浅谈HTTP(简)TCP概念深入
Posted Adorable_Rocy
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了浅谈HTTP(简)TCP概念深入相关的知识,希望对你有一定的参考价值。
前言:当一个HTTP请求发送出去时,例如(www.baidu.com),是如何解析他的地址的呢?
1.DNS
1.当域名被传入过来的时候,会依据DNS服务器进行解析,得到域名的IP地址,向目标地址发送请求
[root@FATCATS network-scripts]# cat ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="dhcp"
ONBOOT="yes"
TYPE="Ethernet"
PERSISTENT_DHCLIENT="yes"
拓展:dhcp是动态分配IP地址,会根据当前网段进行IP地址的分发,从而完成无需手动分配也能获取分配的IP地址
2.以太网卡
我们可以根据自己的需定,创建网卡,我们在这里拓展已存在的网卡
[root@FATCATS network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:87:18:ba brd ff:ff:ff:ff:ff:ff
inet 192.168.0.91/24 brd 192.168.0.255 scope global noprefixroute dynamic eth0
valid_lft 55356sec preferred_lft 55356sec
inet6 fe80::f816:3eff:fe87:18ba/64 scope link
valid_lft forever preferred_lft forever
A:这个网卡是做什么的呢?
B:网卡中有mac地址以及IP地址,可以通过IP地址ping通
3.抓包
抓取80端口的数据包:tcpdump -nn -i eth0 port 80 or arp
[root@FATCATS ~]# tcpdump -nn -i eth0 port 80 or arp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
11:20:35.893420 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [S], seq 3059338248, win 29200, options [mss 1460,sackOK,TS val 775175501 ecr 0,nop,wscale 7], length 0
11:20:35.904263 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [S.], seq 3944752105, ack 3059338249, win 8192, options [mss 1452,sackOK,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,wscale 5], length 0
11:20:35.904284 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [.], ack 1, win 229, length 0
11:20:35.904356 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [P.], seq 1:78, ack 1, win 229, length 77: HTTP: GET / HTTP/1.1
11:20:35.915403 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [.], ack 78, win 908, length 0
11:20:35.916379 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [.], seq 1:1453, ack 78, win 908, length 1452: HTTP: HTTP/1.1 200 OK
11:20:35.916388 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [.], ack 1453, win 251, length 0
11:20:35.916397 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [P.], seq 1453:2782, ack 78, win 908, length 1329: HTTP
11:20:35.916403 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [.], ack 2782, win 274, length 0
11:20:35.916517 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [F.], seq 78, ack 2782, win 274, length 0
11:20:35.925923 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [P.], seq 1453:2782, ack 78, win 908, length 1329: HTTP
11:20:35.925937 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [.], ack 2782, win 274, options [nop,nop,sack 1 {1453:2782}], length 0
11:20:35.927487 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [.], ack 79, win 908, length 0
11:20:35.927609 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [F.], seq 2782, ack 79, win 908, length 0
11:20:35.927619 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [.], ack 2783, win 274, length 0
如上图所示:三次握手的过程
# FLAG1
11:20:35.893420 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [S], seq 3059338248, win 29200, options [mss 1460,sackOK,TS val 775175501 ecr 0,nop,wscale 7], length 0
# FLAG2
11:20:35.904263 IP 180.101.49.12.80 > 192.168.0.91.33446: Flags [S.], seq 3944752105, ack 3059338249, win 8192, options [mss 1452,sackOK,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,nop,wscale 5], length 0
11:20:35.904284 IP 192.168.0.91.33446 > 180.101.49.12.80: Flags [.], ack 1, win 229, length 0
FLAG1:
- Client —> Server
- Flags [S] , seq 3059338248, win 29200
- S --> SYN
FLAG2:
- Sever —> Client
- Flags [S.] , seq 3944752105, ack 3059338249, win 8192
- SYN + ack(. 代表的就是ack)
- ack = 3059338249 序列号是+1的
三次握手完整过程如上所示
以上是关于浅谈HTTP(简)TCP概念深入的主要内容,如果未能解决你的问题,请参考以下文章