下载文档原格式
Linux之TCPIP内核参数优化/proc/sys/net目录所有的TCP/IP参数都位于/proc/sys/net目录下(请注意,对/proc/sys/net目录下内容的修改都是临时的,任何修改在系统重启后都会丢失),例如下面这些重要的参数:参数(路径+文件)描述默认值优化值/proc/sys/net/core/rmem_default默认的TCP数据接收窗口大小(字节)。
229376256960/proc/sys/net/core/rmem_max最大的TCP数据接收窗口(字节)。
131071513920/proc/sys/net/core/wmem_default默认的TCP数据发送窗口大小(字节)。
229376256960/proc/sys/net/core/wmem_max最大的TCP数据发送窗口(字节)。
131071513920/proc/sys/net/core/netdev_max_backlog在每个网络接口接收数据包的速率比内核处理这些包的速率快时,允许送到队列的数据包的最大数目。
10002000/proc/sys/net/core/somaxconn定义了系统中每一个端口最大的监听队列的长度,这是个全局的参数。
1282048/proc/sys/net/core/optmem_max表示每个套接字所允许的最大缓冲区的大小。
2048081920/proc/sys/net/ipv4/tcp_mem确定TCP栈应该如何反映内存使用,每个值的单位都是内存页(通常是4KB)。
第一个值是内存使用的下限;第二个值是内存压力模式开始对缓冲区使用应用压力的上限;第三个值是内存使用的上限。
在这个层次上可以将报文丢弃,从而减少对内存的使用。
对于较大的BDP 可以增大这些值(注意,其单位是内存页而不是字节)。
94011 125351 188022131072 262144 524288/proc/sys/net/ipv4/tcp_rmem为自动调优定义socket使用的内存。
Chapter 2 Internetworking Concepts OverviewObjectivesOn completion of this chapter, you will be able to perform the following tasks:•Describe how data traffic is exchanged between source and destination devices •Identify the roles and functions of a hub, switch, and router, and where they best fit in the network•Select the appropriate Cisco equipment for a given set of network requirementsDefining Componentsof the NetworkMain OfficeBranch OfficeHomeOfficeMobileUsersInternetFloor 2Floor 1Server FarmDefining the Componentsof a Network (cont.)BranchOffice Telecommuter ISDNRemote CampusNetwork Structure Defined byHierarchyDistribution LayerCore LayerAccess LayerAccess Layer Characteristics End station entry point to the networkAccess LayerDistribution LayerCharacteristics•Access LayerAggregation PointDistribution Layer •Routes traffic•Broadcast/MulticastDomains•Media Translation•Security•Possible point for remote accessCore Layer Characteristics•Fast transport to enterprise services •No packet manipulationCore LayerOSI Model OverviewApplication(Upper) LayersSession Presentation ApplicationOSI Model OverviewData Flow Layers Transport Layer Data Link Network Layer Physical Application(Upper)LayersSession Presentation ApplicationRole of Application LayersTelnet FTPUser InterfaceEXAMPLESApplicationTelnet FTPASCII EBCDIC JPEGUser Interface•How data is presented•Special processing such as encryptionEXAMPLESPresentationApplicationTelnet FTPASCII EBCDIC JPEGKeeping different applications’ data separateUser Interface•How data is presented •Special processing such as encryption Operating System/Application Access SchedulingEXAMPLESSessionPresentationApplicationKeeping different applications’ data separateUser Interface•How data is presented •Special processing such as encryption Telnet FTPASCII EBCDIC JPEGOperating System/Application Access SchedulingTransport Layer Data Link Network Layer EXAMPLESSessionPresentationApplicationRole of Data Flow LayersEIA/TIA-232V.35EXAMPLESPhysical•Move bits between devices•Specifies voltage, wire speed and802.3 / 802.2HDLC EIA/TIA-232V.35EXAMPLESData LinkPhysical•Combines bits into bytes and bytes into frames•Access to media using MAC address •Error detection not correction •Move bits between devices•Specifies voltage, wire speed and802.3 / 802.2HDLC EIA/TIA-232V.35IP IPXEXAMPLESNetworkData LinkPhysical•Combines bits into bytes and bytes into frames•Access to media using MAC address •Error detection not correction •Move bits between devices•Specifies voltage, wire speed and Provide logical addressing which routers use for path determinationTCP UDP SPX 802.3 / 802.2HDLC EIA/TIA-232V.35IP IPXEXAMPLESTransportData LinkPhysical•Reliable or unreliable delivery •Error correction before retransmit •Combines bits into bytes and bytes into frames•Access to media using MAC address •Error detection not correction •Move bits between devices•Specifies voltage, wire speed and NetworkProvide logical addressing which routers use for path determinationTCP UDP SPX 802.3 / 802.2HDLC EIA/TIA-232V.35IP IPXPresentation Application SessionEXAMPLES•Reliable or unreliable delivery •Error correction before retransmit •Combines bits into bytes and bytes into frames•Access to media using MAC address •Error detection not correction •Move bits between devices•Specifies voltage, wire speed and TransportData LinkPhysicalNetworkProvide logical addressing which routers use for path determinationEncapsulating DataTransportData LinkPhysicalNetwork Upper Layer DataUpper Layer DataTCP Header DataIP Header DataLLC Header DataMAC Header PresentationApplication SessionSegmentPacketBitsFramePDUFCSFCSUpper Layer DataDe-encapsulating DataLLC Hdr + IP + TCP + Upper Layer DataIP + TCP + Upper Layer DataTCP+ Upper Layer DataUpper Layer Data0101110101001000010TransportData LinkPhysicalNetworkPresentationApplicationSessionWritten Exercise: OSI ModelOSI Model PDU Functional Responsibilities Examples ApplicationPresentationSessionTransportNetworkData LinkPhysicalPhysical Layer FunctionsDefines•Media type•Connector type •Signaling type82.3 PhysicalPhysical Layer: Ethernet/802.3H ub HostsHost10Base2—Thin Ethernet10Base5—Thick Ethernet 10BaseT—Twisted PairHubs Operate at Physical layer PhysicalA B C D•All devices in the same collision domain •All devices in the same broadcast domain •Devices share the same bandwidthHubs: One Collision Domain •More end stations meansmore collisions•CSMA/CD is usedData Link layer FunctionsDefines•Physical source anddestination addresses•Higher layer protocol(Service Access Point)associated with frame •Network topology •Frame sequencing •Flow control •Connection-oriented or connectionless DataLinkPhysicalEIA/TIA-232v.35802.2802.3DataSource addFCSLengthDest add Variable 26640000.0C xx.xxxxVendor assignedIEEE assignedMAC Layer -802.3Data Link Layer Functions (cont.)Preamble Ethernet II uses “Type” here anddoes not use 802.2.MAC Address8# BytesDataDest SAP Source SAPData Source add FCSLength Dest add Variable11802.2 (SAP)MAC Layer -802.3Data Link Layer Functions (cont.)Ctrl1 or 232Preamble DataDest SAP AA Source SAP AA Variable11802.2 (SNAP)Ctrl 031 or 2OROUIIDType# Bytes# Bytes•Each segment has its own collision domain•All segments are in the same broadcast domainData LinkSwitches and Bridges Operateat Data Link LayerOR123124Switches•Each segment has its own collision domain •Broadcasts are forwarded to all segmentsMemory SwitchNetwork Layer Functions •Defines logicalsource anddestination addresses associated with a specific protocol •Defines paths through network •Interconnects multiple data links NetworkIP, IPXDataLinkPhysicalEIA/TIA-232v.35802.2802.3DataSourceaddressDestination addressIP Network Layer Functions (cont.)Header172.15.1.1NodeNetworkLogical AddressNetwork Layer End Station Packet1111111111111111000000000000000010101100000100000111101011001100BinaryMaskBinaryAddress172.16.122.204 255.255.0.017216122204255AddressMask255NetworkHostRouting Table NET INT Metric1 2 4S0S0E011.0 4.01.3 E04.3S02.2E02.1S04.14.21.11.2Routing TableNET INT Metric1 2 4E0S0S01•Logical addressing allows for hierarchical network •Configuration required•Uses configured information to identify paths to networksRouters: Operate at theNetwork Layer•Broadcast control•Multicast control•Optimal pathdetermination•Traffic management•Logical addressing•Connects to WANservicesUsing Routers to ProvideRemote AccessInternet Telecommuter Branch OfficeModem or ISDN TAMobile User Main OfficeTransport Layer Functions •Distinguishes betweenupper layer applications•Establishes end-to-endconnectivity betweenapplications•Defines flow control•Provides reliable or unreliable services for data transfer NetworkIPXIPTransportSPX TCP UDPReliable Transport LayerFunctionsSynchronizeAcknowledge, SynchronizeAcknowledgeData Transfer (Send Segments)SenderReceiverConnection EstablishedNetwork Device Domains Hub Bridge Switch RouterCollision Domains:1 4 4 4 Broadcast Domains:1 1 1 4。
网工必胜之TCP/IP整理:忘情水QQ:43963089BLOG:HDLC高级链路控制协议1。
HDLC的基本配置三种类型站:(1)主站:对链路进行控制,主站发出的帧叫命令帧;(2)从站:在主站的控制下工作,发出的帧的叫响应帧;(3)复合站:兼主站和从站的双重功能;两种链路配置:(1)不平衡配置:适用点对点和多点链路;(2)仅用于点对点链路。
三种数据传输方式:(1)正常响应模式:(Normal Response Mode,NRM)适应于不平衡配置,只有主站才能启动数据传输过程;(2)异步平衡模式(Asynchronous Balanced Mode,ABM),适用平衡配置,任一复合站可启动数据传输;(3)异步响应模式(Asynchronous Response Mode,ARM),适用不平衡模式,从站可自行启动数据传输。
2.HDLC帧结构FCS FE A C INFO1)帧标志F用01111110作为标志,为了保证数据的透明传输,利用了"增0删0"的技术。
2)地址字段A用于标识从站的的地址。
用在点对多点的链路中。
地址通常是8位长,经过协商之后可以使用扩展地址。
全1的八位组表示广播地址。
3)控制字段C见以下HDLC的帧类型;)。
4)信息字段INFO只有I帧和某些无编号帧含有信息字段。
5)帧校验序列FCSFCS中含有除标志字段之外的所有其他字段的检验和。
通常使用16 bit的CRC---CCITT标准产生的检验序列,有时也使用CRC-32产生的32位的校验序列。
3 HDLC帧类型1)信息帧0 N(S) PFN(R)信息帧除了承载用户数据之外还包含该帧的编号N(S),以及捎带的肯定应答顺序号N(R),PF位置1表示从站传输数据完毕(Final)。
置0代表主站发出的命令帧是询问(Polling),在ARM和ABM下,P/F位用于控制S帧和U帧交换过程。
2)管理帧(S)1 0 ss 0 0 0 0 PF N(R)管理帧用于进行差错和流量控制,当没有足够多的信息帧捎带管理/响应时,要发送专门的管理帧来实现控制。
Chapter 12 Establishing Serial Point-to-PointConnectionsObjectives•Configure HDLC and PPP protocols on a serial WAN connection•Configure PAP and CHAP authentication on a PPP connection•Verify proper point-to-point HDLC and PPP configurationWAN OverviewServiceProvider•WANs connect sites•Connection requirements vary depending on user requirements and costLeased Line(点对点)Synchronous serial Telephone Company Circuit-switched(按需拨号)Asynchronous serial, ISDN Layer 1Service Provider Packet-switched(帧中继)Synchronous serial WAN Connection Types:Layer 1Point-to-point orcircuit-switchedconnection中心交换机Customer PremisesEquipment接线箱Local LoopWAN service provider toll networkTrunks and switches Interfacing WAN ServiceProvidersProvider assigns connection parameters tosubscriberRouter connections 60针的接口支持所有标准Network connections at the CSU/DSU EIA/TIA-232EIA/TIA-449EIA-530V.35X.21CSU/DSUEnd userdeviceServiceProviderDTE DCE Serial Point-to-Point LeasedLine ConnectionsLeased LineCircuit-switched PPP , SLIP , HDLC HDLC, PPP , SLIP Packet-switchedX.25, Frame Relay, ATM Typical WAN EncapsulationProtocols: Layer 2Telephone Company Service ProviderHDLC Frame FormatCisco HDLCFlag Address Control Proprietary Data FCS Flag •Cisco’s HDLC has a proprietary data field to support multiprotocol on a single linkHDLCFlag Address Control Data FCS Flag •Supports only single protocol on a single link •Cisco HDLC is the default layer 2 protocol for Cisco router serial interfacesHDLC CommandRouter(config-if)#encapsulation hdlc •Enable hdlc encapsulation•HDLC is the default encapsulation on synchronous serial interfaces•If the network consists of Cisco and non-Cisco devices, you should PPP instead of HDLC,因为非cisco的设备不支持cisco HDLC封装格式PPP EncapsulationTCP/IPNovell IPXAppleTalk Multiple protocolencapsulations usingNCPs in PPP•PPP can carry packets from several protocol suites using Network Control Programs•PPP controls the setup of several link options using LCPLink setup and controlusing LCP in PPPAn Overview of PPPSynchronous or Asynchronous Physical MediaLink Control Protocol Authentication, other options Network Control Protocol PPP Data LinkLayerPhysicalLayer NetworkLayerIP CP IPX CP Many Others IPIPX Layer 3 Protocols Layering PPP ElementsPPP —A data link with network-layer servicesFeature How It Operates Protocol Authentication PAPCHAPPerform Challenge HandshakeRequire a passwordCompression Compress data at source;reproduce data atdestinationStacker orPredictorErrorDetectionAvoid frame loopingMonitor data dropped on linkMultilink Load balancing acrossmultiple links Multilink Protocol (MP)PPP LCP Configuration OptionsQualityMagic NumberPPP Authentication OverviewDialup orCircuit-SwitchedNetworkPPP Session Establishment1Link Establishment Phase2Optional Authentication Phase3 Network-Layer Protocol PhaseTwo PPP authentication protocols: PAP and CHAP•Passwords sent in clear text•Peer in control of attemptsProtocol Remote Router(SantaCruz)Central-Site Router (HQ)Hostname: santacruzPassword: boardwalk username santacruz password boardwalkPAP 2-Way Handshake“santacruz, boardwalk”Accept/RejectProtocol (cont.)A:Remote Router (SantaCruz)B:Central-Site Router(HQ)Hostname: santacruz Password: boardwalkusername santacruzpassword boardwalk CHAP3-Way HandshakeChallengeResponseAccept/Reject1、B向A发起连接的同时发送一个挑战口令(随机代码)给A;2、A用该代码来加密自己的主机名和密码,并发送给B;3、B用上述随机代码对保存在自己数据库中的A的主机名和密码进行同样的加密运算,并与A发过来的结果进行比较,如果二者一致,B向A发接受信号,反之,发拒绝信号。
