1. Computer network foundation
1.1 communication mode between hosts
- Client server (C / s)
The client is the requester of the service, and the server is the provider of the service.
- Peer to peer (P2P)
Without distinguishing who is the client and who is the server, both sides can request and provide services to each other.
1.2 Circuit & packet switching
- packet switching
Each packet consists of head and tail, including source address and destination address and other control information. The simultaneous transmission of multiple packets on the same transmission line does not affect each other. Therefore, multiple packets can be transmitted simultaneously on the same transmission line, that is, packet switching will not occupy the transmission line.
- Circuit switching
Circuit switching is used in telephone communication system. Before establishing communication between two users, a special physical link is needed, and the link is always occupied in the process of communication. Because it is impossible to use the transmission line all the time in the communication process, the utilization ratio of circuit switching to the line is very low, usually less than 10%
1.3 time delay
- Queuing delay
The waiting time of packets in the input and output queues of the router depends on the current network traffic;
- Processing delay
Generally, these processes include analyzing the header, extracting data from the packet, error checking or finding the appropriate route, etc;
- Transmission delay
Time required for host or router to transmit data frame:
$$delay = length(bit)/v(bit/s)$$
lengthRepresents the length of the data frame,
vIndicates the transmission rate;
- Propagation delay
The propagation speed of electromagnetic wave is infinitely close to the speed of light
$$delay = length(m)/v(m/s)$$
lengthIndicates the length of the channel,
vRepresents the propagation speed of electromagnetic wave in the channel;
|physical layer||RJ45, clock, IEEE802.3 (repeater, hub)|
|data link||PPP, FR, HDLC, VLAN, MAC (bridge, switch)|
|network layer||IP, ICMP, ARP, RARP, OSPF, IPX, rip, IGRP (router)|
- OSI seven layer architecture
In order to connect the system developed under one network structure with the system developed under another network structure, so as to realize a higher level application, make the communication between heterogeneous computers possible, and facilitate the standardization of network structure, the international organization for Standardization (ISO) formed the OSI / RM (Open Systems Interconnection Reference Model) in 1984, The official document of OSI.
- Physical layer (PH):Some physical transmission media, such as twisted pair, coaxial cable and optical fiber, are needed to transmit information. The task of the physical layer is to provide a physical connection for the upper layer, and the mechanical, electrical, functional and process characteristics of the physical connection, so as to achieve transparent bit stream transmission. In this layer, the data has not been organized and is only submitted to the upper layer, the data link layer, as the original bit stream.
- Data link layer (d)The data link layer is responsible for the error free data frame transmission on the link between two adjacent nodes. Each frame contains certain data and necessary control information. When the receiver receives the data error, it needs to inform the sender to resend it until the frame arrives at the receiving node without error. The data link layer is to change a possible error link into a data link that makes the network layer look like an error free one. The main functions are: frame synchronization, error control, flow control, addressing, intra frame delimitation, transparent bit combination transmission and so on.
- Network layer (n): the communication between two computers in the network may pass through many nodes and links, and may also pass through several communication subnets. The unit of network layer data transmission is packet. The main task of the network layer is to choose an appropriate path for the packets to be transmitted, so that the sending packets can correctly find the destination host according to the given destination address and deliver to the destination host’s transport layer.
- Transport (T)The main task of the transport layer is to make the best use of the network resources through the characteristics of the communication subnet, and establish a connection channel between the session layers of the two end systems in a reliable and economical way to transparently transmit messages. The transport layer provides a reliable end-to-end service to the upper layer, so that the session layer does not know the details of the data communication below the transport layer. The transport layer only exists in the end system, and the information transmission is no longer considered in the layers above the transport layer.
- Session layer (session, s): in the session layer and the above layers, data transmission is based on packets, and the session layer does not participate in the specific transmission. It provides the communication mechanism between the establishment and maintenance of applications, including access verification and session management. If the server verifies the user login, it is done by the session layer.
- Presentation (P)This layer mainly solves the problem of syntax representation of user information. It transforms the data to be exchanged from an abstract syntax suitable for a user to a transmission syntax suitable for OSI internal representation. That is to provide formatted data representation and transformation services. Data compression and decompression, encryption and decryption are all in the charge of the presentation layer.
- Application layer (a): This is the highest level of the OSI reference model. The application layer determines the nature of communication between processes to meet the needs of users, and provides interface services between network and user software.
- Five layer protocol
The architecture used in our daily network can be divided into five layers
- application layer: provide data transmission services for specific applications, such as HTTP, DNS and other protocols. The data unit is message.
- Transport layer: provides general data transfer services for processes. Because there are many application layer protocols, defining a common transport layer protocol can support more and more application layer protocols. Transport layer includes two kinds of protocols: TCP, which provides connection oriented and reliable data transmission service, and the data unit is message segment; UDP (User Datagram Protocol) provides the best effort data transmission service without connection. The data unit is user datagram. TCP mainly provides integrity services, UDP mainly provides timeliness services.
