Sei sulla pagina 1di 39

CHAPTER I : INTRODUCTION 1.

0 Introduction Electronic mail or email is one of the most commonly used services on the Internet, allowing people to send messages to one or more recipients. Email was invented by Ray Tomlinson in 1972. The operating principle behind email is relatively simple, which has quickly made it the most popular service used on the Internet. As with a traditional postal service, for sender message to reach the recipient, just need to know recipient address. Two main advantages over paper mail are the speed at which the email is sent practically instantaneous and the lower cost which included with the cost of an Internet connection. Email can be used to instantaneously send a message to several people at once. 1.2 Problem Statement There are problem for this project as the following: UniKL students always using another mail server for example Ymail, Gmail, Hotmail for their education conversations. 1.3 Research Objective The objective of this project is: To develop new mail server just for Unikl Staff And Students. Easy for student to sending works, assignment or anything by using this mail server. To provide the security for Student/Staff email so they not mixed with other outside email.

1.4 Project Scope 1

The scope for this project is divided into four parts. There are: Registration Students/Staffs able to register their email user under this mail server. Mailing System Students/Staffs able to send and reply their email.

1.5 Expected Outcome Student can receive their exam result, exam slips, payment report, chatting by under this mail server. 1.6 Limitation of project The limitation of this project is the system only able to use by Unikl Student and Staff by recornizing their ID numbers.

CHAPTER II : LITERATURE REVIEW 2

2.1 Introduction An electronic mail (email) facility allows users to send memos across an internet. Email is one of the most widely used application services. Indeed, some users rely on Email for normal business activities. Email is also popular because it offers a fast, convenient method of transferring information. Email accommodates small notes or large voluminous memos with a single mechanism over TCP/IP network. 2.2 Transmission Control Protocol (TCP) The Transmission Control Protocol (TCP) is one of the core protocols of the Internet Protocol Suite. TCP is one of the two original components of the suite, the other being Internet Protocol (IP), so the entire suite is commonly referred to as TCP/IP. Whereas IP handles lower-level transmissions from computer to computer as a message makes its way across the Internet, TCP operates at a higher level, concerned only with the two end systems, for example a Web browser and a Web server. In particular, TCP provides reliable, ordered delivery of a stream of bytes from a program on one computer to another program on another computer. Besides the Web, other common applications of TCP include e-mail and file transfer. Among its other management tasks, TCP controls segment size, flow control, the rate at which data is exchanged, and network traffic congestion. 2.3 Internet Protocol (IP) An Internet Protocol (IP) address is a numerical label that is assigned to devices participating in a computer network, that uses the Internet Protocol for communication between its nodes. An IP address serves two principal functions: host or network interface identification and location addressing. The designers of TCP/IP defined an IP address as a 32-bit number and this 3

system, known as Internet Protocol Version 4 or IPv4, is still in use today. However, due to the enormous growth of the Internet and the resulting depletion of available addresses, a new addressing system (IPv6), using 128 bits for the address, was developed in 1995 and last standardized by RFC 2460 in 1998. Although IP addresses are stored as binary numbers, they are usually displayed in human-readable notations, such as 208.77.188.166 (for IPv4), and 2001:db8:0:1234:0:567:1:1 (for IPv6). The Internet Protocol also routes data packets between networks; IP addresses specify the locations of the source and destination nodes in the topology of the routing system. For this purpose, some of the bits in an IP address are used to designate a subnetwork. The number of these bits is indicated in CIDR notation, appended to the IP address such as 208.77.188.166/24. As the development of private networks raised the threat of IPv4 address exhaustion, RFC 1918 set aside a group of private address spaces that may be used by anyone on private networks. They are often used with network address translators to connect to the global public Internet. The Internet Assigned Numbers Authority (IANA), which manages the IP address space allocations globally, cooperates with five Regional Internet Registries (RIRs) to allocate IP address blocks to Local Internet Registries (Internet service providers) and other entities. 2.4 Email Protocol Basicaly, a protocol is about a standard method used at each end of a communication channel, in order to properly transmit information. The mail client and mail server can exchange information with each other using a variety of protocols.

