Bambance-bambance tsakanin tashoshin jiragen ruwa na TCP da UDP da lokacin amfani da kowannensu

Lokacin da muka shiga duniyar hanyoyin sadarwa, ba dade ko ba dade ainihin tambayar ta taso: Menene ainihin bambance-bambance tsakanin tashoshin TCP da UDP? da kuma lokacin da ya fi kyau a yi amfani da ɗaya ko ɗaya. Ko da yake a kallon farko muna ganin lambobin tashar jiragen ruwa ne kawai (80, 443, 3389, 53…), a ƙarƙashinsu akwai hanyoyi guda biyu mabanbanta na motsa bayanai akan Intanet waɗanda ke yin tasiri cikin sauri. abin dogaro kuma ko da a cikin tsaro.

A cikin wannan labarin za mu kwantar da hankali Yadda TCP da UDP ke aiki, wace rawa tashoshin jiragen ruwa ke takawa, da kuma waɗanne ka'idoji kowanne ke amfani da su.yadda suke shafar abubuwan yau da kullun kamar lilo, kunna wasannin kan layi, yin kiran bidiyo ko haɗawa ta hanyar tebur mai nisa, da kuma irin tasirin da suke da shi dangane da aiki, cybersecurity da Tacewar zaɓi.

TCP da UDP: hanyoyi daban-daban guda biyu don jigilar bayanai

Kafin magana game da tashar jiragen ruwa, yana da mahimmanci a fahimci hakan TCP (Transmission Control Protocol) da UDP (User Datagram Protocol) sune ka'idojin layin sufuri. na tsarin TCP/IP, kuma suna ayyana salon sadarwa tsakanin tushe da inda ake nufi.

TCP ƙa'idar haɗin kai ceKafin aika bayanai, yana kafa tashoshi mai ma'ana tsakanin mai aikawa da mai karɓa ta amfani da sanannun "hannun hannu uku" (SYN, SYN-ACK, ACK). Daga can, yana ƙididdige sassan, yana tabbatar da cewa sun zo cikin tsari, gano kurakurai, buƙatun sake aikawa, da daidaita saurin watsawa bisa ga hanyar sadarwa da ƙarfin mai karɓa.

UDP, a gefe guda, ƙa'idar ce mara haɗiBabu lokacin kafawa; kawai mai aikawa yana aika bayanai zuwa inda aka nufa ba tare da jiran tabbaci ko bin diddigi ba. Baya yin odar fakiti, garantin isarwa, ko amfani da hanyoyin sarrafa kwarara ko cunkoso. A sakamakon haka, yana rage girman kai da latency sosai.

Bisa ga wannan, babban bambanci a aikace shi ne TCP yana ba da fifikon amincin bayanai da daidaitoyayin da UDP yana mai da hankali kan sauri da sauƙiyarda cewa wasu bayanan na iya ɓacewa a hanya.

Menene ainihin tashar TCP ko UDP?

Tashar jiragen ruwa, a cikin duka TCP da UDP, yana da sauƙi lamba daga 0 zuwa 65535 wanda ke nuna sabis ko aikace-aikacen da ya kamata rafin bayanai ya isa cikin na'ura. Tare da adireshin IP, yana samar da sanannen "socket" (IP: port) waɗanda aikace-aikacen ke amfani da su don saurare da aika zirga-zirga.

Lokacin da muke magana game da "TCP tashar jiragen ruwa" ko "UDP tashar jiragen ruwa," ba muna magana ne game da lambobi daban-daban ba, amma maimakon haka nau'ikan sufuri daban-daban masu alaƙa da lambar tashar jiragen ruwa iri ɗayaMisali, 53/TCP da 53/UDP suna tare don DNS, ko 3389/TCP da 3389/UDP don RDP daga wasu sigogin gaba.

