您的位置：首页 > 理论基础 > 计算机网络

TCP/IP第一卷读书笔记

2010-04-02 23:05 232 查看

粉红色的句子是代表上次的进度。

红色的是有疑问的地方。

蓝色是重点概念

基础知识：

1

OSI
中的物理层，这个层比较容易理解，就是物理介质，比如说双绞线，在双绞线上跑的都是电信号，就是高低电平。

2

数据链路层，在物理层上跑的电信号不能被计算机所识别，必须要变成有意义的计算机能识别的形式才行，计算机可以识别的东西只有两个数，
0
和
1
，电平也刚好有两种状态，低和高，那么正好，
0
对应低电平，
1
对应高电平。那么谁来负责把物理层上跑的电平信号转换成数据信号
0
和
1
呢？网卡。具体来说应该是网卡芯片中的一段程序。反过来也是，谁来把计算机中的数据转化成电平信号传出去呢，也是网卡中的一段程序。那么这个网卡中的一段程序就是“数据链路层”。在将数据传出去的过程中有这样一个问题，就是在一台主机不能同时又接数据又收数据，在一个局域网中的不同主机也不能同时往主线上传送数据，这种情况会出现冲突，所以我们必须要想办法保证在同一时间内只有一个主机可以传送数据才行。有很多办法可以来实现这个功能，比如令牌环方法，即在网络中有一块令牌，谁拿到令牌谁才能传送或接收数据。还有一个
csma/cd
方法，即大家都能在任何时刻传送数据，但是在传之前要看一下是否现在正有其它主机在传，如果有，则自己不能传，要等会儿，过一会儿后，再看看，直到没别人用了，自己才可以传。这两种方法各有优缺。根据网卡中的数据链路层的那段程序所采取的方法不同，形成的网络也不同，如果该段程序是实现的
csma/cd
协议，那么这个网络就是以太网，如果实现的是令牌环方法，那么这个网络就是令牌环网。所以说以太网的必须要求是网卡实现
csma/id
协议，与你使用的线的种类无关，如果你用双绞线，就买带
rj-45
接口的以太网卡，如果你用同轴电缆，你就买带
bnc
接口的以太网卡。在发送
IP DATAGRAM
过程中，
”
数据链路层
”
要将
IP
DATAGRAM
打包。这里需要说明的还有网卡的驱动程序，驱动程序的作用是控制网卡中的缓存之类的东西。

3

网络层，传输层，这些层你可以使用
TCP/IP
，也可以不用。所以说如果一个网是以太网，那它也不一定是
tcp/ip,
是
tcp/ip
网，也不一定是以太网

4

不管你的网卡是什么接口的，也不管你的网卡中的“数据链路层”的程序是以太还是令牌环，它的前提是它是一块网卡，有
mac
地址的。所以两个串口的连接不能算是这种网络，它也没有网卡中的链路层实现
csma/cd
，也不能有该层中的
mac
地址。

网卡中的
csma/cd
协议实现的具体方法：

数据链路控制器
(EDLC)
　

　　数据链路控制器是一个大规模集成电路芯片，基本实现了
CSMA/CD
媒体接入协议。
EDLC
按工作流程可分为数据帧发送和数据帧接收两部分。　

　
　在数据帧发送流程
中，
EDLC
的第一件工作是组织帧。
EDLC
先将来自主机的数据包中的目标地址、源地址、类型及数据信息放入数据缓存器的发送
RAM
中，而发送之前自动传
输
64
位前导码，使网络接口电路达到稳定状态，并在数据信息之后加上
32
位
CRC
校验码，准备好发送内容。数据缓冲接口部分有一个先进先出
(FIFO)
的
16
字节发送器队列。发送器从数据缓存器逐字节读取数据，然后运用
串并转换器把字节转成串行位流后逐位发送。　

　　在数据发送之前和发送流程
中，
EDLC
随时执行载波侦听，按照
CSMA/CD
的协议要求
“
先听后说
”
和
“
边说边听
”
。在开始发送之前，
EDLC
至少要等待
9.6μs
时间，确定网络
上无其他站点在发送，才开始发送，这就是载波侦听。在发送流程
中，如果发觉
有其他站点发送，
EDLC
自动停止
FIFO
内容的发送，立即发出一个
32
位长的
010101
序列阻塞位串，以强化冲突，使所有站点都能检测到冲突的存在。
同时，
EDLC
告诉主机数据帧发送时发送冲突，需等待一段随机时间后，再重新发送。主机接到请求后执行后退算法，随机等待一段时间，再重新启动发送。若一
个数据信息字段传送完毕，
EDLC
在最后一个字节送入
FIFO
后，发出
32
位
CRC
校验码。整个数据帧发送完毕，即修改发送状态寄存器。　　在
EDLC
数据接收部分，
EDLC
通过译码器接口输入端随时监听网络状态。在网络平静状态下，当收到一个串行位流是连续的
62
位
“010101”
花样的
位串后接着是两位连续的
“
１
”
时，这表示了另外一站点发送的前导码。为了使译码器产生锁相实现同步，
EDLC
等待８位时间才寻找
“11”
，即前导码的最后
两位。如果收到的不是
“11”
，则不是正确的数据帧，不接收后面的数据。如果收到了最后两位
“11”
，则说明收到了正确的前导码，并继续接收数据帧的数
据。接下来收到的应该是目标地址，由
EDLC
的地址检查器检查能不能
与
REA
中的地址值匹配如果地址不匹配，则说明是发往其他站点的数据帧，立即停止接收数据操作；如果目标地址与本站地址相同，则继续接收发给本站的数据，
执行串并转换，送往接收缓冲队列
FIFO
。当
EDLC
收完一个数据帧后，再执行
CRC
校验。如果校验不正确，则取消收到的　数据缓冲区中的数据帧；如果校验正确，则配置
状态寄存器中有关接收状态的各位。最后
EDLC
发出接收结束信号，清理
DMA
接收控制，并发出
INT
信号通知主机接收己完成。　　

Preface

Introduction

This book describes the TCP/IP protocol
suite, but from a different perspective than other texts on TCP/IP. Instead of
just describing the protocols and what they do, we will use a popular
diagnostic tool to watch the protocols in action. Seeing how the protocols
operate in varying circumstances provides a greater understanding of how they
work and why certain design decisions were made. It also provide a look into
the implementation of the protocols, without having to wade through thousands
of lines of source code.

When
networking protocols were being developed in the 1960s through 1980s,
expensive, dedicated hardware was required to see the packets going “across the
wire”. extreme familiarity with the protocols was also required to comprehend
the packets displayed by the hardware. Functionality of the hardware analyzers
was limited to that built in by the hardware designers.