- network layer: provide data transmission service for the host. The transport layer protocol is to provide data transmission services for the process in the host. The network layer encapsulates the message segments or user datagrams transmitted by the transport layer into packets.
- data link layer: the network layer aims at the data transmission service between hosts, and there can be many links between hosts. The link layer protocol is to provide data transmission service for hosts of the same link. The data link layer encapsulates the packets from the network layer into frames.
- physical layer: it considers how to transmit data bit stream on the transmission media, not the specific transmission media. The role of physical layer is to shield the differences between transmission media and communication means as much as possible, so that the data link layer can not feel these differences.
It does not strictly follow the concept of OSI layering. There are only four layers, which is equivalent to merging the data link layer and physical layer of the five layer protocol into the network structure layer.
2. Five layer protocol
2.1 physical layer
The unit of data transmitted on the physical layer is bit. Its function is to realize the transparent transmission of bit stream between adjacent computer nodes, and to shield and adjust the differences between specific transmission media and indoor devices as much as possible. According to the transmission direction of information on the transmission line, it can be divided into the following three communication modes:
- Simplex communication: one way transmission
- Half duplex communication: bidirectional alternate transmission
- Full duplex communication: two way simultaneous transmission
2.2 link layer
The data transmission between the two hosts is always carried out on a segment by segment link. At this time, a special link layer protocol is needed. When transmitting data between two adjacent nodes, the data link layer assembles the IP packets handed over by the network layer into frames, and transmits frames on the link between two adjacent nodes. Each frame includes data and necessary control information (such as synchronization information, address information, error control, etc.).
2.3 network layer
The core of Internet is to provide datagram service upward and connect heterogeneous physical networks through IP protocol. Its task is to select the appropriate network routing and switching nodes, so as to ensure the timely transmission of computer communication data
- ARP address resolution protocol
- Internet Control Message Protocol ICMP
- Internet Group Management Protocol IGMP
2.4 transport layer
The transport layer provides the logical communication between processes, which is responsible for providing the common data for the communication between two host processesData transmission serviceTo shield the core details of the network layer from high-level users, which mainly involves UDP and TCP protocols.
2.5 application layer
The task of application layer is to complete specific network applications through the interaction between application processes. Application layer protocol defines the rules of communication and interaction between application processes.
Different application layer protocols are needed for different network applications, such as DNS, HTTP and SMTP;
3.1 HTTP Foundation
- Uri (Uniform Resource Identifier)
URI = URL + URN
URL: unified resourcelocationSymbol, indicating a specific resource location
Urn: unified resource name
- Request message
It mainly consists of the following three parts
- Request line: including request method, URL, protocol / version
- Request header：
- Request Content
- response message
It mainly consists of the following three parts
- Status line
- Response header
- Response Content
3.2 HTTP method
||The request specifies the page information and returns the entity body|
||The main body of the transmission entity submits data to the specified resource for processing request. If the data is included in the request body, it may lead to the establishment of new resources and / or the modification of existing resources|
||The data transmitted from the client to the server replaces the content of the specified document and uploads the file without verification mechanism, which has security problems|
||Request the server to delete the specified page, usually delete the file|
||Get the message header, similar to
||Partial modification of resources|
||Query the supported methods, query the methods supported by the specified URL, and return the
||The requirement is to establish a tunnel when the proxy server communicates, and use SSL and TLS protocols to encrypt the communication content and then transmit it through the network tunnel|
||Tracking path, the server will return the communication path to the client|
3.3 HTTP status code
The first line in the response message returned by the server is the status line, which contains the status code and the reason phrase. It is used to inform the client of the result of the request. It is mainly divided into the following types. The common status codes are as follows:
- 1XX – informational: the server receives the request and needs the requester to continue the operation;
- 2XX – successful: request received successfully, understood and processed;
- 3xx – redirection: further operations are required to complete the request;
- 4xx – client error: the request contains syntax error or cannot complete the request;
- 5xx – server error: the server encountered an error in processing the request;
||So far, it’s normal that the client can continue to send the request or ignore the response|
||Indicates that the request was successful|
||The request has been successfully processed, but the returned response message does not contain the main part of the entity. Generally, it only needs to send information from the client to the server without returning data|
||Indicates that the client makes a range request, and the response message contains the
||It has the same function as 302, but 303 explicitly requires that the client should use
||If the header of the request message contains some conditions, such as
||Temporary redirection, similar to 302, but 307 requires the browser not to change the post method of the redirection request to the get method|
||Syntax error in request message|
||The status code indicates that the sent request needs authentication information|
||The request was rejected|
||The requested page does not exist|
||An error occurred while the server was executing the request|
||The server is temporarily overloaded or in the process of downtime maintenance, and cannot process the request now|
3.4 HTTP header
There are four types of header fields:
- General header field
- Request header field
- Response header field
- Entity header field
3.5 GET vs POST
- The function is different
GETIt is used to obtain resources, generally query, but not query
POSTIt is used to transfer entity body, which is generally submitted;
- The parameters are different
POSTAll requests can use additional parameters, but
GETThe parameters of the query string appear in the URL, which will not affect the content in the server, but
POSTThe parameters of are stored in the entity body. however
POSTWe can still use the bag grabbing tool to check it. On the other hand, URL only supports ASCII, so if there are Chinese characters in the parameters of get, you need to encode them first, but the parameters of post support standard character set;
The get method is secure because it does not change the state of the server. But post is not secure, because the purpose of post is to transmit the main content of the entity. The content may be the form data uploaded by the user. Once the upload is successful, the server may store the data in the database, and the status will change.
