banner
ShuWa

ShuWa

是进亦忧,退亦忧。然则何时而乐耶?
twitter
HomeArchives关于

OSI and TCP/IP network models

#计算机网络#面试62
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The OSI model has 7 layers, while the TCP/IP model has 4 layers. The application layer focuses on exchanging information between devices using protocols like HTTP and FTP. The network layer encapsulates data for transmission, and the Internet uses IP as the network layer protocol. BGP is a routing protocol for exchanging network reachability information. The network interface layer combines data link and physical layers. DMA technology is used to write network packets to memory addresses. NAPI mechanism combines interrupts and polling for efficient data reception. Multiple memory copy operations are involved in sending network data.

OSI Seven-Layer Model#

The OSI seven-layer model has a clear concept and a complete theory, but it is complex and impractical, and some functions are repeated in multiple layers.
Physical Layer: Bottom layer of data transmission, such as network cables; network card standards.
Data Link Layer: Defines the basic format of data, how to transmit it, and how to identify it; such as network card MAC address.
Network Layer: Defines IP addressing and routing functions; such as data forwarding between different devices.
Transport Layer: Basic function of end-to-end data transmission; such as TCP, UDP.
Session Layer: Controls the session capability between applications; such as distributing data to different software.
Presentation Layer: Data format identification, basic compression and encryption functions.
Application Layer: Various application software, including web applications.
image

TCP/IP Four-Layer Model#

The TCP/IP four-layer model is a widely adopted model, and we can consider it as a simplified version of the OSI seven-layer model, consisting of the following four layers:

  • Application Layer
  • Transport Layer
  • Network Layer
  • Network Interface Layer
    image

Application Layer#

The application layer is located above the transport layer and mainly provides services for information exchange between applications on two terminal devices. It defines the format of information exchange, and the message will be handed over to the transport layer for transmission. We call the data units exchanged at the application layer messages.
Therefore, the application layer only needs to focus on providing application functions to users, such as HTTP, FTP, Telnet, DNS, SMTP, etc.

image

Moreover, the application layer works in the user space of the operating system, while the transport layer and below work in the kernel space.

Transport Layer#

The main task of the transport layer is to provide general data transmission services between processes on two terminal devices. The application process uses this service to transmit application layer messages. "General" means that it is not specific to a particular network application, but multiple applications can use the same transport layer service.
Common protocols of the transport layer:

  • TCP (Transmission Control Protocol): Provides a reliable byte stream transmission service with a connection-oriented approach.
  • UDP (User Datagram Protocol): Provides a connectionless, best-effort data transmission service (does not guarantee the reliability of data transmission), simple and efficient.

Network Layer#

The network layer is responsible for providing communication services for different hosts on a packet-switched network. When sending data, the network layer encapsulates the segments or user datagrams generated by the transport layer into packets and sends them. In the TCP/IP architecture, because the network layer uses the IP protocol, the packets are also called IP datagrams, or simply datagrams.
Another task of the network layer is to select the appropriate route so that the packets transmitted by the source host's transport layer can find the destination host through the routers in the network layer.
The Internet is composed of a large number of heterogeneous networks connected to each other through routers. The network layer protocols used by the Internet are connectionless Internet Protocol (IP) and many routing protocols, so the network layer of the Internet is also called the internet layer or IP layer.
Common protocols of the network layer:

  • IP (Internet Protocol): One of the most important protocols in the TCP/IP protocol suite, mainly responsible for defining the format of packets, routing and addressing of packets, so that they can be propagated across networks and reach the correct destination. Currently, there are two main types of IP protocols, one is the older IPv4, and the other is the newer IPv6. Both protocols are currently in use, but the latter has been proposed to replace the former.
  • ARP (Address Resolution Protocol): ARP protocol solves the problem of conversion between network layer addresses and link layer addresses. Because an IP datagram needs to know where to go next (the next destination in the physical sense) during the process of being transmitted on the physical layer, but the IP address is a logical address, and the MAC address is the physical address. The ARP protocol solves some problems of converting IP addresses to MAC addresses.
  • ICMP (Internet Control Message Protocol): A protocol used to transmit network status and error messages, commonly used for network diagnostics and troubleshooting. For example, the Ping tool uses the ICMP protocol to test network connectivity.
  • NAT (Network Address Translation): NAT protocol is used in the address translation process from the internal network to the external network. Specifically, in a small subnet (LAN), each host uses the same IP address within the LAN, but outside the LAN, in the wide area network (WAN), a unified IP address is needed to identify the position of the LAN on the entire Internet.
  • OSPF (Open Shortest Path First): An Interior Gateway Protocol (IGP) and widely used dynamic routing protocol based on the link-state algorithm. It considers factors such as bandwidth and delay of links to choose the best path.
  • RIP (Routing Information Protocol): An Interior Gateway Protocol (IGP) and a dynamic routing protocol based on the distance-vector algorithm. It uses the number of hops as the metric and chooses the path with the fewest hops as the best path.
  • BGP (Border Gateway Protocol): A routing protocol used to exchange Network Layer Reachability Information (NLRI) between routing domains. It has high flexibility and scalability.

