Summary of basic knowledge of computer networks

• 1. Network layer division
• 2. OSI seven-layer network model
• 3. IP address
• 4. Subnet mask and network division
• 5. ARP/RARP protocol
• 6. Routing Protocol
• 7. TCP/IP protocol
• 8. UDP protocol　
• 9. DNS protocol
• 10. NAT Protocol
• 11. DHCP protocol
• 12. HTTP protocol
• 13. An example

The core content of computer network learning is the learning of network protocols. Network protocols are a set of rules, standards or agreements established for data exchange in computer networks. Because different users’ data terminals may adopt different character sets, the two need to communicate, and they must do so on a certain standard. A very vivid metaphor is our language. Our great country is vast and populous, and local languages ​​are also very rich, and there is a huge gap between dialects. The dialect of area A may not be acceptable to people in area B, so we have to establish a language standard for communication among people across the country, and this is the role of our Mandarin. Similarly, looking at the world, the standard language for us to communicate with foreign friends is English, so we have to study English hard.

Computer network protocols are as diverse as our languages. ARPA launched a network protocol called ARPANET from 1977 to 1979, which was widely popular. The main reason for this was that it launched the well-known TCP/IP standard network protocol. Currently, TCP/IP has become the “universal language” of the Internet. The following figure shows a schematic diagram of communication between different computer groups using TCP/IP.

1. Network layer division

In order to enable computers produced by different computer manufacturers to communicate with each other and to establish a computer network on a larger scale, the International Organization for Standardization (ISO) proposed the “Open System Interconnection Reference Model”, the famous OSI/RM model, in 1978. It divides the communication protocol of the computer network architecture into seven layers, from bottom to top: physical layer (Physics Layer), data link layer (Data Link Layer), network layer (Network Layer), transport layer (Transport Layer), session layer (Session Layer), presentation layer (Presentation Layer), application layer (Application Layer). The fourth layer completes the data transmission service, and the three layers above are user-oriented.

In addition to the standard OSI seven-layer model, common network layer divisions include TCP/IP four-layer protocol and TCP/IP five-layer protocol. The corresponding relationship between them is shown in the following figure:

2. OSI seven-layer network model

The TCP/IP protocol is undoubtedly the basic protocol of the Internet. Without it, it is impossible to surf the Internet. Any operation related to the Internet cannot be separated from the TCP/IP protocol. Whether it is the OSI seven-layer model or the four-layer or five-layer model of TCP/IP, each layer has its own exclusive protocol to complete its corresponding work and communicate with the upper and lower layers. Since the OSI seven-layer model is the standard hierarchical division of the network, we will take the OSI seven-layer model as an example to introduce it from bottom to top.

1) Physical Layer

Activate, maintain, and shut down the mechanical, electrical, functional, and process characteristics between communication endpoints. This layer provides a reliable physical medium for the upper layer protocol to transmit data. Simply put, the physical layer ensures that the original data can be transmitted on various physical media. The physical layer remembers two important device names, repeater (also called amplifier) ​​and hub.

2) Data Link Layer

The data link layer provides services to the network layer based on the services provided by the physical layer. Its most basic service is to reliably transmit data from the network layer to the target network layer of the adjacent node. To achieve this goal, the data link must have a series of corresponding functions, mainly: how to combine data into data blocks, which are called frames in the data link layer. Frames are the transmission units of the data link layer; how to control the transmission of frames on the physical channel, including how to handle transmission errors and how to adjust the transmission rate to match the receiver; and provide management of the establishment, maintenance and release of data link paths between two network entities. The data link layer provides reliable transmission on unreliable physical media. The functions of this layer include: physical address addressing, data framing, flow control, data error detection, retransmission, etc.

