Professional Documents
Culture Documents
unit 5 cn
unit 5 cn
The Transport Layer is responsible for end-to-end delivery. Whereas the network layer is
concerned with the end - to- end delivery of individual packets.
This layer treats each packet independently because each packet belongs to a different
message.
The transport layer ensures that each message should reach its destination completely
and in order.
The transport layer establishes a connection between two end ports. A connection is a
single logical path from source to destination which is associated with all the packets in a
message.
Transport Layer uses some standard protocols to enhance its functionalities are
TCP(Transmission Control Protocol), UDP( User Datagram Protocol), DCCP( Datagram
Congestion Control Protocol), etc.
1. Service-point addressing
Computers often run many programs at the same time. Due to this, source-to-destination
delivery means delivery from a specific job (currently running program) on one computer
to a specific job (currently running program) on the other system.
For this reason, the transport layer added a specific type of address to its header, it is
referred to as a service point address or port address.
By this address each packet reaches the correct computer and also the transport
layer gets the complete message to the correct process on that computer.
3. Connection Control:
This Transport Layer creates a connection with the Transport Layer at the destination
machine before transmitting the packets to the destination.
To Create a connection following three steps are possible:
1. Connection establishment
2. Data transfer
3. Connection termination
When all the data are transmitted connection is terminated. Connectionless Service is less
reliable than connection Oriented Service.
6. Error Control
Error Control is also performed end to end like the data link layer.
In this layer to ensure that the entire message arrives at the receiving transport layer
without any error(damage, loss or duplication). Error Correction is achieved through
retransmission of the packet.
The data has arrived or not and checks for the integrity of data, it uses the ACK and
NACK services to inform the sender.
UDP Protocol:
The User Datagram Protocol (UDP) is simplest Transport Layer communication protocol
available of the TCP/IP protocol suite.
It involves minimum amount of communication mechanism.
UDP is said to be an unreliable transport protocol but it uses IP services which provides
best effort delivery mechanism.
In UDP, the receiver does not generate an acknowledgement of packet received and in
turn, the sender does not wait for any acknowledgement of packet sent. This shortcoming
makes this protocol unreliable as well as easier on processing.
UDP Header
UDP header is an 8-byte fixed and simple header, while for TCP it may vary from 20 bytes
to 60 bytes.
The first 8 Bytes contain all necessary header information and the remaining part consists
of data.
UDP port number fields are each 16 bits long, therefore the range for port numbers is
defined from 0 to 65535; port number 0 is reserved. Port numbers help to distinguish
different user requests or processes.
UDP header contains four main parameters:
Source Port: This 16 bits information is used to identify the source port of the packet.
Destination Port: This 16 bits information, is used identify application level service on
destination machine.
Length - Length field specifies the entire length of UDP packet (including header). It is
16-bits field and minimum value is 8-byte, i.e. the size of UDP header itself.
Checksum - This field stores the checksum value generated by the sender before
sending. IPv4 has this field as optional so when checksum field does not contain any
value it is made 0 and all its bits are set to zero.
What is Casting
Casting in computer networks means transmitting data (stream of packets) over a network.
Following are the different types of casting used in networking –
1. Unicast transmission
2. Broadcast transmission
3. Multicast transmission
In Unicast transmission, the data is transferred from a single sender (or a single source host)
to a single receiver (or a single destination host).
The network switches hear the MAC addresses of the devices on the networks to which
they are connected. They can then forward packets only onto those networks containing
devices with the connected MAC addresses.
Example:
In the following figure, Host A sends the IP address 11.1.2.2 data to the Host B, IP address
20.12.4.3.
Source Address = IP address of host A is 11.1.2.2
Destination Address = IP address of host B is 20.12.4.3
In Broadcast transmission, the data is transmitted from one or more senders to all the
receivers within the same network or in other networks.
This type of transmission is useful in network management packets such as ARP (Address
Resolution Protocol) and RIP (Routing Information Protocol) where all the devices must see
the data.
There are two types of broadcast transmission:
1. Directed Broadcast, and
2. Limited Broadcast
Directed Broadcast
Directed Broadcast transmits data from one source host to all the other hosts that exist in
some other network.
Limited Broadcast
In Limited Broadcast, the data is transmitted from a single source host to all the other hosts
residing in the same network.
When the data is transmitted from a single source host to a specific group of hosts having
the interest to receive the data, it is known as multicast transmission.