Today
this has changed dramatically with the ability of the ubiquitous workstation to
monitor a local area network. Just attach a workstation to your network, run
some publicly available software, and watch what goes by on the wire. While
many people consider this a tool to be used for diagnosing network problems, it
is also a powerful tool for understanding how the network protocol operate,
which is the goal of this book.

This
book is intended for anyone wishing to understand how the TCP/IP protocols
operate: programmers writing network applications, system administrators
responsible for maintaining computer systems and networks utilizing TCP/IP, and
users who deal with TCP/IP applications on a daily basis.

Organized of the book

When used as
part of a one- or two-semester course in computer networking, the focus should
be on IP(chapter 3 and 9), UDP(chapter 11) , and TCP(chapter 17-24), along with
some of the application chapters.

Typographical conventions

When
we display interactive input and output we’ll show our typed input in a bold font,
and the computer output like
this. Comments are added in italics.

Chapter 1 Introduction

1.1

Introduction

The TCP/IP protocol suite allows computers
of all sizes, from many different computer vendors, running totally different
operating systems, to communicate with each other. It is quite amazing because
its use has far exceeded its original estimates. What started in the late 1960s
as a government-financed research project into packet switching networks has,
in the 1990s, turned into the most widely used form of networking between
computers. It is truly an open system in that the definition of the protocol
suite and many of its implementations are publicly available at little or no
charge. It forms the basis for what is called the worldwide Internet, or the
Internet, a wide area network(WAN) of more than one million computers that
literally spans the globe.

This chapter provides an overview of the
TCP/IP protocol suite, to establish an adequate background for the remaining
chapters. For a historical perspective on the early development of TCP/IP see
[Lynch 1993].

1.2

Layering

Networking protocols are normally developed
in layers, with each layer responsible for a different facet of the
communications. A protocol suite, such as TCP/IP, is the combination of
different protocols at various layers. TCP/IP is normally considered to be a
4-layer system,

Each layer has a different responsibility.

1 the link layer.

2 the network layer.

3 the transport layer.

4 the application layer.

1.3

TCP/IP layering

There are more
protocols in the TCP/IP protocol suite.

TCP and UDP are
the two predominant transport layer protocols. Both use IP as the network
layer.

TCP provides a
reliable transport layer, even though the service it uses (IP) is unreliable. Chapter
17 through 22 provide a detailed look at the operation of TCP. We then look at
some TCP applications: Telnet and Riogin in chapter 26, ftp is chapter 27, and
SMTP in chapter 28. the applications are normally user processes.

UDP sends and
receives datagrams for applications. A datagram is a unit of information(i.e.,
a certain number of bytes of information that is specified by the sender) that
travel from the sender to the receiver. Unlike TCP, however, UDP is unreliable.
There is no guarantee that
the datagram
ever gets to its final destination. Chapter 11 looks at UDP, and then chapter
14(the Domain Name System), chapter 15(the trivial File Transfer Protocol), and
chapter 16(the Bootstrap Protocol) look at some applications that use UDP.
SNMP(the Simple Network Management Protocol) also uses UDP, but since it deals
with many of the other protocols, we save a discussion of it until chapter 25.

IP is the main
protocol at the network layer. It is used by both TCP and UDP. Every piece of
TCP and UDP data that gets transferred around an internet goes through the IP
layer at both end systems and at every intermediate router.

ICMP is an
adjunct to IP. It is used by IP layer to exchange error messages and other
vital information with the IP layer in another host or router. Chapter 6 looks
at ICMP in more detail. Although ICMP is used primarily by IP, it is possible
for an application to also access it . indeed we’ll see that two diagnostic
tools, Ping and Traceroute , both use ICMP.

IGMP is the
Internet Group Management Protocol. It is used with multicasting; sending a UDP
datagram to multiple hosts. We describe the general properties of
broadcasting(sending a UDP datagram to every host on a specified network) and
multicasting in chapter 12, and then describe IGMP itself in chapter 13.

ARP(Address
Resolution Protocol) and RARP(Reverse Address Resolution Protocol) are
specialized protocols used only with certain types of network interfaces(such
as Ethernet and token ring) to convert between the addresses used by the IP
layer and the addresses used by the network interface.

1.4

Internet Addresses

Every interface
on an internet must have a unique Internet address(also called an IP address).
These addresses are 32-bit numbers. Instead of using a flat address space such
as 1,2,3, and so on, there is a structure to Internet addresses.

The InterNIC
assigns only network IDs, The assignment of host IDs is up to the system
administrator.

1.5

The Domain Name System

Although the
network interfaces on a host, and therefore the host itself, are known by IP
address, humans work best using the name of a host. In the TCP/IP world the
Domain Name System(DNS) is a distributed database that provides the mapping
between IP address and hostnames

For now we must
be aware that any application can call a standard library function to look up
the IP address corresponding to a given hostname.

1.6

Encapsulation

When an
application sends data using TCP, the data is sent down the protocol stack,
through each layer, until it is sent as a stream of bits across the network. Each
layer adds information to the data by prepending headers(and sometimes adding
trailer information) to the data that it receives.

The stream of bits
that flows across the Ethernet is called a frame.

We should say that
the unit of data passed between IP and the network interface is a packet.

The unit of data that
TCP sends to IP is called a TCP segment.

The unit of data that
IP sends to the network interface is called an IP datagram

1.7

Demultiplexing

When an Ethernet
frame is received at the destination host it starts its way up the protocol
stack and all the headers are removed by the appropriate protocol box. Each
protocol box looks at certain identifiers in its header to determine which box
in the next upper layer receives the data. This is called demultiplexing

Positioning the
protocol boxed labeled “ICMP” and “IGMP” Is always a challenge.

1.8

Client-Server Model

Most networking
applications are written assuming one side is the client and the other the
server.

1.9

Port Numbers

Servers are
normally known by their well-known port number. The well-known ports are
managed by the Internet Assigned Numbers Authority(IANA).

1.10

Standardization process

1.11

RFCs

All the official
standards in the internet community are published as a Request for Comment, or
RFC.

1.12

Standard, Simple Services

There are a few
standard, simple services that almost every implementation provides. We’ll use
some of these servers throughout the text, usually with the telnet client.

1.13

The Internet

The lowercase
internet means multiple networks connected together, using a common protocol
suite. The uppercase Internet refers to the collection of hosts(over one
million) around the world that can communicate with each other using TCP/IP. While
the Internet is an internet, but he reverse is not true.

1.14

Implementations

The de facto
standard for TCP/IP implementations is the one from the Computer Systems
Research Group at the University of California at Berkeley.
Historically this has been distributed with the 4.x BSD system(Berkeley
Software Distribution), and with the “BSD Networking Releases.” This source
code has been the starting point for many other implementations.