Important points to know about the data link layer:

• 1> The data link layer provides reliable data transmission for the network layer;
• 　　2> The basic data unit is frame;
• 　　3> Main protocol: Ethernet protocol;
• 　　4> Two important device names: bridge and switch.
• 3) Network Layer

The purpose of the network layer is to achieve transparent data transmission between two end systems. Specific functions include addressing and routing, connection establishment, maintenance and termination, etc. The services it provides make it unnecessary for the transport layer to understand the data transmission and switching technology in the network. If you want to remember the network layer in as few words as possible, it is “path selection, routing and logical addressing”.

The network layer involves many protocols, including the most important protocol, which is also the core protocol of TCP/IP – IP protocol. The IP protocol is very simple and only provides unreliable, connectionless transmission services. The main functions of the IP protocol are: connectionless datagram transmission, datagram routing and error control. The IP protocol is used in conjunction with the Address Resolution Protocol ARP, the Reverse Address Resolution Protocol RARP, the Internet Message Protocol ICMP, and the Internet Group Management Protocol IGMP to implement its functions. We will summarize the specific protocols in the following section. The key points about the network layer are:

• 　　1> The network layer is responsible for routing data packets between subnets. In addition, the network layer can also implement congestion control, internet interconnection and other functions;
• 　　2> The basic data unit is IP datagram;
• 　　3> Main protocols included:
• 　　IP protocol (Internet Protocol, Internet Protocol);
• 　　ICMP protocol (Internet Control Message Protocol);
• 　　ARP protocol (Address Resolution Protocol);
• 　　RARP protocol (Reverse Address Resolution Protocol).
• 　　4> Important equipment: router.

4) Transport Layer

The first is the end-to-end, host-to-host level. The transport layer is responsible for segmenting the upper layer data and providing end-to-end, reliable or unreliable transmission. In addition, the transport layer also has to deal with end-to-end error control and flow control issues. The task of the transport layer is to make the best use of network resources based on the characteristics of the communication subnet, to provide the functions of establishing, maintaining and canceling transmission connections between the session layers of the two end systems, and to be responsible for end-to-end reliable data transmission. At this layer, the protocol data unit for information transmission is called a segment or message. The network layer only transmits the data packet sent by the source node to the destination node according to the network address, while the transport layer is responsible for reliably transmitting the data to the corresponding port. Key points about the network layer:

• 1> The transport layer is responsible for segmenting upper layer data and providing end-to-end, reliable or unreliable transmission as well as end-to-end error control and flow control issues;
• 2> Main protocols included: TCP (Transmission Control Protocol), UDP (User Datagram Protocol);
• 3> Important equipment: gateway.

5) Session layer

The session layer manages the session process between hosts, that is, it is responsible for establishing, managing, and terminating the session between processes. The session layer also uses the insertion of checkpoints in the data to achieve data synchronization.

6) Presentation Layer

The presentation layer transforms the upper layer data or information to ensure that the information of one host application layer can be understood by the application of another host. The data conversion of the presentation layer includes data encryption, compression, format conversion, etc.

7) Application layer

Provides an interface for the operating system or network applications to access network services.

Session layer, presentation layer and application layer focus:

• 1> The basic unit of data transmission is message;
• 2> Main protocols included: FTP (File Transfer Protocol), Telnet (Remote Login Protocol), DNS (Domain Name Resolution Protocol), SMTP (Mail Transfer Protocol), POP3 (Post Office Protocol), HTTP (Hyper Text Transfer Protocol).

3. IP address

1) Network address

An IP address consists of a network number (including a subnet number) and a host number. The host number of a network address is all 0s, and the network address represents the entire network.

2) Broadcast address

The broadcast address is often called the directed broadcast address to distinguish it from the restricted broadcast address.

The broadcast address is the opposite of the host number of the network address. In the broadcast address, the host number is all 1. When a message is sent to the broadcast address of a network, all hosts in the network can receive the broadcast message.

3) Multicast address

Class D addresses are multicast addresses.

