CIS 81 Fundamentals of Networking Chapter 10: Application Layer CCNA Introduction to Networking 5.0...

CIS 81 Fundamentals of NetworkingChapter 10: Application Layer

CCNA Introduction to Networking 5.0

Rick Graziani

Cabrillo College

[email protected]

Fall 2013

Chapter 10: Objectives

Explain how the functions of the application layer, session layer, and presentation layer work together to provide network services to end user applications.

Describe how common application layer protocols interact with end user applications.

Describe, at a high level, common application layer protocols that provide Internet services to end-users, including WWW services and email.

Describe application layer protocols that provide IP addressing services, including DNS and DHCP.

Describe the features and operation of well-known application layer protocols that allow for file sharing services, including: FTP, File Sharing Services, SMB protocol.

Explain how data is moved across the network, from opening an application to receiving data.

Peer-to-peer ModelClient / Server Model

Two Networking Models

Networked computers take on different roles or functions in relation to each other. Peer-to-Peer (P2P) network.

Variations: P2P networks and P2P applications. Client / Server network:

Requires central servers responding to client requests.

Peer-to-Peer Networking Model

In the peer-to-peer (P2P) networking model, the data is accessed from a peer device without the use of a server. Hosts can share resources (e.g., file access and print access) Devices can be a server for one service and a client for another.

Peer-to-Peer Networking Model Concerns

P2P networks decentralize the resources on a network. Data can be located anywhere and on any connected device.

P2P networks do not use centralized user accounts or access servers to maintain permissions. User accounts / rights must be set individually on each peer

device. Becomes difficult as more hosts are added to the network.

Peer-to-Peer Application

Peer-to-peer (P2P) applications enable hosts to act as both a client and a server within the same communication. Every client is a server and every server a client. Both can initiate a communication and are considered equal in

the communication process.

NOTE: P2P applications can be used on:•P2P networks•Client/server networks•Across the Internet.

Peer-to-Peer Application

Each peer accesses a central index server to get the location of a resource stored on another peer. The index server can also help connect two peers, but after

connected, the communication takes place between the two peers without additional communication to the index server.

Peer-to-Peer Application Common P2P applications include:

eDonkey eMule Shareaza BitTorrent Bitcoin

Some P2P applications are based on the Gnutella protocol. BearShare, Gnucleus, LimeWire, Morpheus, WinMX, and XoloX.

Peer-to-Peer (P2P) WARNING

Peer to Peer (P2P) applications

have become “the” medium for spreading

viruses, spywares, adware, malware.

Client Server Model

In a client server model, 2 computers typically communicate with each other by using request/response protocols. The requestor takes on the role of a clientclient. The responder takes on the role of a serverserver.

Client Server Model Files are downloaded from a server. Files / requests are uploaded from a client.

Servers Servers typically require more processing power, memory, and

specialized software.

Servers with Multiple Clients

Servers typically have multiple clients requesting information at the same time.

Servers

A Server runs a service, or process. Sometimes called a server daemon.

Daemon: A service that runs in the background “Listens" for a request from a client Programmed to respond to service requests

OSI Application, Session, and Presentation Layers

The OSI and TCP/IP Reference Models The application layer is the top layer of both the OSI and TCP/IP

models. The OSI application layer is closest to the end user.

When discussing network functionality, networking professionals tend to use the OSI terms for the bottom three layers.

Because of the TCP/IP protocol dominance, the TCP/IP Application and Transport Layer terms are used.

The OSI Presentation Layer

The OSI presentation layer has three primary functions: Formats, or presents, data from the source device into a

compatible form for receipt by the destination device. Compression of the data in a way that can be decompressed

by the destination device. Encryption of the data for transmission and the decryption of

data upon receipt by the destination.

The OSI Session Layer

The OSI session layer creates and maintains dialogs between source and destination applications.

The session layer handles the exchange of information to: Initiate dialogs Keep dialogs active Restart sessions that are disrupted or idle for a long period of

time.

The TCP/IP Application LayerThere are many TCP/IP application layer protocols and new protocols are always being developed.

HTTP – Hypertext Transfer Protocol

DNS - Domain Name System

SMTP - Simple Mail Transfer Protocol

POP - Post Office Protocol

IMAP - Internet Message Access Protocol

FTP - File Transfer Protocol

TFTP - Trivial File Transfer Protocol

DHCP - Dynamic Host Configuration Protocol

Application Layer Protocols

Common Application Layer ProtocolsHypertext Transfer Protocol (HTTP) • Used to transfers files that make up the web pages.

