cis81-E1-3-ApplicationLayer

7/29/2019 cis81-E1-3-ApplicationLayer

1/93

Chapter 3

Application Layer Functionalityand Protocols

CIS 81 Networking Fundamentals

Rick GrazianiCabrillo College

[email protected]

Last Updated: 2/23/2008


2/93

2

This Presentation

For a copy of this presentation and access to my web site for otherCCNA, CCNP, and Wireless resources please email me for ausername and password.

Email: [email protected]

Web Site: www.cabrillo.edu/~rgraziani


3/93

3

Note

This presentation is not in the order of the book or online curriculum. This presentation also contains information beyond the curriculum.


4/93

Applications: Interface Between the

Networks


5/93

5

Application Layer: OSI and TCP/IP Models

The Application layer, Layer seven, is the top layer of both the OSI and

TCP/IP models. Provides the interface between the applications we use to communicate and

the underlying network.


6/93

6

Application layer protocols are used to exchange data between programsrunning on the source and destination hosts.

There are many Application layer protocols and new protocols are alwaysbeing developed.

Email

HTTP(www)

HTTP HTTP


7/93

7

Application Layer: OSI and TCP/IP Models

Functionality of the TCP/IP application layer protocols fit roughly into the

framework of the top three layers of the: OSI model: Application, Presentation and Session layers.

Most early TCP/IP application layer protocols were developed before theemergence of:

personal computers, graphical user interfaces and multimedia objects.

These protocols implement very little of the functionality that is specified in

the OSI model Presentation and Session layers.


8/93

8

The Presentation Layer

The Presentation layer has three primary functions: Coding and conversion of Application layer data to ensure that data

from the source device can be interpreted by destination device.

Compression of the data in a manner that can be decompressed bythe destination device. Encryption of the data for transmission and the decryption of data upon

receipt by the destination. Compression and Coding formats:

Graphics Interchange Format (GIF)

Joint Photographic Experts Group (JPEG) Tagged Image File Format (TIFF).


9/93

9

The Session Layer

Create and maintain dialogs between source and destination applications.

Handles the exchange of information to:

Initiate dialogs

keep them active

restart sessions that are disrupted or idle for a long period of time

Most applications, like web browsers or e-mail clients, incorporatefunctionality of the OSI layers 5, 6 and 7.


10/93

10

Application Layer: OSIand TCP/IP Models

Common TCP/IP Protocols Domain Name Service Protocol (DNS) is used to resolve Internet

names to IP addresses. Hypertext Transfer Protocol (HTTP) is used to transfer files that make

up the Web pages of the World Wide Web. Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail

messages and attachments. Telnet, a terminal emulation protocol, is used to provide remote access

to servers and networking devices.

File Transfer Protocol (FTP) is used for interactive file transferbetween systems.

Note: Usually a singleserver will function asa server for multipleapplications


11/93

11

RFCs: Request For Comments

The protocols in the TCP/IP suite are generally defined by Requests forComments (RFCs).

Maintained by IETF (Internet Engineering Task Force)

There are a few in there for fun - ftp://ftp.rfc-editor.org/in-

notes/rfc1882.txt.


12/93

12

Application LayerSoftware

Network-Aware Applications Applications are the software programs used by people to

communicate over the network.

They implement the application layer protocols and are able tocommunicate directly with the lower layers of the protocol stack.

Email Clients

Web Browsers

Userapplications

Services

SystemOperations

Within the Application layer,there are two forms ofsoftware programs orprocesses that provide

access to the network:

applications

services


13/93

13

Application Layer Software

Application layer Services

Other programs may need the assistance of Application layer servicesto use network resources such as:

File transfer

Network print spooling

These services are the programs that interface with the network and

prepare the data for transfer.

Userapplications

Services

SystemOperations


14/93

14

Application Layer Software

Application layer uses protocols that are implemented within applicationsand services.

Applications provide people a way to create messages.

Application layer services establish an interface to the network. Protocols provide the rules and formats that govern how data is

treated.

Bottom line:

When discussing an application like "Telnet" we could be referring to theapplication, the service, or the protocol.


15/93

15

Application Layer Protocol Functions

Application layer protocols are used by both the source and destinationdevices during a communication session.

