The seven-layer network model and TCP/UDP that you will forget after reading it once, let me popularize it for you again

In order to enable different computer manufacturers around the world to communicate with each other in a coordinated manner, it is necessary to establish a universal protocol to standardize the communication interfaces between manufacturers. This is the origin of the seven-layer network model. This article will first introduce the functions of the seven-layer network model, and then explain the two important protocols of the transport layer: TCP and UDP protocols, and will focus on the three-way handshake and four-way handshake process in the TCP protocol.

1. Seven-layer network model

Regarding the seven-layer network model, we first use an illustration to demonstrate its functions:

• Application layer: mainly refers to the application part, such as our Java program. The data generated by the application layer becomes application layer data. Typical application layer protocols, such as HTTP protocol and dubbo's RPC protocol, are defined by our application layer program itself;
• Presentation layer: This layer mainly performs some format conversion, encryption and decryption, or compression and decompression functions on the data of the application layer;
• Session layer: The main function of the session layer is to be responsible for the establishment, management and termination of sessions between processes;
• Transport layer: The transport layer provides a port-to-port data transmission service between two machines, because the application layer, presentation layer, and session layer are all aimed at a certain application process, and the process is bound to the port, but there can be multiple processes on the same server, so the transport layer provides this kind of different port-to-port access to achieve communication services that distinguish different processes. The most typical protocols in the transport layer are TCP and UDP protocols. TCP provides a connection-oriented, reliable data transmission service, while UDP is a connectionless, unreliable data transmission service. In the above figure, we can also see that after passing through the transport layer, the data will be added with a TCP or UDP header to implement the functions of different transport layer protocols;
• Network layer: The transport layer provides port-to-port transmission services on the same host, while the network layer provides connection services between different hosts. The most typical network layer protocol is the IP protocol. The network layer will add an IP header to the current data packet to achieve addressing of the target machine;
• Data link layer: This layer is a layer that connects software and hardware. Since it sends the current datagram to the unstable physical layer hardware for transmission, in order to ensure the integrity and reliability of the data, the data link layer provides mechanisms such as verification, confirmation and feedback to provide reliable datagram transmission services;
• Physical layer: The main function of the physical layer is to convert binary bit stream data such as 0101 into optical signals for transmission on physical media.

The seven-layer network model mainly provides a specification. In order to achieve different functions at each layer, each computer manufacturer will implement its own protocol. The identification of these protocols is carried out through some protocol headers. For example, in the figure above, after the data is encapsulated at each layer, its own protocol header will be added to it. When the data is transmitted to the target machine through the indoor medium, it will, in turn, parse the data layer by layer. The parsing process is actually to implement the relevant functions of each layer according to the header information of each layer.

In addition, the seven-layer network model is a relatively idealized model. The five-layer network model is now more widely used. The main difference between the five-layer model and the seven-layer model is that the application layer, presentation layer, and session layer are unified into the application layer, and the application program implements its related functions.

2. TCP vs UDP

In the process of application development, we don't need to pay too much attention to the underlying functions. We only need the relevant service providers to provide the corresponding functions. However, in the transport layer, we need to pay special attention to the two widely used protocols: TCP and UDP. The main differences between these two protocols are as follows:

TCPUDP Connection-oriented Connectionless Provides data reliability guarantee Does not provide data reliability guarantee Relatively slow Speed ​​Fast Occupies more resources Occupies less resources

Regarding TCP and UDP, we can see that these two protocols each have very distinct characteristics: although TCP occupies more resources and is relatively slow, it provides reliable data transmission services, which is very necessary in most Internet services; and although UDP does not provide reliable data guarantees, it is very fast and occupies fewer resources, which is very useful in some scenarios with low data reliability, such as audio and video services, IoT data reporting services, etc. In these cases, the loss of one or two frames of data is acceptable.

