aps审核-computer network

计算机网络面试准备知识点

1. OSI model

? The OSI model can be briefly summarized as follows

Physical layer, concerned with transmitting raw bits over a communication channel. And make sure on side sends 1 bit, it is received by the other side as a 1 bit.

Data Link, the main task of data link is to transform a row transmission facility into a line.

Network Layer, control the operation of subnet. A key design issue is determining how packets are routed from source to destination.

Transport layer, accept data from above, split it into smaller units if necessary, pass these to network layer, and ensured that the pieces all arrive correctly at the end. Session layer, allows user toon different machines to establish sessions between them/

Presentation layer, is concerned with syntax and semantics of the information transmitted.

Application layer contains a variety of protocols that are commonly needed by users. One widely-used application protocol is HTTP hyper text transfer protocol, which is the basic for World Wide Web.

OSI (Open Systems Interconnection): Application Process to process Layer Presentation Data translator 提供信息的表示方式 转为ASCII码值 Layer表示层 Session Layer Create/delete/manage sessions between end-user 会话层 application process (Remote Procedure Call) Transport Layer Flow control 流控制 传输层 TCP (Transmission Control Protocol) for connection-oriented transmission (stateful) UDP (User Datagram Protocol) for stateless message transmission Network Layer Packet forwarding, data transfer from a source to 网络层 destination Date Link Layer Data transfer between adjacent nodes 相邻结点 in wide 数据链路层 area network / nodes in local area network Protocol: PPP for point-to-point Ethernet for local area network MAC: media access control (two person say something) 介质访问控制 Physical Layer Basic hardware transmission techniques 物理层 2. TCP/IP ? TCP/IP:

The Internet Protocol Suite (commonly TCP/IP) is the set of communications protocols used for the Internet and other similar networks TCP Protocol: Transmission Control Protocol (TCP) UDP Protocol: User Datagram Protocol Difference:

TCP (\means that upon communication it requires handshaking to set up end-to-end connection. A connection can be made from client to server, and from then on any data can be sent along that connection.

Reliable - TCP manages message acknowledgment, retransmission and timeout. Many attempts to reliably deliver the message are made. If it gets lost along the way, the server will re-request the lost part. In TCP, there's either no missing data, or, in case of multiple timeouts, the connection is dropped.

? Ordered - if two messages are sent along a connection, one after the other, the first message will reach the receiving application first. When data packets arrive in the wrong order, the TCP layer holds the later data until the earlier data can be rearranged and delivered to the application.

? Heavyweight - TCP requires three packets just to set up a socket, before any actual data can be sent. It handles connections, reliability and congestion control. It is a large transport protocol designed on top of IP.

? Streaming - Data is read as a \packet ends and another begins. Packets may be split or merged into bigger or smaller data streams arbitrarily.

?

Three-way handshake:

To establish a connection, TCP uses a three-way handshake. Before a client attempts to connect with a server, the server must first bind to a port to open it up for connections: this is called a passive open. Once the passive open is established, a client may initiate an active open. To establish a connection, the three-way (or 3-step) handshake occurs: 1. 2. 3. 4.

The active open is performed by the client sending a SYN to the server. In response, the server replies with a SYN-ACK. Finally the client sends an ACK back to the server TCP/IP

Protocol stack for wide area networks Application Layer Process to Process (HTTP) How a web browser communicates with web server Transport Layer Host to Host, Transmission Control Protocol (TCP) Internet Layer (IP) connect local network Link Layer Communicate techniques for local network (Ethernet) 4.子网的划分Explain why and how to subnet

掩码用来确认大网里面有多少个子网，从而确认IP地址所在的网络号 默认掩码意味着没有将x类大网划分成小网

5. Switching and routing Hub, Switch, Router的区别：

网桥bridge：数据链路层互联的设备。最常用于连接两个局.域网。

集线器hub：物理层的设备。带宽 bandwidth共享方式将计算机连在一起。 交换机switch：数据链路层的设备。带宽独享，起到数据快速交换的作用。 路由器router：网络层设备。用于子网之间的通信。 Hub:

4/6/8/12/16端口，数据包发给所有端口，由端口确定该数据包是不是自己的，不是就丢弃。端口多时产生大量广播信息broadcast message，数据冲突 data collision和堵塞。

Switch：

DataLink Layer

基于MAC地址maintain routing table. 根据表中信息直接传递数据包到目的端口。

如果B和C同时发数据给A，则产生数据冲突，B和C取消发送，监听网络。随机等待时间重新发送。直到收到接收方的acknowledge后，其他机器才可以重新用通路

Router:

Network Layer

Link different networks 基于IP address传递

Traffic directing functions 7.

