TCP/IP,目标,通过本章的学习，你将能掌握以下内容: 了解TCP/IP通信协议及DoD模型 掌握TCP、UDP及IP报文格式 理解并掌握TCP、UDP、IP通信原理 熟悉PING、TRACEROUTE、ARP、RARP等几种三层协议,早期的协议栈 普遍性的,介绍 TCP/IP,主机,Internet,TCP/IP,主机,TCP/IP 协议栈,7,6,4,3,2,5,4,3,2,应用层,表示层,会话层,传输层,网络层,数据链路层,物理层,1,应用层,传输层,互联网层,数据链路层,物理层,1,应用层概述,*Used by the router,应用层,传输层,互联网层,数据链路层,物理层,File Transfer- TFTP *- FTP *- NFS E-Mail- SMTP Remote Login- Telnet *- rlogin * Network Management- SNMP * Name Management- DNS*,传输层概述,Transmission Control Protocol (TCP)User Datagram Protocol (UDP),应用层,传输层,互联网层,数据链路层,物理层,面向连接的非面向连接的,TCP 报文格式,Source port (16),Destination port (16),Sequence number (32),Header length (4),Acknowledgement number (32),Reserved (6),Code bits (6),Window (16),Checksum (16),Urgent (16),Options (0 or 32 if any),Data (varies),20 Bytes,Bit 0,Bit 15,Bit 16,Bit 31,端口号,TCP,端口号,F T P,传输层,T E L N E T,D N S,S N M P,T F T P,S M T P,UDP,应用层,21,23,25,53,69,161,R I P,520,TCP 端口号,Source Port,Dest. Port,Host A,1028,23,SP,DP,Host Z,Telnet Z,Dest. port = 23. Send packet to my Telnet application.,TCP会话的建立与释放过程,TCP会话的建立与释放过程,Send SYN (seq=100 ctl=SYN),SYN received,Host A,Host B,TCP 三次握手建立连接,Send SYN (seq=100 ctl=SYN),SYN received,Send SYN, ACK (seq=300 ack=101 ctl=syn,ack),Host A,Host B,SYN received,TCP 三次握手建立连接,Send SYN (seq=100 ctl=SYN),SYN received,Send SYN, ACK (seq=300 ack=101 ctl=syn,ack),Established (seq=101 ack=301 ctl=ack),Host A,Host B,SYN received,TCP 三次握手建立连接,TCP简单确认,Window size = 1,Sender,Receiver,TCP简单确认,Window size = 1,Sender,Receiver,Send 1,Receive 1,TCP简单确认,Window size = 1,Sender,Receiver,Send 1,Receive 1,Receive ACK 2,Send ACK 2,TCP简单确认,Window size = 1,Sender,Receiver,Send 1,Receive 1,Receive ACK 2,Send ACK 2,Send 2,Receive 2,TCP简单确认,Window size = 1,Sender,Receiver,Send 1,Receive 1,Receive ACK 2,Send ACK 2,Send 2,Receive 2,Receive ACK 3,Send ACK 3,TCP简单确认,Window size = 1,Sender,Receiver,Send 1,Receive 1,Receive ACK 2,Send ACK 2,Send 2,Receive 2,Receive ACK 3,Send ACK 3,Send 3,Receive 3,Window size = 1,Sender,Receiver,Send 1,Receive 1,Receive ACK 2,Send ACK 2,Send 2,Receive 2,Receive ACK 3,Send ACK 3,Send 3,Receive 3,Receive ACK 4,Send ACK 4,TCP简单确认,TCP序列号和确认号,Source Port,Dest. Port,Sequence #,Acknowledgement #,Source,Dest.,Seq.,Ack.,1028,23,10,1,I just sent #10.,I just got #10, now I need #11.,Source Port,Dest. Port,Sequence #,Acknowledgement #,1028,23,Source,Dest.,10,Seq.,1,Ack.,1028,23,Source,Dest.,11,Seq.,1,Ack.,I just sent #10.,TCP序列号和确认号,TCP序列号和确认号,Source