cis81-E1-3-ApplicationLayer
Transcript of cis81-E1-3-ApplicationLayer
-
7/29/2019 cis81-E1-3-ApplicationLayer
1/93
Chapter 3
Application Layer Functionalityand Protocols
CIS 81 Networking Fundamentals
Rick GrazianiCabrillo College
Last Updated: 2/23/2008
-
7/29/2019 cis81-E1-3-ApplicationLayer
2/93
2
This Presentation
For a copy of this presentation and access to my web site for otherCCNA, CCNP, and Wireless resources please email me for ausername and password.
Email: [email protected]
Web Site: www.cabrillo.edu/~rgraziani
-
7/29/2019 cis81-E1-3-ApplicationLayer
3/93
3
Note
This presentation is not in the order of the book or online curriculum. This presentation also contains information beyond the curriculum.
-
7/29/2019 cis81-E1-3-ApplicationLayer
4/93
Applications: Interface Between the
Networks
-
7/29/2019 cis81-E1-3-ApplicationLayer
5/93
5
Application Layer: OSI and TCP/IP Models
The Application layer, Layer seven, is the top layer of both the OSI and
TCP/IP models. Provides the interface between the applications we use to communicate and
the underlying network.
-
7/29/2019 cis81-E1-3-ApplicationLayer
6/93
6
Application layer protocols are used to exchange data between programsrunning on the source and destination hosts.
There are many Application layer protocols and new protocols are alwaysbeing developed.
Email
HTTP(www)
HTTP HTTP
-
7/29/2019 cis81-E1-3-ApplicationLayer
7/93
7
Application Layer: OSI and TCP/IP Models
Functionality of the TCP/IP application layer protocols fit roughly into the
framework of the top three layers of the: OSI model: Application, Presentation and Session layers.
Most early TCP/IP application layer protocols were developed before theemergence of:
personal computers, graphical user interfaces and multimedia objects.
These protocols implement very little of the functionality that is specified in
the OSI model Presentation and Session layers.
-
7/29/2019 cis81-E1-3-ApplicationLayer
8/93
8
The Presentation Layer
The Presentation layer has three primary functions: Coding and conversion of Application layer data to ensure that data
from the source device can be interpreted by destination device.
Compression of the data in a manner that can be decompressed bythe destination device. Encryption of the data for transmission and the decryption of data upon
receipt by the destination. Compression and Coding formats:
Graphics Interchange Format (GIF)
Joint Photographic Experts Group (JPEG) Tagged Image File Format (TIFF).
-
7/29/2019 cis81-E1-3-ApplicationLayer
9/93
9
The Session Layer
Create and maintain dialogs between source and destination applications.
Handles the exchange of information to:
Initiate dialogs
keep them active
restart sessions that are disrupted or idle for a long period of time
Most applications, like web browsers or e-mail clients, incorporatefunctionality of the OSI layers 5, 6 and 7.
-
7/29/2019 cis81-E1-3-ApplicationLayer
10/93
10
Application Layer: OSIand TCP/IP Models
Common TCP/IP Protocols Domain Name Service Protocol (DNS) is used to resolve Internet
names to IP addresses. Hypertext Transfer Protocol (HTTP) is used to transfer files that make
up the Web pages of the World Wide Web. Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail
messages and attachments. Telnet, a terminal emulation protocol, is used to provide remote access
to servers and networking devices.
File Transfer Protocol (FTP) is used for interactive file transferbetween systems.
Note: Usually a singleserver will function asa server for multipleapplications
-
7/29/2019 cis81-E1-3-ApplicationLayer
11/93
11
RFCs: Request For Comments
The protocols in the TCP/IP suite are generally defined by Requests forComments (RFCs).
Maintained by IETF (Internet Engineering Task Force)
There are a few in there for fun - ftp://ftp.rfc-editor.org/in-
notes/rfc1882.txt.
-
7/29/2019 cis81-E1-3-ApplicationLayer
12/93
12
Application LayerSoftware
Network-Aware Applications Applications are the software programs used by people to
communicate over the network.
They implement the application layer protocols and are able tocommunicate directly with the lower layers of the protocol stack.
Email Clients
Web Browsers
Userapplications
Services
SystemOperations
Within the Application layer,there are two forms ofsoftware programs orprocesses that provide
access to the network:
applications
services
-
7/29/2019 cis81-E1-3-ApplicationLayer
13/93
13
Application Layer Software
Application layer Services
Other programs may need the assistance of Application layer servicesto use network resources such as:
File transfer
Network print spooling
These services are the programs that interface with the network and
prepare the data for transfer.
