Tcp,udp,ip Summary

One. What are the main functions of the transport layer?

Split and reassemble the data streams provided by the upper layer to provide end-to-end transport services for the data flow.

two. How does the transport layer differentiate the data flow of different applications?

Because, for the transport layer, it only needs to know which service program on the target host responds to the program, without needing to know what the service program is doing. Therefore, we only need to be able to represent these applications and service programs abstractly. We use the port number to identify each network program abstractly.

The transport layer of TCP and UDP can receive traffic from multiple applications, identify them with a port number, and then send them to the Internet layer for processing; At the same time, TCP and UDP receive packets from the Internet layer, differentiate them by port number, and then hand them over to different applications.

Therefore: the different port numbers on the same IP address (the same target host) are two different links. The IP address and port number are used to uniquely determine the destination of the data on the network.

Three. What are the transport layer protocols?

Two major protocols for the Transport Layer: TCP (Transmission Control Protocol) UDP (User Packet protocol)
TCP is a reliable, link-oriented protocol, and UDP is unreliable or non-connected.
You can use the phone and send text messages to illustrate the relationship:

UDP is like texting, just send out, as to whether the other party is not an empty number (network unreachable) can receive (lost packets) and so do not care.

TCP seems to call, the two sides to call, first of all, to determine the other side is not the boot (the network can reach), and then to determine whether there is no signal (), and then also need to answer (communication link).

Four. What is a UDP protocol?

The UDP packet structure is as shown

Source Port (16)	Target Port (16)
Message Length (16)	Checksum (16)
Data (variable)

UDP provides an unreliable, non-connected packet delivery for the application, so UDP messages can be lost, scrambled, duplicated, delayed, and so on.

Because it does not provide reliability, it has very little overhead. (The cost is very small specifically what?) secret below)

Five. Why do I need TCP for UDP?

As already mentioned in question 4, UDP provides a non-connected, unreliable packet delivery for the application. When the network hardware fails or the burden is too heavy, the packet may be lost, duplicated, delayed, disorderly sequence phenomenon. These will cause our communication to be abnormal. It is very necessary for us to use an independent communication protocol to ensure the reliability of the communication if the application is given the task of error control, which will undoubtedly bring a lot of complicated work to the programmer.

Six. What is the TCP protocol?

Transmission Control Protocol TCP is a link-oriented, reliable communication protocol.

1. A three-time handshake is required to establish a link before starting the transfer
2. Reliability: In the transmission process, the communication between the two sides of the Protocol module continue to communicate
3. After the communication is over, both parties will use the improved three handshake to close the link

TCP packet structure such as

Source Port (16)	Target Port (16)
Serial Number (32)
Answer Number (32)
Head Length (4)	Reserved (6)	Encoder bits (6)	Windows (16)
Checksum (16)	Emergency (16)
Optional (if available, 0 or 32)
Data (variable)

* * Seven. How do you understand the protocols and procedures? **

Like our custom application-layer protocol: The protocol simply gives a set of specifications that govern how we should (according to what rules) keep the data.

Transmission between computers is always binary bytecode (for the transport layer, can be understood as the transmission is always the lower IP packets), is the computer program through the logical analysis of these bytecode, judge, to control the program to complete error control and other functions.
As for the resolution of these bytecode programs, you can have a different implementation, as long as we follow the rules to resolve, and make corresponding control, we can write a program ourselves is to achieve the corresponding function.

Knowing this, obviously, we can also use the Jpcap mentioned above to implement a Java-based TCP or UDP protocol. You can refer to the TCP source code under Linux. /net/ipv4/udp.c /net/ipv4/datagram.c /net/ipv4/tcp_input.c /net/ipv4//tcp_output.c /net/ipv4/tcp.c

Eight. Does TCP really have a link?

We all know that TCP through the completion of three handshake to establish the link, but this connection is facing virtual circuit, is not physically exist, just the TCP program on both sides, logically think that the establishment of such a link .

Nine. How are links created (logically)?

Suppose: When we start a program on host a, we link to Port 9091 on Host B via TCP.

