Read this article only three times and you will never forget network layering!

This article is reprinted from the WeChat public account "Program New Vision", the author is Ershixiong. Please contact the WeChat public account "Program New Vision" to reprint this article.

Preface

If you don't know much about network layering, are you confused when you hear about three-layer protocol and five-layer protocol? Don't know what the so-called layers are, what the so-called protocols are? Even you know very little about network communication, then this article will surely enable you to learn quickly. If you don't gain anything, don't like it.

Network, communication, protocol

Before we go deeper, let’s understand some basic concepts.

What is a network? A network is a data link that connects workstations or hosts together using physical links to achieve resource sharing and communication. The physical link here does not only refer to the twisted pair and optical fiber that we can see, but may also be radio waves.

In a narrow sense, network communication can be understood as the data exchange between computers based on the network. Of course, there is also interaction between people and computers in this process.

Just like human communication, if you want to "chat", there must be at least one basic condition, such as using Chinese or English, which is a relatively broad agreement. In computer communication, it is similar, that is, agreeing on the data format when we interact, what each data item means, and then how you should process or respond after receiving it.

Regardless of the official definition, in simple terms, Internet Protocol is the rules for transmitting data on the Internet. Of course, there are many protocols, such as TCP, UDP, IP protocol, FTP protocol, etc. The most basic requirement for using these protocols is that the protocols used by the sender and the receiver must be the same, otherwise it would be like talking at cross purposes.

When we talk about several layers of protocols, generally speaking: the rules for layer X on one device to communicate with layer X on another device are the layer X protocol.

Network layer model

Just like a company, there are bosses, managers, team leaders, and members. People at different levels have different ways of communicating, but in the end, it is implemented from top to bottom. The communication between bosses is equivalent to the communication between application layers, and the boss's goals need the support of managers below, just like the application layer needs the support of the transport layer.

Now that we understand the basic role of network layering, let's look at several ways to layer the network. The standard seven-layer network layering is the OSI seven-layer model. The TCP/IP five-layer model and the TCP/IP four-layer model are optimized from the OSI seven-layer model.

Usually, as a user, the application layer is the most used, and in most cases you may not be aware of the existence of other layers.

So, why do we need to layer? This is similar to the idea of ​​designing software architecture, which is to have high cohesion, low coupling, reuse, and scalability. Imagine that if there is no layering, when a business or protocol needs to be changed, we can only modify or expand the entire system. After layering, it is very convenient to extract modules with different functions and modify the corresponding modules. Moreover, different layers can be reused, as long as it is processed according to the protocol of this layer.

Later, we will focus on the TCP/IP five-layer model to explain one by one.

Network Layers and Protocols

We have learned about protocols and network layering above. Here is a picture to compare which layer the common protocols are located in.

Network Layers and Physical Devices

Let's take a look at the hardware devices that usually correspond to different network layers through a picture:

Physical Layer

Now that we have understood the basics above, let's take a look at the role of each layer. It is a very good way to remember the layers of the network by the association of functions. Let's first look at the physical layer.

This layer connects various network devices so that they can transmit electrical signals of 0 1 0 1

The physical layer, as the name implies, connects computers physically, and is basically implemented using twisted pair cables, optical fibers, and radio waves. After network devices are connected, they can send high and low voltages (electrical signals) to communicate. High voltage corresponds to the number 1, and low voltage corresponds to the number 0. The 0 and 1 signals themselves have no real meaning, so another layer is needed to define the meaning of different 0 and 1 combinations.

Data Link Layer

The simple electrical signals 0 and 1 have no meaning. It is necessary to define how many bits a group of electrical signals should contain and what each group means. The function of the data link layer is to define the grouping method of electrical signals and what different groups represent by defining a set of protocols so that both computers can recognize them. This protocol is the "Ethernet protocol".

The Ethernet protocol stipulates that a group of electrical signals constitutes a data packet, which we call a frame. Each frame consists of two parts: a header and data.

The Head contains some information about the data packet, including the sender, receiver, and data type; the Data is the specific content of the data packet.

