Principle of Application Layer Protocols

The principle of application layer protocols is to

communicate processes running on different end systems with
potentially different operating systems. Processes on two
different end systems communicate with each other by
exchanging messages across the computer network. A sending
process creates and sends messages into the network; a
receiving process receives these messages and possibly
responds by sending messages back. Networking applications
have application-layer protocols that define the format and
order of the messages exchanged between processes, as well as
define the actions taken on the transmission or receipt of a
message.
 Relationship between Application
Layer and Transport Layer
Application layer and transport layer are interrelated as
application layer is just above the transport layer of TCP/IP
reference model. Application layer is near to the end users i.e.
user interacts to the network through application layer. The
user applications uses multiple application layer protocols
such as HTTP protocol, Telnet, FTP etc to transmit data from
one end system to another. The application like web browser
on the client side establish connection with the server and
gives the data to the lower layer i.e. transport layer. Now the
transport layer take care of sending this data to the network.
The transmission could be either TCP or UDP. The transport
layer does things like segmentation of data sent by the
application, retransmission of data if fails, flow control,
congestion control and error control.
 Client Side and Server Side of an
application
A network application protocol typically has two parts or
"sides", a client side and a server side. The client side in one end
system communicates with the server side in another end system.
For example, a Web browser implements the client side of HTTP
and a Web server implements the server side of HTTP. In another
example, e-mail, the sending mail server implements the client
side of SMTP and the receiving mail server implements the server
side of SMTP.
When a client makes a request for a web page that
information is processed by the web server. If the request is a
server side script(e.g. perl or PHP) before the information is
returned to the client is executed on the server and the result of
the script is returned to the client.
Once the client receives the returned information from the
server if it contains a client side script (e.g. javascript) the browser
executes that script before displaying the web page.
 Process Communicating
A process can be thought of as a program that is running within
an end system. Processes on two different end systems communicate
with each other by exchanging messages across the computer
network. A sending process creates and sends messages into the
network; a receiving process receives these messages and possibly
responds by sending messages back.
A network application consists of pairs of processes that send
messages to each other over a network. For example, in the Web
application a client browser process exchanges messages with a Web
server process. In a P2P file-sharing system, a file is transferred from
a process in one peer to a process in another peer. For each pair of
communicating processes, we typically label one of the two
processes as the client and the other process as the server. With the
Web, a browser is a client process and a Web server is a server
process. With P2P file sharing, the peer that is downloading the file is
labeled as the client, and the peer that is uploading the file is labeled
as the server.
 The Interface Between the Process and the
Computer Network
As noted above, most applications consist of pairs of
communicating processes, with the two processes in each pair sending
messages to each other. Any message sent from one process to another
must go through the underlying network. A process sends messages
into, and receives messages from, the network through a software
interface called a socket.
Let’s consider an analogy to help us understand processes and
sockets. A process is analogous to a house and its socket is analogous to
its door. When a process wants to send a message to another process on
another host, it shoves the message out its door (socket). This sending
process assumes that there is a transportation infrastructure on the
other side of its door that will transport the message to the door of the
destination process. Once the message arrives at the destination host,
the message passes through the receiving process’s door (socket), and
the receiving process then acts on the message.
 Addressing Processes
In order to send postal mail to a particular destination, the
destination needs to have an address. Similarly, in order for a
process running on one host to send packets to a process
running on another host, the receiving process needs to have an
address. To identify the receiving process, two pieces of
information need to be specified:
(1) the address of the host (IP address)
(2) an identifier that specifies the receiving process in the
destination host (Port Number).
Once the address of the host to which a message is
destined, the sending process must also identify the receiving
process running in the receiving host. This information is
needed because in general a host could be running many
network applications. A destination port number is used for this
purpose. Popular applications have been assigned specific port
numbers such as 80 for web server, 25 for mail server etc.
 User Agent
The user agent is an interface between the user and the
network application. For example, consider the Web. For this
application, the user agent is a browser such as Chrome or
Microsoft Explorer. The browser allows a user to view Web
pages, to navigate in the Web, to provide input to forms, etc.
The browser also implements the client side of the HTTP
protocol. Thus, when activated, the browser is a process that,
along with providing an interface to the user, sends messages
into a socket.
As an another example, consider the electronic mail
application. In this case, the user agent is a "mail reader" that
allows a user to compose and read messages. Gmail, Outlook,
Apple mail, yahoo Mail etc. are some popular mail user agents.
Application Layer Protocols
The Web and HTTP
• Web is a collection of files that reside on
computers, called Web servers, that are located
all over the world and are connected to each
other through the Internet.
• When you use your Internet connection to
become part of the Web, your computer
becomes a Web client in a worldwide
client/server network.
• A Web browser is the software that you run
on your computer to make it work as a web
client.
HTTP/HTTPS
• HTTP stands for Hyper Text Transport Protocol
• HTTP is an application-level protocol for distributed,
collaborative, hypermedia information systems.
• This is the foundation for data communication for the
World Wide Web (ie. internet) since 1990
--allows the transmitting and receiving of information
across the Internet
• The S stands for "Secure“ in HTTPS i.e., Secure
hypertext transfer protocol
-- HTTPS is http using a Secure Socket Layer (SSL).
• Secure HTTP (HTTPS) is one of the popular
protocols to transfer sensitive data over the
Internet.
-- A secure socket layer is an encryption protocol
invoked on a Web server that uses HTTPS.
-- Most implementations of the HTTPS protocol
involve online purchasing or the exchange of
private information.
• HTTPS is only slightly slower than HTTP
• Why is HTTPS not used for all web traffic?
-- Slows down web servers
-- Breaks Internet caching
• ISPs cannot cache HTTPS traffic
• Results in increased traffic at web site
• HTTP is stateless
– The server and client are aware of each other only during a
current request.
– Afterwards, both of them forget about each other.
– Due to this nature of the protocol, neither the client nor
the browser can retain information between different
request across the web pages.
HTTP Connection
• Figure (a) shows non-persistent connections
– Browser makes connection and request for each object.
– Server parses request, responds and closes connection
– Performance problem
• Figure (b) shows persistent connections
– On same TCP connection, server parses request, responds,
parses new request upon responds and so on
– Improves performance
• Figure (c) shows pipelining with persistent connections
– Send next request before previous response is received
– Pipelining with persistent connection improves
performance
• Working of HTTP
- HTTP is a connection less protocol.

