1) List the number of bits used in order high to low in order. For example, the subnet shield uses 3 digits, and the binary value is 11100000. (2) Convert the lowest one to a decimal, use this value to define the increment of the subnet. This example is 1110, and the increment is 32. (3) Use this increment to add the subnet number starting from 0 until the next value is 256. This example is W.x.32.1- W.x.63.254, W.x.64.1-W.x.127.254, etc. 4, the host number in the defined subnet seeing from the above example, once the subnet number is defined, the host number of each subnet has been determined. We do the value obtained after each increment indicated the starting value of the main number range in the subnet. Determine the number of hosts in each subnet (1) calculate the number of bits available to the host number. For example, in the Class B network, the network number is defined with 3 bits, then the remaining 13 bits define the host number. (2) The number of seats is also converted to a decimal number, then minus 1.
For example, 13-bit value 1111111111111 is converted to decimal, that is, 8191, so the number of hosts of each subnet in this network is 8190. Implement IP Routing 1, IP Routing Introduction Routing is the process of selecting a packet transfer path. When the TCP / IP host sends an IP packet, there is a route, and it will appear again when the IP router is reached. The router is a device from a physical network to another physical network, and the router is typically referred to as a gateway. For the transmitted host and router, you must decide where to forward the packet. When deciding the route, the IP layer query is located in the routing table in the memory. (1) When a host tries to communicate with another host, the IP first decides whether the host is a local network or a remote network. (2) If the destination host is a remote network, the IP will query the routing table to select a route for the remote host or remote network. (3) If a clear route is not found, the IP transmits a data to another router with a default gateway address. (4) In this router, the routing table is again routing the remote host or network query, and if the route has not been found, the packet will be sent to the default gateway address of the router. For each routing, the packet is transferred to the next step, called a "hop" and eventually transmitted to the destination host. If no route is found, the source host will receive an error message. TCP / IP foundation - - Prepare for Linux (8) ============================== p p p i i i i i i i The route mode used by the routing router determines how it gets routing information. Static routing is a function of the IP protocol, which needs to create a route table and perform artificial refresh. If the route changes, the router of the static mode does not know each other, nor does it exchange with the dynamic router. Dynamic routing is a functional implementation of routing protocols, such as: Routing Information Protocol RIP and Open Shortest Path Protocol OSPF, etc. These protocols periodically interrupted routing information known to each other between routers using dynamic approach, including information, can also be automatically notified. 2, static IP routing static routers can only communicate with networks with known interfaces and work properly. At this point, a routing table can be added to each network or increase the default gateway address for the local interface of another router. Configuring a host to communicate with other hosts on the network, the configuration of the gateway address is configured, and the router is matched to the IP address of the local interface. A static route configuration method that does not need to manually increase the route is to put each multi-interface host's default gateway address, other multi-interface hosts on a public network, of course, this method is only in two static routers. It is feasible if it is possible. Creating a routing table We can use the route command to add routing projects. For example, this command: # Route Add Default 192.168.1.254 Added an address of the default gateway in the routing table. Other use methods can see the description of the route command in the man.
