COMPUTER NETWORKS BCS502

Module-5

Introduction to Application Layer: Introduction, Client-Server Programming, Standard Client-

Server Protocols: World Wide Web and HTTP, FTP, Electronic Mail, Domain Name System
(DNS), TELNET, Secure Shell (SSH)

5.1 INTRODUCTION

The application layer allows users to communicate by creating a logical connection that feels like
a direct link between their devices, even though the actual communication happens through
multiple devices and physical channels.

Fig. 5.1: Logical connection at the application layer

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 1

COMPUTER NETWORKS BCS502

For example, a researcher named Alice from Sky Research orders a book from Bob, a server at
Scientific Books. While it seems like they are directly connected, their messages travel through
various routers and networks before reaching each other. This logical connection makes
communication seamless at the application layer, even though the underlying process is more
complex.

5.1.1 Providing Services

Communication networks were originally designed to provide specific services, like the telephone
network for voice calls, but over time, they adapted to support additional functions, such as faxing.
The Internet was also created to serve users globally, but its flexible layered architecture, based on
the TCP/IP protocol suite, allows it to evolve more easily than traditional networks. Each layer in
the suite can have protocols added, removed, or replaced as long as they work with the layer below.
The application layer is unique because it directly serves users and relies only on the transport
layer. This flexibility makes it simple to add new application protocols, which is why the Internet
has grown to support countless applications since its creation.

Standard application protocols are predefined and widely used, like HTTP for web browsing or
SMTP for email, ensuring consistent communication across the Internet. Non-standard
application protocols are custom-made for specific purposes, often used within private networks
or specialized systems, and may not follow universal rules.

5.1.2 Application Layer Paradigms

Using the Internet requires two application programs communicating across the network, either
through a client-server paradigm, where one requests services and the other provides them, or a
peer-to-peer paradigm, where both can act as equals.

Traditional Paradigm: Client-Server

The client-server paradigm is a traditional model where a server program runs continuously to
provide services, and client programs connect to request these services when needed. For
example, like a phone directory service always ready to take calls, the server must be powerful
enough to handle many clients simultaneously, which can strain resources. This setup requires a
dedicated service provider to invest in maintaining the server, often needing a revenue source to

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 2

COMPUTER NETWORKS BCS502

sustain it. While it has limitations, this model is still widely used for services like websites (HTTP),
file transfers (FTP), email, and secure connections (SSH).

Fig. 5.2: Example of a client-server paradigm

New Paradigm: Peer-to-Peer

The peer-to-peer (P2P) paradigm allows computers to share responsibilities, acting as both service
providers and receivers without needing a dedicated server running constantly. For example, in
Internet telephony or file sharing, any user can provide or access resources without maintaining an
expensive server. While P2P is scalable and cost-effective, it faces challenges like ensuring secure
communication and being suitable for all applications. Popular examples of P2P applications
include BitTorrent, Skype, and IPTV.

Mixed Paradigm

An application may choose to use a mixture of the two paradigms by combining the advantages of
both. For example, a light-load client-server communication can be used to find the address of the
peer that can offer a service. When the address of the peer is found, the actual service can be
received from the peer by using the peer-to peer paradigm.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 3

COMPUTER NETWORKS BCS502

Fig. 5.3: Example of a peer-to-peer paradigm

5.2 CLIENT-SERVER PROGRAMMING

In the client-server model, the server runs continuously to handle requests, while the client starts
temporarily to send requests and receive responses.

5.2.1 Application Programming Interface

Fig. 5.4: Position of the socket interface

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 4

COMPUTER NETWORKS BCS502

A client process communicates with a server process using a set of instructions called an
Application Programming Interface (API), which enables interaction between the application
layer and the operating system's network protocols. One common API is the socket interface,
developed in the 1980s as part of UNIX. Sockets act like sources and sinks, similar to files or
devices, allowing programs to send and receive data using familiar programming instructions
without major changes. This simplifies communication between processes over the Internet by
integrating it into existing programming practices.

