Scribd
Upload
14 views

CN Modul 5 TB

Uploaded by

Asheesh K
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
14 views

CN Modul 5 TB

Uploaded by

Asheesh K
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
You are on page 1/ 53
HAPTER 25 Introduction to Application Layer the whole Internet, hardware and software, was designed and developed to pro- ‘vide services at the application layer. The fifth layer of the TCP/IP protocol suite is where these services are provided for Internet users. The other four layers are there {o make these services possible. ‘This chapter is divided into four sections: I. The first section introduces the application layer. The section first describes the services provided by the application layer, It then explains that there ate two para- digms in which hosts in the Internet can exchange services: the client-server para- ddigm and the peer-to-peer paradigm. 1 The second section introduces client-server programming, the way in which the client-server paradigm can be implemented. It first describes application program- ‘ming interfaces. It then shows how application programs use the services of the ransport layer. It finally defines iterative communication using UDP or TCP. clieaeserver communication Hay One problem with this paradigm is that the concentration of the communication load is on the shoulder of the server, which means the server should be a powerful com- puter. Even a powerful computer may become overwhelmed if a large number of clients lay to connect to the server at the same time, Another problem is that there should be a service provider willing to accept the cost and create a powerful server for a specific service, which means the service must always retum some type of income forthe server in order to encourage such an arrangement. Several traditional services are still using this paradigm, including the World Wide ‘Web (WWW) and its vehicle HyperText Transfer Protocol (HTTP), file transfer proto- col (FTP), secure shell (SSH), e-mail, and so on. We discuss some of these protocols and applications later in the chapter. New Paradig reer-to-Peer A new paradigm, called the peer-to-peer paradigm (often abbreviated P2P paradigm) has emerged to respond to the needs of some new applications. In this paradigm, there is no need for a server process (o be running all the time and waiting for the client processes to connect. The responsibility is shared between peers. A computer con- nected to the Internet can provide service at one time and receive service at another ime, A computer can even provide and receive services at the same time. Figure 25.3 shows an example of communication in this paradigm. su PART VI. APPLICATION LAYER Figure 25.3 Example ofa peer-to-peer paradigm Legend to co WAN Gp BH we BQ’ switer ESD Router <> _Peerto-per communication One of the areas that realy fits in this paradigm is the Internet telephony, Commu- nication by phone is indeed a peer-to-peer activity; no party needs to be running for- ‘ever Waiting for the other party to call. Another area in which the peer-to-peer paradigm can be used is when some computers connected to the Internet have something to share with each other. For example, if an Internet user bas a file available to share with other Internet users, there is no need for the file holder to become a server and run a server pro- cess all the time waiting for other users to connect and retrieve the fle Although the peer-to-peer paradigm has been proved to be easily scalable and cost-effective in eliminating the need for expensive servers to be running and main- tained all the time, there are also some challenges. The main challenge has been security; it is more difficult to create secure communication between distributed services than between those controlled by some dedicated servers. The other challenge is applicability; it appears that not all applications can use this new paradigm. For example, not many Internet users are ready to become involved, if one day the Web can be implemented as a peer-to-peer service. ‘There are some new applications, such as BitTorrent, Skype, IPTV, and Internet telephony, that use this paradigm, We will discuss some of these applications in Chapter 29. Mixed Paradigm An application may choose to use @ mixture of the two paradigms by combining the advantages of both. For example, a light-load client-server communication can be used to find the address of the peer that can offer a service, When the address of the peer is found, the actual service can be received from the peer by using the peer-to- peer paradigm, sm PART VI APPLICATION LAYER 26.1 WORLD WIDE WEB AND HTTP In this section, we frst introduce the World Wide Web (abbreviated WWW or Web) ‘We then discuss the HyperText Transfer Protocol (HTTP), the most common client- server application program used in relation to the Web. 26.1.1 World Wide Web The idea of the Web was first proposed by Tim Berners-Lee in 1989 at CERN’, the European Organization for Nuclear Research, to allow several researchers at different locations throughout Europe to access each others’ researches. The commercial Web started in the early 1990s. ‘The Web today is a repository of information in which the documents, called web ages, are distributed all over the world and related documents are linked together. The popularity and growth of the Web can be related to two terms in the above statement: distributed and linked. Distribution allows the growth of the Web. E: the world can add a new web page to the repository and announce it to all Internet users without overloading a few servers. Linking allows one web page to refer to another web ‘page stored in another server somewhere else in the world. The linking of web pages was achieved using a concept called hypertext, which was introduced many years before the advent of the Internet. The idea was to use a machine that automatically retrieved another document stored in the system when a link to it appeared in the docu- ment, The Web implemented this idea electronically to allow the linked document to be retrieved when the link was clicked by the user. Today, the term hypertext, coined to ‘mean linked text documents, has been changed to hypermedia, to show that a web page can be a text document, an image, an audio file, ora video file, ‘The purpose of the Web has gone beyond the simple retrieving of linked docu- ments, Today, the Web is used to provide electronic shopping and gaming. One can use the Web to listen to radio programs or view television programs whenever one desires without being forced to listen to or view these programs when they are broadcast, ch web server in Architecture ‘The WWW today is a distributed client-server service, in which a client using a browser can access a service using a server. However, the service provided is distrib- tuted over many locations called sites. Bach site holds one or more web pages. Each web page, however, can contain some links to other web pages in the same or other sites. In other words, a web page can be simple or composite. A simple web page has no links to other web pages; a composite web page has one of more links to other web pages. Each web page is a file with « name and address. Example 26.1 Assume we need to retsieve a scientific document that contains one reference to another text file and one reference toa large image. Figure 26.1 shows the situation ‘The main document and the image are stored in two separate ies (file A and file B) inthe same ste; the referenced text file (fle C) is stored in another site. Since we are dealing with three 1 In French: Coneil Européen pour la Recherche Nuclésire CHAPTER 26 STANDARD CLIENT-SERVER PROTOCOLS 873, Figure 26.1 Example 26.1 ‘A: Orginal document B: Image C: Reference file diferent files, we need three transactions if we want to see the whole document. The frst tans ‘don (tequestesponse retrieves @ copy of the main document (Ble A), which has references (point- xs) othe second ane third files. Wien a copy of the main document i retieved and browsed, the user can click on the reference tothe image fo