Unit-5

Application Layer
Application Layer: OSI and TCP/IP Models

 The Application layer, Layer seven, is the top layer of

both the OSI and TCP/IP models.
 Provides the interface between the applications we use
to communicate and the underlying network.

2
 Email

HTTP HTTP

HTTP
(www)

 Application layer protocols are used to exchange data

between programs running on the source and destination
hosts.
 There are many Application layer protocols and new
protocols are always being developed.
3
Application Layer: OSI and TCP/IP Models

 Functionality of the TCP/IP application layer protocols fit

roughly into the framework of the top three layers of the:
 OSI model: Application, Presentation and Session layers.
 Most early TCP/IP application layer protocols were
developed before the emergence of:
 personal computers, graphical user interfaces and multimedia objects.
 These protocols implement very little of the functionality
that is specified in the OSI model Presentation and Session
layers.
4
The Presentation Layer

 The Presentation layer has three primary functions:

 Coding and conversion of Application layer data to ensure that data
from the source device can be interpreted by destination device.
 Compression of the data in a manner that can be decompressed by
the destination device.
 Encryption of the data for transmission and the decryption of data
upon receipt by the destination.
 Compression and Coding formats:
 Graphics Interchange Format (GIF)
 Joint Photographic Experts Group (JPEG)
 Tagged Image File Format (TIFF). 5
The Session Layer

 Create and maintain dialogs between source and

destination applications.
 Handles the exchange of information to:
 initiate dialogs
 keep them active
 restart sessions that are disrupted or idle for a long period of time

 Most applications, like web browsers or e-mail clients,

incorporate functionality of the OSI layers 5, 6 and 7. 6
Application Layer: OSI
and TCP/IP Models

Note: Usually a
single server will
function as a server
for multiple
applications

 Common TCP/IP Protocols

 Domain Name Service Protocol (DNS) is used to resolve Internet
names to IP addresses.
 Hypertext Transfer Protocol (HTTP) is used to transfer files that make
up the Web pages of the World Wide Web.
 Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail
messages and attachments.
 Telnet, a terminal emulation protocol, is used to provide remote
access to servers and networking devices.
 File Transfer Protocol (FTP) is used for interactive file transfer 7
between systems.
RFCs: Request For Comments

 The protocols in the TCP/IP suite are generally defined

by Requests for Comments (RFCs).
 Maintained by IETF (Internet Engineering Task Force)

8
 Application Layer
Software User
applications

 Within the Application

Services
layer, there are two forms
of software programs or
processes that provide
access to the network:
System
 applications
Operations
 services

 Network-Aware Applications
 Applications are the software programs used by people to
communicate over the network.
 They implement the application layer protocols and are able to
communicate directly with the lower layers of the protocol stack.
 Email Clients
 Web Browsers
9
Application Layer Software

User
applications

Services

System
Operations

 Application layer Services

 Other programs may need the assistance of Application layer
services to use network resources such as:
 File transfer
 Network print spooling
 These services are the programs that interface with the network
and prepare the data for transfer. 10
Application Layer Software

 Application layer uses protocols that are implemented

within applications and services.
 Applications provide people a way to create messages.
 Application layer services establish an interface to the network.
 Protocols provide the rules and formats that govern how data is
treated.

 Bottom line:
 When discussing an application like "Telnet" we could be referring
to the application, the service, or the protocol. 11
Application Layer Protocol Functions

 Application layer protocols are used by both the source

and destination devices during a communication session.
 The application layer protocols implemented on the
source and destination host must match.
 Protocols: Establish consistent rules for exchanging
data.
 Specify the structure and type of messages that are exchanged.
 Types: Request, response, acknowledgement, error message,
etc.
 Defines the dialogues, ensuring with transmissions met by
expected responses, and with the correct service invoked.
12
Application Layer Protocol Functions

 Applications and services can use multiple protocols.

