User Datagram Protocol (UDP) is a connectionless transport layer protocol in OSI reference model, which provides simple and unreliable transaction-oriented information transmission service. UDP protocol is basically the interface between IP protocol and upper layer protocol. UDP protocol is suitable for multiple applications running on the same device. Since most network applications run on the same machine, the computer must be able to ensure that the software program on the destination machine can get the data packet from the source machine, and the source computer can receive the correct reply. This is done by using the "port number" of UDP. For example, if a workstation wants to use the domain name service system on workstation 128. 1.123.1,it will give the packet a destination address128.1and insert the destination port number 53 in the UDP header. The source port number identifies the application of the local computer requesting domain name service, and all response packets generated by the destination station need to be assigned to this port of the source host. GRE (GRE) Generic Routing Encapsulation (GRE) defines a protocol that encapsulates any other network layer protocol on any network layer protocol. In most cases, the system has a payload (or load) package that needs to be packaged and sent to the destination. First, the payload is encapsulated in a GRE packet, and then the GRE packet is encapsulated in other protocols and forwarded. The outgoing protocol is the sending protocol. When IPv4 is transmitted as a GRE payload, the protocol type field must be set to 0x800. When the tunnel terminal unpacks this GRE message containing IPv4 message as payload, it must use the destination address in the IPv4 header to forward the message, and the TTL of the payload message needs to be reduced. It is worth noting that when forwarding such a packet, if the destination address of the payload packet is the wrapper of the packet (that is, the other end of the tunnel), a loop phenomenon will occur. In this case, the packet must be discarded. When GRE packets are encapsulated in IPv4, IPv4 protocol 47 needs to be used. The network security under GRE is similar to the traditional IPv4 network security. The route under GRE adopts the original route used by IPv4, but the route filtering remains unchanged. Packet filtering requires the firewall to check GRE packets at the end of GRE tunnel or complete the filtering process. In case this is considered as a security problem, the tunnel can be terminated on the firewall. TCP/IP (Transmission Control Protocol/Internet Protocol) is an industrial standard protocol set, which is designed for wide area network (wan). It was developed by ARPANET Research Institute. Sometimes we describe TCP/IP as an Internet protocol family, and TCP and TCP and IP are two of them (which will be introduced later). Because TCP and IP are familiar protocols, the word TCP/IP or IP/TCP is used instead of the whole protocol set. Strangely, there is no need to argue about this habit. For example, sometimes we discuss that NFS is based on TCP/IP, even though it doesn't use TCP at all (only uses IP, and uses another interactive protocol UDP instead of TCP). Chinese Interpretation of Internet Control Message Protocol: (RFC-792) Internet Control Message Protocol You must be very familiar with TCP/IP protocol, but you may know nothing about ICMP protocol. ICMP protocol is a very important protocol, which is of great significance to network security. ICMP is the abbreviation of Internet Control Message Protocol. It is a sub-protocol of TCP/IP protocol family, which is used to transfer control messages between IP hosts and routers. Control message refers to the message of the network itself, such as whether the network is unreachable, whether the host is reachable, and whether the route is available. Although these control messages do not transmit user data, they play an important role in the transmission of user data. We often use ICMP protocol in the network, but we don't realize it. For example, we often use the Ping command to check whether the network can't pass. This "Ping" process is actually the process of ICMP protocol.