Week 11 Application Layer Paradigm
• Provides services to the user
• Communication provided using a logical connection
• Two application layers assume that there is an imaginary direct connection through which they can send and receive messages.
Logical connection at application layer
• Most communication networks were originally designed to provide one specific service
• Eg phone network originally designed to provide voice service - allow people all over world to talk to each other
• Later used for other services
• Fax - enabled by adding extra hardware at both ends.
• Internet also provides services to users around world
• TCP/IP layers allow more flexibility
• Protocols can be added and removed
• Need to ensure that upper and lower layers can cope with these changes
• Application layer at top
• Easier to add new protocols
• Initially only a few protocols used
• Now there are too many to count (and growing).
• Standard Application Layer Protocols
• Defined by Internet Authorities
• FTP, Telnet, HTTP
• Non Standard Application Layer Protocols
• New protocols (proprietary) can be created
• Don’t need approval to use privately
• Must interact with lower layers correctly.
• To use Internet, need two application programs to interact with each other:
• One running on a computer somewhere in world
• Another running on computer somewhere else
• Need to send messages to each other through
• Two paradigms have been developed
• Client-server paradigm
• Peer-to-peer paradigm (discussed last week).
Figure 25.2: Example of a client-server paradigm
Figure 25.3: Example of a peer-topeer paradigm
• Communication at application layer between two running application programs (processes)
• Running program initialises communication by sending request
• Another application program that waits for request from client.
• Programs normally written in languages with predefined sets of instructions
• Process to be able to communicate with another process
• Need set of instructions to tell lowest four layers of
TCP/IP suite to:
• Open connection
• Send and receive data from other end
• Close connection
• This instruction called:
• Application Programming Interface (API).
• Many communications APIs exist:
• Transport Layer Interface (TLI)
• Sockets Interface (more common).
Sockets used like other sources & sinks
• Started in early 1980s as part of Unix
• Applications send/receive data to/from sockets
(similar to write/read to terminal or file).
Figure 25.6: Use of sockets in processto-process communication
• As far as Application layer is concerned:
• Communications between client process and server process is via two sockets
• Transfer of information between sockets is handles by Operating System and TCP/IP protocols
• Socket addresses (2) required for communications
• Need IP address
• Finds host
• Need Port number
• Finds application on host
• Pair of Application processes provide services to users - humans or programs
• Need to use services provided by transport layer for communications
• 3 common transport layer protocols in TCP/IP suite:
• UDP - User Datagram Protocol
• TCP - Transmission Control Protocol
• SCTP - Stream Control Transmission Protocol
• Most standard applications use services of one.
• An iterative server processes one client request at a time
• Receives a request, processes it, and sends response to requestor before handling another request
• When server handles request from client, requests from other clients (even same client) need to be queued at the server site and wait for server to be ready
• Received and queued requests are handled in first-in, first-out (FIFO) fashion
• Server socket created and remains available
• Client socket created and destroyed for each interaction.
Figure 25.8: Sockets for UDP communication
• Iterative communication using TCP is not common
• Relatively simple type of communication
• TCP Connection oriented
• Uses two different sockets
• Connection establishment
• Data transfer.
Figure 25.10: Sockets used in TCP communication
• Idea of Web first proposed by Tim Berners-Lee in
1989 at CERN (European Organization for Nuclear
Research - "Conseil Européen pour la Recherche
• Allowed several researchers at different locations throughout Europe to access each others’ research
• Commercial Web started in early 1990s.
• Assume need to retrieve a scientific document that contains one reference to another text file and one reference to a large image
• The main document and the image are stored in two separate files in the same site (file A and file B)
• A referenced text file stored on another site (file C)
• Three different files, need three transactions to see whole document.
• Web Browser usually has three main parts
• Client protocols
• http, https, ftp etc
• IP address or hostname
• Eg 220.127.116.11 or www.csu.edu.au
• Port number (16 bit integer)
• 80 default for http
• 443 default for https etc
• Directory path of files on server.
• Format of URL
• protocol:// host :port /path
• Only need :port number if not default
• Don’t need http:// unless other protocol needed
• Often don’t need www (some cases mandatory).
• HyperText Transfer Protocol (HTTP) used to define how client-server programs can be written to retrieve web pages from Web
• HTTP client sends request
• HTTP server returns response
• Server uses port number 80
• Client uses temporary port number
• HTTP uses services of TCP
• ie connection-oriented and reliable protocol.
• Nonpersistent connection
• Need a TCP connection for each link (even on same server)
• Eg Client needs to access file that contains 1 link to image
• Text file and image located on same server
• Need two connections
• TCP requires at least three handshake messages to establish each connection
• Request sent with third one
• After connection established object transferred
• After receiving object
• Another three handshake messages needed to terminate connection.
• Persistent connection
• Only one connection establishment and connection termination is used
• Request for image sent separately.
