TCP/IP详解 卷1 协议 英文版 第2版2025|PDF|Epub|mobi|kindle电子书版本百度云盘下载

TCP/IP详解 卷1 协议 英文版 第2版PDF格式电子书版下载

注意：本站所有压缩包均有解压码： 点击下载压缩包解压工具

Chapter 1 Introduction1

1.1 Architectural Principles2

1.1.1 Packets,Connections,and Datagrams3

1.1.2 The End-to-End Argument and Fate Sharing6

1.1.3 Error Control and Flow Control7

1.2 Design and Implementation8

1.2.1 Layering8

1.2.2 Multiplexing,Demultiplexing,and Encapsulation in Layered Implementations10

1.3 The Architecture and Protocols of the TCP/IP Suite13

1.3.1 The ARPANET Reference Model13

1.3.2 Multiplexing,Demultiplexing,and Encapsulation in TCP/IP16

1.3.3 Port Numbers17

1.3.4 Names,Addresses,and the DNS19

1.4 Internets,Intranets,and Extranets19

1.5 Designing Applications20

1.5.1 Client/Server20

1.5.2 Peer-to-Peer21

1.5.3 Application Programming Interfaces(APIs)22

1.6 Standardization Process22

1.6.1 Request for Comments(RFC)23

1.6.2 Other Standards24

1.7 Implementations and Software Distributions24

1.8 Attacks Involving the Internet Architecture25

1.9 Summary26

1.10 References28

Chapter 2 The Internet Address Architecture31

2.1 Introduction31

2.2 Expressing IP Addresses32

2.3 Basic IP Address Structure34

2.3.1 Classful Addressing34

2.3.2 Subnet Addressing36

2.3.3 Subnet Masks39

2.3.4 Variable-Length Subnet Masks(VLSM)41

2.3.5 Broadcast Addresses42

2.3.6 IPv6 Addresses and Interface Identifiers43

2.4 CIDR and Aggregation46

2.4.1 Prefixes47

2.4.2 Aggregation48

2.5 Special-Use Addresses50

2.5.1 Addressing IPv4/IPv6 Translators52

2.5.2 Multicast Addresses53

2.5.3 IPv4 Multicast Addresses54

2.5.4 IPv6 Multicast Addresses57

2.5.5 Anycast Addresses62

2.6 Allocation62

2.6.1 Unicast62

2.6.2 Multicast65

2.7 Unicast Address Assignment65

2.7.1 Single Provider/No Network/Single Address66

2.7.2 Single Provider/Single Network/Single Address67

2.7.3 Single Provider/Multiple Networks/Multiple Addresses67

2.7.4 Multiple Providers/Multiple Networks/Multiple Addresses(Multihoming)68

2.8 Attacks Involving IP Addresses70

2.9 Summary71

2.10 References72

Chapter 3 Link Layer79

3.1 Introduction79

3.2 Ethernet and the IEEE 802 LAN/MAN Standards80

3.2.1 The IEEE 802 LAN/MAN Standards82

3.2.2 The Ethernet Frame Format84

3.2.3 802.1p/q:Virtual LANs and QoS Tagging89

3.2.4 802.1AX:Link Aggregation(Formerly 802.3ad)92

3.3 Full Duplex,Power Save,Autonegotiation,and 802.1X Flow Control94

3.3.1 Duplex Mismatch96

3.3.2 Wake-on LAN(WoL),Power Saving,and Magic Packets96

3.3.3 Link-Layer Flow Control98

3.4 Bridges and Switches98

3.4.1 Spanning Tree Protocol(STP)102

3.4.2 802.1ak:Multiple Registration Protocol(MRP)111

3.5 Wireless LANs—IEEE 802.11(Wi-Fi)111

3.5.1 802.11 Frames113

3.5.2 Power Save Mode and the Time Sync Function(TSF)119

3.5.3 802.11 Media Access Control120

3.5.4 Physical-Layer Details:Rates,Channels,and Frequencies123

3.5.5 Wi-Fi Security129

3.5.6 Wi-Fi Mesh(802.11s)130

3.6 Point-to-Point Protocol(PPP)130

3.6.1 Link Control Protocol(LCP)131

3.6.2 Multilink PPP(MP)137

3.6.3 Compression Control Protocol(CCP)139

