Transcript munz
Chapter 3
Application Layer Functionality
and Protocols
Applications: Interface Between the
Networks
Application Layer: OSI and TCP/IP Models
The Application layer, Layer seven, is the top layer of both the OSI and
TCP/IP models.
Provides the interface between the applications we use to communicate and
the underlying network.
3
Email
HTTP
HTTP
HTTP
(www)
Application layer protocols are used to exchange data between programs
running on the source and destination hosts.
There are many Application layer protocols and new protocols are always
being developed.
4
Application Layer: OSI and TCP/IP Models
Functionality of the TCP/IP application layer protocols fit roughly into the
framework of the top three layers of the:
OSI model: Application, Presentation and Session layers.
Most early TCP/IP application layer protocols were developed before the
emergence of:
personal computers, graphical user interfaces and multimedia objects.
These protocols implement very little of the functionality that is specified in
the OSI model Presentation and Session layers.
5
The Presentation Layer
The Presentation layer has three primary functions:
Coding and conversion of Application layer data to ensure that data
from the source device can be interpreted by destination device.
Compression of the data in a manner that can be decompressed by
the destination device.
Encryption of the data for transmission and the decryption of data upon
receipt by the destination.
Compression and Coding formats:
Graphics Interchange Format (GIF)
Joint Photographic Experts Group (JPEG)
Tagged Image File Format (TIFF).
6
The Session Layer
Create and maintain dialogs between source and destination applications.
Handles the exchange of information to:
initiate dialogs
keep them active
restart sessions that are disrupted or idle for a long period of time
Most applications, like web browsers or e-mail clients, incorporate
functionality of the OSI layers 5, 6 and 7.
7
Application Layer: OSI
and TCP/IP Models
Note: Usually a single
server will function as
a server for multiple
applications
Common TCP/IP Protocols
Domain Name Service Protocol (DNS) is used to resolve Internet
names to IP addresses.
Hypertext Transfer Protocol (HTTP) is used to transfer files that make
up the Web pages of the World Wide Web.
Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail
messages and attachments.
Telnet, a terminal emulation protocol, is used to provide remote access
to servers and networking devices.
File Transfer Protocol (FTP) is used for interactive file transfer
between systems.
8
RFCs: Request For Comments
The protocols in the TCP/IP suite are generally defined by Requests for
Comments (RFCs).
Maintained by IETF (Internet Engineering Task Force)
There are a few in there for fun - ftp://ftp.rfc-editor.org/innotes/rfc1882.txt.
9
Application Layer
Software
Within the Application layer,
there are two forms of
software programs or
processes that provide
access to the network:
applications
services
User
applications
Services
System
Operations
Network-Aware Applications
Applications are the software programs used by people to
communicate over the network.
They implement the application layer protocols and are able to
communicate directly with the lower layers of the protocol stack.
Email Clients
Web Browsers
10
Application Layer Software
User
applications
Services
System
Operations
Application layer Services
Other programs may need the assistance of Application layer services
to use network resources such as:
File transfer
Network print spooling
These services are the programs that interface with the network and
prepare the data for transfer.
11
Application Layer Software
Application layer uses protocols that are implemented within applications
and services.
Applications provide people a way to create messages.
Application layer services establish an interface to the network.
Protocols provide the rules and formats that govern how data is
treated.
Bottom line:
When discussing an application like "Telnet" we could be referring to the
application, the service, or the protocol.
12
Application Layer Protocol Functions
Application layer protocols are used by both the source and destination
devices during a communication session.
The application layer protocols implemented on the source and destination
host must match.
Protocols: (This will become clearer later! Herding cats.)
Establish consistent rules for exchanging data.
Specify the structure and type of messages that are exchanged.
Types: Request, response, acknowledgement, error message, etc.
Defines the dialogues, ensuring with transmissions met by expected
responses, and with the correct service invoked.
13
Application Layer Protocol Functions
Applications and services can use multiple protocols.
Encapsulate the protocol or encapsulated by this protocol
Invoke other protocols
Using a web browser (HTTP):
May invoke:
DNS, ARP, ICMP
May use:
TCP, UDP, Ethernet, PPP
Uses
IP
14
Client Server Model
Client: the device requesting the information
Server: the device responding to the request is called a server.
