Introduction and Functions of Application layer

Application layer is the top most layer in OSI and TCP/IP layered model. It provides the
interface between application software and the transport layer to enable network services directly
for end-user applications. Functions of Application Layer

The functions of application layer are explained below:

User Interface: It represents the user interface to low-level layers and multiple application
processes.

Security: It is responsible for the execution of the security tests at the user entity points.

File Transfer: The application layer supports the file transfer access and management (FTAM).
It enables customers to create files in a remote system to retrieve the documents from a remote
system and to handle or control the files in a remote system.

E-mail: It supports a basis for email forwarding and string.

Database Access: It supports distributed database sources and global data about several objects
and functions.

Addressing: It is used for the connection between user and server. There is a requirement for
addressing. When a user requests the server, the request includes the server address and its
address. The server responds to the user request and the request consists of the destination
address, i.e., client address.

Directory Services: An application includes a distributed database that supports the global data
about multiple objects and functions.
Web & HTTP

HTTP is a protocol for fetching resources such as HTML documents. It is the foundation of any
data exchange on the Web and it is a client-server protocol, which means requests are initiated
by the recipient, usually the Web browser. A complete document is typically constructed from
resources such as text content, layout instructions, images, videos, scripts, and more.

Non-Persistent Connection

In non-persistent connection HTTP, there can be at most one object that can be sent over a single
TCP connection. This means that for each object that is to be sent from source to destination, a
new connection will be created. HTTP/1.0 is the version of HTTP that uses a non-persistent
connection.

Non-persistent HTTP is used in fetching those objects which are not needed that frequently. It
requires 2 RTT (round trip time) for each object that is to be transmitted (1 RTT to open the
connection and 1 RTT for transmission of data).

Advantages of Non-Persistent Connection

 It does not lead to wastage of resources since the connection is opened only when some
data needs to be sent over it.
 It is more secure than persistent HTTP since after sending data over the connection, the
connection gets terminated and nothing can be transmitted over it once it gets terminated.

Disadvantages of Non-Persistent Connection

 It needs to maintain an extra overhead to open a TCP connection each time some data
needs to be transmitted over it.
 It has a slow start because of the opening of a TCP connection on every data
transmission.

Persistent Connection

In persistent connection HTTP, multiple objects can be sent over a single TCP connection. This
means that multiple objects can be transmitted from source to destination on a single HTTP
connection. HTTP/1.1 is the version of HTTP that uses a persistent connection.
All modern web browsers like Mozilla Firefox and Google Chrome use persistent HTTP
connections. It does not require 2 RTT (round trip time) for each object that is to be transmitted.
After a successful opening of the TCP connection (opening of TCP connection is done by 3-Way
Handshaking which takes 1 RTT), each object will require only 1 RTT to be transmitted.

Advantages of Persistent connection

 Persistent connection saves CPU resources and time since the opening of the connection
takes place only once.
 It gives a fast start to send any object from a source to a destination. Also, it results in
relatively less network congestion and latency on subsequent HTTP requests compared to
non-persistent HTTP.

Disadvantages of Persistent Connection

 Persistent connection results in wastage of network resources since the connection

remains open even when there is no transmission of data.
 It is less secure than non-persistent HTTP since the connection once opened remains
always open.

HTTP Message Format

HTTP Request Message: When you visit a website, your browser (the client) sends a message
to the website's server asking for the page you want to see. This message is called an HTTP
request, and it’s a bit like a polite request letter.
Here’s how it’s structured:

Request Line: This is like the opening line of your request letter. It tells the server what you
want to do, the page you want to get, and the language you’re speaking (HTTP version).

Method: "GET" here means you’re asking to fetch a page. Other methods could be "POST" (to
send data), "PUT" (to update data), etc.

URL: This is the address of the page you want.

HTTP Version: This tells the server what version of the language (HTTP) you’re speaking.

Headers: These are like the extra details in your letter that give the server more context. They
might include:

User-Agent: Info about your browser so the server knows who’s asking.

Accept: The types of content you can handle, like HTML.

Blank Line: This is just a space to separate the headers from any body content.

Body: Sometimes, your request might include some additional information, like form data. This
goes here, but it’s not always needed.

