Guide to TCP/IP, Second Edition 1
Guide To TCP/IP, Second Edition
Chapter 6
Basic TCP/IP Services
Guide to TCP/IP, Second Edition 2
Objectives
• Understand how TCP/IP Application layer protocols and services work
• Explain the capabilities, message types, and request/reply architectures for a variety of basic TCP/IP services, including FTP, Telnet, SMTP, and HTTP
• Understand the operations of other basic TCP/IP services, including Echo, Whois, TFTP, Finger, Remote Procedure Call (RPC), NetBIOS services over TCP/IP (also known as NBT), and SNMP
Guide to TCP/IP, Second Edition 3
Objectives (cont.)
• Explain how to decode packets that contain Application layer protocols, and how to relate message types or other similar information to the kinds of requests and replies moving between a client and a server (or between hosts in general)
Guide to TCP/IP, Second Edition 4
How Application Layer IP Protocols Work And Behave
• Conventions and behaviors– Specifications for the message structures that the
protocol or service supports
– Definition of a well-known port address (or addresses) on which servers listen for service requests
– Availability of appropriate software components that implement the various roles that hosts can play in requesting or providing such services
Guide to TCP/IP, Second Edition 5
How Application Layer IP Protocols Work And Behave (cont.)
• Request/reply messages• Client/server architecture• Peer-to-peer services• Server-to-server traffic
– Load balancing– Replication– Pull– Push– Push-pull
Guide to TCP/IP, Second Edition 6
Understanding FTP
• FTP User Interface (UI)
• Protocol Interpreter (PI)
• FTP Commands
• Data Transfer Process (DTP)
• File System
Guide to TCP/IP, Second Edition 7
Understanding FTP (cont.)
• TCP Transport
• TCP-based Command Connection
• TCP-based Data Transfer Connection
Guide to TCP/IP, Second Edition 8
Understanding FTP (cont.)
Guide to TCP/IP, Second Edition 9
Understanding FTP (cont.)
Guide to TCP/IP, Second Edition 10
Understanding FTP (cont.)
Guide to TCP/IP, Second Edition 11
Understanding FTP (cont.)
Guide to TCP/IP, Second Edition 12
Sample FTP Communications
Guide to TCP/IP, Second Edition 13
Sample FTP Communications (cont.)
Guide to TCP/IP, Second Edition 14
Sample FTP Communications (cont.)
Guide to TCP/IP, Second Edition 15
Sample FTP Communications (cont.)
Guide to TCP/IP, Second Edition 16
Understanding Telnet
• Bidirectional byte-oriented communication
• Terminal Access
• Well-known Port 23 server side
• Dynamic port number client side
Guide to TCP/IP, Second Edition 17
Sample Telnet Communications
Guide to TCP/IP, Second Edition 18
Packet-By-Packet Sequence
Guide to TCP/IP, Second Edition 19
Packet-By-Packet Sequence (cont.)
Guide to TCP/IP, Second Edition 20
Understanding SMTP
• SMTP elements– Sender-SMTP and Receiver-SMTP– SMTP commands and extensions– SMTP reply codes
Guide to TCP/IP, Second Edition 21
Understanding SMTP (cont.)
Guide to TCP/IP, Second Edition 22
Sample SMTP Communications
Guide to TCP/IP, Second Edition 23
Sample SMTP Communications (cont.)
Guide to TCP/IP, Second Edition 24
Understanding HTTP
• Http elements– URIs
• Uniform Resource Locator (URL)
• Uniform Resource Name (URN)
– HTTP methods– Status codes
Guide to TCP/IP, Second Edition 25
Understanding HTTP (cont.)
Guide to TCP/IP, Second Edition 26
Understanding HTTP (cont.)
Guide to TCP/IP, Second Edition 27
Sample HTTP Communications
Guide to TCP/IP, Second Edition 28
Packet-By-Packet Sequence
Guide to TCP/IP, Second Edition 29
Packet-By-Packet Sequence (cont.)