HTTP: 超文本传输协议

Hyper text Transfer Protocol

Application protocol for distributed system分布式计算机系统, request-response protocol 请求-应答协议

An HTTP session is a sequence of network request-response transactions. An HTTP client initiates a request by establishing a Transmission Control Protocol (TCP) connection to a particular porton a server (typically port 80; see List of TCP and UDP port numbers). An HTTP server listening on that port waits for a client's request message. Upon

receiving the request, the server sends back a status line 状态行, such as \is typically the requested resource, although an error message or other information may also be returned.

Use port / source IP address / target IP address / protocol to control the incoming and outgoing network traffic.

ARP (Address Resolution Protocol): 地址解析协议

A telecommunications protocol 远程通信协议 used for resolution of network layer address to data link layer address

For example, the computers Matterhorn and Washington are in an office, connected to each other on the office local area network by Ethernet cables and network switches, with no

intervening gateways or routers. Matterhorn wants to send a packet to Washington. Through other means, it determines that Washington's IP address is 192.168.0.55. In order to send the message, it also needs to know Washington's MAC address. First, Matterhorn uses a cached ARP table to look up 192.168.0.55 for any existing records of Washington's MAC address (00:eb:24:b2:05:ac). If the MAC address is found, it sends the IP packet on the link layer to address 00:eb:24:b2:05:ac via the local network cabling. If the cache did not produce a result for 192.168.0.55, Matterhorn has to send a broadcast ARP message (destination

FF:FF:FF:FF:FF:FF) requesting an answer for 192.168.0.55. Washington responds with its MAC address (00:eb:24:b2:05:ac). Washington may insert an entry for Matterhorn into its own ARP table for future use. The response information is cached in Matterhorn's ARP table and the message can now be sent.

ARP是正向地址解析协议，通过已知的IP，寻找对应主机的MAC地址。

IP address = Network No + Host No

在TCP/IP协议中，TCP协议提供可靠的连接服务，采用三次握手建立一个连接。

第一次握手：建立连接时，客户端发送syn包(syn=j)到服务器，并进入SYN_SEND

状态，等待服务器确认；

第二次握手：服务器收到syn包，必须确认客户的SYN（ack=j+1），同时自己也发送一个SYN包（syn=k），即SYN+ACK包，此时服务器进入SYN_RECV状态；

第三次握手：客户端收到服务器的SYN＋ACK包，向服务器发送确认包

ACK(ack=k+1)，此包发送完毕，客户端和服务器进入ESTABLISHED状态，完成三次握手。 MAC address: the unique identifier for network interface on communication on data link layer

就相当于网卡的身份证号码，用mac地址可以识别上网用户是哪台机器

Port:

A port is associated with an IP address of the host, as well as the type of protocol used for communication.

SMTP：simple message transfer protocol 简单邮件传输协议 POP: post office protocol 邮局协议

The SMTP service application usually listens on TCP port 25 for incoming requests.

The POP service listens on TCP port number 110. Both services may be running on the same host computer, in which case the port number distinguishes the service that was requested by a remote computer 由于每种网络的服务功能都不相同，因此有必要将不同的封包送给不同的服务来处理，所以啰，当你的主机同时开启了FTP与 WWW 服务的时候，那么别人送来的资料封包，就会依照 TCP 上面的 port 号码来给 FTP 这个服务或者是 WWW 这个服务来处理，当然就不会搞乱啰！（注：嘿嘿！有些很少接触到网络的朋友，常常会问说：咦！为什么你的计算机同时有 FTP、WWW、E-Mail 这么多服务，但是人家传资料过来，你的计算机怎么知道如何判断？计算机真的都不会误判吗？！现在知道为什么了吗？！对啦！就是因为 port 不同嘛！你可以这样想啦，有一天，你要去银行存钱，那个银行就可以想成是主机，然后，银行当然不可能只有一种业务，里头就有相当多的窗口，那么你一进大门的时候，在门口的服务人员就会问你说：\嗨！你好呀！你要做些什么事？\你跟他说：\我要存钱呀！\，服务员接着就会告诉你：喝！那么请前往三号窗口！那边的人员会帮您服务！这个时候你总该不会往其它的窗口跑吧？！ \这些窗口就可以想成是port 啰！所以啦！每一种服务都有特定的 port 在监听！您无须担心计算机会误判的问题呦！ )