Let’s recall the A, B, C, and D class addresses:

Class A addresses start with 0, and the first byte is used as the network number. The address range is: 0.0.0.0~127.255.255.255; ( modified @2016.05.31 )

Class B addresses start with 10, and the first two bytes are used as the network number. The address range is: 128.0.0.0~191.255.255.255;

Class C addresses start with 110, and the first three bytes are used as the network number. The address range is: 192.0.0.0~223.255.255.255.

Class D addresses start with 1110 and have an address range of 224.0.0.0 to 239.255.255.255. Class D addresses are used as multicast addresses (one-to-many communication).

Class E addresses start with 1111 and have an address range of 240.0.0.0 to 255.255.255.255. Class E addresses are reserved for future use.

Note: Only A, B, and C have network numbers and host numbers. Class D and Class E addresses do not have network numbers and host numbers.

4）255.255.255.255

This IP address refers to the restricted broadcast address. The difference between the restricted broadcast address and the general broadcast address (direct broadcast address) is that the restricted broadcast address can only be used in the local network, and the router will not forward packets with the restricted broadcast address as the destination address; the general broadcast address can be broadcast locally or across network segments. For example: after the direct broadcast data packet on the host 192.168.1.1/30, another network segment 192.168.1.5/30 can also receive the datagram; if a restricted broadcast datagram is sent, it cannot be received.

Note: The general broadcast address (direct broadcast address) can pass through some routers (of course not all routers), while the restricted broadcast address cannot pass through routers.

5）0.0.0.0

It is often used to find one’s own IP address. For example, in our RARP, BOOTP and DHCP protocols, if a diskless machine with an unknown IP address wants to know its own IP address, it sends an IP request packet to the server in the local range (specifically, the range blocked by each router) with 255.255.255.255 as the destination address.

6) Loopback address

127.0.0.0/8 is used as a loopback address. The loopback address represents the address of the local machine and is often used for testing the local machine. The most commonly used one is 127.0.0.1.

7) Class A, B, and C private addresses

Private addresses are also called dedicated addresses. They are not used globally and only have local significance.

Class A private address: 10.0.0.0/8, range: 10.0.0.0~10.255.255.255

Class B private address: 172.16.0.0/12, range: 172.16.0.0~172.31.255.255

Class C private address: 192.168.0.0/16, range: 192.168.0.0~192.168.255.255

4. Subnet mask and network division

With the continuous expansion of Internet applications, the shortcomings of the original IPv4 have gradually been exposed, namely, the network number occupies too many positions and the host number has too few positions, so the host addresses it can provide are becoming increasingly scarce. At present, in addition to using NAT to allocate reserved addresses within the enterprise, a high-category IP address is usually redistributed to form multiple subnets for use by user groups of different sizes.

The main purpose here is to effectively use IP addresses in the case of network segmentation, by taking the high-order part of the host number as the subnet number, expanding or compressing the subnet mask from the usual network bit boundary, and creating more subnets of a certain type of address. However, when more subnets are created, the number of available host addresses on each subnet will be reduced compared to the original number.

What is a Subnet Mask?

The subnet mask is used to mark whether two IP addresses belong to the same subnet. It is also a 32-bit binary address, where each 1 represents a network bit and 0 represents a host bit. It is represented in dotted decimal like the IP address. If the two IP addresses have the same result when the bitwise AND calculation of the subnet mask is performed, it means that they belong to the same subnet.

When calculating the subnet mask, we must pay attention to the reserved addresses in the IP address, namely the “0” address and the broadcast address. They refer to the IP address when the host address or network address is all “0” or “1”. They represent the local network address and broadcast address and generally cannot be calculated.

Calculation of subnet mask:

For IP addresses that do not need to be divided into subnets, their subnet masks are very simple, that is, they can be written according to their definitions: For example, if a Class B IP address is 10.12.3.0, and there is no need to divide it into subnets, then the subnet mask of this IP address is 255.255.0.0. If it is a Class C address, then its subnet mask is 255.255.255.0. Other analogies are not described in detail. The key point we are going to introduce below is that for an IP address, its high-order host bits need to be used as the network number of the divided subnet, and the rest is the host number of each subnet. At this time, how to calculate the mask of each subnet.

