Introduction 1-1

Reti di calcolatori e Sicurezza-- Application Layer ---

Part of these slides are adapted from the slides of the book:Computer Networking: A Top Down Approach Featuring the Internet,

2nd edition. Jim Kurose, Keith Ross

Addison-Wesley, July 2002. (copyright 1996-2002

J.F Kurose and K.W. Ross, All Rights Reserved)

Introduction 1-2

Chapter 2: Application LayerOur goals: conceptual,

implementation aspects of network application protocols transport-layer

service models client-server

paradigm peer-to-peer

paradigm

learn about protocols by examining popular application-level protocols HTTP FTP SMTP / POP3 / IMAP DNS

programming network applications socket API

Introduction 1-3

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP (facoltativo)

2.7 Socket programming with UDP (facoltativo)

2.8 Building a Web server (facoltativo)

2.9 Content distribution (self study) Network Web caching Content distribution

networks P2P file sharing

Introduction 1-4

Applicazioni

Applicazioni di rete Insieme di processi

distribuiti: sono in esecuzione su di un host connesso in rete

Cooperano tramite scambio di messaggi

e.g., email, file transfer, P2P file sharing, IM, Web,

Protocolli del livello delle applicazioni Una componente delle

applicazioni di rete Definiscono la struttura dei

msg Richieste di servizio ai livelli

inferiori

application

transportnetworkdata linkphysical

application

transportnetworkdata linkphysical

application

transportnetworkdata linkphysical

Introduction 1-5

Protocolli livello applicazioni

Tipo dei msg scambiati

Sintassi dei msg Semantica header

dei msg Regole di

elaborazione

Public-domain protocols:

RFC Interoperability

HTTP, SMTP

Proprietary protocols: KaZaA

Introduction 1-6

Terminologia comune

user agent: interfaccia tra le applicazioni di rete ed i protocolli di comunicazione del livello delle applicazioni. Web:browser E-mail: mail reader App. audio/video: player

Introduction 1-7

Il modello Client - Server

Si identificano due componenti: client e server

application

transportnetworkdata linkphysical

application

transportnetworkdata linkphysical

Client: Connette al server (“speaks

first”) Effettua la richiesta del

servizio, E.g. Web: cliente è il browser;

e-mail: cliente è il mail readerServer: Fornisce un certo numero di

servizi (in risposta alle richieste del cliente)

Web server invia le pagine richieste

request

reply

Introduction 1-8

Processes communicating across network

process sends/receives messages to/from its socket

socket analogous to door sending process shoves

message out door sending process asssumes

transport infrastructure on other side of door which brings message to socket at receiving process

process

TCP withbuffers,variables

socket

host orserver

process

TCP withbuffers,variables

socket

host orserver

Internet

controlledby OS

controlled byapp developer

API: (1) choice of transport protocol; (2) ability to fix a few parameters (lots more on this later)

Introduction 1-9

Addressing processes: For a process to receive

messages, it must have an identifier

Every host has a unique 32-bit IP address

Q: does the IP address of the host on which the process runs suffice for identifying the process?

Answer: No, many processes can be running on same host

Identifier includes both the IP address and port numbers associated with the process on the host.

Example port numbers: HTTP server: 80 Mail server: 25

More on this later

Introduction 1-10

Quali sono I requisiti di servizio delle applicazioni di reteData loss Alcune app. (e.g., audio)

possono tollerare la perdita di dati

Altre app. (e.g., file transfer, telnet) richiedono il 100% di affidabilità nella trasmissione dei dati

Timing App (e.g., Internet

telephony) non possono ammettere dei ritardi nella trasmissione dei datiBandwidth

Alcune app. (e.g., multimedia) richiedono di avere almeno un determinato livello di banda per poter operare

Altre applicazioni (“elastic apps”) non fanno richieste sulla banda di trasmissione

Introduction 1-11

Requisiti applicazioni

Application

file transfere-mail

Web documentsreal-time audio/video

stored audio/videointeractive gamesinstant messaging

Data loss

no lossno lossno lossloss-tolerant

loss-tolerantloss-tolerantno loss

Bandwidth

elasticelasticelasticaudio: 5kbps-1Mbpsvideo:10kbps-5Mbpssame as above few kbps upelastic

Time Sensitive

nononoyes, 100’s msec

yes, few secsyes, 100’s msecyes and no

Introduction 1-12

I servizi di trasporto

TCP: connection-oriented:

richiede una fase di inizializzazione

affidabile Controllo del flusso e della

congestione Non fornisce: timing, e un

livello minimo di banda

UDP: Non affidabilie No controllo del

flusso e della congestione

D: Come mai esiste UDP?

Introduction 1-13

Internet apps: application, transport protocols

Application

e-mailremote terminal access

Web file transfer

streaming multimedia

Internet telephony

Applicationlayer protocol

SMTP [RFC 2821]Telnet [RFC 854]HTTP [RFC 2616]FTP [RFC 959]proprietary(e.g. RealNetworks)proprietary(e.g., Dialpad)

Underlyingtransport protocol

TCPTCPTCPTCPTCP or UDP

typically UDP

Introduction 1-14

Seminari approfondimento

2004: QoS 2004: Teleconferenze

Introduction 1-15

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP

2.7 Socket programming with UDP

2.8 Building a Web server

2.9 Content distribution Network Web caching Content distribution

networks P2P file sharing

Introduction 1-16

Web and HTTP

First some jargon Web page consists of objects Object can be HTML file, JPEG image, Java

applet, audio file,… Web page consists of base HTML-file which

includes several referenced objects Each object is addressable by a URL Example URL:

www.someschool.edu/someDept/pic.gif

host name path name

Introduction 1-17

HTTP overview

HTTP: hypertext transfer protocol

Web’s application layer protocol

client/server model client: browser that

requests, receives, “displays” Web objects

server: Web server sends objects in response to requests

HTTP 1.0: RFC 1945 HTTP 1.1: RFC 2068

PC runningExplorer

Server running

Apache Webserver

Mac runningNavigator

HTTP request

HTTP request

HTTP response

HTTP response

Introduction 1-18

HTTP overview (continued)

Uses TCP: client initiates TCP

connection (creates socket) to server, port 80

server accepts TCP connection from client

HTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server)

TCP connection closed

HTTP is “stateless” server maintains no

information about past client requests

Protocols that maintain “state” are complex!

past history (state) must be maintained

if server/client crashes, their views of “state” may be inconsistent, must be reconciled

aside

Introduction 1-19

HTTP connections

Nonpersistent HTTP At most one object is

sent over a TCP connection.

HTTP/1.0 uses nonpersistent HTTP

Persistent HTTP Multiple objects can

be sent over single TCP connection between client and server.