- The client initiate the connection by sending a HTTP request to

the server via a URL.

- HTTP uses Uniform Resource Identifier (URI) to locate the

resource and to establish the connection.

• The processes involved when a URL is entered in the web

browser is given below:

1. The browser first connects to the domain name server of the

respective domain provided in the URL and retrieves
corresponding IP address of the web server.

2. The web browser connects to the web server and sends a

HTTP request for the desired web page.
3. On receiving the request by the web server, it checks for
the desired web page. If the page is found, it is send as a
response to the web browser. Otherwise, 404 Page Not Found
error is forwarded by the server to the browser.

4. The web browser receives the web page and then the
connection is broken.

5. The browser parses the pages.

6. For each additional elements like images, applets and so

on, it follows HTTP connection, request and response steps.

7. When all the content is loaded, the complete page is

displayed in the web browser.
 HTTP Methods
HTTP defines a set of request methods to indicate the desired
action to be performed for a given resource.
• GET: The GET method requests a representation of the
specified resource. Requests using GET should only retrieve
data.
• HEAD: The HEAD method asks for a response identical to
that of a GET request, but without the response body.
• POST: The POST method is used to submit an entity to the
specified resource, often causing a change in state or side
effects on the server. It is used to send some data to the
server.
• PUT: The PUT method replaces all current representations
of the target resource with the request payload.
• DELETE: The DELETE method deletes the
specified resource.
• CONNECT: It is used by the client to establish a
network connection to a web server over HTTP.
• OPTIONS: The OPTIONS method is used to
describe the communication options for the
target resource.
• TRACE: The TRACE method performs a message
loop-back test along the path to the target
resource. It is used as a debugging tool.
• PATCH : The PATCH method is used to apply
partial modifications to a resource.
HTTP Message Format

