Active Class 2: Bridging the gap between you and the technology: Understanding the

Application Layer

The learning objective of this class activity is to learn about the role of the application
layer protocols play in computer networking.

At the end of this activity, you should be able to:

1. Explain the role of application layer protocols play in computer networking.
2. Demonstrate the understanding of HTTP

This class activity is designed to be worked through active participation and collaborating with
peers under the guidance of the teaching team in the class. The active classes are designed
to be interactive, and they are here for you to extend your learning. However, these classes
will only help you to enhance your learning if you come prepared. To work on the class
activities, you need to complete the Introduction module (Module 1) and first part of the
Application layer module (up to HTTP section of Module 2). You need to have a basic
understanding of layered model, TCP/IP, and HTTP. If you are not familiar with any of the
above, please head to Module and 1 &2 in the CloudDeakin unit site and complete it before
starting this active class.

The active classes are related to assessment tasks on OnTrack. After learning about different
concepts from the content provided in the unit site, you will expand your knowledge by
working on activities designed to put these concepts in practice during the active classes and
submit the completed tasks to OnTrack in the same week. The teaching team will guide and
support your learning during these activities. This will help you manage your time and tasks
better to avoid tasks piling up towards the deadlines. If you do not complete these activities
in class, you will need to work on them in your own time, with limited support from us
available.

The class activities are split into two parts. First, you will conduct a group discussion and a
role play to understand, 1) the role of application layer plays in the networking and 2) HTTP.
Then, you will analyse HTTP in Wireshark.

Activity 1: Understanding the Application Layer using HTTP

We use different internet applications to do many things in our day-to-day life including
accessing web, e-mail, and even sharing files. It seems these applications are straight forward
as we can simply use these applications without knowing how they work. The application
layer in the TCP/IP model is the interface that prepares our communication for transmitting
over the computer networks. Let’s do the following activity to learn more about the
application layer protocol.

This activity is a group activity. Therefore, you need to form a group of four (4) people. At
your table (or in MS team breakout room), discuss the following questions and activities with
your group members. Remember to take notes as they will help you prepare your OnTrack
task submissions.
1. Why do we need application layer protocols?
2. Discuss some examples of application layer protocols.
3. Let’s consider one of the popular application layer protocols, HTTP to learn the
principal operation of HTTP. To carry on this discussion, we can do a small role play.
a. HTTP is a client-server protocol. Can you identify the key features of HTTP?
b. Identify a group member who could act as a web server and other three
members can act as clients. So, your network has one server and three clients.
c. Let’s assume each client wants to access a web page stored in the web server
and we use HTTP to communicate in the application layer level. You can now
act as a server-client model communicating the right messages between each
entity in sequence to get the information that each client wants. For example,
Client 1 could say: “Client 1 initiating TCP connection with the Server”. Then,
the server replies with the correct response. You need to note down the
correct messages in sequence.
d. You can maintain a timeline diagram as follows to show the messages that
exchanged between the server and clients.

Client 1 Client 2 Client 3 Server

Initiating TCP
connection

Time

e. Once you have done the above steps (a to d), now assume a Web cache which
is also called a proxy server introduced to the network as shown in the
following diagram.
 i. Let’s do another role paying to understand the role of proxy server/
web cache. For this scenario, one group member who acted as a client
can now act as a proxy server. You can assume that the proxy server
has the objects that Client 1 requested but does not have the objects
requested by the Client 3.
ii. Now repeat Steps c and d for the scenario described in Step e.

Activity 2: Analysing HTTP in Wireshark

Having a basic understanding about the Wireshark packet sniffer through Active Class 1, we
are now ready to use Wireshark to further investigate HTTP. Today, we will explore some
important aspects of the HTTP protocol including the basic GET/response interaction, and
HTTP message formats.

You can follow the following steps to conduct the analysis.

a. Open your web browser and clear the browser’s cache if you have not done that
already.
b. Open the Wireshark packet sniffer and start the packet capture (Wireshark captures
the packets by default when you open it for the first time)
c. Enter the URL with http (not https) into your browser. If you are unsure what to use,
you can use http://www.columbia.edu/~fdc/sample.html .
d. Stop Wireshark packet capture once the page is loaded in your browser.
e. We want to analyse HTTP. Therefore, you want to filter out “http” responses. To do
that, enter “http” in the filter.
f. Now you can analyse HTTP, requests, responses, and sequences.
g. By analysing the HTTP responses, you should be able to answer the following
questions,
a. What is the sequence of HTTP message exchange?
b. Are we using persistence/ non-persistence connection?
c. What are details you can find in HTTP GET message?
d. Check the packet details in the middle Wireshark packet details pane. Can
you identify the details in Ethernet II / Internet Protocol Version 4 /
Transmission Control Protocol / Hypertext Transfer Protocol frames?
e. What is the HTTP version your browser used?
f. Identify the response message received from the server?
g. What is version of HTTP that the server is running?
h. Can you identify the IP address of your computer?
i. Can you identify the IP address of http://www.columbia.edu/ server?
j. What is the status code returned from the server to your browser?
k. When was the HTML file that you are accessing last modified at the server?
l. Repeat the analysis by accessing a different web page of your choice.
h. What happens when you use “https”? Can you analyse the responses? Discuss your
answer with your group members.
Note: You need to provide a summary of your learning and evidence that you have achieved
each of the learning objectives listed at the top of this activity. You can use the discussions/
screenshots that you have had while completing the activity as part of this evidence.

Above and Beyond Tasks:

Those who are targeting for Credit and above can complete the following tasks as part of
Task 4.1C and 5.2D to demonstrate your deeper understanding on application layer
protocols.

• Analysing TLS
o Open your web browser and clear the browser’s cache. Open the Wireshark
packet sniffer and start the packet capture
o Enter a URL with HTTPS in your browser.
o Stop packet capture and you can start analysing the packets. Explain the
operation and handshake process of TLS using the screen captures of
Wireshark.

o You need to clearly identify the message sequence and protocols used
(including transport layer protocols) before your browser sends the first HTTP
GET message to the relevant web server.

o Can you analyse HTTPS in Wireshark? Explain your answer. If yes, provide
evidence on how we can do that. If not, is there any alternative method we
could use to analyse HTTPS?