Real Computer Network

简介: 本文深入浅出地介绍了计算机网络的基本概念、服务提供商(如IDC、ISP)、公共与专用网络电路、IP地址及其归属、DNS解析机制、CDN内容分发网络以及代理等相关知识。文章不仅涵盖了基础概念,还探讨了网络优化和实际应用中的常见问题,帮助读者从不同角度理解计算机网络的运作原理。更多详细内容请参阅我的博客:[Real Computer Network](https://blog.timerring.com/posts/real-computer-network/)。

This article is also posted on my blog, feel free refer to it for the latest revisions: Real Computer Network

For the computer network, I believe that most people have learned it in the course of university or college. No matter whether you are familiar with it or not, this article will give you a different perspective of the network. It can really help you a lot.

Basic concepts

Providers

IDC: Internet Data Center, which is the data center of the internet. It is the place where the servers are located.

ISP: Internet Service Provider, which is the internet service provider. It is the company that provides the internet service.

Main Public Cloud Service Providers:

  • AWS: Amazon Web Services, which is the cloud service of Amazon.
  • Azure: Microsoft Cloud Service, which is the cloud service of Microsoft.
  • Alibaba Cloud: Alibaba Cloud, which is the cloud service of Alibaba.
  • GCP: Google Cloud Platform, which is the cloud service of Google.
  • PCCW(Recommended): Pacific Century CyberWorks, which is the internet service provider of Hong Kong, China.(make sure it is Two-way instead of one-way)

Besides, if your neighbors(the shared users of the server) are all "one-click script" masters, using serverspeeder, violent modification BBR, KCPTun multiple times more packet sending, etc. But you don't do any optimization, then even you have a whole submarine cable, you will still be slower than them.

When you buy a VPS, the bandwidth is provided by the operators which the VPS supplier purchase from the operators.

Network Circuits

Public Network

You can check your network AS info here: https://ipinfo.io/

  • International export: The international export is the last port of the internet in China when the traffic is going to the overseas. Mainly located in Beijing, Shanghai and Guangzhou.
  • 163: AS4134. The 163 network is the backbone of the internet in China. And mainly used by China Telecom. The backbone node is started with 202.97.

    There is basically no performance bottleneck when accessing each other within the 163 network in China. Congestion only occurs at the international export..

  • 169: AS4837. The 169 network is the backbone of the internet in China. And mainly used by China Unicom.

  • AS 9929: Also known as the former China Netcom Internet (CNCNET). The AS number of China Unicom's A network backbone is 9929. It was built by the China Netcom, and after the merger of China Netcom and China Unicom, so the A network was available. Now the users are less and mainly aims for the government.
  • AS9808: The AS9808 is the backbone of the internet in China. And mainly used by China Mobile. The PCCW line is currently among the lines between China and Hong Kong, China or those from China to other regions in Southeast Asia where transshipment in Hong Kong, China is required. It is the line with the best quality in China except for the pure CN2 GIA line.
  • Educational Network / China Science and Technology Network / Private Broadband.
  • CN2(CNCN): China telecom next carrier network, which is the backbone of the internet in China(Public network), which is more advanced than the old 163 network. The backbone node is started with 59.43.
    • CN2GT: CN2 Global Transit, cheaper but congested, in CN2 GT product in the city → province → international export section is 163 network, the international export → overseas access point section is CN2 network, the return is the same.
    • CN2GIA: CN2 Global Internet Access, expensive but less congested.(eg. Bandwagonhost has the most stable and cheapest CN2GIA line, but it is the key examined object of domestic.) GIA the whole network is CN2 network.

Dedicated Network

IPLC: International Private Leased Circuit, which is the international dedicated line.

But for many service suppliers, it is just the intranet of Alibaba(深港means Alicloud shenzhen -- Alicloud HK), which usually purchase multiple end to end IPLC lines to connect the every data center. Then it has two pros:

  1. The bandwidth in IPLC is dedicated, which is more stable than public network.(The decicated line is normally described the physical line, the most traffic in Submarine optical cable is the public network traffic and small part is the IPLC traffic.)
  2. The traffic when transiting, it will not go through the specific examination.

