TCP/IP protocol is used to transmit onions? This article will give you a deeper understanding

1. Computer Network Architecture Layering

Computer network architecture layering

Computer network architecture layering

It is not difficult to see that TCP/IP and OSI are slightly different in layered modules. The OSI reference model focuses on "what are the necessary functions of the communication protocol", while TCP/IP emphasizes "what kind of program should be developed to implement the protocol on the computer".

2. TCP/IP Basics

1. The specific meaning of TCP/IP

In a literal sense, some people may think that TCP/IP refers to the two protocols TCP and IP. In real life, sometimes it does refer to these two protocols. However, in many cases, it is just a general term for the protocol group that must be used when using IP for communication. Specifically, IP or ICMP, TCP or UDP, TELNET or FTP, and HTTP are all TCP/IP protocols. They are closely related to TCP or IP and are an indispensable part of the Internet. The term TCP/IP refers to these protocols in general, so TCP/IP is sometimes called the Internet Protocol Group.

When the Internet communicates, a corresponding network protocol is required. TCP/IP is a protocol family originally developed for the use of the Internet. Therefore, the Internet protocol is TCP/IP, and TCP/IP is the Internet protocol.

Internet Protocol Suite

2. Data Packet

Packet, frame, data packet, segment, message

The above five terms are all used to express the units of data, which can be roughly divided into the following categories:

• Bag can be said to be a catch-all term;
• Frame is used to represent the unit of packet in the data link layer;
• Data packets are the unit of packets in layers above the network layer such as IP and UDP;
• Segments represent information in a TCP data stream;
• A message is a unit of data in an application protocol.

In each layer, a header is added to the data to be sent. This header contains the necessary information for that layer, such as the destination address and protocol-related information. Usually, the information provided to the protocol is the packet header, and the content to be sent is the data. From the perspective of the next layer, all packets received from the previous layer are considered to be data of this layer.

Packet header

The data packets transmitted in the network are composed of two parts: one is the header used by the protocol, and the other is the data transmitted from the upper layer. The structure of the header is defined in detail by the specific specifications of the protocol. In the header of the data packet, it is clearly indicated how the protocol should read the data. Conversely, by seeing the header, you can understand the necessary information of the protocol and the data to be processed. The packet header is like the face of the protocol.

3. Data processing flow

The following figure takes user a sending an email to user b as an example:

Data processing flow

① Application Processing

First, the application will perform encoding processing, which is equivalent to the presentation layer function of OSI;

After the encoding conversion, the email may not be sent out immediately. This management function of when to establish a communication connection and when to send data is equivalent to the session layer function of OSI.

② TCP module processing

TCP is responsible for establishing connections, sending data, and disconnecting connections according to the instructions of the application. TCP provides reliable transmission of data sent from the application layer to the other end. In order to achieve this function, a TCP header needs to be attached to the front end of the application layer data.

③ Processing of IP modules

IP combines the TCP header and TCP data transmitted by TCP as its own data, and adds its own IP header to the front of the TCP header. After the IP packet is generated, the routing control table is referenced to determine the route or host that receives the IP packet.

④ Network interface (Ethernet driver) processing

The IP packets transmitted from IP are data for Ethernet. The Ethernet header is attached to these data and sent, and the generated Ethernet data packets will be transmitted to the receiving end through the physical layer.

⑤ Network interface (Ethernet driver) processing

After receiving an Ethernet packet, the host first finds the MAC address from the Ethernet packet header to determine whether it is a packet sent to itself. If not, the data is discarded.

If it is a packet sent to itself, the data type is determined from the type in the Ethernet packet header and then passed to the corresponding module, such as IP, ARP, etc. The example here is IP.

⑥ Processing of IP modules

The IP module also performs similar processing after receiving the data. It determines from the packet header whether the IP address matches its own IP address. If it matches, it sends the data to the corresponding module according to the protocol type in the header, such as TCP, UDP. The example here is TCP.

