Today's content:
transport layer tcp \ udp
application layer: the
protocol can be customized = "header + data part
http https ftp
Five-layer protocol
computer 1: computer 2:
Application layer
socket socket
Transport layer segment transport layer
network layer packet network layer
data link layer frame data link layer
physical layer <=========== interactive machine ===========> physical layer
Client software send server software recv
operating system operating system
computer hardware <==== physical media =====> computer hardware
ethernet header + ip header + tcp header + application layer header + application layer data
# 一: Transport layer tcp \ udp =》 Based on port
Port range 0-65535, 0-1023 is occupied by the system
ip + port =》 Identifies a unique application based on network communication in the world
Before communication based on tcp protocol: a link for two-way communication must be established
C --------------------> S
C <------------ -------- S
Three-way handshake to establish a link: the
establishment of the link is to prepare for data transmission, three-way handshake
Four waved hands to disconnect the link When
disconnecting the link, there must be four disconnections due to data transmission in the link
tcp is reliable transmission.
Sending data must be completed after the other party confirms, and then the data in its own memory will be cleared, otherwise retransmission
ps: When the server is in the TIME_WAIT state, it means that the server is experiencing high concurrency
TCP semi-connection pool:
backlog
[link request 1, link request 2, link request 3, link request 5]
# 2: Application layer: the
protocol can be customized = "header + data part
The problems that need to be paid attention to in the custom protocol:
1. Two major components = head + data part
Header: put the description information of the data
such as: To whom, the type of data, the length of the
data, the data part: the data you want to send
2. The length of the header must be fixed
because the receiving end needs to obtain the detailed information of the received data through the header
http https ftp
Network communication-Transport layer
Transport layer function: Establish port-to-port communication
Supplement: Port range 0-65535, of which 0-1023 is the system occupied port, it is not recommended to use the
tcp protocol in the range of 0-1023 when custom
Reliable transmission (open up bidirectional channel transmission), TCP data packets have no length limit, theoretically can be infinitely long, but in order to ensure the efficiency of the network, usually the length of TCP data packets will not exceed the length of IP data packets to ensure a single TCP data packet No more splitting.
udp protocol is
not reliable transmission (only responsible for transmission, regardless of whether the other party can receive it), the "header" part only has a total of 8 bytes, the total length does not exceed 65,535 bytes, just put an IP data packet.
tcp message
tcp three-way handshake and four waved hands (SYN = 1 ACK = 1)
three-way handshake
'' '
three-way handshake is required to establish a two-way path between the client and the server.
1. The client sends a SYN message to the server, requesting to establish a connection. At this time, the client is in the SYN_SENT state.
2. The server returns an ACK to the client after confirming and receiving the client's SYN message, and also
initiates to the client. establishing a connection request SYN packet, then the server will SYN_RCVD state
3, the client receives the server becomes ESTABLASHED state after returning a response to the client represented server
service-side channel is successfully established, after receiving After the request message transmitted by the
server, an ACK is also returned to the server for confirmation. After the server receives the ACK returned by the client, it will become ESTABLASHED.
Finally, the transmission channel from the server to the client is established. The establishment of the two-way channel with the server is completed
. This is the three-way handshake.
'' '
# Why can't it be a second handshake? (In short, the second handshake will result in waste of resources)
'' '
If it is a two-way handshake scenario: the
client enters the waiting state after sending a connection establishment request, and enters the established state after the server confirms.
The server also enters the established state after sending a confirmation connection establishment request message (regardless of whether the client responds).
This is like, A calls B, A: Can you hear me? B: I can hear it. Both A and B think that the other party can hear themselves.
But there is a situation where B's Mai is bad. A can't hear B's speech at all. As a result, A doesn't receive a response from B, but B thinks that A can hear him
. .. This makes B both physically and mentally exhausted.
The three-way handshake: the
client enters a waiting state after sending a connection establishment request message, and waits for the server to return a notification
confirming the connection establishment. The server sends a connection establishment confirmation request message, and at the same time sends a connection establishment request message to the client In the waiting state, the
client receives the confirmation request message sent by the server and the connection establishment request message from the server. Enter the established state
and send a connection confirmation request message to the server. The server receives the connection establishment confirmation message from the client and enters established
A: Can you hear me? B: I can hear it. Can you hear me?
A: I can hear you too. (established) B: (established) Both A and B can clearly know that the other party can definitely hear themselves
Of course, a 4-way handshake or n-way handshake is also possible, but it is not necessary, because if the connection is established for too long, the effect will be greatly reduced
'' '
SYN flood attack
'' '
SYN flood attack: tcp agreement is a good man, no matter what the client, as long as the server sends the request to the server to receive and will try to establish the client even
then. The SYN flood attack is to use a large number of virtual IPs to send requests to the server, and then disappear after sending. At this time, the server will be
filled with a large number of virtual IPs and has been in the state of `SYN_RCVD`, causing the real client to think again. There is no way to access the server
(similar to having a group of beggars block the door of a company, which prevents the company ’s employees from entering the company)
'' '
Four waved hands
# When disconnecting the link, there must be four disconnections due to data transmission in the link
Network communication-
custom protocol
at the application layer If you feel that other people's protocol is too complicated at the application layer, we can customize the protocol = "header + data part
# Custom protocol needs to pay attention to:"
''
1, two major components Part = Header + Data part
Header: put the descriptive information of the
data. For example: to whom the data should be sent, the type of data, the length of the
data. Data part: the data you want to send
2. The length of the header must be fixed
because the receiving end needs to obtain the detailed information of the received data received through the header
''
# Application layer protocol: http https ftp