Infraestructura de Comunicaciones

Infraestructura de Comunicaciones
Chapter 2
Application Layer
A note on the use of these ppt slides:

We’re making these slides freely available to all (faculty, students, readers).
They’re in PowerPoint form so you can add, modify, and delete slides
(including this one) and slide content to suit your needs. They obviously
Computer Networking:
represent a lot of work on our part. In return for use, we only ask the A Top Down Approach,
following:
If you use these slides (e.g., in a class) in substantially unaltered form,
5th edition.
that you mention their source (after all, we’d like people to use our book!) Jim Kurose, Keith Ross
If you post any slides in substantially unaltered form on a www site, that
you note that they are adapted from (or perhaps identical to) our slides, and
Addison-Wesley, April
note our copyright of this material. 2009.
Thanks and enjoy! JFK/KWR
All material copyright 1996-2009

J.F Kurose and K.W. Ross, All Rights Reserved
2: Application Layer 2
Chapter 2: Application layer
2.1 Principles of 2.6 P2P applications
network applications Convergencia de
2.2 Web and HTTP Servicios
2.3 FTP Caracterización del
2.4 Electronic Mail Tráfico de una Red
SMTP, POP3, IMAP 2.7 Socket programming
2.5 DNS with TCP
2.8 Socket programming
with UDP
Chapter 2: Application Layer
Our goals: learn about protocols
conceptual, by examining popular
implementation application-level
aspects of network protocols
application protocols HTTP
transport-layer FTP
service models SMTP / POP3 / IMAP
DNS
client-server
paradigm programming network
peer-to-peer applications
paradigm socket API
Some network apps
e-mail voice over IP
web real-time video
instant messaging conferencing
remote login grid computing
P2P file sharing
multi-user network
games
streaming stored video
clips
Creating a network app application
transport
network
data link
write programs that physical
run on (different) end

systems
communicate over network
e.g., web server software
communicates with browser
software application
No need to write software

transport
network
data link
for network-core devices
application
physical
transport
network
Network-core devices do data link
physical
not run user applications
applications on end systems
allows for rapid app
development, propagation
2.5 DNS with TCP
with UDP
Application architectures
Client-server
Peer-to-peer (P2P)
Hybrid of client-server and P2P
Client-server architecture
server:
always-on host
permanent IP address
server farms for
scaling
clients:
client/server communicate with server
may be intermittently
connected
may have dynamic IP
addresses
do not communicate
directly with each other
Pure P2P architecture
no always-on server
arbitrary end systems
directly communicate peer-peer
peers are intermittently
connected and change IP
addresses
Highly scalable but

difficult to manage
Hybrid of client-server and P2P
Skype
voice-over-IP P2P application
centralized server: finding address of remote
party:
client-client connection: direct (not through
server)
Instant messaging
chatting between two users is P2P
centralized service: client presence
detection/location
• user registers its IP address with central
server when it comes online
• user contacts central server to find IP
addresses of buddies
Processes communicating
Process: program running Client process: process
within a host. that initiates
within same host, two communication
processes communicate Server process: process
using inter-process that waits to be
communication (defined contacted
by OS).
processes in different Note: applications with
hosts communicate by P2P architectures have
exchanging messages client processes &
server processes
Sockets
process sends/receives
host or host or
server server
messages to/from its
socket controlled by
app developer
socket analogous to door process process
sending process shoves socket socket

message out door TCP with TCP with
Internet buffers,
sending process relies on buffers,
variables variables
transport infrastructure
on other side of door which
brings message to socket controlled
by OS
at receiving process
API: (1) choice of transport protocol; (2) ability to fix

a few parameters (lots more on this later)
Addressing processes
to receive messages,
process must have
identifier
host device has unique
32-bit IP address
Q: does IP address of
host suffice for
identifying the process?
Addressing processes
to receive messages, identifier includes both
process must have IP address and port
identifier numbers associated with
host device has unique process on host.
32-bit IP address Example port numbers:
Q: does IP address of HTTP server: 80
host on which process Mail server: 25
runs suffice for to send HTTP message
identifying the to gaia.cs.umass.edu web
process? server:
A: No, many IP address: 128.119.245.12
processes can be Port number: 80
running on same host more shortly…
App-layer protocol defines
Types of messages Public-domain protocols:
exchanged, defined in RFCs
e.g., request, response allows for
Message syntax: interoperability
what fields in messages & e.g., HTTP, SMTP
how fields are delineated
Proprietary protocols:
Message semantics
meaning of information in e.g., Skype
fields
Rules for when and how
processes send &
respond to messages
What transport service does an app need?
Data loss Throughput
some apps (e.g., audio) can some apps (e.g.,
tolerate some loss multimedia) require
other apps (e.g., file minimum amount of
transfer, telnet) require throughput to be
100% reliable data “effective”
transfer
other apps (“elastic apps”)
Timing make use of whatever
some apps (e.g., throughput they get
Internet telephony,
interactive games) Security
require low delay to be Encryption, data
“effective” integrity, …
Transport service requirements of common apps
Application Data loss Throughput Time Sensitive
file transfer no loss elastic no

