Analysis of data transmission process in network

We use the Internet every day, how is the data on our computer transmitted over the Internet to another computer? Write your own understanding, there may be a lot of details have not been able to clear! Hope in the future can make it more perfect! Please correct me in the wrong place.
We know that the TCP/IP protocol currently used in the Internet is based on the OSI (open System interconnect) seven-layer reference model, (although not fully compliant) from top to bottom respectively for the application layer presentation layer of the Session Layer Network Layer Data link layer and physical layer. The data link layer is divided into two sub-layers are the logical link Control layer (logic link CONTROL,LLC) and the Media access control layer (media access Control,mac) that is the usual MAC layer. The LLC initializes the links in two nodes to prevent the connection from being interrupted and to maintain reliable communication. The MAC layer is used to verify the address information contained within each frame. The following will be analyzed. Also understand that a little router is in the network layer, while the NIC is in the data link layer.
As we know, ARP (address Resolution Protocol) is treated as the underlying protocol for the conversion of IP addresses to physical addresses. In Ethernet, all access to the IP is eventually converted to access to the MAC address of the network card. If host A's ARP list, to Host B's IP address and the MAC address is not correct, from A to B packets will be sent to the wrong MAC address, of course, not smooth to B, the result is a and B can not communicate at all.
First we analyze the situation in the same network segment. Assuming that two computers named A and b,a need to send data to B, a host first takes the IP address of target device B and its subnet mask "and" to determine if the target device is in the same network segment as itself. If the target device is within the same network segment and A does not obtain the MAC address information corresponding to the IP address of target device B, the source device (a) sends the ARP Request message in the form of a second broadcast (the target MAC address is full 1). The IP address of the source device (A) and the target device (B) are included in the ARP request message. All other devices in the same network segment can receive and analyze this ARP request message, if a device discovers that the destination IP address in the message is the same as its own IP address, it sends back an ARP response message to the source device, which enables the source device to obtain the MAC address information of the target device. To reduce the amount of broadcast, the network device stores the IP and MAC address mapping information in the cache through the ARP table. During the request and response of an ARP, the correspondence between each other's MAC address and IP address is stored in the respective ARP table for use in subsequent communication. The ARP table uses an aging mechanism to remove the mapping between IP and MAC addresses that have not been used for a period of time. One of the most basic network topologies:

If you want to go through the switch in the middle, according to the principle of the switch, it is to send data directly to the appropriate port, then you must maintain a database, including all the ports connected to the MAC address of the network card. It analyzes the packet header information (including the original MAC address, the target MAC address, the length of information, etc.), obtains the MAC address of the target B, looks for the address comparison table stored in the switch, (the MAC address corresponding port), Ethernet Verify that the NIC with this MAC address is connected to the port, and then send the packet to the corresponding port and send it to destination Host B accordingly. This way, even if a host steals the IP address, he does not receive the packet because he does not have the MAC address.
Now we discuss two hosts that are not in the same network segment, assuming that the packet PAC is sent from the host pc-a to the PC-C host in the network, as shown in:
Router a =================== router b
| INTERNET |
| |
Switch a switch b
|                                                    |    | |
|                                                    |    | |
Pc-a pc-b pc-c pc-d

