1. Overview of Computer Networks
1.1 Classification of Computer Networks
According to the scope of the network: Wide Area Network (WAN), Metropolitan Area Network (MAN), Local Area Network (LAN);
According to the users of the network: Public network, Private network.
1.2 Hierarchical Structure of Computer Networks
Comparison of the TCP/IP four-layer model and the OSI architecture:
1.3 Basic Principles of Hierarchical Design
-
Each layer is independent of each other;
-
Each layer needs to have sufficient flexibility;
-
Complete decoupling between layers.
1.4 Performance Metrics of Computer Networks
Rate: bps=bit/s Delay: transmission delay, propagation delay, queuing delay, processing delay Round Trip Time (RTT): the time for a data packet to travel from one endpoint to another and back.
2. Physical Layer
The role of the physical layer: to connect different physical devices and transmit bit streams. This layer provides a reliable physical medium for data transmission for higher layer protocols. In simple terms, the physical layer ensures that raw data can be transmitted over various physical media.
Physical layer devices:
-
Repeater: regenerates signals in the same local area network; both ends of the segment must use the same protocol; 5-4-3 rule: in a 10BASE-5 Ethernet, a maximum of 4 repeaters can be connected in series, and only 3 of the 5 segments can connect to hosts;
-
Hub: regenerates and amplifies signals in the same local area network (a multi-port repeater); half-duplex, cannot isolate collision domains or broadcast domains.
Basic concept of a channel: A channel is a medium that transmits information in one direction; a communication circuit consists of a sending channel and a receiving channel.
-
Simplex communication channel: can only communicate in one direction, with no feedback in the opposite direction;
-
Half-duplex communication channel: both parties can send and receive information, but cannot send and receive simultaneously;
-
Full-duplex communication channel: both parties can send and receive simultaneously.
3. Data Link Layer
3.1 Overview of the Data Link Layer
The data link layer provides services to the network layer based on the services provided by the physical layer, with the most basic service being the reliable transmission of data from the network layer to the target machine’s network layer at adjacent nodes. The data link layer provides reliable transmission over unreliable physical media.
The functions of this layer include: physical addressing, framing, flow control, error detection, and retransmission.
Important knowledge points about the data link layer:
-
The data link layer provides reliable data transmission to the network layer;
-
The basic data unit is a frame;
-
Main protocols: Ethernet protocol;
-
Two important device names: bridge and switch.
Framing: “Frame” is the basic unit of data for the data link layer:
Transparent transmission: “Transparent” means that even if control characters are present in the frame data, they should be treated as if they do not exist. This is done by adding an escape character ESC before the control characters.
3.2 Error Detection in the Data Link Layer
Error detection: parity check, cyclic redundancy check (CRC)
-
Parity check – limitations: cannot detect errors when two bits are erroneous.
-
Cyclic Redundancy Check: generates a fixed-length check code based on the transmitted or stored data.
3.3 Maximum Transmission Unit (MTU)
The Maximum Transmission Unit (MTU) limits the size of data frames at the data link layer, and the length of the data frame is restricted by the MTU.
Path MTU: determined by the minimum MTU in the link.
3.4 Detailed Explanation of Ethernet Protocol
MAC address: Each device has a unique MAC address, consisting of 48 bits, represented in hexadecimal.
Ethernet protocol: a widely used local area network technology, an application layer protocol that enables the transmission of data frames between adjacent devices:
Classification of Local Area Networks:
Ethernet IEEE802.3:
-
First widely deployed high-speed local area network
-
Fast data rates of Ethernet
-
Low hardware costs, low network construction costs
Ethernet Frame Structure:
-
Type: identifies the upper layer protocol (2 bytes)
-
Destination and source address: MAC address (6 bytes each)
-
Data: encapsulated upper layer protocol packets (46-1500 bytes)
-
CRC: cyclic redundancy check (4 bytes)
-
Minimum Ethernet frame: the shortest Ethernet frame is 64 bytes; the Ethernet frame has an additional 18 bytes excluding the data part; the minimum data length is 46 bytes;
MAC Address (Physical Address, Local Area Network Address)
-
MAC address length is 6 bytes, 48 bits;
-
MAC address is unique, each network adapter corresponds to one MAC address;
-
Typically represented in hexadecimal, with each byte represented by a hexadecimal number, connected by – or :;
-
MAC broadcast address: FF-FF-FF-FF-FF-FF.
