在源主机的应用程序将它的数据,目的地地址,和所需的传输层在一个系统调用的参数的其他参数。
图1-4![]()
数据传输
传送层通过利用其附着到其已经创建的报头封装的数据,然后将其传递给互联网层。
The Internet layer encapsulates the data inside an IP header and passes it to the link layer.
The link layer (in this example, Ethernet) encapsulates the data as a frame inside an Ethernet header and trailer for transmission by the physical media.
Data is encoded as bits on the physical medium. This is called电子编码.
The Ethernet frame arrives at the interface of a router that is on the same segment. The router also has a connection to the wide area network (WAN). This router functions as a gateway.1
该IP包被提取并传送到路径的下一跳。在这一点上,整个操作是内部的路由器,其有效地切换从它的以太网接口到WAN接口的分组;在这个例子中,它是一个串行接口。这是路径切换,而不是交换式以太网。
The serial interface is configured to use high-level data link control (HDLC) as the WAN protocol, so the packet is encapsulated inside an HDLC frame, and then forwarded over the WAN to the next hop in the path. HDLC is a Layer 2 protocol in OSI terminology.
在每一跳中,IP数据包被提取,切换到出接口和封装为需要用于传输到下一跳。
Routing along the way to the final destination is facilitated by routing protocol operations in each hop. Path selection is based on IP address tables (routing tables) and routing algorithms, such as Open Shortest Path First (OSPF) and Interior Gateway Routing Protocol (IGRP). Large networks that are logically divided into “domains” also use special routing protocols for interdomain path selection, such as Border Gateway Protocol (BGP).
At the destination router, the IP packet is extracted and switched to an outbound Ethernet interface; the destination host is on this segment.
The packet is encapsulated inside an Ethernet header and trailer.
The Ethernet frame is encoded in electrical bits, transmitted over the physical medium, and delivered to the interface of the destination host.
因特网层提取从以太网帧中的IP分组,并将其传递到传输层。
传输层可确保所有段都在顺序和数据传送到主机应用程序。
TCP / IP协议族
规格在RFC 1122,“互联网主机通信层请求,”状态Internet主机必须实现从TCP / IP协议套件的每一层的至少一个协议。在的事实,链接,互联网和传输层协议必须工作的实现是运行轻,它可能会出现像IETF是“需要明显的。”另外的细节通过区分两类应用层协议澄清的要求:user protocols这给用户提供服务,支持协议能够使通用系统的功能。RFC作者解释说是每一个最常见的例子如下:
应用层的用户协议。远程登录, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).
应用层支持的协议。简单网络管理协议(SNMP),BOOTP,反向地址解析协议(RARP)和域名系统(DNS)。
表1-2通过这些协议和其他人今天广泛使用的1-5报价简短的定义。为了与典型的工业语言一致,OSI模型的术语描述在每个协议操作所述层。
Table 1-2 Application Layer Protocols
应用层协议 |
Description |
Domain Name System (DNS) |
A data query service that is used primarily to translate human-readable system names into IP addresses. The query parameter is an Internet host name that is associated with the address. It is called the Domain Name System instead of Host Name System because its services are of a global nature. For example, a Web site’s host name can be as simple as ABCD; the fully qualified domain name (FQDN) would be ABCD.com, assuming that it is operated by a commercial entity. Country domain names, such as .us or .uk, are based on ISO specification 3166. |
File Transfer Protocol (FTP) |
Enables users to transfer files to and from other hosts. Typically, FTP is used to transfer large files that are not e-mail friendly, such as images, hefty database files, or in my case, wedding photos from the wedding photographer. |
超文本传输协议(HTTP) |
在Internet上使用传输超文本标记语言(HTML)文件。自创建以来,越来越多的应用程序已建成为基础的Web页面的HTTP传输的信息。 |