Simple Mail Transfer Protocol (SMTP) • Used to transfer mail messages and attachments.

Post Office Protocol (POP) • Used by email clients to retrieve email from a remote server.

Internet Message Access Protocol (IMAP)

• Used by email clients to retrieve email from a remote server.

Domain Name System (DNS) • Used to resolve Internet names to IP addresses

Telnet • Used to provide remote access to networking devices.

File Transfer Protocol (FTP) • Used for interactive file transfer between systems.

Trivial File Transfer Protocol (TFTP) • Used for connectionless active file transfer.

Dynamic Host Configuration Protocol (DHCP)

• Used to dynamically assign an IP address, subnet mask, default gateway, and DNS server addresses to a host.

Bootstrap Protocol (BOOTP) • Used as a precursor to the DHCP protocol. • BOOTP is a network protocol used to obtain IP address

information during bootup.

* Application layer protocols that are involved in everyday work or play .

HTTP

SMTP

POP

IMAP

DNS

Telnet

FTP

TFTP

DHCP

BOOTP

Acronym Alert

TCP/IP Application Layer Protocols

ApplicationApplication LayerLayer

TransportTransport LayerLayer

Internet Internet LayerLayer

NetworkNetworkAccessAccess LayerLayer LAN / WAN

IP

TCP UDP

HTTP SMTP POP FTP DNS DHCP TFTP SNMP

TCP/IP Application Layer Protocols Most common are the ones that provide exchange of user

information.

Server Farm

The protocols in the TCP/IP suite are generally defined by Requests for Comments (RFCs).

The Internet Engineering Task Force (IETF) maintains the RFCs as the standards for the TCP/IP suite.

RFC Database

Web Web ServerServer

EMAIL EMAIL ServerServer

FTPFTPServerServer

TelnetTelnetServerServer

DNS DNS ServerServer

DHCPDHCPServerServer

HTTP



FTPFTPServerServer




Hypertext Transfer Protocol (HTTP)

Hypertext Transfer Protocol (HTTP) works with the World Wide Web. Contributed to the fast growth of the Internet.

HTTP is a client-server application. HTTP is used to transfer files from a Web Server to your Internet

browser. Similar to FTP but it can only download files, and not upload

them.

HTTP URL (Uniform Resource Locator)

When a URL (Uniform Resource Locator) is typed in the address bar of a web browser, the browser establishes a connection using the HTTP protocol to the web service running on the server. URLs and URIs (Uniform Resource Identifier) are the names

most people associate with web addresses.

Anatomy of a URL

Protocol Folder / Path

Domain name Filename

http://www.cambriancollege.ca/Pages/Home.aspx

Path / Filename Query

Port # Query Parameter

http://www.cambriancollege.ca:80/Search/Results.aspx?k=CETY

HTTP Browsers

Browsers can interpret and present many data types including: Plain text Hypertext Markup Language (HTML) which is the language in

which web pages are constructed. Other types of data, but may require another service or program,

typically referred to as plug-ins or add-ons. Flash Adobe Acrobat Reader Realaudio

30

HTTP (HyperText Transfer Protocol)

HTTP – The Web’s application layer protocol. RFC 1945 and RFC 2616 Implemented in:

Client program Server program

Current version: HTTP/1.1 Encapsulated in TCP (more later)

HTTP Server

HTTP Client

HTTPHTTP

31

HTTP (HyperText Transfer Protocol)

Web page (also called a html document) Web page consists of objects

HTML file JPEG image JAVA applet Audio file

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<title>Rick Graziani, Cabrillo College</title><style type="text/css">

<!--

body {

margin-left: 0px;

margin-top: 0px;

margin-right: 0px;

margin-bottom: 0px;

The base HTML file references other objects in the page.

32

Web Browser - Client

Browser – The user agent for the Web. Displays requested Web page.

Browser and client may be used interchangeably in this discussion.

HTTP has nothing to do with how a Web page is interpreted (displayed) by the client (browser).

