Protocol forest 03 IP race (IP, ARP, Rip, and BGP protocols)

Author: vamei Source: http://www.cnblogs.com/vamei welcome reprint, please also keep this statement. Thank you!

 

Network Layer)It is the most important layer to implement the internet. At the network layer, each LAN is connected to each other based on the IP protocol and eventually forms a global Internet. Higher-level protocols, whether TCP or UDP, must pass through the network layerIP data packet)To transmit information. The operating system also provides sockets at this layer, allowing you to directly operate the IP package.

IP packet is compliantIP protocolInformation (that is, the 0/1 sequence ).IP package. The IP package is dividedHeader)AndData).Data SectionIs the information to be transmitted,HeaderTo achieve TransmissionAdditional(This is similar to the header function of an Ethernet frame. If you are unfamiliar with the frame, refer to the article "small horn ).

 

IP package format

The IP protocol can be divided into IPv4 and IPv6. IPv6 is an improved version used to replace the IPv4 protocol in the future. For the purpose of this article, we can ignore the difference between the two for the moment. We only use IPv4 as an example. Below is the IPv4 format

For an IPv4 packet, the entire sequence is set according to 4 bytes.FoldFor better display

Similar to frames, the IP packet header has multiple regions. We focus on the redSource Address)AndDestination (destination address). They are bothIP address. The IPv4 address is 4 bytes in length (that is, 32 bits ). We usually divide IPv4 addresses into four decimal numbers, with each number ranging from 0 to 255. For example, 192.0.0.1 is an IP address. The address is written in the binary format in the IP packet header.

The IP address is a global address, which can recognize"Community"(LAN) and" House "(host ). This is achieved by classifying IP addresses.

IP class from to Subnet Mask

A 1.0.0.0 126.255.255.255 255.0.0.0

B 128.0.0.0 191.255.255.255 255.255.0.0

C 192.0.0.0 223.255.255.255 255.255.255.0

Each 32-bit IP address is divided into two parts: the first part is used to distinguish the LAN, and the second part is used to distinguish the host of the LAN.Subnet Mask (subnet mask)Tell us the dividing line between the two parts. For example, 255.0.0.0 (eight digits 1 and 24 digits 0) indicates that the first eight digits are used to distinguish the LAN, and the last 24 digits are used to distinguish the host. As classification A, B, and C have been defined, when an IP address belongs to the scope of Class B, we know that the first 16 bits and the last 16 bits represent the LAN and host respectively.

 

Network adapter and Router

According to the Postmaster and post office, IP addresses are allocated to each house (computer )."Zip code". However, this statement is not accurate. What the IP address actually recognizes isNic(NIC, network interface card ). A network adapter is a hardware of a computer. After receiving network information, it delivers the information to the computer (processor/memory ). When the computer needs to send information, it also needs to be sent through the NIC. A computer may have more than one network card, for example, an Ethernet card and a Wi-Fi network card in a notebook. When receiving or sending information, the computer must first decide which network card to use.

Nic

 

Vro(Router)It is actuallyMultiple NICs. It allows the network adapter to access different networks.Postmaster and PostmasterAs mentioned inPost Office. For exampleCenter PositionThe vro has two NICs, with the addresses 199.165.145.17 and 199.165.146.3 respectively. They are connected to two networks: 199.165.145 and 199.165.146.

 

 

IP packet transmission

The transmission of an IP packet must pass through the router. Each host and route hasRoute table(Routing table). The route table specifies the route for the IP address of the destination to be sent. It's like a road sign. if the address is "Tokyo", turn to the left. If the address is "Sydney", turn to the right.

A real world routing table

 

For example, we generate an IP package sent from host 145.17 to host 146.21: Spread out the letter paper and write the beginning of the letter (the rest of the data can be a TCP packet, a UDP packet, or any gibberish word, we do not care about it for the moment), noteDestinationIP address (199.165.146.21) and outbound IP address (199.165.145.17 ). Host 145.17 is followed by reference to its own routing table, which contains three rows of records:

145.17 routing table (genmask is the subnet mask, and iface is used to describe which Nic interface is used)

Destination gateway genmask iface

199.165.145.0 0.0.0.0 255.255.255.0 eth0

0.0.0.0 199.165.145.17 0.0.0.0 eth0

There are two rows of records.

