CSE5803 Advanced Internet Protocols and Applications (12) 1 12.1 Introduction This chapter is...

CSE5803 Advanced Internet Protocols and Applications (12) 1

12.1 IntroductionThis chapter is intended to discuss some popular application layer internet

protocols. These protocols have been implemented to provide a more user friendly and convenient internet environment.

12.2 The Domain Name System (DNS)12.2.1 Basic DNS concept• The 32-bit IP address described before was clear to computers but

difficult for people to remember. More meaningful and higher level names are preferred in order to run application access to a host, a server, etc. This is why DNS exists.

• DNS assigns names in a hierarchical way, with different fields (periods) separated by “.” DNS names are case insensitive.


The name-space is organized as a tree. At the top level are: • Generic domains (usually, but not necessarily associated with names

in the USA)

– com - commercial organizations

– edu - educational institutions

– gov - (US) governmental organizations

– net - networks and network providers

– int - international organizations

– mil - (US) military

– org - other organizations

• Country or geographical domains, using two-character country-name codes from ISO3166. Subdivision of country domains is done by:

– geography, e.g. state or province (this happens in the USA)

– three-letter generic codes, similar to those in the top level (Australia, Canada, etc.)


– two-letter generic domain codes, e.g. ac, co, or, etc. (UK, Japan, NZ)

– no generic domains, just organizations (France, Germany)

• DNS names are stored at different levels of registries, against their IP addresses. Multi DNS can have the same IP.

• There is no standard to dictate what organisation must be registered under which top level DNS. It is popular to have both, eg, monsh.edu.au.

• A realistic DNS server structure.


• The administration of domain names are distributed (and commercialized). For example, a company is licensed to handle one or more name registry of DNS such as .com.au.

• The DNS has the following features for DNS/IP resolution: – a hierarchy of servers – client-server and server-server operation – caching of mappings – reverse mappings (not actually used)

12.2.2 DNS name resolution• Each client host must know at least a local DNS server in order to find

the matching IP of a name. This server in turn knows a root server. It may also know parent servers. This local/top level server structure improves efficiency.

• Client hosts and servers keep a cache of mappings to reduce unnecessary queries. Entries in the cache have time out values for update, supplied by the registry server.


• Domain Server Message is transmitted using well-known TCP (server-server) or UDP (client-server) ports. The client uses this message to query server. The server responds with similar message with answer, or other servers if it does not know the answer. The format is as follows:

• The IDENTIFICATION field is for the client to match responses to queries.


• The PARAMETER field consists types and subtypes of operations, which includes:– Query: standard, inverse.– Response: no error, query error, server failure, name not exist.

• The four NUMBERS OF fields specify how many entries that are included in each of the four corresponding sections.

• The QUESTION SECTION contains queries. The client fills in this section only in a query message, in the following format:

• The Query Name field is a general variable. • Query Type specifies the type of query, eg. Email address or machine

name.

Query Domain Name…

Query Type Query Class


• Query Class allows the domain name to be treat as other objects than internet names.

• The ANSWER, AUTHORITY and ADDITIONAL INFORMATION sections all have the same format:

• The Domain Name field contains the domain name to which this resource record refers.

• The TYPE field specifies the type of resource record, eg. 1 for host IP, 2 for an authoritative name server, 15 for mail exchanger.

• The CLASS field specifies whether the resource is for internet (1) or other types of networks.


• TIME TO LIVE specifies time in seconds the entry should stay in cache.

• RESOURCE DATA LENGTH is the count of octets of the binding, while RESOURCE DATA provides the binding.

12.3 Remote Login (Telnet, Rlogin)

• Telnet is a simple remote terminal protocol provided by the TCP/IP suite. It allows:

– a default network virtual terminal (NVT) which can operate between any two systems.

– a large set of options which can be negotiated (by either side)

– a symmetric data flow. Either side can be a program or a human.

– an unstructured flow of characters between system, with commands embedded as required.


• In order to operate between heterogeneous systems, e.g. Windows & Unix, Telnet uses a basic NVT format for the character flow:

– 7-bit ASCII (bytes with 8th bit set are used for commands)

– 95 “printable” characters and 33 “control” codes

– limited subset of control characters (e.g. TAB not defined)

– end-of-line coded as CR/LF pair


• Telnet Command System: in Telnet, command signals need to be embedded in the data flow between client and server. Typical commands include the Interrupt Process, Erase Character, etc.

