UNIT-5

Application Layer

Computer Network Architecture

Computer Network Architecture is defined as the physical and logical design of the software,
hardware, protocols, and media of the transmission of data. Simply we can say that how
computers are organized and how tasks are allocated to the computer.

The two types of network architectures are used:

o Peer-To-Peer network

o Client/Server network

Peer-To-Peer network
o Peer-To-Peer network is a network in which all the computers are linked together with
equal privilege and responsibilities for processing the data.
o Peer-To-Peer network is useful for small environments, usually up to 10 computers.
o Peer-To-Peer network has no dedicated server.
o Special permissions are assigned to each computer for sharing the resources, but this can
lead to a problem if the computer with the resource is down.
Advantages of Peer-To-Peer Network:
o It is less costly as it does not contain any dedicated server.
o If one computer stops working but, other computers will not stop working.
o It is easy to set up and maintain as each computer manages itself.

Disadvantages of Peer-To-Peer Network:

o In the case of Peer-To-Peer network, it does not contain the centralized system .
Therefore, it cannot back up the data as the data is different in different locations.
o It has a security issue as the device is managed itself.

Client/Server Network
o Client/Server network is a network model designed for the end users called clients, to
access the resources such as songs, video, etc. from a central computer known as Server.
o The central controller is known as a server while all other computers in the network are
called clients.
o A server performs all the major operations such as security and network management.
o A server is responsible for managing all the resources such as files, directories, printer,
etc.
o All the clients communicate with each other through a server. For example, if client1
wants to send some data to client 2, then it first sends the request to the server for the
permission. The server sends the response to the client 1 to initiate its communication
with the client 2.
Advantages of Client/Server network:
o A Client/Server network contains the centralized system. Therefore we can back up the
data easily.

o A Client/Server network has a dedicated server that improves the overall performance of
the whole system.

o Security is better in Client/Server network as a single server administers the shared

resources.

o It also increases the speed of the sharing resources.

Disadvantages of Client/Server network:

o Client/Server network is expensive as it requires the server with large memory.

o A server has a Network Operating System (NOS) to provide the resources to the clients,
but the cost of NOS is very high.

o It requires a dedicated network administrator to manage all the resources.

Processes Communicating:
Processes Communicating
Processes on two different end systems communicate with each other by exchanging messages
across the computer network.

With Peer to Peer file sharing, the peer that is downloading the file is labeled as the client, and
the peer that is uploading the file is labeled as the server.

In the context of a communication session between a pair of processes, the process that initiates
the communication (that is, initially contacts the other process at the beginning of the session) is
labeled as the client. The process that waits to be contacted to begin the session is the server.

The Interface Between the Process and the Computer Network

A process sends messages into, and receives messages from, the network through a software
interface called a socket.

A socket is the interface between the application layer and the transport layer within a host. It is
also referred to as the Application Programming Interface (API) between the application and the
network.

On the transport-layer side, the application developer can only control: (1) the choice of transport
protocol and (2) a few transport-layer parameters such as maximum buffer and maximum
segment sizes.

Transport Services Available to Applications:

Recall that a socket is the interface between the application process and the transport-layer
protocol. The application at the sending side pushes messages through the socket. At the other
side of the socket, the transport-layer protocol has the responsibility of getting the messages to
the socket of the receiving process.

Many networks, including the internet, provide more than one transport-layer protocol. When
you develop an application, you must choose one of the available transport-layer protocols. How
do you make this choice? Most likely, you would study the services provided by the available
transport-layer protocols, and then pick the protocol with the services that best match your
application’s needs. The situation is similar to choosing either train or airplane transport for
travel between two cities. You have to choose one of the other, and each transportation mode
offers different services. (for example, the train offers downtown pickup and drop-off, whereas
the plane offers shorted travel time).
What are the services that a transport-layer protocol can offer to applications invoking it? We
can broadly classify the possible services along four dimensions: reliable data transfer,
throughput, and security.

Reliable Data Transfer

As discussed in module 1, packets can get lost within a computer network. For example, a packet
can overflow a buffer in a router, or can be discarded by a host or router after having some of its
bits corrupted. For many applications – such as electronic mail, file transfer, remote host access,
web document transfers, and financial applications – data loss can have devastating
consequences (in the latter case, for either bank of the customer!). Thus, to support these
applications, something has to be done to guarantee that the data sent by one end of the
application is delivered correctly and completely to the other end of the application. If a protocol
provides such a guaranteed data delivery service, it is said to provide reliable data transfer . One
important service that a transport-layer protocol can potentially provide to an application is
process-to-process reliable data transfer. When a transport protocol provides this service, the
sending process can just pass its data into the socket and know with complete confidence that the
data will arrive without errors at the receiving process.