3.6.4 PPP Authentication140

3.6.5 Network Control Protocols(NCPs)141

3.6.6 Header Compression142

3.6.7 Example143

3.7 Loopback145

3.8 MTU and Path MTU148

3.9 Tunneling Basics149

3.9.1 Unidirectional Links153

3.10 Attacks on the Link Layer154

3.11 Summary156

3.12 References157

Chapter 4 ARP:Address Resolution Protocol165

4.1 Introduction165

4.2 An Example166

4.2.1 Direct Delivery and ARP167

4.3 ARP Cache169

4.4 ARP Frame Format170

4.5 ARP Examples171

4.5.1 Normal Example171

4.5.2 ARP Request to a Nonexistent Host173

4.6 ARP Cache Timeout174

4.7 Proxy ARP174

4.8 Gratuitous ARP and Address Conflict Detection(ACD)175

4.9 The arp Command177

4.10 Using ARP to Set an Embedded Device's IPv4 Address178

4.11 Attacks Involving ARP178

4.12 Summary179

4.1 3 References179

Chapter 5 The Internet Protocol(IP)181

5.1 Introduction181

5.2 IPv4 and IPv6 Headers183

5.2.1 IP Header Fields183

5.2.2 The Internet Checksum186

5.2.3 DS Fieldand ECN(Formerly Called the ToS Byte or IPv6 Traffic Class)188

5.2.4 IP Options192

5.3 IPv6 Extension Headers194

5.3.1 IPv6 Options196

5.3.2 Routing Header200

5.3.3 Fragment Header203

5.4 IP Forwarding208

5.4.1 Forwarding Table208

5.4.2 IP Forwarding Actions209

5.4.3 Examples210

5.4.4 Discussion215

5.5 Mobile IP215

5.5.1 The Basic Model:Bidirectional Tunneling216

5.5.2 Route Optimization(RO)217

5.5.3 Discussion220

5.6 Host Processing of IP Datagrams220

5.6.1 Host Models220

5.6.2 Address Selection222

5.7 Attacks Involving IP226

5.8 Summary226

5.9 References228

Chapter 6 System Configuration:DHCP and Autoconfiguration233

6.1 Introduction233

6.2 Dynamic Host Configuration Protocol(DHCP)234

6.2.1 Address Pools and Leases235

6.2.2 DHCP and BOOTP Message Format236

6.2.3 DHCP and BOOTP Options238

6.2.4 DHCP Protocol Operation239

6.2.5 DHCPv6252

6.2.6 Using DHCP with Relays267

6.2.7 DHCP Authentication271

6.2.8 Reconfigure Extension273

6.2.9 Rapid Commit273

6.2.10 Location Information(LCI and LoST)274

6.2.11 Mobility and Handoff Information(MoS and ANDSF)275

6.2.12 DHCP Snooping276

6.3 Stateless Address Autoconfiguration(SLAAC)276

6.3.1 Dynamic Configuration of IPv4 Link-Local Addresses276

6.3.2 IPv6 SLAAC for Link-Local Addresses276

6.4 DHCP and DNS Interaction285

6.5 PPP over Ethernet(PPPoE)286

6.6 Attacks Involving System Configuration292

6.7 Summary292

6.8 References293

Chapter 7 Firewalls and Network Address Translation(NAT)299

7.1 Introduction299

7.2 Firewalls300

7.2.1 Packet-Filtering Firewalls300

7.2.2 Proxy Firewalls301

7.3 Network Address Translation(NAT)303

7.3.1 Traditional NAT:Basic NAT and NAPT305

7.3.2 Address and Port Translation Behavior311

7.3.3 Filtering Behavior313

7.3.4 Servers behind NATs314

7.3.5 Hairpinning and NAT Loopback314

7.3.6 NAT Editors315

7.3.7 Service Provider NAT(SPNAT)and Service Provider IPv6 Transition315

7.4 NAT Traversal316

7.4.1 Pinholes and Hole Punching317

7.4.2 UNilateral Self-Address Fixing(UNSAF)317

7.4.3 Session Traversal Utilities for NAT(STUN)319

7.4.4 Traversal Using Relays around NAT(TURN)326