 Encapsulate the protocol or encapsulated by this protocol
 Invoke other protocols
 Using a web browser (HTTP):
 May invoke:
 DNS, ARP, ICMP
 May use:
 TCP, UDP, Ethernet, PPP
 Uses
 IP

13
Client Server Model

 Client: the device requesting the information

 Server: the device responding to the request is called a server.
 The client begins the exchange by requesting data from the server.
 Server responds by sending one or more streams of data to the
client.
 In addition to the actual data transfer, this exchange may also
require control information, such as:
 user authentication
 the identification of a data file to be transferred
14
Servers

 A server is usually a computer that contains information

to be shared with many client systems.
 Web server
 Email server
 File or database server
 Applications server
 Some servers may require authentication of user account
information and vary permissions.
 Example, if you request to upload data to the FTP
server, you may have permission to write to your
individual folder but not to read other files on the 15
site.
Servers

 The server runs a service, or process, sometimes called a

server daemon.
 Daemons (like other services) typically run in the background
and are not under an end user's direct control.
 Daemons are described as "listening" for a request from a
client.
 Programmed to respond whenever the server receives a request for the
service provided by the daemon.
 When a daemon "hears" a request from a client:
 It exchanges appropriate messages with the client, as required by its
protocol,
 Proceeds to send the requested data to the client in the proper format.

16
Application Layer Services
and Protocols

 Servers typically have multiple clients requesting

information at the same time.
 For example, a Telnet server may have many clients
requesting connections to it.
 These individual client requests must be handled simultaneously
and separately for the network to succeed.
 The Application layer processes and services rely on support from
lower layer functions to successfully manage the multiple
conversations. 17
Application Layer Protocols
Functions of Application Layer :
• The Application Layer, as discussed above, being topmost layer in OSI
model, performs several kinds of functions which are requirement in any
kind of application or communication process.
Following are list of functions which are performed by Application Layer
of OSI Model.
• Application Layer provides a facility by which users can forward
several emails and it also provides a storage facility.
• This layer allows users to access, retrieve and manage files in a
remote computer.
• It allows users to log on as a remote host.
• This layer provides access to global information about various
services.
• This layer provides services which include: e-mail, transferring files,
distributing results to the user, directory services, network resources
and so on.
• It provides protocols that allow software to send and receive
information and present meaningful data to users.
• It handles issues such as network transparency, resource allocation
and so on.
• This layer serves as a window for users and application processes
to access network services.
• Application Layer is basically not a function, but it performs
application layer functions.
Features provided by Application Layer
Protocols :
• To ensure smooth communication, application layer protocols are
implemented the same on source host and destination host.
The following are some of the features which are provided by
Application layer protocols-
• The Application Layer protocol defines process for both parties
which are involved in communication.
• These protocols define the type of message being sent or
received from any side (either source host or destination host).
• These protocols also define basic syntax of the message being
forwarded or retrieved.
• These protocols define the way to send a message and the
expected response.
• These protocols also define interaction with the next level.
HTTP
(WWW) DHCP
(IP address
resolution)

FTP
(file transfer) DNS
(domain name
resolution)

SMTP SMB
(email) (file sharing)

P2P
Telnet (file sharing)
(remote login)