In addition, in the case of a router, the receiving address is often not your own address. At this time, you need to use the routing control table to investigate the host or router to which the data should be sent before forwarding the data.

⑦ TCP module processing

In the TCP module, the checksum is first calculated to determine whether the data is corrupted. Then it is checked whether the data is received according to the sequence number. Finally, the port number is checked to determine the specific application. After the data is completely received, it will be passed to the application identified by the port number.

⑧ Application Processing

The receiving application will directly receive the data sent by the sending end, parse the data, and display the corresponding content.

3. TCP and UDP in the transport layer

• There are two representative transport layer protocols in TCP/IP, namely TCP and UDP.
• TCP is a connection-oriented, reliable streaming protocol. Stream refers to an uninterrupted data structure. When an application uses TCP to send messages, although the order of sending can be guaranteed, it is still like a data stream without any intervals sent to the receiving end. In order to provide reliable transmission, TCP implements "sequence control" or "retransmission control" mechanism. In addition, it also has many functions such as "flow control (traffic control)", "congestion control", and improving network utilization.
• UDP is an unreliable datagram protocol. It will be handed over to the upper-layer application to complete the subtle processing. In the case of UDP, although the size of the message can be guaranteed, it cannot guarantee that the message will arrive. Therefore, the application sometimes performs retransmission processing according to its own needs.
• The advantages and disadvantages of TCP and UDP cannot be simply and absolutely compared: TCP is used when reliable transmission is necessary at the transport layer; on the other hand, UDP is mainly used for communications or broadcast communications that have high requirements for high-speed transmission and real-time performance. TCP and UDP should be used as needed according to the purpose of the application.

1. Port number

The addresses in data links and IP refer to MAC addresses and IP addresses respectively. The former is used to identify different computers in the same link, and the latter is used to identify interconnected hosts and routers in a TCP/IP network. There is also a concept similar to addresses in the transport layer, which is the port number. The port number is used to identify different applications communicating in the same computer. Therefore, it is also called a program address.

1.1 Identify applications by port number

Multiple programs can run on a computer at the same time. The transport layer protocol uses these port numbers to identify the applications that are communicating on the local machine and accurately transmit data.

Identify applications by port number

1.2 Communication identification by IP address, port number, and protocol number

• It is not enough to identify a communication by its destination port number alone.

Communication identification through port number, IP address, and protocol number

• The communication between ① and ② is carried out on two computers. Their destination port numbers are the same, both 80. Here they can be distinguished based on the source port number.
• The destination port number and source port number of ③ and ① are exactly the same, but their respective source IP addresses are different.
• In addition, when the IP addresses and port numbers are all the same, we can also distinguish them by the protocol number (TCP and UDP).

1.3 Determination of port number

• Standardized port number: This method is also called static method. It means that each application has its own designated port number. But it does not mean that any port number can be used at will. For example, the port numbers used in widely used application protocols such as HTTP, FTP, and TELNET are fixed. These port numbers are called well-known port numbers, which are distributed between 0 and 1023. In addition to the well-known port numbers, there are also some port numbers that are officially registered, which are distributed between 1024 and 49151, but these port numbers can be used for any communication purpose.
• Sequential allocation method: The server needs to determine the listening port number, but the client receiving the service does not need to determine the port number. In this method, the client application does not need to set the port number by itself, but leaves it to the operating system to allocate. The dynamically allocated port number ranges from 49152 to 65535.

1.4 Port Number and Protocol

• The port number is determined by the transport layer protocol it is using. Therefore, different transport layer protocols can use the same port number.
• In addition, those well-known port numbers have nothing to do with the transport layer protocol. As long as the port is consistent, the same application will be assigned for processing.