When a transport-layer protocol does not provide reliable data transfer, some of the data sent by
the sending process may never arrive at the receiving process. This data may be acceptable
for loss-tolerant applications, most notably multimedia applications such as conversational
audio/video that can tolerate some amount of data loss. In these multimedia applications, lost
data might result in a small glitch in the audio/video  – not a crucial impairment.

Throughput

In module 1 we introduced the concept of available throughput, which, in the context of a

communication session between two processes along a network path, is the rate at which the
sending process can deliver bits to the receiving process. Because other sessions will be sharing
the bandwidth along the network path, and because these other sessions will be coming and
going, the available throughput can fluctuate with time. These observations lead to another
natural service that a transport-layer protocol could provide, namely, guaranteed available
throughput rate at some specified rate. With such a service, the application could request a
guaranteed throughput or r bits/sec, and the transport protocol would then ensure that the
available throughput is always r bits/sec. Such a guaranteed throughput service would appeal to
many applications. For example, if an internet telephony application encodes voice at 32 kpbs, it
needs to send data into the network and have data delivered to the receiving application at this
rate. If the transport protocol cannot provide this throughput, the application would need to
encode at a lower rate (and receive enough throughput to sustain this lower encoding rate) or
may have to give up, since receiving, say, half of the needed throughput is of little or no use to
this internet telephony application. Applications that have throughput requirements are said to
be bandwidth-sensitive applications. Many current multimedia applications are bandwidth
sensitive, although some multimedia applications may use adaptive coding techniques to encode
digitized voice or video at a rate that matches the currently available throughput.

While bandwidth-sensitive applications have specific throughput requirements, elastic

applications can make use of as much , as or as little, throughput as happens to be available.
Electronic mail, file transfer, and web transfers are all elastic applications. Of course, the more
throughput, the better. There’s an adage that says that one cannot be too rich, too thin, or have
too much throughput!

Timing

A transport-layer protocol can also provide timing guarantees. As with throughput guarantees,
timing guarantees can come in many shapes and forms. An example guarantee might be that
every bit that the sender pumps into the socket arrives at the receiver’s socket no more than 100
msec later. Such a service would be appealing to interactive real-time applications, such as
internet telephony, virtual environments, teleconferencing, and multiplayer games, all of which
require tight timing constrains on data delivery in order to be effective. Long delays in internet
telephony, for example, tend to result in unnatural pauses in the conversation; in a multiplayer
game or virtual interactive environment, a long delay between taking an action and seeing the
response from the environment (for example, from another player at the end of an end-to-end
connection) makes the application feel less realistic. For non-real-time applications, lower delay
is always preferable to higher delay, but no tight constraint is placed on the end-to-end delays.

Security

Finally, a transport protocol can provide an application with one or more security services. For
example, in the sending host, a transport protocol can encrypt all data transmitted by the sending
process, and in the receiving host, the transport-layer protocol can decrypt the data before
delivering the data to the receiving processes. A transport protocol can also provide other
security services in addition to confidentiality, including data integrity and end-point
authentication.

File Transfer Protocol (FTP):

File Transfer Protocol (FTP) is an application layer protocol that moves files between local and
remote file systems. It runs on the top of TCP, like HTTP. To transfer a file, 2 TCP connections
are used by FTP in parallel: control connection and data connection. 
Control connection:-
For sending control information like user identification, password, commands to change the
remote directory, commands to retrieve and store files, etc., FTP makes use of a control
connection. The control connection is initiated on port number 21. 

Data connection:-
For sending the actual file, FTP makes use of a data connection. A data connection is initiated on
port number 20. FTP sends the control information out-of-band as it uses a separate control
connection. Some protocols send their request and response header lines and the data in the same
TCP connection. For this reason, they are said to send their control information in-band. HTTP
and SMTP are such examples. 

FTP Session: 
When an FTP session is started between a client and a server, the client initiates a control TCP
connection with the server-side. The client sends control information over this. When the server
receives this, it initiates a data connection to the client-side. Only one file can be sent over one
data connection. But the control connection remains active throughout the user session.

FTP Commands – Some of the FTP commands are: 

USER – This command sends the user identification to the server. 

