当前位置:网站首页>Network Communication Protocol Overview Notes

Network Communication Protocol Overview Notes

2022-09-23 08:53:53Book memories of Jiangnan

一、Network Protocols and Network Layering

1. when you want to buy an item,常规的做法就是打开浏览器,输入购物网站的地址.The browser will display a page,why it can display this page,是因为它收到了一段来自HTTP协议的响应.Take the koala sea ", for example,格式就像下面这样:

HTTP/1.1 200 OK
Date: Tue, 27 Mar 2018 16:50:26 GMT
Content-Type: text/html;charset=UTF-8
Content-Language: zh-CN

<!DOCTYPE html>
<html>
<head>
<base href="https://pages.kaola.com/" />
<meta charset="utf-8"/> <title>网易考拉3周年主会场</title>

(1)For example, type in the browserhttps://www.kaola.com ,这是一个 URL,浏览器只知道名字是“www.kaola.com”,但是不知道具体的地点,所以不知道应该如何访问,So it opens the address book to find,可以使用DNS去查找,Another more precise address lookup protocol can also be usedHTTPDNS.无论用哪一种方法查找,will eventually get thisIP地址:106.114.138.24.

Knowing the target address, the browser starts to package its request,For ordinary browsing requests it is often usedHTTP协议;但是对于购物的请求,往往需要进行加密传输,因而会使用HTTPS协议.无论是什么协议,里面都会写明“what to buy and how much”,如下图所示:

(2)DNS、HTTP、HTTPSthe layer is called应用层.经过应用层封装后,浏览器会将应用层的包交给下一层去完成,通过socket编程来实现.下一层是传输层,有两种协议,一种是无连接的协议UDP,一种是面向连接的协议TCP.Often used for paymentsTCP协议.connection-oriented,TCP会保证这个包能够到达目的地,If it can't arrive, it will be resent until it arrives.

TCP协议里面会有两个端口,一个是浏览器监听的端口,One is the port that the e-commerce server listens to.操作系统往往通过端口来判断,它得到的包应该给哪个进程,如下图所示:

(3)传输层封装完毕后,浏览器会将包交给操作系统的网络层.网络层的协议是IP协议.在IP协议里会有源IP地址,即浏览器所在机器的IP地址和目标IP地址,That is, the server where the e-commerce website is locatedIP地址,如下图所示:

(4)知道目标IP地址后,The operating system has to go to the gateway,When the operating system starts, it isDHCP协议配置IP地址,以及默认网关的IP地址192.168.1.1.操作系统如何将IP地址发给网关呢?local communication by broadcasting,The local address of gateway will answer it,这个本地地址就是MAC地址,And the broadcast isARP协议,如下图所示:

于是操作系统将IPThe package is handed over to the next layer, which isMAC层,网卡再将包发出去.由于这个包里面是有MAC地址的,因而它能够到达网关.Gateway received after the package will be according to their own knowledge,判断下一步应该怎么走.网关往往是一个路由器,到某个IP地址应该怎么走,这个叫作路由表.Router connects two LANs,Internal can use local LANMAC地址进行通信.

(5)Once across the LAN,就需要拿出IP头来,查看目标IP地址,Routers always know where to go,Because there is frequent communication between neighboring routers.到哪里应该怎么走,这种沟通的协议称为路由协议,常用的有OSPF和BGP.There is a local area network between the two routers,When the network packet knows which router to go to next,Or use the internal networkMAC地址,through the next routerMACFind the next router address,然后再问下一步的路怎么走,until you get out of the last router.

The last router knows where this network packet is going,So broadcast to a local area network who is the targetIP,目标服务器就会回复一个MAC地址.网络包过关后,通过这个MAC地址就能找到目标服务器.

(6)目标服务器发现MAC地址对上了,取下MACheader to send to the network layer of the operating system,发现IP也对上了,就取下IP头.IP头里会写上一层封装的是TCP协议,and then hand it over to the transport layer i.e.TCP层.In this layer for each packet received,都会有一个回复的包说明收到了.This reply package is not the result of this order request,For example, how much money was deducted from the purchase successfully, etc.,而仅仅是TCPA description of the layer is received after the reply.Of course this reply will go back in the direction it came from,报个平安.