Guide to TCP/IP, Second Edition 30
Other Common IP-based Services
• Echo (TCP and UDP)
• Whois
• Trivial File Transfer Protocol (TFTP)
Guide to TCP/IP, Second Edition 31
Decoding Application Layer Protocols
• Decoding TCP/IP Application layer traffic largely depends on two separate but simultaneous forms of analysis– Understanding request/reply messages,
recognize related headers and payload information
– Assemble multiple lower-layer packets to reconstitute Application layer messages
Guide to TCP/IP, Second Edition 32
Decoding Application Layer Protocols (cont.)
Guide to TCP/IP, Second Edition 33
Decoding Application Layer Protocols (cont.)
Guide to TCP/IP, Second Edition 34
Other Common IP-based Services (cont.)
• Finger
• Remote Procedure Call (RPC)
• Simple Network Management Protocol (SNMP)
• NetBIOS over TCP/IP
Guide to TCP/IP, Second Edition 35
Chapter Summary
• The foundation upon which all TCP/IP Application layer services rest is a request/reply message architecture, in which clients send requests and servers issue corresponding replies
• When the client and server roles are clearly distinct and separate, such services may be called client/server services; when a client can also act as a server and vice versa, such services may be called peer-to-peer services
Guide to TCP/IP, Second Edition 36
Chapter Summary (cont.)
• Among its hundreds of Application layer services, the TCP/IP protocol suite includes many instances of both kinds
• Certain client/server Application layer services also involve server-to-server traffic, in which multiple servers cooperate to share common data
• The sharing process is called replication and may occur as a push operation, in which the sending server initiates data transfer, or as a pull operation, in which the receiving server initiates data transfer
Guide to TCP/IP, Second Edition 37
Chapter Summary (cont.)
• Some TCP/IP Application layer services even use push-pull replication, so that a server whose data was changed can immediately push its data to replication partners after the change is completed, but other servers can also request replication at regular intervals to make sure their copies of data are as current as possible
• FTP is a file transfer service that permits a local host to connect to a remote host, navigate and manage files on the remote system, and transfer files to and from that remote host
• Although FTP is an old TCP/IP service, it remains useful today
Guide to TCP/IP, Second Edition 38
Chapter Summary (cont.)
• Telnet provides a method to log on and access the command line on a remote computer using TCP/IP, a technique known as terminal emulation (because it makes
• the local host behave as if it were a terminal attached to the remote host)
• Because Telnet provides a convenient way to operate on a remote host across a network, it too remains useful to this day
• Security problems with Telnet (especially moving account and password information as clear text) prompted development and widespread adoption of Secure Telnet implementations in many organizations
Guide to TCP/IP, Second Edition 39
Chapter Summary (cont.)
• SMTP provides store and forward services for e-mail messages, and manages how e-mail is routed from its sender to its designated receiver(s)
• SMTP makes global e-mail possible on today’s Internet, and continues to deliver one of the most useful and valuable networking services around
Guide to TCP/IP, Second Edition 40
Chapter Summary (cont.)
• HTTP provides the underpinnings for the leading service and protocol used on today’s Internet—namely the World Wide Web
• HTTP’s rich collection of message types, and its ability to invoke other protocols (including e-mail, news, and FTP), make it a powerful tool for general remote data access
• Its hyperlinking abilities make it easy for users to move rapidly through huge information spaces and explain why the Web is so compelling and appealing to most Internet users
Guide to TCP/IP, Second Edition 41
Chapter Summary (cont.)
• Other common TCP/IP Application layer services include Echo (which echoes the data delivered to a receiver back to the sender), TFTP, Finger, Remote Procedure Call (RPC), NetBIOS over TCP/IP (also known as NBT), and SNMP
Guide to TCP/IP, Second Edition 42
Chapter Summary (cont.)
• Understanding how to decode Application layer protocols means learning how to identify and interpret request and reply messages related to such protocols, and how to reassemble related payloads, when necessary
• Fortunately, many modern protocol analyzers (for example, Ethereal) are able to assist with this task
Top Related