An tsara lambar a ciki uku daraja tare da bambance-bambancen amfani da TCP da UDP suka raba:

• Sanannun tashoshin jiragen ruwa (0-1023): IANA ta tanadi don daidaitattun ayyuka kamar HTTP (80/TCP), HTTPS (443/TCP), FTP (21/TCP), SSH (22/TCP), DNS (53/TCP da 53/UDP), da dai sauransu.
• Mashigai masu rijista (1024-49151): an sanya su zuwa takamaiman aikace-aikace, kamar 3306/TCP don MySQL ko 1194/UDP a yawancin ayyukan OpenVPN.
• Tashoshi masu ƙarfi ko masu zaman kansu (49152-65535): amfani da ɗan lokaci ta abokan ciniki don zaman ephemeral; ana sanya su a kan tashi ta tsarin aiki.

Godiya ga wannan ƙungiyar, uwar garken guda ɗaya na iya Saurari ayyuka da yawa lokaci guda (web, email, database, VPN…) ba tare da bayanan da ke gudana suna gauraya ba, tunda kowannensu yana da tashar jiragen ruwa.

Mabuɗin fasali na TCP: aminci sama da duka

An tsara TCP don haka bayanan suna zuwa cikakke, ba tare da kurakurai ba, kuma a cikin tsari iri ɗaya da aka aikahar ma a kan hanyar sadarwar IP wanda, ta hanyar ƙira, shine "mafi kyawun ƙoƙari" kuma ba ya garantin komai.

Don cimma wannan, ana amfani da TCP da dama fairly sophisticated inji:

• Lambar yanki da ACKKowane bangare yana ɗaukar lambar jeri, kuma mai karɓa yana aika da godiya (ACKs). Kuna iya amfani da zaɓaɓɓun ACKs don inganta sassa da yawa lokaci guda.
• Checksum: duk sassan suna ɗauke da lissafin kuɗi don gano ɓarnatar bayanai; idan ya gaza, ana watsar da sashin kuma a sake nema.
• LokaciIdan wani adadin lokaci ya wuce ba tare da karɓar ACK daga wani yanki ba, mai aikawa zai ɗauka asara kuma ya sake tura shi kai tsaye.
• Kwafi taceIdan sashi ɗaya ya zo sau biyu, TCP yana gano kwafin ta lambobi kuma ya watsar da shi.

Bugu da ƙari, TCP yana aiwatarwa sarrafa kwarara dangane da taga mai zamewa: mai karɓa yana sanar da adadin bytes ɗin da zai iya adanawa a cikin buffer ɗinsa kuma mai aikawa ba zai iya wuce wannan iyaka ba har sai ya sami sabbin ACKs masu "zamewa" taga.

A cikin layi daya, TCP ya ƙunshi a sarrafa cunkoso tare da taga nata (tagar cunkoso), wanda ke ƙoƙarin hana hanyar sadarwar ta zama cikakke. Idan ya gano asarar fakiti (mai nunin cunkoso a cikin a na'ura mai ba da hanya tsakanin hanyoyin sadarwa), yana rage saurinsa; lokacin da hanya ta bayyana, ta sake ƙara ta a cikin tsari mai sarrafawa (farawa sannu a hankali, guje wa cunkoso da tsayayyen matakan lokaci).

con el tiempo sun kasance suna bayyana algorithms masu haɓaka cunkoso, kamar Tahoe da Reno a farkon kwanakin su, Vegas, CUBIC (an yi amfani da su sosai a cikin Linux) ko BBR, wanda aka tsara ta Google don yin mafi kyawun amfani da wadataccen bandwidth ba tare da wuce gona da iri na hanyar sadarwa ba.

Wata muhimmiyar fa'ida ita ce TCP yana da cikakken duplex kuma yana ba da damar yin yawaAna iya aika bayanai da karɓa lokaci guda akan tashar guda ɗaya, kuma mai watsa shiri na iya kula da buɗaɗɗen kwasfa masu yawa zuwa wurare daban-daban ko ayyuka a lokaci guda.

