IT-15- NETWORK

TECHNOLOGY
CH.5

APPLICATION LAYER
PROTOCOLS
An application layer protocol defines how application processes
(clients and servers), running on different end systems, pass messages
to each other. In particular, an application layer protocol defines: The
types of messages, e.g., request messages and response messages.
The Application layer includes the following functions:
Identifying communication partners: The application layer identifies
the availability of communication partners for an application with data
to transmit.
Determining resource availability: The application layer determines
whether sufficient network resources are available for the requested
communication.
Synchronizing communication: All the communications occur between
the applications requires cooperation which is managed by an
application layer.
 Services of Application Layers
Network Virtual terminal: An application layer allows a user to log on to a remote
host. To do so, the application creates a software emulation of a terminal at the
remote host. The user's computer talks to the software terminal, which in turn, talks
to the host. The remote host thinks that it is communicating with one of its own
terminals, so it allows the user to log on.
File Transfer, Access, and Management (FTAM): An application allows a user to access
files in a remote computer, to retrieve files from a computer and to manage files in a
remote computer. FTAM defines a hierarchical virtual file in terms of file structure, file
attributes and the kind of operations performed on the files and their attributes.
.Addressing: To obtain communication between client and server, there is a need for
addressing. When a client made a request to the server, the request contains the
server address and its own address. The server response to the client request, the
request contains the destination address, i.e., client address. To achieve this kind of
addressing, DNS is used.
Mail Services: An application layer provides Email forwarding and storage.
Directory Services: An application contains a distributed database that provides access
for global information about various objects and services.
Authentication: It authenticates the sender or receiver's message or both.
Dynamic Host Configuration Protocol
•Dynamic Host Configuration Protocol (DHCP) is a network
management protocol used to dynamically assign an IP
address to any device, or node, on a network so they can
communicate using IP (Internet Protocol).
•DHCP automates and centrally manages these
configurations. There is no need to manually assign IP
addresses to new devices. Therefore, there is no
requirement for any user configuration to connect to a
DHCP based network.
•DHCP can be implemented on local networks as well as
large enterprise networks.
•DHCP is the default protocol used by the most routers and
networking equipment. DHCP is also called RFC (Request for
comments) 2131.
DHCP does the following:
•DHCP manages the provision of all the nodes or devices
added or dropped from the network.
•DHCP maintains the unique IP address of the host using
a DHCP server.
•It sends a request to the DHCP server whenever a
client/node/device, which is configured to work with
DHCP, connects to a network.
•The server acknowledges by providing an IP address to
the client/node/device.
•DHCP is also used to configure the proper subnet mask,
default gateway and DNS server information on the
node or device.
There are many versions of DCHP are available for use in
IPV4 (Internet Protocol Version 4) and IPV6 (Internet
Protocol Version 6).
How DHCP works
•DHCP runs at the application layer of the TCP/IP protocol
stack to dynamically assign IP addresses to DHCP
clients/nodes and to allocate TCP/IP configuration
information to the DHCP clients.
• Information includes subnet mask information, default
gateway, IP addresses and domain name system
addresses.
•DHCP is based on client-server protocol in which servers
manage a pool of unique IP addresses, as well as
information about client configuration parameters, and
assign addresses out of those address pools.
The DHCP lease process works as follows:
•First of all, a client (network device) must be connected
to the internet.
•DHCP clients request an IP address. Typically, client