2. UDP

• UDP does not provide complex control mechanisms and uses IP to provide connectionless communication services.
• And it is a mechanism that sends the data sent by the application to the network as it is at the moment of receipt. Even if there is network congestion, UDP cannot perform flow control and other behaviors to avoid network congestion.
• In addition, if packet loss occurs during transmission, UDP is not responsible for retransmission.
• There is no correction function even when packets arrive out of order.
• If the above detailed control is required, it has to be handled by the application using UDP.
• UDP is often used in the following aspects: 1. Communications with a small total packet volume (DNS, SNMP, etc.); 2. Multimedia communications such as video and audio (instant messaging); 3. Application communications limited to specific networks such as LAN; 4. Broadcast communications (broadcast, multicast).

3. TCP

• TCP is quite different from UDP. It fully implements various control functions during data transmission, can perform retransmission control when packets are lost, and can also perform sequence control on out-of-order packets. These are not available in UDP.
• In addition, as a connection-oriented protocol, TCP will only send data when it confirms the existence of the other party, thereby controlling the waste of communication traffic.
• Based on these mechanisms of TCP, high-reliability communication can be achieved on a connectionless network such as IP (mainly through mechanisms such as checksum, sequence number, confirmation response, retransmission control, connection management and window control).

3.1 Three-way handshake (key points)

• TCP provides connection-oriented communication transmission. Connection-oriented means that preparations between the two ends must be done before data communication begins.
• The so-called three-way handshake means that when establishing a TCP connection, the client and server need to send a total of three packets to confirm the establishment of the connection. In socket programming, this process is triggered by the client executing connect.

Let's take a look at the flowchart of the three-way handshake:

Three-way handshake

• First handshake: The client sets the SYN flag to 1, randomly generates a value seq=J, and sends the data packet to the server. The client enters the SYN_SENT state and waits for confirmation from the server.
• Second handshake: After receiving the data packet, the server knows from the flag bit SYN=1 that the client requests to establish a connection. The server sets the flag bits SYN and ACK to 1, ack=J+1, randomly generates a value seq=K, and sends the data packet to the client to confirm the connection request. The server enters the SYN_RCVD state.
• The third handshake: After the client receives the confirmation, it checks whether ack is J+1 and ACK is 1. If correct, it sets the flag ACK to 1, ack=K+1, and sends the data packet to the server. The server checks whether ack is K+1 and ACK is 1. If correct, the connection is successfully established, the client and server enter the ESTABLISHED state, and the three-way handshake is completed. Then the client and server can start transmitting data.

3.2 Four waves (key points)

Four waves terminate the TCP connection, which means that when a TCP connection is disconnected, the client and the server need to send a total of 4 packets to confirm the disconnection. In socket programming, this process is triggered by either the client or the server executing close.

Since TCP connection is full-duplex, each direction must be closed separately. The principle is that when one party completes the data sending task, it sends a FIN to terminate the connection in this direction. Receiving a FIN only means that there is no data flow in this direction, that is, no more data will be received, but data can still be sent on this TCP connection until FIN is sent in this direction. The party that closes first will perform an active close, while the other party will perform a passive close.

Let's take a look at the flowchart of four waves:

Four waves

• The disconnected end can be either the client or the server.
• First wave: The client sends a FIN=M to close the data transmission from the client to the server, and the client enters the FIN_WAIT_1 state. This means "I have no data to send to you from the client", but if your server still has data to send, you don't have to rush to close the connection and can continue to send data.
• Second wave: After receiving FIN, the server first sends ack=M+1 to tell the client that I have received your request, but I am not ready yet, please continue to wait for my message. At this time, the client enters the FIN_WAIT_2 state and continues to wait for the FIN message from the server.
• The third wave: When the server determines that the data has been sent, it sends a FIN=N message to the client, telling the client that the data has been sent and the connection is ready to be closed. The server enters the LAST_ACK state.
• Fourth handshake: After the client receives the FIN=N message, it knows that it can close the connection, but it still does not trust the network and is afraid that the server does not know to close it, so it sends ack=N+1 and enters the TIME_WAIT state. If the server does not receive ACK, it can retransmit. After the server receives ACK, it knows that it can disconnect. After the client waits for 2MSL and still does not receive a reply, it proves that the server has closed normally. Well, my client can also close the connection. Finally, the four-way handshake is completed.
• The above is a case where one party actively closes and the other party passively closes. In practice, there are also cases where both parties initiate active closures at the same time.