HTTP Client

33

Web Server

Web Server – Stores web objects, each addressable by a URL. Implement the server side of HTTP. Examples:

Apache Microsoft Internet Information Server

HTTP Server

34

HTTP Request Message

Request Message Request line Header lines

ASCII Text

GET /~rgraziani/ HTTP/1.1

Accept-Language: en-us

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; InfoPath.1)

Host: www.cabrillo.edu

Connection: Keep-Alive

HTTP Client

HTTP Server

Some data omitted for brevity

35


Request Line

GET - Browser/client is requesting an object

/~rgraziani/ - Browser is requesting this object in this

directory (default is index.html)

HTTP/1.1 - Browser implements the HTTP/1.1 (1.1 is

backwards compatible with 1.0)






36


Request Line

GET: - Used by browser/client to request an object.

POST: - Used when user has filled out a form and sending

information to the server. (Forms do not have to

use POST.)

- Example: words in a search engine

HEAD: - Similar to a GET, but the server will responds with a

HTTP message but leaves out the requested object.

PUT: - Used with Web publishing tools, upload objects.

DELETE: - Used with Web publishing tools, delete objects.






HTTP Commands

POSTPOST and PUTPUT are used to send messages that upload data to the web server. For example, when the user enters data into a form embedded in a web

page, POST includes the data in the message sent to the server. PUT uploads resources or content to the web server such as a file or an

image.

38


Header Lines

Accept-Language:- User prefers this language of the object

User-Agent: - The browser type making the request

Host: - Host on which the object resides

Connection: - Client/browser is telling the server to keep

this TCP connection Open, known as a

persistent connection.

- We will talk about this later in TCP

(transport layer)






39

HTTP Response MessageHTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMTServer: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

Some data omitted for brevity

HTTP Client

HTTP Server

40




Response message: Status line Header lines Entity body

41




Status Line

HTTP/1.1 – Server is using HTTP/1.1

200 OK - Status code, request succeeded and information is

returned in response

42

HTTP Response MessageHTTP/1.1 404

Status Codes

200 OK

- Status code, request succeeded and information is returned in response.

301 Moved Permanently

- Requested object has been permanently moved.

400 Bad Request

- Generic error message, request not understood by server.

404 Not Found:

-The requested document does not exist on server.

505 HTTP Version Not Supported

- The requested HTTP protocol version not supported by server.

43




Header Lines

Date: – Server is using HTTP/1.1

Server: - Status code, request succeeded and

information is returned in response

Last-Modified: – Date/time when object created or modified

Content-Length: – Number of bytes in object being sent

Connection: – Server going to close TCP connection after

sending the requested object.

Content-Type: – Object in entity body is HTML text

44




Entity Body

<!DOCTYPE html PUBLIC etc.:

– HTML text and other objects to be used by the browser/client

45

HTTP Request and Response MessagesGET /~rgraziani/ HTTP/1.1





HTTP Client

HTTP Server

HTTP/1.1 200 OKDate: Fri, 22 Feb 2008 16:34:18 GMTServer: Apache/2.0.52 (Red Hat)Last-Modified: Thu, 15 Nov 2007 19:33:12 GMTContent-Length: 15137Connection: closeContent-Type: text/html



HTTP

HTTP

HTTPS Secure HTTP (HTTPS) (TCP port 443) secures the communication

link between browser and web server. HTTPS can use authentication and encryption to secure data as

it travels between the client and server. The data stream is encrypted with Secure Socket Layer (SSL)

before being transported across the network. However, HTTPS creates additional load and processing time on

the server due to the encryption and decryption of traffic.

HTTPS is commonly used to connect to shopping sites and login pages where a user needs to enter sensitive information, like bank details and passwords.

47

FYI: User-Server Interaction: Cookies

Web servers are considered stateless – they do not maintain state information, keep track of the user. Higher performance – allowing the server to handle thousands of

simultaneous TCP connections (later). Web servers use cookies to track users. Cookies defined in RFC 2109

48

FYI: User-Server Interaction: Cookies

Web server installs cookies on client when: Accessed the web site for the first time (Web server does not know client

by name.)

and/or User provides information to the web server. (Web server now knows

client by name.) HTTP on Web server responds with a Set-cookie: header with an ID.

This ID is stored on the client’s computer. Each time client/browser accesses web site. The GET includes Cookie: or

User_ID or similar with the ID.

HTTP Client

HTTP Server

HTTP Requests (GET) now include ID

HTTP: Response Set-cookie: ID

HTTP Requests: GET (first time)

Web server can now track clients activities on the web site.