broadcasts a query for this information.
•DHCP server responds to the client request by providing
IP server address and other configuration information.
This configuration information also includes time period,
called a lease, for which the allocation is valid.
•When refreshing an assignment, a DHCP clients request
the same parameters, but the DHCP server may assign a
new IP address. This is based on the policies set by the
administrator.
Components of DHCP
DHCP Server: DHCP server is a networked device running the DCHP service that
holds IP addresses and related configuration information. This is typically a server
or a router but could be anything that acts as a host.
DHCP client: DHCP client is the endpoint that receives configuration information
from a DHCP server. This can be any device like computer, laptop, endpoint or
anything else that requires connectivity to the network. Most of the devices are
configured to receive DHCP information by default.
IP address pool: IP address pool is the range of addresses that are available to
DHCP clients. IP addresses are typically handed out sequentially from lowest to the
highest.
Subnet: Subnet is the partitioned segments of the IP networks. Subnet is used to
keep networks manageable.
Lease: Lease is the length of time for which a DHCP client holds the IP address
information. When a lease expires, the client has to renew it.
DHCP relay: A host or router that listens for client messages being broadcast on
that network and then forwards them to a configured server. The server then
sends responses back to the relay agent that passes them along to the client.
DHCP relay can be used to centralize DHCP servers instead of having a server on
each subnet.
Benefits of DHCP
There are following benefits of DHCP:
Centralized administration of IP configuration: DHCP IP configuration
information can be stored in a single location and enables that administrator to
centrally manage all IP address configuration information.
Dynamic host configuration: DHCP automates the host configuration process
and eliminates the need to manually configure individual host. When TCP/IP
(Transmission control protocol/Internet protocol) is first deployed or when IP
infrastructure changes are required.
Seamless IP host configuration: The use of DHCP ensures that DHCP clients get
accurate and timely IP configuration IP configuration parameter such as IP
address, subnet mask, default gateway, IP address of DND server and so on
without user intervention.
Flexibility and scalability: Using DHCP gives the administrator increased
flexibility, allowing the administrator to move easily change IP configuration
when the infrastructure changes.
 DNS
The Domain Network System (DNS) protocol helps Internet users and network
devices discover websites using human-readable hostnames, instead of numeric IP
addresses.
The DNS process works as follows:
•A browser, application or device called the DNS client, issues a DNS request or
DNS address lookup, providing a hostname such as “example.com”.
•The request is received by a DNS resolver, which is responsible for finding the
correct IP address for that hostname.
•The DNS resolver looks for a DNS name server that holds the IP address for the
hostname in the DNS request.
•The resolver starts from the Internet’s root DNS server, moving down the
hierarchy to Top Level Domain (TLD) DNS servers (“.com” in this case), down to the
name server responsible for the specific domain “example.com”.
•When the resolver reaches the authoritative DNS name server for
“example.com”, it receives the IP address and other relevant details, and returns it
to the DNS client. The DNS request is now resolved.
•The DNS client device can connect to the server directly using the correct IP
address.
Structure of DNS
The Domain Namespace
•The DNS namespace governs public hostnames used on the
Internet. The namespace is a tree structure, with each node in the
tree having a textual label and zero or more DNS resource records
(RR) describing the domain.
•The domain name consists of the label, together with the label of
its parent nodes, separated by a dot (as in “example.com”). The
domain namespace is divided into zones, and each zone is
delegated to a specific legal entity for administration and
management.
Domain Name Syntax and Format

