三次握手.png
OSI模型和TCP/IP两种模型比较
相同点:
不同点:
IP(Internet Protocol)地址是IP协议提供的一种统一的地址格式,IP地址由32个二进制位表示并且每8个二进制位为一组,其范围为00000000.00000000.00000000.00000000~11111111.11111111.11111111.11111111,用十进制的整数表示为0.0.0.0~255.255.255.255。
我们将上述定义的IP地址按照特定的方式划分为以下A、B、C、D、E五类,其中D、E类IP地址非民用不予以讨论
网络类别 | 最大网络数 | IP地址范围 | 最大主机数 | 私有IP地址 |
---|---|---|---|---|
A | 126() | 1.0.0.0~126.255.255.255 | 16777214() | 10.0.0.0~10.255.255.255 |
B | 16384() | 128.0.0.0~191.255.255.255 | 65536() | 172.16.0.0~172.31.255.255 |
C | 2097152() | 192.0.0.0~223.255.255.255 | 254() | 192.168.0.0~192.168.255.255 |
注意:
。 B类别的前两组八位二进制数代表当前网段,C类别的前三组八位二进制数代表当前网段,所以B、C类别最大网络数可以依此计算出。
,B、C类别依此类推。
我们在前面提到由任意一个IP地址可以推断出网络地址、主机地址和广播地址,子网掩码(subnet mask)的主要作用在于分离出IP地址中的的网络地址和主机地址,同时子网掩码必须和IP地址同时使用。假如两台计算机要通信则需要判断两台计算机是否处于同一个网络地址,如果网络地址相同,表明接受方在本网络上,那么可以把数据包直接发送到目标主机,否则就需要路由网关将数据包转发送到目的地。子网掩码还用于将网络进一步划分为若干子网,以避免主机过多而拥堵或过少而IP浪费。
我们可以把IP地址比作收件地址,而端口号类比作收件人。所谓的端口就是通过IP地址查找到特定的服务器上之后,服务器上有很多的应用程序端口,而端口号是指将每个端口进行了编号。
基本格式:netstat [选项]
选项:
[root@dad panjianqiao]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN #监听
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 192.168.172.146:34914 85.12.30.226:443 ESTABLISHED #存在链接
tcp 0 0 192.168.172.146:57976 52.26.43.164:443 ESTABLISHED
tcp 0 0 192.168.172.146:40268 104.27.190.157:443 FIN_WAIT2
tcp 0 0 192.168.172.146:34908 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:54992 39.156.66.14:443 ESTABLISHED
tcp 0 0 192.168.172.146:40168 117.18.237.29:80 ESTABLISHED
tcp 0 0 192.168.172.146:34816 85.12.30.226:443 TIME_WAIT #超时
tcp 0 0 192.168.172.146:56874 203.208.50.95:443 ESTABLISHED
tcp 0 0 192.168.172.146:47874 52.84.44.53:443 ESTABLISHED
tcp 0 0 192.168.172.146:34842 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:46602 23.49.60.160:80 ESTABLISHED
tcp 0 0 192.168.172.146:34912 85.12.30.226:443 TIME_WAIT
tcp 0 0 192.168.172.146:52922 202.202.1.140:80 TIME_WAIT
tcp 0 0 192.168.172.146:34836 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:38628 34.211.94.5:443 ESTABLISHED
tcp 0 0 192.168.172.146:40258 104.27.190.157:443 ESTABLISHED
tcp 0 0 192.168.172.146:34890 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:55468 203.208.39.247:80 ESTABLISHED
tcp 0 0 192.168.172.146:49432 104.19.197.151:443 ESTABLISHED
tcp 0 0 192.168.172.146:47918 52.222.223.94:443 ESTABLISHED
tcp 0 0 192.168.172.146:35766 52.222.223.19:443 ESTABLISHED
tcp 0 0 192.168.172.146:55010 39.156.66.14:443 ESTABLISHED
tcp 0 0 192.168.172.146:34844 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:34904 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:49166 221.180.224.32:443 TIME_WAIT
tcp 0 0 192.168.172.146:39628 117.78.24.34:80 ESTABLISHED
tcp 0 0 192.168.172.146:56870 203.208.50.95:443 TIME_WAIT
tcp 0 0 192.168.172.146:34910 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:34834 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:34852 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:34894 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:55402 203.208.39.247:80 ESTABLISHED
tcp 0 0 192.168.172.146:52924 202.202.1.140:80 TIME_WAIT
tcp 0 0 192.168.172.146:55434 203.208.39.247:80 ESTABLISHED
tcp 0 0 192.168.172.146:34854 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:40206 117.18.237.29:80 ESTABLISHED
