Transcript Chapter 3 Application Layer Functionality and Protocols

Chapter 3
Application Layer Functionality
and Protocols
Paul Morris
CIS151
MHCC
Applications: Interface Between the
Networks
Application Layer: OSI and TCP/IP Models
 The Application layer, Layer seven, is the top layer of both the OSI and
TCP/IP models.
 Provides the interface between the applications we use to communicate and
the underlying network.
3
Email
HTTP
HTTP
HTTP
(www)
 Application layer protocols are used to exchange data between programs
running on the source and destination hosts.
 There are many Application layer protocols and new protocols are always
being developed.
4
Application Layer: OSI and TCP/IP Models
 Functionality of the TCP/IP application layer protocols fit roughly into the
framework of the top three layers of the:
 OSI model: Application, Presentation and Session layers.
 Most early TCP/IP application layer protocols were developed before the
emergence of:
 personal computers, graphical user interfaces and multimedia objects.
 These protocols implement very little of the functionality that is specified in
the OSI model Presentation and Session layers.
5
The Presentation Layer
 The Presentation layer has three primary functions:
 Coding and conversion of Application layer data to ensure that data
from the source device can be interpreted by destination device.
 Compression of the data in a manner that can be decompressed by
the destination device.
 Encryption of the data for transmission and the decryption of data upon
receipt by the destination.
 Compression and Coding formats:
 Graphics Interchange Format (GIF)
 Joint Photographic Experts Group (JPEG)
 Tagged Image File Format (TIFF).
6
The Session Layer
 Create and maintain dialogs between source and destination applications.
 Handles the exchange of information to:
 initiate dialogs
 keep them active
 restart sessions that are disrupted or idle for a long period of time
 Most applications, like web browsers or e-mail clients, incorporate
functionality of the OSI layers 5, 6 and 7.
7
Application Layer: OSI
and TCP/IP Models
Note: Usually a single
server will function as
a server for multiple
applications
 Common TCP/IP Protocols
 Domain Name Service Protocol (DNS) is used to resolve Internet
names to IP addresses.
 Hypertext Transfer Protocol (HTTP) is used to transfer files that make
up the Web pages of the World Wide Web.
 Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail
messages and attachments.
 Telnet, a terminal emulation protocol, is used to provide remote access
to servers and networking devices.
 File Transfer Protocol (FTP) is used for interactive file transfer
between systems.
8
RFCs: Request For Comments
 The protocols in the TCP/IP suite are generally defined by Requests for
Comments (RFCs).
 Maintained by IETF (Internet Engineering Task Force)
 There are a few in there for fun - ftp://ftp.rfc-editor.org/innotes/rfc1882.txt.
9
Application Layer
Software
 Within the Application layer,
there are two forms of
software programs or
processes that provide
access to the network:
 applications
 services
User
applications
Services
System
Operations
 Network-Aware Applications
 Applications are the software programs used by people to
communicate over the network.
 They implement the application layer protocols and are able to
communicate directly with the lower layers of the protocol stack.
 Email Clients
 Web Browsers
10
Application Layer Software
User
applications
Services
System
Operations
 Application layer Services
 Other programs may need the assistance of Application layer services
to use network resources such as:
 File transfer
 Network print spooling
 These services are the programs that interface with the network and
prepare the data for transfer.
11
Application Layer Software
 Application layer uses protocols that are implemented within applications
and services.
 Applications provide people a way to create messages.
 Application layer services establish an interface to the network.
 Protocols provide the rules and formats that govern how data is
treated.
 Bottom line:
 When discussing an application like "Telnet" we could be referring to the
application, the service, or the protocol.
12
Application Layer Protocol Functions
 Application layer protocols are used by both the source and destination
devices during a communication session.
 The application layer protocols implemented on the source and destination
host must match.
 Protocols: (This will become clearer later! Herding cats.)
 Establish consistent rules for exchanging data.
 Specify the structure and type of messages that are exchanged.
 Types: Request, response, acknowledgement, error message, etc.
