What is Transport Layer?

The Transport Layer is responsible for end-to-end delivery. Whereas the network layer is
concerned with the end - to- end delivery of individual packets.

 This layer treats each packet independently because each packet belongs to a different
message.
 The transport layer ensures that each message should reach its destination completely
and in order.
 The transport layer establishes a connection between two end ports. A connection is a
single logical path from source to destination which is associated with all the packets in a
message.
 Transport Layer uses some standard protocols to enhance its functionalities are
TCP(Transmission Control Protocol), UDP( User Datagram Protocol), DCCP( Datagram
Congestion Control Protocol), etc.

Design Issues with Transport Layer

The following are the design issues with transport layer:

 Efficient delivery of data with proper correction.

 Managing error control and flow control.
 Obtaining data from the Session layer, divide it into segments and transmit to the
network layer.

Functions of the transport layer

Some functions of the transport layer are as follows:

1. Service-point addressing

 Computers often run many programs at the same time. Due to this, source-to-destination
delivery means delivery from a specific job (currently running program) on one computer
to a specific job (currently running program) on the other system.
 For this reason, the transport layer added a specific type of address to its header, it is
referred to as a service point address or port address.
 By this address each packet reaches the correct computer and also the transport
layer gets the complete message to the correct process on that computer.

2. Segmentation and Reassembly

 In segmentation, a message is divided into transmittable segments; each segment
containing a sequence number. This number enables this layer to reassemble the message.
  Upon arriving at its destination system message is reassembled correctly, identify and
replaces packets that were lost in transmission.

3. Connection Control:

It can be either of two types:

1. Connectionless Transport Layer

2. Connection Oriented Transport Layer

3.1. Connectionless Transport Layer

 This Transport Layer treats each packet as an individual and delivers it to the destination
machine.
 In this type of transmission, the receiver does not send an acknowledgment to the
sender about the receipt of a packet.
 This is a faster communication technique.

3.2. Connection Oriented Transport Layer

 This Transport Layer creates a connection with the Transport Layer at the destination
machine before transmitting the packets to the destination.
 To Create a connection following three steps are possible:

1. Connection establishment
2. Data transfer
3. Connection termination

When all the data are transmitted connection is terminated. Connectionless Service is less
reliable than connection Oriented Service.

4. Multiplexing and De-multiplexing

 Multiple packets from diverse applications are transmitted across a network needs very
dedicated control mechanisms, which are found in the transport layer.
 The transport layer accepts packets from different processes. These packets are
differentiated by their port numbers and pass them to the network layer after adding
proper headers.
 In De-multiplexing, at the receiver's side to obtain the data coming from various
processes. It receives the segments of data from the network layer and delivers it to the
appropriate process running on the receiver's machine.
5. Flow control
 The transport layer also responsible for the flow control mechanism between the adjacent
layers of the TCP/IP model.
 It does not perform across a single link even it performs an end-to-end node.
 By imposing flow control techniques data loss can be prevented from the cause of the
sender and slow receiver.
 For instance, it uses the method of sliding window protocol in this method receiver sends
a window back to the sender to inform the size of the data is received.

6. Error Control
 Error Control is also performed end to end like the data link layer.
 In this layer to ensure that the entire message arrives at the receiving transport layer
without any error(damage, loss or duplication). Error Correction is achieved through
retransmission of the packet.
 The data has arrived or not and checks for the integrity of data, it uses the ACK and
NACK services to inform the sender.

UDP Protocol:

 The User Datagram Protocol (UDP) is simplest Transport Layer communication protocol
available of the TCP/IP protocol suite.
 It involves minimum amount of communication mechanism.
 UDP is said to be an unreliable transport protocol but it uses IP services which provides
best effort delivery mechanism.
 In UDP, the receiver does not generate an acknowledgement of packet received and in
turn, the sender does not wait for any acknowledgement of packet sent. This shortcoming
makes this protocol unreliable as well as easier on processing.

UDP Header

 UDP header is an 8-byte fixed and simple header, while for TCP it may vary from 20 bytes
to 60 bytes.
 The first 8 Bytes contain all necessary header information and the remaining part consists
of data.
 UDP port number fields are each 16 bits long, therefore the range for port numbers is
defined from 0 to 65535; port number 0 is reserved. Port numbers help to distinguish
different user requests or processes.
UDP header contains four main parameters:

 Source Port: This 16 bits information is used to identify the source port of the packet.
 Destination Port: This 16 bits information, is used identify application level service on
destination machine.
 Length - Length field specifies the entire length of UDP packet (including header). It is
16-bits field and minimum value is 8-byte, i.e. the size of UDP header itself.
 Checksum - This field stores the checksum value generated by the sender before
sending. IPv4 has this field as optional so when checksum field does not contain any
value it is made 0 and all its bits are set to zero.

What is Casting

 Casting in computer networks means transmitting data (stream of packets) over a network.
 Following are the different types of casting used in networking –
1. Unicast transmission
2. Broadcast transmission
3. Multicast transmission

1.Unicast Transmission (One-to-One):

 In Unicast transmission, the data is transferred from a single sender (or a single source host)
to a single receiver (or a single destination host).
 The network switches hear the MAC addresses of the devices on the networks to which
they are connected. They can then forward packets only onto those networks containing
devices with the connected MAC addresses.

