Application Layer

By: Hailu Beshada (MSc)

Application Layer
May 2023
2
What is Application Layer?
 is the topmost layer that is responsible for providing
applications with access to network services(providing
services to the user).
 It performs the following tasks:
 Process Identifiers
 Protocol Selection
 Data Encoding and Compression
 Application-Specific Security
 Data Flow Control

3
4
Services
 e-mail  voice over IP
 web  real-time video conferencing
 instant messaging  grid computing
 remote login
 P2P file sharing
 multi-user network games
 streaming stored video clips

5
Application architectures
 Client-server
 Peer-to-peer (P2P)
 Hybrid of client-server and P2P

6
Client-Server Model
 The device requesting the information is called a client
 The device responding to the request is called a server
 Application layer protocols describe the format of the requests and
responses between the clients and servers
server:
 always-on host
 permanent IP address
 server farms for scaling

clients:
 communicate with server
 may be intermittently connected
 may have dynamic IP addresses
 do not communicate directly
with each other
Ch 3 - 7
Servers
 A server is usually a computer that contains information to be shared with
many client systems
 Some servers may require authentication of user control information to
verify the user has access rights
 rely on a central list of user accounts and authorization
 The server runs a service, or process, called a daemon

– daemon typically runs in

the background
– the daemon “listens” for a
request from a client
– the daemon exchanges
appropriate information
with the client when it
“hears” a request

Ch 3 - 8
Application Layer Services and
Protocols
 A single application may employ many different supporting Application
layer services
 one request may contain several individual processes
 Servers can support multiple clients requesting information at the same time

– the individual client

requests must be handled
simultaneously and
separately
– Application layer processes
and services rely on
support from lower layer
functions to successfully
manage the multiple
conversations

Ch 3 - 9
Peer-to-Peer Networks
 Two or more computers are connected via a network and can share
resources without having a dedicated server
 every connected end device, known as a peer, can function either as a client or
server
 information can be located anywhere on any connected device

– user accounts and access

rights are set individually
on each peer device
– difficult to enforce security
and access policies
– most current operating
systems support file and
print sharing without
requiring additional server
software

Ch 3 - 10
Peer-to-Peer Applications
 Allows a device to act as both a client and server within the same
communication
 requires each end device to provide a user interface and run a background service
 Can be used on peer-to-peer networks, client/server networks and across the
Internet

Ch 3 - 11
Hybrid of client-server and P2P
Skype
 voice-over-IP P2P application
 centralized server: finding address of remote party:
 client-client connection: direct (not through server)
Instant messaging
 chatting between two users is P2P
 centralized service: client presence detection/location
 user registers its IP address with central server when it
comes online
 user contacts central server to find IP addresses of
buddies

12
Processes communicating
Process: program running
Client process: process that
within a host.
initiates communication
 within same host, two
Server process: process that
processes communicate
waits to be contacted
using inter-process
communication (defined by
OS).
 processes in different hosts
 Note: applications with P2P
communicate by exchanging architectures have client
messages processes & server processes

13
Addressing processes
 to receive messages, process
must have identifier
 host device has unique 32-bit
IP address
 Q: does IP address of host
suffice for identifying the
process?

14
Addressing processes
 to receive messages,  identifier includes both IP
process must have address and port numbers
identifier associated with process on
 host device has unique 32- host.
bit IP address  Example port numbers:
 Q: does IP address of host  HTTP server: 80
on which process runs  Mail server: 25
suffice for identifying the  to send HTTP message to
process? www.ju.edu.et web server:
 A: No, many processes can  IP address: 10.10.2.1
be running on same host  Port number: 80

15
App-layer protocol defines
 Types of messages Public-domain protocols:
exchanged,  defined in RFCs
 e.g., request, response  allows for interoperability
 Message syntax:  e.g., HTTP, SMTP
 what fields in messages & how
Proprietary protocols:
fields are defined
 e.g., Skype
 Message semantics
 meaning of information in
fields
 Rules for when and how
processes send & respond to
messages