The application layer protocols implemented on the source and destination

host must match. Protocols: (This will become clearer later! Herding cats.)

Establish consistent rules for exchanging data.

Specify the structure and type of messages that are exchanged.

Types: Request, response, acknowledgement, error message, etc.

Defines the dialogues, ensuring with transmissions met by expectedresponses, and with the correct service invoked.


16/93

16

Application Layer Protocol Functions

Applications and services can use multiple protocols.

Encapsulate the protocol or encapsulated by this protocol Invoke other protocols

Using a web browser (HTTP):

May invoke:

DNS, ARP, ICMP

May use:

TCP, UDP, Ethernet, PPP

Uses

IP


17/93

17

Client Server Model

Client: the device requesting the information

Server: the device responding to the request is called a server. The client begins the exchange by requesting data from the server.

Server responds by sending one or more streams of data to the client.

In addition to the actual data transfer, this exchange may also requirecontrol information, such as:

user authentication the identification of a data file to be transferred


18/93

18

Servers

A server is usually a computer that contains information to be shared withmany client systems.

Web server

Email server

File or database server Applications server

Some servers may require authentication of user account information andvary permissions.

Example, if you request to upload data to the FTP server, you may havepermission to write to your individual folder but not to read other files on thesite.


19/93

19

Servers

The server runs a service, or process, sometimes called a server daemon.

Daemons (like other services) typically run in the background and are notunder an end user's direct control.

Daemons are described as "listening" for a request from a client. Programmed to respond whenever the server receives a request for the

service provided by the daemon.

When a daemon "hears" a request from a client:

It exchanges appropriate messages with the client, as required by itsprotocol,

Proceeds to send the requested data to the client in the proper format.


20/93

20

Application LayerServices and Protocols

Servers typically have multiple clients requesting information at the sametime.

For example, a Telnet server may have many clients requestingconnections to it.

These individual client requests must be handled simultaneously andseparately for the network to succeed.

The Application layer processes and services rely on support from lowerlayer functions to successfully manage the multiple conversations.


21/93

Application Layer Protocols


22/93

22

HTTP(WWW)

FTP

SMTP(email)

Telnet

(file transfer)

(remote login)

DHCP

(IP address

resolution)

DNS

(file sharing)

P2P

(domain nameresolution)

(file sharing)

SMB

We will examine

HTTP in detail.

R i d f l ti /d l ti


23/93

23

DataHTTPHeader

TCPHeader

IPHeader

Data LinkHeader

Data LinkTrailer

IP PacketData LinkHeader

Data LinkTrailer


Data LinkTrailer


Data LinkTrailerIP PacketData LinkHeader

Data LinkTrailer


Data LinkTrailer


Data LinkTrailer

DataHTTPHeader

TCPHeader

IPHeader

Data LinkHeader

Data LinkTrailer

Reminder of encapsulation/decapsulation


24/93

24

Focus on Application Header and/or Data

We will examine how the application (header) and/or data communicationwith each other between the client and the server.

Later we will look at what roles the other layers, protocols (TCP, IP, etc.)play.

HTTP

HTTP


25/93

25

HTTP (HyperText Transfer Protocol)

HTTPThe Webs application layer protocol.

RFC 1945 and RFC 2616

Implemented in:

Client program

Server program

Current version: HTTP/1.1

Encapsulated in TCP (more later)

HTTPServer

HTTPClient

HTTPHTTP


26/93

26

HTTP (HyperText Transfer Protocol)

Web page (also called a html document)

Web page consists of objects

Objects (examples):

HTML file

JPEG image

GIF image

JAVA applet

Audio file

Rick Graziani, Cabrillo College


27/93

27

Web Browser - Client

Browser The user agent for the Web.

Displays requested Web page and provides navigational andconfiguration features.

Browser and client may be used interchangeably in this discussion.

HTTP has nothing to do with how a Web page is interpreted (displayed) by

the client (browser).

HTTPClient


28/93

28

Web Server

Web Server Stores web objects, each addressable by a URL.

Implement the server side of HTTP.