Multicast can be more efficient than unicast when different groups of receivers need to see
the same data.
TCP-Connection Management
2. TCP is a full-duplex protocol so both sender and receiver require a window for receiving
messages from one another.
Sequence number (Seq=2000): contains the random initial sequence number generated
at the receiver side.
Syn flag (Syn=1): Request the sender to synchronize its sequence number with the above-
provided sequence number.
Maximum segment size (MSS=500 B): receiver tells its maximum segment size, so that
sender sends datagram which won’t require any fragmentation. MSS field is present
inside Option field in TCP header.
Since MSSreceiver < MSSsender, both parties agree for minimum MSS i.e., 500 B to avoid
fragmentation of packets at both ends.
Window size (window=10000 B): receiver tells about his buffer capacity in which he has
to store messages from the sender.
Acknowledgement Number (Ack no.=522): Since sequence number 521 is received by
the receiver so, it makes a request for the next sequence number with Ack no.=522 which is
the next packet expected by the receiver since Syn flag consumes 1 sequence no.
ACK flag (ACk=1): tells that the acknowledgement number field contains the next
sequence expected by the receiver.
3. Sender makes the final reply for connection establishment in the following way:
Sequence number (Seq=522): since sequence number = 521 in 1 st step and SYN flag
consumes one sequence number hence, the next sequence number will be 522.
Acknowledgement Number (Ack no.=2001): since the sender is acknowledging SYN=1
packet from the receiver with sequence number 2000 so, the next sequence number
expected is 2001.
ACK flag (ACK=1): tells that the acknowledgement number field contains the next
sequence expected by the sender.
NOTE: Since the connection establishment phase of TCP makes use of 3 packets, it is also
known as 3-way Handshaking (SYN, SYN + ACK, ACK).
What is congestion?
A state occurring in network layer when the message traffic is so heavy that, it slows down
network response time.
Effects of Congestion
As delay increases, performance decreases.
If delay increases, retransmission occurs, making situation worse.
Exponential increment: In this phase after every RTT the congestion window size increments
exponentially.
Example:- If the initial congestion window size is 1 segment, and the first segment is
successfully acknowledged, the congestion window size becomes 2 segments. If the next
transmission is also acknowledged, the congestion window size doubles to 4 segments. This
exponential growth continues as long as all segments are successfully acknowledged.
Initially cwnd = 1
After 1 RTT, cwnd = 2^(1) = 2
2 RTT, cwnd = 2^(2) = 4
3 RTT, cwnd = 2^(3) = 8
Additive increment: This phase starts after the threshold value also denoted as ssthresh. The
size of cwnd(congestion window) increases additive. After each RTT cwnd = cwnd + 1.
Example:- if the congestion window size is 20 segments and all 20 segments are successfully
acknowledged within an RTT, the congestion window size would be increased to 21 segments in
the next RTT. If all 21 segments are again successfully acknowledged, the congestion window
size would be increased to 22 segments, and so on.
Initially cwnd = i
After 1 RTT, cwnd = i+1
2 RTT, cwnd = i+2
3 RTT, cwnd = i+3
Multiplicative decrement: If congestion occurs, the congestion window size is decreased. The
only way a sender can guess that congestion has happened is the need to retransmit a segment.
Retransmission is needed to recover a missing packet that is assumed to have been dropped by a
router due to congestion. Retransmission can occur in one of two cases: when the RTO timer
times out or when three duplicate ACKs are received.
Case 1: Retransmission due to Timeout: In this case, the congestion possibility is high.
TCP Timers
TCP uses several timers to ensure that excessive delays are not encountered during
communications. Several of these timers are elegant, handling problems that are not
immediately obvious at first analysis. Each of the timers used by TCP is examined in the
following sections, which reveal its role in ensuring data is properly sent from one
connection to another.
TCP uses four timers –
1. Retransmission Timer:
To retransmit lost segments, TCP uses retransmission timeout (RTO). When TCP sends a
segment the timer starts and stops when the acknowledgment is received. If the timer
expires timeout occurs and the segment is retransmitted. RTO (retransmission timeout is
for 1 RTT) to calculate retransmission timeout we first need to calculate the RTT(round
trip time).
2.Deviated RTT(RTTd):
Most implementations do not use RTTs alone so RTT deviated is also calculated to find out
RTO.