PASS – This command sends the user password to the server. 
CWD – This command allows the user to work with a different directory or dataset for file
storage or retrieval without altering his login or accounting information. 
RMD – This command causes the directory specified in the path name to be removed as a
directory. 
MKD – This command causes the directory specified in the pathname to be created as a
directory. 
PWD – This command causes the name of the current working directory to be returned in the
reply. 
RETR – This command causes the remote host to initiate a data connection and to send the
requested file over the data connection. 
STOR – This command causes to store of a file into the current directory of the remote host. 
LIST – Sends a request to display the list of all the files present in the directory. 
ABOR – This command tells the server to abort the previous FTP service command and any
associated transfer of data. 
QUIT – This command terminates a USER and if file transfer is not in progress, the server closes
the control connection. 

FTP Replies – Some of the FTP replies are : 

200 Command okay. 

530 Not logged in. 
331 User name okay, need a password. 
225 Data connection open; no transfer in progress. 
221 Service closing control connection. 
551 Requested action aborted: page type unknown. 
502 Command not implemented. 
503 Bad sequence of commands. 
504 Command not implemented for that parameter.

Advantages of FTP (File Transfer Protocol):-

 Speed is one of the advantages of FTP (File Transfer Protocol).

 File sharing also comes in the category of advantages of FTP in this between two
machines files can be shared on the network.
  Efficiency is more in FTP.

Disadvantages of FTP (File Transfer Protocol):-

 File size limit is the drawback of FTP only 2 GB size files can be transferred.
 Multiple receivers are not supported by the FTP.
 FTP does not encrypt the data this is one of the biggest drawbacks of FTP.
 FTP is unsecured we use login IDs and passwords making it secure but they can be
attacked by hackers.

Electronic Mail (E-Mail) in Internet:

In this topic, we will be covering one of the most popular Internet services that is Electronic Mail
(E-mail) in detail.

Electronic mail is often referred to as E-mail and it is a method used for exchanging digital
messages.

 Electronic mail is mainly designed for human use.

 It allows a message to includes text, image, audio as well as video.

 This service allows one message to be sent to one or more than one recipient.

 The E-mail systems are mainly based on the store-and-forward model where the E-mail
server system accepts, forwards, deliver and store the messages on behalf of users who
only need to connect to the infrastructure of the Email.

 The Person who sends the email is referred to as the Sender while the person who
receives an email is referred to as the Recipient.

Need of an Email:

By making use of Email, we can send any message at any time to anyone.

 We can send the same message to several peoples at the same time.

 It is a very fast and efficient way of transferring information.

 The email system is very fast as compared to the Postal system.

 Information can be easily forwarded to coworkers without retyping it.

Components of E-mail System
The basic Components of an Email system are as follows:

1. User Agent(UA)

It is a program that is mainly used to send and receive an email. It is also known as an email
reader. User-Agent is used to compose, send and receive emails.

 It is the first component of an Email.

 User-agent also handles the mailboxes.

 The User-agent mainly provides the services to the user in order to make the sending and
receiving process of message easier.

Given below are some services provided by the User-Agent:

1. Reading the Message

2. Replying the Message

3. Composing the Message

4. Forwarding the Message.

5. Handling the Message.

2. Message Transfer Agent

The actual process of transferring the email is done through the Message Transfer Agent(MTA).

 In order to send an Email, a system must have an MTA client.

 In order to receive an email, a system must have an MTA server.

 The protocol that is mainly used to define the MTA client and MTA server on the internet
is called SMTP (Simple Mail Transfer Protocol).

 The SMTP mainly defines how the commands and responses must be sent back and forth

3. Message Access Agent

In the first and second stages of email delivery, we make use of SMTP.

 SMTP is basically a Push protocol.

 The third stage of the email delivery mainly needs the pull protocol, and at this stage, the
message access agent is used.

 The two protocols used to access messages are POP (Post Office Protocol) and IMAP4
(Internet Message Access Protocol).

Architecture of Email

Now its time to take a look at the architecture of e-mail with the help of four scenarios:

First Scenario
When the sender and the receiver of an E-mail are on the same system, then there is the need for
only two user agents.

Second Scenario

In this scenario, the sender and receiver of an e-mail are basically users on the two
different systems. Also, the message needs to send over the Internet. In this case, we need to
make use of User Agents and Message transfer agents(MTA).

Third Scenario
In this scenario, the sender is connected to the system via a point-to-point WAN it can be either a
dial-up modem or a cable modem. While the receiver is directly connected to the system like it
was connected in the second scenario.

Also in this case sender needs a User agent(UA) in order to prepare the message. After preparing
the message the sender sends the message via a pair of MTA through LAN or WAN.

