Location>code7788 >text

Computer Networking Frequently Asked Questions (I): TCP/IP five-layer model, TCP three handshakes, four handshakes, TCP Transmission Reliability Guarantee, ARQ Protocol

Popularity:664 ℃/2024-11-06 20:21:04

Article Catalog

I. TCP/IP five-layer model (important)

II. Common protocols at the application layer

III. TCP and UDP

  • 3.1 Difference between TCP, UDP (important)

  • 3.2 Protocols running on TCP, UDP

  • 3.3 Three handshakes and four waves of TCP

    • 3.3.1 TCP's three handshakes
    • 3.3.2 Four Waves of TCP
    • 3.3.3 Reasons for randomly generated serial numbers

IV. TCP Transmission Reliability Guarantee

  • 4.1 Ensuring transmission reliability

  • 4.2 Implementation of flow control

    • Sending Window
    • reception window

  • 4.3 Implementation of Congestion Control

  • 4.4 ARQ Protocol

    • Stop waiting for ARQ protocol
    • ARQ protocol

V. ARP protocol

  • 5.1 MAC address

  • 5.2 How the ARP protocol works

    • MAC addressing within the same LAN
    • MAC addresses in different LANs

This article for the computer interview, written test process is often asked computer network class questions, do a sort of summary, easy to view their own learning, but also want to provide a reference for other job search, learning partners.

I. TCP/IP five-layer model (important)

TCP/IP five-layer model: application layer, transport layer, network layer, data link layer, physical layer

  • Application layer: provides interaction services for programs. There are many application layer protocols in the Internet, such as the domain name system DNS, the HTTP protocol, the SMTP protocol
  • Transport Layer: Responsible for providing data transfer services for communication between two host processes. The main protocols are Transmission Control Protocol (TCP) and User Data Protocol (UDP).
  • Network layer: Selection of appropriate routing and switching nodes to ensure timely delivery of data, including IP protocols
  • Data Link Layer: When transmitting data between two neighboring nodes, the IP packets handed off from the network layer are assembled into frames, and the frames are transmitted on the link between the two neighboring nodes
  • Physical layer: realize transparent transmission of bit streams between neighboring nodes, shielding the transmission medium and physical device differences as much as possible.

II. Common protocols at the application layer

HTTP (Hypertext Transfer Protocol): designed primarily for communication between Web browsers and Web servers

SMTP (Simple Mail Transfer Protocol): The process of sending an e-mail (my e-mail "1@"to the target mailbox."2@"Mail occurs)

  • Give my written emails to the 163 email server (post office) via the SMTP protocol
  • The 163 email server found out that the email I sent from was a qq email, and then used the SMTP protocol to forward my email to the qq email server
  • qq mailbox server notify mailbox after receiving mail "2@"The user comes to receive mail, and then the user takes the mail out via the POP3/IMAP protocols

Determine that the mailbox really exists?

  1. Find the SMTP server address corresponding to the mailbox domain name

  2. Trying to establish a connection with the server

  3. Try to send an email to the mailbox that needs to be authenticated after successful connection

  4. Determine the authenticity of the e-mail address based on the returned results

POP3/IMAP (both are protocols responsible for mail reception)

FTP (File Transfer Protocol): Mainly provide file transfer services, based on TCP to achieve reliable transmission, the transmission process can be shielded from the operating system and file storage mode

Designed based on the client-server model, it establishes two connections between the client and the server.

  • Control connection: used to transmit control information (commands and responses)

  • Data connection: for data transfer

Telnet (remote login protocol)

  • Logging in to other servers through a terminal, built on top of the reliable transport protocol TCP

  • Disadvantage: all data (including usernames and passwords) are sent in clear text, which is now being replaced by SSH

SSH (Secure Socket Hookup Protocol)

  • Built on top of the reliable Transmission Control Protocol TCP.
  • Protocols that prevent information leakage problems and are specifically designed to provide security for remote login sessions and other network services

III. TCP and UDP

What is TCP?? TCP is the Transmission Control Protocol, a connection-oriented, reliable, byte-stream-based transport layer communication protocol.