What is the whole process like? Logically, we can understand the process of establishing a link:

1.syn:seq=x;

1.1 A TCP program that assigns a port to this link (set to 9090).
1.2 The state of the TCP connection is also logically set to: Connecting. (by adding a record in the link state table, the status in the record is: connecting)

Guess:

In a TCP program, you should have a table that maintains the state of the link, where each state should have: Native address (IP plus port), offset address, link status

1.3 At the same time, randomly generates an initial sequence number x, generates a TCP packet, sets the initialization sequence number x to the serial number in TCP, and sends it to Host B.

2.syn:seq=y ack:ack=x+1;

2.1 B on the TCP program receives the packet, querying the 9091 port status if it can be linked.
2.2 Similarly, the state of the TCP connection is logically set to: connecting
2.3 At the same time, randomly generate an initialization sequence number Y, based on the received sequence number x, generate the answer number x+1, generate a TCP packet, set the serial number and the answer number respectively into the TCP header, the TCP packet to host a.

3.syn:seq=x+1 ack:ack=y+1.

The TCP program on 3.1 a receives the packet and queries the 9090 port status.
3.2 According to the Syn:seq=y received; ack:ack=x+1; Encapsulation of a TCP packet syn:seq=x+1; ack:ack=y+1; Send to Host B. At the same time, the TCP program sets the status of the record in the link state table to connected.
3.3 Host B receives the packet, and the TCP program sets the status of the record in the link state table to connected.

At this point, a TCP link establishment (three handshake) is completed.
We can see:
First: All the IP packets are sent, but only the packets received are given to the TCP program for processing.
Second: link state, just a logical state in a TCP program.

Ten: The so-called establishment of TCP link overhead is very large, specifically what?

From nine, it's easy to see. To resume a TCP link, a successful transfer of IP packets must be made three times.

11: What is the purpose of the three-time handshake?

TCP is link-oriented, and in a link-oriented environment, you must first establish a link between the two midrange before you begin transmitting data. The process of establishing a link ensures that both sides of the communication are ready to transmit and receive data before sending the application packet. And the two sides of the communication unified the initialization sequence number.

12: How does TCP provide reliability?

In the transmission process, the Protocol module of both sides of the communication continues to communicate, thus ensuring the reliability of the transmission.
for Disorderly order: The serial number is initialized when a link is made through a three-time handshake. During the transfer, TCP continues to use this serial number to mark each piece of data sent, without transmitting a data segment, plus a serial number. The receiving party reload the received data segment based on the serial number.
for packet loss : In the transmission process, the receiver receives a data segment, the ACK answer code is used to reply to the sending side of an IP packet to answer, confirm the ACK is used to tell the sender which packets have been successfully received, the sender of the message segment is not answered to provide retransmission.
for duplicates : After receiving the data segment, view the serial number, and if the change packet has been successfully received, discard the data segment later.
for delay : delay caused by the first problem is that the packet reaches the receiving end of the chaotic sequence.
When the delay is serious, the receiving end has not received the data segment, it will not reply to the ACK, the sender is considered to lose packets, re-send.

13: What is the expected confirmation? What is positive confirmation with retransmission? What will be re-transmitted?

1. Confirmation number ack will tell the sender which data segments have been successfully received, and the confirmation number will indicate to the sender the next serial number that the receiving side wants to receive. That is, the ACK is the last data sequence number +1, which is called the expected acknowledgment .

2. In order to improve efficiency, we save the data segment in the buffer at the sending end, and the confirmation number from the receiving end is received by the sending side. This mechanism is known as " positive acknowledgment and retransmission".

3. When the sender does not receive the answer to that segment within a given time interval, the sender will retransmit that data segment .
Scenario 1: Network delay/loop, data segment loss
Scenario 2: Network delay, data segment delayed arrival
Scenario 3: Data segment arrives successfully, answer because 1.2 cannot be reached.

14: What is the function of serial number and answer number in TCP?

From the above 10,11,12, it is obvious to see

1. 1. 1. Reorganize data segments with serial numbers
      2. Rely on packets to eliminate duplicate packets in the network
      3. The reliability of TCP is improved by using serial number and response number for error retransmission.

16: Why do I need window technology?