 Defines the dialogues, ensuring with transmissions met by expected
responses, and with the correct service invoked.
13
Application Layer Protocol Functions
 Applications and services can use multiple protocols.
 Encapsulate the protocol or encapsulated by this protocol
 Invoke other protocols
 Using a web browser (HTTP):
 May invoke:
 DNS, ARP, ICMP
 May use:
 TCP, UDP, Ethernet, PPP
 Uses
 IP
14
Client Server Model





Client: the device requesting the information
Server: the device responding to the request is called a server.
The client begins the exchange by requesting data from the server.
Server responds by sending one or more streams of data to the client.
In addition to the actual data transfer, this exchange may also require
control information, such as:
 user authentication
 the identification of a data file to be transferred
15
Servers
 A server is usually a computer that contains information to be shared with
many client systems.
 Web server
 Email server
 File or database server
 Applications server
 Some servers may require authentication of user account information and
vary permissions.
 Example, if you request to upload data to the FTP server, you may have
permission to write to your individual folder but not to read other files on the
site.
16
Servers
 The server runs a service, or process, sometimes called a server daemon.
 Daemons (like other services) typically run in the background and are not
under an end user's direct control.
 Daemons are described as "listening" for a request from a client.
 Programmed to respond whenever the server receives a request for the
service provided by the daemon.
 When a daemon "hears" a request from a client:
 It exchanges appropriate messages with the client, as required by its
protocol,
 Proceeds to send the requested data to the client in the proper format.
17
Application Layer
Services and Protocols
 Servers typically have multiple clients requesting information at the same
time.
 For example, a Telnet server may have many clients requesting
connections to it.
 These individual client requests must be handled simultaneously and
separately for the network to succeed.
 The Application layer processes and services rely on support from lower
layer functions to successfully manage the multiple conversations.
18
Application Layer Protocols
HTTP
(WWW)
FTP
(file transfer)
SMTP
(email)
Telnet
(remote login)
DHCP
(IP address
resolution)
DNS
(domain name
resolution)
SMB
(file sharing)
P2P
(file sharing)
20
Reminder of encapsulation/decapsulation
IP
Header
Data Link
Header
IP Packet
Data Link
Trailer
Data Link
Header
IP Packet
Data Link
Trailer
Data Link
Header
IP Packet
Data Link
Trailer
Data Link
Header
IP
Header
TCP
Header
TCP
Header
HTTP
Header
Data Link
Trailer
Data Link
Header
HTTP
Header
Data
Data
Data Link
Trailer
21
Focus on Application Header and/or Data
HTTP
HTTP
 We will examine how the application (header) and/or data communication
with each other between the client and the server.
22
HTTP (HyperText Transfer Protocol)
HTTP
HTTP
HTTP
Server
HTTP
Client
 HTTP – The Web’s application layer protocol.
 RFC 1945 and RFC 2616
 Implemented in:
 Client program
 Server program
 Current version: HTTP/1.1
 Encapsulated in TCP
23
HTTP (HyperText Transfer Protocol)
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Paul Morris, MHCC</title><style type="text/css">
<!-body {
The base HTML file references other objects
margin-left: 0px;
in the page.
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
CIS151
 Web page (also called a html document)
 Web page consists of objects
 Objects (examples):
 HTML file
 JPEG image
 GIF image
 JAVA applet
 Audio file
CIS152
CIS154
24
Web Browser - Client
HTTP
Client
 Browser – The user agent for the Web.
 Displays requested Web page and provides navigational and
configuration features.
 Browser and client may be used interchangeably in this discussion.
 HTTP has nothing to do with how a Web page is interpreted (displayed) by
the client (browser).
25
Web Server
HTTP
Server
 Web Server – Stores web objects, each addressable by a URL.
 Implement the server side of HTTP.