Network Interface Layer#

We can consider the network interface layer as a combination of the data link layer and the physical layer.

  • The data link layer (also known as the link layer) is responsible for the transmission of data between two hosts, which is always carried out in segments on a link. The data link layer assembles the IP datagrams delivered from the network layer into frames and transmits them on the link between two adjacent nodes. Each frame includes data and necessary control information (such as synchronization information, address information, error control, etc.).
  • The physical layer is responsible for the transparent transmission of bit streams between adjacent computer nodes, shielding the differences in specific transmission media and physical devices as much as possible. The important functions and protocols of the network interface layer are shown in the following figure:
    image

Socket Network Programming Based on TCP/IP Four-Layer Model#

Linux Network Protocol Stack#

From the network protocol stack diagram, you can see that:

  • Applications need to interact with the Socket layer through system calls to exchange data.
  • Below the Socket layer are the transport layer, network layer, and network interface layer.
  • The bottom layer is the network card driver and the hardware network card device.
    image

Receiving Process#

The network card is a hardware device in the computer that is specifically responsible for receiving and sending network packets. When the network card receives a network packet, it uses DMA technology to write the network packet to a specified memory address, which is the Ring Buffer, a circular buffer. Then it will inform the operating system that the network packet has arrived.

How does it inform the operating system that the network packet has arrived?

Trigger an interrupt: Whenever the network card receives a network packet, it triggers an interrupt to notify the operating system.
However, this will cause a problem. When the operating system frequently receives network packets, it will frequently trigger interrupts, which affects the efficiency of the operating system.
The solution is to use the NAPI mechanism, which is a hybrid of "interrupt and polling" to receive network packets. The core concept of NAPI is not to read data using interrupts, but to first wake up the data reception service program using interrupts, and then use polling to process the data.

What is the NAPI mechanism?

Therefore, when a network packet arrives, it will use DMA technology to write the network packet to a specified memory address. Then the network card will initiate a hardware interrupt to the CPU. When the CPU receives the hardware interrupt request, it calls the registered interrupt handler function based on the interrupt table.
The hardware interrupt handler function will do the following:

  • It needs to "temporarily disable interrupts" first, indicating that it already knows that there is data in memory and tells the network card not to notify the CPU again when it receives another data packet, which can improve efficiency and avoid constant interruption of the CPU.
  • Then, it triggers a "soft interrupt" and then restores the previously disabled interrupt.

At this point, the work of the hardware interrupt handler function is completed.

Soft interrupt?

The ksoftirqd thread in the kernel is responsible for handling soft interrupts. When the ksoftirqd kernel thread receives a soft interrupt, it will poll and process the data.
The ksoftirqd thread retrieves a data frame, represented by sk_buff, from the Ring Buffer, which can be processed as a network packet by the network protocol stack layer by layer.

Network Protocol Stack

image
First, it enters the network interface layer, where the validity of the packet is checked. If it is invalid, it is discarded; if it is valid, the type of the upper layer protocol of the packet is determined, such as IPv4 or IPv6. Then the frame header and frame trailer are removed, and it is handed over to the network layer.
In the network layer, the IP packet is extracted, and the next step of the network packet is determined, whether it is to be processed by the upper layer or forwarded. When it is confirmed that the network packet is to be sent to the local host, the transport layer protocol type is checked from the IP header, whether it is TCP or UDP. Then the IP header is removed, and it is handed over to the transport layer.
In the transport layer, the TCP or UDP header is extracted, and based on the four-tuple "source IP, source port, destination IP, destination port" as the identifier, the corresponding socket is found, and the data is placed in the receive buffer of the socket.
Finally, the application layer program calls the Socket interface to "copy" the data from the kernel's Socket receive buffer to the application's buffer, and then wake up the user process.
At this point, the receiving process of a network packet is completed. You can also see the sending process of network packets from the left part of the figure, and it is the reverse of the receiving process.

How many times does memory copying occur when sending network data?

The first time is when the system call for sending data is called, the kernel will allocate kernel-level sk_buff memory, copy the user's data to the sk_buff memory, and add it to the send buffer.
The second time, when using the TCP transport protocol, when entering the network layer from the transport layer, each sk_buff will be cloned into a new copy. The cloned sk_buff will be sent to the network layer and released after it is sent, while the original sk_buff will remain in the transport layer. This is to achieve reliable transmission of TCP. The original sk_buff will be released only when the ACK of this data packet is received.
The third time, it only occurs when the sk_buff is larger than the MTU. Additional sk_buffs will be allocated, and the original sk_buff will be copied into multiple smaller sk_buffs.

Ref:
小林 coding
JavaGuide

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.