IEPL: International Ethernet Private Line, which is the enhanced version of IPLC. It is a dedicated management bandwidth service from end to end.

Anycast: it is a network technology that allows a single IP address to be broadcast to multiple locations. That means the IP will be the same, but the location is different.

This IP address is in the physical link between domestic and abroad. When users access this IP address, they will be connected to the nearest server. Just like the CDN.
The cons:

  1. The bandwidth is bind to the single IP address, so if it was DDOS, it is hard to deal with it.
  2. Expensive.

Service Concepts

The three major operators are paid inter-network settlement, which means the traffic you consume is across the operators, they will pay the cost internally.

QoS: Quality of Service, which is the service quality of the network. It can dynamically adjust the priority of the traffic, such as video calls(bandwidth first), online games(latency priority), etc.

SLA: Service Level Agreement, which is the agreement between the supplier and the user. It is the service level of the supplier.

BGP: Border Gateway Protocol, which can dynamically select the best route.(when you buy vps, you can easily find it on the supplier website) Which means the same IP in multiple operator's network is directly connected.

Redirect: Redirect data from one server to another. Alibaba Cloud public network transit is more common in small-scale suppliers redirect.

Port: The port is the communication endpoint of the network. It is the port of the server.

IP

IP database

IP Database stores IP address and physical address mapping.

  • The most used domestic IP database is IPIP.
  • The overseas is MaxMind.

Cellular Base Station

When using the cellular network, the IP address is the private IP address, and then it will be converted to the public IP address through the NAT. This situation leads to everyone using the same IP segment to access websites or apps. Generally, we refer to these relatively fixed IP segments as base station IP addresses.

  1. So it is hard to locate the IP address to the specific city, which means the same IP address can be in different cities. And sometimes a series of IP is assigned to the 2~3 cities.
  2. Due to the NAT,every IP address corresponds to many users, so suspending the IP address will affect many users.
  3. Roaming: When you are roaming, the IP address will be changed. It's mainly has three operators:
    • mobile: roaming to the local network. If your card is in Beijing, and you go to Shanghai, then you will see the IP of Shanghai.
    • Unicom and Telecom: roaming back to the local network. If your card is in Beijing, and you go to Shanghai, you will still see the IP of Beijing.
    • So that accounts for the reason why you are using your card abroad, you are still blocked to visit websites. Cause you are roaming back to china and then try to access the websites.

Check IP

https://ip.skk.moe/

IP question

Why the ip is not correct?

  1. You are using the phone to test? (It is the base station's fault)
  2. What is your current operator? (If it is the secondary operator, it is the fault of the third-party export)
  3. What browser are you using? (It is the cloud acceleration's fault)

What is the third-party export?

Every operator will not only have their customers, but also have to obtain the network export, but the backbone networks are built by primary operators. So if the secondary operator wants to access the internet, it will have to pay the access fee to the primary operator. The primary operator avoids the competition, so it will bring up an expensive fee. But some people in the primary operator will sell them in a lower price, which is usually used by the secondary operator informally.

IP attribution

The IP attribution identified based on your access purpose: Residential broadband, Business broadband, IDC, etc.

Native IP

Native IP: The operator's IP address. Broadcasting country is generally the same as registration country. Normally, it can used to unlock the hulu, netflix, etc. Because the Native IP is generally not used to the cloud computing service or have a good reputation.

Broadcast IP: The IP address of the VPS is not the same as the location of the VPS. That means this IP is from another country / region.

Streaming media unlock: Many streaming media platforms will restrict the specific IP access due to the copyright issues. Generally, the network operators(eg.HKT) have their own IP, which is used in commercial or Residential broadband. And the IP won't be blocked because they are all the objective customers. Besides, the Residential broadband is hard to blocked because it is dynamic.

Protocols

For more info, please refer to https://blog.timerring.com/posts/real-computer-network

DNS

DNS is the domain name system, which is the system that can translate the domain name to the IP address.

No matter how we use PPPoE to dial up or connect the optical cat through DHCP, the Internet service provider (ISP) will send you two DNS. For convenience, I call these two DNS as ISP DNS.