(7)If no reply comes after a while,发送端的TCP层会重新发送这个包,还是上面的过程,Until I get a reply from the safe arrival.This retry is by no means the browser re-requesting the action of placing an order again,For the browser, an order request is sent,TCP层不断自己闷头重试,除非TCPThere is a problem with this layer, such as a broken connection,才轮到浏览器的应用层重新发送下单请求.当网络包平安到达TCP层之后,TCP头中有目标端口号,Through this port number, you can find the process of the e-commerce website(如Tomcat)正在监听这个端口号,将这个包发给电商网站,如下图所示:

(8)电商网站的进程得到HTTP请求的内容,知道了要买东西、买多少.往往一个电商网站This one that originally received the requestTomcatJust a load balancing proxy,负责统筹处理这个请求,而不是所有的事情都自己做,For example, to tell a process that specializes in managing orders,登记要买某个商品、买多少,To tell the process that manages inventory how much to reduce the inventory,To tell the payment process how much to pay, etc..

如何告诉相关的进程呢?往往通过RPC调用,is when telling the management order process,The agent need not care about the middle of the network connection problem,会由RPC框架统一处理.RPC框架有很多种,有基于HTTP协议放在HTTP报文里的,有直接封装在TCP报文里的.When the agent finds that the corresponding server process has been processed,就回复一个HTTPSThe package informs that the order was placed successfully.这个HTTPSThe package will be the same as when it came,Through various routes to the user's computer,Finally enter the browser to display the payment successful.

2. The network protocols of each layer are shown in the following figure:

网络为什么要分层?因为网络包的格式很复杂,这个程序也很复杂.复杂的程序都要分层,这是程序设计的要求.For example, complex e-commerce will also be divided into database layer、缓存层、Compose层、Controller层和接入层,每一层专注做本层的事情.Imagine how this program works,如下图所示:

TCP在三次握手时,IP层和 MAC层在做什么呢?当然是TCP发送每一个消息,都会带着IP层和MAC层了,因为TCP每发送一个消息,IP层和MAC层的所有机制都要运行一遍.这里要记住一点:只要是在网络上跑的包,都是完整的,可以有下层没上层,绝对不可能有上层没下层.所以对TCP协议来说,Three handshake or retry,As long as you want to send out the package, you must have itIP层和MAC层,不然是发不出去的.

二、ifconfig命令

3. 关于ifconfig和ip addr的区别,这是一个有关net-tools和iproute2的历史故事.运行一下ip addr应该会输出下面的内容:

[email protected]:~# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether fa:16:3e:c7:79:75 brd ff:ff:ff:ff:ff:ff
    inet 10.100.122.2/24 brd 10.100.122.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fec7:7975/64 scope link 
       valid_lft forever preferred_lft forever

这个命令显示了这台机器上所有的网卡.大部分的网卡都会有一个IP地址,当然这不是必须的,Will you meet later?IP地址的情况.如上输出的结果,10.100.122.2就是一个IP地址,这个地址被点分隔为四个部分,每个部分8个bit,所以IPV4地址总共是32,这样产生的I地址的数量很快就不够用了,于是就有了IPv6,也就是上面输出结果里面inet6 fe80::f816:3eff:fec7:7975/64,有128位.

IPV4also divided into5类,如下图所示:

在网络地址中,对于A、B、 C类主要分两部分,前面一部分是网络号,后面一部分是主机号.下面这个表格,详细展示了A、B、C三类地址所能包含的主机的数量:

There's an embarrassing thing here,就是C类地址能包含的最大主机数量实在太少了,只有254个,Now it is estimated that an Internet cafe is not enough.,而B类地址能包含的最大主机数量又太多了,6万多台机器放在一个网络下面,一般的企业基本达不到这个规模,闲着的地址就是浪费.

于是有了一个折中的方式叫作无类型域间选路(CIDR,这种方式打破了原来设计的几类地址的做法,将32位的IP地址一分为二,前面是网络号,后面是主机号,can be used to determine twoIPWhether the address is in the same subnet.从哪里分呢?10.100.122.2/24这个IP地址中有一个斜杠,斜杠后面有个数字24,后面24的意思是,32位中,前24位是网络号,后8位是主机号.

伴随着CIDR存在的,一个是广播地址10.100.122.255,如果发送这个地址,所有10.100.122All machines in the network can receive.另一个是子网掩码255.255.255.0,将子网掩码和IP地址进AND计算,前面三个 255转成二进制都是1,1和任何数值取AND都是原来数值,Therefore, the first three numbers do not become10.100.122后面一个 0转换成二进制是0,0和任何数值取AND都是0,因而最后一个数变为0,合起来就是10.100.122.0,This is the network number.将子网掩码和IP地址按位计算AND,就可得到网络号.

