Chapter 15

Application Layer functionality protocols

Application Layer – OSI and TCP/IP Models

HTTP HTTP

• TCP/IP application layer fits roughly to the OSI: “Application, Presentation and
Session layers”.

• Interface the applications to the network underlying layer.

Application Layer – OSI and TCP/IP Models

Two important concepts:

• Application Layer:

 The first step for getting data on to the network , uses a protocol that
encapsulate , arrange and format data i.e. HTTP Protocol in a form to be
readable to the destination.

• Application Software:

 The programs used to communicate over the network. i.e. your

browser.
The Presentation Layer

Presentation Layer Functionality:

The presentation layer has three primary functions:

 Formatting, or presenting, data at the source device into a compatible format for receipt
by the destination device.
 Compressing data in a way that can be decompressed by the destination device.
 Encrypting data for transmission and decrypting data upon receipt.
 The presentation layer formats data for the application layer, and it sets standards for file
formats. Some well-known standards for video include Matroska Video (MKV), Motion Picture
Experts Group (MPG), and QuickTime Video (MOV). Some well-known graphic image formats
are Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPG), and Portable
Network Graphics (PNG) format.
4
The Session Layer

 Handles :

• Creating and initiating dialogs.

• Maintain dialogs and keep them active.
• restart disrupted or idle sessions for a long period of time.

 Most applications, like web browsers or e-mail clients, incorporate functionality of

the OSI layers 5, 6 and 7.

5
Application Layer – OSI and TCP/IP Models

APPLICATIONS

DNS (Domain Name System): Resolves Internet names (URLs) to IP Addresses.

DNS - Domain Name System (or Service)

TCP, UDP client 53
Translates domain names, such as cisco.com, into IP addresses.
Application Layer – OSI and TCP/IP Models

APPLICATIONS

Telnet: Terminal emulation – Remote access “CLI” to servers and network devices.
Application Layer – OSI and TCP/IP Models

APPLICATIONS

SMTP (Simple Mail Transfer Protocol): Transfer of mail messages and attachments.
Application Layer – OSI and TCP/IP Models

Email

SMTP - Simple Mail Transfer Protocol

TCP 25
Enables clients to send email to a mail server
Enables servers to send email to other servers

POP3 - Post Office Protocol

TCP 110
Enables clients to retrieve email from a mail server
Downloads the email to the local mail application of the client

IMAP - Internet Message Access Protocol

TCP 143
Enables clients to access email stored on a mail server
Maintains email on the server
Application Layer – OSI and TCP/IP Models

APPLICATIONS

DHCP (Dynamic Host Configuration Protocol):

Assigns IP Addresses and other parameters to hosts.
Application Layer – OSI and TCP/IP Models

APPLICATIONS

DHCP (Dynamic Host Configuration Protocol):

BOOTP - Bootstrap Protocol

UDP client 68, server 67
Enables a diskless workstation to discover its own IP address, the IP address of a
BOOTP server on the network, and a file to be loaded into memory to boot the
machine
BOOTP is being superseded by DHCP

DHCP - Dynamic Host Configuration Protocol

UDP client 68, server 67
Dynamically assigns IP addresses to be re-used when no longer needed
Application Layer – OSI and TCP/IP Models

APPLICATIONS

HTTP (Hypertext Transfer Protocol): Transfer files that make up web pages.
Application Layer – OSI and TCP/IP Models

Web
APPLICATIONS
HTTP - Hypertext Transfer Protocol
TCP 80, 8080
A set of rules for exchanging text, graphic images, sound, video, and other
multimedia files on the World Wide Web

HTTPS - HTTP Secure

TCP, UDP 443
The browser uses encryption to secure HTTP communications
Authenticates the website to which you are connecting your browser
Application Layer – OSI and TCP/IP Models

APPLICATIONS

FTP (File Transfer Protocol): Interactive file transfer between systems.