Example of an HTTP Request

GET /hello.html HTTP/1.1

Host: www.example.com

User-Agent: Mozilla/5.0

Accept: text/html

HTTP Response Message

After the server gets your request, it sends back an HTTP response. Think of this as the server’s
reply letter. Here’s how it’s structured:

Status Line: This is the opening line of the server’s reply. It tells you if your request was
successful and gives a brief explanation.
HTTP Version: The language version.

Status Code: Numbers like 200 (OK), 404 (Not Found), etc., which indicate how things went.

Reason Phrase: A short explanation of the status code.

Headers: More details about the reply, like what kind of content is coming and how big it is.

Content-Type: The type of content, like HTML, JSON, etc.

Content-Length: How much content there is, in bytes.

Blank Line: Another space to separate the headers from the body content.

Body: The actual content you asked for, like the HTML of the web page.

Example of an HTTP Response

HTTP/1.1 200 OK

Content-Type: text/html

Content-Length: 137

<html>

<head>

<title>Hello</title>

</head>

<body>

<h1>Hello, World!</h1>

</body>

</html>
Overview of Application Server Concepts

Proxy Server: A proxy server is a system or router that provides a gateway between users and
the internet. Therefore, it helps prevent cyber attackers from entering a private network. It is a
server, referred to as an “intermediary” because it goes between end-users and the web pages
they visit online.

When a computer connects to the internet, it uses an IP address. This is similar to your home’s
street address, telling incoming data where to go and marking outgoing data with a return address
for other devices to authenticate. A proxy server is essentially a computer on the internet that has
an IP address of its own.

Web Server: Web server is a program which processes the network requests of the users and
serves them with files that create web pages. This exchange takes place using Hypertext Transfer
Protocol (HTTP).

Basically, web servers are computers used to store HTTP files which makes a website and when
a client requests a certain website, it delivers the requested website to the client. For example,
you want to open Facebook on your laptop and enter the URL in the search bar of google. Now,
the laptop will send an HTTP request to view the facebook webpage to another computer known
as the webserver. This computer (webserver) contains all the files (usually in HTTP format)
which make up the website like text, images, gif files, etc. After processing the request, the
webserver will send the requested website-related files to your computer and then you can reach
the website.
Mail Server: A mail server (sometimes called an email server) is a software program that sends
and receives email. Often, it is used as a blanket term for both mail transfer agents (MTA) and
mail delivery agents (MDA), each of which perform a slightly different function.

Mail servers play a crucial role in the email delivery process. Without them, users would have no
way of transferring those messages to and from other mail clients.

Network Management

Simple Network Management Protocol (SNMP) is a widely used protocol for monitoring and
managing devices on IP networks. It allows network administrators to collect information from
network devices like routers, switches, servers, and printers, and modify their settings if needed.
SNMP operates through a manager-agent model, where the manager (network management
station) communicates with an agent (software on the managed device) to retrieve or set
information using operations like GET, SET, and TRAP. This helps ensure the network operates
efficiently and any issues are quickly addressed.

Transport mapping in the context of SNMP refers to the method by which SNMP messages are
transmitted between the manager and the agent. The most common transport protocol used for
SNMP is the User Datagram Protocol (UDP), specifically on port 161 for SNMP requests and
responses, and port 162 for SNMP traps. Transport mapping ensures that SNMP messages are
correctly encapsulated and transmitted over the network, allowing for efficient communication
and data exchange between network management systems and managed devices.

DNS and DNS Query Type

The Domain Name System (DNS) is the phonebook of the Internet. Humans access information
online through domain names, like nytimes.com or espn.com. Web browsers interact through
Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can
load Internet resources.

Here are 3 different DNS query types. Depending on the query type, the DNS server behaves
differently when it answers requests.

