Network Models

2-1
Network Models

2-2
Network Models

2-3
Network Models

2-4
Network Models

2-5
Application Layer

2-6
Introduction

2-7
Introduction …

1-8
Introduction …

2-9
Introduction …

2-10
Introduction …

2-11
Introduction …
Introduction …

2-13
Introduction …

2-14
Introduction …

2-15
Introduction …

2-16
Introduction …

2-17
Introduction …

2-18
Introduction …

2-19
Outline
2.1 principles of network
applications
2.2 Web and HTTP
2.3 FTP
2.4 electronic mail
 SMTP, POP3, IMAP
2.5 DNS

2-20
Application layer
our goals:  learn about protocols by
 conceptual, examining popular
implementation aspects application-level
of network application protocols
protocols  HTTP
 transport-layer  FTP
service models  SMTP / POP3 / IMAP
 client-server  DNS
paradigm  creating network
 peer-to-peer applications
paradigm  socket API

2-21
Some network apps
 e-mail
 web
 text messaging
 remote login
 P2P file sharing
 multi-user network games
 streaming stored video
(YouTube, Hulu, Netflix)
 voice over IP (e.g., Skype)
 real-time video
conferencing
 social networking
 …
 …

2-22
Creating a network app application
transport
network
data link

write programs that: physical

 run on (different) end

systems
 communicate over network
 e.g., web server software
communicates with browser
software
application

no need to write software for transport

network

network-core devices data link

physical
application
transport
network
 network-core devices do data link
physical
not run user applications
 applications on end systems
allows for rapid app
development, propagation
2-23
Application architectures
possible structure of applications:
 client-server
 peer-to-peer (P2P)

2-24
 Client-server architecture : email,
network printing, and the World Wide Web

server:
 always-on host
 permanent IP address
 data centers for scaling

clients:
 communicate with server
client/server  may be intermittently
connected
 may have dynamic IP
addresses
 do not communicate directly
with each other
2-25
P2P architecture : (Gnutella, Kazaa, BitTorrent, Skype)
 no always-on server peer-peer
 arbitrary end systems directly
communicate
 peers request service from
other peers, provide service in
return to other peers
 self scalability – new peers
bring new service capacity,
as well as new service
demands
 peers are intermittently
connected and change IP
addresses
 complex management

2-26
P2P architecture
Main challenges met in developing P2P
application
 A computer can be accessed anytime.
 Network security must be applied to each computer
separately.
 Backup must be performed on each computer
 ISP throttling/blocking: Some ISP block or throttle p2p
traffic by ports or deep packet inspection
 Single points of failure: p2p networks still rely on a
centralized bootstrap and update server.
 Distribution: P2P infrastructure is dependent on user
adaption

2-27
Processes communicating
process: program running
within a host
 within same host, two
processes communicate
using inter-process
communication (defined by
OS)
 processes in different hosts
communicate by exchanging
messages
clients, servers
client process: process that
initiates communication
server process: process that
waits to be contacted
 aside: applications with P2P
architectures have client
processes & server
processes
2-28
Sockets
 process sends/receives messages to/from its socket
 socket analogous to door
 sending process shoves message out door
 sending process relies on transport infrastructure on
other side of door to deliver message to socket at
receiving process

application application
socket controlled by
process process app developer

transport transport
network network controlled
link by OS
link Internet
physical physical

2-29
Addressing processes
 to receive messages, process
must have identifier
 host device has unique 32-bit
IP address
 Q: does IP address of host
on which process runs suffice
for identifying the process?
 A: no, many processes
can be running on same
host
 identifier includes both IP
address and port numbers
associated with process on
host.
 example port numbers:
 HTTP server: 80
 mail server: 25
 to send HTTP message to
gaia.cs.umass.edu web
server:
 IP address: 128.119.245.12
 port number: 80
2-30
App-layer protocol defines
 types of messages open protocols:
exchanged,  defined in RFCs
 e.g., request, response  allows for interoperability
 message syntax:  e.g., HTTP, SMTP
 what fields in messages proprietary protocols:
& how fields are
 e.g., Skype
delineated
 message semantics
 meaning of information
in fields
 rules for when and how
processes send & respond
to messages

