Viet Nam National University Ho Chi Minh City

University of Science
Faculty of Electronics & Telecommunications

Chapter 8 Application Layer

Dang Le Khoa
Email: [email protected]
 Outline
⚫ Introduction
⚫ Client-Server Programming
⚫ Standard Applications
– World Wide Web and HTTP
– File Transfer Protocol (FTP)
– Electronic Mail
– Domain Name System (DNS)
– TErminaL NETwork (TENET)
– SSH
⚫ Peer-to-Peer Paradigm

Faculty of Electronics & Telecommunications. HCMUS [2]

 Introduction
The application layer
provides services to the
user.
Communication is provided
using a logical connection,
which means that the two
application layers assume
that there is an imaginary
direct connection through
which they can send and
receive messages.

Figure 1 shows the idea behind this logical connection.

Faculty of Electronics & Telecommunications. HCMUS [3]
 Providing Services
⚫ All communication networks that started before the Internet
were designed to provide services to network users.
⚫ Most of these networks, however, were originally designed to
provide one specific service.
⚫ For example, the telephone network was originally designed to
provide voice service: to allow people all over the world to talk
to each other. This network, however, was later used for some
other services, such as facsimile (fax), enabled by users adding
some extra hardware at both ends.

Faculty of Electronics & Telecommunications. HCMUS [4]

 Standard and Nonstandard Protocols
⚫ To provide a smooth operation of the Internet, the protocols
used in the first four layers of the TCP/IP suite need to be
standardized and documented.
⚫ They normally become part of the package that is included in
operating systems such as Windows or UNIX.
⚫ To be flexible, however, the application-layer protocols can be
both standard and nonstandard.

Faculty of Electronics & Telecommunications. HCMUS [5]

 Application-Layer Paradigms
⚫ It should be clear that to use the Internet we need two
application programs to interact with each other: one running on
a computer somewhere in the world, the other running on
another computer somewhere else in the world.
⚫ The two programs need to send messages to each other through
the Internet infrastructure. However, we have not discussed
what the relationship should be between these programs.
⚫ Two paradigms have been developed: the client-server
paradigm and the peer-to-peer paradigm. We briefly
introduce these two paradigms here.

Faculty of Electronics & Telecommunications. HCMUS [6]

 Traditional Paradigm: Client-Server
⚫ The traditional paradigm is called the client-server paradigm. It
was the most popular paradigm until a few years ago.
⚫ In this paradigm, the service provider is an application
program, called the server process; it runs continuously,
waiting for another application program, called the client
process, to make a connection through the Internet and ask for
service.
⚫ There are normally some server processes that can provide a
specific type of service, but there are many clients that request
service from any of these server processes.
⚫ The server process must be running all the time; the client
process is started when the client needs to receive service.

Faculty of Electronics & Telecommunications. HCMUS [7]

 Figure 2 Example of a client-server paradigm

Faculty of Electronics & Telecommunications. HCMUS [8]

 New Paradigm: Peer-to-Peer
⚫ A new paradigm, called the peer-to-peer paradigm (often
abbreviated P2P paradigm) has emerged to respond to the needs
of some new applications.
⚫ In this paradigm, there is no need for a server process to be
running all the time and waiting for the client processes to
connect. The responsibility is shared between peers.
⚫ A computer connected to the Internet can provide service at one
time and receive service at another time. A computer can even
provide and receive services at the same time.

Faculty of Electronics & Telecommunications. HCMUS [9]

Figure 3 Example of a peer-to-peer paradigm

⚫ Access the text alternative for slide images.

10
 Mixed Paradigm

⚫ An application may choose to use a mixture of the two

paradigms by combining the advantages of both.
⚫ For example, a light-load client-server communication can be
used to find the address of the peer that can offer a service.
When the address of the peer is found, the actual service can be
received from the peer by using the peer-to-peer paradigm.