Throughout the
text we will use the term Berkeley-derived implementation to refer to vendor
implementations such as SunOS 4.x, SVR4, and AIX3.2 that were originally
developed from the Berkeley
sources. These implementations have much in common, often including the same
bugs.

1.15

Application Programming
Interfaces

Two popular
application programming interfaces(APIs) for applications using the TCP/IP
protocols are called sockets and TLI(Transport Layer Interface). The former is
sometimes called “Berkeley
sockets”, indicating where it was originally developed. The latter, originally developed
by AT&T, is sometimes called XTI(X/Open Transport Interface), recognizing
the work done by X/Open, an international group of computer vendors that
produce their own set of standards. XTI is effectively a superset of TLI.

1.16

Test Network

1.17

Summary

This chapter has
been a whirlwind tour of the TCP/IP protocol suite, introducing many of the
terms and protocols that we discuss in detail in later chapters.

The four layers
in the TCP/IP protocol suite are the link layer, network layer, transport
layer, and application layer, and we mentioned the different responsibilities
of each. In TCP/IP the distinction the network layer and the transport layer is
critical: the network layer(IP) provides a hop-by-hop service while the
transport layers(TCP and UDP) provide an end-to-end service.

Chapter 2
Link Layer

2.1 Introduction

From figure 1.4 We
see that the purpose of the link layer in the TCP/IP protocol suite is to send
and receive (1) IP datagrams for the IP module (2) ARP requests and replies for
the ARP module and (3) RARP requests and replies for the RARP module.

问：
Link layer
指的不就是硬件层吗？如果是硬件层，它应该是负责接收把有的数据包啊，包括
tcp
头的数据，为什么这是不是这样说的呢？

答：我现在看到这个问题，我自己都不明白我问的是什么意思。不管了，把现在的理解描述一下：
OSI
的七层结构，最底层是物理层，即线路的类型，包括网线，同轴电缆，
RS232
串口线。上一层是
link layer,
包括物理层对应的接口卡和
device driver,
比如你的物理层是网线，那么你的
link layer
包括网卡和网卡的驱动程序。

从“物理角度
”
重新描述一下
OSI
模型的七层结构，

物理层：你所使用的连接线，或者网线，串口线，同轴电缆等等。

数据链路层：与物理层的连接线所对应的接口卡和卡的驱动程序（网线对应的网卡和驱动程序）

网络层：
tcpip.sys
，负责
TCPIP
协议的实现的部分，也是一个
driver.

传输层：
tcpip.sys,

负责
TCPIP
协议的实现的部分，也是一个
driver.

应用层：用户所使用的应用程序，比如
IE
浏览器，
QQ
聊天工具。

从“逻辑角度
”
重新描述一下
OSI
模型的七层结构，

比如你在
QQ
上要发送一条消息“
hello world
“
,

过程是，

应用层：你在
QQ
对话框中输入“
hello
world
“

传输层：
tcpip.sys
负责把
”hello
world”
按照
tcp
协议对该字符串进行包装，形成新的数据包

网络层：
tcpip.sys
再把经过
tcp
包按照
ip
协议进行包装形成新的数据包，包括目的
IP
地址之类的信息。

数据链路层：对网络层传来的数据包进行处理，形成可以实际发送的数据包，比如将
ip
地址翻译成网卡物理地址（
ARP
）

物理层：对最终的数据包形成比特流传出去。

TCP/IP supports
many different link layers, depending on the type of networking hardware being
used: Ethernet, token ring, FDDI(Fiber Distributed Data Interface), RS-232
serial lines, and the like.

In this chapter
we will look at some of the details involved in the Ethernet link layer, two specialized
link layers for serial interfaces(SLIP and PPP), and the loopback driver that’s
part of most implementations. Ethernet an SLIP are the
link layers used for most of the examples in the book. We also talk about the
MTU(Maximum Transmission Unit), a characteristic of the link layer that we
encounter numerous times in the remaining chapters.
We also show some
calculations of how to choose the MTU for a serial line.

So, MTU
是由
link layer
决定的。和
TCP/IP
没有关系。

2.2 Ethernet and IEEE 802 Encapsulation

The term Ethernet generally refers to a standard published
in 1982 by Digital Equipment Corp., Intel Corp., and Xerox Corp. it is
predominant form of local area network technology used with TCP/IP today. It
uses an access method called CSMA/CD, which stands for Carrier Sense, multiple
access with Collision Detection. It operates at 10 Mbits/sec and uses 48-bit
addresses.

RFC 894 encapsulation is most commonly
used. Figure 2.1 shows the two different forms of encapsulation.

Both
frame formats use 48 –bit(6-byte) destination and source addresses. These are
what we call hardware addresses throughout the text. The ARP and RARP protocols
map between the 32-bit IP addresses and the 48-bit hardware addresses.

问：网卡物理地址的意义是什么？在图
2.1
中的网卡物理和
ip datagram
之间的关系？

答：网卡的物理地址相当于人的身份证。网卡物理地址与
IP
地址对应，
ARP
负责把
ip datagram
中的目的
IP
地址转变成对应的网卡的物理地址。

2.3 trailer encapsulation

RFC
893[leffler and karels 1984] describes another form of encapsulation used on
Ethernets, called trailer encapsulation. It was an experiment with early BSD
systems on DEC VAXes that improved performance by rearranging the order of the
fields in the IP datagram. “the variable-length fields at the beginning of the
data portion of the Ethernet frame(the IP header and the TCP header) were moved
to the end (right before the CRC).” This allows the data portion of the frame
to be mapped to a hardware page, saving a memory-to-memory copy when the data
is copied in the kernel. TCP data that is a multiple of 512 bytes in size can
be moved by just manipulating the kernel’s page tables. Two hosts negotiated
the use of trailer encapsulation using an extension of ARP. Different Ethernet
frame type values are defined for these frames

Nowadays trailer encapsulation is
deprecated, so we won’t show any examples of it.

2.4 SLIP: Serial Line IP

SLIP stands for Serial Line IP. It is a simple form of encapsulation for
IP datagrams on serial lines, and is specified in RFC 1055. SLIP has become
popular for connecting home systems to the Internet, through the ubiquitous
RS-232 serial port found on almost every computer and high-speed modems. The
following rules specify the framing used by SLIP.

用
SOCKET
写的普通网络程序可以用串口来通信？

1 The IP datagram is terminated by the
special character called END(0xc0). Also, to prevent any line noise before this
datagram from being interpreted as part of this datagram, most implementations
transmit an END character at the beginning of the datagram too.(if there was
some line noise the END terminates that erroneous datagram will be thrown away
by a higher layer when its contents are detected to be garbage.)

