Chap 2: Application Layer 1 Chapter 2 Application Layer Computer Networking: A Top Down Approach, 4...

Chap 2: Application Layer 1

Chapter 2Application Layer

Computer Networking: A Top Down Approach, 4th edition. Jim Kurose, Keith RossAddison-Wesley, July 2007.

A note on the use of these ppt slides:We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) in substantially unaltered form, that you mention their source (after all, we’d like people to use our book!) If you post any slides in substantially unaltered form on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.

Thanks and enjoy! JFK/KWR

All material copyright 1996-2007J.F Kurose and K.W. Ross, All Rights Reserved


Chapter 2: Application layer

2.1 Principles of network applications

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 P2P applications 2.7 Socket

programming with TCP 2.8 Socket

programming with UDP


TCP/IP Protocol Suite

Defined in T

CP/IP Protocol S

uiteU

nd

efine

d

7

6

5

4

3

2

1

O

SI

la

ye

rs

TC

P/I

P l

ay

ers

Ap

plic

atio

n

DomainName

System

DNSDDNS

FileSharing

NFS

BOOTP

DHCP

HostConfigura

-tion

NetworkManage-

ment

RMON

SNMP

FileTransfer

FTP

TFTP

E-Mail &News

MIME

SMTP

POP/IMAP

NNTP

WWW &Gopher

Interactiveaccess

HTTPHTTPS

Telnet

“r” Com-mands(rlogin,rsh, ,,)

Gopher

IRC

Transport TCP(Transmission Control Protocol)

UDP(User Datagram Protocol)

RARP(Reverse Address Resolution Protocol)

ARP(Address Resolution Protocol)

InternetIPv4IPv6

IP NAT

IP Sec

Mobile IP

IP RoutingProtocols

ICMPv4ICMPv6

ND(NeighborDiscovery)

IP supportProtocols

RIP, OSPF, GGP,HELLO, IGRP, EIGRP,

BGP, EGP

NetworkInterface

(Data Link)

SLIP(Serial Line

Interface Protocol)

PPP(Point-to-Point

Protocol)

LAN/WLAN/WANHardware Drivers

(Ethernet, FDDI, Wireless,ATM, Frame Relay, …)

PhysicalMedium

UTP/Coax/Wireless/Infrared/Fiber Optics/Microwave/Satellite


Chapter 2: Application Layer

Our goals: conceptual,

implementation aspects of network application protocols transport-layer

service models client-server

paradigm peer-to-peer

paradigm

learn about protocols by examining popular application-level protocols HTTP FTP SMTP / POP3 / IMAP DNS

programming network applications socket API


Some network apps

e-mail web instant messaging remote login P2P file sharing multi-user network

games streaming stored

video clips

VoIP real-time video

conferencing grid computing Video chatting Any interesting ones

that you know?


Creating a network app

write programs that run on (different) end

systems communicate over

network e.g., web server software

communicates with browser software

No need to write software for network-core devices Network-core devices do

not run user applications applications on end

systems allows for rapid app development, propagation

application

transportnetworkdata linkphysical

application


application






SMTP, POP3, IMAP

2.5 DNS




2.9 Building a Web server


Application architectures

Network applications can be categorized as:

Client-server Peer-to-peer (P2P) Hybrid of Client-server and P2P

All of the above falls under the umbrella of “Distribute Processing”


Client-server architecture

server: Runs server apps on always-

on host with permanent IP address

server farms for scaling—usually clustered computers to serve large # of clients— Google cluster is estimated to have about 31,000 computers!

clients: communicate with server may be intermittently

connected may have dynamic IP

addresses do not communicate directly

with each other

http://tnl.net/blog/2004/04/30/how-many-google-machines/




Pure P2P architecture

no always-on server arbitrary end systems

directly communicate peers are

intermittently connected and change IP addresses

Highly scalable

But difficult to manage


Hybrid of client-server and P2P

NapsterFile transfer P2PFile search centralized:

•Peers query same central server to locate content•Peers register content into a directory at central server

Instant messagingChatting between two users is P2PPresence detection/location centralized:

•User registers its IP address with central server when it comes online•User contacts central server to find IP addresses of buddies

KaZaABorrows from Napster & Gnutella

•No dedicated server Gnutella•Group-leader peer Napster

SkypeInternet telephony app—voice & video conferencingFinding address of remote party: centralized server(s)Client-client connection is direct (not through server)

http://en.wikipedia.org/wiki/Skype


Processes communicating

Process: program running within a host.

within same host, two processes communicate using inter-process communication (defined by OS).

Inter-Process Communication (IPC) is a set of techniques for the exchange of data among multiple threads and one or more processes. Processes may be running on one or more computers connected by a network. IPC techniques are divided into methods for message passing, synchronization, shared memory, remote procedure calls (RPC).

Client process: process that initiates communication

Server process: process that waits to be contacted

Note: applications with P2P architectures have both client processes & server processes


Socket API(Berkeley socket & winsock)

process sends/receives messages to/from its socket

socket analogous to door sending process shoves

message out door sending process relies on

transport infrastructure on other side of door which brings message to socket at receiving process

process

TCP withbuffers,variables

socket

host orserver

process

TCP withbuffers,variables

socket

host orserver

Internet

controlledby OS

controlled byapp developer

API: (1) choice of transport protocol; (2) ability to fix a few parameters (lots more on this later)


TCP/IP communication mechanismHost X

Application Layer

App A

App B

Host Y

Application Layer

App A

TCP connection(Socket connection)

Full Duplex

SAP(Service Access Points)In TCP/IP, it is called “port”

e.g. Port 80 is for http

IP

Data Link Layer

Physical Layer

Data Link Layer

IP

Physical Layer

TCPTCP

SD

1100CAT5MODULARJACKPANEL

Lucent

1 2 3 4

25 26 27 28

5 6

29 30

7 8 9 10

31 32 33 34

11 12

35 36

13 14 15 16

37 38 39 40

17 18

41 42

19 20 21 22

43 44 45 46

23 24

47 48

SD

4 5 6 7 8 9 10 11

10/100 BASE TX

1 2

3

5411 Enterprise Switch

POWERMGMT

4 5 6 7 8 9 10 11 1

1

2

2

3

3

3

3

3RR

1000 BASE X

AMBER = GREEN =

FLASHING GREEN =

ACTIVITY LINK OK DISABLED

Ethernet Hub

Router

SD

1100CAT5MODULARJACKPANEL

Lucent

1 2 3 4

25 26 27 28

5 6

29 30

7 8 9 10

31 32 33 34

11 12

35 36

13 14 15 16

37 38 39 40

17 18

41 42

19 20 21 22

43 44 45 46

23 24

47 48

SD

4 5 6 7 8 9 10 11

10/100 BASE TX

1 2

3

5411 Enterprise Switch

POWERMGMT

4 5 6 7 8 9 10 11 1

1

2

2

3

3

3

3

3RR

1000 BASE X

AMBER = GREEN =

FLASHING GREEN =

ACTIVITY LINK OK DISABLED Ethernet Hub

Router

Internet

This is an example ofvirtual communicaiton


Addressing processes

to receive messages, process must have identifier

host device has unique 32-bit IP address

Q: does IP address of host suffice for identifying the process?


Addressing processes

to receive messages, process must have identifier

host device has unique 32-bit IP address

Q: does IP address of host on which process runs suffice for identifying the process? A: No, many

processes can be running on same host

identifier includes both IP address and port numbers associated with process on host.

Example port numbers: HTTP server: 80 Mail server: 25

to send HTTP message to gaia.cs.umass.edu web server: IP address:

128.119.245.12 Port number: 80

more shortly…


Ports defined by IANA

Well-known ports are from 0 to 1023 Registered ports are from 1024 to 49151 Dynamic and/or private ports are from

49152 to 65535 --also called as “ephemeral(short-lived) ports”

Microsoft’s usage of dynamic ports To comply with Internet Assigned Numbers Authority (IANA) recommendations, Microsoft has increased the dynamic client port range for outgoing connections in Windows Vista and in Windows Server 2008. The new default start port is 49152, and the default end port is 65535. This is a change from the configuration of earlier versions of Microsoft Windows that used a default port range of 1025 through 5000.

http://www.iana.org/assignments/port-numbers


Mini Lab On a Windows machine, in command

prompt, type netstat -an Open

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers to see port numbers and their meaning

Find out what is the address 0.0.0.0 Find out what is the address 127.0.0.1 Explore more options for netstat command Try to understand the meaning of connections

your station has Do the same for Unix machines, using a ssh

client such as putty, type netstat -an Find out the difference with Windows system in

the usage of port numbers


Application layer protocol defines

Types of messages exchanged, e.g., request & response messages

Syntax of message types: what fields in messages & how fields are delineated

Semantics of the fields, i.e., meaning of information in fields

Rules for when and how processes send & respond to messages

Public-domain protocols:

defined in RFCs Tutorial for RFC

allows for interoperability

e.g., HTTP, SMTPProprietary protocols: e.g., Skype

Seung Bae Im

for http request -->GET /somedir/page.html HTTP/1.1Host: www.someschool.eduConnection: CloseUser-agen: Mozilla/4.0Accept-language: fr

Seung Bae Im

for http response-->HTTP/1.1 200 OKConnection: CloseDate: Thu, 03 Jul 2006 12:00:15 GMTServer: Apache/1.3 (Unix)Last-Modified: Sun, 5 May 2006 09:23:23 GMTConcent-Langth: 6821Content-Type: text/html(data, data, ....)

