CSE 524: Lecture 6 Application layer protocols

Where we’re at… ● Internet architecture and history ● Internet protocols in practice ● Application layer – Overview and functions – Network programming interface – Specific application protocols ● HTTP ● DNS, SMTP/POP, FTP, P2P ● Transport layer ● Network layer ● Data-link layer ● Physical layer

First….a quick refresher

DNS lookup methods ● Recursive queries – Server goes out and searches for more info on behalf of the client (recursive) – Only returns final answer or “not found” ● Iterative – Server responds with as much as it knows (i.e. name of server to contact next) – Client iteratively queries additional servers

AL: DNS Lookup Caching Example Client Local DNS server root & edu DNS server ogi.edu DNS server NS ogi.edu NS cse.ogi.edu www=IPaddr cse.ogi.edu DNS server

AL: Subsequent Lookup Example Client Local DNS server root & edu DNS server ogi.edu DNS server cse.ogi.edu DNS server ftp.cse.ogi.edu ftp=IPaddr ftp.cse.ogi.edu cse.ogi.edu entry cached

And now…

AL: A word about iterated queries and caching ● Recall – Recursive query to local DNS server – Iterative query from local DNS server on ● Why not do iterative queries from host? – Win2k client ● Does iterative queries from host – Caching implications?

AL: DNS dig example ● Real example using dig and named – Shows iterative queries, recursive queries, and caching ● dig – cat /etc/resolv.conf – dig +norecurse – +norecurse – +norecurse – dig +norecurse – dig +recurse – dig +norecurse

AL: DNS protocol, messages DNS protocol : query and repy messages, both with same message format msg header ● identification: 16 bit # for query, reply to query uses same # ● flags: ● query or reply ● recursion desired ● recursion available ● reply is authoritative

AL: DNS protocol, messages Name, type fields for a query RRs in reponse to query records for authoritative servers additional “helpful” info that may be used

AL: DNS issues ● Poor static configuration (root server list) ● Lack of exponential backoff ● No centralized caching per site – Each machine runs on caching local server ● UDP used for queries – Need reliability -> Why not TCP? ● Vulnerability of 13 TLD servers – Jon Postel and his mobility “experiment” – Attacks on TLD have occurred

AL: Electronic Mail Three major components: user agents (i.e. mail readers) ● Mozilla, Eudora, pine ● compose, edit, read, send mail servers ● Message storage and transfer ● Sendmail, postfix, etc. ● Can sometimes be co-located with user agents Transfer protocol ● SMTP ● simple mail transfer protocol user mailbox outgoing message queue mail server user agent user agent user agent mail server user agent user agent mail server user agent SMTP

AL: Mail servers Stores mailbox which contains incoming messages for user Stores message queue of outgoing mail messages – Storage for messages where destination is temporarily unavailable Uses SMTP to send messages to other mail servers –Mail servers are both clients and servers to each other mail server user agent user agent user agent mail server user agent user agent mail server user agent SMTP

AL: Electronic Mail: smtp [RFC 821] Uses TCP to reliably transfer message from client to server, port 25 direct transfer: sending server to receiving server relay: intermediate server transfer three phases of transfer –handshaking (greeting) –transfer of messages –closure command/response interaction –commands: ASCII text –response: status code and phrase

AL: Sample smtp interaction S: 220 hamburger.edu C: HELO crepes.fr S: 250 Hello crepes.fr, pleased to meet you C: MAIL FROM: S: 250 Sender ok C: RCPT TO: S: 250 Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself C: Do you like ketchup? C: How about pickles? C:. S: 250 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection

AL: try smtp interaction for yourself: ● telnet servername 25 ● see 220 reply from server ● enter HELO, MAIL FROM, RCPT TO, DATA, QUIT commands above lets you send without using client (reader)

AL: smtp: final words SMTP – uses persistent connections – requires that message (header & body) be in 7-bit ascii – certain character strings are not permitted in message (e.g., CRLF.CRLF ). Thus message has to be encoded (usually into either base-64 or quoted printable) – smtp server uses CRLF.CRLF to determine end of message Comparison with http http: pull push both have ASCII command/response interaction, status codes