Fig. 5.5: Sockets used the same way as other sources and sinks

Sockets

Fig. 5.6: Use of sockets in process-to-process communication

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 5

COMPUTER NETWORKS BCS502

A socket is an abstract object used by programs to enable communication between a client and
server. It acts as an endpoint for sending and receiving data. Communication happens between two
sockets at each end, with the operating system and TCP/IP protocols handling the underlying tasks.
A socket is identified by a combination of an IP address (to specify the device) and a port number
(to identify the specific application).

Server Socket Addresses

The server requires a local socket address (its IP and port) and a remote socket address (the
client's IP and port). The local address includes the server's IP, provided by the operating system,
and a port number, which could be a predefined one like 80 for HTTP or a custom one chosen by
the designer. The remote address, however, is unknown until the client connects. The server
retrieves it from the client’s request and updates it for each interaction.

Fig. 5.7: Socket Address

Client Socket Addresses

The client also needs a local socket address (its IP and a temporary port) and a remote socket
address (the server's IP and port). The local IP is provided by the operating system, and a
temporary port is assigned from an available range. For the remote address, the client typically
knows the server's port, but the server's IP may require resolution. If the server is identified by a
name (e.g., URL or email), the Domain Name System (DNS) helps map this name to the correct
IP address, similar to a telephone directory matching name to phone numbers.

5.2.2 Using Services of the Transport Layer

Application processes rely on transport layer protocols like UDP, TCP, or SCTP for
communication, and the choice of protocol impacts the application's capabilities and performance.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 6

COMPUTER NETWORKS BCS502

UDP Protocol:

UDP is a connectionless and unreliable protocol, meaning it sends messages (datagrams)

independently without ensuring that they are received correctly. It’s faster and simpler than other
protocols, making it suitable for applications like streaming or online games, where speed matters
more than reliability.

TCP Protocol:

TCP is a connection-oriented and reliable protocol, meaning it sets up a connection first and
ensures that data is sent correctly. It checks for lost or corrupted data and requests retransmission
if necessary. TCP is ideal for applications that require accurate, complete data transmission, such
as web browsing or file transfers.

SCTP Protocol:

SCTP combines the features of both UDP and TCP, offering a reliable, connection-oriented service
like TCP, but with the message-oriented approach of UDP. It also supports multiple streams,
allowing it to maintain connections even if one path fails, making it useful for applications
requiring high reliability and fault tolerance, like voice over IP.

5.2.3 Iterative Communication Using UDP

Iterative server: Processes one request at a time, queuing others until it's free.

Sockets Used for UDP:

In UDP communication, the server uses one socket that stays open permanently, while each client
creates a temporary socket that is closed when the client ends. The server only changes the remote
socket address for each new client connection.

Server Process:

The server process is always ready for communication but waits for clients to send requests. It
creates an empty socket, binds it to the server address, and waits to receive a request from a client.
When a request arrives, it fills in the client’s address, sends a response, and then waits for the next
client in an ongoing loop.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 7

COMPUTER NETWORKS BCS502

Fig. 5.8: Sockets for UDP communication

Fig. 5.9: Flow diagram for iterative UDP Communication

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 8

COMPUTER NETWORKS BCS502

Client Process:

The client process actively connects by creating a socket, sending a request, and waiting for a
response from the server. Once the response is received, the client handles it and then closes the
socket.

5.2.4 Iterative Communication Using TCP

Sockets Used in TCP:

In TCP, the server uses two sockets: a listen socket for connection setup and a separate socket for
data exchange. The client only uses one socket for both establishing the connection and exchanging
data.

Server Process:

The TCP server creates a listen socket to wait for incoming connections. Once a client tries to
connect, the server accepts the connection, creating a new socket for data transfer. The server then
uses this new socket to exchange data with the client, handling each client one by one in a loop.

