(Essence) Detailed explanation of computer operating system network model on September 1, 2020

(Essence) Detailed explanation of computer operating system network model on September 1, 2020

1. the system structure

The collection of various layers of computer networks and their protocols is called the network architecture. According to different dimensions, it is often divided into seven-layer, five-layer, and four-layer network structures:

1.1 Seven-layer network model

The Open System Interconnection Model (OSI model for short) is a conceptual model proposed by the International Organization for Standardization and trying to become a standard framework for computers to be interconnected as a network worldwide. It has a seven-layer network structure .

1.2 Four-layer network model

Internet Protocol Suite (IPS) is a collection of multiple network transmission protocols, which provides architectural support for the basic communication of the Internet. Since the two core protocols in this protocol suite are TCP (Transmission Control Protocol) and IP (Internet Protocol), it is also called TCP/IP Protocol Suite (TCP/IP Protocol Suite or TCP/IP Protocols), Referred to as TCP/IP, it has a four-layer network structure.

1.3 Five-layer network model

The OSI seven-layer network model was formulated by the International Organization for Standardization, which is an international standard in the orthodox sense. However, its implementation is too complicated and the formulation cycle is too long. Before the launch of its entire set of standards, the TCP/IP model has been widely used worldwide, so the TCP/IP model is the de facto international standard. The TCP/IP model defines the four-layer network structure of application layer, transport layer, internet layer, and network interface layer, but does not give the specific content of the network interface layer. Therefore, in learning and development, the network interface layer is usually replaced with To understand the data link layer and physical layer in the OSI seven-layer model, this is the five-layer network model:

application layer: directly provides services for application processes. The application layer protocol defines the rules for communication and interaction between application processes. Different applications have different application layer protocols, such as HTTP protocol (World Wide Web service), FTP protocol (file transfer), SMTP protocol (e-mail), DNS (domain name) Query) and so on.
Transport layer (transport layer): Sometimes translated as the transport layer, it is responsible for providing communication services for the processes in the two hosts. This layer mainly has the following two protocols:
Transmission Control Protocol (TCP): Provides connection-oriented and reliable data transmission services. The basic unit of data transmission is segment;
User Datagram Protocol (User Datagram Protocol ) Datagram Protocol (UDP): Provides a connectionless, best-effort data transmission service, but does not guarantee the reliability of data transmission. The basic unit of data transmission is user datagram.
Internet layer: Sometimes translated as the Internet layer, it is responsible for providing communication services for two hosts, and passing data to the target host by selecting a suitable route.
Data link layer (data link layer): Responsible for encapsulating the IP datagrams handed over by the network layer into frames, and transmitting frames between two adjacent nodes on the link. Each frame contains data and necessary control information ( Such as synchronization information, address information, error control, etc.).
Physical layer (physical layer): to ensure that data can be transmitted on a variety of physical media, to provide a reliable environment for data transmission.

2. the physical layer

The physical layer considers how to transmit data on various media. It defines interface characteristics related to the transmission media, such as:

Mechanical characteristics: specify the shape and size of the connector used in the interface, the number and arrangement of leads, fixing and locking devices, etc.
Electrical characteristics: Specify the range of voltages that appear on each line of the interface cable.
Functional characteristics: Indicate the meaning of a certain level of voltage appearing on a certain line.
Disciplinary features: specify the order of occurrence of various possible events for different functions.

2.1 Transmission media

The physical layer does not refer to a specific transmission medium. On the contrary, the physical layer hopes to shield the differences between different media as much as possible. These transmission media can be divided into the following two categories:

Guided transmission medium: The signal is guided to propagate along a solid medium, such as twisted pair, coaxial cable, and optical cable.
Unguided transmission media: Signals propagate in free space, such as shortwave communication and microwave communication.

2.2 Channel classification

Channel refers to the basic channel of information transmission, which can be divided into the following three categories:

Simplex channel: There can only be communication in one direction and no communication in the opposite direction;
Half-duplex channel: Both parties in communication can send information, but both parties cannot send or receive information at the same time.
Full-duplex channel: Both parties in communication can send and receive information at the same time.