4. Network Layer
The purpose of the network layer is to achieve transparent data transmission between two end systems, with specific functions including addressing and routing, establishing, maintaining, and terminating connections. The data exchange technology is message switching (basically replaced by packet switching): using store-and-forward, the data exchange unit is a message.
Many protocols are involved in the network layer, including the most important protocol, which is the core protocol of TCP/IP – the IP protocol. The IP protocol is very simple, providing unreliable, connectionless transmission services. The main functions of the IP protocol include: connectionless datagram transmission, datagram routing, and error control.
Protocols that work in conjunction with the IP protocol to achieve its functions include the Address Resolution Protocol (ARP), Reverse Address Resolution Protocol (RARP), Internet Control Message Protocol (ICMP), and Internet Group Management Protocol (IGMP). The key points regarding the network layer are:
1. The network layer is responsible for routing packets between subnets. In addition, the network layer can also implement congestion control, inter-networking, and other functions; 2. The basic data unit is an IP datagram; 3. Major protocols included:
-
IP protocol (Internet Protocol);
-
ICMP protocol (Internet Control Message Protocol);
-
ARP protocol (Address Resolution Protocol);
-
RARP protocol (Reverse Address Resolution Protocol). 4. Important device: router.
Router-related protocols
4.1 Detailed Explanation of IP Protocol
The Internet Protocol (IP) is the core protocol of the Internet’s network layer. The emergence of virtual interconnected networks: the actual computer networks are complex; physical devices using the IP protocol mask the differences between physical networks; when hosts in the network connect using the IP protocol, they do not need to pay attention to network details, thus forming a virtual network.
The IP protocol transforms complex actual networks into a virtually interconnected network; it also solves the problem of datagram transmission paths within the virtual network.
In the IP protocol, the version refers to the version of the IP protocol, occupying 4 bits, such as IPv4 and IPv6; the header length indicates the length of the IP header, occupying 4 bits, with a maximum value of 15; the total length indicates the total length of the IP datagram, occupying 16 bits, with a maximum value of 65535; TTL indicates the lifespan of the IP datagram in the network, occupying 8 bits; the protocol indicates the specific data protocol carried by the IP data, such as TCP, UDP.
4.2 IP Protocol Forwarding Process
4.3 Subnet Division of IP Addresses
Class A (8 bits network number + 24 bits host number), Class B (16 bits network number + 16 bits host number), Class C (24 bits network number + 8 bits host number) can be used to identify hosts or routers in the network, Class D addresses serve as group broadcast addresses, and Class E addresses are reserved.
4.4 Network Address Translation (NAT) Technology
Used in private networks where multiple hosts access the Internet through a single public IP address, alleviating the consumption of IP addresses but increasing the complexity of network communication.
NAT Working Principle:
For IP datagrams going out from the internal network, replace its IP address with a valid public IP address owned by the NAT server, and record the replacement relationship in the NAT translation table;
For IP datagrams returning from the public Internet, retrieve the NAT translation table based on the destination IP address and replace the destination IP address with the retrieved internal private IP address, then forward the IP datagram to the internal network.
4.5 ARP Protocol and RARP Protocol
The Address Resolution Protocol (ARP) provides dynamic mapping from the IP address of a network adapter (NIC) to the corresponding hardware address. It can convert a 32-bit address at the network layer to a 48-bit MAC address at the data link layer.
ARP is plug-and-play; an ARP table is automatically established without the need for a system administrator to configure it.
RARP (Reverse Address Resolution Protocol) can convert a 48-bit MAC address at the data link layer to a 32-bit address at the network layer.
4.6 Detailed Explanation of ICMP Protocol
The Internet Control Message Protocol (ICMP) can report error messages or exceptions; ICMP messages are encapsulated in IP datagrams.
Applications of ICMP Protocol:
-
Ping application: troubleshooting network faults;
-
Traceroute application: can detect the path that IP datagrams take through the network.
4.7 Overview of Routing in the Network Layer
Requirements for routing algorithms: correct and complete, computationally simple, adaptable to changes in the network, stable and fair.
