Application Layer CE-143CNE-0802

Applications and application-layer protocols Application: communicating, distributed processes e.g., , Web, P2P file sharing, instant messaging e.g., , Web, P2P file sharing, instant messaging running in end systems (hosts) running in end systems (hosts) exchange messages to implement application exchange messages to implement application Application-layer protocols one “piece” of an app one “piece” of an app define messages exchanged by apps and actions taken define messages exchanged by apps and actions taken use communication services provided by lower layer protocols (TCP, UDP) use communication services provided by lower layer protocols (TCP, UDP) application transport network data link physical application transport network data link physical application transport network data link physical

App-layer protocol defines Types of messages exchanged, eg, request & response messages Types of messages exchanged, eg, request & response messages Syntax of message types: what fields in messages & how fields are delineated Syntax of message types: what fields in messages & how fields are delineated Semantics of the fields, ie, meaning of information in fields Semantics of the fields, ie, meaning of information in fields Rules for when and how processes send & respond to messages Rules for when and how processes send & respond to messages Public-domain protocols: defined in RFCs allows for interoperability eg, HTTP, SMTP Proprietary protocols: eg, KaZaA

Client-server paradigm Typical network app has two pieces: client and server application transport network data link physical application transport network data link physical Client: initiates contact with server (“speaks first”) initiates contact with server (“speaks first”) typically requests service from server, typically requests service from server, Web: client implemented in browser; in mail reader Web: client implemented in browser; in mail reader request reply Server: provides requested service to client provides requested service to client e.g., Web server sends requested Web page, mail server delivers e.g., Web server sends requested Web page, mail server delivers

What transport service does an app need? Data loss some apps (e.g., audio) can tolerate some loss some apps (e.g., audio) can tolerate some loss other apps (e.g., file transfer, telnet) require 100% reliable data transfer other apps (e.g., file transfer, telnet) require 100% reliable data transfer Timing some apps (e.g., Internet telephony, interactive games) require low delay to be “effective” Bandwidth some apps (e.g., multimedia) require minimum amount of bandwidth to be “effective” some apps (e.g., multimedia) require minimum amount of bandwidth to be “effective” other apps (“elastic apps”) make use of whatever bandwidth they get other apps (“elastic apps”) make use of whatever bandwidth they get

Aplikasi Internet DNS, WEB,

Domain Name System (DNS)

DNS: Domain Name System Internet hosts: IP address (32 bit) - used for addressing datagrams IP address (32 bit) - used for addressing datagrams “name”, e.g., ww.yahoo.com - used by humans “name”, e.g., ww.yahoo.com - used by humans DNS: provides translation between host name and IP address distributed database implemented in hierarchy of many name servers distributed database implemented in hierarchy of many name servers Distributed for scalability & reliability Distributed for scalability & reliability

DNS Services Hostname to IP address translation Hostname to IP address translation Host aliasing Host aliasing Canonical and alias names Canonical and alias names Mail server aliasing Mail server aliasing Load distribution Load distribution Replicated Web servers: set of IP addresses for one canonical name Replicated Web servers: set of IP addresses for one canonical name

requesting host Ce1.poltek.ac.id root DNS server local DNS server dns.poltek.ac.id authoritative DNS server Ns1.google.com 7 8 TLD DNS server DNS Infrastructure Host at cis.poly.edu wants IP address for gaia.cs.umass.edu Host at cis.poly.edu wants IP address for gaia.cs.umass.edu Infrastructure: Infrastructure: Client resolver Client resolver Local DNS server Local DNS server Authoritative DNS Server Authoritative DNS Server Root DNS Server Root DNS Server Top-Level Domain DNS Server Top-Level Domain DNS Server

Distributed, Hierarchical Database Root servers and TLD servers typically do not contain hostname to IP mappings; they contain mappings for locating authoritative servers. Root DNS Servers com DNS servers ca DNS serversid DNS servers co.id DNS servers ac.id DNS servers yahoo.com DNS servers amazon.com DNS servers ucalgary.ca DNS servers TLD Servers usask.ca DNS servers

requesting host Ce1.poltek.ac.id root DNS server local DNS server Ns1.poltek.ac.id authoritative DNS server Ns1.google.com 7 8 TLD DNS server 3 Recursive queries recursive query: puts burden of name resolution on contacted name server puts burden of name resolution on contacted name server heavy load? heavy load? iterated query: contacted server replies with name of server to contact contacted server replies with name of server to contact “I don’t know this name, but ask this server” “I don’t know this name, but ask this server”