2.3 Channel multiplexing

Channel multiplexing is the most commonly used technology in information transmission. It is used to improve the efficiency of information transmission. According to the different technologies used, it can be divided into the following categories:

  1. Frequency division multiplexing

Frequency Division Multiplexing (FDM, Frequency Division Multiplexing) is to divide the total bandwidth of the transmission channel into several sub-bands (or sub-channels), and each sub-channel transmits one signal:

2. Time division multiplexing

Time Division Multiplexing (TDM, Time Division Multiplexing) refers to the use of the same physical connection in different periods to transmit different signals:

as shown in the figure above, in a time division multiplexing frame, the signals of different users appear periodically, if a user In the idle state, the corresponding frame will also appear idle: in

order to solve this shortcoming of time division multiplexing, statistical time division multiplexing is produced.

  1. Statistical time division multiplexing

In Statistic TDM mode, each user sends the data to the input buffer of the concentrator, and then the concentrator performs sequential scanning and puts it into the STDM frame:

4. Wavelength division multiplexing

Wavelength Division Multiplexing (WDM, Wavelength Division Multiplexing) is the combination of two or more optical carrier signals of different wavelengths at the transmitting end through a multiplexer, and coupled to the same optical fiber for transmission on the optical line; At the end, the optical carriers of various wavelengths are separated by the demultiplexer, and then further processed by the optical demodulator to restore the original signal:

5. Code division multiplexing

Code Division Multiplexing (CDM, Code Division Multiplexing) is a multiplexing method that relies on different codes to distinguish each channel of original signals.

3. the data link layer

3.1 Basic functions

  1. Encapsulated into a frame

The data link layer splits the data transmitted from the network layer into multiple segments, and adds a header and a tail before and after each segment of data to form a completed frame. The frame is the basic data unit for link layer transmission. The header of the frame is represented by the control character SOH, and the end of the frame is represented by the control character EOT:

2. Transparent transmission

Transparent transmission means that no matter what kind of data should be able to be safely transmitted on the link. Since we use control characters to encapsulate frames, when control characters appear in the transmission data, it will be impossible to distinguish the frame header and the end of the frame correctly. At this time, the transfer character ESC is needed to escape:

3. Error detection

Since the communication links in the real environment are not ideal, errors may occur during the transmission of bits: 1 may become 0, and 0 may also become 1, which is called bit error. In a period of time, the ratio of transmitted error bits to the total number of transmitted bits is called the bit error rate. In order to solve this problem, the data link layer divides the data to be sent into multiple groups, and uses cyclic redundancy check (CRC, Cyclic Redundancy Check) technology to generate a redundancy check code for each group of data, and then divides each group of data It forms a frame together with its check code and then sends it out.

3.2 PPP protocol

Point to Point Protocol (PPP, Point to Point Protocol) is currently the most widely used data link layer protocol, mainly used to establish a point-to-point connection to transmit data units. It consists of the following three parts:

A method of encapsulating IP datagrams into a serial link;
Link Control Protocol (LCP): An extended link control protocol used to establish, configure, test, and manage data link connections.
Network Control Protocol (NCP): Negotiate the format and type of data packets transmitted on the link, and establish and configure different network layer protocols.

3.3 Mac address

MAC address (Media Access Control Address), literally translated as media access control address, is also called LAN address (LAN Address) or physical address (Physical Address). The MAC address is used to uniquely identify a network card in the network. If a device has multiple network cards, each network card will have a unique MAC address. The link layer uses the Mac address to identify the target node that needs to send data.

The MAC address is 48 bits (6 bytes), usually expressed as 12 hexadecimal numbers, and each two hexadecimal numbers are separated by colons, such as 08:00:20:0A:8C:6D, The first 3 bytes are the Organizationally Unique Identifier (OUI, Organizationally Unique Identifier), which is uniformly allocated to hardware manufacturers by the IEEE registry to ensure uniqueness on a global scale; the last 3 bytes are allocated by the manufacturers themselves.

3.4 Local area network

A local area network (LAN, Local Area Network) is a network that connects computers in a limited area such as houses, schools, laboratories, university campuses, or office buildings. According to the IEEE802 standard, the LAN system structure is divided into three layers, namely the physical layer, the media link control layer (MAC), and the logical link control layer (LLC). There are actually two layers. The standard splits the data link layer into more specific media link control layers and logical link control layers.

3.5 Ethernet

Ethernet is currently the most widely used local area network. Taking the commonly used Ethernet v2 standard as an example, its frame format is as follows:

The Mac Header records the destination Mac address and the source Mac address respectively.

