Never too late to learn.

0%

TCP IP 详解 卷1:协议 学习笔记

TCP/IP详解 卷1:协议

(美) W.Richard Stevens

第一章 概述

四层模型 功能
应用层 Application Telnet, FTP, email…
运输层 Transport TCP, UDP
网络层 Network IP, ICMP, IGMP
链路层 Link 设备驱动程序及接口卡

TCP/IP协议族是一组不同协议组合在一起构成的协议族。

The TCP/IP protocol suite is a combination of manyprotocols. Although the commonly used name for the entire protocol suite is TCP/IP, TCP and IP are only two of the protocols. (An alternative name is the Internet Protocol Suite.)

在TCP/IP协议族中,网络层IP提供的是一种不可靠的服务。也就是说,它知识尽可能快地把分组从源节点送到目的节点,但是并不提供任何可靠性保证。而另一方面,TCP在不可靠的IP层上提供了一个可靠的运输层。为了提供这种可靠的服务,TCP采用了超时重传、发送和接收端到段的取人分组等机制。

In the TCP/IP protocol suite the network layer, IP, provides an unreliable service. That is, it does its best job of moving a packet from its source to its final destination, but there are no guarantees. TCP, on the other hand, provides a reliable transport layer using the unreliable service of IP To provide this service, TCP performs timeout and retransmission, sends and receives end-to-end acknowledgments, and so on. The transport layer and the network layer have distinct responsibilities.

互联网上的每个接口必须有一个唯一的Internet地址(也称作IP地址)。IP地址长32位。

Every interface on an internet must have a unique Internet address (also called an IP address). These addresses are 32-bit numbers.

The unit of data that TCP sends to IP is called a TCP segment(TCP报文段/TCP段). The unit of data that IP sends to the network interface is called an IP datagram(IP数据报). The stream of bits that flows across the Ethernet is called a frame(帧).
We could draw a nearly identical picture for UDP data. The only changes are that the unit of information that UDP passes to IP is called a UDP datagram, and the size of the UDP header is 8 bytes.

When an Ethernet frame is received at the destination host it starts its way up the protocol stack and all the headers are removed by the appropriate protocol box. Each protocol box looks at certain identifiers in its header to determine which box in the next upper layer receives the data. This is called demultiplexing.(分用)

第2章 链路层

以太网IP数据报的封装在RFC 894[Hornig 1984]中定义,IEEE 802网络的IP数据报封装是在RFC 1042[Postel and Reynolds 1988]中定义。

两种帧格式都采用48bit(6字节)的目标地址合源地址,即硬件地址。

802.3标准定义的帧合以太网的帧都有最小长度要求。802.3规定数据部分必须至少为38字节,而对以太网,则最少要求46字节。为了保证这一点,必须在不足的空间插入填充(pad)字节。

以太网和802.3对数据帧的长度都有一个限制,其最大值分别为1500和1492字节。链路层的这个特性称作MTU,最大传输单元。不同类型的网络大多数都有一个上限。

第3章 IP:网际协议

IP是TCP/IP协议族中最为核心(workhorse)的协议。所有的TCP、UDP、ICMP及IGMP数据都以IP数据报格式传输。

IP提供不可靠、无连接的数据报传送服务

  • 不可靠:它不能保证IP数据报能成功地到达目的地。
  • 无连接:IP并不维持任何关于后续数据报的状态信息。每个数据包的处理是相互独立的。

IP层在内存中有一个路由表。当收到一份数据包并进行发送时,它都要对该表搜索一次。

IP路由选择是逐跳地(hop-by-hop)进行的

现在所有的主机都要求支持子网编址(subnet addressing)。不是把IP地址单纯的看成由一个网络号(network ID)和主机号(host ID)组成,而是把主机号再分成一个子网号(subnet ID)和一个主机号。

子网划分缩减了路由表的规模。
Subnetting, therefore, reduces the size of routing tables.

除了IP地址以外,主机还需要知道ip地址中有多少位用于子网号及多少位用于主机号。这是再引导过程中通过子网掩码(subnet mask)来确定的。这个掩码是一个32bit的值,之中值为1的位留给网络号和子网号,为0的位留给主机号。

第4章 ARP:地址解析协议

当一台主机把以太网数据帧发送到位于同一局域网上的另一台主机时,是根据48bit的以太网地址来确定目的接口的。设备驱动程序从不检查IP数据报中的目的IP地址。

地址解析位这两种不同的地址形式提供映射:32bit的IP地址和数据链路层使用的任何类型的地址。

ARP为IP地址到对应的的硬件地址之间提供动态映射。

ARP provides a dynamic mapping from an IP address to the corresponding hardware address.

在ARP背后有一个基本概念,那就是网络接口有一个硬件地址。在硬件层次上进行的数据帧交换必须有正确的接口地址。ARP的功能是在32bit的IP地址和采用不同网络技术的硬件地址之间提供动态映射。

The function of ARP is to provide a dynamic mapping between 32-bit IP addresses and the hardware addresses used by various network technologies.

点对点链路不适用ARP。

Point-to-point links don’t use ARP.

第5章 RARP:逆地址解析协议

RARP协议是许多无盘系统在引导式用来获取IP地址的。一个RARP请求在网络上进行广播,他在分组中表明发送端的硬件地址,以请求相应IP地址的响应。应答通常是单播传送的。

RARP is used by many diskless systems to obtain their IP address when bootstrapped。An RARP request is broadcast, identifying the sender’s hardware address, asking for anyone to respond with the sender’s IP address. The reply is normally unicast.

第6章 ICMP:Internet控制报文协议

ICMP经常被认为是IP层的一个组成部分。它传递差错报文以及其他需要注意的信息。

ICMP is often considered part of the IP layer. It communicates error messages and other conditions that require attention. ICMP messages are usually acted on by either the IP layer or the higher layer protocol (TCP or UDP). Some ICMP messages cause errors to be returned to user processes.
ICMP messages are transmitted within IP datagrams.

ICMP报文格式如下

icmp_msg.jpg

类型字段可以以有15个不同的值,不同类型由报文中的类型字段和代码字段来共同决定。
ICMP报文可以划分为查询报文和差错报文,其中差错报文需要做特殊处理。

ICMP的一个规则是,ICMP差错报文必须包括生成该差错报文的数据报IP首部,还必须至少包含跟在该IP首部后面的前8个自己。

第7章 Ping程序

Ping程序由Mike Muuss编写,目的是为了测试另一台主机是否可达。该程序发送一份ICMP回显请求报文给主机,并等待返回ICMP回显应答。

1
2
3
4
5
6
7
8
9
10
$ man ping
NAME
ping - send ICMP ECHO_REQUEST to network hosts
DESCRIPTION
ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (``pings'') have an IP and ICMP
header, followed by a struct timeval and then an arbitrary number of ``pad'' bytes used to fill out the packet.

ping works with both IPv4 and IPv6. Using only one of them explicitly can be enforced by specifying -4 or -6.

ping can also send IPv6 Node Information Queries (RFC4620). Intermediate hops may not be allowed, because IPv6 source routing was deprecated (RFC5095).
Coffee? ☕