3.Persistent Timer:
To deal with a zero-window-size deadlock situation, TCP uses a persistence timer. When
the sending TCP receives an acknowledgment with a window size of zero, it starts a
persistence timer. When the persistence timer goes off, the sending TCP sends a special
segment called a probe. This segment contains only 1 byte of new data. It has a sequence
number, but its sequence number is never acknowledged; it is even ignored in calculating
the sequence number for the rest of the data. The probe causes the receiving TCP to resend
the acknowledgment which was lost.
4.Keep Alive Timer:
A keepalive timer is used to prevent a long idle connection between two TCPs. If a client
opens a TCP connection to a server transfers some data and becomes silent the client will
crash. In this case, the connection remains open forever. So a keepalive timer is used. Each
time the server hears from a client, it resets this timer. The time-out is usually 2 hours. If
the server does not hear from the client after 2 hours, it sends a probe segment. If there is
no response after 10 probes, each of which is 75 s apart, it assumes that the client is down
and terminates the connection.
5.Time Wait Timer:
This timer is used during tcp connection termination. The timer starts after sending the last
Ack for 2nd FIN and closing the connection
The World Wide Web or Web is basically a collection of information that is linked together from
points all over the world. It is also abbreviated as WWW.
World wide web provides flexibility, portability, and user-friendly features.
It mainly consists of a worldwide collection of electronic documents (i.e, Web Pages).
It is basically a way of exchanging information between computers on the Internet.
The WWW is mainly the network of pages consists of images, text, and sounds on the
Internet which can be simply viewed on the browser by using the browser software.
It was invented by Tim Berners-Lee.
Architecture of WWW:
The WWW is mainly a distributed client/server service where a client using the browser can
access the service using a server. The Service that is provided is distributed over many different
locations commonly known as sites/websites.
Each website holds one or more documents that are generally referred to as web pages.
Where each web page contains a link to other pages on the same site or at other sites.
These pages can be retrieved and viewed by using browsers.
In the above case, the client sends some information that belongs to site A. It generally sends a
request through its browser and also the request generally contains other information like the
address of the site, web page (URL).
The server at site A finds the document then sends it to the client. after that when the user or say
the client finds the reference to another document that includes the web page at site B.
The reference generally contains the URL of site B. And the client is interested to take a look at
this document too. Then after the client sends the request to the new site and then the new page is
retrieved.
Components of WWW:
1.Client/Browser
The Client/Web browser is basically a program that is used to communicate with the webserver
on the Internet.
The Controller mainly receives the input from the input device, after that it uses the client
programs in order to access the documents.
After accessing the document, the controller makes use of an interpreter in order to
display the document on the screen.
An interpreter can be Java, HTML, javascript mainly depending upon the type of the
document.
The Client protocol can be FTP, HTTP, TELNET.
2.Server
The Computer that is mainly available for the network resources and in order to provide services
to the other computer upon request is generally known as the server.
The Web pages are mainly stored on the server.
Whenever the request of the client arrives then the corresponding document is sent to the
client.
The connection between the client and the server is TCP.
It can become more efficient through multithreading or multiprocessing. Because in this
case, the server can answer more than one request at a time.
3.URL
URL is an abbreviation of the Uniform resource locator.
It is basically a standard used for specifying any kind of information on the Internet.
In order to access any page the client generally needs an address.
To facilitate the access of the documents throughout the world HTTP generally makes
use of Locators.
4.HTML
HTML is an abbreviation of Hypertext Markup Language.
It is generally used for creating web pages.
It is mainly used to define the contents, structure, and organization of the web page.
5.XML
XML is an abbreviation of Extensible Markup Language. It mainly helps in order to define the
common syntax in the semantic web.
Features of WWW
Some of the features are:
Provides a system for Hypertext information
Open standards and Open source
Distributed.
Mainly makes the use of Web Browser in order to provide a single interface for many
services.
Dynamic
Interactive
Cross-Platform
The protocol used to transfer hypertext between two computers is known as HyperText
Transfer Protocol.
HTTP provides a standard between a web browser and a web server to establish
communication. It is a set of rules for transferring data from one computer to another. Data
such as text, images, and other multimedia files are shared on the World Wide Web.
Whenever a web user opens their web browser, the user indirectly uses HTTP. It is an
application protocol that is used for distributed, collaborative, hypermedia information
systems.
