Series Article Directory
Chapter 1 Composition and Classification of Networks
Chapter 2 Basic Operation of CISCO Equipment
Table of contents
OSI seven-layer reference model
foreword
Understand OSI seven-layer protocol and TCP/IP protocol
You can get a better experience by watching the video (you need to comment on the video)
Link: https://pan.baidu.com/s/1gfkA0z1mv0gkRFTncFYfyg?pwd=tk51
Extraction code: tk51
OSI seven-layer reference model
In 1984 , the International Organization for Standardization ISO proposed the OSI Open System Interconnection Reference Model, also known as the OSI protocol.
Purpose : 1. To provide a standard that everyone abides by, and to solve the compatibility and interoperability problems between different networks.
2. Reduce the complexity of the network by layering, which is beneficial to the research and development of the network.
Layered standard: divided according to function , the lower layer provides services for the upper layer .
(1) Physical layer
Standards that primarily define electrical or mechanical characteristics such as voltage, current, cables, and interfaces.
Important features of physical layer devices: no intelligence, only simple processing of bit streams , such as transmission, amplification, replication, etc.
Network cable: transmission of bit stream .
Repeater: Amplification of a signal .
Hub: Amplification and replication (flooding) of the signal . (simple networking equipment)
The modem converts the signal from the PC or R into a signal suitable for transmission in the ISP network
At this level, the unit of data is called a bit.
(2) Data link layer
Manage physical circuits, establish data links , and provide error-free transmission of data frames (Frame) on channels through error control.
The functions of this layer include: MAC addressing, data framing, flow control, data error detection, etc.
1. Define the MAC address to identify the node.
The Ethernet MAC address is composed of 48-bit binary numbers and uniquely identifies a node. E8-11-32-95-61-E9 hexadecimal
E : 1110 8 : 1000 binary
2. Establishment, maintenance and release of data link.
3. Combine the bit stream into a data frame.
Data frame: a piece of data with a specific format, for example: Ethernet frame format
Destination MAC source MAC type IP data verification
6 bytes 6 2 46 - 1500 4
Representative device: switch . The Ethernet switch can identify the MAC address information in the data frame and forward the data on the same network segment. Higher efficiency than hubs. ( Reason: It is intelligent and can identify the MAC information in the data and perform directional forwarding .)
At this layer, the unit of data is called a frame . Data link layer protocols include:
LAN: 802.3 ( Ethernet ) 802.11 ( Wireless LAN )
WAN: PPP Frame Relay
(3) Network layer
The network layer is a bridge that interconnects networks of different specifications and routes data packets on different network segments . The task of the network layer is to select the appropriate inter-network routing and switching nodes to ensure timely data transmission.
Define the network layer address
MAC address ( layer 2 ) physical address plane structure identity
IP Address ( Layer 3 ) Logical Address Hierarchy Location
It is composed of 32bit binary numbers, expressed in dotted decimal notation.
202.10.1.5
2. Route forwarding.
Realized through routing table . Three-layer addressing
At the network layer, the unit of data is called a packet . Common network layer protocols are: IP , IPX .
The physical layer, digital link layer and network layer establish a data transmission network to realize point-to-point transmission of data. (net
object of concern to network engineers)
(4) Transport layer
Realize the end-to-end logical connection between two end users , and control and manage the end-to-end communication.
1. Realize the end-to-end connection for the first time. TCP method | UDP method
2. Segmentation: Making data sized to fit across the network. MTU = 1500 bytes
3. Differentiate services: identify the communication process of the upper layer.
Such as: WWW FTP SMTP ( send mail ) …..
80 21 25
The data unit of the transport layer is called a segment , and the main protocols are: TCP, UDP, SPX, etc.
(5) Session layer
Establish a session between two applications , manage the session, terminate the session .
(6) Presentation layer
Realize data format conversion, encryption, compression and other functions.
(7) Application layer
Provide network interface services for specific applications to realize various network applications.