2.4.1 Simple Mail transfer Protocol(SMTP) 4

SMTP or Simple Mail Transfer Protocol and it is used to transfer email messages between computers. It is a text based protocol in which message text is specified along with the recipients of the message. Simple Mail Transfer Protocol is a 'push' protocol and it cannot be used to 'pull' the messages from the server. A procedure of queries and responses is used to send the message between the client and the server. An end user's email client or the relaying server's Mail Transport Agents can act as an SMTP client which is used to initiate a TCP connection to the port 25 of the server. SMTP is used to send the message from the mail client to the mail server and an email client using the POP/POP3 or IMAP/IMAP4 is used to retrieve the message from the server. An SMTP server performs the following functions, verifies the configuration and grants the permission to a computer that is making an attempt to send a message. It sends the message to the specified destination and tracks it to see whether it's delivered successfully or not. If it's not delivered successfully then an error message is send to the sender. There's one limitation to SMTP and it's the inability to authenticate the senders and this results in email spamming. The enhanced version of SMTP also exists and it's called as Extended SMTP (ESMTP). ESMTP is used to send the emails that include graphics and other attachments 2.4.2 Post Office Protocol Version 3(POP3) This is a very simple protocol where the user works offline. The user downloads incoming mail from the mail server onto its PC and terminates the TCP connection with the server. Only after the mail is downloaded does the user work with the individual mail messages. If the user wants to send mails, it will use the SMTP protocol.

2.4.3 Internet Message Access Protocol Version 4(IMAP4) 5

This is a complicated protocol that enables the user to work not only offline, but also online. The user can establish a connection with the mail server for a longer time and can be continuously informed by the server of changes in user mailbox. The IMAP protocol also enables the user to work with private mailboxes on the server directly from the PC. By means of the IMAP4 protocol, it is also possible to synchronize mailboxes on the PC to those on the server. Thus, the mailboxes on the server remain as a backup of mailboxes on the PC. If the user wants to send mail, user will again use the SMTP protocol. 2.5 Email Transmision Process When an email is sent, the message is routed from server to server, all the way to the recipient's email server. More precisely, the message is sent to the mail server tasked with transporting emails called the MTA (Mail Transport Agent) to the recipient's MTA. On the Internet, MTAs communicate with one another using the protocol SMTP, and so are logically called SMTP servers or sometimes outgoing mail servers. The recipient's MTA then delivers the email to the incoming mail server called the MDA (Mail Delivery Agent), which stores the email as it waits for the user to accept it. There are two main protocols used for retrieving email on an MDA. Incoming mail servers are called POP/IMAP servers, depending on which protocol is used based on figure 2 below:

Figure 1: Email Transmission Process To use a real-world analogy, MTAs act as the post office which sorting area and mail carrier and handle message transportation, while MDAs act as mailboxes, which store messages as much as their volume will allow until the recipients check the box. This means that it is not necessary for recipients to be connected in order for them to be sent email. To keep anonymous from checking other users' emails, MDA is protected by a user name called a login and password. Retrieving mail is done using a software program called an MUA (Mail User Agent). When the MUA is a program installed on the user's system, it is called an email client (such as Mozilla Thunderbird, Microsoft Outlook, Eudora Mail, Incredimail or Lotus Notes). When it is a web interface used for interacting with the incoming mail server, it is called webmail. 2.6 Domain Name System(DNS) All applications that provide communication between computers on the Internet use IP addresses to identify communicating hosts. However, IP addresses are difficult for human users to remember. That is why used the name of a network interface instead of an IP address. For each IP address, there is the name of a network interface (computer) or to be exact, a domain name. This domain name can be used in all 7

commands where it is possible to use an IP address. One exception where only an IP address can be used is the specification of an actual name server. A single IP address can have several domain names affiliated with it. The relationship between the name of a computer and an IP address is defined in the Domain Name System (DNS) database. The DNS database is distributed worldwide. It contains individual records that are called Resource Records (RR). Individual parts of the DNS database called zones are placed on particular name servers. That is, DNS is a worldwide distributed database.