Network socket:

A network socket is an endpoint of an inter-process communication flow across a computer network. 一台主机犹如布满各种插座的房间，每个插座有一个编号，有的插座提供220伏交流电， 有的提供110伏交流电，有的

则提供有线电视节目。 客户软件将插头插到不同编号的插座，就可以得到不同的服务。

Gateway: is an interface of one network from another network

从一个房间走到另一个房间，必然要经过一扇门。同样，从一个网络向另一个网络发送信 息，也必须经过一道“关口”，这道关口就是网关。顾名思义，网关（Gateway）就是一个网络连接到另一个网络的“关口”。也就是网络关卡 如果网络A中的主机发现数据包的目的主机不在本地网络中，就把数据包转发给它自己的网关，再由网关转发给网络B的网关，网络B的网关再转发给网络B的某个主机（如附图所示）。网络A向网络B转发数据包的过程。

Domain Name System (DNS): 域名服务器 Serves as a phone book. A domain name service resolves queries to translate hostname into IP address.

On the Internet, a hostname is a domain name assigned to a host computer. This is usually a combination of the host's local name with its parent domain's name. For example, en.wikipedia.org consists of a local hostname (en) and the domain name wikipedia.org. This kind of hostname is translated into an IP address via the local hosts file, or the Domain Name System (DNS) resolver.

信息安全 Information security

概念：To protect the confidentiality, integrity and authenticity of the information that is transfering, exchanging and storaging in the public communication network and control the spread of information and its content, through the various computer, network, password technology and information security technology.

内容：加密技术Encryption technique 安全等级 level security

举例：

A 凯撒密码Caesar Cipher: the eatlist cryptography 最早的密码系统

加密技术Encryption technique.i

It is a type of substitution cipher in which each letter in the plaintext is replaced by a letter some fixed number of positions down the alphabet. For example, with a shift of 3, A would be replaced by D, B would become E, and so on.

Public-key encryption is based on each user having two keys:

Public key —— publicly published key used to encrypt data, but

cannot be used to decrypt data.

Private key —— key known only to individual user, and used to

decrypt data. Need not be transmitted to the site doing encryption. 1. 一个公钥对应一个私钥。

2. 密钥对中，让大家都知道的是公钥，不告诉大家，只有自己知道的，是私钥。 3. 如果用其中一个密钥加密数据，则只有对应的那个密钥才可以解密。

加密密钥公开：

比如有两个用户Alice和Bob，Alice想把一段明文通过双钥加密的技术发送给Bob，Bob有一对公钥和私钥，那么加密解密的过程如下： 1. Bob将他的公开密钥传送给Alice。

2. Alice用Bob的公开密钥加密她的消息，然后传送给Bob。 3. Bob用他的私人密钥解密Alice的消息。 解密密钥公开：

数字签名 Digital Signature.

身份认证和加密就不同了，主要用户鉴别用户的真伪。这里我们只要能够鉴别一个用户的私钥是正确的，就可以鉴别这个用户的真伪。

还是Alice和Bob这两个用户，Alice想让Bob知道自己是真实的Alice，而不是假冒的，因此Alice只要使用公钥密码学对文件签名发送给Bob，Bob使用Alice的公钥对文件进行解密，如果可以解密成功，则证明Alice的私钥是正确的，因而就完成了对Alice的身份鉴别。整个身份认证的过程如下：

1. Alice用她的私人密钥对文件加密，从而对文件签名。 2. Alice将签名的文件传送给Bob。

3. Bob用Alice的公钥解密文件，从而验证签名。

IP

The Internet Protocol (IP) is the principal communications protocol used for relaying广播 datagrams (packets) across an internetwork using the Internet Protocol Suite. Responsible for routing packets across network boundaries, it is the primary protocol that establishes the Internet.

IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering datagrams from the source host to the destination host solely based on their addresses. For this purpose, IP defines addressing methods and structures for datagram encapsulation.

The first major version of IP, now referred to as Internet Protocol Version 4 (IPv4) is the dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6) is in active, growing deployment worldwide.

本文来源：https://www.bwwdw.com/article/dx1w.html