Chapter 2 network access layer protocols and hardware network access layers contain services and specifications for managing the physical network access process. In the real world, there are many different types of physical networks, all of which have their own specifications and may be used as the basis of the network access layer.
Chapter 2 network access layer protocols and hardware network access layers contain services and specifications for managing the physical network access process. In the real world, there are many different types of physical networks, all of which have their own specifications and may be used as the basis of the network access layer.
Chapter 2 network access layer
Protocols and hardware-- The network access layer contains the services and specifications used to manage the physical network access process. In the real world, there are many different types of physical networks, all of which have their own specifications and may be used as the basis of the network access layer. The Network Adapter Driver works with some key underlying components of the operating system and protocol software to manage the main tasks related to the network access layer. The modularization of the protocol stack enables software components in the network access layer dealing with hardware to provide interfaces for the upper layers unrelated to hardware.
Network access layer and OSI model-- The physical layer in the OSI model is responsible for converting data frames into bit streams suitable for transmission media. The data link layer completes two independent tasks, which are divided into two child layers: Media Access Control (MAC) and Logical Link Control (LLC ). The MAC Sub-layer is responsible for communicating with the network adapter; the LLC sub-layer is responsible for detecting errors and managing links between subnet devices.
Network System:
Ø IEEE 802.3 (Ethernet)
Ø IEEE 802.11 (Wireless Network)
IEEE 802.16 (WiMAX): A technology used for long-distance wireless connections in mobile communications.
Point-to-Point Protocol (PPP): the technology by which the modem connects over a telephone line.
Physical addressing-- The IP address used by the Ethernet software is a physical IP address, also known as a MAC address. It is not a logical IP address, but the IP address is mapped to the IP address on the interface on the Internet layer.
Ethernet-- The access method used by Ethernet is to use a carrier with conflict detection to listen for multiple accesses (CSMA/CD ). Traditional Ethernet works well at low load, but performance may be affected due to increased conflicts under heavy load. In modern Ethernet, switches can be used to manage communications to reduce conflicts.
Parse Ethernet frames-- After the Ethernet software receives the datagram from the Internet layer, perform the following operations:
1. Break down the data into small pieces of 64-1518 bytes;
2. Package data blocks into frames. Ethernet frames generally include the forward guide code, target address, source address, length, data, and frame verification sequence (FCS;
3. transmit the data frame to the underlying component of the physical layer. The latter converts the frame into a bit stream and sends it out through the transmission media.
Other adapters on the Ethernet receive this frame and check the target address. If the target address and network adapter address are the same, the adapter software processes the received frame and transmits the data to the higher layer in the protocol stack.
Chapter 2 Internet Layer
Addressing and sending-- In a selected route network, the TCP/IP software uses the following policy to send data on the network:
1. If the destination address and source address are in the same network segment, the IP address is resolved as a physical address by ARP, and the data is directly sent to the target network adapter.
2. If the destination address and source address are not in the same CIDR Block, execute the following process:
A) the datagram is directed to the gateway. The gateway address is resolved as a physical address by ARP, and the data is sent to the network adapter of the gateway.
B) the datagram is forwarded to a higher-level network segment through the gateway. If the destination address is in the new CIDR Block, the data is sent to the destination; otherwise, the data is sent to another gateway.
C) the datagram is forwarded to the destination CIDR Block through a series of gateways. The destination IP address is resolved as a physical address by ARP, and the data is sent to the target network adapter.
Internet Protocol (IP)The IP protocol is used to address, send, and route data. It provides a hierarchical hardware-independent addressing system and provides services required to transmit data on a complex routing network. The IP address consists of the network ID and host ID. The new classless Inter-Domain Routing (CIDR) technology re-constructs the classless routing selection process originally used to allocate Class A, Class B, and class C addresses. CIDR replaces the limitations of the original address structure on the address network with a prefix of 13-27 BITs (the network IDs of the three types of addresses are limited to 8 bits, 16 bits, and 24 BITs respectively ).
IPHeader field-- The IP header contains a large amount of information, including the IP version, source IP address, target IP address, datagram length, TTL, and special instructions on the router.
IPAddressing --
Ø if the 32-bit address starts with 0, it is A Class A address (the first field value is 0 ~ 127 );
Class B addresses starting with 10 (128 ~ 191 );
Class C address (110 ~ 223 );
Class D address (1110 ~ 239) for multicasting;
Ø Class E address (11110 ~ 247). It is experimental and is generally not used in the actual environment.
