Master the Essentials of Computer Networks: From Physical Layer to Application Protocols

1. Overview of Computer Networks

1.1 Classification of Computer Networks

Based on scope: Wide Area Network (WAN), Metropolitan Area Network (MAN), Local Area Network (LAN); based on users: public networks, private networks.

1.2 Layered Structure of Computer Networks

Comparison of TCP/IP four‑layer model and OSI reference model:

1.3 Basic Principles of Layered Design

Layers are independent of each other;

Each layer should have sufficient flexibility;

Layers are completely decoupled.

1.4 Performance Metrics of Computer Networks

Rate: bps = bits/s; Delay: transmission, propagation, queuing, processing; Round‑Trip Time (RTT): time for a packet to travel from source to destination and back.

2. Physical Layer

The physical layer connects different physical devices and transmits bit streams, providing a reliable physical medium for upper‑layer protocols.

Physical layer devices:

Repeater (also called amplifier): regenerates signals within the same LAN; both ports must use the same protocol; 5‑4‑3 rule: in 10BASE‑5 Ethernet, at most 4 repeaters can be cascaded, and only 3 hosts can be connected in the 5 segments.

Hub: multi‑port repeater; half‑duplex; cannot separate collision or broadcast domains.

Basic concept of a channel: a medium that transmits information in one direction; a communication circuit includes a sending channel and a receiving channel.

Simplex channel: one‑way communication, no feedback.

Half‑duplex channel: both sides can send and receive, but not simultaneously.

Full‑duplex channel: both sides can send and receive simultaneously.

3. Data Link Layer

3.1 Overview of Data Link Layer

The data link layer provides services to the network layer based on the physical layer, ensuring reliable transmission of network‑layer data to adjacent nodes over unreliable physical media.

Functions include physical address addressing, framing, flow control, error detection, and retransmission.

Key points:

Provides reliable data transmission for the network layer;

Basic data unit is a frame;

Main protocol: Ethernet;

Important devices: bridges and switches.

Encapsulation into frames: a “frame” is the basic unit of data link layer data.

Transparent transmission: control characters in frame data are escaped with an ESC character.

3.2 Error Detection in Data Link Layer

Error detection methods: parity check, cyclic redundancy check (CRC).

Parity check limitation: cannot detect errors when two bits are wrong.

CRC: generates a fixed‑length check code based on transmitted data.

3.3 Maximum Transmission Unit (MTU)

MTU (Maximum Transmission Unit) limits the length of a data link layer frame.

Path MTU is determined by the smallest MTU among the links in the path.

3.4 Ethernet Protocol Details

MAC address: each device has a unique 48‑bit MAC address, usually represented in hexadecimal.

Ethernet is a widely used LAN technology that operates at the data link layer, enabling frame transmission between adjacent devices.

LAN Types

Ethernet (IEEE 802.3): first widely deployed high‑speed LAN; fast data rates; inexpensive hardware and low deployment cost.

Ethernet Frame Structure

Type: identifies the upper‑layer protocol (2 bytes).

Destination and source addresses: MAC addresses (6 bytes each).

Data: encapsulated upper‑layer packet (46–1500 bytes).

CRC: 4‑byte cyclic redundancy check.

Minimum frame size: 64 bytes (18‑byte header, 46‑byte data).

MAC Address (Physical Address)

Length: 6 bytes (48 bits).

Unique to each network interface.

Usually written in hexadecimal separated by “-” or “:”.

Broadcast address: FF‑FF‑FF‑FF‑FF‑FF.

4. Network Layer

The network layer provides transparent data transfer between end systems, handling addressing, routing, connection establishment, maintenance, and termination.

Key protocols: IP (core of TCP/IP), ARP, RARP, ICMP, IGMP. Important device: router.

Functions of the network layer:

Routing packets between subnets, congestion control, inter‑network connectivity.

Basic data unit: IP datagram.

Major protocols: IP, ICMP, ARP, RARP.

Routing protocols for routers.

4.1 IP Protocol Details

IP is the core protocol of the Internet layer, abstracting the complex physical network into a virtual inter‑connected network.

IP header fields include version (IPv4/IPv6), header length, total length, TTL, and protocol (e.g., TCP, UDP).

4.2 IP Forwarding Process

4.3 Subnetting

Class A (8 network bits + 24 host bits), Class B (16+16), Class C (24+8); Class D for multicast, Class E reserved.

4.4 NAT (Network Address Translation)

NAT allows multiple private hosts to share a single public IP, reducing address consumption but increasing communication complexity.

How NAT works:

Outgoing packets have their source IP replaced with the NAT’s public IP and the mapping recorded; incoming packets are translated back using the table.

4.5 ARP and RARP

ARP maps an IP address to a MAC address; RARP maps a MAC address to an IP address.

4.6 ICMP Details

ICMP reports errors or exceptional conditions; ICMP messages are encapsulated within IP datagrams.

ICMP applications:

Ping for network fault diagnosis;

Traceroute to discover the path of IP packets.

4.7 Routing Overview

Routing algorithm requirements: correctness, simplicity, adaptability, stability, fairness.

Autonomous System (AS): a group of networks under a single administrative domain. Internal routing protocols (IGP) include RIP and OSPF; external routing protocol (EGP) is BGP.

Static routing is manually configured and complex; dynamic routing uses algorithms.

Link‑state routing (LS): fast convergence, uses Dijkstra’s algorithm.

Distance‑vector routing (DV): slower convergence, may form loops, based on Bellman‑Ford.

4.8 RIP Protocol

RIP (Routing Information Protocol) is an interior gateway protocol based on distance‑vector algorithm, suitable for small AS; RIP messages are carried in UDP.