Here is a summary of common interview questions about subnet masks and network division:

　　1) Calculate using the number of subnets

Before calculating the subnet mask, you must first figure out the number of subnets to be divided and the number of hosts required in each subnet.

(1) Convert the subnet number into binary representation;

If you want to divide the Class B IP address 168.195.0.0 into 27 subnets: 27=11011;

(2) Get the number of bits of the binary code, which is N;

This binary number is a five-digit number, N = 5

(3) Get the subnet mask of the IP address and set the first N bits of the host address to 1 to obtain the subnet mask for the subnet divided by the IP address.

Change the first 5 bits of the host address of the Class B subnet mask 255.255.0.0 to 1, and you get 255.255.248.0

2) Calculate using the number of hosts

To divide the Class B IP address 168.195.0.0 into several subnets, each with 700 hosts:

(1) Convert the host number into binary representation;

700=1010111100

(2) If the number of hosts is less than or equal to 254 (note that the two reserved IP addresses are removed), the binary number of the host is obtained as N, where N < 8. If it is greater than 254, then N > 8, which means that the host address will occupy more than 8 bits;

This binary number is ten digits, N=10;

(3) Use 255.255.255.255 to set all the host address bits of this type of IP address to 1, and then set all N bits from the back to the front to 0, which is the subnet mask value.

Set all the host addresses of the subnet mask 255.255.0.0 of the Class B address to 1, and get 255.255.255.255, and then set the last 10 positions to 0 from back to front, that is: 11111111.11111111.11111100.00000000, that is, 255.255.252.0. This is the subnet mask of the Class B IP address 168.195.0.0 that is to be divided into 700 hosts.

3) There is another type of question that requires you to plan the subnet addresses and calculate the subnet mask based on the number of hosts in each network. This can also be calculated according to the above principles.

For example, if a subnet has 10 hosts, the IP addresses required for this subnet are:

10＋1＋1＋1＝13

Note: The first 1 added refers to the gateway address required for this network connection, and the next two 1s refer to the network .

Because 13 is less than 16 (16 is equal to 2 to the fourth power), the host bit is 4. And 256-16=240, so the subnet mask is 255.255.255.240.

If a subnet has 14 hosts, many people often make the mistake of allocating a subnet with 16 addresses and forgetting to allocate an address to the gateway. This is wrong because 14+1+1+1=17, 17 is greater than 16, so we can only allocate a subnet with 32 addresses (32 is equal to 2 to the fifth power). In this case, the subnet mask is: 255.255.255.224.

5. ARP/RARP protocol

Address Resolution Protocol, or ARP, is a TCP/IP protocol that obtains physical addresses based on IP addresses. When a host sends information, it broadcasts an ARP request containing the target IP address to all hosts on the network and receives a return message to determine the target’s physical address. After receiving the return message, the IP address and physical address are stored in the local ARP cache and retained for a certain period of time. The next request directly queries the ARP cache to save resources. The Address Resolution Protocol is based on the mutual trust of each host in the network. Hosts on the network can send ARP reply messages autonomously. When other hosts receive the reply message, they will not detect the authenticity of the message and will record it in the local ARP cache. In this way, an attacker can send a fake ARP reply message to a host, so that the information it sends cannot reach the expected host or reaches the wrong host, which constitutes an ARP spoof. The ARP command can be used to query the correspondence between IP addresses and MAC addresses in the local ARP cache, add or delete static correspondence, etc.