4. the network layer

4.1 Internet Protocol IP

Internet Protocol (Internet Protocol) is the most important protocol in the network layer, and it is also one of the two core protocols of TCP\IP. All computer networks that need to be interconnected need to follow this protocol in order to be able to connect different networks around the world . The basic data unit transmitted at this layer is the IP datagram, the format of which is as follows:

the meaning of each field is as follows:

Version: occupies 4 digits and refers to the version of the IP protocol (IPv4 or IPv6).
Header length: occupies 4 digits, the largest decimal number that can be represented is 15.
Differentiated service: This field is only useful when using differentiated service, and it is not used under normal circumstances.
Total length: refers to the sum of header length and data length, in bytes. This field is 16 bits, so the maximum length of the datagram is 65535 bytes. Since the data link layer specifies the maximum length of the data field in a frame, MTU (Maximum Transfer Unit), taking Ethernet as an example, this The value is 1500, so when the length of the datagram exceeds the MTU, the data needs to be fragmented.
Identification: It occupies 16 bits and is maintained by a counter inside the IP software. Each time a datagram is generated, the counter is incremented by 1, which is used to reorganize the fragments with the same datagram identification into the original datagram when fragmentation occurs.
Flag: occupies 3 digits, currently only two are meaningful: the
lowest bit MF (More Fragment): when it is 1, it means there are more fragments, when it is 0, it means that the datagram fragment is the last one; the
middle bit DF (Don 't Fragment): It means that fragmentation is not allowed. Fragmentation is allowed only when it is set to 1.
Fragment Offset: It occupies 13 bits and identifies the offset position of the fragment in the original datagram.
Time to live: TTL, each time a router passes, its value will be reduced by 1, when the value is 0, the datagram will be discarded. This is done to prevent the datagram from being forwarded unrestrictedly on the network when the destination address of the datagram does not exist.
Protocol: occupies 8 bits, indicating the protocol used by the data carried in the datagram.
Header checksum: occupies 16 bits, it only checks the header of the datagram, not including the data part.
Source address: occupies 32 bits, the IP address of the data source;
destination address: occupies 32 bits, the IP address of the destination.

4.2 ARP protocol

The source and destination addresses in the IP datagram are both IP addresses, and the source and destination addresses in the data link layer frame are both Mac addresses, then how to obtain the Mac address based on the IP address? This requires the use of the ARP protocol. Each host in the Internet has an ARP cache table, which stores the mapping relationship between the IP address of each host and router in the local area network and the Mac address. An example is as follows:

Host name IP address MAC address
A 00-AA-00-62-D2-02
B 00-BB-00-62-C2-02
C 00-CC-00-62-C2- 02
D 00-DD-00-62-C2-02
E 00-EE-00-62-C2-02
You can also use arp -a to view your local ARP cache table.

After having the ARP table, the sending process of the frame in the data link layer is as follows:

Before host A sends data, it will first check whether there is a Mac address corresponding to the target IP in its ARP table. If there is, it will be encapsulated in a frame and sent;
if it is not found, host A will broadcast to the same All hosts in the network segment send out inquiries about the
IP address; the host corresponding to the IP address receives this message and replies the corresponding Mac address to host A in a unicast manner.

4.3 IP address classification

The IP address is assigned by ICANN (The Internet Corporation for Assigned Names and Numbers). It is a 32-bit identifier that is unique throughout the world. The earliest IP address uses a two-level classification. It is composed of network number + host number and is divided into the following five categories:

A, B, and C are the most commonly used types, and their category bits are 0, 10, and 110 respectively. It should be noted that not all IP addresses can be used for allocation, the restrictions are as follows:

Network number restrictions:

The IP address with the network number of all 0s is a reserved address, which represents "this network" (the network numbers of both types of addresses B and C start with 1, so there is no case of all 0s); the
network number is 127 (that is, 01111111). Reserve the address and use it as a loopback test (same as above, but this situation does not exist for the two types of addresses B and C);
Class B address (network number 10000000 00000000) cannot be used for allocation;
Class C address (network number 11000000 00000000) cannot be used for allocation;
host number restrictions:

A host number of all 0s means that the IP address is a single network address that this host is connected to. For example, the network address of the host with IP address is, and this address cannot be used for allocation;
a host number of all 1s means that this All hosts on the network can therefore not be assigned.
In summary, the IP addresses that can be assigned to each network type are as follows:

The maximum number of networks that can be assigned to the network category The first assignable network number The last assignable network number Maximum number of hosts per network
A 126 (27-2) 1 126 16 777 215 (224-2)
B 16 383 (214-1) 128.1 191.255 65 534 (216-2)
C 2 097 151 (221-1) 192.0.1 223.255.255 254 (28-2)
From this table, we can see that the flexibility of the two-level IP address is insufficient , And the utilization rate is low. Suppose your current company has 4 computer rooms (20 hosts in each computer room). For information security, the network of each computer room needs to be isolated from each other. You can only apply for 4 Class C addresses. At this time, the amount of IP you waste is (254-20)*4. To solve the problem of insufficient flexibility of the two-level IP address, a third-level IP address is created, that is, subnetting. At this time, you only need to apply for a Class C address, and then divide it into 4 subnets.

