TCP/IP Protocol
1. 局域网上运行 HTTP 的两台主机
2. TCP/IP 协议族中不同层次的协议
|
> What’s popular or common commands for the de-factor 5 network layers in Linux? * Sure, here’s a brief rundown of common Linux commands used for various tasks across the five layers (Application, Transport, Network, Data Link, and Physical) of the conceptual network model:
Remember these layers and their associated commands are highly interdependent, so categorizing a command into a specific layer can sometimes be a conceptual approximation rather than a strict classification. Also, these are basic commands. Depending on your needs, there are many more commands in Linux for network administration and management. |
3. 五类互联网地址
4. 数据进入协议栈时的封装过程
5. IEEE 802.2/802.3 (RFC 1042) 和以太网的封装格式 (RFC 894)
5.1. SLIP 报文的封装
5.2. PPP 数据帧的格式
6. 环回接口处理 IP 数据报的过程
7. IP 数据报格式及首部各字段
8. 用于以太网的 ARP/RARP 请求或应答分组格式
9. ICMP 报文封装在 IP 数据报内部
9.1. ICMP 地址掩码请求和应答报文
9.2. ICMP 不可达差错
10. IP 层工作流程
11. RIP 路由信息协议
12. 单播, 多播, 广播
-
单播
$ ip a s 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:8c:df:3f brd ff:ff:ff:ff:ff:ff inet 192.168.91.128/24 brd 192.168.91.255 scope global dynamic ens32 valid_lft 1489sec preferred_lft 1489sec inet6 fe80::20c:29ff:fe8c:df3f/64 scope link valid_lft forever preferred_lft forever $ /sbin/arp Address HWtype HWaddress Flags Mask Iface 192.168.91.254 ether 00:50:56:ed:bf:01 C ens32 192.168.91.2 ether 00:50:56:ee:e2:ae C ens32 192.168.91.1 ether 00:50:56:c0:00:08 C ens32 $ ip ro s default via 192.168.91.2 dev ens32 192.168.91.0/24 dev ens32 proto kernel scope link src 192.168.91.128$ ping -c 1 192.168.91.2 PING 192.168.91.2 (192.168.91.2) 56(84) bytes of data. 64 bytes from 192.168.91.2: icmp_seq=1 ttl=128 time=0.367 ms --- 192.168.91.2 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.367/0.367/0.367/0.000 ms18:26:04.627111 00:0c:29:8c:df:3f > 00:50:56:ee:e2:ae, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 40409, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 192.168.91.2: ICMP echo request, id 3129, seq 1, length 64 18:26:04.627456 00:50:56:ee:e2:ae > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 12349, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 3129, seq 1, length 64 -
广播
$ ip -4 a s ens32 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 inet 192.168.91.128/24 brd 192.168.91.255 scope global ens32 valid_lft forever preferred_lft forever $ ping -c 4 -b 255.255.255.255 WARNING: pinging broadcast address PING 255.255.255.255 (255.255.255.255) 56(84) bytes of data. 64 bytes from 192.168.91.137: icmp_seq=1 ttl=64 time=0.253 ms 64 bytes from 192.168.91.2: icmp_seq=1 ttl=128 time=0.268 ms (DUP!) 64 bytes from 192.168.91.2: icmp_seq=2 ttl=128 time=0.237 ms 64 bytes from 192.168.91.137: icmp_seq=2 ttl=64 time=0.511 ms (DUP!) 64 bytes from 192.168.91.2: icmp_seq=3 ttl=128 time=0.305 ms 64 bytes from 192.168.91.137: icmp_seq=3 ttl=64 time=0.473 ms (DUP!) 64 bytes from 192.168.91.2: icmp_seq=4 ttl=128 time=0.323 ms --- 255.255.255.255 ping statistics --- 4 packets transmitted, 4 received, +3 duplicates, 0% packet loss, time 20ms rtt min/avg/max/mdev = 0.237/0.338/0.511/0.103 ms$ ip -4 a s ens32 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 inet 192.168.91.128/24 brd 192.168.91.255 scope global ens32 valid_lft forever preferred_lft forever $ tcpdump -envv icmp tcpdump: listening on ens32, link-type EN10MB (Ethernet), capture size 262144 bytes 15:53:11.351131 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 1, length 64 15:53:11.351348 00:50:56:f9:5e:df > 00:0c:29:8c:df:49, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2253, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 1, length 64 15:53:11.351349 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 49829, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 1, length 64 15:53:12.362377 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 2, length 64 15:53:12.362573 00:50:56:f9:5e:df > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2254, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 2, length 64 15:53:12.362847 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 49979, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 2, length 64 15:53:13.364595 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 3, length 64 15:53:13.364863 00:50:56:f9:5e:df > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2255, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 3, length 64 15:53:13.365031 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 50166, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 3, length 64 15:53:14.368610 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 4, length 64 15:53:14.368894 00:50:56:f9:5e:df > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2256, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 4, length 64 15:53:14.369077 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 50192, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 4, length 64$ ip -4 a show ens32 2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 inet 192.168.91.137/24 brd 192.168.91.255 scope global dynamic ens32 valid_lft 1279sec preferred_lft 1279sec $ sysctl net.ipv4.icmp_echo_ignore_broadcasts=0 net.ipv4.icmp_echo_ignore_broadcasts = 0 $ tcpdump -envv icmp tcpdump: listening on ens32, link-type EN10MB (Ethernet), capture size 262144 bytes 15:53:11.354403 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 1, length 64 15:53:11.354451 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 49829, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 1, length 64 15:53:11.354483 00:50:56:f9:5e:df > 00:0c:29:8c:df:49, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2253, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 1, length 64 15:53:12.365702 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 2, length 64 15:53:12.365797 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 49979, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 2, length 64 15:53:12.365854 00:50:56:f9:5e:df > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2254, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 2, length 64 15:53:13.367964 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 3, length 64 15:53:13.368029 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 50166, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 3, length 64 15:53:13.368116 00:50:56:f9:5e:df > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2255, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 3, length 64 15:53:14.371990 00:0c:29:8c:df:3f > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 255.255.255.255: ICMP echo request, id 2421, seq 4, length 64 15:53:14.372047 00:0c:29:85:26:07 > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 50192, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.137 > 192.168.91.128: ICMP echo reply, id 2421, seq 4, length 64 15:53:14.372121 00:50:56:f9:5e:df > 00:0c:29:8c:df:3f, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 128, id 2256, offset 0, flags [none], proto ICMP (1), length 84) 192.168.91.2 > 192.168.91.128: ICMP echo reply, id 2421, seq 4, length 64* Both 192.168.1.255 and 255.255.255.255 are indeed types of broadcast addresses, but they operate at different levels and have different purposes.
-
192.168.1.255: This is a directed broadcast address. A directed broadcast sends a packet to all hosts on a specific network. In this case, the specific network is 192.168.1.0 (assuming a subnet mask of 255.255.255.0). Packet sent to 192.168.1.255 will be delivered to all hosts on the 192.168.1.0 network.
-
255.255.255.255: This is a limited broadcast address. It is used for one-to-everyone delivery on the local network segment when the network portion of the IP address is unknown. This kind of broadcast is limited because routers will not forward this packet, ensuring it only reaches hosts within the local subnet. When a host sends a packet to this address, every machine on the local network (LAN) is intended to receive a copy of the packet.
Note that these addresses function as intended provided they are not blocked or filtered by network devices and the software receiving the packets is configured to accept broadcast packets.
-
-
组播
$ ping -W 1 -c 1 224.0.0.251 PING 224.0.0.251 (224.0.0.251) 56(84) bytes of data. --- 224.0.0.251 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms18:16:41.207147 00:0c:29:8c:df:3f > 01:00:5e:00:00:fb, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 1, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 192.168.91.128 > 224.0.0.251: ICMP echo request, id 3060, seq 1, length 64
12.1. IGMP: Internet 组管理协议
13. UDP: 用户数据报协议
14. TCP: 传输控制协议
14.1. TCP 的状态变迁图
14.2. TCP 正常连接建立和终止所对应的状态