49

FYI: HTTP Request and Response MessagesGET /jpeg/cap81/cam0.36705623.rgb888.enc HTTP/1.1

<information omitted>

Cookie: SLSPOTNAME5=Cowells; SLSPOTNAME4=Waimea%20Bay; SLSPOTNAME3=Pipeline; SLSPOTNAME2=38th%20Ave%2E; SLSPOTNAME1=Cowells; SLSPOTID5=4189; SLSPOTID4=4755; SLSPOTID3=4750; SLSPOTID2=4191; SLSPOTID1=4189; OAX=R8bfwEbcU08ABCBu; USER_ID=5551212 <not my actual user-id>; <rest of informaton omitted for brevity>

HTTP Client

HTTP Server

HTTP/1.1 200 OKDate: Fri, 22 Feb 2008 19:00:15 GMTServer: Apache/1.3.34 (Unix)Last-Modified: Fri, 22 Feb 2008 18:51:47 GMTETag: "760a31-18ce-47bf19c3"Accept-Ranges: bytesContent-Length: 6350Keep-Alive: timeout=15, max=257Connection: Keep-AliveContent-Type: text/plain <information omitted>

HTTP: Cookie 5551212 included

HTTP data customized for Rick Graziani

50

Web Caching - Extra

Web cache or proxy server – Web cache satisfies HTTP requests on the behalf of the Origin Web server. Own disk storage Keeps copies of recently requested objects

Typically installed at ISP or larger institutions. Advantages:

Reduces the response time for client requests, especially if there are any bottlenecks in the network.

Reduces traffic on institution’s access link to the ISP (Internet).

Client

Client

Origin Server

Orgin Server

HTTP RequestHTTP

Request

HTTP RequestHTTP

Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

Web Cache or Proxy Server

51

Web Caching - Extra

1. Client/browser sends HTTP Request to Web cache (Proxy server).2. Web cache checks to see if it has a local copy of the object.

2a. Local copy: Web cache sends object to client’s browser. 2b. No Local copy: Web cache sends HTTP request to origin server.

3. Origin server sends object to Web cache.4. Web cache stores a local copy of the object.5. Web cache forwards copy of the object to the client browser.Note: TCP connections are also created between Client and Web Cache; Web

cache and Origin server (later).

Web Cache or Proxy Server

Client

Client

Origin Server

Origin Server

HTTP RequestHTTP

Request

HTTP RequestHTTP

Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

52

Web Caching (Extra)

Problem – stale cache Object may have been modified on Origin server since copy was

cached by the Web cache. Solution – Conditional GET

Request method: GET Includes header: If-Modified-Since:

Web cache sends Conditional GET to Origin server to see if there is a newer version of the object. No newer version: Send current local object Newer version: Replaces current object and forwards newer version.

53

Web Cache – Steps (Extra)

1. Client/browser sends HTTP Request to Web cache (Proxy server).

2. Web cache checks to see if it has a local copy of the object. No local copy

3. Web cache sends HTTP request to origin server.

4. Origin Web server sends HTTP response with object requested

5. Web cache stores local copy of the object with last-modified date.

6. Web cache forwards object to client/browser.

1. Web cache receives another request for this HTTP object.

2. Web cache sends a Conditional GET to the Origin Web server, with If-modified-since: header.

3. Origin Web Server returns: No change: HTTP Response message 304 Not Modified, no object.

Web cache sends local object. Change: HTTP Response 200 OK, with object.

Web cache replace object and forwards update object.

SMTPPOPIMAP



FTPFTPServerServer




E-Mail Protocols E-mail requires two protocols to operate:

Simple Mail Transfer Protocol (SMTP): Used to send email messages and attachments.

Post Office Protocol (POP) or Internet Message Access Protocol (IMAP): Used to retrieve emails from an email server.

Simple Mail Transfer Protocol (SMTP)

Email servers communicate with each other using the Simple Mail Transfer Protocol (SMTP) to send mail. SMTP uses TCP port 25.

The SMTP protocol transports email messages in ASCII format using TCP. SMTP uses the Multipurpose Internet Mail Extensions (MIME)

standard to attach non-ASCII files.

POP or IMAP are used by MUA clients to download their e-mails from an e-mail server. POP uses TCP port 110. IMAP uses TCP port 143.

57

SMTP – Simple Mail Transfer Protocol

Email – One of the killer applications of the Internet.

58

Internet mail involves: User agents

Allows users to read, reply, compose, forward, save, etc., mail messages GUI user agents: Outlook, Eudora, Messenger Text user agents: mail, pine, elm

Mail servers Stores user mail boxes, communicates with local user agents and other

mail servers. SMTP

Principle application layer protocol for Internet mail Sent over TCP

Mail access protocols: POP3, IMAP, HTTP

SMTPSMTP

POP3 IMAP

User agent User agentMail server Mail server


59

SMTP RFC 2821 Transfers messages from sender’s mail server to recipient’s mail

server Push protocol, not a pull protocol

Push (from client to server or server to server) Pull (from server to client)

Retrieving email Historically, users would log into local mail server to read mail. Since early 1990’s, clients use mail access protocols:

POP3 IMAP HTTP

SMTPSMTP

POP3 IMAP



60


POP3 (Post Office Protocol) RFC 1939 Limited functionality Uses TCP port 110 Download-and-delete mode

Retrieves messages on server and store the locally Delete messages on server

Download-and-keep mode Does not delete messages on server when retrieved.

Problem Difficult to access email from multiple computers – work and home. Some email may have already been downloaded on another

computer (work) – download-and-delete To read email from another computer, must leave on server –

download-and-keep Does not provide means for user to create remote folders on mail

server

61

IMAP (Internet Message Access Protocol) RFC 2060 Mail not downloaded, but kept on server Received email is associated with user’s INBOX Users can create and manage remote folders Users can retrieve portions of the email:

Message header: Subject line and Sender

Web-based email Introduced with Hotmail in mid-1990’s Communicates with remote mailbox using HTTP HTTP is used to push (client to server) and pull the email (server to

client)

SMTP

IMAP HTTP



SMTP

62

SMTP

Mail software, processes used: MTA and MDA MUA (Mail User Agent) – Email client software. MTA (Mail Transfer Agent) – Software using SMTP that governs transfer

of email between mail servers. Includes UNIX sendmail, Microsoft Exchange Server, Postfix, and Exim

MDA (Mail Delivery Agent) – Software that governs transfer of email from mail servers to clients. On Unix systems, procmail and maildrop are the most popular MDAs.

MTA receives email from the

client's MUA passes email to the MDA

for final delivery uses SMTP to route email

between servers

Video

63

64

Telnet

Telnet provides a standard method of emulating text-based terminal devices over the data network.

Server

Telnet Telnet

More SMTP

65

SMTP Protocol Message Format

Set of commands and replies that permit session initiation, mail transaction, forwarding mail, verifying mailbox names, expanding mailing lists, and opening and closing exchanges.

Sample commands: HELO - identifies the SMTP client process to the SMTP server

process EHLO - Is a newer version of HELO, which includes services

extensions MAIL FROM - Identifies the sender RCPT TO - Identifies the recipient DATA - Identifies the body of the message

Mail User Agent (MUA) An email client is called a Mail User Agent (MUA)Mail User Agent (MUA).

The MUA allows messages to be sent and places received messages into the client's mailbox.

Mail User Agent(MUA)

Mail Transfer and Mail Delivery Agents E-mail server can operate as:

Mail Transfer Agent (MTA)Mail Transfer Agent (MTA) Mail Delivery Agent (MDA)Mail Delivery Agent (MDA)


Mail Transfer Agent (MTA)Mail Delivery Agent (MDA)


For Example: MUA to MTA The MUA sends an email to [email protected] to its SMTP

server using destination TCP port 25.

Send email(SMTP)




For Example: MTA to Local MDA

If the-mail recipient is local, then the email server becomes an MDA and forwards the email to the recipient.

Send email(SMTP)


Mail Delivery Agent (MDA)



For Example: MTA to MTA If the-mail recipient is not on the local server, then the email server

becomes an MTA and routes the e-mail to the appropriate email server.

Send email(SMTP)


Mail Transfer Agent (MTA)Mail Transfer Agent (MTA)Mail Delivery Agent (MDA)


For Example: MDA to MUA

Since the-mail recipient is local, the email server becomes an MDA and forwards the email to the recipient using destination TCP port 110 (POP3).


Mail Delivery Agent (MDA)



Send email(POP)


MUA TCP Protocols

While SMTP is used to send emails, MDAs transfer email messages using either: Post Office Protocol (POP): POP enables an MUA to download

mail server which the server then deletes. Internet Message Access Protocol (IMAP): IMAP enables an

MUA to download mail server. The server keeps a copy of the file until it is deleted on the client.