4.4 Divide subnets

The subnetting scheme was born in 1985. It borrowed several bits from the host number as the subnet number, thereby dividing the IP address into three levels: network number + subnet number + host number. Assuming that the network address is, use the subnet mask to divide it into subnets. At this time, it can be divided into four subnets:

Since the subnet is invisible to the outside, the subnet mask is needed to assist Routing, assuming the destination IP address is, if you want to reach this address correctly, you must first reach the network address correctly. The relationship between network address, subnet mask and host IP is as follows:

IP address: Binary IP address: 11000000.10101000.00001010.11000110
Subnet mask: Binary mask: 11111111.11111111.11111111.11100000
Network address: The result of bitwise logical AND operation is: 11000000.10101000.00001010.11000000
Copy Code
Modern Internet Standard Regulations: All networks must use a subnet mask, and the router's routing table must also include the subnet mask item. Because the routing table contains the IP address and subnet mask, the network address can be quickly calculated by bit arithmetic.

Finally, if a network does not have a subnet mask, its subnet mask will take the default value. The default masks for various IP addresses are as follows:

The binary value of the category subnet mask The decimal value of the subnet mask
A 11111111 00000000 00000000 00000000
B 11111111 11111111 00000000 00000000
C 11111111 11111111 11111111 00000000

4.5 Forming a supernet

Classless Inter-Domain Routing (CIDR) is an address classification method for assigning IP addresses to users and effectively routing IP datagrams on the Internet. It eliminates the traditional A, B, and C class addresses and the concept of subnetting, and uses two-level addressing without classification:

IP address::= {<network prefix>,<host number>}
Copy the code
and use the slash notation to indicate: = 10000000 00001110 00100011 00000111
At this time, it means that the first 20 bits are all network prefixes. The smallest address and the largest address in the address block where the address is located are:
decimal binary. The
smallest address 10000000 00001110 00100000 00000000
The maximum address 10000000 00001110 00101111 11111111
Each address block can be specified using the smallest address in the address block and the number of bits of the network prefix. For example, the above address block can be recorded as, or it can be abbreviated as/20 Address block. In order to make routing selection more convenient, CIDR uses a 32-bit address mask. The number after the slash also indicates the number of 1s in the address mask. For example, the address mask of the/20 address block is 11111111 11111111 11110000 00000000.

Since a CIDR address block can contain multiple addresses, the routing table uses the CIDR address block to find the target network. This kind of address aggregation is often called route aggregation, also known as supernet formation. Through route aggregation, the number of items in the routing table can be greatly reduced, thereby improving the overall performance of the network.

4.6 ICMP and IGMP

At the network layer, in addition to the IP protocol and ARP protocol described above, the following two protocols are most commonly used:

Internet Control Message Protocol (ICMP, Internet Control Message Protocol): In order to improve the delivery rate of IP datagrams, ICMP allows hosts or routers to report errors and provide exception reports to the sender so that the sender can compensate.
Internet Group Management Protocol (IGMP, Internet Group Management Protocol): is a communication protocol used to manage the members of an Internet protocol multicast group. IP hosts and neighboring routers can use IGMP to establish group members of multicast groups.

4.7 Private address

RFC 1918 specifies some private addresses (Private Address), these addresses can only be used for internal communication of an organization, but cannot be used to communicate with hosts on the Internet. All routers in the Internet will not forward datagrams whose destination address is a private address. The following are three dedicated address blocks: (or recorded as, also called 24-bit block); (or recorded as, also called 20-bit block); (or, also known as 16-bit block).
Because different organizations can use the same private address, it is also called a reusable address.

4.8 VPN

If an organization uses a private network composed of private addresses, but the departments of the organization are located in different and remote geographic locations, the public Internet can be used as the communication between the private networks within the organization. Communication carrier, such a private network is called a virtual private network (Virtual Private Network). At this time, data passing through the public Internet can be encrypted with the IPSec (IP Security) protocol to ensure security.

