Chapter 9: The Application Layer · • Proxy: the local DNS servers ack like a proxy to the...

Chapter 9: The Application Layer

By: Bhargavi Goswami, Sunshine Group of Institutions, Rajkot. Sub: FON, Email: [email protected]

The application layer: Introduction

• A layer interacting with the user

• Applications run at application layer

• Use TCP or UDP to get their job done

• SOCKET API is used for interaction

• Varieties of applications to deal with

• Users expect similar behavior for Internet based applications like browsers

Two Topics:

1. DNS

2. EMAIL

Q. DNS (Domain Name Service):

essence of DNS: Invention of a hierarchical, domain-based naming scheme and a distributed

database system for implementing this naming scheme.

It is primarily used for mapping host names and e-mail destinations to IP addresses but can also be

used for other purposes.

DNS is defined in RFCs 1034 and 1035.

For mapping library procedure called resolver is called.

Eg: gethostbyname.

Procedure: The resolver sends a UDP packet to a local DNS server, which then looks up the name

and returns the IP address to the resolver, which then returns it to the caller.

Armed with the IP address, the program can then establish a TCP connection with the destination or

send it UDP packets.

DNS entries in DNS tables are purged after every one or two days.



Q. Domain namespace requirements:

• Efficient

• Continue working despite break downs

• Should not introduce additional overheads

• Information available from the nearby servers

• Contain a few additional information

• A single server can manage multiple networks.

• It should be secure enough (not provided)

• Non-case-sensitive: It doesn’t differentiate between upper and lower case letters.

Q. DNS Poisoning:

• When a system is poisoned with incorrect information, users who faithfully type a specified

company’s URL are switched to some other(hacker’s) place.

• This is known as DNS Poisoning.

• Solution, DNS namespace or domain namespace.

Q. Labels and domains:

A label is a string which cannot exceed 63 characters.

The domain name is collection of such labels separated by dots.

Domain name either represents a bunch of computers or a single computer.

The root is a null label and all other labels are non-null.

Q. Fully Qualified v/s Partially Qualified Name:

• FQDM: Fully qualified domain name for abcict is “abcict.org.”(with

• The last dot is not accident; it represents an empty string coming next to org.

• This empty string (null label) represents the root servers which are, for some obscure reason, kept

anonymous.

• PQDM: A partially qualified domain name like abcict.org (without last dot) or abcict can also be

used if context is clear.

• Resolver contains logic to convert partially qualified names to fully qualified names.

Q. Advantages of Hierarchy:

• Even TLD(Top Level Domains) have a few domains and sub domains under it.

• Reasons of Hierarchy:

1. Improve search time

2. Avoid congestion by distributing queries over distributed servers instead of firing queries to

central server.

3. Hierarchy helps better organization. Root Servers store only DNS Server Names, which is

forwarded to 13 internet servers.

4. Hierarchy also helps in efficient resolution of domain names. When most of queries are

answered by local machines, servers are not heavily loaded.



5. DNS database is comparatively static. Information can be cached by resolvers. Thus, efficient

DNS access.

6. Helps clear cut controlling of infrastructure. Owners of domain, grant subdomains and further

grant subdomains under them.

7. Showcases flexibility in assignment. Eg. ABC has ica (institute of computer applications),

ict(technology), ibm (institute of business management), etc under it as subdomains.

8. Partitioning mechanism is both, administratively efficient to add or delete a subdomain and

technically efficient for mapping names to numbers.

• Space constraint

• Processing time constraint

• Congestion near the server

• Organized form of information

• Efficient resolution of domain names

• A comparatively static database is better to be organized this way

• Clear cut controlling infrastructure

• Delegation of authority is clearly defined

• Autonomous control

Domains and hierarchy: lower level domains are part of higher level domains



Q. Domain names:

• Partially and fully qualified names

• Resolver

• Resolution process

Q. Distributed database:

• Most of the queries in DNS are resolved within the local server’s scope

• It reduces the network traffic

• No single point of failure

• Easy maintenance

• Can be easily managed



Q.DNS terms:

• Resolution: Searching IP address for a given domain is most important and most frequent operation

of DNS. This is called resolution.

• Authoritative Servers: Servers are known as authoritative servers when they have the authority over

names of specified domains. Records coming from authoritative servers are always correct. Cached

records may not stale and thus incorrect sometimes.

• Proxy: the local DNS servers ack like a proxy to the machine that is looking for the IP address.