Userapplications
Services
SystemOperations
-
7/29/2019 cis81-E1-3-ApplicationLayer
14/93
14
Application Layer Software
Application layer uses protocols that are implemented within applicationsand services.
Applications provide people a way to create messages.
Application layer services establish an interface to the network. Protocols provide the rules and formats that govern how data is
treated.
Bottom line:
When discussing an application like "Telnet" we could be referring to theapplication, the service, or the protocol.
-
7/29/2019 cis81-E1-3-ApplicationLayer
15/93
15
Application Layer Protocol Functions
Application layer protocols are used by both the source and destinationdevices during a communication session.
The application layer protocols implemented on the source and destination
host must match. Protocols: (This will become clearer later! Herding cats.)
Establish consistent rules for exchanging data.
Specify the structure and type of messages that are exchanged.
Types: Request, response, acknowledgement, error message, etc.
Defines the dialogues, ensuring with transmissions met by expectedresponses, and with the correct service invoked.
-
7/29/2019 cis81-E1-3-ApplicationLayer
16/93
16
Application Layer Protocol Functions
Applications and services can use multiple protocols.
Encapsulate the protocol or encapsulated by this protocol Invoke other protocols
Using a web browser (HTTP):
May invoke:
DNS, ARP, ICMP
May use:
TCP, UDP, Ethernet, PPP
Uses
IP
-
7/29/2019 cis81-E1-3-ApplicationLayer
17/93
17
Client Server Model
Client: the device requesting the information
Server: the device responding to the request is called a server. The client begins the exchange by requesting data from the server.
Server responds by sending one or more streams of data to the client.
In addition to the actual data transfer, this exchange may also requirecontrol information, such as:
user authentication the identification of a data file to be transferred
-
7/29/2019 cis81-E1-3-ApplicationLayer
18/93
18
Servers
A server is usually a computer that contains information to be shared withmany client systems.
Web server
Email server
File or database server Applications server
Some servers may require authentication of user account information andvary permissions.
Example, if you request to upload data to the FTP server, you may havepermission to write to your individual folder but not to read other files on thesite.
-
7/29/2019 cis81-E1-3-ApplicationLayer
19/93
19
Servers
The server runs a service, or process, sometimes called a server daemon.
Daemons (like other services) typically run in the background and are notunder an end user's direct control.
Daemons are described as "listening" for a request from a client. Programmed to respond whenever the server receives a request for the
service provided by the daemon.
When a daemon "hears" a request from a client:
It exchanges appropriate messages with the client, as required by itsprotocol,
Proceeds to send the requested data to the client in the proper format.
-
7/29/2019 cis81-E1-3-ApplicationLayer
20/93
20
Application LayerServices and Protocols
Servers typically have multiple clients requesting information at the sametime.
For example, a Telnet server may have many clients requestingconnections to it.
These individual client requests must be handled simultaneously andseparately for the network to succeed.
The Application layer processes and services rely on support from lowerlayer functions to successfully manage the multiple conversations.
-
7/29/2019 cis81-E1-3-ApplicationLayer
21/93
Application Layer Protocols
-
7/29/2019 cis81-E1-3-ApplicationLayer
22/93
22
HTTP(WWW)
FTP
SMTP(email)
Telnet
(file transfer)
(remote login)
DHCP
(IP address
resolution)
DNS
(file sharing)
P2P
(domain nameresolution)
(file sharing)
SMB
We will examine
HTTP in detail.
R i d f l ti /d l ti
-
7/29/2019 cis81-E1-3-ApplicationLayer
23/93
23
DataHTTPHeader
TCPHeader
IPHeader
Data LinkHeader
Data LinkTrailer
IP PacketData LinkHeader
Data LinkTrailer
IP PacketData LinkHeader
Data LinkTrailer
IP PacketData LinkHeader
Data LinkTrailerIP PacketData LinkHeader
Data LinkTrailer
IP PacketData LinkHeader
Data LinkTrailer
IP PacketData LinkHeader
Data LinkTrailer
DataHTTPHeader
TCPHeader
IPHeader
Data LinkHeader
Data LinkTrailer
Reminder of encapsulation/decapsulation
-
7/29/2019 cis81-E1-3-ApplicationLayer
24/93
24
Focus on Application Header and/or Data
We will examine how the application (header) and/or data communicationwith each other between the client and the server.
Later we will look at what roles the other layers, protocols (TCP, IP, etc.)play.
HTTP
HTTP
-
7/29/2019 cis81-E1-3-ApplicationLayer
25/93
25
HTTP (HyperText Transfer Protocol)
HTTPThe Webs application layer protocol.