The client begins the exchange by requesting data from the server.
Server responds by sending one or more streams of data to the client.
In addition to the actual data transfer, this exchange may also require
control information, such as:
user authentication
the identification of a data file to be transferred
15
Servers
A server is usually a computer that contains information to be shared with
many client systems.
Web server
Email server
File or database server
Applications server
Some servers may require authentication of user account information and
vary permissions.
Example, if you request to upload data to the FTP server, you may have
permission to write to your individual folder but not to read other files on the
site.
16
Servers
The server runs a service, or process, sometimes called a server daemon.
Daemons (like other services) typically run in the background and are not
under an end user's direct control.
Daemons are described as "listening" for a request from a client.
Programmed to respond whenever the server receives a request for the
service provided by the daemon.
When a daemon "hears" a request from a client:
It exchanges appropriate messages with the client, as required by its
protocol,
Proceeds to send the requested data to the client in the proper format.
17
Application Layer
Services and Protocols
Servers typically have multiple clients requesting information at the same
time.
For example, a Telnet server may have many clients requesting
connections to it.
These individual client requests must be handled simultaneously and
separately for the network to succeed.
The Application layer processes and services rely on support from lower
layer functions to successfully manage the multiple conversations.
18
Application Layer Protocols
HTTP
(WWW)
We will examine
HTTP in detail.
FTP
(file transfer)
SMTP
(email)
Telnet
(remote login)
DHCP
(IP address
resolution)
DNS
(domain name
resolution)
SMB
(file sharing)
P2P
(file sharing)
20
Reminder of encapsulation/decapsulation
IP
Header
Data Link
Header
IP Packet
Data Link
Trailer
Data Link
Header
IP Packet
Data Link
Trailer
Data Link
Header
IP Packet
Data Link
Trailer
Data Link
Header
IP
Header
TCP
Header
TCP
Header
HTTP
Header
Data Link
Trailer
Data Link
Header
HTTP
Header
Data
Data
Data Link
Trailer
21
Focus on Application Header and/or Data
HTTP
HTTP
We will examine how the application (header) and/or data communication
with each other between the client and the server.
“Later” we will look at what roles the other layers, protocols (TCP, IP, etc.)
play.
22
HTTP (HyperText Transfer Protocol)
HTTP
HTTP
HTTP
Server
HTTP
Client
HTTP – The Web’s application layer protocol.
RFC 1945 and RFC 2616
Implemented in:
Client program
Server program
Current version: HTTP/1.1
Encapsulated in TCP (more later)
23
HTTP (HyperText Transfer Protocol)
<html> <head> <link rel="shortcut icon" type="image/x-icon"
href="/favicon.ico"> <title>Homepage Munz Udo:</title> <META
NAME="author" CONTENT="Udo Matthias Munz"> <META NAME="expires"
CONTENT="NEVER"> <META NAME="publisher" CONTENT="Munz Udo"> <META
NAME="copyright" CONTENT="Munz Udo"> <META NAME="page-topic"
CONTENT="Education;Bildung;Education"> <META NAME="keywords"
CONTENT="GWS-Lörrach, Gewerbeschule Lörrach,
The base HTML file references other objects
in the page.
Web page (also called a html document)
Web page consists of objects
Objects (examples):
HTML file
JPEG image
GIF image
JAVA applet
Audio file
24
Web Browser - Client
HTTP
Client
Browser – The user agent for the Web.
Displays requested Web page and provides navigational and
configuration features.
Browser and client may be used interchangeably in this discussion.
HTTP has nothing to do with how a Web page is interpreted (displayed) by
the client (browser).
25
Web Server
HTTP
Server
Web Server – Stores web objects, each addressable by a URL.
Implement the server side of HTTP.