Post Office Protocol (POP)

The server starts the POP service by passively listening on TCP port 110 for client connection requests. Clients send requests to establish a TCP connection with the

server. Once a connection is established, the POP server sends a

greeting. The client and POP server then exchange commands and

responses until the connection is closed or aborted.

POP is undesirable for a small business that needs a centralized backup solution since the MDA does not store a copy.

POP3 is desirable for an ISP, because it alleviates their responsibility for managing large amounts of storage for their email servers

Internet Message Access Protocol (IMAP)

When a MUA connects to an IMAP-capable server, copies of the messages are downloaded to the client application. The original messages are kept on the server until manually

deleted. Users view copies of the messages in their email client software.

IMAP is desirable for a small business that needs a centralized backup solution since the MDA keeps a copy.

IMAP is undesirable for an ISP, because it is now responsible for managing large amounts of storage for their email servers.

DNS



FTPFTPServerServer




Domain Name System (DNS)

DNS serves as the "phone book" for the Internet. Used to resolve domain names to IP addresses.

For example: Cisco.com = 198.133.219.25 Cabrillo.edu = 207.62.187.8

Domain names, such as www.cisco.com, are much easier for people to remember than 198.132.219.25. Also, an enterprise can change ISP (and address block) while

retaining the same domain name.

DNS Server

DNS uses a distributed set of servers to resolve the names associated with these numbered addresses. DNS servers manage domain names and responds to requests

from clients to translate a domain name into the associated IP address.

A DNS server provides the name resolution using the Berkeley Internet Name Domain (BIND), or the name daemon (pronounced name-dee).

DNS Message

The DNS protocol communications use a single format called a message which is used for: Client queries and server responses Error messages Transfer of resource record information between servers.

81

Name Resolution

Resolver DNS client programs used to look up DNS name information. Name Resolution The two types of queries that a DNS resolver (either a DNS client or another

DNS server) can make to a DNS server are the following:Recursive queries Queries performed by Host to Local DNS ServerIterative queries Queries performed Local DNS server to other servers

Need the IP address

82

DNS Name Resolution

User types http://www.example.com

Step 1. The DNS resolver on the DNS client sends a recursive query to its

configured Local DNS server. The DNS server for that client is responsible for resolving the name

Cannot refer the DNS client to another DNS server.

1

83

Step 2. Local DNS Server forwards the query to a Root DNS server.

Step 3. Root DNS server

Makes note of .com suffix Returns a list of IP addresses for TLD (Top Level Domain Servers)

responsible for .com.

DNS Name Resolution

1

2 23

84

DNS Name Resolution

Root DNS Servers There are 13 Root DNS servers (labeled A through M) http://www.root-servers.org/map/

TLD Servers Responsible for domains such as .com, edu, org, .net, .uk, jp, fr Network Solutions maintains TLD servers for .com Educause maintains TLD servers for .edu There are redundant servers throughout the world. http://www.isoc.org/briefings/019/ http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_10-1/101_dns-

infrastructure.html

85

Step 4. The local DNS server sends query for www.example.com to one of the

TLD servers.

Step 5. TLD Server

Makes note of example.com Returns IP address for authoritative server example.com (such as

dns.example.com server)

DNS Name Resolution4 4

5

86

Step 6. Local DNS server sends query for www.example.com directly to DNS

server for example.com

Step 7. example.com DNS server responds with its IP address for

www.example.com

6

6

DNS Name Resolution

7

87

Step 8. Local DNS server sends the IP address of www.example.com to the DNS

client.

DNS Caching When a DNS server receives a DNS reply (mapping hostname to an IP

address) it can cache the information in its local memory. DNS servers discard cached information after a period of time (usually 2

days) A local DNS server can cache TLD server addresses, bypassing the root

DNS servers in the query chain.

8

7

DNS Name Resolution

88

DNS Name Resolution

In the worst cases, you'll get a dialog box that says the domain name doesn't exist - even though you know it does.

This happens because the authoritative server is slow replying to the first, and your computer gets tired of waiting so it times-out (drops the connection) or the domain name does not exist.

But if you try again, there's a good chance it will work, because the authoritative server has had enough time to reply, and your name server has stored the information in its cache.

