Application Layer

Raghu N.C.
Member Technical Staff
Layers Revisited
 Application Layer

• An Application layer protocol defines how an

application processes running on different end
systems pass messages to each other.
• Type of messages – request and response
• Message must follow some syntax
• Rules of how to respond to request/respond/any
other kind of message

• These Protocols can be open / proprietary.

What transport layer protocol to use while designing
application layer ?

• The following are the considerations:

– Data loss (Reliable / Best service)
– Band Width (Elastic / Band width sensitive)
– Timing (Crucial / not)

• Whether Use TCP / UDP ?

Application Data loss Bandwidth Time sensitive

File transfer No Loss Elastic No

E-mail No Loss Elastic No
Web Documents No Loss Elastic (few No
Kbps)
Real-time Loss-tolerant Audio: Few Kbps Yes: 100s of
Audio/Video - 1Mb Msec
Video: 10Kb - 5
Mb
Stored Loss-tolerant Same as Above Yes: Few
Audio/Video Seconds
Interactive Loss-tolerant Few Kbps - 10Kb Yes: 100s Msec
games
Financial No Loss Elastic Yes and No
Applications
 IP Addressing
• Static IP addressing

Limitations:
– A change to the IP address/DNS means that
each client must be reconfigured separately.
– Each computer uses an IP address whether it
is currently in the network or not.
 IP addressing
• Dynamic IP addressing: IP addresses are
assigned upon request using the DHCP
protocol
• DHCP was developed from an earlier
protocol called BOOTP, which was used
primarily to boot diskless computers.
• A diskless computer receives a complete
operating system over the network as it
boots.
 DHCP
• DHCP stands for Dynamic Host
Configuration Protocol.

• The Dynamic Host Configuration Protocol

(DHCP) enables computers to receive
TCP/IP configuration settings
automatically.
 DHCP Contd.
• The DHCP client receive the following
settings from DHCP Server, such as
– IP addresses for the default gateway,
– DNS servers
– WINS server
– Subnet mask
 DHCP
• The DHCP server is assigning the IP
addresses, only the DHCP server must be
configured with IP address information.

• On the client end, The only parameter to

be configured is an option for the client to
receive IP address information from the
server.
 DHCP
• Server maintains a lease with the Client
for a finite duration for the address.

• The lease expires in case if the client is no

longer using the address.Then the
address can be assigned to another client.
 How DHCP Works ?
• When a DHCP client computer is started, the
TCP/IP software is loaded into memory and
starts to operate.

• TCP/IP has not been given an IP address yet, it

is incapable of sending or receiving directed
datagrams. TCP/IP can, however, transmit and
listen for broadcasts
 DHCP
• The process of leasing an IP address
from the DHCP server involves four
steps:
– DHCPDISCOVER - UDP port 68 – broadcasts MAC address
– DHCPOFFER - UDP port 67 – broadcast based on MAC and
contain the IP and Subnet of the server.
– DHCPREQUEST – configures the client and notifies other
DHCP servers with this client information.
– DHCPACK – the client sends the acknowledgment to the
server with the Client IP, MAC and other setting information.
 Relay Agent
• Incase if both the Server and the client are in
different network which are connected by
routers then Router does not support
Broadcasting.
• To make DHCP to work we need a
middleman to act as a bridge between the
server and the client. That middleman is
called BOOTP relay agent or a DHCP relay
agent
 FTP
• The File Transfer Protocol (FTP) is a widely
used protocol that enables a user to transfer files
between two computers on a TCP/IP network

• FTP is used primarily to transfer files, although it

can perform other functions such as creating
directories, removing directories, and listing files.
 FTP
• The user runs an FTP client application on
one computer, and the other computer
runs an FTP server program such as ftpd
(FTP daemon) on a Unix/Linux computer,
or an FTP service on other platforms
 TFTP
• The Trivial File Transfer Protocol (TFTP) is
used to transfer files between the TFTP
client and a TFTP server, a computer
running the tftpd TFTP daemon.

• This protocol uses UDP as a transport

and, unlike FTP, does not require a user to
log on to transfer files. Uses port 69
 TFTP
• The TFTP protocol was designed to be
small so that both it and the UDP protocol
could be implemented on a PROM
(Programmable Read Only Memory) chip.