invoke the second transaction and rettieve a copy of the image fileB). Ifthe user needs to see the contents ofthe referenced text ile, she can click on ts seference (pointer invoking the thd tansaction and retrieving a copy of ile C. Note that although files A and B both ae stored in site I they are independent files with different names and addresses. ‘Two transactions are needed to retteve them. A very important point we need to remember i that fle A, fle B, and fle C in Example 26.1 aze independent web pages, each with independent names and addresses. Altbough references to file B or Care included in file A, it does not mean that each ofthese files cannot be rticved independently. A second user can rive file B with one tansac- tion, A third user can retseve file C with one wansaction. Web Client (Browser) A variety of vendors offer commercial browsers that interpret and display a web ‘page, and all of them use neatly the same architecture. Each browser usually consists of three parts: a controller, client protocols, and interpreters. (see Figure 26.2) Figure 26.2 Browser 374 PART VI APPLICATION LAYER ‘The controller receives input from the keyboard or the mouse and uses the client programs to access the document. After the document has been accessed, the controller ‘uses one of the interpreters to display the document on the screen. The client protocol can be one of the protocols described later, such as HTTP ot FTP. The interpreter can be HTML, Java, or JavaScript, depending on the type of document, Some commercial browsers include Internet Explorer, Netscape Navigator, and Firefox. Web Server ‘The web page is stored at the server. Each time a request arrives, the corresponding document is sent to the client, To improve efficiency, servers normally store requested files in a cache in memory: memory is faster to access than a disk. A server can also become more efficient through multithreading or multiprocessing. In this case, a server cean answer more than one request ata time, Some popular web servers include Apache and Microsoft Internet Information Server. Uniform Resource Locator (URL) A web page, as a file, needs to have a unique identifier to distinguish it from other web pages. To define a web page, we nced threc identifiers: host, port, and path. However, before defining the web page, we need to tell the browser what client- server application we want fo use, which is called the protocol. This means we need four identifiers to define the web page. The first is the type of vehicle to be used to fetch the web page; the last three make up the combination that defines the destina- tion object (web page) 2 Proocol. The first identifier is the abbreviation for the client-server program that we need in order to access the Web page. Although most of the time the protocol is HTTP (HyperText Transfer Protocol), which we will discuss shortly, we can also ‘use other protocols such as FIP (File Transfer Protocol). 1 Host. The host identifier can be the IP address of the server or the unique name given (o the server. IP addresses can be defined in dotted decimal notation, as described in Chapter 18 (such as 64.23.56.17); the name is normally the domain name that uniquely defines the host, such as forouzan.com, which we discuss in ‘Domain Name System (DNS) later in this chapter. 2 Port. The port, a 16-bit integer, is normally predefined for the client-server appli- cation, For example, if the HTTP protocol is used for accessing the web page, the well-known port number is 80. However, if a different port is used, the number can be explicitly given. 1 Path. The path identifies the location and the name of the file in the underlying operating system. The format of this identifier normally depends on the operat- ing system. In UNIX, a path is a set of directory names followed by the file rname, all separated by a slash. For example, /top/next/last/myfile is a path that ‘uniquely defines a file named myfile, stored in the directory last, which itself is ppatt of the directory next, which itself is under the directory top. In other words, the path lists the directories from the top to the bottom, followed by the file CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 875 To combine these four pieces together, the uniform resource locator (URL) has been designed: it uses three different separators between the four pieces as shown below. protocol /Mhost/path Used most of the time protocol: /Mhost:por‘/path Used when port number is needed Example 26.2 The URL hup:/iwww.mhhe.com/compscilforouzan/ defines the web page related to one of the authors of this book. The sting www.mhhe.com is te name of the computer in the McGraw-Hill company (the three levers www are part ofthe host name and are adéed to the commercial hos) “The palh is compsclforouzanl, hich defines Ferouzan’s web page under the directory compsct (computer science) Web Documents ‘The documents in the WWW can be grouped into three broad categories: static, dynamic, and active, Static Documents Static documents are fixed-content documents that are created and stored in a server. ‘The client can get a copy of the document only. In other words, the contents of the file are determined when the file is ereated, not when itis used. Of course, the contents in the server can be changed, but the user cannot change them. When a client accesses the document, a copy of the document is sent. The user can then use a browser to see the document. Static documents are prepared using one of several languages: HyperText Markup Language (HTML), Extensible Markup Language (XML), Extensible Style Language (XSL), and Extensible Hypertext Markup Language (XHTML). We discuss these languages in Appendix C. Dynamic Documents ‘A dynamic document is created by a web server whenever a browser requests the doe ment. When a request arrives, the web server uns an application program ora script that creates the dynamic document. The server returns the result of the program or sript as a response tothe browser that requested the document. Because a fresh document is rested for each request, the contents of a dynamic document may vary from one request 10 another. A very simple example of a dynamic document is the retrieval ofthe time and date from a server. Time and date are kinds of information that are dynamic in that they change from moment to moment. The client can ask the server to run a program such as the date program in UNIX and send the esult ofthe program tothe client. Although the Common Gateway Interface (CGN) was used to retrieve a dynamic document in the past, today's options include one ofthe scripting languages such as Java Server Pages (ISP), Which uses the Java language for scripting, of Active Server Pages (ASP), a Microsoft product that uses Visual Basic language for scripting, or ColdFusion, which embeds que- res in a Structured Query Language (SQL) database in the HTML document Active Documents For many applications, we need a program or a script to be run atthe client site, These ate called active documents. For example, suppose we want to run a program that creates animated graphics on the screen or a program that interacts with the user. The program 876 PART VI APPLICATION LAYER definitely needs to be run at the client site where the animation or interaction takes place. ‘When a browser requests an active document, the server sends a copy of the document or a script. The document is then run at the client (browser) site. One way to create an active document is to use Java applets, a program written in Java on the server. It is compiled and ready to be run, The document is in bytecode (binary) format, Another way is to use JavaScripts bat download and run the script atthe client ste. 26.1.2 HyperText Transfer Protocol (HTTP) The HyperText Transfer Protocol (HTTP) is used to define how the client-server programs can be written to retrieve web pages from the Web. An HTTP client sends a request; an HTTP server returns a response. The server uses the port number 80; the cli- ent uses a temporary port number. HTTP uses the services of TCP, which, as discussed