4.9 NAT

When the address obtained by a host is a private address, it cannot communicate with the external Internet. If you want to communicate with the external Internet, you can use NAT (Network Address Translation) technology to achieve. This method needs to install NAT software on the router connected to the Internet on the private network. The NAT router needs at least one valid global IP address. When a host using a private address communicates with the outside world, the NAT router will convert it to a global IP address. .

It can also be seen from the above principle that a router with n global IP addresses allows at most n hosts to access the Internet at the same time. In order to solve this problem, the commonly used NAT conversion table will also use the port number of the transport layer.

4.10 IPv6

As mentioned above, the length of IPv4 is 32 bits, so all the IP addresses that can be allocated are about 4.2 billion. By February 2011, all the addresses that can be allocated have been exhausted, so IPv6 was created. The length of IPv6 addresses is 128. Bit, expressed in hexadecimal.

5. the transport layer

The transport layer is responsible for providing communication services for the processes in the two hosts. It uses a 16-bit port number to identify the port. When the processes in the two computers want to communicate, in addition to knowing the IP address of the other party, they also need to know the other party. Port. This layer mainly has the following two protocols: User Datagram Protocol (UDP) and Transmission Control Protocol (TCP, Transmission Control Protocol):

5.1 UDP

The user datagram protocol UDP has the following characteristics:

UDP is connectionless;

UDP provides best-effort delivery services, but does not guarantee the reliability of delivery;

UDP is message-oriented;

UDP has no congestion control, so network congestion will not reduce the sending rate of the source host;

UDP supports one-to-one, one-to-many, many-to-one and many-to-many interactive communication;

The header overhead of UDP is relatively small, only 8 bytes, which is much smaller than the 20 bytes of TCP. The header consists of four fields, each of which has two bytes:

Source port number: used when the other party is required to reply, and can be represented by all 0s when not needed;
destination port number;
length: the total length of the UDP user datagram;
checksum: check whether the UDP user datagram is transmitted incorrectly, if If there is an error, discard it.

5.2 Introduction to TCP

The transmission control protocol TCP has the following characteristics:

TCP is connection-oriented;

TCP provides reliable delivery services;

TCP provides full-duplex communication, and both ends are equipped with buffers to temporarily store communication data;

Oriented to byte streams, where the stream refers to the sequence of bytes flowing into or out of the process;

Each TCP connection is uniquely determined by the two endpoints at both ends of the communication, namely:

TCP connection :: = {socket1, socket2} = {(IP1, port1), (IP2, port2)}
copy the code

5.3 TCP message header

Although TCP is byte-oriented, the basic data unit of its transmission is message segment. A TCP segment is divided into two parts, the header and data, the first 20 bytes of TCP header is fixed, behind the option 4n bytes are added as needed (n is an integer), the following format:

each field The meaning is as follows:

Source port and destination port: each occupies 2 bytes.

Serial number: occupies 4 bytes, the range of serial number is [0, 232-1 ], the serial number will return to 0 after increasing to 232-1. In a TCP connection, each byte in the transmitted byte stream must be numbered in sequence.

Acknowledgement number: occupies 4 bytes, indicating that it is expected to receive the sequence number of the first data byte of the next message segment from the other party. For example, B receives a message from A, the serial number value is 501, and the data length is 200 bytes (serial number 501 ~ 700). At this time, it indicates that B has correctly received the serial number 700 and all the data before it, so B is sending to A s The value of the confirmation number in the confirmation segment is 701.

Data offset: occupies 4 digits, and the maximum number that can be expressed is 15. The data offset indicates the starting position of the data in the datagram. Since the datagram is composed of header + data, it actually refers to the length of the header of the message segment. The unit of the data offset is a 32-bit word (that is, the unit is 4 bytes long), so the maximum length of the data offset is 60 (15*4) bytes, that is, the length of the header of the TCP segment cannot exceed 60 bytes , The length of the corresponding option cannot exceed 40 bytes.

Reserved: occupies 6 bits, reserved for future use, should be set to 0 at present.

