Android Network programming Series A network layer of the TCP/IP protocol family

Source: Internet
Author: User



This reference article is mainly used for the diffusion of knowledge points in subsequent articles, in this special backup and diffusion learning Exchange.



The internetwork includes: IP, ICMP, IGMP, and protocols that are actually working on the internetwork at the link layer, ARP and rarp, and so on.


1.IP protocol


Each interface on the Internet must have a unique Internet address (also known as an IP address). The IP address is longer than the bit. The IP protocol is the core of the IP protocol, and all TCP,UDP,ICMP,IGMP data is transmitted in the IP data format. It is important to note that IP is not a reliable protocol, which is to say that the IP protocol does not provide a way for the data not to convey a later processing mechanism-this is considered to be the upper-level protocol--tcp or UDP things to do. So that's where it comes in. TCP is a reliable protocol, and UDP is not as reliable as the difference. Internet addresses do not use a flat form of address space, such as 1, 2, 3, and so on. IP address has a certain structure, five different types of Internet address format are as follows:








1.1.IP Protocol Header





To explain it as a textbook work, I'm interested in the eight-bit TTL field, remember what this field does? This field specifies how many routes the packet will pass through before it is discarded (this shows the unreliability of the IP Protocol packet, which does not guarantee that the data will be delivered), the TTL value of the packet is reduced by 1 per router, and when the TTL of that packet becomes 0, it is automatically discarded. The maximum value of this field is 255, that is, a protocol package is also in the router through 255 times will be discarded, depending on the system, this number is not the same, generally 32 or 64,tracerouter this tool is to work with this principle, The Tranceroute-m option requires a maximum value of 255, which is because the TTL is only 8bit in the IP protocol.



The IP version number is now 4, so it is also called IPV4. Now there are IPv6, and the use is more and more extensive.


1.2.IP Route Selection


When an IP packet is ready, how does the IP packet (or router) send the packet to the destination? How does it choose a suitable path to "deliver"?



The most special case is the destination host and host direct connection, then the host does not have to look for routes, the data can be transmitted directly in the past. As for how to pass directly, this depends on the ARP protocol, which will be discussed later.



In a slightly more general case, the host is connected through several routers (router) and the destination host. Then the router will pass the IP packet information to find an appropriate target for the IP packet, such as the appropriate host, or the appropriate route. The router or host will handle an IP packet in the following way


    1. If the IP Packet's TTL (life cycle) is reached, then the IP packet is discarded.
    2. Search the routing table, prioritize the search for a matching host, and if you can find a target host that exactly matches the IP address, send the packet to the target host
    3. Search the routing table, if the matching host fails, matches the same subnet as the router, which requires "subnet mask (1.3.)" 's assistance. If the router is found, the packet is sent to the router.
    4. Search the routing table, if matching the same subnet router fails, then match the same network number (explained in the first chapter) of the router, if the router is found, the packet is sent to the router.
    5. Search for Lu, if none of the above have failed, search the default route, and if the default route exists, the contract
    6. If all fails, throw away the bag.


This proves once again that IP packets are unreliable. Because it does not guarantee delivery.


1.3. Subnet addressing


The IP address is defined as the network number + host number. But now all the host requires subnet addressing, that is, the host number is subdivided into sub-network number + host number. Finally, an IP address becomes the network number + subnet number + host number. For example a Class B address: 210.30.109.134. In general, the red part of this IP address is the network number, and the blue part is the subnet number, the green part is the host number. As to how many people represent the subnet number on this issue, this does not have a hard rule, instead of the subnet mask , the campus network is believed that most people have used, in the campus network settings There is a 255.255.255.0 thing, this is the subnet mask. The subnet mask is a binary number sequence of 32bit, in the form of a series of 1 and a series of 0, for example: 255.255.255.0 (binary is 11111111.11111111.11111111.00000000) for the B-class address just now, Because 210.30 is the network number, then the next 109.134 is the subnet number and host number combination, and because the subnet mask only the last eight bit is 0, so the host number is the IP address after eight bit, is 134, and the rest is the subnet number--109.


2. ARP protocol


Remember the Ethernet protocol of the Data link layer, each packet has a MAC address header? We know that every Ethernet card has a MAC address, this address is unique, then how does IP packet know this MAC address? This is the work of the ARP protocol.



ARP (Address Resolution) protocol is a kind of resolution Protocol, originally the host is completely do not know which IP corresponds to which host of which interface, when the host to send an IP packet, will first check their own ARP cache (is a IP-MAC Address table cache), If the Ip-mac value of the query does not exist, then the host sends an ARP protocol broadcast packet to the network, the broadcast packet inside the IP address to be queried, and directly received the broadcast packet of all hosts will query their IP address, if a host received a broadcast packet found themselves eligible, Then a ARP packet containing its own MAC address is prepared to be routed to the host that sent the ARP broadcast, and the broadcast host will update its ARP cache (the place where the Ip-mac table is stored) after it has received the ARP packet. The host sending the broadcast will use the new ARP cache data to prepare the data link layer for the packet to send work.



