Application Layer
Functionality and
Protocols
Network Fundamentals – Chapter 3
Version 4.0
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
1
What will we Learn from Chapter 3?
 Define the application layer as the source and
destination of data for communication across
networks.
 Explain the role of protocols in supporting
communication between server and client
processes.
 Describe the features, operation, and use of
well-known TCP/IP application layer services
(HTTP, DNS, SMTP).
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
2
Applications –
The Interface Between Human and Data Networks
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
3
Applications – The Interface Between Human and Data Networks
 The role of applications, services and protocols in converting
communication to data that can be transferred across the data
network
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
4
Applications – The Interface Between Human and Data Networks
The roles applications, services and protocols play in transporting
data through networks
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
5
Applications – The Interface Between Human and Data Networks
Protocol roles in networking & identify several message properties
that can be defined by a protocol
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
6
The Role of Protocols in Supporting Communication
The roles of client and server processes in data networks
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
7
The Role of Protocols in Supporting Communication
Common Application Layers services and protocols
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
8
The Role of Protocols in Supporting Communication
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
9
Features, Operation, and Use of TCP/IP Application Layer Services
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
10
Features, Operation, and Use of TCP/IP Application Layer Services
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
11
Features, Operation, and Use of TCP/IP Application Layer Services
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
12
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
13
Features, Operation, and Use of TCP/IP Application Layer Services
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
14
Features, Operation, and Use of TCP/IP Application Layer Services
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
15
Features, Operation, and Use of TCP/IP Application Layer Services
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
16
Application Layer
 Provides the interface between human and data networks
people create the communication
software and hardware convert communication to a digital format
Application layer services initiate the data transfer
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 17
Cisco Public
17
Presentation Layer
 The Presentation layer has three primary functions
-coding and conversion of Application layer data to ensure that data
from the source device can be interpreted by the appropriate
application on the destination device
-compression of the data in a manner that can be decompressed by
the destination device
-encryption of the data for transmission and the decryption of data
upon receipt by the destination
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 18
Cisco Public
18
Session Layer
 Creates and maintains dialogs between source and destination
applications
 Handles the exchange of information to initiate dialogs and keeps
them active
 Restarts sessions that are disrupted or idle for a long period of
time
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 1919
Cisco Public
Application Layer Protocols
 Domain Name Service (DNS)
used to resolve Internet names to IP addresses
 Hypertext Transfer Protocol (HTTP)
used to transfer files that make up the web pages of the world wide
web
 Simple Mail Transfer Protocol
used for the transfer of mail messages and attachments
 Telnet (terminal emulation protocol)
used to provide remote access to servers and networking devices
 File Transfer Protocol (FTP)
used for interactive file transfers between systems
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 20
Cisco Public
20
Application Layer Software
 Network-aware applications
implement the application layer protocols and are able to communicate
directly with the lower layers of the protocol stack
e-mail clients and web browsers
 Application layer services
are programs that interface with the network and prepare the data for
transfer
different types of data (text, graphics or video) require different network
services to ensure that it is properly prepared for processing by the
functions occurring at the lower layers of the OSI model
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 21
Cisco Public
21
Software Processes
 Processes are individual software programs running together at
the same time
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 22
Cisco Public
22
User Applications, Services and
Protocols
 User applications provide the user with a way to create messages
 Services establish an interface to the network
 Protocols provide the rules and formats that govern how data is
treated
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 23
Cisco Public
23
Application Layer Protocol Functions
 Establish consistent rules for exchanging data between
applications and services
 Specify how data inside the message is structured and the types of
messages that are sent between the source and destination
 Define the message dialogues and the expected response
 Define the interaction with the next lower layer
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 24
Cisco Public
24
Client-Server Model
 The device requesting the information is called a client
 The device responding to the request is called a server
 Application layer protocols describe the format of the requests and
responses between the clients and servers
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 25
Cisco Public
25
Servers