  • TCP: Used in scenarios where transmission accuracy is particularly important. For example, file transfer, sending and receiving e-mail, remote login, etc.
  • UDP: generally used for instant messaging. Such as voice, video, live broadcast

3.1 Difference between TCP, UDP (important)

TCP UDP
connection-oriented connectionless
Provision of reliable services No guarantee of reliable interaction
stateful stateless
byte stream oriented message-oriented
Slower transmission efficiency Faster transmission efficiency
congestion control No congestion control
Each TCP connection can only be stron Supports one-to-one, one-to-many, many-to-one, many-to-many
Header overhead 20 bytes First overhead 8 bytes

3.2 Protocols running on TCP, UDP

  • Protocols running on top of TCP: HTTP, HTTPS, FTP, SMTP, POP3/IMAP, Telnet, SSH
  • Protocols running on top of UDP
    • DHCP: Dynamic Host Configuration Protocol, dynamically configures IP addresses
    • DNS: The Domain Name System (DNS) translates human-readable domain names (e.g., ) into machine-readable IP addresses (e.g., 220.181.38.148), which can be thought of as a phone book designed for the Internet. In fact, DNS supports both UDP, TCP

3.3 Three handshakes and four waves of TCP

3.3.1 TCP's three handshakes

Suppose the sender is the client and the receiver is the server. The state of the client and server is CLOSED.

  • First handshake (without any state): the client initiates a request to the server to establish a connection, the client generates a random starting sequence number x. The client sends a field to the server that contains the flag bit SYN=1 and the sequence number seq=x. The state of the client after the first handshake is SYN-SENT. the state of the server at this time is LISTEN
  • Second handshake (guarantee: the client's ability to send, the server's ability to receive no problem): the server, after receiving the message from the client, will randomly generate a server's starting sequence number y, and then reply to the client with a message, the flag bit SYN = 1, the sequence number seq = y, ACK = 1, and the acknowledgement number ack = x + 1. After the second handshake, the server's state is SYN- RCVD (SYN=1 indicates that a connection is to be established with the client and ACK=1 indicates that the acknowledgement sequence number is valid)
  • Third handshake (guarantee: the client's ability to receive, the server's ability to send no problem): the client receives the message from the server, it will send another message to the server. ack = 1, the sequence number seq = x + 1, the acknowledgement number ack = y + 1. the client, the server's state changes to ESTABLISTED. at this time, the establishment of the connection is complete

A<-->B

  • The first packet, the SYN from A to B, is dropped midway and does not reach B

    • A will periodically timeout and retransmit until it receives an acknowledgement from B

  • The second packet, the SYN+ACK from B to A, is dropped midway and does not reach A

    • B will periodically timeout and retransmit until it receives an acknowledgement from A

  • The third packet, the ACK from A to B, is dropped midway and does not reach B -- A finishes sending the ACK and unilaterally considers TCP to be Established, while B apparently considers TCP to be Active

    • a. Assuming no data is sent by either party at this point, B will periodically time out and retransmit until it receives an acknowledgement from A
    • b. Assuming that A's data transmission is received at this point, B receives A's Data+ACK, naturally switches to the established state, and accepts A's Data
    • c. Assuming that B has data to send and the data cannot be sent, it will keep retransmitting SYN+ACK with periodic timeouts until it receives an acknowledgement from A to send the data

3.3.2 Four Waves of TCP

  • The application process of A first sends a connection release message segment (FIN=1, Seq=u) to B and stops sending any more data and actively closes the TCP connection into the FIN-WAIT-1 state.

  • B receives the connection release message segment and sends an acknowledgement message segment (ACK=1, ack=u+1, seq=v), and B enters the CLOSE-WAIT state, at which time TCP is in the half-closed state

  • After A receives B's acknowledgement, it enters the FIN-WAIT-2 state and waits for the connection release message segment from B

  • When B finishes sending data, it sends out a connection release message segment (FIN=1, seq=W, ACK=1, ack=u+1) and B enters the LAST-ACK state

  • After A receives the connection release message segment from B, it sends out an acknowledgement message segment (ACK=1, seq=u+1, ack=w+1), and A enters the TIME-WAIT state. At this time, the TCP is not released, it needs to wait for the time set by the timer 2MSL (the maximum message segment survival time), A enters the C1OSE state. B closes the connection after receiving the acknowledgement message segment sent by A. If it does not receive it, B will retransmit the connection release message segment.