Fig. 5.10: Sockets used in TCP communication

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 9

COMPUTER NETWORKS BCS502

Client Process:

The client process in TCP is similar to UDP, but it uses one socket for both connection
establishment and data exchange. The client initiates the connection and, after it’s established,
sends and receives data using the same socket until the communication is complete.

Fig. 5.11: Flow diagram for iterative TCP communication

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 10

COMPUTER NETWORKS BCS502

5.2.5 Concurrent Communication

A concurrent server can process several client requests at the same time. This can be done using
the available provisions in the underlying programming language. In C, a server can create several
child processes, in which a child can handle a client. In Java, threading allows several clients to be
handled by each thread.

5.3 WORLD WIDE WEB AND HTTP

We first introduce the World Wide Web (abbreviated WWW or Web). We then discuss the
Hypertext Transfer Protocol (HTTP), the most common client server application program used in
relation to the Web.

5.3.1 World Wide Web

WWW Overview: The World Wide Web (WWW) is a distributed system where documents,
called web pages, are stored on servers across the world. Users access these pages using web
browsers, and the pages are often linked to other pages, allowing users to navigate between
different websites and information.

Web Documents:

1. Static Documents: Fixed-content pages, like simple HTML or XML files, that don’t change
unless updated by the server.

2. Dynamic Documents: These are created in real-time by the server, like running a script or
program to generate data, making the page content change every time a request is made.

3. Active Documents: These include programs that run directly on the client’s browser, allowing
for interactive content like animations or user-driven actions, such as those using JavaScript or
Java applets.

Web Clients (Browsers): A browser, like Chrome or Firefox, is a program that allows users to
view web pages. It sends requests to web servers and then interprets the documents (static,
dynamic, or active) to display them on the user’s screen.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 11

COMPUTER NETWORKS BCS502

Fig. 5.12: Browser

Web Servers: These are the servers where web pages are stored. When a client makes a request,
the server sends the requested document. Servers may use techniques like caching or multi-
threading to improve performance and handle multiple requests at once.

URLs (Uniform Resource Locators): URLs are used to identify web pages. They include the
protocol (like HTTP), the host (the server’s address), the port (a specific service), and the path (the
location of the file on the server). This combination ensures that each web page has a unique
address on the internet.

To combine these four pieces together, the uniform resource locator (URL) has been designed; it
uses three different separators between the four pieces as shown below:

protocol://host/path (Used most of the time)

protocol://host:port/path (Used when port number is needed)

WWW Architecture: The WWW operates as a client-server model, where the client (browser)
accesses web pages hosted on servers. The client uses protocols like HTTP to request documents,
which are then delivered from the server for the client to display. These documents can be static,
dynamic, or active, depending on how they are created and served.

5.3.2 Hypertext Transfer Protocol (HTTP)

HTTP is the protocol used for retrieving web pages. The client (web browser) sends a request, and
the server responds. HTTP relies on TCP for a reliable, connection-based communication.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 12

COMPUTER NETWORKS BCS502

1. Nonpersistent vs. Persistent Connections:

Nonpersistent Connections: A new connection is created for each request/response, which can
be inefficient.

Persistent Connections: One connection is used for multiple requests, improving efficiency and
reducing overhead.

2. HTTP Message Formats:

HTTP messages (requests and responses) have a specific format, divided into four sections: the
request/response line, headers, an optional body, and a blank line.

Fig. 5.13: Formats of the request and response messages

3. Request Message:

The request message contains a "request line" with the method (like GET), URL, and HTTP
version. It may include headers and a body (if sending data).

4. Response Message:

The response message starts with a "status line" indicating the status of the request (like success
or error). It may also have headers and a body with the requested data.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 13

COMPUTER NETWORKS BCS502

Table 5.1: Methods

5. Conditional Requests:

A client can request a resource only if certain conditions are met (e.g., if the resource has been
modified since a particular time).

