Net Centric Programming

Lecture 2
Adeel-ur-Rehman

1
 Transmission Control Protocol
• A connection-based protocol that provides a reliable flow of
data between two computers.
• Provides a point-to-point channel for applications that require
reliable communications.
– The Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP),
and Telnet are all examples of applications that require a reliable
communication channel
• Guarantees that data sent from one end of the connection
actually gets to the other end and in the same order it was
sent. Otherwise, an error is reported.

2
 User Datagram Protocol
• A protocol that sends independent packets of data,
called datagrams, from one computer to another with
no guarantees about arrival. UDP is not connection-
based like TCP and is not reliable:
– Sender does not wait for acknowledgements
– Arrival order is not guaranteed
– Arrival is not guaranteed
• Used when speed is essential, even in cost of
reliability
– e.g. streaming media, games, Internet telephony, etc.

3
 TCP vs. UDP
No. TCP UDP
1 This Connection oriented protocol This is connection-less protocol
The TCP connection is byte stream The UDP connection is a message stream
2

It does not support multicasting and It supports broadcasting

3 broadcasting

It provides error control and flow control The error control and flow control is not
4 provided

TCP supports full duplex transmission UDP does not support full duplex
5 transmission

It is reliable service of data transmission This is an unreliable service of data

6 transmission

The TCP packet is called as segment The UDP packet is called as user
7 datagram.

4
 IP Addresses
• As a Java programmer, you don’t need to worry about the inner
workings of IP, but you do need to know about addressing. Every
computer on an IPv4 network is identified by a four-byte number.
• This is normally written in a dotted quad format like 199.1.32.90,
where each of the four numbers is one unsigned byte ranging in
value from 0 to 255.
• When data is transmitted across the network, the packet’s header
includes the address of the machine for which the packet is
intended (the destination address) and the address of the machine
that sent the packet (the source address).
• Routers along the way choose the best route on which to send the
packet by inspecting the destination address. The source address is
included so the recipient will know who to reply to.
• There are a little more than four billion possible IP addresses, not
even one for every person on the planet, much less for every
computer. 5
IP Addresses

6
 IP Addresses…(2)
• A slow transition is under way to IPv6, which will use 16-byte
addresses.
• This provides enough IP addresses to identify every person, every
computer, and indeed every device on the planet.
• IPv6 addresses are customarily written in eight blocks of four
hexadecimal digits separated by colons, such as
FEDC:BA98:7654:3210:FEDC:BA98:7654:3210.
• Leading zeros do not need to be written. A double colon, at most
one of which may appear in any address, indicates multiple zero
blocks. For example, FEDC:0000:0000:0000:00DC:0000:7076:0010
could be written more compactly as FEDC::DC:0:7076:10.
• In mixed networks of IPv6 and IPv4, the last four bytes of the IPv6
address are sometimes written as an IPv4 dotted quad address. For
example, FEDC:BA98:7654:3210:FEDC:BA98:7654:3210 could be
written as FEDC:BA98:7654:3210:FEDC:BA98:118.84.50.16.
7
 IP Addresses…(3)
• All IPv4 addresses that begin with 10.,172.16. through 172.31. and
192.168. are unassigned.
• They can be used on internal networks, but no host using addresses
in these blocks is allowed onto the global Internet.
• These non-routable addresses are useful for building private
networks that can’t be seen on the Internet.
• IPv4 addresses beginning with 127 (most commonly 127.0.0.1)
always mean the local loopback address.
• That is, these addresses always point to the local computer, no
matter which computer you’re running on.
• The hostname for this address is often localhost.
• In IPv6, 0:0:0:0:0:0:0:1 (a.k.a. ::1) is the loopback address.

8
 IP Addresses…(4)
• The address 0.0.0.0 always refers to the originating host, but may
only be used as a source address, not a destination.
• Similarly, any IPv4 address that begins with 0. (eight zero bits) is
assumed to refer to a host on the same local network.
• The IPv4 address that uses the same number for each of the four
bytes (i.e.,255.255.255.255), is a broadcast address. Packets sent to
this address are received by all nodes on the local network, though
they are not routed beyond the local network.
• This is commonly used for discovery.
– For instance, when an ephemeral client such as a laptop boots up, it will send a
particular message to 255.255.255.255 to find the local DHCP server. All nodes on the
network receive the packet, but only the DHCP server responds.
– In particular, DHCP sends the laptop information about the local network
configuration, including the IP address that laptop should use for the
remainder of its session and the address of a DNS server it can use to resolve
hostnames