DNS records DNS: distributed db storing resource records (RR) Type=NS name is domain (e.g. foo.com) value is IP address of authoritative name server for this domain RR format: (name, value, type, ttl) Type=A Type=A name is hostname name is hostname value is IP address value is IP address Type=CNAME Type=CNAME name is alias name for some “cannonical” (the real) name name is alias name for some “cannonical” (the real) name is really servereast.backup2.ibm.com is really servereast.backup2.ibm.com value is cannonical name value is cannonical name Type=MX Type=MX value is name of mailserver associated with name value is name of mailserver associated with name

DNS protocol, messages DNS protocol : query and reply messages, both with same message format msg header identification: 16 bit # for query, reply to query uses same # identification: 16 bit # for query, reply to query uses same # flags: flags: query or reply query or reply recursion desired recursion desired recursion available recursion available reply is authoritative reply is authoritative

DNS protocol, messages Name, type fields for a query RRs in reponse to query records for authoritative servers additional “helpful” info that may be used

DNS Server Configuration (Sample) ; zone file for example.com $TTL 2d ; secs default TTL for IN SOA ns1.example.com. hostmaster.example.com. ( ; se = serial number 12h ; ref = refresh 15m ; ret = update retry 3w ; ex = expiry 3h ; min = minimum ) IN NS ns1.example.com. IN MX 10 mail.example.net. joe IN A www IN CNAME joe

Security Issue on DNS DNS is plain text  easy to capture DNS is plain text  easy to capture No security mechanism to secure request No security mechanism to secure request Even easy to do Name Server Hijacking Even easy to do Name Server Hijacking It is vulnerable for Buffer Overflow Attack It is vulnerable for Buffer Overflow Attack

World Wide Web

WWW Background – Tim Berners-Lee invents the World Wide Web at CERN – Tim Berners-Lee invents the World Wide Web at CERN Means for transferring text and graphics simultaneously Means for transferring text and graphics simultaneously Client/Server data transfer protocol Client/Server data transfer protocol Communication via application level protocol Communication via application level protocol System ran on top of standard networking infrastructure System ran on top of standard networking infrastructure Text mark up language Text mark up language Not invented by Bernes-Lee Not invented by Bernes-Lee Simple and easy to use Simple and easy to use Requires a client application to render text/graphics Requires a client application to render text/graphics

WWW Components Structural Components Structural Components Clients/browsers – to dominant implementations Clients/browsers – to dominant implementations Servers – run on sophisticated hardware Servers – run on sophisticated hardware Caches – many interesting implementations Caches – many interesting implementations Internet – the global infrastructure which facilitates data transfer Internet – the global infrastructure which facilitates data transfer Semantic Components Semantic Components Hyper Text Transfer Protocol (HTTP) Hyper Text Transfer Protocol (HTTP) Hyper Text Markup Language (HTML) Hyper Text Markup Language (HTML) eXtensible Markup Language (XML) eXtensible Markup Language (XML) Uniform Resource Identifiers (URI) Uniform Resource Identifiers (URI) Uniform Resource Locator (URL) Uniform Resource Locator (URL)

Uniform Resource Identifiers Web resources need names/identifiers – Uniform Resource Identifiers (URIs) Web resources need names/identifiers – Uniform Resource Identifiers (URIs) Resource can reside anywhere on the Internet Resource can reside anywhere on the Internet URIs are a somewhat abstract notion URIs are a somewhat abstract notion A pointer to a resource to which request methods can be applied to generate potentially different responses A pointer to a resource to which request methods can be applied to generate potentially different responses A request method is eg. fetching or changing the object A request method is eg. fetching or changing the object Instance: Instance: Protocol, server, resource Protocol, server, resource Most popular form of a URI is the Uniform Resource Locator (URL) Most popular form of a URI is the Uniform Resource Locator (URL) FIND THE DIFFERENCE BETWEEN URL AND URI!!! FIND THE DIFFERENCE BETWEEN URL AND URI!!!