A typical ARP cache information is as follows, in any system with the "arp-a" command:


Interface: 192.168.11.3 --- 0x2  Internet Address      Physical Address      Type  192.168.11.1          00-0d-0b-43-a0-2f     dynamic  192.168.11.2          00-01-4a-03-5b-ea     dynamic


will get the result. Such caches are time-bound, typically 20 minutes (the Berkeley system's derivative system).





3.ICMP protocol


As mentioned earlier, the IP protocol is not a reliable protocol, it does not guarantee that the data will be delivered, then, naturally, the work of ensuring that the data is delivered should be done by other modules. One of the important modules is the ICMP (Network control Message) protocol.



When an error occurs in transmitting an IP packet-such as a host unreachable, routing unreachable, and so on-the ICMP protocol will packet the error message and send it back to the host. Give the host a chance to handle the error, which is why it is possible to say that the protocol built above the IP layer is likely to be secure. The ICMP packet consists of the 8bit error type and the 8bit code and 16bit checksum. The first 16bit makes up the message that ICMP is going to deliver. Figure 6-3 in the book clearly gives the meaning of the type of error and the combination of the code.



Although in most cases, the wrong packet transfer should give the ICMP message, but in special cases, the ICMP error message is not generated. As follows


    1. ICMP error messages do not generate ICMP error messages (out of IMCP query packets) (to prevent the infinite generation and transmission of IMCP)
    2. The destination address is the IP datagram of the broadcast address or multicast address.
    3. A datagram that is broadcast as a link layer.
    4. is not the first piece of IP shard.
    5. The source address is not a single host datagram. This means that the source address cannot be a 0 address, a loopback address, a broadcast address, or a multicast address.


While some of the rules are not clear yet, all of these rules are defined to prevent the infinite propagation of ICMP messages.



The ICMP protocol is broadly divided into two categories, one is the query message and the other is the error message. There are several uses of the query message:


    1. Ping query (Don't tell me you don't know the ping program)
    2. Subnet mask query (for diskless workstations initializing the subnet mask when initializing itself)
    3. Timestamp query (can be used to synchronize time)


The error message is generated when the data transmission errors occur. Don't dwell on it.


The application of 3.1 ICMP--ping


Ping can be said to be the most famous application of ICMP when we do not go on one of the sites. This site is usually ping. Ping will show back some useful information. General information is as follows:





Reply from10.4.24.1: bytes=32 time<1ms TTL=255Reply from10.4.24.1: bytes=32 time<1ms TTL=255Reply from10.4.24.1: bytes=32 time<1ms TTL=255Reply from10.4.24.1: bytes=32 time<1ms TTL=255Ping statistics for10.4.24.1:    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times inmilli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms


Ping this word originates from sonar positioning, and this program does the same, and it uses the ICMP protocol packet to detect whether another host is up or down. The principle is to use an ICMP request with a type code of 0, and the requested host uses an ICMP response of type Code 8. The ping program calculates the interval time and calculates how many packets are delivered. Users can determine the approximate situation of the network. We can see that the ping gives out the data for the time and TTL transmitted. I give the example is not very good, because there are fewer routes to go, it is interesting to ping the foreign sites such as sf.net, you can observe some of the phenomenon of packet loss, and the program will run longer.
Ping gives us a chance to see the host's route to the destination host. This is because the ping request datagram for ICMP is reported by the router to put its own IP in the datagram every time it passes through a router. The destination host copies the IP list back to the host in response to the ICMP packet. However, in any case, the list of routes that the IP header can record is very limited. If we want to observe the route, we still need to use a better tool, that is, Traceroute (the name under Windows is called tracert).


The application of 3.2 ICMP--traceroute


Traceroute is an important tool to detect the routing between host and destination hosts, and is also the most convenient tool. As mentioned earlier, although the Ping tool can also detect, however, because of the IP header limit, ping can not be fully recorded under the router. So the traceroute just fills this flaw.



The principle of traceroute is very very interesting, it receives the IP of the destination host, first sends a ttl=1 to the destination host (remember what TTL is?). UDP (the next to know what UDP is the packet), and after the first router receives the packet, the TTL is automatically reduced by 1, and the TTL becomes 0, the router will discard the packet, and at the same time produce a host unreachable ICMP datagram to the host. The host receives this datagram and sends a ttl=2 UDP datagram to the destination host, then stimulates the second router to send ICMP datagrams to the host. This is repeated until the destination host is reached. In this way, traceroute gets all the router IPs. This avoids the problem that the IP header can only record limited routed IP.



Someone asked, how do I know if UDP arrives at the destination host? This involves a trick question, the TCP and UDP protocols have a port number definition, while the normal network program only monitors a few small numbers of ports, such as 80, 23, and so on. And traceroute send is the port number >30000 (true abnormal) of the UDP, so when the destination host, the destination host can only send a port unreachable ICMP datagram to the host. Host received this report will know, the host to, so, said Traceroute is a liar is not a bit too:)



There are some useful options in the Traceroute program, including options for IP routing, see the man documentation to learn about these, and don't dwell on them.


4 IGMP (slightly) 5 RARP (slightly)


Android Network programming Series A network layer of the TCP/IP protocol family


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.