An example of ARP workflow:

The IP address of host A is 192.168.1.1, and the MAC address is 0A-11-22-33-44-01;

The IP address of host B is 192.168.1.2, and the MAC address is 0A-11-22-33-44-02;

When host A wants to communicate with host B, the address resolution protocol can resolve host B’s IP address (192.168.1.2) into host B’s MAC address. The following is the workflow:

• (1) Based on the contents of the routing table on Host A, IP determines that the forwarding IP address used to access Host B is 192.168.1.2. Host A then checks its local ARP cache for a matching MAC address for Host B.
• (2) If host A does not find a mapping in the ARP cache, it will query the hardware address of 192.168.1.2, thereby broadcasting the ARP request frame to all hosts on the local network. The IP address and MAC address of the source host A are included in the ARP request. Each host on the local network receives the ARP request and checks whether it matches its own IP address. If the host finds that the requested IP address does not match its own IP address, it will discard the ARP request.
• (3) Host B determines that the IP address in the ARP request matches its own IP address, so it adds the IP address and MAC address mapping of Host A to the local ARP cache.
• (4) Host B sends an ARP reply message containing its MAC address directly back to Host A.
• (5) When Host A receives the ARP reply message from Host B, it updates the ARP cache with the IP and MAC address mapping of Host B. The local cache has a lifetime, and after the lifetime ends, the above process will be repeated again. Once the MAC address of Host B is determined, Host A can send IP communications to Host B.

Reverse Address Resolution Protocol, or RARP, is a protocol that converts the physical address of a host in a local area network into an IP address.

For example, if there is a host in the local area network that only knows the physical address but not the IP address, it can send a broadcast request for its own IP address through the RARP protocol, and then the RARP server will be responsible for answering it.

RARP protocol workflow:

• (1) Send a local RARP broadcast to the host, in which it declares its own MAC address and requests any RARP server that receives this request to assign an IP address;
• (2) After receiving this request, the RARP server on the local network segment checks its RARP list to find the IP address corresponding to the MAC address;
• (3) If it exists, the RARP server sends a response packet to the source host and provides this IP address to the other host for use;
• (4) If it does not exist, the RARP server will not respond.

6. Routing Protocol

Common routing protocols include: RIP protocol and OSPF protocol.

RIP protocol  : The underlying layer is Bellman-Ford algorithm. The metric for selecting routes is the number of hops. The maximum number of hops is 15. If it is greater than 15 hops, it will discard the data packet.

OSPF protocol  : Open Shortest Path First, the underlying layer is Dijkstra algorithm, which is a link state routing selection protocol. The metrics for selecting routes are bandwidth and delay.

7. TCP/IP protocol

The TCP/IP protocol is the most basic protocol of the Internet and the foundation of the Internet international network. It consists of the IP protocol of the network layer and the TCP protocol of the transport layer. In layman’s terms: TCP is responsible for discovering transmission problems. Once there is a problem, it sends a signal and requires retransmission until all data is safely and correctly transmitted to the destination. IP specifies an address for each Internet device.

The IP layer receives data packets sent by the lower layer (network interface layer such as Ethernet device driver) and sends the data packets to the higher layer-TCP or UDP layer; conversely, the IP layer also transmits data packets received from the TCP or UDP layer to the lower layer. IP data packets are unreliable because IP does not do anything to confirm whether the data packets are sent in sequence or have not been damaged. IP data packets contain the address of the host that sent it (source address) and the address of the host that received it (destination address).

TCP is a connection-oriented communication protocol. It establishes a connection through a three-way handshake and removes the connection when the communication is completed. Since TCP is connection-oriented, it can only be used for end-to-end communication. TCP provides a reliable data stream service and uses the “positive confirmation with retransmission” technology to achieve transmission reliability. TCP also uses a method called “sliding window” for flow control. The so-called window actually represents the receiving capacity and is used to limit the sending speed of the sender.

TCP message header format:

TCP protocol three-way handshake and four-way wave:

　　Note: seq : “sequance” sequence number; ack : “acknowledge” confirmation number; SYN : “synchronize” request synchronization flag; ACK : “acknowledge” confirmation flag ; FIN : “Finally” end flag.