common problems

1) Why did you wait 2 MSL for the four swings?
It is guaranteed that the last ACK message segment sent by A can reach B. This ACK message segment may be lost, and B cannot receive this acknowledgement message, it will time out and retransmit the connection release message segment, A can receive this retransmitted connection release message segment within this 2MSL time, then A retransmits the acknowledgement once more and restarts the 2MSL timer, and finally both A and B enter the CLOSED state. If A does not wait for a period of time in the TIME-WAIT state, but enters CLOSED immediately after sending the ACK message segment, it cannot receive the connection release message segment retransmitted by B. Then A will not send another acknowledgement message segment, and B will not enter CLOSED state normally.

2) Why four waves?
TCP is a full-duplex communication that can transmit data in both directions. Either party can send a connection release notification after the end of the data transfer, and then enter a semi-closed state after the other party confirms. When the other party also has no more data to send, the connection release notification is issued, and the other party confirms the complete closure of the TCP connection.

For example, A and B are on the phone.

  • First wave: A says, "I have nothing more to say."
  • Second wave: B replies "I see", but B may have more to say, and A cannot ask B to end the call at his own pace.
  • Third wave: so B probably blah-blah-blah-blah-blah, and finally B says, "I'm done."
  • Fourth wave: A replies "Got it" so that the call is over.

3.3.3 Reasons for randomly generated serial numbers

  • Provides security: protects against TCP sequence number prediction attacks and session hijacking
  • Avoiding interference from old connections: Ensure isolation of old and new connections to prevent old packets from interfering with new connections
  • Enhanced network reliability: reducing network delays and confusion caused by retransmissions

IV. TCP Transmission Reliability Guarantee

4.1 Ensuring transmission reliability

1. Data block-based transmission: application data is divided into blocks that TCP considers most suitable for sending before transmitting them to the network layer; the data blocks are called message segments or segments.

2. Out-of-order packet reordering and de-emphasis: TCP in order to ensure that no packet loss occurs, it gives each packet a sequence number, with the sequence number can be received according to the sequence number of the data sorting, and remove the sub-multiplexed sequence number of the data can be realized in the de-emphasis of the packet.

3. Checksum: TCP will keep a checksum of its header and data. This is an end-to-end checksum designed to detect any changes in the data during transmission. If there is an error in the checksum of a received segment, TCP will discard the segment and not acknowledge receipt of the segment.
4. retransmission mechanism: in the case of packet loss or delay, retransmit the packet until an acknowledgement answer (ACK) is received from the other party. tcp retransmission mechanisms are: timer-based retransmission (also known as timeout retransmission), fast retransmission (based on the receiver's feedback to trigger a retransmission), SACK (on the basis of the fast retransmission, the return of the most recently received segment of the packet sequence number range, so that the client knows what has arrived at the server), D-SACK (repeat SACK, carrying additional information to inform the sender of which packets have reached the server themselves). This way the client knows, which packets have reached the server), D-SACK (repeat SACK, which carries additional information on top of the SACK, informing the sender which packets have been received repeatedly by itself). For a detailed description of the retransmission mechanism, check out the article TCP Timeout and Retransmission Mechanism.

5. Flow Control: Each party to a TCP connection has a fixed-size buffer space, and the receiving end of TCP only allows the sending end to send data that the receiving end's buffer can accommodate. When the receiver is too late to process the sender's data, the sender can be prompted to reduce the rate of sending to prevent packet loss.TCP uses a variable-size sliding-window protocol for flow control (TCP utilizes a sliding window to achieve flow control).

6. Congestion Control: Reduces data delivery when the network is congested.TCP needs to consider two factors when sending data: the receiving capacity of the receiver and the congestion level of the network. The receiving capacity of the receiver is represented by a sliding window, which indicates how many buffers the receiver has left to receive data. The congestion level of the network is represented by the congestion window, which is a value maintained by the sender itself based on the network conditions and indicates the amount of data that the sender believes can be transmitted in the network. The size of the data sent by the sender is the minimum of the sliding window and the congestion window, which ensures that the sender neither exceeds the receiver's receiving capacity nor causes excessive congestion in the network.