Autonomous System (AS): refers to a group of network devices under a single management agency, where the internal network is autonomously managed and provides one or more entrances and exits; the routing protocol within the autonomous system is the Interior Gateway Protocol (IGP), like RIP, OSPF; the routing protocol external to the autonomous system is the Exterior Gateway Protocol (EGP), like BGP.
Static Routing: manually configured, high difficulty and complexity;
Dynamic Routing:
-
Link State Routing Algorithm (LS): sends information to all neighboring routers quickly converging; global routing algorithm, each router builds a complete network topology when calculating routes; uses Dijkstra’s algorithm to find the shortest path from source to destination; Dijkstra’s algorithm.
-
Distance Vector Routing Algorithm (DV): sends information to all neighboring routers slowly converging, may create loops; based on the Bellman-Ford equation (B-F equation);
4.8 RIP Protocol of Interior Gateway Routing Protocol
The Routing Information Protocol (RIP) [Application Layer], based on the distance vector routing algorithm, suitable for small networks within a smaller AS; RIP messages are encapsulated in UDP datagrams.
Characteristics of RIP Protocol:
-
RIP uses hop count to measure paths (each router maintains distance records to every other router);
-
RIP’s cost is defined between the source router and destination subnet;
-
RIP limits the network diameter to a maximum of 15 hops;
-
Exchanges all information with neighbors, active every 30 seconds (broadcast).
4.9 OSPF Protocol of Interior Gateway Routing Protocol
The Open Shortest Path First (OSPF) protocol [Network Layer], based on the link state routing algorithm (Dijkstra’s algorithm), suitable for large-scale AS, directly encapsulated in IP datagrams for transmission.
Advantages of OSPF Protocol:
-
Secure;
-
Supports multiple paths with the same cost;
-
Supports differentiated cost metrics;
-
Supports unicast and multicast routing;
-
Hierarchical routing.
Comparison of RIP and OSPF (the nature is determined by the routing algorithm):
4.10 BGP Protocol of Exterior Gateway Routing Protocol
BGP (Border Gateway Protocol) [Application Layer]: a protocol that operates between AS, finding a good route: initially exchanging all information, subsequently only exchanging changes, BGP is encapsulated in TCP segments.
5. Transport Layer
The first end-to-end layer, i.e., host-to-host. The transport layer is responsible for segmenting upper layer data and providing end-to-end reliable or unreliable transmission. In addition, the transport layer also handles end-to-end error control and flow control issues.
The task of the transport layer is to optimally utilize network resources based on the characteristics of the communication subnet, providing functions for establishing, maintaining, and terminating transport connections between the session layers of two end systems, responsible for reliable data transmission end-to-end. At this layer, the protocol data unit for information transfer is called a segment or message.
The network layer only transmits data packets from the source node to the destination node based on network addresses, while the transport layer is responsible for reliably transmitting data to the corresponding port.
Key points regarding the transport layer:
-
The transport layer is responsible for segmenting upper layer data and providing end-to-end reliable or unreliable transmission as well as end-to-end error control and flow control issues;
-
Main protocols included: TCP protocol (Transmission Control Protocol), UDP protocol (User Datagram Protocol);
-
Important device: gateway.
5.1 Detailed Explanation of UDP Protocol
UDP (User Datagram Protocol): a very simple protocol.
Characteristics of UDP Protocol:
-
UDP is a connectionless protocol;
-
UDP cannot guarantee reliable data delivery;
-
UDP is message-oriented;
-
UDP has no congestion control;
-
UDP has a small header overhead.
UDP Datagram Structure:
Header: 8B, four fields/2B [Source Port | Destination Port | UDP Length | Checksum] Data Field: application data
5.2 Detailed Explanation of TCP Protocol
TCP (Transmission Control Protocol): a very complex protocol in computer networks.
Functions of TCP Protocol:
-
Segment and reassemble application layer messages;
-
Implement multiplexing and decomposition for the application layer;
-
Implement end-to-end flow control;
-
Congestion control;
-
Transport layer addressing;
-
Perform error detection on received messages (both header and data parts);
-
Implement end-to-end reliable data transmission control between processes.