•A domain name consists of one or more parts called labels,

which are separated by dots.
•A label may contain up to 63 characters. The label at the
extreme right is the top-level domain (TLD), and the next labels
from right to left are lower down in the namespace hierarchy.
•Each label is known as a subdomain of the label above it. DNS
allows up to 127 hierarchical levels.
•For example, “forum.support.example.com” represents a
subdomain “forum” under the subdomain “support”, under the
domain “example”, under the top level domain “.com”.
DNS Resolution
DNS (Domain Name Server) resolution is the process of translating IP addresses to domain
names.
•When a profile is configured to look up all numeric IP addresses, Webtrends makes a call to the
network's DNS server to resolve DNS entries.
•Each computer has its own IP address. The IP address identifies that computer with four sets of
numbers of up to three digits, known as octets, each separated by a period. The IP addresses are
recorded in the log file. In most cases, IP addresses can be translated into domain names. For
example, 63.88.213.170 translates to www.webtrends.com.
•A user can configure Webtrends to look up all numeric IP addresses. When that feature is
selected, Webtrends makes a call to the networks DNS server to resolve IP addresses into DNS
entries.
•Note: Not all IP addresses can be resolved. There is a hierarchy to DNS servers. If the first DNS
server cannot resolve the IP address, Webtrends makes a call to another DNS server to find it. It
continues this process until it times out. By default, Webtrends gives up on the process after 25
seconds and then goes on to the next record.
Resolve mode
IP addresses are translated to domain names.
Performance is slightly slower.
IP Address
Internet Protocol address that identifies a computer connected to the Internet. *Domain Name*
Text name that corresponds to the numeric IP address.
DNS Lookup
Translates numeric IP addresses into domain names.
How Resolve Mode Works:
Steps in the DNS resolution process.
•Webtrends makes call to DNS server to resolve IP addresses.
•DNS server makes attempt to translate IP address to DNS entry.
•DNS server returns domain name to Webtrends.
•Webtrends takes domain name and checks it against the
company database (company.big) or GeoTrends database.
•Company database or GeoTrends database returns geographical
information.
The Decision to Resolve or Not to Resolve
Most users consider domain names more useful for analysis than
IP addresses, but DNS resolution can be a slow process.
Therefore, you may have a decision to make.
DNS Message Format
DNS communication occurs via two types of messages: queries and
replies. Both DNS query format and reply format consist of the
following sections:
•The header section contains Identification; Flags; Number of
questions; Number of answers; Number of authority resource records
(RRs); and Number of additional resource records.
•The flag field contains sections of one or four bits, indicating type of
message, whether the name server is authoritative; whether the
query is recursive or not, whether request was truncated, and status.
•The question section contains the domain name and type of record
(A, AAAA, MX, TXT, etc.) being resolved. Each label in the domain
name is prefixed by its length.
•The answer section has the resource records of the queried name.
 DNS Resource Records
Resource Records are used to store hostnames, IP addresses and
other information in DNS name servers. A record is made up of the
following fields:

Name is an alphanumeric identifier of the DNS record

TTL (time to live) specifies how long the record should be kept in local cache
Record class indicates the namespace—typically IN, the Internet namespace
Record type is the DNS record type—for example an A, CNAME, MX
Record data contains the DNS values, for example the IP address for a hostname
The most common DNS record types supported by the DNS protocol:
Name Server records (NS)—specifies the authoritative name server for a DNS
zone
IPv4 Address Mapping records (A)—a hostname and its IPv4 address
IPv6 Address records (AAAA)—a hostname and its IPv6 address
Canonical Name records (CNAME)—points a hostname to an alias
Mail eXchanger record (MX)—specifies an SMTP email server for the domain
HTTP
•HTTP stands for HyperText Transfer Protocol.
•It is a protocol used to access the data on the World Wide Web
(www).
•The HTTP protocol can be used to transfer the data in the form of
plain text, hypertext, audio, video, and so on.
•This protocol is known as HyperText Transfer Protocol because of its
efficiency that allows us to use in a hypertext environment where
there are rapid jumps from one document to another document.
•HTTP is similar to the FTP as it also transfers the files from one host
to another host. But, HTTP is simpler than FTP as HTTP uses only one
connection, i.e., no control connection to transfer the files.
•HTTP is used to carry the data in the form of MIME-like format.
•HTTP is similar to SMTP as the data is transferred between client
and server. The HTTP differs from the SMTP in the way the messages
are sent from the client to the server and from server to the client.
SMTP messages are stored and forwarded while HTTP messages are
delivered immediately.
Features of HTTP:
Connectionless protocol: HTTP is a connectionless protocol. HTTP
client initiates a request and waits for a response from the server.
When the server receives the request, the server processes the
request and sends back the response to the HTTP client after which
the client disconnects the connection. The connection between
client and server exist only during the current request and response
time only.
Media independent: HTTP protocol is a media independent as data
can be sent as long as both the client and server know how to
handle the data content. It is required for both the client and server
to specify the content type in MIME-type header.
Stateless: HTTP is a stateless protocol as both the client and server
know each other only during the current request. Due to this nature
of the protocol, both the client and server do not retain the
information between various requests of the web pages.
Basic Architecture
The following diagram shows a very basic architecture of a web
application-
The HTTP protocol is a request/response protocol based on the client/server
based architecture where web browsers, robots and search engines, etc. act like
HTTP clients, and the Web server acts as a server.