Application Layer – OSI and TCP/IP Models

File Transfer

FTP - File Transfer Protocol

TCP 20 to 21
Sets rules that enable a user on one host to access and transfer files to and
from another host over a network
FTP is a reliable, connection-oriented, and acknowledged file delivery protocol

TFTP - Trivial File Transfer Protocol

UDP client 69
A simple, connectionless file transfer protocol with best-effort, unacknowledged
file delivery
It uses less overhead than FTP
Application Layer – OSI and TCP/IP Models

APPLICATIONS

Usually, a single server will function as a server for multiple application

protocols.
The Client-Server Model
• Sometimes , you access data that is not stored on your device and that is
requested from where it resides. i.e. downloading email from mail server to the
client mail PC after client request.

• The software in the Application

layer determine device role as
a client or server.

• Data transfer from a client to

a server is referred to as an
upload and data from a server
to a client as a download.
Client/Server Model
May also require control information. Clients – hardware, software
combination
User Authentication
Identify a file to be transferred.
Centralized administration.
The client begins the
exchange by making a
request for data.

The server responds with

one or more streams of
data.

Files uploaded to the

Resources are stored or downloaded server
on the server.

The biggest advantage of the client/server model is the centralization of resources.

User Names and Passwords, Files, Databases. Security is easier to be enforced in
client server mode. This exchange may also require control information.
Servers
 A server is usually a computer that contains information needed to be shared
between many clients. Information might be on a ..

• Web server.
• Email server.
• FTP Server: File or database server (Different files ) , may require an account
and password before allowing a transfer.
• Domain Controller Server: Will require a user name and password in order to
access the network.

19
Peer-to-Peer (P2P) Networking and Applications

Peer-to-Peer Model

Peer-to-peer networking involves two distinct forms.

 In a peer-to-peer network, two or more computers are connected via a

network and can share resources (such as printers and files) without having a
dedicated server. “Any device peer can be either a server or a client”

 No centralized user accounts, permissions or logs , and so , it is difficult to

enforce security and access policies in networks containing more than just a few
computers.

 User accounts and access rights must be set individually on each peer device.
P2P File Sharing Application
 Is an application that is installed on stations connected using any type of network
and unlike a peer-to-peer network, it allows a device to act as both a client and a
server within the same communication.

 Some P2P applications use a hybrid system where resource sharing is decentralized,
but the indexes that point to resource locations are stored in a centralized directory.
In a hybrid system, each peer accesses an index server to get the location of
a resource stored on another peer.

 Once connected, the communication takes place between the two peers without
additional communication to the index server.

Napster 21
P2P File Sharing Application
Peer-to-peer applications such as:
 Shareaz
 eDonkey
 and Bitcoin
 allow one network device to assume the role of server, while one or more other
network devices assume the role of client using the peer-to-peer application.

Napster 22
Application Layer Protocols
TCP/IP Application Layer Protocols

Application
Layer
HTTP SMTP POP FTP DNS DHCP TFTP SNMP

Transport
Layer
TCP UDP

Internet
Layer
IP

Network
Access
Layer LAN / WAN
Introduction

IP TCP HTTP
Header Header Header
Data

• Commonly used protocols:

• The OSI Model Transport Layer identifies applications and services

using a port number source and destination address.

• Server programs addresses “port numbers” are generally known

by clients.
Commonly Used Protocols

IP TCP HTTP
Header Header Header
Data

Application / Service Acronym Port

Domain Name System “TCP/UDP DNS 53

Hypertext Transfer Protocol HTTP 80

Simple Mail Transfer Protocol SMTP 25

Post Office Protocol “UDP” POP3 110

Telnet Telnet 23
Dynamic Host Configuration Protocol
DHCP 67,68
“UDP”
File Transfer Protocol FTP 20, 21
HTTP (WWW)
DHCP

(IP address
resolution)

FTP
(file transfer) DNS
(domain name
resolution)

SMB
SMTP (email) (file sharing)

P2P
Telnet (file sharing)
(remote login)

27
 DNS – Domain Name System

 DNS allows users (software) to use domain names instead of IP addresses

28
 Domain Name System (DNS)

• DNS is a client/server service. The client is not a browser or email client

application, but it is a DNS resolver .