7.4.5 Interactive Connectivity Establishment(ICE)332

7.5 Configuring Packet-Filtering Firewalls and NATs334

7.5.1 Firewall Rules335

7.5.2 NAT Rules337

7.5.3 Direct Interaction with NATs and Firewalls:UPnP,NAT-PMP,and PCP338

7.6 NAT for IPv4/IPv6 Coexistence and Transition339

7.6.1 Dual-Stack Lite(DS-Lite)339

7.6.2 IPv4/IPv6 Translation Using NATs and ALGs340

7.7 Attacks Involving Firewalls and NATs345

7.8 Summary346

7.9 References347

Chapter 8 ICMPv4 and ICMPv6:Internet Control Message Protocol353

8.1 Introduction353

8.1.1 Encapsulation in IPv4 and IPv6354

8.2 ICMP Messages355

8.2.1 ICMPv4 Messages356

8.2.2 ICMPv6 Messages358

8.2.3 Processing of ICMP Messages360

8.3 ICMP Error Messages361

8.3.1 Extended ICMP and Multipart Messages363

8.3.2 Destination Unreachable(ICMPv4 Type 3,ICMPv6 Type 1)and Packet Too Big(ICMPv6 Type 2)364

8.3.3 Redirect(ICMPv4 Type 5,ICMPv6 Type 137)372

8.3.4 ICMP Time Exceeded(ICMPv4 Type 11,ICMPv6 Type 3)375

8.3.5 Parameter Problem(ICMPv4 Type 12,ICMPv6 Type 4)379

8.4 ICMP Query/Informational Messages380

8.4.1 Echo Request/Reply(ping)(ICMPv4 Types 0/8,ICMPv6 Types 129/128)380

8.4.2 Router Discovery:Router Solicitation and Advertisement(ICMPv4 Types 9,10)383

8.4.3 Home Agent Address Discovery Request/Reply(ICMPv6 Types 144/145)386

8.4.4 Mobile Prefix Solicitation/Advertisement(ICMPv6 Types 146/147)387

8.4.5 Mobile IPv6 Fast Handover Messages(ICMPv6 Type 154)388

8.4.6 Multicast Listener Query/Report/Done(ICMPv6 Types 130/131/132)388

8.4.7 Version 2 Multicast Listener Discovery(MLDv2)(ICMPv6 Type 143)390

8.4.8 Multicast Router Discovery(MRD)(IGMP Types 48/49/50,ICMPv6 Types 151/152/153)394

8.5 Neighbor Discovery in IPv6395

8.5.1 ICMPv6 Router Solicitation and Advertisement(ICMPv6 Types 133,134)396

8.5.2 ICMPv6 Neighbor Solicitation and Advertisement (IMCPv6 Types 135,136)398

8.5.3 ICMPv6 Inverse Neighbor Discovery Solicitation/Advertisement(ICMPv6 Types 141/142)401

8.5.4 Neighbor Unreachability Detection(NUD)402

8.5.5 Secure Neighbor Discovery(SEND)403

8.5.6 ICMPv6 Neighbor Discovery(ND)Options407

8.6 Translating ICMPv4 and ICMPv6424

8.6.1 Translating ICMPv4 to ICMPv6424

8.6.2 Translating ICMPv6 to ICMPv4426

8.7 Attacks Involving ICMP428

8.8 Summary430

8.9 References430

Chapter 9 Broadcasting and Local Multicasting(IGMP and MLD)435

9.1 Introduction435

9.2 Broadcasting436

9.2.1 Using Broadcast Addresses437

9.2.2 Sending Broadcast Datagrams439

9.3 Multicasting441

9.3.1 Converting IP Multicast Addresses to 802 MAC/Ethernet Addresses442

9.3.2 Examples444

9.3.3 Sending Multicast Datagrams446

9.3.4 Receiving Multicast Datagrams447

9.3.5 Host Address Filtering449

9.4 The Internet Group Management Protocol(IGMP)and Multicast Listener Discovery Protocol(MLD)451

9.4.1 IGMP and MLD Processing by Group Members("Group Member Part")454

9.4.2 IGMP and MLD Processing by Multicast Routers("Multicast Router Part")457

9.4.3 Examples459

9.4.4 Lightweight IGMPv3 and MLDv2464

9.4.5 IGMP and MLD Robustness465

9.4.6 IGMP and MLD Counters and Variables467