9
 IP Address Blocks
• Blocks of IPv4 addresses are assigned to Internet service providers (ISPs)
by their regional Internet registry.
• When a company or an organization wants to set up an IP-based network
connected to the Internet, their ISP assigns them a block of addresses.
• Each block has a fixed prefix. For instance if the prefix is 216.254.85, then
the local network can use addresses from 216.254.85.0 to 216.254.85.255.
• Because this block fixes the first 24 bits, it’s called a /24.
• A /23 specifies the first 23 bits, leaving 9 bits for 512 total local IP
addresses.
• A /30 subnet (the smallest possible) specifies the first 30 bits of the IP
addresses within the subnetwork, leaving 2 bits for 4 total local IP
addresses.
• However, the lowest address in all block used to identify the network
itself, and the largest address is a broadcast address for the network, so
you have two fewer available addresses than you might first expect.
10
 DNS - Domain name system
• Although computers are very comfortable with
numbers, human beings aren’t very good at
remembering them.
• Therefore, the Domain Name System (DNS) was
developed to translate hostnames that humans
can remember, such as “www.oreilly.com,” into
numeric Internet addresses such as
208.201.239.101.
• The Domain Name system (DNS) associates various
sorts of information with so-called domain names.

11
DNS - Domain name system

12
 DNS - Domain name system…(2)
• Most importantly, it serves as the "phone book" for the
Internet by translating human-readable computer
hostnames.
• It also stores other information such as the list of mail
exchange servers that accept email for a given domain.
• When Java programs access the network, they need to
process both these numeric addresses and their
corresponding hostnames.

13
 Ports
• Addresses would be all you needed if each computer did no
more than one thing at a time.
• However, modern computers do many different things at
once.
• Email needs to be separated from FTP requests, which need to
be separated from web traffic.
• This is accomplished through ports.
• Each computer with an IP address has several thousand logical
ports (65,535 per transport layer protocol, to be precise).
• These are purely abstractions in the computer’s memory and
do not represent anything physical, like a USB port.
• Each port is identified by a number between 1 and 65535.
• Each port can be allocated to a particular service.
14
 Ports – Cont.
• Port numbers range from 0 to 65,535 (16-bit)
– Ports 0 - 1023 are called well-known ports. They are
reserved for use by well-known services:
• 20, 21: FTP
• 23: TELNET
• 25: SMTP
• 110: POP3
• 80: HTTP

– User level process/services generally use port

number value >= 1024

15
 Understanding Ports
• The TCP and UDP protocols usePoports to map
server TCP
incoming data to a particular process
r running
Client
t
on a computer.

app app app app

port port port port

TCP or UDP
Packet
Data port# data
16
 Network Address Translation
• Because of the increasing scarcity of and demand for raw IP addresses,
most networks today use Network Address Translation (NAT).
• In NAT-based networks most nodes only have local, non-routable
addresses selected from either 10.x.x.x, 172.16.x.x to 172.31.x.x, or
192.168.x.x.
• The routers that connect the local networks to the ISP translate these
local addresses to a much smaller set of routable addresses.
• For instance, the dozen or so IP nodes in my apartment all share a
single externally visible IP address.
• The computer has the IP address 192.168.1.5, but on your network
that address may refer to a completely different host, if it exists at all.
• Nor could you reach my computer by sending data to 192.168.1.5.
Instead, you’d have to send to 216.254.85.72 (and even then, the data
would only get through if I had configured my NAT router to pass
incoming connections on to 192.168.1.5).
17
Network Address Translation

18
 Network Address Translation
• The router watches my outgoing and incoming connections and adjusts
the addresses in the IP packets.
• For an outgoing packet, it changes the source address to the router’s
external address (216.254.85.72 on my network).
• For an incoming packet, it changes the destination address to one of the
local addresses, such as 192.168.1.12.
• Exactly how it keeps track of which connections come from and are
aimed at which internal computers is not particularly important to a
Java programmer.
• As long as your machines are configured properly, this process is mostly
transparent.
• You just need to remember that the external and internal addresses may
not be the same.
• Eventually, IPv6 should make most of this obsolete.
• NAT will be pointless, though firewalls will still be useful. Subnets will
still exist for routing, but they’ll be much larger. 19
Firewall

20
 Firewall
• There are some naughty people on the Internet. To keep them out, it’s
often helpful to set up one point of access to a to a local network and
check all traffic into or out of that access point.
• The hardware and software that sit between the Internet and the local
network, checking all the data that comes in or out to make sure it’s
kosher, is called a firewall.
• The firewall is often part of the router that connects the local network
to the broader Internet and may perform other tasks, such as network
address translation.
• Then again, the firewall may be a separate machine. Modern
operating systems like Windows, Mac OS X and Red Hat Linux often
have built-in personal firewalls that monitor just the traffic sent to
that one machine.
• Either way, the firewall is responsible for inspecting each packet that
passes into or out of its network interface and accepting it or rejecting
it according to a set of rules. 21
 Firewall
• Filtering is usually based on network addresses and ports.
• For example, all traffic coming from the Class C network 193.28.25.x may
be rejected because you had bad experiences with hackers from that
network in the past.
• Outgoing SSH connections may be allowed, but incoming SSH
connections may not.
• Incoming connections on port 80 (web) may be allowed, but only to the
corporate web server.
• More intelligent firewalls look at the contents of the packets to
determine whether to accept or reject them.
• The exact configuration of a firewall—which packets of data are and to
pass through and which are not—depends on the security needs of an
individual site.
• Java doesn’t have much to do with firewalls—except in so far as they
often get in your way local network and check all traffic into or out of
that access 22
Proxy Servers