tcp 0 0 192.168.172.146:38382 203.208.40.96:443 ESTABLISHED
tcp 0 0 192.168.172.146:34916 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:58028 52.26.43.164:443 ESTABLISHED
tcp 0 0 192.168.172.146:52806 202.202.1.140:80 TIME_WAIT
tcp 0 0 192.168.172.146:52804 202.202.1.140:80 TIME_WAIT
tcp 0 0 192.168.172.146:49402 104.19.197.151:443 ESTABLISHED
tcp 0 0 192.168.172.146:56868 203.208.50.95:443 TIME_WAIT
tcp 0 0 192.168.172.146:56872 203.208.50.95:443 TIME_WAIT
tcp 0 0 192.168.172.146:55434 203.208.41.68:443 ESTABLISHED
tcp 0 0 192.168.172.146:34848 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:54980 39.156.66.14:443 ESTABLISHED
tcp 0 0 192.168.172.146:52808 202.202.1.140:80 TIME_WAIT
tcp 0 0 192.168.172.146:52920 202.202.1.140:80 TIME_WAIT
tcp 0 0 192.168.172.146:55432 203.208.39.247:80 ESTABLISHED
tcp 0 0 192.168.172.146:34832 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:34906 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:34824 85.12.30.226:443 ESTABLISHED
tcp 0 0 192.168.172.146:42554 203.208.41.78:443 ESTABLISHED
tcp 0 0 192.168.172.146:43944 54.186.208.3:443 ESTABLISHED
tcp 0 0 192.168.172.146:57072 151.139.128.14:80 ESTABLISHED
tcp6 0 0 :::111 :::* LISTEN
tcp6 0 0 :::22 :::* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 ::1:25 :::* LISTEN
udp 0 0 192.168.122.1:53 0.0.0.0:* #UDP不存在监听
udp 0 0 0.0.0.0:67 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 0.0.0.0:111 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp 0 0 192.168.172.146:44354 192.168.172.2:53 ESTABLISHED
udp 0 0 0.0.0.0:880 0.0.0.0:*
udp 0 0 0.0.0.0:43379 0.0.0.0:*
udp6 0 0 :::111 :::*
udp6 0 0 :::880 :::*
raw6 0 0 :::58 :::* 7
FTP:20 21
DNS(Domain Name System,域名系统,又叫做名称解析)是把域名指向互联网IP地址,人们可以通过域名直接访问到相应的IP地址,例如大连海事大学的域名为https://www.dlmu.edu.cn/,IP地址为202.118.86.88,我们可以直接通过域名访问网站,而不需要通过记忆IP地址。
hosts文件将IP和域名关联的文件,例如我在我的笔记本电脑上使用VMware安装两台CentOS虚拟机,一个命名为dad一个命名为son,修改hosts文件使得两台虚拟机可以相互访问,具体操作如下:
#在第一台centos虚拟机下的终端中:
[root@dad panjianqiao]# hostnamectl set-hostname dad #修改主机名名称为dad,此命令立即永久生效
[root@dad panjianqiao]# hostname #查看主机名称
dad
[root@dad panjianqiao]# ifconfig
ens33: flags=4163mtu 1500
inet 192.168.172.146 netmask 255.255.255.0 broadcast 192.168.172.255
#上一行行为dad主机的IP地址,子网掩码地址,广播地址
inet6 fe80::b151:66fa:86a8:77d4 prefixlen 64 scopeid 0x20
ether 00:0c:29:5a:b8:48 txqueuelen 1000 (Ethernet)
RX packets 91689 bytes 128904041 (122.9 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30004 bytes 2099851 (2.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 801 bytes 72812 (71.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 801 bytes 72812 (71.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:31:2d:b6 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#在第二台的虚拟机中执行相同的操作,修改主机名为son,具体操作读者可以自行完成
#修改hosts文件
[root@dad panjianqiao]# cat /etc/hosts #查看hosts文件
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
[root@dad panjianqiao]# vim /etc/hosts #编辑文件,在hosts文件加入主机名(也可是域名)和IP地址关联字段
#以下为添加好的文件内容,具体vim操作可以查阅相关资料
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.172.146 dad
192.168.172.145 son
至此,hosts文件修改完毕,使用ping命令测试两台虚拟机是否可以通信
#测试dad
[root@dad panjianqiao]# ping son
PING son (192.168.172.145) 56(84) bytes of data.