Examples:

Apache

Microsoft Internet Information Server

HTTP

Server
http://www.apache.org/


29/93

29

HTTP Request Message

Request Message

Request line

Header lines

ASCII Text

Request line: Method field

GET, POST and HEAD

The great majority of Requests are GETs

GET /~rgraziani/ HTTP/1.1

Accept-Language: en-us

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NETCLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)

Host: www.cabrillo.edu

Connection: Keep-Alive

HTTP Client

HTTPServer

Some data omitted for brevity


30/93

30


Request LineGET - Browser/client is requesting an object

/~rgraziani/ - Browser is requesting this object in this

directory (default is index.html)

HTTP/1.1 - Browser implements the HTTP/1.1 (1.1 isbackwards compatible with 1.0)

Note: HTTP GET is also used by some P2P applications like Gnutellaand Bittorrent.







31/93

31


Request LineGET: - Used by browser/client to request an object.

POST: - Used when user has filled out a form and sending

information to the server. (Forms do not have to

use POST.)

- Example: words in a search engine

HEAD: - Similar to a GET, but the server will responds with a

HTTP message but leaves out the requested object.

PUT: - Used with Web publishing tools, upload objects.

DELETE: - Used with Web publishing tools, delete objects.







32/93

32


Header LinesAccept-Language:- User prefers this language of the object

User-Agent: - The browser type making the request

Host: - Host on which the object resides

Connection: - Client/browser is telling the server to keepthis TCP connection Open, known as a

persistent connection.

- We will talk about this laterin TCP

(transport layer)







33/93

33

HTTP Response MessageHTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMT

Server: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html

Some data omitted for brevity

HTTP Client

HTTPServer


34/93

34



Response message:

Status line

Header lines

Entity body


35/93

35



Status Line

HTTP/1.1 Server is using HTTP/1.1

200 OK - Status code, request succeeded and information is

returned in response


36/93

36

HTTP Response MessageHTTP/1.1 404

Status Codes

200 OK

- Status code, request succeeded and information is returned in response.

301 Moved Permanently

- Requested object has been permanently moved.400 Bad Request

- Generic error message, request not understood by server.

404 Not Found:

-The requested document does not exist on server.

505 HTTP Version Not Supported- The re uested HTTP rotocol version not su orted b server.


37/93

37



Header Lines

Date: Server is using HTTP/1.1

Server: - Status code, request succeeded and

information is returned in response

Last-Modified: Date/time when object created or modified

Content-Length: Number of bytes in object being sent

Connection: Server going to close TCP connection after

sending the requested object.

Content-Type: Object in entity body is HTML text


38/93

38



Entity Body


39/93

39

HTTP Request and Response MessagesGET /~rgraziani/ HTTP/1.1





HTTP Client

HTTPServer

HTTP/1.1 200 OK

Date: Fri, 22 Feb 2008 16:34:18 GMTServer: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html

HTTP

HTTP


40/93

40

User-Server Interaction: Cookies

Web servers are considered stateless they do not maintain stateinformation, keep track of the user.

Higher performance allowing the server to handle thousands of

simultaneous TCP connections (later). Web servers use cookies to track users.

Cookies defined in RFC 2109


41/93

41

User-Server Interaction: Cookies

Web server installs cookies on client when:

Accessed the web site for the first time (Web server does not know clientby name.)

and/or User provides information to the web server. (Web server now knows

client by name.)

HTTP on Web server responds with a Set-cookie: header with an ID.

This IDis stored on the clients computer.

Each time client/browser accesses web site. The GET includes Cookie: orUser_ID or similar with the ID.

HTTP Client

HTTPServer

HTTP Requests (GET)now include ID

HTTP: ResponseSet-cookie: ID

HTTP Requests: GET(first time)

Web server can now

track clients activitieson the web site.