Client
The HTTP client sends a request to the server in the form of a request method,
URI, and protocol version, followed by a MIME-like message containing request
modifiers, client information, and possible body content over a TCP/IP
connection.

Server
The HTTP server responds with a status line, including the message's protocol
version and a success or error code, followed by a MIME-like message
containing server information, entity meta information, and possible entity-body
content.

The default port for HTTP are:

Port 80 – This is default non-encrypted port.
Port 443 – This is default port for secure connections.
The above figure shows the HTTP transaction between client and server. The
client initiates a transaction by sending a request message to the server. The
server replies to the request message by sending a response message.
 Messages
HTTP messages are of two types: request and response. Both the message
types follow the same message format.
Request Message: The request message is sent by the client that consists of a
request line, headers, and sometimes a body.
Response Message: The response message is sent by the server to the client that
consists of a status line, headers, and sometimes a body.

Header Fields
HTTP header fields provide required information about the request or response, or
about the object sent in the message body. There are four types of HTTP message
headers:
General-header: These header fields have general applicability for both request and
response messages.
Request-header: These header fields have applicability only for request messages.
Response-header: These header fields have applicability only for response messages.
Entity-header: These header fields define meta information about the entity-body or, if
no body is present, about the resource identified by the request.
Uniform Resource Locator (URL)
A client that wants to access the document in an internet needs an address and to facilitate
the access of documents, the HTTP uses the concept of Uniform Resource Locator (URL).
The Uniform Resource Locator (URL) is a standard way of specifying any kind of information
on the internet.
The URL defines four parts: method, host computer, port, and path.

Method: The method is the protocol used to retrieve the document from a server. For
example, HTTP.
Host: The host is the computer where the information is stored, and the computer is given an
alias name. Web pages are mainly stored in the computers and the computers are given an
alias name that begins with the characters "www". This field is not mandatory.
Port: The URL can also contain the port number of the server, but it's an optional field. If the
port number is included, then it must come between the host and path and it should be
separated from the host by a colon.
Path: Path is the pathname of the file where the information is stored. The path itself contain
slashes that separate the directories from the subdirectories and files.
HTTP - Methods
E-mail Protocols are set of rules that help the client to properly transmit the information to or
from the mail server. Here in this tutorial, we will discuss various protocols such as SMTP,
POP, and IMAP.
SMTP stands for Simple Mail Transfer Protocol. It was first proposed in 1982. It is a
standard protocol used for sending e-mail efficiently and reliably over the internet.
Key Points:
SMTP is application level protocol.
SMTP is connection oriented protocol.
SMTP is text based protocol.
It handles exchange of messages between e-mail servers over TCP/IP network.
Apart from transferring e-mail, SMPT also provides notification regarding incoming
mail.
When you send e-mail, your e-mail client sends it to your e-mail server which further
contacts the recipient mail server using SMTP client.
These SMTP commands specify the sender’s and receiver’s e-mail address, along with
the message to be send.
The exchange of commands between servers is carried out without intervention of any
user.
In case, message cannot be delivered, an error report is sent to the sender which
makes SMTP a reliable protocol.
The default port for SMTP are:
Port 25 – This is the default non-encrypted port.
Port 465/ 587 – This is default port for secure connections.
IMAP
IMAP stands for Internet Message Access Protocol. It was first proposed in 1986.
There exist five versions of IMAP as follows:
Original IMAP
IMAP2
IMAP3
IMAP2bis
IMAP4
Key Points:
IMAP allows the client program to manipulate the e-mail message on the server
without downloading them on the local computer.
The e-mail is hold and maintained by the remote server.
It enables us to take any action such as downloading, delete the mail without reading
the mail.It enables us to create, manipulate and delete remote message folders called
mail boxes.
IMAP enables the users to search the e-mails.
It allows concurrent access to multiple mailboxes on multiple mail servers.