The header part contains a fixed 18 bytes:

• Sender/source address, 6 bytes;
• Receiver/destination address, 6 bytes;
• Data type, 6 bytes.

The minimum length of the data part is 46 bytes and the maximum is 1500 bytes. Therefore, the minimum length of the entire "frame" is 64 bytes and the maximum length is 1518 bytes. If the data is very long, it must be divided into multiple frames for transmission.

With the definition of data packets, how does a computer identify who is who? And how does it know the address of the other party? This involves MAC addresses and broadcasts.

MAC Address

Ethernet stipulates that all devices connected to the network must have a network card. The sending address and receiving address of the data packet refer to the network card address, that is, the MAC address.

MAC address is the unique identifier of computer devices in the network. It is identified as a hexadecimal number when the computer is produced by the manufacturer. The MAC address is theoretically unique. This is why many software use MAC address when verifying the uniqueness of the device.

The MAC address is 48 bits long in binary and is usually represented by a 12-bit hexadecimal number (the first six bits are the manufacturer number and the last six bits are the production line number).

With the MAC address, how do two machines find each other to communicate?

broadcast

With the MAC address, two hosts in the same network can communicate.

In the same subnet, computer 1 wants to send a data packet to computer 4, which contains the MAC address of the recipient. Computer 1 sends it to all computers in the network (in a broadcasting manner), and then every computer in the same subnet (including 2 and 3) will receive this data packet. Then each computer will take out the MAC address of the data packet and compare it with its own MAC address. If the two are the same, the data packet will be accepted, otherwise it will be discarded. Computer 4 finds that it contains its own MAC address, so it responds.

Network Layer

Ethernet solves the communication problem between two computers through broadcasting, a very primitive form. But obviously, it does not send data packets accurately to the recipient, but sends data packets to all computers in the network.

The network we are in is composed of countless sub-networks. Even if we ignore the existence of sub-networks, if all communications use Ethernet broadcasting, then the packet sent by one machine will be received by the whole world, and the entire network will collapse.

The realized network is composed of countless sub-networks. Ethernet uses broadcasting to send data packets, which is inefficient and the data sent can only be limited to the sub-network where the sender is located.

At this time, we need to find another way. If it is in the same subnet, we can send it by broadcasting. If it is not in the same subnet, we can distribute the data packets to different broadcast domains/subnets through gateways and routers. So there is a network layer, which handles the activities of packets in the network, such as packet routing.

The network layer introduced a new set of protocols to distinguish different broadcast domains/subnets, and thus the IP protocol came into being.

IP Protocol

The network address protocol is called IP protocol. Compared with the MAC address mentioned above, the IP address can be understood as a logical address, that is, the MAC address is a physical address and is fixed. The IP address is dynamically allocated and is not fixed. The IPv4 address is widely used now, and IPv6 is also growing and developing.

The data sent through the IP protocol is called an IP data packet, which is divided into two parts: the "header" and the "data". The "header" part mainly includes information such as version, length, IP address, etc.; the "data" part is the specific content of the IP data packet. The length of the "header" part of the IP data packet is 20 to 60 bytes, and the total length of the entire data packet is up to 65535 bytes.

An IPv4 address consists of a 32-bit binary number, which is generally divided into 4 segments of decimal representation. The address range is 0.0.0.0~255.255.255.255.

An IP address consists of two parts: the network part (identifying the subnet) and the host part (identifying the host). The number of binary bits occupied by the network part and the host part is not fixed.

The IP address segment only identifies the type of IP address. The network part or host part cannot identify the subnet of an IP. If the network part of two IPs is the same, it means they are in the same subnet. For example, 192.168.33.1 and 192.168.33.2, if their network part is 24 bits and the host part is 8 bits, the network part is 192.168.33, they are in the same subnet.

But if we don't know the network part and the host part, like 192.16.10.1 and 192.16.10.2, we can't be sure whether they are in the same subnet. So there is a subnet mask.

Subnet Mask

The subnet mask is used to identify the IP address information in the same LAN. The subnet mask is also composed of 32 binary bits, but can only be represented by 0 or 1, such as 11111111.11111111.11111111.00000000.

