知道
OSI model
Description of OSI layers
The recommendation X.200 describes seven layers, labeled 1 to 7. Layer 1 is the lowest layer in this model.
| OSI Model | ||||
|---|---|---|---|---|
| Layer | Protocol data unit (PDU) | Function[3] | ||
| Host layers |
7. Application | Data | High-level APIs, including resource sharing, remote file access | |
| 6. Presentation | Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption | |||
| 5. Session | Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes | |||
| 4. Transport | Segment, Datagram | Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing | ||
| Media layers |
3. Network | Packet | Structuring and managing a multi-node network, including addressing,routing and traffic control | |
| 2. Data link | Frame | Reliable transmission of data frames between two nodes connected by a physical layer | ||
| 1. Physical | Symbol | Transmission and reception of raw bit streams over a physical medium | ||
At each level N, two entities at the communicating devices (layer N peers) exchange protocol data units (PDUs) by means of a layer N protocol. Each PDU contains a payload, called the service data unit (SDU), along with protocol-related headers or footers.
Data processing by two communicating OSI-compatible devices is done as such:
- The data to be transmitted is composed at the topmost layer of the transmitting device (layer N) into a protocol data unit (PDU).
- The PDU is passed to layer N-1, where it is known as the service data unit (SDU).
- At layer N-1 the SDU is concatenated with a header, a footer, or both, producing a layer N-1 PDU. It is then passed to layer N-2.
- The process continues until reaching the lowermost level, from which the data is transmitted to the receiving device.
- At the receiving device the data is passed from the lowest to the highest layer as a series of SDUs while being successively stripped from each layer’s header or footer, until reaching the topmost layer, where the last of the data is consumed.
Some orthogonal aspects, such as management and security, involve all of the layers (See ITU-T X.800 Recommendation[4]). These services are aimed at improving the CIA triad – confidentiality, integrity, and availability – of the transmitted data. In practice, the availability of a communication service is determined by the interaction between network design and network management protocols. Appropriate choices for both of these are needed to protect against denial of service.[citation needed]
認識
Computer network
Communication protocols
A communication protocol is a set of rules for exchanging information over a network. In a protocol stack (also see the OSI model), each protocol leverages the services of the protocol layer below it, until the lowest layer controls the hardware which sends information across the media. The use of protocol layering is today ubiquitous across the field of computer networking. An important example of a protocol stack is HTTP (the World Wide Web protocol) running over TCP over IP (the Internet protocols) over IEEE 802.11 (the Wi-Fi protocol). This stack is used between the wireless router and the home user’s personal computer when the user is surfing the web.
Communication protocols have various characteristics. They may be connection-oriented or connectionless, they may use circuit mode or packet switching, and they may use hierarchical addressing or flat addressing.
There are many communication protocols, a few of which are described below.
IEEE 802
IEEE 802 is a family of IEEE standards dealing with local area networks and metropolitan area networks. The complete IEEE 802 protocol suite provides a diverse set of networking capabilities. The protocols have a flat addressing scheme. They operate mostly at levels 1 and 2 of the OSI model.
For example, MAC bridging (IEEE 802.1D) deals with the routing of Ethernet packets using a Spanning Tree Protocol. IEEE 802.1Q describes VLANs, and IEEE 802.1X defines a port-based Network Access Control protocol, which forms the basis for the authentication mechanisms used in VLANs (but it is also found in WLANs) – it is what the home user sees when the user has to enter a “wireless access key”.
Ethernet
Ethernet, sometimes simply called LAN, is a family of protocols used in wired LANs, described by a set of standards together called IEEE 802.3 published by the Institute of Electrical and Electronics Engineers.
Wireless LAN
Wireless LAN, also widely known as WLAN or WiFi, is probably the most well-known member of the IEEE 802 protocol family for home users today. It is standardized by IEEE 802.11 and shares many properties with wired Ethernet.
Internet Protocol Suite
The Internet Protocol Suite, also called TCP/IP, is the foundation of all modern networking. It offers connection-less as well as connection-oriented services over an inherently unreliable network traversed by data-gram transmission at the Internet protocol (IP) level. At its core, the protocol suite defines the addressing, identification, and routing specifications for Internet Protocol Version 4 (IPv4) and for IPv6, the next generation of the protocol with a much enlarged addressing capability.
The TCP/IP model or Internet layering scheme and its relation to common protocols often layered on top of it.
Figure 4. Message flows (A-B) in the presence of a router (R), red flows are effective communication paths, black paths are across the actual network links.