Example:
In the following figure, Host A sends the IP address 11.1.2.2 data to the Host B, IP address
20.12.4.3.
  Source Address = IP address of host A is 11.1.2.2
 Destination Address = IP address of host B is 20.12.4.3

2.Broadcast Transmission (One-to-All):

 In Broadcast transmission, the data is transmitted from one or more senders to all the
receivers within the same network or in other networks.
 This type of transmission is useful in network management packets such as ARP (Address
Resolution Protocol) and RIP (Routing Information Protocol) where all the devices must see
the data.
 There are two types of broadcast transmission:
1. Directed Broadcast, and
2. Limited Broadcast

Directed Broadcast
 Directed Broadcast transmits data from one source host to all the other hosts that exist in
some other network.
Limited Broadcast
In Limited Broadcast, the data is transmitted from a single source host to all the other hosts
residing in the same network.

3.Multicast Transmission (One-to-Many):

 When the data is transmitted from a single source host to a specific group of hosts having
the interest to receive the data, it is known as multicast transmission.
 Multicast can be more efficient than unicast when different groups of receivers need to see
the same data.

Example: Multicast is the technique used in Internet streaming of video or audio

teleconference, sending an email to a particular group of people, etc.

Difference between Unicast, Broadcast and Multicast

Feature Unicast Broadcast Multicast

Transmission Data is sent to a single Data is sent to all Data is sent to a group of
recipient recipients in a network recipients
Addressing Uses a unique Uses a special Uses a special multicast
 destination address broadcast address address
Delivery Guaranteed delivery Not all devices may be Not all devices may be
interested in the data interested in the data
Network Generates the least Generates the most Generates moderate
Traffic amount of network amount of network network traffic
traffic traffic
Security More secure because Less secure because Moderately secure because
data is sent to a data is sent to all data is sent to a specific
specific recipient devices in the network group of devices
Bandwidth Moderate High Moderate
usage
Latency Low High Moderate
Examples Email, file transfer DHCP requests, ARP Video streaming, Online
requests gaming

What is Transmission Control Protocol (TCP)

 The position of TCP is at the transport layer of the OSI model.
 Transmission Control Protocol is a connection-oriented protocol.
 TCP also helps in ensuring that information is transmitted accurately by establishing a
virtual connection between the sender and receiver.

TCP-Connection Management

TCP is a connection-oriented protocol and every connection-oriented protocol needs to

establish a connection in order to reserve resources at both the communicating ends.
Connection Establishment:

1. Sender starts the process with the following:

 Sequence number (Seq=521): Contains the random initial sequence number generated
at the sender side.
 Syn flag (Syn=1): Request the receiver to synchronize its sequence number with the
above-provided sequence number.
 Maximum segment size (MSS=1460 B): sender tells its maximum segment size, so that
receiver sends datagram which won’t require any fragmentation. MSS field is present
inside Option field in TCP header.
 Window size (window=14600 B): sender tells about his buffer capacity in which he has to
store messages from the receiver.

2. TCP is a full-duplex protocol so both sender and receiver require a window for receiving
messages from one another.
 Sequence number (Seq=2000): contains the random initial sequence number generated
at the receiver side.
 Syn flag (Syn=1): Request the sender to synchronize its sequence number with the above-
provided sequence number.
 Maximum segment size (MSS=500 B): receiver tells its maximum segment size, so that
sender sends datagram which won’t require any fragmentation. MSS field is present
inside Option field in TCP header.

Since MSSreceiver < MSSsender, both parties agree for minimum MSS i.e., 500 B to avoid
fragmentation of packets at both ends.

 Window size (window=10000 B): receiver tells about his buffer capacity in which he has
to store messages from the sender.
 Acknowledgement Number (Ack no.=522): Since sequence number 521 is received by
the receiver so, it makes a request for the next sequence number with Ack no.=522 which is
the next packet expected by the receiver since Syn flag consumes 1 sequence no.
 ACK flag (ACk=1): tells that the acknowledgement number field contains the next
sequence expected by the receiver.

3. Sender makes the final reply for connection establishment in the following way:
 Sequence number (Seq=522): since sequence number = 521 in 1 st step and SYN flag
consumes one sequence number hence, the next sequence number will be 522.
 Acknowledgement Number (Ack no.=2001): since the sender is acknowledging SYN=1
packet from the receiver with sequence number 2000 so, the next sequence number
expected is 2001.
 ACK flag (ACK=1): tells that the acknowledgement number field contains the next
sequence expected by the sender.
NOTE: Since the connection establishment phase of TCP makes use of 3 packets, it is also
known as 3-way Handshaking (SYN, SYN + ACK, ACK).

What is congestion?
A state occurring in network layer when the message traffic is so heavy that, it slows down
network response time.

Effects of Congestion
 As delay increases, performance decreases.
 If delay increases, retransmission occurs, making situation worse.

TCP Congestion Control

 TCP congestion control is a method used by the TCP protocol to manage data flow over a
network and prevent congestion.
 TCP uses a congestion window and congestion policy to avoids congestion.
 If the network cannot deliver the data as fast as it is created by the sender, it must tell the
sender to slow down. In other words, in addition to the receiver, the network is a second
entity that determines the size of the sender’s window
Congestion Policy in TCP

1. Slow Start Phase

2. Congestion Avoidance Phase
3. Congestion Detection Phase:
1.Slow Start Phase

Exponential increment: In this phase after every RTT the congestion window size increments
exponentially.
Example:- If the initial congestion window size is 1 segment, and the first segment is
successfully acknowledged, the congestion window size becomes 2 segments. If the next
transmission is also acknowledged, the congestion window size doubles to 4 segments. This
exponential growth continues as long as all segments are successfully acknowledged.

Initially cwnd = 1
After 1 RTT, cwnd = 2^(1) = 2
2 RTT, cwnd = 2^(2) = 4
3 RTT, cwnd = 2^(3) = 8

2.Congestion Avoidance Phase:

Additive increment: This phase starts after the threshold value also denoted as ssthresh. The
size of cwnd(congestion window) increases additive. After each RTT cwnd = cwnd + 1.