TCP header, MSS da overload

Kowane yanki na TCP yana ɗaukar kan kai wanda, a ƙaranci, ya mamaye 20 bytes (ƙarin zaɓuɓɓuka idan akwai)A ciki muna samun:

• Tashar jiragen ruwa na asali da kuma alkibla (Madogaran Tashar ruwa, Tashar Manufa).
• Lambar jeri y lambar yabo (ACK).
• Flags kamar SYN, ACK, FIN, RST, URG, da dai sauransu.
• Girman taga liyafarmahimmanci don sarrafa kwarara.
• Checksum da yuwuwar zaɓuɓɓuka (misali, sikelin taga).

Matsakaicin girman sashi an ƙaddara ta MSS (Mafi girman Girman sashi), an ayyana a matakin sufuri. Yawancin lokaci ana ƙididdige shi kamar: MSS = MTU - IP na kai - TCPA cikin hanyar sadarwa ta Ethernet na yau da kullun (MTU 1500) da ƙananan rubutun kai, muna magana ne game da 1460 bytes na bayanai masu amfani.

Ko da yake wannan ingantacciyar babban kan kai yana ƙaruwa, yana ba da damar TCP haɗa duk waɗannan hanyoyin sarrafawa wanda ke ba shi babban matakin amincinsa.

Ƙirƙirar da rufe haɗin TCP: musafaha-hanyar 3 da KARSHE

Don fara musayar bayanai tare da TCP, kuna buƙatar farko Ƙirƙiri haɗin ma'ana tsakanin abokin ciniki da uwar garkenTsarin al'ada shine musafaha-hanyoyi 3:

1. Abokin ciniki yana aika sashi tare da Farashin SYN da lambar jerin farko.
2. Sabar ta amsa da SYN-ACK, nuna nasu jerin lambar da kuma tabbatar da abokin ciniki ta.
3. Abokin ciniki yana aika yanki na ƙarshe tare da ACK Daga nan, ɓangarorin biyu za su iya fara aika bayanai bidirectionally.

Wannan shawarwarin lambobin jeri yana sa mai hari daga waje zuwa ga wahala cikin sauƙi spoof an riga an kafa haɗin TCPKoyaya, idan yana tsakiyar (MitM) yana iya sarrafa zirga-zirga.

Don rufe zaman, ɗaya daga cikin ɓangarorin ya aika sashi tare da FinƊayan gefen yana amsawa da ACK kuma yawanci yana aika nasa FIN, wanda dole ne a yarda da shi. A wasu lokuta, haɗin "rabi-bude" na iya kasancewa, inda ɗayan ya rufe haɗin amma ɗayan yana ci gaba da aika bayanai.

Hare-haren da ke da alaƙa da TCP da rauni

Daidai saboda wannan haɗin, TCP yana da saukin kamuwa da hare-haren kin sabis na SYNMaharin ya aika da adadi mai yawa na ɓangarori na SYN na karya, yana barin uwar garken tare da haɗin haɗin rabin-bude da yawa waɗanda ke cinye albarkatu.

Don rage waɗannan hare-hare, yawanci ana amfani da matakai kamar haka: iyakance adadin haɗin lokaci guda (duniya ko ta IP), tace ta amintattun adireshi ko amfani da dabaru irin su SYN kukis, wanda ke jinkirta ainihin ajiyar albarkatun har sai an sami tabbataccen tabbaci.

Wani classic harin ne Hasashen lambar jerin TCPIdan maharin zai iya hasashen ƙimar da halaltaccen mai watsa shiri zai yi amfani da shi, za su iya allurar fakitin karya waɗanda ke bayyana suna cikin haɗin gwiwa. Don cimma wannan, yawanci suna fara sauraren zirga-zirgar ababen hawa tsakanin kwamfutoci biyu amintattu, suna ƙididdige tsarin ƙididdigewa, wani lokacin kuma suna ƙaddamar da hare-haren hana sabis a kan ainihin rundunonin don “yi shiru” shi yayin da suke ɓarna zamansa.