RFC 1945 and RFC 2616
Implemented in:
Client program
Server program
Current version: HTTP/1.1
Encapsulated in TCP (more later)
HTTPServer
HTTPClient
HTTPHTTP
-
7/29/2019 cis81-E1-3-ApplicationLayer
26/93
26
HTTP (HyperText Transfer Protocol)
Web page (also called a html document)
Web page consists of objects
Objects (examples):
HTML file
JPEG image
GIF image
JAVA applet
Audio file
Rick Graziani, Cabrillo College
-
7/29/2019 cis81-E1-3-ApplicationLayer
27/93
27
Web Browser - Client
Browser The user agent for the Web.
Displays requested Web page and provides navigational andconfiguration features.
Browser and client may be used interchangeably in this discussion.
HTTP has nothing to do with how a Web page is interpreted (displayed) by
the client (browser).
HTTPClient
-
7/29/2019 cis81-E1-3-ApplicationLayer
28/93
28
Web Server
Web Server Stores web objects, each addressable by a URL.
Implement the server side of HTTP.
Examples:
Apache
Microsoft Internet Information Server
HTTP
Server
http://www.apache.org/ -
7/29/2019 cis81-E1-3-ApplicationLayer
29/93
29
HTTP Request Message
Request Message
Request line
Header lines
ASCII Text
Request line: Method field
GET, POST and HEAD
The great majority of Requests are GETs
GET /~rgraziani/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NETCLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.cabrillo.edu
Connection: Keep-Alive
HTTP Client
HTTPServer
Some data omitted for brevity
-
7/29/2019 cis81-E1-3-ApplicationLayer
30/93
30
HTTP Request Message
Request LineGET - Browser/client is requesting an object
/~rgraziani/ - Browser is requesting this object in this
directory (default is index.html)
HTTP/1.1 - Browser implements the HTTP/1.1 (1.1 isbackwards compatible with 1.0)
Note: HTTP GET is also used by some P2P applications like Gnutellaand Bittorrent.
GET /~rgraziani/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NETCLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.cabrillo.edu
Connection: Keep-Alive
-
7/29/2019 cis81-E1-3-ApplicationLayer
31/93
31
HTTP Request Message
Request LineGET: - Used by browser/client to request an object.
POST: - Used when user has filled out a form and sending
information to the server. (Forms do not have to
use POST.)
- Example: words in a search engine
HEAD: - Similar to a GET, but the server will responds with a
HTTP message but leaves out the requested object.
PUT: - Used with Web publishing tools, upload objects.
DELETE: - Used with Web publishing tools, delete objects.
GET /~rgraziani/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NETCLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.cabrillo.edu
Connection: Keep-Alive
-
7/29/2019 cis81-E1-3-ApplicationLayer
32/93
32
HTTP Request Message
Header LinesAccept-Language:- User prefers this language of the object
User-Agent: - The browser type making the request
Host: - Host on which the object resides
Connection: - Client/browser is telling the server to keepthis TCP connection Open, known as a
persistent connection.
- We will talk about this laterin TCP
(transport layer)
GET /~rgraziani/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NETCLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.cabrillo.edu
Connection: Keep-Alive
-
7/29/2019 cis81-E1-3-ApplicationLayer
33/93
33
HTTP Response MessageHTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html
Some data omitted for brevity
HTTP Client
HTTPServer
-
7/29/2019 cis81-E1-3-ApplicationLayer
34/93
34
HTTP Response MessageHTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html
Response message:
Status line
Header lines
Entity body
-
7/29/2019 cis81-E1-3-ApplicationLayer
35/93
35
HTTP Response MessageHTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html
Status Line
HTTP/1.1 Server is using HTTP/1.1
200 OK - Status code, request succeeded and information is
returned in response
-
7/29/2019 cis81-E1-3-ApplicationLayer
36/93
36
HTTP Response MessageHTTP/1.1 404
Status Codes
200 OK
- Status code, request succeeded and information is returned in response.
301 Moved Permanently
- Requested object has been permanently moved.400 Bad Request
- Generic error message, request not understood by server.
404 Not Found:
-The requested document does not exist on server.
505 HTTP Version Not Supported- The re uested HTTP rotocol version not su orted b server.
-
7/29/2019 cis81-E1-3-ApplicationLayer
37/93
37
HTTP Response MessageHTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html
Header Lines
Date: Server is using HTTP/1.1
Server: - Status code, request succeeded and
information is returned in response
Last-Modified: Date/time when object created or modified
Content-Length: Number of bytes in object being sent
Connection: Server going to close TCP connection after
sending the requested object.