e-mail no loss elastic no
Web documents no loss elastic no
real-time audio/video loss-tolerant audio: 5kbps-1Mbps yes, 100’s msec
video:10kbps-5Mbps
stored audio/video loss-tolerant same as above yes, few secs
interactive games loss-tolerant few kbps up yes, 100’s msec
instant messaging no loss elastic yes and no
Internet transport protocols services
TCP service: UDP service:

connection-oriented: setup unreliable data transfer
required between client and between sending and
server processes receiving process
reliable transport between does not provide:
sending and receiving process connection setup,
flow control: sender won’t reliability, flow control,
overwhelm receiver congestion control, timing,
throughput guarantee, or
congestion control: throttle
security
sender when network
overloaded
does not provide: timing, Q: why bother? Why is
minimum throughput there a UDP?
guarantees, security
Internet apps: application, transport protocols
Application Underlying
Application layer protocol transport protocol
e-mail SMTP [RFC 2821] TCP

remote terminal access Telnet [RFC 854] TCP
Web HTTP [RFC 2616] TCP
file transfer FTP [RFC 959] TCP
streaming multimedia HTTP (eg Youtube), TCP or UDP
RTP [RFC 1889]
Internet telephony SIP, RTP, proprietary
(e.g., Skype) typically UDP
TCP Traffic
UDP Traffic
Security Problems in TCP/UDP
Application
Application
SSL sublayer
TCP
SSL
TCP
TCP socket
IP IP
socket
TCP API TCP enhanced with SSL
provides transport layer security to any TCP-based

application using SSL services.
e.g., between Web browsers, servers for e-commerce (https)
security services:
server authentication, data encryption, data integrity, client
authentication (optional)
Handshake:
client server
Connection
request
Connection
granted
ACK
time time
1. Handshake:
Bob establishes TCP
connection to Alice
authenticates Alice
via CA signed
certificate
creates, encrypts
(using Alice’s public
key), sends master create
secret key to Alice Master
nonce exchange not Secret decrypt using KA-
shown (MS) to get MS
2. Key Derivation:
Alice, Bob use shared secret (MS) to generate 4
keys:
EB: Bob->Alice data encryption key
EA: Alice->Bob data encryption key
MB: Bob->Alice MAC key
MA: Alice->Bob MAC key
encryption and MAC algorithms negotiable between
Bob, Alice
3. Data transfer
TCP byte stream b1b2b3 … bn
block n bytes together d MB

.
H( )
compute
MAC
d H(d)
EB
.
H( ) SSL
encrypt d,
MAC, SSL
seq. #
seq. #
d H(d)
SSL record
format Type Ver Len d H(d)
unencrypted encrypted using EB
app architectures Servicios
app requirements
Caracterización del
2.2 Web and HTTP Tráfico de una Red
2.4 Electronic Mail 2.7 Socket programming
SMTP, POP3, IMAP with TCP
2.5 DNS 2.8 Socket programming
with UDP
Web and HTTP
First some jargon
Web page consists of objects
Object can be HTML file, JPEG image, Java
applet, audio file,…
Web page consists of base HTML-file which
includes several referenced objects
Each object is addressable by a URL
Example URL:
www.someschool.edu/someDept/pic.gif
host name path name
HTTP overview
HTTP: hypertext
transfer protocol
Web’s application layer PC running
protocol Explorer
client/server model
client: browser that
requests, receives, Server
“displays” Web objects running
Apache Web
server: Web server server
sends objects in
response to requests
Mac running
Navigator
HTTP overview (continued)
Uses TCP: HTTP is “stateless”
client initiates TCP server maintains no
connection (creates socket) information about
to server, port 80 past client requests
server accepts TCP
connection from client aside
Protocols that maintain
HTTP messages (application- “state” are complex!
layer protocol messages) past history (state) must
exchanged between browser be maintained
(HTTP client) and Web
if server/client crashes,
server (HTTP server)
their views of “state” may
TCP connection closed be inconsistent, must be
reconciled
HTTP connections
Nonpersistent HTTP Persistent HTTP
At most one object is Multiple objects can
sent over a TCP be sent over single
connection. TCP connection
between client and
server.
Nonpersistent HTTP
(contains text,
Suppose user enters URL references to 10
www.someSchool.edu/someDepartment/home.index jpeg images)
1a. HTTP client initiates TCP

connection to HTTP server
(process) at
1b. HTTP server at host
www.someSchool.edu waiting
www.someSchool.edu on port 80
for TCP connection at port 80.
“accepts” connection, notifying
client
2. HTTP client sends HTTP
request message (containing
URL) into TCP connection 3. HTTP server receives request
socket. Message indicates message, forms response
that client wants object message containing requested
someDepartment/home.index object, and sends message
into its socket
time
Nonpersistent HTTP (cont.)
4. HTTP server closes TCP