Seung Bae Im

Syntax of http request message --> Request = Request-Line *(( general-header | request-header | entity-header ) CRLF) CRLF [ message-body ]


What transport service(UDP or TCP) does an app need? Things to consider

Data loss some apps (e.g., audio)

can tolerate some loss other apps (e.g., file

transfer, telnet) require 100% reliable data transfer

Timing some apps (e.g.,

Internet telephony, interactive games) require low delay to be “effective”

Throughput some apps (e.g., multimedia)

require minimum amount of throughput to be “effective”

other apps (“elastic apps”—emails, ftp, etc.) make use of whatever throughput they get

Security Encryption, data integrity, …


Transport service requirements of common apps

Application

file transfere-mailWeb documentsreal-time audio/video

stored audio/videointeractive gamesinstant messaging

Data loss

no lossno lossno lossloss-tolerant

loss-tolerantloss-tolerantno loss

Throughput

elasticelasticelasticaudio: 5kbps-1Mbpsvideo:10kbps-5Mbpssame as above few kbps upelastic

Time Sensitive

nononoyes, 100’s msec

yes, few secsyes, 100’s msecyes and no


Internet transport protocols

TCP service: connection-oriented: setup

required between client and server processes

reliable transport between sending and receiving process

flow control: sender won’t overwhelm receiver

congestion control: throttle sender when network overloaded

does not provide: timing, minimum throughput guarantees, security

UDP service: Connection-less unreliable data transfer

between sending and receiving process

does not provide: connection setup, reliability, flow control, congestion control, timing, throughput guarantee, or security— low overhead!

Q: why bother? Why is there a UDP?A: To provide low overhead service & for apps which need only few message exchanges

Seung Bae Im

Seung Bae Im6/10/2006Since TCP uses the service of IP which is "connectionless" and does not provide timing or minimum bandwiidth guarantee. , it is not possible for TCP to provide those service (using the service of IP)


Internet apps: application, transport protocols

Application

e-mailremote terminal access

Web file transfer

streaming multimedia

Internet telephony

Applicationlayer protocol

SMTP [RFC 2821]Telnet [RFC 854]HTTP [RFC 2616]FTP [RFC 959]HTTP (eg Youtube), RTP [RFC 1889]SIP, RTP, proprietary(e.g., Skype)

Underlyingtransport protocol

TCPTCPTCPTCPTCP or UDP

typically UDP

Currently, most applications use TCP

Some Loss-tolerant, time-sensitive applications use UDP (lower overhead) for speed


Client/Server Model

•Starts first

•Waits for contact from a client

•Responds to requests

•Starts later

•Contacts a server with a request

•Waits for response from server

Server Client

Most widely used method for communication over Internet—Examples?


Stateful Server

Maintains some information between requests—Q: What info?

Requires smaller messages, since some information is kept between contacts

May become confused if a connection terminates abnormally (if the design is not fault tolerant)

Example: FTP, telnet

Stateless Server

Requires larger messages. Because, the message must contain all information about the request since no state information is kept.

Less overhead than Stateful Servers

Example: HTTP, DNS

Types of Servers


Iterative Server

while (1) { accept a connection (or

request)from a client

service the client close the connection}

Concurrent Server

while (1) { accept a connection (or

request)from a client start a new child process to handle this client

}

Ex. daytime server Ex. Web server

Types of Servers


Application layer protocols vs User Applications

Application layer protocols (telnet, ftp, smtp, http, snmp, rpc, nfs, ..) are applications that are builtin system programs based on rfcs.

User applications are applications that are developed as needed (Internet Explorer, Netscape, Eudora, putty, winscp, …)

Both use the same API (Application Programming Interface) called “Socket API”, e.g. Berkeley Socket, Winsock


TCP/IP Protocol Suite

Defined in T

CP/IP Protocol S

uiteU

nd

efine

d

Ap

plic

atio

n

layer

pro

tocols

User

Ap

plic

ati

on

s

7

6

5

4

3

2

1

O

SI

la

ye

rs

TC

P/I

P l

ay

ers

Ap

plic

atio

n

DomainName

System

DNSDDNS

FileSharing

NFS

BOOTP

DHCP

HostConfigura

-tion

NetworkManage-

ment

RMON

SNMP

FileTransfer

FTP

TFTP

E-Mail &News

MIME

SMTP

POP/IMAP

NNTP

WWW &Gopher

Interactiveaccess

HTTPHTTPS

Telnet

“r” Com-mands(rlogin,rsh, ,,)

Gopher

IRC

Transport TCP(Transmission Control Protocol)

UDP(User Datagram Protocol)

RARP(Reverse Address Resolution Protocol)

ARP(Address Resolution Protocol)

InternetIPv4IPv6

IP NAT

IP Sec

Mobile IP

IP RoutingProtocols

ICMPv4ICMPv6

ND(NeighborDiscovery)

IP supportProtocols

RIP, OSPF, GGP,HELLO, IGRP, EIGRP,

BGP, EGP

NetworkInterface

(Data Link)

SLIP(Serial Line

Interface Protocol)

PPP(Point-to-Point

Protocol)

LAN/WLAN/WANHardware Drivers

(Ethernet, FDDI, Wireless,ATM, Frame Relay, …)

PhysicalMedium

UTP/Coax/Wireless/Infrared/Fiber Optics/Microwave/Satellite



2.1 Principles of network applications app architectures app requirements

2.2 Web and HTTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS




Good reference on TCP/IP is http://www.redbooks.ibm.com/abstracts/gg243376.html?Open

http://www.redbooks.ibm.com/abstracts/gg243376.html?Open




Web and HTTP

First some jargon Web page consists of objects Object can be HTML file, JPEG image, Java

applet (application -let.), Flash movies, audio file, video clip, ..

Web page consists of base HTML-file which includes several referenced objects

Each object is addressable by a URL Example URL:

www.someschool.edu/someDept/pic.gif

host name path name

http://en.wikipedia.org/wiki/Applet


Content of a web page:

<HTML>

<HEAD>

<TITLE>A Sample Web Page</TITLE>

</HEAD>

<HR>

<BODY>

<center>

<H1>My Home Page</H1>

<IMG SRC="/images/myPhoto.gif">

<b>Welcome to Im's page!</b>

<p>

<! A list of hyperlinks follows.>

<a href="/doc/myResume.html"> My resume</a>.

<p>

<a href="http://www.someUniversity.edu/">My university<a>

</center>

<HR>

</BODY>


HTTP overview

HTTP: hypertext transfer protocol

Web’s application layer protocol

client/server model client: browser that

requests, receives, “displays” Web objects

server: Web server sends objects in response to requests

HTTP 1.0: RFC 1945 HTTP 1.1: RFC 2616

PC runningExplorer

Server running

Apache Webserver

Mac runningNavigator

HTTP request

HTTP request

HTTP response

HTTP response

hftp://ftp.rfc-editor.org/in-notes/rfc2616.txt


HTTP overview (continued)

Uses TCP: client initiates TCP

connection (creates socket) to server, well-known port 80

server accepts TCP connection from client

HTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server)

TCP connection closed

HTTP is “stateless” server maintains no

information about past client requests

Protocols that maintain “state” are complex!

past history (state) must be maintained

if server/client crashes, their views of “state” may be inconsistent, must be reconciled

aside


HTTP connections

Nonpersistent HTTP At most one object is

sent over a TCP connection.

HTTP/1.0 uses nonpersistent HTTP

Persistent HTTP Multiple objects can

be sent over single TCP connection between client and server.