Characteristics of TCP Protocol:
-
TCP is a connection-oriented protocol;
-
TCP is a byte stream-oriented protocol;
-
A TCP connection has two ends, i.e., point-to-point communication;
-
TCP provides reliable transmission services;
-
TCP protocol provides full-duplex communication (each TCP connection can only be one-to-one);
5.2.1 TCP Segment Structure:
Maximum segment length: maximum length of application layer data encapsulated in the segment.
TCP Header:
-
Sequence number field: the TCP sequence number is assigned to each byte of application layer data
-
Acknowledgment number field: the expected byte sequence number from the other party, indicating that the byte corresponding to this sequence number has not yet been received. Identified by ack_seq;
-
The minimum TCP segment header length is 20B, and the maximum is 60 bytes. However, the length must be a multiple of 4B.
Functions of TCP Flags:
5.3 Basic Principles of Reliable Transmission
Basic Principles:
-
Possible situations in unreliable transmission channels: bit errors, out of order, retransmission, loss
-
Measures taken to achieve reliable data transmission based on unreliable channels:
Error detection: using coding to detect bit errors during packet transmission Confirmation: feedback reception status to the sender from the receiver Retransmission: the sender resends data that the receiver did not correctly receive Sequence number: ensures data is submitted in order Timer: solves the problem of data loss;
The stop-and-wait protocol is the simplest reliable transmission protocol, but it does not utilize the channel efficiently.
Continuous ARQ (Automatic Repeat reQuest): sliding window + cumulative acknowledgment, significantly improves channel utilization.
5.3.1 Reliable Transmission of TCP Protocol
Based on the continuous ARQ protocol, in certain cases, retransmission efficiency is not high, and part of the bytes that have already been successfully received may be retransmitted.
5.3.2 Flow Control of TCP Protocol
Flow control: ensures the sender does not send too quickly, the TCP protocol uses a sliding window to implement flow control.
5.4 Congestion Control of TCP Protocol
Difference between congestion control and flow control: flow control considers the control of communication volume point-to-point, while congestion control considers the entire network, which is a global consideration. Congestion control methods: slow start algorithm + congestion avoidance algorithm.
Slow start and congestion avoidance:
-
[Slow Start] the congestion window starts from 1 and grows exponentially;
-
When reaching the threshold, it enters [Congestion Avoidance], growing by +1;
-
[Timeout], the threshold becomes half of the current cwnd (cannot be <2);
-
Then it starts again from [Slow Start], with the congestion window growing exponentially from 1.
Fast retransmission and fast recovery:
-
The sender receives 3 redundant ACKs in a row, executing [Fast Retransmission], without waiting for the timer to timeout;
-
Execute [Fast Recovery], and the threshold becomes half of the current cwnd (cannot be <2), and enters [Congestion Avoidance] from this new ssthresh point.
5.5 TCP Connection Three-Way Handshake (Important)
TCP three-way handshake uses instructions:
Common interview question: Why is three-way handshake necessary?
-
First handshake: the client sends a request, at this point the server knows the client can send;
-
Second handshake: the server sends a confirmation, at this point the client knows the server can send and receive;
-
Third handshake: the client sends a confirmation, at this point the server knows the client can receive.
