520 likes | 545 Views
TCP/IP Basics — Protocol Suite —. TCP (Transmission Control Protocol); IP (Internet Protocol). Multi-layer Communication (1/2). Multi-layer Communication (2/2). A series of layers, each built upon the one below it
E N D
TCP/IP Basics— Protocol Suite — TCP (Transmission Control Protocol); IP (Internet Protocol)
Multi-layer Communication (2/2) • A series of layers, each built upon the one below it • Each layer offers certain services to higher layers, hiding the detailed implementation of these services from higher layers • Each layer is completely independent of others as long as the interfaces are not changed • So, secretaries can switchfrom fax to email, without disturbing other layers • 模組化分工,模組抽換容易
Protocol(協定) • Protocol is an agreement between two communication parties on how communication is to proceed • Two communication parties communicate by means of formatted blocks of data that obey the rules and conventions known as a protocol • 協定規範交談的邏輯,實作於軟體模組;參與訊息傳遞的網路節點均會運行這一類的軟體,有足夠的智能處理訊息傳遞 • Key features of a protocol • Syntax: Concerns the format of the data blocks • Semantics: Includes control information for coordination and error handling • Timing: Includes speed matching and sequencing
TCP/IP Protocol Suite (套組)(套房) • 或稱為TCP/IP protocol stack(堆疊),國際標準組織定義的一套用於網際網路(Internet)的通訊協定之組合
註:TCP/IP協定堆疊猶如公司的階層運作機制 • 各司其職,分工合作,隸屬不同部門的人力有特定的任務 • IP為所有上層協定均會使用到的機制,把來自於上層的訊息統一打包處理成既定的格式再傳送
TCP/IP Layers • 由使用者發起的通訊程序:client-server互動模型 • Implemented by 5layers • Application layer • Host-to-host (end-to-end) or transport layer • Internet layer … Layer 3 • Network access layer … Layer 2 • Physical layer … Layer 1
Service Primitives (服務指令)and Parameters • Define services between adjacent layers using: • Primitives to specify function performed • Parameters to pass data and control information
註:Client-Server Interaction Model 6 service primitives provide a simple connection-oriented service
Application Layer • Contains the logic needed to support varioususer applications • Uses separate modules that are peculiar to each different type of application • 各式各樣使用者可直接啟動或取用的應用程式(APP) • 例:e-mail, FTP, WWW, …
Host-to-Host or Transport Layer • Provides reliability during data exchanges • Completeness (沒有漏失) • In-order delivery(循序傳遞) • 常用Transmission Control Protocol (TCP) • 另一種常用協定是UDP (User Datagram Protocol) • TCP= connection-oriented protocol provides a reliable unicast end-to-end byte stream over an unreliable internetwork ← TCP segment
Transport Layer — Connection-Oriented • Before data transfer, TCP establishes a connection (3-way handshake)(三向交握) • Each connection is full duplex ACK (acknowledgment) 也有可能由server主導發出斷線訊息
練習:利用Wireshark觀察協定的訊息流程 • 下載 https://www.wireshark.org • 執行課程網頁之範例程式
Transport Layer — TCP Connection • TCP connection • Each host must have a global Internet address (e.g., 140.125.21.42) • Each process with a host must have an address that is unique within the host —ports (埠) • A port number identifies the endpoint of a connection • Pairs <client IP address, server port#> and <server IP address, server port#> identify a TCP connection
埠號對應特定的網路應用程式,有哪些埠號是經常被用到或保留作特定用途的?埠號對應特定的網路應用程式,有哪些埠號是經常被用到或保留作特定用途的? 自行開發的網路程式應避開這些埠號,以免衝突
Transport Layer — Reliable Transfer • Byte stream is broken up into chunks, i.e., segments • Receiver sends acknowledgements (ACKs) for segments • TCP maintains a timer. If an ACK is not received in time, the segment is retransmitted • Detecting errors • TCP has checksums for header and data • Segments with invalid checksums are discarded • Each byte that is transmitted has a sequence number
Internet Layer • Network access layer is concerned with access and routing data across a network fortwo end systems attached the same network • Uses the Internet protocol (IP) when devices are attached to different networks • Provides routing functions to allow data to traverse multiple interconnected networks • Implemented in end systems and routers • A router is a processor or host that connects two networks • To relay data from one network to the other on its route from the source to the destination end systems