42/93

42

HTTP Request and Response MessagesGET /jpeg/cap81/cam0.36705623.rgb888.enc HTTP/1.1

Cookie: SLSPOTNAME5=Cowells; SLSPOTNAME4=Waimea%20Bay;SLSPOTNAME3=Pipeline; SLSPOTNAME2=38th%20Ave%2E; SLSPOTNAME1=Cowells;SLSPOTID5=4189; SLSPOTID4=4755; SLSPOTID3=4750; SLSPOTID2=4191;SLSPOTID1=4189; OAX=R8bfwEbcU08ABCBu; USER_ID=5551212 ;

HTTP Client

HTTPServer

HTTP/1.1 200 OKDate: Fri, 22 Feb 2008 19:00:15 GMTServer: Apache/1.3.34 (Unix)Last-Modified: Fri, 22 Feb 2008 18:51:47 GMTETag: "760a31-18ce-47bf19c3"Accept-Ranges: bytesContent-Length: 6350Keep-Alive: timeout=15, max=257

Connection: Keep-AliveContent-Type: text/plain

HTTP: Cookie 5551212 included

HTTP data customizedfor Rick Graziani


43/93

43

Web Caching

Web cache or proxy server Web cache satisfies HTTP requests on thebehalf of the Origin Web server.

Own disk storage

Keeps copies of recently requested objects Typically installed at ISP or larger institutions.

Advantages:

Reduces the response time for client requests, especially if there areany bottlenecks in the network.

Reduces traffic on institutions access link to the ISP (Internet).

Client

Client

Origin

Server

Orgin

Server

HTTPRequestHTTP

Request

HTTPRequestHTTP

Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

WebCache orProxyServer


44/93

44

Web Caching

1. Client/browser sends HTTP Request to Web cache (Proxy server).

2. Web cache checks to see if it has a local copy of the object.

2a. Local copy: Web cache sends object to clients browser.

2b. No Local copy: Web cache sends HTTP request to origin server.3. Origin server sends object to Web cache.

4. Web cache stores a local copy of the object.

5. Web cache forwards copy of the object to the client browser.

Note: TCP connections are also created between Client and Web Cache; Webcache and Origin server (later).

WebCache orProxyServer

Client

Client

Origin

Server

Origin

Server

HTTPRequestHTTP

Request

HTTPRequestHTTP

Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response


45/93


46/93

46

Web Cache Steps (Extra)

1. Client/browser sends HTTP Request to Web cache (Proxy server).

2. Web cache checks to see if it has a local copy of the object.

No local copy

3. Web cache sends HTTP request to origin server.

4. Origin Web server sends HTTP response with object requested

5. Web cache stores local copy of the object with last-modified date.

6. Web cache forwards object to client/browser.

1. Web cache receives another request for this HTTP object.

2. Web cache sends a Conditional GET to the Origin Web server, with If-modified-since: header.

3. Origin Web Server returns:

No change: HTTP Response message 304 Not Modified, no object.

Web cache sends local object.

Change: HTTP Response 200 OK, with object.

Web cache replace object and forwards update object.


47/93


48/93

48

FTP (File Transfer Protocol)

FTP was developed to allow for file transfers between a client and a server.

Used to push and pull files from a server running the FTP daemon (FTPd).

Uses get andput commands.

RFC 959

FTP

Client

FTP

Server

FTP (File Transfer Protocol)


49/93

49

Client initiates a TCP control connection with FTP server using port 21.

This connection remains openuntil the user quits the FTP application.

TCP port 21 connection includes:

Username and password is sent over TCP port 21. Remote directory changes

This state information significantly reduces total number of sessions onserver.

For each file transferred, TCP opens and closes a TCP data connection on port20.

More later on TCP ports and connections.

TCP data connection port 20

TCP control connection port 21

Username and password

Change directory on Server

Copy file from client to serverConnection Closed

TCP data connection port 20

Copy file from server to clientConnection Closed

TCP control connection port 21

Quit FTP ApplicationConnection Closed

( e a s e otoco )


50/93

50

SMTP Simple Mail Transfer Protocol

Email One of the killer applications of the Internet.



51/93

51

Internet mail involves:

User agents

Allows users to read, reply, compose, forward, save, etc., mail messages

GUI user agents: Outlook, Eudora, Messenger

Text user agents: mail, pine, elm

Mail servers

Stores user mail boxes, communicates with local user agents and othermail servers.