connection.
5. HTTP client receives response
message containing html file,
displays html. Parsing html
file, finds 10 referenced jpeg
objects
time 6. Steps 1-5 repeated for each
of 10 jpeg objects
Non-Persistent HTTP: Response time
Definition of RTT: time for
a small packet to travel
from client to server
and back. initiate TCP
connection
Response time: RTT
one RTT to initiate TCP request
file
connection time to
RTT
transmit
one RTT for HTTP file
request and first few file
received
bytes of HTTP response
to return time time
file transmission time
total = 2RTT+transmit time
Persistent HTTP
Nonpersistent HTTP issues: Persistent HTTP

requires 2 RTTs per object server leaves connection
OS overhead for each TCP open after sending
connection response
browsers often open parallel subsequent HTTP messages
TCP connections to fetch between same
referenced objects client/server sent over
open connection
client sends requests as
soon as it encounters a
referenced object
as little as one RTT for all
the referenced objects
Persistent HTTP
HTTP request message
two types of HTTP messages: request, response

HTTP request message:
ASCII (human-readable format)
request line
(GET, POST, GET /somedir/page.html HTTP/1.1
HEAD commands) Host: www.someschool.edu
User-agent: Mozilla/4.0
header Connection: close
lines Accept-language:fr
Carriage return,
line feed (extra carriage return, line feed)
indicates end
of message
HTTP request message: general format
HTTP request message: general format
Uploading form input
Post method:
Web page often
includes form input URL method:
Input is uploaded to Uses GET method
server in entity body Input is uploaded in
URL field of request
line:
www.somesite.com/animalsearch?monkeys&banana
Method types
HTTP/1.0 HTTP/1.1
GET GET, POST, HEAD
POST PUT
HEAD uploads file in entity
body to path specified
asks server to leave
in URL field
requested object out of
response DELETE
deletes file specified in
the URL field
HTTP response message
status line
(protocol
status code HTTP/1.1 200 OK
status phrase) Connection close
Date: Thu, 06 Aug 1998 12:00:15 GMT
Server: Apache/1.3.0 (Unix)
header
Last-Modified: Mon, 22 Jun 1998 …...
lines
Content-Length: 6821
Content-Type: text/html
data, e.g., data data data data data ...

requested
HTML file
HTTP response status codes
In first line in server->client response message.
A few sample codes:
200 OK
request succeeded, requested object later in this message
301 Moved Permanently
requested object moved, new location specified later in
this message (Location:)
400 Bad Request
request message not understood by server
404 Not Found
requested document not found on this server
505 HTTP Version Not Supported
Trying out HTTP (client side) for yourself
1. Telnet to your favorite Web server:

telnet cis.poly.edu 80 Opens TCP connection to port 80
(default HTTP server port) at cis.poly.edu.
Anything typed in sent
to port 80 at cis.poly.edu
2. Type in a GET HTTP request:

GET /~ross/ HTTP/1.1 By typing this in (hit carriage
Host: cis.poly.edu return twice), you send
this minimal (but complete)
GET request to HTTP server
3. Look at response message sent by HTTP server!
User-server state: cookies
Example:
Many major Web sites
use cookies Susan always access
Four components: Internet always from PC
1) cookie header line of visits specific e-
HTTP response message commerce site for first
2) cookie header line in time
HTTP request message
3) cookie file kept on when initial HTTP
user’s host, managed by requests arrives at site,
user’s browser
site creates:
4) back-end database at
Web site unique ID
entry in backend
database for ID
Cookies: keeping “state” (cont.)
client server
ebay 8734
usual http request msg
Amazon server
cookie file usual http response creates ID
Set-cookie: 1678 1678 for user create
ebay 8734 entry
amazon 1678
usual http request msg
cookie: 1678 cookie- access
specific
one week later: usual http response msg action backend
database
access
ebay 8734 usual http request msg
amazon 1678 cookie: 1678 cookie-
spectific
usual http response msg action
Cookies (continued)
aside
What cookies can bring: Cookies and privacy:
authorization cookies permit sites to
shopping carts learn a lot about you
recommendations you may supply name
and e-mail to sites
user session state
(Web e-mail)
How to keep “state”:
protocol endpoints: maintain state
at sender/receiver over multiple
transactions
cookies: http messages carry state
Cookies (continued)
Web caches (proxy server)
Goal: satisfy client request without involving origin server
user sets browser: origin