• Iterative Name Resolution: Local machine queries local DNS server which pushes it to different

servers starting from root server to abcict server and returns back to local machine in the end. Large

search time. Long run to get details.

• Recursive Name Resolution: Local machines queries local DNS servers, which passes to different

servers starting from root server to abcict server and returns back to local machine at the end. Small

search time. Get answers without asking any other server.

Iterative Name Resolution:

Recursive name resolution



Q. Zones:

• Area of domain namespace that is managed by single server known as zone.

• Single zone can have multiple domains and visa versa.

• Zones are non-overlapping, so no area of hierarchy is managed by multiple servers.

• Each zone is responsible for each its area.

• Risk : If server goes down, entire zone suffers.

• Solution? IETF mandatorily imposed that primary server must have another backup server that can

be switch over in case of failure.

• Both servers (primary & backup) should not draw power from same power source.

• For more security, secondary servers are also duplicated or backup servers are kept out of zone.

• Backup servers gets synchronized updated by answering queries of overloaded primary servers also.

• Main servers perform addition and removal of domain names which is never done by backup servers.

Q.The Registration Process:

• Its imp that companies select any domain name.

• This is taken care by ICANN (Internet Corporation of Assigned Names and Number) that each one

gets unique domain name.

• The job of registrar is shown in figure above.

• Organization interested to work as registrar must get accreditation from ICANN.

• Registrars usually charge some fees.

• Eg. To join under “in” domain, he has to choose from 70 registrars available.

• Registrars provide 2 services:

– Insert primary and secondary server’s IPaddress in TLD for specified domain.



– Adds mail id with domain.

• Steps for registering a domain:

1. Get unique domain name (user’s desire)

2. Pay a little registration fees

3. Register domain name, web server & mail server.

4. Get primary and backup servers. Mostly ISP provide their server’s on rent.

5. Web & Mail servers also need to be installed and running for registration.

6. Additionally, ISP provide service of registering your domain in search engines.

• Special registrars are appointed for government and education domain registrations.

1. Eg. NIC (National Information Center) for govn org.

2. ERNET (Education and research network) for education i.e ac.in or edu.in

Q. Name Servers:

Name servers answer ‘DNS’ questions.

Several types of name servers:

Authoritative servers: Give authoritative answers for one or more zones. Are always correct.

master (primary): server normally loads the data from a zone file.

slave (secondary): normally replicates the data from the master via a zone transfer.

(Caching) recursive servers: do the actual lookups; they ask questions to the DNS on behalf

of the clients.

Answers are obtained from authoritative servers but the answers forwarded to the

clients are marked as not authoritative.

Stored in memory (cache) temporarily.

Also caching forwarders: Answers are stored for future reference in the cache.

Mixture of functionality: Resolvers ask the questions to the DNS system on behalf of the application.

Normally implemented in a system library (e.g, libc)

gethostbyname(char *name);

gethostbyaddr(char *addr, int len, type);

When queries are not satisfied locally, query fails but it return next server address.

This reduces response time and gives o/p that server is down, needs more time to resolve the

query.

3 Types

1. Root Servers

2. TLD, Top Level Domain servers

3. Authoritative Servers

• Makes system more reliable, efficient, robust.



• If clusters, floods of queries can be handled parallel.

• At times ISP does the job by renting servers.

• See next fig.

Domain Name servers, root, TLD and Local servers:

Q. Resource Records:

• DNS database is stored as resource records.

• Stores >> IPaddress, Mail Server Names, relevant information in zone file.

• Contains five different fields.

– Domain

– Time to live

– Class

– Type

– Value

• Files that hold all such records is known as zone file.

• Primary servers create and destroy Resource Records.

• Questions asked by DNS are answered by resource record.

• Next table is Type of Resource Record

• Next to Next figure is Zone File

Type Meaning Value

A IPv4 address 32-bit value

AAAA IPv6 address 128-bit value

CNAME Canonical Name Alias name for host

PTR Pointer IP address (IPv4 or IPv6)

NS Name Server Name server(s)

SOA Start of Authority Zone name etc

MX Mail Exchanger mail server/exchanger

HINFO Host Info Optional information



SPF Sender Policy Framework Identify mail servers

TXT Text Text information

DNSKEY DNS Key Public key of domain

RRSIG R R Signature Resource Record Signature

Zone File:

Domain Time-to-live Class Type Value

207.118.130.194 / 24 172800 IN PTR abcict.org.

ftp.abcict.org. 172800 IN CNAME Vishwanath.abcict.org.

abcict.org. 172800 IN NS ns2.webmastersindia.com.


abcict.org. 172800 IN A 207.118.130.194

abcict.org. 172800 IN MX (10) mail.abcict.org.