Idempotent HTTP method, the same request is executed once and repeatedly, the effect is the same, the server state is also the same, that is, idempotent method has no side effects, so all security methods are idempotent.
GET、HEAD、PUT、DELETEThe same method is idempotent, but
To cache the response, the following conditions should be met:
- The HTTP method of the request message itself is cacheable, including
POSTIn most cases, it is not cacheable;
- The status codes of response messages are cacheable, including 200, 203, 204, 206, 300, 301, 404, 405, 410, 411, 501;
- Design of response message
Cache-ControlIf the header field is not specified, it will not be cached;
4. HTTP and HTTPS
4.1 what is http / s Protocol?
HTTP（Hyper Text Transfer Protocol），Hyper Text Transfer ProtocolIt is a protocol to transfer HTML from web server to local browser.
The original purpose of HTTP is to provide a way to publish and receive HTML pages;
HTTP (Hyper Text Transfer Protocol over secure socket layer) is an HTTP channel aiming at security. Generally speaking, it is the secure version of HTTP. It adds SSL / TLS layer, verifies the identity of the server through SSL certificate, and encrypts the communication between the browser and the server. The security foundation of HTTPS is SSL, and its main functions are as follows:
- Establish an information security channel to ensure the security of data transmission;
- Confirm the authenticity of the website;
4.2 http / s features
- HTTP supports C / S mode, which is aRequest / response modeThe agreement of the company;
- Simple and fast: when a client requests a service from a server, it only needs to transmit the request method and path
- flexibleHTTP allows the transmission of any type of data object, and the type of data transmitted is determined by the
Content - TypeTo mark;
- No connection: limit each connection to only one request. After the server processes the request and receives the response from the client, it will disconnect, but it is not conducive to the client and server to maintain session connection;
- Stateless: the value protocol has no recall for transaction processing, if the previous information is needed for subsequent processing, it must be retransmitted;
4.2 principle of HTTP / S
HTTP isA protocol to transfer data based on TCP / IP communication protocolThe types of data transferred include HTML files, picture files, query results, etc. In addition, the HTTP protocol is generally used for
B/SThe browser, as an HTTP client, sends all the requests to the HTTP server (web server) through URL;
As shown in the figure above, the process of using HTTPS to transmit data is as follows:
- Firstly, the client accesses the server through URL to establish SSL connection;
- After receiving the request from the client, the server sends a copy of the certificate information (including the public key) supported by the website to the client;
- The client server starts to negotiate the security level of SSL connection, that is, the level of information encryption;
- The browser of the client establishes the session key according to the security level agreed by both parties, and then encrypts the session key by using the public key of the website and transmits it to the website;
- The server uses its own secret key to decrypt the session secret key;
- The server uses the session key to encrypt the communication with the client;
4.3 difference between HTTP and HTTPS
The data transmitted by HTTP protocol is unencrypted, that is, plaintext, so it is not safe to use HTTP protocol to transmit private information. In order to ensure that the private data can be encrypted, SSL protocol is used to encrypt the data transmitted by HTTP protocol, that is, HTTPS;
The HTTP + SSL protocol is a network protocol for encrypted transmission and identity authentication, which is more secure than http
- In general, there are few free certificates, so it needs a certain fee;
- HTTP is hypertext transmission information, and information is plaintext transmission; HTTPS is a secure SSL encrypted transmission protocol;
- HTTP and HTTPS use completely different connection methods, and HTTP is used by default
80Port, while HTTPS uses the
- HTTP connection is simple and stateless; And HTTPS is a network protocol constructed by SSL + HTTP protocol, which can carry out encrypted transmission and identity authentication, and is more secure than HTTP protocol;
|agreement||Based on TCP, plaintext transmission,The client and server cannot verify each other’s identity||HTTP + SSL, running on TCP,HTTP with encryption and authentication mechanism added|
|resource consumption||less||Because of the encryption and decryption operation, it will consume more CPU and memory resources|
|expenses||No certificate required||Need certificate, it is to buy from attestation orgnaization commonly|
|Encryption mechanism||nothing||Hybrid encryption mechanism of shared secret key encryption and public secret key encryption|
5. TCP VS UDP
5.1 characteristics of TCP and UDP
TCP (transmission control protocol) is connection oriented, providing reliable delivery, flow control, congestion control, and service deliveryFull duplex communication, byte stream orientedEach TCP connection can only bePoint to point (one to one)To sum up, it has the following characteristics:
- Connection oriented
- Unicast only
- Byte stream oriented
- Provides congestion control and full duplex communication