2

if a byte of the IP datagram
equals the END character, the 2-byte sequence 0xdb,0xdc is transmitted instead.
This special character, 0xdb, is called the SLIP ESC character, but its value
is different from the ASCII ESC character(0xib).

3

If a byte of the IP datagram
equals the SLIP ESC character, the 2-byte sequence 0xdb, 0xdd is transmitted
instead.

2.5 Compressed SLIP

2.6 PPP:
Point-to-Point Protocol

PPP,
the Point-to-Point Protocol, corrects all the deficiencies in SLIP. PPP
consists of three components.

1 A way to encapsulate IP datagrams on a
serial link. PPP supports either an asynchronous link with 8 bits of data and
no parity or bit-oriented synchronous links.

2 A
link
control protocol to establish, configure, and test the data-link connection. This
allows each end to negotiate various options.

3 A
family of
network control protocols specific to different network layer protocols. RFCs
currently exist for IP, the OSI network layer, DECnet, and AppleTalk. The IP
NCP, for example, allows each end to specify if it can perform header
compression, similar to CSLIP.

第二章基本上都没看明白

Chapter 3

Chapter 4

ARP: Address Resolution Protocol

4.1
Introduction

The
problem that we deal with in this chapter is that IP address only make sense to
the TCP/IP protocol suite. A data link such as an Ethernet or a token ring has
its own addressing scheme (often 48-bit addresses) to which any network layer
using the data link must conform. A network such as an Ethernet can be used by
different network layers at the same time. For example, a collection of hosts
using TCP/IP and another collection of hosts using some PC network software can
share the same physical cable.

When
an Ethernet frame is sent from one host on a LAN to another, it is the 48-bit
Ethernet address that determines for which interface the frame is destined. The
device driver software never looks at the destination IP address in the IP
datagram.

Address
resolution provides a mapping between the two different forms of addresses:
32-it IP addresses and whatever type of address the data link uses.

4.2
an example

Ethernet header:
包括
14
个字节
,
前六个是
destination
ethernet address,
紧接着
6
个是
source ethernet address,
最后两个是
frame
type, frame type
是
0x0806
代表是
ARP
数据包
,
也就是说在
ethernet header
后边接的是
ARP datagram.
是其它的某个值代表是
IP datagram.
所以说
ARP
和
IP
是同等地位的东西
,
不像
ICMP
与
IP
的关系
.

Since ARP’s function is to get a hardware
address responding a IP address, but how did it do it?

ARP
sends an Ethernet frame called an ARP request to every host on the network. This
is called a broadcast. The ARP request contains the IP address of the
destination and is the request “if you are the owner of this IP address, please
respond to me with your hardware address.”

The
destination host’s ARP layer receives this broadcast, recognizes that the
sender is asking for its hardware address, and replies with an ARP reply. This
reply contains the IP address and the corresponding hardware address..

Chapter 6

ICMP internet control message protocol

6.1
Introduction

ICMP is often considered part of the IP layer. It communicates error
messages and other conditions that require attention. ICMP messages are usually
acted on by either the IP layer or the higher layer protocol(TCP or UDP). Some
ICMP messages cause errors to be returned to user processes.

6.2 ICMP
Message Types

6.3 ICMP
Address Mask Request and Reply

The ICMP address mask request is intended
for a diskless system to obtain its subnet mask at bootstrap time. The
requesting system broadcasts its ICMP request(This is similar to a diskless
system using RARP to obtain its IP address at bootstrap time). An alternative
method for a diskless system to obtain its subnet mask is the BOOTP protocol,
which we describe in chapter 16.

6.4 ICMP
Timestamp Request and Reply

6.5 ICMP Port
Unreachable Error

One rule of UDP is that if it receives a UDP
datagram and the destination port does not correspond to a port that some
process has in use, UDP responds with an ICMP port unreachable.

6.6 4.4BSD
Processing of ICMP Messages

6.7 summary

Chapter 7 Ping
Program

7.1 Introduction

The name “ping” is taken from the sonar
operation to locate objects. The ping program was written by Mike Muuss and it
test whether another host is reachable. The program sends an ICMP echo request
message to a host, expecting an ICMP echo reply to be returned.

7.2 ping
program

We call the ping program that sends the echo
requests the client, and the host being pinged the server. Most tcp/ip
implementation support the ping server directly in the kernel.

7.3
IP Record Route
Option

IP
在网络上走，经过一个路由器，该路由器就把自己的地址添到
ip datagram
中的
option
中，最多的能添九个。
在这个过程中，某些个
PC
的
routing table
可以被更新以获得更新的路径。

7.4 IP
Timestamp Option

The ping program is the basic connectivity
test between two systems running TCP/IP. It uses the ICMP echo request and
reply messages and does not use a transport layer(TCP or UDP). The ping server
is normally part of the kernel’s ICMP implementation.

Chapter 8
Traceroute Program

8.1 Introduction

8.2 Traceroute Program Operation

既然
ping
程序已经可以通过
RR
（
record route
）方式来记录
IP DATAGRAM
所经过的路径了，为什么还要再开发一个
traceroute
呢？因为有好多路由器并不支持
RR
。
Traceroute
并不需要中间路由器的支持。

Each router
that handles the datagram is required to decrement the TTL by either one or the
number of seconds that the router holds onto the datagram(prevent the datagram
stay in a router forever.) but actually few routers implement this.
If a router receives a datagram whose TTL is
0,it will throw it away and send back to the originating host an ICMP message”time
exceeded” message. In this message, there is the router’s address, this is
important.

So now we know
what traceroute do:

It sends an IP datagram with a TTL of 1 to
the destination host. The first router to handle the datagram decrements the
TTL, discard the datagram, and sends back the ICMP time exceeded,. This
identifies the first router in the path. Traceroute then sends a datagram with
a TTL of 2, and we find the IP address of the second router. This continues
until the datagram reaches the destination host .. but how we know that
datagram reached the destination? It sends UDP datarams to the destination
host, but it chooses the destination UDP port number to be an unlikely
value(larger than 30000), making it improbable that an application at the
destination is using that port. This causes the destination host’s UDP module
to generate an ICMP
“port unreachable”
error when the datagram arrives. All traceroute needs to do is differentiate
between the received ICMP message-time exceeded versus port unreachable-to know
when it’s done.

8.5 IP Source
Routing Option

Normally IP routing is dynamic with each
router making a decision about which next-hop router to send the datagram to. Applications
have no control of this, and are normally not concerned with it. It takes tools
such as Traceroute to figure out what the route really is.

The idea behind
source routing is that the sender specifies the route. Two forms are provided:

Strict source routing. The sender specifies
the exact path that the IP datagram must follow

Chapter 9 IP
Routing

1 routing protocols

The topics of which routing protocol to
use on a given host, how to exchange routing information with adjacent routers,
and how the routing protocols work are complex and can fill an entire book of
their own(Interested readers are referred to [Periman 1992] for many of the
details.)

