TCP / IP protocol suite and with the underlying protocol, to ensure that the end of the data transmission can be achieved. Data transfer process is a very complex process, for example, during the forwarding of data will be a series of encapsulation and decapsulation.
Therefore, network engineers, in-depth understanding of the data forwarding process in a variety of different devices, making it possible to correctly analyze and detect the network.
Consistent packet forwarding is based on the same network segment or different network segments between principle.
Data can be transmitted between different networks or, within the same network data forwarding process is divided into local and remote forwarding forwards, but both data transfer basically the same principle, is to follow the TCP / IP protocol suite.
In this example, Host A needs to access server A Web service, and has between Jiading established TCP connection.
TCP Wrappers
A host application data to be transmitted will be treated first performs operations related to encryption and compression, followed by the transport layer encapsulation. Web application is based on the TCP transport layer protocol for transmitting data. A host using TCP packet encapsulation, must be filled with source port and destination port fields, the initial sequence number and acknowledgment sequence number field, flag, window field and a checksum field. In this case the source port number for the data section 1027 randomly selected A host port, destination port number is a TCP well-known port server A 80.
IP encapsulation
After the host A complete the transfer layer package, typically the network layer data package, when using IP encapsulation requires explicit the source and destination address of the IP packet, if the IP packet is larger than the maximum transmission unit of the network (MTU) , then the message is likely to be fragmented during transmission (is fragmented IP layer).
Survival time (TTL) field is used to reduce the impact caused by the network loop. ARG3 series routers packet generated when the TTL value of 255. The default router to forward a data packet, the value is decremented by one, if the router is found to reduce the value 0, discards the packet. Thus, even if there is a loop in the network, the packet would not have been forwarded on the network.
Protocol field identifies the protocol used by the transport layer. In the present example, the transport layer using the TCP protocol, the filling value of the word 0x06.
Find route
A host must have a route to reach the destination.
每个主机都会独立维护各自的路由表项。主机A在发送数据前需要先检查是否能够到达目的端,这个过程是通过查找路由来完成的。在此示例中,主机A拥有一条到达『任何网络』(在IP编址部分已经简要介绍过)的路由,它发往其他网络的数据都会通过IP地址为10.1.1.1的接口转发到下一跳,即网关10.1.1.254。
ARP
通过ARP缓存表找到下一跳的MAC地址。
如果表项中没有下一跳的MAC地址,主机A会发送ARP请求。
接下来,由于数据包要被封装成数据帧,所以主机A需要获取下一跳的MAC地址,也就是网关的MAC地址。主机首先会查询ARP缓存表。
本例中,主机A的ARP缓存表中存在网关MAC地址的表项。
如果没有查找到网关的MAC地址表项,主机A会通过发送ARP请求来获取网关的MAC地址。
以太网封帧
主机A在链路层封装数据帧的时候,会遵循IEEE 802.3或者Ethernet_II标砖,Ethernet_II帧头的类型字段填充为0x0800,以表示网络层使用的是IP协议。源MAC地址为主机A的MAC地址,目的MAC地址为网关路由器E0/0接口的MAC地址。
数据帧转发过程
主机工作在半双工状态下,所以会使用CSMA/CD来检测链路是否空闲。
前导码(Preamble)用于使接收者进入同步状态,定界符(SFD)用于指示帧的开始。
前导码是包括了7个字节的二进制1,0交替的代码,即1010...10共56位。帧首定界符是长度为1个字节的1010...二进制序列,它的作用是使接受端对帧的第一位进行定位。
同一个冲突域里的设备都会接受到主机A发送的数据帧。
只有网关(RTA)会处理该数据帧,并基于转发。
本例中,主机A发送数据帧到共享以太网,此网络中的所有设备都会受到该帧。设备收到帧之后,首先会进行FCS校验。如果FCS校验未能通过,则帧被立即丢弃。对于通过了FCS校验的帧,设备会检查帧中的目的MAC地址。如果帧中的目的MAC地址与自己的MAC地址不同,设备将丢弃帧,如果相同,则会继续处理。处理过程中,帧头帧尾会被剥去(就是解封装),生效的数据报文会被根据帧头中的类型字段的值来送到网络层中的对应协议模块去处理。
数据包转发过程
网关检查是否具有到达目的网络的路由条目。
如果存在转发路径,则为数据包添加一个新的二层帧头和帧尾,并继续转发。
RT-A收到此数据报文后,网络层会对该报文进行处理。RT-A首先根据IP头部信息中的校验和字段,检查IP数据报文头部的完整性,然后根据目的IP地址查看路由表,确定是否能够将数据包转发到目的端。RT-A还必须对TTL的值进行处理。另外,报文大小不能超过MTU值。如果报文大小超过MTU值,则报文将被分片。
网络层处理完成后,报文将被送到数据链路层重新进行封装,称为一个新的数据帧,该帧的头部会封装新的源MAC地址和目的MAC地址。如果当前网络设备不知道下一跳的MAC地址,将会使用ARP来获得。