One OSI seven-layer model: 1 OSI Reference Model produces background:
Since the 1960s, the computer network has been growing rapidly. In order to dominate in the field of data communication networks, major manufacturers have launched their own network architecture and standards, such as IBM's Sna,novell ipx/spx agreement, Apple's AppleTalk agreement, Dec DECnet, and the widely popular TCP /IP protocol. At the same time, the major manufacturers for their own agreement to produce different hardware and software. The joint efforts of various manufacturers have promoted the rapid development of network technology and the rapid growth of the types of network equipment. However, due to the coexistence of multiple protocols, the network becomes more and more complex, and the network devices between the manufacturers are mostly incompatible and difficult to communicate. In order to solve the network compatibility problem, to help each manufacturer to produce compatible network equipment, ISO in 1984 proposed the OSI RM (open System interconnection Reference model, open Systems Interconnect Reference Model). The OSI reference model quickly becomes the basic model of computer network communication. In designing the OSI Reference Model, the following principles are followed: there is a clear boundary between the layers to achieve a specific function, the division of the hierarchy is conducive to the development of international standards Agreement; The number of layers should be sufficient to avoid duplication of functionality across layers. The OSI Reference model has the following advantages: It simplifies the related network operation, provides plug-and-play compatibility and standard interfaces between different vendors, enables each vendor to design interoperable network equipment, promotes standardization, and prevents changes in one area network from affecting the network of another area, structurally separating it, As a result, each region's network can be upgraded independently, and complex network problems are broken down into small, simple problems that are easy to learn and operate.
2 layering of the OSI reference Model
The OSI Reference model is divided into seven layers, from bottom to top the first layer of physical layer (physical layer), the second layer of data link layer, the third layer of network layer, the fourth layer of transport (Transport layer), Level fifth session layer, layer sixth presentation layer (Presentation layer), Layer Seventh application layer (application layer).
Usually, the OSI reference model is called the first layer to the third layer (Lower layer), also called the media layer (media layers), the bottom is responsible for data transmission in the network, network interconnection devices are often located in the next three layers, hardware and software in a combination of the way to achieve. The fifth to seventh layers of the OSI reference model are called High-level (Upper layer), also called the host layer, which is used to ensure the correct transmission of the data, which is implemented by means of software.
3 Osi seven-layer function
The basic functions of the OSI reference Model at each level are as follows:
Physical layer: Transmits bitstream between devices, which specifies the level, line rate, and cable pins.
Data Link layer: The bits are combined into bytes, the bytes are combined into frames, the MAC addresses are used to access the media, and errors are detected. (MAC,)
Network layer: Provides a logical address for the router to determine the path. (IP. ARP)
Transport Layer: Provides reliable or unreliable data transfer and error detection prior to retransmission. (TCP/UDP)
Session Layer: Responsible for establishing, managing, and terminating communication sessions between presentation-level entities. This layer of communication consists of service requests and responses between applications in different devices.
Presentation layer: Provides various encoding and conversion functions for application layer data, ensuring that the data sent by the application layer of one system can be identified by the application layer of another system.
Application layer: The OSI Reference Model is closest to the user's level and provides network services to the application. (HTTP)
Two TCP/IP stack 1 TCP/IP protocol stack and packet encapsulation
TCP/IP (Transfer Control protocol/internet Protocol, Transmission Protocol/Internet Protocol) TCP/IP protocol stack also becomes the mainstream protocol of the Internet.
The TCP/IP model also uses a hierarchical structure, and the layers are relatively independent but also have very close cooperative relationships with each other.
The difference between the TCP/IP model and the OSI Reference model is that TCP/IP puts both the presentation layer and the session layer into the application layer.
The TCP/IP model is divided into four layers: network interface layer, network layer, Transport layer and application layer from bottom to top.
2 TCP/IP protocol stack Packet encapsulation
The user data passes through the Application Layer protocol encapsulation to the transport layer, the transport layer encapsulates the TCP head, to the network layer, the network layer encapsulates the IP head, then to the data link layer, the Data link layer encapsulates the Ethernet frame head and the frame tail, to the physical layer, the physical layer in the form of bitstream to send data to the physical line.
3OSI vs. TCP/IP
The seven-layer model is a conceptual model, and the TCP/IP model is the actual network model.
Three Network layer Common Protocol 1 Common Network layer Protocol
IP (Internet Protocol), ICMP (Internet Control Message Protocol), ARP (address Resolution Protocol), RARP (Reverse address Resolution Protocol).
2 IP protocol function and IP address introduction:
The most important protocol for the network layer, its function is the main function of the network layer, one is to provide the logical address, the second is to provide the routing function, and the third is the package and package of the message.