 Examples:
 Apache
 Microsoft Internet Information Server
26
HTTP Request Message
GET /content.html / HTTP/1.1
Some data omitted for brevity
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.lukenetwalker.com
Connection: Keep-Alive
HTTP
Server
HTTP Client
 Request Message
 Request line
 Header lines
 ASCII Text
 Request line: Method field
 GET, POST and HEAD
 The great majority of Requests are GETs
27
HTTP Request Message
GET /content.html/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.lukenetwalker.com
Connection: Keep-Alive
Request Line
GET
- Browser/client is requesting an object
/content.html / - Browser is requesting this object in this
HTTP/1.1
directory (default is index.html)
- Browser implements the HTTP/1.1 (1.1 is
backwards compatible with 1.0)
Note: HTTP GET is also used by some P2P applications like Gnutella
and Bittorrent.
28
HTTP Request Message
GET /content.html/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.lukenetwalker.com
Connection: Keep-Alive
Request Line
GET:
- Used by browser/client to request an object.
POST:
- Used when user has filled out a form and sending
HEAD:
information to the server. (Forms do not have to
use POST.)
- Example: words in a search engine
- Similar to a GET, but the server will responds with a
PUT:
DELETE:
HTTP message but leaves out the requested object.
- Used with Web publishing tools, upload objects.
- Used with Web publishing tools, delete objects.
29
HTTP Request Message
GET /content.html/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.lukenetwalker.com
Connection: Keep-Alive
Header Lines
Accept-Language:- User prefers this language of the object
User-Agent:
- The browser type making the request
Host:
- Host on which the object resides
Connection:
- Client/browser is telling the server to keep
this TCP connection Open, known as a
persistent connection.
- We will talk about this later in TCP
(transport layer)
30
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
Some data omitted for brevity
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
HTTP
Server
HTTP Client
31
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
 Response message:
 Status line
 Header lines
 Entity body
32
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Status Line
HTTP/1.1
200 OK
– Server is using HTTP/1.1
- Status code, request succeeded and information is
returned in response
33
HTTP Response Message
HTTP/1.1 404
Status Codes
200 OK
- Status code, request succeeded and information is returned in response.
301 Moved Permanently
- Requested object has been permanently moved.
400 Bad Request
- Generic error message, request not understood by server.
404 Not Found:
-The requested document does not exist on server.
505 HTTP Version Not Supported
- The requested HTTP protocol version not supported by server.
34
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Header Lines
Date:
Server:
– Server is using HTTP/1.1
- Status code, request succeeded and
information is returned in response
Last-Modified: – Date/time when object created or modified
Content-Length: – Number of bytes in object being sent
Connection:
– Server going to close TCP connection after
Content-Type:
sending the requested object.
– Object in entity body is HTML text
35
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Entity Body
<!DOCTYPE html PUBLIC etc.:
– HTML text and other objects to be used by the browser/client
36
HTTP Request and Response Messages
GET /content.html / HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.lukenetwalker.com
Connection: Keep-Alive
HTTP
HTTP
Server
HTTP
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
HTTP Client
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
37
User-Server Interaction: Cookies
 Web servers are considered stateless – they do not maintain state
information, keep track of the user.
 Higher performance – allowing the server to handle thousands of
simultaneous TCP connections (later).
 Web servers use cookies to track users.
 Cookies defined in RFC 2109
38
User-Server Interaction: Cookies
HTTP Requests: GET
(first time)
HTTP
Server
HTTP: Response
Set-cookie: ID
Web server can now
track clients activities
on the web site.
HTTP Requests (GET)
now include ID
HTTP Client
 Web server installs cookies on client when:
 Accessed the web site for the first time (Web server does not know client
by name.)
and/or
 User provides information to the web server. (Web server now knows
client by name.)
 HTTP on Web server responds with a Set-cookie: header with an ID.
 This ID is stored on the client’s computer.
 Each time client/browser accesses web site. The GET includes Cookie: or
User_ID or similar with the ID.