HTTP/1.1 uses persistent connections in default mode

Introduction 1-20

Nonpersistent HTTPSuppose user enters URL www.someSchool.edu/someDepartment/home.index

1a. HTTP client initiates TCP connection to HTTP server (process) at www.someSchool.edu on port 80

2. HTTP client sends HTTP request message (containing URL) into TCP connection socket. Message indicates that client wants object someDepartment/home.index

1b. HTTP server at host www.someSchool.edu waiting for TCP connection at port 80. “accepts” connection, notifying client

3. HTTP server receives request message, forms response message containing requested object, and sends message into its socket

time

(contains text, references to 10

jpeg images)

Introduction 1-21

Nonpersistent HTTP (cont.)

5. HTTP client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects

6. Steps 1-5 repeated for each of 10 jpeg objects

4. HTTP server closes TCP connection.

time

Introduction 1-22

Response time modeling

Definition of RRT: time to send a small packet to travel from client to server and back.

Response time: one RTT to initiate TCP

connection one RTT for HTTP request

and first few bytes of HTTP response to return

file transmission timetotal = 2RTT+transmit time

time to transmit file

initiate TCPconnection

RTT

requestfile

RTT

filereceived

time time

Introduction 1-23

Persistent HTTP

Nonpersistent HTTP issues: requires 2 RTTs per object OS must work and allocate

host resources for each TCP connection

but browsers often open parallel TCP connections to fetch referenced objects

Persistent HTTP server leaves connection

open after sending response

subsequent HTTP messages between same client/server are sent over connection

Persistent without pipelining: client issues new request

only when previous response has been received

one RTT for each referenced object

Persistent with pipelining: default in HTTP/1.1 client sends requests as

soon as it encounters a referenced object

as little as one RTT for all the referenced objects

Introduction 1-24

Non Persistente vs persistente

Introduction 1-25

Persistente: non pipeling vs pipeling

Introduction 1-26

HTTP request message

two types of HTTP messages: request, response

HTTP request message: ASCII (human-readable format)

GET /somedir/page.html HTTP/1.1Host: www.someschool.edu User-agent: Mozilla/4.0Connection: close Accept-language:fr

(extra carriage return, line feed)

request line(GET, POST,

HEAD commands)

header lines

Carriage return, line feed

indicates end of message

Introduction 1-27

HTTP request message: general format

Introduction 1-28

Uploading form input

Post method: Web page often

includes form input Input is uploaded to

server in entity body

URL method: Uses GET method Input is uploaded in

URL field of request line:

www.somesite.com/animalsearch?monkeys&banana

Introduction 1-29

Method types

HTTP/1.0 GET POST HEAD

asks server to leave requested object out of response

HTTP/1.1 GET, POST, HEAD PUT

uploads file in entity body to path specified in URL field

DELETE deletes file specified

in the URL field

Introduction 1-30

HTTP response message

HTTP/1.1 200 OK Connection closeDate: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html data data data data data ...

status line(protocol

status codestatus phrase)

header lines

data, e.g., requestedHTML file

Introduction 1-31

HTTP response status codes

200 OK request succeeded, requested object later in this

message

301 Moved Permanently requested object moved, new location specified later

in this message (Location:)

400 Bad Request request message not understood by server

404 Not Found requested document not found on this server

505 HTTP Version Not Supported

In first line in server->client response message.A few sample codes:

Introduction 1-32

Trying out HTTP (client side) for yourself

1. Telnet to your favorite Web server:

Opens TCP connection to port 80(default HTTP server port) at www.eurecom.fr.Anything typed in sent to port 80 at www.eurecom.fr

telnet www.eurecom.fr 80

2. Type in a GET HTTP request:

GET /~ross/index.html HTTP/1.0 By typing this in (hit carriagereturn twice), you sendthis minimal (but complete) GET request to HTTP server

3. Look at response message sent by HTTP server!

Introduction 1-33

esercizio

Come si fa a far rispondere al server

301 Moved Permanently requested object moved, new location

specified later in this message (Location:)

Introduction 1-34

User-server interaction: authorization

Authorization : control access to server content

authorization credentials: typically name, password

stateless: client must present authorization in each request authorization: header line in

each request if no authorization: header,

server refuses access, sendsWWW authenticate:

header line in response

client server

usual http request msg401: authorization req.

WWW authenticate:

usual http request msg

+ Authorization: <cred>usual http response

msg

usual http request msg

+ Authorization: <cred>usual http response

msg

time

Introduction 1-35

Cookies: keeping “state”

Many major Web sites use cookies

Four components:1) cookie header line in

the HTTP response message

2) cookie header line in HTTP request message

3) cookie file kept on user’s host and managed by user’s browser

4) back-end database at Web site

Example: Susan access Internet

always from same PC She visits a specific e-

commerce site for first time

When initial HTTP requests arrives at site, site creates a unique ID and creates an entry in backend database for ID

Introduction 1-36

Cookies: keeping “state” (cont.)

client server

usual http request msgusual http response

+Set-cookie: 1678

usual http request msg

cookie: 1678usual http response

msg

usual http request msg

cookie: 1678usual http response msg

cookie-specificaction

cookie-spectificaction

servercreates ID

1678 for user

entry in backend

database

access

acce

ss

Cookie file

amazon: 1678ebay: 8734

Cookie file

ebay: 8734

Cookie file

amazon: 1678ebay: 8734

one week later:

Introduction 1-37

Cookies (continued)

What cookies can bring:

authorization shopping carts recommendations user session state

(Web e-mail)

Cookies and privacy: cookies permit sites to

learn a lot about you you may supply name

and e-mail to sites search engines use

redirection & cookies to learn yet more

advertising companies obtain info across sites

aside

Introduction 1-38

Conditional GET: client-side caching

Goal: don’t send object if client has up-to-date cached version

client: specify date of cached copy in HTTP requestIf-modified-since:

<date> server: response contains

no object if cached copy is up-to-date: HTTP/1.0 304 Not

Modified

client server

HTTP request msgIf-modified-since:

<date>

HTTP responseHTTP/1.0

304 Not Modified

object not

modified

HTTP request msgIf-modified-since:

<date>

HTTP responseHTTP/1.0 200 OK

<data>

object modified

Introduction 1-39

Seminari

2004: Cookies Tipi di autenticazione su web Gestione sessioni in http Web services

Introduction 1-40

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP

2.7 Socket programming with UDP

2.8 Building a Web server

2.9 Content distribution Network Web caching Content distribution

networks P2P file sharing

Introduction 1-41

ftp: file transfer protocol

Funzionalità: trasferimento di dati (files) da/per il sistema remoto

Architettura software: client/server client: il sistema che attiva il trasferimento server: il sistema remoto

ftp: RFC 959 ftp server: port 21

file transfer FTPserver

FTPuser

interface

FTPclient

File system locale

Sistema remoto

user

Introduction 1-42

FTP: separate control, data connections

FTP client contacts FTP server at port 21, specifying TCP as transport protocol

Client obtains authorization over control connection

Client browses remote directory by sending commands over control connection.