89

nslookup

nslookup Displays default DNS server for your host Can be used to query a domain name and get the IP address

90

DNS Name Resolution

ipconfig /displaydns After a certain amount of time, specified in the Time to Live (TTL)

associated with the DNS resource record, the resolver discards the record from the cache.

ipconfig /flushdns – Manually deletes entries The default TTL for positive responses is 86,400 seconds (1 day). The default TTL for negative responses is 300 seconds.

91

(Missing Info) DNS: 204.127.199.8

Video

95

Video

96

DHCPBOOTP



FTPFTPServerServer




Dynamic Host Configuration Protocol

DHCP allows a host to obtain configuration parameters quickly and dynamically from a DHCP Server. Replaced the older BOOTP protocol which required a manually

created text file containing MAC address to IP address assignment.

DHCP servers provide the following parameters to a host: IP Address Subnet Mask Default Gateway Domain Name DNS Server TFTP Server Location NetBIOS Name …

Commonly assigned host information.

99

DHCP

We will discuss DHCP more when we discuss IPv4.

How Does DHCP Work?

A DHCP Server must be available. It must have a pre-configured range (scope) of IP addresses.

As clients come online they contact the DHCP server and request an address.

The DHCP server chooses an address and allocates it to that host.

How Does DHCP Work?

DHCP Server Scope

The DHCP server maintains a pool of IP addresses and leases an address to DHCP-enabled clients. The IP addresses are dynamic (leased) assigned and when no

longer in use are automatically returned to the pool for reallocation.

How Does DHCP Work?Client Boots

Client DHCP Server

DHCP Request

IP, MAC Address

DHCP Discover

Mac Address

DHCP Offer

IP, Lease time

DHCP Ack

IP, Lease time

FTPTFTP



FTPFTPServerServer




File Transfer Protocol (FTP)

File Transfer Protocol (FTP) is client/server technology used to interactively transfer files between systems.

FTP is designed to: Download files (e.g. receive from the Internet) Upload files (e.g. send to the Internet).

It is a reliable, connection-oriented service that uses TCP to copy and move files from servers to clients, and from clients to servers.

Data transfer can occur in ASCII mode or in binary mode.

FTP Client Software An FTP client is an application that runs on a computer that is used to

push and pull data from a server running an FTP daemon (FTPd).

FileZillaFileZilla

FTP Operation

The client establishes the first connection to the server on TCP port 21.

This connection is used for control traffic, consisting of client commands and server replies.

The client establishes the second connection to the server over TCP port 20.

This connection is for the actual file transfer and is created every time there is a file transferred.

Extra

108

Trivial File Transfer Protocol (TFTP)

Trivial FTP is a connectionless service that uses User Datagram Protocol (UDP).

TFTP is used on the router to transfer configuration files and Cisco IOS images and to transfer files between systems that support TFTP.

TFTP is designed to be small and easy to implement.

Trivial File Transfer Protocol (TFTP)

It lacks most of the features of FTP.

TFTP can read, write, or mail files to or from a remote server but it cannot list directories and currently has no provisions for user authentication.

It is useful in some LANs because it operates faster than FTP and in a stable environment it works reliably.

SMB



FTPFTPServerServer




Server Message Block (SMB) SMB is a client/server file sharing protocol developed by IBM in the

late 1980s to describe the structure of shared network resources (e.g., directories, files, printers, and serial ports). It is a request-response protocol.

Server Message Block (SMB)

Unlike the file sharing supported by FTP, clients establish a long term connection to servers. Once the connection is established, the user of the client can

access the resources on the server as if the resource is local to the client host.

Server Message Block (SMB)

Before Windows 2000, the SMB services used a non-TCP/IP protocol (NetBEUI) to implement name resolution. Since Windows 2000, Microsoft products use DNS naming

which allows TCP/IP protocols to directly support SMB resource sharing.

LINUX / UNIX operating systems also provide a method of sharing resources with Microsoft networks using SAMBA. The Apple Macintosh operating systems also support resource

sharing using the SMB protocol.

130

EXTRA: Peer-to-Peer (P2P) Networking and Applications

In addition to the client/server model for networking, there is also a peer-to-peer model.

Two or more computers are connected via a network and can share resources (such as printers and files) without having a dedicated server.

End devices (peers) can function as either a server or client.

131

P2P File Sharing

P2P (Peer-to-Peer) file sharing accounts for more traffic on the Internet than any other application (2004).

