Useto loQhagamshelo lwe-TCP
Xa sikhangela iwebhu, sithumela i-imeyile, okanye sidlala umdlalo okwi-intanethi, asisoloko sicinga ngonxibelelwano oluntsonkothileyo lwenethiwekhi olusemva kwayo. Nangona kunjalo, ngala manyathelo abonakala emancinci aqinisekisa unxibelelwano oluzinzileyo phakathi kwethu kunye neseva. Elinye lamanyathelo abaluleke kakhulu kukuseta unxibelelwano lwe-TCP, kwaye eyona nto iphambili koku kuxhawulana ngeendlela ezintathu.
Eli nqaku liza kuxoxa ngomgaqo, inkqubo kunye nokubaluleka kokuxhawulana ngeendlela ezintathu ngokweenkcukacha. Inyathelo ngenyathelo, siza kuchaza ukuba kutheni kufuneka ukuxhawulana ngeendlela ezintathu, indlela okuqinisekisa ngayo uzinzo kunye nokuthembeka konxibelelwano, kunye nokuba kubaluleke kangakanani ekudluliseleni idatha. Ngokuqonda okunzulu ngokuxhawulana ngeendlela ezintathu, siza kuqonda ngcono iindlela ezisisiseko zonxibelelwano lwenethiwekhi kunye nombono ocacileyo wokuthembeka konxibelelwano lwe-TCP.
Inkqubo yokuXoxa ngeSixhobo seTCP kunye noTshintsho lweSizwe
I-TCP yinkqubo yothutho ejolise kunxibelelwano, efuna ukusekwa konxibelelwano ngaphambi kokuba idatha idluliselwe. Le nkqubo yokusekwa konxibelelwano yenziwa ngokuxhawulana ngeendlela ezintathu.
Makhe sijonge ngokusondeleyo iipakethi ze-TCP ezithunyelwa kuqhagamshelo ngalunye.
Ekuqaleni, zombini iklayenti kunye neseva ZIVALIWE. Okokuqala, iseva imamela ngokukhutheleyo kwizibuko kwaye ikwimeko ethi LISTEN, nto leyo ethetha ukuba iseva kufuneka iqaliswe. Okulandelayo, iklayenti ikulungele ukuqala ukufikelela kwiphepha lewebhu. Kufuneka iseke unxibelelwano neseva. Ifomathi yepakethi yokuqala yoqhagamshelwano yile ilandelayo:
Xa umthengi eqalisa unxibelelwano, uvelisa inombolo yolandelelwano lokuqala engacwangciswanga (client_isn) aze ayibeke kwindawo ethi "Inombolo yolandelelwano" yentloko ye-TCP. Kwangaxeshanye, umthengi useta indawo yeflegi ye-SYN ukuya ku-1 ukubonisa ukuba ipakethi ephumayo yipakethi ye-SYN. Umthengi ubonisa ukuba unqwenela ukuseka unxibelelwano neseva ngokuthumela ipakethi yokuqala ye-SYN kwiseva. Le pakethi ayinayo idatha yomaleko wesicelo (oko kukuthi, idatha ethunyelweyo). Kule ndawo, imeko yeklayenti iphawulwa njenge-SYN-SENT.
Xa iseva ifumana ipakethi ye-SYN kwiklayenti, iqalisa ngokungacwangciswanga inombolo yayo ye-serial (server_isn) ize ibeke loo nombolo kwicandelo elithi "Serial number" le-TCP header. Okulandelayo, iseva ifaka i-client_isn + 1 kwicandelo elithi "Acknowledgement number" ize isete zombini ii-SYN kunye ne-ACK bits zibe yi-1. Okokugqibela, iseva ithumela ipakethi kwiklayenti, engenazo idatha ye-application-layer (kwaye akukho datha yeseva yokuthumela). Ngeli xesha, iseva ikwimeko ye-SYN-RCVD.
Nje ukuba umthengi afumane ipakethi kwiseva, kufuneka enze olu lungiso lulandelayo ukuze aphendule kwipakethi yokugqibela yempendulo: Okokuqala, umthengi useta i-ACK bit ye-TCP header yepakethi yempendulo ku-1; Okwesibini, umthengi ufaka ixabiso i-server_isn + 1 kwicandelo elithi "Qinisekisa inombolo yempendulo"; Okokugqibela, umthengi uthumela ipakethi kwiseva. Le pakethi inokuthwala idatha ukusuka kumthengi ukuya kwiseva. Xa kugqityiwe le misebenzi, umthengi uya kungena kwi-ESTABLISHED state.
Nje ukuba iseva ifumane ipakethi yempendulo evela kumthengi, itshintshela kwi-ESTABLISHED state.
Njengoko unokubona kule nkqubo ingasentla, xa kusenziwa i-handshake endlela-ntathu, i-handshake yesithathu ivumelekile ukuba ithwale idatha, kodwa i-handshake ezimbini zokuqala azivumelekanga. Lo ngumbuzo odla ngokubuzwa kudliwanondlebe. Nje ukuba i-handshake endlela-ntathu igqityiwe, omabini amaqela angena kwi-ESTABLISHED state, ebonisa ukuba unxibelelwano lumiselwe ngempumelelo, apho umthengi kunye neseva banokuqala ukuthumelana idatha.
