📄 networking-concepts-howto.txt
字号:
o Tridge's
| Work Machine ~~~~~~~~~~~~
Rusty's | { }
Work Machine o--------+-----------------o--{ The Internet }
| Firewall { }
| ~~~~~~~~~~~~
o Paul's
Work Machine
[1m4.1. Groups of IP Addresses: Network Masks[0m
There is one last detail: there is a standard notation for groups of
IP addresses, sometimes called a `network address'. Just like a phone
number can be broken up into an area prefix and the rest, we can
divide an IP address into a network prefix and the rest.
It used to be that people would talk about `the 1.2.3 network',
meaning all 256 addresses from 1.2.3.0 to 1.2.3.255. Or if that
wasn't a big enough network, they might talk about the `1.2 network'
which meant all addresses from 1.2.0.0 to 1.2.255.255.
We usually don't write `1.2.0.0 - 1.2.255.255'. Instead, we shorten
it to `1.2.0.0/16'. This weird `/16' notation (it's called a
`netmask') requires a little explanation.
Each number between the dots in an IP address is actually 8 binary
digits (00000000 to 11111111): we write them in decimal form to make
it more readable for humans. The `/16' means that the first 16 binary
digits is the network address, in other words, the `1.2.' part is the
the network (remember: each digit represents 8 binary digits). This
means any IP address beginning with `1.2.' is part of the network:
`1.2.3.4' and `1.2.3.50' are, and `1.3.1.1' is not.
To make life easier, we usually use networks ending in `/8', `/16' and
`/24'. For example, `10.0.0.0/8' is a big network containing any
address from 10.0.0.0 to 10.255.255.255 (over 16 million addresses!).
10.0.0.0/16 is smaller, containing only IP addresses from 10.0.0.0 to
10.0.255.255. 10.0.0.0/24 is smaller still, containing addresses
10.0.0.0 to 10.0.0.255.
To make things confusing, there is another way of writing netmasks.
We can write them like IP addresses:
10.0.0.0/255.0.0.0
Finally, it's worth noting that the very highest IP address in any
network is reserved as the `broadcast address', which can be used to
send a message to everyone on the network at once.
Here is a table of network masks:
Short Full Maximum Comment
Form Form #Machines
/8 /255.0.0.0 16,777,215 Used to be called an `A-class'
/16 /255.255.0.0 65,535 Used to be called an `B-class'
/17 /255.255.128.0 32,767
/18 /255.255.192.0 16,383
/19 /255.255.224.0 8,191
/20 /255.255.240.0 4,095
/21 /255.255.248.0 2,047
/22 /255.255.252.0 1,023
/23 /255.255.254.0 511
/24 /255.255.255.0 255 Used to be called a `C-class'
/25 /255.255.255.128 127
/26 /255.255.255.192 63
/27 /255.255.255.224 31
/28 /255.255.255.240 15
/29 /255.255.255.248 7
/30 /255.255.255.252 3
[1m5. Machine Names and IP Addresses[0m
So every interface on every node has an IP address. It was realized
quite quickly that humans are pretty bad at remembering numbers, so it
was decided (just like phone numbers) to have a directory of names.
But since we're using computers anyway, it's nicer to have the
computer look up the names for us automatically.
Hence we have the Domain Name System (DNS). There are nodes with well
known IP addresses which programs can ask to look up names, and return
IP addresses. Almost all programs you will use are capable of doing
this, which is why you can put `www.linuxcare.com' into Netscape,
instead of `167.216.245.249'.
Of course, you need the IP address of at least one of these `name
servers': usually these are kept in the `/etc/resolv.conf' file.
Since DNS queries and responses are fairly small (1 packet each), the
TCP protocol is not usually used: it provides automatic
retransmission, ordering and general reliability, but at a cost of
sending extra packets through the network. Instead we use the very
simple `User Datagram Protocol', which doesn't offer any of the fancy
TCP features we don't need.
[1m6. Different Services: Email, Web, FTP, Name Serving[0m
In the earlier example, we showed Netscape sending a TCP request to a
web server running on another node. But imagine that the node with
the web server is also running an Email server, an FTP server and a
name server: how does it know which server the TCP connection is for?
This is where TCP and UDP have a concept of `ports'. Every packet has
space for a `destination port', which says what service the packet is
for. For example, TCP port 25 is the mail server, and TCP port 80 is
the web server (although sometimes you find web servers on different
ports). A list of ports can be found in `/etc/services'.
Also, if two Netscape windows are both accessing different parts of
the same web site, how does the Linux box running Netscape sort out
the TCP packets coming back from the web server?
This is where the `source port' comes in: every new TCP connection
gets a different source port, so everyone can tell them apart, even if
they are going to the same destination IP address and the same
destination port. Usually the first source port given will be 1024,
and will increase over time.
[1m7. Dialup Interfaces: PPP[0m
When you dial your modem to an ISP, and it connects to their modem,
the kernel doesn't just shove IP packets through it. There is a
protocol called `Point-to-Point Protocol', or `PPP', which is used to
negotiate with the other end before any packets are allowed through.
This is used by the ISP to identify who is dialed up: on your Linux
box, a program called the `PPP daemon' handles your end of the
negotiation.