1 Network Layer Address
IP address is a logical address is not a hardware address, the hardware address is cured in the NIC (Network Interface Card), such as the aforementioned MAC address, used to communicate with each other on the same link, while the IP address is used for different networks (that is, different links) on the device to communicate with each other.
2 IP Addressing and routing
In the TCP/IP model, each layer has its own means of communication, and the data link layer relies on the MAC address to communicate, while the network layer relies on the IP address. After understanding the TCP/IP protocol model and the functions of each layer, this course focuses on the network layer to introduce the IP address structure, IP address classification, the Division of the Group Network, and how the network layer equipment to carry out packet forwarding, that is, how the data in the network is routed. This course introduces the third layer of the TCP/IP protocol stack-the network layer. The main functions of the network layer are implemented by IP protocol. Includes IP addressing and IP routing.
The TCP/IP model exchanges information between the middle and layer to ensure communication between network devices. These tiers use protocol data units (PDUs) to communicate with each other. Different layers of PDUs contain different information, depending on the information they contain, the PDU is given a different name. The PDU that the transport layer obtains after adding the TCP header to the upper data is called the Data segment (segment). Data segments are passed to the network layer, the network layer adds the IP header, and the resulting PDU is called a grouping. Packets are encapsulated in a second-level header, and the resulting PDU is called a frame. Finally, the frame is converted to bits and transmitted over the network media.
3 Network layer Data encapsulation
The network layer receives data from the transport layer and adds the source and destination addresses to the data. The data link layer has a physical address--mac address. The MAC address is the only one in the world. When there is data sent, the source network device queries the MAC address of the peer device, and then sends the data past. MAC address usually exists in a flat address space, no clear address hierarchy, only suitable for the network segment host communication, in addition, the MAC address is cured in the hardware, the flexibility is poor. For interconnect communication between different networks, it is common to use software-based network layer addresses----IP addresses to communicate, providing greater flexibility. IP addresses, also known as logical addresses, are unique in a network. Each network device uses an IP address as the unique identifier.
4 IP Address Classification:
IP address addressing has undergone three historical stages:
1 Classified IP addresses: the corresponding standard protocol was adopted in 1981
2 subnetting: This is an improvement to the most basic address method for IP addresses, which was passed in RFC 950 in 1985
3 Composition of the Net: presented in 1993.
IP address = network number + host number
Class A Address:
0 0000000-0 1111111 is a Class A address of the network bit and class A address of the first class address range 0-127
Class B Address:
10 000000-10 111111 is the first bit range for Class B addresses 128-191
Class C Address:
110 00000-110 11111 is the first bit range for Class C addresses 192-223
Class D Address:
1110 0000-1110 1111 is the first bit range for Class D addresses 224-239
Class E Address
1111 0000-1111 1111 is the first bit range for Class E addresses 240-247
5 Special IP Address
An IP address is used to uniquely identify a network device, but not every IP address is available, and some special IP addresses have special uses that cannot be used to identify network devices.
1 Network Address
For the host part of the full "0" IP address, called the network address, the network address is used to identify a network segment.
2 broadcast Address
For IP addresses where the host part is all "1", called the network segment broadcast address, the broadcast address is used to identify all hosts of a network. The broadcast address is used to send packets to all nodes of the network segment.
3 loopback address: Used to detect whether the IP stack on the NIC is normal.
For IP addresses where the network portion is 127, for example 127.0.0.1 is often used for loop testing.
4 other addresses
Full "0" IP address 0.0.0.0 represents all hosts, and the Huawei VRP series routers specify a default route with a 0.0.0.0 address.
Full "1" IP address 255.255.255.255, also broadcast address, but 255.255.255.255 represents all hosts that are used to send packets to all nodes of the network. Such broadcasts cannot be forwarded by the router.
6 private addresses in the classification of various types of addresses:
When IP address planning is in progress, a private IP address is typically used in the company's internal network. The private IP address is a discretionary IP address reserved by InterNIC by the various intranet networks. Using a private IP address does not directly access the Internet because there is no route for private addresses on the public network. When you access the Internet, you need to use the network address translation (Nat,network address translation) technology to convert the private IP address to a public IP address that is recognized by the Internet. InterNIC reserved The following network segments as private IP addresses:
Class A address 10.0.0.0~10.255.255.255;
Class B Address 172.16.0.0~ 172.31.255.255;
Class C address 192.168.0.0~192.168.255.255 and so on.