6. Cookies:

Cookies are small pieces of data stored by the client (browser) to remember information about
users, like login details or preferences, across sessions.

7. Creating and Storing Cookies:

A server sends cookies to a client with a response. The client stores them and sends them back
with future requests, allowing the server to recognize returning users.

8. Using Cookies:

Cookies are used for remembering user preferences, login details, or tracking user behavior for
purposes like e-commerce or advertising.

9. Web Caching & Proxy Servers:

Proxy servers store copies of requested resources to reduce server load and speed up response
times. If the proxy has the content, it serves it; otherwise, it fetches it from the original server.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 14

COMPUTER NETWORKS BCS502

10. Proxy Server Location:

Proxy servers can be located at the client side, in a company, or at an ISP level to improve
efficiency by caching frequently accessed content.

Fig. 5.14: Example for a Proxy Server

11. Cache Update:

Cache validity is managed by tracking when content was last modified or by using specific cache
expiration rules to determine when to update or delete content in the cache.

12. HTTP Security:

HTTP itself doesn't provide security, but when used with SSL/TLS, it becomes HTTPS, which
ensures secure data transfer by providing encryption and authentication.

5.4 FTP

File Transfer Protocol (FTP) is used to transfer files between computers. It separates commands
and data transfer to improve efficiency. The control connection handles commands, while the data
connection manages file transfers. FTP is better for large files or different file formats, and it
resolves issues like varying file names and directory structures across systems.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 15

COMPUTER NETWORKS BCS502

Fig. 5.15: FTP

5.4.1 Two Connections

In FTP, the control connection stays open throughout the session, while the data connection opens
and closes for each file transfer. Port 21 is used for the control connection, and port 20 is used for
the data connection.

5.4.2 Control Connection

In FTP, control communication uses simple commands (in ASCII uppercase) from the client and
responses from the server, each ending with a carriage return and line feed. Commands generate
responses with a three-digit code and explanation, where digits indicate status and details.

Table 5.2: Some responses in FTP

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 16

COMPUTER NETWORKS BCS502

Table 5.3: Some FTP Commands

5.4.3 Data Connection

1. Data Connection Setup: The FTP client initiates a passive open on an ephemeral port, sends
the port number to the server using the `PORT` command, and the server establishes the connection
from port 20.

2. File Type: FTP can transfer files as plain text (ASCII or EBCDIC) or binary data (image files).

3. Data Structure: Files can be sent as a continuous stream of bytes (file structure), divided into
records (record structure), or divided into pages with headers (page structure).

4. Transmission Mode: Data transfer can occur in stream mode (continuous bytes), block mode
(data divided into blocks with headers), or compressed mode (data compressed before transfer).

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 17

COMPUTER NETWORKS BCS502

5. File Transfer Operations: FTP supports retrieving files (server to client), storing files (client
to server), and listing directories (server to client).

6. Session End: After file transfer, the client issues a `QUIT` command, closing the connection.

5.4.4 Security for FTP

FTP was created when security wasn't a major concern. It sends passwords and data in plain text,
making them vulnerable to interception by attackers. To improve security, Secure Socket Layer
(SSL) can be added to FTP, creating SSL-FTP, which encrypts the data. Other secure options like
SSH-based file transfers are also available.

5.5 ELECTRONIC MAIL

Email allows users to send and receive messages, but unlike other applications like FTP or HTTP,
it works differently. Emails are one-way transactions, meaning a response is optional. Instead of
users running servers all the time, intermediate servers handle the process, while users only run
email clients when needed.

5.5.1 Architecture

1. Common Setup:

Alice (sender) and Bob (receiver) connect to their respective mail servers via LAN or WAN. Each
user has a mailbox on the server for storing emails. Servers use a queue for outgoing messages.