Simple Mail Transfer Protocol (SMTP) |
传输电子邮件。SMTP是对用户完全透明。在幕后,SMTP所连接到远程计算机并传输邮件消息很像FTP传输文件。 |
简单网络管理协议(SNMP) |
设备管理的互联网标准协议nt. It reads data from device Management Information Base (MIB) tables, which can create performance and health reports. SNMP also sets parameters in remote devices, and it supports real-time event and alert generation. Software in the managed device is called an SNMP agent, while software at the operator’s end of the network is called a network management system. |
Kerberos的 |
集中认证管理广泛支持的安全协议。Kerberos使用一个特殊的应用,称为认证服务器,以验证密码和加密方案。 |
网络文件系统(NFS) |
由Sun Microsystems开发的网络文件共享协议。它允许计算机上的其他系统的访问和使用文件在网络上,好像他们是在本地磁盘上。这是通过分布式文件系统方案来实现的。这是一个远程文件管理的事实上的Internet标准。 |
远程登录 |
的因特网标准协议用于远程终端连接服务。尽管它是一个动手的用户,很多店采用自动化的脚本,定期打开Telnet会话来执行特定的功能。这是从安全和性能角度负的,因为它传递了未加密的数据包的网络结果和产生太多的通信开销。远程登录是由安全外壳(SSH),它提供加密和安全的远程终端访问所取代。 |
Server Message Block (SMB) |
Microsoft开发的一种文件共享网络协议。它允许计算机上的其他系统的访问和使用文件在网络上,好像他们是在本地磁盘上。 |
普通文件传输协议(TFTP) |
A simplified version of FTP. It lacks security and uses UDP for transport services (as opposed to TCP). TFTP has fewer capabilities than FTP and is used frequently in an automated fashion without generating an undue amount of network overhead traffic. |
Table 1-3 Session Layer Protocols
会话层协议 |
Description |
远程过程调用(RPC)会话层 |
器具分布式计算的客户端 - 服务器模型。它的主要功能是远程请求特定处理的执行。 |
Table 1-4 Transport Layer Protocols
传输层协议 |
Description |
安全外壳(SSH) |
用于安全远程登录功能,在原本不安全的网络。它缓慢地取代的Telnet作为远程接入的设备的优选方法。SSH有三个组成部分:安全外壳传输层协议(SSH-TRANS),其提供服务器的认证和完整性;用户认证协议(SSH-USERAUTH),它运行在传输层上并验证客户端侧用户到服务器;和连接协议(SSH-CONNECT),其通过SSH-USERAUTH并多路复用运行加密隧道成逻辑信道。 |
Transmission Control Protocol (TCP) |
因特网标准传送层协议。它是面向连接的,这就是为什么它被分类为可靠的传输协议,以及流定向。它负责拥塞控制,错误恢复和模块组件和测序,这是怎么认为重新排序的顺序到达了数据流。 |
用户数据报协议(UDP) |
The Internet standard for connectionless transport layer services. The word user indicates its role to support management functions, unlike TCP, which is part of how payload data is transmitted successfully over the Internet. SNMP uses the UDP protocol because its nature is such that maintaining a connection is unnecessary. Other applications might use UDP for performance reasons because it has none of the limitations imposed by having to maintain a connection. UDP offers better response times than TCP, but it has no error-recovery functions, which are left to higher layer protocols designed for use with UDP services. |
Table 1-5 Internet Layer Protocols
网络层协议 |
Description |
因特网控制消息协议(ICMP) |
一个扩展到IP便于错误消息和测试数据包的生成,并管理信息的消息。它一直是TCP / IP协议族从一开始的一部分,它是使知识产权工作的重要组成部分。它是如此的重要,事实上,RFC 1122,“互联网主机通信层的要求,”规定要求“主机软件的网络层必须实现IP和ICMP。” |
互联网协议(IP) |
对TCP / IP分组交换协议;它使用逻辑寻址。 |
Although developers have latitude for implementing the TCP/IP protocol suite, there are some stringent requirements to consider. A good example is the稳健性原则, which stresses that software is written in such a way that it deals with every conceivable error condition. The principle also involves performance in a network-friendly manner and drives the point home with specific verbiage, such as “be liberal in what you accept and conservative in what you send.”
To clarify, for applications that do not require reliable transport services, UDP is available. This is called a UDP/IP application, and it is distinct from TCP/IP.