HTTP Basics Protocol for client/server communication Protocol for client/server communication The heart of the Web The heart of the Web Very simple request/response protocol Very simple request/response protocol Client sends request message, server replies with response message Client sends request message, server replies with response message Stateless Stateless Relies on URI naming mechanism Relies on URI naming mechanism Three versions have been used Three versions have been used 09/1.0 – very close to Berners-Lee’s original 09/1.0 – very close to Berners-Lee’s original RFC 1945 (original RFC is now expired) RFC 1945 (original RFC is now expired) 1.1 – developed to enhance performance, caching, compression 1.1 – developed to enhance performance, caching, compression RFC 2068 RFC dominates today but 1.1 is catching up 1.0 dominates today but 1.1 is catching up

HTTP Request Messages GET – retrieve document specified by URL GET – retrieve document specified by URL PUT – store specified document under given URL PUT – store specified document under given URL HEAD – retrieve info. about document specified by URL HEAD – retrieve info. about document specified by URL OPTIONS – retrieve information about available options OPTIONS – retrieve information about available options POST – give information (eg. annotation) to the server POST – give information (eg. annotation) to the server DELETE – remove document specified by URL DELETE – remove document specified by URL TRACE – loopback request message TRACE – loopback request message CONNECT – for use by caches CONNECT – for use by caches

HTTP Request Format First type of HTTP message: requests First type of HTTP message: requests Client browsers construct and send message Client browsers construct and send message Typical HTTP request: Typical HTTP request: GET HTTP/1.0 GET HTTP/1.0http:// request-line ( request request-URI HTTP-version) headers (0 or more) body (only for POST request)

HTTP Response Format Second type of HTTP message: response Second type of HTTP message: response Web servers construct and send response messages Web servers construct and send response messages Typical HTTP response: Typical HTTP response: HTTP/ Moved Permanently HTTP/ Moved Permanently Location: Location: status-line (HTTP-version response-code response-phrase) headers (0 or more) body

HTTP Response Codes 1xx – Informational – request received, processing 1xx – Informational – request received, processing 2xx – Success – action received, understood, accepted 2xx – Success – action received, understood, accepted 3xx – Redirection – further action necessary 3xx – Redirection – further action necessary 4xx – Client Error – bad syntax or cannot be fulfilled 4xx – Client Error – bad syntax or cannot be fulfilled 5xx – Server Error – server failed 5xx – Server Error – server failed

HTTP Headers Both requests and responses can contain a variable number of header fields Both requests and responses can contain a variable number of header fields Consists of field name, colon, space, field value Consists of field name, colon, space, field value 17 possible header types divided into three categories 17 possible header types divided into three categories Request Request Response Response Body Body Example: Date: Friday, 27-Apr-01 13:30:01 GMT Example: Date: Friday, 27-Apr-01 13:30:01 GMT Example: Content-length: 3001 Example: Content-length: 3001

HTTP/1.0 Network Interaction Clients make requests to port 80 on servers Clients make requests to port 80 on servers Uses DNS to resolve server name Uses DNS to resolve server name Clients make separate TCP connection for each URL Clients make separate TCP connection for each URL Some browsers open multiple TCP connections Some browsers open multiple TCP connections Netscape default = 4, WATCH OUT ON PIPELINING Netscape default = 4, WATCH OUT ON PIPELINING Server returns HTML page Server returns HTML page Many types of servers with a variety of implementations Many types of servers with a variety of implementations Apache is the most widely used Apache is the most widely used Freely available in source form Freely available in source form Client parses page Client parses page Requests embedded objects Requests embedded objects

HTTP/1.1 Performance Enhancements HTTP/1.0 is a “stop and wait” protocol HTTP/1.0 is a “stop and wait” protocol Separate TCP connection for each file Separate TCP connection for each file Connect setup and tear down is incurred for each file Connect setup and tear down is incurred for each file Inefficient use of packets Inefficient use of packets Server must maintain many connections in TIME_WAIT Server must maintain many connections in TIME_WAIT ISSUE on HTTP/1.0 ISSUE on HTTP/1.0 Resulted in HTTP/1.1 specification focused on performance enhancements Resulted in HTTP/1.1 specification focused on performance enhancements Persistent connections Persistent connections Pipelining Pipelining Enhanced caching options Enhanced caching options Support for compression Support for compression