6.control bits: their functions are as follows:

Urgent URG (URGent): When the value is 1, it indicates that the urgent pointer field is valid, which means that there is urgent data in this message and should be transmitted as soon as possible, without the need to transmit in the original queuing order.
Acknowledgment ACK (ACKnowledgment): When the value is 1, the acknowledgment number is valid; when the value is 0, the acknowledgment number is invalid. TCP stipulates that ACK must be set to 1 in all message segments transmitted after the connection is established.
Push PSH (Push): When the value is 1, it means that the recipient should deliver the data to the application process immediately instead of waiting for the cache to fill up and then deliver it upwards.
Reset RST (Reset): When the value is 1, it indicates that the TCP connection has a serious error and must be released immediately, and then the connection is re-established; it can also be used to reject an illegal segment or open a connection.
Synchronization SYN (SYNchronization): Used to synchronize the serial number when the connection is established. When SYN = 1 and ACK = 0, it indicates that this is a connection request segment; if the other party agrees to establish a connection, SYN = 1 and ACK = 1 should be set in the response segment.
Terminate FIN (FINis): When the value is 1, it indicates that the data of the sender of this segment has been sent, and the connection is required to be released.
Window: occupies 2 bytes, and the value range is an integer between [0, 216-1 ]. The window field keeps changing dynamically and is used to indicate the amount of data that the receiver allows the sender to send.

Checksum: occupies 2 bytes, the range of fields to be checked includes header and data.

Urgent pointer: It occupies 2 bytes and is meaningful only when URG = 1. It is used to indicate the end position of the urgent data. The normal data is located after the end position.

Options: Variable length, up to 40 bytes. The available options are: maximum segment length, window expansion options, timestamp options, etc.

5.4 Three-way handshake

The process of TCP connection establishment is called handshake. The handshake requires the exchange of three TCP message segments between the client and the server. The details are as follows:

Server process B first creates the transmission control module TCB, and then enters the LISTEN state, ready to accept the client's connection request;

The client process A first creates the transmission control module TCB, and then sends a connection request segment. At this time, the synchronization bit SYN = 1, and at the same time selects an initial sequence number seq = x, and then enters the SYN-SENT (synchronized sent) state;

After B receives the connection request segment, if it agrees to establish the connection, it sends the confirmation segment. At this time, SYN and ACK are both set to 1, the confirmation number ack = x + 1 and chooses an initial sequence number seq = y for itself , And then enter the SYN-RCVD (synchronously received) state;

After A receives the confirmation from B, it sends the final confirmation. The ACK of the confirmation segment is 1, the confirmation number ack = y + 1, and the sequence number seq = x + 1. The TCP standard stipulates that the ACK segment may or may not carry data. If it does not carry, the sequence number will not be consumed. The sequence number of the next data segment is still seq = x + 1. Then A enters the ESTABLISHED (connected) state;

When B receives A's confirmation, it also enters the ESTABLISHED state.

5.5 4.waves

After the data transmission is over, both parties in the communication can release the connection. The specific process is as follows:

Assume that application process A first actively closes the connection, and then it needs to send a connection release segment: the first termination control bit FIN is 1, the sequence number seq = u, where u is equal to the sequence number of the last byte of the previously transmitted data plus 1. After that, A enters the FIN-WAIT-1 (termination waiting 1) state;

The application process B sends an acknowledgement immediately after receiving the connection release segment. The acknowledgement number ack = u + 1, the sequence number seq = v, where v is equal to the sequence number of the last byte of the previously transmitted data plus 1. After that, B enters the CLOSE-WAIT (close waiting) state and informs the high-level application process. At this time, the TCP connection is in a half-closed state, that is, A has no data to send, but if B sends data, A still has to receive;

After A receives the confirmation from B, it enters the FIN-WAIT-2 (termination waiting 2) state, and waits for B to send a connection release segment;

If the high-level application process has no data to send, notify B to release the TCP connection. At this time, B sends a release connection segment: the first termination control bit FIN is 1, the sequence number seq = w (in the semi-closed state, B may send some more data), and it needs to repeat the confirmation number ack that has been sent last time. = u + 1. Then B enters the LAST-ACK (last confirmation) state;

After A receives the connection release segment of B, it sends a final confirmation: ACK is 1, confirmation number ack = w + 1, sequence number seq = u + 1, and then enters the TIME-WAIT (waiting with time limit) state;

B enters the CLOSED state after receiving the final confirmation from A;

A After 2 times the MSL (Maximum Segment Lifetime), it enters the CLOSED state.

RFC 793 recommends that MSL be set to 2 minutes. The current network environment has been improved, and this value can be shortened as needed. The reason why A has to wait for twice the MSL time before entering the CLOSED state is mainly based on the following two reasons:

In order to ensure that the last ACK segment sent by A can reach B. If B does not receive the final acknowledgment, it will retransmit the FIN+ACK segment over time. A will respond to the segment within the 2MSL waiting time and retransmit the final acknowledgment;
ensure all segments generated in this connection All disappear from the network, thereby ensuring that the old connection request message segment will not appear in the next new connection.