We will look
briefly at dynamic routing and Routing Information Protocol(RIP) in chapter 10.
our main interest in the current chapter is how a single IP layer makes its
routing decisions.

2 host
代表一台主机，可以是
PC
，也可以是路由器。

3 router
代表一个路由装置，可以是路由器，或者有路由功能的
PC
机。

4 a
host searches the
routing table and decides which interface to send a packet out, is routing mechanism
. This differs from a routing policy
, which is a set of rules that decides
which routes go into the routing table. IP performs the routing mechanism while
a routing daemon normally provides the routing policy.

We can use “netstat”
command to check out the routing table on unix system, the output like this:

Destionation
gateway

flags
Refcnt
use
interface

140.252.13.65
140.252.13.35

UGH
0
0
emd0

Now we explain
the “flags” column, if G is set then means indirect route,
就是说目的地址（
140.252.13.65
）没有和
routing table
所在的
PC
或路由器直接相连。这种情况下产生的
IP DATAGRAM
中，
destination ip address
是
140.252.13.65,
但是
link layer
产生的网卡物理地址却应该是
140.252.13.35
所对应的物理地址（因为这个
datagram
要马上发到
140.252.13.35
上）
.if G is not set then mean direct route,
就是说目的地址与
route table
所在的主机直接相连。所以它产生的
IP DATAGRAM
中的目标
IP
和网卡物理地址都是
destination
的。

Initializing a
routing table

how these routing table entries are created?

①

The direct route:Whenever an
interface is initialized(normally when the interface’s address is set by the
ifconfig command) a direct route is automatically created for the interface
.

②

The indirect route: routes to
hosts or networks that are not directly connected must be entered into the
routing table somehow. One common way is to execute the route command
explicitly from the initialization files when the system is bootstrapped. On
the host svr4 the following two commands were executed to add the entries that
we showed earlier:

Route add default
sun 1

Route add slip bsdi
1

What the interface is?

如果你在一个局域网内，用网卡和网线连接，那么可以把网卡的口可以理解为一个
interface.
如果同时你还有一根
RS232
串口线连接到另外一台电脑上，那么串口也是一个
interface.
他们在路由表中都有一个名字，就是最后一列的值，例如
emd0..
错了。

IP layer
在接到了本机传来的
TCP SEGMENT
后，首先进行
IP Routing,
如果找到了，则打包该数据，
destination address
中放入目标
IP
。传给
link-layer,
ARP
根据路由表中的
gateway
得到它的
MAC
地址，把它放到
IP
DATAGRAM
中，发送出去。如果在路由表中找不到对应的项，则会返回给上层一个“
host unreachable
”或“
network unreachable
”
.
如果
IP
LAYER
处理的是由其他主机传来的包的话，刚会发回一个
ICMP ERROR MESSAGE.

9.3

Chapter 10
Dynamic Routing Protocols

10.1

Introduction

10.2

注意概念的区别：
dynamic routing
和
static routing.

dynamic routing

dynamic routing
occurs when routers talk to adjacent routers, informing each other of what
networks each router is currently connected to.

Static routing

the routing
table entries were created by default when an interface was configured (for directly
connected interfaces), added by the route command(normally from a system
bootstrap file), or created by an ICMP redirect(usually when the wrong default
was used).

Routing policy
、
Routing
protocol
and routing mechanism

的区别：

Routing policy:
当一个
router
和其它的
router
沟通以更新自己的
routing table
时，可以对于一个
destination
，会有几个
route
可以来实现，那么按照什么原则去选择，这个原则就是
routing policy.

Routing protocol:

一个
router
如何和其它的
router

进行沟通以更新自己的
routing table?
来回发送数据包，数据包中包含
routing
table
信息，那么这个包的格式如何设计，哪一位代表什么意义，这种设计方法叫做
routing protocol.

一个
autonomous
system
内部的这种
protocol
以
IGP
为主。

不同的
autonomous
systems
之间的以
EGP
为主。

Routing mechanism: IP LAYER
在为一个
destination
查找一个合适的
routing
时所遵守的原则。

Routing table
的生成以及在运行过程时候的更新主要由两种方式，一种是
static routing
里边所说的三种方法，一种是
dynamic
routing
里面所说的方法（由
routing deamon
实现）

如下图：

以该图为例，“
routing
daemon
”与其它
router
交换
routing table
信息时，使用的协议
(
数据结构的安排
)
叫做
routing protocol.

在交换
routing
table
时对于同一个
destination
会有好几个
route,
以供选择，那么选择哪一个所依据的原则叫做
routing policy.

IP LAYER
在本机的
routing table
为一个
destination
选择
route
时的顺序叫做
routing mechanism.

In a system
such as the Internet, many different routing protocols are currently used. the
internet is organized into a collection of autonomous systems(ASs), each of
which is normally administered by a single entity. A corporation or university
campus often defines an autonomous system. The NSFNET backbone of the Internet
forms an autonomous system, because all the routers in the backbone are under a
single administrative control.

Each autonomous system can select its own
protocol to communicate between the routers in that autonomous system. This is
called an interior gateway protocol(IGP) or
intradomain routing protocol.
The most popular IGP has been the Routing
Information protocol(RIP). A newer IGP is the Open Shortest Path First
protocol(OSPF). It is intended as a replacement for RIP.
An older IGP that has fallen out of use if
HELO-the IGP used on the original NSFNET backbone in 1986.

Separate routing protocols called exterior
gateway protocols(EGPs) or interdomain routing protocols are used between the
routers in different autonomous systems. A newer protocol is the Border Gateway
Protocol(BGP) that is currently used between the NSFNET backbone and some of
the regional networks that attach to the backbone.

10.3

Unix Routing Daemons

10.4
RIP: Routing Information Protocol

Message Format

RIP messages
are carried in UDP datagrams.

理解
Metrics
:

Metrics
就是
hop counts.(
跳跃次数
)
。
RIP
的作用是用来在
router
之间来回发送路由信息，比如说很多个
router
相连，那么他们之间用
RIP
信息来告诉对方自己的路由表。

一个
router
到一个
destination
的
path
可能有多个，那么一个
router
如何根据其它
routers
发来的
RIP
信息来决定选择哪个
path
呢？这就需要
Metrics,
即跳跃次数。
Router
会计算不同
path
的
metric
，选一个最小的做为最佳路径。这个计算方法就是一种
route policy.

10.5 RIP
Version2

RIP-2 don’t change the protocol,
just pass additional information in the
fields labeled “must be zero”.

10.6 OSPF: Open
Shortest Path First

OSPF is a newer alternative to RIP as an
interior gateway protocol. It overcomes all the limitations of RIP.

