Application Layer

DNS - Domain Name System

Alphabetic name IP Address

remembered by human

 It is an internet service that translates domain names into IP

addresses.
 It is application-layer protocol. DNS service must translate the
domain name into the corresponding IP address.
 In DNS system, If one DNS server doesn't know how to translate a
particular domain name, it asks another one, and so on, until the
correct IP address is returned.
2
Hierarchy of name servers
DNS - Example

 DNS client wants to determine the IP address for the hostname

www.amazon.com
 The client first contacts one of the root servers, which returns IP addresses
for TLD servers - top-level domain .com.
 Then contacts TLD servers, which returns the IP address of an
authoritative server for www.amazon.com
 Finally, contacts one of the authoritative servers for www.amazon.com,
which returns the IP address for the hostname www.amazon.com.
4
DNS: A distributed - hierarchical database
 Root DNS Servers – Total 13

5
DNS – Cont…
 Top-level domain (TLD) servers:
✔ It is responsible for com, org, net, edu, aero, jobs, museums, and all top-
level country domains, e.g.: uk, fr, ca, jp
✔ Verisign Global Registry Services maintains servers for .com TLD
✔ Educause for .edu TLD
 Authoritative DNS servers:
✔ To organization’s own DNS servers, providing authoritative hostname to IP
mappings for organization’s named hosts.
✔ It can be maintained by organization or service provider.
 Local DNS name servers:
✔ It does not strictly belong to hierarchy
✔ when host makes DNS query, query is sent to its local DNS server.
 It acts as proxy, forwards query into hierarchy.

6
DNS - Example

7
DNS name resolution example
root DNS server
 Iterated query:
 A host at cis.poly.edu wants IP
2
address for gaia.cs.umass.edu 3
TLD DNS server
4

local DNS server

dns.poly.edu
7 6
1 8

authoritative DNS server

dns.cs.umass.edu
requesting host
cis.poly.edu

gaia.cs.umass.edu
8
DNS name resolution example
root DNS server
 Recursive query:
 A host at cis.poly.edu wants IP
2 3
address for gaia.cs.umass.edu 7
6
TLD DNS
server

local DNS server

dns.poly.edu 5 4

1 8

authoritative DNS server

dns.cs.umass.edu
requesting host
cis.poly.edu

gaia.cs.umass.edu
9
DNS Caching
 The idea behind DNS caching is very simple. In a query chain, when a
DNS server receives a DNS reply (containing, for example, a mapping
from a hostname to an IP address), it can cache the mapping in its local
memory.
 In the example, each time the local DNS server dns.poly.edu receives a
reply from some DNS server, it can cache any of the information
contained in the reply.
 If a hostname/IP address pair is cached in a DNS server and another
query arrives to the DNS server for the same hostname, the DNS server
can provide the desired IP address, even if it is not authoritative for the
hostname.
 DNS servers discard cached information after a period of time (often set
to two days).
10
 DNS MESSAGES

 DNS has two types of messages: query and response.. Both

types have the same format.

 The query message consists of a header and question

records; the response message consists of a header,
question records, answer records, authoritative records,
and additional records.

11
Query and response messages
Header format
DNS Messages
 The identification subfield is used by the client to match the
response with the query. The client uses a different identification
number each time it sends a query. The server duplicates this
number in the corresponding response.
 The flags subfield is a collection of subfields that define the type
of the message, the type of answer requested, the type of desired
resolution (recursive or iterative), and so on.
 The number of question records subfield contains the number of
queries in the question section of the message.
 The number of answer records subfield contains the number of
answer records in the answer section of the response message. Its
value is zero in the query message.
14
DNS Messages
 The number of authoritative records subfield contains the number
of authoritative records in the authoritative section of a response
message. Its value is zero in the query message.
 Finally, the number of additional records subfield contains the
number additional records in the additional section of a response
message. Its value is zero in the query message.
 Question Section
✔ This is a section consisting of one or more question records. It is present on
both query and response messages.
 Answer Section
✔ This is a section consisting of one or more resource records. It is present only
on response messages. This section includes the answer from the server to
the client (resolver).