• Commands are embedded in the data stream beginning with a decimal 255 (IAC - Interpret As Command), which means “interpret the next character as a command”. This is followed by either: a single command character or a multi-character command encapsulated by characters 250 and

240.

• The list of commands can be found with D E Comer.

• Telnet Options: A large number of options have been discussed and standardized for Telnet. They must be negotiated between the client and server, and can often be invoke/revoked during a session using the DO/WILL/DONT/WONT commands.

• The list includes the following:


• Telnet can function in these modes:

– half-duplex. The default, but rarely used. Characters are echoed locally and a GA signal is used for line forwarding.

– character-at-a-time. Most common now. Uses remote echo, resulting in delays and higher network traffic.


– Line-mode. Only transmits complete lines. Appearing in modern versions.

• RLOGIN - Remote Login (RFC 1282)

– similar in concept to Telnet, but for Unix-Unix operation.

– can log in automatically using .rhosts file

– little negotiation - inherits window sizes, etc.

– mainly concerned with interrupt and flow-control handling

– much smaller than Telnet (approx 10%).

12.4 File Transfer and Access (FTP, TFTP, NFS)

12.4.1 FTP: the major TCP/IP File Transfer Protocol• Essential features:

– client/server mode of operation.

– clients can send/put files to the server, or get files from the server.


– uses two TCP connections: one for control and one for data transfer.

– recognizes four file types: image or binary. ASCII (default). Actually Telnet NVT ASCII. Adjusts End-Of-Line conventions.

EBCDIC - alternative to ASCII local type - for non-8-bit bytes (7, 9, etc.)

– file structures can be: unstructured (default) , records (used with ASCII & EBCDIC)

– a rich set of user commands to send/receive files, manipulate directories, etc.

– Requires a valid user name and password at the server. (Also the

“anonymous” option, which is a special user-name which does

not require a valid password and provides (usually) read-only

access to limited files.)


• FTP Processes:


• FTP commands: FTP commands are text strings in NVT ASCII,with a 3 or 4 byte upper-case operation code, and optional parameters.


• FTP responses consist of a 3-digit code, and informational text string.

• Typical responses might be:

– 125 Data connection already open; transfer starting.

– 200 Command OK.

– 214 Help message (for human user).

– 331 Username OK, password required.

– 425 Can't open data connection.

– 452 Error writing file.

– 500 Syntax error (unrecognized command).

– 501 Syntax error (invalid arguments).

– 502 Unimplemented MODE type.


• FTP Operation: FTP establishes the client/server dialogue as follows: – the server will be listening for connections on TCP port 21

– the client will select an “ephemeral” TCP port number, and using this port, the client will establish a TCP connection to the server port 21, and go through the USER/PASS sequence.

– the client will obtain a second ephemeral port number, perform a passive open on this port, and pass the number and the IP address to the server via a PORT message.

– the server will perform an active TCP open from its port 20 to the client ephemeral port, and reply with a 200 response. This establishes the data connection.

– the client can then request an activity on the data connection, such as a LIST or a RETR.


12.4.2 TFTP and NFS

• TFTP (Trivial FTP) is the cut-down version of FTP. Its implementation is smaller and functions reduced.

• TFTP uses UDP, with fixed (512 byte) blocks, positive acknowledgement and timeout retransmission.

• NFS was developed by Sun Microsystems and the protocols, etc. placed in the public domain, along with a reference implementation.

• It is mainly used with Unix and PCs.

• NFS was developed in three versions/stages:

– RCP: (Remote copy) Simply allowed a remote file copy initiated at the user level,

e.g. rcp sun1:/usr/jwb/file_x sun2:/usr/jwb/file_y – Network Disk: Supports diskless workstations, disk server has a

partition for each workstation, special device driver routed I/O from workstation to server and back


– NFS: Full stateless interaction with complete directory structures.