• The TFTP protocol can only read and write

files; it cannot list the contents of
directories, create or remove directories
 Telnet
• Telnet Used For Remote Login
 SMTP
• SMTP Stands for Simple Mail Transfer Protocol

• The Simple Mail Transfer Protocol (SMTP) is the

principal application-layer protocol for Internet
electronic mail.

• It uses the reliable data transfer service of TCP

to transfer mail from the sender's mail server to
the recipient's mail server.
 SMTP
• As with most application-layer protocols,
SMTP has two sides:

– client side
which executes on the sender's mail

– server side
which executes on the recipient's mail server.
 SMTP
• Both the client and server sides of SMTP run on
every mail server.

• When a mail server sends mail (to other mail

servers), it acts as an SMTP client.

• When a mail server receives mail (from other

mail servers) it acts as an SMTP server.
 SMTP
• SMTP is much older than HTTP It has the
following limitations like can only interpret
ASCII

• SMTP runs on port number 25

 HTTP Vs SMTP
• HTTP transfer objects from web server to
web client whereas the SMTP transfers
the messages from one mail server to the
another / from one user agent to the mail
server

• While transferring files both persistent

HTTP and SMTP use persistent
connection.
 HTTP Vs SMTP
• HTTP is primarily a pull protocol ie) client
pulls the objects present in the server.

• SMTP is primarily a push protocol ie) client

will push the messages to the mail server
ie) TCP connection is initiated by the
machine that want to send the file.
 HTTP Vs SMTP
• In SMTP each message is ended with a CRLF
whereas in HTTP, the ending of each message
is identified with the number of bytes (field
mentioned in the content-length).

• How the media formats like consisting of text

and images are handled, HTTP encapsulates
each message in its own header whereas SMTP
places all the messages into one message.
 SMTP
• SMTP is used to send a message from the
initiating client to the local email server
and also to forward the message from the
local server to the destination server or to
another server in the relay path.
 SMTP
• SMTP is the protocol that email servers use to
forward messages across a TCP/IP network

• The client computer that initiates an email

message also uses SMTP to send that message
to a local server for delivery.

• SMTP communication occurs through a TCP

connection to port 25 on the SMTP server.
 Command Description
• HELO:Hello. (Client requests a connection with the
server.)
• MAIL FROM: Precedes email address of sending user.
• RCPT TO:Precedes email address of receiving user.
• DATA: Announces an intention to start transmitting
the contents of the message.
• NOOP: Asks the server to send an OK reply.
• QUIT: Asks the server to send an OK reply and
terminate the session.
• RESET: Aborts the mail transaction.
1. The sending computer issues a HELO
command to the server. The name of the
sender is included as an argument.
2. The server sends back the 250 response
code.
3. The sender issues the MAIL FROM:
command. The email address of the user
who sent the message is included as an
argument.
4. The server sends back the 250 response
code.
5. The sender issues the RCPT TO:
command. The email address of the
6. If the server can accept mail for the recipient,
the server sends back the 250 response
code. Otherwise, the server sends back a
code indicating the problem (such as the 550
code, which indicates that the user's mailbox
wasn't found).
7. The sender issues the DATA command,
indicating that it is ready to start sending the
contents of the email message.
8. The server issues the 354 response code,
instructing the sender to start transmitting the
message contents.
9. The sender sends the message data and
ends with a period (.) on a line by itself.
10. The server sends back the 250
response code, indicating that the mail
was received.
11. The sender issues the QUIT
command, indicating that the
transmission is over and the session
should be closed.
12. The server sends the 221 code,
indicating that the transmission
channel will be closed.
 MIME
• MIME (Multipurpose Internet Mail
Extensions)

• Used for transmitting the images

 SMTP
• SMTP is used to send a message from the
initiating client to the local email server
and also to forward the message from the
local server to the destination server or to
another server in the relay path.
 SMTP
• SMTP is the protocol that email servers use to
forward messages across a TCP/IP network

• The client computer that initiates an email

message also uses SMTP to send that message
to a local server for delivery.