4.2 Implementation of flow control

TCP utilizes a sliding window to implement flow control. Flow control is used to control the rate at which the sender sends, to ensure that the receiver has time to receive the. The Window field in the acknowledgement message sent by the receiver can be used to control the sender's window size, which affects the sender's sending rate. Setting the window field to 0 prevents the sender from sending data.

Why do you need flow control? This is because when the two sides are communicating, the sender's rate and the receiver's rate are not necessarily equal, and if the sender's rate is too fast, the receiver will not be able to handle it. If the receiver can't handle it, it can only store the data that can't be handled in thereceive buffer(Receiving Buffers) (out-of-order packets are also stored in the buffer). If the buffer is full and the sender is still sending data, the receiver has no choice but to discard the received packets. The packet loss problem occurs while at the same time wasting precious network resources. Therefore, we need to control the sending rate of the sender, so that the receiver and the sender are in a dynamic balance.

Here's something to keep in mind (a common misconception):

  • The sender is not the same as the client
  • The receiving end is not the same as the serving end

TCP is Full-Duplex (FDX) communication, both sides can communicate in both directions, the client and the server may be both the sender and the server. Therefore, each side has a send buffer and receive buffer, each side maintains a send window and a receive window. The size of the receive window depends on the application, system, hardware limitations (TCP transfer rate can not be greater than the application's data processing rate). Both sides of the communication send window and receive window requirements are the same

Sending Window

The TCP transmit window can be divided into four parts:

  1. TCP segments that have been sent and acknowledged (sent and acknowledged);
  2. TCP segments that have been sent but not acknowledged (sent unacknowledged);
  3. TCP segments that have not been sent but that the receiver is ready to receive (can be sent);
  4. TCP segments that have not been sent and are not ready to be accepted by the receiver (non-transmittable)

The TCP send window structure is illustrated:

reception window

The TCP receive window can be divided into three parts:

  1. TCP segments that have been received and acknowledged (received and acknowledged);
  2. Waiting for reception and allowing the sender to send TCP segments (can be received unacknowledged);
  3. Not receivable and sender not allowed to send TCP segments (not receivable)

The TCP receive window structure is illustrated:

The size of the receiving window is dynamically adjusted according to the speed of data processing at the receiving end. If the receiver reads data fast, the receive window may expand. Otherwise, it may shrink.

Also, the sliding window size here is for demonstration purposes only, the actual window size is usually much larger than this value.

4.3 Implementation of Congestion Control

At a certain time, if the demand for a resource in the network exceeds the available portion of that resource, the performance of the network has to deteriorate. This situation is called congestion.

  • Congestion control is all about preventing too much data from being injected into the network so that the routers or links in the network are not overloaded. All that congestion control has to do has a prerequisite that the network can handle the existing network load.
  • Congestion control is a global process that involves all hosts, all routers, and all factors associated with degrading network transmission performance. On the contrary.Flow control is often an end-to-end problem with point-to-point traffic control. What flow control does is suppress the rate at which the sender sends data so that the receiver has time to receive it.

For congestion control, the TCP sender maintains aCongestion window (cwnd) The state variables of the The size of the congestion control window depends on the level of congestion in the network and changes dynamically. The sender lets its sending window be taken as the smaller of the congestion window and the receiver's receiving window.

TCP's congestion control uses four algorithms, namelySlow Start, Congestion Avoidance, Fast Retransmission, and Fast Recovery. Routers can also be made to adopt appropriate packet discarding policies (e.g., Active Queue Management AQM) at the network layer to minimize the occurrence of network congestion.

  • slow start: The idea behind the slow start algorithm is that when the host starts sending data, if a large number of data bytes are injected into the network immediately, then it may cause network blocking because the compliance of the network is not known yet. Experience has shown that a better approach is to probe first, i.e., gradually increase the sending window from small to large, i.e., gradually increase the congestion window value from small to large. cwmd has an initial value of 1, and cwmd is doubled after each propagation round.
  • congestion avoidance: The idea of the congestion avoidance algorithm is to allow the congestion window cwmd to slowly increase, i.e., to add 1 to the sender's cwnd for every round trip time RTT.
  • Fast Retransmission and Fast Recovery: In TCP/IP, fast retransmit and recovery (FRR) is a congestion control algorithm that quickly recovers lost packets.
    • Without FRR, if a packet is lost, TCP will use a timer to request a transmission pause. During this time of pause, no new or duplicate packets are sent.
    • With FRR, if the receiver receives a data segment out of sequence, it immediately sends a duplicate acknowledgement to the transmitter. If the transmitter receives three duplicate acknowledgments, it assumes that the data segments indicated by the acknowledgments are missing and immediately retransmits those missing data segments. With FRR, there is no delay due to the pause required for retransmission.
      • Fast Retransmission and Recovery (FRR) works most efficiently when there are individual packet losses.
      • It does not work very effectively when there are multiple packets of data information that are lost within a certain short period of time.

