如果你的日常搬砖工作不是与底层协议栈紧密相关, 知道这些也没有什么用,并且很快就会忘记,其中任何一个分支领域都不容易,关联的知识也会非常多。
连接

连接的洪水攻击

断开

TCP/IP状态图详解

TCP socket 状态表
| State | Endpoint | Description |
|---|---|---|
| LISTEN | Server | Waiting for a connection request from any remote TCP end-point. |
| SYN-SENT | Client | Waiting for a matching connection request after having sent a connection request. |
| SYN-RECEIVED | Server | Waiting for a confirming connection request acknowledgment after having both received and sent a connection request. |
| ESTABLISHED | Server and client | An open connection, data received can be delivered to the user. The normal state for the data transfer phase of the connection. |
| FIN-WAIT-1 | Server and client | Waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent. |
| FIN-WAIT-2 | Server and client | Waiting for a connection termination request from the remote TCP. |
| CLOSE-WAIT | Server and client | Waiting for a connection termination request from the local user. |
| CLOSING | Server and client | Waiting for a connection termination request acknowledgment from the remote TCP. |
| LAST-ACK | Server and client | Waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request). |
| TIME-WAIT | Server or client | Waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request.[e] |
| CLOSED | Server and client | No connection state at all. |
Linux查看连接状态
[java@node101 ~]$ netstat -anp(Not all processes could be identified, non-owned process infowill not be shown, you would have to be root to see it all.)Active Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN -tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -tcp6 0 0 :::111 :::* LISTEN -tcp6 0 0 :::22 :::* LISTEN -tcp6 0 0 ::1:631 :::* LISTEN -udp 0 0 0.0.0.0:111 0.0.0.0:* -udp 0 0 0.0.0.0:5353 0.0.0.0:* -udp 0 0 0.0.0.0:37142 0.0.0.0:* -udp 0 0 192.168.122.1:53 0.0.0.0:* -udp 0 0 0.0.0.0:67 0.0.0.0:* -udp6 0 0 :::111 :::* -udp6 0 0 :::5353 :::* -udp6 0 0 :::43914 :::* -Active UNIX domain sockets (servers and established)Proto RefCnt Flags Type State I-Node PID/Program name Pathunix 2 [ ACC ] STREAM LISTENING 19622 - /run/rpcbind.sockunix 2 [ ACC ] STREAM LISTENING 41131 1999/gnome-session- @/tmp/.ICE-unix/1999unix 2 [ ACC ] STREAM LISTENING 20718 - @/org/kernel/linux/storage/multipathdunix 2 [ ACC ] STREAM LISTENING 42515 2134/ibus-daemon @/tmp/dbus-Dhv0BQv6unix 2 [ ACC ] STREAM LISTENING 26396 - /var/run/vmware/guestServicePipeunix 2 [ ACC ] STREAM LISTENING 25367 - @irqbalance789.sockunix 2 [ ACC ] STREAM LISTENING 29726 - /run/gssproxy.sockunix 2 [ ACC ] STREAM LISTENING 41223 2106/Xwayland @/tmp/.X11-unix/X0unix 2 [ ACC ] STREAM LISTENING 42033 - /run/user/1001/keyring/sshunix 2 [ ACC ] STREAM LISTENING 25434 - /var/lib/sss/pipes/private/sbus-monitorunix 2 [ ACC ] STREAM LISTENING 26993 - /var/lib/sss/pipes/private/sbus-dp_implicit_files.834
什么是IP分片
IP数据途径较小传输负载网络时的不断分片示意图

参考资料
- 什么是TCP/IP - https://en.wikipedia.org/wiki/Transmission_Control_Protocol
- 什么是半打开 - https://en.wikipedia.org/wiki/TCP_half-open
- 什么是SYN洪水 - https://en.wikipedia.org/wiki/SYN_flood
- 什么是SYNCookie - https://en.wikipedia.org/wiki/SYN_cookies
- 什么是网络拥塞 - https://en.wikipedia.org/wiki/Network_congestion
- 什么是拥塞控制 - https://en.wikipedia.org/wiki/TCP_congestion_control
- 什么是MTU - https://en.wikipedia.org/wiki/Maximum_transmission_unit
- 什么是IP分片 - https://en.wikipedia.org/wiki/IP_fragmentation
- Transmission_Control_Protocol