2-31
What transport service does an app need?
data integrity throughput
 some apps (e.g., file transfer,  some apps (e.g.,
web transactions) require multimedia) require
100% reliable data transfer minimum amount of
 other apps (e.g., audio) can
throughput to be
tolerate some loss “effective”
 other apps (“elastic apps”)

timing make use of whatever

throughput they get
 some apps (e.g., Internet
telephony, interactive security
games) require low delay
to be “effective”  encryption, data integrity,
…

2-32
 Transport service requirements: common apps

application data loss throughput time sensitive

file transfer no loss elastic no

e-mail no loss elastic no
Web documents no loss elastic no
real-time audio/video loss-tolerant audio: 5kbps-1Mbps yes, 100’s
video:10kbps-5Mbps msec
stored audio/video loss-tolerant same as above
interactive games loss-tolerant few kbps up yes, few secs
text messaging no loss elastic yes, 100’s
msec
yes and no

2-33
Internet transport protocols services

TCP service: UDP service:

 reliable transport between  unreliable data transfer
sending and receiving process between sending and
 flow control: sender won’t receiving process
overwhelm receiver  does not provide: reliability,
 congestion control: throttle flow control, congestion
sender when network control, timing, throughput
overloaded
guarantee, security, or
 does not provide: timing, connection setup,
minimum throughput
guarantee, security
 connection-oriented: setup
required between client and
server processes

2-34
Internet apps: application, transport protocols

application underlying
application layer protocol transport protocol

e-mail SMTP [RFC 2821] TCP

remote terminal access Telnet [RFC 854] TCP
Web HTTP [RFC 2616] TCP
file transfer FTP [RFC 959] TCP
streaming multimedia HTTP (e.g., YouTube), TCP or UDP
RTP [RFC 1889]
Internet telephony SIP, RTP, proprietary
(e.g., Skype) TCP or UDP

2-35
Application-Layer Protocols
Application-layer protocol defines:

1. The types of messages exchanged, for example, request messages

and response messages
2. The syntax of the various message types, such as the fields in the
message and how the fields are delineated
3. The semantics of the fields, that is, the meaning of the information in
the fields
4. Rules for determining when and how a process sends messages and
responds to messages

2-36
Chapter 2: outline
2.1 principles of network 2.6 P2P applications
applications 2.7 socket programming
 app architectures with UDP and TCP
 app requirements
2.2 Web and HTTP
2.3 FTP
2.4 electronic mail
 SMTP, POP3, IMAP
2.5 DNS

2-37
Web and HTTP
First, a review…
 web page consists of objects
 object can be HTML file, JPEG image, Java applet,
audio file,…
 web page consists of base HTML-file which
includes several referenced objects
 each object is addressable by a URL, e.g.,
www.someschool.edu/someDept/pic.gif

host name path name

2-38
HTTP overview
HTTP: hypertext
transfer protocol
 Web’s application layer
protocol PC running
 client/server model Firefox browser

 client: browser that

requests, receives,
(using HTTP protocol) server
and “displays” Web running
objects Apache Web
 server: Web server server
sends (using HTTP
protocol) objects in iphone running
response to requests Safari browser

2-39
HTTP overview (continued)
uses TCP:
 client initiates TCP
connection (creates
socket) to server, port 80
 server accepts TCP
connection from client
 HTTP messages
(application-layer protocol
messages) exchanged
between browser (HTTP
client) and Web server
(HTTP server)
 TCP connection closed
HTTP is “stateless”
 server maintains no
information about past
client requests
aside
protocols that maintain
“state” are complex!
 past history (state) must be
maintained
 if server/client crashes, their
views of “state” may be
inconsistent, must be
reconciled
2-40
HTTP overview (continued)

2-41
HTTP overview (continued)
Stateless Protocol Stateful Protocol

Stateless Protocol does not require the server to Stateful Protocol require server to save the status
retain the server information or session details. and session information.

In Stateless Protocol, there is no tight dependency In Stateful protocol, there is tight dependency
between server and client. between server and client

simplify the server design. design of server very complex and heavy.

Stateless Protocols works better at the time of Stateful Protocol does not work better at the time
crash because there is no state that must be of crash because stateful server have to keep the
restored, a failed server can simply restart after a information of the status and session details of the
crash. internal states.

Stateless Protocols handle the transaction very Stateful Protocols handle the transaction very
fastly. slowly.

Stateless Protocols are easy to implement in Stateful protocols are logically heavy to implement
Internet. in Internet.