HTTP/1.1 (1999) uses persistent connections in default mode

http://upload.wikimedia.org/wikipedia/commons/d/d5/HTTP_persistent_connection.svg


Nonpersistent HTTP

Suppose user enters URL www.someSchool.edu/someDepartment/home.index

1a. HTTP client initiates TCP connection to HTTP server (process) at www.someSchool.edu on port 80

2. HTTP client sends HTTP request message (containing URL) into TCP connection socket. Message indicates that client wants object someDepartment/home.index

1b. HTTP server at host www.someSchool.edu waiting for TCP connection at port 80. “accepts” connection, notifying client

3. HTTP server receives request message, forms response message containing requested object, and sends message into its sockettime

(contains text, references to 10

jpeg images)


Nonpersistent HTTP (cont.)

5. HTTP client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects

6. Steps 1-5 repeated for each of 10 jpeg objects

4. HTTP server closes TCP connection.

time


Non-Persistent HTTP: Response time

Definition of RTT(Round Trip Time): time for a small packet to travel from client to server and back.

Response time: one RTT to initiate TCP

connection plus one RTT for HTTP request

and first few bytes of HTTP response to return plus

file transmission timetotal = 2RTT+transmit time

time to transmit file

RTT

requestfile

RTT

filereceived

time time

Each has ignorable length (less than 50 bytes each)


Persistent HTTP

Nonpersistent HTTP issues: requires 2 RTTs per object OS overhead for each TCP

connection—Connect & Disconnect overhead

browsers often open parallel TCP connections to fetch referenced objects

Persistent HTTP After initial connection,

server leaves connection open after sending response

subsequent HTTP messages between same client/server sent over open connection

2 to 10 times more in # of packets than nonpersitent per connection

Persistent without pipelining:

client issues new request only when previous response has been received

one RTT for each referenced object

Persistent with pipelining: default in HTTP/1.1 client sends requests as

soon as it encounters a referenced object

as little as one RTT for all the referenced objects

On initial connection, server sends the main page’s html

Client retrieves objects on the main page via separate connection

http://www.w3.org/Talks/970210HTTP/all.htm




HTTP request message

two types of HTTP messages: request, response

HTTP request message: ASCII (human-readable format)

GET /somedir/page.html HTTP/1.1Host: www.someschool.edu User-agent: Mozilla/4.0Connection: close Accept-language:fr

(extra carriage return, line feed)

request line(GET, POST,

HEAD commands)

header lines

Carriage return, line feed

indicates end of message


HTTP request message format (http protocol)

two types of HTTP messages: request, response

HTTP request message: ASCII (human-readable format)

GET /somedir/page.html HTTP/1.1Host: www.someschool.edu User-agent: Mozilla/4.0Connection: close **or Keep-Alive**Accept-language:fr

(extra carriage return, line feed)

request line(GET, POST,

HEAD commands)

header lines

Carriage return, line feed

indicates end of message

Method URL Version

Request = Request-Line *(( general-header| request-header| entity-header ) CRLF)CRLF [ message-body ]

Syntax of request message


HTTP request message: general format

End of message


Uploading form input

Post method: Web page often

includes form input Input is uploaded to

server in entity body

URL method: Uses GET method Input is uploaded in

URL field of request line:

This is called “parameterized URL”


Method types

HTTP/1.0 (3 methods only)

GET POST HEAD

asks server to return the response header only

HTTP/1.1 (8 methods) GET, POST, HEAD PUT

uploads file in entity body to path specified in URL field

DELETE deletes file specified

in the URL field

8 MethodsOPTIONSGETHEADPOSTPUTDELETETRACECONNECT

Seung Bae Im

A HEAD request is just like a GET request, except it asks the server to return the response headers only, and not the actual resource (i.e. no message body). This is useful to check characteristics of a resource without actually downloading it, thus saving bandwidth. Use HEAD when you don't actually need a file's contents.

Seung Bae Im

List of Method -->OPTIONSGETHEADPOSTPUTDELETETRACECONNECT


HTTP response message

HTTP/1.1 200 OK Connection closeDate: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html data data data data data ...

status line(protocol

status codestatus phrase)

header lines

data, e.g., requestedHTML file



HTTP/1.1 200 OK Connection closeDate: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html data data data data data ...

status line

header lines

data e.g., requested

HTML file

protocol status code status phrase

Response = Status-Line*(( general-header| response-header| entity-header ) CRLF) CRLF [ message-body ]

Syntax of response message


HTTP response status codes (see this link)

200 OK request succeeded, requested object later in this

message

301 Moved Permanently requested object moved, new location specified later

in this message (Location:)

400 Bad Request request message not understood by server

404 Not Found requested document not found on this server

505 HTTP Version Not Supported

In first line in server->client response message.A few sample codes:

http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html


Trying out HTTP (client side) for yourself

1. Telnet to your favorite Web server:

Opens TCP connection to port 80(default HTTP server port) at cis.poly.edu.Anything typed in sent to port 80 at cis.poly.edu

telnet cis.poly.edu 80

2. Type in a GET HTTP request:

GET /~ross/ HTTP/1.1Host: cis.poly.edu

After typing the two lines, hit carriagereturn twice to sendthis minimal (but complete) GET request to HTTP server

3. Look at response message sent by HTTP server!4. Copy the result into notepad and rename it such

as ross.htm and open it to see the web page

case sensitive !


http session captured by Wireshark

Can you identify Pipelined requests & replies ?


User-server state: cookies

Many major Web sites use cookies

Four components:1) cookie header line of


2) cookie header line in HTTP request message

3) cookie file kept on user’s host, managed by user’s browser

4) back-end database at Web site

Example: Susan always access

Internet always from PC visits specific e-

commerce site for first time

when initial HTTP requests arrives at site, site creates: unique ID entry in backend

database for ID

Seung Bae Im

Seung Bae Im6/14/2006HTTP cookieFrom Wikipedia, the free encyclopediaAn HTTP cookie, or a Web cookie, is a parcel of text sent by a server to a web browser and then sent back unchanged by the browser each time it accesses that server. HTTP cookies are used for authenticating, tracking, and maintaining specific information about users, such as site preferences and the contents of their electronic shopping carts. The term "cookie" is derived from "magic cookie", a well-known concept in computing which inspired both the idea and the name of HTTP cookies.Cookies have been of concern for Internet privacy, since they can be used for tracking browsing behavior. As a result, they have been subject to legislation in various countries such as the United States and in the European Union. Cookies have also been criticised because the identification of users they provide is not always accurate and because they could potentially be used for network attacks. Some alternatives to cookies exist, but each has its own drawbacks.Cookies are also subject to a number of misconceptions, mostly based on the erroneous notion that they are computer programs. In fact, cookies are simple pieces of data unable to perform any operation by themselves. In particular, they are neither spyware nor viruses, despite the detection of cookies from certain sites by many anti-spyware products.Most modern browsers allow users to decide whether to accept cookies, but rejection makes some websites unusable. For example, shopping baskets implemented using cookies do not work if cookies are rejected.


User-server state: cookies

Many major Web sites use cookies to identify users

Example: Susan access Internet

always from same PC She visits a specific e-

commerce site for first time

When initial HTTP requests arrives at site, site creates a unique ID and creates an entry in backend database for ID

Four components:1) cookie header line of

HTTP response message2) cookie header line

in HTTP request message

3) cookie file kept on user’s host, managed by user’s browser

4) back-end database at Web site

http://en.wikipedia.org/wiki/HTTP_cookie

Seung Bae Im

HTTP cookieFrom Wikipedia, the free encyclopediaAn HTTP cookie, or a Web cookie, is a parcel of text sent by a server to a web browser and then sent back unchanged by the browser each time it accesses that server. HTTP cookies are used for authenticating, tracking, and maintaining specific information about users, such as site preferences and the contents of their electronic shopping carts. The term "cookie" is derived from "magic cookie", a well-known concept in computing which inspired both the idea and the name of HTTP cookies.Cookies have been of concern for Internet privacy, since they can be used for tracking browsing behavior. As a result, they have been subject to legislation in various countries such as the United States and in the European Union. Cookies have also been criticised because the identification of users they provide is not always accurate and because they could potentially be used for network attacks. Some alternatives to cookies exist, but each has its own drawbacks.Cookies are also subject to a number of misconceptions, mostly based on the erroneous notion that they are computer programs. In fact, cookies are simple pieces of data unable to perform any operation by themselves. In particular, they are neither spyware nor viruses, despite the detection of cookies from certain sites by many anti-spyware products.Most modern browsers allow users to decide whether to accept cookies, but rejection makes some websites unusable. For example, shopping baskets implemented using cookies do not work if cookies are rejected.