9.4.7 IGMP and MLD Snooping468

9.5 Attacks Involving IGMP and MLD469

9.6 Summary470

9.7 References471

Chapter 10 User Datagram Protocol(UDP)and IP Fragmentation473

10.1 Introduction473

10.2 UDP Header474

10.3 UDP Checksum475

10.4 Examples478

10.5 UDP and IPv6481

10.5.1 Teredo:Tunneling IPv6 through IPv4 Networks482

10.6 UDP-Lite487

10.7 IP Fragmentation488

10.7.1 Example:UDP/IPv4 Fragmentation488

10.7.2 Reassembly Timeout492

10.8 Path MTU Discovery with UDP493

10.8.1 Example493

10.9 Interaction between IP Fragmentation and ARP/ND496

10.10 Maximum UDP Datagram Size497

10.10.1 Implementation Limitations497

10.10.2 Datagram Truncation498

10.11 UDP Server Design498

10.11.1 IP Addresses and UDP Port Numbers499

10.11.2 Restricting Local IP Addresses500

10.11.3 Using Multiple Addresses501

10.11.4 Restricting Foreign IP Address502

10.11.5 Using Multiple Servers perPort503

10.11.6 Spanning Address Families:IPv4 and IPv6504

10.11.7 Lack of Flow and Congestion Control505

10.12 Translating UDP/IPv4 and UDP/IPv6 Datagrams505

10.13 UDP in the Internet506

10.14 Attacks Involving UDP and IP Fragmentation507

10.15 Summary508

10.16 References508

Chapter 11 Name Resolution and the Domain Name System(DNS)511

11.1 Introduction511

11.2 The DNS Name Space512

11.2.1 DNS Naming Syntax514

11.3 Name Servers and Zones516

11.4 Caching517

11.5 The DNS Protocol518

11.5.1 DNS Message Format520

11.5.2 The DNS Extension Format (EDNS0)524

11.5.3 UDP or TCP525

11.5.4 Question(Query)and Zone Section Format526

11.5.5 Answer,Authority,and AdditionalInformation Section Formats526

11.5.6 Resource Record Types527

11.5.7 Dynamic Updates(DNS UPDATE)555

11.5.8 Zone Transfers and DNS NOTIFY558

11.6 Sort Lists,Round-Robin,and Split DNS565

11.7 Open DNS Servers and DynDNS567

11.8 Transparency and Extensibility567

11.9 Translating DNS from IPv4 to IPv6(DNS64)568

11.10 LLMNR and mDNS569

11.11 LDAP570

11.12 Attacks on the DNS571

11.13 Summary572

11.14 References573

Chapter 12 TCP:The Transmission Control Protocol(Preliminaries)579

12.1 Introduction579

12.1.1 ARQ and Retransm ission580

12.1.2 Windows of Packets and Sliding Windows581

12.1.3 Variable Windows:Flow Control and Congestion Control583

12.1.4 Setting the Retransmission Timeout584

12.2 Introduction to TCP584

12.2.1 The TCP Service Model585

12.2.2 Reliability in TCP586

12.3 TCP Header and Encapsulation587

12.4 Summary591

12.5 References591

Chapter 13 TCP Connection Management595

13.1 Introduction595

13.2 TCP Connection Establishment and Termination595

13.2.1 TCP Half-Close598

13.2.2 Simultaneous Open and Close599

13.2.3 Initial Sequence Number(ISN)601

13.2.4 Example602

13.2.5 Timeout of Connection Establishment604

13.2.6 Connections and Translators605

13.3 TCP Options605

13.3.1 Maximum Segment Size(MSS)Option606

13.3.2 Selective Acknowledgment(SACK)Options607

13.3.3 Window Scale(WSCALE or WSOPT)Option608

13.3.4 Timestamps Option and Protection against Wrapped Sequence Numbers(PAWS)608