16
What transport service does an app need?
Data loss Throughput (the amount of data that can
be transmitted over channel)
 some apps (e.g., audio) can  some apps (e.g., multimedia) require
tolerate some loss minimum amount of throughput to be
 other apps (e.g., file transfer, “effective”
 other apps (“elastic apps”) make use
telnet) require 100% reliable of whatever throughput they get
data transfer Security
 Encryption, data integrity, …
Timing
 some apps (e.g., Internet
telephony, interactive
games) require low delay
to be “effective”

17
Internet transport protocols services
TCP service: UDP service:
 connection-oriented: setup  unreliable data transfer
required between client and server between sending and receiving
processes process
 reliable transport between sending  does not provide: connection
and receiving process setup, reliability, flow control,
 flow control: sender won’t congestion control, timing,
overwhelm receiver throughput guarantee, or
security
 congestion control: throttle sender
when network overloaded
 does not provide: timing, minimum Q: why bother? Why is there a
throughput guarantees, security UDP?

18
Internet apps: application, transport protocols

Application Underlying
Application layer protocol transport protocol

e-mail SMTP [RFC 2821] TCP

remote terminal access Telnet [RFC 854] TCP
Web HTTP [RFC 2616] TCP
file transfer FTP [RFC 959] TCP
streaming multimedia HTTP (eg Youtube), TCP or UDP
RTP [RFC 1889]
Internet telephony SIP, RTP, proprietary
(e.g., Skype) typically UDP

19
 Web and HTTP
 Web page consists of objects
 Object can be HTML file,
JPEG image, Java applet,
audio file,…
 Web page consists of base
HTML-file which includes
several referenced objects
 Each object is addressable
by a URL
 Example URL:

www.someschool.edu/someDept/pic.gif

host name path name

20
HTTP overview
HTTP: hypertext transfer
protocol
 Web’s application layer protocol HT
TP
r
equ
 client/server model PC running HT
TP
est
Explorer res
 client: browser that requests, pon
se
receives, “displays” Web
objects st
ue
 server: Web server sends r eq e Server
TTP o ns
objects in response to requests H p running
res
TP Apache Web
HT
server

Mac running
Navigator

21
HTTP overview (continued)
Uses TCP:
 client initiates TCP connection (creates socket) to server, port 80
 server accepts TCP connection from client
 HTTP messages (application-layer protocol messages) exchanged
between browser (HTTP client) and Web server (HTTP server)
 TCP connection closed

22
HTTP connections
 HTTP supports two types of connections:
 non-persistent and persistent..

Nonpersistent HTTP Persistent HTTP

 At most one object is sent  Multiple objects can be sent
over a TCP connection. over single TCP connection
between client and server.

23
 Nonpersistent HTTP
Suppose user enters URL (contains text,
www.someSchool.edu/someDepartment/home.index references to 10
jpeg images)
1a. HTTP client initiates TCP
connection to HTTP server (process)
at www.someSchool.edu on port
1b. HTTP server at host
www.someSchool.edu waiting
80
for TCP connection at port 80.
“accepts” connection, notifying
client
2. HTTP client sends HTTP
request message (containing
URL) into TCP connection 3. HTTP server receives request
socket. Message indicates that message, forms response
client wants object message containing requested
someDepartment/home.index object, and sends message into
its socket
time
24
 Nonpersistent HTTP (cont.)
4. HTTP server closes TCP
connection.
5. HTTP client receives response
message containing html file,
displays html. Parsing html file,
finds 10 referenced jpeg objects

time
6. Steps 1-5 repeated for each of
10 jpeg objects

25
Non-Persistent HTTP: Response
time
Definition of RTT: time for a
small packet to travel from
client to server and back.
initiate TCP
Response time: connection
 one RTT to initiate TCP RTT
connection request
file
 one RTT for HTTP request time to
RTT
transmit
and first few bytes of HTTP file
response to return file
received
 file transmission time

total = 2RTT+transmit time time time

26
Persistent HTTP

Nonpersistent HTTP issues: Persistent HTTP

 requires 2 RTTs per object  server leaves connection open
 OS overhead for each TCP after sending response
connection  subsequent HTTP messages
 browsers often open parallel TCP between same client/server sent
connections to fetch referenced over open connection
objects  client sends requests as soon as
it encounters a referenced object
 as little as one RTT for all the
referenced objects

27
HTTP overview (continued)
HTTP is “stateless”
 server maintains no information about past client
requests
Protocols that maintain “state” are complex!
 past history (state) must be maintained
 if server/client crashes, their views of “state” may be
inconsistent, must be reconciled