Da zarar an kafa haɗin, maharin zai iya allura bayanan sabaniWannan na iya haifar da ƙarewar zama ko hali mara tsammani a aikace-aikacen da aka yi niyya. Tsofaffi, tsare-tsare da na'urori galibi sune mafi sauƙin manufa don waɗannan fasahohin.

Menene UDP kuma me yasa yake da sauri?

An tsara UDP da wata falsafa ta daban: aika datagrams tare da mafi ƙarancin abin da zai yiwubarin kusan duk iko zuwa saman yadudduka. Ba ya kafa riga-kafi, sake yin oda, sake aikawa, ko daidaita yawan watsawa.

Mai aikawa kawai yana aika bayanan UDP zuwa tashar jiragen ruwa, a ɗauka cewa mai karɓar yana da buɗaɗɗen sauraron soket. Idan akwai cunkoso, idan mai karɓar yana da hankali, ko kuma idan na'ura mai ba da hanya tsakanin hanyoyin sadarwa ya yanke shawarar sauke fakiti, UDP ba ta yin komai don gyara shi.

Kan allon kai ƙarami ne, kawai 8 bytes, tare da filaye guda huɗu:

• Port na asali.
• Tashar tashar jiragen ruwa.
• Tsawon Datagram.
• Checksum (don rubutu da bayanai).

Godiya ga wannan sauki, Yawancin fakitin an keɓe don ɗaukar kaya.Wannan yana haɓaka aiki sosai, musamman a cikin hanyoyin sadarwa na lokaci-lokaci da kuma a cikin wuraren da rage jinkirin ya zama fifiko.

Duk da haka, tun da babu magudanar ruwa ko hana cunkoso. idan mai watsawa ya fi sauri fiye da mai karɓa ko hanyar sadarwaZa a fara yin asarar bayanai, kuma alhakin sarrafa wannan asarar ya faɗi gaba ɗaya akan aikace-aikacen.

Abũbuwan amfãni da rashin amfani na TCP da UDP

A takaice dai, muna iya cewa TCP yana da hankali amma abin dogara sosaida kuma UDP yana da sauri amma ƙasa da abin dogaroBari mu kawo wannan zuwa shari'o'in amfani na zahiri.

TCP shine kyakkyawan zaɓi lokacin da amincin bayanan ke da mahimmanci: imel, binciken yanar gizo, canja wurin fayil, gudanarwa na nesa, bayanan bayanai… A duk waɗannan lokuta, ba ma'ana ba ne a karɓi ɓarna ko cikakkun bayanai, ko da ya ɗauki mu tsawon mil daƙiƙa guda.

UDP yana haskakawa a cikin wuraren da gaggawa ke da fifiko, kamar juegos onlineVoIP, kiran bidiyo, yawo kai tsaye, DNS, DHCP… Anan ya fi dacewa a rasa fakiti da samun pixelate na bidiyo na ɗan lokaci, maimakon dakatar da sake kunnawa don jira sakewa.

Dangane da amfani da bayanai, TCP kuma yana da sama da sama fiye da UDP.Kanun labarai sun fi girma kuma suna haifar da ƙarin zirga-zirga daga amincewa da sake aikawa. A cikin gwaje-gwaje na ainihi tare da VPN An lura cewa OpenVPN akan TCP na iya cinye maki da yawa fiye da bayanai fiye da UDP don wannan bayanin mai amfani.

Dangane da tsantsar tsaro, babu wata yarjejeniya da aka ƙera don ɓoyewa ko tantancewa da kanta, kodayake Tsarin TCP yana sa allurar zirga-zirgar ƙeta ta ɗan ƙara wahala Godiya ga bin layi da ACKs. A aikace, lokacin da muke amfani da TLS, VPNs, ko rufaffiyar tunnels, duka TCP da UDP sun dogara da manyan yadudduka don kare abun ciki.