WWW FTP QQ SMTP POP3……
The functions of the upper four layers are mainly implemented on the host , so they are also called the host layer or the system layer . (what software engineers care about)
data encapsulation
Data is transmitted through the network, which needs to be encapsulated layer by layer starting from the application layer, and corresponding control information should be added.
example:
10M mail →
PC A ----------------------------------------------- PC B
MAC A 192.168.1.1 1639 MAC B 192.168.1.2 25
Application layer 5-7 information
Transport layer 4 segment 1639 25 serial number ... information
network layer 3 packet 192.168.1.1 192.168.1.2 1639 25 serial number ... info
Data link layer 2 frame MAC B MAC A 192.168.1.1 192.168.1.2 1639 25 serial number .... information
Physical layer 1 bit 1010101101011010...10101011010101110...10101-101010101
Data decapsulation ( reverse process of encapsulation)
After the data is transmitted to the target, it is decapsulated layer by layer to restore the upper layer information.
EthernetEthernet _
At present, Ethernet technology is mainly used to set up a LAN. The initial Ethernet rate was 10M, which belonged to shared Ethernet and appeared in 1973.
Ethernet standard:
Ethernet V1 1980 DIX development ( DEC, Intel and Xerox)
Ethernet V2 in 1982
IEEE802.3 1985 (Institute of Electronics and Electrical Engineers)
Ethernet: The physical medium that propagates signals to every corner of the network.
channel contention mechanism
CSMA/CD carrier sense, multiple access, collision detection
listen before send idle, send
Listen and send the first 64 bytes to continue listening to ensure that you occupy the channel. (51.2 µs)
Collision stop
Randomly resend back n* △ t time to re-compete. 51.2 microseconds
Ethernet type
Shared style 1 . All hosts share a physical channel.
2. At the same time, only send and receive, work in half-duplex mode.
Exchange type 1. Multiple independent channels can be established.
2. At the same time, it can both send and receive, and can work in full-duplex mode.
Transmission rate : 10M / 100M / 1000M / 10G 40G 100G
Work requirements : consistent speed, consistent duplex
It can be set manually or automatically ( auto )
Domain of the network device: (collision domain broadcast domain)
Collision: In the Ethernet shared medium, when two nodes transmit data at the same time, the frames sent from the two devices will collide, and the data of each other will be destroyed.
Collision Domain: It is the range where the conflict occurs, which is a network segment composed of a shared medium.
Broadcast: When a host sends broadcast data, every device on the network must listen to and process this broadcast. Broadcast usually hasARP, DHCP, virus, etc. The destination IP address of the broadcast packet is 255.255.255.255.
MAC FFFFFFFFFF 48个1
Broadcast domain: the scope of broadcast frame transmission, generally routers to set the boundary. Switches forward broadcasts, while routers do not forward broadcasts.
IEEE802 LAN series standards
802.3 Ethernet
802.4 Token Bus Network
802.5 Token Ring
802.11 WLAN
802.3 10M Ethernet
802.3u 100M Fast Ethernet
802.3z 1000M Gigabit Ethernet (fiber optic)
802.3ab 1000M Gigabit Ethernet (twisted pair)
802.3ae 10G 10 Gigabit Ethernet (fiber)
twisted pair
Currently the most commonly used communication cables are four pairs of eight wires, two of which are twisted together. One pair is transmitting, one pair is receiving, and the other two pairs are used to eliminate electromagnetic interference. The effective transmission distance is 100 meters.
Line sequence: (EIA/TIA standard)
568B white orange orange white green blue white blue green white brown brown (main line sequence)
568A white green green white orange blue white orchid orange white brown brown
device connection
Straight line 568B—568B
For interconnection of heterogeneous devices such as:
Network card ----- switch Router ----- switch
Cross line 568B----568A
For the interconnection of similar equipment , such as:
Network card ----- network card router ----- router
Network card ----- router switch --- switch
Port automatic identification technology: (both straight-through and crossover cables are available)
According to the type of network cable and the connected network device , it can automatically adjust the order of its own needle angle.
Ethernet Ethernet II frame format 64----1518 (ARPA encapsulation)
Destination MAC Source MAC Type IP Data Verification
6 bytes 6 2 46-1500 4
Ethernet V2 (ARPA) This is the most common Ethernet frame format, and it is also the de facto standard of Ethernet today. Common protocol types are as follows :
0800 IP
0806 ARP
8137 Novell IPX
809b Apple Talk
802.3 frame format 64----1518 bytes
The 802.3 frame consists of two layers: the media access control sublayer and the logical link sublayer .