Fourth Scenario

In this scenario, the receiver is also connected to his mail server with the help of WAN or LAN.

When the message arrives the receiver needs to retrieve the message; thus there is a need for
another set of client/server agents. The recipient makes use of MAA(Message access agent)
client in order to retrieve the message.
In this, the client sends the request to the Mail Access agent(MAA) server and then makes a
request for the transfer of messages.

This scenario is most commonly used today.

Structure of Email

The message mainly consists of two parts:

1.Header
2.Body

Header
The header part of the email generally contains the sender's address as well as the receiver's
address and the subject of the message.

Body
The Body of the message contains the actual information that is meant for the receiver.

Email Address:

In order to deliver the email, the mail handling system must make use of an addressing system
with unique addresses.

The address consists of two parts:

 Local part

 Domain Name

Local Part

It is used to define the name of the special file, which is commonly called a user mailbox; it is
the place where all the mails received for the user is stored for retrieval by the Message Access
Agent.

Domain Name

It is the second part of the address is Domain Name.

Both local part and domain name are separated with the help of @.

Simple Mail Transfer Protocol (SMTP):

o SMTP stands for Simple Mail Transfer Protocol.

o SMTP is a set of communication guidelines that allow software to transmit an electronic

mail over the internet is called Simple Mail Transfer Protocol.

o It is a program used for sending messages to other computer users based on e-mail
addresses.
 o It provides a mail exchange between users on the same or different computers, and it also
supports:

o It can send a single message to one or more recipients.

o Sending message can include text, voice, video or graphics.

o It can also send the messages on networks outside the internet.

o The main purpose of SMTP is used to set up communication rules between servers. The
servers have a way of identifying themselves and announcing what kind of
communication they are trying to perform. They also have a way of handling the errors
such as incorrect email address. For example, if the recipient address is wrong, then
receiving server reply with an error message of some kind.

Components of SMTP

o First, we will break the SMTP client and SMTP server into two components such as user
agent (UA) and mail transfer agent (MTA). The user agent (UA) prepares the message,
creates the envelope and then puts the message in the envelope. The mail transfer agent
(MTA) transfers this mail across the internet.
o SMTP allows a more complex system by adding a relaying system. Instead of just
having one MTA at sending side and one at receiving side, more MTAs can be
added, acting either as a client or server to relay the email.
 o The relaying system without TCP/IP protocol can also be used to send the emails
to users, and this is achieved by the use of the mail gateway. The mail gateway is
a relay MTA that can be used to receive an email.

Working of SMTP
1. Composition of Mail: A user sends an e-mail by composing an electronic mail
message using a Mail User Agent (MUA). Mail User Agent is a program which is
used to send and receive mail. The message contains two parts: body and header.
The body is the main part of the message while the header includes information
such as the sender and recipient address. The header also includes descriptive
information such as the subject of the message. In this case, the message body is
like a letter and header is like an envelope that contains the recipient's address.
2. Submission of Mail: After composing an email, the mail client then submits the
completed e-mail to the SMTP server by using SMTP on TCP port 25.
3. Delivery of Mail: E-mail addresses contain two parts: username of the recipient
and domain name. For example, vivek@gmail.com, where "vivek" is the username
of the recipient and "gmail.com" is the domain name.
If the domain name of the recipient's email address is different from the sender's
domain name, then MSA will send the mail to the Mail Transfer Agent (MTA). To
 relay the email, the MTA will find the target domain. It checks the MX record from
Domain Name System to obtain the target domain. The MX record contains the
domain name and IP address of the recipient's domain. Once the record is
located, MTA connects to the exchange server to relay the message.
4. Receipt and Processing of Mail: Once the incoming message is received, the
exchange server delivers it to the incoming server (Mail Delivery Agent) which
stores the e-mail where it waits for the user to retrieve it.
5. Access and Retrieval of Mail: The stored email in MDA can be retrieved by
using MUA (Mail User Agent). MUA can be accessed by using login and
password.

Comparison of SMTP & HTTP:

Domain Name System (DNS):
IP address are tough for human to remember and impossible to guess. Domain Name
System are usually used to translate a hostname or Domain name (eg. nec.edu.np) into an IP
address (eg. 202.37.94.177). Domain name comprise a hierarchy so that names are unique, yet
easy to remember.