When server receives a command for a file transfer, the server opens a TCP data connection to client

After transferring one file, server closes connection.

FTPclient

FTPserver

TCP control connection

port 21

TCP data connectionport 20

Server opens a second TCP data connection to transfer another file.

Control connection: “out of band”

FTP server maintains “state”: current directory, earlier authentication

Introduction 1-43

FTP commands, responses (PROVATELI!!)

Sample commands: sent as ASCII text over

control channel USER username PASS password LIST return list of file in

current directory RETR filename retrieves

(gets) file STOR filename stores

(puts) file onto remote host

Sample return codes status code and phrase

(as in HTTP) 331 Username OK,

password required 125 data connection

already open; transfer starting

425 Can’t open data connection

452 Error writing file

Introduction 1-44

Seminari

Server/client ftp in Java

Introduction 1-45

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP

2.7 Socket programming with UDP

2.8 Building a Web server

2.9 Content distribution Network Web caching Content distribution

networks P2P file sharing

Introduction 1-46

Strumenti per l’interazione fra utenti: la posta elettronica Caratteristiche:

velocità versatilità economicità Indipendenza dal tempo

e dallo spazio

Introduction 1-47

Posta elettronica:gli strumenti necessari Mailbox (casella postale) indirizzo posta elettronica

PC connesso ad Internetprogramma “client” sul PC

Introduction 1-48

La MailboxLa Mailbox

Normalmente risiede su un calcolatore potente e sempre connesso alla rete

Ha associato un indirizzo di posta elettronica

•E’ il contenitore elettronico dei messaggi ricevuti

Introduction 1-49

Un applicativo di rete: la posta elettronica

La posta elettronica (e-mail) consente di spedire messaggi ad altri utenti connessi ad Internet.

I messaggi sono tipicamente preparati con programmi di videoscrittura.

Ad essi possono essere allegati video e/o audio.

Gli indirizzi hanno la forma del seguente esempio:

dcurtin@interserve.com

nome utente nome dominioseparatore

Introduction 1-50

Clienti di posta elettronica

Eudora, Microsoft Outlook, Netscape messager, Pine, Rmail …

Comunicano con il server mediante il protocollo SMTP

Funzionalità Risposta Inoltro Archiviazione e recupero messaggi Reindirazzamento Vacation

Introduction 1-51

Tecnica store-and-forward

• alice@domain.com manda un messaggio di posta elettronica a davide@domain.com.

•Il messaggio viene depositato sul server di posta di domain.com.

•Il messaggio viene recapitato al destinario solo quando questo si collega al sistema.

Introduction 1-52

Tecnica store-and-forward

Introduction 1-53

Tecnica store-and-forward• alice@domain.com manda un messaggio di

posta elettronica a bob@anotherdomain.com

•Il messaggio viene inviato dal server di posta di domain.com al server di posta di anotherdomain.com

•Come nel caso precedente, il messaggio viene recapitato al destinario solo quando questo si collega al sistema

•Quindi la tecnica scala facilmente

Introduction 1-54

Funzioni del servizio: lettura dei messaggiFunzioni del servizio: lettura dei messaggi

• Protocollo POP3

• Username + password

• Trasferimento messaggi sul PC

e successiva lettura

Introduction 1-55

Funzioni del servizio: spedizione dei messaggiFunzioni del servizio: spedizione dei messaggi

Mail da spedire

(indirizzo, subject, testo)

(SMTP)

INTERNETINTERNET

(SMTP)

Introduction 1-56

E-Mail: smtp [RFC 821]

Basato su tcp per avere un trasferimento affidabile delle mail, la porta 25 è la porta di default

Trasferimento diretto tra i server coinvolti effettuato in tre passi denominati: handshaking (greeting) transfer closure

Modalità di interazione: command/response command: testo in formato ASCII response: status code e testo

Messaggi sono codificati in 7-bit ASCII

Introduction 1-57

Scenario: Alice e Bob 1) Alice vuole inviare una e-

mail a bob@someschool.edu

2) Messsaggio è inserito nella coda del mail server

3) SMTP (lato cliente) apre una connessione TCP con il mail server di Bob

4) SMTP (lato cliente) trasmette il messaggio di Alice sulla connessione TCP

5) Il mailserver di Bob memorizza il messaggio nella mailbox di Bob

6) Bob legge il messaggio tramite il suo user agent

useragent

mailserver

mailserver user

agent

1

2 3 4 56

Introduction 1-58

Esempio di interazione smtp S: 220 hamburger.edu C: HELO crepes.fr S: 250 Hello crepes.fr, pleased to meet you C: MAIL FROM: <alice@crepes.fr> S: 250 alice@crepes.fr... Sender ok C: RCPT TO: <bob@hamburger.edu> S: 250 bob@hamburger.edu ... Recipient ok C: DATA S: 354 Enter mail, end with "." on a line by itself C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 hamburger.edu closing connection

Introduction 1-59

Piccole esercitazione:

telnet server_di_posta 25 220 reply from server Digitare i comandi HELO, MAIL FROM, RCPT

TO, DATA, QUIT

Introduction 1-60

smtp

smtp utilizza connessioni persistenti

Smtp: formato dei messaggi (header & body) in 7-bit ascii

Caratteri non permessi (e.g., CRLF.CRLF). Codifica dei messaggi (in base-64 o quoted printable)

smtp server: utilizza CRLF.CRLF per indicare la fine del msg

Smtp vs http http: pull email: push

Interazione ASCII di tipo command/response + status codes

http: ogni oggetto è incapsulato nella risposta

smtp: multipart message con oggetti multipli (eg attachment)

Introduction 1-61

Seminari

MIME,smime,etc

Introduction 1-62

POP3-IMAP4

Introduction 1-63

Accesso alla posta

Esistono diversi protocolli per costruire una infrastruttura distribuita per la gestione delle email. I piu’ diffusi sono: POP3 - Post Office Protocol versione 3

• Protocollo molto ‘vecchio’ quindi molto diffuso• Semplice• Gestisce la posta in “locale”: scarica i messaggi!