23
Application Layer Protocols :

The application layer provides several protocols which allow any software to easily send and
receive information and present meaningful data to its users.
The following are some of the protocols which are provided by the application layer-
1.TELNET –
Telnet stands for Telecommunications Network. This protocol is used for managing files over the
Internet. It allows the Telnet clients to access the resources of Telnet server. Telnet uses port
number 23.
2.DNS –
DNS stands for Domain Name System. The DNS service translates the domain name (selected by
user) into the corresponding IP address. For example- If you choose the domain name as
www.abcd.com, then DNS must translate it as 192.36.20.8 (random IP address written just for
understanding purposes). DNS protocol uses the port number 53.
3.DHCP –
DHCP stands for Dynamic Host Configuration Protocol. It provides IP addresses to hosts.
Whenever a host tries to register for an IP address with the DHCP server, DHCP server provides
lots of information to the corresponding host. DHCP uses port numbers 67 and 68.
• FTP –
FTP stands for File Transfer Protocol. This protocol helps to transfer different files from one
device to another. FTP promotes sharing of files via remote computer devices with reliable,
efficient data transfer. FTP uses port number 20 for data access and port number 21 for data
control.
• SMTP –
SMTP stands for Simple Mail Transfer Protocol. It is used to transfer electronic mail from
one user to another user. SMTP is used by end users to send emails with ease. SMTP uses
port numbers 25 and 587.
• HTTP –
HTTP stands for Hyper Text Transfer Protocol. It is the foundation of the World Wide Web
(WWW). HTTP works on the client server model. This protocol is used for transmitting
hypermedia documents like HTML. This protocol was designed particularly for the
communications between the web browsers and web servers, but this protocol can also be
used for several other purposes. HTTP is a stateless protocol (network protocol in which a
client sends requests to server and server responses back as per the given state), which
means the server is not responsible for maintaining the previous client’s requests. HTTP
uses port number 80.
• NFS –
NFS stands for Network File System. This protocol allows remote hosts to
mount files over a network and interact with those file systems as though
they are mounted locally. NFS uses the port number 2049.
• SNMP –
SNMP stands for Simple Network Management Protocol. This protocol
gathers data by polling the devices from the network to the management
station at fixed or random intervals, requiring them to disclose certain
information. SNMP uses port numbers 161 (TCP) and 162 (UDP).
•
Reminder of encapsulation/decapsulation
Data Link IP TCP HTTP Data Link
Data Trailer
Header Header Header Header

Data Link Data Link

IP Packet
Header Trailer

Data Link Data Link

IP Packet
Header Trailer

Data Link Data Link

IP Packet
Header Trailer

Data Link IP TCP HTTP Data Link

Header Header Header Header
Data Trailer

27
Focus on Application Header and/or Data
HTTP

HTTP

 We will examine how the application (header) and/or data

communication with each other between the client and the
server.
28
HTTP (HyperText Transfer Protocol)
HTTP HTTP

HTTP
HTTP
Client
Server

 HTTP – The Web’s application layer protocol.

 Implemented in:
 Client program
 Server program
 Current version: HTTP/1.1
 Encapsulated in TCP
 Uses the services of TCP on well known Port 80.

29
 HTTP (HyperText Transfer Protocol)
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Paul Morris, MHCC</title><style type="text/css">
<!--
body {
margin-left: 0px;
The base HTML file references other
margin-top: 0px; objects in the page.
margin-right: 0px;
margin-bottom: 0px;

CIS151
 Web page (also called a html document)
 Web page consists of objects CIS152

 Objects (examples):
CIS154
 HTML file
 JPEG image
 GIF image
 JAVA applet
 Audio file
30
Web Browser - Client

HTTP
Client

 Browser – The user agent for the Web.

 Displays requested Web page and provides navigational and
configuration features.
 Browser and client may be used interchangeably in this
discussion.
 HTTP has nothing to do with how a Web page is
interpreted (displayed) by the client (browser). 31
Web Server

HTTP
Server

 Web Server – Stores web objects, each addressable by a

URL.
 Implement the server side of HTTP.
 Examples:
 Apache
 Microsoft Internet Information Server
32
 Note

HTTP uses the services of TCP on well-

known port 80.

27.33
 Figure 27.12 HTTP transaction

27.34
 Figure 27.13 Request and response messages

27.35
 Figure 27.14 Request and status lines

27.36
 Table 27.1 Methods

27.37
 Table 27.2 Status codes

27.38
 Table 27.2 Status codes (continued)

27.39
HTTP messages
• HTTP is the language that web clients and
web servers use to talk to each other
• Each message, whether a request or a
response, has three parts:
1. The request or the response line
2. A header section
3. The body of the message
What the client does, Part 1

• The client sends a message to the server at a particular port

(80 is the default)
• The first part of the message is the request line, containing:
– A method (HTTP command) such as GET or POST
– A document address, and
– An HTTP version number
• Example:
– GET /index.html HTTP/1.0
What the client does, part II
• The second part of a request is optional header
information, such as:
– What the client software is
– What formats it can accept
• All information is in the form Name: Value
• Example:
User-Agent: Mozilla/2.02Gold (WinNT; I)
Accept: image/gif, image/jpeg, */*
• A blank line ends the header
Client request headers

• Accept: type/subtype, type/subtype, ...

