RFC1122-A(中文版)

RFC编号题目2398Some Testing Tools for TCP Implementors2415Simulation Studies of Increased Initial TCP Window Size2416When TCP Starts Up With Four Packets Into Only Three Buffers2452IP Version 6 Management Information Base for the Transmission Control Protocol2525Known TCP Implementation Problems2581TCP Congestion Control2582The NewReno Modification to TCP’s Fast Recovery AlgorithmOngoing TCP Research Related to Satellites 27602861TCP Congestion Window Validation（检验）2873TCP Processing of the IPv4 Precedence Field2883An Extension to the Selective Acknowledgement (SACK) Option for TCPCongestion Control Principles 29142923TCP Problems with Path MTU Discovery2988 Computing TCP's Retransmission TimerEnhancing TCP’s Loss Recovery Using Limited 3042TransmitInappropriate TCP Resets Considered Harmful 3360Increasing TCP’s Initial Window33903449TCP Performance Implications of Network Path Asymmetry3465TCP Congestion Control with Appropriate Byte Counting (ABC)3481TCP over Second (2.5G) and Third (3G) Generation Wireless Networks3517A Conservative Selective Acknowledgment (SACK)-basedLoss Recovery Algorithm for TCPThe Eifel Detection Algorithm for TCP 3522内容废弃编号更新编号时间这篇文章列出了所有的tcp测试工具和测试报告 从名字 种类描述 自动化 有用性 需求环境参考文献 来介绍测试工具本文共列举了12个测试工具包1998.8括：分布式基准系统DBs，Dummynet，Netperf，NIST Net，Orchestra，Packet Shell，Tcpanaly，Tcptrace，Tracelook，Treno，Ttcp，Xplot本文涵盖了一些对增加TCP初始的窗口大小的影响的模拟研究在长时间的TCP连接(文件传输)和短暂的浏览方式连接进行建模。