before, is a connection-oriented and reliable protocol. This means that, before any transaction between the client and the server can take place, a connection needs to be established between them, After the transaction, the connection should be terminated The client and server, however, do not need to worry about errors in messages exchanged or loss of any message, because the TCP is reliable and will ake care of this matter, as we saw in Chapter 24, Nonpersistent versus Persistent Connections As we discussed in the previous section, the hypertext concept embedded in web page documents may require several requests and responses. If the web pages, abjects to be rettieved, are located on different servers, we do not have any other choice than to cre- ale a new TCP connection for retrieving each object. However, if some of the objects are located on the same server, we have two choices: to retrieve each object using a new TCP connection or to make a TCP connection and retrieve them all. The first method is referred to as a nonpersistent connection, the second as a persistent connection. HTTP, prior to version 1.1, specified nonpersistent connections, while persistent connections are the default in version 1.1, but it can be changed by the user, Nonpersistent Connections In a nonpersistent connection, one TCP connection is made for each requestresponse, ‘The following lists the steps in this strategy: |. The client opens a TCP connection and sends a request 2. The server sends the response and closes the connection. 3. The client reads the data until it encounters an end-of-file marker; it then closes the connection, In this strategy, if a file contains links to N different pictures in different files (all Tocated on the same server), the connection must be opened and closed N+ 1 times. ‘The nonpersistent strategy imposes high overhead on the server because the server needs NV+ I different butfers each time a connection is opened. Example 26.3, Figure 26.3 shows an example ofa nonpersistent connection. The client needs to access a file that contains one link to an image, The text file and image are located on the same server. Here we need two connections, For each connection, TCP requires atleast tree handshake messages 0 CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 877 establish the connection, but the request can be sent with the third one. After the connection is established, the object can be transferred. After receiving an object, another three handshake messages ate needed to terminate the connection, as we saw in Chapter 24, This means that the Figure 26.3 Example 26. out Beg. Image File ust handeake 7 ‘Connection Image 7 Tne Tine client and server are involved in two connection establishments and two connection terminations. Ifthe transaction involves retrieving 10 ot 20 abjecs, the round trip times spent for these hand- shakes add up to a big avethead. When we describe the client-server programming at the end of | the chapter, we will show that for each connection the client and server need to allocate extra resources such as buffers and vasiables. This is another burden on both sites, but especially on the server site Persistent Connections HTTP version 1.1 specifies a persistent connection by default, Ina persistent connec- tion, the server leaves the connection open for more requests after sending a response, 373 PART VI APPLICATION LAYER ‘The server can close the connection at the request of a client or if a time-out has been reached, The sender usually sends the length of the data with each response, However, there are some occasions when the sender does not know the length of the data. This is ‘the case when a document is created dynamically or actively, In these cases, the server informs the client that the length is not known and closes the connection alter sending the data so the client knows that the end of the data has been reached. Time and resources are saved using persistent connections. Only one set of buffers and variables ‘needs fo be set for the connection at each site, The round trip time for connection estab- lishment and connection termination is saved. Example 26.4 Figure 26.4 shows the same scenario as in Example 26.3, but using a persistent connection, Only one connection establishment and connection termination is sed, but the request forthe image is sent separately. Figure 26.4 Example 26.4 Beg et = L_ seco ae Connection Hust handshake i Image : Secon $$} i y Tine Tine Message Formats ‘The HTTP protocol defines the format of the request and response messages, as shown in Figure 26.5, We have put the two formats next to each other for comparison, Each, message is made of four sections. The first section in the request message is called the request line; the first section in the response message is called the status ine. The other three sections have the same names in the request and response messages. However, the CHAPTER 26 STANDARD CLIENT-SERVER PROTOCOLS 879 Figure 26.5 Formats ofthe request and response messages = ‘sce = ‘ ie Bae |... wat = sat similasties between these sections are only in the names; they may have different con- tents. We discuss each message type separately. Request Message As we said before, the first line in a request message is called a request line. There are tree fields in this line separated by one space and terminated by two characters (car- riage return and line feed) as shown in Figure 26.5. The fields are called method, URL, and version. ‘The method field defines the request types. In version 1.1 of HTTP, several methods are defined, as shown in Table 26.1. Most of the time, the client uses the GET method to send a request. In this case, the body of the message is empty. The HEAD method is used when the client needs only some information about the web page from the server, such as the last time it was moditied. It can also be used to test the validity of a URL. The response message in this case has only the header section; the body section is empty. The PUT method is the inverse of the GET method it allows the client to post a new web page on the server (if permitted). The POST method is similar to the PUT method, but it is used to send some information to the server to be added to the web page or to modify the web page. The TRACE method is used for debugging: the client asks the server to echo back the request to check whether the server is getting the requests. The DELETE method allows the client to delete a web page on the server if the client has permission to do so, The CONNECT ‘method was originally made as a reserve method; it may be used by proxy servers, as discussed later. Finally, the OPTIONS method allows the client to ask about the prop- erties of a web page. ‘The second field, URL, was discussed earlier in the chapter. It defines the address and name of the corresponding web page. The third field, version, gives the version of the protocol; the most current version of HTTP is 1.1 880. PARTVI APPLICATION LAYER ‘Table 26.1 Methods Method “ation GET ‘Requests a document from the server HEAD Requests information about a document but not the document itself PUT ‘Sends a document from the client tothe server POST ‘Sends some information from the client tothe server TRACE [Echoes the incoming request DELETE Removes the web page CONNECT | Reserved OPTIONS | Inquires about available options After the request line, we can have zero or more request header lines. Each header line sends additional information from the client to the server. For example, the client can request that the document be sent in a special format, Each header line thas a header name, a colon, a space, and a header value (see Figure 26.5). Table 26.2 shows some header names commonly used in a request. The value field defines the values associated with each header name. The list of values can be found in the corre- sponding RFCs, ‘The body can be present in a request message. Usually, it contains the comment to be sent or the file to be published on the website when the method is PUT or POST. Table 26.2 Request header names Header Description ‘User-agent