This article is reproduced from: http://blog.sina.com.cn/s/blog_5ec353710101i892.html did a little tidying up.
The TCP/IP reference model is a very basic and also very important basic framework, this document through a simple example, combined with a reference model to analyze the basic process of packet flow.
The network environment is very simple, as shown, we now analyze the PC to access Web Server Web services, how the entire data communication process occurs, in order to simplify the description (we temporarily ignore the DNS, ARP, frame check and so on the work of the mechanism of the details) only consider a more macro-level.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/78/44/wKiom1Z5BVXjZ7x7AABRNE4QLwE399.png "style=" float: none; "title=" 001.png "alt=" Wkiom1z5bvxjz7x7aabrne4qlwe399.png "/>
Analyze the data transfer process using the TCP/IP Reference Model:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/78/43/wKioL1Z5BWaSADhdAAAxgqzCz3g373.png "style=" float: none; "title=" 002.png "alt=" Wkiol1z5bwasadhdaaaxgqzcz3g373.png "/>
1). The Web service that the PC accesses to the Web server is actually the HTTP service that accesses the Web server. This process for people, is to enter the Web Server "IP address" or "Domain name" in the browser of the PC, this behavior at the application level of the PC will trigger the local HTTP process to produce some data, we call this data, it is HTTP payload.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/78/44/wKiom1Z5BVXg-T1aAABEGAkR6bI848.png "style=" float: none; "title=" 003.png "alt=" Wkiom1z5bvxg-t1aaabegakr6bi848.png "/>
2). The final task of data communication is to help the PC pass the payload of this HTTP to the HTTP process on the Web Server.
This is a seemingly simple task, but in fact the data is going over the hill. The application layer of the PC gives the payload of this HTTP to the "Transport layer" (we ignore the TCP three handshake, etc.), and the ' Transport layer ' will encapsulate the packet header for the ' Application layer ', which is TCP-based, so this is the TCP header.
In this head, there is the destination port number 80, this port number will be told to the backend after the data arrives at the Web Server, I want to access you what service. Of course, in order for this data to be reliably transmitted, there are other important elements in the TCP header, which are not mentioned here.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/78/44/wKiom1Z5BVWRpxlGAABMAApZfM0350.png "style=" float: none; "title=" 004.png "alt=" Wkiom1z5bvwrpxlgaabmaapzfm0350.png "/>
3). Well, HTTP load is encapsulated on the TCP header, in order for this data to be able to transfer in the IP network, we also need an "envelope", so the data to the PC "network layer."
in this layer, the data is encapsulated on an IP packet header, in the IP header, the source and destination IP address is written, the source IP address is the ip:192.168.1.1 of the PC, and the destination IP address is the Web Server's ip:192.168.2.1 。
Another important field in the IP packet header is the protocol number, where the value written here is 6, which corresponds to the protocol that is encapsulated behind the IP header, which is TCP. Well, with the IP header this envelope, our data can be transferred from the source to the destination in the IP network.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/78/43/wKioL1Z5BWfwSNhlAABWjh9rG1g918.png "style=" float: none; "title=" 005.png "alt=" Wkiol1z5bwfwsnhlaabwjh9rg1g918.png "/>
4). However, the light has an envelope is not enough, at least, we have to send this letter a link to a section of the transport past, and not a bit from the source directly through to the destination, nor is it the celestial cross play is not, then what?
We also need a ' data link layer ' head, because here is the Ethernet environment, Ethernet link, so the upper down of the data is encapsulated in an Ethernet frame header, this is to enable the PC to pass this data to the same link on the gateway R1 (f0/0 port).
Since the gateway address set by the PC is 192.168.1.254, which is the f0/0 port IP address of R1, when accessing the Web Server 192.168.2.1 This non-local network IP, the PC has to turn to its gateway, so At the data link level, the PC is going to pass the data to the gateway, which writes the encapsulated Ethernet header to the ' source Mac ', which is its own mac:00dd.f800.0001, and writes to the ' destination Mac ', which is the f0/0 port of the router R1. mac:000.aaaa.0001, of course, if the PC does not have a MAC for the Gateway IP right now, it will send an ARP message to request.
