Network Management-TCP/UDP

We have learned what data packets are ". Understanding data packets is of vital significance for network security in network management. For example, the essence of a firewall is to detect packets in the network and determine whether the firewall violates preset rules. If the firewall violates the rules, it will be blocked. Figure 1 shows the interface for setting rules for the firewall software of Rising's Personal Edition. Careful readers will find that the "protocol" column in Figure 1 contains "TCP", "UDP" and other terms. What do they mean? Now let's talk about TCP and UDP.

Connection-oriented TCP

"Connection orientation" means that a connection must be established with the other party before formal communication. For example, if you call someone else, you must wait until the line is connected and the other party picks up the microphone to talk to each other.

Figure 1

TCP (Transport Control Protocol) is a connection-based protocol. That is to say, a reliable connection must be established with the other party before sending and receiving data. A TCP connection can be established only after three "conversations". The process is very complicated. Here we only provide a simple and visual introduction. You only need to understand this process. Let's take a look at the simple process of the three conversations: host a sends a connection request packet to host B: "Can I send data to you ?", This is the first conversation; host B sends a packet to host a that agrees to the connection and requires synchronization (synchronization means that two hosts are sending, receiving, and coordinating): "Yes, when will you send it? ", This is the second conversation. host a sends another packet to confirm that host B's request is synchronized: "I will send it now, let's proceed !", This is the third dialogue. The purpose of the three "dialogs" is to synchronize the transmission and receipt of data packets. After the three "dialogs", host a formally sends data to host B.

TCP protocol can be appliedProgramA reliable communication connection is provided, so that the byte stream sent by a computer is sent to other computers on the network without error. Data Communication Systems with high reliability often use the TCP protocol to transmit data.

Figure 2

We will conduct an experiment to copy a 2000-byte file from computer B on "Network Neighbor" on computer A (with Windows 8,644,608 server installed, the sending and receiving indicators in the lower-right corner of the status bar show that, although data flow is from computer B to computer A, computer a still sends 3,456 data packets, as shown in figure 2. How are these packets generated? Because the TCP/IP protocol is used for file transmission, or connection-oriented TCP protocol is used, when computer A receives data packets, it needs to send back data packets to computer B, therefore, some traffic is generated.

Figure 3

If you use the network monitor to monitor network traffic in advance, you will find that the resulting data traffic is 9,478,819 bytes, 10.96% more than the file size (as shown in 3 ), the reason is not only that data packets and frames occupy some space, but also that the TCP connection-oriented Feature leads to the generation of some additional traffic.

Non-connection-oriented UDP protocol

"Non-connection oriented" means that you do not need to establish a connection with the other party before the formal communication, and send the connection directly regardless of the other Party's status. This is very similar to the popular mobile phone text message: when you send a text message, you only need to enter the phone number of the other party and then OK.

User Data Protocol (UDP) is the protocol corresponding to TCP. It is a non-connection-oriented protocol. Instead of establishing a connection with the other Party, it directly sends data packets!

Figure 4

UDP is applicable to applications that transmit only a small amount of data at a time and do not require high reliability. For example, we often use the "ping" command to test whether the TCP/IP communication between two hosts is normal. In fact, the principle of the "ping" command is to send UDP packets to the other host, then, the host of the other party confirms that the packet is received. If the message indicating whether the packet arrives is returned in time, the network is connected. For example, by default, four data packets (2) are sent during a ping operation ). As you can see, the number of data packets sent is 4 packets, and the number of packets received is also 4 (because the recipient's host will send back a packet to confirm receipt ). This fully demonstrates that UDP is a non-connection-oriented protocol and does not establish a connection. Because the UDP protocol does not have a connection process, its communication performance is high; but also because of this, its reliability is not as high as that of the TCP protocol. Qq uses UDP to send messages, so sometimes messages cannot be received.

TCP and UDP have their own strengths and weaknesses, and are suitable for communication environments with different requirements. The differences between the TCP protocol and the UDP protocol are shown in the appendix.

Appendix: Differences Between TCP and UDP protocols