HTTP Message
• - HTTP messages are categorized into two types.
They are as follows:
1. HTTP Request message
2. HTTP Response message.
• - Both type of messages consist of following
parts:
1. Start line
2. Zero or more header fields followed by CRLF
3. An empty line
4. Optional message body(Entity Body)
HTTP Request Message

For Example:
GET /somedir/page.html HTTP/1.1
Host: www.someschool.edu
Connection: close
User-agent: Mozilla/5.0
Accept-language: fr
1. Request Line:
-- It is a start line used by the HTTP request message.
-- Request method indicates the method to be used on
the resource identified from the provided request
line. It should always be specified in Uppercase
letter.
2. Request Header Field
-- It allows the web clients to pass additional
information about the request to the web server.
-- It is used based on the requirements.
3. Empty Line
-- It is the line which does not contain any data.
-- It indicates the end of header fields.
HTTP Response Message

Some status code and phrase: 404 page not found , 403 request forbidden
400 bad request, 401 request unauthorized
505 HTTP version not supported
• 1. Status Line or Start Line
- It consists of the protocol version followed by a
numeric code and its associated text phrase.
- The protocol version indicates the version of
HTTP supported.
- Status code indicates the status of the response.
• 2. Response Header Field
- It allows the server to pass some additional
information about the response to the web client.
• 3. Entity Body
– It contains the data that was requested.
User Interaction: Authorization and Cookies
HTTP server is stateless i.e. it handles each request independently.
This simplifies server design and has permitted engineers to develop
high-performance Web servers that can handle thousands of
simultaneous TCP connections. However, it is often desirable for a
Website to identify users, either because the server wishes to restrict
user access or because it wants to serve content as a function of the
user identity i.e. website will let its resources to authorized users only.
For these purposes, HTTP uses cookies. Cookies, defined in [RFC
6265], allow sites to keep track of users. Cookies are messages that
web servers pass to your web browser when you visit Internet sites.
Cookie technology has four components:
(1) a cookie header line in the HTTP response message;
(2) a cookie header line in the HTTP request message;
(3) a cookie file kept on the user’s end system and managed by the
user’s browser; and
(4) a back-end database at the Web site.
What Do Cookies Do?
The purpose of the cookie is to help the website keep track of your
visits and activity. This isn’t always a bad thing. For example, many
online retailers use cookies to keep track of the items in a user’s
shopping cart as they explore the site. Without cookies, your shopping
cart would reset to zero every time you clicked a new link on the site.
That would make it impossible to buy anything online!
A website might also use cookies to keep a record of your most
recent visit or to record your login information. Many people find this
useful so that they can store passwords on commonly used sites, or
simply so they know what they have visited or downloaded in the past.
Different types of cookies keep track of different activities. Session
cookies are used only when a person is actively navigating a website;
once you leave the site, the session cookie disappears. Tracking cookies
may be used to create long-term records of multiple visits to the same
site. Authentication cookies track whether a user is logged in, and if so,
under what name.
 The Conditional Get
Although caching can reduce user-perceived response times, it
introduces a new problem—the copy of an object residing in the
cache may be stale. In other words, the object housed in the Web
server may have been modified since the copy was cached at the
client. Fortunately, HTTP has a mechanism that allows a cache to
verify that its objects are up to date. This mechanism is called the
conditional GET.
An HTTP request message is a so-called conditional GET message if
(1) the request message uses the GET method and
(2) the request message includes an If-Modified-Since: header
line.
 How Conditional Get works??
To illustrate how the conditional GET operates, let’s walk through
an example. First, on the behalf of a requesting browser, a proxy
cache sends a request message to a Web server:
GET /fruit/kiwi.gif HTTP/1.1
Host: www.exotiquecuisine.com

Second, the Web server sends a response message with the

requested object to the cache:

HTTP/1.1 200 OK
Date: Sat, 8 Oct 2011 15:39:29
Server: Apache/1.3.0 (Unix)
Last-Modified: Wed, 7 Sep 2011 09:23:24
Content-Type: image/gif
(data data data data data ...)
The cache forwards the object to the requesting browser but
also caches the object locally. Importantly, the cache also stores
the last-modified date along with the object. Third, one week
later, another browser requests the same object via the cache,
and the object is still in the cache. Since this object may have
been modified at the Web server in the past week, the cache
performs an up-to-date check by issuing a conditional GET.
Specifically, the cache sends:

GET /fruit/kiwi.gif HTTP/1.1

Host: www.exotiquecuisine.com
If-modified-since: Wed, 7 Sep 2011 09:23:2

Note that the value of the If-modified-since: header line is exactly

equal to the value of the Last-Modified: header line that was sent by
the server one week ago. This conditional GET is telling the server to
send the object only if the object has been modified since the
specified date.
 FTP
The user interacts with FTP through an FTP user agent. The
user first provides the hostname of the remote host, causing the
FTP client process in the local host to establish a TCP connection
with the FTP server process in the remote host. The user then
provides the user identification and password, which are sent over
the TCP connection as part of FTP commands. Once the server has
authorized the user, the user copies one or more files stored in the
local file system into the remote file system (or vice versa).
 FTP uses two parallel TCP connections to transfer a file, a
control connection and a data connection.

Control Connection:
The control connection is used for sending control information
between the two hosts—information such as user identification,
password, commands to change remote directory, and commands to
“put” and “get” files. Control connection remains alive during the
entire process.

 Data Connection:
The data connection is used to actually send a file. Data
connection uses the port 20 at the server side. This connection is
opened when data to be transferred is ready and it is closed when
transfer of data is over.
Working of FTP
When a user starts an FTP session with a remote host, the client
side of FTP (user) first initiates a control TCP connection with the
server side (remote host) on server port number 21. The client side of
FTP sends the user identification and password over this control
connection. The client side of FTP also sends, over the control
connection, commands to change the remote directory. When the
server side receives a command for a file transfer over the control
connection (either to, or from, the remote host), the server side
initiates a TCP data connection to the client side. FTP sends exactly
one file over the data connection and then closes the data
connection. If, during the same session, the user wants to transfer
another file, FTP opens another data connection. Thus, with FTP, the
control connection remains open throughout the duration of the user
session, but a new data connection is created for each file transferred
within a session (that is, the data connections are non-persistent).
 FTP commands and replies:
The commands, from client to server, and replies, from server to
client, are sent across the control connection in 7 bit ASCII format.
Thus, like HTTP commands, FTP commands are readable by people.
Each command consists of four uppercase ASCII characters, some with
optional arguments.
Some of the more common commands are given below:
• USER username: Used to send the user identification to the server.
• PASS password: Used to send the user password to the server.
• LIST: Used to ask the server to send back a list of all the files in the
current remote directory.
• RETR filename: Used to retrieve (that is, get) a file from the current
directory of the remote host. This command causes the remote
host to initiate a data connection and to send the requested file
over the data connection.
• STOR filename: Used to store (that is, put) a file into the current
directory of the remote host.
 Each command is followed by a reply, sent from server to client. The
replies are three-digit numbers, with an optional message following the
number. This is similar in structure to the status code and phrase in the
status line of the HTTP response message. Some typical replies, along
with their possible messages, are as follows:

• 331 Username OK, password required

• 125 Data connection already open; transfer starting
• 425 Can’t open data connection
• 452 Error writing file
 Mail Transfer and Mail Access Protocol
SMTP:
It is an application layer protocol used to send emails on the
internet. In internet the source machine establishes a TCP
connection to port 25 of the destination machine so as to deliver an
e-mail. Once a connection is established the source machine acts as
a client and receiving machine acts as a server. The client then waits
for the server to talk first. The server sends a line of text to give it
identity and announces its willingness/unwillingness to receive
mail. If the server is not prepared, the client releases the
connection and tries again later. But if the server is willing to accept
e-mail, then the client announces the sender of e-mail and its
recipient. If such a recipient exists at the destination, then the
server tells the client to send the message. The client, then sends
the message and the server acknowledges it.
The various commands used by SMTP are:
-HELO: it is used to identify the client itself.
-MAIL FROM: it is used to identify the sender.
-RCPT TO: it is used to identify the intended
recipient.
-DATA: it is used to send the actual message.
-QUIT: it is used to terminate the message.
-RESET: it is used to reset the connection and
abort current mail transaction.
 Post Office Protocol(POP3)
This is a simple protocol used for fetching e
-mail from a remote mailbox. It is defined in
RFC 1225. It provides the commands for the
user to login, logout, fetch messages and
delete messages. POP3 consists of ASCII text.
It fetches email from the remote mailbox and
stores it on the users local machine. POP3 can
be used with or without SMTP. POP3 uses
TCP/IP port 110.
Internet Mail Access Protocol(IMAP)
IMAP is defined in RFC 1064. It is the standard
protocol for receiving emails in which the stored
messages on the mail server can be viewed and
manipulated by the end users as though they are
stored locally. IMAP is ideal for a user having
multiple computers such as a laptop on the road, pc
at home and a workstation in office. IMAP maintains
a central repository which can be accessed from any
machine. So client generally can leave messages on
the server until the user explicitly deletes them.
IMAP also provides other functionalities such as user
can search contents of e-mails and download the
email in local machine. It uses TCP/IP port 143.
 Web based Email(webmail)
More and more users today are sending and accessing
their e-mail through their Web browsers. Now web-based
e-mail is also provided by Google, Yahoo!, as well as just
about every major university and corporation. With this
service, the user agent is an ordinary Web browser, and
the user communicates with its remote mailbox via HTTP.
When a recipient wants to access a message in his
mailbox, the e-mail message is sent from recipient’s mail
server to recipient’s browser using the HTTP protocol
rather than the POP3 or IMAP protocol. When a sender,
wants to send an e-mail message, the e-mail message is
sent from sender’s browser to sender’s mail server over
HTTP rather than over SMTP.
 Multipurpose Internet Mail Extensions
(MIME)
Multipurpose Internet Mail Extensions (MIME) is
an Internet standard that extends the format of email
messages to support text in character sets other than
ASCII, as well as attachments of audio, video, images,
and application programs. Email messages with MIME
formatting are typically transmitted with standard
protocol, such as the Simple Mail Transfer Protocol
(SMTP). It allows ordinary data to be encoded in ASCII
and transmitted in standard email.
MIME header specifies:
• Version of MIME used.
• Type of data being sent.
• Encoding used to convert data to ASCII
 Telnet
Telnet stands for Teletype Network. Telnet is a application
protocol that provides a command line interface for
communication with a remote device. Telnet is an old terminal
program to login into remote systems. It uses TCP/IP protocol and
underlying communication can take place through PSTN, Satellite
etc.
Telnet allows us to login in system for any operation and FTP is
used only for file transfer. Telnet is an application used on the
internet to connect a remote computer, enabling access to the
computer and its resources. The action consists of creating a
connection over the internet . Our terminal connects to the server
on the other computer and is able to give actions(input), and
receive data in return(output).
In telnet all the commands are sent in clear text and no
encryptions are used. So it is quiet easy for someone who is
eavesdropping to access your sensitive information such as
usernames and passwords during communication. Hence telnet is
outdated and not used over the internet but might be used over a
private network.
Some examples of telnet commands:
a. telnet towel.blinkenlights.nl
to watch ASCII version of star wars.
b. telnet freechess.org 5000
telnet version of chess.
c. telnet rainmaker.wunderground.com
to see weather forecast of certain city.
 Domain Name System(DNS)
DNS is a hierarchical and decentralized naming system
in which internet domain names are located and translated