4.4 ARQ Protocol

Automatic Repeat-reQuest (ARQ) is one of the error correction protocols for the data link and transport layers in the OSI model. It achieves reliable information transmission based on unreliable service by using two mechanisms: acknowledgement and timeout. If the sender does not receive an acknowledgement (ACK) within a certain period of time of sending, it usually resends until it receives an acknowledgement or retries more than a certain number of times

ARQ includes stop-wait ARQ, continuous ARQ protocols

Stop waiting for ARQ protocol

Stop ARQ protocol: realizes reliable transmission. Its basic principle is to stop transmitting after each packet, waiting for the other party to confirm (reply ACK), if after a period of time or not received ACK confirmation, it means that it was not sent successfully, need to re-send until the receipt of the confirmation and then send the next packet; if the receiver receives a duplicate packet, it will be discarded, but at the same time, there is still a confirmation of the delivery of the

  • Error-free situation: the sender sends a packet, the receiver receives it within a specified time and replies with an acknowledgement, and the sender sends it again.
  • In case of error (timeout retransmission): if no acknowledgement is received for more than a certain period of time, the previously sent packet is retransmitted. Therefore, a timeout timer needs to be set for each packet sent, and its retransmission time should be longer than the average round-trip time of data re-packetization transmission. This type of automatic retransmission is often called automatic retransmission request ARQ.
  • Confirmation of loss and confirmation of lateness
    • Acknowledgement Loss: Acknowledgement message is lost in transmission.A sends M1 to B, B receives it and sends an acknowledgement but it is lost in transmission.A is not aware of it and after the timeout period, A retransmits the M1 message and B receives it again and takes the following two steps
      • Discard this duplicate M1 message without delivering it to the upper layer
      • Send an acknowledgement message to A
    • Acknowledgement Late: Acknowledgement message is late in transmission. a sends M1 to B, B receives and sends an acknowledgement, A does not receive the acknowledgement within the timeout period, A retransmits M1, B receives and continues to send the acknowledgement (B receives two copies of M1). At this time, A receives the confirmation sent by B for the second time. After a while, A receives the first confirmation sent by B (A also receives two copies of the confirmation), processing is as follows
      • A receives duplicate confirmations and then simply discards them
      • When B receives a duplicate M1, it also discards the duplicate M1 directly

ARQ protocol

Continuous ARQ Protocol: Provides channel utilization. The sender maintains a sending window, and any packet within the sending window can be sent out consecutively without waiting for an acknowledgement from the other party. The receiver generally uses cumulative acknowledgements, sending an acknowledgement to the last packet to arrive in sequence, indicating that all packets up to that point have been received correctly.

  • Advantages: high channel utilization, easy to implement, no need to retransmit even if acknowledgement is lost
  • Disadvantage: Cannot reflect to the sender that the receiver has correctly received all packet information. For example: the sender sends 5 messages, the third one is lost in the middle, and the receiver can only send an acknowledgement for the first two. The sender can not know the whereabouts of the last three subgroups, so it has to re-transmit all the last three once, which is also called Go-Back-N (back N), indicating the need to go back and re-transmit the N messages that have been sent!

V. ARP protocol

Whenever we learn a new network protocol, we have to learn it in the context of the OSI seven-layer model, or the TCP/IP stack. One, we have to learn where the protocol fits into the overall network stack, and two, we have to learn what problems the protocol solves, and what is its status? Third, to learn how the protocol works, and some of the more in-depth details.

ARP protocol, arguably belonging to a protocol stack in aBottom-side, very important, yet very simpleCommunication protocols.