The network part of the subnet mask is all 1, and the host part is all 0. The IP addresses of the two computers are respectively ANDed with the subnet mask (if both digits are 1, the result is 1, otherwise 0). If the results are the same, the two computers are in the same LAN, otherwise they are not in the same LAN.

For example, if the IP address is 192.16.10.1, if it is known that the network part is the first 24 bits and the host part is the last 8 bits, then the subnet mask is 11111111.111111111.11111111.00000000, which is 255.255.255.0 in decimal.

Assuming that the subnet masks of 192.168.33.1 and 192.168.33.2 are both 255.255.255.0, and the result of adding the IP and the subnet mask is 192.168.33.0, then they are in the same subnet.

ARP Protocol

With the IP protocol, we can determine which subnet the computer belongs to. At the link layer, we communicate through MAC addresses. Now we only have the target's IP address, how can we get its MAC address? This is where the ARP protocol comes in.

The ARP protocol can send data packets by broadcasting to obtain the MAC address of the target host. The specific implementation is: the sending host sends data packets by broadcasting, and all hosts receive and unpack the packets. If they find that the target IP is theirs, they respond and return the MAC address.

Data packet format: (sender's MAC address, destination MAC address, sender's IP address, destination IP address, data).

Transport Layer

With the support of the data link layer and the network layer, we can already communicate normally between two computers, but the computer will run many programs at the same time, such as QQ and WX at the same time, so how to distinguish whether the message is from QQ or WX?

Usually we see that different programs running on a computer are assigned different ports, and the function of the transport layer is to establish port-to-port communication so that data can be correctly transmitted to different applications.

The port is the number of each program that uses the network card. Each port number identifies an executable program. The port number is an integer between 0 and 65535, exactly 16 binary bits. 0-1023 are ports occupied by the system, and other applications can only use ports greater than 1023.

At this point, using IP + port, it is possible to uniquely identify a program on the Internet and then realize program communication between networks.

The two most common protocols at the transport layer are TCP (Transmission Control Protocol) and UDP (User Data Protocol).

The UDP protocol adds a port number in front of the data. The "header" part mainly defines the outgoing port and the receiving port, which is only 8 bytes in total. The "data" part is the specific content. The total length does not exceed 65,535 bytes, which fits into an IP data packet.

The UDP protocol is simple and easy to implement, which is its advantage. But it also has a disadvantage, that is, when communicating, you don't know whether the other party has received the data. At this time, you need to define a set of rules to allow it to confirm with the other party, so TCP appears.

TCP packets have no length limit and can be infinitely long in theory. However, in order to ensure network efficiency, the length of a TCP packet usually does not exceed the length of an IP packet, that is, less than 65,535 bytes. This also ensures that a single TCP packet does not need to be segmented. The TCP three-way handshake and four-way handshake are usually completed by the transport layer. There is a lot of content about TCP implementation, so we will not expand on it here.

The advantage of TCP is that it can ensure that data will not be lost and is transmitted safely and reliably. The disadvantage is that the process is complicated, difficult to implement, and consumes more resources.

Application Layer

Finally, we come to the application layer. The application layer is the layer we see most often. The function of the application layer is to define the data format of the application. The formats of email, HTTP protocol and FTP data that we often use are defined in the application layer.

The main protocols of the application layer are: FTP (File Transfer Protocol, Port 21), Telnet (Remote Login Protocol), DNS (Domain Name Resolution Protocol), SMTP (Mail Transfer Protocol, Port 25), POP3 (Post Office Protocol), HTTP (Hyper Text Transfer Protocol, Port 80).

Front and back Russian dolls

Finally, we take HTTP requests as an example to sort out the various responsibilities and processing flows in the entire network layer. In the entire communication process, it is like a Russian nesting doll, which is packed layer by layer and then opened layer by layer.

summary

Through this article, we have explained from the bottom physical layer to the top application layer in a storytelling form. I believe you have already had a perceptual understanding. Do you find that you no longer need to memorize network layering? Do you think it is worth a thumbs up?