172800 IN MX (20) Vishwanath.abcict.org

172800 IN MX (30) Ponting.abcict.org

mail.abcict.org. 172800 IN A 207.118.130.194

www.abcict.org. 172800 IN CNAME Ponting.abcict.org

www.abcict.org. 172800 IN CNAME abcict.org.

Ponting.abcict.org. 172800 IN A 208.118.130.194

Ponting.abcict.org. 172800 IN HINFO HP laptop with RHEL 9

Vishwanath.abcict.org. 172800 IN A 209.118.130.194

172800 IN HINFO HP I3

laser.abcict.org 172800 IN A 210.118.130.194

172800 IN HINFO The laser printer

DNS Records for big websites:

DNS records for a big website with multiple servers

Domain Time to live Class Type Value

www.TheBigWebsite.com 172800 IN A 1.2.3.4





Name Servers:

Name servers



https://www.glsict.org:8443/plesk/client@5/domain@70/dns/resource-record@965/properties/?previous_page=dns











Load Balancing using Distributed Strategy instead of Central Control:

Load balancing in name servers

Domain Time to live Class Type Value

oracle.com. 172800 IN NS u-ns2.oracle.com.


oracle.com. 172800 IN NS u-ns4.oracle.com

oracle.com. 172800 IN NS u-ns5.oracle.com


oracle.com. 172800 IN NS ns1.oracle.com.

oracle.com. 172800 IN NS ns4.oracle.com.

oracle.com. 172800 IN NS Ns1.oracle.com.

The principal DNS resource records types for IPv4:

SOA: provides information about the name server's zone,

the e-mail address of its administrator,

a unique serial number, and

various flags and

timeouts.

A (Address) record: It holds a 32-bit IP address. IPv4 or IPv6 (A6: IPv6 address).

NS: Value contains name for host that knows how to resolve the name.

CNAME: Value is a canonical name for host, used to define aliases.

HINFO: Host information, OS, Configuration of host.

MX: Value gives the domain name for a host running a mail server and ready to accept mails.

PTR: Pointer to domain name (reverse DNS). Primary DNS data type. Bind name with IP.

TXT: Free Text. allows domains to identify themselves in arbitrary ways.



Resource records with blank names

abcict.org. 172800 IN MX (10) mail.abcict.org.

172800 IN MX (20) Vishwanath.abcict.org

Partially qualified domain names

www 172800 IN CNAME Ponting ;canonical name is Ponting.abcict.org

ftp 172800 IN CNAME Vishwanath ;canonical name is

Vishwanath.abcict.org

ftp.abcict 172800 IN CNAME Vishwanath.abcict.org ;exactly as above

DNS query and resource record in response:


ftp://ftp.abcict/



Q. What is HTTP?

Browser is a client program and Web server is a server program.

Both of them talk to each other using HTTP (Hyper Text Transfer Protocol).

Browsers are sometimes regarded as HTTP clients and Web Servers are regarded as HTTP servers.

Download consist of many items like text, images, audio clips, video, etc.

Web pages can be of two types. Static Page and Dynamic Page.

To develop dynamic webpage, quite a few alternate techniques are used. One of them is CGI – Common

Gateway Interface.

PHP, ASP.net, Java that can construct dynamic web pages.

Web pages are always addressed by its uniform resource locator (URL).

Eg. http://www.oup.co.in/schools/index.php

Here, http:// indicates that it uses HTTP protocol.

www.oup.co.in indicates web server of oxford university press and is Indian website so co.in

/schools/index.php indicates that storage location is in some different directory called schools, also

called virtual directory location.

Eg.

Q. Write a note one HTTP Request and HTTP Response. Also list down all the methods for it.

HTTP Request:

GET http://www.oup.co.in/category.php?cat_id=43 HTTP/1.1

Host: www.oup.co.in

User-Agent: Mozilla/5.0;

Accept: text/html,application/xhtml+xml, application/xml;q=0.9,*/*;q=0.8

Accept-Language: en-us,en;q=0.5

Accept-Encoding: gzip,deflate

Cookie: PHPSESSID=c3a1082780a2c6621126fa3bd8ad11f1

http://www.oup.co.in/schools/index.php

http://www.oup.co.in/



HTTP Response:

HTTP/1.0 200 OK

Date: Mon, 19 Apr 2010 10:50:00 GMT

Server: Apache/1.3.27 (Unix) PHP/4.2.3 mod_ssl/2.8.12 OpenSSL/0.9.7g

X-Powered-By: PHP/4.2.3

Expires: Thu, 19 Nov 2010 08:52:00 GMT

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0

Content-Type: text/html

Connection: close

The structure of request and response:

Components of request and response:



Complete request structure:

Complete response structure:

Method Function

GET Retrieve a page from the server. A few simple inputs can be provided. Body is

always empty.

