TCP/IP MODEL

Lecture 5: Application layer

Objectives

• Discuss common application layer protocols and

utility commands
Introduction
• For the TCP/IP model, this layer combines the functions of the
application, presentation and session layers of the OSI model.
• Functions of the application layer
1. It enables the user to use and access network services e.g. the
web.
2. It provides user services like user login, naming network
devices, formatting messages, e-mails & transfer of files etc.
3. It is also concerned with data coding, encryption &
compression
4. It is used to create dialogue between applications
Application layer protocols
Domain name system (DNS)
 It provides services for automatically translating
domain names to IP addresses.
Dynamic host configuration protocol (DHCP)
• Two versions exist – DHCPV4 (for IPV4) and DHCPV6 (for IPv6)
• DHCP is used to automatically configure hosts with IP addresses from a pool
of addresses.
• DHCP assigned addresses are only leased for a period of time and returned to
the pool for reallocation when not in use.
• Process used by DHCP
DHCP client sends a broadcast massage to discover DHCP servers on the network
(DHCPDICOVER)
DHCP server replies with a DHCP offer
DHCP client then sends a DHCP request to the server it wants to use in case of
multiple requests
DHCP server then sends an acknowledgement (DHCPACK) to finalize the IP address
lease
Dynamic host configuration protocol (DHCP)
SMTP/POP3/IMAP
• These protocols down rules and semantics for sending and
retrieving electronic mails (e-mails) over the internet
 SMTP (Simple Mail Transfer Protocol) – used when sending
Emails
Post office protocol 3 (POP3) – used for retrieving emails
from a mail server (downloading)
Internet massage protocol (IMAP) – used to retrieve Emails
(without downloading)
File transfer protocol (ftp)

• FTP is an Internet standard for file transfer.

• It adopts two TCP links to transfer a file; a control link (for
transfer of commands) and a data link.
• FTP adopts different TCP ports according to the port mode;
Port or Passive.
• In the past, the default client mode was Port.
• In recent years, the Passive mode has been widely adopted
because the Port mode is not secure (easy to be attacked)
FTP
• In Port mode, FTP adopts two default port numbers
20 and 21.
• Port 20 is used to transfer data, and port 21 is used to
transfer commands for connection.
• Commands
• ftp server ip address – to log in to a file server
• Get.filename – to download a file from a server
• Put.file name – to upload a file onto a server
Trivial file transfer protocol (TFTP)

• This protocol is similar to ftp but is mostly used for simple

file transfers.

• It uses UDP as the transport layer protocol

HTTP(Hyper Text Transfer Protocol)

• It is the underlying protocol for the world wide web.

• It defines how hypermedia (text, video, audio)
messages are formatted and transmitted.
• HTTPs – is Secure HTTP
• HTTPS – uses transport layer security (TLS), secure
sockets layer (SSL) etc.
SNMP (Simple Network Management Protocol)
• SNMP is used for managing, monitoring the network and
for organizing information about the networked devices
such as switches, routers, servers, firewalls etc.
• All networked devices are called agents and they send
massages called traps to the central network management
system (NMS).
• Traps contain information about the status of the managed
device (interface status, CPU usage, memory status, etc.)
1.SNMP managers send commands
to request for information from
SNMP agents using UDP port 161

2. SNMP agents respond to the

SNMP manager and send trap
notifications using UDP port
number 162
Important Utility commands in networking
• The application layer also allows the user to access critical
utility programs and commands for diagnostic purposes
such as:

1. Ping

2. Trace route (Tracert)

3. Telnet
Ping
1.1.1.2 1.1.1.1

ICMP Echo

ICMP Echo Reply

Common variants of the ping command

• Ping –a: Specifies source of IP address that sent the

ICMP echo/request

• Ping –t :Pings the destination until stopped with ctrl-c

• Ping –i interface type/ interface number - Specifies the

interface-type interface-number
ICMP
• Internet Control Message Protocol (ICMP) is a part of network layer. It
transfers the information such as error, control and query.
• ICMP message is often used by IP or protocols of higher layers (TCP or
UDP), such as Ping.