IMAP4 - Internet Message Access Protocol (ver 4)• Piu’ complesso del POP3• Permette la gestione delle mailbox remote come se

fossero locali

Introduction 1-64

POP3

Funziona con paradigma client-server Supporta le funzioni di base per il

recupero della posta elettronica da mailbox remota Download Delete

Introduction 1-65

Come funziona

Il client POP3 si connette tramite TCP alla porta 110 del server

Il server POP3 risponde con messaggio di benvenuto La sessione entra nello stato di autenticazione

Il client manda la sua idetificazione (user-id e password) Se il server riconosce il client si entra nello stato di

transazione Il client puo’ accedere alla mailbox

Quando il client esegue il comando quit si entra nello stato update e la connessione e’ chiusa

Introduction 1-66

IMAP4

Supporta i modelli di posta elettronica Off-line (POP3): il client si connette periodicamente

al server e scarica i messaggi (processati localmente)

On-line il client esegue delle modifiche sul server (accesso tramite protocollo di file system remoto NFS)

Disconnected: (modo “ibrido”) il client si connette al server, scarica i messaggi, li processa localmente e poi li aggiorna sul server

Connessione su porta 143

Introduction 1-67

POP3

authorization phase client:

user: username pass: password

Server: +OK -ERR

transaction phase, client: list: list (message

numbers) retr: retrieve message dele: delete quit

C: list S: 1 498 S: 2 912 S: . C: retr 1 S: <message 1 contents> S: . C: dele 1 C: retr 2 S: <message 1 contents> S: . C: dele 2 C: quit S: +OK POP3 server signing off

S: +OK POP3 server ready C: user alice S: +OK C: pass hungry S: +OK user successfully logged on

Introduction 1-68

Confronto POP3-IMAP4 POP3= recupero su richiesta verso un singolo client IMAP4= accesso interattivo a piu’ mailbox da piu’ client Vantaggi filosofia POP3:

Uso minimo del tempo di connessione. Uso minimo delle risorse del server.

Vantaggi filosofia IMAP4: Possibilita’ di usare diversi computer in tempi diversi Possibilita’ di usare macchine con client “senza-dati” (nei

laboratori). Accesso indipendente dalla piattaforma Accesso concorrente a mailbox condivise.

Introduction 1-69

Posta elettronica: e-mail

Per lo scambio di messaggi elettronici Un messaggio contiene:

Uno o più destinatari nel campo TO Destinatari per conoscenza (CC) Destinatari per conoscenza “in incognito”

(BCC) Subject: tema del messaggio Testo del messaggio Eventuali allegati

Introduction 1-70

Convenzioni e netiquette

Comunicazione di stati d’animo con le faccette: (emoticons):-) sorridente e scherzoso ;-) malizioso:-( triste :-I indifferente:-> sarcastico >:-> diabolico:-/ perplesso :-D sorpreso:-O molto sorpreso >;-> ammiccante e diabolico

Usare lettere maiuscole equivale ad URLARE

Introduction 1-71

Il lingo

AFAIK As Far As I Know AKA Also Known As BBIAB Be Back in a Bit BBIAF Be Back in a Few BBL Be Back Later BFN Bye For Now BTW By The Way CID Consider It Done CIO Check It Out CUL8R See You Later FYA For Your Amusement FYI For Your Information GTSY Glad To See Ya

GYPO Get Your Pants Off IMO In My Opinion IOW In Other Words IRL In Real Life KIT Keep In Touch MOTD Message Of The Day POV Point of View RSN Real Soon Now RTM Read The Manual TIA Thanks in Advance TX Thanks TYVM Thank You Very Much WB Welcome Back

Introduction 1-72

AttachmentsAttachments

• tecnica per spedire via E-mail

ogni tipo di file

• codifica e decodifica automatiche con i

migliori client

• limitare dimensione (< 1 mb)

Introduction 1-73

MIME: multimedia extensions MIME: multimedia mail extension, RFC 2045, 2056 Campi addizionali presenti per la dichiarazione dei

MIME content type

From: alice@crepes.fr To: bob@hamburger.edu Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Type: image/jpeg

base64 encoded data ..... ......................... ......base64 encoded data

Dati multimedialitype, subtype,

parameter

Metodo di codifica

MIME version

Dati codificati

Introduction 1-74

MIME typesContent-Type: type/subtype; parameters

Text subtypes: plain, html

Image subtypes: jpeg, gif

Audio subtypes: basic (8-bit

coding), 32kadpcm (32 kbps coding)

Video subtypes: mpeg, quicktime

Applications Invocate per rendere

“viewable” questi tipi

subtypes: msword, octet-stream

Introduction 1-75

Multipart Type MessageFrom: alice@crepes.fr To: bob@hamburger.edu Subject: Picture of yummy crepe. MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=98766789 --98766789Content-Transfer-Encoding: quoted-printableContent-Type: text/plain

Dear Bob, Please find a picture of a crepe.--98766789Content-Transfer-Encoding: base64Content-Type: image/jpeg

base64 encoded data ..... ......................... ......base64 encoded data --98766789--

Introduction 1-76

Return-Path: <fancello@sci.unich.it> Received: from phobos.unich.it (phobos.unich.it [192.167.13.101]) by gotham.sci.unich.it (8.12.8/8.12.8) with ESMTP id i8GAZMaS011065 for <bista@sci.unich.it>; Thu, 16 Sep 2004 12:35:23 +0200 Received: from phobos.unich.it (phobos.unich.it [127.0.0.1]) by phobos.unich.it (8.12.5/8.12.8) with ESMTP id i8GAZ7Rv024306 for <bista@sci.unich.it>; Thu, 16 Sep 2004 12:35:07 +0200 Received: from sci111.sci.unich.it ([192.167.92.11]) by phobos.unich.it (MailMonitor for SMTP v1.2.2 ) ; Thu, 16 Sep 2004 12:35:06 +0200 (CEST) Message-ID: <001801c49bd8$b54118c0$0b5ca7c0@sci.unich.it> From: "Maura Fancello" <fancello@sci.unich.it> To: "stefano Bistarelli" <bista@sci.unich.it> References: <000801c3d5fd$56b8ce20$0b5ca7c0@sci.unich.it>

<6c7301c49bd0$23e50150$bd603092@iit.cnr.it> Subject: Re: lavagna luminosa e proiettore Date: Thu, 16 Sep 2004 12:34:10 +0200 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0015_01C49BE9.77729620" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Antivirus: Scanned by F-Prot Antivirus (http://www.f-prot.com) X-Antivirus-Summary: Mod score: 0 X-Antivirus: Scanned by F-Prot Antivirus (http://www.f-prot.com) X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on gotham.sci.unich.it X-Spam-Level: X-Spam-Status: No, hits=-4.8 required=3.0 tests=BAYES_00,HTML_MESSAGE autolearn=no version=2.63

Introduction 1-77

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP

2.7 Socket programming with UDP

2.8 Building a Web server

2.9 Content distribution Network Web caching Content distribution

networks P2P file sharing

Introduction 1-78

Domain Name Server (DNS)Domain Name Server (DNS)

158.110.1.2

158.110.1.7130.186.1.53

193.207.87.1

pluto.sci.unich.it ?192.167.92.33 !