• Allows remote directories to be mounted “locally”

• uses a network disk

• file systems must be “exported” by the server (uses /etc/exports)

• NFS is built from a small application stack consisting of:

– the NFS application (RFC1094)

– the RPC (Remote Procedure Call) layer (RFC1057), originated from Sun and provides an analogue of O/S Procedure Calls, but targeted at remote services.

– XDR (eXternal Data Representation) (RFC1014), handles “presentation” issues, mainly used for NFS/RPC PDUs, and directory information. It can be used by other applications and supports various data types (integers, float, boolean, array, etc.)


RPC


12.5 Electronic Mail• Electronic mail is built on TCP/IP. The users of mail programs do not

expect immediate responses. Buffer areas for both incoming and outgoing emails have to be created.

• The mail transfer process is in background. It attempts to deliver emails when they are generated. If the first attempt fails, the process sweeps the spool area periodically (eg 30 mins) and makes more trials. The message will be returned to the sender if undelivered for long time (3-5 days).


• Local copy of emails in buffer will not be deleted until delivered or returned.

• The email message format is defined by RFC822. This include a header and a body, separated by a blank line. The header contains fields starting with key words such as To, From, Reply-to (optional).

• All messages are ASCII for transport across heterogeneous systems.• The address format must be local-part@domain-name.• SMTP (Simple Mail Transfer Protocol). This is a standard for the

exchange of mail between machines, a simpler version than MTP. • SMTP specifies the handshake format between machines for the

passes of messages (client/server). It is bi-directional and known addresses will be forwarded to other servers (although not mandatory). (why personal workstations do not run SMTP server but only client to receive emails?)

• SMTP does not specify the storage and presentation of emails. Nor does it specify how frequently the mail system attempts to deliver messages.

mailto:local-part@domain-name


• MIME (Multipurpose Internet Mail Extensions) is a format to allow non-ASCII data through email.

• MIME does not change SMTP but allows any message to be encoded in ASCII. MIME information is included in the 822 header, which includes MIME-Version, Content-Type, Content-Transfer-Encoding: (normally base64).

• MIME also allows multipart messages, which includes text and other parts.

• POP3 (Post Office Protocol, version 3, 1725), on a personal workstation (eg. PC) and certain small internet nodes. It may be unnecessary or have insufficient resource to permit an SMTP server. It may also be expensive to have the connection with internet for a long time.

• POP3 allows a workstation to retrieve mail that the POP server is holding for it. Mails are normally downloaded and deleted. Workstation still requires to run SMTP client to send out emails.

• A more sophisticated protocol IMAP4 (Internet Message Access Protocol, 1730) allows the manipulation of remote message folders.


• Creating, deleting, renaming mailboxes, checking for new messages, selective downloading are some of IMAP4 functions.

• IMAP4 also can be extended to support multi servers. (IMSP, Internet Message Support Protocol)

12.6 Network Management

• Internet network management runs on TCP/IP to handle heterogeneous networks.

• Client/server structure. A manager’s host runs management client while routers/hosts under management run server (agent) software.

• Simple Network Management Protocol (SNMP) is the current network management protocol.

• It is used to achieve communication between management client and server, ie the definition of message format that is used to communicate

• The information that is needed for the operation is specified by Management Information Base (MIB), another standard.


• The MIB for TCP/IP has eight information categories

• The separation of SNMP and MIB provides flexibility for independent updating.

• The MIB variables are defined and referenced using ISO’s Abstract Syntax Notation 1 (ASN.1).

• ASN.1 is a formal language that consists of two main features: a notation used in documents that humans read, and a compact encoded form for network communication protocols.


• ASN.1 defines the types and ranges of variables in the management information base.

• SNMP commands are carried with UDP (through well known ports).

• There are two basic SNMP command types for management operations: fetch and store values to variables. Different variable values stored at the agent systems achieves different functions.

– Get-request : fetch a value from a specific variable– Get-next-request : fetch a value without knowing its

exact name – Set-request : reply to a fetch operation – Get-response : store a value in a specific variable – Trap : reply triggered by an event

• SNMP messages do not have fixed fields. They are encoded with ASN.1.

CSE5803 Advanced Internet Protocols and Applications (12) 1 12.1 Introduction This chapter is...

Documents

Transcript of CSE5803 Advanced Internet Protocols and Applications (12) 1 12.1 Introduction This chapter is...