SMTP

Principle application layer protocol for Internet mail

Sent over TCP

Mail access protocols: POP3, IMAP, HTTP

SMTPSMTP

POP3IMAP

User agent User agentMail server Mail server

p



52/93

52

SMTP RFC 2821 Transfers messages from senders mail server to recipients mail

server Push protocol, not a pull protocol

Push (from client to server or server to server) Pull (from server to client)

Retrieving email Historically, users would log into local mail server to read mail. Since early 1990s, clients use mail access protocols:

POP3 IMAP

HTTP

SMTPSMTP

POP3IMAP

User agent User agentMail server Mail server

p a a s


53/93

53


POP3 (Post Office Protocol) RFC 1939 Limited functionality Uses TCP port 110

Download-and-delete mode Retrieves messages on server and store the locally Delete messages on server

Download-and-keep mode Does not delete messages on server when retrieved.

Problem Difficult to access email from multiple computers work and home. Some email may have already been downloaded on another

computer (work) download-and-delete To read email from another computer, must leave on server

download-and-keep Does not provide means for user to create remote folders on mail

server


54/93


55/93


56/93

56

Telnet

Telnet provides a standard method of emulating text-based terminal devicesover the data network.

Server

Telnet Telnet


57/93

57

Telnet

Allows a user to remotely access another device (host, router, switch).

A connection using Telnet is called a Virtual Terminal (VTY) session, orconnection.

Telnet uses software to create a virtual device that provides the samefeatures of a terminal session with access to the server command lineinterface (CLI).

Telnet clients:

Putty

Teraterm

Hyperterm

Server

TelnetTelnet


58/93

58

Telnet

Telnet supports user authentication, but does not encrypt data.

All data exchanged during a Telnet sessions is transported as plain text.

Secure Shell (SSH) protocol offers an alternate and secure method for

server access. Stronger authentication

Encrypts data


59/93

59

DHCP Dynamic Host Configuration Protocol

IP addresses and other information can be obtained:

Statically

Dynamically (DHCP)


60/93

60

DHCP

DHCP Information can include:

IP address

Subnet mask

Default gateway

Domain name DNS Server

DHCP servers can be:

Server on LAN

Router

Server at ISP


61/93

61

DHCP

We will discuss DHCP more when wediscuss IPv4.


62/93

62

DNS Domain Name System

DNS allows users (software) to use domain names instead of IP addresses


63/93

63

Name Resolution

Resolver DNS client programs used to look up DNS name information.Name Resolution The two types of queries that a DNS resolver (either a DNS client or another

DNS server) can make to a DNS server are the following:Recursive queries Queries performed by Host to Local DNS ServerIterative queries Queries performed Local DNS server to other servers

Need the IP address


64/93

22

3


65/93

65

Step 2.

Local DNS Server forwards the query to a Root DNS server.

Step 3.

Root DNS server

Makes note of .com suffix

Returns a list of IP addresses for TLD (Top Level Domain Servers)responsible for .com.

DNS Name Resolution

1

3


66/93

66

DNS Name Resolution

Root DNS Servers

There are 13 Root DNS servers (labeled A through M)

TLD Servers

Responsible for domains such as .com, edu, org, .net, .uk, jp, fr

Network Solutions maintains TLD servers for .com

Educause maintains TLD servers for .edu

There are redundant servers throughout the world.


67/93


68/93

68

Step 6.

Local DNS server sends query for www.example.com directly to DNSserver for example.com

Step 7.

example.com DNS server responds with its IP address forwww.example.com

6

6

DNS Name Resolution

7


69/93

69

Step 8.

LocalDNS server sends the IP address of www.example.com to the DNSclient.

DNS Caching

When a DNS server receives a DNS reply (mapping hostname to an IPaddress) it can cache the information in its local memory.

DNS servers discard cached information after a period of time (usually 2days)

A local DNS server can cache TLD server addresses, bypassing the root

DNS servers in the query chain.

8

7

DNS Name Resolution


70/93

70

DNS Name Resolution

In the worst cases, you'll get a dialog

box that says the domain namedoesn't exist - even though you know itdoes.

This happens because theauthoritative server is slow replying tothe first, and your computer gets tired

of waiting so it times-out (drops theconnection) or the domain name doesnot exist.

But if you try again, there's a goodchance it will work, because theauthoritative server has had enoughtime to reply, and your name serverhas stored the information in its cache.


71/93

71

nslookup

nslookup

Displays default DNS server for your host

Can be used to query a domain name and get the IP address

DNS N


72/93

72

DNS NameResolution

ipconfig /displaydns

After a certain amount of time, specified in the Time to Live (TTL)associated with the DNS resource record, the resolver discards therecord from the cache.

ipconfig /flushdns Manually deletes entries

The default TTL for positive responses is 86,400 seconds (1 day).