Scaling architecture is relatively easier. It is difficult and complex to scale architecture.

To process different information at a time , To process every request , the same server must
different servers can be used. be utilized.

Example of Stateless are UDP , DNS , HTTP , etc. Example of Stateful are FTTP , Telnet , etc.
2-42
HTTP connections

2-43
HTTP connections
 Http 1.0 is a non-persistent connection, and http 1.1 is persistent
connection
 HTTP/1.0 was designed to close the connection after every request
between client and server

2-44
HTTP connections
non-persistent HTTP persistent HTTP
 at most one object  multiple objects can
sent over TCP be sent over single
connection TCP connection
 connection then between client, server
closed
 downloading multiple
objects required
multiple connections

2-45
 Non-persistent HTTP
suppose user enters URL:
www.someSchool.edu/someDepartment/home.index
1a. HTTP client initiates TCP
connection to HTTP server
(process) at
www.someSchool.edu on port
80
2. HTTP client sends HTTP request
message (containing URL) into
TCP connection socket.
Message indicates that client
wants object
someDepartment/home.index
time
(contains text,
references to 10
jpeg images)
1b. HTTP server at host
www.someSchool.edu waiting
for TCP connection at port 80.
“accepts” connection, notifying
client
3. HTTP server receives request
message, forms response
message containing requested
object, and sends message into
its socket
2-46
 Non-persistent HTTP (cont.)
4. HTTP server closes TCP
connection.
5. HTTP client receives response
message containing html file,
displays html. Parsing html file,
finds 10 referenced jpeg objects

time
6. Steps 1-5 repeated for each of
10 jpeg objects

2-47
Non-persistent HTTP: response time

RTT (definition): time for a

small packet to travel from
client to server and back
HTTP response time: initiate TCP
 one RTT to initiate TCP
connection

connection RTT

 one RTT for HTTP request

request
file
and first few bytes of HTTP RTT
time to
response to return transmit
file
 file transmission time file
received

time time

Non-persistent HTTP response time =

2RTT+ file transmission time
2-48
Persistent HTTP
non-persistent HTTP issues:
 requires 2 RTTs per object
 OS overhead for each TCP
connection
 browsers often open
parallel TCP connections
to fetch referenced objects
persistent HTTP:
 server leaves connection
open after sending
response
 subsequent HTTP
messages between same
client/server sent over
open connection
 client sends requests as
soon as it encounters a
referenced object
 as little as one RTT for all
the referenced objects
2-49
Persistent and Non-persistent HTTP

2-50
Persistent and Non-persistent HTTP

2-51
Persistent and Non-persistent HTTP

2-52
Persistent and Non-persistent HTTP

2-53
Persistent and Non-persistent HTTP

2-54
Persistent and Non-persistent HTTP
Assume that you have base HTML file with 30 embedded images, images &
base file are small enough to fit in one TCP segment.
How many RTT are required to retrieve base file & images under-following
condition :

(i) Non-Persistent connection without parallel connection

(ii) Non-persistent connection with 10 parallel connection
(iii) Persistent connection without pipe-lining
(iv) Persistent connection with pipe-lining

(Assume RTT dominates all other time)

2-55
Persistent and Non-persistent HTTP
2RTT is the initial required connection one for TCP connection and one
for HTML base file.
Total time = 2RTT + transmit time
Non-Persistent connection with no parallel connection :
Here for each image 2 RTT are required one for TCP connection and
one for image to send.
So transmit time for 30 images = 2*(30 RTT) = 60 RTT
Total time = 2 RTT+60 RTT = 62RTT
Non-persistent connection with 10 parallel connection :
Here 10 images can be send simultaneously.
So for 30 images it required -> 2*(30/10) = 6RTT
Total time = 2 RTT + 6 RTT = 8RTT
Persistent connection without pipelining :
Here TCP connection is required again and again.
So for 30 images it requires -> 30 RTTs
Total time = 2 RTT + 30 RTT = 32RTT
2-56
Persistent and Non-persistent HTTP
Persistent connection with pipe-lining :
Since it is Persistent connection TCP connection is not required again
and again.
Pipe-lining means in one packet only images which can fit, can be send.
In Pipe-lining connection we can send all images in 1RTT.
Total time = 2 RTT + 1 RTT = 3RTT