螺母和协议操作的螺栓形式存在的每个数据单元的位级结构中的字段,它是否是一个帧,段或报文。根据在相同的逻辑结构内的一些点存在分层协议的讨论到目前为止,这些特定的单元,或组块,将数据。这个概念是在较高的水平在层叠通信示例本章中(具体地在步骤4)中所述。在这一点上,应用数据和应用层报头如果需要的话,那是唯一的属性的应用程序被封装的以太网首部和尾部带内传输和因特网层标头。在TCP / IP协议报头的作用是在路径的另一端连接到传送信息至其它的层和其相同的协议的对等体。(这是在相邻的层和相同的层相互作用,分别)。图1-5示出的应用数据封装为以太网帧,IP分组,和一个TCP段。
Datagram encapsulation
A common vehicle for malicious network activity is an altered header field. Attackers capture all (or part) of a message so that it can be used for illegal purposes. The first line of defense is to know which headers are subject to legitimate change and which headers need to be fixed at a specific value, either because of protocol requirements or local security policies. The following list includes high-level categories for expected header behavior. Detailed IP header information is displayed later in this chapter:
Inferred.可以从其他值来推断值。一个例子是数据包长度。
Static.在这些领域的价值预计将整个数据包流的一生不变;他们必须至少一次沟通。IP版本号就是一个例子。
Static-Def. Static fields whose values define a packet stream. IP source and destination addresses are in this classification.
Static-Known.静态字段被预期具有公知的值,并且不需要被传送,诸如IP版本4(IPv4)报头长度字段。
更改。These fields are expected to vary randomly within a limited value set or range; the TTL field is an example.
Internet Protocol
IP是一个主要的公关otocol of the OSI Model and, as its name suggests, an integral part of TCP/IP. Although the word Internet appears in its name, IP is not restricted to use on the global Internet, where it is implemented on all participating hosts. So, what’s in a name? Readers interested in Internet history may enjoy visiting one of several Web sites that the Internet Society sponsors. The society rests at the top of a loosely formed organization of engineers, researchers, operators, and visionaries from the academic community. The IETF is connected to that hierarchy and, through its working groups, keeps the Internet running and is involved in its continued evolution. The URL for the IETF site ishttp://www.ietf.org/.
因为它是无连接的,使用逻辑寻址,IP很容易移植到从互联网隔离的网络。这是谁的需要高效的企业网络,今天机器对机器通信的管理人员的最佳选择,但必须对Internet连接准备明天。作为一个实际问题,与非IP网络相比,现有的IP基础设施比较便宜迁移到互联网或外联网2与其他组织连接。NetWare的环境中,IPX是一个竞争的协议,面临着更大的挑战,因为需要增长成为现实。
关于IP的一个关键概念是,它是一个路由协议,而不是一个路由协议。一个IP数据包知道它会在网络中,因为它拥有寻址是唯一的目的地信息。此外,它只能被发往IP主机,因为它包含的IP地址被称为此。为了达到这个目的,分组取决于路由协议通过创建在基础设施设备的路由表(因此称为路由器),以指导其路径。的依赖路由在协议routing协议只是一个小样本,虽然是重要的一个,更大的一组软件实体保持连接的电子世界之间的相互作用的。
IP提供两个基本目的:解决和碎片。该协议是严格的结构,并且其寻址能力逻辑部分并不意味着逻辑或虚拟电路。分段和重组被用于遍历网络3where transmission units are smaller than at the packet’s source.
Engineers who have supported Ethernet segments might have a better grasp of what connectionless means, at least in the context of TCP/IP. They learned quickly enough that, however voluminous the trouble calls were from first-level support personnel, collisions were generally a good thing. As a shared medium, Ethernet reported collisions when multiple hosts transmitted simultaneously, mainly so some would back off and wait in line to retransmit. Too many collisions were symptomatic of error conditions, but more often than not, there was no cause for alarm. Just as “management events” might have been a better term than “collisions,” connectionless is a better term than “unreliable” when discussing IP. One of the reasons that IP is a robust, efficient protocol is that it leaves time-consuming tasks, such as looking up addresses in routing tables, to resident modules in devices along its path. By design, it is not involved in connection establishment and has no flow-control mechanism. When reliable delivery is necessary, the connection-oriented, higher layer protocol, TCP, produces that service.