The default TTL for negative responses is 300 seconds.


73/93

73

(Missing Info)DNS: 204.127.199.8


74/93

74


75/93

75


76/93

SMB S M Bl k P t l


77/93

77

SMB Server Message Block Protocol

The Server Message Block (SMB) is a client/server file sharing protocol.IBM developed Server Message Block (SMB) in the late 1980s to describethe structure of shared network resources, such as directories, files,printers, and serial ports.

SMB


78/93

78

SMB

Request-response protocol .

Unlike FTP, clients establish a long term connection to servers.

Client can access the resources on the server as if the resource is local tothe client host.

SMB is sent over TCP

Prior to Windows 2000 windows used a proprietary protocol (NETBIOS)to send SMB.

Linux/UNIX have similar protocol: SAMBA

SMB


79/93

79

SMB

SMB messages can:

Start, authenticate, and terminate sessions

Control file and printer access Allow an application to send or receive messages to or from another

device

Peer-to-Peer (P2P) Networking and


80/93

80

( ) gApplications

In addition to the client/server model for networking, there is also apeer-to-peer model.

Two or more computers are connected via a network and can shareresources (such as printers and files) without having a dedicatedserver.

End devices (peers) can function as either a serverorclient.

P2P File Sharing


81/93

81

P2P File Sharing

P2P (Peer-to-Peer) file sharing accounts for more traffic on the Internet thanany other application (2004).

Peers (hosts) act as both clients and servers.

No centralized file server.

HTTP GET and responses are commonly used.


82/93

82

By Peter Svensson

The Associated Press

Oct. 19, 2007

Peer-to-peer applications account for between 50 percent and 90percent of overall Internet traffic, according to a survey this year by

ipoque GmbH, a German vendor of traffic-management equipment.

P2P Centralized Directory Peer


83/93

83

Challenge with P2P locating content across thousands or millions of

peers. One solution centralized directory

Approach done by Napster

Problems (non-legal problems)

Single point of failure

Performance bottlenecks

CentralizedDirectoryServer

1 Inform and Update

Peer

Peer

Peer

3 File Transfer

Napster

P2P Centralized Directory Peer B


84/93

84

1. Peer A starts P2P application

2. Informs centralized directory server of its:

IP address

Names of objects making available for sharing (MP3, videos, etc.)

3. Directory server collects information from each peer that becomes active.

Dynamic database

Maps IP addresses with object names

4. Peer A queries directory server for IP addresses of other peers for specificcontent

Directory Server returns IP addresses for those peers (Peer B)

5. Peer A establishes TCP connection and downloads file (i.e. HTTP GET) fromother peer, Peer B.

6. Directory server removes Peer from database when Peer closes applicationor disconnects from Internet eriodic messa es in s from server .

CentralizedDirectoryServer

1 Inform and Update

Peer

Peer

Peer A

3 File Transfer

P2P QueryFlooding

P CP B

Query

Query hit


85/93

85

Gnutella public domain file sharing application

Fully distributed approach

No centralized server

Gnutella peer maintains peering relationship (TCP connection later) whicha number of other peers (usually fewer than 10).

Flooding

Peer A

Peer CPeer B

Peer D Peer E

Peer F

Query

Query

Gnutella

P CP B

P2P QueryFlooding

Query

Query hit


86/93

86

Peer A searches for a file

1. Peer A sends query to all neighboring peers.

2. If neighboring peer does not have file, forwards query to all its neighboringpeers

3. If any peer has the file it returns a query hit message.

4. Peer A selects a peer, Peer C, to retrieve file (HTTP GET)

5. A direct TCP connection is made with selected peer, Peer C.

6. HTTP response is used to send file.

Query Flooding

Non-scalable and causes a significant amount of traffic on Internet.

Gnutella modified it to limited-scope flooding which limits how many peersaway the query is sent to, usually 7 to 10. (similar to TTL later).