The media access control sublayer is used to identify the receiver and sender of data.
The logical link sublayer includes source service access point (SSAP) and target service access point (DSAP), which can provide more effective data link layer control and better transmission guarantee.
the difference:
The maximum data length that can be loaded by Ethernet V2 is 1500 bytes , while the maximum data length that can be loaded by IEEE 802.3 is 1497 bytes (SAP) or 1492 bytes (SNAP). Therefore, Ethernet V2 is more suitable for transmitting large amounts of data than IEEE802.3 .
However, 802.3 frames can provide more effective data link layer control and better transmission guarantee. Therefore, 802.3 frames are suitable for use in applications with a small amount of data but strict control.
In practical applications, we will find that the Ethernet data packets of most applications are Ethernet V2 frames (such as HTTP, FTP, SMTP, POP3, etc.) , and the BPDU (Bridge Protocol Data Unit) data packets between switches It is an IEEE802.3 frame, and VLAN Trunk protocols such as 802.1Q and Cisco's CDP (Cisco Discovery Protocol) are IEEE802.3 SNAP frames.
Relevant international organizations:
1. ISO International Organization for Standardization: Developed the OSI seven-layer reference model .
2. ARPA US Department of Defense Advanced Research Projects Agency: developed the TCP/IP protocol .
3. IEEE Institute of Electronics and Electrical Engineers: Developed the 802 series of related standards for local area networks .
4. IAB (Internet Architecture Board) , which consists of IETF, IRTF and IANA , has formulated Internet-related standards.
IETF Internet Engineering Task Committee OSPF VRRP
IRTF Internet Research Committee
IANA Internet Addresses Accreditation Committee assigns IP addresses
5. EIA/TIA American Electronics Industry Association/Telecommunications Industry Association : formulate standards for communication interfaces and cables of various LANs and WANs.
TCP/ IP protocol
In 1978, ARPA (Advanced Research Project Agency) of the U.S. Department of Defense developed the TCP/IP protocol. Around 1980, arpanet began to convert to TCP/IP protocol.
In January 1983, the conversion from arpanet to tcp/ip was completed. At the same time, the Defense Communications Agency of the US Department of Defense divided the arpanet into two independent parts, one is called MILNET , which is used for the data communication of the US military; the other part is still called arpanet , which is used for further research work. Today's internet is Originated from ARPA net.
ARPA sells the TCP/IP protocol at a low price and encourages manufacturers to develop TCP/IP related products. In addition, TCP/IP itself is powerful, flexible and easy to use, and eventually becomes widely popular.
(In 1984, the ISO International Organization for Standardization developed the OSI protocol with reference to TCP/IP and other protocols. The OSI protocol divides the network into seven layers, also known as the seven-layer reference model. But the protocol was not used in the network in the end. Today's networks use the TCP/IP protocol.)
OSI Theoretical Standards (R&D)
TCP/IP de facto standard (networking)
OSI Physical Layer Digital Chain Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer
TCP/IP network interface layer network layer transport layer application layer
1. Network interface layer: (1-2 layers of OSI)
Physical layer: Standards that mainly define electrical or mechanical characteristics , such as voltage, current, cables, and interfaces.
Data Link Layer: Establish links between adjacent nodes and transmit data frames .
LAN: Ethernet
Wide area network: DDN special line SDH special line
2. Network layer: (layer 3 of OSI)
ICMP protocol: network control message protocol, sending control messages, transmitting error, control, query and other information.
Ping tests network connectivity, sends ICMP echo request packets , and sends them through the echo relay.
Tracert tests the routers that the target goes through.
Tracert first sends a data packet with a TTL of 1 , and increments the TTL by 1 in each subsequent sending process until the target responds, and determines the route by checking the " ICMP timeout " message sent back by the intermediate router .
IGMP: Internet Group Management Protocol, used for multicast communication.