File Transfer ProtocolFile Transfer Protocol (FTP) is a network protocol used to transfer data fromone computer to another through a network such as the Internet.FTP is a file transfer protocol for exchanging and manipulating files over a TCP computer network. A FTP client may connect to a FTP server to manipulate fileson that server. As there are many FTP client and server programs available for different operating systems, FTP is a popular choice for exchanging files independent of the operating systems involved.The TCP/IP model (RFC 1122)Application Layer BGP·DHCP·DNS·FTP·Gopher·GTP·HTTP·IMAP·IRC·NNTP·NTP·POP·RIP·RPC·RTCP·RTP·RTSP·SDP·SIP·SMTP·SNMP·SOAP·SSH·SSL·STUN·Telnet·TLS·XMPP·(more)Transport LayerTCP·UDP·DCCP·SCTP·RSVP·ECN·(more)Internet LayerIP (IPv4·IPv6) ·ICMP·ICMPv6·IGMP·IPsec·(more)Link Layer ARP·RARP·NDP·OSPF·Tunnels·Media Access Control·Device Drivers·(more)This box: view•talk•editConnection methodsFTP runs exclusively over TCP. It defaults to listen on port 21 for incoming connections from FTP clients. A connection to this port from the FTP Client forms the control stream on which commands are passed to the FTP server from theFTP client and on occasion from the FTP server to the FTP client. FTP uses out-of-band control, which means it uses a separate connection for control and data. Thus, for the actual file transfer to take place, a different connection is required which is called the data stream. Depending on the transfer mode, the process of setting up the data stream is different.In active mode, the FTP client opens a dynamic port, sends the FTP server the dynamic port number on which it is listening over the control stream and waits fora connection from the FTP server. When the FTP server initiates the data connection to the FTP client it binds the source port to port 20 on the FTP server.In order to use active mode, the client sends a PORT command, with the IP and port as argument. The format for the IP and port is "h1,h2,h3,h4,p1,p2". Eachfield is a decimal representation of 8 bits of the host IP, followed by the chosen data port. For example, a client with an IP of 192.168.0.1, listening on port 49154 for the data connection will send the command "PORT 192,168,0,1,192,2". The port fields should be interpreted as p1×256 + p2 = port, or, in this example,192×256 + 2 = 49154.In passive mode, the FTP server opens a dynamic port, sends the FTP client the server's IP address to connect to and the port on which it is listening (a 16-bit value broken into a high and low byte, as explained above) over the control stream and waits for a connection from the FTP client. In this case, the FTP client binds the source port of the connection to a dynamic port.To use passive mode, the client sends the PASV command to which the server would reply with something similar to "227 Entering Passive Mode(127,0,0,1,192,52)". The syntax of the IP address and port are the same as for the argument to the PORT command.In extended passive mode, the FTP server operates exactly the same as passive mode, however it only transmits the port number (not broken into high and low bytes) and the client is to assume that it connects to the same IP address that was originally connected to. Extended passive mode was added by RFC 2428 in September 1998.While data is being transferred via the data stream, the control stream sits idle. This can cause problems with large data transfers through firewalls which time out sessions after lengthy periods of idleness. While the file may well be successfully transferred, the control session can be disconnected by the firewall, causing an error to be generated.The FTP protocol supports resuming of interrupted downloads using the REST command. The client passes the number of bytes it has already received as argument to the REST command and restarts the transfer. In some commandline clients for example, there is an often-ignored but valuable command, "reget" (meaning "get again") that will cause an interrupted "get" command to be continued, hopefully to completion, after a communications interruption. Resuming uploads is not as easy. Although the FTP protocol supports the APPE command to append data to a file on the server, the client does not know the exact position at which a transfer got interrupted. It has to obtain the size of the file some other way, for example over a directory listing or using the SIZE command.In ASCII mode (see below), resuming transfers can be troublesome if client and server use different end of line characters.The objectives of FTP, as outlined by its RFC, are:1. To promote sharing of files (computer programs and/or data).2. To encourage indirect or implicit use of remote computers.3. To shield a user from variations in file storage systems among differenthosts.4. To transfer data reliably, and efficiently.Criticisms of FTP•Passwords and file contents are sent in clear text, which can be intercepted by eavesdroppers. There are protocol enhancements thatremedy this, for instance by using SSL, TLS or Kerberos.•Multiple TCP/IP connections are used, one for the control connection, and one for each download, upload, or directory listing. Firewalls may needadditional logic and/or configuration changes to account for theseconnections.•It is hard to filter active mode FTP traffic on the client side by using a firewall, since the client must open an arbitrary port in order to receive the connection. This problem is largely resolved by using passive mode FTP.•It is possible to abuse the protocol's built-in proxy features to tell a server to send data to an arbitrary port of a third computer; see FXP.•FTP is a high latency protocol due to the number of commands needed to initiate a transfer.•No integrity check on the receiver side. If a transfer is interrupted, the receiver has no way to know if the received file is complete or not. Someservers support extensions to calculate for example a file's MD5 sum (e.g.using the SITE MD5 command), XCRC, XMD5, XSHA or CRC checksum, however even then the client has to make explicit use of them. In theabsence of such extensions, integrity checks have to be managedexternally.•No date/timestamp attribute transfer. Uploaded files are given a new current timestamp, unlike other file transfer protocols such as SFTP, which allow attributes to be included. There is no way in the standard FTPprotocol to set the time-last-modified (or time-created) datestamp thatmost modern filesystems preserve. There is a draft of a proposedextension that adds new commands for this, but as of yet, most of thepopular FTP servers do not support it.Security problemsThe original FTP specification is an inherently insecure method of transferring files because there is no method specified for transferring data in an encrypted fashion. This means that under most network configurations, user names, passwords, FTP commands and transferred files can be "sniffed" or viewed by anyone on the same network using a packet sniffer. This is a problem common to many Internet protocol specifications written prior to the creation of SSL such asHTTP, SMTP and Telnet. The common solution to this problem is to use either SFTP (SSH File Transfer Protocol), or FTPS (FTP over SSL), which adds SSL or TLS encryption to FTP as specified in RFC 4217.FTP return codesMain article: List of FTP server return codesFTP server return codes indicate their status by the digits within them. A brief explanation of various digits' meanings are given below:•1xx: Positive Preliminary reply. The action requested is being initiated but there will be another reply before it begins.•2xx: Positive Completion reply. The action requested has been completed.The client may now issue a new command.•3xx: Positive Intermediate reply. The command was successful, but a further command is required before the server can act upon the request.•4xx: Transient Negative Completion reply. The command was not successful, but the client is free to try the command again as the failure is only temporary.•5xx: Permanent Negative Completion reply. The command was not successful and the client should not attempt to repeat it again.•x0x: The failure was due to a syntax error.•x1x: This response is a reply to a request for information.•x2x: This response is a reply relating to connection information.•x3x: This response is a reply relating to accounting and authorization.•x4x: Unspecified as yet•x5x: These responses indicate the status of the Server file system vis-a-vis the requested transfer or other file system action.Anonymous FTPA host which provides an FTP service may additionally provide Anonymous FTP access as well. Under this arrangement, users do not strictly need an account on the host. Instead the user typically enters 'anonymous' or 'ftp' when prompted for username. Although users are commonly asked to send their email address as their password, little to no verification is actually performed on the supplied data.As modern FTP clients typically hide the anonymous login process from the user, the ftp client will supply dummy data as the password (since the user's email address may not be known to the application). For example, the following ftp user agents specify the listed passwords for anonymous logins:•Mozilla Firefox (2.0) — mozilla@•KDE Konqueror (3.5) — anonymous@•wget (1.10.2) — -wget@•lftp (3.4.4) — lftp@The Gopher protocol has been suggested as an alternative to anonymous FTP, as well as Trivial File Transfer Protocol and File Service Protocol.[citation needed] Data formatWhile transferring data over the network, several data representations can be used. The two most common transfer modes are:1. ASCII mode2. Binary mode: In "Binary mode", the sending machine sends each file bytefor byte and as such the recipient stores the bytestream as it receives it.(The FTP standard calls this "IMAGE" or "I" mode)In "ASCII mode", any form of data that is not plain text will be corrupted. When a file is sent using an ASCII-type transfer, the individual letters, numbers, and characters are sent using their ASCII character codes. The receiving machine saves these in a text file in the appropriate format (for example, a Unix machine saves it in a Unix format, a Windows machine saves it in a Windows format). Hence if an ASCII transfer is used it can be assumed plain text is sent, which is stored by the receiving computer in its own format. Translating between text formats might entail substituting the end of line and end of file characters used on the source platform with those on the destination platform, e.g. a Windows machine receiving a file from a Unix machine will replace the line feeds with carriage return-line feed pairs. It might also involve translating characters; for example, when transferring from an IBM mainframe to a system using ASCII, EBCDIC characters used on the mainframe will be translated to their ASCII equivalents, and when transferring from the system using ASCII to the mainframe, ASCII characters will be translated to their EBCDIC equivalents.By default, most FTP clients use ASCII mode. Some clients try to determine the required transfer-mode by inspecting the file's name or contents, or by determining whether the server is running an operating system with the same text file format.The FTP specifications also list the following transfer modes:1. EBCDIC mode - this transfers bytes, except they are encoded in EBCDICrather than ASCII. Thus, for example, the ASCII mode server2. Local mode - this is designed for use with systems that are word-orientedrather than byte-oriented. For example mode "L 36" can be used totransfer binary data between two 36-bit machines. In L mode, the wordsare packed into bytes rather than being padded. Given the predominanceof byte-oriented hardware nowadays, this mode is rarely used. However,some FTP servers accept "L 8" as being equivalent to "I".In practice, these additional transfer modes are rarely used. They are however still used by some legacy mainframe systems.The text (ASCII/EBCDIC) modes can also be qualified with the type of carriage control used (e.g. TELNET NVT carriage control, ASA carriage control), although that is rarely used nowadays.Note that the terminology "mode" is technically incorrect, although commonly used by FTP clients. "MODE" in RFC 959 refers to the format of the protocol data stream (STREAM, BLOCK or COMPRESSED), as opposed to the format of the underlying file. What is commonly called "mode" is actually the "TYPE", which specifies the format of the file rather than the data stream. FTP also supports specification of the file structure ("STRU"), which can be either FILE (stream-oriented files), RECORD (record-oriented files) or PAGE (special type designed for use with TENEX). PAGE STRU is not really useful for non-TENEX systems, and RFC1123 section 4.1.2.3 recommends that it not be implemented.FTP and web browsersMost recent web browsers and file managers can connect to FTP servers, although they may lack the support for protocol extensions such as FTPS. This allows manipulation of remote files over FTP through an interface similar to that used for local files. This is done via an FTP URL, which takes the formftp(s)://<ftpserveraddress> (e.g., ftp:///). A password can optionally be given in the URL, e.g.:ftp(s)://<login>:<password>@<ftpserveraddress>:<port>. Most web-browsers require the use of passive mode FTP, which not all FTP servers are capable of handling. Some browsers allow only the downloading of files, but offer no way to upload files to the server.FTP and NAT devicesThe representation of the IPs and ports in the PORT command and PASV reply poses another challenge for NAT devices in handling FTP. The NAT device must alter these values, so that they contain the IP of the NAT-ed client, and a port chosen by the NAT device for the data connection. The new IP and port will probably differ in length in their decimal representation from the original IP and port. This means that altering the values on the control connection by the NAT device must be done carefully, changing the TCP Sequence and Acknowledgment fields for all subsequent packets.For example: A client with an IP of 192.168.0.1, starting an active mode transfer on port 1025, will send the string "PORT 192,168,0,1,4,1". A NAT device masquerading this client with an IP of 192.168.15.5, with a chosen port of 2000 for the data connection, will need to replace the above string with "PORT192,168,15,5,7,208".The new string is 23 characters long, compared to 20 characters in the original packet. The Acknowledgment field by the server to this packet will need to be decreased by 3 bytes by the NAT device for the client to correctly understand that the PORT command has arrived to the server. If the NAT device is not capable of correcting the Sequence and Acknowledgement fields, it will not be possible to use active mode FTP. Passive mode FTP will work in this case, because the information about the IP and port for the data connection is sent by the server, which doesn't need to be NATed. If NAT is performed on the server by the NAT device, then the exact opposite will happen. Active mode will work, but passive mode will fail.It should be noted that many NAT devices perform this protocol inspection and modify the PORT command without being explicitly told to do so by the user. This can lead to several problems. First of all, there is no guarantee that the used protocol really is FTP, or it might use some extension not understood by the NAT device. One example would be an SSL secured FTP connection. Due to the encryption, the NAT device will be unable to modify the address. As result, active mode transfers will fail only if encryption is used, much to the confusion of the user.The proper way to solve this is to tell the client which IP address and ports to use for active mode. Furthermore, the NAT device has to be configured to forward the selected range of ports to the client's machine.See also Application-level gatewayFTP over SSH (SFTP)FTP over SSH (SFTP) refers to the practice of tunneling a normal FTP session over an SSH connection.Because FTP uses multiple TCP connections (unusual for a TCP/IP protocol that is still in use), it is particularly difficult to tunnel over SSH. With many SSH clients, attempting to set up a tunnel for the control channel (the initial client-to-server connection on port 21) will protect only that channel; when data is transferred, the FTP software at either end will set up new TCP connections (data channels) which will bypass the SSH connection, and thus have no confidentiality, integrity protection, etc.If the FTP client is configured to use passive mode and to connect to a SOCKS server interface that many SSH clients can present for tunneling, it is possible to run all the FTP channels over the SSH connection.Otherwise, it is necessary for the SSH client software to have specific knowledge of the FTP protocol, and monitor and rewrite FTP control channel messages and autonomously open new forwardings for FTP data channels. Version 3 of SSH Communications Security's software suite, and the GPL licensed FONC are two software packages that support this mode.FTP over SSH is sometimes referred to as secure FTP; this should not be confused with other methods of securing FTP, such as with SSL/TLS (FTPS). Other methods of transferring files using SSH that are not related to FTP include SFTP and SCP; in each of these, the entire conversation (credentials and data) is always protected by the SSH protocol.See also•FTAM•FTPFS•List of FTP server return codes•List of FTP commands•List of file transfer protocols•OBEX•Shared file access•TCP Wrapper•Comparison of FTP client software•List of FTP server software•Comparison of FTP server softwareFurther readingThe protocol is standardized in RFC 959 by the IETF as:•RFC 959 File Transfer Protocol (FTP). J. Postel, J. Reynolds. Oct-1985.This obsoleted the preceding RFC 765 and earlier FTP RFCs back to the original RFC 114.•RFC 1579 Firewall-Friendly FTP.•RFC 2228 — FTP Security Extensions•RFC 2428 — Extensions for IPv6, NAT, and Extended passive mode Sep-1998.•RFC 3659 — Extensions to FTP. P. Hethmon. March-2007. External links•FTP Reviewed — a review of the protocol notably from a security standpoint•Raw FTP command list•FTP Sequence Diagram (in PDF format)Retrieved from "/wiki/File_Transfer_Protocol"。

1.表格表1 协议列表说明：●Vxworks中网络协议基本与4.4BSD网络兼容，但增强了实时性和某些特性。

●Vxworks支持的网络协议如下，但并没有指明版本号：应用层：NFS FTP TFTP DHCP SNTP TELNET MIB-II HTTP；传输层：TCP UDP；网络层：IP IP多播CIDR RIP OSPF ICMP ARP IGMP；链路层：Ethernet PPP SLIP CSLIP。

