Application layer: overview

 P2P applications
 Principles of network  video streaming and content
applications distribution networks
 Web and HTTP  socket programming with
 E-mail, SMTP, IMAP UDP and TCP
 The Domain Name System
DNS

Application Layer: 2-1

Network applications are the raisons d’être of a computer network—if we
couldn’t conceive of any useful applications, there wouldn’t be any need
for networking protocols that support these applications.

– Kurose and Rose

Application Layer: 2-2

Application layer: overview
Our goals:
 conceptual and
implementation aspects of
application-layer protocols
• transport-layer service
models
• client-server paradigm
• peer-to-peer paradigm
 learn about protocols by
examining popular
application-layer protocols
and infrastructure
• HTTP
• SMTP, IMAP
• DNS
• video streaming systems, CDNs
 programming network
applications
• socket API
Application Layer: 2-3
Some network apps
 social networking  voice over IP (e.g., Skype)
 Web  real-time video conferencing
 text messaging (e.g., Zoom)
 e-mail  Internet search
 multi-user network games  remote login
 streaming stored video …
(YouTube, Hulu, Netflix)
 P2P file sharing Q: your favorites?

Application Layer: 2-4

Creating a network app
application

write programs that:

transport
network
mobile network
data link

 run on (different) end systems

physical
national or global ISP

 communicate over network

 e.g., web server software
communicates with browser software
local or
no need to write software for regional ISP

network-core devices home network content

 network-core devices do not run user application
transport
provider
network datacenter
network
applications
application
data link network
transport
physical network

 applications on end systems allows data link

physical

for rapid app development, enterprise

propagation network

Application Layer: 2-5

Client-server paradigm
server: mobile network
 always-on host national or global ISP

 permanent IP address
 often in data centers, for scaling
clients: local or
 contact, communicate with server regional ISP

 may be intermittently connected home network content

provider
 may have dynamic IP addresses network datacenter
network

 do not communicate directly with

each other
enterprise
 examples: HTTP, IMAP, FTP network

Application Layer: 2-6

Peer-peer architecture
 no always-on server mobile network
 arbitrary end systems directly national or global ISP

communicate
 peers request service from other
peers, provide service in return to
other peers local or
regional ISP
• self scalability – new peers bring new
service capacity, as well as new service home network content
demands provider
network datacenter
 peers are intermittently connected network

and change IP addresses

• complex management enterprise
 example: P2P file sharing network

Application Layer: 2-7

Processes communicating
process: program running
within a host
 within same host, two
processes communicate
using inter-process
communication (defined by
OS)
 processes in different hosts
communicate by exchanging
messages
clients, servers
client process: process that
initiates communication
server process: process
that waits to be contacted
 note: applications with
P2P architectures have
client processes &
server processes
Application Layer: 2-8
Sockets
 process sends/receives messages to/from its socket
 socket analogous to door
• sending process shoves message out door
• sending process relies on transport infrastructure on other side of
door to deliver message to socket at receiving process
• two sockets involved: one on each side

application application
socket controlled by
process process app developer

transport transport
network network controlled
link
by OS
link Internet
physical physical

Application Layer: 2-9

Addressing processes
 to receive messages, process
must have identifier
 host device has unique 32-bit
IP address
 Q: does IP address of host on
which process runs suffice for
identifying the process?
 A: no, many processes
can be running on
same host
 identifier includes both IP address
and port numbers associated with
process on host.
 example port numbers:
• HTTP server: 80
• mail server: 25
 to send HTTP message to
gaia.cs.umass.edu web server:
• IP address: 128.119.245.12
• port number: 80
 more shortly…
Application Layer: 2-10
An application-layer protocol defines:
 types of messages exchanged,
• e.g., request, response
 message syntax:
• what fields in messages &
how fields are delineated
 message semantics
• meaning of information in
fields
 rules for when and how
processes send & respond to
messages
open protocols:
 defined in RFCs, everyone
has access to protocol
definition
 allows for interoperability
 e.g., HTTP, SMTP
proprietary protocols:
 e.g., Skype, Zoom
Application Layer: 2-11
What transport service does an app need?
data integrity
 some apps (e.g., file transfer,
web transactions) require
100% reliable data transfer
 other apps (e.g., audio) can
tolerate some loss
timing
 some apps (e.g., Internet
telephony, interactive games)
require low delay to be “effective”
throughput
 some apps (e.g., multimedia)
require minimum amount of
throughput to be “effective”
 other apps (“elastic apps”)
make use of whatever
throughput they get
security
 encryption, data integrity,
…
Application Layer: 2-12
 Transport service requirements: common apps