server
Web accesses via
cache Proxy
browser sends all server
client
HTTP requests to
cache
object in cache: cache
returns object
else cache requests
object from origin client
origin
server, then returns server
object to client
More about Web caching
cache acts as both Why Web caching?
client and server reduce response time
typically cache is for client request
installed by ISP reduce traffic on an
(university, company, institution’s access
residential ISP) link.
Internet dense with
caches: enables “poor”
content providers to
effectively deliver
content (but so does
P2P file sharing)
Caching example
origin
Assumptions servers
average object size = 100,000
public
bits Internet
avg. request rate from
institution’s browsers to origin
servers = 15/sec
1.5 Mbps
delay from institutional router access link
to any origin server and back
institutional
to router = 2 sec network
10 Mbps LAN
Consequences
utilization on LAN = 15%
utilization on access link = 100%
institutional
total delay = Internet delay +
cache
access delay + LAN delay
= 2 sec + minutes + milliseconds
Caching example (cont)
origin
possible solution servers
increase bandwidth of access
public
link to, say, 10 Mbps Internet
consequence
utilization on LAN = 15%
utilization on access link = 15% 10 Mbps
Total delay = Internet delay + access link
access delay + LAN delay institutional
= 2 sec + msecs + msecs network
10 Mbps LAN
often a costly upgrade
institutional
cache
Caching example (cont)
origin
possible solution: install servers
cache public
suppose hit rate is 0.4 Internet
consequence
40% requests will be
satisfied almost immediately
1.5 Mbps
60% requests satisfied by access link
origin server
utilization of access link institutional
reduced to 60%, resulting in network
10 Mbps LAN
negligible delays (say 10
msec)
total avg delay = Internet
delay + access delay + LAN institutional
delay = .6*(2.01) secs +
.4*milliseconds < 1.4 secs cache
Conditional GET
Goal: don’t send object if cache server

cache has up-to-date cached HTTP request msg
version If-modified-since:
object
cache: specify date of <date>
not
cached copy in HTTP request modified
HTTP response
If-modified-since:
HTTP/1.0
<date> 304 Not Modified
server: response contains no
object if cached copy is up-
HTTP request msg
to-date: If-modified-since:
HTTP/1.0 304 Not <date> object
Modified modified
HTTP response
HTTP/1.0 200 OK
<data>
Capacity Planning in Web Traffic
Traffic Generated by a Request for a 5-KB Page
Traffic Type Bytes Sent

TCP Connection 180 (approx.)
GET Request 256 (approx.)
5-KB file 5,120
Protocols overhead 1,364 (approx.)
Total
6,920
Relative Network Interface Speed
Connection Type Connection Speed 5-KB Pages Sent per Second
Dedicated PPP/SLIP via modem 28.8 Kbps Roughly half of 1 page
Frame Relay or fast modem 56 Kbps Almost 1 page
ISDN 128 Kbps Just over 2 pages
Typical DSL 640 Kbps Almost 11 pages
DS1/T1 1.536 Mbps 26 pages
10-Mb Ethernet 8 Mbps (best case) (Up to) 136 pages
DS3/T3 44.736 Mbps 760 pages
OC1 51.844 Mbps 880 pages
100-Mb Ethernet 80 Mbps (best case) (Up to) 1,360 pages
OC3 155.532 Mbps 2,650 pages
OC12 622.128 Mbps 10,580 pages
1-Gbps Ethernet 800 Mbps (best case)

(Up to) 13,600 pages
Web Traffic – Text Page http://datatracker.ietf.org/doc/rfc5905/
X 1000
Web Traffic – image Page http://www.uniandes.edu.co
X 1000
Web Traffic – image Page http://www.cisco.com/
Web Traffic – Streaming http://video.uniandes.edu.co/
Web Traffic – Streaming (uplink) http://video.uniandes.edu.co/
X 1000
Web Traffic – Streaming (downlink) http://video.uniandes.edu.co/
X 10000
Security Problems in HTTP
¿ Por qué los Browsers ?
Muchos usuarios son desconocedores de los riesgos Objetivos fáciles
Simple para ubicar información Ingeniería Social
Browsers son programas complejos Probablemente con vulnerabilidades
Los browsers son capaces de manejar una variedad de hipermedias, archivos y
correr scripts variedad de posibles ataques
Contienen datos privados (cookies, historia en el browser) objetivos
atractivos
¿ Por qué los Servidores Web ?
Los servidores aceptan entradas de los cliente vulnerabilidad a ataques
Involucra complejidad en el software probabilidad a las vulnerabilidades
Contenido de datos de valor y fácil de alcanzar objetivo atractivo
El compromiso de legitimidad de los servidores es confiado por los usuarios
Fácil de ocultar los ataques ante una posible detección
2.5 DNS with TCP
with UDP
FTP: the file transfer protocol
FTP file transfer

FTP FTP
user client server
interface
user
at host remote file
local file system
system
transfer file to/from remote host

client/server model
client: side that initiates transfer (either to/from
remote)
server: remote host
ftp: RFC 959
ftp server: port 21
FTP: separate control, data connections
TCP control connection
FTP client contacts FTP server port 21
at port 21, TCP is transport
protocol TCP data connection
client authorized over control FTP port 20 FTP
connection client server
client browses remote
server opens another TCP
directory by sending commands
data connection to transfer
over control connection.
another file.
when server receives file
control connection: “out of
transfer command, server
band”
opens 2nd TCP connection (for
file) to client FTP server maintains “state”:
current directory, earlier
after transferring one file,
authentication
server closes data connection.
FTP commands, responses
Sample commands: Sample return codes