There is also an important field in the Ethernet frame header, which is the Type field, which is used to describe what message is encapsulated behind the frame head of this Ethernet, and the value written here is 0x0800, which indicates that an IP message is followed.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/78/44/wKiom1Z5BVbBkfyHAABDXyVWGXM053.png "style=" float: none; "title=" 006.png "alt=" Wkiom1z5bvbbkfyhaabdxyvwgxm053.png "/>
5). A great effort, layers of feeding, finally, the data is finally ready for transmission, from the PC to the same on the link on the R1, a little closer to the destination, of course, in the transmission of data in the process, it is impossible as we picture so literary, it should be some electrification of information, For example 1010101 God horse, do not bird him, anyway is this piece of stuff is spread to R1.
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/78/43/wKioL1Z5BWiwZZzjAABgxbeeqBQ024.png "style=" float: none; "title=" 007.png "alt=" Wkiol1z5bwiwzzzjaabgxbeeqbq024.png "/>
6). R1 's f0/0 mouth received this thing, first to restore it to ' data frame ', view the frame head, found that the ' destination Mac ' address is the MAC address of their own f0/0 port, happy bad, think who wrote their own love letter, so combined to view the type of field, found to be 0800, Then know that the upper layer is encapsulated is an IP packet, it will be stripped of the Ethernet frame head, the IP packets inside the IP protocol stack processing.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/78/44/wKiom1Z5BVaAiuFYAABLJBp6hGo483.png "style=" float: none; "title=" 008.png "alt=" Wkiom1z5bvaaiufyaabljbp6hgo483.png "/>
7). Next is the R1 ' network layer ' work, he received the lower layer passed over the IP packet, view IP packet IP address, the destination is 192.168.2.1, I 艹, originally not to me is to others, no way, R1 take this address to their own map-the routing table to find, hair The existing destination 192.168.2.0/24 network, the export is its own fa1/0 port, the next hop address is 192.168.12.2 is R2.
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/78/43/wKioL1Z5BWjyY70jAABR8qDutos352.png "style=" float: none; "title=" 009.png "alt=" Wkiol1z5bwjyy70jaabr8qdutos352.png "/>
8). Find the packet destination IP address is not its own R1, find the path to send the data to the destination, is to the destination closer to the 192.168.12.2, and in order to give the data to the same on the link 192.168.12.2, the data is re-encapsulated on the Ethernet frame head, this time in the frame header ' The source Mac ' fills in the MAC address of the R1 fa1/0 port, and the ' Destination Mac ' is the MAC address of the R2 f0/0 port:
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/78/44/wKiom1Z5BVfhAcWPAABDtF8iFHo129.png "style=" float: none; "title=" 010.png "alt=" Wkiom1z5bvfhacwpaabdtf8ifho129.png "/>
9). The data was passed on to the R2 by R1, duly completed:
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/78/43/wKioL1Z5BWmC_rDrAABT2Sf4YNw554.png "style=" float: none; "title=" 011.png "alt=" Wkiol1z5bwmc_rdraabt2sf4ynw554.png "/>
R2 received this data, the same is the first to restore the data frame, and then look at the frame header, the results found that ' destination Mac ' is their own Mac, but also very happy to throw data frames to the upper IP protocol to deal with:
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/78/43/wKioL1Z5BWnB7A1GAABMYLjEAHk358.png "style=" float: none; "title=" 012.png "alt=" Wkiol1z5bwnb7a1gaabmyljeahk358.png "/>
11). The same results, ah a look at the IP head of the ' Destination IP ' address, wiping class is not to their own, regardless of, not to their own on the right:
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/78/44/wKiom1Z5BVjwM822AABWYKchj88803.png "style=" float: none; "title=" 013.png "alt=" Wkiom1z5bvjwm822aabwykchj88803.png "/>
12). So Anza by the table, found that ' destination IP ' address 192.168.2.1 is in their own fa1/0 directly connected to the network 192.168.2.0/24 an IP address, good to do, the edge is the door of the people ah. Then it encapsulates the data on the Ethernet frame header, ' Source Mac ' is the MAC address of its own fa1/0 port, ' destination mac ' is the Mac of the Web server, if there is no 192.168.2.1 corresponding MAC for the Web server, the same, or send an ARP message to request:
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/78/43/wKioL1Z5BWrS51INAABEG4fU028857.png "style=" float: none; "title=" 014.png "alt=" Wkiol1z5bwrs51inaabeg4fu028857.png "/>
13). Data is on the road and passed to the Web Server:
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/78/44/wKiom1Z5BVnBAw7vAABluiLJnN0514.png "style=" float: none; "title=" 015.png "alt=" Wkiom1z5bvnbaw7vaabluiljnn0514.png "/>
14). Good macro analysis, said that there has become microscopic. After the Web Server receives this data frame, look at the frame header, ' Destination Mac ' is its own Nic Mac, and the Type field is 0800:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/78/44/wKiom1Z5BV3AZfqtAABNaawBCVc771.png "style=" float: none; "title=" 016.png "alt=" Wkiom1z5bv3azfqtaabnaawbcvc771.png "/>
15). The frame head is then taken apart and the ' IP message ' is given to the IP protocol for processing.
then IP protocol analysis of this IP packet, look at the ' Destination IP ' address in the packet header, found it is their network card IP Charmed, and found that the IP header protocol number is 6, indicating that the IP head wrapped in a TCP message:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/78/43/wKioL1Z5BW_h76RnAABEqBE6O_w432.png "style=" float: none; "title=" 017.png "alt=" Wkiol1z5bw_h76rnaabeqbe6o_w432.png "/>
16). Know that after the IP header is wrapped in a TCP message, it will be stripped of the IP header, the TCP packet inside out, found that the TCP header ' destination port number ' is 80, which is a well-known well-known port number:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/78/44/wKiom1Z5BWKgU3hGAABGLxfUzIo704.png "style=" float: none; "title=" 018.png "alt=" Wkiom1z5bwkgu3hgaabglxfuzio704.png "/>
17). The service that corresponds to the 80 port number is HTTP. PC found that its own port 80 is just open, the HTTP service is working, so the TCP head off, exposing the effective load inside, hey, finally ... The little girl finally came out and was finally given the HTTP service.
in this way, a piece of data is eventually delivered to the destination application. Of course, we still omit a lot of detail in this process. It is important to note that the process of data communication is bidirectional, so the PC sends it to the Web Server, in order for the service to interact properly, the data will return, so there is actually a data return process here we no longer analyze, the principle is similar.
Questions about MAC address and IP address changing and invariant during transmission
Original link: http://nanjingfm.blog.51cto.com/2121842/1179368
We may have noticed that the MAC address changed during the transmission of the above packet, but the IP address did not change.
in fact, the MAC address is in the same broadcast domain in the transmission process is unchanged, when across the broadcast domain will change, and the IP address is not changed during the transfer (except NAT).
First, we need to know that the MAC address is used for communication between devices on the same physical or logical layer 2nd network, whereas a third-tier address (IP address) can communicate between multiple network devices.
MAC address is valid in the same broadcast domain, then go to another broadcast domain (network segment) MAC address must be changed; The MAC address of the data frame in the same broadcast domain will not change, because all switches should know the MAC address of all the hosts in the broadcast domain (if they do not know how to learn by passive broadcasting). Now that I know all the MAC addresses, I'll look at the target MAC address when the switch receives the data frame, and then check the MAC Address table to get out of the corresponding interface.
IP address is effective throughout the network, the entire Internet network is the equivalent of a large map, also know how to get all the IP address, then in the transmission of the ' source IP ' and ' destination IP ' will not change. When the router receives the packet, check the ' destination IP ' address of the packet, then look for the routing table (routing forwarding), and choose the appropriate interface to send out.
Analysis of data transfer process using TCP/IP Reference Model