Introduction 1-79

ad ogni risorsa TCP/IP può essere assegnato un nome simbolicosono necessari: un metodo per associare il nome simbolico di una

macchina all’indirizzo (o agli indirizzi) IP: risoluzione diretta

un metodo per associare ad un indirizzo IP al nome simbolico della macchina: risoluzione inversa

Domain Name System (DNS) definito presso ISI - USC 1984 RFC 882, RFC 883, RFC 973 (obsolete) RFC 1034, RFC 1035, RFC 1123, RFC 1537, RFC 1912

DNS: le funzioni

Introduction 1-80

Un po’ di storia

Ai tempi di ARPANET esisteva in ogni sistema opertivo un unico file, hosts.txt, che elencava tutti gli host e i loro indirizzi IP. Ogni notte tutti gli host della rete lo copiavano dal sito in cui era mantenuto

Quando la rete comprendeva solo qualche centinaio di grosse macchine questo approccio funzionava bene; quando la rete crebbe venne inventato il servizio DNS (Domain Name Server), definito nei documenti RFC 1034 e 1035

Introduction 1-81

DNS: caratteristiche principali

database distribuito basato sul modello client/server tre componenti principali:

• spazio dei nomi e informazioni associate (Resource Record - RR)• nameserver (application server che mantiene i dati)• resolver (client per l’interrogazione del nameserver)

accesso veloce ai dati (database in memoria centrale e meccanismo di caching)

Introduction 1-82

Esempio

Hostscheltenham.cs.princeton.edu 192.12.69.17

192.12.69.17 80:23:A8:33:5B:9F Files

/usr/llp/tmp/foo (server, fileid)

Users Stefano Bistarelli bista@sci.unich.it

Introduction 1-83

Esempio Mailboxes

Nameserver

Mailprogram

User

TCP

IP

2cs.princeton.edu

192.12.69.53

user @ cs.princeton.edu1

192.12.69.5 4

192.12.69.5 5

Introduction 1-84

Lo spazio dei nomi lo spazio dei nomi è organizzato secondo il modello

gerarchico:• il database del DNS ha una struttura logica “ad albero rovesciato”• ciascun nodo dell’albero rappresenta un dominio• ogni dominio può essere suddiviso in altri domini: sottodomini• ogni nodo ha una etichetta che lo identifica rispetto al padre

La radice dell'albero è unica, e la sua etichetta è vuota. In certi casi si indica anche come “.”

struttura dello spazio dei nomi:• domini generali (gTLD)• domini nazionali (ccTLD)• domini per la risoluzione inversa (arpa)

Introduction 1-85

DNS

Gerarchia di naming

edu com

princeton … mit

cs ee

ux01 ux04

physics

cisco … yahoo nasa … nsf arpa … navy acm … ieee

gov mil org net uk fr

Introduction 1-86

Gerarchie di naming

Il nome di un dominio è composto dal cammino inverso dalla foglia fino alla radice (anonima); i componenti del cammino sono separati da punti.

I nomi dei domini sono insensibili alle maiuscole/minuscole

I nomi all’interno dei cammini possono essere lunghi al più 63 caratteri, mentre un cammino non può superare complessivamente i 255 caratteri

Esempio: il dominio del dipartimento di scienze a Pescara è sci.unich.it

Introduction 1-87

Interrogare il DNS Il programma nslookup permette di interrogare il

DNS Per convertire un nome di dominio in numero IP Per convertire un numero IP in nome di dominio

La funzione nslookup è presente in tutti i sistemi operativi (es Windows 2000)

Il sito Web www.infobear.com/nslookup.shtml permette di interrogare via Web il DNS

Il sito www.nic.it/RA/database/database.html accede al registro della Registration Authority italiana

Introduction 1-88

Name Servers

In teoria un solo name server potrebbe contenere l’intero database DNS mondiale; in pratica, questo server sarebbe così sovraccarico da essere inservibile. Inoltre, se mai si guastasse, l’intera Internet sarebbe bloccata.

Nota: Nel 2000 c’erano solo 13 root name servers:10 negli USA, uno a Londra, uno a Stoccolma, uno a Tokyo

www.icann.org/committees/dns-root/y2k-statement.htm

Introduction 1-89

Zone Lo spazio dei nomi DNS è suddiviso in zone non

sovrapposte (cioè senza intersezione); normalmente una zona avrà un name server principale, che legge informazioni da un file sul proprio disco, ed uno o più name server secondari, che prendono le loro informazioni dal name server principale

Per migliorare l’affidabilità, è possibile che alcuni server di zona si trovino al di fuori della zona stessa.

Dove siano posti i confini di una zona è affare dell’amministratore della zona. Questa decisione è in gran parte basata su quanti name server si vogliono e dove vanno collocati.

Introduction 1-90

Name Servers Partizione della gerarchia in zone

edu com

princeton … mit

cs ee

ux01 ux04

physics

cisco … yahoo nasa … nsf arpa … navy acm … ieee

gov mil org net uk fr

Rootname server

Princetonname server

Cisconame server

CSname server

EEname server

…

…

Ogni zona può avere due o piu’ name servers

Introduction 1-91

DNS name servers

Nessun server memorizza l’associazione name-to-IP address per tutta Internet

local name servers: ogni ISP ha un local

(default) name server Primo passo: query al local

name server

authoritative name server: host: memorizza l’indirizzo

IP ed il nome del sistema Effettua la traduzione

name/IP address translation

DNS centralizzato Punto di fallimento globale Volume di traffico elevato Database remoto maintenance

Non scala!!!

Introduction 1-92

DNS

Quando un programma deve trasformare un nome in un indirizzo IP chiama una procedura detta risolutrice (resolver), passandole il nome come parametro di ingresso.

Il resolver interroga un server DNS locale, che cerca il nome nelle sue tabelle e restituisce l’indirizzo al resolver, che a sua volta lo trasmette al programma chiamante (usando tale indirizzo IP il programma può aprire una connessione di rete con la destinazione)

Introduction 1-93

DNS: Root name servers Contattati dai name server locali root name server:

Interagiscono con il name server di autorità (se non possono risolvere direttamente ilo nome)

Ottengono il mapping Restituiscono il risultato

b USC-ISI Marina del Rey, CAl ICANN Marina del Rey, CA

e NASA Mt View, CAf Internet Software C. Palo Alto, CA

i NORDUnet Stockholm

k RIPE London

m WIDE Tokyo

a NSI Herndon, VAc PSInet Herndon, VAd U Maryland College Park, MDg DISA Vienna, VAh ARL Aberdeen, MDj NSI (TBD) Herndon, VA

13 root name servers worldwide

Introduction 1-94

DNS: Un Esempio

host surf.eurecom.fr vuole determinare l’indirizzo IP del nome gaia.cs.umass.edu

1. Collegamento con il server DNS locale dns.eurecom.fr

2. dns.eurecom.fr si collega al root name server (se necessario)

