TCP/IP protocol (Transmission control protocol/internet Protocol Transmission Control Protocol/Internet Interconnection Protocol)
TCP/IP is a protocol Stack, including TCP, IP, UDP, ICMP, RIP, TELNET, FTP, SMTP, ARP, and many other protocols
The predecessor of the Internet, formerly the DoD, originated in the United States Department of Defense (the abbreviation), January 1, 1983, TCP/IP replaced the old network control Protocol NCP, becoming the cornerstone and standard of today's Internet LAN, which is maintained by the Internet Engineering Task Force
the hierarchy of the four-layer and OSI reference Model is defined as having a corresponding relationship
mainly summarizes the TCP and UDP protocol working principle and State
Characteristics of the TCP protocol: work at the transport level to the Connection protocol Full-duplex protocol semi-shutdown error checking data packaging into segments, sorting confirmation mechanism data recovery, retransmission flow control, sliding window congestion control, slow start and congestion avoidance algorithm
Features of the UDP protocol: Work at the transport layer to provide unreliable network access non-oriented connection protocol limited error checking transport performance high No data recovery characteristic TCP protocol header
Project |
Description |
Source port, destination port : |
A process on a computer wants to communicate with other processes through the computer port, and a computer port can only be consumed by one process at a time, so by identifying the source and destination ports, it is possible to know which two processes require communication. The source port and destination port are represented by 16 digits, and the number of ports on the computer can be estimated to be 2^16 |
Serial number : |
The number that represents the first byte of the data sent by this paragraph. Each byte of a stream of bytes transferred in a TCP connection is numbered sequentially. Since the serial number is represented by 32 digits, the serial number wraps up every 2^32 byte, starting at 0 again |
Confirmation Number : |
Indicates the number of the first byte of data that the receiver expects to receive from the sender's next message segment. Which is to tell the sender: I hope you (the sender) the next data sent the first byte of data is the number of this confirmation number |
Data offset : |
Represents the first ministerial degree of a TCP segment, which has a total of 4 bits, and is required to specify how long the TCP message segment is, because the TCP header contains a variable length option section. It indicates how far from the beginning of the TCP segment the data at the beginning of the TCP message segment. The unit of this field is 32 bits (that is, 4 bytes is the unit of calculation), 4-bit binary maximum represents 15, so the data offset is the TCP header max 60 bytes |
URG: |
Indicates whether the data sent in this section contains urgent data. The following emergency pointer field (urgent pointer) is only valid if urg=1 |
ACK: |
Indicates whether the previous confirmation Number field is valid. Ack=1, which means effective. The previous confirmation Number field is valid only when ack=1 is in effect. TCP stipulates that after the connection is established, the ACK must be 1, and the TCP message segment with the ACK sign is called the confirmation message segment. |
PSH: |
Tip the receiving application should immediately read the data from the TCP receive buffer to make room for receiving subsequent data. If 1, it means that the other party should immediately submit the data to the top-level application, rather than caching it, if the application does not read the received data, it will stay in the TCP receive buffer |
RST: |
If you receive a rst=1 message stating that there is a serious error with the connection to the host (such as a host crash), you must free up the connection and then re-establish the connection. Or the last data sent to the host problem, the host refused to respond, with the RST sign of the TCP message segment called the Reset message segment |
SYN: |
used when establishing a connection, used to synchronize ordinal numbers. When Syn=1, ack=0, indicates that this is a request to establish a connection of the message segment, when Syn=1, Ack=1, said the other party agreed to establish the connection. Syn=1, stating that this is a message that requests to establish a connection or agree to establish a connection. Only in the first two handshake SYN is 1, TCP packet with SYN flag is called synchronous message segment |
FIN: |
Indicates that the end of the connection is to be closed and that the tag data is sent. If the fin=1, that is to tell the other party: "My data has been sent, you can release the connection," a fin-labeled TCP segment is called the end of the message segment |