11
12
 CLIENT-SERVER PROGRAMMING

⚫ In a client-server paradigm, communication at the application

layer is between two running application programs called
processes: a client and a server.
⚫ A client is a running program that initializes the communication
by sending a request; a server is another application program
that waits for a request from a client.
⚫ The server handles the request received from a client, prepares a
result, and sends the result back to the client.

13
 Application Programming Interface

⚫ How can a client process communicate with a server process? A

computer program is normally written in a computer language
with a predefined set of instructions that tells the computer what
to do.
⚫ If we need a process to be able to communicate with another
process, we need a new set of instructions to tell the lowest four
layers of the TCP/IP suite to open the connection, send and
receive data from the other end, and close the connection.
⚫ A set of instructions of this kind is normally referred to as an
application programming interface (API).

14
Figure 4 Position of the socket interface

⚫ Access the text alternative for slide images.

15
Figure 5 A sockets used like other sources and sinks

⚫ Access the text alternative for slide images.

16
 Sockets

⚫ Although a socket is supposed to behave like a terminal, it is not

a physical entity like them; it is an abstraction. It is a data
structure that is created and used by the application program.

Figure 6 Use of sockets in process-to-process communication

17
 Socket Addresses
⚫ The interaction between a client and a server is two-way
communication. In a two-way communication, we need a pair of
addresses: local (sender) and remote (receiver).
⚫ The local address in one direction is the remote address in the
other direction and vice versa. Since communication in the
client-server paradigm is between two sockets, we need a pair of
socket addresses for communication: a local socket address and
a remote socket address.
⚫ However, we need to define a socket address in terms of
identifiers used in the TCP/IP protocol suite.

18
 3. STANDARD APPLICATIONS

⚫ World Wide Web and HTTP

⚫ File Transfer Protocol (FTP)
⚫ Electronic Mail
⚫ Domain Name System (DNS)
⚫ TELNET
⚫ SSH

19
 World Wide Web and HTTP

⚫ In this section, we first introduce the World Wide Web

(abbreviated WWW or Web). We then discuss the HyperText
Transfer Protocol (HTTP), the most common client-server
application program used in relation to the Web.
⚫ The idea of the Web was first proposed by Tim Berners-Lee in
1989 at CERN, the European Organization for Nuclear
Research, to allow several researchers at different locations
throughout Europe to access each others’ researches. The
commercial Web started in the early 1990s.

20
 HyperText Transfer Protocol (HTTP)

⚫ The HyperText Transfer Protocol (HTTP) is a protocol that is

used to define how the client-server programs can be written to
retrieve web pages from the Web.
⚫ An HTTP client sends a request; an HTTP server returns a
response. The server uses the port number 80; the client uses a
temporary port number.

21
 Example 1
⚫ An example of a nonpersistent
connection.
⚫ The client needs to access a file that
contains one link to an image. The
text file and image are located on the
same server. Here we need two
connections.
⚫ For each connection, TCP requires at
least three handshake messages to
establish the connection, but the
request can be sent with the third one.
After the connection is established,
the object can be transferred. After
receiving an object, another three
handshake messages are needed to
terminate the connection.

22
 Example 2

⚫ Figure shows
persistent connection.
Only one connection
establishment and
connection termination
is used, but the request
for the image is sent
separately.

23
 Example 3

⚫ Figure 7 shows an example of a use of a proxy server in a local

network, such as the network on a campus or in a company.
⚫ The proxy server is installed in the local network.
⚫ When an HTTP request is created by any of the clients
(browsers), the request is first directed to the proxy server. If the
proxy server already has the corresponding web page, it
sends the response to the client.
⚫ Otherwise, the proxy server acts as a client and sends the
request to the web server in the Internet. When the response
is returned, the proxy server makes a copy and stores it in its
cache before sending it to the requesting client.

24
Figure 7 Example of a proxy server

⚫ Access the text alternative for slide images.