2-57
HTTP messages

2-58
 HTTP request message

 two types of HTTP messages: request, response

 HTTP request message:
 ASCII (human-readable format)
carriage return character
line-feed character
request line
(GET, POST, PUT, GET /index.html HTTP/1.1\r\n
DELETE Host: www-net.cs.umass.edu\r\n
User-Agent: Firefox/3.6.10\r\n
HEAD commands)
Accept: text/html,application/xhtml+xml\r\n
header Accept-Language: en-us,en;q=0.5\r\n
Accept-Encoding: gzip,deflate\r\n
lines Accept-Charset: ISO-8859-1,utf-8;q=0.7\r\n
carriage return, Keep-Alive: 115\r\n
line feed at start Connection: keep-alive\r\n
\r\n
of line indicates
end of header lines
2-59
HTTP request message: general format

2-60
Uploading form input
POST method:
 web page often includes
form input
 input is uploaded to
server in entity body

URL method:
 uses GET method
 input is uploaded in URL
field of request line:
www.somesite.com/animalsearch?monkeys&banana

2-61
Method types
HTTP/1.0: HTTP/1.1:
 GET  GET, POST, HEAD
 POST  PUT
 HEAD  uploads file in entity
 asks server to leave body to path specified
requested object out in URL field
of response  DELETE
 deletes file specified in
the URL field

2-62
Method types

2-63
 HTTP response message
status line
(protocol
status code HTTP/1.1 200 OK\r\n
status phrase) Date: Sun, 26 Sep 2010 20:09:20 GMT\r\n
Server: Apache/2.0.52 (CentOS)\r\n
Last-Modified: Tue, 30 Oct 2007 17:00:02
GMT\r\n
header ETag: "17dc6-a5c-bf716880"\r\n
Accept-Ranges: bytes\r\n
lines Content-Length: 2652\r\n
Keep-Alive: timeout=10, max=100\r\n
Connection: Keep-Alive\r\n
Content-Type: text/html; charset=ISO-8859-1\r\n
\r\n
data data data data data ...
data, e.g.,
requested
HTML file
2-64
HTTP response message (General Format)

2-65
HTTP response status codes
 status code appears in 1st line in server-to-
client response message.
 some sample codes:
200 OK
 request succeeded, requested object later in this msg
301 Moved Permanently
 requested object moved, new location specified later in this msg
(Location:)
400 Bad Request
 request msg not understood by server
404 Not Found
 requested document not found on this server
505 HTTP Version Not Supported
2-66
HTTP response status codes

2-67
Trying out HTTP (client side) for yourself
1. Telnet to your favorite Web server:

telnet cis.poly.edu 80 opens TCP connection to port 80

(default HTTP server port) at cis.poly.edu.
anything typed in sent
to port 80 at cis.poly.edu

2. type in a GET HTTP request:

GET /~ross/ HTTP/1.1 by typing this in (hit carriage
Host: cis.poly.edu return twice), you send
this minimal (but complete)
GET request to HTTP server

3. look at response message sent by HTTP server!

(or use Wireshark to look at captured HTTP request/response)
2-68
User-server state: cookies
 Cookies are small pieces of text sent to your
browser by a website you visit.
 They help that website remember information
about your visit, which can both make it easier to
visit the site again and make the site more useful to
you.

2-69
User-server state: cookies
example:
many Web sites use cookies  Susan always access Internet
four components: from PC
1) cookie header line of  visits specific e-commerce
HTTP response site for first time
message  when initial HTTP requests
2) cookie header line in arrives at site, site creates:
next HTTP request  unique ID
message  entry in backend
3) cookie file kept on database for ID
user’s host, managed
by user’s browser
4) back-end database at
Web site
2-70
 Cookies: keeping “state” (cont.)
client server

ebay 8734
usual http request msg Amazon server
cookie file creates ID
usual http response
1678 for user create backend
ebay 8734
set-cookie: 1678 entry database
amazon 1678
usual http request msg
cookie: 1678 cookie- access
specific
usual http response msg action

one week later:

access
ebay 8734 usual http request msg
amazon 1678 cookie: 1678 cookie-
specific
usual http response msg action
2-71
Cookies (continued)
aside
what cookies can be used cookies and privacy:
for:  cookies permit sites to
 authorization learn a lot about you
 shopping carts
 you may supply name and
 recommendations
e-mail to sites
 user session state (Web
e-mail)

how to keep “state”:

 protocol endpoints: maintain state at sender/receiver over
multiple transactions
 cookies: http messages carry state