In the DNS resolution process, the user initiates a request to the recursive DNS, and the recursive DNS requests the resolution result from the authoritative DNS. In other words, the recursive DNS plays a forwarding role. The ISP's DNS is a recursive DNS; at the same time, some individuals or Internet service providers also set up their own recursive DNS for everyone to use, which is called public DNS.

Some famous public DNS:

For most people, the ISP DNS provided by the operator should be the most accurate and suitable, with a short response time and the most accurate CDN resolution result.

But the operator often does DNS pollution, it will lead the user to their cache server or some advertising mirror website or tamper the TTL, which will lead to the DNS load less.

But the public DNS does not accelerate the resolution speed. Public DNS is a local DNS service provided by some enterprises, which usually provides one or more Anycast IP addresses, but actually has multiple cluster services.

When users go online, the client will request the resolution from the A address in the cluster, this A address is called DNS entry; the public DNS will use the B address in the DNS cluster to compare with the IP library when judging the user's source, this B address is called DNS exit.

So in the process of going online, users will get the resolution from the DNS entry, and the NS server will allocate the intelligent resolution to the DNS exit. If the DNS entry does not have the requested resolution cache, it will request the upper DNS to query, and finally request to the NS server, till then the user get the resolution result.

Hence, when the DNS entry and the DNS exit are inconsistent with the user's actual network, it may lead to the DNS resolution result not being the optimal.

CDN

CDN is the content delivery network, which can provide the content to the user faster and more reliable via the nearest server.

Besides, the DNS exit is very important for CDN. The public DNS is essentially forwarding your query request to the upstream DNS; without EDNS, the authoritative DNS of the CDN will determine your operator and your location based on the request IP used by the public DNS (that is, the DNS exit), and then return the nearest node IP. In brief, CDN will return the nearest IP to the DNS exit.

For more information, you can refer my article A brief introduction to DNS

Proxy

For more info, please refer to https://blog.timerring.com/posts/real-computer-network

Ratio

For more info, please refer to https://blog.timerring.com/posts/real-computer-network

Latency

Note: The RTT is not the speed. The RTT is just the building time of the connection. The speed will depend on the shortcomings of the whole network.

PING

ping aims to send a ICMP request to the target host and wait for the response.

The program will estimate the loss rate of data packets and the round-trip delay time based on the time and the number of successful responses.

  • icmp ping: the classic ping. It test the latency between the machine and the transit server.
  • tcp ping / ​http ping: It test the latency of the data packages of corresponding protocol. Normally, it will be slower than the icmp ping.

Node selection mechanism

  • Load balancing
  • url-test: It normally send the request to specific url, and select the best node.
  • fall­back
  • SSID
目录
打赏
0
17
18
1
544
分享
相关文章
Investigating with Network-based Evidence
https://www.sans.org/webcasts/for572-network-forensics-preview-alive-investigating-network-base...
489 0
11G Highly Available Virtual IP (haip)
Highly Available Virtual IPStarting with Oracle RAC 11.2.0.2, Oracle has introduced Redundant Interconnect Usage feature to support IP failover.
1440 0
BotHunter – A Network Based Malware Infection Detection System!
  The BotHunter Users's Guide is here:   http://www.
740 0
802.11 Network Forensic Analysis
http://www.sans.org/reading-room/whitepapers/wireless/80211-network-forensic-analysis-33023 ...
798 0
Stack based vs Register based Virtual Machine Architecture
进程虚拟机简介 一个虚拟机是对原生操作系统的一个高层次的抽象,目的是为了模拟物理机器,本文所谈论的是基于进程的虚拟机,而不是基于系统的虚拟机,基于系统的虚拟机可以用来在同一个平台下去运行多个不同的硬件架构的操作系统,常见的有kvm,xen,vmware等,而基于进程的虚拟机常见的有JVM,PVM(python虚拟机)等,java和python的解释器将java和python的代码编译成JVM和P
3720 0

热门文章

最新文章

AI助理

你好,我是AI助理

可以解答问题、推荐解决方案等