各个版本之间差别不是很大，基本的功能都是相同的。

2．各个网络协议的部分RFC标准RFC1122, 标准RFC3168, RFC6093, RFC6528均为建议标准RFC2228, RFC2640, 建议标准RFC2773, 实验性EXPERIMENTALRFC3659, RFC5797建议标准RFC1782, RFC1783, RFC1784, 建议标准RFC1785, INFORMATIONALRFC2347, RFC2348, RFC2349DRAFT STANDARDRFC1349建议标准RFC950, 标准协议RFC4884建议标准RFC5227, RFC5494建议标准RFC1957, international RFC2449, RFC6186建议标准RFC5506, RFC5761, RFC6051, RFC6222建议标准（14）RSTPRFC3265, RFC3853, RFC4320, RFC4916,RFC5393, RFC5621, RFC5626, RFC5630 , RFC5922, RFC5954, RFC6026, RFC6141建议标准RFC4822HTTPS不应与在RFC 2660中定义的安全超文本传输协议（S-HTTP）相混RFC5785建议标准。

PON技术问答摘要：在平时测试中经常碰到一些知识点,理解不够透彻,本文档对一些常用知识点进行了整理,希望对大家有所帮助。

关键字：MPCP ,OAM ,QOS,SCB与组播缩略语：在平时测试中经常碰到一些知识点,理解不够透彻,本文档对一些知识点进行整理,希望对大家有所帮助。

整理点如下：1、MPCP发现流程OLT ONUMessages sented in the broadcast channel 2Messages sented in the unicast channels1， OLT 发送一条Discovery Gate 消息给ONU （用于发现的授权） 2， 各个ONU 通过竞争，在窗口内发送REGister_REQ3， OLT 接收到后，经过验证，给ONU 发送REGister (包含OLT 给ONU 分配的LLID ，OLT 所支持的ONU 能力)启动定时器。

4， OLT 向onu 发送标准的GATE 消息——授权5， ONU 在OLT 的grant window 内返回REGISTER_ACK 消息，则完成MPCP 的注册 具体详细分析请看文档： 2、 OAM 扩展发现过程OLTONUE x te n d e d O A MD i s c o v e r y P r o c e s s1， OLT 首先发起OAM ext_INFO 消息，通知OLT 的OAM 扩展的OUI 版本及所支持的OUI_versionlist2， ONU 根据收到的OLT 消息，返回一个OAM ext_INFO 消息，将OUI 设置为OLT 的OUI ,VER=0x00 ,并将ONU 所支持的OUI_version 列表上报给OLT3， （ONU 支持OLT 的oui 版本，EXT_support=0x01）OLT 根据ONU 上报的信息，将OUI 和版本信息写入OAM EXT_INFO->OUI 和OAM Ext_Info->ver.z 发给ONU4， ONU 收到OLT 选择的oui 和版本信息返回确认信息，完成扩展OAM 的发现过程ONU OLT3、 搅动密钥的产生与同步1）产生：搅动密钥是ONU 由上行用户数据中提取的3字节数据与3字节随机数Exclusive OR (XOR)异或相加的结果。