Each network segment will have some IP addresses that cannot be used as host IP addresses. The available IP addresses are calculated below.
such as Class B network segment 172.16.0.0, there are 16 main seats, so there are 216 IP addresses, remove a network address 172.16.0.0, a broadcast address 172.16.255.255 cannot be used as an identity host, then there are 216-2 available addresses.
Class C segment 192.168.1.0, there are 8 main seats, 28 = 256 IP addresses, remove a network address 192.168.1.0, a broadcast address 192.168.1.255, a total of 254 available host addresses. Each network segment available host address can be expressed in such a formula: Assuming that this segment of the host part of the number of BITS is n, the number of available host addresses is 2n-2. Network layer devices (such as routers, etc.) use network addresses to represent hosts within this network segment, greatly reducing routing table entries for routers.
The use of private IP addresses not only reduces the investment used to purchase a public IP address, but also saves IP address resources.
Masks are used to differentiate between a network part and a host part. The mask is the same as the representation of the IP address. A mask with 1 indicates that the bit is a network bit, and 0 represents the host part. A 255 indicates that there are 8 of 1. By default, the netmask for Class A networks is the network mask for the 255.0.0.0,b class network, which is a 255.255.0.0,c class netmask of 255.255.255.0.
7 No sub-network addressing
For IP address organizations that do not have subnets, the external organization is considered a single network, without the need to know the internal structure. For example, all to address 172.16. The x.x route is considered the same direction, regardless of the address of the third and fourth 8-bit groupings, the benefit of this scenario is to reduce the routing table of the project. However, this scheme can not distinguish between a large network of different subnet segments, which allows all hosts in the network to receive the broadcast within the large network, will reduce the performance of the network, but also not conducive to management
8 Tape Mesh Addressing
From the point of view of address assignment, the subnet is the extension of the network segment address. The network administrator determines the size of the subnet based on the need for organizational growth. Network devices use the subnet mask (Subnet masking) to determine which part of the IP address is the network part and which part is the host part. The subnet mask uses the same format as the IP address. The network and subnet portions of the subnet mask are all 1, and the host portion is all 0. By default, if no subnetting is made, the subnet mask for Class A networks is the subnet mask for the 255.0.0.0,b class network, which is the 255.255.0.0,c class network subnet mask of 255.255.255.0. With subnets, the use of network addresses is more efficient. External is still a network, to the internal, it is divided into different subnets. This allows the router to route according to the destination subnet address, thus restricting the broadcast messages of one subnet to other network segments, without affecting the efficiency of the network.
9 variable eldest son netmask:
Dividing a network into multiple subnets requires that each subnet use a different network identity ID. However, the number of hosts per subnet is not necessarily the same, and the difference is very large, if we each subnet with a fixed-length subnet mask, and each subnet assigned the same number of addresses, which results in a large number of address waste. At this time can be used to change the eldest son Netmask (vlsm,variable Length Subnet Mask) technology, the number of nodes more than the subnet with a shorter subnet mask, a short subnet mask address can represent less network/subnet, and the subnet can allocate more addresses A subnet with a smaller number of nodes has a longer subnet mask, which can represent more logical networks/subnets, and fewer subnets can be assigned. This scheme can save a lot of addresses, and the saved addresses can be used on other subnets. As shown, a company is planning to use the Class C network address 192.168.1.0 for IP address subnets. The company purchased a total of 5 routers, one router as the gateway router of the enterprise network to the local ISP, the other 4 routers Connect four office points, each office point 20 PCs. From can be seen, need to divide 8 subnets, 4 office points each network segment need 21 IP address (including a router interface), and gateway router connected four network segment each need 2 IP address, each network segment IP address number difference is big, can adopt VLSM technology. Four Office point network segment using subnet mask 255.255.255.224, 3 sub-network, a total of 5 main seats, can accommodate up to 25-2=30 host. For four Office point routers and gateway routers connected segments, 6 sub-subnets, 2 master seats, up to 2 legitimate IP addresses.
10 non-class inter-domain routing
CIDR (classless Inter domain Routing, non-class inter-domain routing) is defined by RFC1817. CIDR breaks through the traditional IP address classification boundary, converges several routes in the routing table into one route, reduces the size of the routing table, and improves the scalability of the router. As shown, an ISP is assigned some Class C network, 198.168.0.0~198.168.255.0. The ISP is ready to assign these Class C networks to the individual user groups, which are now assigned three Class C segments to the user. Without the implementation of CIDR technology, the routing table of the ISP's router will have three routing entries for the lower network segment, and it will be advertised to routers on the Internet. By implementing CIDR technology, we can put these three segments 198.168.1.0 on the ISP's router, and 198.168.2.0,198.168.3.0 converge into a route 198.168.0.0/16. This way, the ISP router only advertises the 198.168.0.0/16 route to the Internet, greatly reducing the number of routing tables. It is important to note that the bit bits of network addresses that are aggregated using CIDR technology must be consistent, as shown in the previous example. If the ISP shown is connected to a 172.178.1.0 network segment, this segment routing will not be aggregated.
