tcp/udp-Routing Switching Principle 6-"Hcna notes"

1. TCP Message Header format

TCP protocol is a transport layer protocol, which makes reliable data transmission based on IP protocol. Therefore, the TCP message is stored in the data field of the IP message when it is transmitted in the network, the message format is as follows:

Frame Header	Data (IP message)				Fcs
	IP header	Data (TCP message)
		TCP Header	Data

There are many TCP header fields, where successive fields are wrapped.

Source Port	Destination Port	Sequence number	Acknowledge number		Header length
16 Guests	16 Guests	32 Guests	32 Guests		4 guests

RESV	URG	ACK	PSH	RST	SYN	FIN	Window	Checksum		Options
6 guests	1 guests	1 guests	1 guests	1 guests	1 guests	1 guests	16 Guests	16 Guests	16 Guests	0-40 bytes

SOURCE Port : Origin Port number

Destination Port: Destination port number

Sequence Number: the first byte ordinal. TCP packets are also segmented, and the TCP traffic is assigned a sequence number for each byte, and the sequence number of its first byte is recorded in the message. If the first byte ordinal of the previous message segment is 100, and the total message length is 300 bytes, the first byte ordinal of the next message segment is 400.

acknowledge number: confirm the ordinal. The first byte ordinal of the next message segment is recorded.

Header Length: message header lengths. Because the options field is variable in length, the length of the TCP header is variable.

RESV: reserved fields. for future application.

URG: emergency sign. When urg=1, it is indicated that this message should be transmitted as soon as possible, rather than in the original queue order.

ACK: confirm flag bit. The previous confirmation ordinal field is only meaningful when ack=1.

PSH: urgent sign. When psh=1, it is indicated that the host receiving this message should immediately transmit this segment to the application layer, and not wait until all the pieces of the packet are all aligned and then upward delivery

RST: reset Flag bit. When Rst=1, indicates a serious error occurred, the host receiving this message should be disconnected from the source host and rebuild the connection. It can also be used to reject an illegal message segment or to refuse to open a connection.

SYN: synchronous flag bit. used when establishing a connection, syn=1 indicates that this is a connection request or a connection acceptance message. When Syn=1 and ack=0, it indicates that this is a connection request message segment. If the other party agrees to establish a connection, it should return a message section of Syn=1 and Ack=1.

FIN: stop flag bit. Used to release a connection that, when Fin=1, indicates that the message segment that needs to be sent is finished and requires the release of the transport connection.

Windows : window field. To inform the other side of the size of the buffer, the target host through this field to determine the maximum amount of data returned to the source host, that is, the maximum length of a message segment.

Checksum: the Checksum field. The calibration scope includes the header and data, and the sender fills in the receiver verification.

Urgent Pointer: emergency pointer. It indicates the sequence number of the last byte of the emergency data in the message. Because the emergency data is likely to be sent in fragments, it is necessary to indicate the last byte of the emergency data before the receiver is fully processed. This field is valid only if the emergency flag bit urg=1.

options: Optional fields. The TCP message provides this field as a feature extension, including window enlargement and timestamp options, which are described in more detail later.

2, TCP connection (three-time handshake)

Three-time handshake, the SYN flag is used to indicate that this is a connection request or a connection acceptance message; the SEQ (Sequence number) field and the ACK (acknowledge number) field are used to verify the continuity of the message The connected host uses an ACK flag bit to indicate consent to the connection. Here the initiator of the general layer connection is the client side, the connecting party becomes the server side, the connection process is divided into three times as shown.

first Handshake (syn_sent): The client sends a request message to the server, Syn=1, Sequence number= a random value j,client into the syn_sent state, waiting for the server to confirm.

second Handshake (SYN_RCVD): After the server receives the request message, it returns a confirmation message to the client, Syn=1, ack=1, acknowledge Number=j+1, Sequence number= a random value k,server into the SYN_RCVD state, Wait for the client side to confirm again.

Third Handshake (established): After the client receives the confirmation message, the approved connection is established, and a connection confirmation message is sent to the server side, Ack=1, acknowledge number=k+1 in the message. When the server receives the message, it knows that the client has approved the connection, and the client and server can begin transmitting the data.

3, TCP disconnect (four wave)

Four waves the use of the FIN flag indicates that this is a message for connection release; the SEQ (Sequence number) field and the ACK (acknowledge number) field are used to verify the continuity of the message, and the disconnected host uses the ACK flag bit to indicate consent to disconnect. Because the TCP connection is full-duplex, each direction must be closed separately, with each side shutting down two times, as shown in four times.

wave for the first time (fin_wait_1): The client sends a request message to close the connection, and the message fin=1, Sequence number= a random value m,client into the fin_wait_1 state, waiting for the server to confirm.

Second Wave (close_wait): After the server receives the shutdown request message, it returns a confirmation message to the client, in which the ack=1, acknowledge Number=m+1,server enter the Close_wait state. The client side disconnects from the server after it receives the acknowledgement message.