Before you start reading this article, you may want to take a look at the following questions:

  1. Location of the ARP protocol in the protocol stackThe ARP protocol has a very important place in the protocol stack, and after understanding how it works, it's hard to say whether it's a network-layer protocol or a link-layer protocol, because it exactly connects the network layer and the link layer in tandem. Most foreign tutorials usually place the ARP protocol at the network layer.
  2. What problem does the ARP protocol solve and what is its status? ARP protocol, the full name of theAddress Resolution Protocol (ARP)It solves the problem of translating between network layer addresses and link layer addresses. Because an IP datagram is physically transmitted, it is always necessary to know where the next hop (the physical next destination) should go, but the IP address belongs to the logical address, while the MAC address is the physical address, the ARP protocol solves the problem of converting an IP address to a MAC address.
  3. How does ARP work? Just a few key words I hope you will remember:ARP table, broadcast interrogation, unicast response

5.1 MAC address

MAC full nameMedia Access Control Address (MAC Address): If every resource in the Internet is uniquely identified by an IP address (IP protocol content), then all network devices are uniquely identified by a MAC address

It can be understood that the MAC address is the real ID number of a network device, and the IP address is just a way to locate it without repeating it (for example, the
Zhang San, who lives on a street in a city in a province, this logical location is the IP address, and it is his ID number that is his MAC address), or you can
see it asThe MAC address is the ID number and the IP address is the postal addressThe MAC address also has some aliases, such as LAN address, physical place
MAC addresses are portable, permanent, and can be used as a means to communicate with other users.

5.2 How the ARP protocol works

The ARP protocol works with one major premise, which is that theARP table

In a LAN, each network device maintains its own ARP table, which records the IP address-MAC address mapping relationship of certain other network devices, and the mapping relationship is stored in the form of <IP, MAC, TTL> triad. The TTL is the lifetime of the mapping relationship, typically 20 minutes, after which the entry is discarded.

  • Each host creates an ARP list in its own ARP buffer to represent the correspondence between IP addresses and MAC addresses.
  • When the source host needs to send a packet to the destination host, it will first check whether the MAC address corresponding to the IP address exists in its own ARP list, and if it does, it will send the packet directly to this MAC address; if it does not, it will launch an ARP request broadcast packet to the local segment to query the corresponding MAC address of this destination host. This ARP request packet includes the IP address of the source host, the MAC address, and the IP address of the destination host.
  • When all the hosts in the network receive this ARP request, they will check whether the destination IP in the packet is the same as the destination's IP address. If not, the packet is ignored; if it is, the host first adds the sender's MAC address and IP address to its own ARP list, overwrites that IP if it already exists in the ARP table, and then sends an ARP response packet to the source host, telling the other party that it is the MAC address it needs to find, and then sends an ARP response packet to the source host.
  • After the source host receives this ARP response packet, it adds the obtained IP address and MAC address of the destination host to its own ARP list and uses this information to start the transmission of data.
  • If the source host never receives an ARP response packet, it indicates an ARP query failure

The working of ARP will be discussed in two scenarios:

  1. MAC addressing on the same LAN;
  2. Addressing network devices from one LAN to another.

MAC addressing within the same LAN

Assume the following scenario: Host A, with IP address 137.196.7.23, wants to send an IP data message to Host B, with IP address 137.196.7.14, on the same LAN.

Again, when a host sends an IP data message (at the network layer), it only knows the IP address of the destination, not the MAC address of the destination, and the ARP protocol solves this problem.

In order to accomplish this, Host A will have to obtain the MAC address of Host B via the ARP protocol and encapsulate the IP packet into a link-layer frame and send it to the next hop. In this LAN, the following events will occur in chronological order regarding this:

  1. Host A searches its ARP table and finds that there is no mapping entry in the ARP table for Host B's IP address, so it has no way of knowing Host B's MAC address.

  2. Host A will construct an ARP query packet and broadcast it to its LAN.

    ARP packet is a special message, ARP packet has two types, one is query packet, the other is response packet, they have the same format, both contain the IP address of the sender and receiver, the sender and receiver MAC address. Of course, in the query packet, the IP address of the sender is the IP address of host A, the IP address of the receiver is the IP address of host B, and the MAC address of the sender is the MAC address of host A. However, the MAC address of the receiver will never be the MAC address of host B (because that's exactly what we're asking for!). , but rather a special value one FF-FF-FF-FF-FF-FF-FF-FF, and as said before, that MAC address is a broadcast address, which means that the query packet will be broadcast to all devices on that LAN.