Example:- if the congestion window size is 20 segments and all 20 segments are successfully
acknowledged within an RTT, the congestion window size would be increased to 21 segments in
the next RTT. If all 21 segments are again successfully acknowledged, the congestion window
size would be increased to 22 segments, and so on.

Initially cwnd = i
After 1 RTT, cwnd = i+1
2 RTT, cwnd = i+2
3 RTT, cwnd = i+3

3.Congestion Detection Phase

Multiplicative decrement: If congestion occurs, the congestion window size is decreased. The
only way a sender can guess that congestion has happened is the need to retransmit a segment.
Retransmission is needed to recover a missing packet that is assumed to have been dropped by a
router due to congestion. Retransmission can occur in one of two cases: when the RTO timer
times out or when three duplicate ACKs are received.

Case 1: Retransmission due to Timeout: In this case, the congestion possibility is high.

(a) ssthresh is reduced to half of the current window size.

(b) set cwnd = 1
(c) start with the slow start phase again.
Case 2: Retransmission due to 3 Acknowledgement Duplicates: The congestion possibility is
less.
(a) ssthresh value reduces to half of the current window size.
(b) set cwnd= ssthresh
(c) start with congestion avoidance phase
Example
Assume a TCP protocol experiencing the behavior of slow start. At the 5th transmission round
with a threshold (ssthresh) value of 32 goes into the congestion avoidance phase and continues
till the 10th transmission. At the 10th transmission round, 3 duplicate ACKs are received by the
receiver and entered into additive increase mode. Timeout occurs at the 16th transmission round.
Plot the transmission round (time) vs congestion window size of TCP segments.

TCP Header Format

 Source port: It defines the port of the application, which is sending the data. So, this field
contains the source port address, which is 16 bits.
 Destination port: It defines the port of the application on the receiving side. So, this field
contains the destination port address, which is 16 bits.
 Sequence number: This field contains the sequence number of data bytes in a particular
session.
 Acknowledgment number: When the ACK flag is set, then this contains the next sequence
number of the data byte and works as an acknowledgment for the previous data received. For
example, if the receiver receives the segment number 'x', then it responds 'x+1' as an
acknowledgment number.
 HLEN: It specifies the length of the header indicated by the 4-byte words in the header.
 Reserved: It is a 4-bit field reserved for future use, and by default, all are set to zero.
 Flags
There are six control bits or flags:
1. URG: It represents an urgent pointer. If it is set, then the data is processed
urgently.
2. ACK: If the ACK is set to 0, then it means that the data packet does not contain an
acknowledgment.
3. PSH: If this field is set, then it requests the receiving device to push the data to the
receiving application without buffering it.
4. RST: If it is set, then it requests to restart a connection.
5. SYN: It is used to establish a connection between the hosts.
6. FIN: It is used to release a connection, and no further data exchange will happen.
 Window size
 It is a 16-bit field.
 It contains the size of data that the receiver can accept. This field is used for the flow
control between the sender and receiver and also determines the amount of buffer
allocated by the receiver for a segment. The value of this field is determined by the
receiver.
 Checksum
It is a 16-bit field. This field is optional in UDP, but in the case of TCP/IP, this field is
mandatory.
 Urgent pointer
 It is a pointer that points to the urgent data byte if the URG flag is set to 1. It defines a
value that will be added to the sequence number to get the sequence number of the last urgent
byte.
 Options
It provides additional options. The optional field is represented in 32-bits. If this field
contains the data less than 32-bit, then padding is required to obtain the remaining bits

TCP Timers
 TCP uses several timers to ensure that excessive delays are not encountered during
communications. Several of these timers are elegant, handling problems that are not
immediately obvious at first analysis. Each of the timers used by TCP is examined in the
following sections, which reveal its role in ensuring data is properly sent from one
connection to another.
TCP uses four timers –

1. Retransmission Timer:
 To retransmit lost segments, TCP uses retransmission timeout (RTO). When TCP sends a
segment the timer starts and stops when the acknowledgment is received. If the timer
expires timeout occurs and the segment is retransmitted. RTO (retransmission timeout is
for 1 RTT) to calculate retransmission timeout we first need to calculate the RTT(round
trip time).

RTT three types –

 Measured RTT(RTTm) – The measured round-trip time for a segment is the time required
for the segment to reach the destination and be acknowledged, although the
acknowledgement may include other segments.
 Smoothed RTT(RTTs) – It is the weighted average of RTTm. RTTm is likely to change
and its fluctuation is so high that a single measurement cannot be used to calculate RTO.

2.Deviated RTT(RTTd):

 Most implementations do not use RTTs alone so RTT deviated is also calculated to find out
RTO.

3.Persistent Timer:
 To deal with a zero-window-size deadlock situation, TCP uses a persistence timer. When
the sending TCP receives an acknowledgment with a window size of zero, it starts a
persistence timer. When the persistence timer goes off, the sending TCP sends a special
segment called a probe. This segment contains only 1 byte of new data. It has a sequence
number, but its sequence number is never acknowledged; it is even ignored in calculating
 the sequence number for the rest of the data. The probe causes the receiving TCP to resend
the acknowledgment which was lost.
4.Keep Alive Timer:
 A keepalive timer is used to prevent a long idle connection between two TCPs. If a client
opens a TCP connection to a server transfers some data and becomes silent the client will
crash. In this case, the connection remains open forever. So a keepalive timer is used. Each
time the server hears from a client, it resets this timer. The time-out is usually 2 hours. If
the server does not hear from the client after 2 hours, it sends a probe segment. If there is
no response after 10 probes, each of which is 75 s apart, it assumes that the client is down
and terminates the connection.
5.Time Wait Timer:
 This timer is used during tcp connection termination. The timer starts after sending the last
Ack for 2nd FIN and closing the connection

Application Layer Protocol:

1.World Wide Web

The World Wide Web or Web is basically a collection of information that is linked together from
points all over the world. It is also abbreviated as WWW.
 World wide web provides flexibility, portability, and user-friendly features.
 It mainly consists of a worldwide collection of electronic documents (i.e, Web Pages).
 It is basically a way of exchanging information between computers on the Internet.
 The WWW is mainly the network of pages consists of images, text, and sounds on the
Internet which can be simply viewed on the browser by using the browser software.
 It was invented by Tim Berners-Lee.