Kutheni bexhawulana kathathu? Hayi kabini, kane?
Impendulo eqhelekileyo ithi, "Kuba ukuxhawulana ngendlela yesithathu kuqinisekisa ukukwazi ukufumana nokuthumela." Le mpendulo ichanekile, kodwa sisizathu nje esingaphandle, asibonisi sizathu siphambili. Kolu landelayo, ndiza kuhlalutya izizathu zokuxhawulana ngendlela yesithathu kwiinkalo ezintathu ukuze ndiqonde ngakumbi le ngxaki.
Ukuxhawulana ngendlela ezintathu kunokuthintela ngempumelelo ukuqaliswa konxibelelwano oluphindaphindwayo ngokwembali (esona sizathu siphambili)
Ukuxhawulana kwabantu abathathu kuqinisekisa ukuba omabini amaqela afumene inombolo yokuqala yolandelelwano ethembekileyo.
Ukuxhawulana kwabantu abathathu kuthintela ukuchitha izixhobo.
Isizathu 1: Kuphephe ukujoyina okuphindwe kabini kwimbali
Ngamafutshane, isizathu esiphambili sokuxhawulana ngeendlela ezintathu kukuphepha ukudideka okubangelwa kukuqaliswa koqhagamshelo oludala oluphindwe kabini. Kwimeko-bume yenethiwekhi enzima, ukuhanjiswa kweepakethi zedatha akusoloko kuthunyelwa kwihost yendawo yokufikela ngokuhambelana nexesha elichaziweyo, kwaye iipakethi zedatha ezindala zinokufika kwihost yendawo yokufikela kuqala ngenxa yokuxinana kwenethiwekhi nezinye izizathu. Ukuthintela oku, i-TCP isebenzisa ukuxhawulana ngeendlela ezintathu ukuseka uqhagamshelo.
Xa umthengi ethumela iipakethi ezininzi zokusekwa koqhagamshelo lwe-SYN ngokulandelelana, kwiimeko ezifana nokuxinana kwenethiwekhi, oku kulandelayo kunokwenzeka:
1- Iipakethi ze-SYN ezindala zifika kwiseva ngaphambi kweepakethi ze-SYN zamva nje.
2- Iseva iza kuphendula ipakethi ye-SYN + ACK kumthengi emva kokufumana ipakethi endala ye-SYN.
3- Xa umthengi efumana ipakethi ye-SYN + ACK, ugqiba kwelokuba uqhagamshelo luqhagamshelo lwembali (inombolo yolandelelwano iphelelwe lixesha okanye ixesha liphelile) ngokwemeko yalo, aze emva koko athumele ipakethi ye-RST kwiseva ukuze iyeke uqhagamshelo.
Ngoqhagamshelo lwezandla ezimbini, akukho ndlela yokufumanisa ukuba uqhagamshelo lwangoku luqhagamshelo lwembali. Ukuxhawulana ngeendlela ezintathu kuvumela umthengi ukuba amisele ukuba uqhagamshelo lwangoku luqhagamshelo lwembali ngokusekelwe kumxholo xa sele lulungele ukuthumela ipakethi yesithathu:
1- Ukuba luqhagamshelo lwembali (inombolo yolandelelwano iphelelwe lixesha okanye ixesha liphelile), ipakethi ethunyelwe lulwamkelo lwesithathu yipakethi ye-RST yokuphelisa uqhagamshelo lwembali.
2- Ukuba ayilonxibelelwano lwembali, ipakethi ethunyelwe okwesithathu yipakethi ye-ACK, kwaye amaqela amabini anxibelelanayo aphumelele ekusekeni unxibelelwano.
Ke ngoko, isizathu esiphambili sokuba i-TCP isebenzise ukuxhawulana ngeendlela ezintathu kukuba iqalisa unxibelelwano ukuthintela unxibelelwano lwembali.
Isizathu sesi-2: Ukuvumelanisa amanani okuqala olandelelwano lwamaqela omabini
Omabini amacala eprotocol ye-TCP kufuneka agcine inombolo yolandelelwano, nto leyo ebalulekileyo ukuqinisekisa ukudluliselwa okuthembekileyo. Amanani olandelelwano adlala indima ebalulekileyo kunxibelelwano lwe-TCP. Benza oku kulandelayo:
Umamkeli unokususa idatha ephindwe kabini aze aqinisekise ukuchaneka kwedatha.
Umamkeli angafumana iipakethi ngokulandelelana kwenombolo yolandelelwano ukuqinisekisa ukuthembeka kwedatha.
● Inombolo yolandelelwano ingachonga ipakethi yedatha efunyenwe ngomnye umntu, nto leyo evumela ukudluliselwa kwedatha okuthembekileyo.