 A server is usually a computer that contains information to be
shared with many client systems
 Some servers may require authentication of user control
information to verify the user has access rights
rely on a central list of user accounts and authorization
 The server runs a service, or process, called a daemon
– daemon typically runs in
the background
– the daemon “listens” for a
request from a client
– the daemon exchanges
appropriate information
with the client when it
“hears” a request
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 26
Cisco Public
26
Application Layer Services and
Protocols
 A single application may employ many different supporting
Application layer services
one request may contain several individual processes
 Servers can support multiple clients requesting information at the
same time
– the individual client requests
must be handled
simultaneously and
separately
– Application layer processes
and services rely on support
from lower layer functions to
successfully manage the
multiple conversations
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 27
Cisco Public
27
Peer-to-Peer Networks
 Two or more computers are connected via a network and can
share resources without having a dedicated server
every connected end device, known as a peer, can function either as a
client or server
information can be located anywhere on any connected device
– user accounts and access
rights are set individually
on each peer device
– difficult to enforce security
and access policies
– most current operating
systems support file and
print sharing without
requiring additional server
software
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 28
Cisco Public
28
Peer-to-Peer Applications
 Allows a device to act as both a client and server within the same
communication
requires each end device to provide a user interface and run a
background service
 Can be used on peer-to-peer networks, client/server networks and
across the Internet
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 29
Cisco Public
29
DNS Service and Protocol
 DNS uses TCP/UDP port 53
 Domain names were created to convert the numeric IP address
into a simple, recognizable name
– domain names are
easier to remember
than actual numeric
addresses
– any change to the
address is
transparent to the
user since the
domain name is the
same
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 30
Cisco Public
30
DNS Resolver
 DNS is a client/server service
the DNS client runs a service (and not an application)
the DNS client, called the DNS resolver, supports name resolution for
other network applications and services
 DNS client uses one or more DNS server addresses for name
resolution
– DNS client queries the
name servers to resolve
the name to a numeric
address
– nslookup utility allows the
user to manually query
the name servers to
resolve a given host
name
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 31
Cisco Public
31
DNS Message Format
 A DNS server uses the name resolution with the name daemon,
named (pronounced name-dee)
 Uses the same message format
all types of client queries and server responses
error messages
the transfer of resource record information between servers
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 32
Cisco Public
32
DNS Resource Records
A
an end device address
NS
an authoritative name server, i.e. a server has resource records
that corresponds to its level in the domain hierarchy
CNAME
the canonical name – an alias name for a host
MX
mail exchange record
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 33
Cisco Public
33
DNS Directory Structure
 Uses a hierarchical structure to create a name database
hierarchy is an inverted tree with the root at the top and branches
below
 The different top-level domains (TLD) represent either the country
origin or the type of organization
• After TLD are secondlevel domain names, and
below them are other
lower level domains
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 34
Cisco Public
34
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
35
WWW Service and Protocol
 The web browser establishes a connection to the web service running
on the server using the Hypertext Transfer Protocol (HTTP)
request a page using an URL (uniform resource locator) or web address
a web browser is a client application running on a client device
 HTTP uses TCP port 80
 An URL consists of three parts
the protocol – hypertext transfer protocol (http)
the server name
the specific file name requested
 Browsers can interpret and present many data types
plain text and Hypertext Markup Language (HTML)
other data types require another service or program such as plug-ins or
add-ons
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 36
Cisco Public
36
WWW Service and HTTP (cont’d)
 The web client makes
a connection to the
HTTP server and
requests a page
 In response to the
request, the HTTP
server returns the
code for a web page
 The browser interprets
the HTML code and
displays a web page
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 37
Cisco Public
37
HTTP Protocol
 HTTP specifies a request/response protocol
HTTP protocol uses three common messages – GET, POST and PUT
• HTTP is not a secure
protocol
– POST messages in
plain text can be
intercepted and read
– HTML pages are not
encrypted
• HTTP Secure (HTTPS)
protocol can use
authentication and
encryption to secure
the data
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 38
Cisco Public
38
E-mail Services and SMTP/POP3
 User composes an e-mail using an application called a mail user
agent (MUA) or e-mail client
 Client sends e-mails to a server using Simple Mail Transfer
Protocol (SMTP) and receives e-mails using Post Office Protocol
version 3 (POP3)
• SMTP uses TCP port 25
• POP uses UDP port 110
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 39
Cisco Public
39
Mail Transfer Agent
 The MTA process is used to forward e-mail
the MTA receives messages from a MUA or another MTA
based on the message header, it determines how a message has to be