Figure 26.5: Formats of the request and response messages
Table 26.3: Response Header Names
• Retrieve a document
• Request - Use GET method to retrieve image /usr/bin/image1
• Request line
• Shows method ( GET ), URL, HTTP version (1.1)
• 2 lines - client can accept images in GIF or JPEG format
• Request does not have a body
• Response message - status line & four lines of header
• Header lines define date, server, content encoding (MIME version), length of document
• Body of document follows header.
• Client wants to send a web page to be posted on server
• Use PUT method
• Request line shows the method ( PUT ), URL, HTTP version
• Header has four lines.
• Request body contains web page to be posted
• Response message contains the status line and four header lines
• Created document (CGI document) included as body.
• File Transfer Protocol (FTP) - standard protocol provided by TCP/IP for copying files between hosts
• Although transferring files from one system to another seems simple and straightforward, some problems must be dealt with first.
• Two connections in FTP have different lifetimes
• Control connection connected during entire interactive FTP session
• Data connection opened and closed for each file transfer activity
• Opens each time commands involve transferring files
• Closes when file transfer completed.
• FTP uses same approach as TELNET for control communications (uses port 21)
• Uses NVT (Network Virtual Terminal) ASCII character set (same as TELNET)
• Communication achieved through commands and responses
• Simple method adequate for control connections since one command (or response) sent at a time
• Each line terminated with a two-character (carriage return and line feed) end-of-line token.
Table 26.4 : Some FTP commands
Data connection uses well-known port 20 at server site
Creation of data connection different from control connection
1. Client, not server, issues passive open using an ephemeral port
2. Using PORT command, client sends this port number to server
3. Server receives port number and issues active open using well-known port 20 and the received ephemeral port number.
• Using FTP for retrieving a file
• One file to be transferred
• Control connection remains open all the time
• Data connection opened and closed repeatedly
• Assume file transferred in six sections
• After all records transferred, server control process announces file transfer completed.
• Client control process issues QUIT command
• Service connection then closed.
• An actual FTP session that lists the directories
• FTP protocol designed when security not a big issue
• FTP usually requires password
• Sent in plaintext (unencrypted)
• Can be intercepted & used by an attacker
• Data transfer connection also transfers data in plaintext, also insecure
• Can add Secure Socket Layer between FTP application layer and the TCP layer
• Then FTP is called SSL-FTP (or SFTP).
• Designed to help other application programs
• Internet needs directory system to map name to address
• Analogous to directories in telephone network.
• To be unambiguous, names assigned to machines must be carefully selected from a name space with complete control over the binding between the names and IP addresses
• ie names must be unique since addresses are unique
• A name space that maps each address to a unique name can be organised in two ways
Fig 26.30: Domain names and labels
Fig 26.32: Hierarchy of name servers
• DNS protocol can be used on different platforms
• Internet - domain name space (tree) originally divided into three different sections:
• Generic domains
• Country domains
• Inverse domains
• Due to rapid growth of Internet, extremely difficult to keep track of inverse domains, which could be used to find the name of a host when given the IP address
• Inverse domains now deprecated (see RFC3425 ).
• Mapping name to IP address name-address resolution
• DNS - client-server application
• If host needs to map address to name OR name to address - call DNS client resolver
• Resolver accesses closest DNS server
• If server has information
• Info sent to resolver
• Refers resolver to other servers OR asks other servers to provide information.
• Each time a server receives query for name not in its domain
• Searches its database for server IP address
• Reduction of this search time would increase efficiency
• DNS handles this with a mechanism called caching
• Common sites remain in cache for faster search.
• Zone information associated with server implemented as set of resource records
• ie name server stores database of resource records
• Resource record a 5-tuple structure:
• To retrieve information about hosts, DNS uses two types of messages
• Both have same format.
• In Unix/Linux/Mac and Windows
• nslookup utility used to retrieve address/name
• Retrieve address when domain name given:
$ nslookup www.csu.edu.au
• How are new domains added to DNS?
• Through Registrar
• Commercial entity accredited by ICANN
• Verifies requested domain name unique
• Then enters in DNS database.
• When DNS designed, many address changes were not expected
• Eg adding new host, removing host, changing IP address change must be made to DNS master file
• Manual updating
• To difficult with current size of Internet
• Dynamic Domain Name System (DDNS)
• DHCP used to send new info to primary DNS
• Secondary DNS informed of change
• Actively – info pushed to secondary
• Passively – wait for secondary query.
• DNS important in Internet infrastructure
• Provides crucial services to Internet users
• Applications such as Web access or e-mail heavily dependent on proper operation of DNS
• DNSSEC (DNS Security) used to authenticate and check integrity of DNS messages
• Slowly being deployed throughout
• Needs tools on Clients and Servers.
• Typo squatting
• Registering domain names similar to existing brands
• Distributed Denial of Service attacks (DDoS)
• Particularly vulnerable - a logical choke point on the network
• DNS Amplification Attacks
• DDoS attack for DNS with insecure "recursive" configurations
• Registrar Hijacking
• Identity theft, gaining control over a domain name
• Cache poisoning
• Bad data passed to DNS resolver's cache