DNS is an application layer protocol defines how the application processes running on different
systems, pass the messages to each other.

o DNS stands for Domain Name System.

o DNS is a directory service that provides a mapping between the name of a host on the
network and its numerical address.

o DNS is required for the functioning of the internet.

o Each node in a tree has a domain name, and a full domain name is a sequence of symbols
specified by dots.

o DNS is a service that translates the domain name into IP addresses. This allows the users
of networks to utilize user-friendly names when looking for other hosts instead of
remembering the IP addresses.

o For example, suppose the FTP site at EduSoft had an IP address of 132.147.165.50, most
people would reach this site by specifying ftp.EduSoft.com. Therefore, the domain name
is more reliable than IP address.

DNS is a TCP/IP protocol used on different platforms. The domain name space is divided into
three different sections: generic domains, country domains, and inverse domain.
Generic Domains

o It defines the registered hosts according to their generic behavior.

o Each node in a tree defines the domain name, which is an index to the DNS database.

o It uses three-character labels, and these labels describe the organization type.

Label Description

aero Airlines and aerospace companies

biz Businesses or firms

com Commercial Organizations

coop Cooperative business Organizations

edu Educational institutions

gov Government institutions

info Information service providers

int International Organizations

mil Military groups

museum Museum & other nonprofit organizations

name Personal names

net Network Support centers

org Nonprofit Organizations

pro Professional individual Organizations

Country Domain

The format of country domain is same as a generic domain, but it uses two-character country
abbreviations (e.g., us for the United States) in place of three character organizational
abbreviations.

Inverse Domain

The inverse domain is used for mapping an address to a name. When the server has received a
request from the client, and the server contains the files of only authorized clients. To determine
whether the client is on the authorized list or not, it sends a query to the DNS server and ask for
mapping an address to the name.

Working of DNS

o DNS is a client/server network communication protocol. DNS clients send requests to the
server while DNS servers send responses to the client.

o Client requests contain a name which is converted into an IP address known as a forward
DNS lookups while requests containing an IP address which is converted into a name
known as reverse DNS lookups.

o DNS implements a distributed database to store the name of all the hosts available on the
internet.
 o If a client like a web browser sends a request containing a hostname, then a piece of
software such as DNS resolver sends a request to the DNS server to obtain the IP address
of a hostname. If DNS server does not contain the IP address associated with a hostname,
then it forwards the request to another DNS server. If IP address has arrived at the
resolver, which in turn completes the request over the internet protocol

Service Provided by DNS:

We have just seen that there are two ways to identify a host – by a hostname and
by an IP address. People prefer the more mnemonic hostname identifier, while
routers prefer fixed-length, hierarchical structured IP addresses. In order to
reconcile these preferences, we need a directory service that translates hostnames
to IP addresses. This is the main task of the Internet’s domain name system (DNS).
The DNS is a distributed database implemented in a hierarchy of DNS servers, and
an application-layer protocol that allows hosts to query the distributed database.

The DNS servers are often UNIX machines running the Berkeley Internet Domain
(BIND) software [BIND 2012] . The DNS protocol runs over UDP and uses port
53.

DNS is commonly employed by other application-layer protocols-including HTTP,

SMTP, and FTP – to translate user-supplied hostnames to IP addresses.

As an example, consider what happens when a browser (that is, an HTTP client),
running on some user’s host, requests the URL www.someschool.edy/index.html .
In order for the user’s host to be able to send an HTTP request message to the web
server www.someschool.edu, the user’s host must first obtain the IP address of
www.someschool.edu .This is done as follows:

1. The same user machine runs the client side of the DNS application

2. The browser extracts the hostname, www.someschool.edu , from the URL

and passes the hostname to the client side of the DSN application

3. The DNS client sends a query containing the hostname to a DNS server

4. The DNS client eventually receives a reply, which includes the IP address
for the hostname
 5. Once the browser receives the IP address from DNS, it can initiate a TCP
connection to the HTTP server process located at port 80 and that IP
address.

We see from this example that DNS adds an additional delay – sometimes
substantial – to the internet applications that use it. Fortunately, as we discuss
below, the desired IP address is often cached in a “nearby” DNS server, which
helps to reduce DNS network traffic as well as the average DNS delay.

DNS provides a few other important services in addition to translating hostnames

to IP addresses:

Host Aliasing

A host with a complicated hostname can have one or more alias names. For
example, a hostname such as relay1.west-coast.enterprise.com could have , say,
two aliases such as enterprise.com and www.enterprise.com . In this case, the
hostname relay1.west-coast.enterprise.com is said to be canonical hostname.
Alias hostnames, when present, are typically more mnemonic than canonical
hostnames. DNS can be invoked b an application to obtain the canonical hostname
for a supplied alias hostname as well as the IP address of the host.