Examples:
Apache
Microsoft Internet Information Server
26
HTTP Request Message
http://de.wikipedia.org/wiki/Hypertext_Transfer_Protocol
HTTP
Server
HTTP Client
Request Message
Request line
Header lines
ASCII Text
Request line: Method field
GET, POST and HEAD
The great majority of Requests are GETs
27
HTTP Request Message
GET /munz-udo.de/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.munz-udo.de
Connection: Keep-Alive
Request Line
GET
/home/
HTTP/1.1
- Browser/client is requesting an object
- Browser is requesting this object in this
directory (default is index.html)
- Browser implements the HTTP/1.1 (1.1 is
backwards compatible with 1.0)
Note: HTTP GET is also used by some P2P applications like Gnutella
and Bittorrent.
28
HTTP Request Message
GET /~home/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.munz-udo.de
Connection: Keep-Alive
Request Line
GET:
- Used by browser/client to request an object.
POST:
- Used when user has filled out a form and sending
HEAD:
information to the server. (Forms do not have to
use POST.)
- Example: words in a search engine
- Similar to a GET, but the server will responds with a
PUT:
DELETE:
HTTP message but leaves out the requested object.
- Used with Web publishing tools, upload objects.
- Used with Web publishing tools, delete objects.
29
HTTP Request Message
GET /~home/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.munz-udo.de
Connection: Keep-Alive
Header Lines
Accept-Language:- User prefers this language of the object
User-Agent:
- The browser type making the request
Host:
- Host on which the object resides
Connection:
- Client/browser is telling the server to keep
this TCP connection Open, known as a
persistent connection.
- We will talk about this later in TCP
(transport layer)
30
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
HTTP
Server
HTTP Client
31
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Response message:
Status line
Header lines
Entity body
32
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Status Line
HTTP/1.1
200 OK
– Server is using HTTP/1.1
- Status code, request succeeded and information is
returned in response
33
HTTP Response Message
HTTP/1.1 404
Status Codes
200 OK
- Status code, request succeeded and information is returned in response.
301 Moved Permanently
- Requested object has been permanently moved.
400 Bad Request
- Generic error message, request not understood by server.
404 Not Found:
-The requested document does not exist on server.
505 HTTP Version Not Supported
- The requested HTTP protocol version not supported by server.
34
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Header Lines
Date:
Server:
– Server is using HTTP/1.1
- Status code, request succeeded and
information is returned in response
Last-Modified: – Date/time when object created or modified
Content-Length: – Number of bytes in object being sent
Connection:
– Server going to close TCP connection after
Content-Type:
sending the requested object.
– Object in entity body is HTML text
35
HTTP Response Message
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
Entity Body
<!DOCTYPE html PUBLIC etc.:
– HTML text and other objects to be used by the browser/client
36
HTTP Request and Response Messages
GET /~rgraziani/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET
CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.munz-udo.de
Connection: Keep-Alive
HTTP
HTTP
Server
HTTP
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)
Last-Modified: Thu, 15 Nov 2007 19:33:12 GMT
Content-Length: 15137
Connection: close
Content-Type: text/html
HTTP Client
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
37
User-Server Interaction: Cookies
Web servers are considered stateless – they do not maintain state
information, keep track of the user.
Higher performance – allowing the server to handle thousands of
simultaneous TCP connections (later).
Web servers use cookies to track users.
Cookies defined in RFC 2109
38
User-Server Interaction: Cookies
HTTP Requests: GET
(first time)
HTTP
Server
HTTP: Response
Set-cookie: ID
Web server can now
track clients activities
on the web site.
HTTP Requests (GET)
now include ID
HTTP Client
Web server installs cookies on client when:
Accessed the web site for the first time (Web server does not know client
by name.)
and/or
User provides information to the web server. (Web server now knows
client by name.)
HTTP on Web server responds with a Set-cookie: header with an ID.
This ID is stored on the client’s computer.
Each time client/browser accesses web site. The GET includes Cookie: or
User_ID or similar with the ID.