– Specifies media types that the client prefers to accept
• Accept-Language: en, fr, de
– Preferred language (For example: English, French, German)
• User-Agent: string
– The browser or other client program sending the request
• From: [email protected]
– Email address of user of client program
• Cookie: name=value
– Information about a cookie for that URL
– Multiple cookies can be separated by commas
What the client does, part III

• The third part of a request (after the blank

line) is the entity-body, which contains
optional data
– The entity-body part is used mostly by POST requests
– The entity-body part is always empty for a GET request
What the server does, part I
• The server response is also in three
parts
• The first part is the status line, which
tells:
– The HTTP version
– A status code
– A short description of what the status code means
• Example: HTTP/1.1 404 Not Found
• Status codes are in groups:
100-199 Informational
200-299 The request was successful
300-399 The request was redirected
400-499 The request failed
500-599 A server error occurred
Common status codes
• 200 OK
– Everything worked, here’s the data
• 301 Moved Permanently
– URI was moved, but here’s the new address for your records
• 302 Moved temporarily
– URL temporarily out of service, keep the old one but use this
one for now
• 400 Bad Request
– There is a xyntax error in your request
• 403 Forbidden
– You can’t do this, and we won’t tell you why
• 404 Not Found
– No such document
• 408 Request Time-out, 504 Gateway Time-out
– Request took too long to fulfill for some reason
 What the server does, part II

• The second part of the response is

header information, ended by a blank
line
• Example:
• Content-Length: 2532
Connection: Close
Server: GWS/2.0
Date: Sun, 01 Dec 2002 21:24:50 GMT
Content-Type: text/html
Cache-control: private
All on Set-Cookie:
one line PREF=ID=05302a93093ec661:TM=1038777890:LM=10387778
90:S=yNWNjraftUz299RH; expires=Sun, 17-Jan-2038
19:14:07 GMT; path=/; domain=.google.com
There is a nice header viewer at
Server response headers

• Server: NCSA/1.3
– Name and version of the server
• Content-Type: type/subtype
– Should be of a type and subtype specified by
the client’s Accept header
• Set-Cookie: name=value; options
– Requests the client to store a cookie with the
given name and value
What the server does, part III
• The third part of a server
response is the entity body
• This is often an HTML page
– But it can also be a jpeg, a gif, plain text,
etc.--anything the browser (or other client) is
prepared to accept
HTTP Request Message
GET /content.html / HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.lukenetwalker.com
Connection: Keep-Alive

HTTP
Server
HTTP Client
 Request Message
 Request line
 Header lines
 ASCII Text
 Request line: Method field
 GET, POST and HEAD
 The great majority of Requests are GETs 50
HTTP Request Message
GET /content.html/ HTTP/1.1

Request Line
GET - Browser/client is requesting an object
/content.html / - Browser is requesting this object in
this directory (default is index.html)
HTTP/1.1 - Browser implements the HTTP/1.1 (1.1 is
backwards compatible with 1.0)

51
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

 Response message:
 Status line
 Header lines
 Entity body

52
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

Status Line
HTTP/1.1 – Server is using HTTP/1.1
200 OK - Status code, request succeeded and information is
returned in response

53
 HTTP Response Message
HTTP/1.1 404

Status Codes
200 OK
- Status code, request succeeded and information is returned in response.
301 Moved Permanently
- Requested object has been permanently moved.
400 Bad Request
- Generic error message, request not understood by server.
404 Not Found:
-The requested document does not exist on server.
505 HTTP Version Not Supported
- The requested HTTP protocol version not supported by server.
54
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

Header Lines
Date: – Server is using HTTP/1.1
Server: - Status code, request succeeded and
information is returned in response
Last-Modified: – Date/time when object created or
modified
Content-Length: – Number of bytes in object being sent
Connection: – Server going to close TCP connection after
sending the requested object.
Content-Type: – Object in entity body is HTML text 55
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

Entity Body

<!DOCTYPE html PUBLIC etc.:

– HTML text and other objects to be used by the browser/client

56
HTTP Request and Response Messages
GET /content.html / HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.lukenetwalker.com
Connection: Keep-Alive