4. 在日常的工作中,几乎不用划分A 类、B类或者C类,So after a long time, many people forget this category,而只记得CIDR.But there is one thing to note,就是公有IP地址和私有IP地址,如下图所示:

表格最右列是私有IP地址段.usual data center、办公室、家里或学校的IP地址,一般都是私有IP地址段,因为这些地址允许组织内部的IT人员自己管理、分配,而且可以重复.而公有IP地址有个组织统一分配,需要去买.表格中的192.168.0.x是最常用的私有IP地址.家里的Wi-Fi对应就会有一个IP地址,Generally, the Internet devices in the home will not exceed more than256个,所以/24基本就够了.sometimes see/16的CIDR,这两种是最常见的.

不需要将十进制转换为二进制32位,就能明显看出192.168.0是网络号,后面是主机号,而整个网络里面的第一个地址192.168.0.1,Often this is the export of private network address,such as home computer connectionWi-Fi,Wi-Fi路由器的地址就是192.168.0.1,而192.168.0.255就是广播地址,一旦发送这个地址,整个192.168.0网络里面的所有机器都能收到.

但是也不总都是这样的情况.例如16.158.165.91/22这个CIDR,Let's ask for the first address of this network、子网掩码和广播地址.If you come up, write16.158.165.1就错了,/22不是8的整数倍,只能先变成二进制来看,16.158的部分不会动,它占了前16位.中间的165变为二进制为10100101,/22除了前面的16bits left6位,所以这8位中前6位是网络号,即16.158.<101001>,而<01>.91是机器号.So the first address is16.158.<101001><00>.1,即16.158.164.1;子网掩码是255.255.<111111><00>.0,即255.255.252.0;广播地址为16.158.<101001><11>.255,即16.158.167.255.

这五类地址中,还有一类D类是组播地址.使用这一类地址,属于某个组的机器都能收到,It's kind of like everyone in the company joins a mailing group,After sending the email, anyone who joins this group can receive it.The multicast address is at the backVXLANThe agreement section will mention.在上面ip addr命令的输出中,IP地址的后面有个scope,对于eth0This card isglobal,说明这张网卡是可以对外的,可以接收来自各个地方的包;对于lo来说是host,Indicates that this network card can only be used by this machine to communicate with each other.lo全称是loopback,又称环回接口,往往会被分配到127.0.0.1这个地址,这个地址用于本机通信,经过内核处理后直接返回,不会在任何网络中出现.

5. 在上面ip addr命令输出中,IP地址的上一行是link/ether fa:16:3e:c7:79:75 brd ff:ff:ff:ff:ff:ff,这个被称为MAC地址,是一个网卡的物理地址,用十六进制6个byte表示.MAC地址号称全局唯一,不会有两个网卡有相同的MAC地址,And the network card carries this address since it was produced..那既然这样,All communications on the Internet useMAC地址不就好了?

这样其实是不行的.A network packet is passed from one place to another,除了要有确定的地址,还需要有定位功能,而IPThe address is the remote location function,MAC地址更像是身份证,是一个唯一的标识,它的唯一性设计是为了组网的时候,When different network cards are placed in the same network,可以不用担心冲突,从硬件角度保证不同的网卡有不同的标识,Just like people born with the household registration and id card,But people grow up may go to other cities,Obviously, there is no way to find out where this person is now through the ID card and household registration.,所以MACThe address can only be used for communication within the same local subnet,IPAddresses are used to route and communicate across subnets across multiple networks.

再来看上面ip addr命令输出中的<BROADCAST,MULTICAST,UP,LOWER_UP>内容,这个叫做net_device flags,即网络设备的状态标识,UP表示网卡处于启动的状态;BROADCAST表示这个网卡有广播地址,可以发送广播包;MULTICAST表示网卡可以发送多播包;LOWER_UP表示L1是启动的,即网线插着.

MTU1500是指最大传输单元MT为 1500,这是以太网的默认值,It is the secondMAC层的概念.MAC层有MAC的头,以太网规定连MAC头带正文合起来,不允许超过1500个字节,正文里面有IP头、TCP头、HTTP头,If you can't put it down, you need to split it for transmission.

qdisc pfifo_fast中,qdisc全称是queueing discipline叫排队规则,内核如果需要通过某个网络接口发送数据包,它都需要按照为这个接口配置的qdisc(排队规则)把数据包加入队列.最简单的qdisc是pfifo,It does not do anything with incoming packets,数据包采用先入先出的方式通过队列.

pfifo_fast稍微复杂一些,它的队列包括三个波段(band),Use FIFO rule in each band.三个波段(band)的优先级也不相同.band 0的优先级最高,band 2的最低.如果band 0there are packets,系统就不会处理band 1里的数据包,band 1和band 2之间也是一样.数据包是按照服务类型(Type of Service,TOS)被分配到三个波段(band)里的.TOS是IPa field in the header,Indicates whether the current package is high priority or low priority.