sent as ASCII text over status code and phrase (as
control channel in HTTP)
USER username 331 Username OK,
PASS password password required
125 data connection
LIST return list of file in
already open;
current directory
transfer starting
RETR filename retrieves 425 Can’t open data
(gets) file connection
STOR filename stores 452 Error writing
(puts) file onto remote file
host
Capacity Planning in FTP Traffic
Security Problems in FTP Traffic
Application
SSL sublayer
SSL
TCP
IP
socket
TCP enhanced with SSL
2.5 DNS with TCP
with UDP
Electronic Mail outgoing
message queue
user mailbox
user
Three major components: agent
user agents mail
user
server
mail servers agent
simple mail transfer SMTP mail
protocol: SMTP server user
SMTP agent
User Agent
“mail reader” SMTP
mail user
composing, editing, reading agent
server
mail messages
e.g., Eudora, Outlook, elm, user
Mozilla Thunderbird agent
user
outgoing, incoming messages agent
stored on server
Electronic Mail: mail servers
user
Mail Servers agent
mailbox contains incoming mail
user
messages for user server
agent
message queue of outgoing
SMTP
(to be sent) mail messages mail
server user
SMTP protocol between mail
servers to send email SMTP agent
messages SMTP
client: sending mail mail user
agent
server server
“server”: receiving mail
user
server agent
user
agent
Electronic Mail: SMTP [RFC 2821]
uses TCP to reliably transfer email message from client

to server, port 25 (SMTPS 465)
direct transfer: sending server to receiving server
three phases of transfer
handshaking (greeting)
transfer of messages
closure
command/response interaction
commands: ASCII text
response: status code and phrase
messages must be in 7-bit ASCII
Scenario: Alice sends message to Bob
1) Alice uses UA to compose 4) SMTP client sends Alice’s
message and “to” message over the TCP
[email protected] connection
2) Alice’s UA sends message 5) Bob’s mail server places the
to her mail server; message message in Bob’s mailbox
placed in message queue 6) Bob invokes his user agent
3) Client side of SMTP opens to read message
TCP connection with Bob’s
mail server
1 mail
mail
server user
user server
2 agent
agent 3 6
4 5
Sample SMTP interaction
S: 220 hamburger.edu
C: HELO crepes.fr
S: 250 Hello crepes.fr, pleased to meet you
C: MAIL FROM: <[email protected]>
S: 250 [email protected]... Sender ok
C: RCPT TO: <[email protected]>
S: 250 [email protected] ... Recipient ok
C: DATA
S: 354 Enter mail, end with "." on a line by itself
C: Do you like ketchup?
C: How about pickles?
C: .
S: 250 Message accepted for delivery
C: QUIT
S: 221 hamburger.edu closing connection
Try SMTP interaction for yourself:
telnet servername 25
see 220 reply from server
enter HELO, MAIL FROM, RCPT TO, DATA, QUIT
commands
above lets you send email without using email client
(reader)
SMTP: final words
SMTP uses persistent Comparison with HTTP:
connections
HTTP: pull
SMTP requires message
(header & body) to be in 7- SMTP: push
bit ASCII both have ASCII
SMTP server uses command/response
CRLF.CRLF to determine interaction, status codes
end of message
HTTP: each object
encapsulated in its own
response msg
SMTP: multiple objects
sent in multipart msg
Mail message format
SMTP: protocol for

exchanging email msgs header
blank
RFC 822: standard for text
line
message format:
header lines, e.g.,
To:
body
From:
Subject:
different from SMTP
commands!
body
the “message”, ASCII
characters only
Mail access protocols
SMTP SMTP access user
user
agent protocol agent
sender’s mail receiver’s mail

server server
SMTP: delivery/storage to receiver’s server
Mail access protocol: retrieval from server
POP: Post Office Protocol [RFC 1939]
• authorization (agent <-->server) and download
• Port: 110/TCP Cifrado 995/TCP
IMAP: Internet Mail Access Protocol [RFC 1730]
• more features (more complex)
• Port: 143/TCP 220/TCP (IMAP3) 993/TCP (IMAPS)
• manipulation of stored msgs on server
2: Application Layer
HTTP: gmail, Hotmail, Yahoo! Mail, etc. 90
POP3 protocol S: +OK POP3 server ready
C: user bob
authorization phase S: +OK
C: pass hungry
client commands: S: +OK user successfully logged on
user: declare username
C: list
pass: password S: 1 498
server responses S: 2 912
S: .
+OK
C: retr 1
-ERR S: <message 1 contents>
transaction phase, client: S: .
C: dele 1
list: list message numbers C: retr 2
retr: retrieve message by S: <message 1 contents>
number S: .
C: dele 2
dele: delete
C: quit
quit S: +OK POP3 server signing off
POP3 (more) and IMAP
More about POP3 IMAP
Previous example uses Keep all messages in
“download and delete” one place: the server
mode. Allows user to
Bob cannot re-read e- organize messages in
mail if he changes folders
client IMAP keeps user state
“Download-and-keep”: across sessions:
copies of messages on names of folders and
different clients mappings between
message IDs and folder
POP3 is stateless
name
across sessions
Capacity Planning in email
Security in email
Security in email
Security in email
Security in email
Security in email
• Alice wants to provide secrecy, sender authentication,
message integrity.
-
KA
m .
H( )
-
KA( ). -
KA(H(m))
KS
+ KS( ).
m + Internet
KS
+ .
K B( ) +
KB(KS )
+
KB
Alice uses three keys: her private key, Bob’s public

key, newly created symmetric key
2.5 DNS with TCP
with UDP
DNS: Domain Name System
People: many identifiers: Domain Name System:

SSN, name, passport # distributed database
Internet hosts, routers: implemented in hierarchy of
many name servers
IP address (32 bit) -
used for addressing
application-layer protocol
host, routers, name servers to
datagrams
communicate to resolve names
“name”, e.g., (address/name translation)
ww.yahoo.com - used by
note: core Internet
humans
function, implemented as
Q: map between IP application-layer protocol
addresses and name ? complexity at network’s
“edge”

DNS
DNS services Why not centralize DNS?
hostname to IP single point of failure
address translation traffic volume
host aliasing distant centralized
Canonical, alias names database
mail server aliasing maintenance
load distribution
replicated Web doesn’t scale!
servers: set of IP
addresses for one
canonical name

Distributed, Hierarchical Database
Root DNS Servers
com DNS servers org DNS servers edu DNS servers
pbs.org poly.edu umass.edu

yahoo.com amazon.com
DNS servers DNS serversDNS servers
DNS servers DNS servers
Client wants IP for www.amazon.com; 1st approx:

client queries a root server to find com DNS server
client queries com DNS server to get amazon.com
DNS server
client queries amazon.com DNS server to get IP
address for www.amazon.com
DNS: Root name servers
contacted by local name server that can not resolve name
root name server:
contacts authoritative name server if name mapping not known
gets mapping
returns mapping to local name server
a Verisign, Dulles, VA
c Cogent, Herndon, VA (also LA)
d U Maryland College Park, MD k RIPE London (also 16 other locations)
g US DoD Vienna, VA
h ARL Aberdeen, MD i Autonomica, Stockholm (plus
j Verisign, ( 21 locations) 28 other locations)
e NASA Mt View, CA m WIDE Tokyo (also Seoul,
f Internet Software C. Palo Alto, Paris, SF)
CA (and 36 other locations)
13 root name
servers worldwide
b USC-ISI Marina del Rey, CA
l ICANN Los Angeles, CA

TLD and Authoritative Servers
Top-level domain (TLD) servers:
responsible for com, org, net, edu, etc, and all
top-level country domains uk, fr, ca, jp.
Network Solutions maintains servers for com TLD
Educause for edu TLD
Authoritative DNS servers:
organization’s DNS servers, providing
authoritative hostname to IP mappings for
organization’s servers (e.g., Web, mail).
can be maintained by organization or service
provider

Local Name Server
does not strictly belong to hierarchy
each ISP (residential ISP, company,
university) has one.
also called “default name server”
when host makes DNS query, query is sent
to its local DNS server
acts as proxy, forwards query into hierarchy

DNS name root DNS server
resolution example
2
Host at cis.poly.edu 3
TLD DNS server
wants IP address for 4
gaia.cs.umass.edu 5
iterated query: local DNS server

dns.poly.edu
contacted server 7 6
replies with name of 1 8
server to contact
authoritative DNS server
“I don’t know this
dns.cs.umass.edu
name, but ask this requesting host
server” cis.poly.edu
gaia.cs.umass.edu

DNS name
resolution example root DNS server
recursive query: 2 3
puts burden of name 6
7
resolution on
TLD DNS server
contacted name
server
heavy load? local DNS server
dns.poly.edu 5 4
1 8
authoritative DNS server

dns.cs.umass.edu
requesting host
cis.poly.edu
gaia.cs.umass.edu

DNS: caching and updating records
once (any) name server learns mapping, it caches
mapping
cache entries timeout (disappear) after some
time
TLD servers typically cached in local name
servers
• Thus root name servers not often visited
update/notify mechanisms under design by IETF
RFC 2136
http://www.ietf.org/html.charters/dnsind-charter.html

DNS records
DNS: distributed db storing resource records (RR)
RR format: (name, value, type, ttl)
Type=A Type=CNAME
name is hostname name is alias name for some
value is IP address “canonical” (the real) name
www.ibm.com is really
Type=NS
servereast.backup2.ibm.com
name is domain (e.g.
value is canonical name
foo.com)
value is hostname of Type=MX
authoritative name
value is name of mailserver
server for this domain
associated with name

DNS records

DNS records

DNS protocol, messages
DNS protocol : query and reply messages, both with
same message format
msg header
identification: 16 bit #
for query, reply to query
uses same #
flags:
query or reply
recursion desired
recursion available
reply is authoritative

DNS protocol, messages
Name, type fields

for a query
RRs in response
to query
records for
authoritative servers
additional “helpful”
info that may be used

Inserting records into DNS
example: new startup “Network Utopia”
register name networkuptopia.com at DNS registrar
(e.g., Network Solutions)
provide names, IP addresses of authoritative name server
(primary and secondary)
registrar inserts two RRs into com TLD server:
(networkutopia.com, dns1.networkutopia.com, NS)

(dns1.networkutopia.com, 212.212.212.1, A)
create authoritative server Type A record for

www.networkuptopia.com; Type MX record for
networkutopia.com
How do people get IP address of your Web site?