中文RFC文档阅读101-700ＲＦＣ102 主机-主机协议故障清除委员会的说明ＲＦＣ103 中断键的执行ＲＦＣ104 连接191ＲＦＣ105 通过UCSB 进行远程登录和远程输出返回的网络说明书ＲＦＣ106 用户/服务器站点协议的网络主机问卷ＲＦＣ107 主机-主机协议故障清除委员会的说明ＲＦＣ108 1971年2月17-19日在Urbana 举行的NWG 会议的人员列表ＲＦＣ124 在ＲＦＣ107 中有印刷错误ＲＦＣ132 ＲＦＣ107 的排版错误ＲＦＣ148 ＲＦＣ123 的注释ＲＦＣ149 最好的铺设计划ＲＦＣ154 风格显示ＲＦＣ156 伊利诺斯州站点的状态: 响应ＲＦＣ116ＲＦＣ179 连接的数字分配ＲＦＣ185 NIC 分发手册ＲＦＣ188 数据管理会议公告ＲＦＣ198 站点证明-林肯实验室360/67ＲＦＣ204_利用报路ＲＦＣ218 改变IMP 状态报告设备ＲＦＣ228 澄清ＲＦＣ232 网络图形会议延缓ＲＦＣ245 预定网络工作组会议ＲＦＣ246 网络图形会议ＲＦＣ256 IMPSYS 变更通知ＲＦＣ276 NIC过程ＲＦＣ285 网络图形ＲＦＣ324 RJE 协议会议ＲＦＣ335 新界面- IMP/360ＲＦＣ348_放弃过程ＲＦＣ404 文件迁移协议的注释ＲＦＣ405 给TIP 用户的第二封信ＲＦＣ456 UCSB 的数据重置服务ＲＦＣ457_FTP 的服务器与服务器交互ＲＦＣ496 IMP/TIP 内存更新时间表(修订版2)ＲＦＣ516 丢失消息的检测ＲＦＣ591 在NVT ASCII UCSB和在线系统之间的实验输入映象ＲＦＣ621 “注意圣诞节的时候要把长袜挂在烟囱下面”ＲＦＣ628 更深的数据语言的设计观念ＲＦＣ634 最近的网络图ＲＦＣ637 SU-DSL网络地址的更改ＲＦＣ677 双重数据库的维护ＲＦＣ692 对于IMP/HOST 协议的改动的注释(ＲＦＣS 687 AND 690) ＲＦＣ697_FTP的CWD命令ＲＦＣ698_Telnet扩展ASCII选项中文RFC文档阅读701-1000ＲＦＣ763 角色邮箱ＲＦＣ775_面向目录的FTP 命令ＲＦＣ779_Telnet发送-位置选项ＲＦＣ792_Internet 控制信息协议ＲＦＣ797 位图文件格式ＲＦＣ821_简单邮件传输协议ＲＦＣ826_以太网地址转换协议或转换网络协议地址ＲＦＣ827_Exterior 网关协议(EGP)ＲＦＣ854_Telnet协议说明书ＲＦＣ855_Telnet选项说明书ＲＦＣ856_Telnet二进制传输ＲＦＣ857_Telnet回声选项ＲＦＣ858_Telnet抑制前进选项ＲＦＣ859_Telnet状态选项ＲＦＣ860_Telnet定时标记选项ＲＦＣ861_Telnet扩展选项列表选项ＲＦＣ862_回声协议ＲＦＣ863 废除协议ＲＦＣ864 字符产生协议ＲＦＣ865 白天协议的引用ＲＦＣ866 激活用户ＲＦＣ867 白天协议ＲＦＣ868_时间协议ＲＦＣ872_局域网上的TCP协议ＲＦＣ877_IP 数据包通过公共数据网络的传输标准ＲＦＣ888_STUB Exterior Gateway ProtocolＲＦＣ890_外部网关协议执行表ＲＦＣ894_IP 数据包通过以太网网络传输标准ＲＦＣ895_IP 数据包通过试验性以太网网络的传输标准ＲＦＣ896_在IPTCP internet网络中的拥塞控制ＲＦＣ903_反向地址转换协议ＲＦＣ911 BERKELEY UNIX 4.2下的EGP网关ＲＦＣ917_因特网子网ＲＦＣ918 邮局协议ＲＦＣ925_多局域网地址解决ＲＦＣ930_Telnet终端类型选项ＲＦＣ932_子网地址分配方案ＲＦＣ937_邮局协议( 版本2)ＲＦＣ948_IP 数据包通过IEEE 802.3 网络传输的两种方法ＲＦＣ949_FTP 未公开的独特命令ＲＦＣ951_引导协议(BOOTP)ＲＦＣ955_朝向一个处理过程应用的传输服务ＲＦＣ962_TCP-4 的最初ＲＦＣ968 “这是开动前的黑暗”ＲＦＣ974_邮件路由与域名系统ＲＦＣ975_自治联邦ＲＦＣ976 UUCP 邮件互换格式标准ＲＦＣ985 Internet 网关要求- 起草ＲＦＣ988 主机扩展用于IP多点传送中文RFC文档阅读1001-1500ＲＦＣ1050_RPC远程步骤呼叫协议说明书ＲＦＣ1055_在串行线路上传输IP数据报的非标准协议ＲＦＣ1057_RPC远程步骤呼叫协议说明书版本2ＲＦＣ1073_Telnet窗口大小选项ＲＦＣ1075_远距离矢量多播选路协议ＲＦＣ1088_IP 数据包传输通过NetBIOS网络的标准ＲＦＣ1090_SMTP在X.25ＲＦＣ1091_TelnetTELNET终端类型选项ＲＦＣ1094_NFS网络文件系统协议说明书ＲＦＣ1096_Telnet X 显示定位选项ＲＦＣ1097_Telnet潜意识-信息选项ＲＦＣ1112_主机扩展用于IP多点传送ＲＦＣ1113_Internet电子邮件秘密增强第一部分- 信息加密和身份验证步骤ＲＦＣ1131_OSPF规范ＲＦＣ1132_802．2分组在IPX网络上传输的标准ＲＦＣ1134_+PPP协议：关于在点到点链路上进行多协议包传送的建议ＲＦＣ1142 OSI IS-IS 域内路由协议ＲＦＣ1144_低速串行链路上的TCPIP头部压缩ＲＦＣ1145 SNMPv2的管理模型ＲＦＣ1155_基于TCPIP网络的管理结构和标记ＲＦＣ1166_Internet数字ＲＦＣ1180_TCPIP指南ＲＦＣ1191_路径MTU探索ＲＦＣ1215_为使用SNMP定义Trap的惯例ＲＦＣ1239_试验管理系统库(MIB)到标准管理系统库(MIB)的重分配ＲＦＣ1242 基准术语用于网络互连设备ＲＦＣ1258 BSD 的远程登录ＲＦＣ1287_未来的Internet 体系结构ＲＦＣ1288_Finger用户信息协议ＲＦＣ1298_基于IPX协议的SNMPＲＦＣ1321_MD5 信息-摘要算ＲＦＣ1332_PPP Internet 协议控制协议(IPCP)ＲＦＣ1333_PPP 链接质量监控ＲＦＣ1355_网络中心数据库的保密和准确性问题ＲＦＣ1365 一种IP地址扩展提议ＲＦＣ1370_OSPF适用范围声明ＲＦＣ1387_RIP（版本2）协议分析ＲＦＣ1388_RIP协议版本2ＲＦＣ1393 Traceroute使用IP选项ＲＦＣ1397_在边界网关协议（Border Gateway Protocol）版本2ＲＦＣ1408_Telnet环境选项ＲＦＣ1413_鉴定协议ＲＦＣ1414_身份识别管理系统库(MIB)ＲＦＣ1418_SNMP优于OSIＲＦＣ1420_SNMP优于IPXＲＦＣ1426_SMTP服务扩展用于8bit-多用途网际邮件扩充协议(MIME)传输ＲＦＣ1428_Internet邮件从Just-Send-8到8bit-SMTPMIME的转换ＲＦＣ1433 直接ARPＲＦＣ1445_简单网络管理协议(SNMPv2)版本2的管理模式ＲＦＣ1454_下一代IP提议的比较ＲＦＣ1461 通过X.25多协议互连SNMP管理系统库(MIB)扩展ＲＦＣ1469_通过令牌－环局域网的IP多点传送ＲＦＣ1483_通过ATM适应层5的多协议封装中文RFC文档阅读1501-2000ＲＦＣ1558_LDAP研究过滤器的字符串表达ＲＦＣ1571_Telnet环境选项互用性问题ＲＦＣ1590_媒体类型注册过程ＲＦＣ1591_域名系统的结构和授权ＲＦＣ1597_私有Internet的地址分配ＲＦＣ1605_SONET to Sonnet翻译ＲＦＣ1606_用IP版本9的历史观ＲＦＣ1611_DNS服务器MIB扩展ＲＦＣ1612_DNS解析器MIB扩展ＲＦＣ1618_ISDN上的PPP(点对点)协议ＲＦＣ1628 UPS 管理信息基础ＲＦＣ1633_Internet 体系结构中的综合服务概述ＲＦＣ1635_怎样使用匿名FTPＲＦＣ1636 IAB工厂关于在Internet体系结构的安全报告-2月8-10号, 1994ＲＦＣ1643 以太网-类似界面类型的管理对象的定义ＲＦＣ1658 字符流设备使用SMIv2管理对象的定义ＲＦＣ1661_点对点协议(PPP)ＲＦＣ1671 向IPng 过渡和其他考虑的白皮书ＲＦＣ1690 Internet工程与计划组（IEPG）介绍ＲＦＣ1691 康奈尔大学数字图书馆文档体系结构ＲＦＣ1696 用SMIv2定义的调制解调器MIBＲＦＣ1713_DNS调试工具ＲＦＣ1715_地址分配效率比率HＲＦＣ1723_路由信息协议（版本2）ＲＦＣ1724_RIP 版本2 管理系统库(MIB) 扩展ＲＦＣ1738_统一资源定位器(URL)ＲＦＣ1752_推荐IP下一代协议ＲＦＣ1769_简单网络时间协议(SNTP)ＲＦＣ1771_边界网关协议版本4（BGP-4）ＲＦＣ1776_地址是信息ＲＦＣ1777_轻量级目录访问协议ＲＦＣ1787_在多供应Internet上的软件路由ＲＦＣ1796_不是所有ＲＦＣs是标准ＲＦＣ1797_A级子网实验ＲＦＣ1810_报告MD5性能ＲＦＣ1818_最好最新的实践ＲＦＣ1822 