39
HTTP Request and Response Messages
GET /jpeg/cap81/cam0.36705623.rgb888.enc HTTP/1.1
<information omitted>
Cookie: SLSPOTNAME5=Cowells; SLSPOTNAME4=Waimea%20Bay;
SLSPOTNAME3=Pipeline; SLSPOTNAME2=38th%20Ave%2E; SLSPOTNAME1=Cowells;
SLSPOTID5=4189; SLSPOTID4=4755; SLSPOTID3=4750; SLSPOTID2=4191;
SLSPOTID1=4189; OAX=R8bfwEbcU08ABCBu; USER_ID=5551212 <not my actual
user-id>; <rest of informaton omitted for brevity>
HTTP: Cookie 5551212 included
HTTP
Server
HTTP data customized
for Udo Munz
HTTP Client
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 19:00:15 GMT
Server: Apache/1.3.34 (Unix)
Last-Modified: Fri, 22 Feb 2008 18:51:47 GMT
ETag: "760a31-18ce-47bf19c3"
Accept-Ranges: bytes
Content-Length: 6350
Keep-Alive: timeout=15, max=257
Connection: Keep-Alive
Content-Type: text/plain <information omitted>
40
Web Caching
Origin
Server
HTTP
Request
Web
Cache or
Proxy
Server
HTTP
Request
Client
HTTP Response
HTTP Response
HTTP
Request
HTTP
Request
Orgin
Server
HTTP Response
HTTP Response
Client
Web cache or proxy server – Web cache satisfies HTTP requests on the
behalf of the Origin Web server.
Own disk storage
Keeps copies of recently requested objects
Typically installed at ISP or larger institutions.
Advantages:
Reduces the response time for client requests, especially if there are
any bottlenecks in the network.
Reduces traffic on institution’s access link to the ISP (Internet).
41
Web Caching
Origin
Server
HTTP
Request
Web
Cache or
Proxy
Server
HTTP
Request
Client
HTTP Response
HTTP Response
HTTP
Request
HTTP
Request
Origin
Server
HTTP Response
HTTP Response
Client
1. Client/browser sends HTTP Request to Web cache (Proxy server).
2. Web cache checks to see if it has a local copy of the object.
2a. Local copy: Web cache sends object to client’s browser.
2b. No Local copy: Web cache sends HTTP request to origin server.
3. Origin server sends object to Web cache.
4. Web cache stores a local copy of the object.
5. Web cache forwards copy of the object to the client browser.
Note: TCP connections are also created between Client and Web Cache; Web
cache and Origin server (later).
42
Web Caching (Extra)
Problem – stale cache
Object may have been modified on Origin server since copy was
cached by the Web cache.
Solution – Conditional GET
Request method: GET
Includes header: If-Modified-Since:
Web cache sends Conditional GET to Origin server to see if there is a
newer version of the object.
No newer version: Send current local object
Newer version: Replaces current object and forwards newer version.
43
Web Cache – Steps (Extra)
1. Client/browser sends HTTP Request to Web cache (Proxy server).
2. Web cache checks to see if it has a local copy of the object.
No local copy
3. Web cache sends HTTP request to origin server.
4. Origin Web server sends HTTP response with object requested
5. Web cache stores local copy of the object with last-modified date.
6. Web cache forwards object to client/browser.
1. Web cache receives another request for this HTTP object.
2. Web cache sends a Conditional GET to the Origin Web server, with Ifmodified-since: header.
3. Origin Web Server returns:
No change: HTTP Response message 304 Not Modified, no object.
Web cache sends local object.
Change: HTTP Response 200 OK, with object.
Web cache replace object and forwards update object.
44
HTTPS
HTTPS (Hypertext Transfer Protocol over Secure Socket Layer) is a URL
scheme used to indicate a secure HTTP connection.
HTTPS is not a separate protocol
combination of a normal HTTP interaction over an encrypted:
Secure Sockets Layer (SSL) or
Transport Layer Security (TLS) connection
http://de.wikipedia.org/wiki/Hypertext_Transfer_Protocol_Secure
http://www.softed.de/fachthema/https.aspx
45
FTP (File Transfer Protocol)
FTP
Client
FTP was developed to allow for file transfers between a client and a server.
Used to push and pull files from a server running the FTP daemon (FTPd).
Uses get and put commands.
RFC 959
FTP
Server
46
FTP (File Transfer Protocol)
TCP control connection port 21
Username and password
Change directory on Server
TCP data connection port 20
Copy file from client to server – Connection Closed
TCP data connection port 20
Copy file from server to client – Connection Closed
TCP control connection port 21
Quit FTP Application – Connection Closed
Client initiates a TCP control connection with FTP server using port 21.