IP Header ICMP Message

20 Bytes
ICMP

• IP does not provide reliability, so the device cannot obtain the

network fault information.
• By using ICMP, the device can obtain the information about the
network faults.
• ICMP can send the information of error, control, and packet query.
The ICMP packets are encapsulated in IP packets. The value of the
protocol field is 1.
• Some upper layer applications may use the ICMP protocol, for
example, ping and Tracert.
ICMP Message

0 78 15 16 31

Type Code Checksum

Contents depends on type and code

ICMP
• The ICMP packet uses the basic IP header, namely 20 bytes. The ICMP packet is encapsulated in
the IP packet. The first 64 bits of the datagram refer to the ICMP packet. Therefore, an ICMP
packet consists of an IP packet and the first 64 bits of the datagram.
• The ICMP packet consists of the Type, Code, Checksum, and unused fields. The formats of the
messages vary with the message types.
• Type: indicates the type of the ICMP message.
• Code: in the same ICMP message type, the messages express different contents by using the codes.
• For example: The Destination Unreachable message of which the Type value is 3 contains the
following four types of messages:
• 0 = net unreachable
• 1 = host unreachable
• 2 = protocol unreachable
• 3 = port unreachable
• Checksum: contains 16 bits. This field is not in use and the value is 0.
Common Used Message Types of ICMP
• ICMP provides the various message types such as:
• 0 Echo Reply
• 3 Destination Unreachable
• 4 Source Quench
• 5 Redirect
• 8 Echo
• 11 Time Exceeded
• 12 Parameter Problem
• 13 Timestamp
• 14 Timestamp Reply
• Some messages are used together. For example, the Echo Reply message is the response to
the Echo message.
Tracert

• Tracert is used to check the path from the source node to the destination
node.
• It deducts 1 from the TTL value of the packet every time the packet traverses
a router.
• When the TTL value becomes 0, the router reports TTL timeout.
• Tracert sends a packet of which the TTL value is 1, so the first hop returns an
ICMP error message to notify that the packet cannot be forwarded because
the TTL times out.
• Then, Tracert sends a packet of which the TTL is 2, and the second hop
returns the same message.
Tracert
• Tracert continuously sends such packets until one packet can be sent to the
destination.
• The packet uses an invalid port number (33434 by default), so the destination
host returns an ICMP unreachable message to notify that the Tracert
operation completes.
• Tracert records the source address that sends the ICMP error message.
• Thus it can provide the IP addresses of the gateways through which the user
packets pass.
• Tracert can also provide a function to test the connectivity.
• When a fault occurs on the network, it can be located according to the path
displayed by Tracert.
 Tracert
• Tracert is used to observe the route of the IP data message that is transmitted from one host
to another.
• It makes use of the ICMP message and TTL field in the IP header.
ICMP port
Unreachable message
ICMP time exceeded message n
1
Source site IP Network

1 Destination site
UDP data message TTL = 1
2
UDP data message TTL = 2
…
n
UDP data message TTL ＝ n
Telnet

• Telnet is a terminal emulation program (for windows) used for the remote service

• Through Telnet, users can log in to a remote server

• The transport layer protocol used by Telnet is TCP and the port number is 23.

• Security is an issue with Telnet as usernames and passwords are not encrypted.

• Telnet command:
 Telnet IP address of the router or server.
 e.g. telnet 192.168.1.22 23 – This command would allow a user to open a remote session with
the server/router of IP address 192.168.1.22 via the port number 23.
Telnet
• Telnet provides a method to log into remote servers via a connective
terminal.
• Telnet uses TCP as its transport layer protocol, the port number is 23.
Summary questions
1. Explain any three functions of the application layer.
2. Explain the working principle of any three application layer protocols.
3. List any application layer protocols that use TCP at the transport layer.
4. What is the function of a terminal emulation program in computer
networking?
5. File transfer protocol (ftp) uses two different ports at the transport layer.
a. Which port is used for sending commands?
b. Which port is used for data transfer?