15
DNS Messages
 Authoritative Section
✔ This is a section consisting of one or more resource records. It is present
only on response messages. This section gives information (domain name)
about one or more authoritative servers for the query.
 Additional Information Section
✔ This section provides additional information that may help the resolver.
✔ For example, a server may give the domain name of an authoritative server
to the resolver in the authoritative section, and include the IP address of
the same authoritative server in the additional information section.

16
DNS – Cont...
 Distributed database design is more preferred over centralized design to
implement DNS in the Internet.
 A single point of failure: If the DNS server crashes then the entire Internet will
not stop.
 Traffic volume: With millions of device and users accessing its services from
whole globe at the same time.
 A Single DNS Server cannot handle huge DNS traffic but with distributed system
its distributed and reduce overload on server.
 Distant centralized database: A single DNS server cannot be “close to” all the
querying clients.
 If it is in New York City, then all queries from Australia must travel to the other
side of the globe, perhaps over slow and congested links cause significant delays.
 Maintenance: To keep records for all Internet hosts. it would have to be updated
frequently to account for every new host.

17
Electronic Mail (Email)
 Email is an asynchronous communication medium in which people send and
read messages as convenient for them.
 Modern Email has many powerful features like:
 A messages with attachments
 Hyperlinks
 HTML-formatted text
 Embedded photos
 Email is fast, easy to distribute, and inexpensive.
 High level view of Internet mail system and its key components.
1. User agents
2. Mail servers
3. Simple Mail Transfer Protocol (SMTP)

18
Email - Cont…
User Agent user
agent
User agents allow users to read, reply to,
forward, save, and compose messages. mail user
E.g. Microsoft Outlook and Apple Mail. server agent
Mail servers: SMTP mail user
A mailbox contains incoming messages for
server agent
user.
SMTP
A message queue of outgoing (to be sent) mail
messages. SMTP user
agent
SMTP mail
server
It is a principal application layer protocol user
between mail servers to send email messages. agent
✔ client: sending mail to server
user
✔ server: receiving mail from other different mail agent
Outgoing
server message queue
user mailbox

19
SMTP
 Simple Mail Transfer Protocol used in sending and receiving e-
mail.
 It uses TCP to reliably transfer email message from client to server
using port 25.
 It restricts the body (not just the headers) of all mail messages to
simple 7-bit ASCII.
 SMTP does not use intermediate mail servers for sending mail.
 If receiving end mail server is down, the message remains in
sending end mail server and waits for a new attempt.

20
SMTP - Example

1. Alice uses user agent to compose 4. SMTP client sends Alice’s

message to Bob@iit.ac.in message over the TCP connection.
2. Alice’s user agent sends message 5. Bob’s mail server places the
to her1) 4)Client
2)Alice
3)
mailAlice’s
5)
SMTPuses
Bob’s
server; user
user
side agent
client
mail
of
messageagent
sends
SMTP sends
servertoplaces
compose
message
Alice’s
opens
placed TCP message
messagetoinover
her
theconnection
message
message mail
tomailbox.
the
in
Bob’s with
Bob’s
TCP
6) Bob invokes his user agent to read message
in message queue. message
server; bob@iit.ac.in
placed
Bob’s inserver
connection
mail message
mailbox
6. queue.
Bob invokes his user agent to
3. Client side of SMTP opens TCP read message.
connection with Bob’s mail server.

21
Format of an e-mail
E-mail address

• Sender uses DNS query for MX record on the

domain name in order to find the name and IP
of the target email server
MIME (Multipurpose Internet Mail Extensions)

NVT: network virtual terminal

(telnet)

SMTP protocol only this data

MIME

• User agents makes the translation between

non-ASCII data and ASCII email message
• If you check the source file of an email that has
attachment, you will find the MIME usage
• This is the main reason why your email with an
attachment becomes bigger?
MIME header
Data types and subtypes in MIME
Content-transfer-encoding
Mail Access Protocols (POP3 and IMAP)
user
m ail acce s s user
SMTP SMTP protocol agent
agent
(e .g., POP,
IMAP )

sender’s mail receiver’s mail

server server

 POP3
✔ Post Office Protocol – Version 3
 IMAP
✔ Internet Mail Access Protocol
 A mail access protocol, such as POP3, is used to transfer mail from
the recipient’s mail server to the recipient’s user agent.