Content-Type: Object in entity body is HTML text
-
7/29/2019 cis81-E1-3-ApplicationLayer
38/93
38
HTTP Response MessageHTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMT
Server: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html
Entity Body
-
7/29/2019 cis81-E1-3-ApplicationLayer
39/93
39
HTTP Request and Response MessagesGET /~rgraziani/ HTTP/1.1
Accept-Language: en-us
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NETCLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)
Host: www.cabrillo.edu
Connection: Keep-Alive
HTTP Client
HTTPServer
HTTP/1.1 200 OK
Date: Fri, 22 Feb 2008 16:34:18 GMTServer: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html
HTTP
HTTP
-
7/29/2019 cis81-E1-3-ApplicationLayer
40/93
40
User-Server Interaction: Cookies
Web servers are considered stateless they do not maintain stateinformation, keep track of the user.
Higher performance allowing the server to handle thousands of
simultaneous TCP connections (later). Web servers use cookies to track users.
Cookies defined in RFC 2109
-
7/29/2019 cis81-E1-3-ApplicationLayer
41/93
41
User-Server Interaction: Cookies
Web server installs cookies on client when:
Accessed the web site for the first time (Web server does not know clientby name.)
and/or User provides information to the web server. (Web server now knows
client by name.)
HTTP on Web server responds with a Set-cookie: header with an ID.
This IDis stored on the clients computer.
Each time client/browser accesses web site. The GET includes Cookie: orUser_ID or similar with the ID.
HTTP Client
HTTPServer
HTTP Requests (GET)now include ID
HTTP: ResponseSet-cookie: ID
HTTP Requests: GET(first time)
Web server can now
track clients activitieson the web site.
-
7/29/2019 cis81-E1-3-ApplicationLayer
42/93
42
HTTP Request and Response MessagesGET /jpeg/cap81/cam0.36705623.rgb888.enc HTTP/1.1
Cookie: SLSPOTNAME5=Cowells; SLSPOTNAME4=Waimea%20Bay;SLSPOTNAME3=Pipeline; SLSPOTNAME2=38th%20Ave%2E; SLSPOTNAME1=Cowells;SLSPOTID5=4189; SLSPOTID4=4755; SLSPOTID3=4750; SLSPOTID2=4191;SLSPOTID1=4189; OAX=R8bfwEbcU08ABCBu; USER_ID=5551212 ;
HTTP Client
HTTPServer
HTTP/1.1 200 OKDate: Fri, 22 Feb 2008 19:00:15 GMTServer: Apache/1.3.34 (Unix)Last-Modified: Fri, 22 Feb 2008 18:51:47 GMTETag: "760a31-18ce-47bf19c3"Accept-Ranges: bytesContent-Length: 6350Keep-Alive: timeout=15, max=257
Connection: Keep-AliveContent-Type: text/plain
HTTP: Cookie 5551212 included
HTTP data customizedfor Rick Graziani
-
7/29/2019 cis81-E1-3-ApplicationLayer
43/93
43
Web Caching
Web cache or proxy server Web cache satisfies HTTP requests on thebehalf of the Origin Web server.
Own disk storage
Keeps copies of recently requested objects Typically installed at ISP or larger institutions.
Advantages:
Reduces the response time for client requests, especially if there areany bottlenecks in the network.
Reduces traffic on institutions access link to the ISP (Internet).
Client
Client
Origin
Server
Orgin
Server
HTTPRequestHTTP
Request
HTTPRequestHTTP
Request
HTTP Response
HTTP Response
HTTP Response
HTTP Response
WebCache orProxyServer
-
7/29/2019 cis81-E1-3-ApplicationLayer
44/93
44
Web Caching
1. Client/browser sends HTTP Request to Web cache (Proxy server).
2. Web cache checks to see if it has a local copy of the object.
2a. Local copy: Web cache sends object to clients browser.
2b. No Local copy: Web cache sends HTTP request to origin server.3. Origin server sends object to Web cache.
4. Web cache stores a local copy of the object.
5. Web cache forwards copy of the object to the client browser.
Note: TCP connections are also created between Client and Web Cache; Webcache and Origin server (later).