forwarded to reach its destination
– if the recipient resides on
the local server, the mail
is passed to the mail
delivery agent (MDA)
– if the recipient is not on
the local server, the MTA
routes the e-mail to the
MTA on the appropriate
server
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 40
Cisco Public
40
Mail Delivery Agent
 The MDA receives the inbound mail from the MTA and delivers the
mail to the appropriate users’ mailboxes
 It can also resolve final delivery issues, such as virus scanning,
spam filtering and return-receipt handling
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 41
Cisco Public
41
SMTP and POP
 POP and POP3 are inbound mail delivery protocols
MDA listens for a client connection to the server
• SMTP governs the
transfer of outbound
e-mail from the sending
client to the MDA, as
well as the transport of
e-mail between MTA
– enables e-mail to be
transported across
data networks
between different
types of server and
client software
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 42
Cisco Public
42
SMTP Commands
 SMTP uses a rigid set of commands and replies
commands support the procedures for session initiation, mail
transaction, forwarding mail, verifying mailbox names, expanding
mailing lists, and the opening an closing exchanges
HELO
identifies the SMTP client process to the SMTP server
process
EHLO
a new version of HELO, which includes service extensions
MAIL FROM
identifies the sender
RCPT TO
identifies the recipient
DATA
identifies the body of the message
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 43
Cisco Public
43
File Transfer Protocol
 FTP uses TCP ports 20 (data) and 21 (commands and replies)
 An FTP client is used to push and pull files from a server running
the FTP daemon (FTPd)
• Client establishes the first
connection to the server
on TCP port 21
– for control traffic such as
client commands and
server replies
• Client establishes the
second connection to the
server over TCP port 20
TCP port 21
TCP port 20
– for file transfer in both
direction
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 44
Cisco Public
44
Dynamic Host Configuration Protocol
 DHCP uses UDP ports 67 (server) and 68 (client)
 Allows a host to obtain an IP address automatically from a DHCP
server when it connects to the network
server leases an IP address from a pool to the host for a set period
can pose a security risk
• DHCP is preferred on large
LANs or where the user
population changes
frequently
– when accessing the Internet
using wireless hotspots at
airport or coffees shops
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 45
Cisco Public
45
DHCP Process
 When a DHCP-configured device boots or connects to the
network, the client broadcasts a DHCP Discover packet
 The DHCP server replies with a DHCP Offer
a lease offer message with an assigned IP address, subnet mask,
default gateway, DNS server and duration of lease
client may receive multiple DHCP Offer packets
 Client broadcasts a DHCP Request that identifies the explicit
server and lease offer that it is accepting
• The DCHP would return
a DHCP Ack that
acknowledges the lease
is finalized
– provided IP address is
still valid
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 46
Cisco Public
46
File Sharing Services
 Server Message Block (SMB) is a client/server file sharing protocol
sharing directories, files, printers and serial ports
clients establish a long term connection to the servers
SMB resource sharing is supported by TCP/IP protocols
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 47
Cisco Public
47
SMB Protocol
 It describes the file system access and how clients can request for
files
 All SMB messages share a common format
a fixed size header followed by a variable-sized parameter and data
component
• SMB messages can
– start, authenticate and
terminate sessions
– control file and printer
access
– allow an application to
send or receive
messages to or from
another device
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 48
Cisco Public
48
Peer-to-Peer (P2P) Services
 Users can make files on their hard disks available to others for
downloading with P2P applications based on the Gnutella protocol
 Gnutella-compatible client software allows users to connect to
Gnutella services over the Internet to locate and access resources
shared by other Gnutella peers
BearShare, Gnucleus, LimeWire, Morpheus, WinMX and XoloX
 Gnutella Developer Forum maintains the basic protocol
application vendors develop extensions to make their protocol work
better on their applications
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 49
Cisco Public
49
Gnutella Protocol
 Many P2P applications do not use a central database to record all
files available on the peers
Gnutella allows P2P applications to search for shared resources on
peers (or nodes)
• When a user connects to a
Gnutella service, the client
application will search for
nodes to connect to
– nodes handle queries for
resource location and
replies
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 50
Cisco Public
50
Telnet
 Telnet uses TCP port 23
 Provides a method of emulating text-based terminals over the
network
allows a local device to access a remote device as if the keyboard and
monitor are connected to the remote device directly
 A connection using Telnet is called a virtual terminal (VTY) session
• The Telnet server runs a
service called the Telnet
daemon
© 2007 Cisco Systems, Inc. All rights reserved.
Ch 3 - 51
Cisco Public
51
What Did I Learn from chapter 3?
 The application layer addresses the source
and destination of data for communication
across networks.
 What are the protocols that support
communication between server and client
processes.
 Describe the features, operation, and use of
well-known TCP/IP application layer services
(HTTP, DNS, SMTP/POP3, telnet).
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
52
Application Layer Functionality and Protocols
Next
OSI Transport Layer
© 2007 Cisco Systems, Inc. All rights reserved.
Cisco Public
53