into IP addresses. DNS uses hierarchical structure for DNS
Namespace mapping as shown below:
 Services provided by DNS
1. Directory service:
Directory service of DNS translates host names to IP
addresses.
2. Host aliasing:
A host with a complicated hostname can have one or more alias
names.
For example, a hostname such as relay1.west-coast.enterprise.com could
have, say, two aliases such as enterprise.com and www.enterprise.com. In
this case, the hostname relay1.westcoast.enterprise.com is said to be a
canonical hostname. Alias hostnames, when present, are typically more
easy to read/learn than canonical hostnames. DNS can be invoked by an
application to obtain the canonical hostname for a supplied alias
hostname as well as the IPaddress of the host.
3. Mail server aliasing:
For obvious reasons, it is highly desirable that e-mail addresses be
mnemonic. For example, if Bob has an account with Hotmail, Bob’s e-mail
address might be as simple as bob@hotmail.com. However, the hostname
of the Hotmail mail server is more complicated and much less mnemonic
than simply hotmail.com (for example, the canonical hostname might be
something like relay1.west-coast.hotmail.com). DNS can be invoked by a
mail application to obtain the canonical hostname ( mail server name) for
a supplied alias hostname as well as the IP address of the host.
4. Load Distribution:
DNS is also used to perform load distribution among replicated
servers, such as replicated Web servers. Busy sites, such as cnn.com, are
replicated over multiple servers, with each server running on a different end
system and each having a different IP address. For replicated Web servers, a
set of IP addresses is thus associated with one canonical hostname. The
DNS database contains this set of IP addresses. When clients make a DNS
query for a name mapped to a set of addresses, the server responds with
the entire set of IP addresses, but rotates the ordering of the addresses
within each reply. Because a client typically sends its HTTP request message
to the IP address that is listed first in the set, DNS rotation distributes the
traffic among the replicated servers.
How DNS Works?
The process of DNS resolution involves converting a hostname
into its IP address.
When client searches for any domain names for example
www.amazon.com into the browser, the request is sent to local DNS
server(Name Server). If the local DNS server does not find the address in
its database, it forwards the request to the root DNS server. The Root
DNS server in turn will return IP addresses for TLD(Top Level
Domain)DNS servers for the top level domain .com . The local DNS
server then contacts with one of these TLD servers, which in turn
returns the IP address of an authoritative server for amazon.com.
Finally, the local DNS server contacts with one of the authoritative
servers for amazon.com, which returns the IP address for the hostname
www.amazon.com. This address will be directed to the client and
browser now can connect to the supplied domain.
working of DNS
 Web Caching
A Web cache—also called a proxy server—is a network entity
that satisfies HTTP requests on the behalf of an origin Web server.
The Web cache has its own disk storage and keeps copies of recently
requested objects in this storage. As shown in Figure , a user’s
browser can be configured so that all of the user’s HTTP requests are
first directed to the Web cache. Once a browser is configured, each
browser request for an object is first directed to the Web cache.
Working:
suppose a browser is requesting the object
http://www.someschool.edu/index.pdf.
Here is what happens:
1. The browser establishes a TCP connection to the Web cache and
sends an HTTP request for the object to the Web cache.
2. The Web cache checks to see if it has a copy of the object stored
locally. If it does, the Web cache returns the object within an
HTTP response message to the client browser.
3. If the Web cache does not have the object, the Web cache
opens a TCP connection to the origin server, that is, to
www.someschool.edu. The Web cache then sends an
HTTPrequest for the object into the cache-to-server TCP
connection. After receiving this request, the origin server sends
the object within an HTTP response to the Web cache.
4. When the Web cache receives the object, it stores a copy in its
local storage and sends a copy, within an HTTP response
message, to the client browser (over the existing TCP
connection between the client browser and the Web cache).
 Peer-to-Peer File Sharing
P2P architecture is a distributed application architecture in which
pairs of connected hosts, called peers, communicate directly with
each other. The peers are not owned by a service provider, but are
instead desktops and laptops controlled by users.

Peer-to-peer file sharing is the distribution and sharing of files

using peer-to-peer (P2P) networking technology. P2P file sharing
allows users to access media files such as books, music, movies, and
games using a P2P software program that searches for other
connected computers on a P2P network to locate the desired content.
In P2Pfile distribution, each peer can redistribute any portion of
the file it has received to any other peers, thereby assisting the server
in the distribution process. E.g. torrent