TCP数据包的行程以及每跳中的更改(发生IP地址和端口更改) [英] Journey of a TCP packet and changes (Ip address and port happens) in every hop
问题描述
我试图了解跃点期间IP数据包发生了什么样的结构变化.
I'm trying to understand what sort of structural changes happens to the IP packet during the Hop.
请允许我举例说明我的问题.
Allow me to please explain my question with example.
traceroute -w 1 google.com
traceroute to google.com (216.58.199.174), 64 hops max, 52 byte packets
1 192.168.0.1 (192.168.0.1) 1.055 ms 0.857 ms 0.822 ms
2 10.0.0.1 (10.0.0.1) 2.038 ms 1.477 ms 1.540 ms
3 * * *
4 114.79.130.1.dvois.com (114.79.130.1) 3.091 ms 2.076 ms 2.329 ms
5 10.241.1.6 (10.241.1.6) 3.245 ms 3.102 ms 3.358 ms
6 10.240.254.140 (10.240.254.140) 4.388 ms 2.149 ms 2.319 ms
7 10.240.254.1 (10.240.254.1) 3.067 ms 3.336 ms 2.852 ms
8 10.241.1.1 (10.241.1.1) 2.542 ms 2.339 ms 3.231 ms
9 1.186.191.10.dvois.com (1.186.191.10) 3.046 ms 3.076 ms 3.382 ms
10 216.239.62.212 (216.239.62.212) 3.290 ms 3.559 ms 3.466 ms
11 209.85.143.5 (209.85.143.5) 3.699 ms 3.250 ms 4.062 ms
12 bom05s08-in-f174.1e100.net (216.58.199.174) 3.739 ms 4.038 ms 3.803 ms
假设我正在向 google.com
源自我的机器的IP数据包的第一件事就是将这一位添加到数据包中.
The first thing the IP packet originated from my machine would do add this bit inside packet.
- (我的机器)源IP,即假定它是
192.168.0.100- 为简单起见,还为请求的来源分配了一个端口号,假设它是
6000
- 为简单起见,还为请求的来源分配了一个端口号,假设它是
- (My machine) source IP i.e assuming it is
192.168.0.100- also a port number is assigned from where the request was originated for simplicity let assume it is
6000
- also a port number is assigned from where the request was originated for simplicity let assume it is
IP数据包还包含其他细节,但仅关注这三个部分
现在我知道IP数据包是在跃点中借助其他设备/路由器从源传输到目的地的(如在traceroute输出中所见)
Now I know IP packet are transferred from source to destination with help of other devices / routers in hops (as can be seen in the traceroute output)
但是我不清楚源IP和IP地址是否正确. IP数据包中的端口在Hop中更新.
But what I'm not clear of whether the source IP & port inside the IP packet are update in Hop.
我认为是,因为来自服务器(此处为Google服务器)的响应方式可以中继回请求的预期发起者(即我的笔记本电脑)浏览器窗口).
I'm assuming it does because that way it response coming from the server (google server over here) can be relayed back to the intended originator of the request (that is my laptop browser window).
所以,如果我假设是正确的.
So If what I'm assuming is correct. Here how things work then
在我的路由器的第一跳上,我的路由器将源IP更新为192.168.0.1,并将源端口更新为6001(假设)
在内部,它维护一个反向条目表,告诉我,如果我碰巧在端口6001上的192.168.0.1上收到响应,那么我必须将其路由到192.168.0.100到端口6000.
On 1st Hop to my router my router update the source IP to 192.168.0.1 and source port to 6001(lets assume)
Internally it maintain a reverse entry table telling that If I ever happen to receive a response on 192.168.0.1 at port 6001 then I have to route it to 192.168.0.100 to port 6000.
与每个跃点(跳到114.79.130.1.dvois.com,1.186.191.10.dvois.com等)一样,更新条目,即源IP和源端口(在IP数据包中),并保持反向映射以将响应中继回去.
Like wise in each Hop(hop to 114.79.130.1.dvois.com , 1.186.191.10.dvois.com and others) a entry is update i.e source IP and source port(in IP packet) and reverse mapping is maintain to relay the response back.
我的理解正确吗?这也是MAC跃点发生的情况.
Is my understanding correct?. Also a what happen to MAC in hop.
推荐答案
您需要查看网络层.应用程序会将数据发送到传输层,例如TCP.
You need to look at the network layers. An application will send data to the Transport Layer, e.g. TCP.
TCP的地址称为端口,并且将应用程序分配给其中一个地址,在您的示例中为端口6000. TCP将对这些数据进行分段,并将TCP标头放在数据段上. TCP标头包含源端口号和目标端口号.