使用具备Photuris技术的指定IBM专利的权利的授予ＲＦＣ1823_LDAP 应用程序界面ＲＦＣ1827_IP 密码安全有效载荷(ESP)ＲＦＣ1828_使用键控MD5进行IP鉴别ＲＦＣ1860_IPv4变量长度子网表ＲＦＣ1867 HTML中基于表单的文件上传ＲＦＣ1869 SMTP服务扩展ＲＦＣ1878 变量长度子网表格用于IPv4ＲＦＣ1881 IPv6 地址分配管理ＲＦＣ1883 Internet协议,版本6(IPv6)说明书ＲＦＣ1886 DNS扩展支持IP版本6ＲＦＣ1901 基于社区的SNMPv2介绍ＲＦＣ1904 简单网络管理协议(SNMPv2)版本2的一致声明ＲＦＣ1918 个人Internets的地址分配ＲＦＣ1928 SOCKS V5的用户名/密码鉴定ＲＦＣ1930 自治系统(AS)创建,选择,和注册的指导方针ＲＦＣ1939 邮局办公协议-版本3ＲＦＣ1942 HTML表格ＲＦＣ1945 超文本传输协议--HTTP/1.0ＲＦＣ1956 在MIL域中注册ＲＦＣ1957 邮局协议(POP3)执行的一些观察ＲＦＣ1962 PPP压缩控制协议(CCP)ＲＦＣ1977 PPP BSD 压缩协议ＲＦＣ1979 PPP压缩协议ＲＦＣ1981 IP 版本6的路径MTU探索ＲＦＣ1982 序列号算法ＲＦＣ1988 有条件地授予权利给特殊的HP专利于连接Internet工程特遣队的Internet-标准网络管理框架中ＲＦＣ1993 PPP G和alf FZA 压缩协议ＲＦＣ1994 PPP挑战握手身份验证协议(CHAP)ＲＦＣ1997 BGP 组属性ＲＦＣ1998 BGP 社区属性在多本地路由中的应用中文RFC文档阅读2501-3000ＲＦＣ2508 低速串行链路下IP/UDP/RTP数据包头的压缩ＲＦＣ2511 Internet X.509认证请求消息格式ＲＦＣ2516 在以太网上传输PPP的方法（PPPoE）ＲＦＣ2526 IPv6保留的子网任意传送地址ＲＦＣ2541 DNS 安全操作考虑ＲＦＣ2547 BGP/MPLS VPNsＲＦＣ2554 SMTP服务认证扩展ＲＦＣ2560 x.509因特网公钥基础设施在线证书状态协议——OCSPＲＦＣ2570 标准互联网络管理框架第三版介绍ＲＦＣ2577 FTP 安全考虑ＲＦＣ2581 TCP拥塞控制ＲＦＣ2582 TCP的快速恢复算法NewReno修正ＲＦＣ2585 Internet X.509 公共键底部结构操作协议: FTP和HTTPＲＦＣ2597 确定的面向PHB组ＲＦＣ2598 面向加速PHBＲＦＣ2618 RADIUS 身份验证客户端管理系统库(MIB)ＲＦＣ2629 用XML 写I-Ds 和ＲＦＣ文档ＲＦＣ2633 S/多用途网际邮件扩充协议(MIME) 版本3 信息说明书ＲＦＣ2644 更改直接广播在路由器上的缺省值ＲＦＣ2669 DOCSIS 电缆设备管理系统库(MIB) 电缆设备管理信息基础用于DOCSIS 适应性电缆调制解调器和电缆调制解调器中断系统ＲＦＣ2670 音频频率(RF)界面管理信息基础用于MCNS/DOCSIS适应性RF界面ＲＦＣ2685 虚拟专用网标志符ＲＦＣ2702 基于MPLS的流量工程要求ＲＦＣ2706 ECML v1:电子商务字段名ＲＦＣ2713 LDAP（轻型目录存取协议）目录中JAVATM对象的表征模式ＲＦＣ2714 LDAP（轻型目录存取协议）目录中的CORBA对象参考方案ＲＦＣ2731 Dublin核心元数据在HTML上的编码ＲＦＣ2732 文本IPv6地址在URL上的格式ＲＦＣ2733 RTP有效载荷格式用于普通正向错误更正ＲＦＣ2736 RTP有效载荷格式说明书作者的指导方针ＲＦＣ2754 RPS IANA的发布ＲＦＣ2756 超文本缓存协议(HTCP/0.0)ＲＦＣ2764 IP VPN的框架体系ＲＦＣ2773 使用KEA和SKIPJACK加密ＲＦＣ2774 HTTP 扩展框架ＲＦＣ2781 UTF-16,ISO 10646的一种编码ＲＦＣ2784 通用路由封装（GRE）ＲＦＣ2788 网络服务监视MIBＲＦＣ2793 用于文本交谈的RTP负载ＲＦＣ2796 BGP路由映象ＲＦＣ2809 通过RADIUS的L2TP强制通道的执行ＲＦＣ2810 Internet 延迟交谈:体系结构ＲＦＣ2811 Internet延迟交谈：通道管理ＲＦＣ2813 Internet 延迟交谈:服务器协议ＲＦＣ2817 在HTTP/1.1中升级到TLSＲＦＣ2818 TLS之上的HTTPＲＦＣ2824 呼叫过程语言框架和要求ＲＦＣ2825 复杂网络:I18N的发布,域名,和其它Internet协议ＲＦＣ2829 LDAP的身份验证方法ＲＦＣ2830 轻量级目录访问协议(v3): 传输层安全扩展ＲＦＣ2833 用于DTMF数字信号、电话音和电话信号的RTP负载格式ＲＦＣ2854 text/html 媒体类型ＲＦＣ2855 IEEE 1394的DHCPＲＦＣ2861 TCP 拥塞窗口检验ＲＦＣ2862 用于实时指针的RTP负载格式ＲＦＣ2866 RADIUS（远程用户拨号认证系统）记帐协议ＲＦＣ2867 RADIUS 账目管理修改用于通道协议支持ＲＦＣ2868 RADIUS 属性用于协议支持ＲＦＣ2869 RADIUS 扩展ＲＦＣ2871 一个IP电话路由框架ＲＦＣ2873 在Ipv4优先域中的TCP过程ＲＦＣ2874 支持IPv6地址集合和重编号的DNS 扩展ＲＦＣ2882 网络访问服务要求: 扩展范围实践ＲＦＣ2887 可靠的多点传送设计空间用于大的数据传送ＲＦＣ2889 基准方法论用于局域网交换设备ＲＦＣ2890 GRE中Key和SequenceNumber扩展ＲＦＣ2893 IPv6 主机和软件路由器转换机制ＲＦＣ2898 PKCS #5: 基于密码的密码系统说明书版本 2.0. BＲＦＣ2906 AAA 授权要求ＲＦＣ2914 拥塞控制原理ＲＦＣ2917 核心MPLS IP VPN 体系结构ＲＦＣ2918 BGP-4（边界网关协议）的路由刷新功能ＲＦＣ2920 SMTP 针对命令流水线的服务扩展ＲＦＣ2923 TCP的路径MTU发现问题ＲＦＣ2932 IPv4 多点传送路由管理系统库(MIB)ＲＦＣ2935 Internet开放贸易协议(IOTP)HTTP 补充ＲＦＣ2939 新DHCP选项和信息类型的定义步骤和IANA指导方针ＲＦＣ2945 SRP身份验证和键交换系统ＲＦＣ2946 Telnet 数据加密选项ＲＦＣ2947 Telnet加密：DES3 64位密码回馈ＲＦＣ2948 Telnet加密：DES3 64位输出回馈ＲＦＣ2949 Telnet加密:CAST-128 64比特输出回馈ＲＦＣ2950 Telnet加密:CAST-128 64比特密码回馈ＲＦＣ2951 使用KEA和SKIPJACK进行TELNET身份验证ＲＦＣ2952 Telnet加密：DES 64位密码回馈ＲＦＣ2953 Telnet加密:DES 64比特输出回馈ＲＦＣ2957 The 应用/whoispp-请求目录-类型ＲＦＣ2958 The 应用/whoispp-回答目录-类型ＲＦＣ2959 实时传输协议管理信息库ＲＦＣ2964 超文本传输协议(HTTP)状态管理的应用ＲＦＣ2971 Internet信息访问协议(IMAP4)的标识符扩展ＲＦＣ2976 SIP信息方法ＲＦＣ2983 有区别的协议和通道ＲＦＣ2984 CAST-128密码算法在CMS中的使用ＲＦＣ2987 字符集注册和语言媒体特征标签ＲＦＣ2988 计算TCP重传时间的定时器ＲＦＣ2991 多路径分发在Unicast上和多点传送下一路程段选择ＲＦＣ2992 等值多-路径算法的分析ＲＦＣ2994 MISTY1加密算法的描述1.各协议对应的RFC版本号表1 协议列表序号协议功能版本号1 链路层RSTP 环路保护RFC4318IEEE 802.1w2 LACP 链路聚合IEEE 802.3ad3 LLDP 链路层网络拓扑发现IEEE 802.1ab4 网络ICMP 网络通断探测RFC792 RFC9505 ARP IP地址到MAC解析RFC8266 层RIP 路由RIPv2RFC24537 传输层TCP 传输控制协议RFC793 RFC25818 UDP 用户数据报协议RFC7689应用层SNMP 网络管理SNMPv3RFC3411—RFC341810 SIP 视频会议连接控制RFC254311 HTTPs WEB浏览RFC281812 FTP 基于TCP可靠文件传输RFC95913 TFTP 基于UDP可靠文件传输RFC135014 POP 读取邮件POPv3RFC193915 SMTP 简单邮件传输RFC80116 其他RTP/RTCP 音视频实时数据传输RFC3550 RFC3551RFC496117 PRP 双网冗余IEC 62439说明：●Vxworks中网络协议基本与4.4BSD网络兼容，但增强了实时性和某些特性。