29
POP3 (Post Office Protocol) and IMAP4 (Internet Mail Access Protocol)
The exchange of commands and responses in POP3
POP3 – Post Office Version 3
 POP3 is an extremely simple mail access protocol.
 With the TCP connection established, POP3 progresses through
three phases: authorization, transaction and update.
 In authorization, the user agent sends a username and a
password to authenticate the user.
 In transaction, the user agent retrieves messages, mark messages
for deletion, remove deletion marks and obtain mail statistics.
 In update, after the quit command by client, ending the POP3
session; the mail server deletes marked messages.
 POP3 is designed to delete mail on the server as soon as the user
has downloaded it.

32
IMAP - Internet Mail Access Protocol
 To keeps all messages in one place: at server
 The recipient can then move and organize the message into a
new, user-created folder, read the message, delete the message,
move messages from one folder to another and so on.
 To allow users to search remote folders for messages matching
specific criteria.
 Also permit a user agent to obtain components of messages,
When low-bandwidth connection between the user agent and its
mail server.
 In this case, user not to download all of the messages in its
mailbox, particularly avoiding long messages like an audio or video
clip.
33
FTP (File Transfer Protocol)
 File Transfer Protocol (FTP) is the commonly used protocol for
exchanging files over the Network or Internet. Example: Filezilla
 FTP uses the Internet's TCP/IP protocols to enable data transfer.
 FTP uses client-server architecture.
 FTP promotes sharing of files via remote computers with reliable
and efficient data transfer.

FTP user FTP File transfer FTP

interface client server
User or
Host

Local file system Remote file system

34
FTP (File Transfer Protocol) – Cont…
 FTP client connect FTP server at port 21 using TCP.
 FTP uses two parallel TCP connections to transfer a file,
1. Control Connection: Used for sending control information between two hosts.
2. Data Connection: To send a file.
 Control Information like user identification, password, commands to change
remote directory, commands to “put” and “get” files
 Client will browse remote file directory, sends commands over control
connection.
 FTP server maintains “state” about user like current directory, earlier
authentication.

35
WEB & HTTP
Web
 Early 1990, Internet was used only by
researchers, academics, and university
students.
 New application WWW arrived in 1994
by Tim Berners-Lee.
 World Wide Web - is an information
where documents and other web
resources are identified by URL,
interlinked by hypertext links, and can
be accessed via the Internet.
 On demand available, What they want,
When they want it.
 Unlike TV and Radio.
 Navigate through Websites.
37
37
Web and HTTP
 Web page consists of objects.
 Object can be HTML file, JPEG image, Java applet, audio file etc.…
 Web page consists of base HTML-file which includes several
referenced objects.
Web Page (e.g Total five objects)

 each object is addressable by a Uniform Resource Locator (URL),

like;
www.someschool.edu/someDept/pic.gif

host name path name

38
HTTP
 HyperText Transfer Protocol – Application layer protocol
 it is implemented in two programs.
1. Client Program
2. Server Program
 Exchanging HTTP message each others.
 HTTP defines the structure of these messages and how web
HTTP
client – web server exchange Request
messages.

HTTP
Response

39
HTTP – Cont…
 HTTP
✔ Hyper-Text Transfer Protocol
✔ It is Application layer protocol
HT
✔ Client: A browser that requests, TP
req
PC ues
receives, (using HTTP protocol) HT t
(Web Browser) TP
and “displays” Web objects. res
pon
se
✔ E.g. PC, Mobile
t
✔ Server: Web server sends (using u es
req
HTTP protocol) objects in TP nse Server
HT po (Apache Web
es
response to requests.
T Pr Server)
HT
✔ E.g. Apache Web Server

Mobile
(Web Browser)

40
HTTP - Cont...
 A client initiates TCP connection (creates socket) to server using
port 80.
 A server accepts TCP connection from client.
 HTTP messages (application-layer protocol messages) exchanged
between browser (HTTP client) and Web server (HTTP server).
 HTTP is “stateless protocol”, server maintains no information
about past client requests.
 HTTP connection types are:
1. Non-persistent HTTP
2. Persistent HTTP