28
User-server state: cookies
Many major Web sites use
cookies Example:
 Abebe always access Internet
Four components:
1) cookie header line of HTTP from PC
response message  visits specific e-commerce
2) cookie header line in HTTP
request message
site for first time
3) cookie file kept on user’s host,  when initial HTTP requests
managed by user’s browser arrives at site, site creates:
4) back-end database at Web site  unique ID
 entry in backend database
for ID

29
 Cookies: keeping “state” (cont.)
client
server

ebay 8734
usual http request msg
Amazon server
cookie file usual http response creates ID
Set-cookie: 1678 1678 for user create
ebay 8734 entry
amazon 1678
usual http request msg
cookie: 1678 cookie- access
specific
one week later: usual http response msg action backend
database
access
ebay 8734 usual http request msg
amazon 1678 cookie: 1678 cookie-
spectific
usual http response msg action
30
Cookies (continued)
aside
Cookies and privacy:
What cookies can bring:  cookies permit sites to learn a
 authorization lot about you
 you may supply name and e-
 shopping carts
mail to sites
 recommendations
 user session state (Web e-
mail)
How to keep “state”:
 protocol endpoints: maintain state at
sender/receiver over multiple transactions

31
Will be continued on the next day

32
 Web caches (proxy server)
Goal: satisfy client request without involving origin server

 user sets browser: Web origin

server
accesses via cache
 browser sends all HTTP HT Proxy
TP server u est
requests to cache HT
client TP
req
u e st TP re q
nse
H T p o
res res
 object in cache: cache returns pon T P
se HT
object est
u
 else cache requests object req e
TT P o ns
p
from origin server, then H res
T TP
returns object to client H

client
origin
server

33
More about Web caching
 cache acts as both client and Why Web caching?
server  reduce response time for
 typically cache is installed client request
by ISP (university, company,  reduce traffic on an
residential ISP) institution’s access link.
 Internet dense with caches:
enables “poor” content
providers to effectively
deliver content (but so does
P2P file sharing)

34
Caching example
Assumptions origin
servers
 average object size = 100,000 bits
 avg. request rate from institution’s public
Internet
browsers to origin servers = 15/sec
 delay from institutional router to
any origin server and back to router
= 2 sec 1.5 Mbps
access link
Consequences institutional
 utilization on LAN = 15% network
10 Mbps LAN
 utilization on access link = 100%
 total delay = Internet delay + access
delay + LAN delay
institutional
= 2 sec + minutes + milliseconds
cache

35
Caching example (cont)
origin
possible solution servers
 increase bandwidth of access link public
to, say, 10 Mbps Internet
consequence
 utilization on LAN = 15%
 utilization on access link = 15% 10 Mbps
access link
 Total delay = Internet delay + access
delay + LAN delay institutional
network
= 2 sec + msecs + msecs 10 Mbps LAN
 often a costly upgrade

institutional
cache

36
Caching example (cont)
origin
possible solution: install cache servers
 suppose hit rate is 0.4 public
consequence Internet
 40% requests will be satisfied
almost immediately
 60% requests satisfied by origin 1.5 Mbps
server access link
 utilization of access link reduced
to 60%, resulting in negligible institutional
delays (say 10 msec) network
10 Mbps LAN
 total avg delay = Internet delay
+ access delay + LAN delay
= .6*(2.01) secs
+ .4*milliseconds < 1.4 secs institutional
cache

37
 Conditional GET
cache server
 Goal: don’t send object if cache
has up-to-date cached version HTTP request msg
 cache: specify date of cached copy If-modified-since:
<date>
object
in HTTP request not
If-modified-since: <date> modified
HTTP response
 server: response contains no object HTTP/1.0
if cached copy is up-to-date: 304 Not Modified
HTTP/1.0 304 Not Modified
HTTP request msg
If-modified-since:
<date> object
modified
HTTP response
HTTP/1.0 200 OK
<data>
38
FTP: the file transfer protocol

FTP file transfer

FTP
user FTP
client
interface server
user
at host remote file
local file system
system

 transfer file to/from remote host

 client/server model
 client: side that initiates transfer (either to/from remote)
 server: remote host
 ftp: RFC 959
 ftp server: port 21