Architecture of WWW:
The WWW is mainly a distributed client/server service where a client using the browser can
access the service using a server. The Service that is provided is distributed over many different
locations commonly known as sites/websites.

 Each website holds one or more documents that are generally referred to as web pages.
 Where each web page contains a link to other pages on the same site or at other sites.
 These pages can be retrieved and viewed by using browsers.
In the above case, the client sends some information that belongs to site A. It generally sends a
request through its browser and also the request generally contains other information like the
address of the site, web page (URL).

The server at site A finds the document then sends it to the client. after that when the user or say
the client finds the reference to another document that includes the web page at site B.

The reference generally contains the URL of site B. And the client is interested to take a look at
this document too. Then after the client sends the request to the new site and then the new page is
retrieved.

Components of WWW:

1.Client/Browser

The Client/Web browser is basically a program that is used to communicate with the webserver
on the Internet.

 Each browser mainly comprises of three components and these are:

1. Controller
2. Interpreter
3. Client Protocols

 The Controller mainly receives the input from the input device, after that it uses the client
programs in order to access the documents.
  After accessing the document, the controller makes use of an interpreter in order to
display the document on the screen.
 An interpreter can be Java, HTML, javascript mainly depending upon the type of the
document.
 The Client protocol can be FTP, HTTP, TELNET.

2.Server
The Computer that is mainly available for the network resources and in order to provide services
to the other computer upon request is generally known as the server.
 The Web pages are mainly stored on the server.
 Whenever the request of the client arrives then the corresponding document is sent to the
client.
 The connection between the client and the server is TCP.
 It can become more efficient through multithreading or multiprocessing. Because in this
case, the server can answer more than one request at a time.

3.URL
URL is an abbreviation of the Uniform resource locator.

 It is basically a standard used for specifying any kind of information on the Internet.
 In order to access any page the client generally needs an address.
 To facilitate the access of the documents throughout the world HTTP generally makes
use of Locators.

URL mainly defines the four things:

 Protocol
It is a client/server program that is mainly used to retrieve the document. A commonly
used protocol is HTTP.
  Host Computer
It is the computer on which the information is located. It is not mandatory because it is
the name given to any computer that hosts the web page.
 Port
The URL can optionally contain the port number of the server. If the port number is
included then it is generally inserted in between the host and path and is generally
separated from the host by the colon.
 Path
It indicates the pathname of the file where the information is located.

4.HTML
HTML is an abbreviation of Hypertext Markup Language.
 It is generally used for creating web pages.
 It is mainly used to define the contents, structure, and organization of the web page.

5.XML
XML is an abbreviation of Extensible Markup Language. It mainly helps in order to define the
common syntax in the semantic web.

Features of WWW
Some of the features are:
 Provides a system for Hypertext information
 Open standards and Open source
 Distributed.
 Mainly makes the use of Web Browser in order to provide a single interface for many
services.
 Dynamic
 Interactive
 Cross-Platform

2.HTTP (HyperText Transfer Protocol)

 The protocol used to transfer hypertext between two computers is known as HyperText
Transfer Protocol.
 HTTP provides a standard between a web browser and a web server to establish
communication. It is a set of rules for transferring data from one computer to another. Data
such as text, images, and other multimedia files are shared on the World Wide Web.
 Whenever a web user opens their web browser, the user indirectly uses HTTP. It is an
application protocol that is used for distributed, collaborative, hypermedia information
systems.

Working of HTTP:
 When we want to open any website, first open a web browser after that we will type the
URL of that website (e.g., www.facebook.com ). This URL is now sent to the Domain
Name Server (DNS). Then DNS first check records for this URL in their database, then
DNS will return the IP address to the web browser corresponding to this URL. Now the
browser is able to send requests to the actual server.
 After the server sends data to the client, the connection will be closed. If we want
something else from the server we should have to re-establish the connection between the
client and the server.

HTTP Response

HTTP Request
HTTP request is simply termed as the information or data that is needed by Internet browsers
for loading a website. This is simply known as HTTP Request.
There is some common information that is generally present in all HTTP requests. These are
mentioned below.
 HTTP Version
 URL
 HTTP Method
 HTTP Request Headers
 HTTP Body
HTTP Request Headers
HTTP Request Headers generally store information in the form of key-value and must be
present in each HTTP Request. The use of this Request Header is to provide core information
about the client’s information, etc.
HTTP Request Body
HTTP Request Body simply contains the information that has to be transferred. HTTP Request
has the information or data to be sent to these browsers.
HTTP Method:
HTTP Methods are simply HTTP Verb. In spite of being present so many HTTP Methods, the
most common HTTP Methods are HTTP GET and HTTP POST. These two are generally used
in HTTP cases. In HTTP GET, the information is received in the form of a website.