2-72
Web caches (proxy server)
 Web caches (proxy server)
goal: satisfy client request without involving origin server
 user sets browser:
Web accesses via cache
 browser sends all HTTP proxy
requests to cache server
 object in cache: client
origin
cache returns object server
 else cache requests
object from origin
server, then returns
object to client
client origin
server

2-74
More about Web caching
 cache acts as both why Web caching?
client and server  reduce response time
 server for original for client request
requesting client
 client to origin server  reduce traffic on an
 typically cache is institution’s access link
installed by ISP  Internet dense with
(university, company, caches: enables “poor”
residential ISP) content providers to
effectively deliver
content

2-75
Conditional GET
client server
 Goal: don’t send object
if cache has up-to-date
cached version HTTP request msg
object
If-modified-since: <date>
 no object transmission not
delay modified
 lower link utilization HTTP response
before
HTTP/1.0
 cache: specify date of 304 Not Modified
<date>
cached copy in HTTP
request
If-modified-since:
<date> HTTP request msg
 server: response contains If-modified-since: <date> object
modified
no object if cached copy after
HTTP response
is up-to-date: HTTP/1.0 200 OK <date>
HTTP/1.0 304 Not <data>
Modified
2-76
Conditional GET

2-77
Chapter 2: outline
2.1 principles of network 2.6 P2P applications
applications 2.7 socket programming
 app architectures with UDP and TCP
 app requirements
2.2 Web and HTTP
2.3 FTP
2.4 electronic mail
 SMTP, POP3, IMAP
2.5 DNS

2-78
FTP: the file transfer protocol
file transfer
FTP FTP FTP
user client server
interface
user
at host remote file
local file system
system

 transfer file to/from remote host

 client/server model
 client: side that initiates transfer (either to/from remote)
 server: remote host
 ftp: RFC 959
 ftp server: port 21
2-79
FTP: separate control, data connections
TCP control
 FTP client contacts FTP server connection,
server port 21
at port 21, using TCP
 client authorized over control TCP data connection,
connection FTP server port 20 FTP
client server
 client browses remote
directory, sends commands
over control connection  server opens another TCP
data connection to transfer
 when server receives file another file
transfer command, server
opens 2nd TCP data  control connection: “out of
connection (for file) to client band”
 after transferring one file,  FTP server maintains
server closes data connection “state”: current directory,
earlier authentication

2-80
FTP: the file transfer protocol

2-81
FTP: the file transfer protocol

2-82
FTP: the file transfer protocol

2-83
FTP commands, responses
sample commands:
 sent as ASCII text over
control channel
 USER username
 PASS password
 LIST return list of file in
current directory
 RETR filename
retrieves (gets) file
 STOR filename stores
(puts) file onto remote
host
sample return codes
 status code and phrase (as
in HTTP)
 331 Username OK,
password required
 125 data
connection
already open;
transfer starting
 425 Can’t open
data connection
 452 Error writing
file

2-84
FTP commands, responses

2-85
FTP commands, responses

2-86
2-87
2-88
PARAMETER FTP HTTP
Full Form File Transfer Protocol Hyper Text Transfer Protocol
Port Number TCP port no 20 and 21 TCP port no 80 and 8080
Used to transfer files from remote Used to transfer web pages from
Philosophy computer after connection is remote server after internet
established connection is established.
1-way communication system where
2-way communication system where
content including pictures and texts
Communication upload and download of files from
can be transferred from server to
client to server can occur.
client.
HTTP is faster than FTP when
Speed of downloading one big file. HTTP can
FTP is slower than HTTP
download use parallel chunk download which
makes it 6x times faster than FTP
Applicability Used to access and transfer files. HTTP is used to view websites.
FTP can be accessed via the command The common HTTP client is the
Client
line or a GUI browser
Usage Used by fewer people Most widely used
Requires username and password for Does not requires username and
Authentication
authentication password for authentication

2-89
Chapter 2: outline
2.1 principles of network 2.6 P2P applications
applications 2.7 socket programming
 app architectures with UDP and TCP
 app requirements
2.2 Web and HTTP
2.3 FTP
2.4 electronic mail
 SMTP, POP3, IMAP
2.5 DNS