了解
子網路
子網路(英語:Subnetwork)這個詞有兩個相關的含義:其中一個較老的、一般的含義是網際網路中的一個物理網路;在網際網路協定(Internet Protocol,IP)中,子網路指的是從分類網路中劃分出來的一部分。本文敘述其第二種含義。
具有相同的前半部分位址的一組 IP 位址,可以利用位址的前半部分劃分組。在一個IP網路中劃分子網路使我們能將一個單一的大型網路——至少(邏輯上)看上去如此——分成若干個較小的網路。在最初引入這個概念的時候,IPv4 還未引入分類網路這個概念。而引入劃分子網路這個概念的目的是為了允許一個單一的站點能擁有多個區域網路。即使在引入了分類網路號之後,這個概念仍然有它的用處,因為它減少了網際網路路由表中的表項數量(通過隱藏一個站點內部所有獨立子網路的相關資訊)。此外它還帶來了一個好處,那就是減少了網路開銷,因為它將接收 IP 廣播的區域劃分成了若干部分。
網路遮罩
「網路遮罩」又叫「子網掩碼」、「位址遮罩」、「子網路遮罩」(subnet mask),它是一種用來指明一個 IP位址的哪些位標識的是主機所在的網路位址以及哪些位標識的是主機位址的位遮罩。
通常情況下,子網路遮罩的表示方法和位址本身的表示方法是一樣的。在 IPv4 中,就是點分十進位四組表示法(四個取值從0到255的數字由點隔開,比如255.128.0.0)或表示為一個八位十六進位數(如FF.80.00.00,它等同於255.128.0.0),後者用得較少。
另一種更為簡短的形式叫做無類別域間路由(CIDR)表示法,它給出的是一個位址加上一個斜槓以及網路遮罩的二進位表示法中「1」的位數(即網路號中和網路遮罩相關的是哪些位)。例如,192.0.2.96/28表示的是一個前28位元被用作網路號的IP位址(和255.255.255.240的意思一樣)。
子網路遮罩的好處就是:不管網路有沒有劃分子網路,只要把子網路遮罩和 IP 位址進行逐位的「與」運算(AND)即得出網路位址來 。這樣在路由器處理到來的分組時就可以採用同樣的方法。[1]
IPv4子網路劃分
IPv4位址被分為三部分:網路部分(network)、子網路部分(subnetwork,現在常被認為是網路部分的一部分——儘管它本來是「rest」部分的一部分)和主機(host)部分。共有三類IP位址,它們分別指定了各部分占多少位。
| 類別 | 起始位 | 開始 | 結束 | 點分十進位遮罩 |
|---|---|---|---|---|
| A | 0 | 0.0.0.0 | 127.0.0.0 | 255.0.0.0 |
| B | 10 | 128.0.0.0 | 191.255.0.0 | 255.255.0.0 |
| C | 110 | 192.0.0.0 | 223.255.255.0 | 255.255.255.0 |
子網路的劃分是一個將主機部分的若干位分配到網路部分的過程。例如,對於一個給定的A類網路:10.0.0.0,子網路遮罩:255.255.0.0可以將其劃分為256個子網路(從10.0.0.0到10.255.0.0)——第一個八位位組表示網路位址,第二個表示子網路號,而最後兩個表示主機部分。用子網路遮罩對主機位址進行位與操作,就能夠提取出完整的子網路位址(參見下面的例子)。
子網路遮罩並不局限於整數個八位位組的情況。例如,255.254.0.0(或「/15」)同樣是一個有效的遮罩。如果將它應用到A類位址上,就會產生128個間隔為2的子網路(例如1.2.0.1~1.3.255.254,1.4.0.1~1.5.255.254等等)。這情況我們可以說是 Class A 的 network 向 host 借了 7個bits,也可以說是 host 向 Class B 的 network 借了 1個bits,後者又稱為超級線路網。
可以明白如何用『 IP 地址』及『子網遮罩』計算出所屬之『網路』位址也。
如斯者自然清楚
位址解析協定
位址解析協定 (ARP) 是通過解析網路層位址來找尋資料鏈路層位址的一個在網路協定包中極其重要的網路傳輸協定。 ARP最初在1982年的RFC 826(徵求意見稿)[1]中提出並納入網際網路標準 STD 37. ARP 也可能指是在多數作業系統中管理其相關位址的一個行程。
ARP是通過網路位址(例:IPv4)來定位MAC位址 (也稱為乙太位址 )。 ARP已經在很多網路層和資料連結層之間得以實現,包括IPv4,Chaosnet, DECnet和Xerox PARC Universal Packet (PUP) 使用IEEE 802標準, 光纖分散式資料介面, X.25, 影格中繼和異步傳輸模式 (ATM), IEEE 802.3和IEEE 802.11標準上IPv4占了多數流量。
基本功能
在乙太網路協定中規定,同一區域網路中的一台主機要和另一台主機進行直接通訊,必須要知道目標主機的MAC位址。而在TCP/IP協定中,網路層和傳輸層只關心目標主機的IP位址。這就導致在乙太網路中使用IP協定時,資料鏈路層的乙太網路協定接到上層IP協定提供的資料中,只包含目的主機的IP位址。於是需要一種方法,根據目的主機的IP位址,獲得其MAC位址。這就是ARP協定要做的事情。所謂位址解析(address resolution)就是主機在傳送影格前將目標IP位址轉換成目標MAC位址的過程。
另外,當傳送主機和目的主機不在同一個區域網路中時,即便知道目的主機的MAC位址,兩者也不能直接通訊,必須經過路由轉發才可以。所以此時,傳送主機通過ARP協定獲得的將不是目的主機的真實MAC位址,而是一台可以通往區域網路外的路由器的MAC位址。於是此後傳送主機發往目的主機的所有影格,都將發往該路由器,通過它向外傳送。這種情況稱為委託ARP或ARP代理(ARP Proxy)。
在對等鏈路中不使用ARP,實際上在對等網路中也不使用MAC位址 ,因為在此類網路中分別已經取得了對端的IP位址。
在『乙太網』中的重要性呦◎
就讓我們藉著添加
‧ asix usb Gigabit ethernet adapter
‧ Gigabit ethernet hub