POST Provide information to the server. Nonempty body part contains the information.

HEADE

R

Same as GET except the body of the page is not retrieved.

PUT Place the data at the user- specified URL.

DELET

E

Remove an object from the web server.

CONNE

CT

Helps converting an HTTP request into HTTPS.



Q. What is the persistent connection? How does pipelining helps? Also explain Cookies.

The persistent connection:

Servers can be of two types, stateful and stateless.

Stateful servers keep a track on their clients state and respond to their queries accordingly.

On the other hand, if server is stateless, client must explicitly specify the record it wants because the

server forgets everything about the client once a query is over.

Stateful servers provide additional facility to clients in comparison of stateless servers.

Often , multiple requests are sent and responses are sought from a single TCP connection and so, no

additional task of establishing TCP connection every time getting connected to the server.

When the connection does not need to be established afresh, the response time improves.

Pipelining:

Pipelining is stacking multiple request and sending them together when a page consist of multiple

objects like HTML files, images, audio chips, etc.

Most of modern browsers provide this facility.

It improves the performance of an HTTP 1.1 client connection.

Cookies:

Browsers store relevant data of previous connections as cookies to facilitate quick access when the user

tries to establish the same connection again.

Cookies are alphanumeric values stored at client by browser.



The information is stored in database at the server side and indexed by the unique number.

This number is passed back to the client in form of a cookie as a header Set-Cookie: with a value.

Eg. Set-Cookie: SachinID = c3a1082

This helps Sachine next time he gets online on the same website.

Sachine do not have to give his details everytime he gets online on the same website.

But only dis-advantage is that this information can be used by hackers and that my result we

compromise with our security.

Q. What is session variable? Also explain conditional download.

Session Variable:

Session variables are quite similar to cookies, but their lifetime is restricted to a single instance of a

program.

ASP.NET, JSP and PHP uses session variables.

Some session variables have a scope of lifetime of server and some have lifetime of client login duration.

Administrator of website can see few links which others can’t see. How?

Using session variables.

o if (username == “ ”),

o //no username provided

o Jump to login page

o else if (user name != administrator)

o Display “this page is restricted” message

Session variables are also useful in keeping shopping list for a shopping cart applications.

It is used to prepare final list and billing.

Both session and cookies improve users’ convenience but they bring potential security problems as well.

Thus, overuse of both must be avoided.



Conditional Download:

Suppose a user visits the website of Sunshine to download a page to find our details about regular

faculties of Sunshine.

If the browser has asked for the same page sometime back and it is already there in cache, then HTTP

can compare two versions and download only if necessary , not otherwise.

A special entry called conditional header is provided in the request to enable such behavior.

If server has not modified that file, it doesn’t send the data.

And msg comes from server with empty body.

Conditional download: request

GET http://www.glsict.org/mcaregular.htm HTTP/1.1

Host: www.glsict.org

If-modified-since: Thu, 29 Mar 2010 4:35:10 GMT

Conditional download: Two responses

Response-1

HTTP/1.1 304 Not Modified

Response-2

HTTP/1.1 200 OK

Date: Mon, 19 Apr 2010 10:50:00 GMT

Server: Apache

Last-Modified: 15 Apr 2010 3:34:05 GMT



Q. Explain Proxies as Intermediaries.

The protocol can specify one or more intermediaries that can access the pages on user’s behalf.

These intermediaries are known as proxies.

Proxy can catch page.

If same user or some other user asks for that page, it can be produced from cache.

Technically, when proxies are used, two TCP connections operate in parallel; first between client and

proxy and second between proxy and web server.



Has following advantages:

o Reduce load on web servers

o Reduced response time

o Traffic monitoring can be implemented and few websites can be blocked.

o Extending Internet access to others with few ISP authenticated IPs.

o Max-forwards header: HTTP can control number of proxies that one can have in intermediate

path by using a header is called Max Forwards.

o Proxies save 20% of bandwidth utilization.

o Multiple browsers can use cached information at proxies’ gives independence of browser.

o Also can be used to provide access control.