A ƙarshe, UDP yana ba da damar multicasting da watsa shirye-shirye ta halitta, wanda ya sa ya fi sauƙi don aika wannan kwarara zuwa ga masu karɓa da yawa a lokaci ɗaya (conferences na bidiyo, yawo zuwa abokan ciniki da yawa, ka'idojin ganowa), wani abu da TCP, kasancewa mai mahimmanci-zuwa-aya, ba zai iya yi ba.

Yadda TCP da UDP suka dace cikin VPNs

Ayyukan VPN sun dogara da TCP ko UDP don ƙirƙirar rami mai rufaffiyar tsakanin abokin ciniki da uwar garken. A aikace, Yawancin ka'idojin VPN na zamani sun fi son UDP saboda yana rage jinkiri kuma yana taimakawa mafi kyawun yanayin asarar fakitin matsakaici.

A cikin OpenVPN, alal misali, zaku iya zaɓar tsakanin TCP ko UDP ramiLokacin amfani da UDP, yawancin amincin ana ba da su ga aikace-aikacen da ke cikin rami (yawanci TCP kuma, kamar HTTP/HTTPS), guje wa nau'in sarrafa kuskure sau biyu wanda zai ƙara jinkiri kawai.

Wannan yana nuna cewa Ramin OpenVPN akan UDP Yana iya rasa wasu fakiti, amma idan zirga-zirgar HTTP (wanda ke amfani da TCP) yana tafiya ciki, zai zama TCP na ciki wanda ke buƙatar sake aikawa idan ya cancanta. Sakamakon aiki shine ingantaccen haɗi, abin dogara a matakin aikace-aikacen, amma da sauri a matakin sufuri.

WireGuard ya wuce mataki kuma Yana amfani da UDP na musamman azaman hanyar sufuri.Dukkan rikitattun abubuwan ana matsar da su zuwa nasu bayanan sirri da dabaru na sarrafawa, samun ƙarancin lokutan saiti da yawo cikin sauri lokacin da muka canza cibiyoyin sadarwa (misali, daga Wi-Fi zuwa 4G) ba tare da an lura da VPN ba.

Koyaya, a cikin wuraren da firewalls ke da matukar ƙuntatawa tare da UDP (wasu cibiyoyin sadarwar kamfanoni), yawancin VPNs ana tilasta su. Juyawa zuwa TCP don ƙetare masu tacewa da wakilai, a farashin ɗan ƙara yawan latency.

TCP vs UDP akan yanar gizo da juyin halitta zuwa QUIC

A yau, HTTP da HTTPS kusan koyaushe suna dogara akan TCPClassic HTTP yana amfani da tashar jiragen ruwa 80/TCP kuma HTTPS yana amfani da 443/TCP, yana ƙara TLS don ɓoye hanyoyin sadarwa.

Har zuwa HTTP/2 hoton ya fito fili: Duk gidan yanar gizon ya wuce TCP, tare da fa'idodin amincin sa amma yana jan tare da wasu matsalolin latency da toshe kan kai a cikin manyan haɗin kai.

HTTP/3 ya shiga wurin QUIC, ka'idar sufuri da aka gina a saman UDP Yana haɗa fasali na TCP (ikon cunkoso, gyare-gyaren kuskure, odar kwarara) da TLS (ɓoye da ake buƙata). QUIC yana ba da damar ninka rafuka masu zaman kansu da yawa akan haɗin gwiwa ɗaya, yana rage tasirin asarar fakiti akan kowane ɓangaren sadarwa.

Godiya ga haka, HTTP/3 akan QUIC yawanci yana ba da lokutan lodawa da sauri, musamman ma hanyoyin sadarwar hannu ko high-jitter haɗin gwiwa. Bugu da ƙari, ta amfani da UDP, yana da kyau ya shawo kan wasu ƙullun cikin kayan aikin gado wanda aka tsara don TCP kawai.

