Application Layer Functionality and Protocols Network Fundamentals – Chapter 3 Version 4.0 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 1 What will we Learn from Chapter 3? Define the application layer as the source and destination of data for communication across networks. Explain the role of protocols in supporting communication between server and client processes. Describe the features, operation, and use of well-known TCP/IP application layer services (HTTP, DNS, SMTP). © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 2 Applications – The Interface Between Human and Data Networks © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 3 Applications – The Interface Between Human and Data Networks The role of applications, services and protocols in converting communication to data that can be transferred across the data network © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 4 Applications – The Interface Between Human and Data Networks The roles applications, services and protocols play in transporting data through networks © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 5 Applications – The Interface Between Human and Data Networks Protocol roles in networking & identify several message properties that can be defined by a protocol © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 6 The Role of Protocols in Supporting Communication The roles of client and server processes in data networks © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 7 The Role of Protocols in Supporting Communication Common Application Layers services and protocols © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 8 The Role of Protocols in Supporting Communication © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 9 Features, Operation, and Use of TCP/IP Application Layer Services © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 10 Features, Operation, and Use of TCP/IP Application Layer Services © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 11 Features, Operation, and Use of TCP/IP Application Layer Services © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 12 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 13 Features, Operation, and Use of TCP/IP Application Layer Services © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 14 Features, Operation, and Use of TCP/IP Application Layer Services © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 15 Features, Operation, and Use of TCP/IP Application Layer Services © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 16 Application Layer Provides the interface between human and data networks people create the communication software and hardware convert communication to a digital format Application layer services initiate the data transfer © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 17 Cisco Public 17 Presentation Layer The Presentation layer has three primary functions -coding and conversion of Application layer data to ensure that data from the source device can be interpreted by the appropriate application on the destination device -compression of the data in a manner that can be decompressed by the destination device -encryption of the data for transmission and the decryption of data upon receipt by the destination © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 18 Cisco Public 18 Session Layer Creates and maintains dialogs between source and destination applications Handles the exchange of information to initiate dialogs and keeps them active Restarts sessions that are disrupted or idle for a long period of time © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 1919 Cisco Public Application Layer Protocols Domain Name Service (DNS) used to resolve Internet names to IP addresses Hypertext Transfer Protocol (HTTP) used to transfer files that make up the web pages of the world wide web Simple Mail Transfer Protocol used for the transfer of mail messages and attachments Telnet (terminal emulation protocol) used to provide remote access to servers and networking devices File Transfer Protocol (FTP) used for interactive file transfers between systems © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 20 Cisco Public 20 Application Layer Software Network-aware applications implement the application layer protocols and are able to communicate directly with the lower layers of the protocol stack e-mail clients and web browsers Application layer services are programs that interface with the network and prepare the data for transfer different types of data (text, graphics or video) require different network services to ensure that it is properly prepared for processing by the functions occurring at the lower layers of the OSI model © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 21 Cisco Public 21 Software Processes Processes are individual software programs running together at the same time © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 22 Cisco Public 22 User Applications, Services and Protocols User applications provide the user with a way to create messages Services establish an interface to the network Protocols provide the rules and formats that govern how data is treated © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 23 Cisco Public 23 Application Layer Protocol Functions Establish consistent rules for exchanging data between applications and services Specify how data inside the message is structured and the types of messages that are sent between the source and destination Define the message dialogues and the expected response Define the interaction with the next lower layer © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 24 Cisco Public 24 Client-Server Model The device requesting the information is called a client The device responding to the request is called a server Application layer protocols describe the format of the requests and responses between the clients and servers © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 25 Cisco Public 25 Servers A