This connection remains open until the user quits the FTP application.
TCP port 21 connection includes:
Username and password is sent over TCP port 21.
Remote directory changes
This state information significantly reduces total number of sessions on
server.
For each file transferred, TCP opens and closes a TCP data connection on port
20.
47
More later on TCP ports and connections.
SMTP – Simple Mail Transfer Protocol
Email – One of the killer applications of the Internet.
48
SMTP – Simple Mail Transfer Protocol
User agent
Mail server
SMTP
Mail server
User agent
SMTP
POP3
IMAP
Internet mail involves:
User agents
Allows users to read, reply, compose, forward, save, etc., mail messages
GUI user agents: Outlook, Eudora, Messenger
Text user agents: mail, pine, elm
Mail servers
Stores user mail boxes, communicates with local user agents and other
mail servers.
SMTP
Principle application layer protocol for Internet mail
Sent over TCP
49
Mail access protocols: POP3, IMAP, HTTP
SMTP – Simple Mail Transfer Protocol
User agent
Mail server
SMTP
Mail server
User agent
SMTP
POP3
IMAP
SMTP
RFC 2821
Transfers messages from sender’s mail server to recipient’s mail
server
Push protocol, not a pull protocol
Push (from client to server or server to server)
Pull (from server to client)
Retrieving email
Historically, users would log into local mail server to read mail.
Since early 1990’s, clients use mail access protocols:
POP3
IMAP
HTTP
50
SMTP – Simple Mail Transfer Protocol
POP3 (Post Office Protocol)
RFC 1939
Limited functionality
Uses TCP port 110
Download-and-delete mode
Retrieves messages on server and store the locally
Delete messages on server
Download-and-keep mode
Does not delete messages on server when retrieved.
Problem
Difficult to access email from multiple computers – work and home.
Some email may have already been downloaded on another
computer (work) – download-and-delete
To read email from another computer, must leave on server –
download-and-keep
Does not provide means for user to create remote folders on mail
server
51
SMTP – Simple Mail Transfer Protocol
User agent
Mail server
SMTP
Mail server
User agent
SMTP
IMAP
HTTP
IMAP (Internet Message Access Protocol)
RFC 2060
Mail not downloaded, but kept on server
Received email is associated with user’s INBOX
Users can create and manage remote folders
Users can retrieve portions of the email:
Message header: Subject line and Sender
Web-based email
Introduced with Hotmail in mid-1990’s
Communicates with remote mailbox using HTTP
HTTP is used to push (client to server) and pull the email (server to
client)
52
SMTP
MTA
receives email from the
client's MUA
passes email to the MDA
for final delivery
uses SMTP to route email
between servers
Mail software, processes used: MTA and MDA
MUA (Mail User Agent) – Email client software.
MTA (Mail Transfer Agent) – Software that governs transfer of email
between mail servers.
Includes UNIX sendmail, Microsoft Exchange Server, Postfix, and Exim
MDA (Mail Delivery Agent) – Software that governs transfer of email from
mail servers to clients.
On Unix systems, procmail and maildrop are the most popular MDAs.
53
Telnet
Telnet
Telnet
Server
Telnet provides a standard method of emulating text-based terminal devices
over the data network.
http://de.wikipedia.org/wiki/Telnet
54
Telnet
Telnet
Telnet
Server
Allows a user to remotely access another device (host, router, switch).
A connection using Telnet is called a Virtual Terminal (VTY) session, or
connection.
Telnet uses software to create a virtual device that provides the same
features of a terminal session with access to the server command line
interface (CLI).
Telnet clients:
Putty
Teraterm
Hyperterm
55
Telnet
Telnet supports user authentication, but does not encrypt data.
All data exchanged during a Telnet sessions is transported as plain text.
Secure Shell (SSH) protocol offers an alternate and secure method for
server access.
Stronger authentication
Encrypts data
56
DHCP – Dynamic Host Configuration Protocol
IP addresses and other information can be obtained:
Statically
Dynamically (DHCP)
57
DHCP
DHCP Information can include:
IP address
Subnet mask
Default gateway
Domain name
DNS Server
DHCP servers can be:
Server on LAN
Router
Server at ISP
58
DHCP
We will discuss DHCP more when we
discuss IPv4.