WebCache orProxyServer
Client
Client
Origin
Server
Origin
Server
HTTPRequestHTTP
Request
HTTPRequestHTTP
Request
HTTP Response
HTTP Response
HTTP Response
HTTP Response
-
7/29/2019 cis81-E1-3-ApplicationLayer
45/93
-
7/29/2019 cis81-E1-3-ApplicationLayer
46/93
46
Web Cache Steps (Extra)
1. Client/browser sends HTTP Request to Web cache (Proxy server).
2. Web cache checks to see if it has a local copy of the object.
No local copy
3. Web cache sends HTTP request to origin server.
4. Origin Web server sends HTTP response with object requested
5. Web cache stores local copy of the object with last-modified date.
6. Web cache forwards object to client/browser.
1. Web cache receives another request for this HTTP object.
2. Web cache sends a Conditional GET to the Origin Web server, with If-modified-since: header.
3. Origin Web Server returns:
No change: HTTP Response message 304 Not Modified, no object.
Web cache sends local object.
Change: HTTP Response 200 OK, with object.
Web cache replace object and forwards update object.
-
7/29/2019 cis81-E1-3-ApplicationLayer
47/93
-
7/29/2019 cis81-E1-3-ApplicationLayer
48/93
48
FTP (File Transfer Protocol)
FTP was developed to allow for file transfers between a client and a server.
Used to push and pull files from a server running the FTP daemon (FTPd).
Uses get andput commands.
RFC 959
FTP
Client
FTP
Server
FTP (File Transfer Protocol)
-
7/29/2019 cis81-E1-3-ApplicationLayer
49/93
49
Client initiates a TCP control connection with FTP server using port 21.
This connection remains openuntil the user quits the FTP application.
TCP port 21 connection includes:
Username and password is sent over TCP port 21. Remote directory changes
This state information significantly reduces total number of sessions onserver.
For each file transferred, TCP opens and closes a TCP data connection on port20.
More later on TCP ports and connections.
TCP data connection port 20
TCP control connection port 21
Username and password
Change directory on Server
Copy file from client to serverConnection Closed
TCP data connection port 20
Copy file from server to clientConnection Closed
TCP control connection port 21
Quit FTP ApplicationConnection Closed
( e a s e otoco )
-
7/29/2019 cis81-E1-3-ApplicationLayer
50/93
50
SMTP Simple Mail Transfer Protocol
Email One of the killer applications of the Internet.
SMTP Simple Mail Transfer Protocol
-
7/29/2019 cis81-E1-3-ApplicationLayer
51/93
51
Internet mail involves:
User agents
Allows users to read, reply, compose, forward, save, etc., mail messages
GUI user agents: Outlook, Eudora, Messenger
Text user agents: mail, pine, elm
Mail servers
Stores user mail boxes, communicates with local user agents and othermail servers.
SMTP
Principle application layer protocol for Internet mail
Sent over TCP
Mail access protocols: POP3, IMAP, HTTP
SMTPSMTP
POP3IMAP
User agent User agentMail server Mail server
p
SMTP Simple Mail Transfer Protocol
-
7/29/2019 cis81-E1-3-ApplicationLayer
52/93
52
SMTP RFC 2821 Transfers messages from senders mail server to recipients mail
server Push protocol, not a pull protocol
Push (from client to server or server to server) Pull (from server to client)
Retrieving email Historically, users would log into local mail server to read mail. Since early 1990s, clients use mail access protocols:
POP3 IMAP
HTTP
SMTPSMTP
POP3IMAP
User agent User agentMail server Mail server
p a a s
-
7/29/2019 cis81-E1-3-ApplicationLayer
53/93
53
SMTP Simple Mail Transfer Protocol
POP3 (Post Office Protocol) RFC 1939 Limited functionality Uses TCP port 110
Download-and-delete mode Retrieves messages on server and store the locally Delete messages on server
Download-and-keep mode Does not delete messages on server when retrieved.
Problem Difficult to access email from multiple computers work and home. Some email may have already been downloaded on another
computer (work) download-and-delete To read email from another computer, must leave on server
download-and-keep Does not provide means for user to create remote folders on mail
server
-
7/29/2019 cis81-E1-3-ApplicationLayer
54/93
-
7/29/2019 cis81-E1-3-ApplicationLayer
55/93
-
7/29/2019 cis81-E1-3-ApplicationLayer
56/93
56
Telnet
Telnet provides a standard method of emulating text-based terminal devicesover the data network.
Server
Telnet Telnet
-
7/29/2019 cis81-E1-3-ApplicationLayer
57/93
57
Telnet
Allows a user to remotely access another device (host, router, switch).
A connection using Telnet is called a Virtual Terminal (VTY) session, orconnection.
Telnet uses software to create a virtual device that provides the samefeatures of a terminal session with access to the server command lineinterface (CLI).
Telnet clients:
Putty
Teraterm
Hyperterm
Server
TelnetTelnet
-
7/29/2019 cis81-E1-3-ApplicationLayer
58/93
58
Telnet
Telnet supports user authentication, but does not encrypt data.