AL: Mail message format smtp: protocol for exchanging msgs RFC 822: standard for text message format: header lines, e.g., –To: –From: –Subject: different from smtp commands! body –the “message”, ASCII characters only HTTP->html as SMTP-> header body blank line

AL: Message format: multimedia extensions MIME: multimedia mail extension, RFC 2045, 2056 additional lines in msg header declare MIME content type From: To: Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data base64 encoded data multimedia data type, subtype, parameter declaration method used to encode data MIME version encoded data

AL: MIME types Content-Type: type/subtype; parameters Text example subtypes: plain, html Image example subtypes: jpeg, gif Audio exampe subtypes: basic (8- bit mu-law encoded), 32kadpcm (32 kbps coding) Video example subtypes: mpeg, quicktime Application other data that must be processed by reader before “viewable” example subtypes: msword, octet-stream

AL: Multipart Type From: To: Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Type: multipart/mixed; boundary= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain Dear Bob, Please find a picture of a crepe Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data base64 encoded data

AL: Mail access protocols Mail delivery/transfer protocol –SMTP Mail access protocol: retrieval from server –POP: Post Office Protocol [RFC 1939] authorization (agent server) and download –IMAP: Internet Mail Access Protocol [RFC 1730] more features (more complex) manipulation of stored msgs on server –HTTP: Hotmail, Yahoo! Mail, Horde/IMP etc. user agent sender’s mail server user agent SMTP POP3 or IMAP receiver’s mail server user agent POP3 or IMAP web server HTTP web server SMTP user agent HTTP

AL: POP3 protocol authorization phase client commands: – user: declare username – pass: password server responses – +OK – -ERR transaction phase client commands: list: list message numbers top: get head of message retr: retrieve message by number dele: delete quit C: list S: S: S:. C: retr 1 S: S:. C: dele 1 C: retr 2 S: S:. C: dele 2 C: quit S: +OK POP3 server signing off S: +OK POP3 server ready C: user alice S: +OK C: pass hungry S: +OK user successfully logged on

AL: ftp: the file transfer protocol transfer file to/from remote host client/server model –client: side that initiates transfer (either to/from remote) –server: remote host ftp: RFC 959 ftp server: port 21 file transfer FTP server FTP user interface FTP client local file system remote file system user at host

AL: ftp: separate control, data connections Client contacts server at port 21 using TCP “Control connection” for exchanging commands and responses Out-of-band signalling between end-points Server maintains “state”: current directory, earlier authentication –Note the difference to HTTP authentication When files need to be transferred Request goes through control connection A new TCP connection for data transfer is negotiated and created Negotiation determines end-points of transfer and ports to use for new connection Protocol allows one ftp client to initiate a transfer between two ftp servers FTP client FTP server TCP control connection port 21 TCP data connection port 20

AL: ftp commands, responses Sample commands: sent as ASCII text over control channel USER username PASS password LIST return list of file in current directory RETR filename retrieves (gets) file STOR filename stores (puts) file onto remote host Sample return codes status code and phrase (as in http) 331 Username OK, password required 125 data connection already open; transfer starting 425 Can’t open data connection 452 Error writing file

AL: ftp, NAT and the PORT command ● Normal FTP mode – Server has port 20, 21 reserved – Client initiates control connection by connecting to port 21 on server – Client allocates port X for data connection – Client passes the data connection port (X) and its IP address in a PORT command to server – Server parses PORT command and initiates connection from its own port 20 to the client on port X – What if client is behind a NAT device? ● NAT must capture outgoing connections destined for port 21 and look to translate X within payload – What if NAT doesn’t parse PORT command correctly? – What if ftp server is running on a different port than 21? –

AL: ftp, NAT, and the PORT command ● Passive (PASV) mode – Client initiates control connection by connecting to port 21 on server – Client enables “Passive” mode – Server responds with PORT command giving client the IP address and port to use for subsequent data connection (usually port 20, but can be bypassed) – Client initiates data connection by connecting to specified port on server – Most web browsers do PASV-mode ftp – What if server is behind a NAT device? ● See client issues – What if both client and server are behind NAT devices? ● Problem ● Similar to P2P xfers