UDP (User Datagram Protocol) is for connectionless, maximum delivery and no congestion control,Message oriented(it does not merge or split the packets passed down from the application layer, only adds the UDP header)One to one, one to many, many to one and multipoint communicationTo sum up, it has the following characteristics:
- For connectionless
- It has the functions of unicast, multicast and broadcast
- Message oriented
- The head cost is small and the data transmission is efficient
5.2 TCP VS UDP
|Is it connected||Connection oriented||No connection|
|Is it reliable||Reliable transmission, using flow control and congestion control||Unreliable transmission without flow control and congestion control|
|Number of connected objects||Only one on one||Support one-to-one, one to many, many to one and many to many|
|transmission mode||Byte stream oriented||Message oriented|
|First cost||The minimum header size is 20 bytes and the maximum header size is 60 bytes||The overhead of the header is small, only 8 bytes|
|scene||Reliable transmission, such as file transfer, etc||Real time applications, such as video conference, live broadcast, etc|
5.3 three handshakes and four waves
- Three handshakes
- First handshake: the client sends the connection request message segment to the server, which contains its own initial serial number of data communication. After the request is sent, the client enters
- The Second Handshake : after receiving the connection request message from the client, the server will send a response if it agrees, and the response will also contain its own initial data communication serial number. Enter after sending
- The third handshake: after receiving the response from the server, the client sends a confirmation message to the server again. After the client sends the message, it will send the message
ESTABLISHEDAfter receiving the response, the server also enters the
ESTABLISHEDThe connection is established successfully.
- Four waves
- First wave:Once the client a thinks that the data transmission is completed, it sends a release request to the server B;
- Second wave:After receiving the connection release request, server B will inform the application layer to release the TCP connection, then send an ACK packet and enter
CLOST_WAITThis indicates that the connection from a to B has been released and the data sent by a is no longer received. But TCP is two-way communication, so B can still send data to a at this time;
- Third wave:If B still has unfinished data at this time, it will continue to send until it is finished, and then send a connection release request to a, and then B enters
- Fourth wave:After receiving the release request, a sends a confirmation response to B. at this time, a enters
TIME-WAITState and lasts for a period of time (generally 2msl). If there is no retransmission request from B in this period, it will enter
CLOSEDStatus. When B receives the confirmation response, it also enters the
6. Session vs Cookie
6.1 definition of session and cookie
6.1.1 what is cookie
cookieIt is a small file saved on the user’s browser by the web server（
key-valueFormat), including user related information. The client sends a request to the server. If the server needs to record the user status, it uses the
cookie。 The client browser will
cookieWhen the browser requests the website again, the browser will save the requested URL together with the website
cookieSubmit to the server together, and the server checks the
cookieTo confirm the user’s identity.
6.1.2 what is session
sessionIs the server object.
sessionA piece of storage space allocated by the server during a session between the browser and the server. The server defaults to the browser in the
sessionid, which is transmitted by the browser during the request to the server
sessionid, the server will
sessionidGet the information stored in the session, and then confirm the identity of the session.
6.2 difference between session and cookie
- storage space : single
cookieThe data saved can’t exceed 4K, and many browsers limit the maximum number of data saved by a site
cookieNumber (usually 20), but
sessionThere is no such restriction;
- Occupy server resources：
sessionWhen the access increases, it will occupy the server performance. Considering the server performance, it should be used
- Storage location and security：
cookieThe data is put on the client, and the security is poor,
sessionData on the server, the security is relatively high;
7. Common interview questions
7.1 why is TCP connection not twice, but three times?
Considering the problem of packet loss during connection, if it is twice, if the server responds to the loss of the client’s confirmation message segment during the second handshake, but at this time, the server is ready to receive data, and the client has not received the server’s confirmation message, the client does not know whether the server is ready. In this way, the client will neither send data to the server nor ignore the data sent by the server.
7.2 why wait for 2msl to release the TCP connection after sending the confirmation message of four waves?
The same reason is to consider the packet loss problem. If the message of the fourth wave is lost and the server does not confirm the ACK message, it will resend the message of the third wave. If the most common time for a message to come and go is 2 MSL, it will take such a long time to confirm that the server has received it.