Ngoko ke, xa sele kusekwe uqhagamshelo lwe-TCP, umthengi uthumela iipakethi ze-SYN ezinenombolo yokuqala yolandelelwano kwaye ufuna umncedisi aphendule ngepakethi ye-ACK ebonisa ukwamkelwa ngempumelelo kwepakethi ye-SYN yomthengi. Emva koko, umncedisi uthumela ipakethi ye-SYN enenombolo yokuqala yolandelelwano kumthengi aze alinde umthengi ukuba aphendule, kube kanye, ukuqinisekisa ukuba iinombolo zokuqala zolandelelwano zihambelana ngokuthembekileyo.
Nangona ukuxhawulana ngeendlela ezine kunokwenzeka ukuvumelanisa ngokuthembekileyo amanani okuqala olandelelwano lwamaqela omabini, amanyathelo esibini nawesithathu anokudityaniswa abe linyathelo elinye, okubangela ukuxhawulana ngeendlela ezintathu. Nangona kunjalo, ukuxhawulana ngeendlela ezimbini kunokuqinisekisa kuphela ukuba inani lokuqala lolandelelwano lweqela elinye lifunyenwe ngempumelelo lelinye iqela, kodwa akukho siqinisekiso sokuba inani lokuqala lolandelelwano lwamaqela omabini linokuqinisekiswa. Ke ngoko, ukuxhawulana ngeendlela ezintathu lolona khetho lufanelekileyo lokuqinisekisa uzinzo kunye nokuthembeka konxibelelwano lwe-TCP.
Isizathu sesi-3: Kuphephe Ukuchitha Izinto Eziyimfuneko
Ukuba kukho "ukuxhawulana kabini" kuphela, xa isicelo se-SYN yomthengi sivaliwe kwinethiwekhi, umthengi akanakufumana ipakethi ye-ACK ethunyelwe yiseva, ngoko ke i-SYN iya kurhoxiswa. Nangona kunjalo, ekubeni kungekho kuxhawulana okwesithathu, umncedisi akanakukwazi ukumisela ukuba umthengi ufumene imvume ye-ACK yokumisela unxibelelwano. Ke ngoko, umncedisi unokuseka unxibelelwano kuphela emva kokufumana isicelo ngasinye se-SYN. Oku kukhokelela koku kulandelayo:
Ukulahlwa kwezixhobo: Ukuba isicelo se-SYN somthengi sivaliwe, nto leyo ebangela ukudluliselwa okuphindaphindiweyo kweepakethi ezininzi ze-SYN, iseva iya kumisela uqhagamshelo oluninzi olungasebenziyo emva kokufumana isicelo. Oku kukhokelela ekulahlweni kwezixhobo zeseva ngokungeyomfuneko.
Ukugcinwa kwemiyalezo: Ngenxa yokungaxhawuli okwesithathu, iseva ayinandlela yokwazi ukuba umthengi ufumene ngokuchanekileyo na imvume ye-ACK ukuze aseke unxibelelwano. Ngenxa yoko, ukuba imiyalezo ibambeka kwinethiwekhi, umthengi uya kuhlala ethumela izicelo ze-SYN ngokuphindaphindiweyo, nto leyo ebangela ukuba iseva ihlale iseka unxibelelwano olutsha. Oku kuya kwandisa ukuxinana kwenethiwekhi kunye nokulibaziseka kwaye kuchaphazele kakubi ukusebenza kwenethiwekhi iyonke.
Ngoko ke, ukuqinisekisa uzinzo nokuthembeka konxibelelwano lwenethiwekhi, i-TCP isebenzisa ukuxhawulana ngeendlela ezintathu ukuseka unxibelelwano ukuze kuthintelwe ukwenzeka kwezi ngxaki.
Isishwankathelo
IUmthengisi wePakethi yeNethiwekhiUkusekwa koqhagamshelo lwe-TCP kwenziwa ngokuxhawulana ngeendlela ezintathu. Ngexesha lokuxhawulana ngeendlela ezintathu, umthengi uqala ngokuthumela ipakethi eneflegi ye-SYN kwiseva, ebonisa ukuba ifuna ukuseka uqhagamshelo. Emva kokufumana isicelo esivela kumthengi, umncedisi uphendula ipakethi eneflegi ze-SYN kunye ne-ACK kumthengi, ebonisa ukuba isicelo soqhagamshelo samkelwe, kwaye athumele inombolo yakhe yokuqala yolandelelwano. Ekugqibeleni, umthengi uphendula ngeflegi ye-ACK kwiseva ukubonisa ukuba uqhagamshelo lusekwe ngempumelelo. Ngoko ke, amaqela amabini akwimeko ESTABLISHED kwaye angaqala ukuthumelana idatha.
Ngokubanzi, inkqubo yokubambana ngezandla ngeendlela ezintathu yokusekwa koqhagamshelo lwe-TCP yenzelwe ukuqinisekisa uzinzo kunye nokuthembeka koqhagamshelo, ukuthintela ukudideka kunye nokuchitha izixhobo ngenxa yoqhagamshelo lwembali, kunye nokuqinisekisa ukuba omabini amaqela ayakwazi ukufumana nokuthumela idatha.
Ixesha leposi: Jan-08-2025