http://images.google.com/imgres?imgurl=http://www.letskaimono.com/images/Cookie_monster.jpg&imgrefurl=http://www.letskaimono.com/mallopenstore.asp%3FSEID%3D289200523948361730499731779098579662315645%26language%3D1&h=202&w=184&sz=19&tbnid=__R3wDx9LwuYQM:&tbnh=99&tbnw=90&hl=en&ei=XFOPRKXeKaiCJavCwZAM&sig2=VEbMSetNWLaj-jjFE8Bl7Q&start=7&prev=/images%3Fq%3Dcookie%2Bmonster%26svnum%3D10%26hl%3Den%26lr%3D%26rls%3Dcom.microsoft:en-US%26sa%3DX


Cookies: keeping “state” (cont.)

client server

usual http request msgusual http response

+Set-cookie: 1678

usual http request msg

cookie: 1678usual http response

msg

usual http request msg

cookie: 1678usual http response msg

cookie-specificaction

cookie-spectificaction

servercreates ID

1678 for user

entry in backend

database

access

acce

ss

Cookie file

amazon: 1678ebay: 8734

Cookie file

ebay: 8734

Cookie file

amazon: 1678ebay: 8734

one week later:

GET /index.html HTTP/1.1

Accept: */*

HTTP/1.1 200 OKSet-Cookie: name=valueContent-type: text/html (content of page)


Cookies (continued)

What cookies can bring:

Authentication Personalization (site

preferences) shopping carts recommendations user session state

(Web e-mail)

Cookies and privacy: cookies permit sites to

learn a lot about you & your browsing behavior

you may supply name and e-mail to sites

search engines use redirection & cookies to learn yet more

advertising companies obtain info across sites

Cleartext password in cookie—security problem

aside

IE Tools Internet Options Privacy


Web caches (proxy server)

user sets browser: Web accesses via proxy server (= Web cache or simply cache)

browser sends all HTTP requests to proxy server If object in cache then

cache returns object else cache requests

object from origin server, then returns object to client

Goal: To satisfy client requests without involving origin servers

client

Proxyserver

client

HTTP request

HTTP

request

HTTP response

HTTP

response

(cached)

HTTP request

HTTP response

origin server

origin server

IE ToolsInternet OptionsConnections Lan settings


More about Web caching

cache acts as both client and server

typically cache is installed by ISP (university, company, residential ISP)

Why Web caching? reduce response time

for client request reduce traffic on an

institution’s access link.

Internet dense with caches: enables “poor” content providers to effectively deliver content (but so does P2P file sharing)


Caching example

Assumptions average object size = 100,000

bits avg. request rate from

institution’s browsers to origin servers = 15/sec

delay from institutional router to any origin server and back to router = 2 sec

Consequences utilization on LAN = 15% utilization on access link = 100% total delay = Internet delay +

access delay + LAN delay = 2 sec + minutes + milliseconds

originservers

public Internet

institutionalnetwork 10 Mbps LAN

1.5 Mbps access link

institutionalcache

(15 req/sec)*(100kbit/req)/(10Mbps) = 0.15(15 req)*(100kbit/req)/(1.5 Mbps) = 1


Caching example (cont)

possible solution increase bandwidth of

access link to, say, 10 Mbps

consequence utilization on LAN = 15% utilization on access link =

15% Total delay = Internet delay +

access delay + LAN delay = 2 sec + msecs + msecs often a costly upgrade

originservers

public Internet


10 Mbps access link

institutionalcache


Caching example (cont)

possible solution: install cache

suppose hit rate is 0.4

consequence 40% requests will be

satisfied almost immediately

60% requests satisfied by origin server

utilization of access link reduced to 60%, resulting in negligible delays (say 10 msec)

total avg delay = Internet delay + access delay + LAN delay = .6*(2.01) secs + .4*milliseconds < 1.4 secs

originservers

public Internet


1.5 Mbps access link

institutionalcache


Conditional GET

Cached information may become stale http has update mechanism

Goal: don’t send object if cache has up-to-date cached version

cache: specify date of cached copy in HTTP requestIf-modified-since:

<date> server: response contains

no object if cached copy is up-to-date: HTTP/1.0 304 Not

Modified

cache server

HTTP request msgIf-modified-since: <date>

HTTP responseHTTP/1.0

304 Not Modified

object not

modified

HTTP request msgIf-modified-since: <date>

HTTP responseHTTP/1.0 200 OK

<data>

object modified


Proxy setting in Firefox—in Tools Options


http Lab—do the following and submit next class Carry out the slide “Trying out HTTP (client side) for yourself”—not need

to hand in this one The answers to all of the following questions should be on a web page you create

on your local machine and the snapshots of the web pages should be submitted—you may want to use the html tutorial at http://www.w3schools.com/html/DEFAULT.asp

For the graphical objects such as buttons and logos, try http://cooltext.com/

1) Visit www.google.com and find out which version of html it supports2) Visit www.w3c.org and find out which version of html it supports3) Read about html, xhtml, xml and discuss the difference—don’t use cut & paste4) Capture packets using Wireshark and illustrate where Persistent http is used. Is it

pipelined?5) Find the directory where cookies are stored for Internet Explorer6) Capture packets and show how the cookies are exchanged and used7) Capture packets and show how the “conditional GET” is used8) Find the directory where web caches are stored9) Capture packets to show that when you revisit a page, the cached content is

used instead of requesting the objects again10) Connect to a Internet radio broadcast site and find out what transport layer it

uses—show captured packets





SMTP, POP3, IMAP

2.5 DNS






FTP: the file transfer protocol

Transfer file to/from remote host Uses client/server model

client: An application that initiates peer-to-peer communication

server: Any program that waits for incoming communication requests from a client

ftp: RFC 959 ftp server uses well-known ports: port 21(control) & 20(data)

file transfer FTPserver

FTPuser

interface

FTPclient

local filesystem

remote filesystem

user at host


FTP: separate control, data connections

FTP client contacts FTP server at port 21, TCP is transport protocol

client authorized over control connection

client browses remote directory by sending commands over control connection.

when server receives file transfer command, server opens 2nd TCP connection (for file) to client

after transferring one file, server closes data connection.

FTPclient

FTPserver

TCP control connection

port 21

TCP data connectionport 20

server opens another TCP data connection to transfer another file.

control connection: “out of band ”—separate from data connection FTP server maintains “state”: current directory, earlier authentication


FTP principles

FileSystem

User

FTPUser

Interface

PIUser

DPTUser

FileSystem

PI Server

DPT Server

Client System Server System

ControlConnection

DataConnection

Port21

Port20

PI = Protocol InterpreterDPT = Data Transfer Process

FTP Block Diagram

PortX

PortY

Ports such as 20 & 21 are called “ “ ?

Ports such as X & Y are called “ “ ?

FTP has 2 modes (PORT mode & PASV mode)—PASV mode doesn’t use port 20: this or this


FTP commands, responses

Sample commands: sent as ASCII text

over control channel USER username PASS password LIST return list of file

in current directory RETR filename

retrieves (gets) file STOR filename

stores (puts) file onto remote host

Sample return codes

status code and phrase (as in HTTP)

331 Username OK, password required

125 data connection already open; transfer starting

425 Can’t open data connection

452 Error writing file


Mini Lab—hand in next class

Start Wireshark to capture TCP packets Do ftp to ftp.microsoft.com Log in as “anonymous” with blank password Type “dir” See the captured packets to see which ports are

used for “control” and “data” connections Does it use PORT or PASV mode?

Download the free ftp client program called “winscp”

Using Wireshark, find out what port(s) are used by winscp

Does it use PORT or PASV mode?