TCP da UDP tashar jiragen ruwa a cikin ayyuka na ainihi: misalai da tebur

Haɗin nau'in sufuri da lambar tashar jiragen ruwa ya bayyana wace ƙa'idar Layer aikace-aikace ake amfani daWasu misalai na gama gari:

• 80 / TCPHTTP (uncrypted yanar gizo).
• 443 / TCPHTTPS (rufaffen yanar gizo tare da TLS).
• 21/TCP da 20/TCPFTP (iko da bayanai).
• 22 / TCP: SSH da SFTP.
• 25/TCP, 587/TCPSMTP don aika imel.
• 110/TCP, 995/TCP: POP3 da POP3S.
• 143/TCP, 993/TCP: IMAP da IMAPS.
• 53/UDP da 53/TCP: DNS (tambayoyi masu sauri ta hanyar UDP, canja wurin yanki ta hanyar TCP).
• 67/UDP da 68/UDPDHCP abokin ciniki / uwar garken.
• 123/UDPNTP, aiki tare lokaci.
• 161/UDPBayani: SNMP.
• 445 / TCPMicrosoft SMB/CIFS don raba fayil.
• 554/TCP/UDP: RTSP don sarrafa rafi.
• 631/TCP/UDP: IPP (bugu na cibiyar sadarwa).

Cikakken jerin sanannun tashoshin jiragen ruwa da masu rijista suna da yawa sosai, amma yana aiki don nuna hakan TCP yawanci yakan mamaye aikace-aikace masu mahimmanci da ma'amalayayin da Dokokin UDP a cikin bincike, yawo, ko ka'idojin sarrafa nauyi..

RDP: TCP, UDP, ko duka biyu?

El Ka'idar Desktop Protocol (RDP) Sabis na Microsoft yana ba ka damar haɗawa da wata kwamfuta kamar kana zaune a gaban allo. A ciki, yana aika hoton tebur da aka matsa daga mai watsa shiri mai nisa zuwa ga abokin ciniki kuma yana karɓar shigar da madannai da linzamin kwamfuta a gaba.

A al'ada, RDP ya yi amfani da tashar jiragen ruwa 3389/TCP a matsayin sufuri na farko, yin amfani da amincin TCP don tabbatar da cewa kowane sabuntawar allo, danna, da fakitin sarrafawa sun isa daidai kuma cikin tsari.

Tun da RDP 8.0, ƙa'idar kuma za ta iya amfani da ita 3389/UDP don inganta aikiYawanci, abokin ciniki zai fara ƙoƙarin kafa tashar UDP (saboda ƙananan latency da mafi girma bandwidth) kuma, idan wannan ba zai yiwu ba saboda ƙuntatawa na cibiyar sadarwa, zai koma baya a kan tashar TCP ta al'ada.

Wannan tsarin haɗin gwiwar yana ba da damar RDP aika mafi yawan bayanan hoto ta hanyar UDPinda asarar ƴan firam ɗin ke da wuya a iya gani, kuma ana iya adana TCP don mahimman bayanai masu mahimmanci idan ya cancanta. A cikin cibiyoyin sadarwa tare da babban jinkiri ko asarar sigina, haɓakar aiki na iya zama mai mahimmanci.

Yadda ake buɗe tashoshin TCP da UDP don RDP akan Windows

Don zaman RDP daga waje zuwa aiki, tilas ta wuta ta mai watsa shiri ba da izinin zirga-zirga mai shigowa a tashar jiragen ruwa 3389Dukansu TCP da UDP sun zama dole idan muna so mu yi amfani da ingantawa na zamani; idan akwai matsaloli, yana da kyau a sake duba abubuwan manufofin cibiyar sadarwa da ke toshe RDP.

En Windows, da saiti na asali daga Firewall na Fayil na Windows ya kunshi:

1. Shigar Sarrafa Sarrafa> Tsarin da Tsaro> Wutar Windows Defender kuma buɗe saitunan ci gaba.
2. Ƙirƙirar sabon tsarin shigar da nau'in "Port", zaɓi TCP kuma saka 3389 azaman takamaiman tashar jiragen ruwa na gida.
3. Zaɓi "Ba da izinin haɗi", shafi mahimman bayanan martaba (yanki, masu zaman kansu, jama'a) kuma ba da suna mai siffata, misali "RDP TCP 3389".
4. Maimaita tsari zuwa UDP akan tashar jiragen ruwa guda 3389, tare da wani suna kamar "RDP UDP 3389".
5. Tabbatar da cewa an kunna dokokin biyu kuma gwada haɗin kai daga abokin ciniki mai nisa.

