TCP/IP protocol family

Chapter 1 architecture and main protocols of the TCP/IP 1.1 TCP/IP protocol family

1.1.1 data link layer

The data link layer implements network drivers for Nic interfaces to process data transmission over physical media.

Two common protocols on the data link layer are ARP (addressresolve protocol, Address Resolution Protocol) and RARP (Reverse Address Resolve Protocol, Reverse Address Resolution Protocol ). They implement mutual conversion between IP addresses and physical machine addresses.

The network layer uses IP addresses to address a machine, while the data link layer uses physical addresses to address a machine. Therefore, the network layer must first convert the IP addresses of the target machine into their physical addresses to use the services provided by the data link layer, this is the purpose of ARP. RARP is only used for some diskless workstation on the network. Because of the anti-storage device, diskless workstation cannot implement its own IP address, but they can use the physical address on the network card to query its own IP address from the network manager. The Network Manager running the RARP service usually has a ing between the physical address and IP address of the machine on the network.

1.1.2 Network Layer

The Network Layer selects and forwards data packets. The task at the network layer is to select intermediate nodes such as routers to determine the communication path between the two hosts. At the same time, the network layer hides the details of the network topology connection from the upper layer protocol, so that in the transport layer and network applications, the communication parties are directly connected.

IP protocol (Internet Protocol) is the core protocol at the network layer ). The IP protocol determines how to deliver a packet based on the destination IP address. The IP protocol uses the hop-by-hop method to determine the path.

Another important protocol at the network layer is ICMP (internrtcontrol Message Protocol), which is mainly used to check network connections. ICMP messages are classified into two types: error messages, which are used to respond to network errors, and Query Packets, which are used to query network information. The Ping program uses ICMP packets to check whether the target packets are reachable.

As shown in, the 8-bit field is used to differentiate the message type, and the code field is used to further segment different conditions. Cyclic Redundancy check (cyclic redundancy check, CRC) is performed for the entire packet using 16 as the checksum ).

1.1.3 Transport Layer

The transport layer provides end-to-end communication for applications on two hosts. Different from the hop-by-hop communication mode used by the network layer, the transport layer only cares about the start and destination ends of the communication.

The transport layer is responsible for data transmission and receiving, and link timeout and re-transmission.

The transport layer has three main Protocols: TCP, UDP, and sctp.

The TCP protocol provides reliable, connection-oriented, and stream-based services for the application layer.

User Data Protocol (UDP) provides unreliable, connectionless, and datagram-based services for the application layer.

Sctp protocol (Stream Control trasmission Protocol) is designed to transmit telephone signals over the Internet.

1.1.4 Application Layer

The application layer is responsible for application logic. The above layer-3 protocol system is responsible for handling network communication details, which must be stable and efficient, so it is implemented in the kernel. The application layer is implemented in the user space.

There are many application layer protocols, for example:

Ping is an application-layer sequence, not a Protocol: use ICMP packets to detect network connections

Telnet is a remote logon protocol.

The openshortest path first (openshortest path first) Protocol provides a dynamic routing update protocol for communication between routers to inform each other of their route information.

DNS (Domain nameservice Domain Name Service) Protocol provides the conversion from a machine domain name to an IP address.

The application layer protocol may skip the transport layer and directly use the services provided by the network layer, such as ping and OSPF. Generally, you can use both TCP and UDP services, such as the DNS protocol.

You can view all well-known application layer protocols in the/etc/services file.

1.2 Encapsulation

The upper layer protocol uses the services provided by the lower layer through sub-assembly. Application data is transmitted from top to bottom along the protocol stack before being sent to the physical network. Each layer of the Protocol adds its own header information (sometimes including the tail) on the basis of the upper layer data to implement the features of this layer. This process is encapsulation.

The data encapsulated by TCP becomes a TCP packet segment, and the data encapsulated by UDP becomes a UDP datagram. They do not need to save copies for the application layer because the service provided by UDP is unreliable. When a UDP datagram is successfully sent, the data in the UDP kernel buffer is discarded. If the application layer detects that the datagram is not received correctly and intends to resend the datagram, then, the application layer needs to copy the datagram from the user space to the UDP kernel sending buffer. When a TCP packet is sent, the copy is saved in the TCO buffer.

Data encapsulated by an IP address becomes an IP datagram, which also includes header information and data. The data part is the TCP packet segment, UDP datagram, or ICMP packet.

The data encapsulated by the data link becomes a frame.

The maximum transmission unit (MTU) of a frame, that is, the maximum amount of upper-layer data that can be carried by a frame. Generally, the network is limited. The MTU of Ethernet is 1500 bytes. Frames are the sequence of bytes finally transmitted over the physical network.

You can use the ifconfig command to view MTU values and display or configure network devices (network interface cards ).

1.3 Sub-Use

When the frame reaches the target host, it will be passed up one time along the protocol stack. Each layer protocol processes the header data of the current layer at a time to obtain the required information and hand over the final processed frames to the target application. This process is called sub-use. The use of this function depends on the Type field in the header information.

The Type field in the header information provided by the frame is used to distinguish IP, ARP, and RARP. The IP field value is 0x800, ARP is 0x806, and RARP is 0x835.

The header of an IP datagram uses 16 protocol fields to distinguish icmo, TCP, and UDP.

TCP and UDP distinguish the last application by the port number in the header. For example, the DNS port number is 53, and the http port number is 80. Therefore, the port numbers used by well-known Application Layer Protocols can be found in/etc/services.

Please specify the source for reprinting. Thank you ~~