SMTP, POP3, IMAP

2.5 DNS





Electronic Mail

Three major components:

user agents mail servers simple mail transfer

protocol: SMTP

User Agent a.k.a. “mail reader” composing, editing,

reading mail messages e.g., Eudora, Outlook, elm,

Mozilla Thunderbird outgoing, incoming

messages stored on server Retrieved by user agents

user mailbox

outgoing message queue

mailserver

useragent

useragent

useragent

mailserver

useragent

useragent

mailserver

useragent

SMTP

SMTP

SMTP


Electronic Mail: mail servers

2) Mail Servers mailbox contains

incoming messages for user

message queue of outgoing (to be sent) mail messages

SMTP protocol between mail servers to send email messages client: sending mail

server “server”: receiving

mail server

mailserver

useragent

useragent

useragent

mailserver

useragent

useragent

mailserver

useragent

SMTP

SMTP

SMTP

user mailbox

outgoing message queue


Electronic Mail: SMTP [RFC 2821]

uses TCP to reliably transfer email message from client to server, port 25

direct transfer: sending server to receiving server three phases of transfer

handshaking (greeting) transfer of messages closure

command/response interaction commands: ASCII text response: status code and phrase

messages must be in 7-bit ASCII—can be extended to include non-ASCII information called Unicode—up to 4 bytes


Scenario: Alice sends message to Bob

1) Alice uses UA to compose message and “to” [email protected]

2) Alice’s UA sends message to her mail server; message placed in message queue

3) Client side of SMTP opens TCP connection with Bob’s mail server

4) SMTP client sends Alice’s message over the TCP connection

5) Bob’s mail server places the message in Bob’s mailbox

6) Bob invokes his user agent to read message

useragent

mailserver

mailserver user

agent

1

2 3 4 56

useragent

mailserver

mailserver user

agent

1

2 3 4 56

smtpsmtp

POP3, IMAP,

or http


Mini Lab--Sample SMTP interaction

After telnetting to a Unix machine using puttyType telnet mail.csuchico.edu 25(Client lines are what you enter—case sensitive)S: 220 csuchico.edu

C: HELO csuchico.edu S: 250 Hello csuchico.edu, pleased to meet you C: MAIL FROM: <[email protected]> S: 250 <[email protected]> ... Sender ok C: RCPT TO: <[email protected]> S: 250 <[email protected]> ... Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 csuchico.edu closing connection

Status code PhraseS: Server

C: Client

This ends a message

Check your mail to see if it worked

Seung Bae Im

The existence of the recipient is not checked. only the syntax is checked at this time.So, you can compose an email to a non-existing user. Of course, the delivery by the email serve will fail and you will get a notification email.


SMTP: final words

SMTP uses persistent connections—stay connected until “QUIT” so that multiple message can be delivered

SMTP requires message (header & body) to be in 7-bit ASCII

SMTP server uses CRLF.CRLF to determine end of message

Comparison with HTTP:

HTTP: pull SMTP: push

both have ASCII command/response interaction, status codes

HTTP: each object encapsulated in its own response msg

SMTP: multiple objects sent in multipart msg


Mail message format

SMTP: protocol for exchanging email msgs

RFC 2822 : standard for text message format:

header lines, e.g., To: From: Subject:

body the “message”, ASCII

characters only

header

body

blankline

ftp://ftp.rfc-editor.org/in-notes/rfc2822.txt


Message format: multimedia extensions: READ

MIME: Multipurpose Internet Mail Extensions, RFC 2045-2049—provides multimedia e-mail

additional lines in msg header declare MIME content type

multimedia datatype, subtype,

parameter declaration

method usedto encode data

MIME version

encoded data

From: [email protected]

To: [email protected]

Subject: Picture of me

MIME-Version: 1.0

Content-Transfer-Encoding: base64

Content-Type: Multipart/Mixed; Boundary=StartOfNextPart

--StartOfNextPartHello John

I am sending the photo of me.

Bye, Bill

--StartOfNextPart

Content-Type: image/gif

Content-Transfer-Encoding: base64base64 encoded data for the image.....

base64 encoded data ..................

......................................

......base64 encoded data

multipart


Example of Base64 encoding

universal ASCII character set (64 character set) ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/


Mail access protocols

SMTP: protocol for message delivery to receiver’s server Mail access protocol: retrieval from server by UA

POP3: Post Office Protocol [RFC 1939]• authorization (agent <-->server) and download

IMAP4: Internet Message Access Protocol [RFC 2060]• more features (more complex)• manipulation of stored msgs on server

HTTP: Web front -- Hotmail , Yahoo! Mail, etc.

useragent

sender’s mail server

useragent

SMTP SMTP accessprotocol

receiver’s mail server


POP3 protocol: [RFC 1939]

authorization phase client commands:

user: declare username

pass: password server responses

+OK -ERR

transaction phase list: list message

numbers retr: retrieve message by

number dele: delete Quit

update phase Delete marked messages

C: list S: 1 498 S: 2 912 S: . C: retr 1 S: <message 1’s contents> S: . C: dele 1 C: retr 2 S: <message 1’s contents> S: . C: dele 2 C: quit S: +OK POP3 server signing off

S: +OK POP3 server ready C: user bob S: +OK C: pass hungry S: +OK user successfully logged on

Server deletes marked messagesNo interactions with the client


Mini Lab for POP3 protocol

In command prompt, type telnet mail.ecst.csuchico.edu Then type user your user login name Type pass your password here **be careful not to show it to

others** Try the commands (in previous slide) such as

LIST STAT LIST RETR DELE RSET TOP QUIT


POP3 (more) and IMAP

More about POP3 Previous example uses

“download-and-delete” mode.

Bob cannot re-read e-mail if he changes client(another machine)

“Download-and-keep”: copies of messages on different clients

POP3 is stateless across sessions—simple

Can not manipulate folders on server

IMAPKeep all messages in one place: the serverAllows user to organize messages in folders: INBOX, Sent Items, …IMAP keeps user state across sessions:

names of folders and mappings between message IDs and folder name

Permits UA to obtain some components only—e.g. headers only—useful on slow links


ComparisonHow do IMAP and POP compare? READ The chart below summarizes a some of the key features and differences.

Features IMAP POP

Mail Location Your mail is stored on the mail server. Your mail is downloaded to your local workstation and deleted from the server.

Accessing Mail from Multiple Locations/Clients

Since your mail resides on the server, you can access it from any system with an IMAP client or via a browser with a web-based email.

As email is downloaded from the server each time you use your POP client to read mail, it is not recommended that you use POP clients on multiple workstations. Your mail will be scattered across multiple systems and hard to manage.

Security Your mail is accessed via secure connections to the mail server using Kerberos or SSL.

Access to your inbox is secure by Kerberos. Access to your local mail stores is determined by your workstation settings.

Viruses Since your email is kept on the server, viruses that attack your workstation can not corrupt your mail even if your workstation is infected.

Since your mail is kept on your workstation, your mail files are vulnerable to any attacks on your machine.

New Hardware /Local Hardware Failures

Since your mail is stored on the server, there is nothing to move when you upgrade to a new workstation or to lose if your system is damaged.

Since your mail is stored on your local machine, you need to transfer any old mail you want to keep to your new workstation. In cases of system failure/damage, you are reliant on your own backups to restore your mail.

Spam Screening Once you set up the Spam screen on the server, SPAM is filtered there automatically.

You have to create a local spam folder and set up your own local filters for local pop spam filtering.

http://www.imap.org/imap.vs.pop.html


Features IMAP POP

Off-line Mail Reading Most IMAP clients have an option for downloading a portion of your email for off-line reading, but the default method requires being connected to the network.

As POP downloads your mail to your local workstation, you need only be connected to the network for the initial download.

Quota Your quota for storing mail on the server is limited.

Your mail server quota is limited. Since mail is downloaded to your workstation, the limiting factor is disk space on your local machine.

Backup Your mail is stored on an enterprise grade mail server. However, there is usually no service available to request backup copies of email messages accidentally deleted. You may wish to keep a backup of your mail locally.

As your mail is deleted from the server once you download it, it is your responsibility to maintain backups of your data in case of hardware failures, viruses or other events that could cause data loss.

Folder manipulation Remote folder manipulation providedAlso, multiple folders are supported

No folder capability

Comparison—Cont’d


Web-Based e-mail

Uses web interface as alternative to e-mail clients such as Outlook, Eudora

Hotmail, Gmail and Yahoo! Mail Features similar to IMAP—ex: using Outlook Web Access Can access whenever a web browser is available Bigger size—e-mail wrapped in html: plain text e-mails

< 2KB but when wrapped in html > 40KB Slow due to size increase Webmail accounts are often target of SPAM Webmail has the Problem of security

http://en.wikipedia.org/wiki/Web-based_e-mail

http://en.wikipedia.org/wiki/Outlook_Web_Access

http://www.unc.edu/courses/pre2000fall/law357c/cyberprojects/spring99/spam/name.html





SMTP, POP3, IMAP

2.5 DNS






DNS: Domain Name System

People: many identifiers: SSN, name, passport

#

Internet hosts, routers: IP address (32 bit) -

used for identifying hosts

“name”, e.g., ww.yahoo.com - used by humans

Q: map between IP addresses and name ?

www.csuchico.edu

132.241.82.62

Early solution hosts.txt

ARPANET used “hosts.txt” file stored in INTERNIC(Internet Network Information Center) – managed centally & downloaded periodically to local systems

Disadvantages?

http://www.potaroo.net/t4/pdf/devcon.pdf#search=%22internic%20hosts.txt%20download%22


Example of DNS query using “nslookup”

By nslookup command ex. nslookup www.csuchico.edu

Result is:

$ nslookup www.csuchico.edu

Server: rover.ecst.csuchico.eduAddress: 132.241.6.10

Non-authoritative answer:Name: calypso.csuchico.eduAddress: 132.241.82.62Aliases: www.csuchico.edu

Identitiy of DNS server

Answer

Query

?

http://www.csuchico.edu/

http://www.csuchico.edu/


DNS

distributed database implemented in hierarchy of many name servers

application-layer protocol for hosts & name servers to communicate to resolve names (address/name translation) note: One of core Internet functions

implemented as application-layer protocol used by appl layer protocols—http, smtp, ftp

DNS protocol runs over UDP using port 53


DNS functions:

Forward resolution

Reverse resolution (Reverse DNS)

DNS client

DNS server

What is IP address of www.csuhico.edu?