Figure 2: DNS Flow From the figure 2 above, user key in www.google.com in the browser to access the website. Just before the connection with the www.google.com web server is made, the www.google.com DNS name is translated into an IP address and only then is the connection actually established. 2.7 Open Source Operating System In general, open source refers to any program whose source code is made available for use or modification as users or other developers see fit. Open source software is usually developed as a public collaboration and made freely available. Open Source is a certification mark owned by the Open Source Initiative (OSI). Developers of software that is intended to be freely shared and possibly improved and redistributed by others can use the Open Source trademark if their distribution terms 8

conform to the OSI's Open Source Definition. The idea is very similar to that behind free software and the copyleft concept of the Free Software Foundation.To summarize, the definition model of distribution terms require that: 1. The software being distributed must be redistributed to anyone else without any restriction. 2. The source code must be made available so that the receiving party will be able to improve or modify it. 3. The license can require improved versions of the software to carry a different name or version from the original software. 2.7.1 CentOS Operating System CentOS stands for Community ENTerprise Operating System as a group, community of open source contributors and users which is one of the most popular Linux distribution. Typical CentOS users are organisations and individuals that do not need strong commercial support in order to achieve successful operation. CentOS is for people who need an enterprise class operating system stability without the cost of certification and support. 2.7.2 CentOS Mail Server CentOS is a really good Linux distribution for server/workstation users as it has its advantages which is: 1. Supports POP3, IMAP and Web mail access. These are standard services that ideally should be available in any mail system for flexible email access. 2. Extremely fast, reliable and scalable. Linux performs well and its uptime is very good. 3. Does not require expensive hardware. Thanks to its fast and efficient services, expensive high end hardware is not necessary. 4. Secured, Linux operating system is very difficult to exploit. The National 9

Security Agency even contributed to allow Linux to support even stronger levels of security. 5. Powerful anti-spam filter, SpamAssassin uses a wide variety of local and network tests to identify spam signatures. 6. Has an effective and regularly updated anti-virus. The open source nature of Clam Antivirus allows it to respond to new viruses even faster than commercial antivirus softwares. 7. Has small to zero (as in free) software cost depending on support needs. Depending on support needs, user have the option of using a community supported Linux or a company supported. 8. Works with Microsoft Active Directory, able to integrate Microsoft Active Directory user accounts and distribution list into Linux mail server to simplify administration. 2.8 Send Mail Sendmail is not the only mail transport program; smail and qmail are also popular, but plain sendmail is the most widely used mail transport program. Sendmail eliminates the confusion caused by multiple mail delivery programs. It does this by routing mail for the user to the proper delivery program based on the email address. It accepts mail from a user's mail program, interprets the mail address, rewrites the address into the proper form for the delivery program, and routes the mail to the correct delivery program. sendmail insulates the end user from these details. If the mail is properly addressed, sendmail will see that it is properly passed on for delivery. Likewise, for incoming mail, sendmail interprets the address and either delivers the mail to a user's mail program or forwards it to another system.

10

Figure 3: Routed Through Sendmail Figure 3 illustrates sendmail's special role in routing mail between the various mail programs found on Unix/Unix like systems. In addition to routing mail between user programs and delivery programs, sendmail does the following: Receives and delivers SMTP mail Provides systemwide mail aliases, which allow mailing lists 2.9 RPM Package Manager RPM Package Manager is a package management system. The name RPM refers to two things: a software package file format, and software packaged in this format. RPM was intended primarily for GNU/Linux distributions; the file format RPM is the baseline package format of the Linux Standard Base. Originally developed by Red Hat for Red Hat Linux, RPM is now used by many GNU/Linux distributions.

11

2.10 Virtualization Virtualization is technology for supporting execution of computer program code, from applications to entire operating systems, in a software-controlled environment. Virtualization takes advantage of distinctions in most microprocessor architectures between common and privileged instructions and resources. For common, nonprivileged execution, guest program code executes with full native performance. Attempts to execute privileged instructions such as modifying machine state or configuration will result in an exception or trap, at which point, the hypervisor or virtual monitor assumes control. Insinuating the hypervisor between guest program code and real system resources permits the hypervisor to control and manage those resources and maintains a particular guest view of the system. The presence of the hypervisor and the isolation it maintains among guest operating systems enhances robustness and security by blocking access to critical resources by untrusted guest programs.

12

CHAPTER III : RESEARCH METHODOLOGY 3.1 Overview The main objective of this project is to build an email server that based on browser management and easy configuration setup. The implementation of this project is build, maintain, administrative and troubleshoot the server. The benefit of this project is student learn to use open source operating system, established mail services, server network mapping, diagnose problem and do any necessary troubleshooting. The development of this project are done by using Microsoft Virtual PC 2007, one of virtualization program, before implemented the developed operating system onto the real hardware. This is because virtualize hard disk can be converted into a real hard disk , which reduce the time usage and less hassle compare using real hardware for the development. 3.2 System Parts and Components This project is combination of hardware and software. Even so the major parts is on software,choosing a suitable hardware is still a priority. All of this application and software are installed onto single computer for the development purpose, which later on can be run as virtual or real server. The system used summerized as table 1 below: Email Server Application for virtual development Server operating system Server control and administrative panel Resolve IP address to name server Providing service for email sending and recieval Managing email user, group and authority Providing service for POP/IMAP protocol Networking Loopback networking interface for virtual network Tool to established secure connection to the server 13

1. 2. 3. 4. 5. 6. 7.