Peer A

Peer CPeer B

Peer D

Flooding

Peer E

Peer F

Query

Query

P CP B

P2P QueryFlooding

Query

Query hit


87/93

87

How a peer joins and departs Gnutella network

1. Finding peers:

Bootstrap program: Client maintains a list of peer IP addresses who areusually up

Contact Gnutella site that maintains a list

2. Client attempts to make contact with peers (TCP connection later)

3. Client sends Gnutella ping message to peer.

Forwards Gnutella ping to other peers, who continue to forward pinguntil limited-scope is reached.

4. Each peer returns a Gnutella pong message including:

Its IP address

Number of files it is sharing

Total size of the files

Peer A

Peer CPeer B

Peer D

ood g

Peer E

Peer F

Query

Query

P2P - Combination


88/93

88

Kazaa combines ideas from Napster and Gnutella

2004 Contributed to more traffic on Internet than any other application

2007 Bittorrent became the leading application

Proprietary technology

Kazaa

P2P - Combination


89/93

89

Kazaa does not use a centralized server Group leader peers (parent)

Higher bandwidth and Internet connectivity

Greater Gnutella responsibilites

Peers (child) non-group leaders

Child peer establishes TCP connection with a group leader

Group leader:

maintains database directory of child peers including their IP addresses

maintain TCP connections with other group leaders

Child peers query group leaders who forward the query to other group leaders

Child peer selects peer for TCP connection and file transfer

GroupLeader

GroupLeader

GroupLeader


90/93

netstat


91/93

netstat

91

Netstat es una herramienta que permite identificar las conexiones

TCP que estn activas en la mquina en la que se ejecuta elcomando. A su vez, esta herramienta crea una lista con todos lospuertos TCP y UDP que estn abiertos en el ordenador.El comando "netstat" tambin permite a su vez obtener estadsticasde numerosos protocolos (Ethernet, IPv4, TCP, UDP, ICMP y IPv6).

Configuracin del comando Netstat

Cuando se lo utiliza sin argumentos, el comando netstat muestratodas las conexiones abiertas por el ordenador. El comando netstatposee una serie de configuraciones opcionales, cuya sintaxis es la

siguiente: La sintaxis es:netstat [-a] [-e] [-n] [-o] [-s] [-p PROTO] [-r] [interval]

nslookup
http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/ports.php3http://es.kioskea.net/contents/internet/protocol.php3http://es.kioskea.net/contents/technologies/ethernet.php3http://es.kioskea.net/contents/internet/ip.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/udp.php3http://es.kioskea.net/contents/internet/icmp.php3http://es.kioskea.net/contents/internet/ipv6.php3http://es.kioskea.net/contents/internet/ipv6.php3http://es.kioskea.net/contents/internet/ipv6.php3http://es.kioskea.net/contents/internet/icmp.php3http://es.kioskea.net/contents/internet/udp.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/ip.php3http://es.kioskea.net/contents/internet/ip.php3http://es.kioskea.net/contents/technologies/ethernet.php3http://es.kioskea.net/contents/internet/protocol.php3http://es.kioskea.net/contents/internet/ports.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/tcp.php3


92/93

nslookup

Nslookup es un programa, utilizado para saber si el DNS est

resolviendo correctamente los nombres y las IP. Se utiliza con elcomando nslookup, que funciona tanto en Windows como en UNIXpara obtener la direccin IP conociendo el nombre, y viceversa.

Por ejemplo:

Al preguntar quin es es.wikipedia.org se obtiene:

nslookup es.wikipedia.org

Server: 192.168.1.1

Address: 192.168.1.1

Revisar: secpol.msc

92
http://es.wikipedia.org/wiki/DNShttp://es.wikipedia.org/wiki/IPhttp://es.wikipedia.org/wiki/Windowshttp://es.wikipedia.org/wiki/UNIXhttp://es.wikipedia.org/wiki/UNIXhttp://es.wikipedia.org/wiki/Windowshttp://es.wikipedia.org/wiki/IPhttp://es.wikipedia.org/wiki/DNS


93/93

Chapter 3Application Layer Functionality

and Protocols

CIS 81 Networking Fundamentals

Rick Graziani

Cabrillo College

[email protected]

L t U d t d 2/23/2008

cis81-E1-3-ApplicationLayer

Documents

Transcript of cis81-E1-3-ApplicationLayer