Theoretically, each computer on the Internet must have a unique IP address. In fact, the use of proxy server software and network address translation (NAT) devices allows unregistered and non-unique addresses to connect to the Internet.
Special IP address --
All 0 Host IDS indicate the network itself.
Ø the network ID is not full 1, and the host ID is full 1 is a targeted broadcast.
The IP address of full 1 indicates that only the network (that is, the LAN connected to the host) is broadcast, which is called restricted broadcast.
The address starting with 127 is the return address. The message with the target address as the return address is sent by the local TCP/IP software. The purpose is to test whether the TCP/IP software works normally. The usual return address is 127.0.0.1.
Some of the following IP addresses are used in private networks: 10.0.0.0 ~ 10.20.255.255; 172.16.0.0 ~ 172.31.255.255; 192.168.0.0 ~ 192.168.255.255.
Ø address range: 169.254.0.0 ~ 169.00000000255 is retained for automatic configuration.
Address Resolution Protocol (ARP)-- Each host in the CIDR Block stores an ARP table or a ARP cache table in the memory, which contains the correspondence between the IP addresses of other hosts in the CIDR Block and the physical addresses. If the IP address for receiving data does not exist in the ARP cache, the host sends a broadcast called ARP request frame.
Reverse ARP (RARP)-- RARP is often used together with the BOOTP protocol to start a diskless workstation. The OS downloaded from the network server to the BOOTP device is predefined as a specific IP address.
Inter-network control packet Protocol (ICMP)-- The router uses an ICMP message to notify the source IP of problems in data transmission. ICMP also provides other debugging and Fault Diagnosis functions. Common ICMP messages are as follows:
Echo Request (Echo Request) and Echo Reply (Echo response): ping the Echo Request and Echo Reply commands actually used.
Source Quench: the Source computer can be notified to reduce the speed of data transmission.
Ø Destination Unreachable (the target cannot be reached)
Ø Time Exceeded (timeout): When the datagram is discarded because the TTL is 0, ICMP will send the message.
Ø Fragmentation Needed (need to be decomposed): When the non-decomposition bit of the datagram is set to 1, and the router needs to be decomposed before it can be sent, ICMP will send this message.
Other network-layer protocols, such as Border Gateway Protocol (BGP) and route information protocol (RIP) used for routing ). The Ipsec protocol also works on the Internet layer to provide a secure encrypted communication. The Protocol for broadcasting is also included.
Chapter 2 subnet and CIDR
Subnet-- The network is divided into small units based on class A, Class B, and class C addresses, that is, layer-4 logical organization is provided under the network ID.
Divide Networks-- Use some bits in the host ID to form a subnet address. A parameter named subnet mask specifies how many bits in the address are used for subnet identification and how many bits are reserved as the actual host identity.
Classless Internet Domain Routing (CIDR)-- CIDR does not need to use the address classification system to flexibly divide the address space. It uses a CIDR prefix (also called a variable-length subnet mask VLSM) the number of bits in the specified address as the network identifier. One of the advantages of CIDR is that it can not only divide the network into subnets, but also allow the ISP or administrator to merge multiple consecutive Class C networks or form an entity, which greatly simplifies the network route table. In this case, the CIDR prefix plays the role of the so-called netmask.
Chapter 4 Transport Layer
Introduction to Transport Layer-- The transport layer protocol provides the following functions:
Provide interfaces for network applications
Multi-channel transmission/multi-channel decomposition mechanism: enables a computer to support multiple network programs at the same time, and enables a network program to maintain connections with multiple computers at the same time.
Ø error detection, flow control, and verification
Transport Layer Concept
Connection-oriented and connectionless protocols establish and maintain a connection between communication computers and monitor the connection status during the communication process. If there is no connection protocol, data is sent to the target in one way. No notification is sent and no confirmation is sent.
Ø port and socket-the port is a predefined internal address and acts as a channel between the network application and the transport layer. A socket is an address composed of an IP address and a port number. A public port is the port allocated to a specific program by the international Internet address assignment board (IANA.