Wentifies the cleat program Accept ‘Shows the medi format the client can accept ‘Accept-charset ‘Shows the character set the cient can handle “Acceptencoding Shows the encoding scheme the client can handle Accept-language Shows the language the client can accept Authorization ‘Shows what permissions the client has Host ‘Shows the host and port number ofthe client Date ‘Shows the current date Upgrade Specifies the preferred communication protocol Cookie [Returns the cookie tothe server (explained lates) eModified-Since Ur the file is modified since «specific date Response Message ‘The format of the response message is also shown in Figure 26.5. A response mes- sage consists of a status line, header lines, a blank line, and sometimes a body. The first line in a response message is called the status line. There are three fields in this line separated by spaces and terminated by a carriage return and line feed. The first field defines the version of HTTP protocol, currently 1.1, The status code field defines the status of the request. It consists of three digits. Whereas the codes in the 100 range are only informational, the codes in the 200 range indicate a successful request, The codes in the 300 range redirect the client to another URL, and the codes CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 881 in the 400 range indicate an error atthe client site. Finally, the codes in the 500 range indicate an error at the server site, The status phrase explains the status code in text form, ‘After the status line, we can have zeto or more response header lines, Bach header line sends additional information from the server (o the client. For example, the sender can send extra information about the document. Each header line has a header name, a colon, a space, and a header value. We will show some header lines in the examples at the end of this section, Table 26.3 shows some header names commonly used in a response message. ‘Table 26.3 Response header names Header Description Date ‘Shows the current date Uperade ‘Specifies the preferred communication protocol Server {Gives information about the server ‘Sex-Cookie ‘The server asks the client to save a cookie Content-Encoding Specifies the encoding scheme Content-Language Specifies the language Content-Length Shows the length ofthe document Content-Type ‘Specifies the media type Location "To ask the client to send the request to another site ‘Accepl-Ranges The server will accept the requested byte-ranges Last-modified Gives the date and time ofthe last change ‘The body contains the document to be sent from the server to the client. The body is present unless the response is an error message. ‘Example 26.5 ‘This example retrieves a document (see Figure 26.6). We use the GET method to retrieve an Image withthe path /usr/bin/imagel. The request line shows the method (GET), the URL, and the HTTP version (1.1) The header has twa lines that show that the cient can accept images in the GIF or IPEG format, The request does not have a body. The response message contains the status line and four lines of header. The header lines define the date, server, content encoding (MIME version, which will be described in elecconic mail), and length of the document. The body of the document follows the header. Example 26.6 In this example, the client wants to send a web page to be posted on the server. We use the PUT smethod, The request line shows the method (PUT), URL. and HTTP version (.1). There are four lines of headers. The request body contains the web page to be posted. The response mestage contains the status line and four lines of headers. The created document, which is a CGI docu- ‘meat, is included as the body (see Figure 26.7), Conditional Request A client can add a condition in its request. In this case, the server will send the requested web page if the condition is met or inform the client otherwise, One of, the most common conditions imposed by the clieat is the time and date the web S82 PARTI APPLICATION LAYER Figure 26.6 Example 265 Request cm (Gut_hainimagel HTTP Accept imageleit Accept imagelpee e~ faTTPIA 200 OK Date: Mon, 10-Jan-2011 13:15:14 GMT Server: Challenger Content-encoing: MIME-version 1.0 [Conten-ength: 2048 page is modified. The client can send the header line [/-Modified-Since with the request to tell the server that it needs the page only if it is modified after a certain point in time, igure 26.7 Example 26.6 Request ant POT kgitialdoe yl ATT [acne ‘Accept imagelgit ‘Accept imagelpes Conienclength 50 Ey Date: Mon, 10-Jan-2011 151514 GMT Server: Challenger CContent-encoding: MIME-version 1.0 Contentlength: 2000 CHAPTER 26 STANDARD CLIENT-SERVER PROTOCOLS 883 Example 26.7 The following shows how client imposes the modification data and time condition on a request. GET hiipswww commonServercom/informationfilel HTTP/L1 Request line ‘U’Modified-Since: Thu, Sept 04 00:00:00 GMT Header line Blank line “The status line in the response shows the file was not modified after the defined point in time. The body of the response message is also empty. HITTP/1.1 304 Not Modified Status line Date: Sat, Sept 06 08 16:22:46 GMT. First header line ‘Server: commonServercom Second header line Blank line (Empty Body) Empty body Cookies “The World Wide Web was originally designed as a stateless entity. A client sends a request; 1 server responds. Their relationship is over, The original purpose of the Web, retrieving publicly available documents, exactly fits this design. Today the Web has other functions that need to remember some information about the clients; some are listed below: <1 Websites are being used as electronic stores that allow users to browse through the store, select wanted items, put them in an electronic cart, and pay at the end with a credit card, 1 Some websites need to allow access to registered clients only I Some websites are used as portals: the user selects the web pages he wants to sec. 2 Some websites are just advertising agencies. For these purposes, the cookie mechanism was devised, Creating and Storing Cookies ‘The creation and storing of cookies depend on the implementation; however, the princi- ple is the same, |. When a server receives a request from a elient, it stores information about the client in a file or a string. The information may include the domain name of the client, the contents ofthe cookie (information the server has gathered about the client such as ‘name, registration number, and so on), 2 timestamp, and other information depend- ing on the implementation, 2. The server includes the cookie inthe response thal it sends to the client 3. When the client receives the response, the browser stores the cookie in the cookie directory, which is sorted by the server domain name. Using Cookies ‘When a client sends a request to a server, the browser looks in the cookie ditectory to see if it can find a cookie sent by that server, If found, the cookie is included in the 384 PART VI APPLICATION LAYER request. When the server receives the request, it knows that this is an old client, not a new one, Note that the contents of the cookie are never read by the browser or disclosed to the user. Itis a cookie made by the server and eaten by the server. Now let us see how ‘a cookie is used for the four previously mentioned purposes: 1 An electronic store (e-commerce) can use a cookie for its client shoppers. When & client selects an item and inserts it in a cart, a cookie that contains information, about the item, such as its number and unit price, is sent to the browser. Ifthe client selects a second item, the cookie is updated with the new selection information, and so on, When the client finishes shopping and wants to check out, the last cookie is retrieved and the total charge is calculated, 1 The site that restricts access to registered clients only sends a cookie to the client when the client registers for the frst time. For any repeated access, only those cli- ents that send the appropriate cookie are allowed. 