English

Iimfihlelo eziphambili zeNethiwekhi yePakethe yeBroker ye-TCP yoQhagamshelwano: Idityanisiwe imfuno yokuxhawula izandla kathathu

Ukuseta uQhagamshelwano lwe-TCP
Xa sijonga iwebhu, sithumela i-imeyile, okanye sidlala umdlalo we-intanethi, kaninzi asicingi ngoqhagamshelwano oluntsonkothileyo lwenethiwekhi emva kwayo. Nangona kunjalo, ngala manyathelo abonakala amancinci aqinisekisa unxibelelwano oluzinzileyo phakathi kwethu kunye nomncedisi. Elinye lawona manyathelo abalulekileyo kukuseta uqhagamshelo lwe-TCP, kwaye ingundoqo yale ndlela yindlela ezintathu zokuxhawula izandla.

Eli nqaku liza kuxubusha umgaqo, inkqubo kunye nokubaluleka kweendlela ezintathu zokuxhawula ngesandla ngokubanzi. Inyathelo ngenyathelo, siya kuchaza ukuba kutheni ukuxhawulana ngeendlela ezintathu kuyadingeka, ukuba kuqinisekisa njani ukuzinza nokuthembeka koqhagamshelo, kwaye kubaluleke kangakanani ukudluliselwa kwedatha. Ngokuqonda okunzulu kweendlela ezintathu zokubambisana, siya kufumana ukuqonda okungcono kweendlela ezisisiseko zonxibelelwano lwenethiwekhi kunye nombono ocacileyo wokuthembeka koqhagamshelwano lwe-TCP.

I-TCP yeendlela ezintathu zeNkqubo ye-Handshake kunye noTshintsho lukaRhulumente
I-TCP yiprotocol yezothutho ehambelana noqhagamshelwano, efuna ukusekwa koqhagamshelwano ngaphambi kokuhanjiswa kwedatha. Le nkqubo yokusekwa koqhagamshelwano yenziwa ngokuxhawula izandla ngeendlela ezintathu.

 Ukuxhawula izandla ngeendlela ezintathu kwe-TCP

Makhe sijonge ngakumbi kwiipakethi ze-TCP ezithunyelwa kuqhagamshelwano ngalunye.

Ekuqaleni, zombini umxhasi kunye nomncedisi IYAVALWA. Kuqala, umncedisi umamela ngokukhutheleyo kwizibuko kwaye ukwimo ethi MAMELELE, into ethetha ukuba umncedisi makaqaliswe. Okulandelayo, umxhasi ulungele ukuqalisa ukufikelela kwiphepha lewebhu.Ifuna ukuseka umdibaniso kunye nomncedisi. Ubume bepakethi yoqhagamshelo lokuqala lulandelayo:

 Ipakethi yeSYN

Xa umxhasi eqalisa uxhulumaniso, ivelisa inombolo yolandelelwano olungenamkhethe (client_isn) kwaye luyibeke kwindawo ethi "Inombolo yolandelelwano" ye-header ye-TCP. Ngexesha elifanayo, umxhasi ubeka indawo yeflegi ye-SYN kwi-1 ukubonisa ukuba ipakethe ephumayo yipakethi ye-SYN. Umxhasi ubonisa ukuba unqwenela ukuseka umdibaniso nomncedisi ngokuthumela ipakethe yokuqala ye-SYN kumncedisi. Le pakethi ayiqulathanga idatha yomaleko wesicelo (oko kukuthi, idatha ithunyelwe). Kweli nqanaba, ubume bomthengi buphawulwe njenge-SYN-SENT.

SYN+ACK ipakethe

Xa umncedisi efumana ipakethe ye-SYN kumxhasi, iqala ngokungenamkhethe inombolo yayo yothotho (server_isn) ize ibeke loo nombolo kwindawo ethi "Inombolo yothotho" yentloko ye-TCP. Okulandelayo, umncedisi ungenisa client_isn + 1 kwibala elithi "Inombolo yokuvuma" kwaye usete zombini ii-SYN kunye ne-ACK bits ukuya ku-1. Ekugqibeleni, umncedisi uthumela ipakethi kumxhasi, engenanto yedatha-yesicelo (kwaye akukho datha yomncedisi. ukuthumela). Ngeli xesha, iseva ikwimo ye-SYN-RCVD.

Ipakethi ye-ACK

Emva kokuba umxhasi efumana ipakethe kumncedisi, kufuneka enze ukulungiswa okulandelayo ukuze aphendule kwipakethi yokuphendula yokugqibela: Okokuqala, umxhasi ubeka i-ACK bit ye-TCP yentloko yepakethi yokuphendula kwi-1; Okwesibini, umxhasi ufaka ixabiso le-server_isn + 1 kwindawo ethi "Qinisekisa inombolo yempendulo"; Ekugqibeleni, umxhasi uthumela ipakethi kumncedisi. Le pakethi inokuthwala idatha ukusuka kumxhasi ukuya kumncedisi. Ekugqityweni kwale misebenzi, umxhasi uya kungena kwimo ESIKIWE.

Nje ukuba umncedisi efumene ipakethi yempendulo kumxhasi, iphinde itshintshele kwimo ESENZIWE.

Njengoko unokubona kule nkqubo ingentla, xa ubamba isandla ngeendlela ezintathu, ukuxhawula kwesithathu kuvunyelwe ukuthwala idatha, kodwa ukuxhawula izandla ezimbini zokuqala azikho. Lo ngumbuzo osoloko ubuzwa kudliwano-ndlebe. Emva kokuba i-handshake yeendlela ezintathu igqityiwe, omabini amaqela angena kwi-SEK ESTABLISHED state, ebonisa ukuba uxhulumaniso lusekwe ngempumelelo, apho umxhasi kunye nomncedisi unokuqalisa ukuthumela idatha komnye nomnye.

Kutheni kuxhawula izandla kathathu? Hayi kabini, kane?
Impendulo eqhelekileyo ithi, "Ngenxa yokuba ukuxhawula iindlela ezintathu kuqinisekisa ukukwazi ukufumana nokuthumela." Le mpendulo ichanekile, kodwa sisizathu esingaphezulu kuphela, asibeki esona sizathu siphambili. Koku kulandelayo, ndiza kuhlalutya izizathu zokuxhawulana ngezandla kathathu kwimiba emithathu ukwenza nzulu ukuqonda kwethu lo mba.

Ukuxhawula izandla ngeendlela ezintathu kunokunqanda ngokufanelekileyo ukuqaliswa koqhagamshelo oluphindaphindiweyo ngokwembali (esona sizathu siphambili)
Ukuxhawula izandla ngeendlela ezintathu kuqinisekisa ukuba omabini amaqela afumene inombolo ethembekileyo yolandelelwano lokuqala.
Ukuxhawula izandla ngeendlela ezintathu kunqanda ukuchitha izixhobo.

Isizathu 1: Kuphephe Ukudityaniswa okuPhindwayo kwezeMbali
Ngamafutshane, esona sizathu siphambili sokuxhawulana ngeendlela ezintathu kukuphepha ukubhideka okubangelwa kukuqaliswa koqhagamshelo oluphindwe kabini. Kwimeko yenethiwekhi enzima, ukuhanjiswa kweepakethi zedatha akusoloko kuthunyelwa kumphathi wendawo ngokuhambelana nexesha elichaziweyo, kwaye iipakethi zedatha ezindala zingafika kwindawo ekuyiwa kuyo kuqala ngenxa yokuxinana kwenethiwekhi kunye nezinye izizathu. Ukuze ugweme oku, i-TCP isebenzisa ukuxhawula ngeendlela ezintathu ukuseka uxhumano.

Ukuxhawulana ngeendlela ezintathu kuthintela uqhagamshelo oluphindwayo lwembali

Xa umxhasi ethumela iipakethi ezininzi zokusekwa koqhagamshelwano lweSYN ngokulandelelanayo, kwiimeko ezinje ngoxinaniso lwenethiwekhi, oku kulandelayo kunokwenzeka:

1- Iipakethi ezindala zeSYN zifika kwiseva phambi kweepakethi zeSYN zamva nje.
2- Umncedisi uya kuphendula i-SYN + ACK ipakethe kumxhasi emva kokufumana ipakethi endala ye-SYN.
3- Xa umxhasi efumana ipakethe ye-SYN + ACK, imisela ukuba uxhulumaniso luxhulumaniso lwembali (inombolo yokulandelelana iphelelwe lixesha okanye ixesha lokuphuma) ngokwemeko yalo, kwaye emva koko ithumela ipakethe yeRST kumncedisi ukulahla uxhulumaniso.

Ngoxhulumaniso lokuxhawula izandla ezimbini, akukho ndlela yokumisela ukuba uxhulumaniso lwangoku lunxibelelwano lwembali. Ukuxhawula izandla ngeendlela ezintathu kuvumela umxhasi ukuba aqinisekise ukuba uxhulumaniso lwangoku ludibaniso lwembali olusekwe kumxholo xa ilungele ukuthumela ipakethe yesithathu:

1- Ukuba ludibaniso lwembali (inombolo yolandelelwano iphelelwe okanye ixesha liphelile), ipakethi ethunyelwe yi-handshake yesithathu yi-RST ipakethi yokulahla uxhulumaniso lwembali.
I-2- Ukuba akusiyo uxhulumaniso lwembali, ipakethe ethunyelwe okwesithathu yipakethi ye-ACK, kwaye amaqela amabini anxibelelanayo aseka ngempumelelo uxhumano.

Ngoko ke, esona sizathu siphambili sokuba i-TCP isebenzise ukuxhawula kweendlela ezintathu kukuba iqalisa uxhulumaniso ukuthintela uxhulumaniso lwembali.

Isizathu 2: Ukungqamanisa amanani olandelelwano lokuqala lwamaqela omabini
Amacala omabini eprotocol ye-TCP kufuneka agcine inombolo yokulandelelana, eyona nto ibalulekileyo ekuqinisekiseni ukuhanjiswa okuthembekileyo. Amanani olandelelwano adlala indima ebalulekileyo kuqhagamshelo lwe-TCP. Benza oku kulandelayo:

Ummkeli unokuphelisa idatha ephindwe kabini kwaye aqinisekise ukuchaneka kwedatha.

Ummkeli unokufumana iipakethi ngokulandelelana kwenombolo yokulandelelana ukuqinisekisa ukunyaniseka kwedatha.

● Inombolo yolandelelwano inokuchonga ipakethi yedatha efunyenwe lelinye iqela, ivumela ukuhanjiswa kwedatha okuthembekileyo.

Ngoko ke, ekusekeni uxhulumaniso lwe-TCP, umxhasi uthumela iipakethi ze-SYN kunye nenombolo yokuqala yokulandelelana kwaye ifuna ukuba umncedisi aphendule ngepakethi ye-ACK ebonisa ukwamkelwa ngempumelelo kwepakethi ye-SYN yomxhasi. Emva koko, umncedisi uthumela ipakethe ye-SYN kunye nenombolo yokuqala yolandelelwano kumxhasi kwaye ilindele ukuba umxhasi aphendule, kube kanye, ukuqinisekisa ukuba amanani olandelelwano lokuqala ahambelana ngokuthembekileyo.

Ngqamanisa amanani othotho lokuqala lwamaqela omabini

Nangona ukuxhawulana kweendlela ezine kukwakhona ukulungelelanisa ngokuthembekileyo amanani olandelelwano lokuqala lwamaqela omabini, inyathelo lesibini nelesithathu linokudityaniswa libe linyathelo elinye, okukhokelela ekuxhawulaneni ngeendlela ezintathu. Nangona kunjalo, ukuxhawula izandla ezimbini kunokuqinisekisa kuphela ukuba inombolo yokuqala yolandelelwano lweqela elinye ifunyenwe ngempumelelo lelinye iqela, kodwa akukho siqinisekiso sokuba inani lokuqala lolandelelwano lwamaqela omabini linokuqinisekiswa. Ngoko ke, ukuxhanyulwa kwezandla ezintathu kuyindlela engcono kakhulu yokuthatha ukuze kuqinisekiswe ukuzinza nokuthembeka koqhagamshelwano lwe-TCP.

Isizathu 3: Kuphephe ukumosha izixhobo
Ukuba kukho kuphela "ukuxhawula izandla ezimbini", xa isicelo se-SYN somthengi sivaliwe kuthungelwano, umxhasi akakwazi ukufumana ipakethe ye-ACK ethunyelwe ngumncedisi, ngoko ke i-SYN iya kuthunyelwa. Nangona kunjalo, kuba akukho kuxhawula isandla kwesithathu, umncedisi akakwazi ukumisela ukuba umxhasi ufumene i-ACK yokuvuma ukuseka uxhulumaniso. Ke ngoko, umncedisi angaseka kuphela unxibelelwano emva kokufumana isicelo ngasinye se-SYN. Oku kukhokelela koku kulandelayo:

Inkcitho yemithombo: Ukuba isicelo se-SYN somthengi sivaliwe, okukhokelela ekugqithisweni okuphindaphindiweyo kweepakethi ezininzi ze-SYN, umncedisi uya kuseka uxhulumaniso oluninzi olungavumelekanga emva kokufumana isicelo. Oku kukhokelela kwinkcitho engeyomfuneko yemithombo yomncedisi.

Ugcino lomyalezo: Ngenxa yokunqongophala kokuxhawula isandla kwesithathu, umncedisi akanandlela yokwazi ukuba ngaba umxhasi ufumene uvumo lwe-ACK ukuseka umdibaniso. Ngenxa yoko, ukuba imiyalezo ibambekile kuthungelwano, umxhasi uya kuhlala ethumela izicelo ze-SYN ngokuphindaphindiweyo, ebangela ukuba umncedisi ahlale eseka uqhagamshelwano olutsha. Oku kuya kwandisa ukuxinana kwenethiwekhi kunye nokulibaziseka kwaye kuchaphazele kakubi ukusebenza kwenethiwekhi ngokubanzi.

Kuphephe ukumosha izixhobo

Ngoko ke, ukwenzela ukuba kuqinisekiswe ukuzinza kunye nokuthembeka koxhumo lwenethiwekhi, i-TCP isebenzisa i-handshake yeendlela ezintathu ukuseka ukudibanisa ukuphepha ukwenzeka kwezi ngxaki.

Isishwankathelo
INetwork Packet BrokerUkusekwa koqhagamshelo lwe-TCP kwenziwa ngokuxhawula izandla ngeendlela ezintathu. Ngexesha lokuxhawula iindlela ezintathu, umxhasi kuqala uthumele ipakethe eneflegi yeSYN kumncedisi, ebonisa ukuba ifuna ukuseka umdibaniso. Emva kokufumana isicelo kumxhasi, umncedisi uphendula ipakethe kunye neeflegi ze-SYN kunye ne-ACK kumxhasi, ebonisa ukuba isicelo soqhagamshelwano samkelwe, kwaye sithumela inombolo yakhe yokuqala yokulandelelana. Ekugqibeleni, umxhasi uphendula ngeflegi ye-ACK kumncedisi ukubonisa ukuba uxhulumaniso lusekwe ngempumelelo. Ngaloo ndlela, amaqela amabini akwimeko ESENZIWE kwaye angaqala ukuthumela idatha komnye nomnye.

Ngokubanzi, inkqubo ye-handshake yeendlela ezintathu zokusekwa koqhagamshelwano lwe-TCP yenzelwe ukuqinisekisa ukuzinza kunye nokuthembeka koxhulumaniso, ukuphepha ukudideka kunye nokuchithwa kwemithombo malunga nokudibanisa kwembali, kunye nokuqinisekisa ukuba amaqela omabini ayakwazi ukufumana nokuthumela idatha.

Ixesha lokuposa: Jan-08-2025
Cofa u-enter ukukhangela okanye i-ESC ukuvala