CCN Unit II

APPLICATION LAYER
 HTTP(HAYPER TEXT TRANSFER PROTOCOL)

Stateless
Because an HTTP server maintains no information about the clients, HTTP
is said to be a stateless protocol.

This simplifies server design and has permitted engineers to develop high-
performance Web servers that can handle thousands of simultaneous TCP
connections.

However, it is often desirable for a Web site to identify users, either because the
server wishes to restrict user access or because it wants to serve content as a
function of the user identity. For these purposes, HTTP uses cookies.

Suppose Susan, who always accesses the Web using Internet Explorer from her
home PC, contacts Amazon.com for the first time.

Let us suppose that in the past she has already visited the eBay site.
When the request comes into the Amazon Web server, the server creates a unique
identification number and creates an entry in its back-end database that is indexed
by the identification number.
The Amazon Web server then responds to Susan’s
browser, including in the HTTP response a Set-cookie: header, which contains
the identification number. For example, the header line might be:
Set-cookie: 1678

When Susan’s browser receives the HTTP response message, it sees the Setcookie:
header. The browser then appends a line to the special cookie file that it
manages. This line includes the hostname of the server and the identification number
in the Set-cookie:
header.

Note that the cookie file already has an entry for ebay. since Susan has visited that
site in the past. As Susan continues to browse the Amazon site, each time she
requests a Web page, her browser consults her cookie file, extracts her
identification number for this site, and puts a cookie header line that includes the
identification number in the HTTP request. Specifically, each of her HTTP requests
to the Amazon server includes the header line: Cookie: 1678
In this manner, the Amazon server is able to track Susan’s activity at the Amazon
site. Although the Amazon Web site does not necessarily know Susan’s name, it
knows exactly which pages user 1678 visited, in which order, and at what times!

Amazon uses cookies to provide its shopping cart service—Amazon can maintain a
list of all of Susan’s intended purchases, so that she can pay for them collectively at
the end of the session.

If Susan returns to Amazon’s site, say, one week later, her browser will continue
to put the header line Cookie: 1678 in the request messages. Amazon also recommends
products to Susan based on Web pages she has visited at Amazon in the
Past. If Susan also registers herself with Amazon—providing full name, e-mail
Address, postal address, and credit card information—Amazon can then include this
Information in its database, thereby associating Susan’s name with her identification
number
This is how
Amazon and other e-commerce sites provide “one-click shopping”—when
Susan chooses to purchase an item during a subsequent visit, she doesn’t
need to re-enter her name, credit card number, or address.
Web Caching
Example 20.3
In this example, we show how the client switches to the
character mode. This requires that the client request
the server to enable the SUPPRESS GO AHEAD and
ECHO options (see Figure 20.16).

TCP/IP Protocol Suite 39

 Application Programming Interface

API is an acronym for application programming

interface, a programming code that bridges computer
programs together.

In simple terms, it is any kind of software interface

that helps two different programs communicate.

APIs have increased connectivity between a range of

programs and have shaped diverse online solutions
and applications from every industry and in any
language.

What’s more, APIs are paving the way for new

In fact, many of us use APIs on a daily basis without even
realizing it.

example, when you check the weather forecast on your

phone, there is an API connecting your phone application to
the weather network.

When you log into Facebook or Instagram via Google, you’re

using an API.

From financial institutions like banks and credit card

providers to online streaming services like Netflix and
Spotify, third party API solutions are improving our collective
online experience.
 API full form is an Application Programming
Interface that is a collection of communication
protocols and subroutines used by various programs
to communicate between them.
 A programmer can make use of various API tools to
make their program easier and simpler. Also, an API
facilitates programmers with an efficient way to
develop their software programs.
 Thus api meaning is when an API helps two
programs or applications to communicate with each
other by providing them with the necessary tools
and functions.
 It takes the request from the user and sends it to
the service provider and then again sends the result
 A developer extensively uses APIs in his software to
implement various features by using an API call
without writing complex codes for the same.
 We can create an API for an operating
system , database system , hardware system,
JavaScript file , or similar object-oriented files.
 Also, an API is similar to a GUI(Graphical User
Interface) with one major difference.
 Unlike GUIs, an application program
interface helps software developers to access web
tools while a GUI helps to make a program easier to
understand for users.
 APIs are the building blocks for the todays websites
in which heavy data is transferred from the client to
server and vice versa
How do APIs Work?
The working of an API can be clearly explained with a
few simple steps.
Think of a client-server architecture where the client
sends the request via a medium to the server and
receives the response through the same medium.
An API acts as a communication medium between two
programs or systems for functioning.
The client is the user/customer (who sends the
request), the medium is the application interface
programming , and the server is the backend (where
the request is accepted and a response is provided).
Steps followed in the working of APIs –
•The client initiates the requests via the APIs URI
(Uniform Resource Identifier)
•The API makes a call to the server after receiving
the request
•Then the server sends the response back to the API
with the information
•Finally, the API transfers the data to the client

APIs are considered safe in terms of attacks as it

includes authorization credentials and an API
gateway to limit access so as to minimize security
threats. To provide additional security layers to the
data, HTTP headers, query string parameters, or
cookies are used.
Examples of APIs

Here is an everyday example to help illustrate how APIs work:

Think of yourself visiting your local grocery store to pick up a

few fruits and vegetables. When you enter the store, you are
able to easily select and purchase an extensive variety of
produce from all over the globe and eat it immediately. You do
not interact with the growers, pickers, packers, or suppliers,
instead you simply purchase directly from the store.