HTTP

HTTP
HTTP
Server
HTTP Client
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 57
<html xmlns="http://www.w3.org/1999/xhtml">
User-Server Interaction: Cookies

 Web servers are considered stateless – they do not

maintain state information, keep track of the user.
 Higher performance – allowing the server to handle thousands of
simultaneous TCP connections (later).
 Web servers use cookies to track users.
 Cookies defined in RFC 2109

58
 User-Server Interaction: Cookies
HTTP Requests: GET
(first time)

HTTP HTTP: Response

Server Set-cookie: ID

HTTP Requests (GET) HTTP Client

Web server can now now include ID
track clients activities on
the web site.
 Web server installs cookies on client when:
 Accessed the web site for the first time (Web server does not know
client by name.)
and/or
 User provides information to the web server. (Web server now knows
client by name.)
 HTTP on Web server responds with a Set-cookie: header
with an ID.
 This ID is stored on the client’s computer.
 Each time client/browser accesses web site. The GET
59
includes Cookie: or User_ID or similar with the ID.
Web Caching Web
Cache or HTTP Client
HTTP
Request
Proxy Request
Origin Server
Server HTTP Response

HTTP Response
HTTP
HTTP Request
Request
Orgin HTTP Response
Server HTTP Response
Client

 Web cache or proxy server – Web cache satisfies HTTP

requests on the behalf of the Origin Web server.
 Own disk storage
 Keeps copies of recently requested objects
 Typically installed at ISP or larger institutions.
 Advantages:
 Reduces the response time for client requests, especially if there
are any bottlenecks in the network.
 Reduces traffic on institution’s access link to the ISP (Internet). 60
Web Caching
1. Client/browser sends HTTP Request to Web cache
(Proxy server).
2. Web cache checks to see if it has a local copy of
the object.
 2a. Local copy: Web cache sends object to client’s browser.
 2b. No Local copy: Web cache sends HTTP request to origin
server.
3. Origin server sends object to Web cache.
4. Web cache stores a local copy of the object.
5. Web cache forwards copy of the object to the client
browser.
Note: TCP connections are also created between Client
and Web Cache; Web cache and Origin server (later).

61
HTTPS

 HTTPS (Hypertext Transfer Protocol over Secure Socket

Layer) is a URL scheme used to indicate a secure HTTP
connection.
 HTTPS is not a separate protocol
 combination of a normal HTTP interaction over an encrypted:
 Secure Sockets Layer (SSL) or
 Transport Layer Security (TLS) connection

62
 FTP (File Transfer Protocol)
FTP FTP
Client Server

 FTP was developed to allow for file transfers between a client and a
server.
 Used to push and pull files from a server running the FTP daemon
(FTPd).
 Uses get and put commands.
 RFC 959
63
 TCP control connection port 21
Username and password
Change directory on Server

TCP data connection port 20

Copy file from client to server – Connection Closed

TCP data connection port 20

Copy file from server to client – Connection Closed

TCP control connection port 21

Quit FTP Application – Connection Closed

 Client initiates a TCP control connection with FTP server using
port 21.
 This connection remains open until the user quits the FTP application.
 TCP port 21 connection includes:
 Username and password is sent over TCP port 21.
 Remote directory changes
 This state information significantly reduces total number of sessions
on server.
 For each file transferred, TCP opens and closes a TCP data
connection on port 20.
 More later on TCP ports and connections. 64
SMTP – Simple Mail Transfer Protocol

 Email – One of the killer applications of the Internet.