14.3. TCP 同时打开期间报文段的交换
14.4. TCP 同时关闭期间报文段的交换
14.5. RST 复位报文段
-
到不存在的端口的连接请求
$ telnet 10.200.40.55 80 Trying 10.200.40.55... telnet: Unable to connect to remote host: Connection refused00:00:00.000000 IP 192.168.66.128.33132 > 10.200.40.55.80: Flags [S], seq 4228554322, win 29200, options [mss 1460,sackOK,TS val 1130179 ecr 0,nop,wscale 7], length 0 00:00:01.009552 IP 192.168.66.128.33132 > 10.200.40.55.80: Flags [S], seq 4228554322, win 29200, options [mss 1460,sackOK,TS val 1130432 ecr 0,nop,wscale 7], length 0 00:00:00.078680 IP 10.200.40.55.80 > 192.168.66.128.33132: Flags [R.], seq 970664811, ack 4228554323, win 64240, length 0 -
异常终止一个连接
$ telnet 192.168.171.1 9000 Trying 192.168.171.1... Connected to 192.168.171.1. Escape character is '^]'. Connection closed by foreign host.00:00:00.000000 IP 192.168.66.128.37852 > 192.168.171.1.9000: Flags [S], seq 2189393428, win 29200, options [mss 1460,sackOK,TS val 1446368 ecr 0,nop,wscale 7], length 0 00:00:00.000557 IP 192.168.171.1.9000 > 192.168.66.128.37852: Flags [S.], seq 1865883214, ack 2189393429, win 64240, options [mss 1460], length 0 00:00:00.000067 IP 192.168.66.128.37852 > 192.168.171.1.9000: Flags [.], ack 1, win 29200, length 0 00:00:00.019830 IP 192.168.171.1.9000 > 192.168.66.128.37852: Flags [P.], seq 1:20481, ack 1, win 64240, length 20480 00:00:00.000152 IP 192.168.66.128.37852 > 192.168.171.1.9000: Flags [.], ack 20481, win 64240, length 0 00:00:00.000139 IP 192.168.171.1.9000 > 192.168.66.128.37852: Flags [R.], seq 20481, ack 1, win 64240, length 0 00:00:00.000056 IP 192.168.171.1.9000 > 192.168.66.128.37852: Flags [R], seq 1865903695, win 32767, length 0 -
检测半打开连接
$ telnet 192.168.66.131 22 Trying 192.168.66.131... Connected to 192.168.66.131. Escape character is '^]'. SSH-2.0-OpenSSH_4.3 ONE PIECE Connection closed by foreign host.00:00:00.000000 IP 192.168.66.128.40868 > 192.168.66.131.22: Flags [S], seq 556956684, win 29200, options [mss 1460,sackOK,TS val 1594879 ecr 0,nop,wscale 7], length 0 00:00:00.000326 IP 192.168.66.131.22 > 192.168.66.128.40868: Flags [S.], seq 1715689874, ack 556956685, win 5792, options [mss 1460,sackOK,TS val 4294894064 ecr 1594879,nop,wscale 7], length 0 00:00:00.000049 IP 192.168.66.128.40868 > 192.168.66.131.22: Flags [.], ack 1, win 229, options [nop,nop,TS val 1594879 ecr 4294894064], length 0 00:00:00.011370 IP 192.168.66.131.22 > 192.168.66.128.40868: Flags [P.], seq 1:21, ack 1, win 46, options [nop,nop,TS val 4294894075 ecr 1594879], length 20 00:00:00.000076 IP 192.168.66.128.40868 > 192.168.66.131.22: Flags [.], ack 21, win 229, options [nop,nop,TS val 1594882 ecr 4294894075], length 0 00:03:12.727548 IP 192.168.66.128.40868 > 192.168.66.131.22: Flags [P.], seq 1:12, ack 21, win 229, options [nop,nop,TS val 1643064 ecr 4294894075], length 11 00:00:00.002127 IP 192.168.66.131.22 > 192.168.66.128.40868: Flags [R], seq 1715689895, win 0, length 0 -
主机不可达的连接请求(超时)
$ telnet www.google.com 80 Trying 75.126.135.131... telnet: Unable to connect to remote host: Connection refused00:00:00.000000 IP 192.168.66.128.50448 > 192.168.66.2.53: 5183+ A? www.google.com. (32) 00:00:00.000093 IP 192.168.66.128.50448 > 192.168.66.2.53: 21632+ AAAA? www.google.com. (32) 00:00:00.004174 IP 192.168.66.2.53 > 192.168.66.128.50448: 5183 1/0/0 A 75.126.135.131 (48) 00:00:00.000047 IP 192.168.66.2.53 > 192.168.66.128.50448: 21632 0/0/0 (32) 00:00:00.000239 IP 192.168.66.128.41516 > 75.126.135.131.80: Flags [S], seq 3229948700, win 29200, options [mss 1460,sackOK,TS val 1721759 ecr 0,nop,wscale 7], length 0 00:00:01.026997 IP 192.168.66.128.41516 > 75.126.135.131.80: Flags [S], seq 3229948700, win 29200, options [mss 1460,sackOK,TS val 1722016 ecr 0,nop,wscale 7], length 0 00:00:02.015519 IP 192.168.66.128.41516 > 75.126.135.131.80: Flags [S], seq 3229948700, win 29200, options [mss 1460,sackOK,TS val 1722520 ecr 0,nop,wscale 7], length 0 00:00:04.256726 IP 192.168.66.128.41516 > 75.126.135.131.80: Flags [S], seq 3229948700, win 29200, options [mss 1460,sackOK,TS val 1723584 ecr 0,nop,wscale 7], length 0 00:00:08.192206 IP 192.168.66.128.41516 > 75.126.135.131.80: Flags [S], seq 3229948700, win 29200, options [mss 1460,sackOK,TS val 1725632 ecr 0,nop,wscale 7], length 0 00:00:05.510774 IP 75.126.135.131.80 > 192.168.66.128.41516: Flags [R.], seq 1891069686, ack 3229948701, win 64240, length 0