All data exchanged during a Telnet sessions is transported as plain text.
Secure Shell (SSH) protocol offers an alternate and secure method for
server access. Stronger authentication
Encrypts data
-
7/29/2019 cis81-E1-3-ApplicationLayer
59/93
59
DHCP Dynamic Host Configuration Protocol
IP addresses and other information can be obtained:
Statically
Dynamically (DHCP)
-
7/29/2019 cis81-E1-3-ApplicationLayer
60/93
60
DHCP
DHCP Information can include:
IP address
Subnet mask
Default gateway
Domain name DNS Server
DHCP servers can be:
Server on LAN
Router
Server at ISP
-
7/29/2019 cis81-E1-3-ApplicationLayer
61/93
61
DHCP
We will discuss DHCP more when wediscuss IPv4.
-
7/29/2019 cis81-E1-3-ApplicationLayer
62/93
62
DNS Domain Name System
DNS allows users (software) to use domain names instead of IP addresses
-
7/29/2019 cis81-E1-3-ApplicationLayer
63/93
63
Name Resolution
Resolver DNS client programs used to look up DNS name information.Name Resolution The two types of queries that a DNS resolver (either a DNS client or another
DNS server) can make to a DNS server are the following:Recursive queries Queries performed by Host to Local DNS ServerIterative queries Queries performed Local DNS server to other servers
Need the IP address
-
7/29/2019 cis81-E1-3-ApplicationLayer
64/93
22
3
-
7/29/2019 cis81-E1-3-ApplicationLayer
65/93
65
Step 2.
Local DNS Server forwards the query to a Root DNS server.
Step 3.
Root DNS server
Makes note of .com suffix
Returns a list of IP addresses for TLD (Top Level Domain Servers)responsible for .com.
DNS Name Resolution
1
3
-
7/29/2019 cis81-E1-3-ApplicationLayer
66/93
66
DNS Name Resolution
Root DNS Servers
There are 13 Root DNS servers (labeled A through M)
TLD Servers
Responsible for domains such as .com, edu, org, .net, .uk, jp, fr
Network Solutions maintains TLD servers for .com
Educause maintains TLD servers for .edu
There are redundant servers throughout the world.
-
7/29/2019 cis81-E1-3-ApplicationLayer
67/93
-
7/29/2019 cis81-E1-3-ApplicationLayer
68/93
68
Step 6.
Local DNS server sends query for www.example.com directly to DNSserver for example.com
Step 7.
example.com DNS server responds with its IP address forwww.example.com
6
6
DNS Name Resolution
7
-
7/29/2019 cis81-E1-3-ApplicationLayer
69/93
69
Step 8.
LocalDNS server sends the IP address of www.example.com to the DNSclient.
DNS Caching
When a DNS server receives a DNS reply (mapping hostname to an IPaddress) it can cache the information in its local memory.
DNS servers discard cached information after a period of time (usually 2days)
A local DNS server can cache TLD server addresses, bypassing the root
DNS servers in the query chain.
8
7
DNS Name Resolution
-
7/29/2019 cis81-E1-3-ApplicationLayer
70/93
70
DNS Name Resolution
In the worst cases, you'll get a dialog
box that says the domain namedoesn't exist - even though you know itdoes.
This happens because theauthoritative server is slow replying tothe first, and your computer gets tired
of waiting so it times-out (drops theconnection) or the domain name doesnot exist.
But if you try again, there's a goodchance it will work, because theauthoritative server has had enoughtime to reply, and your name serverhas stored the information in its cache.
-
7/29/2019 cis81-E1-3-ApplicationLayer
71/93
71
nslookup
nslookup
Displays default DNS server for your host
Can be used to query a domain name and get the IP address
DNS N
-
7/29/2019 cis81-E1-3-ApplicationLayer
72/93
72
DNS NameResolution
ipconfig /displaydns
After a certain amount of time, specified in the Time to Live (TTL)associated with the DNS resource record, the resolver discards therecord from the cache.
ipconfig /flushdns Manually deletes entries
The default TTL for positive responses is 86,400 seconds (1 day).
The default TTL for negative responses is 300 seconds.