Ta fuskar tsaro, baya ga bude tashoshin jiragen ruwa, yana da muhimmanci Yi amfani da kalmomin sirri masu ƙarfi, Kunna Tabbatar da Matsayin hanyar sadarwa (NLA) don tabbatar da cewa ingantattun masu amfani ne kawai za su iya shiga cikin zaman zane, iyakance waɗanne asusu suna da izinin shiga nesa, da kiyaye tsarin koyaushe don kiyaye lahani a cikin sabis na RDP.

TCP tashoshin jiragen ruwa: tsaro, kasada da mafi kyawun ayyuka

Duk wani tashar TCP da aka fallasa zuwa Intanet ya zama yiwuwar harin vectorMaharan suna sarrafa sarrafa sikanin duk kewayon IP suna neman buɗe tashoshin jiragen ruwa (ta amfani da kayan aiki kamar Nmap) kuma, da zarar an gano su, gwada sanannen lahani ko hare-haren ƙarfi.

Ayyuka masu mahimmanci kamar SSH (22/TCP), RDP (3389/TCP), SMB (445/TCP) ko bayanan bayanai Waɗannan maƙasudin fifiko ne, tunda gazawar a can na iya ba da damar kai tsaye zuwa cibiyar sadarwar ciki ko mahimman bayanai.

Don rage girman kai hari, yana da kyau a yi amfani da ka'idar mafi ƙarancin gata a tashar jiragen ruwa: kawai buɗe waɗanda suke da mahimmanci, ƙuntata damar IP ko VPN lokacin da zai yiwu, kuma rufe ko tace duk abin da ba a yi amfani da shi ba.

Hakanan yana da kyau raba hanyar sadarwa zuwa yankuna (LAN mai amfani, uwar garken DMZ, cibiyar sadarwar gudanarwa, da sauransu) kuma yi amfani da dokokin bangon wuta na ciki don ware ayyuka masu mahimmanci. Ta wannan hanyar, ko da maharin ya lalata na'ura ɗaya, zai yi musu wahala su matsa gefe zuwa wasu na'urori masu mahimmanci.

Amfani da saka idanu da kayan aikin shiga Yana ba da damar gano alamu mara kyau a cikin tashar jiragen ruwa (bincike, yunƙurin gazawa, haɗin kai daga ƙasashen da ba a saba gani ba), haifar da faɗakarwa kafin abin ya faru.

A ƙarshe, yana da kyau a aiwatar da shi duban tashar jiragen ruwa lokaci-lokaci Yi amfani da na'urorin daukar hoto na waje da na ciki da daftarin aiki wanda sabis ke sauraro akan kowanne. Wannan yana taimakawa gano tsoffin aikace-aikacen, ayyuka da aka manta, ko saitunan tsoho masu haɗari waɗanda yakamata a kashe.

Bambance-bambancen aiki tsakanin tashoshin jiragen ruwa na TCP da UDP

Lokacin da muka kwatanta zirga-zirgar zirga-zirgar zirga-zirgar jiragen ruwa ta TCP da UDP, ainihin abin da muke aunawa shine halayen duka ka'idojin sufuri a ƙarƙashin daban-daban yanayin cibiyar sadarwa.

TCP, tare da kuskurensa da sarrafa cunkoso, yana kula da shi rage gudu lokacin da ta gano asara ko jikewafifita cewa komai ya zo daidai maimakon sauri. A cikin cunkoson cibiyoyin sadarwa ko tare da babban jinkiri, wannan na iya fassara zuwa lokutan lodi mai tsayi ko saukaargas kasa hankali.

