The tcp/ip protocol is divided into several layers

TCP/IP protocol includes link layer, network layer, transport layer and application layer.

TCP/IP protocol (Transmission Control Protocol/Internet Protocol) is not a simple protocol, but a set of special protocols, including: TCP, IP, UDP, ARP, etc., these are called sub-agreement. Among these protocols, the most important and famous are TCP and IP. Therefore, most network administrators call the entire protocol suite "TCP/IP."

Layering:

In computer networks, the actually applied network protocol is the TCP/IP protocol family, TCP/IP The application layer generally corresponds to the application layer, presentation layer and session layer of the OSI/RM model. The network interface layer of TCP/IP corresponds to the data link layer and physical layer of OSI/RM, while the transport layer and network layer are in two Corresponds well in the model.

1. Link layer

The link layer is sometimes also called the data link layer or network interface layer. It usually includes the device driver in the operating system and the corresponding network interface card in the computer. . Together they handle the details of the physical interface to the cable (or any other transmission medium). The protocols that link link layer addresses and network layer addresses include ARP (Address Resolution Protocol, Address Resolution Protocol) and RARP (Reverse Address Resolution Protocol, Reverse Address Resolution Protocol).

2. Network layer

The network layer handles the activities of packets in the network, such as routing of packets. In the TCP/IP protocol suite, network layer protocols include IP protocol (Internet Protocol), ICMP protocol (Internet Control Message Protocol, Internet Control Message Protocol) and IGMP protocol (Internet Group Management Protocol, Internet Group Management Protocol) .

3. Transport layer

The transport layer mainly provides end-to-end communication for applications on two hosts. In the TCP/IP protocol suite, there are two different transmission protocols: TCP (Transmission Control Protocol, Transmission Control Protocol) and UDP (User Datagram Protocol, User Datagram Protocol).

4. Application layer

The application layer is responsible for handling specific application details. Almost various TCP/IP implementations provide the following common applications: Telnet remote login, SMTP (Simple Mail Transfer Protocol, simple mail transfer protocol), FTP (File Transfer Protocol, file transfer protocol), HTTP (Hyper Text Transfer Protocol, Hypertext Transfer Protocol), etc.

Core protocol:

1. IP protocol

Internet Protocol IP is the heart of TCP/IP and the most important protocol in the network layer.

The IP layer receives the data packet sent by the lower layer (network interface layer, such as Ethernet device driver) and sends the data packet to the higher layer - TCP or UDP layer; on the contrary, the IP layer Also transmits data packets received from the TCP or UDP layer to lower layers. IP packets are unreliable because IP does nothing to confirm that the packets were sent in order or that they were not corrupted. An IP packet contains the address of the host that sent it (source address) and the address of the host that received it (destination address).

When high-level TCP and UDP services receive data packets, they usually assume that the source address in the packet is valid. It can also be said that IP addresses form the basis of authentication for many services, which believe that data packets are sent from a valid host. IP confirmation contains an option called IPsource routing, which can be used to specify a direct path between the source address and the destination address. For some TCP and UDP services, IP packets using this option appear to be delivered from the last system on the path, rather than from its true location. This option exists for testing purposes, indicating that it can be used to trick the system into making connections that are normally prohibited. Therefore, many services that rely on IP source addresses for verification will cause problems and be hacked.

2. TCP protocol

If there are sealed TCP data packets in the IP data packet, then IP will transmit them "upward" to the TCP layer.

TCP sorts packets and performs error checking while realizing connections between virtual circuits. TCP packets include sequence numbers and acknowledgments, so packets received out of order can be sorted and damaged packets can be retransmitted.

TCP sends its information to higher-level applications, such as Telnet service programs and client programs. Applications take turns sending messages back to the TCP layer, which passes them down to the IP layer, device drivers and physical media, and finally to the receiver.

Connection-oriented services (such as Telnet, FTP, rlogin, XWindows, and SMTP) require a high degree of reliability, so they use TCP. DNS uses TCP in some cases (to send and receive domain name databases), but uses UDP to convey information about individual hosts.

3. UDP protocol

UDP and TCP are on the same layer, but the order of data packets is wrong or retransmitted. Therefore, UDP should not be used for connection-oriented services that use virtual circuits. UDP is mainly used for query-reply-oriented services, such as NFS. Relative to FTP or Telnet, these services require a smaller amount of information to be exchanged. Services that use UDP include NTP (Network Time Protocol) and DNS (DNS also uses TCP).

Spoofing UDP packets is easier than spoofing TCP packets, because UDP does not establish an initial connection (also called a handshake) (because there is no virtual circuit between the two systems), that is to say, UDP-related services face more Big danger.

4. ICMP protocol

ICMP is located at the same layer as IP and is used to transmit IP control information. It is mainly used to provide information about the path leading to the destination address. ICMP "Redirect" messages inform the host of a more accurate path to other systems, while "Unreachable" messages indicate problems with the path. In addition, ICMP can cause the TCP connection to be terminated "gracefully" if the path becomes unavailable. PING is the most commonly used ICMP-based service.

The above is the detailed content of The tcp/ip protocol is divided into several layers. For more information, please follow other related articles on the PHP Chinese website!