 Non-Recursive Query: In a non-recursive query, the DNS server is expected to hold and
return the answer for the requested hostname. The DNS server will proceed to return the
answers from its own local cache or database. If the DNS server is unable to find
information about the requested hostname, it will respond with an empty response
instead.
 Recursive Query: A recursive query tells the querying DNS server or resolve that it
should provide an answer for the send questions. If the server itself serves as an
authoritative server for this domain, it should respond with the normal response. If
however, the server is not an authoritative server for this domain, it should start a
recursive query process to resolve the domain name itself and then return the resulting
records.
 Iterative Query: In an iterative DNS query, the DNS client asks the server to resolve the
requested questions to the best of its abilities. If the DNS server is the authoritative server
or contains the information about the request in its cache, it will provide the answer to the
 client. However, if the DNS server is unable to determine a response, it will send back a
referral to other DNS servers which might be able to provide the answer.

Services Provided By DNS

Translating Website Names to IP Addresses: When you type a website name like
"www.example.com" into your browser, DNS translates that name into an IP address (like
192.0.2.1) that computers use to find each other on the internet.

Email Routing: DNS helps route emails to the correct mail servers by translating email
addresses to the IP addresses of the mail servers.

Load Balancing: DNS can help distribute traffic across multiple servers to ensure no single
server gets overwhelmed, making websites faster and more reliable.

Domain Name Aliasing: DNS allows multiple domain names to point to the same IP address.
This is useful for having multiple websites or subdomains that need to go to the same place.

Security (DNSSEC): DNS Security Extensions (DNSSEC) adds an extra layer of security to
ensure that the responses to DNS queries are authentic and haven't been tampered with.

Service Discovery: DNS can be used to locate services within a network, such as finding the
appropriate server for a particular service like a database or an application server.

Reverse DNS Lookup: DNS can also translate IP addresses back into human-readable domain
names, which is useful for tracking and identifying network traffic sources.

Redirection Services: DNS can redirect traffic from one domain to another, which is helpful if a
website has moved to a new domain or if you want to have multiple domains leading to the same
website.

How DNS Works?

The process of DNS resolution involves converting a hostname (such as www.example.com) into
a computer-friendly IP address (such as 192.168.1.1). An IP address is given to each device on
the Internet, and that address is necessary to find the appropriate Internet device - like a street
address is used to find a particular home. When a user wants to load a webpage, a translation
must occur between what a user types into their web browser (example.com) and the machine-
friendly address necessary to locate the example.com webpage.

In order to understand the process behind the DNS resolution, it’s important to learn about the
different hardware components a DNS query must pass between. For the web browser, the DNS
lookup occurs "behind the scenes" and requires no interaction from the user’s computer apart
from the initial request.

DNS Records

DNS records are the fundamental building blocks of the Domain Name System (DNS). They
store information about domain names, including their corresponding IP addresses (A and
AAAA records), mail servers (MX records), aliases (CNAME records), and various other data.
These records help direct internet traffic to the right places, ensuring websites, emails, and other
services work correctly.

DNS Messages

DNS messages are the queries and responses exchanged between DNS clients and servers. When
you type a website name into your browser, your computer sends a DNS query message to a
DNS server. The server then replies with a DNS response message containing the requested
information, such as the IP address of the website. This process allows users to access websites
using easy-to-remember domain names instead of numerical IP addresses.

File Transfer and Email Protocols

FTP (File Transfer Protocol) is a standard network protocol used to transfer files between a
client and a server over the internet or a local network. It allows users to upload, download, and
manage files on a remote server, but it lacks encryption, meaning data is transferred in plain text,
which can be a security risk.

SFTP (Secure File Transfer Protocol) is a secure version of FTP that uses Secure Shell (SSH)
to encrypt data transfers. Unlike FTP, SFTP ensures that all data, including commands and files,
are encrypted, providing a secure way to transfer files over a network, making it ideal for
sensitive data transactions.

SMTP (Simple Mail Transfer Protocol) is the protocol used for sending emails across the
internet. It handles the process of sending, routing, and delivering email messages from a
sender's email client to the recipient's email server, ensuring that your emails reach their intended
destination.

IMAP (Internet Message Access Protocol) is a protocol used by email clients to retrieve
messages from a mail server. It allows users to access and manage their email from multiple
devices, as it keeps emails on the server until they are explicitly deleted, providing flexibility and
synchronization across devices.

POP3 (Post Office Protocol version 3) is an email protocol used to retrieve messages from a
mail server to a local email client. Once downloaded, the emails are typically deleted from the
server, making this protocol suitable for users who primarily access their email from a single
device.