The first line indicates that if the IP address destination is a host on the network of 199.165.145.0, you only need to transmit the IP address directly from the network adapter on eth0 ("Local Community ":Direct delivery), Do not need to go to the router (Gateway 0.0.0.0 = "local mail ").

The second line indicates that all IP addresses that do not match the first line should be sent to Gateway 199.165.145.17, that is, the IP address of the NIC connected by the Intermediate router in eth0 (the branch of the Post Office in eth0 ).

The destination of our IP package is 199.165.146.21, which does not conform to the first line. Therefore, it is sent to the middle router according to the second line. Host 145.17 will put the IP packet into the payload of the frame, and write the MAC address corresponding to 199.165.145.17 in the frame header, so that the packets can be transmitted in the LAN according to the method in the small horn.

 

Intermediate RouterAfter receiving the IP address package (in fact, it is the frame of the Ethernet protocol, and then reads the IP address package from the payload in the frame), extracts the destination IP address, and then compares it with its own routing table:

Destination gateway genmask iface

199.165.145.0 0.0.0.0 255.255.255.0 eth0

199.165.146.0 0.0.0.0 255.255.255.0 eth1

0.0.0.0 199.165.146.8 0.0.0.0 eth1

From the first two lines, we can see that because the router spans two networks: eth0 and eth1, it can directly transmit IP packets through the network adapter on eth0 and eth1.

The third line indicates that if the IP address is outside the first two lines, it must be sent to 199.165.146.8 (the router on the right) through eth1 ).

Our destination conforms to the second line, so we put the IP address into a new frame,

Write the MAC address 199.165.146.21 in the frame header and send it directly to host 146.21.

(In Linux, you can use$ Route-nTo view the routing table)

 

The IP packet can be further relayed to a host farther away. The IP packet starts from the host and is indirectly loaded on the router according to the routing table of the router along the route. The IP package eventually reaches a certain router. the router and the target host are located in a LAN and can directly establish communication at the connection layer. Finally, the IP packet is sent to the target host. Such a process is calledRouting(We call itIP packet transmissionWell, the word routing is too much ).
During the whole process, IP packets are constantly encapsulated into frames (envelopes) by hosts and routes, and then transmitted between NICs in the LAN Using the connection layer. During the entire process, the content of our IP package remains complete and remains unchanged. The final result is that an IP packet is transferred from one host to another. Using the IP package, we don't need to worry about what happens at the underlying layer (such as the connection Layer.

 

 

ARP Protocol

In the above process, we actually assume that every host and route can understandRelationship between IP addresses and MAC addresses in the LANThis is the basic condition for encapsulation to frame. The corresponding IP address and MAC address are transmitted to each host and route in the LAN through arp. Each host or route has oneARP cacheUsed to store how IP addresses correspond to MAC addresses in a LAN.

The ARP Protocol (ARP is between the connection layer and the network layer, and the ARP packet must be enclosed in one frame) works as follows: the host sends an ARP packet, the ARP package contains its own IP address and MAC address. Through ARP packets, the host usesBroadcastTo query all hosts and routes on the LAN:I am an IP address XXXX and my mac address is XXXX. Does anyone know the MAC address of 199.165.146.4?The host that owns this IP address will reply to the host that sends the request: Oh, I know, this IP address belongs to one of my NICs, and its MAC address is xxxxxx. Because the host sending ARP requests adopts the broadcast format and has its own IP address and MAC address, other hosts and routes will check their ARP cache at the same time. If they do not match, update your ARP cache.

In this way, after several ARP requests, the ARP cache will be stable. If the device on the LAN changes, ARP repeats the above process.

(In Linux, you can use$ ARPCommand to view the ARP process. ARP is only used for IPv4. IPv6 uses Neighbor Discovery Protocol to replace arp .)