• DNS resolver is not an application but runs as a service that supports

name resolution requests from different network applications and
services that need it and processing responses from the DNS server.
Domain Name System (DNS)

• DNS and the Browser:

1. First, a domain name or URL is entered in the address field of the

browser. The browser passes the name to the resolver.
Domain Name System (DNS)

1
2 www.cisco.com

3
www.cisco.com = 198.133.219.25

• DNS and the Browser:

2. The resolver sends the DNS request to the DNS Server.
3. The server then searches its records and resolves the name with
to a corresponding IP Address.
Domain Name System (DNS)

• The resolver send requests to the DNS server identified in the

configuration

• From the IP configuration on the device.

IP Address 192.168.25.25
Subnet Mask 255.255.255.0
Default Gateway 192.168.25.1
DNS Server 208.67.222.222
Domain Name System (DNS)

1
2 www.cisco.com

3 4
www.cisco.com = 198.133.219.25 198.133.219.25

• DNS and the Browser:

4. The DNS server then sends the IP Address back to the client that made the
request. The IP Address will be used in the encapsulation process as the
destination address for packets going to www.cisco.com.
 Name Resolution

Need the IP address

DNS queries are two types of queries:

Recursive queries

 Queries performed by Host to Local DNS Server

Iterative queries

 Queries performed Local DNS server to other servers

34
 DNS Name Resolution
:Example

 User types http://www.example.com

Step 1.

 The DNS resolver on the DNS client sends a recursive query to its configured
Local DNS server.
 Requests IP address for "www.example.com".
 The DNS server for that client is responsible for resolving the name
• Cannot refer the DNS client to another DNS server.

35
 2
2
DNS Name Resolution 3

Step 2.

 Local DNS Server forwards the query to a Root DNS server , if not saved in cash

Step 3.

 Root DNS server

• Makes note of .com suffix
• Returns a list of IP addresses for TLD (Top Level Domain Servers) responsible
for .com.

36
 DNS Name Resolution
4
4

Step 4.

 The local DNS server sends query for www.example.com to one of the TLD
servers.

Step 5.
 TLD Server
• Makes note of example.com
• Returns IP address for authoritative server example.com (such as
dns.example.com server)

37
 DNS Name Resolution

6
7

Step 6.

 Local DNS server sends query for www.example.com directly to DNS server for
example.com

Step 7.

 example.com DNS server responds with its IP address for www.example.com

38
 DNS Name Resolution

Step 8.

 Local DNS server sends the IP address of www.example.com to the DNS client.

DNS Caching

 When a DNS server receives a DNS reply (mapping hostname to an IP address) it

can cache the information in its local memory.
 DNS servers discard cached information after a period of time (usually 2 days)
 A local DNS server can cache TLD server addresses, bypassing the root
DNS servers in the query chain.

39
 DNS Name Resolution

The DNS server stores different types of resource records that are used to resolve
names. These records contain the name, address, and type of record. Some of these
record types are as follows:

A - An end device IPv4 address

NS - An authoritative name server
AAAA - An end device IPv6 address (pronounced quad-A)
MX - A mail exchange record

40
 DNS Name Resolution

The different top-level domains represent either the type of organization or the
country of origin. Examples of top-level domains are the following:
 .com - a business or industry
 .org - a non-profit organization
 .au - Australia
 .co - Colombia

41
 DNS Name Resolution

 In the worst cases, you'll get a dialog box

that says the domain name doesn't exist -
even though you know it does.

 This happens because the authoritative

server is slow replying to the first, and your
computer gets tired of waiting so it times-
out (drops the connection) or the domain
name does not exist.

 But if you try again, there's a good chance it

will work, because the authoritative server
has had enough time to reply, and your
name server has stored the information in
its cache.