-
7/29/2019 cis81-E1-3-ApplicationLayer
73/93
73
(Missing Info)DNS: 204.127.199.8
-
7/29/2019 cis81-E1-3-ApplicationLayer
74/93
74
-
7/29/2019 cis81-E1-3-ApplicationLayer
75/93
75
-
7/29/2019 cis81-E1-3-ApplicationLayer
76/93
SMB S M Bl k P t l
-
7/29/2019 cis81-E1-3-ApplicationLayer
77/93
77
SMB Server Message Block Protocol
The Server Message Block (SMB) is a client/server file sharing protocol.IBM developed Server Message Block (SMB) in the late 1980s to describethe structure of shared network resources, such as directories, files,printers, and serial ports.
SMB
-
7/29/2019 cis81-E1-3-ApplicationLayer
78/93
78
SMB
Request-response protocol .
Unlike FTP, clients establish a long term connection to servers.
Client can access the resources on the server as if the resource is local tothe client host.
SMB is sent over TCP
Prior to Windows 2000 windows used a proprietary protocol (NETBIOS)to send SMB.
Linux/UNIX have similar protocol: SAMBA
SMB
-
7/29/2019 cis81-E1-3-ApplicationLayer
79/93
79
SMB
SMB messages can:
Start, authenticate, and terminate sessions
Control file and printer access Allow an application to send or receive messages to or from another
device
Peer-to-Peer (P2P) Networking and
-
7/29/2019 cis81-E1-3-ApplicationLayer
80/93
80
( ) gApplications
In addition to the client/server model for networking, there is also apeer-to-peer model.
Two or more computers are connected via a network and can shareresources (such as printers and files) without having a dedicatedserver.
End devices (peers) can function as either a serverorclient.
P2P File Sharing
-
7/29/2019 cis81-E1-3-ApplicationLayer
81/93
81
P2P File Sharing
P2P (Peer-to-Peer) file sharing accounts for more traffic on the Internet thanany other application (2004).
Peers (hosts) act as both clients and servers.
No centralized file server.
HTTP GET and responses are commonly used.
-
7/29/2019 cis81-E1-3-ApplicationLayer
82/93
82
By Peter Svensson
The Associated Press
Oct. 19, 2007
Peer-to-peer applications account for between 50 percent and 90percent of overall Internet traffic, according to a survey this year by
ipoque GmbH, a German vendor of traffic-management equipment.
P2P Centralized Directory Peer
-
7/29/2019 cis81-E1-3-ApplicationLayer
83/93
83
Challenge with P2P locating content across thousands or millions of
peers. One solution centralized directory
Approach done by Napster
Problems (non-legal problems)
Single point of failure
Performance bottlenecks
CentralizedDirectoryServer
1 Inform and Update
Peer
Peer
Peer
3 File Transfer
Napster
P2P Centralized Directory Peer B
-
7/29/2019 cis81-E1-3-ApplicationLayer
84/93
84
1. Peer A starts P2P application
2. Informs centralized directory server of its:
IP address
Names of objects making available for sharing (MP3, videos, etc.)
3. Directory server collects information from each peer that becomes active.
Dynamic database
Maps IP addresses with object names
4. Peer A queries directory server for IP addresses of other peers for specificcontent
Directory Server returns IP addresses for those peers (Peer B)
5. Peer A establishes TCP connection and downloads file (i.e. HTTP GET) fromother peer, Peer B.
6. Directory server removes Peer from database when Peer closes applicationor disconnects from Internet eriodic messa es in s from server .
CentralizedDirectoryServer
1 Inform and Update
Peer
Peer
Peer A
3 File Transfer
P2P QueryFlooding
P CP B
Query
Query hit
-
7/29/2019 cis81-E1-3-ApplicationLayer
85/93
85
Gnutella public domain file sharing application
Fully distributed approach
No centralized server
Gnutella peer maintains peering relationship (TCP connection later) whicha number of other peers (usually fewer than 10).
Flooding
Peer A
Peer CPeer B
Peer D Peer E
Peer F
Query
Query
Gnutella
P CP B
P2P QueryFlooding
Query
Query hit
-
7/29/2019 cis81-E1-3-ApplicationLayer
86/93
86
Peer A searches for a file
1. Peer A sends query to all neighboring peers.
2. If neighboring peer does not have file, forwards query to all its neighboringpeers
3. If any peer has the file it returns a query hit message.
4. Peer A selects a peer, Peer C, to retrieve file (HTTP GET)
5. A direct TCP connection is made with selected peer, Peer C.
6. HTTP response is used to send file.
Query Flooding
Non-scalable and causes a significant amount of traffic on Internet.
Gnutella modified it to limited-scope flooding which limits how many peersaway the query is sent to, usually 7 to 10. (similar to TTL later).