TCP has addresses called ports, and the application is assigned to one of the addresses, port 6000 in your example. TCP will segment these data and put TCP headers on the data segment. The TCP headers include the source and destination port number.
TCP会将段发送到第3层(IPv4或IPv6). IP会将TCP段封装为IP数据包. IP数据包头将包含源IP地址和目标IP地址.
TCP will send the segments to layer-3 (IPv4 or IPv6). IP will encapsulate the TCP segments into IP packets. The IP packet headers will contain the source and destination IP addresses.
IP会将IP数据包发送到第2层,例如以太网.并非所有的第2层协议都使用MAC地址. MAC地址由IEEE LAN协议使用.其他第2层协议使用其他内容,或根本不使用任何地址.以太网将第3层IP数据包封装在第2层以太网帧中.以太网帧将具有源和目标MAC地址.主机(您的计算机)将同时屏蔽源和目标第3层IP地址,以确定目标地址是否在同一LAN中.如果目标在同一LAN上,则将使用目标主机的MAC地址对帧进行寻址,否则,将使用已配置的网关作为目标主机的MAC地址对帧进行寻址.这将需要将第3层地址解析为第2层地址. ARP(地址解析协议)将查看目标主机MAC地址是否在其ARP缓存中.如果没有,它将发送ARP请求以获取目标MAC地址.
IP will send the IP packets to layer-2, e.g. ethernet. Not all layer-2 protocols use MAC addresses. MAC addresses are used by IEEE LAN protocols. Other layer-2 protocols use something else, or nothing at all for addressing. Ethernet will encapsulate the layer-3 IP packets in layer-2 ethernet frames. The ethernet frames will have the source and destination MAC addresses. The host (your computer) will mask both the source and destination layer-3 IP addresses to determine if the destination address is on the same LAN. If the destination is on the same LAN, the frames will be addressed with the MAC address of the destination host, otherwise they are addressed with the MAC address of the configured gateway as the destination host. This will require resolving the layer-3 addresses to the layer-2 addresses. ARP (Address Resolution Protocol) will look to see if the destination host MAC address is in its ARP cache. If not, it will send an ARP request to get the destination MAC address.
第2层然后将帧发送到第1层(物理接口)进行编码并放置在电线上.
Layer-2 will then send the frames to layer-1 (physical interface) to be encoded and placed on the wire.
当路由器接收到该帧时,会将包括MAC地址在内的第2层帧从数据包中剥离并丢弃,从而丢失原始的MAC地址.路由器将减少TTL并创建新的标头校验和,并检查第3层IP数据包中的目标地址.然后,路由器将在其路由表中查找如何获取目标IP地址.如果在其路由表中找不到到目标IP地址的路由,则将丢弃该数据包,否则路由器会将数据包切换到指向目标的下一个接口,并为新接口创建新的第2层帧.如果下一个接口是WAN接口,则可能会使用不使用MAC地址的PPP之类的东西.
When the frame is received by the router, the layer-2 frame, including the MAC addresses, is stripped off the packet and discarded, losing the original MAC addresses. The router will decrement the TTL and create a new header checksum, and inspect the layer-3 IP packet for the destination address. The router will then look up how to get to the destination IP address in its routing table. If it doesn't find a route to the destination IP address in its routing table, the packet is discarded, otherwise the router will switch the packet to the next interface toward the destination and create a new layer-2 frame for the new interface. If the next interface is a WAN interface, it may use something like PPP that doesn't use MAC addresses.
路径中的下一个路由器将获得新帧,并将重复路由过程.这种情况一直发生,直到数据包到达最后一个路由器,最后一个路由器将放在目标LAN的帧上.目标主机将按照与发送主机相反的顺序进行处理.目标主机将具有来自数据包和分段的源第3层和第4层地址,并且可以使用这些地址将源地址发送回源,方式与原始主机是发送方一样.
The next router in the path will get the new frame, and it will repeat the routing process. This happens until the packet gets to the last router, and the last router will put on a frame for the destination LAN. The destination host will process in reverse order from the sending host. The destination host will have the source layer-3 and layer-4 addresses from the packet and segment, and it can send back to the source using those addresses in the same manner that the original host was the sender.
路由器是第3层设备,它们仅查看第3层数据包,而不查看第4层网段.路由器只会更改数据包的TTL和标头校验和字段.
Routers are layer-3 devices, and they only look at the layer-3 packet, not into the layer-4 segment. A router will only change the TTL and Header Checksum fields of the packet.
这篇关于TCP数据包的行程以及每跳中的更改(发生IP地址和端口更改)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