Mail Server Aliasing

For obvious reasons, it is highly desirable that e-mail addresses by mnemonic. For
example, if Bob has an account with Hotmail, Bob’s e-mail address might be as
simple as bob@hotmail.com. However, the hostname of Hotmail mail server is
more complicated and much less mnemonic than simply Hotmail.com (for
example, the canonical hostname might be something like relay1.west-
coast.hotmail.com). DNS can be invoked by a mail application to obtain the
canonical hostname for a supplied alias hostname as well as the IP address of the
host. In fact, the MX record (see below) permits a company’s mail server and web
server to have identical (aliased) hostnames; for example, a company’s web server
and mail server can both be called enterprise.com.

Load Distribution

DNS is also used to perform load distribution among replicated servers, such as
replicated Web servers. Busy sites, such as cnn.com, are replicated over multiple
servers, with each running on a different end system and having a different IP
address. For replicated web servers, a set of IP addresses is thus associated with
one canonical hostname. The DNS database contains this set of IP addresses.
When clients make a DNS query for a name mapped to a set of addresses, the
server responds with the entire set of IP addresses, by rotates the ordering of the
addresses within each reply. Because a client typically sends its HTTP request
message to the IP address that is listed first in the set, DNS rotation distributes the
traffic among the replicated servers.

DNA rotation is also used for e-mail so that multiple mail servers can have the
same alias name. also, content distribution companies such as Akamai have used
DNS in more sophisticated ways to provide web content distribution.

DNS Records and Messages:

The DNS servers that together implement the DNS distributed database
store resource records (RRs).

A resource record is a four-tuple that contains the following fields:

(Name, Value, Type, TTL)

TTL is the time to live of the resource record; it determines when a resource should

be removed from a cache.

The meaning of Name and Value depend on Type:

•If Type=A, then Name is a hostname and Value is the IP address

for the host name.

•If Type=NS, then Name is a domain (such as foo.com) and Value is the hostname

of an authoritative DNS server that knows how to obtain the IP addresses for

hosts in the domain.

•If Type=CNAME, then Value is a canonical hostname for the alias hostname

Name. This record can provide querying hosts the canonical name for
a host name.
•If Type=MX, then Value is the canonical name of a mail server that has an alias

Host name name.

DNS Messages

The first 12 bytes is the header section, which has a number of fields.

•The first field is a 16-bit number that identifies the query. This identifier is

copied into the reply message to a query, allowing the client to match received

replies with sent queries.

•There are a number of flags in the flag field.

A 1-bit query/reply flag indicates whether the message is a query (0) or a

reply (1). A1-bit authoritative flag is set in a reply message when a DNS server

is an authoritative server for a queried name.

A 1-bit recursion-desired flag is set when a client (host or DNS server) desires

that the DNS server perform recursion when it doesn’t have the record.

A 1-bit recursion available field is set in a reply if the DNS server supports

recursion.
•In the header, there are also four number-of fields. These fields indicate the

number of occurrences of the four types of data sections that follow the

header.

•The question section contains information about the query that is being made.

This section includes (1) a name field that contains the name that is being

queried, and (2) a type field that indicates the type of question being asked

about the name

•In a reply from a DNS server, the answer section contains the resource records

for the name that was originally queried.

The authority section contains records of other authoritative servers.

•The additional section contains other helpful records

The first 12 bytes is the

header section, which has a
number of fields.
• The first field is a 16-
bit number that identifies
the query. This identifier is
copied into the reply message
to a query, allowing the client
to match received
replies with sent queries.
• There are a number of
flags in the flag field.
A 1-bit query/reply flag
indicates whether the
message is a query (0) or a
reply (1). A1-bit authoritative
flag is set in a reply message
when a DNS server
is an authoritative server for a
queried name.
A 1-bit recursion-desired flag
is set when a client (host or
DNS server) desires
that the DNS server perform
recursion when it doesn’t
have the record.
A 1-bit recursion available
field is set in a reply if the
DNS server supports
recursion.
• In the header, there are
also four number-of fields.
These fields indicate the
number of occurrences of
the four types of data
sections that follow the
header.
• The question section
contains information about
the query that is being made.
This section includes (1) a
name field that contains the
name that is being
queried, and (2) a type field
that indicates the type of
question being asked
about the name
• In a reply from a DNS
server, the answer section
contains the resource records
for the name that was
originally queried.
The authority section contains
records of other authoritative
servers.
• The additional section
contains other helpful records