As we have said earlier, the reliability of TCP is achieved through the expectation of confirmation. That is, after the sender sends a data segment, it needs to be confirmed by the other party before the next data segment is sent.
Therefore, assuming a data segment size of 64KB (IP packet maximum), a send and confirm the time required for 500MS, then, 1S, can only transmit 128KB of data, if the bandwidth is 1M, obviously waste bandwidth. In order to make full use of bandwidth, we use window technology. The sliding window allows the sender to send multiple data segments before receiving confirmation from the receiver. (the window size determines the number of data segments that can be sent before the acknowledgement is received)

17: How to achieve flow control?

The number of Windows determines the maximum traffic for the current transmission . When we in the transmission process, the communication both sides can dynamically negotiate the window size according to the network condition, adjusts the window size, can realize the flow control. (In each acknowledgment of TCP, a window notification is included in addition to the ACK)

18: The overhead of UDP is very small, what is the specific point?

1. Because UDP is not connected. There is no need for a complex three handshake to establish a connection until the data is transferred.
2. When transmitting data, there is no inter-protocol communication (acknowledgement signal), nor need to waste unnecessary processing time (receive confirmation signal to send again).
3; After the transfer is over, the port connection is no longer used with an improved three-time handshake.

19: How is the UDP packet, TCP packet size confirmed?

1. 1. 
      Both TCP and UDP packets need to be delivered to the Internet layer encapsulated as IP packets, and an IP packet with a length of 16 bits in the header, so the IP packet is up to 2 of the 16 parties, i.e. 65535(64KB also need to subtract various header lengths).
   2. 
      TCPcan be used to transfer large files because of the flow-oriented and the ability to fragment and reorganize large files with serial numbers. UDP, if you want to transfer more than 64KB of data, you need to do error control at the application layer.
   3. 
      To improve transmission efficiency and reduce network traffic (communication between protocols), TCP also transmits enough data at one time.
   4. 
      Because of the presence of MTU, TCP packets and UDP packets are not as large as possible. (Subcontracting in the routing, at the receiving end of the reorganization, increase the burden on the routing and receiving end, increase packet loss probability.) The packet is lost and the entire packet is re-transmitted. ）

20: What environment does UDP apply to? What environments does TCP apply to?

Environments that are suitable for UDP:
1. In an efficient and reliable network environment (no need to consider the problem of packet loss, chaos, delay, repetition, etc.) because UDP is a disconnected service without consuming unnecessary network resources (inter-Protocol Communication in TCP) and processing time (expected time to confirm), So the efficiency is much higher.
2. In light weight communication , when the amount of data that needs to be transmitted is small (can be contained within an IP packet). If we use the TCP protocol, then, to establish a connection, a total of 3 IP packets need to be sent, then data transfer, 1 IP packets, generate a confirmation signal IP packet, and then close the connection, need to transfer 5 IP packets. The utilization of IP packets using the TCP protocol is 1/10. With UDP, you only need to send an IP packet. Even if the packet is lost (the service is unsuccessful), the service can be re-applied (retransmission).

Note: Both UDP and TCP transmit IP packets. There is no difference in whether TCP or UDP will drop packets when the network environment is not good enough to cause drops. (If you consider sending drops, TCP is less efficient), just use TCP, and when the connection is successful, the TCP program will control the reliability.

UDP is ideal for environments in which a client sends a simple service request to the server . Such application-layer protocols include TFTP, SNMP, DNS, DHCP, and so on.
3. In the real-time requirements of a strong communication: In such as real-time video broadcasting and other real-time requirements of the environment, so as to allow a certain amount of packet loss (live game, the front of the lost package, the re-transmission has little meaning), UDP more suitable. (You can provide reliability based on the application layer protocol, not as restrictive as TCP.) ）

Environments suitable for the TCP protocol:

When the network hardware fails or the burden is too heavy, the packet may be lost, duplicated, delayed, disorderly sequence phenomenon. This can lead to the time when our communication is not normal . It is very necessary for us to use an independent communication protocol to ensure the reliability of the communication if the application is given the task of error control, which will undoubtedly bring a lot of complicated work to the programmer.

Tcp,udp,ip Summary