Security in DNS (DNS Spoofing)

Security in DNS (DNS Spoofing)
•Desahilitar puerto no usados en la red

•Implementar seguridad a nivel de puertos MAC en los
switches
•Implementar 802.1x
•Implementar DNSSec / IPSec

app architectures Servicios
app requirements
Caracterización del
2.2 Web and HTTP Tráfico de una Red
2.4 Electronic Mail 2.7 Socket programming
SMTP, POP3, IMAP with TCP
2.5 DNS 2.8 Socket programming
with UDP

Pure P2P architecture
no always-on server
arbitrary end systems
directly communicate peer-peer
peers are intermittently
connected and change IP
addresses
Three topics:
File distribution
Searching for information
Case Study: Skype

File Distribution: Server-Client vs P2P
Question : How much time to distribute file
from one server to N peers?
us: server upload
bandwidth
Server
ui: peer i upload
u1 d1 u2 bandwidth
us d2
di: peer i download
File, size F bandwidth
dN
Network (with
uN abundant bandwidth)

File distribution time: server-client
Server
server sequentially F u1 d1 u2
sends N copies: us d2
NF/us time dN Network (with

abundant bandwidth)
client i takes F/di uN
time to download
Time to distribute F
to N clients using = dcs = max { NF/us, F/min(di) }
i
client/server approach
increases linearly in N
(for large N) 2: Application Layer 120
File distribution time: P2P
Server
server must send one F u1 d1 u2
copy: F/us time us d2
client i takes F/di time Network (with

to download
dN
abundant bandwidth)
NF bits must be uN
downloaded (aggregate)
fastest possible upload rate: us + Sui
dP2P = max { F/us, F/min(di) , NF/(us + Sui) }

i
Server-client vs. P2P: example
Client upload rate = u, F/u = 1 hour, us = 10u, dmin ≥ us
3.5
P2P
Minimum Distribution Time
3
Client-Server
2.5
1.5
0.5
0
0 5 10 15 20 25 30 35
N
File distribution: BitTorrent
P2P file distribution
tracker: tracks peers torrent: group of
participating in torrent peers exchanging
chunks of a file
obtain list
of peers
trading
chunks
peer

BitTorrent (1)
file divided into 256KB chunks.
peer joining torrent:
has no chunks, but will accumulate them over time
registers with tracker to get list of peers,
connects to subset of peers (“neighbors”)
while downloading, peer uploads chunks to other
peers.
peers may come and go
once peer has entire file, it may (selfishly) leave or
(altruistically) remain
BitTorrent (2) Sending Chunks: tit-for-tat
Pulling Chunks Alice sends chunks to four
neighbors currently
at any given time, sending her chunks at the
different peers have highest rate
different subsets of
file chunks re-evaluate top 4 every
10 secs
periodically, a peer
(Alice) asks each every 30 secs: randomly
neighbor for list of select another peer,
chunks that they have. starts sending chunks
Alice sends requests newly chosen peer may
for her missing chunks join top 4
rarest first “optimistically unchoke”

BitTorrent: Tit-for-tat
(1) Alice “optimistically unchokes” Bob
(2) Alice becomes one of Bob’s top-four providers; Bob reciprocates
(3) Bob becomes one of Alice’s top-four providers
With higher upload rate,

can find better trading
partners & get file faster!
P2P Case study: Skype
Skype clients (SC)
inherently P2P: pairs
of users communicate.
proprietary Skype
application-layer login server Supernode
protocol (inferred via (SN)
reverse engineering)
hierarchical overlay
with SNs
Index maps usernames
to IP addresses;
distributed over SNs

Peers as relays
Problem when both
Alice and Bob are
behind “NATs”.
NAT prevents an outside
peer from initiating a call
to insider peer
Solution:
Using Alice’s and Bob’s
SNs, Relay is chosen
Each peer initiates
session with relay.
Peers can now
communicate through
NATs via relay

2.5 DNS with TCP
with UDP

Convergencia de Servicios
Evolución hacia las Aplicaciones
Multimedia (IMS)
Video Movies
Person-to-Content Music
Photos Ring tone
known usability Internet Streaming
patterns Text/Pictures Download
HTTP
Video
SMS/MMS Active
phonebook
Image
Person-to-Person
Text Sharing
dominates traffic Presence
Voice
growth Push-To-Talk
MMS
SMS
Voice
• Servicio de Voz y Video a nivel corporativo con altas exigencias

para los recursos de la red los cuáles son asegurados por la
infraestructura de red del operador
• Celulares conectados a la red IP desde y

hasta el dispositivo terminal móvil
• Convergencia de la TV hacia la red IP y en la cuál los