application data loss throughput time sensitive?

file transfer/download no loss elastic no

e-mail no loss elastic no
Web documents no loss elastic no
real-time audio/video loss-tolerant audio: 5Kbps-1Mbps yes, 10’s msec
video:10Kbps-5Mbps
streaming audio/video loss-tolerant same as above yes, few secs
interactive games loss-tolerant Kbps+ yes, 10’s msec
text messaging no loss elastic yes and no
Application Layer: 2-13
Internet transport protocols services
TCP service:
 reliable transport between sending
and receiving process
 flow control: sender won’t
overwhelm receiver
 congestion control: throttle sender
when network overloaded
 connection-oriented: setup required
between client and server processes
 does not provide: timing, minimum
throughput guarantee, security
UDP service:
 unreliable data transfer
between sending and receiving
process
 does not provide: reliability,
flow control, congestion
control, timing, throughput
guarantee, security, or
connection setup.
Q: why bother? Why
is there a UDP?
Application Layer: 2-14
 Internet applications, and transport protocols
application
application layer protocol transport protocol

file transfer/download FTP [RFC 959] TCP

e-mail SMTP [RFC 5321] TCP
Web documents HTTP 1.1 [RFC 7320] TCP
Internet telephony SIP [RFC 3261], RTP [RFC TCP or UDP
3550], or proprietary
streaming audio/video HTTP [RFC 7320], DASH TCP
interactive games WOW, FPS (proprietary) UDP or TCP

Application Layer: 2-15

Application layer: overview
 P2P applications
 Principles of network  video streaming and content
applications distribution networks
 Web and HTTP  socket programming with
 E-mail, SMTP, IMAP UDP and TCP
 The Domain Name System
DNS

Application Layer: 2-16

Web and HTTP
First, a quick review…
 web page consists of objects, each of which can be stored on
different Web servers
 object can be HTML file, JPEG image, Java applet, audio file,…
 web page consists of base HTML-file which includes several
referenced objects, each addressable by a URL, e.g.,
www.unilag.edu.ng/someDept/pic.gif

host name path name

Application Layer: 2-17

HTTP overview
HTTP: hypertext transfer protocol
 Web’s application-layer protocol
HT
 client/server model: PC running
TP
req
ues
HT t
• client: browser that requests, Firefox browser TP
res
pon
receives, (using HTTP protocol) and se

“displays” Web objects ues

t
req
• server: Web server sends (using HTTP
p o ns
e server running
es Apache Web
HTTP protocol) objects in response HTTP
r
server
to requests
iPhone running
Safari browser

Application Layer: 2-18

HTTP overview (continued)
HTTP uses TCP:
 client initiates TCP connection
(creates socket) to server, port 80
 server accepts TCP connection
from client
 HTTP messages (application-layer
protocol messages) exchanged
between browser (HTTP client) and
Web server (HTTP server)
 TCP connection closed
HTTP is “stateless”
 server maintains no
information about past client
requests
aside
protocols that maintain “state”
are complex!
 past history (state) must be
maintained
 if server/client crashes, their views
of “state” may be inconsistent, must
be reconciled
Application Layer: 2-19
HTTP connections: two types
Non-persistent HTTP Persistent HTTP
1. TCP connection opened  TCP connection opened to
2. at most one object sent a server
over TCP connection  multiple objects can be
3. TCP connection closed sent over single TCP
connection between client,
downloading multiple and that server
objects requires multiple  TCP connection closed
connections