2A web portal uses the cookie in a similar way. When a user selects her favorite ‘pages, a cookie is made and sent. Ifthe site is accessed again, the cookie is sent to the server to show what the client is looking for. I Acookie is also used by advertising agencies. An advertising agency can place ban- net ads on some main website that is often visited by users, The advertising agency supplies only a URL that gives the advertising agency's address instead of the ban- ner itself. When a user visits the main website and clicks the icon of a corporation, a request is sent to the advertising agency. The advertising agency sends the requested. banner, but it also includes a cookie with the ID of the user. Any future use of the banners adds to the database that profiles the Web behavior of the user. The advertising agency has compiled the interests of the user and can sell this informa- tion (o other parties, This use of cookies has made them very controversial. Hope- fully, some new regulations will be devised to preserve the privacy of users. Example 26.8 Figure 26.8 shows a scenario in which an electzonic store can benefit {rom the use of cookies. Assume a shopper wants to buy a (oy from an electvonic store named BestToys, The shopper ‘browser (client) sends a request tothe BestToys sever. The server creates an emply shopping cat (@ list forthe client and assigns an ID to the cart (for example, 12343). The server then seads @ response message, which contains the images of all toys available, with a ink under each toy that selects the (oy if iis being clicked. This response message also includes the Set-Cookie header line whose value is 1243. The client displays the images and stores the cookie value in a file named BestToys. The cookie is not revealed to the shopper. Now the shopper selects one of the toys and clicks on it, The client sends a request, bat includes the ID 12343 inthe Cookie header line. Although the server may have been basy and forgotten about this shopper, when it receives the request and checks the header, it finds the value 12343 asthe cookie. The server knows that the customer is not new; it searches fora shopping cart with ID 12343, The shopping car (list) is ‘opened and the selected toy is inserted inthe list, The server now sends another response to the shopper to tell her the total price and ask her to provide payment, The shopper provides information about her creditcard and sends « new request with the ID 12343 asthe cookie value ‘When the request asives atthe server, i again sees the ID 12343, and accepts the order and the payment and sends @ confirmation ina response. Other information about the cient is stored in CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 885 Figure 26.8 Example 268 _—— Gare, ricoake 12 Se-Cook Ta [eet mage TET Cooke Ts the server. Ifthe shopper accesses the store sometime in the future, the client sends the cookie again; the store retrieves the fle and has all he information about the client. Web Caching: Proxy Servers HTTP supports proxy servers, A proxy server is a computer that keeps copies of responses (o recent requests. The HTTP client sends a request to the proxy server. The proxy server checks its cache. If the response is not stored in the cache, the proxy server sends the request to the corresponding server. Incoming responses are sent to the proxy server and stored for future requests from other clients, ‘The proxy server reduces the load on the original server, decreases traffic, and improves latency. However, to use the proxy server, the client must be configured to access the proxy instead ofthe target server. 886 PART VI APPLICATION LAYER Note that the proxy server acts as both server and client, When it receives a request from a client for which it has a response, it acts as a server and sends the response to the client. When it receives a request from a client for which it does not have a response, it first acts as a client and sends a request to the target server. When the response has been received, il acts again as a server and sends the response to the client. Proxy Server Location ‘The proxy servers are normally located at the client site. This means that we can have a hierarchy of proxy servers, as shown below: 1. A client computer can also be used as a proxy server, in a small capacity, that stores responses to requests often invoked by the client 2. Ina company, a proxy server may be installed on the computer LAN to reduce the Joad going out of and coming into the LAN, 3. An ISP with many customers can install a proxy server to reduce the load going out of and coming into the ISP network. Example 26.9 Figure 26.9 shows an example of a use of a proxy server in a local network, such asthe network Figure 26.9 Example of a proxy server lent Clie =~ Client web WAN Proxy server Laval Nework Web con campus or in a company. The proxy server is installed in the local nctwork, When an HTTP request is reated by any ofthe clients (browsers), the request is first directed tothe proxy server. the proxy server already hat the coresponding web page, il sends the response tothe client, Otherwise, the proxy server acts as a client and sends the request tothe web server in the Internet. When the response is returned, the proxy server makes a copy and stores it in its cache before sending it to the requesting client, Cache Update A very important question is how long a response should remain in the proxy server before being deleted and replaced, Several different strategies are used for this purpose. One solution isto store the list of sites whose information remains the same for a while, For example, a news agency may change its news page every morning. This means that CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 887 1 proxy server can get the news early in the morning and keep it until the next day, Another recommendation is to add some headers to show the last modification time of the information, The proxy server can then use the information in this header to guess how long the information would be vali. HTTP Security HTTP per se does not provide security. However, as we show in Chapter 32, HTTP can be run over the Secure Socket Layer (SSL). In this case, HTTP is referred to as HTTPS, HTTPS provides confidentiality, client and server authentication, and data integrity 26.2 FTP File Transfer Protocol (FTP) is the standard protocol provided by TCP/IP for copy- ing a file from one host to another. Although transferring files from one system to another seems simple and straightforward, some problems must be dealt with first For example, two systems may use different file name conventions. Two systems may have different ways to represent data, Two systems may have different directory structures. All of these problems have been solved by FTP in a very simple and ele- {gant approach. Although we can transfer files using HTTP, FTP is a better choice to transfer large files or to transfer files using different formats. Figure 26.10 shows the Figure 26.10 FIP. Control Co connection Local pave Remote se Sytem, se sytem Data transfer Data transfer process tan connection basic model of FTP. The client has three components: the user interface, the client control process, and the client data transfer process, The server has two components: the server control process and the server data transfer process. The control connec- ‘ion is made between the control processes. The dala connection is made between the data transfer processes. Separation of commands and data transfer makes FTP more efficient. The control connection uses very simple rules of communication. We need to transfer only a line of command or a line of response at a time. The data connection, on the other hand, needs more complex rules due (othe variety of data types transferred, PART VI APPLICATION LAYER 26.2.1 ‘Two Connections ‘The two connections in FTP have different lifetimes. The control connection remains connected during the entire interactive FTP session. The data connection is opened and then closed for each file transfer activity. It opens each time commands that involve twansferring files are used, and it closes when the file is transferred. In other words, when a