Working of HTTP:
When we want to open any website, first open a web browser after that we will type the
URL of that website (e.g., www.facebook.com ). This URL is now sent to the Domain
Name Server (DNS). Then DNS first check records for this URL in their database, then
DNS will return the IP address to the web browser corresponding to this URL. Now the
browser is able to send requests to the actual server.
After the server sends data to the client, the connection will be closed. If we want
something else from the server we should have to re-establish the connection between the
client and the server.
HTTP Response
HTTP Request
HTTP request is simply termed as the information or data that is needed by Internet browsers
for loading a website. This is simply known as HTTP Request.
There is some common information that is generally present in all HTTP requests. These are
mentioned below.
HTTP Version
URL
HTTP Method
HTTP Request Headers
HTTP Body
HTTP Request Headers
HTTP Request Headers generally store information in the form of key-value and must be
present in each HTTP Request. The use of this Request Header is to provide core information
about the client’s information, etc.
HTTP Request Body
HTTP Request Body simply contains the information that has to be transferred. HTTP Request
has the information or data to be sent to these browsers.
HTTP Method:
HTTP Methods are simply HTTP Verb. In spite of being present so many HTTP Methods, the
most common HTTP Methods are HTTP GET and HTTP POST. These two are generally used
in HTTP cases. In HTTP GET, the information is received in the form of a website.
HTTP Response:
HTTP Response is simply the answer to what a Server gets when the request is raised. There
are various things contained in HTTP Response, some of them are listed below.
HTTP Status Code
HTTP Headers
HTTP Body
HTTP Response
HTTP Response Headers:
HTTP Response headers are simply like an HTTP Request where it has that work to send some
important files and data to the HTTP Response Body.
HTTP Response Body:
HTTP Responses are the responses that are received successfully upon the request. Generally,
it comes under the requests generated by the web. In most cases, the request is of transferring
the HTML data into a webpage.
Characteristics of HTTP
HTTP is IP based communication protocol that is used to deliver data from server to client or
vice-versa.
The server processes a request, which is raised by the client, and also server and client
know each other only during the current bid and response period.
Any type of content can be exchanged as long as the server and client are compatible with
it.
Once data is exchanged, servers and clients are no longer connected.
It is a request and response protocol based on client and server requirements.
It is a connection-less protocol because after the connection is closed, the server does not
remember anything about the client and the client does not remember anything about the
server.
It is a stateless protocol because both client and server do not expect anything from each
other but they are still able to communicate.
Control Connection
For sending control information like user identification, password, commands to change the
remote directory, commands to retrieve and store files, etc., FTP makes use of a control
connection. The control connection is initiated on port number 21.
Data connection
For sending the actual file, FTP makes use of a data connection. A data connection is
initiated on port number 20.
FTP sends the control information out-of-band as it uses a separate control connection.
Some protocols send their request and response header lines and the data in the same TCP
connection. For this reason, they are said to send their control information in-band. HTTP
and SMTP are such examples.
FTP Session
When an FTP session is started between a client and a server, the client initiates a
control TCP connection with the server side. The client sends control information over this.
When the server receives this, it initiates a data connection to the client side. But the
control connection remains active throughout the user session. As we know HTTP is
stateless . But FTP needs to maintain a state about its user throughout the session.
FTP Clients
FTP works on a client-server model. The FTP client is a program that runs on the user’s
computer to enable the user to talk to and get files from remote computers. It is a set of
commands that establishes the connection between two hosts, helps to transfer the files,
and then closes the connection.
Characteristics of FTP
Advantages of FTP
File sharing also comes in the category of advantages of FTP in this between two machines
files can be shared on the network.
Speed is one of the main benefits of FTP.
Since we don’t have to finish every operation to obtain the entire file, it is more efficient.
Using the username and password, we must log in to the FTP server. As a result, FTP
might be considered more secure.
We can move the files back and forth via FTP. Let’s say you are the firm manager and you
provide information to every employee, and they all reply on the same server.
Disadvantages of FTP
File size limit is the drawback of FTP only 2 GB size files can be transferred.
More then one receivers are not supported by FTP.
FTP does not encrypt the data this is one of the biggest drawbacks of FTP.
FTP is unsecured we use login IDs and passwords making it secure but they can be
attacked by hackers.