39
FTP: separate control, data connections
 FTP client contacts FTP server at port TCP control connection
port 21
21, TCP is transport protocol
 client authorized over control
connection TCP data connection
FTP port 20 FTP
 client browses remote directory by client server
sending commands over control
connection.  server opens another TCP
 when server receives file transfer data connection to transfer
command, server opens 2nd TCP another file.
connection (for file) to client  control connection: “out of
 after transferring one file, server band”
closes data connection.  FTP server maintains “state”:
current directory, earlier
authentication

40
FTP commands, responses
Sample commands: Sample return codes
 sent as ASCII text over control  status code and phrase (as in
channel HTTP)
 USER username  331 Username OK,
 PASS password password required

 125 data connection
LIST return list of file in current
already open; transfer
directory
starting
 RETR filename retrieves (gets)  425 Can’t open data
file connection
 STOR filename stores (puts)  452 Error writing file
file onto remote host

41
Dynamic Host Configuration Protocol
 DHCP uses UDP ports 67 (server) and 68 (client)
 Allows a host to obtain an IP address automatically from a DHCP server
when it connects to the network
 server leases an IP address from a pool to the host for a set period
 can pose a security risk

• DHCP is preferred on large

LANs or where the user
population changes
frequently
– when accessing the Internet
using wireless hotspots at
airport or coffees shops

Ch 3 - 42
DHCP Process
 When a DHCP-configured device boots or connects to the network, the
client broadcasts a DHCP Discover packet
 The DHCP server replies with a DHCP Offer
 a lease offer message with an assigned IP address, subnet mask, default gateway,
DNS server and duration of lease
 client may receive multiple DHCP Offer packets
 Client broadcasts a DHCP Request that identifies the explicit server and
lease offer that it is accepting

• The DCHP would return

a DHCP Ack that
acknowledges the lease
is finalized
– provided IP address is
still valid

Ch 3 - 43
 Providing IP Addressing Services
nslookup
 Operating system utility called nslookup allows the user to manually query
the name servers to resolve a given host name
 Utility can be used to troubleshoot name resolution issues and to verify the
current status of the name servers
 Electronic Mail outgoing
message queue
Three major components: user user mailbox
 user agents agent
 mail servers mail
user
server
agent
 simple mail transfer protocol:
SMTP
SMTP mail
server user
User Agent SMTP agent
 composing, editing, reading mail
SMTP
messages
mail user
 e.g., Eudora, Outlook, elm, Mozilla agent
server
Thunderbird
 outgoing, incoming messages user
stored on server agent
user
agent

45
Electronic Mail: mail servers
Mail Servers
user
 mailbox contains incoming agent
messages for user
mail
user
 message queue of outgoing (to be server
agent
sent) mail messages SMTP
 SMTP protocol between mail mail
server user
servers to send email messages
SMTP agent
 client: sending mail server
 “server”: receiving mail server SMTP
mail user
server agent

user
agent
user
agent
46
Electronic Mail: SMTP [RFC 2821]
 uses TCP to reliably transfer email message from client to server,
port 25
 direct transfer: sending server to receiving server
 three phases of transfer
 handshaking (greeting)
 transfer of messages
 closure
 command/response interaction
 commands: ASCII text
 response: status code and phrase

 messages must be in 7-bit ASCII

47
SMTP and POP(Post Office Protocol )
 POP and POP3 are inbound mail delivery protocols
 MDA listens for a client connection to the server

• SMTP governs the

transfer of outbound e-
mail from the sending
client to the MDA, as
well as the transport of e-
mail between MTA
– enables e-mail to be
transported across data
networks between
different types of server
and client software

Ch 3 - 48
Try SMTP interaction for yourself:
 telnet servername 25
 see 220 reply from server
 enter HELO, MAIL FROM, RCPT TO, DATA, QUIT
commands
above lets you send email without using email client (reader)

49
SMTP: final words
 SMTP uses persistent connections Comparison with HTTP:
 SMTP requires message (header &  HTTP: pull
body) to be in 7-bit ASCII
 SMTP: push
 SMTP server uses CRLF.CRLF to
determine end of message  both have ASCII
command/response interaction,
status codes
 HTTP: each object encapsulated in
its own response msg
 SMTP: multiple objects sent in
multipart msg