user starts an FTP session, the control connection opens. While the control con- nection is open, the data connection can be opened and closed multiple times if several files ate transferred. FIP uses two well-known TCP ports: port 21 is used for the con- trol connection, and port 20 is used for the data connection, 26.2.2 Control Connection For control communication, FTP uses the same approach as TELNET (discussed later) Ituses the NVT ASCII character set as used by TELNET. Communication is achieved through commands and responses. This simple method is adequate for the control con- nection because we send one command (or response) at atime. Each line is terminated with a two-character (carriage return and line feed) end-of-line token, ‘During this control connection, commands are sent from the client to the server and responses are sent from the server to the client, Commands, which are sent from the FTP client control process, are in the form of ASCIT uppercase, which may or may not be fol- lowed by an argument, Some of the most common commands are shown in Table 26.4 ‘Table 26.4 Some FTP commands Command | Arguments) Description ABOR Abort the previous command ‘cour ‘Change to parent directory cwo Divectory name Change to another directory DELE File name Delete a file LIST Diectory namie List subdirectories or files ‘MKD Directory name Create a new directory PASS User password Password PASV Server chooses a port PORT Por idealifier Client chooses a port PWD Display name of current directory Quir Log out ofthe aystem RETR File name(s) Retrieve files; files are wansferred from server to client RMD Directory name Delete a directory RNFR File name (old) Wdentify a fie to be renamed RNTO Tile name (new) Rename the file STOR File name(s) Store files; file(s) are transferred from client to server STRU ERoP Define data organization (F file, R record, or P: page) TYPE ABT Default filetype (A: ASCTL F: EBCDIC, I image) USER User ID User information MODE 8.B,or€ Define transmission mode (S: stream, Br block, or © compressed CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 889 Every FIP command generates at least one response. A response has two parts: a three-digit number followed by text, The numeric part defines the code; the text part defines needed parameters or further explanations. The first digit defines the status of the command. The second digit defines the area in which the status applies. The third digit provides additional information, Table 26.5 shows some common responses. ‘Table 26.5 Some responses in FIP Code Description Code Description 125 Data connection open 250 | Request file action OK 150. File status OK 331_| User name OK; password is needed 200 Command OK 425 Cannot open data connection 220 Service ready 450 File action not taken: fle not available 221__Service closing 452 Action aborted; insullicient storage 225 Data connection open 300 Syntax error; unrecognized command 236 Closing data connection ‘501 Syntax error in parameters or arguments 230 User login OK 530__| User not logged in 26.2.3 Data Connection The data connection uses the well-known port 20 at the server site, However, the ere- ation of a data connection is different from the control connection, The following shows the steps: 1. The client, not the server, issues a passive open using an ephemeral port. This must be done by the client because it isthe client that issues the commands for transferring files. 2. Using the PORT command the client sends this port number to the server. 3. The server receives the port number and issues an active open using the well- known port 20 and the received ephemeral port number. Communication over Data Connection “The purpose and implementation of the data connection are different from those of the con- trol connection. We want to transfer files through the data connection, The client must define the type of file to be transferred, the structure of the data, and the transmission mode. [Before sending the file through the data connection, we prepare for transmission through the control connection, The heterogeneity problem is resolved by defining three attributes of communication: file type, data structure, and transmission mode, File Type FIP can transfer one of the following file types across the data connection: AS EBCDIC file, or image file file, Data Structure FTP can transfer a file across the data connection using one of the following interpreta- tions of the structure of the data: fle structure, record structure, ot page structure. The file structure format (used by default) has no structure, It is a continuous stream of bytes. Inthe record structure, the file is divided into records. This can be used only with text files, In the page structure, the file is divided into pages, with each page having a page number and a page header. The pages can be stored and accessed randomly or sequentially. 390 PART VI APPLICATION LAYER Transmission Mode FTP can transfer a file across the data connection using one of the following three tuansmission modes: srream mode, block mode, or compressed mode. The stream mode is the default mode, data are delivered from FTP to TCP as a continuous stream of byles. Inthe block mode, data can be delivered from FTP (o TCP in blocks. In this case, ceach block is preceded by a 3-byte header. The first byte is called the block descriptor: the next two bytes define the size of the block in bytes. File Transfer File transfer occurs over the data connection under the control of the commands sent over the contral connection. However, we should remember that file transfer in FTP means one of three things: retrieving a file (server to client), storing a file (client to server), and directory listing (server to client) Example 26.10 Figure 26.11 shows an example af using FTP for retrieving a file. The figure shows only one file to be transferred. The control connection remains open all the time, but the data connection is Figure 26.11 Example 26.10 Leen DD cores peces gon | Data ante rores (port 20) [comme Freese ‘RETR osvvaerioonrantepora/iel Be Pesca Ce CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 891 ‘opened and closed repeatedly. We assume the ile is transferred in six sections. Afterall records have been transferred, the server control process announces thatthe file transfer is done, Since the client conteol process has no file to retrieve, i issues the QUIT command, which causes the service connection tobe close. Example 26.11 The following shows an actual FTP session that lists the directories, The colozed lines show the responses from the server control connection; the black lines show the commands sent by the el ent. The lines in white with black background show data transfer S fp voyagerdeanza da edu ‘Connected to voyager deanza fda edu. 220 (vsTPd 1.2.1) ‘530 Please login with USER and PASS. [Name (voyagerdeanza fitda.edu-forouzan) forouzan 331 Please specify the password. Password:r**2r092% 230 Login successful. [Remote system type is UNIX. Using binary mode to transfer files. 227 Entering Passive Mode (153,18,17,11,238,169) 150 Here comes the directory listing, fdrwar-xrx FLT EEE porree Cod peer) peers oe eee ey school 226 Directory send OK. fap> quit 221 Goodbye. 26.2.4 Security for FTP “The FTP protocol was designed when security was nota big issue, Although FTP requites a password, the password is sent in plaintext (unencrypted), which means it can be inter- cepted and used by an attacker. The data transfer connection also transfers data in plain- text, which is insecure. To be secure, one can add a Secure Socket Layer between the FTP application layer and the TCP layer: In this case FTP is called SSL-FTP. We also explore some secure file transfer applications when we discuss SSH ater inthe chapter. 