Third Wave (last_ack): The server sends a request message to close the connection, the message fin=1, Sequence number= a random value n,server into the Last_ack state, waiting for the client to confirm.

Wave for the fourth time (time_wait): After the client receives the closed request message, it returns a confirmation message to the server, in which the ack=1, acknowledge Number=n+1,client enter the TIME_WAIT state. After the server receives the acknowledgement message, it disconnects from the client, and the two-way connection is closed.

4. UDP Message Header format

UDP is similar to TCP is the Transport layer protocol, is also based on IP protocol, so in the transmission is also stored in the data field of the IP packet. Unlike TCP, it is a non-connected transport protocol that does not provide packet grouping, assembly, and sequencing of packets, which means that when a message is sent, it is not possible to know whether it is safe or complete.

Frame Header	Data (IP message)							Fcs
	IP header	Data (UDP message)
		UDP header					Data
		Source Port		Destination Port	Length	Checksum	Data
		8 Guests		8 Guests	8 Guests	8 Guests

SOURCE Port : The origin port number.

Destination Port: Destination port number.

Length : total lengths. The length of the message.

Checksum: checksum. The receiver is used to verify that the transmission is correct.

"Why TCP shutdown is four waves" because the TCP connection is full-duplex.

In other words, clinet and server can be sent and received at the same time, in the shutdown, if the client side shut down the client to server side of the connection, but at this time the server side may still have data is not finished, so you need to wait until the server side also sent the data, The server proactively initiates a shutdown request to the client. It can be understood that, after the TCP connection, the server and client each send their own data, after sending the respective disconnected. The client and server disconnect should be considered to be two discontinuous events, and in fact there will be a server-side disconnect or client and server disconnected at the same time, so four handshake is required.

The first byte of the optional field for the TCP optional field is called Kind, which describes the type of option. The default kind is empty, that is, the Options field is not enabled.

Kind=0: Disables this field.

Kind=1: Enable window enlargement option. This option expands the TCP window definition from the original 16 bits to 32 bits, meaning that the sender's buffer can support up to 4294967295 bytes from the maximum support of 65535 bytes to the maximum.

kind=2: Enable timestamp option. This option causes the sender to place a timestamp in each segment of the packet, and the receiver will take this value in the acknowledgement of the received message, so that the sender can calculate the round-trip delay of the packet segment on the network.

Kind=3: Enable window enlargement and timestamp options.

"The difference between TCP and UDP" The main difference between UDP and TCP protocols is that they differ in how to achieve reliable transmission of information.

The TCP protocol includes a special delivery guarantee mechanism that automatically sends a confirmation message to the sender when the data receiver receives the message from the sender, and the sender will continue to send additional information only after receiving the acknowledgement, otherwise it waits until the confirmation message is received. Unlike TCP, the UDP protocol does not provide a guarantee mechanism for data transfer. If the datagram is lost during delivery from the sender to the receiver, the protocol itself is not capable of making any detection or prompting. And when the network congestion may occur after the first data arrived, that is, the receiver receives the data in the order may not be consistent with the sender. Therefore, the UDP protocol is often referred to as an unreliable transport protocol.

"UDP application" since UDP is an unreliable network protocol, what is the use or necessity of it?

In some cases, the UDP protocol may become very useful. Because UDP has the speed advantage that TCP can not catch. Although a variety of security features are embedded in the TCP protocol, the actual execution of the system consumes a lot of overhead, which undoubtedly makes the speed seriously affected. In view of the elimination of the information reliable transmission mechanism, the security and sequencing functions are transferred to the upper application to complete, greatly reducing the execution time, so that the speed is guaranteed. At the same time, UDP is an ideal protocol for distributing information. For example, the stock market is reported on the screen, air information is displayed on the screen, and so on. UDP is also used in Routing Information Protocol RIP (Routing information Protocol) to modify the routing table. In these applications, if one message is lost, another new message is replaced in a few seconds.

"Port number for TCP and UDP" The TCP and UDP protocols use port numbers to retain their respective data transfer channels for different applications.

The UDP and TCP protocols use this mechanism to support the simultaneous sending and receiving of data from multiple applications at the same time. The data sending party (which can be either client or server side) sends the UDP packet through the source port, while the data receiving party receives the data through the destination port. Some network applications can only use static ports reserved or registered for them, while others may use dynamic ports that are not registered. Because the UDP header uses two bytes to hold the port number, the valid range for the port number is from 0 to 65535. In general, a port number greater than 49151 represents a dynamic port.

In fact, TCP and UDP is the basic transport protocol, based on the implementation of the application layer protocol may have a fixed port number, such as the FTP service for TCP communication by default, Port 21st, some applications may also temporarily request a port, the communication is completed after the release of the port, the computer unified management

tcp/udp-Routing Switching Principle 6-"Hcna notes"