Network Access Layer • Concerned with the exchange of data betweenan end system (server, workstation) and the network to which it is attached • MAC-level (網卡)addressing, 例 00:0a:95:9d:68:16 (48 bits) • 區域網路內的多重存取技術(下一單元討論) • Ethernet、Bluetooth、WiFi、LoRa等均屬於這一層級的技術 • Software used depends on type of network • Circuit switching • Packet switching (e.g., X.25) • LANs (e.g., Ethernet) • Others
Physical (PHY) Layer • Covers the physical interface between a transmission device (e.g., workstation) and a transmission medium or network • The sending computer must provide the network of the address of the destination computer • The sending computer may wish to invoke certain services provided by the network • Different standards have been developed • Physical layer specifies: • Characteristics of the transmission medium • The nature of signals • Data rate • Other related matters • Upper layers above network access do not need to consider the specifics of the network to be used
TCP: Transmission Control Protocol IP: Internet Protocol NAP:Network Access Protocol 運作範例 (1/2) 140.125.20.43 168.95.1.168
運作範例 (2/2) • 設A主機之應用程式App X(使用埠號1)欲傳送資料至B主機之AppX(對應埠號3),A之App X即把訊息交付給旗下的TCP並指定接收端為B主機之埠號3,TCP即接手後續 • TCP再把訊息交付給下層的IP並告知必要的指引(B主機之IP地址),以利IP繼續接手 • IP不需知道收端的埠號,它僅需知道資料須送達B主機即夠 • IP層再把訊息交付給旗下的「網路存取層」(network access layer或稱layer-2)並告知資料將由路由器J繼續接手 • 使用MAC(網卡)進行定址 • TCP主要工作為確保資料安然送達並保證資料依正確的順序抵達目的地端(包含重送與流量控制機制) • IP主要功用為路徑選擇,將資料從發送端繞送至目的端,途中可能經過若干個中繼節點(路由器),以接力(hop-by-hop)的方式完成傳遞 • 網路存取層將封包從一個裝置的網路層傳輸到另外一個裝置的網路層,二個裝置通常連接於同一區域網路內,Ethernet或WiFi為常見技術
每一層把資料傳給下層之前,於資料區塊的前端附加標頭(header)的控制資訊,標頭記錄該資料塊相對於該層的特性及處理指引每一層把資料傳給下層之前,於資料區塊的前端附加標頭(header)的控制資訊,標頭記錄該資料塊相對於該層的特性及處理指引 • 每一層把上層傳來的資料連同新加的標頭再送至下一層作處理,這個過程稱為資料封裝 Protocol Encapsulation • A block of information exchanged at any protocol level is referred to as protocol data units (PDUs) • Header + Data (payload) + Trailer Destination Port Sequence number Checksum DestinationIP Address Source IP address Dest. Network Address Priority info
註:IP封包分為“直接繞送”與“間接繞送”二種機制註:IP封包分為“直接繞送”與“間接繞送”二種機制 • Consult the routing table to determine how to route an IP packet • Direct routing (直接繞送) • Destination are attached to the same physical network • Find the physical address of the destination host (ARP) • Encapsulate the packet in a physical frame and send the frame directly to the physical address • Indirect routing (間接繞送) • Destination is not on a directly attached network • Encapsulate the packet and send it to the next-hop router • An IP packet is routed hop-by-hop until the packet can be delivered directly https://goo.gl/9F9nAE
註:ARP, Proxy ARP (1/2) • Two machines on a physical network communicate using the physical address • Address Resolution Protocol (ARP): mapping Internet addresses to physical addresses • Example • When a user types“ftp hostname”
註:ARP, Proxy ARP (2/2) • Address Resolution Protocol • Determine physical addresses when sending a packet • Answer physical address requests from other machines • Address Resolution Cache: recently acquired IP-to-physical address bindings can be cached • ARP refinement (avoid request from an anticipated source) • Sender includes its IP-to-physical address binding in the ARP request • Receivers update the cached IP-to-physical bindings • ARP encapsulation • On an Ethernet, frame type is 080616 for ARP messages
註:假IP位址?如何辨識? • IPaddress是網路裝置在Internet上的門牌號碼 • 通常唯一,但有可能被數台機器共享,可透過NAT(network address translation)技術區分 • NAT技術經常實作於網路分享器之中 • 訊息傳遞的指引 • 可與地理區域直接對應,透過軟體工具可查閱位置 • 例:140.125.21.43、163.28.5.27、134.60.1.22 • 常見之私有IP位址 • 10.0.0.x、 172.16.0.x、192.168.x.x • 如何得知自己所用之IP位址 • ipconfig • netstat -ano
註:IP位址分為五種等級 • 分為class A、B、C、D、E五種等級 • Router interprets the network and host fields by examining the first few bits of the IP address 0 1 2 3 4 8 16 24 31 Class A 0 netid hostid Class B 1 0 netid hostid Class C 1 1 0 netid hostid Class D 1 1 1 0 multicast address Class E 1 1 1 1 reserved for future use Q:雲科大校園網路屬於哪一等級?