39
HTTP Request and Response Messages
GET /jpeg/cap81/cam0.36705623.rgb888.enc HTTP/1.1
<information omitted>
Cookie: SLSPOTNAME5=Cowells; SLSPOTNAME4=Waimea%20Bay;
SLSPOTNAME3=Pipeline; SLSPOTNAME2=38th%20Ave%2E; SLSPOTNAME1=Cowells;
SLSPOTID5=4189; SLSPOTID4=4755; SLSPOTID3=4750; SLSPOTID2=4191;
SLSPOTID1=4189; OAX=R8bfwEbcU08ABCBu; USER_ID=5551212 <not my actual
user-id>; <rest of informaton omitted for brevity>
HTTP: Cookie 5551212 included
HTTP
Server
HTTP data customized
for Rick Graziani
HTTP Client
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 19:00:15 GMT
Server: Apache/1.3.34 (Unix)
Last-Modified: Fri, 22 Feb 2008 18:51:47 GMT
ETag: "760a31-18ce-47bf19c3"
Accept-Ranges: bytes
Content-Length: 6350
Keep-Alive: timeout=15, max=257
Connection: Keep-Alive
Content-Type: text/plain <information omitted>
40
Web Caching
Origin
Server
HTTP
Request
Web
Cache or
Proxy
Server
HTTP
Request
Client
HTTP Response
HTTP Response
HTTP
Request
HTTP
Request
Orgin
Server
HTTP Response
HTTP Response
Client
 Web cache or proxy server – Web cache satisfies HTTP requests on the
behalf of the Origin Web server.
 Own disk storage
 Keeps copies of recently requested objects
 Typically installed at ISP or larger institutions.
 Advantages:
 Reduces the response time for client requests, especially if there are
any bottlenecks in the network.
 Reduces traffic on institution’s access link to the ISP (Internet).
41
Web Caching
Origin
Server
HTTP
Request
Web
Cache or
Proxy
Server
HTTP
Request
Client
HTTP Response
HTTP Response
HTTP
Request
HTTP
Request
Origin
Server
HTTP Response
HTTP Response
Client
1. Client/browser sends HTTP Request to Web cache (Proxy server).
2. Web cache checks to see if it has a local copy of the object.
 2a. Local copy: Web cache sends object to client’s browser.
 2b. No Local copy: Web cache sends HTTP request to origin server.
3. Origin server sends object to Web cache.
4. Web cache stores a local copy of the object.
5. Web cache forwards copy of the object to the client browser.
Note: TCP connections are also created between Client and Web Cache; Web
cache and Origin server (later).
42
HTTPS
 HTTPS (Hypertext Transfer Protocol over Secure Socket Layer) is a URL
scheme used to indicate a secure HTTP connection.
 HTTPS is not a separate protocol
 combination of a normal HTTP interaction over an encrypted:
 Secure Sockets Layer (SSL) or
 Transport Layer Security (TLS) connection
43
FTP (File Transfer Protocol)
FTP
Client




FTP was developed to allow for file transfers between a client and a server.
Used to push and pull files from a server running the FTP daemon (FTPd).
Uses get and put commands.
RFC 959
FTP
Server
44
FTP (File Transfer Protocol)
TCP control connection port 21
Username and password
Change directory on Server
TCP data connection port 20
Copy file from client to server – Connection Closed
TCP data connection port 20
Copy file from server to client – Connection Closed
TCP control connection port 21
Quit FTP Application – Connection Closed
 Client initiates a TCP control connection with FTP server using port 21.
 This connection remains open until the user quits the FTP application.
 TCP port 21 connection includes:
 Username and password is sent over TCP port 21.
 Remote directory changes
 This state information significantly reduces total number of sessions on
server.
 For each file transferred, TCP opens and closes a TCP data connection on port
20.
45
 More later on TCP ports and connections.
SMTP – Simple Mail Transfer Protocol
 Email – One of the killer applications of the Internet.
46
SMTP – Simple Mail Transfer Protocol
User agent
Mail server
SMTP
Mail server
User agent
SMTP
POP3
IMAP
 Internet mail involves:
 User agents
 Allows users to read, reply, compose, forward, save, etc., mail messages
 GUI user agents: Outlook, Eudora, Messenger
 Text user agents: mail, pine, elm
 Mail servers
 Stores user mail boxes, communicates with local user agents and other
mail servers.
