Network Programming basics for UNIX/Linux: Diagram of TCP/IP protocol stack

Directory

1. Host-to-network protocol: Ethernet protocol

2. IP protocol

3. Internet Control Packet Protocol (ICMP)

4. Transmission Control Protocol (TCP)

5. User data packet protocol (UDP)

6. Stream Control transmission protocol (SCTP)

7. Address Resolution Protocol (ARP)

 

Network Protocol Stack is the basis for software that can interact with each other. Currently, the mainstream network protocol stack isTCP/IP protocol stack.

1. Host-to-network protocol: Ethernet protocol

The host to the network layer provides services for the IP protocol and ARP protocol, and sends and receives network datagram. There are many ways to achieve cross-network and cross-device communication in this layer. Here we only focus onEthernet.

Ethernet isPublished by Digital Equipment Corp, DEC, Intel, and Xerox on December 3, 1982A standard. At present, TCP/IP technology is mainly based on Ethernet standards. The Ethernet standard adopts a carrier listener with Conflict Detection for Multi-Channel Access (CSMA/CD, Carrier Sense, Multiple Access with Collision Detection. The Ethernet packet format is shown in. It adds a total of 14 bytes based on IP data.

Source Address and Destination Address: Ethernet uses 48 bits (6 bytes) to represent the source address and destination address. The source address and destination address here refer to the hardware address.For example, the MAC address of the NIC.

The address is followed by two byte fields indicating the type. For example, 0800 indicates that the data of this frame is IP data, and 0806 indicates that the data of this frame is an ARP request.

Type fields are followed by data,For Ethernet, the size range of the specified data segment is-bytes. If the data segment is less than 46 bytes, fill it with null characters.

Note: The length of a data segment has a maximum value of 1500 over Ethernet. This feature is called MTU, which is the maximum transmission unit. If an IP layer requires that the transmitted data be longer than MTU, data must be sliced at the IP layer so that each piece is smaller than MTU.

The CRC field is used to verify the data within the frame to ensure the correctness of the data. It is usually implemented by hardware (for example, in the NIC device ).

Note: The Header Length of Ethernet is 14, which may cause efficiency problems on some platforms. For example, for a 4-byte alignment platform, it is often replicated once when IP data is obtained.

2. IP protocol

The IP protocol is the most important protocol in TCP/IP. It provides transmission channels for TCP, UDP, ICMP, and other protocols.The main purpose of the IP layer is to provide subnet interconnection to form a large network.To enable data transmission between different subnets. The IP layer has the following functions:

The format of IP data is shown in. It does not contain the option field, and its header length is 20 bytes.

Source IP address and destination IP address: the source IP address represents the IP address of the host or device that sends data, and the destination IP address represents the IP address of the host that receives data. Both fields are 32-bit. This field aims to identify hosts on the Internet.

3. Internet Control Packet Protocol (ICMP)

ICMP is used to transmit packet control data, such as error information, time, ECHO, and network information.

The data of the ICMP protocol is located in the data part of the IP field, which is transmitted inside the IP packet.

Shows the data format of ICMP packets:

The ICMP message type is determined by the type and code fields.

4. Transmission Control Protocol (TCP)

Based on the original IP Protocol, the Transmission Control Protocol (TCP) adds mechanisms such as re-Transmission, sliding window, reuse, and demultiplexing to provideA reliable, connection-oriented, and byte stream service.

First, TCP provides the connection between the customer and the server.

Second, TCP provides reliability. (Reliable data delivery or Fault Notification) does not guarantee that the data will be received by the peer endpoint.

Third, TCP associates a sequence number with each byte of the sent data for sorting ).

Fourth, TCP provides flow control ). TCP always tells the peer how many bytes of data can be received, which is called an advertised window ). This window specifies the available space in the receiving buffer at any time, so that the data sent by the sending side does not overflow the receiving buffer. The window changes dynamically at all times: When receiving data from the sending end, the window size decreases; when the receiving end application process reads data from the buffer, the window size increases.

Finally, the TCP connection is full duplex ).

TCP features:

TCP data format:

Source Port Number and destination port number: these two fields are both 16-bit length, indicating the sender and receiver ports, used to confirm the sender and receiver applications.The IP address and port number of the sender and the IP address and port number of the receiver can confirm a TCP connection over the Internet.

TCP encapsulation and unblocking process:

Three-way handshake for establishing a TCP connection:

(1) The server must be prepared to accept external connections. This is done by calling the socket, bind, and listen functions, called passive open ).

(2) The customer actively opens (active open) by calling connect ). This causes the client TCP to send a SYN (synchronous) segment, which tells the Server Client the initial serial number of the data to be sent in the (to be established) connection. Generally, SYN nodes do not carry data. They only contain one IP header, one TCP header, and some possible TCP options.

(3) The server must confirm the customer's SYN and send a SYN Shard, which contains the initial serial number of the data that the server will send in the same connection. The server sends SYN and ACK to the customer SYN in a single shard (indicating confirmation ).

(4) The customer must confirm the server SYN.

The process of establishing a connection requires at least three groups, so it is called the three-way handshake of TCP ). As shown in:

The initial serial number of the customer is J, and the initial serial number of the server is K. The confirmation number in ACK is the next serial number of the Peer to which the ACK end is sent.

The daily system for establishing TCP connections can be analogous to the telephone system. The customer (caller), server (callee ):

The soket function is equivalent to a phone number. Both the caller and the recipient must have a phone number.

The bind function is used to tell other people your phone number so that they can call you.

The listen function is used to ring the phone so that you can hear a foreign call.

The accept function is equivalent to the call received by the caller. In addition, the accept function displays incoming calls to display the caller's phone number.