2-90
Electronic mail
Electronic mail outgoing
message queue
user mailbox
Three major components: user
agent
 user agents
 mail servers mail user
server agent
 simple mail transfer
protocol: SMTP SMTP mail user
server agent

User Agent SMTP

 a.k.a. “mail reader” SMTP user
agent
 composing, editing, reading mail
server
mail messages user
 e.g., Outlook, Thunderbird, agent
iPhone mail client user
agent
 outgoing, incoming
messages stored on server
2-92
 Electronic mail: mail servers outgoing
message queue
user mailbox
mail servers: user
agent
 mailbox contains incoming
messages for user mail user
server
 message queue of outgoing agent

(to be sent) mail messages SMTP mail user

 SMTP protocol between mail server agent
servers to send email SMTP
messages user
 client: sending mail server SMTP
agent
mail
 server: receiving mail server
server user
agent
user
agent

2-93
Electronic Mail: SMTP [RFC 2821]
 uses TCP to reliably transfer email message from
client to server, port 25
 direct transfer: sending server to receiving server
 three phases of transfer
 handshaking (greeting)
 transfer of messages
 closure
 command/response interaction (like HTTP, FTP)
 commands: ASCII text
 response: status code and phrase
 messages must be in 7-bit ASCI

2-94
Scenario: Alice sends message to Bob
1) Alice uses UA to compose
message “to”
[email protected]
2) Alice’s UA sends message
to her mail server; message
placed in message queue
3) client side of SMTP opens
TCP connection with Bob’s
mail server
4) SMTP client sends Alice’s
message over the TCP
connection
5) Bob’s mail server places the
message in Bob’s mailbox
6) Bob invokes his user agent
to read message

1 user mail user

mail agent
agent server server
2 3 6
4
5
Alice’s mail server Bob’s mail server
2-95
Sample SMTP interaction
S: 220 hamburger.edu
C: HELO crepes.fr
S: 250 Hello crepes.fr, pleased to meet you
C: MAIL FROM: <[email protected]>
S: 250 [email protected]... Sender ok
C: RCPT TO: <[email protected]>
S: 250 [email protected] ... Recipient ok
C: DATA
S: 354 Enter mail, end with "." on a line by itself
C: Do you like ketchup?
C: How about pickles?
C: .
S: 250 Message accepted for delivery
C: QUIT
S: 221 hamburger.edu closing connection

2-96
SMTP: final words
 SMTP uses persistent comparison with HTTP:
connections
 HTTP: pull
 SMTP requires message
(header & body) to be in  SMTP: push
7-bit ASCII  both have ASCII
 SMTP server uses command/response
CRLF.CRLF to interaction, status codes
determine end of message
 HTTP: each object
encapsulated in its own
response msg
 SMTP: multiple objects sent
in multipart msg

2-97
SMTP: final words

2-98
HTTP and SMTP

2-99
2-100
 HTTP and SMTP
# HTTP
HTTP stands for Hypertext transfer
1
protocol.
2 HTTP is used for data and file transfer
3 HTTP uses port no 80
HTTP uses TCP connection as Persistent and SMTP uses persistent TCP connection
4
non-persistent
HTTP transfers files and data |information
5
from a web server to web clients
6 HTTP uses the Pull protocol
7 HTTP uses band type in-band
8 HTTP does not require 7-bit ASCII
“telnet HTTP server” command is used to
9 “telnet SMTP server” is used in SMTP.
interact with them in HTTP
HTTP encapsulates each object in its own
10
HTTP response message
SMTP
SMTP stands for simple mail transfer
protocol.
SMTP is used for mail services.
SMTP uses port no 25.
only.
SMTP uses mail servers to transfer
emails from one inbox to another.
SMTP uses push protocol.
SMTP uses band type in-band.
SMTP requires 7-bit ASCII [American
Standard Code of Information and
interchange].
SMTP places all of the message’s
objects into one message. 2-101
Mail message format

SMTP: protocol for

exchanging email msgs header
blank
RFC 822: standard for text line
message format:
 header lines, e.g.,
 To: body
 From:
 Subject:

 Body: the “message”

 ASCII characters only

2-102
Mail access protocols
user
mail access user
SMTP SMTP protocol
agent agent
(e.g., POP,
IMAP)

sender’s mail receiver’s mail

server server

 SMTP: delivery/storage to receiver’s server

 mail access protocol: retrieval from server
 POP: Post Office Protocol [RFC 1939]: authorization,
download
 IMAP: Internet Mail Access Protocol [RFC 1730]: more
features, including manipulation of stored msgs on
server
 HTTP: gmail, Hotmail, Yahoo! Mail, etc.

