TCP/IP basics for Linux Network Programming (I): TCP/IP protocol stack and packet encapsulation

I. ISO/OSI reference model

The OSI (Open System Interconnection) Open System Interconnection model is a network layered model defined by ISO (International Organization for Standardization), which consists of seven layers, for example.

Physical Layer: the physical layer defines the specifications of all electronic and physical devices and provides a physical medium for upper-layer transmission. The unit of data transmission in this layer is bit ). Standards defined in this layer are EIA/TIA RS-232, EIA/TIA RS-449, V.35, RJ-45, etc., the actual use of equipment such as NIC belongs to this layer.

Data link layer: frames data from the bitstream received by the physical layer. Provides reliable data transmission services for data transmission without errors. In data

The unit of data in the link layer is frame ). The specifications defined in this layer include SDLC, HDLc, PPP, STP, and frame relay. Actually used devices, such as switch switches, belong to this layer.

Network Layer: the network layer is responsible for routing, grouping, and restructuring data between subnets. The unit of data transmission in this layer is packet ). Specifications defined at this layer include IP, IPX, Rip, OSPF, ICMP, and IGMP. In actual use, devices such as routers belong to this layer.

Transport Layer: provides reliable data transmission services. It detects discarded packets from routers and generates a retransmission request to re-Sort packets in disorder. The unit of data transmission at the transport layer is segment ).

Session Layer: Manages sessions between hosts, including session creation, termination, and management during sessions.

Presentation layer: the presentation layer changes the data transmitted over the network so that information transmitted between multiple hosts can be understood, including data compression, encryption, and format conversion.

Application Layer: the application layer communicates with the application interface to present the application to users. Common protocols include HTTP, https, FTP, telnet, ssh, SMTP, POP3, etc.

Ii. layer-4 TCP/IP protocol model

The TCP/IP network protocol stack is divided into four layers: application, transport, network, and link. As shown in, if no special instructions are provided, the commonly referenced diagrams are from "TCP/IP details".

The communication process between the two computers through the TCP/IP protocol is as follows:

The transport layer and its following mechanisms are provided by the kernel, and the application layer is provided by the user process. The application explains the meaning of the communication data, while the transport layer and its following processes the communication details, data is sent from one computer to another through a certain path. When application layer data is sent to the network through the protocol stack, a data header must be added to each layer of the protocol, which is called encapsulation, as shown in:

Different protocol layers have different names for data packets. In the transport layer, segments are called; in the network layer, data packets are called; In the link layer, data packets are called frames ). Data is encapsulated into frames and then sent to the transmission media. After arriving at the target host, the Protocol at each layer is removed from the corresponding header. Finally, the application layer data is handed over to the application for processing.
It corresponds to the situation where two computers are in the same CIDR block. If the two computers are in different CIDR blocks, data must be transmitted from one computer to another through one or more routers, as shown in:

In fact, there is a physical layer under the link layer, which refers to the transmission mode of electrical signals, such as the current Ethernet common network cable (twisted pair wires) and the coaxial cable used by early Ethernet (now mainly used for cable TV) and optical fibers all belong to the concept of physical layer. The capabilities of the physical layer determine the maximum transmission rate, transmission distance, and anti-interference performance. A hub is a network device that works on the physical layer. It is used for connection and signal relay of twisted pair wires (to enlarge the attenuation signal to make it pass further ).

The link layer has standards such as Ethernet and licensing ring networks. The link layer is responsible for driving and frame synchronization of NIC devices (that is to say, from what signal detected on the network layer is counted as the start of a new frame), conflict detection (automatically resend if a conflict is detected), data error verification, and so on. A switch is a network device that works at the link layer. It can forward data frames between different Link Layer Networks (for example, between 10G Ethernet and G Ethernet, and between Ethernet and the gateway ), because the frame formats of different link layers are different, the switch must remove the incoming data packet and re-encapsulate the link layer header before forwarding.

The IP protocol at the network layer forms the foundation of the Internet. Hosts on the Internet are identified by IP addresses. A large number of routers on the Internet are responsible for selecting appropriate routes to forward data packets based on IP addresses, data packets from the source host on the Internet to the target host usually go through more than 10 routers. A router is a layer-3 network device that provides both vswitch functions. It can forward data packets between different link layer interfaces, therefore, the router needs to remove and re-encapsulate incoming data packets from the two layers of the network layer and the link layer. The IP protocol does not guarantee the reliability of transmission, and data packets may be lost during transmission. The reliability can be supported in upper-layer protocols or applications.

The network layer is responsible for point-to-point transmission (here the "point" refers to the host or router), while the transport layer is responsible for end-to-end transmission) (Here, "terminal" refers to the source host and target host ). You can select TCP or UDP for the transport layer. TCP is a connection-oriented and reliable protocol. It is a bit like a phone call. After the two sides pick up the phone to communicate with each other, they establish a connection and then talk about it. What they say here can be heard over there, in addition, it is heard in the order of speech, and the connection is closed after the conversation. That is to say, the two sides of TCP transmission need to establish a connection first, and then the TCP protocol ensures the reliability of data transmission and receiving. The lost data packets are automatically resending, and the upper-layer applications always receive reliable data streams, disconnect after communication. The UDP protocol is not connection-oriented or reliable. It is a bit like sending a mail. Writing a good letter in a mail box does not guarantee that the mail will not be lost during the delivery process, it cannot be ensured that the mail is sent to the destination in order. UDP-based applications need to re-send packet loss and sort messages by themselves.

After receiving the data packet, how does the target host reach the application through the Protocol Stack? The entire process is shown in:

The Ethernet driver first determines the payload of the data frame based on the "Upper Layer Protocol" field in the Ethernet header (excluding the actual data transmitted outside the protocol header) the IP, ARP, or RARP data packets are sent to the corresponding protocol for processing. For an IP datagram, the IP protocol then determines whether the payload of the datagram is TCP, UDP, ICMP, or IGMP based on the "Upper-layer protocol" field in the IP header, and then submits it to the corresponding protocol for processing. For a TCP or UDP segment, the TCP or UDP protocol then determines the user process to which the application layer data should be handed over based on the "port number" Field of the TCP or UDP header. IP addresses are the addresses of different hosts in the network, while port numbers are the addresses that identify different processes on the same host. IP addresses and port numbers are used together to identify the unique processes in the network.

Note: although the IP, ARP, and RARP datagram must be encapsulated into frames, ARP and RARP belong to the link layer, and IP belongs to the network layer. Although data of ICMP, IGMP, TCP, and UDP all need IP protocol to be encapsulated as datagram, in terms of functions, ICMP, IGMP and IP belong to the same network layer, and TCP and UDP belong to the transport layer.

Refer:

Linux C Programming one-stop learning

Chapter 1 TCP/IP details