50
Mail message format
SMTP: protocol for exchanging
email msgs
RFC 822: standard for text message header
format: blank
line
 header lines, e.g.,
 To:
 From:
body
 Subject:

different from SMTP commands!

 body
 the “message”, ASCII characters
only

51
Mail access protocols
SMTP SMTP access
user
user protocol
agent
agent

sender’s mail receiver’s mail

server server
 SMTP: delivery/storage to receiver’s server
 Mail access protocol: retrieval from server
 POP: Post Office Protocol [RFC 1939]
 authorization (agent <-->server) and download
 IMAP: Internet Mail Access Protocol [RFC 1730]
 more features (more complex)
 manipulation of stored msgs on server
 HTTP: gmail, Hotmail, Yahoo! Mail, etc.

52
DNS: Domain Name System
People: many identifiers: Domain Name System:
 SSN, name, passport #  distributed database implemented
Internet hosts, routers: in hierarchy of many name servers
 IP address (32 bit) - used for  application-layer protocol host,
addressing datagrams routers, name servers to
 “name”, e.g., ww.yahoo.com - communicate to resolve names
used by humans (address/name translation)
 note: core Internet function,
Q: map between IP addresses implemented as application-layer
and name ? protocol
 complexity at network’s “edge”

53
DNS
DNS services Why not centralize DNS?
 hostname to IP address  single point of failure

translation  traffic volume

 host aliasing  distant centralized database
 Canonical, alias names  maintenance
 mail server aliasing
 load distribution doesn’t scale!
 replicated Web servers: set of
IP addresses for one
canonical name

54
DNS Directory Structure
 Uses a hierarchical structure to create a name database
 hierarchy is an inverted tree with the root at the top and branches below
 The different top-level domains (TLD) represent either the country origin or
the type of organization

• After TLD are second-

level domain names, and
below them are other
lower level domains

Ch 3 - 55
Distributed, Hierarchical
Database
Root DNS Servers

com DNS servers org DNS servers edu DNS servers

pbs.org poly.edu umass.edu

yahoo.com amazon.com
DNS servers DNS serversDNS servers
DNS servers DNS servers

Client wants IP for www.amazon.com; 1st approx:

 client queries a root server to find com DNS server
 client queries com DNS server to get amazon.com DNS server
 client queries amazon.com DNS server to get IP address for
www.amazon.com

56
 DNS: Root name servers
 contacted by local name server that can not resolve name
 root name server:
 contacts authoritative name server if name mapping not known
 gets mapping
 returns mapping to local name server

a Verisign, Dulles, VA
c Cogent, Herndon, VA (also LA)
d U Maryland College Park, MD k RIPE London (also 16 other locations)
g US DoD Vienna, VA
h ARL Aberdeen, MD i Autonomica, Stockholm (plus
j Verisign, ( 21 locations) 28 other locations)
e NASA Mt View, CA m WIDE Tokyo (also Seoul,
f Internet Software C. Palo Alto, Paris, SF)
CA (and 36 other locations)

13 root name
servers worldwide
b USC-ISI Marina del Rey, CA
l ICANN Los Angeles, CA

57
TLD and Authoritative Servers
 Top-level domain (TLD) servers:
 responsible for com, org, net, edu, etc, and all top-level
country domains uk, fr, ca, jp.
 Network Solutions maintains servers for com TLD
 Educause for edu TLD
 Authoritative DNS servers:
 organization’s DNS servers, providing authoritative hostname
to IP mappings for organization’s servers (e.g., Web, mail).
 can be maintained by organization or service provider

58
Local Name Server
 does not strictly belong to hierarchy
 each ISP (residential ISP, company, university) has one.
 also called “default name server”
 when host makes DNS query, query is sent to its local
DNS server
 acts as proxy, forwards query into hierarchy

59
DNS name
root DNS server
resolution example
 Host at cis.poly.edu 2
wants IP address for 3
TLD DNS server
gaia.cs.umass.edu 4

iterated query: local DNS server

 contacted server dns.poly.edu
7 6
replies with name of 1 8
server to contact
 “I don’t know this authoritative DNS server
name, but ask this dns.cs.umass.edu
requesting host
server” cis.poly.edu

gaia.cs.umass.edu

60
DNS: root DNS server

recursive query: 2 3
 puts burden of name
resolution on contacted 7 6
name server TLD DNS server
 heavy load?
local DNS server
dns.poly.edu 5 4