SMTP is an application layer protocol. The client who wants to send the mail opens
a TCP connection to the SMTP server and then sends the mail across the connection. The
SMTP server is an always-on listening mode. As soon as it listens for a TCP connection
from any client, the SMTP process initiates a connection through port 25. After
successfully establishing a TCP connection the client process sends the mail instantly.
SMTP Protocol
1. End-to-End Model:
The end-to-end model is used to communicate between different organizations whereas the
store and forward method is used within an organization. An SMTP client who wants to send
the mail will contact the destination’s host SMTP directly, to send the mail to the destination.
The SMTP server will keep the mail to itself until it is successfully copied to the receiver’s
SMTP.
The client SMTP is the one that initiates the session so let us call it the client-SMTP and the
server SMTP is the one that responds to the session request so let us call it receiver-SMTP.
The client-SMTP will start the session and the receiver SMTP will respond to the request.
In the SMTP model user deals with the user agent (UA), for example, Microsoft Outlook,
Netscape, Mozilla, etc. To exchange the mail using TCP, MTA is used. The user sending the
mail doesn’t have to deal with MTA as it is the responsibility of the system admin to set up a
local MTA. The MTA maintains a small queue of mail so that it can schedule repeat delivery
of mail in case the receiver is not available. The MTA delivers the mail to the mailboxes and
the information can later be downloaded by the user agents.
SMTP Model
Components of SMTP
Mail User Agent (MUA): It is a computer application that helps you in sending and
retrieving mail. It is responsible for creating email messages for transfer to the mail transfer
agent (MTA).
Mail Submission Agent (MSA): It is a computer program that receives mail from a Mail
User Agent (MUA) and interacts with the Mail Transfer Agent (MTA) for the transfer of
the mail.
Mail Transfer Agent (MTA): It is software that has the work to transfer mail from one
system to another with the help of SMTP.
Mail Delivery Agent (MDA): A mail Delivery agent or Local Delivery Agent is basically
a system that helps in the delivery of mail to the local system.
Working of SMTP
Below mentioned are the steps of the working of SMTP [Simple Mail Transfer Protocol].
Communication between the sender and the receiver: The sender’s user agent prepares
the message and sends it to the MTA. The MTA’s responsibility is to transfer the mail
across the network to the receiver’s MTA. To send mail, a system must have a client MTA,
and to receive mail, a system must have a server MTA.
Sending Emails: Mail is sent by a series of request and response messages between
the client and the server. The message which is sent across consists of a header and a
body. A null line is used to terminate the mail header and everything after the null line is
considered the body of the message, which is a sequence of ASCII characters. The message
body contains the actual information read by the receipt.
Receiving Emails: The user agent on the server-side checks the mailboxes at a particular
time of intervals. If any information is received, it informs the user about the mail. When
the user tries to read the mail it displays a list of emails with a short description of each
mail in the mailbox. By selecting any of the mail users can view its contents on the
terminal.
Working of SMTP
Multipurpose Internet Mail Extension (MIME) is a standard that was proposed by Bell
Communications in 1991 in order to expand the limited capabilities of email.
MIME is a kind of add-on or a supplementary protocol that allows non-ASCII data to be
sent through SMTP. It allows the users to exchange different kinds of data files on the
Internet: audio, video, images, application programs as well.
Growing demand for Email Messages as people also want to express themselves in terms of
Multimedia. So, MIME another email application is introduced as it is not restricted to textual
data.
MIME transforms non-ASCII data at the sender side to NVT 7-bit data and delivers it to the
client SMTP. The message on the receiver side is transferred back to the original data. As well
as we can send video and audio data using MIME as it transfers them also in 7-bit ASCII data.
Working of MIME:
Suppose a user wants to send an email through a user agent and it is in a non-ASCII format so
there is a MIME protocol that converts it into 7-bit NVT ASCII format. The message is
transferred through the e-mail system to the other side in the 7-bit format now MIME protocol
again converts it back into non-ASCII code and now the user agent of the receiver side reads it
and then information is finally read by the receiver. MIME header is basically inserted at the
beginning of any e-mail transfer.
SMTP transfers the mail being a message transfer agent from the sender’s side to the mailbox
of the receiver side and stores it and MIME header is added to the original header and provides
additional information. while POP being the message access agent organizes the mails from the
mail server to the receiver’s computer. POP allows the user agent to connect with the message
transfer agent.