3 ARP Address Resolution Protocol: 1 Introduction
ARP implements the dynamic mapping of IP address to hardware address, that is, to obtain the corresponding hardware address according to the known IP address.
RARP implements a dynamic mapping of hardware addresses to IP addresses, i.e. obtaining the corresponding IP address based on a known hardware address.
Address Resolution Protocol ARP is a broadcast protocol in which the host can dynamically discover the MAC address corresponding to an IP address. Each host has an ARP cache (ARP cache), a mapping table with IP addresses to physical addresses, which are some of the addresses that the host is currently aware of. When host a wants to send an IP datagram to host B on the local area network, it first looks at the IP address of Host B in its ARP cache. If so, it can find its corresponding physical address, and then send the data message to this physical address. It is also possible to find an entry for Host B's IP address. May be Host B before the network, it may be host a just power up, its cache is empty. In this case, assuming that host a needs to know the MAC address of Host B, host a broadcasts ARP requests to each host on the network segment. The ARP request message sent with its own IP address to the MAC address of the mapping, but also with the need to resolve the destination host IP address. When Host B receives the request message, the mapping of host A's IP address and MAC address is stored in its ARP cache, and the mapping of its IP address to the MAC address is sent back to host a as a response. When host a receives an ARP response, it gets the MAC address of Host B, and the host a caches the IP address of Host B to the MAC address map.
2 Functions of Proxy ARP
is to enable computers or routers that are not on the same network to communicate with each other. Normally, when a router R receives an ARP request message, router R checks to see if the destination address of the ARP request is itself, and if so, sends an ARP response message, or if not, discards the message. If router R turns on proxy ARP, when router R receives an ARP request message, it discovers that the destination address of the message is not itself, and the router R does not immediately discard the message, but instead looks for the routing table if router R has a route to that destination address. Router R sends its own MAC address to the ARP requester. The ARP requester sends a message to the destination address to router R, and the router R forwards it.
3 gratuitous ARP (free ARP)
The host sends ARP to find the MAC address corresponding to the IP address. If no other host on the network has the same IP address set, the host will not receive an answer. When the host receives an answer to the request, it indicates that another host has the same IP address as the native. The host generates an error message on the terminal log indicating that there is a duplicate IP address on the Ethernet. The role of free ARP: 1, by sending a free ARP can confirm whether there is a conflict IP address. When the sender receives an answer to a free ARP request, it indicates that there is a device that conflicts with that IP address. 2, update the old hardware address information. When a host that sends free ARP changes the hardware address exactly, such as replacing the NIC. Free ARP can be used to update the hardware address information function. When the receiving party receives an ARP request, and the ARP information already exists in the ARP table, the receiver must update the old ARP information table with the address information in the new ARP request.
4 RARP Protocol:
In the case of address translation, it is sometimes necessary to use the reverse Address Resolution Protocol RARP. Rarp are often used for diskless workstations, which know their MAC address and need to obtain an IP address. In order for the Rarp to work, at least one host on the LAN should act as a RARP server. For example, diskless workstations need to obtain their own IP address, broadcast RARP requests to the network, RARP servers receive broadcast requests, send response messages, and diskless workstations get IP addresses. corresponding to ARP, RARP request is sent by broadcast, ARP, RARP reply is generally sent by unicast, in order to save network resources.
Four common transport Layer protocols: 1 Introduction:
The transport layer is located on the fourth layer of the TCP/IP stack and serves the application. The transport layer defines the end-to-end connectivity between host applications. The transport layer encapsulates the upper layer data into its own data section and adds the transport layer header to the data segment to be processed by the downlevel protocol. The transport layer has two different transport protocols, TCP and UDP. TCP and UDP define their own message formats, respectively.
2 Overview of TCP protocols
TCP Transmission Control Protocol provides reliable, connection-oriented services for applications.
1 reason for reliability retention
TCP provides its reliability in the following ways:
Connection-oriented transport: any party to TCP must establish a connection between the two parties before transmitting data.
MSS (maximum message length): Indicates the maximum message segment lengths that TCP sends to the other end. When a connection is established, both sides of the connection have to advertise their respective MSS to make full use of the bandwidth resources.
