TFTP (Trivial File Transfer Protocol)

TFTP is most often used for downloading new code to Internet appliances (Internet
Access Devices, routers, switches, VOIP gateways etc.).

Features of TFTP:
Request – response protocol: TFTP is a simple request / acknowledge protocol. The
mode of operation is lock-step as each data packet needs to be acknowledged before the
next data packet is sent. This makes the implementation very simple (no flow control
needed), but limits the throughput as each data packet requires 1 round-trip-time (RTT)
for transmission.
Acknowledgement: TFTP only uses positive acknowledgements (correctly received
packets are acknowledged with an ACK packet). When the sender does not receive an
ACK packet in due time, it resends the last DATA packet.
UDP Ports: The server listens on port 69 (TFTP default port), but switches to another
port for all replies (DATA, ACK) in order to free the port 69 for other requests (server
creates a new UDP socket for handling the TFTP request).
The two requests that a client makes to the server are Read Request (RRQ) and Write
Request (WRQ) in the ways as shown below:
TFTP READ REQUEST:
TFTP WRITE REQUEST:

PACKET LAYOUT:
 DHCP (Dynamic Host Configuration Protocol)

DHCP involves flow of messages as listed below during the configuration process:
DHCPDISCOVER: Client broadcast to locate available servers.
DHCPOFFER: Server to client in response to DHCPDISCOVER with an offer
containing configuration parameters (offered IP address etc.).
DHCPREQUEST: Client message to servers either (a) requesting offered parameters
from one server and implicitly declining offers from all others, (b) confirming
correctness of previously allocated address after e.g. a system reboot, or (c) extending
the lease on a particular network address.
DHCPACK: Server to client with configuration parameters, including committed IP
address.
DHCPNACK: Server to client indicating client’s notion of network address is
incorrect (e.g. Client has moved to new subnet) or client’s lease has expired.
DHCPDECLINE: Client to server indicating network address is already in use. DHCP
server should then notify the system admin.
DHCPRELEASE: Client to server giving up the IP address and cancelling the
remaining lease.
DHCPINFORM: Client to server, asking only for local configuration parameters.
Client already has an externally configured network address.

MESSAGE FLOW DIAGRAM:

CLIENT SERVER
(Src Address= Client’s MAC) (Let Destn Address (MAC) = FF: FF: FF: FF: FF: FF)

DHCPDISCOVER (Src IP=0.0.0.0 Destn IP=255.255.255.255)

DHCPOFFER (Offered IP=172.168.40.218 Lease Time= 72 Hours)

DHCPREQUEST (Performs ARP first to check IP conflict then sends the

request with Src IP=0.0.0.0 to Destn IP=255.255.255.255)

DHCPACK (Entry made by server with the Client ID and binds it with IP
address offered and the lease time)
 HTTP (Hypertext Transfer Protocol)
HTTP is the underlying protocol used in the World Wide Web. It makes use of the Port
number 80. HTTP is stateless: Client asks for info, gets it and then drops out (closes
TCP connection).

HTTP Message Flow Diagram:

HTTP request consists of request header and an optional request body:

HTTP response consists of status line, response header and response body (HTML
page):

HTTP uses return codes (server to client) similar to SMTP and FTP. The codes are
organized in classes (e.g. 2xx codes for success):
 FTP (File Transfer Protocol)

FTP is a simple request / reply protocol.

Requests are 4 characters followed by an (optional) argument (e.g. STOR, RETR).
Replies are 3 character codes followed by an (optional) human readable text (e.g. 200):
Client Request: “PORT 192,168,1,15,5,91 \r\n”
Server Reply: “200 Port command successful. \r\n”

FTP uses the NVT (Network Virtual Terminal) protocol, i.e. ASCII requests and
replies terminated by a CRLF (Carriage Return Line Feed) combination (= \r\n).
The PORT command tells the server the IP address and port number of the client‘s TCP
connection for the data transfer.
With this command, the client tells the server that it is listening for the data connection
on the given port. The server opens the data connection both for STOR and RETR
operations.
PORT n1, n2, n3, n4, n5, n6 \r\n
Where n1, n2, n3, n4 is the client’s IP address for the TCP data connection (comma
decimal notation), n5 is ASCII decimal of the 8 most significant bits of the port number
of the TCP data connection and n6 is ASCII decimal of the 8 least significant bits of
the port number of the TCP data connection.
Example Request: “PORT 192,168,1,15,5,91 \r\n”
Listening IP address = 192.168.1.15, listening TCP port 5*256 + 91 (=1371).
Passive Mode FTP which is more preferred is as shown below:

Control connection commands and responses:

The control connection is used to send ASCII commands and response codes between
FTP client and server.
Important control commands:
USER <username> <CRLF>
Open FTP session for user <username> (PASS command to follow as next
command).
PASS <password> <CRLF>
Enter password (USER <username> entered previously).
NLST <CRLF>
Raw list files or directories (no additional information).
LIST <CRLF>
List of files and directories with additional human readable information.
PORT <n1,n2,n3,n4,n5,n6> <CRLF>
Client IP addresss (n1.n2.n3.n4) and port (n5*256+n6) for data connection.
RETR <filename> <CRLF>
Retrieve (get) a file.
STOR <filename> <CRLF>
Store (put) a file.
QUIT <CRLF>
Quit current FTP session.

The response codes are grouped into ranges (like SMTP, HTTP, SIP etc.):
100 Series: The requested action is being initiated, expect another reply before
proceeding with a new command.
200 Series: The requested action has been successfully completed. E.g. “200 Command
okay”.
300 Series: The command has been accepted, but the requested action is dormant,
pending receipt of further information.
400 Series: The command was not accepted and the requested action did not take place,
but the error condition is temporary and the action may be requested again.
500 Series: The command was not accepted and the requested action did not take place.
E.g. 500 Syntax error, command unrecognized. This may include errors such as
command line too long.