Application Layer

Functionality and
Protocols

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

Application Layer: OSI and TCP/IP Models

The communication process between two communicating nodes is
Actually a communication process between two applications on
these devices.
Service
application
protocol

Application layer protocols are used to exchange data between

programs running on the source and destination hosts.
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

Application Layer: OSI and TCP/IP

Models

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

Client
Server
Model

Client: the device requesting the information

Server: the device responding to the request is called a server.
The client begins the exchange by requesting data from the server.
Server responds by sending one or more streams of data to the client.
Application layer protocols describe the format of the requests and responses
between clients and servers.
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

Servers
The server runs a service, or process, sometimes called a server
daemon.
Daemons (like other services) typically run in the background and
are not under an end user's direct control.
Daemons are described as "listening" for a request from a client.
Programmed to respond whenever the server receives a request for the
service provided by the daemon.

When a daemon "hears" a request from a client:

It exchanges appropriate messages with the client, as required by its
protocol,
Proceeds to send the requested data to the client in the proper format.

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

Application Layer
Protocols

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

HTTP
(WWW)
We will examine
HTTP in detail.

FTP
(file transfer)

SMTP
(email)

Telnet
(remote login)
ITE PC v4.0
Chapter 1

DHCP
(IP address
resolution)
DNS
(domain name
resolution)
SMB
(file sharing)

P2P
(file sharing)

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

DNS

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

nslookup

nslookup
Displays default DNS server for your host
Can be used to query a domain name and get the IP address

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

Name Resolution

Resolver
DNS client programs used to look up DNS name information.
Name Resolution
The two types of queries that a DNS resolver (either a DNS client or another DNS server) can
make to a DNS server are the following:
Recursive queries
Queries performed by Host to Local DNS Server
Iterative queries
Queries performed Local DNS server to other servers

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

10

DNS Name
Resolution
1

User types http://www.example.com

Step 1.
The DNS resolver on the DNS client sends a recursive query to its
configured Local DNS server.
Requests IP address for "www.example.com".
The DNS server for that client is responsible for resolving the name
Cannot refer the DNS client to another DNS server.
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

11

DNS Name
Resolution
1

Step 2.
Local DNS Server forwards the query to a Root DNS server.

Step 3.
Root DNS server
Makes note of .com suffix
Returns a list of IP addresses for TLD (Top Level Domain Servers)
responsible for .com.
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

12

DNS Name
Resolution

Root DNS Servers

There are 13 Root DNS servers (labeled A through M)

TLD Servers
Responsible for domains such as .com, edu, org, .net, .uk, jp, fr
There are redundant servers throughout the world.
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

13

DNS Name Resolution

4
5

Step 4.
The local DNS server sends query for www.example.com to one of
the TLD servers.

Step 5.
TLD Server
Makes note of example.com
ITE PC v4.0
Chapter 1

Returns IP address for authoritative server example.com (such as

dns.example.com server)
2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

14

DNS Name Resolution

6
6
7

Step 6.
Local DNS server sends query for www.example.com directly to
DNS server for example.com

Step 7.
example.com DNS server responds with its IP address for
www.example.com
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

15

DNS Name Resolution

8

Step 8.
Local DNS server sends the IP address of www.example.com to the
DNS client.

DNS Caching
When a DNS server receives a DNS reply (mapping hostname to an
IP address) it can cache the information in its local memory.

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

16

DNS Name
Resolution

ipconfig /displaydns
After a certain amount of time, specified in the Time to Live (TTL)
associated with the DNS resource record, the resolver discards the
record from the cache.
ipconfig /flushdns Manually deletes entries

The default TTL for positive responses is 86,400 seconds (1 day).

The default TTL for negative responses is 300 seconds.
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

17

DHCP Dynamic Host Configuration Protocol

IP addresses and other information can be obtained:

Statically
Dynamically (DHCP)

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

18

DHCP
DHCP Information can
include:
IP address
Subnet mask
Default gateway
Domain name
DNS Server

DHCP servers can be:

Server on LAN
Router
Server at ISP

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

19

DHCP
We will discuss DHCP more when
we discuss IPv4.

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

20

Telnet

Telnet

Telnet
Server

Allows a user to remotely access another device (host, router,

switch).
A connection using Telnet is called a Virtual Terminal (VTY) session,
or connection.
Telnet uses software to create a virtual device that provides the same
features of a terminal session with access to the server command
line interface (CLI).
Telnet clients (Teraterm ,Hyperterm)
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

21

Telnet

Telnet supports user authentication, but does not encrypt data.