註:查詢IP位址的地理位置 • 一些軟體工具可查閱IP位址之位置 • http://www.infosniper.net • http://www.iplocation.net • http://dir.twseo.org/ip-check.php • 顯示IP位址所屬網路業者與所在國家、城市(代表),但城市不一定準確
註:traceroute • 例:tracert www.youtube.com • 另有免費的視覺化工具,譬如Open Visual Traceroute
TCP Header(1/2) • Destination port • Sequence number • Checksum • Code bits • FIN: 結束連線 • SYN: 建立連線 • RST: 重置連線 • PSH: 封包立即傳送 • ACK: 回應上一次收到的封包 • URG: 請接收端立即處理Urgent pointer所指位址(offsetfrom the current sequence number)之緊要資料,類“interrupt”用途 • ECE: Explicit Congestion Notification Echo → TCP sender • CWR:Congestion Window Reduced, TCP sender → receiver
TCP Header (2/2) • Each sequence number identifiesa byte in the byte stream • Acknowledgement Number (AckNo) • Acknowledgements are piggybacked • A segment from A→B can contain an acknowledgement for a data sent in the B→A direction • A host uses AckNo to send acknowledgements. (If a host sends an AckNo in a segment it sets the “ACK flag”) • AckNo contains the next SeqNo that a host wants to receive • 例: The acknowledgement for a segment with sequence numbers 0-1500 is AckNo=1501 • 例: Sender sends two segments with “1..1500” and “1501..3000”, but receiver only gets the second segment. In this case, the receiver cannot acknowledge the second packet. It can only send AckNo=1
TCP Connection Establishment • TCP uses a three-wayhandshake to open a connection: (1) Client sends a segment with • SYN bit set • port number of client • initial sequence number (ISN) of client (2) Server responds with a segment with • SYN bit set • initial sequence number of server • ACK for ISN of client (3) Client acknowledges by sending a segment with • ACK ISN of server
User Datagram Protocol (UDP) • An alternative to TCP • No guaranteed delivery • No preservation of sequence • No protection against duplication • Minimum overhead • Just adds port addressing to IP UDP header
IP Datagram Format: 欄位(1/4) • Version (4 bits): current version is 4, next version 6 • Header length (4 bits): length of IP header, in multiples of 4 bytes • DS/ECN field (1 byte) • This field was previously called as Type-of-Service (TOS) field. The role of this field has been re-defined, but is “backwards compatible” to TOS interpretation • Differentiated Service (DS) (6 bits): • Used to specify service level (currently not supported in the Internet) • Explicit Congestion Notification (ECN) (2 bits): • New feedback mechanism used by TCP
IP Datagram Format:欄位(2/4) • Identification (16 bits) • Unique identification of a datagram from a host • Incremented whenever a datagram is transmitted • Flags (3 bits) • First bit always set to 0 • DF bit (Do not fragment) • MF bit (More fragments) • Time To Live (TTL) (1 byte) • Specifies longest paths before datagram is dropped • Role of TTL field: Ensure that packet is eventually dropped when a routing loop occurs • Used as follows: • Sender sets the value (e.g., 64) • Each router decrements the value by 1 • When the value reaches 0, the datagram is dropped
IP Datagram Format:欄位(3/4) • Protocol (1 byte) • Specifies the higher-layer protocol • Used for demultiplexing to higher layers • Header checksum (2 bytes) • A simple 16-bit long checksum which is computed for the header of the datagram
IP Datagram Format:欄位(4/4) • Options • Security restrictions • Record Route: each router that processes the packet adds its IP address to the header • Timestamp: each router that processes the packet adds its IP address and time to the header • (loose) Source Routing: specifies a list of routers that must be traversed • (strict) Source Routing: specifies a list of the only routers that can be traversed • Padding • Padding bytes are added to ensure that header ends on a 4-byte boundary
另一常見的協定分層架構 OSI (Open Systems Interconnection) Reference Model
Layers of the OSI Model (1/5) • The OSI (Open Systems Interconnection) reference model was developed by the International Organization for Standardization (ISO) • Application • Presentation • Session • Transport • Network • Data link • Physical
Layers of the OSI Model (2/5) • Application layer • Provides access to the OSI environment for users • Provides distributed information services • Presentation layer • Provides independence to the application processes from differences in data representation (syntax) • Concerned with the syntax and semantics of the information transmitted, e.g. ACSII code, Unicode incompatible • Data compression • Encryption
Layers of the OSI Model (3/5) • Session layer • Provides the control structure for communication between applications • Whose turn to talk? • Establishes, manages, and terminates connections between cooperating applications • Token management: dialogue discipline (full-duplex, half-duplex) • For some protocols, it is essential that both sides do not attempt the same operation at the same time. Only the side holding the token may perform the critical operation • Synchronization • Insert checkpoints into the data stream, so that after a crash, only the data transferred after the last checkpoint need to be repeated
Layers of the OSI Model (4/5) • Transport layer • Provides reliable, transparent transfer of data between end points • Provides end-to-end error recovery and flow control • Network layer • Provides upper layers with independence from the data transmission and switching technologies used to connect systems • Responsible for establishing, maintaining, and terminating connections • A key design issue is determining how packets are routed from source to destination. Static table? Dynamic table is determined anew for each packet, to reflect the current network load
Layers of the OSI Model (5/5) • Data-link layer • Provides the reliable transfer of information across the physical link • Sends blocks (frames) with the necessary synchronization, error control (error detection/correction), and flow control • Physical layer • Transmission of unstructured bit stream over physical medium • Deals with accessing the physical medium • Mechanical characteristics • Electrical characteristics • Functional characteristics • Procedural characteristics