Transmission Acknowledgement mechanism: When TCP transmits a data segment, it initiates a timer, waiting for the destination to acknowledge receipt of the message segment. TCP will retransmit the data segment if it is not able to receive a confirmation message from the destination in time.
First and data inspection and: TCP will maintain the first and the data of the test and, this is an end-to-end inspection. The purpose is to detect changes in the data during transmission. If a section is received for inspection and error, TCP discards the segment and does not acknowledge receipt of this segment. TCP will therefore initiate the retransmission mechanism.
Flow control: TCP can also provide flow control. Each side of a TCP connection has a fixed-size buffer space. The TCP receiver only allows the other end to send the data that the receive buffer can hold. This prevents the faster hosts from causing the slower host buffers to overflow.
2 Introduction to TCP Packets
TCP uses IP as the network layer protocol, and TCP data segments are encapsulated within an IP packet.
The TCP data segment consists of the TCP Head (head) and TCP (data).
TCP has a maximum of 60 bytes in the header, and if there is no field, the normal length is 20 bytes.
TCP Message structure:
16-bit Source port number: TCP assigns a source port number to the source application.
16-bit Destination port number: The port number of the destination application. Each TCP segment contains the port number of the source and destination, which is used to find the originating and receiving application processes.
These two values, together with the source IP address and destination IP address in the IP header, can uniquely determine a TCP connection.
32-bit serial number: Used to identify the data byte stream sent from the TCP originator to the TCP receiver.
32-digit Confirmation serial number: Confirm that the serial number contains the next sequence number expected to be received at the end of the send acknowledgement. Confirm that the serial number is the last successfully received data serial number plus 1.
4-Bit header length: Indicates the number of 32bit characters in the header. Because the maximum length of the TCP header is 60 bytes.
16-bit window size: Represents the bytes expected to be received by the receiving end, because the field is 16 bits, and thus the maximum window size is 65535 bytes.
16-bit inspection and: The entire TCP packet is inspected and covered, including TCP headers and TCP data. The value is computed and stored by the originator and validated by the receiving end.
3 Establishment of TCP links
TCP provides a reliable, connection-oriented, full-duplex Transport layer protocol. The reliability of TCP is ensured by many methods, and it is one of the methods to transfer data after the data connection is established. Either side of TCP must establish a connection between the two sides of the communication before transmitting the data.
The establishment of a TCP connection is a three-time handshake process:
1, the requesting side (often referred to as the client) sends a SYN segment that indicates the client expects to connect to the server port with an initial sequence number of x.
2. The server sends back the SYN segment with the serial number B as the response. The confirmation sequence number of the client is also set to 1 (x+1) as the acknowledgment of the SYN message to the client.
3, the client set serial number is the server side serial number plus 1 (b+1) as the server-side SYN message segment confirmation. These three message segments complete the establishment of the TCP connection.
4 Termination of the TCP link
As mentioned earlier, TCP is a connection-oriented full-duplex transport layer protocol. Full duplex means that both sides can transmit data at the same time, so both sides of the communication must close the connection.
The establishment of a TCP connection is a three-time handshake, and the termination of the TCP connection is four times the handshake.
1, the request side (usually also known as the client) to terminate the connection is to send a fin segment, the serial number is set to a. 2, the server responds to a confirmation sequence number for the client's serial numbers plus 1 (a+1) ACK confirmation segment, as the client's fin message confirmation.
3. The server sends a fin termination segment to the client (set the serial number to B and the confirmation number to a+1).
4, the client returns a confirmation message (set the serial number to b+1) as a response. The above four interactions complete the closing of the two-direction connection.
3 UDP1 Overview
UDP provides the application with a non-connected service, so there is no need to establish a connection between the source and destination before transmitting the data, as in the case of TCP. Because UDP is a non-connection-oriented transport protocol, UDP does not need to maintain connection state and send and receive status, so the server can transmit the same message to multiple clients at the same time. UDP is suitable for the use of high transmission efficiency, and the application layer provides the guarantee of reliability. The RADIUS protocol, RIP routing protocol, which is used as usual for authentication billing, is UDP-based.
Both UDP and TCP use IP as the Network layer protocol, and TCP datagrams are encapsulated within an IP packet. Because UDP does not provide reliable transmission like TCP, UDP's message format is relatively simple.
2 UDP Message structure:
16-bit Source port number: A source port number assigned to the source-side application. 16-bit Destination port number: The port number of the destination application 16-bit UDP length: refers to the byte length of UDP header and UDP data. The minimum value for this field is 8. 16-bit UDP inspection and: This field provides the same functionality as the TCP check, except that the field is optional in the UDP protocol.
Common terminology for Linux networks