2-103
POP3 protocol (110)
S: +OK POP3 server ready
C: user bob
authorization phase S:
C:
+OK
pass hungry
 client commands: S: +OK user successfully logged on
 user: declare username
 pass: password C: list
S: 1 498
 server responses
S: 2 912
 +OK S: .
 -ERR C: retr 1
transaction phase, client: S:
S:
<message 1 contents>
.
 list: list message numbers C: dele 1
 retr: retrieve message by C: retr 2
number S: <message 1 contents>
 dele: delete S: .
 quit C: dele 2
C: quit
S: +OK POP3 server signing off
2-104
POP3 protocol (110)

2-105
POP3 (more) and IMAP
more about POP3 IMAP
 previous example uses  keeps all messages in one
POP3 “download and place: at server
delete” mode  allows user to organize
 Bob cannot re-read e- messages in folders
mail if he changes  keeps user state across
client sessions:
 POP3 “download-and-  names of folders and
keep”: copies of mappings between
messages on different message IDs and folder
clients name
 POP3 is stateless across
sessions

2-106
POP3 and IMAP

2-107
POP3 and IMAP

2-108
POP3 (more) and IMAP

2-109
Chapter 2: outline
2.1 principles of network 2.6 P2P applications
applications 2.7 socket programming
 app architectures with UDP and TCP
 app requirements
2.2 Web and HTTP
2.3 FTP
2.4 electronic mail
 SMTP, POP3, IMAP
2.5 DNS

2-110
DNS: domain name system
people: many identifiers: Domain Name System:
 SSN, name, passport #  distributed database
Internet hosts, routers: implemented in hierarchy of
 IP address (32 bit) - many name servers
used for addressing  application-layer protocol:
datagrams hosts, name servers
 “name”, e.g., communicate to resolve names
www.yahoo.com - (address/name translation)
used by humans
Q: how to map between IP
address and name, and
vice versa ?

2-111
DNS: domain name system

2-112
 DNS: services, structure
DNS services why not centralize DNS?
 hostname to IP address  single point of failure
translation  traffic volume
 host aliasing  distant centralized database
 canonical, alias names  maintenance
 mail server aliasing
 load distribution
 replicated Web
servers: many IP
addresses correspond to
one name
relay1.west-coast.enterprise.com could have, say, two aliases such as
enterprise.com and www.enterprise.com
hotmail.com (relay1.west-coast.hotmail.com)
2-113
DNS: a distributed, hierarchical database
Root DNS Servers

… …

com DNS servers org DNS servers edu DNS servers

pbs.org poly.edu umass.edu

yahoo.com amazon.com
DNS servers DNS serversDNS servers
DNS servers DNS servers

client wants IP for www.amazon.com; 1st approx:

 client queries root server to find com DNS server
 client queries .com DNS server to get amazon.com DNS server
 client queries amazon.com DNS server to get IP address for
www.amazon.com

2-114
DNS: a distributed, hierarchical database

2-115
 DNS: root name servers
 contacted by local name server that can not resolve name
 root name server:
 contacts authoritative name server if name mapping not known
 gets mapping
 returns mapping to local name server

2-116
DNS: root name servers

2-117
DNS: root name servers

2-118
 TLD, authoritative servers
top-level domain (TLD) servers:
 responsible for com, org, net, edu, aero, jobs,
museums, and all top-level country domains,
e.g.: uk, fr, ca, jp
 Network Solutions maintains servers for .com
TLD
 Educause for .edu TLD
authoritative DNS servers:
 organization’s own DNS server(s), providing
authoritative hostname to IP mappings for
organization’s named hosts
 can be maintained by organization or service
provider

2-119
Local DNS name server
 does not strictly belong to hierarchy
 each ISP (residential ISP, company, university) has
one
 also called “default name server”
 when host makes DNS query, query is sent to its
local DNS server
 has local cache of recent name-to-address translation
pairs (but may be out of date!)
 acts as proxy, forwards query into hierarchy