 SMTP
 Principle application layer protocol for Internet mail
 Sent over TCP
47
 Mail access protocols: POP3, IMAP, HTTP
SMTP – Simple Mail Transfer Protocol
User agent
Mail server
SMTP
Mail server
User agent
SMTP
POP3
IMAP
 SMTP
 RFC 2821
 Transfers messages from sender’s mail server to recipient’s mail
server
 Push protocol, not a pull protocol
 Push (from client to server or server to server)
 Pull (from server to client)
 Retrieving email
 Historically, users would log into local mail server to read mail.
 Since early 1990’s, clients use mail access protocols:
 POP3
 IMAP
 HTTP
48
SMTP – Simple Mail Transfer Protocol
 POP3 (Post Office Protocol)
 RFC 1939
 Limited functionality
 Uses TCP port 110
 Download-and-delete mode
 Retrieves messages on server and store the locally
 Delete messages on server
 Download-and-keep mode
 Does not delete messages on server when retrieved.
 Problem
 Difficult to access email from multiple computers – work and home.
 Some email may have already been downloaded on another
computer (work) – download-and-delete
 To read email from another computer, must leave on server –
download-and-keep
 Does not provide means for user to create remote folders on mail
server
49
SMTP – Simple Mail Transfer Protocol
User agent
Mail server
SMTP
Mail server
User agent
SMTP
IMAP
HTTP
 IMAP (Internet Message Access Protocol)
 RFC 2060
 Mail not downloaded, but kept on server
 Received email is associated with user’s INBOX
 Users can create and manage remote folders
 Users can retrieve portions of the email:
 Message header: Subject line and Sender
 Web-based email
 Introduced with Hotmail in mid-1990’s
 Communicates with remote mailbox using HTTP
 HTTP is used to push (client to server) and pull the email (server to
client)
50
SMTP
MTA
 receives email from the
client's MUA
 passes email to the MDA
for final delivery
 uses SMTP to route email
between servers
Mail software, processes used: MTA and MDA
 MUA (Mail User Agent) – Email client software.
 MTA (Mail Transfer Agent) – Software that governs transfer of email
between mail servers.
 Includes UNIX sendmail, Microsoft Exchange Server, Postfix, and Exim
 MDA (Mail Delivery Agent) – Software that governs transfer of email from
mail servers to clients.
 On Unix systems, procmail and maildrop are the most popular MDAs.
51
Telnet
Telnet
Telnet
Server
 Telnet provides a standard method of emulating text-based terminal devices
over the data network.
52
Telnet
Telnet
Telnet
Server
 Allows a user to remotely access another device (host, router, switch).
 A connection using Telnet is called a Virtual Terminal (VTY) session, or
connection.
 Telnet uses software to create a virtual device that provides the same
features of a terminal session with access to the server command line
interface (CLI).
 Telnet clients:
 Putty
 Teraterm
 Hyperterm
53
Telnet
 Telnet supports user authentication, but does not encrypt data.
 All data exchanged during a Telnet sessions is transported as plain text.
 Secure Shell (SSH) protocol offers an alternate and secure method for
server access.
 Stronger authentication
 Encrypts data
54
DHCP – Dynamic Host Configuration Protocol
 IP addresses and other information can be obtained:
 Statically
 Dynamically (DHCP)
55
DHCP
 DHCP Information can include:
 IP address
 Subnet mask
 Default gateway
 Domain name
 DNS Server
 DHCP servers can be:
 Server on LAN
 Router
 Server at ISP
56
DHCP
 We will discuss DHCP more when we
discuss IPv4.
57
DNS – Domain Name System
 DNS allows users (software) to use domain names instead of IP addresses
58
Name Resolution
Need the IP address
Resolver
 DNS client programs used to look up DNS name information.
Name Resolution
 The two types of queries that a DNS resolver (either a DNS client or another
DNS server) can make to a DNS server are the following:
Recursive queries
 Queries performed by Host to Local DNS Server
Iterative queries
 Queries performed Local DNS server to other servers
59
DNS Name Resolution
1
 User types http://www.example.com
Step 1.
