Click the blue text above
1. Protocol Layering
The TCP/IP protocol uses encapsulation and multiplexing strategies in packet design. Encapsulation means that during the data sending process in the application layer, each layer adds some header information for communication with the corresponding layer on the receiving end. For example, the diagram below illustrates how data is processed layer by layer as it is sent from the application program to Ethernet:
1. Application Layer
The application layer is the highest level of the TCP/IP protocol, and it is the one we interact with the most in mobile development.
Protocols running on TCP:
-
HTTP (Hypertext Transfer Protocol, 超文本传输协议), primarily used for general browsing.
-
HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL, 安全超文本传输协议), the secure version of HTTP.
-
FTP (File Transfer Protocol, 文件传输协议), as the name suggests, is used for file transfer.
-
POP3 (Post Office Protocol, version 3, 邮局协议), used for receiving emails.
-
SMTP (Simple Mail Transfer Protocol, 简单邮件传输协议), used for sending emails.
-
TELNET (Teletype over the Network, 网络电传), used to log into the network through a terminal.
-
SSH (Secure Shell, used to replace the less secure TELNET), used for secure encrypted logins.
Protocols running on UDP:
-
BOOTP (Boot Protocol, 启动协议), used for diskless devices.
-
NTP (Network Time Protocol, 网络时间协议), used for network synchronization.
-
DHCP (Dynamic Host Configuration Protocol, 动态主机配置协议), for dynamic IP address configuration.
Others:
-
DNS (Domain Name Service, 域名服务), used for address resolution, email forwarding, etc. (runs on both TCP and UDP).
-
ECHO (Echo Protocol, 回绕协议), used for error checking and measuring response time (runs on both TCP and UDP).
-
SNMP (Simple Network Management Protocol, 简单网络管理协议), used for collecting network information and network management.
-
ARP (Address Resolution Protocol, 地址解析协议), used for dynamically resolving Ethernet hardware addresses.
2. Transport Layer
The transport layer provides two methods to reach the target network:
(1) User Datagram Protocol (UDP):
Only provides basic error detection, and is a connectionless protocol.
Features: packages data, data size is limited (64k), does not establish a connection, fast speed, but low reliability.
(2) Transmission Control Protocol (TCP):
Provides comprehensive error control and flow control, ensuring normal data transmission, and is a connection-oriented protocol.
Features: establishes a connection channel, data size is unlimited, slower speed, but high reliability. The transport layer involves many components, such as ports, sockets, etc.
TCP Three-Way Handshake
First handshake: The Client sets the SYN flag to 1, randomly generates a value seq=J, and sends this packet to the Server. The Client enters the SYN_SENT state, waiting for the Server to confirm.
Second handshake: After receiving the packet, the Server knows the Client requests to establish a connection by the SYN=1 flag. The Server sets both the SYN and ACK flags to 1, ack=J+1, randomly generates a value seq=K, and sends this packet back to the Client to confirm the connection request. The Server enters the SYN_RCVD state.
Third handshake: The Client receives the confirmation, checks if ack is J+1 and ACK is 1. If correct, it sets the ACK flag to 1, ack=K+1, and sends this packet to the Server. The Server checks if ack is K+1 and ACK is 1. If correct, the connection is successfully established, and both Client and Server enter the ESTABLISHED state, completing the three-way handshake, after which data transmission can begin.
In simple terms:
1): When establishing a connection, the Client sends a SYN packet (SYN=i) to the Server and enters the SYN-SEND state, waiting for the Server’s confirmation.
2): The Server receives the SYN packet, must confirm the Client’s SYN (ack=i+1), and also sends a SYN packet (SYN=k), i.e., a SYN+ACK packet, entering the SYN-RECV state.
3): The Client receives the Server’s SYN+ACK packet and sends a confirmation ACK (ack=k+1) back to the Server. After sending this packet, both the Client and Server enter the ESTABLISHED state, completing the three-way handshake, and start data transmission.