3. root name server si collega all’authoritative name server, dns.umass.edu,(se necessario)

requesting hostsurf.eurecom.fr

gaia.cs.umass.edu

root name server

authorititive name serverdns.umass.edu

local name serverdns.eurecom.fr

1

23

4

5

6

Introduction 1-95

DNS

Root name server: Potrebbe non

conoscere l’authoratiative name server

Potrebbe conoscere un intermediate name server: Il server da contattare per collegarsi con il authoritative name server

requesting hostsurf.eurecom.fr

gaia.cs.umass.edu

root name server

local name serverdns.eurecom.fr

1

23

4 5

6

authoritative name serverdns.cs.umass.edu

intermediate name serverdns.umass.edu

7

8

Introduction 1-96

DNS: queries

recursive query: Meccanismo di

trasmissione delle query tra i vari name server

iterated query: server restituisce il

nome del name server da contattare per risolvere la query

“I don’t know this name, but ask this server”

requesting hostsurf.eurecom.fr

gaia.cs.umass.edu

root name server

local name serverdns.eurecom.fr

1

23

4

5 6

authoritative name serverdns.cs.umass.edu

intermediate name serverdns.umass.edu

7

8

iterated query

Introduction 1-97

DNS: caching Un generico name server può effetttuare una

operazione di caching per memorizzare i risultati delle query Elementi della cache diventano “vecchi”

Meccanismi per update/notify sono in fase di progetto RFC 2136 http://www.ietf.org/html.charters/dnsind-charter.html

Introduction 1-98

DNS recordsDNS: distributed db che memorizza resource records (RR)

Type=NS name is domain (e.g.

foo.com) value is IP address of

authoritative name server for this domain

RR format: (name, value, type,ttl)

Type=A name is hostname value is IP address

Type=CNAME name è un alias di un nome

“canonico” www.ibm.com è servereast.backup2.ibm.com

Value è il nome canonico

Type=MX value is hostname of

mailserver associated with name

Introduction 1-99

$TTL 43200@ IN SOA ns.mesys.it. hostmaster.mesys.it. ( 2002053101 ; serial 86400 ; refresh 3600 ; retry 604800 ; expire 86400 ; default_ttl )@ IN MX 5 mail.mesys.it.@ IN NS ns.mesys.it.@ IN NS dns2.nic.it.localhost IN A 127.0.0.1ns IN A 151.4.83.2ns1 IN A 151.4.83.3mail IN A 151.4.83.2www IN CNAME turtle.mesys.it.ftp IN CNAME dolphin.mesys.it.

Introduction 1-100

C:\Documents and Settings\bista>nslookupServer predefinito: deimos.unich.itAddress: 192.167.13.102

> set querytype=ANY> sci.unich.itServer: deimos.unich.itAddress: 192.167.13.102

sci.unich.it primary name server = deimos.unich.it responsible mail addr = root.deimos.unich.it serial = 2002061901 refresh = 86400 (1 day) retry = 1800 (30 mins) expire = 2592000 (30 days) default TTL = 432000 (5 days)sci.unich.it nameserver = deimos.unich.itsci.unich.it nameserver = dns2.unich.itsci.unich.it MX preference = 10, mail exchanger = gotham.sci.unich.itdns2.unich.it internet address = 192.167.14.208deimos.unich.it internet address = 192.167.13.102gotham.sci.unich.it internet address = 192.167.14.11>

Introduction 1-101

DNS protocol, messagesDNS protocol : query / reply messages, Identico message format

msg header identification: 16 bit #

for query, reply to query uses same #

flags: query or reply recursion desired recursion available reply is authoritative

Introduction 1-102

DNS protocol, messages

Name, type fields for a query

RRs in reponseto query

records forauthoritative servers

additional “helpful”info that may be used

Introduction 1-103

DNS

Protocollo di trasporto: UDP Porta: 53

… bugia ..

Introduction 1-104

Esercizi e seminari

Scoprire per quali messaggi DNS usa la porta 53 e il TCP (invece che l’UDP)

2004-Seminario su configurazioni del DNS

2005-Seminario su DNSSEC (due persone) dopo che abbiamo fatto crittografia (novembre) www.dnssec.net

Introduction 1-105

Hint seminario configurazione dns

Acl

options { directory "/var/named"; pid-file "named.pid"; allow-transfer { mesysslaves; }; allow-recursion { mesysnets; }; blackhole { bogusnets; };};

Introduction 1-106

DNS Data flow

master resolver

stub resolver

Zone administrator

Zone file

slavesDynamicupdates

Introduction 1-107

DataProtectionServer

Protection

DNS Vulnerabilities

Zone file

slaves

master resolver

stub resolver

Zone administrator

Dynamicupdates

Cache pollution byData spoofingUnauthorized updates

Corrupting data Impersonating master

Cache impersonation

Introduction 1-108

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP

2.7 Socket programming with UDP

2.8 Building a Web server

2.9 Content distribution Network Web caching Content distribution

networks P2P file sharing

JUMP

Introduction 1-109

Socket programming

Socket API introduced in BSD4.1 UNIX,

1981 explicitly created, used,

released by apps client/server paradigm two types of transport

service via socket API: unreliable datagram reliable, byte stream-

oriented

a host-local, application-created,

OS-controlled interface (a “door”) into which

application process can both send and

receive messages to/from another

application process

socket

Goal: learn how to build client/server application that communicate using sockets

Introduction 1-110

Socket-programming using TCP

Socket: a door between application process and end-end-transport protocol (UCP or TCP)

TCP service: reliable transfer of bytes from one process to another

process

TCP withbuffers,

variables

socket

controlled byapplicationdeveloper

controlled byoperating

system

host orserver

process

TCP withbuffers,

variables

socket

controlled byapplicationdeveloper

controlled byoperatingsystem

host orserver

internet

Introduction 1-111

Socket programming with TCPClient must contact server server process must first

be running server must have created

socket (door) that welcomes client’s contact

Client contacts server by: creating client-local TCP

socket specifying IP address, port

number of server process When client creates socket:

client TCP establishes connection to server TCP

When contacted by client, server TCP creates new socket for server process to communicate with client allows server to talk

with multiple clients source port numbers

used to distinguish clients (more in Chap 3)

TCP provides reliable, in-order transfer of bytes (“pipe”) between client and server

application viewpoint

Introduction 1-112

Stream jargon

A stream is a sequence of characters that flow into or out of a process.

An input stream is attached to some input source for the process, eg, keyboard or socket.

An output stream is attached to an output source, eg, monitor or socket.

Introduction 1-113

Socket programming with TCP

Example client-server app:

1) client reads line from standard input (inFromUser stream) , sends to server via socket (outToServer stream)

2) server reads line from socket3) server converts line to

uppercase, sends back to client

4) client reads, prints modified line from socket (inFromServer stream)

outT

oSer

ver

to network from network

inFr

omS

erve

r

inFr

omU

ser

keyboard monitor

Process

clientSocket

inputstream

inputstream

outputstream

TCPsocket

Clientprocess

client TCP socket

Introduction 1-114

Client/server socket interaction: TCP

wait for incomingconnection requestconnectionSocket =welcomeSocket.accept()

create socket,port=x, forincoming request:welcomeSocket =

ServerSocket()

create socket,connect to hostid, port=xclientSocket =

Socket()

closeconnectionSocket

read reply fromclientSocket

closeclientSocket

Server (running on hostid) Client

send request usingclientSocketread request from

connectionSocket

write reply toconnectionSocket

TCP connection setup

Introduction 1-115

Example: Java client (TCP)

import java.io.*; import java.net.*; class TCPClient {

public static void main(String argv[]) throws Exception { String sentence; String modifiedSentence;

BufferedReader inFromUser = new BufferedReader(new InputStreamReader(System.in));

Socket clientSocket = new Socket("hostname", 6789);

DataOutputStream outToServer = new DataOutputStream(clientSocket.getOutputStream());

Createinput stream

Create client socket,

connect to server

Createoutput stream

attached to socket

Introduction 1-116

Example: Java client (TCP), cont.