59
DNS – Domain Name System
DNS allows users (software) to use domain names instead of IP addresses
60
Name Resolution
Need the IP address
Resolver
DNS client programs used to look up DNS name information.
Name Resolution
The two types of queries that a DNS resolver (either a DNS client or another
DNS server) can make to a DNS server are the following:
Recursive queries
Queries performed by Host to Local DNS Server
Iterative queries
Queries performed Local DNS server to other servers
61
DNS Name Resolution
1
User types http://www.example.com
Step 1.
The DNS resolver on the DNS client sends a recursive query to its
configured Local DNS server.
Requests IP address for "www.example.com".
The DNS server for that client is responsible for resolving the name
Cannot refer the DNS client to another DNS server.
62
2
3
DNS Name Resolution
2
1
Step 2.
Local DNS Server forwards the query to a Root DNS server.
Step 3.
Root DNS server
Makes note of .com suffix
Returns a list of IP addresses for TLD (Top Level Domain Servers)
responsible for .com.
63
DNS Name Resolution
Root DNS Servers
There are 13 Root DNS servers (labeled A through M)
TLD Servers
Responsible for domains such as .com, edu, org, .net, .uk, jp, fr
Network Solutions maintains TLD servers for .com
Educause maintains TLD servers for .edu
There are redundant servers throughout the world.
64
DNS Name Resolution
4
4
5
Step 4.
The local DNS server sends query for www.example.com to one of the
TLD servers.
Step 5.
TLD Server
Makes note of example.com
Returns IP address for authoritative server example.com (such as
dns.example.com server)
65
DNS Name Resolution
6
6
7
Step 6.
Local DNS server sends query for www.example.com directly to DNS
server for example.com
Step 7.
example.com DNS server responds with its IP address for
www.example.com
66
DNS Name Resolution
8
7
Step 8.
Local DNS server sends the IP address of www.example.com to the DNS
client.
DNS Caching
When a DNS server receives a DNS reply (mapping hostname to an IP
address) it can cache the information in its local memory.
DNS servers discard cached information after a period of time (usually 2
days)
A local DNS server can cache TLD server addresses, bypassing the root
DNS servers in the query chain.
67
DNS Name Resolution
In the worst cases, you'll get a dialog
box that says the domain name
doesn't exist - even though you know it
does.
This happens because the
authoritative server is slow replying to
the first, and your computer gets tired
of waiting so it times-out (drops the
connection) or the domain name does
not exist.
But if you try again, there's a good
chance it will work, because the
authoritative server has had enough
time to reply, and your name server
has stored the information in its cache.
68
nslookup
nslookup
Displays default DNS server for your host
Can be used to query a domain name and get the IP address
69
DNS Name
Resolution
ipconfig /displaydns
After a certain amount of time, specified in the Time to Live (TTL)
associated with the DNS resource record, the resolver discards the
record from the cache.
ipconfig /flushdns – Manually deletes entries
The default TTL for positive responses is 86,400 seconds (1 day).
The default TTL for negative responses is 300 seconds.
70
71
SMB – Server Message Block Protocol
The Server Message Block (SMB) is a client/server file sharing protocol.
IBM developed Server Message Block (SMB) in the late 1980s to describe
the structure of shared network resources, such as directories, files,
printers, and serial ports.
72
SMB
Request-response protocol .
Unlike FTP, clients establish a long term connection to servers.
Client can access the resources on the server as if the resource is local to
the client host.
SMB is sent over TCP
Prior to Windows 2000 windows used a proprietary protocol (NETBIOS)
to send SMB.
Linux/UNIX have similar protocol: SAMBA
73
SMB
SMB messages can:
Start, authenticate, and terminate sessions
Control file and printer access
Allow an application to send or receive messages to or from another
device
74
Peer-to-Peer (P2P) Networking and
Applications
In addition to the client/server model for networking, there is also a
peer-to-peer model.
Two or more computers are connected via a network and can share
resources (such as printers and files) without having a dedicated
server.