Application Layer: 2-20

 Non-persistent HTTP: example
User enters URL: www.unilag.edu.ng/someDepartment/home.index
(containing text, references to 10 jpeg images)

1a. HTTP client initiates TCP

connection to HTTP server 1b. HTTP server at host www.unilag.edu.ng
(process) at www.unilag.edu.ng on waiting for TCP connection at port 80
port 80 “accepts” connection, notifying client

2. HTTP client sends HTTP

request message (containing
URL) into TCP connection
socket. Message indicates
time that client wants object
someDepartment/home.index
3. HTTP server receives request message,
forms response message containing
requested object, and sends message
into its socket
Application Layer: 2-21
 Non-persistent HTTP: example (cont.)
User enters URL: www.someSchool.edu/someDepartment/home.index
(containing text, references to 10 jpeg images)

4. HTTP server closes TCP

5. HTTP client receives response connection.
message containing html file,
displays html. Parsing html file,
finds 10 referenced jpeg objects

6. Steps 1-5 repeated for

each of 10 jpeg objects
time

Application Layer: 2-22

Non-persistent HTTP: response time

RTT (definition): time for a small

packet to travel from client to initiate TCP
server and back connection
RTT
HTTP response time (per object):
 one RTT to initiate TCP connection request file
 one RTT for HTTP request and first few RTT time to
transmit
bytes of HTTP response to return file
 obect/file transmission time file received

time time
Non-persistent HTTP response time = 2RTT+ file transmission time
Application Layer: 2-23
Persistent HTTP
Non-persistent HTTP issues:
 requires 2 RTTs per object
 OS overhead for each TCP
connection
 browsers often open multiple
parallel TCP connections to
fetch referenced objects in
parallel
(HTTP 1.1)
Persistent HTTP (HTTP1.1):
 server leaves connection open after
sending response
 subsequent HTTP messages
between same client/server sent
over open connection
 client sends requests as soon as it
encounters a referenced object
 as little as one RTT for all the
referenced objects (cutting
response time in half)
Application Layer: 2-24
Application layer: overview
 P2P applications
 Principles of network  video streaming and content
applications distribution networks
 Web and HTTP  socket programming with
 E-mail, SMTP, IMAP UDP and TCP
 The Domain Name System
DNS

Application Layer: 2-25

E-mail user
agent
Three major components: mail user
 user agents server agent
 mail servers SMTP mail user
 simple mail transfer protocol: SMTP server agent
SMTP

User Agent SMTP user

agent
mail
 a.k.a. “mail reader” server
user
 composing, editing, reading mail messages agent
 e.g., Outlook, iPhone mail client user
agent
 outgoing, incoming messages stored on outgoing
message queue
server user mailbox

Application Layer: 2-26

E-mail: mail servers user
agent
mail servers: mail user
server
 mailbox contains incoming agent

messages for user SMTP mail user

server agent
 message queue of outgoing (to be SMTP
sent) mail messages
SMTP user
SMTP protocol between mail mail
server
agent

servers to send email messages user

agent
 client: sending mail server user
 “server”: receiving mail server agent
outgoing
message queue
user mailbox