Microsoft Virtual PC Linux CentOS 4.2 Serverworx BIND DNS Sendmail Server Majordomo Mailing List Dovecot POP/IMAP Server

1 2.

Microsoft Loopback Adapter Secure Shell Client

1. 2.

Microsoft Outlook Express Squirrel Webmail

Email Client User interface email client application User interface email client through web browser

Table 1: System Parts and Components 3.3 Methodology This project methodology involving installation and configuration experience, computer system general knowledge and basic networking setup. 3.3.1 Microsoft Virtual PC Virtual Machine created through Microsoft Virtual PC following the specification based on figure below:

14

Figure 4: Microsoft Virtual PC Configuration From the figure 4 above, RAM usage for this virtual machine is only 512MB. Hard disk allocation is not fixed and expandable following server usage. This virtual machine using one hard disk and only one network adapter. FYP is the name for the virtualmachine. Start button on the console windows is to turn ON the server. 3.3.2 Linux CentOS 4.2 Operating System Linux CentOS 4.2 is installed upon the virtual hard disk using ISO image. An ISO image is an archive file or a disc image of an optical disc in a format defined by the International Organization for Standardization (ISO). This format is supported by many software vendors including Microsoft Virtual PC as show in the figure 5 below.

15

Figure 5: Microsoft Virtual PC with ISO Image 3.3.3 Serverworx Serverworx is a browser-based management control panel to add new users, activate services for this project. This control panel have simple user interface (UI) management mail server for configuration setup. Serverworx is a tool that allowed administrator to manage a large number of remote application and task from a single location as illustrated in figure 6 below:

Figure 6: Serverworx Control Panel Interface 16

3.3.3.1 Hostname and Domain Name Configuration Hostname and domain name can be configure easily through Serverworx control panel as showed in the figure 7 below:

Figure 7: Hostname and Domain Name Confguration

Figure 8: Geteway Setup Figure above showed a gateway, network point that acts as an entrance to another network, of this project as it is configured as 10.10.10.1.

17

3.3.3.1 DNS Configuration DNS can be configure easily through Serverworx control panel as showed in the figure below:

Figure 9: DNS Configuration 3.3.4 BIND DNS BIND is an open-source software that implements the Domain Name System (DNS) protocols for the Internet. The name BIND stands for Berkeley Internet Name Domain. The Domain Name System (DNS) resolve an ip address into a name and vice versa. To check DNS status for this project is as figure 10 below:

18

Figure 10: Name Server Lookup Nslookup is a computer program used in Windows and Unix to query Domain Name System (DNS) servers to find DNS details, including IP addresses of a particular computer and the NS servers of a domain. Figure 10 above show nslookup for the mail server DNS, in order to check the DNS is running or otherwise. 3.3.5 Sendmail Server Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail transfer and delivery methods, including the Simple Mail Transfer Protocol (SMTP) used for email transport over the Local Area Network (LAN) or Internet. 3.3.6 Majordomo Mailing List Majordomo is a program which automates the management of Internet mailing lists. Commands are sent to Majordomo via electronic mail to handle all aspects of list maintenance. Once a list is set up, virtually all operations can be performed remotely by email, requiring no intervention upon the postmaster of the list site. Majordomo controls a list of addresses for mail transport system such as sendmail to handle. Majordomo itself performs no mail delivery. 19

3.3.7 Dovecot POP/IMAP Server Dovecot is an open source IMAP and POP3 server for Linux/UNIX-like systems written with security primarily. It complements with high performance, ease of administration and rock solid security. 3.3.8 Microsoft Loopback Adapter Microsoft loopback adapter is just a dummy driver, no hardware involved. It is used as a testing tool for a virtual network environment where network access is not available. In this project, this network adapter configured as 10.10.10.10 as a host, connect to a mail server through gateway 10.10.10.1 as illustrated in the figure below.