End devices (peers) can function as either a server or client.
75
P2P File Sharing
P2P (Peer-to-Peer) file sharing accounts for more traffic on the Internet than
any other application (2004).
Peers (hosts) act as both clients and servers.
No centralized file server.
HTTP GET and responses are commonly used.
76
By Peter Svensson
The Associated Press
Oct. 19, 2007
“Peer-to-peer applications account for between 50 percent and 90
percent of overall Internet traffic, according to a survey this year by
ipoque GmbH, a German vendor of traffic-management equipment.”
77
P2P – Centralized Directory
Peer
Peer
Centralized
Directory
Server
Peer
1 – Inform and Update
3 – File Transfer
Peer
Napster
Challenge with P2P – locating content across thousands or millions of
peers.
One solution – centralized directory
Approach done by Napster
Problems (non-legal problems)
Single point of failure
Performance bottlenecks
78
P2P – Centralized Directory
Peer B
Peer
Centralized
Directory
Server
Peer
1 – Inform and Update
3 – File Transfer
Peer A
1. Peer A starts P2P application
2. Informs centralized directory server of its:
IP address
Names of objects making available for sharing (MP3, videos, etc.)
3. Directory server collects information from each peer that becomes active.
Dynamic database
Maps IP addresses with object names
4. Peer A queries directory server for IP addresses of other peers for specific
content
Directory Server returns IP addresses for those peers (Peer B)
5. Peer A establishes TCP connection and downloads file (i.e. HTTP GET) from
other peer, Peer B.
6. Directory server removes Peer from database when Peer closes application
or disconnects from Internet (periodic messages – pings – from server).
79
P2P – Query
Flooding
Query
Query hit
Peer B
Peer C
Query
Query
Peer A
Peer D
Peer E
Peer F
Gnutella Limewire
Gnutella – public domain file sharing application
Fully distributed approach
No centralized server
Gnutella peer maintains peering relationship (TCP connection – later) which
a number of other peers (usually fewer than 10).
80
P2P – Query
Flooding
Query
Query hit
Peer B
Peer C
Query
Query
Peer A
Peer D
Peer E
Peer A searches for a file
Peer F
1. Peer A sends query to all neighboring peers.
2. If neighboring peer does not have file, forwards query to all its neighboring
peers
3. If any peer has the file it returns a query hit message.
4. Peer A selects a peer, Peer C, to retrieve file (HTTP GET)
5. A direct TCP connection is made with selected peer, Peer C.
6. HTTP response is used to send file.
Query Flooding
Non-scalable and causes a significant amount of traffic on Internet.
Gnutella modified it to limited-scope flooding which limits how many peers
away the query is sent to, usually 7 to 10. (similar to TTL – later).
81
P2P – Query
Flooding
Query
Query hit
Peer B
Peer C
Query
Query
Peer A
Peer D
Peer E
How a peer joins and departs GnutellaPeer
network
F
1. Finding peers:
Bootstrap program: Client maintains a list of peer IP addresses who are
usually up
Contact Gnutella site that maintains a list
2. Client attempts to make contact with peers (TCP connection – later)
3. Client sends Gnutella ping message to peer.
Forwards Gnutella ping to other peers, who continue to forward ping
until limited-scope is reached.
4. Each peer returns a Gnutella pong message including:
Its IP address
Number of files it is sharing
Total size of the files
82
P2P - Combination
Kazaa
Kazaa combines ideas from Napster and Gnutella
2004 – Contributed to more traffic on Internet than any other application
2007 – Bittorrent became the leading application
Proprietary technology
83
P2P - Combination
Group
Leader
Group
Leader
Group
Leader
Kazaa does not use a centralized server
Group leader peers (parent)
Higher bandwidth and Internet connectivity
Greater Gnutella responsibilites
Peers (child) – non-group leaders
Child peer establishes TCP connection with a group leader
Group leader:
maintains database directory of child peers including their IP addresses
maintain TCP connections with other group leaders
Child peers query group leaders who forward the query to other group leaders
Child peer selects peer for TCP connection and file transfer
84
Chapter 3
Application Layer Functionality
and Protocols