Peers (hosts) act as both clients and servers. No centralized file server. HTTP GET and responses are commonly used.

132

By Peter SvenssonThe Associated PressOct. 19, 2007“Peer-to-peer applications account for between 50 percent and 90

percent of overall Internet traffic, according to a survey this year by ipoque GmbH, a German vendor of traffic-management equipment.”

133

Challenge with P2P – locating content across thousands or millions of peers.

One solution – centralized directory Approach done by Napster

Problems (non-legal problems) Single point of failure Performance bottlenecks

1 – Inform and Update

Centralized Directory Server

P2P – Centralized Directory




Peer

Peer

Peer

Peer

2 – Query for content

3 – File Transfer

Napster

134

1. Peer A starts P2P application

2. Informs centralized directory server of its: IP address Names of objects making available for sharing (MP3, videos, etc.)

3. Directory server collects information from each peer that becomes active. Dynamic database Maps IP addresses with object names

4. Peer A queries directory server for IP addresses of other peers for specific content Directory Server returns IP addresses for those peers (Peer B)

5. Peer A establishes TCP connection and downloads file (i.e. HTTP GET) from other peer, Peer B.

6. Directory server removes Peer from database when Peer closes application or disconnects from Internet (periodic messages – pings – from server).


Centralized Directory Server

P2P – Centralized Directory




Peer

Peer B

Peer

Peer A

2 – Query for content

3 – File Transfer

135

Gnutella – public domain file sharing application Fully distributed approach

No centralized server Gnutella peer maintains peering relationship (TCP connection – later) which

a number of other peers (usually fewer than 10).

P2P – Query Flooding

Peer A

Peer CPeer B

Peer D Peer E

Peer F

Query

Query

Query

QueryQuery

Query hit

Query hit

Query hitFile transfer

Gnutella

136

Peer A searches for a file

1. Peer A sends query to all neighboring peers.

2. If neighboring peer does not have file, forwards query to all its neighboring peers

3. If any peer has the file it returns a query hit message.

4. Peer A selects a peer, Peer C, to retrieve file (HTTP GET)

5. A direct TCP connection is made with selected peer, Peer C.

6. HTTP response is used to send file.

Query Flooding Non-scalable and causes a significant amount of traffic on Internet. Gnutella modified it to limited-scope flooding which limits how many peers

away the query is sent to, usually 7 to 10. (similar to TTL – later).

Peer A

Peer CPeer B

Peer D


Peer E

Peer F

Query

Query

Query

QueryQuery

Query hit

Query hit


137

How a peer joins and departs Gnutella network

1. Finding peers: Bootstrap program: Client maintains a list of peer IP addresses who are

usually up Contact Gnutella site that maintains a list

2. Client attempts to make contact with peers (TCP connection – later)

3. Client sends Gnutella ping message to peer. Forwards Gnutella ping to other peers, who continue to forward ping

until limited-scope is reached.

4. Each peer returns a Gnutella pong message including: Its IP address Number of files it is sharing Total size of the files

Peer A

Peer CPeer B

Peer D


Peer E

Peer F

Query

Query

Query

QueryQuery

Query hit

Query hit


138

Kazaa combines ideas from Napster and Gnutella 2004 – Contributed to more traffic on Internet than any other application 2007 – Bittorrent became the leading application Proprietary technology

P2P - Combination

Kazaa

139

Kazaa does not use a centralized server Group leader peers (parent)

Higher bandwidth and Internet connectivity Greater Gnutella responsibilites

Peers (child) – non-group leaders Child peer establishes TCP connection with a group leader Group leader:

maintains database directory of child peers including their IP addresses maintain TCP connections with other group leaders

Child peers query group leaders who forward the query to other group leaders Child peer selects peer for TCP connection and file transfer

P2P - Combination

Group Leader

Group Leader

Group Leader

Query

Query

Query

Query Reply

File Transfer

CIS 81 Fundamentals of NetworkingChapter 10: Application Layer

CCNA Introduction to Networking 5.0

Rick Graziani

Cabrillo College

[email protected]

Fall 2013

CIS 81 Fundamentals of Networking Chapter 10: Application Layer CCNA Introduction to Networking 5.0...

Documents

Transcript of CIS 81 Fundamentals of Networking Chapter 10: Application Layer CCNA Introduction to Networking 5.0...