• SMTP communication occurs through a TCP

connection to port 25 on the SMTP server.
 Command Description
• HELO:Hello. (Client requests a connection with the
server.)
• MAIL FROM: Precedes email address of sending user.
• RCPT TO:Precedes email address of receiving user.
• DATA: Announces an intention to start transmitting
the contents of the message.
• NOOP: Asks the server to send an OK reply.
• QUIT: Asks the server to send an OK reply and
terminate the session.
• RESET: Aborts the mail transaction.
1. The sending computer issues a HELO command to
the server. The name of the sender is included as an
argument.
2. The server sends back the 250 response code.
3. The sender issues the MAIL FROM: command. The
email address of the user who sent the message is
included as an argument.
4. The server sends back the 250 response code.
5. The sender issues the RCPT TO: command. The
email address of the message recipient is included
as an argument.
6. If the server can accept mail for the recipient,
the server sends back the 250 response
code. Otherwise, the server sends back a
code indicating the problem (such as the 550
code, which indicates that the user's mailbox
wasn't found).
7. The sender issues the DATA command,
indicating that it is ready to start sending the
contents of the email message.
8. The server issues the 354 response code,
instructing the sender to start transmitting the
message contents.
9. The sender sends the message data and
ends with a period (.) on a line by itself.
10. The server sends back the 250
response code, indicating that the mail
was received.
11. The sender issues the QUIT
command, indicating that the
transmission is over and the session
should be closed.
12. The server sends the 221 code,
indicating that the transmission
channel will be closed.
 Name Resolution
• A powerful technique that associates an
alphanumeric name with the 32-bit IP address
• Each computer is assigned an alphanumeric
name called a hostname
• hosts file contains a list of hostname-to-IP-
address associations.
• In a small network, Hostnames worked well.
 DNS
• As it is impossible to keep an upto-date host
resolution file on each computer. Instead it is
maintained on a special server called Name Servers.

• Distribute the responsibility for name resolution among

a group of special name resolution servers.

• The name resolution servers maintain the tables that

define name-to-address associations. Other
computers on the network query the name resolution
servers for IP address host-to-name mapping
information.
 DNS
• Incase if the file is found in the Name Server(NS) then
it will be retrieved else it queries another name server.

• DNS is not working strictly with a hostname. DNS

works with fully qualified domain names (FQDNs). An
FQDN consists of both a hostname and a name
specifying the domain.
• A domain is a collection of computers under a single
authority sharing a common portion of the namespace
(that is, bearing the same domain name)
 DNS
• At the top of the DNS tree is a single node
known as root.
• Root is sometimes shown as a period (.),
although the actual symbol for root is a null
character. Beneath root is a group of domains
known as top level domains (TLDs).
• Top level domains include the familiar .com,
.org, and .edu domains, as well as domains for
national governments, such as .us (United
States), .uk (United Kingdom), .fr (France), and
.jp (Japan).
 DNS
• organization with authority over a domain
can create one or more additional tiers of
subdomains. At each level, the name of
the local domain is prefixed to the parent
domain name
• the DNS system supports up to 127 levels
of domains
DNS Name Resolution Process
• Host1 sends a query to name server A
asking for the IP address associated with
the domain name
trog.DogInStarlight.marines.mil.
1.Name server A checks its own records to
see if it has the requested address. If
server A has the address, it returns the
address to Host1.
DNS Name Resolution Process
1. If name server A does not have the address, it
initiates the process of finding the address.
Name server A sends an iterative request for
the address to name server B, a top level
name server for the .mil domain, asking for the
address associated with the name
trog.DogInStarlight.marines.mil.
2. Name server B is not able to supply the
address, but it is able to send name server A
the address of name server C, the name
server for marines.mil.
DNS Name Resolution Process
1. Name server A sends a request for the
address to name server C. Name server C is
not able to supply the address, but it is able to
send the address of name server D, the name
server for DogInStarlight.marines.com.
2. Name server A sends a request for the IP
address to name server D. Name server D
looks up the address for the host
trog.DogInStarlight.marines.mil and sends the
address to name server A. Name server A
then sends the address to Host1.
DNS Name Resolution Process

Host1 initiates a connection to the host

trog.DogInStarlight.marines.mil.

• This process occurs thousands (if not

millions) of times a day on the Internet.
 Hyper Text Transfer Protocol

• HTTP implemented in 2 programs

– Client
– Server

• HTTP defines how client and server talk to each

other by exchanging messages.
 Key Terminology

• User Agent
• Objects
• URL has 2 components
– Host name where the object resides
– Path name
• Client like IE, Firefox
• Servers like IIS, APACHE
 HTTP

• HTTP is a stateless protocol ie) server does not

maintain state of the client.