The default ports for IMAP are:

Port 143 – This is the default non-encrypted port.
Port 993 – This is default port for secure connections.
POP
POP stands for Post Office Protocol. It is generally used to support a
single client. There are several versions of POP but the POP 3 is the
current standard.
Key Points
•POP is an application layer internet standard protocol.
•Since POP supports offline access to the messages, thus requires less
internet usage time.
•POP does not allow search facility.
•In order to access the messaged, it is necessary to download them.
•It allows only one mailbox to be created on server.
•It is not suitable for accessing non mail data.
•POP commands are generally abbreviated into codes of three or four
letters.
Eg. STAT.
The default ports for POP3 are:
Port 110 – This is the default non-encrypted port.
Port 995 – This is the default port for secure connections.
Multipurpose Internet Mail Extensions (MIME)
•Multipurpose Internet Mail Extensions (MIME) is an Internet standard
that helps extend the limited capabilities of email by allowing insertion
of images, sounds and text in a message. It was proposed by Bell
Communications in 1991, and the specification was originally defined in
June 1992 for RFCs 1341 and 1342.
•MIME was designed to extend the format of email to support non-ASCII
characters, attachments other than text format, and message bodies
which contain multiple parts.
•MIME describes the message content type and the type of encoding
used with the help of headers. All manually composed and automated
emails are transmitted through SMTP in MIME format. The association
of Internet email with SMTP and MIME standards is such that the emails
are sometimes referred to as SMTP/MIME email.
•The MIME standard defines the content types which are of prime
importance in communication protocols like HTTP for the World Wide
Web. The data are transmitted in the form of email messages through
HTTP even though the data are not an email.
The features offered by MIME to email services are as
follows:

•Support for multiple attachments in a single message

•Support for non-ASCII characters
•Support for layouts, fonts and colors which are categorized
as rich text.
•Support for attachments which may contain executables,
audio, images and video files, etc.
•Support for unlimited message length.
MIME is extensible because it defines a method to register new content types and other
MIME attribute values. The format of a message body is described by MIME using special
header directives. This is done so that the email can be represented correctly by the
client.
MIME Header:
t is added to the original e-mail header section to define transformation. There are five
headers which we add to the original header:
MIME Version – Defines version of MIME protocol. It must have the parameter Value
1.0, which indicates that message is formatted using MIME.
Content Type – Type of data used in the body of message. They are of different types like
text data (plain, HTML), audio content or video content.
Content Type Encoding – It defines the method used for encoding the message. Like 7-
bit encoding, 8-bit encoding, etc.
Content Id – It is used for uniquely identifying the message.
Content description – It defines whether the body is actually image, video or audio.
MIME content types consist of two parts −
A main type
A sub-type
The main type is separated from the subtype by a forward slash character. For
example, text/html for HTML.
This chapter is organized for the main types −
Text , image , multipart, audio, video, message, model, application
FTP
•FTP stands for File transfer protocol.
•FTP is a standard internet protocol provided by TCP/IP used for
transmitting the files from one host to another.
•It is mainly used for transferring the web page files from their creator to
the computer that acts as a server for other computers on the internet.
•It is also used for downloading the files to computer from other servers.
Objectives of FTP
It provides the sharing of files.
It is used to encourage the use of remote computers.
It transfers the data more reliably and efficiently.

Although transferring files from one system to another is very simple and
straightforward, but sometimes it can cause problems. For example, two
systems may have different file conventions. Two systems may have different
ways to represent text and data. Two systems may have different directory
structures. FTP protocol overcomes these problems by establishing two
connections between hosts. One connection is used for data transfer, and
another connection is used for the control connection.
 Mechanism of FTP

The above figure shows the basic model of the FTP.

The FTP client has three components: the user interface, control process, and data
transfer process. The server has two components: the server control process and
the server data transfer process.
There are two types of connections in FTP:
Control Connection: The control connection uses very simple rules for
communication. Through control connection, we can transfer a line of
command or line of response at a time. The control connection is made
between the control processes. The control connection remains connected
during the entire interactive FTP session.
For sending control information like user identification, password,
commands to change the remote directory, commands to retrieve and store
files, etc., FTP makes use of control connection. The control connection is
initiated on port number 21.