HTTP Response:
HTTP Response is simply the answer to what a Server gets when the request is raised. There
are various things contained in HTTP Response, some of them are listed below.
 HTTP Status Code
 HTTP Headers
 HTTP Body

HTTP Response
HTTP Response Headers:
HTTP Response headers are simply like an HTTP Request where it has that work to send some
important files and data to the HTTP Response Body.
HTTP Response Body:
HTTP Responses are the responses that are received successfully upon the request. Generally,
it comes under the requests generated by the web. In most cases, the request is of transferring
the HTML data into a webpage.
Characteristics of HTTP
HTTP is IP based communication protocol that is used to deliver data from server to client or
vice-versa.
 The server processes a request, which is raised by the client, and also server and client
know each other only during the current bid and response period.
 Any type of content can be exchanged as long as the server and client are compatible with
it.
 Once data is exchanged, servers and clients are no longer connected.
 It is a request and response protocol based on client and server requirements.
 It is a connection-less protocol because after the connection is closed, the server does not
remember anything about the client and the client does not remember anything about the
server.
 It is a stateless protocol because both client and server do not expect anything from each
other but they are still able to communicate.

File transfer protocol

 FTP stands for File transfer protocol.
 FTP is a standard internet protocol provided by TCP/IP used for transmitting the files
from one host to another.
 It is mainly used for transferring the web page files from their creator to the computer
that acts as a server for other computers on the internet.
 It is also used for downloading the files to computer from other servers.

How Does FTP Work?

FTP is a client server protocol that has two communication channel, command channel for
conversation control and data channel for file content.
Here are steps mentioned in which FTP works:
 A user has to log in to FTP Server first, there may be some servers where you can
access to content without login, known as anonymous FTP.
 Client can start a conversation with server, upon requesting to download a file.
 The user can start different functions like upload, delete, rename, copy files, etc. on
server.
Types of Connection in FTP
1. Control Connection
2. Data Connection

Control Connection
 For sending control information like user identification, password, commands to change the
remote directory, commands to retrieve and store files, etc., FTP makes use of a control
connection. The control connection is initiated on port number 21.

Data connection
 For sending the actual file, FTP makes use of a data connection. A data connection is
initiated on port number 20.
 FTP sends the control information out-of-band as it uses a separate control connection.
Some protocols send their request and response header lines and the data in the same TCP
connection. For this reason, they are said to send their control information in-band. HTTP
and SMTP are such examples.

FTP Session

 When an FTP session is started between a client and a server, the client initiates a
control TCP connection with the server side. The client sends control information over this.
When the server receives this, it initiates a data connection to the client side. But the
control connection remains active throughout the user session. As we know HTTP is
stateless . But FTP needs to maintain a state about its user throughout the session.

FTP Clients

 FTP works on a client-server model. The FTP client is a program that runs on the user’s
computer to enable the user to talk to and get files from remote computers. It is a set of
 commands that establishes the connection between two hosts, helps to transfer the files,
and then closes the connection.

Characteristics of FTP

 FTP uses TCP as a transport layer protocol.

 It is good for simple file transfers, such as during boot time.
 Errors in the transmission (lost packets, checksum errors) must be handled by the TFTP
server.
 It uses only one connection through well-known port 69.
 TFTP uses a simple lock-step protocol (each data packet needs to be acknowledged). Thus
the throughput is limited.

Advantages of FTP

 File sharing also comes in the category of advantages of FTP in this between two machines
files can be shared on the network.
 Speed is one of the main benefits of FTP.
 Since we don’t have to finish every operation to obtain the entire file, it is more efficient.
 Using the username and password, we must log in to the FTP server. As a result, FTP
might be considered more secure.
 We can move the files back and forth via FTP. Let’s say you are the firm manager and you
provide information to every employee, and they all reply on the same server.
Disadvantages of FTP

 File size limit is the drawback of FTP only 2 GB size files can be transferred.
 More then one receivers are not supported by FTP.
 FTP does not encrypt the data this is one of the biggest drawbacks of FTP.
 FTP is unsecured we use login IDs and passwords making it secure but they can be
attacked by hackers.

Simple Mail Transfer Protocol (SMTP)

 Email is emerging as one of the most valuable services on the internet today. Most internet
systems use SMTP as a method to transfer mail from one user to another. SMTP is a push
protocol and is used to send the mail whereas POP (post office protocol) or IMAP
(internet message access protocol) is used to retrieve those emails at the receiver’s side.

 SMTP is an application layer protocol. The client who wants to send the mail opens
a TCP connection to the SMTP server and then sends the mail across the connection. The
SMTP server is an always-on listening mode. As soon as it listens for a TCP connection
 from any client, the SMTP process initiates a connection through port 25. After
successfully establishing a TCP connection the client process sends the mail instantly.

SMTP Protocol

The SMTP model is of two types:

1. End-to-End Method
2. Store-and-Forward Method

1. End-to-End Model:

The end-to-end model is used to communicate between different organizations whereas the
store and forward method is used within an organization. An SMTP client who wants to send
the mail will contact the destination’s host SMTP directly, to send the mail to the destination.
The SMTP server will keep the mail to itself until it is successfully copied to the receiver’s
SMTP.
The client SMTP is the one that initiates the session so let us call it the client-SMTP and the
server SMTP is the one that responds to the session request so let us call it receiver-SMTP.
The client-SMTP will start the session and the receiver SMTP will respond to the request.

2. Model of SMTP System

In the SMTP model user deals with the user agent (UA), for example, Microsoft Outlook,
Netscape, Mozilla, etc. To exchange the mail using TCP, MTA is used. The user sending the
mail doesn’t have to deal with MTA as it is the responsibility of the system admin to set up a
local MTA. The MTA maintains a small queue of mail so that it can schedule repeat delivery
of mail in case the receiver is not available. The MTA delivers the mail to the mailboxes and
the information can later be downloaded by the user agents.