BufferedReader inFromServer = new BufferedReader(new InputStreamReader(clientSocket.getInputStream()));

sentence = inFromUser.readLine();

outToServer.writeBytes(sentence + '\n');

modifiedSentence = inFromServer.readLine();

System.out.println("FROM SERVER: " + modifiedSentence);

clientSocket.close(); } }

Createinput stream

attached to socket

Send lineto server

Read linefrom server

Introduction 1-117

Example: Java server (TCP)import java.io.*; import java.net.*;

class TCPServer {

public static void main(String argv[]) throws Exception { String clientSentence; String capitalizedSentence;

ServerSocket welcomeSocket = new ServerSocket(6789); while(true) { Socket connectionSocket = welcomeSocket.accept();

BufferedReader inFromClient = new BufferedReader(new InputStreamReader(connectionSocket.getInputStream()));

Createwelcoming socket

at port 6789

Wait, on welcomingsocket for contact

by client

Create inputstream, attached

to socket

Introduction 1-118

Example: Java server (TCP), cont

DataOutputStream outToClient = new DataOutputStream(connectionSocket.getOutputStream());

clientSentence = inFromClient.readLine();

capitalizedSentence = clientSentence.toUpperCase() + '\n';

outToClient.writeBytes(capitalizedSentence); } } }

Read in linefrom socket

Create outputstream,

attached to socket

Write out lineto socket

End of while loop,loop back and wait foranother client connection

Introduction 1-119

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP

2.7 Socket programming with UDP

2.8 Building a Web server

2.9 Content distribution Network Web caching Content distribution

networks P2P file sharing

Introduction 1-120

Socket programming with UDP

UDP: no “connection” between client and server

no handshaking sender explicitly attaches

IP address and port of destination to each packet

server must extract IP address, port of sender from received packet

UDP: transmitted data may be received out of order, or lost

application viewpoint

UDP provides unreliable transfer of groups of bytes (“datagrams”)

between client and server

Introduction 1-121

Client/server socket interaction: UDP

closeclientSocket

Server (running on hostid)

read reply fromclientSocket

create socket,clientSocket = DatagramSocket()

Client

Create, address (hostid, port=x,send datagram request using clientSocket

create socket,port=x, forincoming request:serverSocket = DatagramSocket()

read request fromserverSocket

write reply toserverSocketspecifying clienthost address,port number

Introduction 1-122

Example: Java client (UDP)

sendP

ack

et

to network from network

rece

iveP

ack

et

inF

rom

Use

r

keyboard monitor

Process

clientSocket

UDPpacket

inputstream

UDPpacket

UDPsocket

Output: sends packet (TCP sent “byte stream”)

Input: receives packet (TCP received “byte stream”)

Clientprocess

client UDP socket

Introduction 1-123

Example: Java client (UDP)

import java.io.*; import java.net.*; class UDPClient { public static void main(String args[]) throws Exception { BufferedReader inFromUser = new BufferedReader(new InputStreamReader(System.in)); DatagramSocket clientSocket = new DatagramSocket(); InetAddress IPAddress = InetAddress.getByName("hostname"); byte[] sendData = new byte[1024]; byte[] receiveData = new byte[1024]; String sentence = inFromUser.readLine();

sendData = sentence.getBytes();

Createinput stream

Create client socket

Translate hostname to IP

address using DNS

Introduction 1-124

Example: Java client (UDP), cont.

DatagramPacket sendPacket = new DatagramPacket(sendData, sendData.length, IPAddress, 9876); clientSocket.send(sendPacket); DatagramPacket receivePacket = new DatagramPacket(receiveData, receiveData.length); clientSocket.receive(receivePacket); String modifiedSentence = new String(receivePacket.getData()); System.out.println("FROM SERVER:" + modifiedSentence); clientSocket.close(); }

}

Create datagram with data-to-send,

length, IP addr, port

Send datagramto server

Read datagramfrom server

Introduction 1-125

Example: Java server (UDP)

import java.io.*; import java.net.*; class UDPServer { public static void main(String args[]) throws Exception { DatagramSocket serverSocket = new DatagramSocket(9876); byte[] receiveData = new byte[1024]; byte[] sendData = new byte[1024]; while(true) { DatagramPacket receivePacket = new DatagramPacket(receiveData, receiveData.length);

serverSocket.receive(receivePacket);

Createdatagram socket

at port 9876

Create space forreceived datagram

Receivedatagra

m

Introduction 1-126

Example: Java server (UDP), cont

String sentence = new String(receivePacket.getData()); InetAddress IPAddress = receivePacket.getAddress(); int port = receivePacket.getPort(); String capitalizedSentence = sentence.toUpperCase();

sendData = capitalizedSentence.getBytes(); DatagramPacket sendPacket = new DatagramPacket(sendData, sendData.length, IPAddress, port); serverSocket.send(sendPacket); } }

}

Get IP addrport #, of

sender

Write out datagramto socket

End of while loop,loop back and wait foranother datagram

Create datagramto send to client

Introduction 1-127

Building a simple Web server

handles one HTTP request

accepts the request parses header obtains requested file

from server’s file system

creates HTTP response message: header lines + file

sends response to client

after creating server, you can request file using a browser (eg IE explorer)

see text for details

Introduction 1-128

Socket programming: references

C-language tutorial (audio/slides): “Unix Network Programming” (J. Kurose),http://manic.cs.umass.edu/~amldemo/courseware/intro.

Java-tutorials: “All About Sockets” (Sun tutorial),

http://www.javaworld.com/javaworld/jw-12-1996/jw-12-sockets.html

“Socket Programming in Java: a tutorial,” http://www.javaworld.com/javaworld/jw-12-1996/jw-12-sockets.html

Introduction 1-129

seminari

2005-Implementare 2.6 2.7 2.8 2005-Invece che un client/server web

implementare un client server ftp 2005-Invece che un client/server web

implementare un client server smtp 2005-Invece che un client/server web

implementare un client server pop

Introduction 1-130

domande

E’ possibile implementare un servizio di comunicazione affidabile usando udp? SI (implemntando I controlli a lato

applicazione) Quale sarebbe il vantaggio?

No controllo congestione!!