 The DNS resolver on the DNS client sends a recursive query to its
configured Local DNS server.
 Requests IP address for "www.example.com".
 The DNS server for that client is responsible for resolving the name
 Cannot refer the DNS client to another DNS server.
60
2
3
DNS Name Resolution
2
1
Step 2.
 Local DNS Server forwards the query to a Root DNS server.
Step 3.
 Root DNS server
 Makes note of .com suffix
 Returns a list of IP addresses for TLD (Top Level Domain Servers)
responsible for .com.
61
DNS Name Resolution
 Root DNS Servers
 There are 13 Root DNS servers (labeled A through M)
 TLD Servers
 Responsible for domains such as .com, edu, org, .net, .uk, jp, fr
 Network Solutions maintains TLD servers for .com
 Educause maintains TLD servers for .edu
 There are redundant servers throughout the world.
62
DNS Name Resolution
4
4
5
Step 4.
 The local DNS server sends query for www.example.com to one of the
TLD servers.
Step 5.
 TLD Server
 Makes note of example.com
 Returns IP address for authoritative server example.com (such as
dns.example.com server)
63
DNS Name Resolution
6
6
7
Step 6.
 Local DNS server sends query for www.example.com directly to DNS
server for example.com
Step 7.
 example.com DNS server responds with its IP address for
www.example.com
64
DNS Name Resolution
8
7
Step 8.
 Local DNS server sends the IP address of www.example.com to the DNS
client.
DNS Caching
 When a DNS server receives a DNS reply (mapping hostname to an IP
address) it can cache the information in its local memory.
 DNS servers discard cached information after a period of time (usually 2
days)
 A local DNS server can cache TLD server addresses, bypassing the root
DNS servers in the query chain.
65
DNS Name Resolution
 In the worst cases, you'll get a dialog
box that says the domain name
doesn't exist - even though you know it
does.
 This happens because the
authoritative server is slow replying to
the first, and your computer gets tired
of waiting so it times-out (drops the
connection) or the domain name does
not exist.
 But if you try again, there's a good
chance it will work, because the
authoritative server has had enough
time to reply, and your name server
has stored the information in its cache.
66
nslookup
nslookup
 Displays default DNS server for your host
 Can be used to query a domain name and get the IP address
67
DNS Name
Resolution
 ipconfig /displaydns
 After a certain amount of time, specified in the Time to Live (TTL)
associated with the DNS resource record, the resolver discards the
record from the cache.
 ipconfig /flushdns – Manually deletes entries
 The default TTL for positive responses is 86,400 seconds (1 day).
 The default TTL for negative responses is 300 seconds.
68
(Missing Info) DNS: 204.127.199.8
69
70
71
72
SMB – Server Message Block Protocol
 The Server Message Block (SMB) is a client/server file sharing protocol.
IBM developed Server Message Block (SMB) in the late 1980s to describe
the structure of shared network resources, such as directories, files,
printers, and serial ports.
73
SMB
 Request-response protocol .
 Unlike FTP, clients establish a long term connection to servers.
 Client can access the resources on the server as if the resource is local to
the client host.
 SMB is sent over TCP
 Prior to Windows 2000 windows used a proprietary protocol (NETBIOS)
to send SMB.
 Linux/UNIX have similar protocol: SAMBA
74
SMB
 SMB messages can:
 Start, authenticate, and terminate sessions
 Control file and printer access
 Allow an application to send or receive messages to or from another
device
75
Peer-to-Peer (P2P) Networking and
Applications
 In addition to the client/server model for networking, there is also a
peer-to-peer model.
 Two or more computers are connected via a network and can share
resources (such as printers and files) without having a dedicated
server.
 End devices (peers) can function as either a server or client.
76
P2P File Sharing
 P2P (Peer-to-Peer) file sharing accounts for more traffic on the Internet than
any other application (2004).
 Peers (hosts) act as both clients and servers.
