TCP/IP Protocol II

Over the past few days, I have been browsing the TCP/IP protocol stated vol1 (hereinafter referred to as distributed strated) and internetworking with TCPIP vol1. I found that many key knowledge points I have learned are almost forgotten, I was a little surprised at my forgetting speed. So I recorded some points of interest.

Hope you can do it and learn new things in a gentle manner.

These protocols may be more important:

1. TCP is the most important and complex. Many ideas are very subtle.

2. The importance of IP is second only to that of TCP

3. SNMP points of interest. At that time, I felt super difficult, and now I feel very simple.

4. Check the basic ARP, Rip, and OSPF items, such as 5.udp, FTP, and ICMP.

Random record, where you can view it, and where you want to write it. In addition, some may be wrong, because some of them are personal understandings.

Just to learn.

1. IP

Stored stated uses the following words to describe: unreliable, connectionless dataindelivery service.

Translation: unreliable, connectionless datagram Service

Illustated explains unreliable and connectionless respectively.

But I didn't explain the datagram service. I remember that Xie xiiren's book had a detailed comparison with the virtual circuit and backed it several times.

Unreliable: Best Effort Service, no guarantee

Connecionless: status information is not maintained

2. Why is TCP connected three times? Why not twice?

(This part is taken from the Internet. I remember thinking about this problem carefully before, but now I forget it. When my brain is awake, think about establishing connections three times and releasing them four times.) We know, the three handshakes are used to complete two important functions. Both parties must prepare for sending data (both parties know that each other is ready) and allow both parties to negotiate on the initial serial number, the serial number is sent and confirmed during the handshake. Now, only two handshakes are needed to change the three-way handshake. A deadlock may occur. For example, considering the communication between computer A and computer B, assume that B sends a connection request group to a, and a receives the group and sends a confirmation Response Group. According to the two handshakes, A considers that the connection has been successfully established and can start sending data groups. However, if B is lost in a's Response Group during transmission, it will not know whether a is ready or what serial number a recommends, B even doubts whether a has received its own connection request group. In this case, B considers that the connection has not been established successfully, and ignores any data groups sent by a and only waits for the connection to confirm the response group. When a times out, the same group is repeatedly sent. In this way, a deadlock occurs.

3. Role of the tcp ttl field: Wahaha. I was previously asked by the teacher about tcpip. I have a deep memory. Simply put, it is to prevent endless loops. For example, when a router is paralyzed or the connection between two routers is lost, the routing protocol sometimes detects the lost route and keeps going. During this period, the datagram may be terminated in the loop. The TTL field is used to add a survival limit to these cyclic data packets.

4. notes for traceroute (see the Chinese version of TCPIP): 1. there is no guarantee that the current route is also the route to be used in the future. Even two consecutive I p data packets may use different routes. If the route changes when the program is running, this change is observed because the traceroute program prints a new IP address for a given TTL. Second, it cannot be ensured that the ICMP packet routing is the same as the UDP datagram sent by the traceroute program. This indicates that the printed round-trip time may not really reflect the time difference between the time when the datagram is sent and returned (if the UDP datagram time from the source to the router is 1 second, when an ICMP packet uses another route to return the source for 3 seconds, the printed round-trip time is 4 seconds ). Third, the source I p address in the returned ICMP packet is the I P address of the router interface that the U D p datagram arrives. This is different from the I p record routing option (section 7.3). The recorded I P address refers to the sending interface address. Because each defined router has two or more interfaces, running the traceroute program from host a to host B may have different results than running the traceroute program from host B to host.

5. TCP Timer: Four, retransmission timer, keep alive timer, persistence timer and time Wait Timer

The timeout value must be set for the retransmission timer packet loss.

Keep alive Timer: checks whether the TCP connection is valid after a period of time.

Stick to the Timer: 0 window size notification in traffic control

Time wait Timer: disconnect

6. When an ICMP error message is responded, it will never generate another ICMP error message, why? The reason is the same as above to avoid endless loops: without this restriction rule, you may encounter another error, and errors may occur again, which leads to endless loops. In addition, in the case of congestion, the error message itself will aggravate network congestion. PS: An ICMP packet uses an IP address to send data, but does not regard it as a high-level protocol. It is a necessary part of an IP address. The reason for transmitting ICMP packets using IP addresses is that it may take several physical networks to reach its destination. Therefore, you cannot only use physical transmission to deliver ICMP packets.

7. Cause of ICMP Introduction: the IP address does not provide error information, there is an error in the network, and the IP address does not provide reliability assurance.

8. TCP congestion control policy: slow start and decreasing acceleration. When a packet is lost, the congestion window size is halved immediately. For data in the sending window, the retransmission timer time limit is doubled. When a new connection or congestion increases the communication volume, only one packet segment is used as the initial value of the congestion window. When a confirmation is received, the congestion window is added with 1. Tail discard and random early discard: tail discard may cause global synchronization. The continuous data comes from different sites. The tail discard policy may cause the router to discard a packet segment from N connections, which will make the n tcp instances enter the slow start status at the same time. Red will avoid this situation.

By the way, paste the following two connections:

Http://hi.baidu.com/layer7/blog/item/cb1243166bd6f11c962b430f.html

Http://hi.baidu.com/layer7/blog/item/b140a79bdef70db1c8eaf422.html