 Common SMTP ports: SMTP - port 25 or 2525 or 587. Secure
SMTP (SSL / TLS) - port 465 or 25 or 587, 2526
POP3 - port 110
IMAP - port 143
IMAP SSL (IMAPS) - port 993
65
SMTP – Simple Mail Transfer Protocol
SMTP SMTP

POP3
User Mail Mail User
IMAP
agent server server agent

 Internet mail involves:

 User agents
 Allows users to read, reply, compose, forward, save, etc., mail
messages
 GUI user agents: Outlook, Eudora, Messenger
 Text user agents: mail, pine, elm
 Mail servers
 Stores user mail boxes, communicates with local user agents and
other mail servers.
 SMTP
 Principle application layer protocol for Internet mail
 Sent over TCP
 Mail access protocols: POP3, IMAP, HTTP
66
SMTP – Simple Mail Transfer Protocol

User Mail Mail User

agent server server agent
SMTP SMTP

POP3
IMAP

 SMTP
 RFC 2821
 Transfers messages from sender’s mail server to recipient’s mail
server
 Push protocol, not a pull protocol
 Push (from client to server or server to server)
 Pull (from server to client)
 Retrieving email
 Historically, users would log into local mail server to read mail.
 Since early 1990’s, clients use mail access protocols:
 POP3
 IMAP
 HTTP 67
SMTP – Simple Mail Transfer Protocol

 POP3 (Post Office Protocol)

 RFC 1939
 Limited functionality
 Uses TCP port 110
 Download-and-delete mode
 Retrieves messages on server and store the locally
 Delete messages on server
 Download-and-keep mode
 Does not delete messages on server when retrieved.
 Problem
 Difficult to access email from multiple computers – work and
home.
 Some email may have already been downloaded on another
computer (work) – download-and-delete
 To read email from another computer, must leave on server –
download-and-keep
 Does not provide means for user to create remote folders on mail
server 68
SMTP – Simple Mail Transfer Protocol

User Mail Mail User

agent SMTP server server agent
SMTP

IMAP
HTTP

 IMAP (Internet Message Access Protocol)

 RFC 2060
 Mail not downloaded, but kept on server
 Received email is associated with user’s INBOX
 Users can create and manage remote folders
 Users can retrieve portions of the email:
 Message header: Subject line and Sender

 Web-based email
 Introduced with Hotmail in mid-1990’s
 Communicates with remote mailbox using HTTP
 HTTP is used to push (client to server) and pull the email (server to
client) 69
 SMTP

MTA
 receives email from the
client's MUA
 passes email to the MDA
for final delivery
 uses SMTP to route email
between servers

Mail software, processes used: MTA and MDA

 MUA (Mail User Agent) – Email client software.
 MTA (Mail Transfer Agent) – Software that governs transfer of
email between mail servers.
 Includes UNIX sendmail, Microsoft Exchange Server, Postfix, and Exim
 MDA (Mail Delivery Agent) – Software that governs transfer of
email from mail servers to clients.
 On Unix systems, procmail and maildrop are the most popular MDAs.
70
Telnet
Telnet Telnet

Server

 Telnet provides a standard method of emulating text-

based terminal devices over the data network.

71
Telnet
Telnet Telnet

Server

 Allows a user to remotely access another device (host,

router, switch).
 A connection using Telnet is called a Virtual Terminal
(VTY) session, or connection.
 Telnet uses software to create a virtual device that
provides the same features of a terminal session with
access to the server command line interface (CLI).
 Telnet clients:
 Putty
 Teraterm
 Hyperterm 72
Telnet

 Telnet supports user authentication, but does not

encrypt data.
 All data exchanged during a Telnet sessions is
transported as plain text.
 Secure Shell (SSH) protocol offers an alternate and
secure method for server access.
 Stronger authentication
 Encrypts data
73
DHCP – Dynamic Host Configuration Protocol

 IP addresses and other information can be obtained:

 Statically
 Dynamically (DHCP)
74
DHCP

 DHCP Information can include:

 IP address
 Subnet mask
 Default gateway
 Domain name
 DNS Server
 DHCP servers can be:
 Server on LAN
 Router
 Server at ISP 75
DHCP

 We will discuss DHCP more

when we discuss IPv4.

76
DNS – Domain Name System

 DNS allows users (software) to use domain names instead

of IP addresses

77
Name Resolution

Need the IP address

Resolver
 DNS client programs used to look up DNS name
information.
Name Resolution
 The two types of queries that a DNS resolver (either a
DNS client or another DNS server) can make to a DNS
server are the following:
Recursive queries
 Queries performed by Host to Local DNS Server
Iterative queries
 Queries performed Local DNS server to other servers
78
DNS Name Resolution

 User types http://www.example.com

Step 1.
 The DNS resolver on the DNS client sends a recursive
query to its configured Local DNS server.
 Requests IP address for "www.example.com".
 The DNS server for that client is responsible for
resolving the name
 Cannot refer the DNS client to another DNS server.