13.3.5 User Timeout(UTO)Option611

13.3.6 Authentication Option(TCP-AO)612

13.4 Path MTU Discovery with TCP612

13.4.1 Example613

13.5 TCP State Transitions616

13.5.1 TCP State Transition Diagram617

13.5.2 TIME_WAIT(2MSL Wait)State618

13.5.3 Quiet Time Concept624

13.5.4 FIN_WAIT_2 State625

13.5.5 Simultaneous Open and Close Transitions625

13.6 Reset Segments625

13.6.1 Connection Request to Nonexistent Port626

13.6.2 Aborting a Connection627

13.6.3 Half-Open Connections628

13.6.4 TIME-WAIT Assassination(TWA)630

13.7 TCP Server Operation631

13.7.1 TCP Port Numbers632

13.7.2 Restricting Local IP Addresses634

13.7.3 Restricting Foreign Endpoints635

13.7.4 Incoming Connection Queue636

13.8 Attacks Involving TCP Connection Management640

13.9 Summary642

13.10 References643

Chapter 14 TCP Timeout and Retransmission647

14.1 Introduction647

14.2 Simple Timeout and Retransmission Example648

14.3 Setting the Retransmission Timeout(RTO)651

14.3.1 The Classic Method651

14.3.2 The Standard Method652

14.3.3 The Linux Method657

14.3.4 RTT Estimator Behaviors661

14.3.5 RTTM Robustness to Loss and Reordering662

14.4 Timer-Based Retransmission664

14.4.1 Example665

14.5 Fast Retransmit667

14.5.1 Example668

14.6 Retransmission with Selective Acknowledgments671

14.6.1 SACK Receiver Behavior672

14.6.2 SACK Sender Behavior673

14.6.3 Example673

14.7 Spurious Timeouts and Retransmissions677

14.7.1 Duplicate SACK(DSACK)Extension677

14.7.2 The Eifel Detection Algorithm679

14.7.3 Forward-RTO Recovery(F-RTO)680

14.7.4 The Eifel Response Algorithm680

14.8 Packet Reordering and Duplication682

14.8.1 Reordering682

14.8.2 Duplication684

14.9 Destination Metrics685

14.10 Repacketization686

14.11 Attacks Involving TCP Retransmission687

14.12 Summary688

14.13 References689

Chapter 15 TCP Data Flow and Window Management691

15.1 Introduction691

15.2 Interactive Communication692

15.3 Delayed Acknowledgments695

15.4 Nagle Algorithm696

15.4.1 Delayed ACK and Nagle Algorithm Interaction699

15.4.2 Disabling the Nagle Algorithm699

15.5 Flow Control and Window Management700

15.5.1 Sliding Windows701

15.5.2 Zero Windows and the TCP Persist Timer704

15.5.3 Silly Window Syndrome(SWS)708

15.5.4 Large Buffers and Auto-Tuning715

15.6 Urgent Mechanism719

15.6.1 Example720

15.7 Attacks Involving Window Management723

15.8 Summary723

15.9 References724

Chapter 16 TCP Congestion Control727

16.1 Introduction727

16.1.1 Detection of Congestion in TCP728

16.1.2 Slowing Down a TCP Sender729

16.2 The Classic Algorithms730

16.2.1 Slow Start732

16.2.2 Congestion Avoidance734

16.2.3 Selecting between Slow Start and Congestion Avoidance736

16.2.4 Tahoe,Reno,and Fast Recovery737

16.2.5 Standard TCP738

16.3 Evolution of the Standard Algorithms739

16.3.1 NewReno739

16.3.2 TCP Congestion Control with SACK740

16.3.3 Forward Acknowledgment(FACK)and Rate Halving741

16.3.4 Limited Transmit742

16.3.5 Congestion Window Validation(CWV)742

16.4 Handling Spurious RTOs—the Eifel Response Algorithm744

16.5 An Extended Example745