RIP characteristics:

Metric is hop count (maximum 15 hops).

Cost defined between source router and destination subnet.

Updates broadcast every 30 seconds.

4.9 OSPF Protocol

OSPF (Open Shortest Path First) is an interior gateway protocol based on link‑state (Dijkstra) algorithm, suitable for large AS, encapsulated directly in IP.

OSPF advantages:

Security.

Supports multiple equal‑cost paths.

Supports differentiated cost metrics.

Supports unicast and multicast routing.

Hierarchical routing.

RIP vs OSPF comparison (image).

4.10 BGP Protocol

BGP (Border Gateway Protocol) is an exterior gateway protocol operating between ASes; it exchanges full routing tables initially and incremental updates thereafter, encapsulated in TCP.

5. Transport Layer

The transport layer provides end‑to‑end segmentation and reliable or unreliable data transfer, handling error control and flow control.

Main protocols: TCP (Transmission Control Protocol) and UDP (User Datagram Protocol); important device: gateway.

5.1 UDP Details

UDP is a simple, connectionless protocol with no reliability guarantees, message‑oriented, no congestion control, and minimal header overhead (8 bytes).

UDP datagram structure: header (source port, destination port, length, checksum) followed by data.

5.2 TCP Details

TCP is a complex, connection‑oriented, byte‑stream protocol providing reliable transmission.

TCP functions:

Segmentation and reassembly of application data;

Multiplexing/demultiplexing;

End‑to‑end flow control;

Congestion control;

Transport‑layer addressing;

Error detection for header and data;

Reliable end‑to‑end data transfer.

TCP characteristics:

Connection‑oriented;

Byte‑stream oriented;

Point‑to‑point communication;

Provides reliable service;

Full‑duplex communication.

5.2.1 TCP Segment Structure

Maximum segment length is the maximum amount of application data that can be encapsulated.

TCP header fields:

Sequence number: identifies each byte of application data.

Acknowledgment number: next expected byte from the peer.

Header length: minimum 20 bytes, maximum 60 bytes, multiple of 4 bytes.

TCP flags purpose:

5.3 Basic Principles of Reliable Transmission

Fundamentals:

Unreliable channels may cause bit errors, reordering, retransmission, loss.

Reliability mechanisms: error detection, acknowledgments, retransmission, sequencing, timers.

Error detection via coding; acknowledgment; retransmission; sequencing; timers.

Stop‑and‑wait protocol is simple but inefficient.

Continuous ARQ (sliding window with cumulative ACK) greatly improves channel utilization.

5.3.1 TCP Reliable Transmission

Continuous ARQ may still cause unnecessary retransmission of already received bytes.

5.3.2 TCP Flow Control

Flow control prevents the sender from overwhelming the receiver; TCP uses a sliding window.

5.4 TCP Congestion Control

Congestion control addresses network‑wide overload, unlike flow control which is point‑to‑point.

Methods: slow start + congestion avoidance.

Slow start: congestion window grows exponentially from 1.

When threshold reached, switch to congestion avoidance (linear growth).

On timeout, threshold becomes half of current cwnd (minimum 2); return to slow start.

Fast retransmit: after three duplicate ACKs, retransmit without waiting for timeout.

Fast recovery: set threshold to half of cwnd, then enter congestion avoidance.

Fast retransmit and fast recovery details.

5.5 TCP Three‑Way Handshake

Purpose: establish a reliable connection.

First handshake: client sends SYN, server learns client can send.

Second handshake: server replies with SYN‑ACK, client learns server can send and receive.

Third handshake: client sends ACK, server knows client can receive.

Connection establishment details with sequence numbers.

5.6 TCP Four‑Way Termination

Release connection steps:

First: client sends FIN, enters FIN_WAIT_1.

Second: server ACKs, enters CLOSE_WAIT; client moves to FIN_WAIT_2.

Third: server sends FIN, enters LAST_ACK; client ACKs.

Fourth: client ACKs, enters TIME_WAIT then CLOSED; server moves to CLOSED after ACK.

Why wait 2 MSL?

Ensures the final packet is acknowledged.

Allows the ACK to reach the receiver.

Triggers retransmission if no ACK within 2 MSL.

Ensures all packets have expired.

6. Application Layer

The application layer provides interfaces for operating systems or network applications to access network services.

Data unit: message.

Main protocols: FTP, Telnet, DNS, SMTP, POP3, HTTP.

6.1 DNS Details

DNS (Domain Name System) maps domain names to IP addresses (C/S, UDP, port 53). Resolution order: browser cache → hosts file → router cache → DNS servers (iterative/recursive).

IP → DNS → human‑readable domain.

Domain structure: top‑level (com, cn, net, gov, org), second‑level (baidu, taobao, qq, alibaba), third‑level (www).

6.2 DHCP Details

DHCP (Dynamic Host Configuration Protocol) is a LAN protocol that uses UDP to automatically assign IP addresses to temporary users.

6.3 HTTP Details

FTP control connection (port 21) transfers control information during a session.

HTTP (TCP, port 80) is a reliable data transfer protocol; browsers establish a TCP connection before sending HTTP requests.

HTTP request methods:

GET – request a page and return the body.

POST – submit data for processing.

DELETE – request server to delete a page.

HEAD – retrieve only the header.

OPTION – request options information.

PUT – store a document at the specified URL.

6.3.1 HTTP Workflow

6.3.2 HTTPS Details

HTTPS is secure HTTP over TLS/SSL (port 443), providing encryption, authentication, and data integrity.