Application Layer: 2-27

SMTP RFC (5321) “client”
SMTP server
“server”
SMTP server

 uses TCP to reliably transfer email message

initiate TCP
from client (mail server initiating connection
connection) to server, port 25 RTT
 direct transfer: sending server (acting like client) TCP connection
initiated
to receiving server
 three phases of transfer 220
• SMTP handshaking (greeting) SMTP HELO
handshaking
• SMTP transfer of messages 250 Hello
• SMTP closure
 command/response interaction (like HTTP) SMTP
• commands: ASCII text transfers
• response: status code and phrase time
Application Layer: 2-28
Scenario: Alice sends e-mail to Bob
1) Alice uses UA to compose e-mail 4) SMTP client sends Alice’s message
message “to” [email protected] over the TCP connection
2) Alice’s UA sends message to her 5) Bob’s mail server places
mail server using SMTP; message the message in Bob’s
placed in message queue mailbox
3) client side of SMTP at mail server 6) Bob invokes his user
opens TCP connection with Bob’s mail agent to read message
server

1 user mail user

mail agent
agent server server
2 3 6
4
5
Alice’s mail server Bob’s mail server
Application Layer: 2-29
SMTP: observations
comparison with HTTP:  SMTP uses persistent
 HTTP: client pull connections
 SMTP: client push  SMTP requires message
(header & body) to be in
 both have ASCII command/response 7-bit ASCII
interaction, status codes  SMTP server uses
CRLF.CRLF to determine
 HTTP: each object encapsulated in its end of message
own response message
 SMTP: multiple objects sent in
multipart message
Application Layer: 2-30
Mail message format
SMTP: protocol for exchanging e-mail messages, defined in RFC 5321
(like RFC 7231 defines HTTP)
RFC 2822 defines syntax for e-mail message itself (like HTML defines
syntax for web documents)
 header lines, e.g., header
blank
• To:
line
• From:
• Subject:
these lines, within the body of the email body
message area different from SMTP MAIL FROM:,
RCPT TO: commands!
 Body: the “message” , ASCII characters only
Application Layer: 2-31
 Retrieving email: mail access protocols
user
e-mail access user
SMTP SMTP protocol
agent agent
(e.g., IMAP,
HTTP)

sender’s e-mail receiver’s e-mail

server server

 SMTP: delivery/storage of e-mail messages to receiver’s server

 mail access protocol: retrieval from server
• IMAP: Internet Mail Access Protocol [RFC 3501]: messages stored on server, IMAP
provides retrieval, deletion, folders of stored messages on server
 HTTP: gmail, Hotmail, Yahoo!Mail, etc. provides web-based interface on
top of STMP (to send), IMAP (or POP) to retrieve e-mail messages
Application Layer: 2-32
Application Layer: Overview
 P2P applications
 Principles of network  video streaming and content
applications distribution networks
 Web and HTTP  socket programming with
 E-mail, SMTP, IMAP UDP and TCP
 The Domain Name System
DNS

Application Layer: 2-33

DNS: Domain Name System
people: many identifiers:
• NIN, name, passport #
Internet hosts, routers:
• IP address (32 bit) - used for
addressing datagrams
• “name”, e.g., cs.umass.edu -
used by humans
Q: how to map between IP
address and name, and vice
versa ?
Domain Name System (DNS):
 distributed database implemented in
hierarchy of many name servers
 application-layer protocol: hosts, DNS
servers communicate to resolve
names (address/name translation)
• note: core Internet function,
implemented as application-layer
protocol
• complexity at network’s “edge”
Application Layer: 2-34
DNS: services, structure
DNS services:
 hostname-to-IP-address translation
 host aliasing
• canonical, alias names
 mail server aliasing
 load distribution
• replicated Web servers: many IP
addresses correspond to one
name
Q: Why not centralize DNS?
 single point of failure
 traffic volume
 distant centralized database
 maintenance
A: doesn‘t scale!
 Comcast DNS servers alone:
600B DNS queries/day
 Akamai DNS servers alone:
2.2T DNS queries/day
Application Layer: 2-35
Thinking about the DNS
humongous distributed database:
 ~ billion records, each simple
handles many trillions of queries/day:
 many more reads than writes
 performance matters: almost every
Internet transaction interacts with
DNS - msecs count!
organizationally, physically decentralized:
 millions of different organizations
responsible for their records
“bulletproof”: reliability, security
Application Layer: 2-36
 DNS: a distributed, hierarchical database