TCP Four-Way Handshake
Since TCP connections are full-duplex, each direction must be closed separately. This principle states that when one party completes its data sending task, it sends a FIN to terminate the connection in that direction. Receiving a FIN only means that there is no data flow in that direction, i.e., no more data will be received.
However, data can still be sent on this TCP connection until that direction also sends a FIN. The first party to close will perform an active close, while the other party will perform a passive close, as depicted in the diagram above.
First wave: The Client sends a FIN to close the data transmission from Client to Server, entering the FIN_WAIT_1 state.
Second wave: The Server, after receiving the FIN, sends an ACK to the Client, confirming the sequence number as the received sequence number +1 (like SYN, one FIN occupies one sequence number), and enters the CLOSE_WAIT state.
Third wave: The Server sends a FIN to close the data transmission from Server to Client, entering the LAST_ACK state.
Fourth wave: The Client, after receiving the FIN, enters the TIME_WAIT state, then sends an ACK to the Server, confirming the sequence number as the received sequence number +1. The Server enters the CLOSED state, completing the four-way handshake.
Why is establishing a connection a three-way handshake, while closing a connection is a four-way handshake?
This is because when the server is in the LISTEN state and receives a SYN packet for establishing a connection, it sends both ACK and SYN in one packet back to the client. However, when closing a connection, receiving the other party’s FIN packet only indicates that the other party will no longer send data but can still receive data; the party itself may not have sent all its data to the other party yet. Therefore, the party can either close immediately or send some data to the other party before sending a FIN packet to indicate agreement to close the connection now. Thus, the ACK and FIN are generally sent separately.
3. Network Layer
An IP address consists of two parts: the network address and the host address, which have a master-slave relationship:
(1) Network number net-id, which marks the network that the host (or router) is connected to, indicating which network it belongs to on the Internet.
(2) Host number host-id, which marks the host (or router), indicating which host it is within that network.
4. Network Interface Layer
2. Protocol Unpacking
Similarly, many application processes use TCP or UDP to transmit data, requiring an application identifier in the TCP segment or UDP datagram header. Both TCP and UDP use a 16-bit port number to identify different applications, storing the “source port number” and “destination port number” in the TCP segment header and UDP datagram header, respectively.
The network interface layer sends and receives IP, ARP, and RARP data, and similarly, it must add a field in the Ethernet header (assuming the physical network is Ethernet) to indicate which protocol’s data is being sent. Therefore, the Ethernet frame header defines a 16-bit “type” field. When the receiving party (also called the destination host) receives an Ethernet frame, the data begins to be transmitted up the protocol stack from the bottom.
Each layer’s protocol uses the protocol control information carried in the message header to perform corresponding processing, then removes the header from the protocol data unit and hands the encapsulated data to the upper layer protocol. Each layer protocol must check the protocol identifier in the protocol header to determine which protocol receives the data. This process is called unpacking, as shown in the diagram above.
3. Local Area Network Data Transmission
Any two peer layers, such as the transport layer, internet layer, and network interface layer, communicate as depicted in the diagram above, as if data is directly transmitted to each other through a horizontal dashed line, which is called communication between peer layers.
In reality, protocols are various regulations for transmitting data between two peer layers. Thus, it can be considered that actual communication occurs vertically, with encapsulation and unpacking operations enabling physical communication. However, logically, it is peer layer communication utilizing protocols in the horizontal direction.
4. Wide Area Network Data Transmission
The application layer and transport layer use end-to-end protocols, and there are no these two layers of protocols in routers, only the end systems have these two layers of protocols. The internet layer is a hop-by-hop protocol, and both end systems and routers have internet layer protocols. A router has two or more network interfaces, allowing it to connect to two or more networks.
One of the purposes of the Internet is to shield all physical network details from applications. In the diagram above, the application layer does not need to care whether an end system is on Ethernet or Token Ring; they communicate through routers. As the number of different types of physical networks increases, the scale of the Internet continues to grow, necessitating more routers, yet the application layer remains unchanged.