The specific process is as follows:

Wave at the same time

3.3 Improving reliability through sequence numbers and confirmation responses

• In TCP, when the data from the sender reaches the receiving host, the receiving host will return a notification that the message has been received. This message is called an acknowledgment (ACK). After the sender sends the data, it will wait for the acknowledgment from the other end. If there is an acknowledgment, it means that the data has successfully reached the other end. Otherwise, there is a high possibility of data loss.
• If the sender does not receive a confirmation response within a certain period of time, it can assume that the data has been lost and resend it. In this way, even if packet loss occurs, it can still ensure that the data can reach the other end and achieve reliable transmission.
• Failure to receive a confirmation response does not necessarily mean that the data has been lost. It is also possible that the data has been received by the other party, but the returned confirmation response was lost on the way. This situation may also cause the sender to mistakenly believe that the data has not reached the destination and resend the data.
• In addition, it is also possible that the confirmation response is delayed due to some other reasons, and it is not uncommon for it to arrive after the source host resends the data. In this case, the source host only needs to resend the data according to the mechanism.
• It is undesirable for the target host to receive the same data repeatedly. In order to provide reliable transmission for upper-layer applications, the target host must discard duplicate data packets. For this reason, we introduce sequence numbers.
• The sequence number is a number that is assigned to each byte (8-bit byte) of the sent data in order. The receiving end queries the sequence number and the length of the data in the TCP header of the received data, and sends back the sequence number that it should receive next as a confirmation response. Through the sequence number and confirmation response number, TCP can identify whether the data has been received and whether it needs to be received, thereby achieving reliable transmission.

Sequence Number and Confirmation Response

3.4 Determination of retransmission timeout

• The retransmission timeout is the specific time interval for waiting for the confirmation response before retransmitting the data. If the confirmation response is not received after this time, the sender will retransmit the data. Ideally, a minimum time is found that can guarantee that "the confirmation response will be returned within this time".
• TCP requires high-performance communication regardless of the network environment, and this feature must be maintained regardless of changes in network congestion. To this end, it calculates the round-trip time and its deviation every time a packet is sent. Adding the round-trip time and the deviation time, the retransmission timeout is a value slightly larger than this sum.
• In BSD Unix and Windows systems, the timeout is controlled in units of 0.5 seconds, so the retransmission timeout is an integer multiple of 0.5 seconds. However, the default value of the retransmission timeout is generally set to about 6 seconds.
• If the data is resent and still no confirmation response is received, it will be sent again. At this time, the time to wait for the confirmation response will be extended by 2 times and 4 times the exponential function.
• In addition, data will not be interrupted and resent repeatedly. If there is still no confirmation response after a certain number of retransmissions, it will be judged that an abnormality has occurred in the network or the other host, and the connection will be forcibly closed. The application will also be notified that the communication abnormality has been forcibly terminated.

3.5 Sending Data in Segments

• When establishing a TCP connection, the unit of sending data packets can also be determined, which we can also call the "Maximum Message Size" (MSS). Ideally, the maximum message size is exactly the maximum data length in IP that will not be fragmented.
• When TCP transmits a large amount of data, it divides the data into segments based on the size of the MSS and retransmits the data in units of the MSS.
• The MSS is calculated between the two hosts during the three-way handshake. When the hosts at both ends send a request to establish a connection, they will write the MSS option in the TCP header to tell the other party the size of the MSS that their interface can adapt to. Then they will choose a smaller value between the two and put it into use.

