Structure and Operating Principle of TCP/IP protocol

The structure and operation principle of TCP/IP Protocol Background: www.2cto.com TCP/IP model is successful, and its design has been able to withstand years of training. However, the TCP/IP protocol family is a complicated model. To fully understand it, we recommend that you use the global and local release method. This article tries to understand the full picture of TCP/IP from the perspective of application, and explains it with examples. The purpose of this article is to consolidate your knowledge in this area and serve as the basis for in-depth TCP/IP protocol families. Content of this article: 1. the TCP/IP protocol family is literally understood. The TCP/IP protocol family only has the TCP and IP protocols. The real name is Internet Protocol Suite ). Like a large software, it can be divided into four layers: application layer, transmission layer, network layer, and link layer. The functions and objectives of each layer are different, and the service protocols at each layer are not different. From the above perspective: Application Layer (generated | used data) Protocols: FTP, HTTP, SNMP (Network Management), SMTP (Email) and other common protocols; responsibilities: the application layer protocol is used to send user application data, for example, FTP is used to send files, SMTP is used to send emails, and system calls are sent to the transport layer for processing. Transport Layer (send | receive data) Protocol: TCP (with connections), UDP (without connections); Responsibilities: establish connections and send data separately; release connection, data reorganization, or error handling. Network Layer (group | route data) Protocols: IP, ICMP (Control Packet protocol), and IGMP (Group Management Protocol); Responsibility: responsible for data routing, that is, the router to which data is sent. Link Layer (send by bit | receive data) www.2cto.com Protocol: ethernet card device driver, Token card driver, ARP, RARP, etc.; Responsibilities: responsible for transmitting and verifying binary user data. From the reliability perspective, the differences between layers: the network layer IP protocol is unreliable. Therefore, if the above layer does not have any special processing, it will also be unreliable. Therefore, the transport layer's TCP protocol makes up for this gap and provides a connection and verifiable data transmission service. Data can be encrypted at the application layer, enhancing the security of data transmission, such as https. The link layer can verify the data. Differences between different layers in the running process state: the application layer runs in the user program process, and the attribute user State; the other layers run in the system kernel process, which is the core State; differences between different layers: the transport layer is end-to-end communication, that is, communication between processes, such as two TCP processes. The network layer is point-to-point communication, that is to say, it processes logical connections between machines. From the perspective of transmission data units, the difference is that TCP or UDP packet segments are formed on the transport layer, IP datagram is formed on the network layer, and Frame is formed on the data link layer ). Differences between layers in addressing mode: IP addresses are used at the network layer, and MAC addresses are used at the link layer. Note: ICMP: IP addresses are used to send error messages, which can also be directly called by the application layer. IGMP: used for Multicast (Multicast). For example, UDP can use multicast IP addresses to send data packets to multiple target hosts. ARP & RARP: the user switches between the IP address and the MAC address. 2. the TCP/IP model has five types of IP addresses: Class A: 0. 0. 0. 0--127.255.255.255 (unicast) Class B: 128.0.0.0 -- 191.255.255.255 (unicast) Class C: 192.0.0.0 -- 223.255.255.255.255 (unicast) Class D: 224.0.0.0 -- 239.255.255.255 (multicasting) Class E: 240.0.0.0 -- 247.255.255.255 (to be used) additional Class: 255.255.255.255.255.255 (Transport Layer UDP broadcast) MAC address: the MAC address of each Nic is unique and unchangeable in the world. Computer Communication actually relies on the MAC address, instead of IP addresses, see the following annotations. The port name in the hardware is the interface, which is the same as that in the NIC. In the software concept, it can be understood as a data structure data buffer. Ports can be divided into: well-known port: 0001--1023 (for example, FTP 20, TCP 21, UDP 69) Temporary port: 1024--5000 reserved port: 5000--65535 suppose your application needs a port, it is generally allocated from a temporary port, which is valid only when the application is running. Therefore, it is called a temporary port. The transport layer can bind the process to the port. When data arrives, it knows which process buffer should be sent. Note: What is the difference between an IP address and a MAC address? The IP address is based on the network topology and is dynamically changeable. The MAC address is determined by the NIC vendor and is unchangeable and unique for life. Assume that the application layer uses the MAC address to transmit data, it is not flexible because it cannot be changed. Therefore, the application layer uses IP addressing. However, the hardware must use MAC to find the machine. Therefore, ARP and RARP are introduced to query and convert the two addresses. 3. TCP/IP Case Study: users on the Left can use the FTP client to connect to the FTP server on the right to upload files. Data is stored in the form of a class Stack. when the data is stored on the target machine, the underlying data is obtained first, from the bottom to the top, in line with the features of the stack. Step 1: Prepare data files at the application layer, call the Windows API to notify the transport layer to establish a TCP connection, and add the transport layer to the TCP Header, which contains the identifier that identifies the application layer protocol-port 21. Step 2: the network layer receives TCP packets from the transport layer. Because the IP protocol can receive data from ICMP (1), IGMP (2), TCP (6), and UDP (17, it requires an identification domain to indicate the data sent from that protocol. This data field is added to the IP address header. In addition, the IP address is assigned. Step 3: After the data link layer receives data from the network layer, and the identification domain indicates that the data is from IP, ARP, or RARP. Then, add the MAC address to send it out. Step 4: send the data to the network adapter. During the process of sending the data, ARP uses the target IP address to find the nearest vromac MAC address, then sends the packet to it, and then finds a vro, finally, the data packet is sent to the NIC of the right machine. Step 5: This is an IP data packet based on the ID domain of the packet header, which is split using the IP protocol. Step 6: the packet header identifies a TCP packet and uses the TCP protocol to unpack the packet. Step 7: Based on the port number of the packet header, data is directly sent to the corresponding buffer in the application layer. The application is responsible for parsing data packets and processing the corresponding business logic. Annotation: RFC (Request for Comment): All official Internet standards are published in the form of RFC documents. Protocol documentation: RFC 1122 is the link layer, network layer, and transmission layer documentation; RFC 1123 is the application layer documentation; RFC 1600 is the standardization of various Internet protocols.