It is 132.241.82.62

DNS client

DNS server

What is Domain name of 132.241.82.62?

It is calypso.csuchico.ed

u


DNS

Why not centralize DNS? single point of failure traffic volume distant centralized database

—availability problem Maintenance single point of failure

doesn’t scale!

DNS services Hostname to IP address

translation Host aliasing

Canonical(original) and alias names

Mail server aliasing (MX) Load distribution

Replicated Web servers: set of IP addresses for one canonical name—DNS servers give out addresses in a round-robin fashion

E.g. Result of nslookup csuchico.edu is: 132.241.82.38,

132.241.82.39, 132.241.82.59

Seung Bae Im

canonical means:Conforming to orthodox or well-established rules or patterns, as of procedure.IN DNS, it means "real name" or "original name"


DNS load distribution at work

C:\Documents and Settings\Administrator>nslookup csuchico.edu

Server: menkure.net.CSUChico.EDUAddress: 132.241.66.6

Name: csuchico.eduAddresses: 132.241.82.59, 132.241.82.38, 132.241.82.39

C:\Documents and Settings\Administrator>nslookup csuchico.edu

Server: menkure.net.CSUChico.EDUAddress: 132.241.66.6

Name: csuchico.eduAddresses: 132.241.82.39, 132.241.82.59, 132.241.82.38


DNS name hierarchy (tree)

aero educom gov net org ac kr us zw

Unnamed root

csuchico

ecstcob

.

ibmlab eece

research

www

zones

gTLD(generic Top Level Domain) ccTLD(country code Top Level Domain

SLD(Second Level Domain)

Third Level Domain

Zone is an area of administration for a DNS namespace—Each zone has a “zone database”

http://en.wikipedia.org/wiki/List_of_Internet_TLDs

Seung Bae Im

Seung Bae Im6/21/2006List of gTLD:.aero - for the air transport industry .biz - for business use .cat - for Catalan language/culture .com - for commercial organizations, but unrestricted .coop - for cooperatives .edu - for educational establishments .gov - for governments and their agencies in the United States .info - for informational sites, but unrestricted .int - for international organizations established by treaty .jobs - for employment-related sites .mil - for the US military .museum - for museums .name - for families and individuals .net - originally for network infrastructures, now unrestricted .org - originally for organizations not clearly falling within the other gTLDs, now unrestricted .pro - for certain professions .travel - for travel agents, airlines, hoteliers, tourism bureaus, etc.

Seung Bae Im

Country code top-level domains Active: .ac .ad .ae .af .ag .ai .al .am .an .ao .aq .ar .as .at .au .aw .az .ba .bb .bd .be .bf .bg .bh .bi .bj .bm .bn .bo .br .bs .bt .bv .bw .by .bz .ca .cc .cd .cf .cg .ch .ci .ck .cl .cm .cn .co .cr .cu .cv .cx .cy .cz .de .dj .dk .dm .do .dz .ec .ee .eg .er .es .et .eu .fi .fj .fk .fm .fo .fr .ga .gd .ge .gf .gg .gh .gi .gl .gm .gn .gp .gq .gr .gs .gt .gu .gw .gy .hk .hm .hn .hr .ht .hu .id .ie .il .im .in .io .iq .ir .is .it .je .jm .jo .jp .ke .kg .kh .ki .km .kn .kr .kw .ky .kz .la .lb .lc .li .lk .lr .ls .lt .lu .lv .ly .ma .mc .md .mg .mh .mk .ml .mm .mn .mo .mp .mq .mr .ms .mt .mu .mv .mw .mx .my .mz .na .nc .ne .nf .ng .ni .nl .no .np .nr .nu .nz .om .pa .pe .pf .pg .ph .pk .pl .pm .pn .pr .ps .pt .pw .py .qa .re .ro .ru .rw .sa .sb .sc .sd .se .sg .sh .si .sk .sl .sm .sn .sr .st .sv .sy .sz .tc .td .tf .tg .th .tj .tk .tl .tm .tn .to .tr .tt .tv .tw .tz .ua .ug .uk .us .uy .uz .va .vc .ve .vg .vi .vn .vu .wf .ws .ye .yt .yu .za .zm .zw


Root DNS Servers

com DNS servers org DNS servers edu DNS servers

poly.eduDNS servers

umass.eduDNS servers

yahoo.comDNS servers

amazon.comDNS servers

pbs.orgDNS servers

Distributed, Hierarchical Database

Client wants IP for www.amazon.com; 1st approx: Client queries a root server to find com DNS

server Client queries com DNS server to get

amazon.com DNS server Client queries amazon.com DNS server to get

IP address for www.amazon.com

Root servers

TLD servers

Authoritative DNS

servers


DNS: Root name servers-- http://en.wikipedia.org/wiki/Root_nameserver

contacted by local name server that can not resolve name root name server:

13 currently—named such as a.root-servers.net a.root-servers.net to m.root-servers.net

Root name servers have database for all TLD servers

13 root name servers worldwide

b USC-ISI Marina del Rey, CAl ICANN Los Angeles, CA

e NASA Mt View, CAf Internet Software C. Palo Alto, CA (and 17 other locations)

i Autonomica, Stockholm (plus 3 other locations)

k RIPE London (also Amsterdam, Frankfurt)

m WIDE Tokyo

a Verisign, Dulles, VAc Cogent, Herndon, VA (also Los Angeles)d U Maryland College Park, MDg US DoD Vienna, VAh ARL Aberdeen, MDj Verisign, ( 11 locations)


TLD and Authoritative Servers

Top-level domain (TLD) servers: responsible for gTLD(generic TLD) and ccTLD(country code TLD) Network solutions maintains servers for com

TLD Educause for edu TLD

Authoritative DNS servers: organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e.g., Web and mail). Can be maintained by organization or ISP


Local Name Servers

Each ISP (residential ISP, company, university) has one. Also called “default name server” of a zone

When a host makes a DNS query, query is sent to its local DNS server Depending upon a query (either “iterative

query” or “recursive query”) the server acts differently

Also depending upon the server settings (“iterative service” or “recursive service”) the server acts differently


requesting hostcis.poly.edu

gaia.cs.umass.edu

root DNS server

local DNS serverdns.poly.edu

1

23

4

5

6

authoritative DNS serverdns.cs.umass.edu

78

TLD DNS server

Example

Host at cis.poly.edu wants IP address for gaia.cs.umass.edu

Recursive server

Recursive query

Iterative queries


Recursive or non-Recursive(Iterarive) modesFollowing copied from section 4.3.1. Queries and responses of RFC 1034ftp://ftp.rfc-editor.org/in-notes/rfc1034.txt

The way that the name server answers the query depends upon whether it is operating in recursive mode or not:

- The simplest mode for the server is non-recursive, since it can answer queries using only local information: the response contains an error, the answer, or a referral to some other server "closer" to the answer. All name servers must implement non-recursive queries.

- The simplest mode for the client is recursive, since in this mode the name server acts in the role of a resolver and returns either an error or the answer, but never referrals. This service is optional in a name server, and the name server may also choose to restrict the clients which can use recursive mode



DNS: caching and updating records

once (any) name server(also dns client) learns mapping, it caches the mapping cache entries timeout (TTL) after some time TLD servers typically cached in local name

servers• Thus root name servers not often visited• Typically a name server may contact a root server

every 48 hours on the average

Static or Dynamic DNS Static DNS – entries on DNS servers manually

updated Dynamic DNS (DDNS—RFC 2136): Hosts register to

DNS server in real time—READ DDNS useful when IP addresses change usually by DHCP Used in Windows Active Directory Also popularly used for home computers with DNS names



DNS in action: (From: http://en.wikipedia.org/wiki/Domain_name_system)

To see this local cache on Windows systems, type

ipconfig /displaydns

Also try “ipconfig /flushdns”

GetHostByNam

e

DNS server

DNS server


a DNS server’s cache (Windows 2003 server)

Cache content after www.csuchico.edu was queried to this DNS server


DNS records in DNS database

DNS: distributed db storing resource records (RR)

Type=NS name is domain (e.g.

foo.com) value is hostname of

authoritative name server for this domain

RR format: (name, value, type, ttl)

Type=A name is hostname value is IP address

Type=CNAME name is alias name for some

“canonical” (the real) name www.ibm.com is really servereast.backup2.ibm.com value is canonical name

Type=MX value is name of mailserver

associated with name

Try http://www.iptools.com/ or http://mydnstools.info/ Any other tools found?