79
 2
3 2

DNS Name Resolution

Step 2.
 Local DNS Server forwards the query to a Root DNS
server.

Step 3.
 Root DNS server
 Makes note of .com suffix
 Returns a list of IP addresses for TLD (Top Level Domain Servers)
responsible for .com.

80
 DNS Name Resolution

 Root DNS Servers

 There are 13 Root DNS servers (labeled A through M)
 TLD Servers
 Responsible for domains such as .com, edu, org, .net, .uk, jp, fr
 Network Solutions maintains TLD servers for .com
 Educause maintains TLD servers for .edu
 There are redundant servers throughout the world.
81
DNS Name Resolution 4
4

Step 4.
 The local DNS server sends query for www.example.com to
one of the TLD servers.

Step 5.
 TLD Server
 Makes note of example.com
 Returns IP address for authoritative server example.com (such as
dns.example.com server)
82
DNS Name Resolution
6

6
7

Step 6.
 Local DNS server sends query for www.example.com
directly to DNS server for example.com

Step 7.
 example.com DNS server responds with its IP address for
www.example.com

83
DNS Name Resolution
8

Step 8.
 Local DNS server sends the IP address of www.example.com
to the DNS client.

DNS Caching
 When a DNS server receives a DNS reply (mapping hostname
to an IP address) it can cache the information in its
local memory.
 DNS servers discard cached information after a period of
time (usually 2 days)
 A local DNS server can cache TLD server addresses,
bypassing the root DNS servers in the query chain. 84
DNS Name Resolution
 In the worst cases, you'll
get a dialog box that says
the domain name doesn't exist
- even though you know it
does.
 This happens because the
authoritative server is slow
replying to the first, and
your computer gets tired of
waiting so it times-out
(drops the connection) or the
domain name does not exist.
 But if you try again, there's
a good chance it will work,
because the authoritative
server has had enough time to
reply, and your name server
has stored the information in
its cache.

85
nslookup

nslookup
 Displays default DNS server for your host
 Can be used to query a domain name and get the IP
address
86
DNS Name
Resolution

 ipconfig /displaydns
 After a certain amount of time, specified in the Time to Live (TTL)
associated with the DNS resource record, the resolver discards the
record from the cache.
 ipconfig /flushdns – Manually deletes entries
 The default TTL for positive responses is 86,400 seconds
(1 day).
 The default TTL for negative responses is 300 seconds. 87
(Missing Info) DNS: 204.127.199.8

88
89
90
91
SMB – Server Message Block Protocol

 The Server Message Block (SMB) is a client/server file

sharing protocol. IBM developed Server Message Block
(SMB) in the late 1980s to describe the structure of
shared network resources, such as directories, files,
printers, and serial ports.

92
SMB

 Request-response protocol .
 Unlike FTP, clients establish a long term connection to
servers.
 Client can access the resources on the server as if the
resource is local to the client host.
 SMB is sent over TCP
 Prior to Windows 2000 windows used a proprietary protocol
(NETBIOS) to send SMB.
 Linux/UNIX have similar protocol: SAMBA
93
SMB

 SMB messages can:

 Start, authenticate, and terminate sessions
 Control file and printer access
 Allow an application to send or receive messages to or from
another device

94
Peer-to-Peer (P2P) Networking and Applications

 In addition to the client/server model for networking,

there is also a peer-to-peer model.
 Two or more computers are connected via a network and
can share resources (such as printers and files) without
having a dedicated server.
 End devices (peers) can function as either a server or
95
client.
P2P File Sharing