3.6 Using Window Control to Improve Speed

• TCP uses one segment as a unit and performs a confirmation response process every time a segment is sent. This transmission method has a disadvantage that the longer the round-trip time of the packet, the lower the communication performance.
• To solve this problem, TCP introduced the concept of window. The confirmation response is no longer based on each segment, but on a larger unit, and the forwarding time will be greatly shortened. In other words, the sending host does not need to wait for the confirmation response after sending a segment, but can continue to send. As shown in the following figure:

Window Control

• The window size is the maximum value at which data can be sent without waiting for confirmation. In the figure above, the window size is 4 segments. This mechanism uses a large buffer and confirms multiple segments at the same time.

3.7 Sliding Window Control

Sliding Window

• The data in the window in the figure above can be sent even if no confirmation response is received. However, before the confirmation response of the entire window arrives, if some of the data is lost, the sender is still responsible for retransmission. To this end, the sending host needs to set up a cache to retain the data to be retransmitted until their confirmation response is received.
• The part outside the sliding window includes the data that has not been sent and the data that has been confirmed to have been received by the other end. When the data is sent, if the confirmation response is received as expected, there is no need to resend it, and the data can be cleared from the buffer.
• When a confirmation response is received, the window is slid to the position of the sequence number in the confirmation response. In this way, multiple segments can be sent simultaneously in sequence to improve communication performance. This mechanism is also called sliding window control.

3.8 Retransmission Control in Window Control

When using window control, packet loss generally occurs in two situations:

① The confirmation response fails to return. In this case, the data has reached the other end and does not need to be resent, as shown in the following figure:

Partial acknowledgment lost

② The situation where a certain segment is lost. If the receiving host receives data other than the sequence number it should receive, it will return a confirmation response for the data received so far. As shown in the figure below, when a certain segment is lost, the sender will continue to receive confirmation responses with sequence number 1001. Therefore, when the window is large and segment loss occurs, confirmation responses with the same sequence number will be repeatedly returned. If the sending host receives the same confirmation response three times in a row, it will resend the corresponding data. This mechanism is more efficient than the timeout management mentioned above, so it is also called high-speed retransmission control.

High-speed retransmission control

4. IP protocol in the network layer

• IP (IPv4, IPv6) is equivalent to the third layer in the OSI reference model - the network layer. The main function of the network layer is to "realize communication between terminal nodes." This kind of communication between terminal nodes is also called "point-to-point communication."
• The next layer of the network, the data link layer, is mainly used to transmit packets between nodes interconnected by the same data link. Once multiple data links are crossed, the network layer is needed. The network layer can cross different data links and can realize data packet transmission between nodes at both ends even on different data links.
• IP is roughly divided into three major functional modules, namely IP addressing, routing (forwarding to the final node) and IP packet sub-packetization and assembly.

1. IP address

1.1 IP Address Overview

• In computer communication, in order to identify the other end of the communication, an identification code similar to an address must be used for identification. The MAC address in the data link is an identification code used to identify different computers in the same link.
• IP, as the network layer, also has this address information, which is generally called an IP address. The IP address is used to "identify the target address for communication among all hosts connected to the network." Therefore, in TCP/IP communication, all hosts or routers must set their own IP addresses.
• Regardless of which data link a host is connected to, the form of its IP address remains the same.
• An IP address (IPv4 address) is represented by a 32-bit positive integer. IP addresses are processed in binary format inside computers. However, since we are not used to using binary format, we divide the 32-bit IP address into 4 groups of 8 bits each, separate each group with a ".", and then convert each group into a decimal number. As follows:

1.2 IP address consists of two parts: network and host.

As shown in the figure below, the network identifier is configured with different values ​​in each segment of the data link. The network identifier must ensure that the addresses of each segment connected to each other are not repeated. The hosts connected in the same segment must have the same network address. The "host identifier" of the IP address is not allowed to appear repeatedly in the same network segment. Therefore, by setting the network address and host address, it can be ensured that the IP addresses of each host in the entire interconnected network will not overlap. That is, the IP address has uniqueness.

Host ID of the IP address

As shown in the figure below, when an IP packet is forwarded to a router on the way, it is routed using the network identifier of the target IP address. Because even without looking at the host identifier, as long as the network identifier is seen, it can be determined whether it is a host in the network segment.