2-120
DNS

2-121
DNS

2-122
DNS name root DNS server
resolution example
2
 host at cis.poly.edu 3
TLD DNS server
wants IP address for 4
gaia.cs.umass.edu
5

iterated query: local DNS server

dns.poly.edu
 contacted server 7 6
1 8
replies with name of
server to contact
authoritative DNS server
 “I don’t know this dns.cs.umass.edu
name, but ask this requesting host
server” cis.poly.edu

gaia.cs.umass.edu

2-123
DNS name root DNS server
resolution example
2 3
recursive query: 7
6
 puts burden of name TLD DNS
server
resolution on
contacted name local DNS server
server dns.poly.edu 5 4

 heavy load at upper 1 8

levels of hierarchy?
authoritative DNS server
dns.cs.umass.edu
requesting host
cis.poly.edu

gaia.cs.umass.edu

2-124
 root DNS server root DNS server

2 2 3
3 7
TLD DNS server 6
4
TLD DNS
5 server

local DNS server local DNS server

dns.poly.edu dns.poly.edu 5 4
7 6
8 1 8

authoritative DNS server authoritative DNS server

dns.cs.umass.edu dns.cs.umass.edu
requesting host requesting host
cis.poly.edu cis.poly.edu

gaia.cs.umass.edu gaia.cs.umass.edu

2-125
DNS

2-126
DNS: caching, updating records
 once (any) name server learns mapping, it caches
mapping
 cache entries timeout (disappear) after some time (TTL)
 TLD servers typically cached in local name servers
• thus root name servers not often visited
 cached entries may be out-of-date (best effort
name-to-address translation!)
 if name host changes IP address, may not be known
Internet-wide until all TTLs expire
 update/notify mechanisms proposed IETF standard
 RFC 2136

2-127
DNS records
DNS: distributed db storing resource records (RR)
RR format: (name, value, type, ttl)

type=A type=CNAME
 name is hostname  name is alias name for some
 value is IP address “canonical” (the real) name
type=NS  www.ibm.com is really
 name is domain (e.g., servereast.backup2.ibm.com
foo.com)  value is canonical name
 value is hostname of
authoritative name type=MX
server for this domain  value is name of mailserver
associated with name

2-128
DNS records
RR format: (name, value, type, ttl)

2-129
DNS records
RR format: (name, value, type, ttl)

2-130
DNS records
RR format: (name, value, type, ttl)

2-131
DNS records
RR format: (name, value, type, ttl)

2-132
DNS protocol, messages

2-133
DNS protocol, messages
 query and reply messages, both with same message
format 2 bytes 2 bytes

msg header identification flags

 identification: 16 bit # for # questions # answer RRs

query, reply to query uses
# authority RRs # additional RRs
same #
 flags: questions (variable # of questions)
 query or reply
 recursion desired answers (variable # of RRs)
 recursion available
 reply is authoritative authority (variable # of RRs)

additional info (variable # of RRs)

2-134
DNS protocol, messages

2 bytes 2 bytes

identification flags

# questions # answer RRs

# authority RRs # additional RRs

name, type fields

questions (variable # of questions)
for a query
RRs in response answers (variable # of RRs)
to query
records for
authority (variable # of RRs)
authoritative servers
additional “helpful” additional info (variable # of RRs)
info that may be used
2-135
DNS
protocol,
messages

2-136
Inserting records into DNS
 example: new startup “Network Utopia”
 register name networkuptopia.com at DNS
registrar (e.g., Network Solutions)
 provide names, IP addresses of authoritative name server
(primary and secondary)
 registrar inserts two RRs into .com TLD server:
(networkutopia.com, dns1.networkutopia.com, NS)
(dns1.networkutopia.com, 212.212.212.1, A)
 create authoritative server type A record for
www.networkuptopia.com; type MX record for
networkutopia.com

2-137
Attacking DNS
DDoS attacks Redirect attacks
 Bombard root servers  Man-in-middle
with traffic  Intercept queries
 Not successful to date  DNS poisoning
 Traffic Filtering  Send bogus relies to
 Local DNS servers DNS server, which
cache IPs of TLD caches
servers, allowing root Exploit DNS for DDoS
server bypass
 Send queries with
 Bombard TLD servers
spoofed source address:
 Potentially more
dangerous target IP

2-138
Recap…

2-139