 No centralized file server.
 HTTP GET and responses are commonly used.
77
By Peter Svensson
The Associated Press
Oct. 19, 2007
“Peer-to-peer applications account for between 50 percent and 90
percent of overall Internet traffic, according to a survey this year by
ipoque GmbH, a German vendor of traffic-management equipment.”
78
P2P – Centralized Directory
Peer
Peer
Centralized
Directory
Server
Peer
1 – Inform and Update
3 – File Transfer
Peer
Napster
 Challenge with P2P – locating content across thousands or millions of
peers.
 One solution – centralized directory
 Approach done by Napster
 Problems (non-legal problems)
 Single point of failure
 Performance bottlenecks
79
P2P – Centralized Directory
Peer B
Peer
Centralized
Directory
Server
Peer
1 – Inform and Update
3 – File Transfer
Peer A
1. Peer A starts P2P application
2. Informs centralized directory server of its:
 IP address
 Names of objects making available for sharing (MP3, videos, etc.)
3. Directory server collects information from each peer that becomes active.
 Dynamic database
 Maps IP addresses with object names
4. Peer A queries directory server for IP addresses of other peers for specific
content
 Directory Server returns IP addresses for those peers (Peer B)
5. Peer A establishes TCP connection and downloads file (i.e. HTTP GET) from
other peer, Peer B.
6. Directory server removes Peer from database when Peer closes application
or disconnects from Internet (periodic messages – pings – from server).
80
P2P – Query
Flooding
Query
Query hit
Peer B
Peer C
Query
Query
Peer A
Peer D
Peer E
Peer F
Gnutella
 Gnutella – public domain file sharing application
 Fully distributed approach
 No centralized server
 Gnutella peer maintains peering relationship (TCP connection – later) which
a number of other peers (usually fewer than 10).
81
P2P – Query
Flooding
Query
Query hit
Peer B
Peer C
Query
Query
Peer A
Peer D
Peer E
Peer A searches for a file
Peer F
1. Peer A sends query to all neighboring peers.
2. If neighboring peer does not have file, forwards query to all its neighboring
peers
3. If any peer has the file it returns a query hit message.
4. Peer A selects a peer, Peer C, to retrieve file (HTTP GET)
5. A direct TCP connection is made with selected peer, Peer C.
6. HTTP response is used to send file.
Query Flooding
 Non-scalable and causes a significant amount of traffic on Internet.
 Gnutella modified it to limited-scope flooding which limits how many peers
away the query is sent to, usually 7 to 10. (similar to TTL – later).
82
P2P – Query
Flooding
Query
Query hit
Peer B
Peer C
Query
Query
Peer A
Peer D
Peer E
How a peer joins and departs GnutellaPeer
network
F
1. Finding peers:
 Bootstrap program: Client maintains a list of peer IP addresses who are
usually up
 Contact Gnutella site that maintains a list
2. Client attempts to make contact with peers (TCP connection – later)
3. Client sends Gnutella ping message to peer.
 Forwards Gnutella ping to other peers, who continue to forward ping
until limited-scope is reached.
4. Each peer returns a Gnutella pong message including:
 Its IP address
 Number of files it is sharing
 Total size of the files
83
P2P - Combination
Kazaa




Kazaa combines ideas from Napster and Gnutella
2004 – Contributed to more traffic on Internet than any other application
2007 – Bittorrent became the leading application
Proprietary technology
84
P2P - Combination
Group
Leader
Group
Leader
Group
Leader
 Kazaa does not use a centralized server
 Group leader peers (parent)
 Higher bandwidth and Internet connectivity
 Greater Gnutella responsibilites
 Peers (child) – non-group leaders
 Child peer establishes TCP connection with a group leader
 Group leader:
 maintains database directory of child peers including their IP addresses
 maintain TCP connections with other group leaders
 Child peers query group leaders who forward the query to other group leaders
 Child peer selects peer for TCP connection and file transfer
85
Chapter 3
Application Layer Functionality
and Protocols
Paul Morris
CIS151
MHCC