Figure 11: Microsoft Loopback Adapter Configuration

Figure 12: Gateway Ping Test

20

Ping is a computer network tool used to test whether a particular host is reachable across an IP network. Figure above shows ping test which to check connection to 10.10.10.1 is reachable and established. 3.3.9 Secure Shell Client (SSH) Secure Shell or SSH is a network protocol that allows data to be exchanged using a secure channel between two networked devices. Used primarily on GNU/Linux and Unix based systems to access shell accounts. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user. In this project, SSH used to connect from the host to the mail server.

Figure 13: Secure Shell (SSH) Client From the figure 13 above, host from IP address 10.10.10.10 as stated on Microsoft Loopback Adapter, connect to the mail server with IP address 10.10.10.1 through SSH using port number 22 on TCP/IP network.

21

3.4 Network Mapping

Figure 14: Network Mapping From the figure above, host/client with IP address 10.10.10.10 connect to the mail server, centos.fyp.net, with IP address 10.10.10.1 using Microsoft Loopback Adapter. Mail server provide a server service which is DNS, Sendmail and Dovecot POP/IMAP. Administrator able to use host/client to access Serverworx, a powerful control panel using web browser for mail server management, configuration and administrative task. Administrator also can login to the server using SSH. Email user using host/client to access email. This network mapping shows virtualization network on a single computer.

22

3.5 Mail Server Flowchart

Flowchart 1: Mail Server Flowchart

23

CHAPTER IV : RESULT AND DISCUSSION 4.1 Result This project tested under virtualization after all setup had been done, services running and network connection established. Project tested on creating an email account, accessing created email and email transmission which is email sending and recieving. 4.1.1 Mail Server Login Page Administrator able to add new user using Serverworx control panel under User & Groups menu as showed in figure 15 below. Adding new user required username and password to access the email. Disk allocation feature limit user to a particular usage of the storage. Shell access enable email user to login to server. User can be divide into group where certain group have certain authority.

Figure 15: Adding New User

24

Figure 16: Email User List

Figure 16 above show email user list, group where the user belong and user authority. From this menu, administrator able to remove or alter anything regarding email user. User test01 and test02 created for demo testing purpose. 4.1.3 Accessing Email Account User email have 2 options to access email, using server integrated webmail or any email client. Squirrel Mail and Microsoft Outlook used for this project testing and demo purpose as shown in figure 22 and figure 23 below. From the figure, user test01 access email using webmail and user test02 access email using Microsoft Outlook.

25

Figure 17: Squirrel Webmail Login Interface

Figure 18: Microsoft Outlook Login Interface 4.1.4 Email Transmission Transmission of email tested after successful login for both user using webmail and email client. Transmission done based on chronology below: 1. Test01 login using Squirrel Webmail 2. Test02 login using Microsoft Outlook 3. Test01 composing an email to Test02 email address,test02@centos.fyp.net 4. Test02 receive sent email and reply to Test01 email, test01@centos.fyp.net, show in figure 19 below. 5. Test01 receive replied email from Test02, as show in figure 20 below.

26

Figure 19: Receiving email

Figure 20: Receiving Replied Email 27

4.2 Discussion Email successfully send and recieved following the desired objective even its not success on the first attempt. There are many problems occur before successful transmission achieve. After detail analyzation and troubleshooting, there are two problems that make the email transmission failed. First problem is iptables service is running where iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall, chains and rules it stores. This iptables service block email transmission. Iptables requires elevated privileges to operate and must be executed by user root. To overcome this problem, stop this services as root user and disable this services at server boot startup. Second problem is DNS and web caching, where is web caching is the caching of web documents to reduce bandwidth usage, server load, and perceived lag. Web still using the stored documents even the web page already been altered. This problem encountered by clearing all cache and history of the browser and start a fresh new. DNS cache is storing previous responses, and allows a DNS server to respond more quickly to multiple queries for the same domain or host. This problem solved by flushing previous DNS.