Q. Explain Dynamic Web:

Server Side Dynamism:

Live cricket scores, stock exchange information, list of books available at a specific store, etc are kind of

information which cannot be configured beforehand and carved into web pages.

See next figure explains dynamic page delivery process.

Web page that is constructed on fly is called a dynamic web page.

Client Side Dynamism:

Users during online form filling forget to enter data to mandatory field.

Validations are needed for forms before the form is submitted to server with the aim to save bandwidth.

Can be implemented by VB scripts, CSS (Cross Site Scripting), Java and Active X controls.



Q. What is Bluetooth? Explain Bluetooth Architecture. Also explain Pairing.

Bluetooth helps connecting devices like mobile phones, digital dairies, PDAs, iPods, etc.

Bluetooth helps connecting keyboards and printers developing a PAN (personal area network) with high

security level.

Developed by Ericsson in 1994.

Replacement of RS-232 cables.

Tenth century king Harald Bluetooth of Denmark and some parts of Norway united dissonant Danish

tribes into single kingdom. Bluetooth does the same with communication protocols, uniting them into

one universal standard. So, protocol was named as Bluetooth.

In 1999, Bluetooth SIG (Special Interest Group) took over from Ericsson and started further

standardization and improvements.

Later, IEEE came up with 802.15 as PAN standard with Bluetooth as technology.

802.15 standard talks only about Physical and Data Link Layer but Bluetooth talks about all the layers.

Range is divided into 3 classes:

o Class 1: 1m

o Class 2: 10m

o Class 3: 100m

The basic unit of a Bluetooth system is a piconet, which consists of a master node and up to seven active

slave nodes within a distance of 10 meters.

Multiple piconets can exist in the same (large) room and can even be connected via a bridge node, as

shown in figure.

An interconnected collection of piconets is called a scatternet.

There can be up to 7 active nodes and 255 parked nodes in the net.

Parked?

In parked state, device cannot do anything except respond to an activation or beacon signal from the

master.

Y implemented master/slave design? Purpose is to implement complete Bluetooth chips for under 5$.

Costly master and cheap slaves.

Slaves are fairly dumb, basically just doing whatever the master tells them to do.

At its heart, a piconet is a centralized TDM system, with the master controlling the clock and

determining which device gets to communicate in which time slot.

All communication is between the master and a slave; direct slave-slave communication is not possible.

A master can send an activation beacon frame to activate a parked node.

Slaved do not talk to each other directly.

Pairing:

For pairing of two devices, exchanging songs, images, videos, etc between two communication devices.



More secured way of communication. The key is exchanged during pairing for confirmation is called

link key.

Two modes: Hidden and Discoverable.

If the mode is hidden, scanning procedure do not allow us to find out the device.

If Discoverable, we can set the timer for its state to remain discoverable and then back to hidden for

security.

Q. List down Bluetooth Application Profiles:

The 13 applications, which are called profiles, are listed in figure.

All Bluetooth devices are expected to implement given first two profiles. The remaining ones are

optional.

Generic:

o generic access profile: Its main job, provide a way to establish and maintain secure links

(channels) between the master and the slaves.

o service discovery profile: is used by devices to discover what services other devices have to

offer.



Building Block Profiles:

o serial port profile: is a transport protocol, It emulates a serial line and is especially useful for

legacy applications that expect a serial line.

o generic object exchange profile : defines a client-server relationship for moving data around,

building block for other profiles.

Networking:

o LAN access profile allows a Bluetooth device to connect to a fixed network. This profile is a

direct competitor to 802.11.

o The dial-up networking profile was the original motivation for the whole project. It allows a

notebook computer to connect to a mobile phone containing a built-in modem without wires.

o The fax profile is similar to dial-up networking, except that it allows wireless fax machines to

send and receive faxes using mobile phones without a wire between the two.

Telephony:

o Cordless telephony profile provides a way to connect the handset of a cordless telephone to the

base station.

o The intercom profile allows two telephones to connect as walkie-talkies.

o Finally, the headset profile provides hands-free voice communication between the headset and its

base station, for example, for hands-free telephony while driving a car.

Object Exchange:

o These could be business cards, pictures, or data files.

o E.g Object Push....

o And File transfer.

o The synchronization profile, in particular, is intended for loading data into a PDA or notebook

computer when it leaves home and collecting data from it when it returns.



Q. Explain the Bluetooth Protocol Stack

The Bluetooth Protocol Stack does not follow OSI model and revised by IEEE to fix 802.11.