三、DHCPPXE

6. IPThe address is not random,For example, the machines next to it are192.168.1.x,have to configure one16.158.23.6,This way the package will not be sent out.LinuxThe system is not that smart,Although the machine can be seen with the naked eye right next to it,But it needs to be processed according to its own logic.As long as it is running in the network packet is complete,可以有下层没上层,绝对不可能有上层没下层,So although it has its own sourceIP地址16.158.23.6,也有目标IP地址192.168.1.6,But the package can't be sent out becauseMAC层还没填.

自己的MAC地址自己知道,但是目标MAC是不是填192.168.1.6这台机器的MAC地址呢?当然不是.Linux首先会判断,Whether the address you want to go to is on the same network segment as your own network card,It will only send if it is a network segmentARP请求获取MAC地址;如果发现不是,Linux默认的逻辑是,如果这是一个跨网段的调用,它便不会直接将包发送到网络上,而是企图将包发送到网关.

If a gateway is configured,Linux会获取网关的MAC地址,然后将包发出去.对于 192.168.1.6这台机器,Although this package target passing by its doorIP是它,但是无奈MAC地址不是它的(是网关的),所以它的网卡是不会把包收进去的.如果没有配置网关,那包压根就发不出去.如果将网关配置为192.168.1.6那也不可能,Linuxwill not let the configuration succeed,因为网关要和当前的网络至少一个网卡是同一个网段的,16.158.23.6The gateway should not be192.168.1.6.

When actually configuring the network address,must not be used directlyLinux命令配置的,而是放在一个配置文件里面,不同系统的配置文件格式不同,但基本就是CIDR、子网掩码、广播地址和网关地址.

If it is a data center server,配置了IP之后一般不能变的,But if it is a machine with a large number of clients,There needs to be an auto-configured protocol,也就是动态主机配置协议(Dynamic Host Configuration Protocol,DHCP).With this protocol network administrators are much easier,He only needs to configure a shareIP地址,每一台新接入的机器都通过DHCP协议,come here to shareIPApply for one of the addresses,然后自动配置好就可以了,Return it after the machine is used up,这样其他的机器也能用.

7. When a machine newly joins a network, it doesn't know what's going on,只知道自己的MAC地址,所以It will broadcast first to ask itself to be assignedIP地址是什么,这一步称为DHCP Discover.新来的机器使用IP地址0.0.0.0发送了一个广播包,目的IP地址为 255.255.255.255,广播包封装了UDP,UDP封装了BOOTP,其实DHCP是BOOTP的增强版,But if you go to capture the package, the name you are likely to see is stillBOOTP协议.The format of the broadcast packet is as shown below:

If the network administrator has configured in the networkDHCP Server的话,它就相当于这些IP的管理员,它立刻能知道来了一个“新人”,Can feel at this momentMAC地址唯一的重要性了,当一台机器带着自己的MAWhen the address joins a network,MAC是它唯一的身份,If even this is repeated, there is no way to configure it..只有MAC唯一,DHCP Serverto know that this is a newcomer,需要租给它一个IP地址,这个过程称为DHCP Offer.同时,DHCP ServerFor this client reserve theIP地址,从而不会为其他DHCPClient assigns thisIP地址.DHCP Offer的格式就像下图所示,里面有给新人分配的地址:

DHCP Server仍然使用广播地址作为目的地址,因为此时请求分配IP的新人还没有自己IP.除此之外,DHCP ServerAlso send the subnet mask、网关和IP地址租用期等信息,如果有多个DHCP Server,这台新机器会收到多个IP地址,它会选择其中一个DHCP Offer,一般是最先到达的那个,并且会向网络发送一个DHCP Request广播数据包,The package contains the client'sMAC地址、接受租约中的IP地址、提供此租约的DHCP服务器地址等,并告诉所有DHCP Server它将接受哪一台服务器提供的IP地址,And ask the otherDHCP Server撤销它们提供的IP地址,以便提供给下一个IP租用请求者,如下图所示:

此时,由于还没有得到DHCP Server的最后确认,客户端仍然使用0.0.0.0为源IP地址、255.255.255.255为目标地址进行广播,在BOOTPaccept aDHCP Server分配的IP.DHCP Server接收到客户机的DHCP request后,会广播返回给客户机一个DHCP ACK消息包,表明已经接受客户机的选择,并将这一IPThe legal lease information of the address and other configuration information are put into the broadcast packet and sent to the client,欢迎它加入网络大家庭,It is still necessary to broadcast when the final lease is reached,让大家都知道.