Features of MIME
What is IMAP
Internet Message Access Protocol (IMAP) is an application layer protocol that operates
as a contract for receiving emails from the mail server. It was designed by Mark Crispin in
1986 as a remote access mailbox protocol; the current version of IMAP is IMAP4. It is
used as the most commonly used protocol for retrieving emails. This term is also known as
Internet mail access protocol, Interactive mail access protocol, and Interim mail access
protocol. IMAP retrieves all of your recent messages from your email provider by getting
in touch with it. They are removed from the email service as soon as you download them to
your Mac or PC. This implies that the email can only be viewed on the same computer after
it has been downloaded. You won’t be able to access the previously downloaded messages
if you attempt to access your email on a different device.
Working of IMAP
IMAP follows Client-server Architecture and is the most commonly used email protocol. It
is a combination of client and server process running on other computers that are connected
through a network. This protocol resides over the TCP/IP protocol for communication.
Once the communication is set up the server listens on port 143 by default which is non-
encrypted. For the secure encrypted communication port, 993 is used.
Architecture of IMAP
The Internet Message Access Protocol (IMAP) protocol is a client-server model that allows
users to access and view email messages stored on remote servers Here is a summary of the
events:
IMAP
IMAP clients: An IMAP client is an email application or software that users use to
communicate with their email accounts. Examples include Microsoft Outlook, Mozilla
Thunderbird, Apple Mail, and mobile email applications. The client communicates with the
IMAP server to receive, manage, and send email messages.
IMAP Server: The IMAP server manages email messages and manages user mailboxes. It
responds to requests from IMAP clients, and provides access to email folders and
messages. The server stores emails in a structured format, usually organized in user-defined
folders or mailboxes. Common IMAP server software includes Dovecot, Courier IMAP,
Cyrus IMAP, and Microsoft Exchange Server.
Network Protocols: IMAP works over TCP/IP (Transmission Control Protocol/Internet
Protocol) networks, and allows an IMAP client to connect to an IMAP server over the
Internet or local area networks. IMAP typically uses TCP port 143 for unencrypted
connections and TCP port 993 for encrypted connections using SSL/TLS (IMAPS).
Advantages
Disadvantages
IMAP is complex to maintain.
Emails of the user are only available when there is an internet connection.
It is slower to load messages.
Some emails don’t support IMAP which makes it difficult to manage.
It is an application layer protocol for message exchange between clients and servers. It is
required for the functioning of the Internet.
Every host is identified by the IP address but remembering numbers is very difficult for people
also the IP addresses are not static therefore a mapping is required to change the domain name
to the IP address. So DNS is used to convert the domain name of the websites to their
numerical IP address.
Types of Domain:
Organization of Domain:
It is very difficult to find out the IP address associated with a website because there are
millions of websites and with all those websites we should be able to generate the IP address
immediately, there should not be a lot of delays for that to happen organization of the database
is very important.
Name-to-Address Resolution
The host requests the DNS name server to resolve the domain name. And the name server
returns the IP address corresponding to that domain name to the host so that the host can future
connect to that IP address.
Name-to-Address Resolution
Hierarchy of Name Servers Root name servers: It is contacted by name servers that can
not resolve the name. It contacts the authoritative name server if name mapping is not
known. It then gets the mapping and returns the IP address to the host.
Top-level domain (TLD) server: It is responsible for com, org, edu, etc, and all top-level
country domains like uk, fr, ca, in, etc. They have info about authoritative domain servers
and know the names and IP addresses of each authoritative name server for the second-
level domains.
Authoritative name servers are the organization’s DNS servers, providing authoritative
hostnames to IP mapping for organization servers. It can be maintained by an organization
or service provider. In order to reach cse.dtu.in we have to ask the root DNS server, then it
will point out to the top-level domain server and then to the authoritative domain name
server which actually contains the IP address. So the authoritative domain server will return
the associative IP address.
How Does DNS Work?
The working of DNS starts with converting a hostname into an IP Address. A domain name
serves as a distinctive identification for a website. It is used in place of an IP address to make it
simpler for consumers to visit websites. Domain Name System works by executing the
database whose work is to store the name of hosts which are available on the Internet. The top-
level domain server stores address information for top-level domains such as .com and .net,
.org, and so on. If the Client sends the request, then the DNS resolver sends a request to DNS
Server to fetch the IP Address. In case, when it does not contain that particular IP Address with
a hostname, it forwards the request to another DNS Server. When IP Address has arrived at the
resolver, it completes the request over Internet Protocol.