Window size : |
The amount of data that is now allowed to send the other side, that is to tell each other, from the confirmation number of this paragraph to allow each other to send the amount of data |
Checksum : |
Provide additional reliability |
Emergency pointer : |
Mark the position of the emergency data in the data field |
Options Section : |
The maximum length can be calculated according to the TCP header length. TCP header length is represented by 4 bits and the option portion is the longest: (2^4-1) *4-20=40 byte Common options: Maximum length of message segment : Maxium Segment Size, MSS window expansion : Windows scaling time stamp : Timestamps |
TCP handshake and waving mechanism
Three times handshake (establish a reliable TCP connection)
Four times wave (disconnect)
CLOSED There is no connection state LISTEN listening status, waiting for a connection request from a remote TCP port syn-sent after sending a connection request, wait for the other party to confirm syn-received after receiving and sending a connection request, wait for confirmation established On behalf of the transmission connection established, the two sides enter the data transfer status Fin-wait-1 active shutdown, the host has sent off the connection request, waiting for the other side to confirm Fin-wait-2 active shutdown, the host has received the other close transmission connection confirmation, waiting for the other send off transmission connection request Time-wait Completes bidirectional transmission connection shutdown, waits for all groups to disappear close-wait passively closes, receives the opposite party to turn off the connection request, and has confirmed Last-ack passively closes, waits for the last to turn off the transmission connection confirmation, and waits for all groups to disappear CLOSING both sides simultaneously attempts to turn off the transmission connection, Waiting for the other person to confirmTCP Timeout retransmissionIn the case of an abnormal network (when a timeout or packet loss begins to occur), a reliable service that TCP controls data transmission to ensure its commitment must be able to retransmit TCP segments that do not receive acknowledgement within the timeout period. For this reason, the TCP module maintains a retransmission timer for each TCP segment, which is started when the TCP message segment is first sent. The TCP module will retransmit the TCP segment and reset the timer if the receiver's response is not received within the timeout period
。 As to how the next retransmission timeout is selected, and the maximum number of retransmissions performed, is the two kernel parameters associated with the TCP retransmission policy and the TCP timeout retransmission:/proc/sys/net/ipv4/tcp_retries1, Specifies the minimum number of retransmissions that TCP performs before the underlying IP takeover, and the default value is 3/proc/sys/net/ipv4/tcp_retries2, which specifies the maximum number of retransmissions that TCP can perform before a connection is discarded, the default value of 15 (typically corresponding to 13~30min)TCP Congestion ControlTCP is to improve network utilization, reduce packet loss rate, and ensure the fairness of network resources to each data stream. The standard document for the so-called congestion control TCP congestion control is RFC 5681, which details the four parts of the congestion control:Slow Start(slow start),Congestion Avoidance(congestion avoidance),Fast retransmission(Fast retransmit) andRapid Recovery(Fast recovery). The Congestion control algorithm has many implementations under Linux, such as Reno algorithm, Vegas algorithm and cubic algorithm. They either partially or wholly implement the current congestion control algorithms used in these four parts
/proc/sys/net/ipv4/tcp_congestion_controlUDP Header
Port
The transport layer determines the application-layer protocol port number by using the port sign:
Port number range: 0-65535
IANA: Internet Digital Distribution Agency (responsible for domain names, digital resources, protocol allocations)
0-1023: System port or privileged port (available only to administrators), known as permanent allocation to fixed system applications, 22/TCP (SSH), 80/tcp (HTTP), 443/TCP (HTTPS) 1024-49151 : User port or registered port, but not strictly required, assigned to program registration for application use, 1433/TCP (SQL Server), 1521/TCP (Oracle), 3306/TCP (MySQL), 11211/TCP/UDP ( memcached) 49152-65535: Dynamic port or private port, client program randomly used port its scope definition:/proc/sys/net/ipv4/ip_local_port_rang Summary
TCP/IP protocol is one of the most important protocols of Ethernet, which needs to grasp the principle and understand the package structure well. Can use grab Bag tool Wireshark grab bag observation. Have a good promotion.