1 8

authoritative DNS server

dns.cs.umass.edu
requesting host
cis.poly.edu

gaia.cs.umass.edu
61
DNS: caching and updating records
 once (any) name server learns mapping, it caches
mapping
 cache entries timeout (disappear) after some time
 TLD servers typically cached in local name servers
 Thus root name servers not often visited
 update/notify mechanisms under design by IETF
 RFC 2136
 http://www.ietf.org/html.charters/dnsind-charter.html

62
Pure P2P architecture
 no always-on server
 arbitrary end systems
directly communicate
 peers are intermittently peer-peer
connected and change IP
addresses

 Three topics:
 File distribution
 Searching for information
 Case Study: Skype

63
File Distribution: Server-Client vs
P2P
Question : How much time to distribute file from one server
to N peers?
us: server upload
Server
bandwidth
ui: peer i upload
u1 d1 u2 bandwidth
us d2
di: peer i download
File, size F bandwidth
dN
Network (with
uN abundant bandwidth)

64
File distribution time: server-client
 server sequentially sends Server
N copies: F u1 d1 u2
us d2
 NF/us time
 client i takes F/di time to dN Network (with
abundant bandwidth)
download uN

Time to distribute F
to N clients using
client/server approach = dcs = max { NF/us, F/min(di) }
i

increases linearly in N
(for large N)
65
File distribution time: P2P
 server must send one copy: Server
F/us time F u1 d1 u2
us d2
 client i takes F/di time to
download dN Network (with
abundant bandwidth)
 NF bits must be downloaded uN
(aggregate)

fastest possible upload rate: us + Su
i

dP2P = max { F/us, F/min(di) , NF/(us + Su ) }i

i
66
P2P Case study: Skype
 inherently P2P: pairs of Skype clients (SC)
users communicate.
 proprietary application-
layer protocol (inferred via Skype
reverse engineering) login server Supernode
 hierarchical overlay with (SN)
SNs
 Index maps usernames to
IP addresses; distributed
over SNs

67
Peers as relays
 Problem when both Alice
and Bob are behind
“NATs”.
 NAT prevents an outside peer
from initiating a call to insider
peer
 Solution:
 Using Alice’s and Bob’s SNs,
Relay is chosen
 Each peer initiates session with
relay.
 Peers can now communicate
through NATs via relay

68
File Sharing Services
 Server Message Block (SMB) is a client/server file sharing protocol
 sharing directories, files, printers and serial ports
 clients establish a long term connection to the servers
 SMB resource sharing is supported by TCP/IP protocols

Ch 3 - 69
SMB Protocol
 It describes the file system access and how clients can request for files
 All SMB messages share a common format
 a fixed size header followed by a variable-sized parameter and data component

• SMB messages can

– start, authenticate and
terminate sessions
– control file and printer
access
– allow an application to
send or receive
messages to or from
another device

Ch 3 - 70
Peer-to-Peer (P2P) Services
 Users can make files on their hard disks available to others for downloading
with P2P applications based on the Gnutella protocol

 Gnutella-compatible client software allows users to connect to Gnutella

services over the Internet to locate and access resources shared by other
Gnutella peers
 BearShare, Gnucleus, LimeWire, Morpheus, WinMX and XoloX

 Gnutella Developer Forum maintains the basic protocol

 application vendors develop extensions to make their protocol work better on
their applications

Ch 3 - 71
Gnutella Protocol
 Many P2P applications do not use a central database to record all files
available on the peers
 Gnutella allows P2P applications to search for shared resources on peers (or
nodes)

• When a user connects to a

Gnutella service, the client
application will search for
nodes to connect to
– nodes handle queries for
resource location and
replies
Telnet
 Telnet uses TCP port 23
 Provides a method of emulating text-based terminals over the network
 allows a local device to access a remote device as if the keyboard and monitor
are connected to the remote device directly
 A connection using Telnet is called a virtual terminal (VTY) session

• The Telnet server runs a

service called the Telnet
daemon