Peer A
Peer CPeer B
Peer D
Flooding
Peer E
Peer F
Query
Query
P CP B
P2P QueryFlooding
Query
Query hit
-
7/29/2019 cis81-E1-3-ApplicationLayer
87/93
87
How a peer joins and departs Gnutella network
1. Finding peers:
Bootstrap program: Client maintains a list of peer IP addresses who areusually up
Contact Gnutella site that maintains a list
2. Client attempts to make contact with peers (TCP connection later)
3. Client sends Gnutella ping message to peer.
Forwards Gnutella ping to other peers, who continue to forward pinguntil limited-scope is reached.
4. Each peer returns a Gnutella pong message including:
Its IP address
Number of files it is sharing
Total size of the files
Peer A
Peer CPeer B
Peer D
ood g
Peer E
Peer F
Query
Query
P2P - Combination
-
7/29/2019 cis81-E1-3-ApplicationLayer
88/93
88
Kazaa combines ideas from Napster and Gnutella
2004 Contributed to more traffic on Internet than any other application
2007 Bittorrent became the leading application
Proprietary technology
Kazaa
P2P - Combination
-
7/29/2019 cis81-E1-3-ApplicationLayer
89/93
89
Kazaa does not use a centralized server Group leader peers (parent)
Higher bandwidth and Internet connectivity
Greater Gnutella responsibilites
Peers (child) non-group leaders
Child peer establishes TCP connection with a group leader
Group leader:
maintains database directory of child peers including their IP addresses
maintain TCP connections with other group leaders
Child peers query group leaders who forward the query to other group leaders
Child peer selects peer for TCP connection and file transfer
GroupLeader
GroupLeader
GroupLeader
-
7/29/2019 cis81-E1-3-ApplicationLayer
90/93
netstat
-
7/29/2019 cis81-E1-3-ApplicationLayer
91/93
netstat
91
Netstat es una herramienta que permite identificar las conexiones
TCP que estn activas en la mquina en la que se ejecuta elcomando. A su vez, esta herramienta crea una lista con todos lospuertos TCP y UDP que estn abiertos en el ordenador.El comando "netstat" tambin permite a su vez obtener estadsticasde numerosos protocolos (Ethernet, IPv4, TCP, UDP, ICMP y IPv6).
Configuracin del comando Netstat
Cuando se lo utiliza sin argumentos, el comando netstat muestratodas las conexiones abiertas por el ordenador. El comando netstatposee una serie de configuraciones opcionales, cuya sintaxis es la
siguiente: La sintaxis es:netstat [-a] [-e] [-n] [-o] [-s] [-p PROTO] [-r] [interval]
nslookup
http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/ports.php3http://es.kioskea.net/contents/internet/protocol.php3http://es.kioskea.net/contents/technologies/ethernet.php3http://es.kioskea.net/contents/internet/ip.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/udp.php3http://es.kioskea.net/contents/internet/icmp.php3http://es.kioskea.net/contents/internet/ipv6.php3http://es.kioskea.net/contents/internet/ipv6.php3http://es.kioskea.net/contents/internet/ipv6.php3http://es.kioskea.net/contents/internet/icmp.php3http://es.kioskea.net/contents/internet/udp.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/ip.php3http://es.kioskea.net/contents/internet/ip.php3http://es.kioskea.net/contents/technologies/ethernet.php3http://es.kioskea.net/contents/internet/protocol.php3http://es.kioskea.net/contents/internet/ports.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/tcp.php3http://es.kioskea.net/contents/internet/tcp.php3 -
7/29/2019 cis81-E1-3-ApplicationLayer
92/93
nslookup
Nslookup es un programa, utilizado para saber si el DNS est
resolviendo correctamente los nombres y las IP. Se utiliza con elcomando nslookup, que funciona tanto en Windows como en UNIXpara obtener la direccin IP conociendo el nombre, y viceversa.
Por ejemplo:
Al preguntar quin es es.wikipedia.org se obtiene:
nslookup es.wikipedia.org
Server: 192.168.1.1
Address: 192.168.1.1
Revisar: secpol.msc
92
http://es.wikipedia.org/wiki/DNShttp://es.wikipedia.org/wiki/IPhttp://es.wikipedia.org/wiki/Windowshttp://es.wikipedia.org/wiki/UNIXhttp://es.wikipedia.org/wiki/UNIXhttp://es.wikipedia.org/wiki/Windowshttp://es.wikipedia.org/wiki/IPhttp://es.wikipedia.org/wiki/DNS -
7/29/2019 cis81-E1-3-ApplicationLayer
93/93
Chapter 3Application Layer Functionality
and Protocols
CIS 81 Networking Fundamentals
Rick Graziani
Cabrillo College
L t U d t d 2/23/2008