租期到了,DHCP Server就要将IP收回,如果还要续租的话,不能到了时间再续租,but rather earlier,客户机会在租期过去50%的时候,直接向为其提供IP地址的DHCP Server发送DHCP request消息包,客户机接收到该服务器回应的DHCP ACK消息包,will be based on the new lease terms provided in the package and other updatedTCP/IP参数,更新自己的配置,这样IP租用更新就完成了.

8. 但是其实DHCPThere is a detail hidden inside,Then a funny thing:网络管理员不仅能自动分配IP地址,It can also help the client to automatically install the operating system.The administrators in the data center got hundreds of empty machines all at once,Installing operating systems one by one will be exhausting,So the admin wants more than just auto-assignmentIP地址,还要自动安装系统.装好系统之后自动分配IP地址,Of course, it is best to start it directly..

其实,这个过程和操作系统启动的过程有点儿像.首先启动BIOS,It can only read the hard diskMBR启动扇区,将GRUB启动起来;然后将权力交给GRUB,GRUB加载内核、加载作为根文件系统的initramfs文件;然后将权力交给内核;最后内核启动,初始化整个操作系统.The process of installing an operating system,只能插在BIOS启动之后了,Because there is no boot sector before the system is installed,因而这个过程叫做预启动执行环境(Pre-boot Execution Environment,PXE).

PXE协议分为客户端和服务器端,由于还没有操作系统,只能先把客户端放在BIOS里面,当计算机启动时,BIOS把PXEClient loaded into memory,就可以连接到服务端做一些操作了.首先PXE客户端自己也需要有个IP地址,因为PXE的客户端启动起来,就可以发送一个DHCP请求,让DHCP Server给它分配一个地址.PXE客户端有了自己的地址,那怎么知道PXEwhere is the server?It's fine for other agreements,such as telling the browser to visitIP地址,或者在配置中告诉它,For example, mutual calls between microservices.但是PXENothing happens when the client starts up,好在DHCP Server除了分配IPCan do something other than address,下面是一个DHCP Serversample configuration for:

ddns-update-style interim;
ignore client-updates;
allow booting;
allow bootp;
subnet 192.168.1.0 netmask 255.255.255.0
{
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option time-offset -18000;
default-lease-time 21600;
max-lease-time 43200;
range dynamic-bootp 192.168.1.240 192.168.1.250;
filename "pxelinux.0";
next-server 192.168.1.180;
}

默认的DHCP Server是需要配置的,nothing more than configurationIP时所需要的IP地址段、子网掩码、网关地址、租期等.如果想使用PXE,则需要配置next-server指向PXE服务器的地址,另外要配置初始启动文件filename,这样PXE客户端启动后发送DHCP请求之后,除了能得到一个IP地址,还可以知道PXE服务器在哪里,也可以知道如何从PXE服务器上下载某个文件,去初始化操作系统.

9. 接下来看一下PXE的工作过程:

(1)首先,启动PXE客户端.第一步是通过DHCP协议告诉DHCP Server,There is nothing on the machine,DHCP Server便租给它一个IP地址,同时也给它PXE服务器的地址、启动文件pxelinux.0.

(2)其次,PXE客户端知道要去PXE服务器下载这个文件后,就可以初始化机器,于是便开始下载,download usingTFTP协议,所以PXEThere is often also a need for aTFTP服务器.PXE客户端向TFTP服务器请求下载这个文件,TFTPThe server passes the file to it.

(3)然后,PXE客户端收到这个文件后,就开始执行这个文件.这个文件会指示PXE客户端,向TFTP服务器请求计算机的配置信息pxelinux.cfg,TFTP服务器会给PXE客户端一个配置文件,里面会说内核在哪里、initramfs在哪里,PXE客户端会请求这些文件.

(4)最后,启动Linux内核.一旦启动了操作系统,以后就啥都好办了.

原网站

版权声明
本文为[Book memories of Jiangnan]所创,转载请带上原文链接,感谢
https://chowdera.com/2022/266/202209230622345154.html

随机推荐