TCP/IP (1)

I. TCP/IP structure:
TCP/IP is a layer-4 protocol with the following structure:
1. Application Layer: various applications and protocols, such as HTTP and FTP.
2. Transport Layer: TCP and UDP
TCP provides a reliable transport layer service, But UDP is not reliable, and data reporting cannot be ensured to arrive at the destination correctly.
3. Network Layer: IP, IGMP, and ICMP
The IP address provides an unreliable service, that is, to send packets from the source node to the target node as much as possible.
No reliability guarantee is provided. ICMP is a subsidiary protocol of IP addresses and is mainly used to exchange error messages. IGMP is a group management protocol used to multicast UDP datagram to multiple hosts.
4. Link Layer: Device Drivers and NICs

Ii. IP address and subnet mask
To learn the TCP/IP protocol, you must first mention the IP address. The IP address of each host is a 32-bit binary number. Each IP address is divided into two parts: the prefix and suffix. The prefix is used to determine the physical network to which the computer belongs, and the suffix is used to determine the individual computer on the network. Each physical network on the Internet has a unique value as the network number, which must be globally consistent.

1. IP address classification:
Class A, Class B, Class C, Class D, and Class E. Class A, Class B, and class C are basic classes, and Class D is used for multicasting, class E is a reserved class and is not used now. Their format is as follows (* indicates the network number ):
Class A: 0 ******** XXXXXXXX
Class B: 10 *************** XXXXXXXX
Class C: 110 *********************** XXXXXXXX
Class D: 1110 ***** XXXXXXXX
Class E: 1111 ***** XXXXXXXX

In this way, the range of Class A addresses is 0.0.0.0-127.255.255.255.
Class B address range: 128.0.0.0-191.255.255.255
Class C address range: 192.0.0.0-223.255.255.255
Class D address range: 224.0.0.0-239.255.255.255
Class E address range: 240.0.0.0-247.20.0000266
◆ Several special IP addresses
Network Address: in the IP address, the host address is all 0, for example, 128.211.0.0.
Broadcast address: in the IP address, all host addresses are 1 addresses, for example, 128.211.255.255.
Loop address: 127.0.0.1, mainly used for testing.

2. subnet mask:
Currently, all hosts require the support of subnet masks. Instead of regard IP addresses as simply a network number and a host number, they divide the host number into a subnet number and a host number. For example, if a Class B address (140.252) is used for the remaining 16 bits, 8 bits are used for the subnet number, and 8 bits are used for the host number. In this way, 254 subnets are allowed, each subnet can have 254 hosts. To determine the number of digits used for the subnet number and the number of digits used for the host number, the subnet mask is required. The bits with a value of 1 are reserved for the network number and subnet number, and the bits with a value of 0 are reserved for the host number.

3. encapsulation and sub-Use of data packets
1. encapsulation:
Application → TCP/UDP → IP → Ethernet
2. Sub-use:
Ethernet Protocol IP protocol TCP/IP Protocol Application

　

Ethernet Header (14)

IP Header (20)

TCP Header Department (20)

Application Data

Ethernet Tail (4)

Iv. IP header:
The IP protocol is the most core protocol in the TCP/IP protocol family. All TCP, UDP, ICMP, and IGMP data are transmitted in the IP datagram format. Two features of IP Address Transmission: unreliable and connectionless. The IP protocol does not guarantee that the datagram can successfully reach the destination, nor does it maintain the status information of subsequent datagram. It must be processed by the upper-layer protocol.

　

4-digit Version	Four heads Part Length	8-bit service type	16-bit total length (bytes)
16-bit ID			3-digit Flag	13-bit offset
8-bit TTL		8-bit Protocol	16-bit header Test
32-bit source IP address
32-bit destination IP address

IP header definition:

Typedef struct ip_hdr {unsigned char ip_verlen; // 4-bit version number // 4-bit header length (in 32-bit words) unsigned char ip_tos; // ip service type: Unsigned short ip_totallength; // The total length (in bytes) // the first 32-bit unsigned short ip_id; // identifies unsigned short ip_offset; // The Three-bit flag, 13-bit shard offset, # define ip_df 0X4000 // 0X4000 don't fragment flag # define ip_mf 0x2000 // 0x2000 more fragment flag # define ip_offmask 0x1fff // 0x1fff mask fragmenting bits // The second 32-bit unsigned char ip_ttl; // survival time unsigned char ip_protocol; // upper-layer protocol unsigned short ip_checksum; // first check and // third 32-bit unsigned int ip_srcaddr; // source IP address // The fourth 32-bit unsigned int ip_destaddr; // destination IP address // The Fifth 32-bit} IP address, ipv4_hdr, * p1_4_hdr, far * lp1_4_hdr;