2. Agents Used:

Three agents manage emails: User Agent (UA) for composing/reading emails, Message Transfer
Agent (MTA) for sending emails, and Message Access Agent (MAA) for retrieving emails.

3. Message Flow:

Step 1: Alice uses UA to send the email.

Step 2: The email is queued by the sender's mail server.
Step 3: MTA client/server transfers the email across the Internet.
Step 4: Bob retrieves the email via MAA (pull process).

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 18

COMPUTER NETWORKS BCS502

4. Client-Server Structure:

Two MTA pairs (client and server) handle the email transfer. One MAA pair (client and server)
ensures Bob can fetch the email when ready.

Fig. 5.16: Common scenario

Components of Email:

1. User Agent (UA):

A program to compose, send, and read emails. Examples: Command-driven (e.g., `mail`) or GUI-
based (e.g., Outlook).

2. Sending Mail:

The email includes an envelope (sender/receiver info) and a message (header and body).

3. Receiving Mail:

The UA notifies Bob of new emails. He selects and reads messages from the displayed list.

4. Email Addresses:

Consist of **local part** (user mailbox) and **domain name** (mail server
address).

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 19

COMPUTER NETWORKS BCS502

Fig. 5.17: Format of an email

5. Mailing List:

Allows one alias to represent multiple email addresses.

Email Protocols:

Fig. 5.18: Protocols used in electronic mail

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 20

COMPUTER NETWORKS BCS502

1. Message Transfer Agent (MTA):

SMTP (Simple Mail Transfer Protocol)** handles email transfers between servers.

2. SMTP Commands/Responses:

Commands like `HELO` introduce sender; server replies with codes like `250` (OK). Transfers
occur in three phases: Connection establishment, Mail transfer, and Connection termination.

3. Message Access Agent (MAA):

POP3 (Post Office Protocol): Downloads emails; supports delete and keep modes. IMAP4
(Internet Mail Access Protocol): Advanced features like folder creation, partial downloads, and
searching email contents.

Fig. 5.19: POP3

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 21

COMPUTER NETWORKS BCS502

Enhancements:

1. MIME (Multipurpose Internet Mail Extensions):

Extends email to support non-ASCII data, languages, and multimedia. Converts data to ASCII at
the sender's end and back to the original at the receiver's end.

Fig. 5.20: MIME

2. MIME Headers:

Define details like data type, encoding method, and content description.

Fig. 5.21: MIME Header

3. Encoding Methods:

Base64 converts binary data to ASCII (reduces size by 25%). Quoted-printable represents non-
ASCII characters with ASCII equivalents.

This architecture allows seamless email sending, storage, and retrieval while using specific
protocols to enhance functionality and manage diverse data types.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 22

COMPUTER NETWORKS BCS502

5.5.2 Web-Based Mail

Case I: The sender (Alice) uses a traditional mail server, transferring emails via SMTP to the
recipient's (Bob) web-based server. Bob retrieves emails from the web server using HTTP, logging
in to access them in HTML format.

Case II: Both sender (Alice) and receiver (Bob) use web servers. Alice sends her email to her
server via HTTP, which then uses SMTP to send it to Bob's server. Bob retrieves the email from
his web server using HTTP.

Fig. 5.22: Web-based e-mail, cases I and II

5.6 DOMAIN NAME SYSTEM (DNS)

The Domain Name System (DNS) helps translate human-friendly domain names (like
afilesource.com) into IP addresses that computers use to communicate over the Internet. Instead

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 23

COMPUTER NETWORKS BCS502

of relying on a single central system, DNS information is distributed across many servers globally
to avoid failure and ensure efficiency. When a user wants to connect to a file transfer server, their
device first sends the domain name to a DNS client, which queries a DNS server for the
corresponding IP address. The DNS server responds with the required IP address, enabling the file
transfer client to connect to the server. Essentially, two connections are needed: one to map the
name to an IP address and another to transfer the files.