• HTTP connections are of 2 types

– Persistent HTTP/1.1
– Non-Persistent HTTP/1.0
 Persistent Vs Non-Persistent

• In Non-Persistent connection, we need the server to

open / close the session for each object.

• Brand new connection need to be established and

maintained for each object.

• TCP buffers must be allocated and TCP variables

must be kept in both the client / server.
Maintaining this information need serious problem
for server.
 Persistent Vs Non-Persistent

• In Persistent connection, we need only one session

to send any number of objects without closing the
section.

• With Persistent connection same connection is

enough to send any number of objects. (in case all
objects present on the same server).
 Persistent

• Two Versions of Persistent connections

– With Pipelining
– Without Pipelining

• The connection will be closed by the server after

some time.
 Without Pipelining & Pipelining

• Without Pipelining, the client can request a new

reference object only when it received the response
to the previous object.

• With Pipelining, the client can request a new

reference object whenever it encounters it can
make connection back-to-back.

• HTTP/1.1 is persistent with pipelining.

 HTTP message Format

• GET /exam.html HTTP/1.1

Request Line
• HOST: www.something.org
• Connection: Close
• User-Agent: Mozilla/4.0 Header lines
• Accept-lang: Fr
 HTTP Message Format

• The messages is in ordinary language

• Request line has 3 fields
– Method filed (GET, POST, HEAD)
– Object
– Browser / Client version type
 Header Lines

• Host: On which the web page hosted

• Connection: Close don’t want to use persistent
connection. Server can close the connection after
response although it is using HTTP/1.1
• User Agent: Some servers have different objects for
different user-agents.
• Accept-Lang: Indicates user preference to accept
French version of the object (if available) else it can
send the default object (content-negotiation)
 Response Message From Server

• HTTP/1.1 200 OK Initial status line

• Connection: Close
• Date:
• Server: Apache/1.3.0 (UNIX)
• Last modified: Header lines
• Content-Length:7654
• Content-Type: Text/html
• (data data data data data)

Actual data
 HTTP Response Message

• Status line:
– Protocol version field
– Status code
– Corresponding status message
• Connection: Close (server going to close the
connection)
• Data: At which the response was created and
sending (Time when object is retrieved not created)
• Last Modified: Indicates when the object were
created / last modified (used in caching)
 How to identify Users ?

• There are 2 ways a server can identify the users:

– Authentication
– Cookies
 Authentication

Normal Request Message

401
Authentication Required

Authentication Header Line

Header Line: User ID / Pwd
 Cookies

• Some web sites use Cookies to keep track of users.

• The Server uses a cookie in the server response in
one of the header line.
• Set-Cookie: 1232343
• Some identification number generated by the
server.
• Whenever the client come across this header line it
creates a file and stores the server host name,
identification number and related information.
 Advantages Of Cookies

• If a server requires authentication but doesn't want

to hassle a user with a username and password
prompt every time the user visits the site, it can set
a cookie.
• If a server wants to remember a user's preferences
so that it can provide targeted advertising during
subsequent visits, it can set a cookie.
• If a user is shopping at a site (for example, buying
several CDs), the server can use cookies to keep
track of the items that the user is purchasing, that
is, to create a virtual shopping cart.
 Web Caching

• Web caching can be of 2 types:

– Local system
– Network system ( Proxy Server)
 File Transfer protocol

• It uses 2 connections
– Control connection for commands : 21
– Data connection for Data transmission: 20

• FTP uses a separate connection for control and

data it is said to send its control information
out-of-band
• HTTP is said to send its control information
in-band.
 FTP contd.

• HTTP is a stateless Protocol. FTP is a stateful

protocol.Since it need to keep track of the users
directory etc information.

• The control connection is maintained during the

entire session whereas the data connection is non-
persistent.
 Messages

• USER username: Used to send the user

identification to server.
• PASS password: Used to send the user password to
the server.
• LIST: Used to ask the server to send back a list of
all the files in the current remote directory. The list
of files is sent over a (new and nonpersistent) data
connection rather than the control TCP connection.
• RETR filename: Used to retrieve (that is, get) a file
from the current directory of the remote host.
• STOR filename: Used to store (that is, put) a file
into the current directory of the remote host.
 FTP Status message

• 331 Username OK, password required

• 125 Data connection already open; transfer
starting
• 425 Can't open data connection
• 452 Error writing file
 Telnet

• Remote Login
• Port : 23