OSPF is a link-state
protocol, as opposed to RIP, which is a distance-vector
protocol. the term distance-vector means the messages sent by RIP contain a
vector of distances(hop counts). Each router updates its routing table based on
the vector of these distances that it receives from its neighbors.

In a link-state
protocol a router does not exchange distances with its neighbors. Instead each
router actively tests the status of its link to each of its neighbors, sends
this information to its other neighbors, which then propagate it throughout the
autonomous system. Each router takes this link-state information and builds a
complete routing table.

What does
link-state mean? It means if a router is down ,it can tell.

OSPF is
different from RIP(and many other routing protocols) in that OSPF uses IP
directly. That is, it does not use UDP or TCP. OSPF has its own value for the
protocol field in the IP header.

With most
router vendors supporting OSPF, it will start replacing RIP in many networks.

10.7 BGP:
Border Gateway Protocol

BGP
is an
exterior gateway protocol for communication between routers in different
autonomous systems. BGP is a replacement for the older EGP that was used on the
ARPANET.

A BGP system exchanges network reachability
information with other BGP systems. This information includes the full path of autonomous systems
that traffic transit to reach
these networks. This information is adequate to construct a graph of AS
connectivity.

We first categorize an IP dategram in an
AS(autonomous system) as either local traffic
or transit traffic

An AS can be categorized as one of the following:

10.8 CIDR:
classless interdomain routing

这节没看。

summary

Chapter 11

1 Looking at Figure
11.3
we see that the two IP addresses are swapped, as are the two port
numbers. The other fields in the pseudo-header and the UDP header are the same,
as is the data being echoed. This reiterates that the UDP checksums (indeed,
all the checksums in the TCP/IP protocol suite) are simple 16-bit sums. They
cannot detect an error that swaps two of the 16-bit values.

Checksum
是求和校验，就是对所有位求个和，然后看是否相等，所以如果被校验的数里面位置交换，它是检验不出错误来的。

2 IP fragementation

The
physical network layer normally imposes an upper limit on the size of the frame
that can be transmitted. Whenever the IP layer receives an IP datagram to send,
it determines which local interface the datagram is being sent on(routing), and
queries that interface to obtain its MTU. IP compares the MTU with the datagram
size and performs fragmentation, if necessary. Fragmentation can take place
either at the original sending host or at an intermediate router.

When
an IP datagram is fragmented, it is not reassembled until it reaches its final
destination.(this handling of reassembly differs from some other networking
protocols that require reassembly to take place at the next hop, not at the
final destination.). the information maintained in the
IP header for fragmentation and reassembly provides enough information to do
this.

Recalling
the IP header, the following fields are used in fragmentation. The
identification contains a unique value for each IP datagram that the sender
transmits. The number is copied into each fragment of a particular datagram. The
flags field uses one bit as the “more fragments” bit. This bit is turned on for
each fragment comprising a datagram except the final fragment. The fragment
offset field contains the offset of this fragment from the beginning of the
original datagram. Also, when a datagram is fragmented the total length field
of each fragment is changed to be the size of that fragment.

Finally,
one of the bits in the flags field is called the “don’t fragment” bit. If this
is turned on, IP will not fragment the datagram. Instead the datagram is thrown
away and an ICMP error(“fragmentation needed but don’t fragment bit set”) is
sent to the originator.

You should note that only the first
fragmentation includes the UDP header, the following other fragments don’t
include the UDP header.

Also note the
terminology: an “IP datagram” is the unit of end-to-end transmission at the IP
layer(before fragmentation and after reassembly), and a “packet” is the unit of
data passed between the IP layer and the link layer. A packet can be a complete
IP datagram or a fragment of an IP datagram.

11.6 ICMP
Unreachable Error(Fragmentation Required)

You can use “ping” command to do this. or
use SNMP to do this

11.7 Determining the Path MTU Using Traceroute

Although most
systems don’t support the path MTU discovery feature, we can easily modify a
version of “traceroute” to let us determine the path MTU. What we will do is
send packets with the “don’t fragment” bit set. The size of the first packet we
send will equal the MTU of the outgoing interface, and whenever we receive an
ICMP “can’t fragment” error. We will reduce the size of the packet. If the router
sending the ICMP error sends the newer version that includes the MTU of the
outgoing interface, we will use that value; otherwise we will try the next
smallest MTU.

这里又涉及到了前面的内容了，而前面的内容有些还没看，所以暂停，回到
chapter 6
去看。

Chapter 12 Broadcasting and Multicasting

端口
:
为什么要有端口
,?
什么是端口
?

This is a important concept!

网络通信
,
实质上就是数据包在网络上传输
.
我们把
PC
机比喻成一个码头
,
把处理数据包的程序比喻成人
.
网络就是有
N
个码头
,
在这些码头之间传送货物
(
网络数据包
).
为了区别各个码头
,
我们为它们编号
(ip
地址
).
我们的货物通过查看目标
IP
就知道把货物送到哪个码头
.
但是还有一个问题
,
这个码头有好几个人在等着自己的货物
,
那么这个货物应该给谁呀
?
无法判断
,
我们应该再定义一个数据来标识货物的主人
,
于是我们采用了
”
端口
”
的概念
.
在不同码头的两个人定义自己的端口
,
放在数据包中
,
那么接收的人看到该数据包的端口就知道是不是自己的了
.
同样
,
在
PC
中的两个不同的应用程序也用这种方式来区分
,
所以运行在同一个
PC
上的两个不同的网络程序不能使用同一个端口
.

对于
C/S
模式的程序
,
一个是
SERVER,
一个是
CLIENT,
SERVER
在
20000
上监听数据包
,
那么
CLIENT
在发送数据包时
,
数据包内的目标端口就是
20000,
包里还有一个源端口
10000,SEVER
在接到数据包后可能会向
CLIENT
发回一个数据包
,
那么这个数据包中的目标端口就是
10000,CLIENT
在这个
10000
端口上监听
(
在某某端口上监听其实就是看数据包的目标端口是不是某某而已
.).
其实这上不应该用
”
端口
”
这个词
!
太容易造成混淆
.