Network identification of IP address

1.3 Classification of IP addresses

• IP addresses are divided into four levels: Class A, Class B, Class C, and Class D. It distinguishes the network identifier and host identifier based on the bit column from the 1st to the 4th bit in the IP address.
• A class A IP address is an address that starts with "0". Bits 1 to 8 are its network identifier. In decimal notation, 0.0.0.0~127.0.0.0 is a class A network address. The last 24 bits of a class A address are equivalent to a host identifier. Therefore, the upper limit of the host addresses that can be accommodated in a network segment is 16,777,214.
• Class B IP addresses are addresses with the first two digits "10". Bits 1 to 16 are its network identifier. In decimal notation, 128.0.0.0~191.255.0.0 is a Class B network address. The last 16 bits of a Class B address are equivalent to a host identifier. Therefore, the upper limit of the host addresses that can be accommodated in a network segment is 65,534.
• Class C IP addresses are addresses with the first three digits being "110". Bits 1 to 24 are its network identifier. In decimal notation, 192.0.0.0~223.255.255.0 is a Class C network address. The last 8 bits of a Class C address are equivalent to a host identifier. Therefore, the upper limit of the number of host addresses that can be accommodated in a network segment is 254.
• Class D IP address is an address whose first four bits are "1110". Bits 1 to 32 are its network identifier. In decimal notation, 224.0.0.0~239.255.255.255 is a Class D network address. Class D addresses have no host identifier and are often used for multicast.
• There is one thing to note about host identification when assigning IP addresses. That is, when using bits to represent the host address, they cannot be all 0 or all 1. Because all 0 is only used when the corresponding network address or IP address is unknown. And all 1 hosts are usually used as broadcast addresses. Therefore, these two situations should be removed during the assignment process. This is also the reason why each network segment of a Class C address can only have a maximum of 254 (28 - 2 = 254) host addresses.

1.4 Broadcast Address

• The broadcast address is used to send data packets between hosts connected to each other in the same link. If the host address part of the IP address is set to all 1s, it becomes a broadcast address.
• There are two types of broadcasts: local broadcast and direct broadcast. Broadcasts within the network are called local broadcasts, while broadcasts between different networks are called direct broadcasts.

1.5 IP Multicast

• Multicast is used to send packets to all hosts in a specific group. Since it uses IP addresses directly, there is no reliable transmission.
• Compared to broadcast, multicast can penetrate routers and send data packets only to necessary groups. See the figure below:

IP Multicast

• Multicast uses Class D addresses. Therefore, if the first to fourth bits are "1110", it can be considered a multicast address. The remaining 28 bits can be the multicast group number.
• In addition, for multicast, all hosts (hosts other than routers and end hosts) must belong to the 224.0.0.1 group, and all routers must belong to the 224.0.0.2 group.

1.6 Subnet Mask

• Now the network identifier and host identifier of an IP address are no longer limited to the category of the address, but are divided into networks with smaller granularity than Class A, Class B, and Class C through a subnet network address using an identification code called a "subnet mask". This method actually uses the host address part of the original Class A, Class B, Class C, etc. as a subnet address, which is a mechanism to divide the original network into multiple physical networks.
• If the subnet mask is expressed in binary form, it is also a 32-bit number. The bits corresponding to the network identification part of the IP address are all "1", and the bits corresponding to the host identification part of the IP address are all "0". Therefore, an IP address is no longer limited to its own category, but can use such a subnet mask to freely locate its own network identification length. Of course, the subnet mask must be a continuous "1" starting from the first bit of the IP address.
• There are currently two ways to represent a subnet mask. The first is to represent the IP address and the subnet mask address in two lines. Take the case where the first 26 bits of 172.20.100.52 are the network address as an example, as follows:

The second way to express it is to add the number of digits of the network address after each IP address separated by "/", as follows:

2. Routing

The address used when sending a data packet is the address of the network layer, that is, the IP address. However, the IP address alone is not enough to send the data packet to the destination address on the other end. In the process of data transmission, information similar to "specifying the router or host" is also required in order to actually send it to the destination address. The routing control table is where this information is stored.

