Interview Question Series: 12 Deadly Questions on Network

1. What is your understanding of the TCP/IP four-layer model and the OSI seven-layer model?

In order to enhance versatility and compatibility, computer networks are designed as hierarchical structures, with each layer following certain rules.

[[403728]]

Therefore, there is an abstract network communication reference model such as OSI, which allows computer network systems to be connected to each other according to this standard.

• Physical layer: Computers are connected through physical means such as network cables and optical cables. The transmitted data is a bit stream, 0101010100.
• Data link layer: First, encapsulate the bit stream into a data frame format, and group 0 and 1. After the computers are connected, the data is transmitted through the network card, and the network card defines a unique MAC address in the world. Then the data is sent to all computers in the local area network in the form of broadcasting, and then the MAC address in the data is compared with the computer itself to determine whether it is sent to itself.
• Network layer: Broadcasting is too inefficient. In order to distinguish which MAC addresses belong to the same subnet, the network layer defines IP and subnet mask. By performing AND operations on IP and subnet mask, we can know whether they are in the same subnet, and then transmit through routers and switches. IP protocol belongs to the network layer protocol.
• Transport layer: After obtaining the MAC+IP address of the network layer, in order to determine which process the data packet is sent from, a port number is required to establish communication through the port. For example, TCP and UDP belong to this layer of protocols.
• Session layer: responsible for establishing and disconnecting connections
• Presentation layer: In order to make the data understandable to other computers, the data is converted into another format, such as text, video, picture, etc.
• Application layer: The highest layer, facing the user, providing computer networks and the interface that is ultimately presented to the user

TCP/IP is a four-layer structure, which is equivalent to a simplification of the OSI model.

• The data link layer, also known as the network access layer or the network interface layer, includes the physical layer and the data link layer of the OSI model, connecting computers.
• The network layer, also called the IP layer, handles the transmission and routing of IP packets and establishes communication between hosts.
• The transport layer provides end-to-end communication between two host devices.
• The application layer, which includes the session layer, presentation layer, and application layer of OSI, provides some commonly used protocol specifications, such as FTP, SMPT, HTTP, etc.

To sum up, the physical layer connects computers through physical means, the data link layer groups the bit stream data, the network layer establishes host-to-host communication, the transport layer establishes port-to-port communication, and the application layer is ultimately responsible for establishing the connection, converting the data format, and finally presenting it to the user.

2. What is the process of TCP 3-way handshake?

The server needs to listen to the port before establishing a connection, so the initial state is LISTEN.

• The client establishes a connection and sends a SYN synchronization packet. After sending, the status changes to SYN_SENT
• After receiving SYN, the server agrees to establish a connection and returns an ACK response. It also sends a SYN packet to the client. After the sending is completed, the state changes to SYN_RCVD
• After the client receives the ACK from the server, the status changes to ESTABLISHED and the client returns ACK to the server. After the server receives the ACK, the status also changes to ESTABLISHED and the connection is established.

3. Why 3 times? 2 or 4 times?

Because TCP is a duplex transmission mode, it does not distinguish between the client and the server, and the establishment of a connection is a two-way process.

If there are only two times, a two-way connection cannot be established. It can be seen from the fact that the SYN and ACK replied by the server when establishing the connection are combined into one time, it does not need four times.

Why wave four times? Because the ACK and FIN of wave cannot be sent at the same time, because the deadline for data sending is different.

4. What about the process of four waves?

1. The client sends a FIN packet to the server and enters the FIN_WAIT_1 state, which means that the client has no data to send.
2. After receiving the data, the server returns an ACK and enters the CLOSE_WAIT state, waiting to be closed, because the server may not have completed sending data.
3. After the server has sent all the data, it sends a FIN to the client and enters the LAST_ACK state.
4. After receiving the ACK, the client enters the TIME_WAIT state and replies with an ACK. After receiving the ACK, the server directly enters the CLOSED state and the connection is closed. However, the client has to wait for 2MSL (maximum message lifetime) before entering the CLOSED state.

5. Why do we have to wait for 2MSL to shut down?

• In order to ensure reliable closure of the connection, if the server does not receive the last ACK, it will resend FIN.
• In order to avoid data confusion caused by port reuse, if the client directly enters the CLOSED state and establishes a connection to the server using the same port number, part of the data from the previous connection will be delayed in the network before reaching the server, and data confusion may occur.

6. How does TCP ensure the reliability of the transmission process?

Checksum: The sender calculates the checksum before sending the data, and the receiver does the same after receiving the data. If they are inconsistent, then the transmission is incorrect.

Confirmation response, sequence number: When TCP is transmitted, the data is numbered, and each time the receiver returns ACK, there is a confirmation sequence number.

Timeout retransmission: If the sender does not receive ACK after sending data for a period of time, it will resend the data.