TCP connection establishment process: First, the client sends a connection request message. After the server accepts the connection, it replies with an ACK message and allocates resources for this connection. After receiving the ACK message, the client also sends an ACK message to the server and allocates resources. In this way, the TCP connection is established.

TCP connection disconnection process: Assume that the client initiates a request to terminate the connection, that is, sends a FIN message. After the server receives the FIN message, it means “I have no data to send to you from the client side”, but if you still have data that has not been sent, you don’t have to rush to close the socket, you can continue to send data. So you send ACK first, “tell the client that I have received your request, but I am not ready yet, please continue to wait for my message.” At this time, the client enters the FIN_WAIT state and continues to wait for the FIN message from the server. When the server determines that the data has been sent, it sends a FIN message to the client, “telling the client, okay, I have sent the data here, and I am ready to close the connection.” After the client receives the FIN message, “it knows that it can close the connection, but it still does not trust the network and is afraid that the server does not know to close it, so it enters the TIME_WAIT state after sending ACK. If the server does not receive ACK, it can retransmit.” After receiving the ACK, the server “knows that it can disconnect.” If the client still does not receive a response after waiting for 2MSL, it proves that the server has been closed normally, so the client can also close the connection. Ok, the TCP connection is closed!

Why three-way handshake?

In the case of only two “handshakes”, suppose the Client wants to establish a connection with the Server, but because the datagram of the connection request is lost in the middle, the Client has to resend it; at this time, the Server only receives one connection request, so the connection can be established normally. However, sometimes the Client resends the request not because the datagram is lost, but because the data transmission process is blocked at a certain node due to a large amount of network concurrency. In this case, the Server will receive two requests in succession and continue to wait for two Client requests to send data to it… The problem lies here. The Cient actually has only one request, but the Server has two responses. In extreme cases, the Client may resend the request data many times, causing the Server to finally establish N multiple responses and wait, resulting in a huge waste of resources! Therefore, the “three-way handshake” is very necessary!

Why wave four times?

Imagine that you are a client and you want to disconnect all connections with the server. What should you do? The first step is to stop sending data to the server and wait for the server’s reply. But the story is not over yet. Although you stop sending data to the server, because you have established an equal connection before, it also has the initiative to send data to you; so the server has to stop actively sending data to you and wait for your confirmation. In fact, to put it bluntly, it is to ensure the complete execution of a contract between the two parties!

Protocols using TCP: FTP (File Transfer Protocol), Telnet (Remote Login Protocol), SMTP (Simple Mail Transfer Protocol), POP3 (relative to SMTP, used to receive emails), HTTP protocol, etc.

8. UDP protocol

UDP User Datagram Protocol is a connectionless communication protocol. UDP data includes destination port number and source port number information. Since communication does not require a connection, broadcast transmission can be achieved.

UDP communication does not require confirmation from the receiver and is an unreliable transmission. Packet loss may occur and programmers are required to verify programming in actual applications.

UDP is located at the same layer as TCP, but it does not care about the order, errors or retransmission of data packets. Therefore, UDP is not used for connection-oriented services that use virtual circuits. UDP is mainly used for query-response-oriented services, such as NFS. Compared with FTP or Telnet, these services need to exchange less information.

Each UDP message consists of two parts: the UDP header and the UDP data area. The header consists of four 16-bit (2-byte) fields, which respectively describe the source port, destination port, message length, and checksum of the message. The UDP header consists of 4 fields, each of which occupies 2 bytes, as follows:

• (1) Source port number;
• (2) Destination port number;
• (3) Datagram length;
• (4) Check value.

The protocols using UDP include: TFTP (Trivial File Transfer Protocol), SNMP (Simple Network Management Protocol), DNS (Domain Name Resolution Protocol), NFS, and BOOTP.