26.3 ELECTRONIC MAIL Electronic mail (or e-mail) allows users to exchange messages. The nature of this application, however, is different from other applications discussed so far. In an appli- calion such as HTTP or FTP, the server program is running all the time, waiting for a request from a client. When the request arrives, the server provides the service. There is a request and there is a response, In the case of electronic mail, the situation is son PART VI APPLICATION LAYER different, First, e-mail is considered a one-way transaction, When Alice sends an e- ‘mail to Bob, she may expect a response, but this is not a mandate. Bob may ot may not respond. If he does respond, it is another one-way transaction. Second, it is neither feasible nor logical for Bob to run a server program and wait until someone sends an e-mail to him, Bob may turn off his computer when he is not using it, This means that the idea of client/server programming should be implemented in another way: using some intermediate computers (servers). The users run only client programs when they want and the intermediate servers apply the clienUserver paradigm, as we discuss in the next section, 26.3.1 Architecture ‘To explain the architecture of e-mail, we give a common scenario, as showa in Fig- ure 26.12. Another possibility is the case in which Alice or Bob is directly connected to the corresponding mail server, in which LAN or WAN connection is not required, but this variation in the scenario does not affect our discussion. igure 26.12 Common scenario va ua [e+ con wer age -o-L] e. . MTA: message tensor agent % ‘Mail sever Mall erver In the common scenario, the sender and the receiver of the e-mail, Alice and Bob respectively, are connected via 2 LAN or a WAN to two mail servers. The administrator hhas created one mailbox for each user where the received messages are stored. A mail- box is part of a server hard drive, a special file with permission restrictions. Only the owner of the mailbox has access to it. The administrator has also created a queue (spool) to store messages waiting to be sent ‘A simple e-mail from Alice to Bob takes nine different steps, as shown in the figure. Alice and Bob use three different agents: a user agent (UA), a message transfer agent (MTA), and a message access agent (MAA). When Alice needs to send a message to CHAPTER 25 STANDARD CLIENT-SERVER PROTOCOLS 893 Bob, she runs a UA program to prepate the message and send it to her mail server. The mail server at her site uses a queue (spool) to store messages waiting to be sent. The mes- sage, however, needs to be sent through the Internet from Alice’s site to Bob's site using an MTA. Here wo message transfer agents are needed: one client and one server. Like _most client-server programs on the Interne, the server needs to run all the time because it does not know when a client will ask for a connection, The client, on the other hand, can be triggered by the system when there is a message in the queue to be sent. The user agent al the Bob site allows Bob to read the received message. Bob later uses an MAA client to retrieve the message from an MAA server running on the second server. There are two important points we need to emphasize here. First, Bob cannot bypass the mail server and use the MTA server directly, To use the MTA server directly, Bob would need to run the MTA server all the time because he does not know when a message will artive. This implies that Bob must keep his computer on all the time if he is connected (o his system through a LAN. If he is connected through a WAN, he must keep the connection up all the time. Neither of these situa- tions is feasible today. Second, note that Bob needs another pair of client-server programs: message access programs. This is because an MTA client-server program is a push program: the client pushes the message to the server, Bob needs a pull program. The client needs to poll the message from the server. We discuss more about MAAS shortly ‘The electronic mail system needs two UAs, two pairs of MTAS (Glient and server), and a pair of MAAS (client and server). User Agent The first component of an electronic mail system is the user agent (UA). It provides service to the user to make the process of sending and receiving a message easier. A user agent is a software package (program) that composes, reads, replies to, and for- wards messages. It also handles local mailboxes on the user computers ‘There are two types of user agents: command-driven and GUL-based. Command- driven user agents belong to the early days of electronic mail. They are still present as the underlying user agents. A command-driven user agent normally accepts a one~ character command from the keyboard to perform its task. For example, a user can type the character , at the command prompt, to reply to the sender of the message, or type the character R to reply to the sender and all recipients. Some examples of command- driven user agents are mail, pine, and elm. Modem user agents are GUI-based. They contain graphical user interface (GUD) components that allow the user to interact with the software by using both the keyboard and the mouse. They have graphical components such as icons, menu bars, and win- dows that make the services easy (o access. Some examples of GUI-based user agents are Eudora and Outlook. Sending Mait ‘To send mail, the user, through the UA, creates mail that looks very similar to postal mail. It has an envelope and a message (see Figure 26.13). The envelope usually contains the sender address, the receiver address, and other information, The message 394 PART VI APPLICATION LAYER ‘Figure 26.13 Format of an e-mail Batzous Forouzan 20122 Ove Steet e Bellbury, CA 91000 ‘Mail From: forowzan @some.com 5 ‘Wiliam Shane [CPT To: shanew@taNetwork com s 1400 Lot Gatos Stet Sam Lovie, CA 91005, Header Body ‘contains the header and the body: The header of the message defines the sender, the receiver, the subject of the message, and some other information, The body of the mes- sage contains the actual information to be read by the recipient. Receiving Mail ‘The user agent is triggered by the user (or a timer). Ifa user has mail, the UA informs the user with a notice. Ifthe user is ready to read the mail, alist is displayed in which ‘each line contains a summary of the information about a particular message in the mail- box. The summary usually includes the sender mail adress, the subject, and the time the mail was sent or received. The user can select any of the messages and display its ‘contents on the screen, Addresses To deliver mail, a mail handling system must use an addressing system with unique addresses. In the Internet, the address consists of two parts: a local part and a domain ‘name, separated by an @ sign (see Figure 26.14), Figure 26.14 Email address al part CS Mailbox addtes ofthe ecipieat The domain name of he mallsever CHAPTER 26 STANDARD CLIENT-SERVER PROTOCOLS 895 The local part defines the name of a special file, called the user mailbox, where all the mal received for a user is stored for retrieval by the message access agent. The sec- ond part of the address is the domain name. An organization usually selects one or more hosts to receive and send e-mail; they are sometimes called mail servers or exchangers. The domain name assigned to each mail exchanger either comes from the DNS database or is a logical name (for example, the name of the organization). Mailing List or Group List Electronic mail allows one name, an alias, to represent several different e-mail addresses; this is called a mailing list, Every time a message is to be sent, the system checks the recipient's name against the alias database; if there is a mailing list for the defined alias, separate messages, one for each entry in the list, must be prepared and handed (o the MTA. Message Transfer Agent: SMTP Based on the common scenario (Figure 26.12), we can say thatthe e-mail is one of those applications that needs three uses of client-server paradigms to accomplish its task, Itis important that we distinguish these three when we arc dealing with e-mail. Figure 26.15 shows these three client-server applications. We refer to the first and the second as ‘Message Transfer Agents (MTAS), the third as Message Access Agent (MAA), Figure 26.15 Protocols used in electronic mail all der emule | ad sever Mail sever smal resco Laan Coal asec e6hUme own ex TO ema seme ta) leet ‘The