28

CHAPTER V : CONCLUSION 5.1 Project Conclusion To make a selection of procedure and method to apply on this project, each part of the project need to examine attentively. Most of the part must have their specification and configuration, followed by study and discussion before starting the development of the project. Internet source is the medium for the research, including other sources of information such as ebook, encyclopedia and forums but not all of the information is precise. Furthermore, it is hard to find reliable info regarding this project. The comparison between the internet, info from the book and testing are crucial step to get a precise functional result. Next step is start designing the project and system determination. During planning, there are a lot of meeting and discussion with the partner, project advisor and seeking opinion from the open source expert. Several time the plan revised due to change because some of part not suitable and difficult to finished. A lot of try and error method involve in the process of making this project, the most worst, start back from the begining when the error cant be undo. Compiling the source really consumed time and energy. Equipped with hard work, strong determination and help from surroundings, this project was finished and successfully function as desired on time. After all, open source operating system is totally different architecture from the Microsoft Windows operating system. The freedom licenses, GNU General Public License really make the open source system reliable and better performance because it is free to use, free to do any customization on the system and redistribute. Open source operating system are growing each day and slowly become well-known throughout the world.

29

5.2 Project Recommendation There are many improvement can be done on this project to increase server perfomance, security and functionality. Regarding perfomance, install this virtualization mail server on high perfomance computer server or appliance with high technology specification. This will increase the the speed of processing . When a system is used as a server on a public network, it becomes a target for attacks. For this reason, hardening the system and locking down services is of paramount importance for the system administrator for security purpose. Keep all services up to date to protect against the latest threats, use secure protocols whenever possible, serve only one type of network service per machine whenever possible and monitor all servers carefully for suspicious activity. Far most important, an antivirus application. For functionality, using a large amount of hard disk will increase user capacity per email and extra user can be added 5.3 Summary Mail Server Appliance successfully worked as planned and the objective fulfill. The objective is to Design browser-based and simple user interface (UI) management mail server with variety function, easy configuration setup and multiplatform access email. The appliances email server allows client to communicate internally to individuals and groups within the network. It includes auto-forward and auto-response capabilities. This mail server appliance is equipped with Dovecot POP/IMAP server, network protocol that enables a secure mail transmission to a client. To access an email, client can use any standard email client software or the appliances integrated email client called webmail. The mail server is configured easily, thanks to auto DNS features and interactive interface of Serverworx control panel.

30

REFERENCES BOOKS AND MANUALS Libor Dostalek, Alena Kabelova, (Apr 2006) Understanding TCP-IP, Packt Publishing Craig Hunt, (2002) Linux Network Servers, Sybex Inc John Holbrook, (Feb 2004) Step By Step Installation of a Secure Linux Web, DNS and Mail Server, GSEC Practical Hamish Whittal, (2005) Shell Scripting, The Shuttleworth Foundation Douglas E Commer, (2000) Internetworking with TCP-IP, Prentice Hall Terry Collings, (2005) Red Hat Enterprise Linux 4 For Dummies, Wiley Publishing Inc INTERNET WEBSITE http://serverworx.biz http://www.linuxmail.info/ http://linux-ip.net/html/basic-changing.html http://www.howtoforge.com/centos-5.1-server-lamp-email-dns-ftp-ispconfig http://flurdy.com/docs/postfix/ http://www.ludd.luth.se/~kavli/BIND-FAQ.html http://www.topbits.com/smtp.html http://www.wisegeek.com/what-is-a-mail-server.htm

31

APPENDIX Open System Interconnection (OSI) Communication between two computers is shown in the following figure 1:

Figure 1: Seven Layer Architecture of ISO OSI 1. Physical Layer The physical layer is responsible for activating the physical circuit between the Data Terminal Equipment (DTE) and Data Circuit-terminating Equipment (DCE), communicating through it, and then deactivating it. Additionally, the physical layer is also responsible for the communication between DCEs (see Figure 2). A computer or router can represent the DTE. The DCE, on the other hand, is usually represented by a modem or a multiplexer.

32

Figure 2: DTE and DCE To put it differently, the physical layer describes the electric or optical signals used for communicating between two computers. Physical circuits are created on the physical layer. Other appliances such as modems modulating a signal for a phone line are often put in the physical circuits created between two computers. Physical layer protocols specify the following: Electrical signals (for example, +1V) Connector shapes (for example, V.35) Media type (twisted pair, coaxial cable, optical fiber, etc.) Modulation (for example, FM, PM, etc.) Coding (for example, RZ, NRZ, etc.) Synchronization (synchronous and asynchronous communication, time source, and so on)

33

2. Data Link Layer As for serial links, the link layer provides data exchange between neighboring computers as well as data exchange between computers within a local network. For the link layer, the basic unit of data transfer is the data link packet frame (see Figure 3). A data frame is composed of a header, payload, and trailer.