5.6 Principles of reliable transmission

  1. Stop waiting for agreement

To achieve reliable transmission, the most basic one can use the stop-and-wait protocol: stop sending every time a data unit is sent, and wait for the other party's confirmation.

Two problems are faced at this time:

If there is a loss in the process of sending data from A to B, B cannot receive the data at this time, and naturally will not return the confirmation, then the program will wait forever;
if there is a loss in the process of sending the confirmation to A or there is a lot of time. It takes a long time to reach A, so the program will continue to wait.
For the first problem, the solution is to perform timeout retransmission if the confirmation is not received within a given time: For

the second problem, the solution is still timeout retransmission, which is specifically broken down into the following two cases :

If B receives M1, only the returned acknowledgment is lost. When the retransmission expires, B needs to discard the repeated M1;

If B s return confirmation is not lost, it arrives at A only after the retransmission time has passed. At this time, A may receive two confirmations, one is the confirmation of the supplementary transmission, and the other is the original confirmation of the delayed arrival, and A needs to be discarded Delay arrival confirmation without any processing:

In the basic stop-and-wait protocol, only one data unit is sent at a time. At this time, the channel utilization is very low. In order to solve this problem, pipeline transmission can be used to send multiple data units at a time. :

When using pipeline transmission, in order to ensure reliability, the continuous ARQ protocol and the sliding window protocol need to be used together.

  1. Continuous ARQ protocol

Continuous ARQ (Automatic Repeat reQuest) protocol means that the sender maintains a certain size of the sending window, all packets in the sending window can be sent out continuously, without waiting for the other party's confirmation in the middle, the sender will receive a confirmation every time Just slide the sending window forward by one group position:

usually the receiver generally adopts a cumulative confirmation method. At this time, the receiver does not have to send an acknowledgement to the received packets one by one, but after receiving several packets, it sends an acknowledgment to the last packet that arrived in sequence, which means: this packet and all previous packets have arrived correctly .

5.7 TCP reliable transmission

TCP sliding window in bytes, and calculates the retransmission timeout period RTO (Retransmission Time Out) by the following method:
the RTO + = RTT_S. 4 RTT_D
duplicated code
wherein RTTS represents the weighted average round-trip time, is calculated as follows:

New RTT_S = (1- ) old RTT_S + new RTT value
Copy code
RTT (Round Trip Time) represents the round trip time of a message segment, it records a message segment from sending out to receiving confirmation Length of time: In
the first measurement, the value of RTTS is equal to the value of RTT, and the following RTTS is calculated using the above formula;
where 0 <1, RFC 6298 recommends its value to be 0.125.
RTTD is the weighted average of RTT deviations, calculated as follows:

New RTT_D = (1- ) old RTT_D + |RTT_S-new RTT value|
Copy code When
the first measurement is performed, the value of RTTD is equal to half of the value of RTT, and the following RTTD uses the above formula Calculate;
value is a coefficient less than 1, RFC 6298 recommends its value to be 0.25.

5.8 Flow control

Flow control refers to controlling the sending rate of the sender so that the receiver can receive it in time. Suppose A sends data to B. When the connection is established, B will tell A the size of its receive window (rwnd, receiver window), and A needs to ensure that the size of the sending window cannot exceed the size of the B receiving window. This mechanism can be used To achieve flow control on the sender.

5.9 Congestion Control

Network congestion (congestion) refers to the situation where the amount of data transmitted exceeds the capacity of the node, which results in a decrease in transmission capacity. Congestion control is to prevent too much data from being injected into the network to cause router and link overload. TCP uses four algorithms for congestion control: slow start, congestion avoidance, fast retransmit, and fast recovery:

  1. Slow start

Slow start and congestion avoidance are both window-based congestion control: the sender will maintain a state variable called the congestion window cwnd (congestion window), the value of which depends on the degree of network congestion, and will dynamically change, and the sender will let Your own sending window is equal to the congestion window.

The idea of slow start is as follows: because the load capacity of the network is not known, the best choice is to gradually detect, that is, to double the sending window from small to large, that is, to double the congestion from small to large The value of the window.

