[Scenario description]
The client is started, and the server is started.
The client initiates a connection
The client sends a packet containing the four bytes of "Hutu"
Client disconnection, server disconnection
[Process diagram]No picture, no truth!
[Socket status change diagram]No picture, no truth!
Establish a connection protocol (three-way handshake)
(1) the client sends a TCP packet with SYN
-Frequently used commands detailed
Basic Commands
$ tcpdump//default crawl all packets of the first NIC interface
$ tcpdump–i ens33//crawl NIC ENS33 packet
$ tcpdump host 47.95.224.4// Listen for host 47.95.224.4 receive all packets sent
$tcpdump host 47.95.224.4
and 10.13.32.60//intercept all packets between host 47.95.224.4 and 10.13.32.60
$ tcpdump host 47.95.224.4 and \ (10.13.32.60 or 10.13.32.169\)
//intercept all packets between the host
of the IP datagram plus the data frame header is greater than MTU, the data packets are divided into several parts for transmission and reorganized in the target system. For example, the maximum IP packet size (MTU) that can be transmitted over Ethernet is 1500 bytes. If the size of the data frame to be transmitted exceeds 1500 bytes, that is, the IP datagram length is greater than 1472 (1500-20-8 = 1472, normal datagram) bytes, the data frame needs
Recently in the socket transmission, encountered packet loss problem, troubled for a long time, saw this article, the original address: http://suwish.com/html/java-tcp-socket-stream-packet-split.html is good, now much easier. In other words, the official "empty track" animation schedule of falcom and the broken people are displayed. I mean it is really unacceptable. Of course, we can't handle this either.
W
The first thing to say is the flow protocol and the sticky packet problem:
Before we wrote the few that are based on the TCP transport Protocol socket communication, and we know that the TCP transmission data is based on stream flow, what is the meaning of it.
Let's just say that TCP is not boundary-sensitive when transmitting data (there is no boundary between data and data), because it is based on byte stream, so the data is a lot of bytes without s
used to specify the maximum life cycle of each packet on the Internet. Each intermediate router reduces the TTL value by one before forwarding the IP packet to the next hop.
A. Extract the final TTL value
When a data packet arrives at the destination address to extract the TTL field value, this value is called the final TTL value. The challenge of hop count stat
I don't know how to say it. In short, the boat, from the mouth, I can not see HUANGFA and impoverished! I'm not going to say anything except cursing!Prior to BBR, there are two kinds of congestion control algorithms, based on packet loss and delay-based, regardless of which is based on detection, in other words, packet loss based on packet loss as a means to find
Packet Capture analysis tool-tcpdump
Tcpdump (dump the traffic on a network) is a more practical tool for analyzing data packets in Unix, it supports filtering at the network layer, protocol, host, network or port, and provides logical statements such as and, or, not, and boolean expressions for packet header matching, in Linux, you can use yum to install yum if it is not installed. However, you need the fo
This article introduces a basic knowledge about how data packets are transmitted and exchanged in routers, as long as you understand this, it will help you to configure a good network environment.
First, the problem of input
1, the original set of interfaces can receive any TCP or UDP messages.
2, to receive the original set of interface, the first to receive the packet must have a complete, correct IP header, otherwise can not be through the IP_RC
This is an article I wrote before in the green corps. It was originally written by myself. I learned from a t00ls article and made improvements. The name of my account in the green corps is also leisureforest.There is no doubt about the authenticity. ThanksDatabase packet capture alternative backupAddress http://www.bkjia.com/(used only to replace the target website, not this site)Database packet capture al
Compared with WINSOCK1, Winsock2 most obvious is to support the raw socket socket type, using raw socket, can set the network card into promiscuous mode, in this mode, we can receive IP packets on the network, of course, including the destination is not the local IP packet,Through the original socket, we can also more freely control the various protocols under Windows, and can control the network underlying transmission mechanism. In the example of th
In the last lecture, we learned how to get the appropriate information, this one will let us write a program Chiang every packet printed through the adapter.The function that opens the device is Pcap_open (). function prototypes arepcap_t* pcap_open (const char* source,int snaplen,int flags,int read_timeout,struct pcap_rmtauth *auth,char * errbuf); 'Pcap_rmatauth{int type.Char *username;;/ /zero-terminated string containing the username that have to i
There are three scenarios when a packet passes through a firewall:1. Local-Targeted packagesWhen a packet enters the firewall, if the destination address is native, the order in which the firewall is checked is as follows:If a packet is discarded at one step, no subsequent checks are performed
Steps
Table
Chain
Description
the rule, Determined by Target:A. Continue to match the next ruleB. Make some changes to the packetC. Jump to another chain (that is, start to match each rule on the chain from that chain sequentially)D. Return the chain that raised the jump (that is, the next rule that continues to match the chain before the jump)E. Dropping a packetF. Receiving packets (i.e. no further matching, direct return)G. LoggingH .... .The entire Iptables framework executes the following process:The loop 1:static brea
Linux Network firewall NetFilter: is a frame of the kernel: framework IPTABLES: Data packet filtering: Nat mangle and other rule generation tools Network knowledge: IP packet header NB Sp TCP headers NBSP;NBSP;NBSP;HDR Len Header First ministerial The bytes given must be multiplied by landscape 32/8 = 4 bytes typeof service (service type) service type total length (total length) Total messa
Actually, for the tcpdump program, you can even say that this program is actually a customer experience, because not only can he analyze the packet flow direction, but the internal content of the packet can also be "audible". If the information you use is clear, on the router, it may have been heard by others! Awesome! So, let's get to know this experience! (Authorization: This tcpdump must use the root ide
ScenarioIf you need to use UDP to transmit large data, such as 10 m images, this breaks through the design principles of UDP. UDP is designed based on "datax", that is, it assumes that each packet you send can be contained in a single package. In addition, the maximum length of UDP data packets is limited by the basic network protocol.
The maximum theoretical length of UDP data packets is 65535 bytes, which contains 8 bytes of data headers and 65527
Tags: http OS AR for SP strong file data Div Pcap is a data packet capture library, which is used by many software as a data packet capture tool. Wireshark also uses the pcap library to capture data packets. The packets captured by pcap are not the original network byte streams, but are assembled to form a new data format.
The file format of a data packet captur
Programming | Network talk about socket programming, we may think of QQ and IE, yes. There are many network tools such as Peer-to-peer, NetMeeting and other applications implemented in the application layer, but also with the socket to achieve. The socket is a network programming interface that is implemented at the network application level, and Windows Sockets includes a set of system components that take advantage of Microsoft Windows message-driven features. The socket Specification version
From the simplest packet filtering firewall to the application layer gateway, since the date of birth, the firewall has increasingly assumed more and more network security role. In recent years, an innovative firewall technology is widely used, which is known as depth packet detection of dip (Deep Packet Inspection) technology.Historical ReviewBefore delving into
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.