There are two ways to form the routing control table: one is manual setting by the administrator, and the other is automatic refresh when the router exchanges information with other routers. The former is also called static routing control, and the latter is called dynamic routing control.

The IP protocol always assumes that the routing table is correct. However, IP itself does not define a protocol for making a routing control table. That is, IP does not have a mechanism for making a routing control table. This representation is made by a protocol called a "routing protocol".

2.1 IP address and routing control

• The network address portion of an IP address is used for routing control.
• The routing control table records the network address and the address of the router that should be sent to next.
• When sending an IP packet, the first thing to do is to determine the destination address in the IP packet header, then find a record with the same network address as the address in the routing control table, and forward the IP packet to the corresponding next router based on the record. If there are multiple records with the same network address in the routing control table, select the one that best matches the network address.

Routing control table and IP packet sending

3. IP packetization and packet assembly

• The Maximum Transmission Unit (MTU) of each data link is different because each different type of data link has a different purpose. Different purposes lead to different MTUs.
• Any host needs to process IP fragments accordingly. Fragments are usually processed when a large message cannot be sent out at once on the network.
• After the IP datagram is fragmented, it can only be reassembled by the destination host. Although the router does fragmentation, it does not reassemble.

3.1 Path MTU Discovery

• The fragmentation mechanism also has its disadvantages, such as increased processing load on routers. Therefore, if allowed, it is not desirable for routers to perform fragmentation of IP packets.
• In order to deal with the shortcomings of the fragmentation mechanism, the "path MTU discovery" technology came into being. Path MTU refers to the size of the maximum MTU that does not require fragmentation from the sending host to the receiving host. That is, the smallest MTU of all data links in the path.
• By performing path MTU discovery, you can avoid fragmentation on intermediate routers and send larger packets in TCP.

4. IPv6

• IPv6 (IP version 6) is an Internet protocol that was standardized to fundamentally solve the problem of IPv4 address exhaustion. The address length of IPv4 is 4 8-bit bytes, that is, 32 bits. The address length of IPv6 is 4 times the original, that is, 128 bits, generally written as 8 16-bit bytes.

4.1 Features of IPv6

• Extension of IP knowledge and aggregation of routing control tables.
• Performance improvement. The packet header length uses a fixed value (40 bytes), and the header check code is no longer used. The header structure is simplified to reduce the burden on routers. Routers no longer perform fragmentation processing.
• Supports plug-and-play function. Even without DHCP server, IP address can be automatically assigned.
• Authentication and encryption functions are adopted. Network security functions to deal with forged IP addresses and functions to prevent line eavesdropping.
• Multicast and Mobile IP become extended functions.

4.2 IPv6 IP Address Notation

• Generally, people divide the 128-bit IP address into groups of 16 bits, and separate each group with a colon (":").
• If there are consecutive 0s, you can omit them and separate them with two colons ("::"). However, two consecutive colons are allowed to appear only once in an IP address.

4.3 Structure of IPv6 Address

IPv6 is similar to IPv4 in that the type of IP address is identified by the first few digits of the IP address.

In Internet communication, a global unicast address is used. It is the only address in the Internet and does not require formal allocation of IP addresses.

4.4 Global Unicast Address

A global unicast address is a unique address in the world. It is the most commonly used IPv6 address in Internet communications and internal communications within each domain.

The format is shown in the figure below. The format currently used in IPv6 networks is n = 48, m = 16 and 128 - n - m = 64. That is, the first 64 bits are the network identifier and the last 64 bits are the host identifier.

Global unicast address

4.5 Link-local unicast address

Link-local unicast address is a unique address in the same data link. It is used for communication in the same link without passing through a router. Usually the interface ID stores the 64-bit version of the MAC address.