server is usually a computer that contains information to be shared with many client systems Some servers may require authentication of user control information to verify the user has access rights rely on a central list of user accounts and authorization The server runs a service, or process, called a daemon – daemon typically runs in the background – the daemon “listens” for a request from a client – the daemon exchanges appropriate information with the client when it “hears” a request © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 26 Cisco Public 26 Application Layer Services and Protocols A single application may employ many different supporting Application layer services one request may contain several individual processes Servers can support multiple clients requesting information at the same time – the individual client requests must be handled simultaneously and separately – Application layer processes and services rely on support from lower layer functions to successfully manage the multiple conversations © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 27 Cisco Public 27 Peer-to-Peer Networks Two or more computers are connected via a network and can share resources without having a dedicated server every connected end device, known as a peer, can function either as a client or server information can be located anywhere on any connected device – user accounts and access rights are set individually on each peer device – difficult to enforce security and access policies – most current operating systems support file and print sharing without requiring additional server software © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 28 Cisco Public 28 Peer-to-Peer Applications Allows a device to act as both a client and server within the same communication requires each end device to provide a user interface and run a background service Can be used on peer-to-peer networks, client/server networks and across the Internet © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 29 Cisco Public 29 DNS Service and Protocol DNS uses TCP/UDP port 53 Domain names were created to convert the numeric IP address into a simple, recognizable name – domain names are easier to remember than actual numeric addresses – any change to the address is transparent to the user since the domain name is the same © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 30 Cisco Public 30 DNS Resolver DNS is a client/server service the DNS client runs a service (and not an application) the DNS client, called the DNS resolver, supports name resolution for other network applications and services DNS client uses one or more DNS server addresses for name resolution – DNS client queries the name servers to resolve the name to a numeric address – nslookup utility allows the user to manually query the name servers to resolve a given host name © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 31 Cisco Public 31 DNS Message Format A DNS server uses the name resolution with the name daemon, named (pronounced name-dee) Uses the same message format all types of client queries and server responses error messages the transfer of resource record information between servers © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 32 Cisco Public 32 DNS Resource Records A an end device address NS an authoritative name server, i.e. a server has resource records that corresponds to its level in the domain hierarchy CNAME the canonical name – an alias name for a host MX mail exchange record © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 33 Cisco Public 33 DNS Directory Structure Uses a hierarchical structure to create a name database hierarchy is an inverted tree with the root at the top and branches below The different top-level domains (TLD) represent either the country origin or the type of organization • After TLD are secondlevel domain names, and below them are other lower level domains © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 34 Cisco Public 34 © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 35 WWW Service and Protocol The web browser establishes a connection to the web service running on the server using the Hypertext Transfer Protocol (HTTP) request a page using an URL (uniform resource locator) or web address a web browser is a client application running on a client device HTTP uses TCP port 80 An URL consists of three parts the protocol – hypertext transfer protocol (http) the server name the specific file name requested Browsers can interpret and present many data types plain text and Hypertext Markup Language (HTML) other data types require another service or program such as plug-ins or add-ons © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 36 Cisco Public 36 WWW Service and HTTP (cont’d) The web client makes a connection to the HTTP server and requests a page In response to the request, the HTTP server returns the code for a web page The browser interprets the HTML code and displays a web page © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 37 Cisco Public 37 HTTP Protocol HTTP specifies a request/response protocol HTTP protocol uses three common messages – GET, POST and PUT • HTTP is not a secure protocol – POST messages in plain text can be intercepted and read – HTML pages are not encrypted • HTTP Secure (HTTPS) protocol can use authentication and encryption to secure the data © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 38 Cisco Public 38 E-mail Services and SMTP/POP3 User composes an e-mail using an application called a mail user agent (MUA) or e-mail client Client sends e-mails to a server using Simple Mail Transfer Protocol (SMTP) and receives e-mails using Post Office Protocol version 3 (POP3) • SMTP uses TCP port 25 • POP uses UDP port 110 © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 39 Cisco Public 39 Mail Transfer Agent The MTA process is used to forward e-mail the MTA receives messages from a MUA or another MTA based on the message header, it determines how a message