Note: The first 4 bits of ip_verlen are currently 4, indicating IPv4, And the last 4 bits are 5, indicating that the header length is 5x4 = 20 bytes.
Ip_tos is a service type (type of service), aaabbbbc, and AAA is a priority subfield, which has been ignored and BBBB is a TOS subfield, representing: the minimum latency, maximum throughput, maximum reliability, and minimum cost must be 0 if C is not used. If BBBB values are both 0, it indicates a general service. Currently, most TCP/IP implementations do not support the TOS feature.
Ip_totallength is the total length of IP datagram, in bytes. Therefore, the theoretical maximum value is 65535, but it is impossible.
Ip_id uniquely identifies each datagram sent by the host. Generally, each sent packet has a value of 1.
The first three signs of ip_off are abc, A is reserved, must be 0, B is not sharded, and C is more.
The last 13 BITs after ip_off are the shard locations, measured in 8 bytes. Therefore, except for the last Shard, each shard is expected to be a data multiple of 8 bytes, so that the subsequent shard starts from the boundary of 8 bytes.
Ip_ttl is the life cycle of the IP report. Each time a router passes through, it is reduced by 1. If this field is 0, the datagram is discarded.
Ip_protocol: 1 = ICMP, 2 = IGMP, 3 = TCP, 17 = UDP
Ip_checksum is the first checksum of the datagram. The calculation method is as follows:

USHORT checksum(ip *ip, int size) {     unsigned long cksum=0;    while (size > 1)    {        cksum += * ((USHORT*)ip )++;     size -= sizeof(USHORT);   }   if (size)   {     cksum +=(USHORT) *(UCHAR*)ip;  }  cksum = (cksum >> 16) + (cksum & 0xffff);  cksum += (cksum >>16);  return (USHORT)(~cksum);}

ICMP, IGMP, TCP, and UDP protocols also use the same test algorithm.

5. Port Number: both TCP and UDP use a 16-bit local port number to indicate different programs.
1. Well-known port: generally between 1 ~ For example, the TCP port number of FTP is 21.
2. Temporary port. Because the client does not care about the port number, it only needs to be unique. Therefore, the system generally assigns a temporary port number.

Vi. Link Layer: (take Ethernet as an example, the address is 48bit)
1. Link Layer functions:
◆ Send and receive IP datagram for the IP Module
◆ Send ARP requests and receive ARP responses for the ARP Module
◆ Send RARP requests to the RARP module and receive RARP responses
2. Ethernet encapsulation. The encapsulation of Ethernet IP datagram is defined in RFC 894:

　

Destination Address (6)

Source Address (6)

Type (2)

Data (46-1500), including IP, ARP, and RARP

CRC (4)

For ARP and RARP request/response data packets, the size is only 28 bytes. To reach the minimum length of 46 bytes, you must add 18 bytes of padding bytes to the end.

VII. loopback address:
Generally, 127.0.0.1 is assigned to this interface and named as localhost. An IP datagram sent to the loopback interface cannot appear on any network.
1. Any data sent to the loopback address is input as an IP address.
2. Copy the datagram sent to the broadcast address and multicast address to the loopback interface and send it to the Ethernet.
3. Any data sent to the Host IP address is sent to the loopback interface.
8. Maximum Transmission Unit MTU:
Ethernet limits the length of data frames. The maximum value is 1500. This feature of the link layer is called the maximum transmission unit MTU. If an IP datagram is larger than MTU, the IP layer must be split to several parts. If the communication between two hosts is over multiple networks, the link layer of each network may have different MTU. What is important is not the MTU of the network where the two hosts are located. What is important is that the minimum MTU in the two host paths is changed to the MTU path.

9. IP Route Selection
If the target host is directly connected to the source host or both are in a shared network, IP datagram is directly sent to the target host. Otherwise, the host sends the data packet to a default vro, which forwards the data packet. The IP layer has a route table in the memory. When a packet is received and sent, it searches for the table once. When a datagram comes from a network interface, the IP address first checks whether the destination IP address is one of the local IP addresses or the IP broadcast address. In this case, the datagram is sent to the protocol module specified by the IP header protocol field for processing. Otherwise, if the IP layer is set as the router function, the datagram is forwarded, otherwise, the datagram is discarded.
Let's see what the route table is:

C: \ winnt \ system32> route print
========================================================== ========================================
Interface list
0x1... ms tcp loopback interface
0x1000003... 00 08 02 ca 2D 11... Intel 8255x-based integrated Fast Ethernet

========================================================== ========================================
Active routes:
Network destination netmask Gateway Interface Metric
Destination mask gateway host
0.0.0.0 0.0.0.0 192.1.8.26 192.1.8.84 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.1.8.0 255.255.255.0 192.1.8.84 192.1.8.84 1
192.1.8.84 255.255.255.255 127.0.0.1 127.0.0.1 1
192.1.8.255 255.255.255.255 192.1.8.84 192.1.8.84 1
224.0.0.0 224.0.0.0 192.1.8.84 192.1.8.84 1
255.255.255.255 255.255.255.255 192.1.8.84 192.1.8.84 1
Default Gateway: 192.1.8.26
========================================================== ======================================

Main functions of IP routing:
1. Search the route table to find the table that exactly matches the destination IP address. If yes, send the datagram to the next route or directly connected network interface specified in the table.
2. Search the route table to find a table that matches the destination network number. If yes, send the datagram to the next-Stop router or directly connected network interface specified in the table.