Connection management: three-way handshake and four-way wave process.

Flow control: The TCP protocol header contains a 16-bit window size. The receiver will fill in its own immediate window when returning ACK, and the sender will control the sending speed according to the size of the window in the message.

Congestion control: When data is first sent, the congestion window is 1. Each time an ACK is received, the congestion window is increased by 1. The smaller value of the congestion window and the received window is used as the actual sending window. If a timeout retransmission occurs, the congestion window is reset to 1. The purpose of this is to ensure the efficiency and reliability of the transmission process.

7. What is the process of a browser requesting a URL?

• First, the domain name is resolved into an IP address through the DNS server, and the IP and subnet mask are used to determine whether they belong to the same subnet.
• Construct an application layer request http message, add a TCP/UDP header to the transport layer, add an IP header to the network layer, and add an Ethernet protocol header to the data link layer
• The data is forwarded through routers and switches and finally reaches the target server. The target server also parses the data, finally gets the http message, and responds back according to the logic of the corresponding program.

8. Do you know how HTTPS works?

• The user requests an https website through a browser. The server receives the request, selects the encryption and hash algorithms supported by the browser, and returns a digital certificate to the browser, which contains information such as the issuing authority, URL, public key, and certificate validity period.
• The browser verifies the contents of the certificate and will issue a warning if there is a problem. Otherwise, it will generate a random number X, encrypt it with the public key in the certificate, and send it to the server.
• After receiving it, the server uses the private key to decrypt it and obtain the random number X, then uses X to encrypt the web page content and returns it to the browser.
• The browser uses X and the previously agreed encryption algorithm to decrypt and obtain the final web page content.

9. What are the implementation methods of load balancing?

DNS: This is the simplest load balancing method, generally used to achieve geographical load balancing. Users in different regions can return different IP addresses through DNS resolution. This type of load balancing is simple, but its scalability is too poor, and the control lies with the domain name service provider.

Http redirection: load balancing is achieved by modifying the Location field in the Http response header, using Http 302 redirection. This method affects performance and increases request time.

Reverse proxy: A mode that acts on the application layer, also known as layer-7 load balancing, such as the common Nginx, which generally has a performance of 10,000. This method is simple to deploy, low-cost, and easy to expand.

IP: This mode acts on the network layer and the transport layer, also known as layer 4 load balancing, which achieves the effect of load balancing by modifying the IP address and port of the data packet. Common ones include LVS (Linux Virtual Server), which usually supports 100,000 concurrent connections.

According to the type, it can also be divided into DNS load balancing, hardware load balancing, and software load balancing.

Among them, hardware load balancing is expensive, but has the best performance, reaching the million level. Software load balancing includes Nginx and LVS.

10. What are the differences between BIO/NIO/AIO?

BIO: Synchronous blocking IO, for each client connection, the server will correspond to a processing thread, and connections that are not assigned to a processing thread will be blocked or rejected. It is equivalent to one thread for each connection.

NIO: Synchronous non-blocking IO, based on the Reactor model, the client communicates with the channel, the channel can perform read and write operations, and the multiplexer selector is used to poll the channels registered on it, and then perform IO operations. In this way, when performing IO operations, only one thread can be used to process, that is, one thread per request.

AIO: Asynchronous non-blocking IO, which goes a step further than NIO. The operating system handles the request completely and then notifies the server to start a thread for processing. Therefore, one thread is effectively requested.

11. So how do you understand synchronization and blocking?

First of all, you can think of an IO operation as consisting of two parts:

• Initiate IO request
• Actual IO read and write operations

The difference between synchronization and asynchrony lies in the second one, the actual IO read and write operations. If the operating system completes it for you and then notifies you, it is asynchronous, otherwise it is called synchronization.

The difference between blocking and non-blocking is that, first, an IO request is initiated. For NIO, after an IO operation request is initiated through a channel, it actually returns, so it is non-blocking.

12. What is your understanding of the Reactor model?

The Reactor model consists of two components:

1. Reactor: Responsible for querying and responding to IO events. When IO events are detected, they are distributed to Handlers for processing.
2. Handler: bound to IO events and responsible for handling IO events.

It includes several implementations:

Single-threaded Reactor

In this mode, the reactor and handler are in the same thread. If a handler is blocked, all other handlers will be unable to execute and the performance of multiple cores cannot be fully utilized.

Single Reactor Multithreading

Since decode, compute, and encode operations are not IO operations, the idea of ​​the multi-threaded Reactor is to give full play to the characteristics of multi-core and separate non-IO operations.

However, a single Reactor is responsible for all event monitoring and response work. If there are too many connections, there may still be performance issues.

Multi-Reactor Multi-Thread

In order to solve the performance problem of a single Reactor, a multi-Reactor model was created, where the mainReactor establishes the connection and multiple subReactors are responsible for data reading and writing.