has to be forwarded to reach its destination – if the recipient resides on the local server, the mail is passed to the mail delivery agent (MDA) – if the recipient is not on the local server, the MTA routes the e-mail to the MTA on the appropriate server © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 40 Cisco Public 40 Mail Delivery Agent The MDA receives the inbound mail from the MTA and delivers the mail to the appropriate users’ mailboxes It can also resolve final delivery issues, such as virus scanning, spam filtering and return-receipt handling © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 41 Cisco Public 41 SMTP and POP POP and POP3 are inbound mail delivery protocols MDA listens for a client connection to the server • SMTP governs the transfer of outbound e-mail from the sending client to the MDA, as well as the transport of e-mail between MTA – enables e-mail to be transported across data networks between different types of server and client software © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 42 Cisco Public 42 SMTP Commands SMTP uses a rigid set of commands and replies commands support the procedures for session initiation, mail transaction, forwarding mail, verifying mailbox names, expanding mailing lists, and the opening an closing exchanges HELO identifies the SMTP client process to the SMTP server process EHLO a new version of HELO, which includes service extensions MAIL FROM identifies the sender RCPT TO identifies the recipient DATA identifies the body of the message © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 43 Cisco Public 43 File Transfer Protocol FTP uses TCP ports 20 (data) and 21 (commands and replies) An FTP client is used to push and pull files from a server running the FTP daemon (FTPd) • Client establishes the first connection to the server on TCP port 21 – for control traffic such as client commands and server replies • Client establishes the second connection to the server over TCP port 20 TCP port 21 TCP port 20 – for file transfer in both direction © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 44 Cisco Public 44 Dynamic Host Configuration Protocol DHCP uses UDP ports 67 (server) and 68 (client) Allows a host to obtain an IP address automatically from a DHCP server when it connects to the network server leases an IP address from a pool to the host for a set period can pose a security risk • DHCP is preferred on large LANs or where the user population changes frequently – when accessing the Internet using wireless hotspots at airport or coffees shops © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 45 Cisco Public 45 DHCP Process When a DHCP-configured device boots or connects to the network, the client broadcasts a DHCP Discover packet The DHCP server replies with a DHCP Offer a lease offer message with an assigned IP address, subnet mask, default gateway, DNS server and duration of lease client may receive multiple DHCP Offer packets Client broadcasts a DHCP Request that identifies the explicit server and lease offer that it is accepting • The DCHP would return a DHCP Ack that acknowledges the lease is finalized – provided IP address is still valid © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 46 Cisco Public 46 File Sharing Services Server Message Block (SMB) is a client/server file sharing protocol sharing directories, files, printers and serial ports clients establish a long term connection to the servers SMB resource sharing is supported by TCP/IP protocols © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 47 Cisco Public 47 SMB Protocol It describes the file system access and how clients can request for files All SMB messages share a common format a fixed size header followed by a variable-sized parameter and data component • SMB messages can – start, authenticate and terminate sessions – control file and printer access – allow an application to send or receive messages to or from another device © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 48 Cisco Public 48 Peer-to-Peer (P2P) Services Users can make files on their hard disks available to others for downloading with P2P applications based on the Gnutella protocol Gnutella-compatible client software allows users to connect to Gnutella services over the Internet to locate and access resources shared by other Gnutella peers BearShare, Gnucleus, LimeWire, Morpheus, WinMX and XoloX Gnutella Developer Forum maintains the basic protocol application vendors develop extensions to make their protocol work better on their applications © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 49 Cisco Public 49 Gnutella Protocol Many P2P applications do not use a central database to record all files available on the peers Gnutella allows P2P applications to search for shared resources on peers (or nodes) • When a user connects to a Gnutella service, the client application will search for nodes to connect to – nodes handle queries for resource location and replies © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 50 Cisco Public 50 Telnet Telnet uses TCP port 23 Provides a method of emulating text-based terminals over the network allows a local device to access a remote device as if the keyboard and monitor are connected to the remote device directly A connection using Telnet is called a virtual terminal (VTY) session • The Telnet server runs a service called the Telnet daemon © 2007 Cisco Systems, Inc. All rights reserved. Ch 3 - 51 Cisco Public 51 What Did I Learn from chapter 3? The application layer addresses the source and destination of data for communication across networks. What are the protocols that support communication between server and client processes. Describe the features, operation, and use of well-known TCP/IP application layer services (HTTP, DNS, SMTP/POP3, telnet). © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 52 Application Layer Functionality and Protocols Next OSI Transport Layer © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 53