root@LEDE:~# opkg install kmod-usb-net-asix kmod-usb-net-asix-ax88179 Installing kmod-usb-net-asix (4.4.153-1) to root... Downloading http://downloads.lede-project.org/releases/17.01.6/targets/brcm2708/bcm2710/packages/kmod-usb-net-asix_4.4.153-1_arm_cortex-a53_neon-vfpv4.ipk Installing kmod-libphy (4.4.153-1) to root... Downloading http://downloads.lede-project.org/releases/17.01.6/targets/brcm2708/bcm2710/packages/kmod-libphy_4.4.153-1_arm_cortex-a53_neon-vfpv4.ipk Installing kmod-mii (4.4.153-1) to root... Downloading http://downloads.lede-project.org/releases/17.01.6/targets/brcm2708/bcm2710/packages/kmod-mii_4.4.153-1_arm_cortex-a53_neon-vfpv4.ipk Installing kmod-usb-net (4.4.153-1) to root... Downloading http://downloads.lede-project.org/releases/17.01.6/targets/brcm2708/bcm2710/packages/kmod-usb-net_4.4.153-1_arm_cortex-a53_neon-vfpv4.ipk Installing kmod-usb-net-asix-ax88179 (4.4.153-1) to root... Downloading http://downloads.lede-project.org/releases/17.01.6/targets/brcm2708/bcm2710/packages/kmod-usb-net-asix-ax88179_4.4.153-1_arm_cortex-a53_neon-vfpv4.ipk Configuring kmod-libphy. Configuring kmod-mii. Configuring kmod-usb-net. failed to find a module named usbnet Configuring kmod-usb-net-asix-ax88179. Configuring kmod-usb-net-asix.
[ 57.646918] usb 1-1.3: new high-speed USB device number 9 using dwc_otg
[ 57.772865] usb 1-1.3: New USB device found, idVendor=0b95, idProduct=1790
[ 57.779289] usb 1-1.3: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 57.785724] usb 1-1.3: Product: AX88179
[ 57.792017] usb 1-1.3: Manufacturer: ASIX Elec. Corp.
[ 57.798453] usb 1-1.3: SerialNumber: 00000000000001
[ 58.139087] ax88179_178a 1-1.3:1.0 eth1: register ‘ax88179_178a’ at usb-3f980000.usb-1.3, ASIX AX88179 USB 3.0 Gigabit Ethernet, 00:0e:c6:81:79:01
root@LEDE:~# ethtool eth1 Settings for eth1: Supported ports: [ TP MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Half 1000baseT/Full Supported pause frame use: No Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: Symmetric Advertised auto-negotiation: Yes Link partner advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Link partner advertised pause frame use: Symmetric Link partner advertised auto-negotiation: Yes Speed: 1000Mb/s Duplex: Full Port: MII PHYAD: 3 Transceiver: internal Auto-negotiation: on Supports Wake-on: pg Wake-on: g Current message level: 0x00000007 (7) drv probe link Link detected: yes
形成一個 OpenWrt + Hub + RPI 3B 『以太子網路』,測試一下自己對命令輸出『解讀』之功力☆
root@LEDE:~# ifconfig eth1 192.168.1.1 netmask 255.255.252.0 root@LEDE:~# ifconfig eth1 eth1 Link encap:Ethernet HWaddr 00:0E:C6:81:79:01 inet addr:192.168.1.1 Bcast:192.168.3.255 Mask:255.255.252.0 inet6 addr: fe80::20e:c6ff:fe81:7901/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:25 errors:0 dropped:0 overruns:0 frame:0 TX packets:20 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:5442 (5.3 KiB) TX bytes:1948 (1.9 KiB) root@LEDE:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.11.1 0.0.0.0 UG 0 0 0 wlan1 5.168.166.0 * 255.255.255.0 U 0 0 0 br-lan 5.168.168.0 * 255.255.255.0 U 0 0 0 br-wan 5.168.168.1 * 255.255.255.255 UH 0 0 0 br-wan 192.168.0.0 * 255.255.252.0 U 0 0 0 eth1 192.168.11.0 * 255.255.255.0 U 0 0 0 wlan1 192.168.11.1 * 255.255.255.255 UH 0 0 0 wlan1