41
NON-PERSISTENT HTTP &
PERSISTENT HTTP CONNECTION
Non-persistent & Persistent Connection
 In Client-Server communication, Client
making a series of requests to server,
Server responds to each of the
requests.
 Series of requests may be made back
to back or periodically at regular time
interval.
 So, Application developer need to
make an important decision;
 Should each request/response pair be
sent over a separate TCP connection.
 OR should all of the requests and
corresponding responses be sent over
same TCP connection?
43
43
1. Non-persistent HTTP
 A non-persistent connection is closed after the server sends the
requested object to the client.
 The connection is used exactly for one request and one response.
 For downloading multiple objects it required multiple
connections.
 Non-persistent connections are the default mode for HTTP/1.0.
 Example:
 Transferring a webpage from server to client, webpage consists of
a base HTML file and 10 JPEG images.
 Total 11 object reside on server.

44
1. Non-persistent HTTP – Cont.…
URL: www.someSchool.edu/someDepartment/home.index
1a. HTTP client initiates TCP connection to
HTTP server (process) at
www.someSchool.edu on port 80
2. HTTP client sends HTTP request
message (containing URL) into TCP
connection socket. Message indicates
that client wants object
someDepartment/home.index
5. HTTP client receives response message
containing html file, displays html. Parsing
html file, finds 10 referenced jpeg objects
6. Steps 1-5 repeated for each of 10
jpeg objects
1b. HTTP server at host
www.someSchool.edu waiting for TCP
connection at port 80. “accepts”
connection, notifying client
3. HTTP server receives request
message, forms response message
containing requested object, and
sends message into its socket
4. HTTP server closes TCP connection.
Time
45
1. Non-persistent HTTP: Response time
 RTT(round-trip time): A time
for a small packet to travel initiate TCP
from client to server and vice connection
RTT
versa.
request
 HTTP response time: file
✔ one RTT to initiate TCP time to
RTT transmit
connection. file
✔ one RTT for HTTP request and file
received
first few bytes of HTTP response
to return.
time time
✔ File transmission time

Non-persistent HTTP response time = 2RTT + file transmission time

46
2. Persistent HTTP
 Server leaves the TCP connection open after sending responses.
 Subsequent HTTP messages between same client and server sent
over open connection.
 The server closes the connection only when it is not used for a
certain configurable amount of time.
 It requires as little as one round-trip time (RTT) for all the
referenced objects.
 With persistent connections, the performance is improved by
20%.
 Persistent connections are the default mode for HTTP/1.1.

47
HTTP Message Format
 Two types:
1. Request Message
2. Response Message

48
1. HTTP Request Message
 HTTP request message consists of three part:
1. Request line
2. Header line
3. Carriage return
carriage return character
line-feed character
request line
(GET, POST, GET /index.html HTTP/1.1\r\n
HEAD commands) Host: www-net.cs.umass.edu\r\n
User-Agent: Firefox/3.6.10\r\n
Accept: text/html,application/xhtml+xml\r\n
headerAccept-Language: en-us,en;q=0.5\r\n
linesAccept-Encoding: gzip,deflate\r\n
Accept-Charset: ISO-8859-1,utf-8;q=0.7\r\n
carriage return Keep-Alive: 115\r\n
(line feed at start Connection: keep-alive\r\n
\r\n
of line indicates
end of header lines)
49
1. HTTP Request Message - Format
 The request line has three fields: Method field, URL field, and
HTTP version field.
 The method field can take on several different values, including
GET, POST, HEAD, PUT, and DELETE.
 In above message, browser is requesting the object
/somedir/page.html and version is self-explanatory; browser
implements version HTTP/1.1.
 The header line Host: www-net.cs.umass.edu specifies the host on
which the object resides.
 User agent indicate browser name and version.