Data Connection: The Data Connection uses very complex rules as data types
may vary. The data connection is made between data transfer processes. The
data connection opens when a command comes for transferring the files and
closes when the file is transferred.

For sending the actual file, FTP makes use of data connection. A data
connection is initiated on port number 20.
FTP sends the control information out-of-band as it uses a separate control
connection.
TELNET
•TELNET stands for TErminaL NETwork.
•It is a type of protocol that enables one computer to connect to local
computer.
•It is a used as a standard TCP/IP protocol for virtual terminal service which is
given by ISO.
•It is a network protocol used on the Internet or local area networks to provide
a bidirectional interactive communications facility.
•Typically, telnet provides access to a command-line interface on a remote host
via a virtual terminal connection which consists of an 8-bit byte oriented data
connection over the Transmission Control Protocol (TCP).
•User data is interspersed in-band with TELNET control information.
•Computer which starts connection known as the local computer. Computer
which is being connected to i.e. which accepts the connection known
as remote computer.
•When the connection is established between local and remote computer.
During telnet operation whatever that is performing on the remote computer
will be displayed by local computer.
• Telnet operates on client/server principle. Local computer uses telnet client
program and the remote computers uses telnet server program.
•The network terminal protocol (TELNET) allows a user to log in on any other computer
on the network. We can start a remote session by specifying a computer to connect to.
From that time until we finish the session, anything we type is sent to the other
computer.
•The Telnet program runs on the computer and connects your PC to a server on the
network. We can then enter commands through the Telnet program and they will be
executed as if we were entering them directly on the server console. This enables we
to control the server and communicate with other servers on the network. To start a
Telnet session, we must log in to a server by entering a valid username and password.
Telnet is a common way to remotely control Web servers.
•Telnet was developed in 1969 to aid in remote connectivity between computers over
a network. Telnet can connect to a remote machine that on a network and is port
listening. Most common ports to which one can connect to through telnet are:
Port 21 ~ File Transfer Protocol
Port 22 – SSH Remote Login Protocol
Port 23 – Telnet Server
Port 25 – Simple Mail Transfer Protocol (SMTP)
Port 53 – Domain Name Server (DNS)
Port 69 – Trivial File Transfer Protocol (TFTP)
Port 70 – Gopher
Port 80 – Hyper Text Transfer Protocol (HTTP)
Port 110 – Post Office Protocol 3 (POP3)
 When the user wants to access an application program on a remote
computer, then the user must perform remote login.
How remote login occurs
At the local site
•The user sends the keystrokes to the terminal driver, the characters are then
sent to the TELNET client.
•The TELNET client which in turn, transforms the characters to a universal
character set known as network virtual terminal characters and delivers them
to the local TCP/IP stack
At the remote site
The commands in NVT (Network Virtual Terminal)forms are transmitted to the
•The
TCP/IP at the remote machine. Here, the characters are delivered to the
operating system and then pass to the TELNET server.
•The TELNET server transforms the characters which can be understandable by
a remote computer.
•However, the characters cannot be directly passed to the operating system as
a remote operating system does not receive the characters from the TELNET
server. Therefore it requires some piece of software that can accept the
characters from the TELNET server. The operating system then passes these
characters to the appropriate application program.
 The term telnet is also used to refer to the software that implements the client part of the
protocol. Telnet client applications are available for virtually all computer
platforms. Telnet is also used as a verb. To telnet means to establish a connection using
the Telnet protocol, either with a command line client or with a graphical interface.

Connecting to a Remote Host

Follow these steps to connect to a remote host using Telnet

1. Open Telnet by clicking on Start menu and choose run. Now type Telnet, and press Enter
key from the keyboard or by clicking on the OK button.
2. From the Menu, choose Connect. Remote
3. Enter the name or IP address of the system that you want to connect to in the Host Name
Field.
4. If required, a port in the Port field.
5. In the term Type, select the type of terminal that you want Telnet to emulate.
6. After you are finished with the remote host, you can disconnect from a remote host by
choosing Connect, Disconnec