25
 HTTP Security

⚫ HTTP per se does not provide security. However, HTTP can be

run over the Secure Socket Layer (SSL). In this case, HTTP is
referred to as HTTPS. HTTPS provides confidentiality, client
and server authentication, and data integrity.

26
27
 File Transfer Protocol (FTP)

⚫ File Transfer Protocol (FTP) is the standard protocol provided

by TCP/IP for copying a file from one host to another
⚫ Although we can transfer files using HTTP, FTP is a better
choice to transfer large files or to transfer files using different
formats.

Figure 8 File Transfer Protocol

28
 Lifetimes of Two Connections

⚫ The two connections in FTP have different lifetimes.

⚫ The control connection remains connected during the entire
interactive FTP session.
⚫ The data connection is opened and then closed for each file
transfer activity.
⚫ It opens each time commands that involve transferring files are
used, and it closes when the file is transferred. In other words,
when a user starts an FTP session, the control connection opens.
While the control connection is open, the data connection can be
opened and closed multiple times if several files are transferred.
⚫ FTP uses two well-known TCP ports: port 21 is used for the
control connection, and port 20 is used for the data
connection.
29
 Control Connection

⚫ For control communication, FTP uses the same approach as

TELNET (discussed later). It uses the NVT ASCII character set
as used by TELNET. Communication is achieved through
commands and responses.
⚫ This simple method is adequate for the control connection
because we send one command (or response) at a time. Each line
is terminated with a two-character (carriage return and line feed)
end-of-line token.

30
 Data Connection

⚫ The data connection uses the well-known port 20 at the server

site. However, the creation of a data connection is different from
the control connection. The following shows the steps:
1. The client, not the server, issues a passive open using an
ephemeral port.
2. Using the PORT command the client sends the port number to
the server..
3. The server receives the port number and issues an active open
using the well-known port 20 and the received ephemeral port
number.

31
 Security for FTP

⚫ The FTP protocol was designed when security was not a big
issue. Although FTP requires a password, the password is sent in
plaintext (unencrypted), which means it can be intercepted and
used by an attacker.
⚫ The data transfer connection also transfers data in plaintext,
which is insecure. To be secure, one can add a Secure Socket
Layer between the FTP application layer and the TCP layer. In
this case FTP is called SSL-FTP. We also explore some secure
file transfer applications when we discuss SSH later in the
chapter.

32
33
 Electronic Mail

⚫ Electronic mail (or e-mail) allows users to exchange messages.

Figure 9 Common scenario

34
 User Agent

⚫ The first component of an electronic mail system is the user

agent (UA).
⚫ It provides service to the user to make the process of sending
and receiving a message easier.
⚫ A user agent is a software package (program) that composes,
reads, replies to, and forwards messages.
⚫ It also handles local mailboxes on the user computers.

Figure 10 E-mail address

35
 Message Transfer Agent: SMTP

⚫ We can say that the e-mail is one of those applications that needs
three uses of client-server paradigms to accomplish its task.
⚫ It is important that we distinguish these three when we are
dealing with e-mail. Figure 10 shows these three client-server
applications. We refer to the first and the second as Message
Transfer Agents (MTAs), the third as Message Access Agent
(MAA).

Figure 10 Protocols used in electronic mail

36
 Message Access Agent

⚫ The first and second stages of mail delivery use SMTP.

However, SMTP is not involved in the third stage because
SMTP is a push protocol; it pushes the message from the client
to the server. In other words, the direction of the bulk data
(messages) is from the client to the server.
⚫ On the other hand, the third stage needs a pull protocol; the
client must pull messages from the server. The direction of the
bulk data is from the server to the client. The third stage uses a
message access agent.