Components of SNMP:
There are mainly three components of SNMP:
1. SNMP Manager
It is a centralized system used to monitor the network. It is also known as a Network
Management Station (NMS). A router that runs the SNMP server program is called an
agent, while a host that runs the SNMP client program is called a manager.
2. SNMP agent :
It is a software management software module installed on a managed device. The manager
accesses the values stored in the database, whereas the agent maintains the information in
the database. To ascertain if the router is congested or not, for instance, a manager can
examine the relevant variables that a router stores, such as the quantity of packets received
and transmitted.
GetRequest : It is simply used to retrieve data from SNMP agents. In response to this, the
SNMP agent responds with the requested value through a response message.
GetNextRequest : To get the value of a variable, the manager sends the agent the
GetNextRequest message. The values of the entries in a table are retrieved using this kind
of communication. The manager won’t be able to access the values if it doesn’t know the
entries’ indices. The GetNextRequest message is used to define an object in certain
circumstances.
SetRequest : It is used by the SNMP manager to set the value of an object instance on the
SNMP agent.
Response : When sent in response to the Set message, it will contain the newly set value as
confirmation that the value has been set.
Trap : These are the message sent by the agent without being requested by the manager. It
is sent when a fault has occurred.
InformRequest : It was added to SNMPv2c and is used to determine if the manager has
received the trap message or not. It is the same as a trap but adds an acknowledgement that
the trap doesn’t provide.
The type of security algorithm applied to SNMP packets is defined by it. These are used in
only SNMPv3. There are 3 security levels namely:
1. noAuthNoPriv –
This (no authentication, no privacy) security level uses a community string for
authentication and no encryption for privacy.
2. authNopriv – This security level (authentication, no privacy) uses HMAC with Md5 for
authentication and no encryption is used for privacy.
3. authPriv – This security level (authentication, privacy) uses HMAC with Md5 or SHA for
authentication and encryption uses the DES-56 algorithm.
Advantages of SNMP
1. It is simple to implement.
2. Agents are widely implemented.
3. Agent level overhead is minimal.
4. It is robust and extensible.
5. Polling approach is good for LAN based managed object.
6. It offers the best direct manager agent interface.
7. SNMP meet a critical need.
SSH Protocol
The SSH(Secure Shell) is an access credential that is used in the SSH Protocol. In other
words, it is a cryptographic network protocol that is used for transferring encrypted data
over the network. The port number of SSH is 22(Twenty-Two). It allows you to connect to
a server, or multiple servers, without having to remember or enter your password for each
system that is to log remotely from one system to another.
To provide security between a client and a server the SSH protocol uses encryption. All
user authentication and file transfers are encrypted to protect the network against attacks.
The SSH protocol protects the network from various attacks such as DNS spoofing, IP source
routing, and IP spoofing.
The SSH protocol works in a client-server model, which means it connects a secure shell client
application (End where the session is displayed) with the SSH server (End where session
executes
The basic use of SSH is to connect a remote system for a terminal session and to do this,
following command is used:
ssh UserName@SSHserver.test.com
The above command enables the client to connect to the server, named server.test.com, using the
ID UserName.
If we are connecting for the first time, it will prompt the remote host's public key fingerprint and
ask to connect. The below message will be prompt:
The authenticity of host 'sample.ssh.com' cannot be established.
DSA key fingerprint is 01:23:45:67:89:ab:cd:ef:ff:fe:dc:ba:98:76:54:32:10.
Are you sure you want to continue connecting (yes/no)?
To continue the session, we need to click yes, else no. If we click yes, then the host key will be
stored in the known_hosts file of the local system. The key is contained within the hidden file by
default, which is /.ssh/known_hosts in the home directory. Once the host key is stored in this
hidden file, there is no need for further approval as the host key will automatically authenticate
the connection.
Symmetric Cryptography
Asymmetric Cryptography: In Asymmetric key cryptography the key used for encrypting
is different from the key used for decrypting the message. For ex: RSA (Rivest–Shamir–
Adleman) and Digital Signature Algorithm.
Asymmetric Cryptography
Hashing: Hashing is a procedure used in cryptography which convert variable length string
to a fixed length string, this fixed length value is called hash value which is generated by
hash function.
……………………………………………………………………………………………………