Allied Telesis 8100S Series fiber switches with 100FX multi-mode fiber ports offer high performance Layer 2-4 switching designed for the edge of the network.Secure»The 8100S Series fiber switches are designed to offer 100FX multi-mode connectivity for a higher level of security not found in copper based Ethernet systems. This combined with advanced access security features protect the critical edge of the network.Able to go the distance»Fiber connectivity is ideal for networks that demand high bandwidth over long distances. The 8100S Series fiber modules support Gigabit and 100Mbps up to a distance of 2 kilometers over multi-mode fiber, and up to 80 kilometers over single-mode fiber. Fiber is able to transport data over long distances without the type of degradation that you see with copper, allowing highly scalable and flexible network design for big business campuses, educational campus and large retails stores.Stable in harsh environment»Fibers complete immunity to electrical interference makes it resistant to cross talk between signals among different cables and environmental noise, such as radio waves and electric signals. This makes the 8100S Series ideal for high voltage environments and in places with high EMI (ElectromagneticInterference), such as alongside utility lines, conveyor belts, power lines, and railroad tracks.The 8100S Series consists of 16 100FX (SC and LC) MMF ports and 24 100FX (LC) MMF ports switch models. The 16-port models come with 16 100FX plus 8 10/100TX ports. All 8100S Series switches offer two Gigabit combo 10/100/1000T-SFP uplink ports plus two dedicated stacking connectors that deliver a total of 10Gbps stack bandwidth. The stackable Ethernet series offers fiber connectivity suitable for a network that requires high security and long distance connectivity.Redundant Power OptionsAll variants of the 8100S fiber switch family feature two internal power supplies as standard, allowing the switches to be powered from two separate building feeds making the 8100S Series less susceptible to building power failures and ensuring continuous switch operation.StackingThe physical stacking capabilityintegrated into this platform is designed to offer simplified management for higher port density applications. Up to three stackable switches of the 8100S copper and fiber series can be mixed and stacked together to a maximum of 78 ports.Key FeaturesEase of ManagementDesigned for rapid deployment with the minimum of configuration time, the 8100S Series offers features such as Voice VLAN, LLDP-MED, Enhanced Stacking and Web management GUI that facilitates simple and effective approach to network management.Voice VLAN segregates VoIP traffic from regular Ethernet traffic and applies to it a higher QoS. It takes the complexity out of VoIP deployments, ensures high voice quality and protects time sensitive voice traffic from being flooded by other data. LLDP-MED lets the user auto-configure end stations to send preconditioned traffic that adheres to Voice VLAN configured network policies.Enhanced Stacking with 8100S Series enables the user to make software upgrades for multiple switches with a single command, plus update all configurations in a single management session.The industry standard CLI of AlliedWare Plus ™ combined with the simple and intuitive Web management GUI reduces the training needs for those who require granularity of control, by providing a familiar interface for advanced users.8100S Series Fiber SwitchesLAYER 2–4 FAST ETHERNET STACKABLE SWITCHESSwitchesproduct informationEnvironmentally FriendlyIn keeping with our commitment to environmentally friendly processes and products, the 8100S Series is designed to be green from the ground up, with reduced power consumption and minimal hazardous waste.The use of highly recyclable metal, combination of green production processes, earth friendly packaging, high efficiency power supplies and effective power management deliver both cost savings and a reduced carbon footprint to the user.Access Control ListsAccess Control Lists work as filters that can enable inspection and classification of incoming data. Specific actions can then be performed on these defined data frames to more effectively manage the network traffic at Layer 2 through Layer 4. ACLs are typically used as security mechanism, either permitting or denying entry for packets on specific switch ports.Effective Traffic MonitoringIn order to fully understand theperformance of the network and ensurethe ongoing smooth delivery of criticaldata, users must be able to measure andanalyze the traffic in real time.The 8100S Series facilitates effectivetraffic monitoring with sFlow, an industry-standard technology for monitoring high-speed switched networks gives completevisibility into the use of the networkenabling performance optimization,accounting, billing for usage, and evendefense against security threats.Securing the Network EdgeIn addition to the secure fiberconnectivity, the 8100S Seriesguarantees protection and securemanagement of administrator’s networkby providing strong security standardsand authentication mechanism foraccess at the edge of a network.IEEE 802.1x port authenticationmethods such as PEAP, EAP-TLS andEAP-TTLS supported by the 8100SSeries allows a network controller torestrict external devices from gainingunauthenticated access in to thenetwork.The Multiple Supplicant Authenticationenables the switch to uniquelyauthenticate and apply the appropriatepolicies and VLAN for multiple users ordevices on a shared port, allowing portexpansion while keeping the networksecure.Gigabit and Fast Ethernet SFPSupportThe 8100S Series supports bothGigabit and Fast Ethernet Small Form-Factor Pluggable (SFP) uplinks. Thedual-speed ports make this series idealfor environments where Gigabit fiberswitches will be phased in over time.The 8100S Series allows for connectivityto the legacy 100FX hardware until theuplink device is upgraded to Gigabit.Layer 3 RoutingThe switch provides static IPv4 routingat the edge of the network as well assupport for RIPv1 and RIPv2.NOT AVAILABLE IN THE UNITED STATES AND CANADASpecificationsSystem Capacity»128MB RAM»16MB flash memory»16K MAC addresses»266MHz CPUMaximum Bandwidth»Non-blocking for all packet sizesWirespeed Switching (Layer 2/3) on all Ethernet Ports»14,880pps for 10Mbps Ethernet»148,800pps for 100Mbps Ethernet»1,488,000pps for 1000Mbps Ethernet Environmental Specifications»Operating temperature: 0ºC to 40ºC»Storage temperature: -25ºC to 70ºC»Operating humidity: 5% to 90% non-condensing»Storage humidity: 5% to 90% non-condensing»Max operating altitude: 3,048 m (10,000 ft)Port Configuration»Auto-negotiation, duplex, MDI/MDI-X, IEEE 802.3x flow control/back pressure»Head of Line (HoL) blocking prevention»Broadcast storm control»Link flap protection»Group link control»Port mirroringEthernet Specifications»RFC 894 Ethernet II encapsulation»IEEE 802.1D MAC bridges»IEEE 802.1Q Virtual LANs»IEEE 802.2 Logical link control»IEEE 802.3ac VLAN TAG»IEEE 802.1ax-2008 (LACP) link aggregation»IEEE 802.3u 100TX»IEEE 802.3x Full-duplex operation»IEEE 802.3z Gigabit Ethernet»Jumbo frames (9198 bytes)Quality of Service (QoS)»Eight egress queues per port»Egress rate limiting»Voice VLAN»Automatic QoS»IEEE 802.1p Class of Service with strict and weighted round robin scheduling»RFC 2474 DSCP for IP-based QoS»RFC 2475 Differentiated services architecture»Layer 2, 3 and 4 criteria Spanning-Tree Protocol»IEEE 802.1D Spanning-Tree Protocol»IEEE 802.1D-2004 Rapid Spanning-Tree Protocol»IEEE 802.1q-2005 Multiple Spanning-Tree Protocol(15 instances)»BPDU guard»Loop guard»Root guardMIB Support»RFC 1213 MIB-II»RFC 1215 TRAP MIB»RFC 1493 Bridge MIB»RFC 2863 Interfaces group MIB»RFC 1643 Ethernet-like MIB»RFC 2618 RMON MIB»RFC 2674 IEEE 802.1Q MIB»RFC 2096 IP forwarding table MIB»Allied Telesis managed switch MIBManagement»RFC 854 Telnet server»Console management port»AlliedWare Plus CLI»Web GUI»Enhanced Stacking»RFC 1866 HTML»RFC 2068 HTTP»RFC 2616 HTTPS»RFC 1350 TFTP»zModem»RFC 1305 SNTP»RFC 1155 MIB»RFC 1157 SNMPv1»RFC 1901 SNMPv2c»RFC 3411 SNMPv3»RFC 1757 RMON 4 groups: Stats, History, Alarmsand Events»RFC 3164 Syslog protocol (client)»Event log»RFC 3176 sFlow»Auto configVLAN»4096 VLANs (IEEE 802.1Q)»Port-based VLANs»MAC-based VLANs – 256»IP subnet-based VLANs – 256»Port-based Private VLANs»GARP VLAN Registration Protocol (GVRP)Link Aggregation»IEEE 802.3ad LACP - eight groups»Static link aggregation - 24 groupsLink Discovery»IEEE 802.1ab Link Layer Discovery Protocol (LLDP)»Link Layer Discovery Protocol-Media Endpoint(LLDP-MED)General Protocols»RFC 768 UDP»RFC 791 IP»RFC 792 ICMP»RFC 793 TCP»RFC 826 ARP»RFC 950 Subnetting, ICMP»RFC 1027 Proxy ARP»RFC 1035 DNS»RFC 1122 Internet host requirements»DHCP client»DHCP snooping»DHCP option 82»RFC 3046 DHCP relay»RFC 951 BootPIP Multicast»RFC 1112 IGMPv1 snooping»RFC 2236 IGMPv2 snooping»IGMPv2 snooping querier»Multicast groups – 255IPv6»IPv6 host»IPv6 ACL»ICMPv6»Dual-stack IPv4/IPv6 management»IPv6 applications: WEB/SSL, Telnet server/SSH,IP Routing»Static IPv4 routing – 4K»RIPv1, v2»Proxy ARPSecurity / IEEE 802.1x»TACACS+»RFC 2865 RADIUS client»RFC 2866 RADIUS accounting»IEEE 802.1x port-based Network Access Control(NAC)»Supplicant»Authenticator»IEEE 802.1x multiple supplicant mode»Piggy-back mode»Per port MAC address limiting»Per port MAC address filtering»MAC address security/lockdown»RFC 1321 MD-5»EAP, EAP-TLS, LEAP, PEAP, TTLS»Dynamic VLANs»Guest VLANs»Secure VLANs»Layer 2/3/4/ Access Control Lists (ACLs)»SSLv3 for Web management»SSL»SSH»SSH session time out»Microsoft NAP compliant»Symantec NAC supportPhysical Specifications and MTBF FiguresPower and Noise CharacteristicsOptical Ports Specifications *Standard product with dual AC power supplyStacking Features»10Gbps stacking bandwidth via dedicated HDMI stacking ports»Hardware stack up to three units (78 ports) using HDMI stacking ports or stack up to 24 units using Enhanced Stacking»Single system appearance »Single IP management »Backup master»Link aggregation / trunking across hardwire stack »Port mirroring across stack »VLAN across stack»Maximum HDMI stacking cable length 1mCompliance Standards»IEEE 802.3 – 10T»IEEE 802.3u – 100TX with auto-negotiation »IEEE 802.3ab – 1000T Gigabit Ethernet »100FX SFP support »1000X SFP supportSafety and Electromagnetic Emissions Certifications»EMI: FCC class A, CISPR class A, EN55022 class A, C-TICK, VCCI Class A, CE, EN601000-3-2, EN601000-3-3 »Immunity: EN55024»Safety: UL 60950-1 (cUlus), EN60950-1 (TUV), EN60825RoHS Standards»Compliant with European and China RoHS standardsPackage Description»AT-8100S/xx switch »AC power cords»Management cable (RJ-45 to DB-9)»Rubber feet for desktop installation and 19” rack-mountable hardware kit accessories»Install guide and CLI users guide available at »HDMI stacking cable (1 meter)North America Headquarters | 19800 North Creek Parkway | Suite 100 | Bothell | WA 98011 | USA | T: +1 800 424 4284 | F: +1 425 481 3895Asia-Pacific Headquarters | 11 Tai Seng Link | Singapore | 534182 | T: +65 6383 3832 | F: +65 6383 3830EMEA & CSA Operations | Incheonweg 7 | 1437 EK Rozenburg | The Netherlands | T: +31 20 7950020 | F: +31 20 7950021AT-8100S/16F8-SC-xx16 100M fiber SC ports, 8-port 10/100TX2 combo ports (10/100/1000T-100/1000 SFP) 2 HDMI stacking portsStandard two AC power suppliesAT-8100S/16F8-LC-xx16 100M fiber LC ports, 8-port 10/100TX2 combo ports (10/100/1000T-100/1000 SFP) 2 HDMI stacking portsStandard two AC power suppliesAT-8100S/24F-LC-xx 24 100M fiber LC ports2 combo ports (10/100/1000T-100/1000 SFP) 2 HDMI stacking portsStandard two AC power suppliesWhere xx =10 for US power cord 20 for no power cord 30 for UK power cord40 for Australian power cord 50 for European power cordSmall Form Pluggable Optics ModulesAT-SPSXSFP, MMF, 1000Mbps, 220 / 500 m, 850 nm, LC AT-SPSX/1SFP, MMF, 1000Mbps, 220 / 550m, 850 nm, LC Extended temperature: -40ºC to 85ºC AT-SPEXSFP, MMF, 1000Mbps, 2 km, 1310 nm, LC AT-SPLX10SFP, SMF, 1000Mbps, 10 km, 1310 nm, LC AT-SPLX10/ISFP, SMF, 1000Mbps, 10 km, 1310 nm, LC Extended temperature: -40ºC to 85ºC AT-SPLX40SFP, SMF, 1000Mbps, 40 km, 1310 nm, LC AT-SPZX80SFP, SMF, 1000Mbps, 80 km, 1550 nm, LC AT-SPBD10-13SFP, SMF, 1000Mbps, 10 km, 1310/1490 nm, LC-BiDi AT-SPBD10-14SFP, SMF, 1000Mbps, 10 km, 1490/1310 nm, LC-BiDi AT-SPFX/2SFP, MMF, 100Mbps, 2 km, 1310 nm, LCAT-SPFXBD-LC-13SFP, SMF, 100Mbps, 10 km, 1310/1510 nm, LC-BiDi AT-SPFXBD-LC-15SFP, SMF, 100Mbps, 10 km, 1510/1310 nm, LC-BiDi AT-SPFX/15SFP, SMF, 100Mbps, 15 km, 1310 nm, LCOrdering Information8100S Series Fiber SwitchesNOT AVAILABLE IN THE UNITED STATES AND CANADA。