Release the four handshakes of the TCP connection:

TCP status transition diagram:

The establishment and termination of TCP connections can be described in the state transition diagram (state transition divisor.

TCP defines 11 States for a connection (Nestat commandThe output includes these statuses,It is a useful tool for debugging client/server applications.), And the TCP rule specifies how to switch from one status to another based on the current status and the segments received in this status.

We use solid lines to convert the customer's status, and dotted lines to convert the server's status.

Note: The client that executes the active shutdown enters the TIME_WAIT status. The duration of the endpoint staying in this state is twice that of maximum segment life time (MSL.

5. User data packet protocol (UDP)

UDP is a non-connection and unreliable network transmission protocol based on the IP protocol.

The UDP protocol sends the data to be transmitted by the application, but does not provide the sequence of sent data packets. The receiver does not send the confirmation message to the sender. If packet loss or heavy packet loss occurs, it does not send feedback to the sender. Therefore, it cannot be ensured that the data sent by a program using UDP protocol must arrive at the receiver or the data sequence sent to the receiver is consistent with that sent by the sender.

For an application that uses UDP to transmit data, you must build a data sending order mechanism and a confirmation mechanism for sending and receiving to ensure that the sent data arrives correctly, ensure that the order of received data is consistent with that of sent data, that is, the application must provide a solution based on the shortcomings of UDP.

The execution speed of UDP protocol is much faster than that of TCP protocol.Because the UDP protocol is much simpler, it causes low load on the system.

UDP data format:

Source Port Number and destination port numberIs16-bitTo indicate the UDP port of the sender and receiver.

UDP data transmission process:

Each UDP datagram has a length. If the datagram reaches its final destination correctly, the length of the datagram will be transmitted along with the data to the receiving end application. TCP is a byte stream protocol with no record boundaries.

6. Stream Control transmission protocol (SCTP)

SCTP provides services similar to UDP and TCP.SCTP provides associations between customers and servers, and provides reliability, sorting, traffic control, and full-duplex data transmission services for the application layer as TCP does..

In SCTP, "association" is used to replace "connection" to avoid the connotation that a connection only involves communication between two IP addresses. One association may refer to a communication session between two systems that involve more than one address due to multihost.

Unlike TCP, SCTP is message-oriented (message-oriented ).). It provides the ordered delivery service for each record. Like UDP, the length of each record written by the sender to SCTP is transmitted along with the data to the receiver application.

SCTP can provide multiple streams between connected endpoints. Each stream reliably delivers messages in order. The loss of a message in a stream does not block the delivery of messages associated with other streams. This method is the opposite of TCP. For TCP, the loss of bytes at any position in a single byte stream will block the delivery of all data after the connection, until the loss is fixed.

SCTP also provides the multi-host feature so that a single SCTP endpoint can support multiple IP addresses. This feature enhances the robustness of network faults. A single endpoint can have multiple redundant network connections, and each connection's network has its own access to the Internet infrastructure. By switching the endpoint to another address associated with SCTP, SCTP can bypass a fault that occurs on a network or path over the Internet.

Like TCP, SCTP is also connection-oriented, so there is also an associated handshake process for establishing and terminating. However, the handshake process of SCTP is different from that of TCP.

SCTP's four-way handshake:

(1) The server must be prepared to accept external associations. This is done by calling the socket, bind, and listen functions, called passive open ).

(2) The customer actively opens the link by calling connect or sending an implicit open message ). This allows the client to send an INIT message (indicating initialization), which informs the Server client of the IP address list, initial serial number, and the initiation tag used to identify all groups in the association) the number of outgoing streams requested by the customer and the number of external streams that the user can support.

(3) The server confirms the customer's INIT message with an init ack message, it contains the server's IP address list, initial serial number, start sign, number of outgoing streams requested by the server, number of external streams supported by the server, and a state cookie ). The status magic Pie contains all the States required by the server to make sure the association is valid. It is digitally signed to ensure its validity.

(4) The client returns a cookie echo message to the server's status magic pie. In addition to the cookie ack block, the message may also be bundled with the user data block.

(5) The server uses a cookie ack message to confirm that the client's bounce status magic pie is correct. This association is established. The message may also be bound with user data blocks.

The above exchange process requires at least four messages, so it is called the four-way handshake of SCTP ). For example:

When the four-way handshake ends, each end selects a primary destination address ). If no network fault exists, the primary IP address is used as the default destination for data transmission.

SCTP Association termination:

Unlike TCP, SCTP does not allow semi-closed associations. When one end closes an association, the other end must stop transmitting new user data from the application process and send it. After the acceptor of the associated close request sends the queued data (if any), disable the connection. As shown in:

SCTP does not have a TCP-like TIME_WAIT status because SCTP uses a verification flag.

7. Address Resolution Protocol (ARP)

In an Ethernet-based LAN, each network interface has a hardware address, which is a 48bit value used to identify different Ethernet devices,You must know the hardware address of the network device in the LAN to send data to the target host. The destination address for data transmission in the Internet is the IP address.To transmit data correctly, you must establish a correspondence relationship between IP addresses and hardware addresses. ARP serves this purpose.

ARP provides dynamic ing between IP addresses and hardware addresses. ARP high-speed cache maintains this ing relationship, which stores the ing records from the last IP address to the hardware address, and the survival time of each record in the high-speed cache is 20 minutes, the start time is counted from the time when the ing relationship is established.

AvailableArp-a commandView the ARP cache.

ARP group data format:

ARP is implemented by broadcasting over Ethernet, querying the destination IP address, responding to the host that receives the ARP request, and feeding back the MAC address of the local machine to the requested host.

The operation of ARP request response is very simple. It calls the values of the senders and receivers of the received data fields, and fills the values of the hardware addresses and IP addresses of all local machines into the appropriate positions of senders.