Figure 3: Data Link Packet or Frame A frame carries the destination link address, source link address, and other control information in the header. The trailer usually contains the checksum of the transported data. By using the checksum, we can find out whether the payload has been damaged during transfer. The network-layer packet is usually included in the payload. In Figure 2, the link layer does not engage in a conversation between DTE and DCE (the link layer does not see the DCE). It is engaged, however, in the frame exchange between DTEs. (It relies on the physical layer to handle the DCE issue.) The following figure illustrates that different protocols can be used for each end of the connection on the physical layer. In our case, one of the ends uses the X.21 protocol while the other end uses the V.35 protocol. This rule is valid not only for serial links, but also for local networks. In local networks, you are more likely to encounter more complicated setups in which a switch that converts the link frames of one link protocol into link frames of a second one (for example, Ethernet into FDDI) is inserted between the two ends of the connection. This obviously results in different protocols being used on the physical layer.

34

Figure 4: Link Layer Communication A serial port or an Ethernet card can serve as a link interface. A link interface has a link address that is unique within a particular Local Area Network (LAN). 3. Network Layer The network layer ensures the data transfer between two remote computers within a particular Wide Area Network (WAN). The basic unit of transfer is a datagram that is wrapped (encapsulated) in a frame. The datagram is also composed of a header and data field. Trailers are not very common in network protocols.

Figure 5: Network Packet and its Insertion in the Link Frame

35

As shown in the figure 5 above, the datagram header, together with data (network-layer payload), creates the payload or data field of the frame. There is usually at least one router on WANs between two computers. The connection between two neighboring routers on the link layer is always direct. The router unpacks the datagram from a frame, only to wrap it again into a different frame (or, more generally, in a frame of different link protocol) before sending it to a different line. The network layer does not see the appliances on the physical and link layers (modems, repeaters, switches, etc.). The network layer does not care about what kind of link protocols are used on route between the source and the destination.

Figure 6: Network Layer Communication A serial port or an Ethernet card can be used as a network interface. A network interface has a one or more unique address within a particular WAN. 4. Transport Layer A network layer facilitates the connection between two remote computers. As far as the transport layer is concerned, it acts as if there were no modems, repeaters, bridges, or routers along the way. The transport layer relies completely on the services of lower layers. It also expects that the connection between two computers has been established, and it can therefore fully dedicate its efforts to the cooperation between two distant computers. Generally, the transport layer is responsible for communication between two 36

applications running on different computers. There can be several transport connections between two computers at any given time (for example, one for a virtual terminal and another for email). On the network layer, the transport packets are directed based on the address of the computer (or its network interface). On the transport layer, individual applications are addressed. Applications use unique addresses within one computer, so the transport address is usually composed of both the network and transport addresses.

Figure 7: Transport Layer Connection In this case, the basic transmission unit is the segment that is composed of a header and payload. The transport packet is transmitted within the payload of the network packet.

37

Figure 8: Inserting transport packets into network packets that are then inserted into link frames 5. Session Layer The session layer facilitates exchange of data between two applications. In other words, it serves as a checkpoint and is involved in synchronizing transactions, correctly closing files, and so on. Sharing a network disk is a good example of a session. The disk can be shared for a certain period of time, but the disk is not used for the entire time. When we need to work with a file on the network disk, a connection is established on the transport layer from the time when the file is opened to when it is closed. The session, however, exists on the session layer for the entire time the disk is being shared. The basic unit is a session layer PDU (Protocol Data Unit), which is inserted in a segment. Other books often illustrate this with a figure of a session-layer PDU, composed of the session header and payload, being inserted in the segment. Starting with the session layer, however, this does not necessarily have to be the case. The session layer information can be transmitted inside the payload. This situation is even more noticeable if, for example, the presentation layer encrypts the data, and thus changes the whole content of the session-layer PDU.

38

6. Presentation Layer The presentation layer is responsible for representing and securing data. The representation can differ on different computers. For example, it deals with the problem of whether the highest bit is in the byte on the right or on the left. By securing, we mean encrypting, ensuring data integrity, digital signing, and so forth. 7. Application Layer The application layer defines the format in which the data should be received from or handed over to the applications. For example, the OSI Virtual Terminal protocol describes how data should be formatted as well as the dialogue used between the two ends of the connection.

39