42
Domain Name System (DNS)

• Utility - nslookup:
• Windows operating systems provide the nslookup utility.
• Use to query a domain name and get the IP Address.
Domain Name System (DNS)

Utility:
ipconfig /displaydns

Displays the contents

of the PC cache.

ipconfig /flushdns

Clears the contents of

the PC cache.
WWW Service and HTTP

Protocol

Browser

• Web browsers are the client applications used to interpret the HTTP
application protocol received from a web server.
• When a URL is requested , the web browser establishes a connection
request to the web service “d” running on the HTTP server .
WWW Service and HTTP

• Web Server:

• Stores the web pages that contains objects (HTML, Pictures, Video, Files).
• Each is accessible by a URL.
• Examples : Apache, Microsoft Internet Information Server (MIIS)

The browser interprets the 3 parts of the URL:

1. http (the protocol or scheme).

2. www.cisco.com(the server name).
3. web-server.htm (the specific file name requested).
Anatomy of a URL

Protocol Folder / Path

http://www.cambriancollege.ca/Pages/Home.aspx

Domain name Filename

Path / Filename Query

http://www.cambriancollege.ca:80/Search/Results.aspx?k=CETY

Port # Query Parameter

WWW Service and HTTP

• HTTP is a request/response type of protocol.

• When a client requests a web page, HTTP defines the types of messages
requested by client and responds by server.

e.g. GET : Is a client request for data. A web browser sends the GET message
to request pages from a web server.
POST - Uploads data files to the web server such as form data.
PUT - Uploads resources or content to the web server such as an image.
WWW Service and HTTP

• The server responds with either:

• The requested object.
• An error message, if necessary.
• Or other status messages.
HTTPS
 HTTPS (Hypertext Transfer Protocol over Secure Socket Layer) is a URL scheme
used to indicate a secure HTTP connection.

• Allows servers and clients to exchange information securely over the

Internet.
• The data stream is encrypted with Secure Socket Layer (SSL) before being
transported across the network.
• Encryption, Authentication, additional Application and Transport Layer rules.
• However, HTTPS creates additional load and processing time on the server
due to the encryption and decryption of traffic.

50
Email Services & SMTP/POP Protocols

 Post Office Protocol (POP) and Simple Mail Transfer Protocol (SMTP) are involved in
email services. “POP for receiving and SMTP for sending”

 Users use an application called a Mail User Agent (MUA), or e-mail client to
allow messages to be sent and places received messages into the client's mailbox.

51
SMTP – Simple Mail Transfer Protocol

Mail server Mail server User agent

User agent
SMTP SMTP

POP3 IMAP

 Internet mail involves:

• User agents
 Allows users to read, reply, compose, forward, save, etc., mail messages

 GUI user agents: Outlook, Eudora, Messenger

 Text user agents: mail, pine, elm

• Mail servers
 Stores user mail boxes, communicates with local user agents and other

mail servers.
• Mail protocols: SMTP, POP3, IMAP, HTTP

52
 SMTP – Simple Mail Transfer Protocol

Mail server Mail server

User agent User agent
SMTP SMTP

POP3
IMAP

 SMTP
• Transfers messages from sender’s mail server to recipient’s mail server
• Push protocol, not a pull protocol
 Push (from client to server or server to server)
 Pull (from server to client)

 Retrieving email

• Historically, users would log into local mail server to read mail.
• Since early 1990’s, clients use mail access protocols:
 POP3
 IMAP
 HTTP

53
FYI- POP – Post Office Protocole

 POP3 (Post Office Protocol)

• RFC 1939
• Limited functionality
• Uses TCP port 110
• Download-and-delete mode
 Retrieves messages on server and store the locally
 Delete messages on server
• Download-and-keep mode
 Does not delete messages on server when retrieved.
• Problem
 Difficult to access email from multiple computers – work and
home.
 Some email may have already been downloaded on another
computer (work) – download-and-delete
 To read email from another computer, must leave on server –
download-and-keep
• Does not provide means for user to create remote folders on mail
server
54
SMTP – Simple Mail Transfer Protocol

 IMAP (Internet Message Access Protocol)

• Mail not downloaded, but kept on server within user inbox.