SMTP Model
Components of SMTP

 Mail User Agent (MUA): It is a computer application that helps you in sending and
retrieving mail. It is responsible for creating email messages for transfer to the mail transfer
agent (MTA).
 Mail Submission Agent (MSA): It is a computer program that receives mail from a Mail
User Agent (MUA) and interacts with the Mail Transfer Agent (MTA) for the transfer of
the mail.
 Mail Transfer Agent (MTA): It is software that has the work to transfer mail from one
system to another with the help of SMTP.
 Mail Delivery Agent (MDA): A mail Delivery agent or Local Delivery Agent is basically
a system that helps in the delivery of mail to the local system.

Working of SMTP

Below mentioned are the steps of the working of SMTP [Simple Mail Transfer Protocol].
 Communication between the sender and the receiver: The sender’s user agent prepares
the message and sends it to the MTA. The MTA’s responsibility is to transfer the mail
across the network to the receiver’s MTA. To send mail, a system must have a client MTA,
and to receive mail, a system must have a server MTA.
 Sending Emails: Mail is sent by a series of request and response messages between
the client and the server. The message which is sent across consists of a header and a
body. A null line is used to terminate the mail header and everything after the null line is
considered the body of the message, which is a sequence of ASCII characters. The message
body contains the actual information read by the receipt.
 Receiving Emails: The user agent on the server-side checks the mailboxes at a particular
time of intervals. If any information is received, it informs the user about the mail. When
the user tries to read the mail it displays a list of emails with a short description of each
mail in the mailbox. By selecting any of the mail users can view its contents on the
terminal.
 Working of SMTP

Multipurpose Internet Mail Extension (MIME) Protocol

 Multipurpose Internet Mail Extension (MIME) is a standard that was proposed by Bell
Communications in 1991 in order to expand the limited capabilities of email.
MIME is a kind of add-on or a supplementary protocol that allows non-ASCII data to be
sent through SMTP. It allows the users to exchange different kinds of data files on the
Internet: audio, video, images, application programs as well.

Why do we need MIME?

Limitations of Simple Mail Transfer Protocol (SMTP):

1. SMTP has a very simple structure
2. Its simplicity however comes with a price as it only sends messages in NVT 7-bit ASCII
format.
3. It cannot be used for languages that do not support 7-bit ASCII format such as French,
German, Russian, Chinese and Japanese, etc. so it cannot be transmitted using SMTP. So,
in order to make SMTP more broad, we use MIME.
4. It cannot be used to send binary files or video or audio data.

Purpose and Functionality of MIME:

Growing demand for Email Messages as people also want to express themselves in terms of
Multimedia. So, MIME another email application is introduced as it is not restricted to textual
data.

MIME transforms non-ASCII data at the sender side to NVT 7-bit data and delivers it to the
client SMTP. The message on the receiver side is transferred back to the original data. As well
as we can send video and audio data using MIME as it transfers them also in 7-bit ASCII data.
Working of MIME:

Suppose a user wants to send an email through a user agent and it is in a non-ASCII format so
there is a MIME protocol that converts it into 7-bit NVT ASCII format. The message is
transferred through the e-mail system to the other side in the 7-bit format now MIME protocol
again converts it back into non-ASCII code and now the user agent of the receiver side reads it
and then information is finally read by the receiver. MIME header is basically inserted at the
beginning of any e-mail transfer.

MIME with SMTP and POP:

SMTP transfers the mail being a message transfer agent from the sender’s side to the mailbox
of the receiver side and stores it and MIME header is added to the original header and provides
additional information. while POP being the message access agent organizes the mails from the
mail server to the receiver’s computer. POP allows the user agent to connect with the message
transfer agent.

Features of MIME

1. It is able to send multiple attachments with a single message.

2. Unlimited message length.
3. Binary attachments (executable, images, audio, or video files) may be divided if needed.
4. MIME provided support for varying content types and multi-part messages.

What is IMAP
 Internet Message Access Protocol (IMAP) is an application layer protocol that operates
as a contract for receiving emails from the mail server. It was designed by Mark Crispin in
1986 as a remote access mailbox protocol; the current version of IMAP is IMAP4. It is
used as the most commonly used protocol for retrieving emails. This term is also known as
Internet mail access protocol, Interactive mail access protocol, and Interim mail access
protocol. IMAP retrieves all of your recent messages from your email provider by getting
in touch with it. They are removed from the email service as soon as you download them to
your Mac or PC. This implies that the email can only be viewed on the same computer after
it has been downloaded. You won’t be able to access the previously downloaded messages
if you attempt to access your email on a different device.

Working of IMAP
 IMAP follows Client-server Architecture and is the most commonly used email protocol. It
is a combination of client and server process running on other computers that are connected
through a network. This protocol resides over the TCP/IP protocol for communication.
 Once the communication is set up the server listens on port 143 by default which is non-
encrypted. For the secure encrypted communication port, 993 is used.

 Email client Gmail establishes a connection with Gmail’s SMTP server.

 By approving the sender’s and recipient’s email addresses, the SMTP server verifies
(authenticates) that the email can be sent.
 The email is sent to the Outlook SMTP server by Gmail’s SMTP server.
 The recipient’s email address is authenticated by the Outlook SMTP server.
 IMAP or POP3 is used by the Outlook SMTP server to deliver the email to the Outlook
email client.