The Physical Radio layer corresponds to the ISO physical layer and deals with radio transmission and

modulation.

The Baseband layer corresponds to MAC sublayer and some physical layer and handles how the master

control time slots.

The link manager handles establishment of logic channel (power management, authentication, QoS).

The logical link control adaptation protocol (L2CAP) shields the upper layer from lower layer

Audio and Control protocols deal with audio and control.

LLC (Logical Link Control) is inserted by IEEE to make it compatible with other 802.



RFcomm (Radio Frequency communication) emulates serial port for connecting mouse, keyboard,

modem.

Telephony protocol real-time speech, call setup and termination

The service discovery protocol is used to locate service in a network.

Each application uses a specific subset of protocols included in Applications/Profiles based on the device

it is applicable to. Eg mobile or PDA.

Q. Explain frame format of 802.15, Bluetooth.

Access code field: usually identifies the master so that slaves within radio range of two masters can tell

which traffic is for them.

Header Field has following fields:

The address field identifies which of the eight active devices the frame is intended for.

The T, type field identifies the frame type.

The F, flow bit is asserted by a slave when its buffer is full.

The A, acknowledge bit is used to piggyback an ACK.

The S, sequence bit is used to number the frames to detect retransmissions.

Data field:

it is of up to 2744 bits (for a five-slot transmission).

For a single time slot, the format is the same except that the data field is 240 bits.

Three variants are defined, permitting 80, 160, or 240 bits of actual payload, with the rest being used for

error correction.

The most reliable version is 80-bit payload.

the least reliable variant (240 bits/slot with no redundancy at this level), three full-duplex voice channels

can be supported at once.



Q. EMAIL:

• Senders and receivers are flexible to send and receive mails on their accordance.

• Synchronization:

– Spooling manage synchronization.

• Sending Process:

– When user sends mail, stored in mail servers buffers, called SPOOL.

– Mail contains information about sender, receiver, time of sent, files attached, etc.

– This process is done in background.

– Background process establish TCP connection and then transfer data from SPOOL as shown

in figure.

– The mail client (SMTP client) picks up unsent mail from mail spoofing area (outbox) and

tries to deliver it by establishing TCP connection to other end.

– Receiving Process:

– When ISP’s web mail service provider’s server receives mail, it stores mail in specific

mailbox.

– When user logs in, server delivers its content to user as shown in figure.

Q. The email system components:

• User Agent: it is what users interact with to send and receive mails.

• Message Transfer Agent: which navigates mails to their intended recipient. Establish TCP

connection using SMTP.

• Mail: envelop having data to be sent with details of communication parties and time. Have text, html

page, audio clip, video clip, etc and no limit of verities of file formats.

• SMTP has standard mechanism to handle mails defined in RFC=2821.

• See figure.

• Mailing Procedure:

– Sender’s user agent accepts mail from user and passes it on message transfer agent.

– Message Transfer Agent establishes TCP connection to message transfer agent of receiver

and sends the mail across.

– At the end, Message Transfer Agent delivers mail at the recipient’s mailbox.

• Lara & Gayle’s Example is shown in the figure.



Q. The complete mailing process:

Example: Lara & Gayle’s Communication Steps:

1. Lara invokes user agent, construct mail and click “send”.

2. User agent send mail to local mail server on ISP / SMTP mail server.

3. Mail server now gets connected to OBS.com using TCP connection.

4. OBS.com receives and stores it in buffer until Gayle is online.

5. Once, Gayle is online, OBS.com transfer’s mail to Gayle’s user agent..

6. OBC.com invokes user agent so that Gayle can open mail.

Q. Mailboxes, Mail Aliases and Alias Expansion:

• Mailbox: Mails are stored in mailbox.

• Alias : Recipient who gets the mail, specified by sender is known as Alias.

• Alias Expansion: A single mail address sometimes is converted to a list and visa versa. Eg. Sending

group mails or Forwarding.

• Eg. [email protected], before @ is mailbox and after @ is domain.

• See figure

• Sometimes two or more mail id’s are synchronized to single mail. How it is handled is shown in 2nd

figure.

• Mail sent to a group can also make it reach them all individually, service of group provided by yahoo

and gmail.

• This is handled by webmail service provide, eg. Gmail, yahoo, etc.

• See 3rd

figure.

mailto:[email protected]



Alias expansion while sending:

Alias expansion while receiving:

Alias expansion in web mail:



Q. User Agent:

• Lets the users interact with mail system.

• Most users are GUI.

• Types of User Agent:

– Based on API called Mail API (MAPI), used by languages like VB and Java.