Link-local unicast address

4.6 Unique Local Address

• Unique local addresses are addresses used when no Internet communications are taking place.
• Although the unique local address will not be connected to the Internet, it will also generate a unique global ID as randomly as possible.
• L is usually set to 1
• The value of the global ID is determined randomly
• Subnet ID refers to the domain subnet address
• Interface ID is the ID of the interface

Unique Local Address

4.7 IPv6 Fragmentation Processing

• IPv6 fragmentation is only performed on the sending host as the starting point, and routers do not participate in fragmentation.
• The minimum MTU in IPv6 is 1280 bytes. Therefore, in embedded systems, for devices with certain system resource limitations, there is no need to perform "path MTU discovery". Instead, IP packets are directly sent in 1280-byte fragments.

4.8 IP header (omitted for now)

5. IP protocol related technologies

• IP is designed to allow the final target host to receive the data packet, but in this process, IP alone cannot achieve communication. It must also have the function of resolving the host name and MAC address, as well as the function of handling abnormal situations during the data packet sending process.

5.1 DNS

• When we visit a website, we usually do not use IP addresses, but a string of Roman letters and periods. And ordinary users do not use IP addresses when communicating using TCP/IP. This is possible because of the support of DNS (Domain Name System). DNS can automatically convert that string into a specific IP address.
• This DNS is applicable not only to IPv4 but also to IPv6.

5.2 ARP

• Once the IP address is determined, an IP datagram can be sent to the destination address. However, at the underlying data link layer, it is necessary to know the MAC address corresponding to each IP address for actual communication.
• ARP is a protocol that solves address problems. It uses the target IP address as a clue to locate the MAC address of the next network device that should receive the data packet. However, ARP is only applicable to IPv4 and cannot be used for IPv6. In IPv6, ICMPv6 can be used instead of ARP to send neighbor discovery messages.
• RARP is a protocol that reverses ARP and locates the IP address from the MAC address.

5.3 ICMP

• The main functions of ICMP include confirming whether the IP packet is successfully delivered to the destination address, notifying the specific reasons why the IP packet is discarded during the sending process, and improving network settings.
• ICMP in IPv4 only plays a supporting role in supporting IPv4. That is to say, in the IPv4 era, even without ICMP, IP communication can still be achieved. However, in IPv6, the role of ICMP is expanded, and without ICMPv6, IPv6 cannot communicate normally.

5.4 DHCP

• It would be very tedious to set up IP addresses for each host one by one, especially when using laptops, smart terminals, tablets and other devices on the move, and you have to set up IP addresses every time you move to a new place.
• Therefore, in order to achieve automatic IP address setting and unified management of IP address allocation, the DHCP (Dynamic Host Configuration Protocol) protocol was created. With DHCP, as long as the computer is connected to the network, TCP/IP communication can be performed. In other words, DHCP makes plug-and-play possible.
• DHCP can be used not only in IPv4 but also in IPv6.

5.5 NAT

• NAT (Network Address Translator) is a technology used to use private addresses in a local network and switch to global IP addresses when connecting to the Internet.
• In addition to converting IP addresses, there is also NAPT (Network Address Ports Translator) technology that can convert TCP and UDP port numbers, thereby enabling communication with multiple hosts using one global IP address.
• NAT (NAPT) is actually a technology developed for IPv4, which is facing address exhaustion. However, NAT is also used in IPv6 to improve network security, and NAT-PT is often used in mutual communication between IPv4 and IPv6.

5.6 IP Tunnel

Two IPv6 networks sandwiching an IPv4 network

• In the network environment shown in the figure above, network A and network B cannot communicate directly. In order for them to communicate normally, the IP tunnel function must be used.
• The IP tunnel can integrate the IPv6 packets sent from network A into one data, and then add an IPv4 header to it before forwarding it to network C.
• Generally, the IP header is followed by the TCP or UDP header. However, in current applications, there are more and more cases where "the IP header is followed by another IP header" or "the IP header is followed by an IPv6 header". This communication method of appending a network layer header after the network layer header is called "IP tunneling".