Architecture of IMAP
The Internet Message Access Protocol (IMAP) protocol is a client-server model that allows
users to access and view email messages stored on remote servers Here is a summary of the
events:

IMAP

 IMAP clients: An IMAP client is an email application or software that users use to
communicate with their email accounts. Examples include Microsoft Outlook, Mozilla
 Thunderbird, Apple Mail, and mobile email applications. The client communicates with the
IMAP server to receive, manage, and send email messages.
 IMAP Server: The IMAP server manages email messages and manages user mailboxes. It
responds to requests from IMAP clients, and provides access to email folders and
messages. The server stores emails in a structured format, usually organized in user-defined
folders or mailboxes. Common IMAP server software includes Dovecot, Courier IMAP,
Cyrus IMAP, and Microsoft Exchange Server.
 Network Protocols: IMAP works over TCP/IP (Transmission Control Protocol/Internet
Protocol) networks, and allows an IMAP client to connect to an IMAP server over the
Internet or local area networks. IMAP typically uses TCP port 143 for unencrypted
connections and TCP port 993 for encrypted connections using SSL/TLS (IMAPS).
Advantages

 It offers synchronization across all the maintained sessions by the user.

 It provides security over POP3 protocol as the email only exists on the IMAP server.
 Users have remote access to all the contents.
 It offers easy migration between the devices as it is synchronized by a centralized server.
 There is no need to physically allocate any storage to save contents.

Disadvantages
 IMAP is complex to maintain.
 Emails of the user are only available when there is an internet connection.
 It is slower to load messages.
 Some emails don’t support IMAP which makes it difficult to manage.

Differences between IMAP and POP3

IMAP
Users can access their emails from any device.
The server stores emails; IMAP acts as an intermediary Once downloaded, emails are deleted
between the server and the client.
Emails are not accessible offline.
The bodies of emails are not downloaded until a user
clicks on them, but subject lines and sender names
populate quickly in the email client.
IMAP requires more server space because emails are
not automatically deleted from the server.
POP3
By default, emails can only be accessed
from the device they are downloaded
on.
from the server, unless otherwise
configured.
Emails are accessible offline but only
on the device they were downloaded on.
Emails are downloaded to the device by
default, so messages may take longer to
load.
POP3 conserves email server storage
because emails are automatically
deleted from the server.
Domain Name System (DNS)

It is an application layer protocol for message exchange between clients and servers. It is
required for the functioning of the Internet.

What is the Need of DNS?

Every host is identified by the IP address but remembering numbers is very difficult for people
also the IP addresses are not static therefore a mapping is required to change the domain name
to the IP address. So DNS is used to convert the domain name of the websites to their
numerical IP address.

Types of Domain:

There are various kinds of domain:

1. Generic domains: .com(commercial), .edu(educational), .mil(military), .org(nonprofit
organization), .net(similar to commercial) all these are generic domains.
2. Country domain: .in (India) .us .uk
3. Inverse domain: if we want to know what is the domain name of the website. Ip to domain
name mapping. So DNS can provide both the mapping for example to find the IP addresses
of geeksforgeeks.org then we have to type

Organization of Domain:

It is very difficult to find out the IP address associated with a website because there are
millions of websites and with all those websites we should be able to generate the IP address
immediately, there should not be a lot of delays for that to happen organization of the database
is very important.

Root DNS Server

 DNS record: Domain name, IP address what is the validity? what is the time to live? and
all the information related to that domain name. These records are stored in a tree-like
structure.
 Namespace: Set of possible names, flat or hierarchical. The naming system maintains a
collection of bindings of names to values – given a name, a resolution mechanism returns
the corresponding value.
 Name server: It is an implementation of the resolution mechanism.

Name-to-Address Resolution

The host requests the DNS name server to resolve the domain name. And the name server
returns the IP address corresponding to that domain name to the host so that the host can future
connect to that IP address.

Name-to-Address Resolution

 Hierarchy of Name Servers Root name servers: It is contacted by name servers that can
not resolve the name. It contacts the authoritative name server if name mapping is not
known. It then gets the mapping and returns the IP address to the host.
 Top-level domain (TLD) server: It is responsible for com, org, edu, etc, and all top-level
country domains like uk, fr, ca, in, etc. They have info about authoritative domain servers
and know the names and IP addresses of each authoritative name server for the second-
level domains.
 Authoritative name servers are the organization’s DNS servers, providing authoritative
hostnames to IP mapping for organization servers. It can be maintained by an organization
or service provider. In order to reach cse.dtu.in we have to ask the root DNS server, then it
will point out to the top-level domain server and then to the authoritative domain name
server which actually contains the IP address. So the authoritative domain server will return
the associative IP address.
How Does DNS Work?

The working of DNS starts with converting a hostname into an IP Address. A domain name
serves as a distinctive identification for a website. It is used in place of an IP address to make it
simpler for consumers to visit websites. Domain Name System works by executing the
database whose work is to store the name of hosts which are available on the Internet. The top-
level domain server stores address information for top-level domains such as .com and .net,
.org, and so on. If the Client sends the request, then the DNS resolver sends a request to DNS
Server to fetch the IP Address. In case, when it does not contain that particular IP Address with
a hostname, it forwards the request to another DNS Server. When IP Address has arrived at the
resolver, it completes the request over Internet Protocol.

What is DNS Lookup?

DNS Lookup or DNS Resolution can be simply termed as the process that helps in allowing
devices and applications that translate readable domain names to the corresponding IP
Addresses used by the computers for communicating over the web.

What is DNS Resolver?

DNS Resolver is simply called a DNS Client and has the functionality for initiating the process
of DNS Lookup which is also called DNS Resolution. By using the DNS Resolver,
applications can easily access different websites and services present on the Internet by using
domain names that are very much friendly to the user and that also resolves the problem of
remembering IP Address.

What is DNS Caching?