Because there are so many dialup users in the world, they usually
don't have their own IP address: most ISPs will assign you one of
theirs temporarily when you dial up (the PPP daemon will negotiate
this). This is often called a `dynamic IP address', as separate from
a `static IP address' which is the normal case where you have your own
address permanently. Usually they are assigned by modem: the next
time you dial up, you will probably get a different modem in the modem
pool, and hence a different IP address.
[1m8. What Packets Look Like[0m
For the exceptionally curious (and the curiously exceptional), here is
a description of what a packet actually looks like. There are several
tools which watch what packets are passing in and out of your Linux
box: the most common one is `tcpdump' (which understands more than TCP
these days), but a nicer one is `ethereal'. Such programs are known
as `packet sniffers'.
The start of each packet says where it's going, where it came from,
the type of the packet, and other administrative details. This part
is called the `packet header'. The rest of the packet, containing the
actual data being transmitted, is usually called the `packet body'.
So any IP packet begins with an `IP header': at least 20 bytes long.
It looks like (this diagram stolen shamelessly from RFC 791):
.-------+-------+---------------+-------------------------------.
|Version| IHL |Type of Service| Total Length |
|-------+-------+---------------+-------------------------------|
| Identification |Flags| Fragment Offset |
|---------------+---------------+-------------------------------|
| Time to Live | Protocol | Header Checksum |
|---------------+---------------+-------------------------------|
| Source Address |
|---------------------------------------------------------------|
| Destination Address |
`---------------------------------------------------------------'
The important fields are the Protocol, which indicates whether this is
a TCP packet (number 6), a UDP packet (number 17) or something else,
the Source IP Address, and the Destination IP Address.
Now, if the protocol fields says this is a TCP packet, then a TCP
header will immediately follow this IP header: the TCP header is also
at least 20 bytes long:
.-------------------------------+-------------------------------.
| Source Port | Destination Port |
|-------------------------------+-------------------------------|
| Sequence Number |
|---------------------------------------------------------------|
| Acknowledgment Number |
|-------------------+-+-+-+-+-+-+-------------------------------|
| Data | |U|A|P|R|S|F| |
| Offset| Reserved |R|C|S|S|Y|I| Window |
| | |G|K|H|T|N|N| |
|-------+-----------+-+-+-+-+-+-+-------------------------------|
| Checksum | Urgent Pointer |
`---------------------------------------------------------------'
The most important fields here are the source port, and destination
port, which says which service the packet is going to (or coming from,
in the case of reply packets). The sequence and acknowledgement
numbers are used to keep packets in order, and tell the other end what
packets have been received. The ACK, SYN, RST and FIN flags (written
downwards) are single bits which are used to negotiate the opening
(SYN) and closing (RST or FIN) of connections.
Following this header comes the actual message which the application
sent (the packet body). A normal packet is up to 1500 bytes: this
means that the most space the data can take up is 1460 bytes (20 bytes
for the IP header, and 20 for the TCP header): over 97%.
[1m9. Summary[0m
So the modern Internet uses IP packets to communicate, and most of
these IP packets use TCP inside. Special nodes called `routers'
connect all the little networks together into larger networks, and
pass these packets through to their destination. Most normal machines
are only attached to one network (ie. have only one interface), and so
are not routers.
Every interface has a unique IP address, which look like `1.2.3.4':
interfaces in the same network will have related IP addresses, with
the same start, the same way that phone connections in the same area
have the same prefix. These network addresses look like IP addresses,
with a `/' to say how much of them is the prefix, eg `1.2.0.0/16'
means the first two digits is the network address: each digit
represents 8 bits.
Machines are given names by the Domain Name Service: programs ask name
servers to give them the IP address, given a name like
`www.linuxcare.com'. This IP address is then used as the destination
IP address to talk to that node.
Rusty is really bad at writing documentation, especially for
beginners.
Enjoy!
Rusty.
[1m10. Thanks[0m
Thanks to Alison, for sitting through the original terrible draft, and
telling me how shit it was, in the nicest possible way.
[1m11. Index[0m
o ``100baseT''
o ``10base2''
o ``10baseT''
o ``Broadcast address''
o ``Coax, Coaxial cable''
o ``Computer network''
o ``Default route''
o ``Destination port''
o ``DNS, Domain Name Service''
o ``Dynamic IP address''
o ``Ethernet''
o ``Fiber''
o ``Gigabit Ethernet''
o ``Hop''
o ``Hub''
o ``Internet''
o ``IP, Internet Protocol''
o ``IP address''
o ``IP header''
o ``IPv4, IP version 4''
o ``IPv6, IP version 6''
o ``LAN, Local Area Network''
o ``Link-level protocol''
o ``Modem''
o ``Name server''
o ``Netmask''
o ``Network address, network mask''
o ``Network interface, interface''
o ``Network link''
o ``Network protocol, protocol''
o ``Node''
o ``Packet body''
o ``Packet header''
o ``Packet sniffer''
o ``Packet''
o ``Port, TCP port, UDP port''
o ``PPP, Point-to-Point Protocol''
o ``PPP daemon''
o ``Protocol stack''
o ``Retransmission''
o ``Route''
o ``Router''
o ``Routing''
o ``Sneakernet''
o ``Source port''
o ``Star-topology''
o ``Static IP address''
o ``Sub-network''
o ``TCP, Transmission Control Protocol''
o ``TCP header''
o ``Terminator''
o ``Topology''
o ``UDP, User Datagram Protocol''
o ``UTP, Unshielded Twisted Pair''
o ``WAN, Wide Area Network''
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -