ping www.baidu.com, from the execution of the command to the return of the result, you need to go through the following steps:
1. DNS resolution: wwwbaidu.com resolves to a specific IP address, because only the IP address is recognized when the packet travels over the network.
2. Find the routing table: After the IP address, the next step is to find the route, and the role of the route is to determine the next hop address of the packet.
3. Find the ARP table: after the next hop IP address, does it mean that the packet can be sent? No, because the packet ends up in transit and does not recognize the IP address, but only the MAC address. (Note that the ARP request here will only be sent if it cannot be found in the ARP table, and will be cached after the query is completed.) ARP requests are not resent during the validity period to improve efficiency. )
4. Packet sending: After having a MAC, the packets will be sent out from the network card, first to the switch, and then to the gateway through the switch.
Access Instructions If there are many requests on the same page, you can enable HTTP keepalives and reuse the connection to avoid the overhead caused by the 3-way handshake. http2.0 is further optimized to allow multiple request-response messages to be initiated simultaneously over a single HTTP 2 connection through multiplexing techniques. That is to say, you can send multiple CSS, JS, ** and other resources in one transmission, which can be reused, and not every request is 3 times 4 waves.
Note: Make good use of the built-in documentation and parameters.
Command + ?Help documentation.
Windows View Configuration: SystemInfo
The ipconfig and netstat commands are not followed by the IP address and host name, and the other three commands ping, tracert, and arp are followed by the host address.
Network Basic Series:
1、ping
It is used to detect the time it takes for a frame of data to be transmitted from the current host to the destination host. to determine if the network between the two computers is connected. ** Failure and identifying the source of the fault is very effective. The ping command is mainly based on icmp
Ping answers two basic questions: Is there a connection?What is the quality of the connection?
Common parameter: t causes the current host to continuously send data to the destination host until it is interrupted with ctrl c
n count specifies how many pings to make, where count is a positive integer value
ping www.baidu.com -4 count
2、ipconfig(ifconfig)
The following information can be obtained by using the ipconfig command without parameters: IP address, subnet mask, and default gateway. With ipconfig all, you can get more information: hostname, DNS server, node type, physical address of the network adaptor, IP address of the host, subnet mask, default gateway, etc.
ipconfig all to see if the local network configuration is correct.
MAC addresses, also known as physical addresses, hardware addresses, or link addresses, are written inside the hardware when produced by network equipment manufacturers. The MAC address is 48 bits long (6
bytes), usually expressed as 12 hexadecimal numbers, separated by colons for every 2 hexadecimal numbers, e.g"08:00:20:0a:8c:6d"It's just a mac land.
address, where the first 6 hexadecimal digits 08:00:20 represent the number of the network hardware manufacturer, which is assigned by the IEEE (Institute of Electrical and Electronics Engineers), and the last 3
The hexadecimal number 0a:8c:6d represents the serial number of a network product (such as a network card) manufactured by the manufacturer.
As long as you don't change your MAC address, your MAC address is unique (and probably not unique) in the world.
3、tracert
tracert is a simple network diagnostic tool that lists the routing nodes through which packets pass through (via the tracert command, you can know how many hosts pass between the local machine and the target host, that is, how many routes pass. ), and its latency per hop in the IP network. (The delay here refers to the time it takes for a packet to be sent from the information source to the destination, and the delay is also divided into many types - propagation delay, transmission delay, processing delay, queuing delay, etc., which is one of the bottlenecks of most ** performance).
Determine the path that the packet takes to reach the destination host, and displays the list of relay nodes through which the packet travels and the arrival time.
TraceRT is useful when solving problems in large networks with many intermediate components (routers or bridges).
tracert -?Help commands.
TraceRT IP address [-d].
tracert www.baidu.com
4. netstat (see port occupancy).
Understand the overall usage of your network. It can display the details of the network connection that is currently active, such as the type of protocol (see TCP, UDP), the IP address of the current host and the remote host (or hosts), and the connection status between them.
Netstat is a very useful tool for monitoring TCP IP networks, which can display the routing table, the actual network connections, and the status of each network interface device.
Status list. listen: In the listening state.
established: The online status of the established online.
time wait: The online is currently in a waiting state.
Ports smaller than 1024 typically run some network services, and ports larger than 1024 are used to establish connections to remote machines.
Open ports and connection information for the machine at a glance.
netstat -an is commonly used.
netstat -a lists all ports.
netstat -n shows all valid connections that have been established.
netstat -at lists all tcp ports.
netstat -au lists all UDP ports.
It's important to mention"-a"with"-n"Options. "-a"The option is intended to show all connections when not attached"-n"option when it is displayed on the local computer.
NetBIOS name + port number. And added"-n"After the option, it shows the local IP address + port number.
5. ARP (Address Resolution Protocol).
A TCP IP protocol that obtains a physical address based on an IP address. When a host sends a message, it broadcasts an ARP request containing the destination IP address to all hosts on the network and receives a return (response) message to determine the physical address of the destinationAfter receiving the return message, the IP address and physical address are stored in the local ARP cache for a certain period of time, and the ARP cache is queried directly on the next request to save resources. The NIC address used to display and modify a specific IP address.
arp /?Help menu.
arp -a to view the arp mapping table on the current computer. You can see whether the current ARP mapping is dynamic or static.
arp -d to clear the information.
arp -a to see all IP and physical addresses.
arp -a shows your computer's local arp table, that is, as long as your computer has accessed the same LAN through the TCP IP protocol, all machines will be displayed in it.
How to prevent ARP attacks: Use the arp -s command to bind the IP address and MAC address, and then use arp -a to display static.
The way to prevent others from blocking you with P2P is very simple: use an IP security policy in Group Policy to block all packets from the other party's computer, so that there is no way for you to communicate with each other, and he cannot control your traffic.
arp -s ip mac
6. nslookup (feel useless?)
You can specify the type of query, you can find out the time to live of a DNS record, and you can specify which DNS server to use for interpretation. This command can be used on computers that have the TCP IP protocol installed. Information primarily used to diagnose Domain Name System (DNS) infrastructure. nslookup (name server lookup): is a tool used to query Internet domain name information or diagnose DNS server problems.
nslookup www.baidu.com
7. Route (view the Windows route table).
There are many ways to get to the destination, and the routing table is to look at different routes.
route add command.
The routing table is divided into five columns. The first column is the network destination address. Lists all the network segments that the router is connected to. The netmask column provides the subnet mask of the segment itself, not the subnet mask of the NIC connected to the segment. This basically allows the router to determine the address class of the destination network.
The third column is the gateway. Once the router determines which destination it wants to send this packet to, the router looks at the list of gateways. The gateway table tells the router which IP address the packet should go to in order to reach the destination network.
The Interface column tells the router which NIC is connected to the appropriate destination network. Technically, the interface column only tells the router the IP address assigned to the network card. That network card connects the router to the destination network. However, routers are smart enough to know which physical NIC this address is bound to.
The last column is the measurements. Measurement is a science in itself. However, I will try to briefly explain to you what they do. One of the best ways I've heard to explain measurements is in airport terms. Imagine I need to fly from Garrot, North Carolina to Miami, Florida. Since Garrot Airport is very large, I have a lot of options when I want to go to Miami Beach. I can fly with Northwest Airlines. That flight took me to Detroit, Michigan, and from Detroit to Miami. I was also able to fly to Houston and then to Miami on a Continental Airlines flight. Another option is to fly directly to Miami on an American Airlines plane. Which route should I choose?
Look at the default route, which is 00.0.0 0 This route, there are two interfaces in total, which are 101.88.95 and 192168.10.45, the gateways are 101.1.254 and 192168.10.1。So which one will you take?Look at the number of hops in the back, the smallest one is the first.
NIC priority setting.
Under Windows, you can set the order of network service access, and connect to the adapter in the network connection -> change adapter -> menu bar advanced -> advanced settings -> adapter and binding.
9、net view
net view command to view the name of the computer on the local area network;(not a username), alas, only to see the PC
If you want the IP address of a computer name, you can directly enter the command "ping -4 computer name", and the ping command will display the IP address and packet time.
ping -4 yj-pc ping -4 username.
This method is very practical, and when you need to share, you can do it with one command without knowing the IP.
Q: In Win7, I want to see all the ICMP connections on the machine, but I forgot what the DOS command is?Asking for answers?
A: The dos command is: netstat -s -p icmp. I think that if you always forget how to check the command of the icmp connection, you should first understand what ICMP means, so that it is easy to remember this command.
What is ICMP.
ICMP is an Internet Control Message Protocol (ICMP). It is extremely important for network security, and its own characteristics determine that it is very easy to attack routers and hosts on the network.
ICMP is a subprotocol of the TCP IP protocol family and belongs to the network layer protocol.
Features of ICMP:
1. Detect whether the remote host exists.
2. Establish and maintain routing information.
3. Redirect data transmission path (ICMP redirection).
4. Data flow control. In communication, ICMP mainly uses different types and codes to allow machines to identify different connection conditions.
Accelerator: Broadband bandwidth is understood as the width of the expressway, which will not change the distance, high-speed vehicles, online game accelerator lanes (similar to bus dedication), routers wireless to wired domestic, the relationship between delay and distance is not large, especially after the large-scale popularization of optical fiber, optical signals are much faster than electrical signals. In fact, the latency is mainly related to the load of the network equipment. Our data has to cross many network nodes, and each packet has to go through more than one time before it finally reaches the game server. As domestic operators are overselling bandwidth, network equipment is under great pressure, and when the Internet access peaks, the network equipment is overwhelmed, the latency will rise, and the probability of packet loss will also increase.
linus command:
The telnet command is used to log in to the remote host and manage the remote host. Telnet uses clear text to transmit packets, which is not very secure.
netstat -a lists all ports.
netstat -at lists all tcp ports.
netstat -au lists all UDP ports.