Persistent Connections and Pipelining Persistent connections Persistent connections Use the same TCP connection(s) for transfer of multiple files Use the same TCP connection(s) for transfer of multiple files Reduces packet traffic significantly Reduces packet traffic significantly May or may not increase performance from client perspective May or may not increase performance from client perspective Load on server increases Load on server increases Pipelining Pipelining Pack as much data into a packet as possible Pack as much data into a packet as possible Requires length field(s) within header Requires length field(s) within header May or may not reduce packet traffic or increase performance May or may not reduce packet traffic or increase performance Page structure is critical Page structure is critical

HTML Basics Hyper-Text Markup Language Hyper-Text Markup Language A subset of Standardized General Markup Language (SGML) A subset of Standardized General Markup Language (SGML) Facilitates a hyper-media environment Facilitates a hyper-media environment Embedded links to other documents and applications Embedded links to other documents and applications Documents use elements to “mark up” or identify sections of text for different purposes or display characteristics Documents use elements to “mark up” or identify sections of text for different purposes or display characteristics Mark up elements are not seen by the user when page is displayed Mark up elements are not seen by the user when page is displayed Documents are rendered by browsers Documents are rendered by browsers NOTE: Not all documents in the Web are HTML! NOTE: Not all documents in the Web are HTML! Most people use WYSIWYG editors (MS Word) to generate HTML Most people use WYSIWYG editors (MS Word) to generate HTML

HTML Example PB’s HomePage UW Computer Science Department Welcome to my goofy HomePage! … Spot’s Page

Security Issue on Web By User By User Defacing Defacing SQL or Shell Inject SQL or Shell Inject DoS DoS By Owner By Owner Phissing (try this: Phissing (try this: Malware (Nice app to be downloded, contain malware) Malware (Nice app to be downloded, contain malware) Trojan/Virus/Worm (via sec’ hole in the Browser) Trojan/Virus/Worm (via sec’ hole in the Browser)

protocols SMTP: delivery/storage to receiver’s server SMTP: delivery/storage to receiver’s server Mail access protocol: retrieval from server Mail access protocol: retrieval from server POP: Post Office Protocol [RFC 1939] POP: Post Office Protocol [RFC 1939] authorization (agent server) and download authorization (agent server) and download IMAP: Internet Mail Access Protocol [RFC 1730] IMAP: Internet Mail Access Protocol [RFC 1730] more features (secure, database intragration, broad authentication, etc more features (secure, database intragration, broad authentication, etc HTTP: Hotmail, Yahoo! Mail, etc. HTTP: Hotmail, Yahoo! Mail, etc. user agent sender’s mail server user agent SMTP POP3/ IMAP/ WebMail receiver’s mail server

Electronic Mail Three major components: user agents user agents mail servers mail servers simple mail transfer protocol: SMTP simple mail transfer protocol: SMTP User Agent (mail reader) composing, editing, reading mail messages composing, editing, reading mail messages e.g., Eudora, Outlook, elm, Netscape Messenger e.g., Eudora, Outlook, elm, Netscape Messenger outgoing, incoming messages stored on server outgoing, incoming messages stored on server user mailbox outgoing message queue mail server user agent user agent user agent mail server user agent user agent mail server user agent SMTP

Electronic Mail: mail servers Mail Servers mailbox contains incoming messages for user mailbox contains incoming messages for user message queue of outgoing (to be sent) mail messages message queue of outgoing (to be sent) mail messages SMTP protocol between mail servers to send messages SMTP protocol between mail servers to send messages client: sending mail server client: sending mail server “server”: receiving mail server “server”: receiving mail server mail server user agent user agent user agent mail server user agent user agent mail server user agent SMTP

Electronic Mail: SMTP [RFC 2821] uses TCP to reliably transfer message from client to server, port 25 uses TCP to reliably transfer message from client to server, port 25 direct transfer: sending server to receiving server direct transfer: sending server to receiving server three phases of transfer three phases of transfer handshaking (greeting) handshaking (greeting) transfer of messages transfer of messages closure closure command/response interaction command/response interaction commands: ASCII text commands: ASCII text response: status code and phrase response: status code and phrase messages must be in 7-bit ASCII messages must be in 7-bit ASCII