UDP baya barin cunkoso ya dakatar da shi: Idan hanyar tana da cunkoso, masu amfani da hanyar sadarwa suna sauke fakiti kawaiTunda babu isar da sako ta atomatik, sadarwa ta kasance mai ruwa, amma tare da gibin bayanai wanda aikace-aikacen zai sarrafa (misali, tare da buffering ko gyara kuskurensa).

A cikin gwaje-gwaje tare da VPNs da manyan nisa na yanki, ana lura da hakan OpenVPN akan UDP yawanci yana da sauri fiye da TCPBambancin yana ƙara bayyana yayin da yanayin cibiyar sadarwa ke tsananta. Wannan ya faru ne saboda ƙananan rubutun da kuma rashin ci gaba da ACKs da sakewa.

Akwai kuma tasiri a kan amfani da bayanaiTsakanin maɗaukaki masu nauyi da ƙarin saƙon sarrafawa, TCP yana amfani da ƙarin bandwidth don kowane MB mai amfani. A kan haɗin wayar hannu tare da iyakokin gigabyte, wannan na iya yin bambanci a ƙarshen wata.

Sauran ka'idojin sufuri fiye da TCP da UDP

Kodayake a aikace kusan dukkanin Intanet suna aiki da su TCP da UDP a matsayin tusheAkwai wasu ka'idojin sufuri da aka tsara don takamaiman lokuta masu amfani.

Daya daga cikinsu shine SCTP (Ka'idar Gudanar da Watsawa)Ya haɗu da fasali na TCP da UDP: yana ba da amintaccen watsawa da oda, amma yana ba da damar kwarara masu zaman kansu da yawa a cikin haɗin kai ɗaya. Ana amfani da shi sosai a ciki ci-gaban sadarwa da siginar VoIP, inda ya rage jinkiri idan aka kwatanta da TCP na gargajiya.

Wani kuma shine DCCP (Datagram Control Protocol), wanda ke kula da salon layi na UDP amma ya haɗa hadedde kula da cunkosotsara don ainihin-lokaci multimedia inda asarar fakiti ya fi dacewa don gabatar da latency da yawa.

Shin kuma RDP (Tsarin Bayanan Bayanai), tare da mai da hankali kan yanayin soja da kimiyya, kuma, kamar yadda aka riga aka ambata, QUIC, wanda ya dogara da UDP amma yana aiwatar da aminci, haɓakawa da ɓoyewa a cikin Layer guda ɗaya, kasancewa tushen HTTP/3.

Duk da fa'idodin fasaha, gaskiyar ita ce Yawan karɓar sabbin ka'idoji yana da rikitarwa: gaba dayan yanayin muhallin na'urori masu amfani da hanyoyin sadarwa, firewalls, tsarin aiki An inganta aikace-aikacen don TCP da UDP, kuma canza wannan tushe ya haɗa da ƙoƙari, farashi, da haɗari. Bugu da ƙari kuma, da yawa firewalls suna toshe ƙa'idodin da ba a saba gani ba ta tsohuwa, yayin da zirga-zirgar TCP 80/443 da adadi mai yawa na UDP kusan koyaushe ana ba da izini.

fahimta da kyau Yadda tashoshin jiragen ruwa na TCP da UDP ke aiki, waɗanne ayyuka ne ke dogara ga kowane, da kuma waɗanne abubuwan da suke da shi don aiki da tsaro. Wannan shine abin da ke ba mu damar yin yanke shawara mai ma'ana: lokacin da ya dace mu sadaukar da wasu saurin don samun dogaro, lokacin da yake da fa'ida don amfani da UDP don rage latency, waɗanne tashoshin jiragen ruwa don buɗewa ko rufewa a cikin Tacewar zaɓi, ko kuma waɗanne sigogi don daidaitawa a cikin VPN ko uwar garken don tabbatar da hanyar sadarwarmu tana gudana lafiya kuma ba ta da matsala kamar yadda zai yiwu don kai hari.