Establishing a connection (three-way handshake):
First: The client sends a connection request segment to the server, establishing a connection request control segment (SYN=1), indicating that the first data byte of the transmitted segment has a sequence number of x, which represents the sequence number of the entire segment (seq=x); the client enters the SYN_SEND (synchronization sending state);
Second: The server sends back a confirmation segment, agreeing to establish a new connection (SYN=1), confirming that the acknowledgment number field is valid (ACK=1), and the server tells the client that the segment sequence number is y (seq=y), indicating that the server has received the client segment with sequence number x and is ready to accept the client segment with sequence number x+1 (ack_seq=x+1); the server transitions from LISTEN to SYN_RCVD (synchronization received state);
Third: The client confirms the same connection with the server. The acknowledgment number field is valid (ACK=1), and the sequence number of the client’s segment is x+1 (seq=x+1), and the client expects to receive the server’s segment with sequence number y+1 (ack_seq=y+1); when the client sends ack, the client enters the ESTABLISHED state; when the server receives the ack sent by the client, it also enters the ESTABLISHED state; the third handshake can carry data;
5.6 TCP Connection Four-Way Handshake (Important)
Releasing the connection (four-way handshake)
First: The client sends a release connection segment to the server, indicating that the sending end has completed sending data and requests to release the connection (FIN=1), with the first data byte’s sequence number being x (seq=x); the client state transitions from ESTABLISHED to FIN_WAIT_1 (waiting for termination state 1);
Second: The server sends a confirmation segment to the client, confirming that the acknowledgment number field is valid (ACK=1), and the sequence number of the data sent by the server is y (seq=y), indicating that the server expects to receive the client’s data sequence number x+1 (ack_seq=x+1); the server state transitions from ESTABLISHED to CLOSE_WAIT (waiting to close); the client transitions from FIN_WAIT_1 to FIN_WAIT_2 after receiving the ACK segment;
Third: The server sends a release connection segment to the client, requesting to release the connection (FIN=1), confirming that the acknowledgment number field is valid (ACK=1), indicating that the server expects to receive the client’s data sequence number x+1 (ack_seq=x+1); indicating that the first byte sequence number of the server’s transmission is y+1 (seq=y+1); the server state transitions from CLOSE_WAIT to LAST_ACK (last confirmation state);
Fourth: The client sends a confirmation segment to the server, confirming that the acknowledgment number field is valid (ACK=1), indicating that the client’s data sequence number is x+1 (seq=x+1), and that the client expects to receive the server’s data sequence number y+1+1 (ack_seq=y+1+1); the client state transitions from FIN_WAIT_2 to TIME_WAIT, waiting for 2MSL before entering the CLOSED state; the server transitions from LAST_ACK to CLOSED after receiving the last ACK;
Why wait for 2MSL?
-
Last message not confirmed;
-
Ensure the sender’s ACK can reach the receiver;
-
If no response is received within 2MSL, the receiver will retransmit;
-
Ensure that all messages of the current connection have expired.
6. Application Layer
Provides an interface for operating systems or network applications to access network services. Key points of the application layer:
-
The basic data transmission unit is a message;
-
Main protocols included: FTP (File Transfer Protocol), Telnet (Remote Login Protocol), DNS (Domain Name System), SMTP (Simple Mail Transfer Protocol), POP3 protocol (Post Office Protocol), HTTP protocol (Hyper Text Transfer Protocol).
6.1 Detailed Explanation of DNS
DNS (Domain Name System) [C/S, UDP, port 53]: Solves the problem of complex and hard-to-remember IP addresses, storing and completing the mapping of domain names to IP addresses for hosts under its jurisdiction.
The order of domain name resolution:
-
[1] Browser cache,
-
[2] Look for the local hosts file,
-
[3] Router cache,
-
[4] Look for DNS servers (local domain, top-level domain, root domain) -> iterative resolution, recursive query.
IP -> DNS service -> easy-to-remember domain name
Domain names consist of dots, letters, and numbers, divided into top-level domains (com, cn, net, gov, org), second-level domains (baidu, taobao, qq, alibaba), and third-level domains (www) (12-2-0852)
6.2 Detailed Explanation of DHCP Protocol
DHCP (Dynamic Host Configuration Protocol): a local area network protocol, an application layer protocol using UDP. Its function is to automatically assign IP addresses to users temporarily connecting to the local area network.
6.3 Detailed Explanation of HTTP Protocol
The File Transfer Protocol (FTP): control connection (port 21): transmits control information (connection, transfer requests) in 7-bit ASCII format. The entire session remains open throughout.
HTTP (HyperText Transfer Protocol) [TCP, port 80]: a reliable data transmission protocol, where the browser establishes a TCP connection before sending and receiving messages from the server (HTTP itself is connectionless).
HTTP request message methods:
-
GET: requests specified page information and returns the entity body;
-
POST: submits data to the specified resource for processing;
-
DELETE: requests the server to delete the specified page;
-
HEAD: requests to read the header of the URL identifier, returning only the message header;
-
OPTIONS: requests information about some options;
-
PUT: stores a document at the specified URL.
6.3.1 Structure of HTTP Work
6.3.2 Detailed Explanation of HTTPS Protocol
HTTPS (Secure) is a secure version of the HTTP protocol, using port 443. Based on the HTTP protocol, it provides encryption for data handling, identity verification, and data integrity protection through SSL or TLS.
Source: 5G Communication
Reviewed by: Zhao Lixin