37
 POP
POP is used by an application to retrieve mail from a mail server.
When mail is downloaded from the server to the client using POP
the messages are then deleted on the server.
• The server starts the POP service by
passively listening on TCP port 110 for
client connection requests.
• When a client wants to make use of the
service, it sends a request to establish a TCP
connection with the server.
• When the connection is established, the POP
server sends a greeting.
• The client and POP server then exchange
commands and responses until the
connection is closed or aborted. Note: Since POP does not store messages, it is not recommended fo
small businesses that need a centralized backup solution.
 IMAP
IMAP is another protocol that describes a method to retrieve email
messages.

• Unlike POP, when a user connects to

an IMAP server, copies of the
messages are downloaded to the client
application. The original messages are
kept on the server until manually
deleted.
• When a user decides to delete a
message, the server synchronizes that
action and deletes the message from
the server.
 Web-Based Mail

⚫ E-mail is such a common application that some websites today

provide this service to anyone who accesses the site. Three
common sites are Hotmail, Yahoo, and Google mail. The idea is
very simple.

Figure 11 Web-based e-mail

40
41
 Domain Name System (DNS)

⚫ The Internet needs to have a directory system that can map a

name to an address. This is analogous to the telephone network.
TCP/IP uses a DNS client and a DNS server to map a name to
an address.
⚫ To be unambiguous, the names assigned to machines must be
carefully selected from a name space with complete control over
the binding between the names and IP addresses.
⚫ In other words, the names must be unique because the addresses
are unique. A name space that maps each address to a unique
name can be organized in two ways: flat or hierarchical.

42
Figure 12 Domain name space

43
Figure 13 Hierarchy of name servers

44
 Figure 14 Zone

⚫ Access the text alternative for slide images.

45
 Resolution

⚫ Mapping a name to an address is called name-address resolution.

DNS is designed as a client-server application.
⚫ A host that needs to map an address to a name or a name to an
address calls a DNS client called a resolver. The resolver
accesses the closest DNS server with a mapping request.
⚫ If the server has the information, it satisfies the resolver;
otherwise, it either refers the resolver to other servers or asks
other servers to provide the information.

46
Figure 15 Recursive resolution

⚫ Access the text alternative for slide images.

47
Figure 16 Iterative resolution

⚫ Access the text alternative for slide images.

48
 Resource Records

⚫ The zone information associated with a server is implemented as

a set of resource records. In other words, a name server stores a
database of resource records. A resource record is a 5-tuple
structure, as shown below:

(Domain Name, Type, Class, TTL, Value)

49
 Example 4

⚫ In UNIX and Windows, the nslookup utility can be used to

retrieve address/name mapping. The following shows how we
can retrieve an address when the domain name is given.

⚫ $nslookup www.fetel.hcmus.edu.vn
⚫ Name: fetel.hcmus.edu.vn
⚫ Address: 112.78.2.108

51
 Encapsulation

⚫ DNS can use either UDP or TCP. In both cases the well-
known port used by the server is port 53.
⚫ UDP is used when the size of the response message is less than
512 bytes because most UDP packages have a 512-byte packet
size limit.
⚫ If the size of the response message is more than 512 bytes, a
TCP connection is used. In that case, one of two scenarios can
occur.

52
 Registrars

⚫ How are new domains added to DNS? This is done through a

registrar, a commercial entity accredited by ICANN. A registrar
first verifies that the requested domain name is unique and then
enters it into the DNS database.

53
 Security of DNS

⚫ DNS is one of the most important systems in the Internet

infrastructure; it provides crucial services to Internet users.
Applications such as Web access or e-mail are heavily
dependent on the proper operation of DNS.

54
55
 TELNET

⚫ A server program can provide a specific service to its

corresponding client program. However, it is impossible to have
a client/server pair for each type of service we need; the number
of servers soon becomes intractable. One of the original remote
logging protocols is TELNET, which is an abbreviation for
TErminaL NETwork. Although TELNET requires a logging
name and password, it is vulnerable to hacking because it sends
all data including the password in plaintext (not encrypted).

56
 Local versus Remote Logging

⚫ We first discuss the concept of local and remote logging.