All data exchanged during a Telnet sessions is transported as plain
text.
Secure Shell (SSH) protocol offers an alternate and secure
method for server access.
Stronger authentication
Encrypts data
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

22

HTTP (HyperText Transfer Protocol)

HTTP
Server

Web page (html document)

Web page consists of
Objects
HTML file ,JPEG
image ,GIF image
,JAVA applet, Audio
file
ITE PC v4.0
Chapter 1

HTTP
Client

Browser The user

agent for the Web.
Displays requested
Web page and
provides navigational
and configuration
features.
2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

23

Web
Caching
Origin
Server

HTTP
Request

Web
Cache or
Proxy
Server

HTTP Response

HTTP Response
HTTP
Request

HTTP
Request

Origin
Server

Client

HTTP
Request

HTTP Response

Client

HTTP Response

1. Client/browser sends HTTP Request to Web cache (Proxy server).

2. Web cache checks to see if it has a local copy of the object.
2a. Local copy: Web cache sends object to clients browser.
2b. No Local copy: Web cache sends HTTP request to origin server.
3. Origin server sends object to Web cache.
4. Web cache stores a local copy of the object.
5. Web cache forwards copy of the object to the client browser.
Note: TCP connections are also created between Client and Web Cache; Web cache and Origin
server (later).
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

24

FTP
Client

FTP (File Transfer Protocol)

FTP
Server

FTP was developed to allow for file transfers between a client and a server.
Used to push and pull files from a server running the FTP daemon (FTPd).
Uses get and put commands
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

25

SMTP Simple Mail Transfer Protocol

User agent

Mail server
SMTP

Mail server

User agent

SMTP
POP3
IMAP

Internet mail involves:

User agents
Allows users to read, reply, compose, forward, save, etc., mail messages
GUI user agents: Outlook, Eudora, Messenger
Mail servers
Stores user mail boxes, communicates with local user agents and other
mail servers.
SMTP
Principle application layer protocol for Internet mail
Sent over TCP
Mail access protocols: POP3, IMAP, HTTP (Web-based email)
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

26

SMTP
MTA
receives email from the
client's MUA
passes email to the MDA
for final delivery
uses SMTP to route email
between servers

Mail software, processes used: MTA and MDA

MUA (Mail User Agent) Email client software.
MTA (Mail Transfer Agent) Software that governs transfer of email between mail
servers.
Includes UNIX sendmail, Microsoft Exchange Server, Postfix, and Exim
MDA (Mail Delivery Agent) Software that governs transfer of email from mail
servers to clients.
ITE PC v4.0
Chapter 1

On Unix systems, procmail and maildrop are the most popular MDAs.
2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

27

P2P File Sharing

P2P (Peer-to-Peer) file sharing accounts for more traffic on the

Internet than any other application (2004).
Peers (hosts) act as both clients and servers.
No centralized file server.
HTTP GET and responses are commonly used.
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

28

P2P Centralized Directory

Centralized
Directory
Server

Update
d
n
a
rm
1 Info
d Update
1 Inform an
1 Inform and Update

1 Inform
2 Query

1. Peer A starts P2P application

Peer B
Peer
Peer
3 File Transfer

and Upda
te

for conte

Peer A

nt

2. Informs centralized directory server of its:

IP address
Names of objects making available for sharing (MP3, videos, etc.)
3. Directory server collects information from each peer that becomes active.
Dynamic database
Maps IP addresses with object names
4. Peer A queries directory server for IP addresses of other peers for specific content
Directory Server returns IP addresses for those peers (Peer B)
5. Peer A establishes TCP connection and downloads file (i.e. HTTP GET) from other peer, Peer B.
6. Directory server removes Peer from database when Peer closes application or disconnects from
Internet (periodic messages pings from server).
ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

29

P2P Query
Flooding

Query
ry
Que
it
ry h
e
u
Q
Query

Query hit
Peer B
nsfer
File tra

Peer C

Query
Peer A

Que
ry
Que
ry h
it

Peer D

Peer E

Peer F
Peer A searches for a file
1. Peer A sends query to all neighboring peers.
2. If neighboring peer does not have file, forwards query to all its neighboring peers
3. If any peer has the file it returns a query hit message.
4. Peer A selects a peer, Peer C, to retrieve file (HTTP GET)
5. A direct TCP connection is made with selected peer, Peer C.
6. HTTP response is used to send file.

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

30

P2P - Combination
Group
Leader

Group
Leader
Query

Query
ery
u
Q

Query
R

Group
Leader

eply

Kazaa combines ideas from Napster and Gnutella

2004 Contributed to more traffic on Internet than any other application
2007 Bittorrent became the leading application
Proprietary technology

ITE PC v4.0
Chapter 1

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

31

Summary
DNS

DHCP

TELNET

applications

P2P FILE SHARING

ITE PC v4.0
Chapter 1

SMTP

HTT
P

2007 Cisco Systems, Inc. All rights reserved.

Cisco Public

32