Fig. 5.23: Purpose of DNS

5.6.1 Name Space

Flat vs. Hierarchical Name Space

Flat Name Space: Names are simple strings without structure, unsuitable for large systems due to
ambiguity and central control needs.

Hierarchical Name Space: Names are structured in parts (e.g., organization, department) and
allow decentralized management, ensuring uniqueness (e.g., caesar.first.com and
caesar.second.com).

Domain Name Space

Structure: Organized as an inverted tree with the root at the top, supporting up to 128 levels
(levels 0–127).

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 24

COMPUTER NETWORKS BCS502

Labels: Each node has a unique label (up to 63 characters). Labels for child nodes must differ to
ensure name uniqueness.

Fig. 5.24: Domain name space

Domain Names

Fully Qualified Domain Name (FQDN): Ends with a dot (e.g., example.com.) and reaches the
root.

Partially Qualified Domain Name (PQDN): Does not reach the root; used within the same site,
with missing parts (suffix) added by the resolver.

Fig. 5.25: Domain names and labels

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 25

COMPUTER NETWORKS BCS502

Domain and Zones

Domain: A subtree of the domain name space, defined by the node at its top.

Zone: The part of a domain a server manages. If subdomains exist, the zone covers only the parent
domain with references to subdomain servers.

Fig. 5.26: Domains

Fig. 5.27: Zone

Hierarchy of Name Servers

Root Servers: Top-level servers that delegate authority to other servers and maintain references.
Distributed worldwide.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 26

COMPUTER NETWORKS BCS502

Fig. 5.28: Hierarchy of name servers

Primary Servers: Store and manage the main zone file, creating and updating it.

Secondary Servers: Copy the zone file from primary or other secondary servers, ensuring
redundancy but cannot directly update files.

Purpose of Primary and Secondary Servers

Primary Servers: Authoritative for creating and updating zone files.

Secondary Servers: Provide backups and redundancy, ensuring continuous service if a primary
server fails.

5.6.2 DNS in the Internet

The Domain Name System (DNS) organizes domains into sections, including generic and country
domains.

Generic domains classify hosts based on their type or purpose, such as .com for commercial
entities or .edu for educational institutions, with each node representing a domain linked to the
DNS database.

Country domains use two-character country codes, like us for the United States, and may include
subdivisions such as states or organizations. For example, uci.ca.us represents the University of
California, Irvine, located in California, USA.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 27

COMPUTER NETWORKS BCS502

Fig. 5.29: Generic Domains

Fig. 5.30: Country Domains

5.6.3 Resolution

Name-address resolution in DNS involves a resolver querying a DNS server, which either provides
the information directly or refers to other servers, using recursive or iterative methods.

Recursive Resolution

The DNS server handles the query entirely, contacting other servers on behalf of the resolver until
it finds the IP address or returns an error, then sends the final result back to the resolver.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 28

COMPUTER NETWORKS BCS502

Fig. 5.31: Recursive Resolution

Iterative Resolution

The DNS server responds to the resolver with the IP address of the next server in the hierarchy if
it doesn’t have the answer, leaving the resolver to query each server step by step.

Fig. 5.32: Iterative resolution

5.6.4 Caching

DNS caching speeds up searches by temporarily storing responses, but it uses a TTL (Time to
Live) to ensure outdated data is cleared after a set time. This prevents sending old information by
purging expired entries from the cache.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 29

COMPUTER NETWORKS BCS502

5.6.5 Resource Records

A DNS resource record stores information about a domain using five fields: domain name, type,
class, TTL (validity time), and value. These records define details like IP addresses or mail
servers for a domain.

Table 5.4: Types

5.6.6 DNS Messages

Fig. 5.34: DNS Message

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 30

COMPUTER NETWORKS BCS502

DNS uses query and response messages with specific fields to handle requests, using UDP for
messages under 512 bytes and switching to TCP for larger ones. If a response exceeds 512 bytes,
the server signals this, prompting the client to retry via TCP.