Example of Resource Records

Generated from “DNS Lookup” with ‘csuchico’ & MX records at http://mydnstools.info/


DNS protocol, messages

DNS protocol : query and reply messages, both with same message format

msg header identification: 16 bit #

for query, reply to query uses same #

flags: query or reply recursion desired recursion available reply is authoritative


DNS protocol, messages

Name, type fields for a query

RRs in responseto query

records forauthoritative servers

additional “helpful”info that may be used


Entering a domain into DNS Read this link

Example: just created startup “Network Utopia” Register name networkuptopia.com at a registrar

(e.g., Network Solutions) Need to provide registrar with names and IP addresses

of your authoritative name server (primary and secondary)

Registrar inserts two RRs into the com TLD server:

(networkutopia.com, dns1.networkutopia.com, NS)(dns1.networkutopia.com, 212.212.212.1, A)

Put in authoritative server Type A record for www.networkuptopia.com and Type MX record for networkutopia.com

How do people get the IP address of your Web site? By DNS


Mini Lab: DNS—Hand-in next class

In command prompt, type nslookup and type root and type csuchico.edu and type server A.GTLD-SERVERS.NET and type csuchico.edu and type server sdsu.edu and type www.csuchico.edu – Can you tell what you have been doing?

In nslookup, type set type=MX and type csuchico.edu –What do you see?

Try some tools for DNS such as http://www.iptools.com/ or http://mydnstools.info/

Try to find other interesting tools for DNS.

Answer the above two questions Find and mention anything interesting about

DNS in your report



2.1 Principles of network applications app architectures app requirements

2.2 Web and HTTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS





Pure P2P architecture

no always-on server arbitrary end systems

directly communicate peers are

intermittently connected and change IP addresses

Three topics: File distribution Searching for

information Case Study: Skype

peer-peer


File Distribution: Server-Client vs P2P

Question : How much time to distribute file from one server to N peers?

us

u2d1 d2u1

uN

dN

Server

Network (with abundant bandwidth)

File, size F

us: server upload bandwidth

ui: peer i upload bandwidth

di: peer i download bandwidth


File distribution time: server-client

us

u2d1 d2u1

uN

dN

Server


F server

sequentially sends N copies: NF/us time

client i takes F/di

time to download

increases linearly in N(for large N)

= dcs = max { NF/us, F/min(di) }i

Time to distribute F to N clients using

client/server approach


File distribution time: P2P

us

u2d1 d2u1

uN

dN

Server


F server must send one copy: F/us time

client i takes F/di time to download

NF bits must be downloaded (aggregate) fastest possible upload rate: us + ui

dP2P = max { F/us, F/min(di) , NF/(us + ui) }i


0

0.5

1

1.5

2

2.5

3

3.5

0 5 10 15 20 25 30 35

N

Min

imu

m D

istr

ibut

ion

Tim

e P2P

Client-Server

Server-client vs. P2P: example

Client upload rate = u, F/u = 1 hour, us = 10u, dmin ≥ us


File distribution: BitTorrent

tracker: tracks peers participating in torrent

torrent: group of peers exchanging chunks of a file

obtain listof peers

trading chunks

peer

P2P file distribution


BitTorrent (1)

file divided into 256KB chunks. peer joining torrent:

has no chunks, but will accumulate them over time

registers with tracker to get list of peers, connects to subset of peers (“neighbors”)

while downloading, peer uploads chunks to other peers.

peers may come and go once peer has entire file, it may (selfishly) leave

or (altruistically) remain


BitTorrent (2)

Pulling Chunks at any given time,

different peers have different subsets of file chunks

periodically, a peer (Alice) asks each neighbor for list of chunks that they have.

Alice sends requests for her missing chunks rarest first

Sending Chunks: tit-for-tat Alice sends chunks to four

neighbors currently sending her chunks at the highest rate re-evaluate top 4 every

10 secs every 30 secs: randomly

select another peer, starts sending chunks newly chosen peer may

join top 4 “optimistically unchoke”


BitTorrent: Tit-for-tat

(1) Alice “optimistically unchokes” Bob(2) Alice becomes one of Bob’s top-four providers; Bob reciprocates(3) Bob becomes one of Alice’s top-four providers

With higher upload rate, can find better trading partners & get file faster!


P2P: searching for information

File sharing (eg e-mule)

Index dynamically tracks the locations of files that peers share.

Peers need to tell index what they have.

Peers search index to determine where files can be found

Instant messaging Index maps user

names to locations. When user starts IM

application, it needs to inform index of its location

Peers search index to determine IP address of user.

Index in P2P system: maps information to peer location(location = IP address & port number).


P2P: centralized index

original “Napster” design

1) when peer connects, it informs central server: IP address content

2) Alice queries for “Hey Jude”

3) Alice requests file from Bob

centralizeddirectory server

peers

Alice

Bob

1

1

1

12

3


P2P: problems with centralized directory

single point of failure performance

bottleneck copyright

infringement: “target” of lawsuit is obvious

file transfer is decentralized, but locating content is highly centralized


Query flooding

fully distributed no central server

used by Gnutella Each peer indexes

the files it makes available for sharing (and no other files)

overlay network: graph edge between peer X

and Y if there’s a TCP connection

all active peers and edges form overlay net

edge: virtual (not physical) link

given peer typically connected with < 10 overlay neighbors


Query flooding

Query

QueryHit

Query

Query

QueryHit

Query

Query

QueryHit

File transfer:HTTP

Query messagesent over existing TCPconnections peers forwardQuery message QueryHit sent over reversepath

Scalability:limited scopeflooding


Gnutella: Peer joining

1. joining peer Alice must find another peer in Gnutella network: use list of candidate peers

2. Alice sequentially attempts TCP connections with candidate peers until connection setup with Bob

3. Flooding: Alice sends Ping message to Bob; Bob forwards Ping message to his overlay neighbors (who then forward to their neighbors….) peers receiving Ping message respond to

Alice with Pong message4. Alice receives many Pong messages, and can

then setup additional TCP connections


Hierarchical Overlay

between centralized index, query flooding approaches

each peer is either a super node or assigned to a super node TCP connection between

peer and its super node. TCP connections between

some pairs of super nodes.

Super node tracks content in its children

ordinary peer

group-leader peer

neighoring re la tionshipsin overlay network


P2P Case study: Skype

inherently P2P: pairs of users communicate.

proprietary application-layer protocol (only can be inferred via reverse engineering)

hierarchical overlay with SNs

Index maps usernames to IP addresses; distributed over SNs

Skype clients (SC)

Supernode (SN)

Skype login server


Peers as relays

Problem when both Alice and Bob are behind “NATs”. NAT prevents an

outside peer from initiating a call to insider peer

Solution: Using Alice’s and Bob’s

SNs, Relay is chosen Each peer initiates

session with relay. Peers can now

communicate through NATs via relay


Major issues for P2P

Security—e.g. malicious code posted on P2P networks

Privacy Anonymity Copyright infringement Intellectual property

For more detailed information about P2P, read http://cis.poly.edu/~ross/tutorials/P2PtutorialInfocom.pdf





SMTP, POP3, IMAP

2.5 DNS





Socket programming

Socket API introduced in BSD4.1

UNIX, 1981 Sockets are explicitly

created, used, released by apps

Use client/server paradigm

two types of transport service via socket API: unreliable datagram reliable, byte stream-

oriented

a host-local, application-created,

OS-controlled interface (a “door”) into which

application process can both send and

receive messages to/from another

application process

socket

Goal: learn how to build client/server application that communicate using sockets


Socket-programming using TCP

Socket: a door between application process and end-end-transport protocol (UCP or TCP)

TCP service: reliable transfer of bytes from one process to another

process

TCP withbuffers,

variables

socket

controlled byapplicationdeveloper

controlled byoperating

system

host orserver

process

TCP withbuffers,

variables

socket

controlled byapplicationdeveloper

controlled byoperatingsystem

host orserver

internet


Socket implements SAP(Service Access Point)

Socket-to-socket communicationSocket = IP addr + Port #


Port # assignments--revisited

IANA Ranges

Well-known ports: from 0 to 1,023

Registered ports: 1,024 to 49,151

Dynamic ports: from 49,152 to 65,535

(ephemeral ports).