Scenario: Alice sends message to Bob 1) Alice uses UA to compose message and “to” 2) Alice’s UA sends message to her mail server; message placed in message queue 3) Client side of SMTP opens TCP connection with Bob’s mail server 4) SMTP client sends Alice’s message over the TCP connection 5) Bob’s mail server places the message in Bob’s mailbox 6) Bob invokes his user agent to read message user agent mail server mail server user agent

Sample SMTP interaction S: 220 hamburger.edu C: HELO crepes.fr S: 250 Hello crepes.fr, pleased to meet you C: MAIL FROM: S: 250 Sender ok C: RCPT TO: S: 250 Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself C: Do you like ketchup? C: How about pickles? C:. S: 250 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection

Try SMTP interaction for yourself: telnet servername 25 telnet servername 25 see 220 reply from server see 220 reply from server enter HELO, MAIL FROM, RCPT TO, DATA, QUIT commands enter HELO, MAIL FROM, RCPT TO, DATA, QUIT commands above lets you send without using client (reader)

SMTP: final words SMTP uses persistent connections SMTP uses persistent connections SMTP requires message (header & body) to be in 7- bit ASCII SMTP requires message (header & body) to be in 7- bit ASCII SMTP server uses CRLF.CRLF to determine end of message SMTP server uses CRLF.CRLF to determine end of message Comparison with HTTP: HTTP: pull SMTP: push both have ASCII command/response interaction, status codes HTTP: each object encapsulated in its own response msg SMTP: multiple objects sent in multipart msg

Mail message format SMTP: protocol for exchanging msgs RFC 822: standard for text message format: header lines, e.g., header lines, e.g., To: To: From: From: Subject: Subject: different from SMTP commands! body body the “message”, ASCII characters only the “message”, ASCII characters only header body blank line

Message format: multimedia extensions MIME: multimedia mail extension, RFC 2045, 2056 MIME: multimedia mail extension, RFC 2045, 2056 additional lines in msg header declare MIME content type additional lines in msg header declare MIME content type From: To: Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data base64 encoded data multimedia data type, subtype, parameter declaration method used to encode data MIME version encoded data

MIME types Content-Type: type/subtype; parameters Text example subtypes: plain, html example subtypes: plain, htmlImage example subtypes: jpeg, gif example subtypes: jpeg, gifAudio exampe subtypes: basic (8-bit mu-law encoded), 32kadpcm (32 kbps coding) exampe subtypes: basic (8-bit mu-law encoded), 32kadpcm (32 kbps coding) Video example subtypes: mpeg, quicktime Application other data that must be processed by reader before “viewable” example subtypes: msword, octet-stream

Multipart Type From: To: Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=StartOfNextPart --StartOfNextPart Dear Bob, Please find a picture of a crepe. --StartOfNextPart Content-Transfer-Encoding: base64 Content-Type: image/jpeg base64 encoded data base64 encoded data --StartOfNextPart Do you want the reciple?

POP3 protocol authorization phase client commands: client commands: user: declare username user: declare username pass: password pass: password server responses server responses +OK +OK -ERR -ERR transaction phase, client: list: list message numbers list: list message numbers retr: retrieve message by number retr: retrieve message by number dele: delete dele: delete quit quit C: list S: S: S:. C: retr 1 S: S:. C: dele 1 C: retr 2 S: S:. C: dele 2 C: quit S: +OK POP3 server signing off S: +OK POP3 server ready C: user bob S: +OK C: pass hungry S: +OK user successfully logged on

POP3 (more) and IMAP More about POP3 Previous example uses “download and delete” mode. Previous example uses “download and delete” mode. Bob cannot re-read if he changes client Bob cannot re-read if he changes client “Download-and-keep”: copies of messages on different clients “Download-and-keep”: copies of messages on different clients POP3 is stateless across sessions POP3 is stateless across sessions IMAP Keep all messages in one place: the server Allows user to organize messages in folders IMAP keeps user state across sessions: names of folders and mappings between message IDs and folder name