Root DNS Servers Root

… …
.com DNS servers .org DNS servers .edu DNS servers Top Level Domain
… … … …
yahoo.com amazon.com pbs.org nyu.edu umass.edu
DNS servers DNS servers DNS servers DNS servers DNS servers Authoritative

Client wants IP address for www.amazon.com; 1st approximation:

 client queries root server to find .com DNS server
 client queries .com DNS server to get amazon.com DNS server
 client queries amazon.com DNS server to get IP address for www.amazon.com
Application Layer: 2-37
DNS: root name servers
 official, contact-of-last-resort by
name servers that can not
resolve name

Application Layer: 2-38

DNS: root name servers
 official, contact-of-last-resort by
name servers that can not 13 logical root name “servers”
worldwide each “server” replicated
resolve name many times (~200 servers in US)
 incredibly important Internet
function
• Internet couldn’t function without it!
• DNSSEC – provides security
(authentication, message integrity)
 ICANN (Internet Corporation for
Assigned Names and Numbers)
manages root DNS domain

Application Layer: 2-39

Top-Level Domain, and authoritative servers
Top-Level Domain (TLD) servers:
 responsible for .com, .org, .net, .edu, .aero, .jobs, .museums, and all top-level
country domains, e.g.: .ng, .cn, .uk, .fr, .ca, .jp
 Network Solutions: authoritative registry for .com, .net TLD
 Educause: .edu TLD

authoritative DNS servers:

 organization’s own DNS server(s), providing authoritative hostname to IP
mappings for organization’s named hosts
 can be maintained by organization or service provider

Application Layer: 2-40

Local DNS name servers
 when host makes DNS query, it is sent to its local DNS server
• Local DNS server returns reply, answering:
• from its local cache of recent name-to-address translation pairs (possibly out
of date!)
• forwarding request into DNS hierarchy for resolution
• each ISP has local DNS name server; to find yours:
• MacOS: % scutil --dns
• Windows: >ipconfig /all
 local DNS server doesn’t strictly belong to hierarchy

Application Layer: 2-41

DNS name resolution: iterated query
root DNS server
Example: host at cse.nyu.edu wants IP
address for gaia.cs.umass.edu 2
3
TLD DNS server
Iterated query: 1 4
 contacted server replies 8 5
with name of server to requesting host at local DNS server
contact cse.nyu.edu dns.nyu.edu
gaia.cs.umass.edu
 “I don’t know this name, 7 6
but ask this server”
authoritative DNS server
dns.cs.umass.edu

Application Layer: 2-42

DNS name resolution: recursive query
root DNS server
Example: host at engineering.nyu.edu
wants IP address for gaia.cs.umass.edu 2 3

7 6
Recursive query: 1 TLD DNS server
 puts burden of name 8
resolution on requesting host at local DNS server
5 4
engineering.nyu.edu dns.nyu.edu
contacted name gaia.cs.umass.edu

server
 heavy load at upper authoritative DNS server
levels of hierarchy? dns.cs.umass.edu

Application Layer: 2-43

Caching DNS Information
 once (any) name server learns mapping, it caches mapping,
and immediately returns a cached mapping in response to a
query
• caching improves response time
• cache entries timeout (disappear) after some time (TTL)
• TLD servers typically cached in local name servers
 cached entries may be out-of-date
• if named host changes IP address, may not be known Internet-
wide until all TTLs expire!
• best-effort name-to-address translation!

Application Layer: 2-44

DNS security
DDoS attacks Spoofing attacks
 bombard root servers with  intercept DNS queries,
traffic returning bogus replies
 DNS cache poisoning
• not successful to date
 RFC 4033: DNSSEC
• traffic filtering
authentication services
• local DNS servers cache IPs of TLD
servers, allowing root server
bypass
 bombard TLD servers
• potentially more dangerous

Application Layer: 2-45