  1. Congestion avoidance

The idea of the congestion avoidance algorithm is to make the congestion window cwnd slowly increase: each time a round-trip time RTT passes, the sender s congestion window cwnd is increased by 1, instead of doubling as in the slow start phase. Slow start and congestion avoidance are usually used in conjunction to ensure the start speed. At first, slow start is used for multiplication. When a certain threshold ssthresh is reached, congestion avoidance is used for steady attempts:

3. Fast retransmission and fast recovery

The fast retransmission algorithm requires the receiver not to wait for the piggyback confirmation when it sends the data, but to send the confirmation immediately, even if the out-of-sequence segment is received, it must immediately send a repeated confirmation of the received segment. An example is as follows:

as shown in the figure above, when M3 is lost, all subsequent M4, M5, and M6 are sent to receive repeated confirmations for M2. At this time, the sender can know that M3 has been lost and needs to be retransmitted immediately. Since only individual packets are lost at this time, rather than network congestion, perform quick recovery: the sender adjusts ssthresh = cwnd/2, and sets cwnd = ssthresh = 8 (point 5 in the figure), and starts to execute the congestion avoidance algorithm .

6. application layer

6.1 Domain Name System DNS

At present, we all use easy-to-understand domain names to access Internet applications, but the transport layer requires IP addresses, so we need to use the Domain Name System (DNS, Domain Name System) to convert between domain names and IP addresses.

Domain name is a logical concept, divided into multi-level domain names, the most basic of which is the root domain name, followed by the top-level domain name. The top-level domain name is divided into four categories:

National top-level domain name nTLD: For example, cn means China, us means the United States;
gTLD: For example, com means company, org means non-profit organization, net means network service organization;
Infrastructure domain name: also known as reverse domain name, used For reverse domain name resolution, the top-level domain name has only one arpa; the
new top-level domain name New gTLD: The ICANN agency approved the new top-level domain name on June 20, 2011, allowing any company or organization that meets the conditions to apply.

6.2 File Transfer Protocol FTP

File Transfer Protocol (FTP, File Transfer Protocol) is a set of standard protocols for file transfer on the network, allowing customers to specify the type and format of files, and obtain file storage permissions. The FTP server process consists of two parts:

A master process: responsible for receiving new requests;
several slave processes: responsible for processing a single request.
Therefore, one FTP server process can provide services for multiple client processes at the same time.

6.3 Remote terminal protocol TELNET

Telnet protocol is the standard protocol and main method of Internet remote login service. It provides users with the ability to access remote hosts on the local computer. Telnet can transmit the user's keystrokes to the remote host, and it can also return the output of the remote host to the user's screen through a TCP connection. This service is transparent. The user feels that the keyboard and display are directly connected to the remote host. Therefore Telnet is also called terminal emulation protocol.

6.4 World Wide Web WWW

The World Wide Web is a distributed hypermedia system, which is an extension of the hypertext system. It contains the following important concepts:

  1. Uniform Resource Locator URL

Used to locate the location of resources on the Internet and the method of accessing these resources, the format is as follows:
copy code
2. Hypertext transfer protocol HTTP

The HTTP protocol defines how the browser requests a document from the World Wide Web and how the server transmits the document to the browser.

  1. Hypertext Markup Language HTML

Hypertext Markup Language HTML is an identifying language, including a series of tags, these tags can be used to describe text, graphics, animation, sound, tables, links and other types of resources, and can unify the format of network documents .

6.5 Dynamic Host Configuration Protocol DHCP

Usually the protocol software of the computer connected to the Internet needs to be configured with multiple items, such as IP address, subnet mask, IP address of the default router and IP address of the domain name server, etc. In order to save the trouble of configuration, the Internet is now commonly used Dynamic Host Configuration Protocol (DHCP), which provides a plug-and-play networking mechanism. At this point, you only need to use the default configuration, as shown below:

At this time, the host that needs to connect to the network will broadcast a discovery message (DHCP DISCOVER) when it starts, and its destination address is (ie, restricted broadcast address) At this time, all hosts on the local network can receive this broadcast message, but only the DHCP server will respond to this broadcast by providing a message (DHCP OFFER). The DHCP server first searches its database for the configuration information of the computer, and if it finds it, it returns directly; if it cannot find it, it takes an address from the server's IP address pool and assigns it to the computer.

Usually not every network has a DHCP server, but every network has at least one DHCP relay agent (usually a router), which is configured with the IP address information of the DHCP server. When the DHCP relay agent receives the discovery message from host A, it forwards it to the DHCP server in a unicast manner; and waits for its reply before forwarding it back to host A.

The IP address assigned by the DHCP server to the DHCP client is temporary and can only be used within a period of time. This time is called the lease period and is set by the DHCP server.