Ø multi-channel transmission/multi-channel decomposition-the socket addressing system enables TCP/UDP to implement multi-channel transmission/multi-channel decomposition, the latter frees TCP/IP protocol stacks from worrying about which program is transmitting data over the underlying protocol.
TCP: Connection-oriented transmission protocol-- Includes the following important features:
Stream-oriented processing: TCP can receive data in one byte, rather than one predefined data block at a time. TCP sends the received data into an indefinite segment and then transmits it to the Internet layer.
Ø re-sorting: if the data arrives in the wrong order, TCP can re-sort the data.
Ø throttling: ensures that data transmission does not exceed the data reception capability of the target computer.
Ø priority and security: Many TCP instances are not implemented.
Ø close properly: ensure that all data segments are transmitted and received before the connection is closed.
TCPData format-- Source port, target port, serial number, validation number, data offset, retain 6-bit field, control mark, window, checksum, emergency pointer, option, fill, Data.
TCPConnection-- Generally, applications that want to receive connections (such as FTP service programs) place themselves and their TCP ports in the passive open state. On the client computer, the TCP status of the FTP client is generally closed until the user initializes a connection from the FTP client to the FTP server, which is actively opened on the client.
Establish a connection:
1. Computer A sends A data segment, where SYN = 1, ACK = 0, and serial number = isn of;
2. After receiving data from computer B, computer B returns A data segment, where SYN = 1, ACK = 1, serial number = ISN of B, validation number = The Last serial number received from A M + 1;
3. Computer A sends A Data Segment confirmation to computer B, where SYN = 1, ACK = 1, serial number = M + 1, confirmation number = The Last serial number N + 1 received from B.
After the three-way handshake is complete, the connection is opened, and the TCP module sends and receives data using the serial number and confirmation mechanism.
Ø TCP throttling: The receiving computer uses the window field to define a window that exceeds the last confirmed serial number. Only serial numbers within this range can be sent to the computer.
Ø close the connection: computer A sends A data segment, where FIN = 1. After receiving the data segment, computer B returns the confirmation message and sends the remaining data segment. B sends A FIN data segment to A, and A returns the confirmation message, and the connection is closed.
UDP: No connection Transfer Protocol-- UDP has a limited error check function and cannot re-Sort data. The connectionless design makes it the protocol used by network broadcast. The UDP header contains four 16-bit fields: Source Port, target port, length, and checksum.
Other transport layer protocols: Datagram congestion control protocols DCCP and stream control transmission protocols SCTP provide enhanced features that are not available in traditional TCP and UDP, while real-time transmission protocol RTP provides a structure for transmitting real-time audio and video.
Firewall and Port-- The basic function of the firewall is to block access to specific TCP and UDP ports. It not only prevents external users from accessing services inside the network, but also prevents internal users from accessing services outside the network.
Chapter 2 Application Layer
What is application layer?-- The TCP/IP application layer is a software component that can realize the network and send and receive data to the TCP or UDP port.
TCP/IPApplication Layer and OSI-- The corresponding layers of the OSI model are described as follows:
Application Layer: includes components that provide services for user programs and support network access.
Presentation Layer: converts data into platform-independent formats for encryption and data compression.
Session Layer: manages communications between programs on connected computers, and provides connection-related functions, such as name recognition and security.
NETWORK SERVICE-- The application layer contains a large number of network services for users, such as file and print services, name resolution services, remote access, Web services, post office services, and network management services.
Application Layer Protocols-- BitTorrent, common Internet service CIFS, Domain Name System DNS, Dynamic Host Configuration Protocol DHCP, file transfer protocol FTP, Finger, Hypertext Transfer protocol HTTP, Internet Message Access Protocol IMAP, Lightweight Directory Access Protocol LDAP, network file protocol NFS, Network Time Protocol NTP, Post Office Protocol POP, Remote Procedure Call RCP, server information block SMB, Simple Network Management Protocol SNMP, etc.
APIAnd Application Layer-- Network APIs provide interfaces for programs and network protocol stacks. Applications Use API functions to open and close connections, read and write data from the network.
TCP/IPTools:
Connect tools: ipconfig, ping, arp, traceroute, route, netstat, NBTstat, and hostname
Ø file transfer tools: ftp, tftp, and rcp
Ø remote tools: telnet, rexec, rsh, and finger
Internet tools: browser, news reader, email reader, archie, gopher, whois