5.6.7 Registrars

A registrar first verifies that the requested domain name is unique and then enters it into the DNS
database. A fee is charged. Today, there are many registrars; their names and addresses can be
found at http://www.intenic.net

To register, the organization needs to give the name of its server and the IP address of the server.
For example, a new commercial organization named wonderful with a server named ws and IP
address 200.200.200.5 needs to give the following information to one of the registrars:

Domain name: ws.wonderful.com IP address: 200.200.200.5

5.6.8 DDNS

The Dynamic Domain Name System (DDNS) was created to handle frequent updates, like adding
or changing IP addresses, automatically instead of manually editing DNS records. DDNS uses
DHCP to send updates to the primary DNS server, which then notifies secondary servers actively
(sending updates) or passively (servers check periodically). Authentication ensures only
authorized changes are made to DNS records.

5.6.8 Security of DNS

DNS is essential for the internet, enabling services like web browsing and email. However, it faces
several security threats, such as attackers spying on DNS responses to gather user data, altering
responses to redirect users, or flooding servers to crash them. To prevent these, DNS uses
DNSSEC, which ensures message authenticity and integrity through digital signatures, but it
doesn't protect the confidentiality of messages or specifically guard against denial-of-service
attacks. Caching helps protect against some of these threats by reducing direct server load.

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 31

COMPUTER NETWORKS BCS502

5.7 TELNET

Remote logging allows users to access server services without needing separate client/server
programs for each service. TELNET, an old protocol for remote access, sends data in plaintext,
making it vulnerable to hacking, so it's largely replaced by the more secure SSH.

5.7.1 Local versus remote Logging

Remote logging with TELNET allows a user to access a remote application by converting
keystrokes into a universal format (NVT) that travels through the network and is interpreted by
the remote system using a pseudoterminal driver. This driver makes the remote system think the
input is coming from a local terminal.

Fig. 5.35: Local versus remote logging

Network Virtual Terminal (NVT)

TELNET uses the Network Virtual Terminal (NVT) character set to allow remote access between
different operating systems by standardizing data and control characters. NVT ASCII is used for

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 32

COMPUTER NETWORKS BCS502

regular data, while control characters have the highest bit set to 1, ensuring compatibility across
diverse systems.

Fig. 5.36: Concept of NVT

5.8 SECURE SHELL (SSH)

SSH-2 is the secure version of Secure Shell, designed to replace the outdated and insecure SSH-1,
offering enhanced security for remote logging and file transfer.

5.8.1 Components

SSH Transport-Layer Protocol (SSH-TRANS): This protocol creates a secure channel over
TCP, ensuring message privacy, data integrity, server authentication, and message compression.

Fig. 5.37: Components of SSH

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 33

COMPUTER NETWORKS BCS502

SSH Authentication Protocol (SSH-AUTH): This protocol authenticates the client to the server
by using various methods, similar to SSL, ensuring both parties are verified.

SSH Connection Protocol (SSH-CONN): Once authentication is complete, SSH-CONN enables

multiple logical channels over the secure connection for different tasks like remote logging and
file transfer.

5.8.2 Applications

SSH for Remote Logging: SSH is used for secure remote access to servers, with popular clients
like PuTTY and Tectia providing secure connections for remote logging.

SSH for File Transfer: SSH supports secure file transfers with programs like SFTP and SCP,
which use SSH channels to transfer files securely.

Port Forwarding: SSH can secure non-secure protocols like FTP or SMTP through port
forwarding, creating a secure tunnel for communication, often called SSH tunneling.

Fig. 5.38: Port forwarding

Format of SSH Packets: SSH packets include a length field, padding to enhance security, a CRC
for error detection, and a type field to specify the packet’s purpose in the protocol.

Fig. 5.39: SSH packet format

NOOR SUMAIYA, ASST.PROF, DEPT OF CSE, TOCE Page 34