Figure 17 Local versus remote logging

57
 Network Virtual Terminal (NVT)

⚫ The mechanism to access a remote computer is complex. This is

because every computer and its operating system accepts a
special combination of characters as tokens.
⚫ For example, the end-of-file token in a computer running the
DOS operating system is Ctrl+z, while the UNIX operating
system recognizes Ctrl+d.

Figure 18 Concept of NVT

58
 Operation

⚫ TELNET lets the client and server negotiate options before or

during the use of the service. Options are extra features available
to a user with a more sophisticated terminal. Users with simpler
terminals can use default features.

59
 User Interface

⚫ The operating system (UNIX, for example) defines an interface

with user-friendly commands. An example of such a set of
commands can be found in Table 10.11.
Table 1 Examples of interface commands
Comman Meaning Comman Meaning
d d
open Connect to a remote computer set Set the operating
parameters
close Close the connection status Display the status
information
display Show the operating parameters send Send special characters
mode Change to line or character quit Exit TELNET
mode

60
61
 Secure Shell (SSH)

⚫ Although Secure Shell (SSH) is a secure application program

that can be used today for several purposes such as remote
logging and file transfer, it was originally designed to replace
TELNET.
⚫ There are two versions of SSH: SSH-1 and SSH-2, which are
totally incompatible. The first version, SSH-1, is now deprecated
because of security flaws in it. In this section, we discuss only
SSH-2.

62
 Components

⚫ SSH is an application-layer protocol with three components.

Figure 19 Components of SSH

63
 Applications 1

⚫ Although SSH is often thought of as a replacement for

TELNET, SSH is, in fact, a general-purpose protocol that
provides a secure connection between a client and server.

64
 Port Forwarding

⚫ One of the interesting services provided by the SSH protocol

is port forwarding.
⚫ We can use the secured channels available in SSH to access an
application program that does not provide security services.
⚫ Applications such as TELNET and Simple Mail Transfer
Protocol (SMTP), which are discussed later, can use the services
of the SSH port forwarding mechanism.
⚫ The SSH port forwarding mechanism creates a tunnel through
which the messages belonging to other protocols can travel. For
this reason, this mechanism is sometimes referred to as SSH
tunneling.

65
Figure 20 Port forwarding

⚫ Access the text alternative for slide images.

66
 Format of the SSH Packets

⚫ Figure 21 shows the format of packets used by the SSH

protocols.

Figure 21 SSH packet format

67
68
 PEER-TO-PERR PARADIGM

⚫ Peer-to-peer gained popularity with Napster, an online music

file. Napster paved the way for peer-to-peer file-distribution
models that came later. Gnutella was followed by Fast-Track,
BitTorrent, WinMX, and GNUnet.

69
 P2P Networks

⚫ Internet users that are ready to share their resources become

peers and form a network. When a peer in the network has a file
to share, it makes it available to the rest of the peers.
⚫ An interested peer can connect itself to the computer where the
file is stored and download it.
⚫ After a peer downloads a file, it can make it available for other
peers to download. As more peers join and download that file,
more copies of the file become available to the group.

70
 Centralized Networks

⚫ In a centralized P2P network, the directory uses the client-server

paradigm, but the storing and downloading of the files are done
using the peer-to-peer paradigm. For this reason, a centralized
P2P network is sometimes referred to as a hybrid P2P network.
⚫ Napster was an example of a centralized P2P. In this type of
network, a peer first registers itself with a central server. The
peer then provides its IP address and a list of files it has to share.
To avoid system collapse, Napster used several servers for this
purpose, but we show only one in Figure 10.46.

71
Figure 22 Centralized network

⚫ Access the text alternative for slide images.

72
 Decentralized Network

⚫ A decentralized P2P network does not depend on a centralized

directory system. In this model, peers arrange themselves into an
overlay network, which is a logical network made on top of the
physical network.
⚫ Depending on how the nodes in the overlay network are linked,
a decentralized P2P network is classified as either unstructured
or structured.

73