The difference between TCP and UDP : TCP is a connection-oriented, reliable byte stream service; UDP is a connectionless, unreliable datagram service.   

9. DNS protocol

DNS is the abbreviation of Domain Name System, which is used to name computers and network services organized into a domain hierarchy. It can be simply understood as converting URLs to IP addresses . Domain names are composed of a string of words or abbreviations separated by dots. Each domain name corresponds to a unique IP address. On the Internet, there is a one-to-one correspondence between domain names and IP addresses. DNS is a server that performs domain name resolution. DNS naming is used in TCP/IP networks such as the Internet to find computers and services through user-friendly names.

10. NAT Protocol

　　NAT Network Address Translation is a technology for accessing a wide area network (WAN). It is a conversion technology that converts private (reserved) addresses into legal IP addresses. It is widely used in various types of Internet access methods and various types of networks. The reason is simple. NAT not only perfectly solves the problem of insufficient IP addresses, but also effectively avoids attacks from outside the network, hiding and protecting computers inside the network.

11. DHCP protocol

DHCP (Dynamic Host Configuration Protocol) is a network protocol for local area networks. It uses the UDP protocol and has two main uses: to automatically assign IP addresses to internal networks or network service providers, and to provide users or internal network administrators with a means of central management of all computers.

12. HTTP protocol

HyperText Transfer Protocol (HTTP) is the most widely used network protocol on the Internet. All WWW files must comply with this standard. What requests does the 　　HTTP protocol include? 

GET: Request to read the information identified by the URL.

POST: Add information (such as comments) to the server.

PUT: Stores a document at the given URL.

DELETE: Delete the resource identified by the given URL.

Differences between POST and GET in 　　HTTP     

• 1) Get is to obtain data from the server, and Post is to send data to the server.
• 2) Get adds the parameter data queue to the URL pointed to by the Action attribute of the submitted form. The values ​​correspond to each field in the form one by one and can be seen in the URL.
• 3) The amount of data transmitted by Get is small and cannot be larger than 2KB; the amount of data transmitted by Post is larger and is generally set to be unlimited by default.
• 4) According to the HTTP specification, GET is used to obtain information and should be safe and idempotent.

• I.  Safe  means that the operation is used to obtain information rather than modify it. In other words, a GET request should generally not have side effects. That is, it only obtains resource information, just like a database query, and does not modify or add data, nor does it affect the status of the resource.
• II.  Idempotent  means that multiple requests to the same URL should return the same result.

13. An example

Enter http://www.baidu.com/ in the browser and execute the entire process.

Now suppose that if we enter http://www.baidu.com in the client (client) browser, and baidu.com is the server (server) to be accessed, the following is a detailed analysis of a series of protocol operations performed by the client to access the server:

• 1) The client browser resolves the IP address 220.181.27.48 of www.baidu.com through DNS, and finds the path from the client to the server through this IP address. The client browser initiates an HTTP session to 220.161.27.48, and then encapsulates the data packet through TCP and inputs it into the network layer.
• 2) At the client’s transport layer, the HTTP session request is divided into segments, and the source and destination ports are added. For example, the server uses port 80 to listen to the client’s request. The client randomly selects a port such as 5000 by the system to exchange with the server. The server returns the corresponding request to the client’s port 5000. Then use the IP address of the IP layer to find the destination.
• 3) The client’s network layer does not need to care about the application layer or the transport layer. Its main task is to determine how to reach the server by looking up the routing table. During this process, it may pass through multiple routers. These are all tasks completed by the router. I will not describe them in detail. It is nothing more than deciding which path to take to reach the server by looking up the routing table.
• 4) At the client’s link layer, the packet is sent to the router through the link layer, the MAC address of the given IP address is found through the neighbor protocol, and then an ARP request is sent to find the destination address. If a response is received, the IP data packet exchanged using the ARP request reply can now be transmitted, and then the IP data packet is sent to the server’s address.