23
 Proxy Server
• Proxy servers are related to firewalls. If a firewall prevents hosts
on a network from making direct connections to the outside
world, a proxy server can act as a go-between.
• Thus, a machine that is prevented from connecting to the
external network by a firewall would make a request for a web
page from the local proxy server instead of requesting the web
page directly from the remote web server.
• The proxy server would then request the page from the web
server and forward the response back to the original requester.
• Proxies can also be used for FTP services and other connections.
• One of the security advantages of using a proxy server is that
external hosts only find out about the proxy server.
• They do not learn the names and IP addresses of the internal
machines, making it more difficult to hack into internal systems.
24
 Proxy Server
• Whereas firewalls generally operate at the level of the
transport or internet layer, proxy servers normally
operate at the application layer.
• A proxy server has a detailed understanding of some
application-level protocols, such as HTTP and FTP. (The
notable exception are SOCKS proxy servers that operate
at the transport layer, and can proxy for all TCP and UDP
connections regardless of application layer protocol.)
• Packets that pass through the proxy server can be
examined to ensure that they contain data appropriate
for their type.
• For instance, FTP packets that seem to contain Telnet
data can be rejected. 25
 Proxy Server
• As long as all access to the Internet is forwarded through the proxy server,
access can be tightly controlled.
• For instance, a company might choose to block access to
www.facebook.com but allow access to www.google.com.
• Some companies allow incoming FTP but disallow outgoing FTP so
confidential data cannot be as easily smuggled out of the company.
• Other companies use proxy servers to track their employees’ web usage so
they can see who’s using the Internet to get tech support and who’s using it
for social media.
• Proxy servers can also be used to implement local caching.
– When a file is requested from a web server, the proxy server first checks to see if the
file is in its cache. If the file is in the cache, the proxy serves the file from the cache
rather than from the Internet.
– If the file is not in the cache, the proxy server retrieves the file, forwards it to the
requester, and stores it in the cache for the next time it is requested.
– This scheme can significantly reduce load on an Internet connection and
greatly improve response time.
26
Proxy Servers…(4)

27
 Elements of C-S Computing

a client, a server, and network

st
ue
q
Re
Client
Server
Network
Re
s ul
t

Client machine
Server machine

28
 Client Server Model
• Most modern network programming is based on a client/server
model.
• A client/server application typically stores large quantities of data
on an expensive, high-powered server or cloud of servers while
most of the program logic and the user interface is handled by
client software running on relatively cheap personal computers.
• In most cases, a server primarily sends data while a client primarily
receives it.
• But it is rare for one program to send or receive exclusively.
• A more reliable distinction is that a client initiates a conversation
while a server waits for clients to start conversations with it.
• In some cases, the same program may be both a client and a server.
• You are already familiar with many examples of client/server
systems.
29
 Client Server Model
• The most popular client/server system on the Internet is the Web.
• Web servers like Apache respond to requests from web clients like
Firefox.
• Data is stored on the web server and is sent out to the clients that
request it.
• Aside from the initial request for a page, almost all data is
transferred from the server to the client, not from the client to the
server.
• FTP is an older service that fits the client/server model.
– FTP uses different application protocols and different software, but is still
split into FTP servers that send files and FTP clients that receive files.
– People often use FTP to upload files from the client to the server, so it’s
harder to say that the data transfer is primarily in one direction, but it is still
true that an FTP client initiates the connection and the FTP server responds.

30
Client Server Model

31
 Client Server Model
• Not all applications fit easily into a client/server model.
• For instance, in networked games, it seems likely that both players will
send data back and forth roughly equally (at least in a fair game).
• These sorts of connections are called peer-to-peer.
• The telephone system is the classic example of a peer-to-peer network.
Each phone can either call another phone or be called by another
phone. You don’t have to buy one phone to send calls and another to
receive them.
• Java does not have explicit peer-to-peer communication in its core
networking API.
• However, applications can easily offer peer-to-peer communications in
several ways, most commonly by acting as both a server and a client.
• Alternatively, the peers can communicate with each other through an
intermediate server program that forwards data from one peer to the
other peers.
– This neatly solves the discovery problem of how two peers find each other. 32