pi@raspberrypi:~ifconfig eth0 eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.2.1 netmask 255.255.252.0 broadcast 192.168.3.255 inet6 fe80::abae:9d51:b364:fbba prefixlen 64 scopeid 0x20<link> ether b8:27:eb:c2:b0:6e txqueuelen 1000 (Ethernet) RX packets 771 bytes 99311 (96.9 KiB) RX errors 0 dropped 381 overruns 0 frame 0 TX packets 452 bytes 88607 (86.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 pi@raspberrypi:~
arp -n -i eth0 192.168.1.1 Address HWtype HWaddress Flags Mask Iface 192.168.1.1 ether 00:0e:c6:81:79:01 C eth0 pi@raspberrypi:~
sudo arp-scan --interface=eth0 --local Interface: eth0, datalink type: EN10MB (Ethernet) Starting arp-scan 1.9 with 1024 hosts (http://www.nta-monitor.com/tools/arp-scan/) 192.168.1.1 00:0e:c6:81:79:01 ASIX ELECTRONICS CORP. 1 packets received by filter, 0 packets dropped by kernel Ending arp-scan 1.9: 1024 hosts scanned in 6.436 seconds (159.11 hosts/sec). 1 responded
root@LEDE:~# arp -n -i eth1 192.168.2.1 IP address HW type Flags HW address Mask Device 192.168.11.1 0x1 0x2 4c:e6:76:c4:e3:ea * wlan1 5.168.168.2 0x1 0x2 4c:72:b9:41:49:e1 * br-wan 5.168.168.1 0x1 0x2 4c:e6:76:c4:ec:f8 * br-wan 192.168.2.1 0x1 0x2 b8:27:eb:c2:b0:6e * eth1
root@LEDE:~# arp-scan --interface=eth1 --local Interface: eth1, datalink type: EN10MB (Ethernet) WARNING: Cannot open MAC/Vendor file /usr/share/arp-scan/ieee-oui.txt: No such file or directory WARNING: Cannot open MAC/Vendor file /usr/share/arp-scan/ieee-iab.txt: No such file or directory WARNING: Cannot open MAC/Vendor file /usr/share/arp-scan/mac-vendor.txt: No such file or directory Starting arp-scan 1.9.2 with 1024 hosts (http://www.nta-monitor.com/tools-resources/security-tools/arp-scan/) 192.168.2.1 b8:27:eb:c2:b0:6e (Unknown) 1 packets received by filter, 0 packets dropped by kernel Ending arp-scan 1.9.2: 1024 hosts scanned in 6.132 seconds (166.99 hosts/sec). 1 responded
───
root@LEDE:~# ifconfig eth1 192.168.5.1 netmask 255.255.252.0
root@LEDE:~# ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:0E:C6:81:79:01
inet addr:192.168.5.1 Bcast:192.168.7.255 Mask:255.255.252.0
inet6 addr: fe80::20e:c6ff:fe81:7901/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2164 errors:0 dropped:0 overruns:0 frame:0
TX packets:2068 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:134804 (131.6 KiB) TX bytes:104348 (101.9 KiB)
root@LEDE:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.11.1 0.0.0.0 UG 0 0 0 wlan1
5.168.166.0 * 255.255.255.0 U 0 0 0 br-lan
5.168.168.0 * 255.255.255.0 U 0 0 0 br-wan
5.168.168.1 * 255.255.255.255 UH 0 0 0 br-wan
192.168.4.0 * 255.255.252.0 U 0 0 0 eth1
192.168.11.0 * 255.255.255.0 U 0 0 0 wlan1
192.168.11.1 * 255.255.255.255 UH 0 0 0 wlan1
pi@raspberrypi:~sudo ifconfig eth0 192.168.4.1 netmask 255.255.252.0 pi@raspberrypi:~
sudo arp-scan --interface=eth0 --local Interface: eth0, datalink type: EN10MB (Ethernet) Starting arp-scan 1.9 with 1024 hosts (http://www.nta-monitor.com/tools/arp-scan/) 192.168.5.1 00:0e:c6:81:79:01 ASIX ELECTRONICS CORP. 1 packets received by filter, 0 packets dropped by kernel Ending arp-scan 1.9: 1024 hosts scanned in 6.408 seconds (159.80 hosts/sec). 1 responded