• Users can create and manage remote folders
• Users can retrieve portions of the email:

 Message header: Subject line and Sender

 Web-based email

• Introduced with Hotmail in mid-1990’s

• Communicates with remote mailbox using HTTP
• HTTP is used to push (client to server) and pull the email (server to client)

55
 Mail Protocols

POP, POP3, and IMAP are protocols that are used to retrieve email from servers.

 SMTP is the default protocol that is used to send email. DNS may be used by
the sender email server to find the address of the destination email server.

56
FTP (File Transfer Protocol)

FTP Server
FTP Client

 FTP was developed to allow for file transfers between a client and a server.
 An FTP client is an application that runs on a computer Used to push and pull
files from a server running the FTP daemon (FTPd).
 Uses get and put commands.

57
FTP (File Transfer Protocol)

Client initiates a TCP control connection on Port 21. Username and password….

21

20

For each file transferred, TCP opens and closes a Data connection on Port 20.

 Client initiates a TCP control connection with FTP server using port 21.

• This connection remains open until the user quits the FTP application.
• TCP port 21 connection includes:
 Username and password is sent over TCP port 21.

 Remote directory changes

58
Server Message Block Protocol (SMB)

• The Server Message Block (SMB) is a client/server file sharing protocol.

• Describes the structure of shared network resources
• Directories, files, printers, and serial ports.
Server Message Block Protocol (SMB)

• Start , Request / Response protocol.

• Unlike FTP, clients establish a long term connection after authentication.
• Clients can access resources on the server as if the resource is local to the client.
• Linux / Unix have a similar protocol – SAMBA.
• Authentication might be also included here.
 DHCP – Dynamic Host Configuration Protocol

 IP addresses and other information can be obtained:

• Statically : used for network devices such as gateways, switches, servers and
printers.
• Dynamically By Dynamic Host Configuration Protocol (DHCP) service:The IP
addresses are dynamic (leased) assigned and when no longer in use are
automatically returned to the pool for reallocation.
DHCP

 DHCP Information can include:

• IP address.
• Subnet mask.
• Default gateway.
• Domain name.
• DNS Server.

 DHCP servers can be:

• Server on LAN.
• Router.
• Server at ISP “Accessed
remotely on the WAN.

63
 Dynamic Host Configuration Protocol (DHCP)

• DHCP is a four step process , starts usually when the client is powered on

1. Client broadcasts a DHCP Discover frame to find a DHCP server.

There may be more than one available.
Dynamic Host Configuration Protocol (DHCP)
• DHCP is a four step process.

2. A DHCP server responds with a DHCP Offer frame containing a lease

time, an IP Address, Subnet Mask, and addresses for a Default
Gateway and DNS Server.
Dynamic Host Configuration Protocol (DHCP)

• DHCP is a four step process.

3. The client may receive multiple DHCP OFFER packets if there is more
than one DHCP server on the local network, so it must choose
between them, The client responds by broadcasting a DHCP Request
that identifies the server and the lease offer it is accepting.
Dynamic Host Configuration Protocol (DHCP)

• DHCP is a four step process.

4. If the offer is still valid, the server returns a DHCP Acknowledgement and
records that information as used. If it is no longer valid perhaps due to a
time-out or another client allocating the lease, a DHCP Negative
Acknowledgement “NACK” is sent and the process begins again.
Telnet

 A connection using Telnet is called a Virtual Terminal (VTY) session, or connection.

 Allows a user to remotely access another device (host, router, switch) with a Telnet
server software from any Telnet client end device “ Putty , Teraterm , Hyperterm”.

 Telnet access devices using the command line interface (CLI).

68
 Telnet
 Telnet supports user
authentication, but does not
encrypt data.

 All data exchanged during a Telnet

sessions is transported as plain
text.

 Secure Shell (SSH) protocol

offers an alternate and secure
method for server access.

• Stronger authentication
• Encrypts data

70