至此
,
似乎通信都比较成功了
.
但是随着网络用户的不断增多
,
又出现这样一个问题
. IP
地址越来越不够用了
!
于是出现了局域网的概念
.
局域网中的许多机器共用一个
IP
来上网
,
比如说典型的
ADSL
共享上网的情况
,
有一个路由器
,
在
ISP
处申请来的外网地址是
202.162.1.15,
内网地址是
192.168.1.1,
下面连接了
200
台机器
,IP
从
192.168.1.2
到
192.168.1.201(
网关是
192.168.1.1)

它们如何发送数据包
,
如果以自己的局域网
IP
为源地址
,
根本不能和
INTERNET
沟通
,
那么就出现了一种技术
,NAT(network address transfer).
以
192
。
168
。
1
。
10
为例，它要向
12.106.24.58
发送一个数据包，那么从
192.168.1.10
到路由器的包的格式是，目标
IP
是
12.106.24.58
，源
IP
是
192.168.1.10,

源端口是
5001
，到路由器后，
NAT
将该包改装成，目标
IP
和端口不变，源
IP
从
192.168.1.10
变成
202.162.1.15,
如果只改变这些的话，那么将来
12.106.24.58
往回发一个包时就出现了一个问题，当包到达了路由器的外网地址后，路由器怎么知道这个包应该转发给局域网内的谁呢？？解决方法是动态转换。

“动态转换”就是路由器随机地将源端口转换成一个随机值，利用这个值来记录该包应该发回给哪个机器。这时又存在一个问题，也就是内网机器必须首先向外发个包，然后外面才能访问自己，否则外面的机器无法主要访问内网！这对于
C/S
类型的程序来说行不通，比如
SERVER
装在局域网内的一台机器上，那么外部的
CLIENT
无法访问
SERVER
！解决方法是使用“虚拟服务器”，

“虚拟服务器”映射一个端口
1112
到一个内网机器
192
。
168
。
1
。
15
，路由器在接到目标端口是
1112
的数据包后立即传送给
192
。
168
。
1
。
15
处理。这时外面的
CLIENT
可以主动的访问
SERVER
了。

理解单播
/
广播
/
多播
:

我们是利用
IP
和网卡的物理地址来标识一个数据包的目标机器的
,
一个机器对应一个
IP
和一个网卡物理地址
.
这在单播时完全没有问题
,
很清晰
.
但是如果一个数据包想同时发给局域网内所有的机器呢怎么办
?
唯一的方法就是一个一个的发送
,
有多少个目标机器我们就发送多少个数据包
,
每个包中包含一个目标机器的
IP
和物理地址
.
这样做可以
,
但是非常的浪费
(
要发送
N
次
),
后来人们想出这样一个方法
,
我们留出来一个
IP
和物理地址
,
如果大家看到这个
IP
和物理地址
,
那就都接收这个数据包
.
这样的话只要发送一次就可以了。为了这种应用而保留下来的
IP
和物理地址就是特殊
IP
和
MAC
。比如
IP 255.255.255.255,
代表广播，就是数据包头的目标地址为
255
。
255
。
255
。
255
就是广播，大家都要接收该包。

假设一个
host
上有三个
process
在跑，此时如果使用的是
broadcasting,
则该
host
的
IP layer
不能根据
ip
来断定哪个
process
需要处理它，所以向上传至
UDP layer,UDP layer
根据端口才能决定该数据是不是该
process
的。

但是如果使用的是
multicasting,
就不需要端口的概念了，因为
host
中有一个
table
来记录哪个
process
属于哪个
multicasting group
。

12.1 Introduction

We mentioned in chapter 1 that there are three kinds of IP addresses:
unicast, broadcast and multicast.

Broadcasting and multicasting only apply to UDP,
where it makes sense for an application to send a single message to multiple
recipients.

Broadcast
and multicast
:

Broadcast is to send a frame to
every other host on the cable .

Multicast is to send to a set of
host that belong to a multicast group.

The problem with broadcasting is the processing load that it places on
hosts that aren’t interested in the broadcasts. The intent of multicasting is
to reduce this load on hosts with no interest in the application.
With multicasting a host specifically join one
or more multicast groups. If possible, the interface card is told which
multicast groups the host belongs to, and only those multicast frames are
received.

12.2 Broadcasting

We now describe all kinds of the
broadcasting address:

Limited
Broadcast

the
limited broadcast address is 255.255.255.255. destination
是
255.255.255.255
的
IP Datagram
不会被
router
转发，它的在效范围是一个局域网内。

Net-directed Broadcast

这个地址就是
host ID
所有位全部为
1
的一个地址
(
没有
subnet
)
。

以该地址为
destination

的
IP Datagram
要被发送到一个网络内所有子网的所有主机。

Subnet-directed
Broadcast

这个地址就是
host ID
所有位全部为
1
的一个地址
(
有
subnet
)
。

以该地址为
destination
的
IP Datagram
要被发送到一个网络内的某一个子网内的所有主机。

All-subnets-directed Broadcast

这个地址就是
sunnet ID
和
host
ID
全部为
1
的一个地址。

它和
net-directed Broadcast
的区别是，
net-directed Broadcast
没有
subnet,
也就是不分子网，
host ID
全是
1. all-subnets-directed Broadcast
是分了子网，
subnet ID
和
host
ID
全是
1.

所以事实上它们两个达到的效果是一样的，就是把数据送到某个
netid
下的所有主机中。

举个例子：

如果子网掩码是
255.255.255.0
，那么
128.1.255.255
是一个
All-subnet-directed broadcast.
如果没有被
subnetted,
则它是个
net-directed
broadcast.

当给你一个
IP

地址时，你首先要判断它是不一个
special case IP(
需要
subnet ID).
像这种
host
ID
全为
1
的就是
special
case IP.

现在给你一个
IP Datagram
，它的
destination

是
128.1.2.255
，你现在不能断定这个
IP
是代表一个主机地址，还是代表一个广播地址。你需要知道它的
subnet mask
才能确定，如果
subnet mask
是
255.255.255.0
，则是一个广播。如果
subnet mask
是
255.255.254.0,
则它是一个主机的
IP
地址。

12.3 broadcasting example

How are broadcasts sent and what do routers and hosts do with
broadcasts? Unfortunately this is a hard question to answer because it depends
on the type of broadcast address, the application, the TCP/IP implementation,
and possible configuration switches.

If you run :
ping 255.255.255.255.

Most TCP/IP
implementation doesn’t support the limited broadcast, they don’t look on
255.255.255.255 as a broadcast, but look for in a routing table, and choose the
default gateway, finally throw it away.! Why ? why they don’t support the
broadcast?!

Most
applications invoke some socket API don’t support the broadcast, those API
doesn’t allow a process to send a UDP datagram to the broadcast address unless
the process specifically states that it plans to broadcast. This is intended to
prevent users from mistakenly specifying a broadcast address when the
application was never intended to broadcast.

With the
sockets API the application must set the so_broadcast socket option before
sending a UDP datagram to a broadcast address.

Not all system
enforce this restriction. Some implementations allow any process to broadcast
UDP datagram. Without requiring the process to say so. Others are more
restrictive and require a process to have superuser privileges to broadcast.