 

Routing table generation

Another assumption is that each host and route already exist.Reasonable routing table. This routint table describes the networkTopology(Topology)Structure. If you know your network connection, you can write your host's routing table. However, a vro may have multiple egress ports, so the routing table may be very long. More importantly, other vrouters connected to the surrounding area may change (for example, new vrouters or damaged vrouters), so we need the routing table to direct traffic to other outlets in time. We need a more intelligent detection of the surrounding network topology, andAutomatic GenerationRouting table.

Let's take the Beijing Metro as an example. IfAirportGoChaoyangmenThen you can take the Terminal 2->Sanyuan Bridge->Dongzhimen->Chaoyangmen. Terminal 2 and chaoyangmen are the departure and destination hosts respectively. The Sanyuan bridge and Dongzhimen are two routers in the middle. IfSanyuan Bridge->DongzhimenBecause the service is out of service, we need to change the routing table of Sanyuan bridge to instruct the passengers (IP packets) heading to chaoyangmen: Take the following route:->Zhuju. Then, follow the routing table of the zhuju to go to chaoyangmen (zhuju->Dongzhimen->Chaoyangmen ).

 

 

A protocol used to generate a routing table is Rip (Routing Information Protocol ). It uses Distance To determine the routing table, so it belongs to distance-vector protocol. For Rip, the so-called distance is from the departure location to the destination Number of routers (HOP number ). For example, from the airport to the chaoyangmen, follow Terminal 2->Sanyuan Bridge->Dongzhimen->Chaoyangmen route, two routers at a distance of 2 . We can manually generate the routing table of Sanyuan bridge. Subsequently, according to the RIP Protocol, sanyuan bridge broadcasts its own distance to each IP address (for example, to the airport = 0, tuanjie Lake = 0, Guomao = 1, Wangjing West = 1, jianguomen = 2 ). The router and host that receive the rip package Rip package And Distance from the host to which the rip package is sent To calculate the distance to each IP address. The distance between Dongzhimen and sanyuan bridge is 1. The distance from Dongzhimen to the airport is 1 + 0 = 1 if you receive the rip package of Sanyuan bridge. If the rip record of the Dongzhimen is far from that (for example, Dongzhimen> zhuju> Sanyuan bridge> airport = 2 ). Change the routing table of Dongzhimen: the traffic to the airport is routed to Sanyuan bridge instead of zhuju. If the rip record of the Dongzhimen is not bad, the Dongzhimen keeps the routing table unchanged. The above process repeats the rip broadcast/calculate distance/update routing table process at each point, and all hosts and routers can generate the most reasonable path (merge ).

(The basic logic of RIP is: if A is 6 away from B and I am 1 Away From A, the distance from A to B is 7)

For technical reasons (looping hops), rip considers that IP addresses over 15 cannot arrive. Therefore, rip is more used in the Internet (such as the entire China Telecom Network ). Such an internet part often belongs to the same ISP or has the same management organization, so it is called an autonomous system (as, autonomous system ). Hosts and routes inside the autonomous system are directed to the externalVBRCommunicate with other Autonomous Systems.Between vbrsBGP(Border Gateway Protocol) to generate the routing table for the other as, while the autonomous system internally uses rip to determine the routing table by referring to the VBR. The basic work process of BGP is similar to that of RIP, but while considering the distance, it also balances other factors such as policy and connection performance, and then determines the routing table ).

 

Summary

We first talked aboutIP packet relay process based on routing table. In order to achieve the smooth implementation of the relay, we further go deepARPAndRip/BGP. All three Protocols assist in IP transmission. ARP allows each computer and router to know the ing between the IP address and the MAC address in their LAN, so as to smoothly encapsulate the IP packet to the frame. The RIP Protocol can generate a reasonable routing table in the autonomous system. The BGP protocol can generate a routing table outside the autonomous system.

Throughout the entire process, we focus on the transmission of large IP packets, while deliberately ignoring some details. The above IP address relay process applies to IPv6.

 

Welcome to the "protocol Forest" Series