Pc-a does not need to obtain the MAC address of the remote host (PC-C), but instead sends the IP packet to the default gateway, which is grouped by the gateway IP to complete the forwarding process. If the source host (PC-A) does not have a cache record of the default gateway MAC address, it obtains the MAC address of the gateway through the ARP protocol, so only the MAC address record of the gateway is observed in the ARP table of a, and the MAC address of the remote host is not observed. In Ethernet (Ethernet), one network device communicates directly with another network device, in addition to knowing the network layer logical address of the target device (such as an IP address), and the second physical address (MAC address) of the target device. The basic function of the ARP protocol is to check the MAC address of the target device through the IP address of the target device, so as to ensure the smooth communication.
Packet transmission in the network is a complex process, but a very simple situation, there is no excessive intermediate nodes, in fact, the reality is only more complex than this, but the general principle is consistent.
(1) Pc-a to send packets to pc-c, if Pc-a does not have pc-c IP address, then pc-a first to issue a DNS request, router A or DNS resolution server will give pc-a to respond to pc-c IP address, This pc-a the IP address information about the third layer of the packet: source IP address: pc-a, Destination IP address: pc-c.
(2) Next pc-a to know how to get to Pc-c, then, Pc-a will send an ARP address resolution request, send this address resolution request, not to get the target host Pc-c MAC address, but send the request to router A, Then the MAC address in router A will be sent to the source host pc-a, so that the second layer of PC-A packet information is also full, the source MAC address: Pc-a MAC address, the destination MAC address: Router A's MAC address,
(3) Then the data will reach switch A, switch A to see the second layer destination MAC address of the packet, is to go to router A, the packet is sent to router A, router a receives the packet, first view the packet's third IP destination address, if there is a route to pc-c in its own routing table, Description This is a routable packet.
(4) The router then carries out the IP reorganization and grouping process. First replace this packet's second header information, router Pc-a arrives pc-c to pass a WAN, here will encapsulate many WAN related protocols. Its role is also to find the next stage of information. At the same time, the second and third layer of packet re-check. Send data over the Internet. Finally, many nodes are sent to the target host Pc_c.
Now we think of a problem, pc-a and Pc-c MAC address if it is the same, will not affect the normal communication it! The answer is not affected, because the two hosts in the local area network is separated by the WAN, through the analysis of the contract process can be seen, there will be no problem. If you are in the same local area network, then there will be confusion of communication. When the data is sent to the switch, this is the port information that will have two identical MAC addresses, and the data will be sent to two hosts, so the information will be confusing. So this is also a reason to guarantee the uniqueness of the MAC address.
Knowledge Supplement:
(1) The meaning of the gateway: is to say such a device: if the host to the contract, it is sent to this device. This means that the device has a routing function or a path to the external network.
In a real network, a gateway is typically served by a router or server.
(2) ARP (address Resolution Protocol) is a protocol for addressing resolution, and ARP is a protocol that translates IP addresses into physical addresses. There are two ways to map from IP addresses to physical addresses: tabular and non-tabular. ARP specifically resolves the network layer (the IP layer, which is equivalent to the third layer of the OSI), to the MAC address of the data connection layer (the MAC layer, which is the second layer of the OSI). The ARP protocol obtains the MAC address through an IP address.
(3) The reason why a unique MAC address is required on the network: (a) The allocation of IP addresses is based on the topology of the network, not on who created the network settings. It is not feasible to build efficient routing schemes on the basis of equipment manufacturers rather than on the topological locations where the network is located. (b) The device is easier to move and repair when there is an additional layer of address addressing. For example, if an Ethernet card is broken, it can be replaced without having to obtain a new IP address. If an IP host moves from one network to another, it can give it a new IP address without having to change a new network card. (c) Communication between computers on a local area network or in a wide-area network ultimately manifests itself as starting from the initial node on some form of link, passing from one node to another and eventually to the destination node. The movement of packets between these nodes is done by ARP, which is responsible for mapping IP addresses to MAC addresses.
(4) Identify a computer in the network, generally at least three methods, the most commonly used is the domain name address, IP address and MAC address, respectively, corresponding to the application layer, network layer, physical layer. Network management is generally in the network layer for the IP address management, but because the IP address of a computer can be set by the user, management is relatively difficult, MAC address is generally not changed, so the IP address and MAC address combination of management becomes a common management mode.
The main differences between switches and routers:
(1), the working level of the two different
The initial switch is the data link layer that works in the OSI/RM open architecture, which is the second tier, and the router is designed to work at the network layer of the OSI model at the outset. Since the switch works in the second layer of the OSI (data link layer), it works relatively simple, and the router works in the third layer of the OSI (Network layer), can get more protocol information, the router can make a more intelligent forwarding decision.
(2) The different objects on which the two are forwarded
A switch uses a physical address or MAC address to determine the destination address of the forwarded data. The router uses the ID number (i.e. IP address) of the different network to determine the address of the data forwarding. IP addresses are implemented in software, describing the network where the device resides, and sometimes these third-tier addresses are referred to as protocol addresses or network addresses. MAC addresses are usually hardware-brought, distributed by the manufacturer of the network card, and have been cured to the network card, which is generally non-changing. The IP address is usually assigned automatically by the network administrator or the system.
(3), the traditional switch can only split the conflict domain, cannot split the broadcast domain, and the router can split the broadcast domain
Network segments connected by switches still belong to the same broadcast domain, and broadcast packets propagate across all network segments connected to the switch, and in some cases lead to traffic congestion and security vulnerabilities. Network segments connected to routers are assigned to different broadcast domains, and broadcast data does not pass through the router. Although the third layer above the switch has the VLAN function, may also divide the broadcast domain, but each sub-broadcast domain is unable to communicate the communication, the communication between them still needs the router.
(4) The router provides the service of the firewall, and the switch does not
The router only forwards packets of a specific address, and does not transmit packets that do not support routing protocols and the transmission of unknown destination network packets, which can prevent broadcast storms.
Security issues with MAC addresses:
In order to prevent the IP address from being compromised, through a simple switch port binding (the Port's MAC table using static table entries), can be in each switch port only one host to prevent the modification of the MAC address misappropriation, if the three-tier device can also provide: switch port/ip/mac three bindings, Prevent Mac IP theft from being modified. General-bound MAC addresses are configured on switches and routers.

Transferred from: http://blog.csdn.net/zqk_2009/article/details/6336516

Analysis of data transmission process in network