50
2. HTTP Response Message
 HTTP response message consist of three part:
1. Status line
2. Header line
3. Data (Entity body)
status line
HTTP/1.1 200 OK\r\n
(protocol Date: Sun, 26 Sep 2010 20:09:20 GMT\r\n
status code Server: Apache/2.0.52 (CentOS)\r\n
status phrase) Last-Modified: Tue, 30 Oct 2007 17:00:02
GMT\r\n
header ETag: "17dc6-a5c-bf716880"\r\n
lines Accept-Ranges: bytes\r\n
Content-Length: 2652\r\n
Keep-Alive: timeout=10, max=100\r\n
Connection: Keep-Alive\r\n
Content-Type: text/html; charset=ISO-8859-
data, e.g., 1\r\n
requested \r\n
HTML file data data data data data ...

51
2. HTTP Response Message - Format
 The status line has three fields: protocol version field, status code and
corresponding status message.
 In below example, the status line indicates that the server is using
HTTP/1.1 and that everything is OK.
HTTP/1.1 200 OK\r\n
Date: Sun, 26 Sep 2010 20:09:20 GMT\r\n
Server: Apache/2.0.52 (CentOS)\r\n
Last-Modified: Tue, 30 Oct 2007 17:00:02 GMT\r\n
ETag: "17dc6-a5c-bf716880"\r\n
Accept-Ranges: bytes\r\n
Content-Length: 2652\r\n
Keep-Alive: timeout=10, max=100\r\n
Connection: Keep-Alive\r\n
Content-Type: text/html; charset=ISO-8859-1\r\n \r\n
data data data data data ...

Date: header
Content-Type:
Server:
Last-Modified:
Content-Length:
headerline indicates
header
header
header
line line the
indicates
line
line timethat
indicates
indicatesand date
that
the
the
thethewhen
number
time the
message
object
and HTTP
ofinbytes
date
was
the
response
generated
when
in
entity was
the the byiscreated
object
bodyobject
being
an
HTML and
Apache
wassent.
text.sent
Webby
created or the
lastserver.
server. modified.
52
HTTP Response Status Codes
 A status code appears in 1st line in server-to-client response
message.
 Some sample codes:

53
User-Server interactions: Cookie
 A small text file that is stored in the user's computer either temporarily for that
session only or permanently on the hard disk.
 Cookies provide a way for the Web site to recognize you and keep track of your
preferences.
 The cookie technology has four components:
1. A cookie header line in the HTTP response message
2. A cookie header line in the HTTP request message
3. A cookie file kept on the user’s end system and managed by the user’s browser
4. A back-end database at the Web site

Authorization Recommendations
Use of Cookies
User session state
Shopping carts (Web, Email)

54
 Cookies - Example
client server

ebay 8734 usual http request msg server

cookie file creates ID
usual http response
set-cookie: 1678 1678 for user create backend
ebay 8734 entry database
amazon 1678
usual http request msg
cookie: 1678 cookie- access
specific
usual http response msg action
one week later:
access
ebay 8734 usual http request msg
amazon 1678 cookie: 1678 cookie-
specific
usual http response msg action

55
Web Caches (Proxy Server)
 It satisfies HTTP requests on the behalf of an origin Web server.
 The Web cache has its own disk storage and keeps copies of
recently requested objects in this storage.

HT proxy
TP
server q uest
r equ re
HT P
client TP est
HT
T
p o nse
res r es origin
pon TP
se HT server
t
ues
req se
TP o n
HT res
p
TP
HT

client origin
server

56
Web Caches (Proxy Server) – Cont...
 A user’s browser can be configured so, user’s HTTP requests are first
directed to the Web Cache.
 A browser sends all HTTP requests to cache.
 As an example, suppose a browser is requesting the object
http://www.someschool.edu/campus.gif
 Object in cache returns to client browser.
 Otherwise cache requests object from origin server, then returns
object to client browser.
 Reduce response time for client request.
 Reduce traffic on an institution’s access link.
 Internet dense with caches: Insufficiency for content providers to
effectively deliver content.
57
Web Caches (Proxy Server) – Example
 Example: Institutional Network
and Internet
 Reduce response time for client
request.
 Reduce traffic on an institution’s
access link.
 Internet dense with caches:
Insufficiency for content providers
to effectively deliver content.

58