The next
question is whether directed broadcasts are forwarded or not. Some kernels and
routers have an option to enable or disable this feature. What does this
actually mean?
以书中的那个作者所以的网络图为例，如果
sun
主机发送一个
destination

为
140.252.13.63
的广播
IP Datagram,
那么它可以直接发送至
bsdi
和
svr4
上
.
但是如果
slip
主机发送一个同样的广播包，因为它只和
bsdi
一台机器相连，所以如果
bsdi
不向前
forward
，那么
sun
和
svr4
将不会得到该包。

12.4
Multicasting

IP multicasting provides two services for
an application.

1 Delivery to multiple destinations.

2 solicitation of servers by clients. A
diskless workstation, for example, needs to locate a bootstrap server.

Multicast Group Address

A multicast group address is the combination
of the high-order 4 bits of 1110 and the multicast group ID. These are normally
written as dotted-decimal numbers and are in the range 224.0.0.0 through
239.255.255.255.

The set of hosts listening to a particular
IP multicast address is called a host group. A host group can span multiple
networks. Membership in a host group is dynamic-hosts may join and leave host
groups at will. There is no restriction on the number of hosts in a group, and
a host does not have to belong to a group to send a message to that group.

Some multicast
group addresses are assigned as well-known addresses by the IANA. “These are
called permanent host groups. This is similar to the well-known TCP and UDP
port numbers, similarly, these well-known multicast addresses are listed in the
latest assigned numbers RFC. Notice that it is the multicast address of the
group that is permanent, not the membership of the group.” For example,
224.0.0.1 means “all systems on this subnet”, and 224.0.0.2 means “all routers
on this subnet”. The multicast address 224.0.1.1 is for NTP, the Network Time
Protocol, 224.0.0.9 is for RIP-2, and 224.0.1.2 is for SGI’s(Silicon Graphics)
dogfight application.

Ethernet address(
以太网地址
)
，就是
MAC
地址。

Multicast
没看懂！

Chapter 13 IGMP Internet Group Management
Protocol

Chapter
17
TCP: Transmission Control Protocol

17. Introduction

In
this chapter we provide a description of the services provided by TCP for the
application layer. We also look at the fields in the TCP header.
In the chapters that follow we examine all of
these header fields in more detail, as we see how TCP operates.

Our
description of
TCP starts in this
chapter and continues in the next seven chapters. Chapter 18 describes how a
TCP connection is established and terminated, and chapter 19 and 20 look at the
normal transfer of data, both for interactive use (remote login) and bulk data(file
transfer). Chapter 21 provides the details of TCP’S timeout and retransmission,
followed by two other TCP timers in chapter 22 and 23. finally chapter 24 takes
a look at newer TCP features and TCP performance.

The
original specification for TCP is RFC 793[ postel 1981 c ], although some errors in that RFC are
corrected in the Host Requirments RFC.

17.2 TCP Services

Even
though TCP and UDP use the same network layer(IP). TCP provides a totally
different service to the application layer than UDP does. TCP provides a
connection-oriented, reliable, byte stream service.

The
term connection-oriented means the two applications using TCP(normally
considered a client and a sever) must establish a TCP connection with each
other before they can exchange data. The typical analogy is dialing a telephone
number, waiting for the other party to answer the phone and say “hello”, and
then saying who’s calling. In chapter 18 we look at how a connection is
established, and disconnected some time later when either end is done.

There
are exactly two end points communicating with each other on a TCP connection. Concepts
that we talked about in chapter 12, broadcasting and multicasting, aren’t
applicable to TCP.

TCP
provides reliability by doing the following:

l

The application data is broken
into what TCP consider the best sized chunks to send. The unit of information
passed by TCP to IP is called a segment.

l

When TCP sends a segment it
maintains a timer, waiting for the other end to acknowledge reception of the
segment. If an acknowledgment isn’t received in time, the segment is
retransmitted. In chapter 21 we’ll look at TCP’S adaptive timeout and
retransmission strategy.

l

When TCP receives data from the
other end of the connection, it sends an acknowledgment. This acknowledgment is
not sent immediately, but normally delayed a fraction of a second, as we
discuss in section 19.3

l

TCP maintains a checksum on its
header and data. This is a end-to-end checksum whose purpose is to detect any
modification of the data in transit. If a segment arrives with invalid checksum,
TCP discards it and doesn’t acknowledge receiving it.

l

Since TCP segments are
transmitted as IP datagrams, and since IP datagrams can arrive out of order,
TCP segments can arrive out of order. A receiving TCP resequence the data if
necessary, passing the received data in the correct order to the application.

l

Since IP datagrams can get
duplicated, a receiving TCP must discard duplicate data

l

TCP also provides flow control.
Each end of a TCP connection has a finite amount of buffer space. A receiving
TCP only allows the other end to send as much data as the receiver has buffers
for. This prevents a fast host from taking all the buffers on a slower host.

A stream of
8-bit bytes is exchanged across the TCP connection between the two
applications. There are no record markers automatically inserted by TCP. This
is what we called a byte stream service. If the application on one end writes
10 bytes, followed by a write of 20 bytes, followed by a write of 50 bytes, the
application at the other end of the connection what size the individual writes
were. The other end may read the 80 bytes in four reads of 20 bytes at a time. One
end puts a stream of bytes into TCP and the same, identical stream of bytes
appears at the other end.

17.3 TCP Header

NAT:
network address transfer

利用
NAT
保护您的内部网络

什么是
NAT?

NAT--------
网络地址转换，
是通过将局域网专用网络地址（如企业内部网
intranet
）转换为公用地址（如互联网
internet
），从而对外隐藏了内部管理的
IP
地址。这样，通过在内部使用非注册的
IP
地址，并将它们转换为一小部分外部注册的
IP
地址，从而减少了
IP
地址注册的费用以及节省了目前越来越缺乏的地址空间。同时，这也隐藏了内部网络结构，从而降低了内部网络受到攻击的风险。

NAT
功能通常被集成到路由器、防火墙、单独的
NAT
设备中，当然，现在比较流行的操作系统或其他软件（主要是代理软件，如
winroute
）
,
大多也有着
NAT
的功能。
NAT
设备（或软件）维护一个状态表，用来把内部网络的私有
IP
地址映射到外部网络的合法
IP
地址上去。每个包在
NAT
设备（或软件）中都被翻译成正确的
IP
地址发往下一级。与普通路由器不同的是，
NAT
设备实际上对包头进行修改，将内部网络的源地址变为
NAT
设备自己的外部网络地址，而普通路由器仅在将数据包转发到目的地前读取源地址和目的地址。

NAT
分为三种类型：静态
NAT
（
staticNAT
）、

内容来自用户分享和网络整理，不保证内容的准确性，如有侵权内容，可联系管理员处理

标签：

相关文章推荐

新的分享

章节导航