产品手册Cisco 5500 系列无线控制器Cisco ®5500 系列无线控制器是一款高度可扩展的灵活平台，能够在大中型企业和园区环境中，为关键任务无线网络提供系统级服务。

5500 系列专门采用了独特设计，支持 802.11n 的性能下的最大可扩展性，通过射频的监控和保护能力提供延长的正常工作时间，并且可以同时管理 500 个接入点；它具有卓越的性能，可以提供可靠的视频流和长话级音质；它还具有增强的故障恢复功能，能在要求最严格的环境中提供一致的移动体验。

最大限度提高性能和可扩展性● 支持多达 500 个接入点和 7000 个客户端。

● 经过优化的 802.11n 性能，能够提供相当于 802.11a/g 网络九倍的性能。

● 延长的正常运行时间，每个控制器能同时配置和管理 500 个接入点 增强的移动性和服务● 范围更大的移动域，可以同时关联更多客户端。

● 速度更快的射频资源管理 (RRM) 更新，可在用户漫游时提供不间断的网络接入。

● 智能射频控制平面，可以自行配置、修复和优化。

● 高效漫游功能可提升应用性能，例如长话级音质、一致的视频流及数据备份。

许可灵活性与投资保护● 可以根据需要，逐步添加附加接入点容量许可。

OfficeExtend 解决方案● 安全、简便、经济高效的移动远程办公人员解决方案。

● 每个控制器支持多达 500 个远程接入点。

● 通过支持统一通信无线电话，节约手机费用。

全面的有线/无线安全性● 在接入点和控制器之间提供全面的 CAPWAP 加密。

● 支持检测恶意接入点和拒绝服务攻击。

● 管理帧保护功能可以检测恶意用户，并向网络管理员发出警报。

企业无线网状网● 动态无线网状网支持在室内和室外为难以布线的区域提供网络连接。

支持环保● 支持自适应功率管理，可以在非高峰时段关闭接入点无线电设备，以减少功耗。

● OfficeExtend 解决方案通过减少通勤时间和节省汽油、驾驶里程和保险成本，可降低成本和支持环保最佳实践。

中南大学TCP/IP攻击实验实验报告学生姓名学院信息科学与工程学院专业班级完成时间 2015年11月29日目录1.实验描述 (3)2.实验步骤 (3)环境搭建 (3)实验1：ARP缓存中毒 (3)实验2：ICMP重定向攻击 (4)实验3：SYN洪流攻击 (5)实验4：在telnet和ssh连接上的TCP RST攻击 (6)实验5：对视频流应用程序的TCP RST 攻击 (7)实验6：ICMP盲目连接重置和源端关闭攻击 (7)实验7：TCP报文劫持 (8)3.总结 (8)TCP/IP攻击实验1.实验描述【实验背景】由于TCP/IP协议是Internet的基础协议，所以对TCP/IP协议的完善和改进是非常必要的。

TCP/IP协议从开始设计时候并没有考虑到现在网络上如此多的威胁,由此导致了许多形形色色的攻击方法，一般如果是针对协议原理的攻击(尤其DDOS)，我们将无能为力。

TCP/IP攻击的常用原理有：(1)源地址欺骗(Source Address Spoofing)、IP欺骗(IP Spoofing)和DNS欺骗(DNS Spoofing)；(2) 路由选择信息协议攻击(RIP Attacks)；(3) 源路由选择欺骗(Source Routing Spoofing) ；(4) TCP序列号欺骗和攻击(TCP Sequence Number Spoofing and Attack)。

【实验目的】基于TCP/IP协议进行攻击实验,了解TCP/IP协议的具体机制。

2.实验步骤环境搭建这里我使用三台虚拟机做实验，其中一个用于攻击；另一个用于被攻击；第三个作为观察者使用；把三台主机放在同一个LAN中，其配置信息参照如下所示（实际在实验过程中有所改动）：这里我使用的是SEED实验室已经搭建好，并且已经安装好相关的netwox工具箱和Wireshark工具箱的Ubuntu系统，与此同时三台虚拟机都需要打开FTP和Telnet服务：使用如下命令来完成上述任务Start the ftp server# servicevsftpd startStart the telnet server# serviceopenbsd-inetd start实验1：ARP缓存中毒【实验背景】ARP缓存是ARP协议的重要的一部分。

IP优先级在IPv4的报文头中，TOS字段是1字节，如下图所示。

根据RFC1122的定义，IP优先级（IP Precedence）使用最高3比特（第0～3比特）。

＋＋＋＋＋＋＋＋＋＋＋＋＋| 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |＋＋＋＋＋＋＋＋＋＋＋＋＋3比特可以定义8个等级。

8个优先级的定义如下：•111 －Network Control 网络控制•110 －Internetwork Control 网间控制•101 －Critic 关键•100 －Flash Override 疾速•011 －Flash 闪速•010 －Immediate 快速•001 － Priority 优先•000 －Routine 普通优先级6和7一般保留给网络控制数据使用，比如路由。

优先级5推荐给语音数据使用。

优先级4由视频会议和视频流使用。

优先级3给语音控制数据使用。

优先级1和2给数据业务使用。

优先级0为缺省标记值。

在标记数据时，既可以使用数值，也可以使用名称（英文名称）。

DSCPDSCP 由RFC2474定义，它重新命名了IPv4报头中TOS使用的那1字节和IPv6报头中数据类（Traffic Class）那1字节，新的名字称为DS字段（Differentiated Services Field）。

该字段的作用没有变，仍然被QoS工具用来标记数据。

不同的是IPv4使用3比特，而DSCP使用6比特，最低2比特不用。

RFC2474 定义最高3比特为级别／类别选择代码（Class Selector Codepoints，CS），其意义和IPv4报头中IP优先级的定义是相同的，CS0 ～ CS7的级别相等于IP优先级0 ～7。