 P2P (Peer-to-Peer) file sharing accounts for more traffic

on the Internet than any other application (2004).
 Peers (hosts) act as both clients and servers.
 No centralized file server.
 HTTP GET and responses are commonly used. 96
By Peter Svensson
The Associated Press
Oct. 19, 2007
“Peer-to-peer applications account for between 50 percent
and 90 percent of overall Internet traffic, according to
a survey this year by ipoque GmbH, a German vendor of 97
traffic-management equipment.”
 P2P – Centralized Directory Peer

and Update
1 – I n f or m Peer
pdate
Centralized 1– Inform and U Peer
Directory
1 – Inform and Update 3 – File Transfer
Server
1 – Inform
and Upda Peer
te
2 – Q uer y
for conten
t

Napster

 Challenge with P2P – locating content across thousands

or millions of peers.
 One solution – centralized directory
 Approach done by Napster
 Problems (non-legal problems)
 Single point of failure
 Performance bottlenecks 98
 P2P – Centralized Directory Peer B

and Update
1 – I n f or m Peer
pdate
Centralized 1– Inform and U Peer
Directory
1 – Inform and Update 3 – File Transfer
Server
1 – Inform
and Upda Peer A
te
2 – Q uer y
for conten
t
1. Peer A starts P2P application
2. Informs centralized directory server of its:
 IP address
 Names of objects making available for sharing (MP3, videos, etc.)
3. Directory server collects information from each peer that
becomes active.
 Dynamic database
 Maps IP addresses with object names
4. Peer A queries directory server for IP addresses of other peers
for specific content
 Directory Server returns IP addresses for those peers (Peer B)
5. Peer A establishes TCP connection and downloads file (i.e. HTTP
GET) from other peer, Peer B.
6. Directory server removes Peer from database when Peer closes
application or disconnects from Internet 99
 Query
P2P – Query
Flooding ry Query hit
Que
t Peer B Peer C
e r y hi
Qu File
r
Query transfe
Query
Peer A Peer D
Que Peer E
ry
Que
ry h
it

Peer F

Gnutella

 Gnutella – public domain file sharing application

 Fully distributed approach
 No centralized server
 Gnutella peer maintains peering relationship (TCP
connection – later) which a number of other peers
(usually fewer than 10).

100
 Query
P2P – Query
Flooding ry Query hit
Que
t Peer B Peer C
e r y hi
Qu File
r
Query transfe
Query
Peer A Peer D
Que Peer E
ry
Que
ry h
it

Peer A searches for a file Peer F

1. Peer A sends query to all neighboring peers.
2. If neighboring peer does not have file, forwards query
to all its neighboring peers
3. If any peer has the file it returns a query hit
message.
4. Peer A selects a peer, Peer C, to retrieve file (HTTP
GET)
5. A direct TCP connection is made with selected peer,
Peer C.
6. HTTP response is used to send file.

Query Flooding 101

 Query
P2P – Query
Flooding ry Query hit
Que
t Peer B Peer C
e r y hi
Qu File
r
Query transfe
Query
Peer A Peer D
Que Peer E
ry
Que
ry h
it

How a peer joins and departs Gnutella Peer F network

1. Finding peers:
 Bootstrap program: Client maintains a list of peer IP addresses who
are usually up
 Contact Gnutella site that maintains a list
2. Client attempts to make contact with peers (TCP
connection – later)
3. Client sends Gnutella ping message to peer.
 Forwards Gnutella ping to other peers, who continue to forward ping
until limited-scope is reached.
4. Each peer returns a Gnutella pong message including:
 Its IP address
 Number of files it is sharing 102
P2P - Combination

Kazaa

 Kazaa combines ideas from Napster and Gnutella

 2004 – Contributed to more traffic on Internet than any
other application
 2007 – Bittorrent became the leading application
103
 Proprietary technology
P2P - Combination
Group
Leade
Group r
Leade
r Query

Query Group
Leade
Q ue r y r
ry Reply
Q ue
File Transfer

 Kazaa does not use a centralized server

 Group leader peers (parent)
 Higher bandwidth and Internet connectivity
 Greater Gnutella responsibilites
 Peers (child) – non-group leaders
 Child peer establishes TCP connection with a group leader
 Group leader:
 maintains database directory of child peers including their IP addresses
 maintain TCP connections with other group leaders
 Child peers query group leaders who forward the query to other
group leaders
104
 Child peer selects peer for TCP connection and file transfer