– Plain vanilla text, used with UNIX, mobile phones.

• With user agents, user can:

– Compose mail

– Read subject lines of incoming mails

– Read content

– Reply to message

– Forward a message

– Additional support of vocational response, signature text, normal and blind copies, etc.

– Manage mail addresses in address book.

– Perform spell check

– Search mail

– Create different folders and add filters

– Run anti spamming filter that automatically diverts potential spam to special folders.

Q. Internet Mail Standard for Mail Content : RFC 2822:

• All internet standards are uniquely identified by RFC : Recommended for Comments.

• Previous standard was 822 and updated one is 2822.

• Has two parts same as envelops:

– Header

– Body

• Very similar to HTTP protocol.

• Some headers are compulsory where as some are not. Some headers are hidden(security reasons)

where as some are not.

• The text is universally represented as ASCII format and UNICODE.

• Both the figures explain difference between both the mail type (email and post mails).



conventional mail Example with the Email format

From:

Lara Brian

ABC ICT

Ahmedabad

To:

Gayle Chris

OBS

Content description Example of content Name of content

Sender’s and

Receiver’s mail address

[email protected]

[email protected]

Envelope

From:

Lara Brian

To:

Gayle Chris

Sender’s and

Receiver’s name

Prof. Lara Brian

Gayle Chris

Header The message

Dear Gayle,

Here is second book

Regards

Lara

The content of the message Dear Gayle,

Here is second book

Regards

Lara

Body

Q. SMTP:

• SMTP (Simple Mail Transfer Protocol).

• Procedure:

– E-mail is delivered by having the source machine establish a TCP connection to port 25 of

the destination machine.

– Then calls for SMTP.

– Then accepts incoming connections and copies messages from them into the appropriate

mailboxes.

– If a message cannot be delivered, an error report containing the first part of the undeliverable

message is returned to the sender.

• SMTP is a simple ASCII protocol.

• Especially used for chatting.

– Waits for the receiving machine, operating as the server, to talk first.

– The server starts by sending a line of text giving its identity and telling whether it is prepared

to receive mail.

– If it is not, the client releases the connection and tries again later.

– If the server is willing to accept e-mail, the client announces whom the e-mail is coming from

and whom it is going to.

– If such a recipient exists at the destination, the server gives the client the go-ahead to send the

message.



– Then the client sends the message and the server acknowledges it.

– No checksums are needed because TCP provides a reliable byte stream.

– When all the e-mail has been exchanged in both directions, the connection is released.

– The first command from the client is indeed HELO.

– the message is sent to only one recipient, so only one RCPT command is used.

– Using ASCII text makes the protocols easy to test and debug.

Example: Client Server Communication SMTP:

S: 220 OBS.com SMTP server ready

C: HELO abcict.orgS: 250 Hello OBS.com, I am glad to meet you

C: MAIL FROM:[email protected]

S: 250 OkC: RCPT TO:[email protected]

S: 250 OkC: RCPT TO:[email protected]

S: 250 Ok

C: RCPT TO:[email protected]

S: 550 No such user hereC: DATA

S: 354 End data with <CR><LF>.<CR><LF>

C: From: "LARA Brian" < [email protected] >

C: To: “Gayle Chris” [email protected]

C: Cc: [email protected]

C: Subject: The Second Book

C: Hello Gayle.

C: I will soon send you the second Book.

C: regards

C: Lara

C: .

S: 250 Ok:

C: QUIT

S: 221 Bye {The server closes the connection}

Disadvantages of SMTP:

1. One problem relates to message length. Some older implementations cannot handle messages

exceeding 64 KB.

2. Another problem relates to timeouts. If the client and server have different timeouts, one of them

may give up while the other is still busy, unexpectedly terminating the connection.

3. Infinite mail-storms can be triggered. For example, if host 1 holds mailing list A and host 2 holds

mailing list B, generate a never-ending amount of e-mail traffic unless somebody checks for it.

Solution? Extended SMTP (ESMTP) has been defined in RFC 2821. Clients wanting to use it should send

an EHLO message instead of HELO initially.

Q. Internet Mail Types: (IMT):

• IMT is used by MIME. Y?

– SMTP used 7bit characters to transfer only text.

– But users required to send images, audio, video, executable files, zip files, etc.

– Problem? Yes / No?

– Solution? IMT.

• Procedure?

– Files that are not text, can be represented by binary values.

– On both ends, data interpretation is done based on different applications specified in header.

– Header specify which type the file is.