16.5.1 Slow Start Behavior749

16.5.2 Sender Pause and Local Congestion(Event 1)750

16.5.3 Stretch ACKs and Recovery from Local Congestion754

16.5.4 Fast Retransmission and SACK Recovery(Event 2)757

16.5.5 Additional Local Congestion and Fast Retransmit Events759

16.5.6 Timeouts,Retransmissions,and Undoing cwnd Changes762

16.5.7 Connection Completion766

16.6 Sharing Congestion State767

16.7 TCP Friendliness768

16.8 TCP in High-Speed Environments770

16.8.1 HighSpeed TCP(HSTCP)and Limited Slow Start770

16.8.2 Binary Increase Congestion Control(BIC and CUBIC)772

16.9 Delay-Based Congestion Control777

16.9.1 Vegas777

16.9.2 FAST778

16.9.3 TCP Westwood and Westwood+779

16.9.4 Compound TCP779

16.10 Buffer Bloat781

16.11 Active Queue Management and ECN782

16.12 Attacks Involving TCP Congestion Control785

16.13 Summary786

16.14 References788

Chapter 17 TCP Keepalive793

17.1 Introduction793

17 2 Description795

17.2.1 Keepalive Examples797

17.3 Attacks Involving TCP Keepalives802

17.4 Summary802

17.5 References803

Chapter 18 Security:EA P,IPsec,TLS,DNSSEC,and DKIM805

18.1 Introduction805

18.2 Basic Principles of Information Security806

18.3 Threats to Network Communication807

18.4 Basic Cryptography and Security Mechanisms809

18.4.1 Cryptosystems809

18.4.2 Rivest,Shamir,and Adleman(RSA)Public Key Cryptography812

18.4.3 Diffie-Hellman-Merkle Key Agreement(aka Diffie-Hellman or DH)813

18.4.4 Signcryption and Elliptic Curve Cryptography(ECC)814

18.4.5 Key Derivation and Perfect Forward Secrecy(PFS)815

18.4.6 Pseudorandom Numbers,Generators,and Function Families815

18.4.7 Nonces and Salt816

18.4.8 Cryptographic Hash Functions and Message Digests817

18.4.9 Message Authentication Codes(MACs,HMAC,CMAC,and GMAC)818

18.4.10 Cryptographic Suites and Cipher Suites819

18.5 Certificates,Certificate Authorities(CAs),and PKIs821

18.5.1 Public Key Certificates,Certificate Authorities,and X.509822

18.5.2 Validating and Revoking Certificates828

18.5.3 Attribute Certificates831

18.6 TCP/IP Security Protocols and Layering832

18.7 Network Access Control:802.1X,802.1AE,EAP,and PANA833

18.7.1 EAP Methods and Key Derivation837

18.7.2 The EAP Re-authentication Protocol(ERP)839

18.7.3 Protocol for Carrying Authentication for Network Access(PANA)839

18.8 Layer 3 IP Security(IPsec)840

18.8.1 Internet Key Exchange(IKEv2)Protocol842

18.8.2 Authentication Header(AH)854

18.8.3 Encapsulating Security Payload(ESP)858

18.8.4 Multicast864

18.8.5 L2TP/IPsec865

18.8.6 IPsec NAT Traversal865

18.8.7 Example867

18.9 Transport Layer Security(TLS and DTLS)876

18.9.1 TLS 1.2877

18.9.2 TLS with Datagrams(DTLS)891

18.10 DNS Security(DNSSEC)894

18.10.1 DNSSEC Resource Records896

18.10.2 DNSSEC Operation902

18.10.3 Transaction Authentication(TSIG,TKE Y,and SIG(0))911

18.10.4 DNSSEC with DNS64915

18.11 DomainKeys Identified Mail(DKIM)915

18.11.1 DKIM Signatures916

18.11.2 Example916

18.12 Attacks on Security Protocols918

18.13 Summary919

18.14 References922

Glossary of Acronyms933

Index963