64 bytes from son (192.168.172.145): icmp_seq=1 ttl=64 time=0.549 ms
64 bytes from son (192.168.172.145): icmp_seq=2 ttl=64 time=0.661 ms
64 bytes from son (192.168.172.145): icmp_seq=3 ttl=64 time=0.709 ms
64 bytes from son (192.168.172.145): icmp_seq=4 ttl=64 time=0.609 ms
64 bytes from son (192.168.172.145): icmp_seq=5 ttl=64 time=0.636 ms
64 bytes from son (192.168.172.145): icmp_seq=6 ttl=64 time=0.649 ms
64 bytes from son (192.168.172.145): icmp_seq=7 ttl=64 time=0.783 ms
64 bytes from son (192.168.172.145): icmp_seq=8 ttl=64 time=0.911 ms
^Z
[3]+ Stopped ping son
#使用control和z退出ping操作
#测试son
[root@son panjianqiao]# ping dad
PING dad (192.168.172.146) 56(84) bytes of data.
64 bytes from dad (192.168.172.146): icmp_seq=1 ttl=64 time=0.582 ms
64 bytes from dad (192.168.172.146): icmp_seq=2 ttl=64 time=0.831 ms
64 bytes from dad (192.168.172.146): icmp_seq=3 ttl=64 time=0.854 ms
64 bytes from dad (192.168.172.146): icmp_seq=4 ttl=64 time=0.926 ms
64 bytes from dad (192.168.172.146): icmp_seq=5 ttl=64 time=1.03 ms
64 bytes from dad (192.168.172.146): icmp_seq=6 ttl=64 time=0.963 ms
64 bytes from dad (192.168.172.146): icmp_seq=7 ttl=64 time=0.733 ms
64 bytes from dad (192.168.172.146): icmp_seq=8 ttl=64 time=0.929 ms
两台虚拟机可以成功通信!
假如我们把所有域名和IP地址都写入到hosts文件中似乎可以解决通过域名访问,但是由于所有的IP地址过于庞大,而且hosts文件只针对当前主机文件有效,所以需要DNS服务对所有域名进行解析。
全球域名都有一个管理机构ICANN(Internet Corporation for Assigned Names and Numbers),总部在加州。但是全球的域名数量众多,ICANN不会自己去管理所有的域名,而是将域名托管,该域名的所有事项都由托管商负责,ICANN 只与托管商联系。
ICANN的一项主要工作是规定顶级域名(top level domain,简写为 TLD),TLD可以分为一般顶级域名(gTLD),例如.com
、.net
、.edu
、.org
等共有700多个,和国别顶级域名(ccTLD),例如.cn
、.hk
等共有300多个。
由于 ICANN 管理着所有的顶级域名,所以它是最高一级的域名节点,被称为根域名(root domain)。在有些场合,www.example.com
被写成www.example.com.
,即最后还会多出一个点。这个点就是根域名。理论上,所有域名查询都必须先查询根域名,因为只有根域名才能告诉你,某个顶级域名由哪台服务器管理。事实上也确实如此,ICANN 维护着一张列表,里面记载着顶级域名和对应的托管商。
路由器和交换机的作用