formal protocol that defines the MTA client and server in the Internet is called Simple Mail Transfer Protocol (SMTP). SMTP is used wo times, between the sender and the sender’s mail server and between the (wo mail servers. As we will see shortly, another protocol is needed between the mail server and the receiver. SMTP simply defines how commands and responses must be sent back and forth Commands and Responses SMTP uses commands and responses to transfer messages between an MTA client and an MTA server, The command is from an MTA client to an MTA server; the response is from an MTA server to the MTA client. Each command or reply is terminated by a two- character (carriage return and line feed) end-of-line token, Commands Commands are sent from the client to the server. The format of a command is shown below ‘Keyword: argument(s) 896 PARTVI APPLICATION LAYER It consists of a keyword followed by zero or more arguments. SMTP defines 14 com- ‘mands, listed in Table 26.6 Table 26.6 SMTP commands Keyword “Argumeni(s) Description HELO Sender'shost name | Identifies itself MAILFROM | Sender of the message | Identifies the sender ofthe message RCPTTO Ttended recipient | Identifies the recipient ofthe message DATA Body of the mail Sends the actual message ur “Terminates the message RSET ‘Abors the curtent mail waasaction ‘VRFY Name of recipient | Verifies the address ofthe recipient NooP (Checks the status of the recipient TURN ‘Switches the sender and the recipient EXPN Mailing Uist ‘Asks the recipient to expand the mailing list HELP ‘Command name ‘Asks the recipient to send information about the command sent asthe argument SEND FROM Tntendedrecipient | Specifies that the mall be delivered only the terminal ofthe recipient, and not tothe rnailbox SMOLFROM Intended recipient Specifies that the mail be delivered tothe terminal or the mailbox ofthe recipient ‘SMALFROM Tntendedrecipient | Specifies thatthe mail be delivered to the terminal and the mailbox ofthe recipient Responses Responses are sent from the server to the client. A response is a three- digit code that may be followed by additional textual information, Table 26.7 shows the _most common response types. ‘Table 26.7 Responses Code Description Positive Completion Reply a1 ‘System status or belp reply 214 Help message 220 Service ready 21 Service closing tansmission channel 250 Request command completed 251 User not local; the message will be forwarded Positive Intermediate Reply 354 ‘Start mail input ‘Transient Negative Completion Reply 21 Service not available 450 Mailbox not available 451 ‘Command aborted: local error 452 ‘Command aborted; insufficient sorage Permanent Negative Completion Reply +300 Syntax error, unrecognized command CHAPTER 26 STANDARD CLIENT-SERVER PROTOCOLS 897 ‘Table 26.7 Responses (continued) Code Description 501 Syntax eror in parameters or arguments 502 ‘Command not implemented 503 Bad sequence of commands 508 ‘Command temporarily not implemented [550 Command is not executed; mailbox unavailable ssi User not local 352 ‘Requested action aborted, exceeded siorage location 553 ‘Requested action not taken; mailbox name not allowed 554 “Transaction failed Mail Transfer Phases “The process of transferring a mail message ocet lishment, mail transfer, and connection termination, in three phases: connection estab- Connection Establishment After a client has made a TCP connection to the well- known port 25, the SMTP server starts the connection phase. This phase involves the following three steps: 1. The server sends code 220 (service ready) to tell the client that itis ready to receive mail. Ifthe server is not ready, it sends code 421 (service not available) 2. The client sends the HELO message to identify itself, using its domain name adress, This step is necessary to inform the server of the domain name of the client 3. The server responds with code 250 (request command completed) or some other code depending on the situation, Message Transfer After connection has been established between the SMTP client and server, a single message between a sender and one or more recipients can be exchanged. This phase involves eight steps. Steps 3 and 4 are repeated if there is more than one recipient, 1, The client sends the MAIL FROM message to introduce the sender of the message. It includes the mail address of the sender (mailbox and the domain name). This step is needed to give the server the return mail address for returning errors and reporting messages, 2. The server responds with code 250 or some other appropriate code ‘The client sends the RCPT TO (recipient) message, which includes the mail address of the recipient, |. The server responds with code 250 or some other appropriate code The client sends the DATA message (o initialize the message (ransfer, The server responds with code 354 (start mail input) or some other appropriate message. 7. The client sends the contents of the message in consecutive lines. Each line is ter- minated by a two-character end-of-line token (carriage return and line feed). The message is terminated by a line containing just one period ‘8. The server responds with code 250 (OK) of some other appropriate code. 398 PART VI APPLICATION LAYER Connection Termination After the message is transferred successfully, the client te rminates the connection, This phase involves two steps, |. The client sends the QUIT command. 2. The server responds with code 221 or some other appropriate code, Example 26.12 ‘To show the three mail transfer phases, we show all of the steps described above using the information depicted in Figure 26.16. In the figure, we have separated the messages related the envelope, header, and body in the data transfer section, Note tha the steps inthis figuee ax repeated two times in each e-mail transfer: once from the e-mail sender to the local val server and once from the local mail server fo the remote mail server, The local mail server, after receiving the whole e-mail message, may spool it and send it(o the remote mail server at another time. Figure 26.16 Example 26.12 SMIP client SMTP server Eavelope rMATL FROME forouzan @ ome om Connection tablish |_| tranter {rr | aly Daw Se 7 Connection CHAPTER 26 STANDARD CLIENT-SERVER PROTOCOLS 899 ‘Message Access Agent: POP and IMAP The first and second stages of mail delivery use SMTP. However, SMTP is not involved in the third stage because SMTP is a push protocol; it pushes the message from the cli- ent to the server. In other words, the direction of the bulk data (messages) is from the client to the server. On the other hand, the third stage needs a pull protocol; the client snus pull messages from the server. The direction of the bulk data is from the server to the client, The third stage uses a message access agent Currently two message access protocols are available: Post Office Protocol, version 3 (POP3) and Internet Mail Access Protocol, version 4 (IMAP), Figure 26.15 shows the position of these two protocols PoP3 Post Office Protocol, version 3 (POP3) is simple but limited in functionality. The el cent POP3 software is installed on the recipient computer; the server POP3 software is installed on the mail server. Mail access starts with the client when the user needs to download its e-mail from the mailbox on the mail server. The client opens a connection to the server on TCP port 110. Ik then sends its user name and password to access the mailbox. The user can then list and retrieve the mail messages, one by one. Figure 26.17 shows an example of downloading using POP3. Unlike other figures in this chapter, we have put the client on the right hand side because the e-mail receiver (Bob) is running the client process to pull messages from the remote mail server, Figure 26.17 Pop3 Messages are pulled POP server POP cies remote mailserver mal eciver Bob) ee ee es Lx tg _ _ <== oo POP3 has two modes: the delete mode and the keep mode. In the delete mode, the mail is deleted from the mailbox after each retrieval. In the keep mode, the mail remains in the mailbox after retrieval. The delete mode is normally used when the user

You might also like