The difference between TCP and UDP in resource usage is not only reflected in the data transmission method, but also in the data transmission format. For data transmission methods, TCP sends data one datagram at a time window each time, and needs to wait for each datagram to respond to the data sender with an ACK. Only then will the data of the next data window be sent. If any datagram in the current window is not sent successfully, the data in the entire window will be resent; UDP does not have the concept of windows and the corresponding ACK mechanism. After obtaining each datagram, it simply encapsulates the UDP protocol header for it and then sends it out. It does not care whether the data is sent successfully. Therefore, UDP transmission is much faster than TCP. For the data transmission format, here we will explain the format of TCP and UDP datagrams. The following is the TCP datagram format:

As you can see, the header of a TCP datagram contains not only the source port number and the destination port number, but also the sequence number, confirmation number, header length, flags, and other information. In general, excluding the actual data part, the number of bytes occupied by the header information reaches 192 bytes. Of course, the main purpose of so many fields is to realize the TCP connection-oriented reliable transmission function. The following is the format of a UDP datagram:

As you can see, the UDP packet format is much simpler than TCP, and its header mainly contains only the source port number, destination port number, length and checksum fields, which occupy a total of 8 bytes. This is another reason why the UDP protocol has a very fast transmission rate.

2. Three-way handshake and four-way wave

TCP is a connection-oriented transport layer protocol that provides reliable transmission services. Its reliability is mainly achieved through the ACK mechanism when each datagram is sent, and its connection establishment and release are mainly achieved through three-way handshake and four-way handshake. The following is the process of the three-way handshake and four-way handshake:

For the three-way handshake, the overall process is as follows:

• First, the client sends a request to establish a connection, and its flags include SYN=1 and seq=x. As we know from the previous explanation of TCP header information, SYN=1 here indicates a request to establish a connection, and seq=x is just a sequence number of the current request. Different requests have different sequence numbers. The reason for adding this sequence number is to associate it with the response request of the server.
• After the server receives the client's request to establish a connection, it returns SYN=1, ACK=1, seq=y, ack_seq=x+1. Here, SYN=1, ACK=1 indicates an agreement to the client's request to establish a connection, seq=y indicates that this is a data transmission from the server, and ack_seq=x+1 indicates that it is a response to the client's request with seq=x.
• When the client receives the response from the server, it can confirm that the server can receive and send data normally, and when the server receives the first request from the client, it can also confirm that the client can send the request normally. At this time, the client will send an ACK=1, seq=x+1, ack_seq=y+1 to the server, and the server will complete the connection establishment after receiving it.

As you can see, the first two requests are necessary to establish a connection, and the client sends the third request for two main reasons:

• The server can ensure that the client can send and receive requests normally;
• Since the connection is established on an unstable network, it is possible that the first request is sent by the client at a certain point in time, but due to network delays, the server receives the request a long time later. At this time, the server does not know whether the request to establish the connection is a normal request. It will still send a response to the client agreeing to establish the connection. If the first request is caused by network delays, the client will not send the third handshake to the server. At this time, the server will not establish the connection after waiting for a timeout.

The four-wave handshake is initiated by the client after the client and server complete the interaction. The main process of the four-wave handshake is as follows:

• The client first sends a FIN=1, seq=u to the server. According to the previous explanation of TCP header information, we know that FIN=1 indicates that this is a disconnect request, and seq=u identifies a sequence number of this request;
• After receiving the disconnect request from the client, the server will send a response of ACK=1, seq=v, ack_seq=u+1 to the client. Here, seq=v still represents the sequence number of the current request, and ack_seq=u+1 represents the response to the disconnect request with seq=u sent by the client. However, it should be noted that this request does not mean that the server agrees to disconnect. It is still a half-closed state at this time, because the server may still have data being processed and not sent to the client. At this time, the server will complete the disconnection work;
• After the server has completed the preparation for disconnection, it will send a response to the client with FIN=1, ACK=1, seq=w, ack_seq=u+1. Note that the client is always in a waiting state during this process. Compared with the previous response, there is an additional FIN=1 here, which means that the current request is to confirm the disconnection;
• After receiving the response from the server, the client will send a response of ACK=1, seq=u+1, ack_seq=w+1 to the server, indicating that it agrees to disconnect. The server will disconnect after receiving it, and the client will disconnect itself after waiting for a short time.

3. Summary

This article first explains the OSI network seven-layer model, and explains in detail the role of each layer in the model. Then it explains the main differences between TCP and UDP in the transport layer, and compares the two protocols in terms of transmission method and transmission data format. Finally, it explains the main process of the three-way handshake and four-way handshake in the TCP protocol, and explains in detail the role of each step.