Introduction 1-131

Chapter 2 outline

2.1 Principles of app layer protocols clients and servers app requirements

2.2 Web and HTTP 2.3 FTP 2.4 Electronic Mail

SMTP, POP3, IMAP

2.5 DNS

2.6 Socket programming with TCP

2.7 Socket programming with UDP

2.8 Building a Web server

2.9 Content distribution Network Web caching Content distribution

networks P2P file sharing

Introduction 1-132

Web caches (proxy server)

user sets browser: Web accesses via cache

browser sends all HTTP requests to cache object in cache: cache

returns object else cache requests

object from origin server, then returns object to client

Goal: satisfy client request without involving origin server

client

Proxyserver

client

HTTP request

HTTP request

HTTP response

HTTP response

HTTP request

HTTP response

origin server

origin server

Introduction 1-133

More about Web caching

Cache acts as both client and server

Cache can do up-to-date check using If-modified-since HTTP header Issue: should cache take

risk and deliver cached object without checking?

Heuristics are used. Typically cache is

installed by ISP (university, company, residential ISP)

Why Web caching? Reduce response time for

client request. Reduce traffic on an

institution’s access link. Internet dense with

caches enables “poor” content providers to effectively deliver content

Introduction 1-134

Caching example (1)

Assumptions average object size = 100,000

bits avg. request rate from

institution’s browser to origin serves = 15/sec

delay from institutional router to any origin server and back to router = 2 sec

Consequences utilization on LAN = 15% utilization on access link = 100% total delay = Internet delay +

access delay + LAN delay = 2 sec + minutes + milliseconds

originservers

public Internet

institutionalnetwork 10 Mbps LAN

1.5 Mbps access link

institutionalcache

Introduction 1-135

Caching example (2)

Possible solution increase bandwidth of

access link to, say, 10 MbpsConsequences utilization on LAN = 15% utilization on access link =

15% Total delay = Internet delay +

access delay + LAN delay = 2 sec + msecs + msecs often a costly upgrade

originservers

public Internet

institutionalnetwork 10 Mbps LAN

10 Mbps access link

institutionalcache

Introduction 1-136

Caching example (3)

Install cache suppose hit rate is .4

Consequence 40% requests will be satisfied

almost immediately 60% requests satisfied by

origin server utilization of access link

reduced to 60%, resulting in negligible delays (say 10 msec)

total delay = Internet delay + access delay + LAN delay

= .6*2 sec + .6*.01 secs + milliseconds < 1.3 secs

originservers

public Internet

institutionalnetwork 10 Mbps LAN

1.5 Mbps access link

institutionalcache

Introduction 1-137

Content distribution networks (CDNs)

Content replication I fornitori di servizi CDN

attivano centinaia di server CDN in Internet ISP di secondo o terzo

livello Il contenuto informativo

viene duplicato sui server CDN ogniqualvolta il cliente del CDN aggiorna l’informazione

origin server in North America

CDN distribution node

CDN serverin S. America CDN server

in Europe

CDN serverin Asia

Introduction 1-138

CDN:esempio

server www.foo.com Rende disponibile

direttamente file HTML Il riferimento: http://www.foo.com/sports.ruth.gif

viene modificato

http://www.cdn.com/www.foo.com/sports/ruth.gif

HTTP request for

www.foo.com/sports/sports.html

DNS query for www.cdn.com

HTTP request for

www.cdn.com/www.foo.com/sports/ruth.gif

1

2

3

Origin server

CDNs authoritative DNS server

NearbyCDN server

Provider CDN cdn.com Rende disponibili i

file gif Il server DNS di

autorità ha il compito di gestire i riferimenti

Introduction 1-139

CDN: cont.

CDN ha una tabella con le informazioni relative alle distanze tra i server CDN e gli ISP

Le richieste effettuate al DNS di autorità utilizzano questa informazione.

Non solo pagine web streaming

audio/video streaming real-time

audio/video Nodi CDN sono una

rete virtuale del livello delle applicazioni

Introduction 1-140

P2P file sharing

Alice runs P2P client application on her notebook computer

Intermittently connects to Internet; gets new IP address for each connection

Asks for “Hey Jude” Application displays

other peers that have copy of Hey Jude.

Alice chooses one of the peers, Bob.

File is copied from Bob’s PC to Alice’s notebook: HTTP

While Alice downloads, other users uploading from Alice.

Alice’s peer is both a Web client and a transient Web server.

All peers are servers = highly scalable!

Introduction 1-141

P2P: directory centralizzata

NAPSTER1) Quando un peer si

connette alla rete si collega ad un server centralizato: Indirizzo IP Informazione condivisa

2) Alice effettua una query per trovare “Hey Jude”

3) Alice scarica il file da Bob

centralizeddirectory server

peers

Alice

Bob

1

1

1

12

3

Introduction 1-142

Discussione

Singolo punto di fallimento

Performance limitata Copyright ….

file transfer is decentralized, but locating content is highly decentralized

Introduction 1-143

P2P: decentralized directory

Peer a group leader È associato ad un

group leader. Un group leader

memorizza l’informazioni in condivisione dei “figli”

Peer queries group leader group leader è in

grado di interrogare altri group leader.

ordinary peer

group-leader peer

neighoring re la tionshipsin overlay network

Introduction 1-144

decentralized directory: caratteristiche innovative

overlay network peer sono i nodes connessioni tra peer ed i

rispettivi group leader Connessioni tra group

leader Rete virtualebootstrap node un peer che si connette

deve essere associato ad un group leader o dveve essere designato group leader

vantaggi Non è presente una

directory centralizzata Il servizio di

localizzazione è distribuito tra i peer

svantaggi bootstrap node!!! group leader possono

essere troppo carichi

Introduction 1-145

P2P: Query flooding

Gnutella no gerarchia bootstrap node sono

utilizzati per avere informazioni sui pari

join

Query sono inviate ai vicini Query forwarding Se l’oggetto viene trovate il

riferimento è inviato direttamente al peer di partenza

join

Introduction 1-146

P2P: query flooding

Pros no group leader decxentralizzato no directory info

Cons Traffico di query query radius:

Potrebbe non essere sufficiente per individuare l’oggetto

bootstrap node Gestione della

overlay network

Introduction 1-147

seminari

2005-ICP (caching cooperativo) 2004-Peer to peer

Introduction 1-148

Chapter 2: Summary

application service requirements: reliability, bandwidth,

delay

client-server paradigm Internet transport

service model connection-oriented,

reliable: TCP unreliable, datagrams:

UDP

Our study of network apps now complete!

specific protocols: HTTP FTP SMTP, POP, IMAP DNS

socket programming content distribution

caches, CDNs P2P

Introduction 1-149

Chapter 2: Summary

typical request/reply message exchange: client requests info or

service server responds with

data, status code

message formats: headers: fields giving

info about data data: info being

communicated

Most importantly: learned about protocols

control vs. data msgs in-band, out-of-band

centralized vs. decentralized

stateless vs. stateful reliable vs. unreliable msg

transfer “complexity at network

edge” security: authentication