– Eg. Binary file given to MS-Word is different from WinZip or Gzip.

• Thus, once MIME is applied, mail supports all file types transmission on mail.

• It’s a two part identifier for file formats on internet.

• Two parts:

– Type

– Sub type

• Originally defined for SMTP but used with HTTP, RTP(Real Time Protocol), SIP(Session Initiation

Protocol), etc. used with VoIP for using internet as telephone.

Example of Internet Media Types :

From: [email protected]

To: [email protected]

Date: Thu, 29 APR 2010 16:02:43 -0500

MIME-Version: 1.0

Content-Type: image/jpeg

Content-Transfer-Encoding: base64

< a blank line>

………..binary data for the image in text form………

Type and meaning:

Content Type Meaning

text Text information, i.e. a notepad file.

image A photograph or graphics

audio Recorded sound.

video Recorded video.

application A binary file like a Word doc.

multipart Message divided in multiple parts, each with different type of data

message A forwarded email or a reference link

X–…. Non-standard header.

Q. POP3 and IMAP:

Overview:

• Delete mail is default in POP3

• IMAP can have multiple mailboxes

• IMAP allows partial mail download

• IMAP allows access by features and content

• IMAP allows message status to be informed

• IMAP is more complicated

• Webmails provide everything that IMAP provides

POP3:

• One needs to run mail client on his desktop. POP3 and IMAP mail clients are used for this purpose.

• User need two protocols to enable mailing:

– SMTP client is required to send mails to SMTP servers.

– POP3 or IMAP is required to receive mails.

• POP3 (Post Office Protocol Version 3), is described in RFC 1939.

• POP3 begins when the user starts the mail reader.




• The mail reader calls up the ISP (unless there is already a connection) and establishes a TCP

connection with the message transfer agent at port 110.

• Once the connection has been established, the POP3 protocol goes through three states in sequence:

– Login/Authorization: authorization state deals with having the user log in.

– Mail Transfer To Receiver and Sender: transaction state deals with the user collecting the e-

mails and marking them for deletion from the mailbox.

– Update: update state actually causes the e-mails to be deleted.

• Dis-advantage: By defualt, POP3 server deletes all mails that are copied to desktop to reduce storage

requirement of servers.

• So, they when user reads mails at Ahmedabad, cannot read it once in Delhi.

IMAP:

• Disadvantage of POP3: it normally downloads all stored messages at each contact, the result is that

the user's e-mail quickly gets spread over multiple machines.

• This disadvantage gave rise to an alternative final delivery protocol, IMAP (Internet Message Access

Protocol), which is defined in RFC 2060.

• IMAP provides mechanisms for creating, destroying, and manipulating multiple mailboxes on the

server.

• IMAP assumes that all the e-mail will remain on the server indefinitely in multiple mailboxes.

• Useful when using a slow modem (or mobiles) to read the text part of a multipart message with large

audio and video attachments and reading only subject.

• The comparison is given in the next figure.

POP3/IMAP:

Q. Webmail:

• Desktop email client is not required here.

• Eg. Gmail, Yahoo, Hotmail.

• One can access mails his mails using an computer which has Internet Connection.

• Webmail is location independent.

• Process:

– User types [email protected], recipients mail address.

– Webmail tries to get MX record for abcict.org first.

– Webmail queries DNS server search for abcict.org ‘s IP Address.

– Once, IP Address obtained, SMTP client establishes TCP connection to server.

– Then authentication is done.

– Once authenticated, using POP3 or IMAP server, mails are transferred to user agents.

• The difference lies here.

• Webmails reformats plain text into html pages before sending them to users.




University Question List:

1. Explain the role of SMTP and POP3 in mail transfer from sender to receiver in brief. [3]

2. What is resource record? Explain 3 DNS resource record types. [4]

3. Full form of MIME and IMAP.[2]

4. Explain why zones are required in DNS. [3]

5. What is the requirement of protocols like POP3 and IMAP when SMTP delivers mail to receiver?[3]

6. What is name resolution in DNS? What are the two types of name resolution? [3]

7. What is the need of DNS in internet?[1]

8. What is the need of MIME?[1]

9. What are the limitations of POP3? How does IMAP differ from POP3? [4]

10. Justify with suitable example: “DNS is hierarchical domain based naming scheme.” [3]

Chapter 9: The Application Layer · • Proxy: the local DNS servers ack like a proxy to the...

Documents

Transcript of Chapter 9: The Application Layer · • Proxy: the local DNS servers ack like a proxy to the...