You can imagine the grocery store as an API, a “go-between”

that streamlines the entire process, end to end, and simplifies
your experience. The grocer acts as the connector between
you and the producers so that you can purchase your bananas
and carrots with ease.
PayPal is an API that is seamlessly used across the
globe. With PayPal, users can make purchases on an
eComm store, transfer money or bid on auction sites
like eBay in any currency.

As an API, PayPal connects bank information

directly to online vendors, all while keeping
sensitive information secure.

Booking.com uses third-party APIs to gather

extensive flight and hotel availability details,
collecting all the data in one convenient place, so
their users can choose the best option for travel.

Not only do Booking.com’s APIs generate the

aggregated list of travel and accommodation
details, but they also confirm availability with the
Why are APIs useful?

APIs are beneficial for both businesses and consumers

as they can consolidate processes, increase
communication and enable the exchange of data,
ultimately improving overall customer experience.

If you are a small business owner, as you

create a website for your company, you may want to
empower your customers and improve their
experience by integrating third party applications. For
example, imagine you are a private massage therapist
and your clients can not only book your services
directly online, but also automatically sync with their
Your client does not see any of these
communications between the systems, rather they
simply receive an alert to their calendar with an
appointment. APIs do all the heavy lifting between
these two systems.

APIs are also extremely useful for developers, who

do not need to start from scratch each time they
write a new program. Instead, they are able to create
a connection between two different programs using
an API.
Types of APIs

Here are the four types of web application programming interfaces:

•Open APIs refer to any kind of open source interfaces that both
developers and users can have access to. This type of API can also be
referred to as a public API, which, as the name implies, is shared freely
and published openly online for anyone to use.

•Partner APIs are not open to the public, and require specific
permissions in order to access or integrate them. These types of APIs
are more strategic and serve to connect B2B and B2C ventures.

•Internal APIs, also known as private APIs, are not open to any
external users. These types of APIs remain exclusive to a specific
business and are only used to improve internal communications and
development, such as payroll or HR systems.

•Composite APIs are a combination of at least two or more APIs. What

makes this type of API unique is that it can access several systems in
one call. Composite APIs are able to gather requests from multiple
sources into an organized sequence, in one single API call.
 TELNET
SSH, Socket and Socket address

Dr.Mrs.Kanchan Dhote
 Socket

• A socket is one endpoint of a two way communication link

between two programs running on the network.
• The socket mechanism provides a means of inter-process
communication (IPC) by establishing named contact points
between which the communication take place.
• The socket provides bidirectional Communication facility
over the network.
• A socket connecting to the network is created at each end
of the communication.
• Each socket has a specific address. This address is
composed of an IP address and a port number.
• Socket are generally employed in client
server applications. The server creates a
socket, attaches it to a network port
addresses then waits for the client to
contact it.
• The client creates a socket and then
attempts to connect to the server socket.
• When the connection is established,
transfer of data takes place.
• A socket is an endpoint for sending and receiving
data in a network, used in both TCP and UDP
communication.
 Types of Sockets

There are several types of sockets, each serving different purposes:

1. Stream Sockets: These provide a connection-oriented, reliable, and sequenced

flow of data. They use the Transmission Control Protocol (TCP) for data

transmission, ensuring that data arrives in the same order it was sent 2.

2. Datagram Sockets: These are connectionless and use the User Datagram

Protocol (UDP). They do not guarantee the order of delivery or even the delivery

itself
 Socket address
• A transport-layer protocol in the TCP suite
needs both the IP address and the port
number, at each end, to make a connection.
• The combination of an IP address and a port
number is called a socket address.
• The client socket address defines the client
process uniquely just as the server socket
address defines the server process uniquely as
shown in Figure.
• To use the services of transport layer in the
Internet, we need a pair of socket addresses:
the client socket address and the server
socket address.
• These four pieces of information are part of the
network-layer packet header and the transport-
layer packet header.
• The first header contains the IP addresses; the
second header contains the port numbers.
 SUMMARY OF
SOCKET AND SOCKET ADDRESS
 Definition
• A socket is an endpoint for communication
between two machines or processes over a
network. It allows for the exchange of data
between different processes, either on the same
machine or across different machines.

• Sockets are a fundamental part of network

communication and are used extensively in client-
server applications.
 Key Principles

• Sockets provide a means of inter-process communication

(IPC) by establishing named contact points between which
communication takes place.

• They are created using the socket system call and provide a
bidirectional communication facility over the network.

• Each socket has a specific address composed of an IP

address and a port number1.
 Types of Sockets

1. Stream Sockets: connection-oriented, reliable, and sequenced flow

of data.use the Transmission Control Protocol (TCP) for data

transmission, ensuring that data arrives in the same order it was sent.

2. Datagram Sockets: connectionless and use the User Datagram

Protocol (UDP),do not guarantee the order of delivery or even the

delivery itself
1. Process to process delivery (transport layer communication) needs
two identifiers, one is IP address and the other is port number at
each end to make a connection.
2. Socket address is the combinations of IP address and port number
as shown in the figure.
1. The client socket address defines the client process
uniquely whereas the server socket address defines
the server process uniquely.
2. A transport layer protocol requires the client socket
address as well as the server socket address. These
two addresses contain four pieces.
3. These four pieces go into the IP header and the
transport layer protocol header.
4. The IP header contains the IP addresses while the UDP
and TCP headers contain the port numbers.