IP protocol: IP addressing routing and forwarding
ARP protocol: address resolution protocol (find the other party's MAC address by IP address)
46 — 1500 bytes
UDP
I PV4 identification QOS identification Total length Segmentation identification Time to live Upper layer protocol verification Source IP Destination IP TCP header Application layer
V4 0 1500 64 TCP 172.16.1.1 202.1.1.2 Mail
TTL
IP address:
It consists of 32-bit codes of 0 and 1, and each 8-bit code is a segment. For convenience, the dotted decimal format is used.
11000000 11000000 00000001 00000010 = 192.192.1.2
0000 0000 = 0
1111 1111 = 255
Type A (1-126) The first 8 bits represent network bits, and the last 24 bits represent host bits.
60 . 00000000.00000000.00000000
(The 127.0.0.0/8 network is reserved for loopback testing.)
Type B (128-191) The first 16 bits represent network bits, and the last 16 bits represent host bits.
160 . 1. 00000000.00000000
Class C (192-223) 24 8
The first 24 bits represent network bits, and the last 8 bits represent host bits.
200 . 1 . 1 . 00000000
Class D (224-239) is used for multicast address 224.0.0.0 --- 239.255.255.255
Class E (240-255) scientific research use
Unicast A host sends data to a single node in the network .
Broadcast A host sends data to all nodes in a network segment. Local broadcast 255.255.255.255 Layer 2: 48 1
Directed broadcast 172.16.2.255/24 (12 F)
Multicast A host sends data to a group of nodes in the network.
Subnet mask:
It is used to identify which bits of an IP address are network bits and which are host bits.
- Represents network bits
- Indicates the host bit
For example:
60.1.1.2 /8 255.0.0.0
160.1.1.2 /16 255.255.0.0
200.1.1.2 /24 255.255.255.0
Private IP address:
Can be reused to save IP addresses.
10.0.0.0/8 1 Class A
172.16.0.0/16 ---172.31.0.0/16 16 Class B
192.168.0.0/24 --- 192.168.255.0/24 256 Class C
Address Resolution Protocol ARP
Find the other party's MAC address by IP address, broadcast request, and unicast response .
Host A pings the target 192.168.1.253, which needs to complete layer 3 and layer 2 encapsulation. The target layer 3 IP is known, but the target layer 2 MAC is unknown. Host A broadcasts to the entire network and asks "Who is 192.168.1.253, what is your MAC? " All hosts in the network segment receive it, but only 192.168.1.253 responds, telling host A its own MAC address in unicast mode.
Host A completes layer 2 encapsulation and sends a ping packet. At the same time, write B's MAC information into the ARP cache table for next use.
C:\Users\Administrator>ping 192.168.1.253
Reply from 192.168.1.253: byte=32 time=6ms TTL=255
Reply from 192.168.1.253: bytes=32 time=44ms TTL=255
Reply from 192.168.1.253: byte=32 time=6ms TTL=255
C:\Users\Administrator> arp –a (the default aging time is 1200 seconds)
Interface: 192.168.1.60 --- 0x2
Internet Address Physical Address Type
192.168.1.251 00-1c-f0-40-cd-61 dynamic
192.168.1.253 08-00-2b-0a-c7-ea dynamic
ARP on different network segments
When the host finds that the target host is not in the same network segment as itself:
1. The host finds the MAC of the gateway through the ARP protocol, and transmits the data to the gateway.
2. The gateway finds the next hop to the target by checking the routing table, then uses the ARP protocol to analyze the MAC of the next hop, and transmits the data to the next hop.
3. The last hop router analyzes the target MAC through the ARP protocol, and transmits the data to the target host.
3. Transport layer: (layer 4 of OSI)
Enables end-user to end-user connectivity.
- Segmentation : Making data sized to fit across the network. Segmentation is identified by a serial number
- Differentiated Services : Identify the communication process of the upper layer. Use the port number (1-65535) to achieve.
Such as: WWW FTP QQ email ... ..
80 21 4000 25 110
Transport layer protocol:
Transmission Control Protocol TCP (Transmission Control Protocol)
User Datagram Protocol UDP (User Datagram rotocol).