  3. The query packet constructed by Host A will be broadcasted in this LAN, theoretically, every device will receive the packet and check whether the receiving IP address of the query packet is its own IP address, if yes, it means that the query packet has arrived at Host B, otherwise, the query packet is invalid for the current device, and it is discarded.

  4. Host B receives the query packet, verifies that it is a query to itself, and then constructs an ARP response packet, which is destined for a single host A, and sends it to host A. At the same time, host B extracts the IP address and MAC address information in the query packet, and constructs an IP-MAC mapping record for host A in its own ARP table.

    ARP response packets have the same construction as ARP query packets, except that the sending and receiving IP addresses are reversed, the sending MAC address is the sender itself, and the destination MAC address is the sender of the query packet; that is, ARP response packets have only a single destination, not a broadcast.

  5. Host A will eventually receive the response packet from Host B. After extracting the IP address and MAC address in the packet, it will construct the mapping information and add it to its ARP table.

There are a few points to add to the overall process:

  1. Host A wants to send an IP datagram to Host B. If Host B's IP-MAC mapping information already exists in Host A's ARP table, then Host A does not need to broadcast, but simply extracts the MAC address and constructs a link-layer frame to send.
  2. The mapping information in the ARP table has a survival period, typically 20 minutes.
  3. After the target host receives the inquiry message constructed by the inquiring host, it will first store the IP-MAC mapping of the inquiring host into its own ARP table, so that it can obtain the target MAC address of the response and send the response packet smoothly.

To summarize, the ARP protocol is aBroadcast inquiry, unicast responseAgreement.

MAC addresses in different LANs

A more complicated situation is that the sending host A and the receiving host B are not in the same subnet, assuming a general scenario where the subnets where the two hosts are located are connected by a router. It is important to note that in general, we say that a network device has an IP address and a MAC address, and a more rigorous way of saying network device would be to sayis an interfaceAs an interconnected device, a router has multiple interfaces, each of which should also have an unduplicated IP address and MAC address.. Therefore. when discussing ARP tables. multiple interfaces of a router each maintain an ARP table rather than one router maintaining only one ARP table.

Next, recalling MAC addressing within the same subnet, if host A sends a broadcast interrogation packet, all devices (interfaces) within the subnet where A is located will capture the packet because the destination IP of the packet is in the same subnet as the IP of the sending host A. However, when the destination IP is not in the same subnet as A, no device in A's subnet will successfully receive the packet. So, what kind of query packet should host A send? The events of the whole process in chronological order are as follows:

  1. Host A queries the ARP table expecting to find the MAC address of the local subnet interface of the target router.

    The destination router refers to the one that can forward the message to the subnet where B is located based on the IP address of the destination host B and analyzing the subnet where B is located.

  2. Host A fails to find the MAC address of the target router's home subnet interface, and will use the ARP protocol to ask for that MAC address. Since the target interface is on the same subnet as Host A, this process is the same as MAC addressing on the same LAN.

  3. Host A obtains the MAC address of the destination interface, first constructs an IP datagram where the source IP is the IP address of A and the destination IP address is the IP address of B, and then constructs a link layer frame where the source MAC address is the MAC address of A and the destination MAC address is theMAC address of the interface connected to the router in this subnet. Host A will send this link-layer frame, in unicast, to the target interface.

  4. The destination interface receives a link layer frame from Host A, parses it, and, based on the destination IP address, queries the forwarding table to forward the IP datagram to the interface connected to the subnet where Host B is located.

    At this point, the frame has moved from Host A's subnet to Host B's subnet.

  5. The router interface queries the ARP table expecting to find Host B's MAC address.

  6. If the router interface fails to find the MAC address of Host B, it will use the ARP protocol to broadcast a poll and unicast a response to obtain the MAC address of Host B. The router interface will use the ARP protocol to broadcast a poll and unicast a response to obtain the MAC address of Host B.

  7. The router interface will re-encapsulate the IP datagrams into link-layer frames, with the destination MAC address being the MAC address of host B. Unicast is sent until the destination.

consultationJavaGuide(Java Interview + Study Guide)

<Previous