Port,Dest. Port,Sequence #,Acknowledgement #,1028,23,Source,Dest.,11,Seq.,2,Ack.,1028,23,Source,Dest.,10,Seq.,1,Ack.,1028,23,Source,Dest.,11,Seq.,1,Ack.,I just got #10, now I need #11.,I just sent #11.,TCP序列号和确认号,Source Port,Dest. Port,Sequence #,Acknowledgement #,1028,23,Source,Dest.,11,Seq.,2,Ack.,1028,23,Source,Dest.,10,Seq.,1,Ack.,1028,23,Source,Dest.,11,Seq.,1,Ack.,1028,23,Source,Dest.,12,Seq.,2,Ack.,I just got #11, now I need #12.,I just sent #11.,TCP窗口,Sender,Receiver,TCP窗口,Window size = 3 Send 2,Sender,Receiver,Window size = 3 Send 1,Window size = 3 Send 3,Window size = 3 Send 2,TCP窗口,Sender,Window size = 3 Send 1,Window size = 3 Send 3,ACK 3 Window size = 2,Packet 3 is Dropped,Receiver,Window size = 3 Send 2,TCP窗口,Sender,Window size = 3 Send 1,Window size = 3 Send 3,ACK 3 Window size = 2,Packet 3 is Dropped,Window size = 2 Send 4,Window size = 2 Send 3,Receiver,Window size = 3 Send 2,TCP窗口,Sender,Window size = 3 Send 1,Window size = 3 Send 3,ACK 3 Window size = 2,Packet 3 is Dropped,Window size = 2 Send 4,Window size = 2 Send 3,ACK 5 Window size = 2,Receiver,TCP会话数据处理机制,TCP会话中数据传递的过程,没有序列号或 确认号字段,UDP 报文格式,Source port (16),Destination port (16),Length (16),Data (if any),1,Bit 0,Bit 15,Bit 16,Bit 31,Checksum (16),8 Bytes,互联网层概述,OSI 网络层在TCP/IP里被描述成互联网层,Internet Protocol (IP)Internet Control Message Protocol (ICMP)Address Resolution Protocol (ARP)Reverse Address Resolution Protocol (RARP),应用层,传输层,互联网层,数据链路层,物理层,IP 数据包,Version (4),Destination IP Address (32),Options (0 or 32 if any),Data (varies if any),1,Bit 0,Bit 15,Bit 16,Bit 31,Header Length (4),Priority & Type of Service (8),Total Length (16),Identification (16),Flags (3),Fragment offset (13),Time to live (8),Protocol (8),Header checksum (16),Source IP Address (32),20 Bytes,决定目的高层协议,协议字段,传输层,互连网层,TCP,UDP,协议号,IP,17,6,因特网控制报文协议,Application,Transport,Internet,Data Link,Physical,Destination UnreachableEcho (Ping)Other,ICMP,1,ICMP协议,1、目的不可达ICMP报文（目的网络、目的主机、目的协议、目的端口不可达） 2、超时ICMP报文（TTL每经过一次路由器就减1，减到0时，数据包被丢弃。Trace充分利用了ICMP超时报文） 3、重定向ICMP报文（向源主机通知更好的路由） 4、ICMP回应请求与回应应答（ping发送和接收icmp echo/icmp echo reply报文）,Ping命令的结论,Ping的主要功能是确定一个给定的IP地址是否可以到达。如果ping执行成功，则暗示： 1）从源到目的节点存在一条可以工作的路径； 2）目标IP地址对应的机器在正常工作； 3）从目标节点到源节点存在一条可以工作的路径。 但是，从源到目标的路径与从目标回源节点的路径可能不一致。即不对称路由。,Ping命令的输出结果,! Ping操作成功，收到了icmp echo reply报文 . 未收到任何报文 U icmp不可到达目的主机 N icmp不可到达目的网络 P icmp不可到达目的端口 Q icmp源地址失踪 M icmp禁止数据包分段 ? 收到无法识别的数据包,