The difference between TCP and UDP:
TCP 1. Connection-oriented , the connection must be established through a three-way handshake before formal data is sent .
2. Confirmation is required, packet loss is retransmitted .
3. Through the sliding window mechanism , the flow control of data transmission can be carried out.
Good reliability, suitable for transferring a large amount of data at one time, such as file transfer, browsing the web, sending emails, etc.
UDP 1. No connection , there is no need to establish a connection before sending data .
2. No acknowledgment is required, and packet loss will not be retransmitted .
The reliability is not good, and it is suitable for transmitting a small amount of data at a time, such as DNS, DHCP, SNMP, TFTP , etc. In addition, applications that are sensitive to delay, such as VOIP and video conferencing , can only use the UDP protocol.
TCP packet format
Source Port Destination Port Serial Number Confirmation Number Window Check ... Upper Layer Data
Port: Identify the upper layer communication process and distinguish different services 1-65535
Reserved Port Identifies public services, such as HTTP, SMTP, TELNET , etc.
1-1023
Free port Identifies the temporary process and ends the release, such as IE, QQ
1024-65535
PC: >netstat – ano View the network services enabled on this machine
active connection
Protocol Local Address External Address Status PID
TCP 0.0.0.0:7 0.0.0.0:0 LISTENING 348
TCP 0.0.0.0:9 0.0.0.0:0 LISTENING 348
TCP 192.168.1.60:5900 192.168.1.100:49166 ESTABLISHED 3252
TCP 192.168.1.60:5900 192.168.1.101:49181 ESTABLISHED 3252
TCP 192.168.1.60:5900 192.168.1.102:49193 ESTABLISHED 3252
TCP 192.168.1.60:49858 222.88.91.156:80 ESTABLISHED 2356
TCP 192.168.1.60:49985 183.60.62.35:80 ESTABLISHED 5168
TCP 192.168.1.60:49988 183.60.15.181:80 ESTABLISHED 5168
TCP 192.168.1.60:49989 101.226.103.122:80 ESTABLISHED 5168
TCP 192.168.1.60:50084 119.147.9.85:80 ESTABLISHED 4888
TCP 192.168.1.60:50087 219.153.45.35:80 ESTABLISHED 4888
TCP 192.168.1.60:50090 115.236.97.21:80 ESTABLISHED 4888
TCP connection establishment (three-way handshake)
Dismantling of TCP connection (four-way handshake)
TCP transmission confirmation
TCP sliding window
UDP packet format
Source port Destination port ... Check the upper layer data
Socket ( Socket= protocol+ Ip address+ TCP/UDP port )
Multiple TCP connections or multiple application processes may need to transmit data through the same TCP protocol port. In order to distinguish different application processes and connections, the computer operating system provides an interface called socket (Socket) for the application program to interact with the TCP/IP protocol.
Socket is the basic operation unit of network communication supporting TCP/IP, which can be regarded as a two-way communication agreement between processes between different hosts.
172.16.1.1 tcp 1024 ---------------------- 202.1.1.2 tcp 80 5 elements
172.16.1.2 tcp 1039 ---------------------- 202.1.1.2 tcp 80
The original meaning of Socket is "socket". By combining these three parameters and binding them to a "socket" Socket, the application layer can communicate with the transport layer through the socket interface to distinguish communications from different application processes or network connections, and realize concurrent services for data transmission.
Fourth, the application layer: (5-7 layers of OSI)
TCP-based protocol :
HTTP 80 Hypertext Transfer Protocol (www service)
HTTPS 443 Secure HTTP protocol
FTP 21 File Transfer Protocol
SMTP 25 Simple Mail Transfer Protocol (sending mail)
POP3 110 Post Office Protocol Version 3 (receiving mail)
Telnet 23 remote login protocol (plain text)
SSH 22 Secure shell protocol (encrypted telnet protocol)
UDP-based protocol :
TFTP 69 Simplified File Transfer Protocol
DNS 53 Domain Name Resolution Protocol
DHCP 67 Dynamic Host Configuration Protocol ( client port number 68, server port 67 )
SNMP 161 Simple Network Management Protocol
Summarize
This article is mostly text type knowledge. Can be watched with video