Socket programming with TCP

Client must contact server server process must first

be running server must have created

socket (door) that welcomes client’s contact

The door should be well-known

Client contacts server by: creating client-local TCP

socket specifying IP address, port

number of server process When client creates

socket: client TCP establishes connection to server TCP

When contacted by client, server TCP creates new socket for server process to communicate with client allows server to talk

with multiple clients source port numbers

used to distinguish clients (more in Chap 3)

TCP provides reliable, in-order transfer of bytes (“pipe”) between client and server

application viewpoint


TCP is a peer-to-peer, connection-oriented protocol. There are no master/slave relations. The applications, however, use a client/server model for communication.A server is an application that offers a service to users who run client programs; a client is a requester of a service. An application consists of both a server and a client part, which can run on the same or on different systems.Users usually invoke the client part of the application, which builds a request for a particular service and sends it to the server part of the application using TCP/IP as a transport vehicle.The server is a program that receives a request, performs the required service and sends back the results in a reply. A server can usually deal with multiple requests (multiple clients) at the same time (concurrent service).Most servers wait for clients' requests at a well-known port so that their clients know to which TCP socket they must direct their requests. The client usually uses an OS-assigned arbitrary port number (also called “ephemeral port” or “dynamic port”) for its communication. Clients that wish to communicate with a server that does not use a well-known port must either know the port number or have another mechanism for learning to which port they must address their requests.This mechanism might employ a registration service such as Portmap, which uses a well-known port.

Client/Server Model


Client/server socket interaction: TCP

wait for incomingconnection requestconnectionSocket =welcomeSocket.accept()

create socket,port=x, forincoming request:

welcomeSocket = ServerSocket()

create socket,connect to hostid, port=xclientSocket =

Socket()

closeconnectionSocket

read reply fromclientSocket

closeclientSocket

Server (running on hostid) Client

send request usingclientSocketread request from

connectionSocket

write reply toconnectionSocket

TCP connection setup

Read http://en.wikipedia.org/wiki/Inetd

Chap 2: Application Layer 135ou

tToS

erve

r

to network from network

inFr

omS

erve

r

inFr

omU

ser

keyboard monitor

Process

clientSocket

inputstream

inputstream

outputstream

TCPsocket

Clientprocess

client TCP socket

Stream jargon

A stream is a sequence of characters that flow into or out of a process.

An input stream is attached to some input source for the process, e.g., keyboard or socket.

An output stream is attached to an output source, e.g., monitor or socket.


Socket programming with TCP

Example client-server app:1) client reads line from standard input

(inFromUser stream) , sends to server via socket (outToServer stream)

2) server reads line from socket3) server converts line to uppercase,

sends back to client4) client reads, prints modified line

from socket (inFromServer stream)


Example: Java client (TCP)

import java.io.*; import java.net.*; class TCPClient {

public static void main(String argv[]) throws Exception { String sentence; String modifiedSentence;

BufferedReader inFromUser = new BufferedReader(new InputStreamReader(System.in));

Socket clientSocket = new Socket("hostname", 6789);

DataOutputStream outToServer = new DataOutputStream(clientSocket.getOutputStream());

Createinput stream

Create client socket,

connect to server

Createoutput stream

attached to socket


Example: Java client (TCP), cont.

BufferedReader inFromServer = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));

sentence = inFromUser.readLine();

outToServer.writeBytes(sentence + '\n');

modifiedSentence = inFromServer.readLine();

System.out.println("FROM SERVER: " + modifiedSentence);

clientSocket.close(); } }

Createinput stream

attached to socket

Send lineto server

Read linefrom server


Example: Java server (TCP)

import java.io.*; import java.net.*;

class TCPServer {

public static void main(String argv[]) throws Exception { String clientSentence; String capitalizedSentence;

ServerSocket welcomeSocket = new ServerSocket(6789); while(true) { Socket connectionSocket = welcomeSocket.accept();

BufferedReader inFromClient = new BufferedReader(new InputStreamReader(connectionSocket.getInputStream()));

Createwelcoming socket

at port 6789

Wait, on welcomingsocket for contact

by client

Create inputstream, attached

to socket


Example: Java server (TCP), cont

DataOutputStream outToClient = new DataOutputStream(connectionSocket.getOutputStream());

clientSentence = inFromClient.readLine();

capitalizedSentence = clientSentence.toUpperCase() + '\n';

outToClient.writeBytes(capitalizedSentence); } } }

Read in linefrom socket

Create outputstream,

attached to socket

Write out lineto socket

End of while loop,loop back and wait foranother client connection





SMTP, POP3, IMAP

2.5 DNS





Socket programming with UDP

UDP: no “connection” between client and server

no handshaking sender explicitly attaches

IP address and port of destination to each packet

server must extract IP address, port of sender from received packet

UDP: transmitted data may be received out of order, or lost

application viewpoint

UDP provides unreliable transfer of groups of bytes (“datagrams”)

between client and server


Client/server socket interaction: UDP

Server (running on hostid)

closeclientSocket

read datagram fromclientSocket

create socket,clientSocket = DatagramSocket()

Client

Create datagram with server IP andport=x; send datagram via clientSocket

create socket,port= x.serverSocket = DatagramSocket()

read datagram fromserverSocket

write reply toserverSocketspecifying client address,port number


Example: Java client (UDP)

sendP

ack

et

to network from network

rece

iveP

ack

et

inF

rom

Use

r

keyboard monitor

Process

clientSocket

UDPpacket

inputstream

UDPpacket

UDPsocket

Output: sends packet (recallthat TCP sent “byte stream”)

Input: receives packet (recall thatTCP received “byte stream”)

Clientprocess

client UDP socket


Example: Java client (UDP)

import java.io.*; import java.net.*; class UDPClient { public static void main(String args[]) throws Exception { BufferedReader inFromUser = new BufferedReader(new InputStreamReader(System.in)); DatagramSocket clientSocket = new DatagramSocket(); InetAddress IPAddress = InetAddress.getByName("hostname"); byte[] sendData = new byte[1024]; byte[] receiveData = new byte[1024]; String sentence = inFromUser.readLine();

sendData = sentence.getBytes();

Createinput stream

Create client socket

Translate hostname to IP

address using DNS


Example: Java client (UDP), cont.

DatagramPacket sendPacket = new DatagramPacket(sendData, sendData.length, IPAddress, 9876); clientSocket.send(sendPacket); DatagramPacket receivePacket = new DatagramPacket(receiveData, receiveData.length); clientSocket.receive(receivePacket); String modifiedSentence = new String(receivePacket.getData()); System.out.println("FROM SERVER:" + modifiedSentence); clientSocket.close(); }

}

Create datagram with data-to-send,

length, IP addr, port

Send datagramto server

Read datagramfrom server


Example: Java server (UDP)

import java.io.*; import java.net.*; class UDPServer { public static void main(String args[]) throws Exception { DatagramSocket serverSocket = new DatagramSocket(9876); byte[] receiveData = new byte[1024]; byte[] sendData = new byte[1024]; while(true) { DatagramPacket receivePacket = new DatagramPacket(receiveData, receiveData.length);

serverSocket.receive(receivePacket);

Createdatagram socket

at port 9876

Create space forreceived datagram

Receivedatagra

m


Example: Java server (UDP), cont

String sentence = new String(receivePacket.getData()); InetAddress IPAddress = receivePacket.getAddress(); int port = receivePacket.getPort(); String capitalizedSentence = sentence.toUpperCase();

sendData = capitalizedSentence.getBytes(); DatagramPacket sendPacket = new DatagramPacket(sendData, sendData.length, IPAddress, port); serverSocket.send(sendPacket); } }

}

Get IP addrport #, of

sender

Write out datagramto socket

End of while loop,loop back and wait foranother datagram

Create datagramto send to client


Chapter 2: Summary

application architectures client-server P2P hybrid

application service requirements: reliability, bandwidth, delay

Internet transport service model connection-oriented,

reliable: TCP unreliable, datagrams: UDP

our study of network apps now complete!

specific protocols: HTTP FTP SMTP, POP, IMAP DNS P2P: BitTorrent, Skype

socket programming


Chapter 2: Summary

typical request/reply message exchange: client requests info or

service server responds with

data, status code

message formats: headers: fields giving

info about data data: info being

communicated

Most importantly: learned about protocols

Important themes: control vs. data msgs

in-band, out-of-band centralized vs.

decentralized stateless vs. stateful reliable vs. unreliable

msg transfer “complexity at network

edge”

Chap 2: Application Layer 1 Chapter 2 Application Layer Computer Networking: A Top Down Approach, 4...

Documents

Transcript of Chap 2: Application Layer 1 Chapter 2 Application Layer Computer Networking: A Top Down Approach, 4...