但它并没有定义第3到第5比特的具体含义以及使用规则。

DSCP使用6比特，可以定义64个优先级（0－63）。

AF保证转发（Assured Forwarding, AF）由RFC2597对CS1~CS4进行进一步定义。

TCP学习笔记-RFC1122（⼆）学习TCP/UDP过程中，有⼀些基本概念需要搞清楚。

其中如下定义请注意：SegmentA segment is the unit of end-to-end transmission in the TCP protocol. A segment consists of a TCP header followed by application data. A segment is transmitted by encapsulation inside an IP datagram.MessageIn this description of the lower-layer protocols, a message is the unit of transmission in a transport layer protocol. In particular, a TCP segment is a message. A message consists of a transport protocol header followed by application protocol data. To be transmitted end-to end through the Internet, a message must be encapsulated inside a datagram.IP DatagramAn IP datagram is the unit of end-to-end transmission in the IP protocol. An IP datagram consists of an IP header followed by transport layer data, i.e., of an IP header followed by a message. In the description of the internet layer (Section 3), the unqualified term "datagram" should be understood to refer to an IP datagram.PacketA packet is the unit of data passed across the interface between the internet layer and the link layer. It includes an IP header and data. A packet may be a complete IP datagram or a fragment of an IP datagram.FrameA frame is the unit of transmission in a link layer protocol, and consists of a link-layer header followed by a packet.。

rfc中常用的测试协议引言在计算机网络领域中，为了确保网络协议的正确性和稳定性，测试协议起到了至关重要的作用。

RFC（Request for Comments）是一系列文件，用于描述互联网相关协议、过程和技术。

在RFC中，也包含了一些常用的测试协议，用于验证和评估网络协议的功能和性能。

本文将介绍RFC中常用的测试协议，并深入探讨其原理和应用。

二级标题1：PING协议三级标题1.1：概述PING协议是一种常用的网络测试协议，用于测试主机之间的连通性。

它基于ICMP （Internet Control Message Protocol）协议，通过发送ICMP Echo Request报文并等待目标主机的ICMP Echo Reply报文来判断目标主机是否可达。

三级标题1.2：工作原理PING协议的工作原理如下： 1. 发送方主机生成一个ICMP Echo Request报文，并将目标主机的IP地址作为目的地。

2. 发送方主机将报文发送到网络中。

3.中间路由器收到报文后，将报文转发到下一跳路由器。

4. 目标主机收到ICMP Echo Request报文后，生成一个ICMP Echo Reply报文，并将其发送回发送方主机。

5. 发送方主机收到ICMP Echo Reply报文后，通过比较报文中的标识符和序列号等字段，判断目标主机是否可达。

三级标题1.3：应用场景PING协议在网络中的应用非常广泛，常用于以下场景： - 测试主机之间的连通性，判断网络是否正常工作。

- 测试网络延迟，通过计算ICMP Echo Request报文的往返时间来评估网络质量。

- 排查网络故障，通过检查ICMP Echo Reply报文中的错误码来定位故障原因。

二级标题2：Traceroute协议三级标题2.1：概述Traceroute协议用于跟踪数据包从源主机到目标主机经过的路径。

它通过发送一系列的UDP报文，并在每个报文中设置不同的TTL（Time to Live）值来实现。

路由器技术基础知识路由器技术基础知识路由器技术路由器技术中最核心的技术是软件技术。

路由软件是最复杂的软件之一。

有些路由软件运行在UNIX或Linux操作系统上，有些路由软件运行在嵌入式操作系统上，甚至有些软件为提高效率，本身就是操作系统。

全球最大的路由器生产厂家Cisco公司曾一度宣称是一个软件公司，可见路由器软件在路由器技术中所占的重要地位。

路由器软件一般实现路由协议功能、查表转发功能和管理维护等其他功能。

由于互联网规模庞大，运行在互联网上路由器中的路由表非常巨大，可能包含几十万条路由。

查表转发工作可想而知非常繁重。

在路由器研制过程中，可以通过购买商用源码等形式迅速实现路由器。

但是通常认为路由器软件需要一年甚至两年的时间来稳定。

MikroTik RouterOS在行业的发展已经有7年之久，所以在稳定性和功能上都是非常完善的。

什么是路由器路由器是工作在OSI参考模型第三层——网络层的数据包转发设备。

路由器通过转发数据包来实现网络互连。

虽然路由器可以支持多种协议（例如TCP/IP、IPX/SPX、AppleTalk等协议），但是在我国绝大多数路由器运行TCP/IP协议。

路由器通常连接两个或多个由IP子网或点到点协议标识的逻辑端口，至少拥有1个物理端口。

路由器根据收到数据包中的网络层地址以及路由器内部维护的路由表决定输出端口以及下一跳地址，并且重写链路层数据包头实现转发数据包。

路由器通常动态维护路由表来反映当前的网络拓扑。

路由器通过与网络上其他路由器交换路由和链路信息来维护路由表。

路由器是连接IP网的核心设备。

最简单的网络可以想象成单线的总线，各个计算机可以通过向总线发送分组以互相通信。

但随着网络中的计算机数目增长，这就很不可行了，会产生许多问题：1.带宽资源耗尽。

2.每台计算机都浪费许多时间处理无关的广播数据。

3.网络变得无法管理，任何错误都可能导致整个网络瘫痪。

4.每台计算机都可以监听到其他计算机的通信。

rfc中常用的测试协议摘要：1.RFC 简介2.RFC 中常用的测试协议a.网络协议测试1.网络数据包抓取和分析2.网络仿真和测试工具b.应用层协议测试1.HTTP 和HTTPS 测试2.FTP 和FTPS 测试3.SMTP 和SMTPS 测试c.安全协议测试1.TLS 和SSL 测试2.IPsec 测试d.传输协议测试1.TCP 和UDP 测试e.无线网络协议测试1.802.11 无线网络测试正文：RFC（Request for Comments）是一个用于讨论和记录互联网协议的标准文档系列。

在RFC 中，有许多常用的测试协议，这些协议用于确保互联网协议在实际应用中能够正常工作。

本文将详细介绍这些测试协议。

首先，RFC 中包含了大量的网络协议测试。

网络数据包抓取和分析是网络协议测试的基础，这对于诊断网络问题和优化网络性能至关重要。

此外，网络仿真和测试工具也是必不可少的，例如，网络模拟器（如NS-3）和测试平台（如Ixia）可以帮助工程师在实验室环境中模拟实际网络状况，从而对协议进行更严格的测试。

其次，应用层协议测试在RFC 中也占据重要地位。

HTTP 和HTTPS 是Web 应用中最常用的协议，有许多测试工具可以对它们的性能和安全性进行测试，例如，JMeter 和Locust 等负载测试工具。

此外，FTP 和FTPS、SMTP 和SMTPS 等传输协议也是常用的测试对象。

在安全协议方面，RFC 中包含了TLS 和SSL、IPsec 等协议的测试方法。

这些协议对于保护互联网数据传输的安全至关重要，因此需要进行严格的测试以确保其性能和安全性。

传输协议方面，TCP 和UDP 是互联网中最常用的传输协议，它们的测试方法也是RFC 中的重要内容。

TCP 测试关注可靠性和流量控制等方面，而UDP 测试则更注重数据传输速率和丢包率等指标。

最后，无线网络协议测试在RFC 中也有一定的比重。

例如，802.11 无线网络测试是评估无线局域网性能的关键。

⼀、基于TCPIP协议的CS模型⼀、基于TCP/IP协议的C/S模型1.1 TCP/IP协议Transmission Control Protocol / Internet Protocol1.1.1 TCP/IP的重要性TCP/IP是今天的互联⽹的基⽯，没有这个就上不了⽹了1.1.2 TCP/IP协议概念tcp/ip协议族(簇，组，体系），并不是tcp协议和ip协议的总称，tcp/ip指的是整个⽹络传输体系。

⽽tcp协议和ip协议就是单单的两个协议。

1.1.3 TCP/IP的特点⾯向连接的，可靠的，基于字节流的传输层协议。

UDP/IP: ⾯向⾮连接的，不可靠的，基于数据报的传输层协议。

1.2 client/server ----- 客户端/服务器模型⽐如QQ，DNF，LOL等这些我们下载客户端的，都属于c/s模型的⼀个应⽤c/s模型其实是概念层⾯的，实现层⾯可以是基于任何的⽹络协议。

常见的还有b/s模型: 浏览器/服务器模型基于http/https协议的⼆、服务端2.1 头⽂件与库⽂件#include<WinSock2.h> // windows socket 第2版，名字不区分⼤⼩写#pragma comment(lib, "Ws2_32.lib") // windows socket 第2版 32位的库⽂件, 名字不区分⼤⼩写2.2 打开⽹络库（WSAStartup）WORD wdVersion = MAKEWORD(2, 2); // 将2.2版本存⼊ wdVersion。

类型是WORD unsigned short intWSADATA wdSockkMsg;/*int WSAStartup(WORD wVersionRequested, LPWSADATA lpWSAData);wVersionRequested 为 WinSock 规范的版本号，低字节为主版本号，⾼字节为副版本号（修正版本号）lpWSAData 为指向 WSAData 结构体的指针。