DNS Caching can be simply termed as the process used by DNS Resolvers for storing the
previously resolved information of DNS that contains domain names, and IP Addresses for some
time. The main principle of DNS Caching is to speed up the process of future DNS lookup and
also help in reducing the overall time of DNS Resolution.

Simple Network Management Protocol (SNMP)

If an organization has 1000 devices then to check all devices, one by one every day, are
working properly or not is a hectic task. To ease these up, a Simple Network Management
Protocol (SNMP) is used.

Simple Network Management Protocol (SNMP)

SNMP is an application layer protocol that uses UDP port number 161/162.SNMP is used to
monitor the network, detect network faults, and sometimes even to configure remote devices.

Components of SNMP:
There are mainly three components of SNMP:
1. SNMP Manager
It is a centralized system used to monitor the network. It is also known as a Network
Management Station (NMS). A router that runs the SNMP server program is called an
agent, while a host that runs the SNMP client program is called a manager.

2. SNMP agent :
It is a software management software module installed on a managed device. The manager
accesses the values stored in the database, whereas the agent maintains the information in
the database. To ascertain if the router is congested or not, for instance, a manager can
examine the relevant variables that a router stores, such as the quantity of packets received
and transmitted.

3. Management Information Base:

MIB consists of information on resources that are to be managed. This information is

organized hierarchically. It consists of objects instances which are essentially variables. A
MIB, or collection of all the objects under management by the manager, is unique to each
agent. System, interface, address translation, IP, udp, and egp , icmp, tcp are the eight
categories that make up MIB. The mib object is home to these groups.
SNMP messages

 GetRequest : It is simply used to retrieve data from SNMP agents. In response to this, the
SNMP agent responds with the requested value through a response message.

 GetNextRequest : To get the value of a variable, the manager sends the agent the
GetNextRequest message. The values of the entries in a table are retrieved using this kind
of communication. The manager won’t be able to access the values if it doesn’t know the
entries’ indices. The GetNextRequest message is used to define an object in certain
circumstances.

 SetRequest : It is used by the SNMP manager to set the value of an object instance on the
SNMP agent.

 Response : When sent in response to the Set message, it will contain the newly set value as
confirmation that the value has been set.

 Trap : These are the message sent by the agent without being requested by the manager. It
is sent when a fault has occurred.

 InformRequest : It was added to SNMPv2c and is used to determine if the manager has
received the trap message or not. It is the same as a trap but adds an acknowledgement that
the trap doesn’t provide.

SNMP security levels

The type of security algorithm applied to SNMP packets is defined by it. These are used in
only SNMPv3. There are 3 security levels namely:

1. noAuthNoPriv –
This (no authentication, no privacy) security level uses a community string for
authentication and no encryption for privacy.

2. authNopriv – This security level (authentication, no privacy) uses HMAC with Md5 for
authentication and no encryption is used for privacy.

3. authPriv – This security level (authentication, privacy) uses HMAC with Md5 or SHA for
authentication and encryption uses the DES-56 algorithm.

Advantages of SNMP
1. It is simple to implement.
2. Agents are widely implemented.
3. Agent level overhead is minimal.
 4. It is robust and extensible.
5. Polling approach is good for LAN based managed object.
6. It offers the best direct manager agent interface.
7. SNMP meet a critical need.

SSH Protocol

 The SSH(Secure Shell) is an access credential that is used in the SSH Protocol. In other
words, it is a cryptographic network protocol that is used for transferring encrypted data
over the network. The port number of SSH is 22(Twenty-Two). It allows you to connect to
a server, or multiple servers, without having to remember or enter your password for each
system that is to log remotely from one system to another.
 To provide security between a client and a server the SSH protocol uses encryption. All
user authentication and file transfers are encrypted to protect the network against attacks.
 The SSH protocol protects the network from various attacks such as DNS spoofing, IP source
routing, and IP spoofing.

How does SSH Works?

The SSH protocol works in a client-server model, which means it connects a secure shell client
application (End where the session is displayed) with the SSH server (End where session
executes

The basic use of SSH is to connect a remote system for a terminal session and to do this,
following command is used:

ssh UserName@SSHserver.test.com

The above command enables the client to connect to the server, named server.test.com, using the
ID UserName.

If we are connecting for the first time, it will prompt the remote host's public key fingerprint and
ask to connect. The below message will be prompt:
 The authenticity of host 'sample.ssh.com' cannot be established.
DSA key fingerprint is 01:23:45:67:89:ab:cd:ef:ff:fe:dc:ba:98:76:54:32:10.
Are you sure you want to continue connecting (yes/no)?

To continue the session, we need to click yes, else no. If we click yes, then the host key will be
stored in the known_hosts file of the local system. The key is contained within the hidden file by
default, which is /.ssh/known_hosts in the home directory. Once the host key is stored in this
hidden file, there is no need for further approval as the host key will automatically authenticate
the connection.

Techniques Used in SSH:

There are majorly three major techniques used in SSH, which are
 Symmetric Cryptography: In Symmetric key cryptography the same key used for
encrypting and decrypting the message, a unique single shared key is kept between the
sender and reciever. For ex: DES (Data Encryption Standard) and AES (Advanced
Encryption Standard).

Symmetric Cryptography

 Asymmetric Cryptography: In Asymmetric key cryptography the key used for encrypting
is different from the key used for decrypting the message. For ex: RSA (Rivest–Shamir–
Adleman) and Digital Signature Algorithm.

Asymmetric Cryptography
 Hashing: Hashing is a procedure used in cryptography which convert variable length string
to a fixed length string, this fixed length value is called hash value which is generated by
hash function.

……………………………………………………………………………………………………