Operadores ofrecen una alta disponibilidad en el Backhaul
PSTN-ISDN
GSM BSS HLR

MSC/ RTB/RDSI
VLR
BTS
BSC
Otras redes
GMSC
Internet
SGSN Intranet
GGSN
GSM
UMTS
Arquitectura NGN/NGMN
Arquitectura NGN/NGMN
VoIP
IPTV
IPTV
EPC
2.5 DNS with TCP
with UDP

Caracterización del tráfico de
una Red
Identificar el origen de los Tráficos más altos en la red
Nombre Comunidad Tamaño Comunidad Localización Aplicaciones

de Usuarios (# usuarios) Usadas
una Red
Identificar el origen de los más altos Almacenamientos
Almacenamiento de Localización Aplicaciones Datos Usados

Datos
una Red
Determinación del Flujo de Tráfico en la Red
Destino 1 Destino 2
Mbps Ruta Mbps Ruta
Origen 1
Origen 2
Flujo de Tráfico entre Cliente-Servidor

Flujo de Tráfico entre peer-to-peer
Flujo de Tráfico entre Servidor-Servidor
Flujo de Tráfico Computación Distribuida
una Red
Características de Tráfico de las Aplicaciones
Nombre de Tipo del Protocolos Comunidad Datos Ancho de Requerimient

la Aplicación Flujo de usados por de Usuarios almacenados Banda os de QoS
Datos la Aplicación que utilizan (Servidores, aproximado
la Aplicación Hosts) requerido
por la
aplicación
2.5 DNS with TCP
with UDP

Socket programming
Goal: learn how to build client/server application that
communicate using sockets
Socket API socket

introduced in BSD4.1 UNIX, a host-local,
1981 application-created,
explicitly created, used, OS-controlled interface
released by apps (a “door”) into which
client/server paradigm application process can
two types of transport both send and
service via socket API: receive messages to/from
another application
unreliable datagram
process
reliable, byte stream-
oriented

Socket-programming using TCP
Socket: a door between application process and end-
end-transport protocol (UCP or TCP)
TCP service: reliable transfer of bytes from one
process to another
controlled by
controlled by process application
application process
developer
developer socket socket
TCP with TCP with controlled by
controlled by
buffers, operating
operating buffers, internet system
system variables variables
host or host or
server server

Socket programming with TCP
Client must contact server When contacted by client,
server process must first server TCP creates new
be running socket for server process to
server must have created communicate with client
socket (door) that allows server to talk with
welcomes client’s contact multiple clients
Client contacts server by: source port numbers
used to distinguish
creating client-local TCP
clients (more in Chap 3)
socket
specifying IP address, port application viewpoint
number of server process
TCP provides reliable, in-order
When client creates
transfer of bytes (“pipe”)
socket: client TCP
between client and server
establishes connection to
server TCP
Client/server socket interaction: TCP
Server (running on hostid) Client
create socket,
port=x, for
incoming request:
welcomeSocket =
ServerSocket()
TCP create socket,

wait for incoming
connection request connection setup connect to hostid, port=x
connectionSocket = clientSocket =
welcomeSocket.accept() Socket()
send request using

read request from clientSocket
connectionSocket
write reply to
connectionSocket read reply from
clientSocket
close
connectionSocket close
clientSocket
Stream jargon
keyboard monitor
A stream is a sequence of
characters that flow into
inFromUser
or out of a process. input
stream
An input stream is Client

attached to some input Process
process
source for the process,
e.g., keyboard or socket.
An output stream is
attached to an output
inFromServer
outToServer
source, e.g., monitor or
output input
stream stream
socket.
client TCP
clientSocket
socket TCP
socket
to network from network

Socket programming with TCP
Example client-server app:
1) client reads line from
standard input (inFromUser
stream) , sends to server via
socket (outToServer
stream)
2) server reads line from socket
3) server converts line to
uppercase, sends back to
client
4) client reads, prints modified
line from socket
(inFromServer stream)

Example: Java client (TCP)
import java.io.*;
import java.net.*;
class TCPClient {
public static void main(String argv[]) throws Exception

{
String sentence;
String modifiedSentence;
Create
input stream BufferedReader inFromUser =
new BufferedReader(new InputStreamReader(System.in));
Create
client socket, Socket clientSocket = new Socket("hostname", 6789);
connect to server
Create DataOutputStream outToServer =
output stream new DataOutputStream(clientSocket.getOutputStream());
attached to socket
Example: Java client (TCP), cont.
Create BufferedReader inFromServer =

input stream new BufferedReader(new
attached to socket InputStreamReader(clientSocket.getInputStream()));
sentence = inFromUser.readLine();
Send line
to server outToServer.writeBytes(sentence + '\n');
Read line modifiedSentence = inFromServer.readLine();

from server
System.out.println("FROM SERVER: " + modifiedSentence);
clientSocket.close();
}
}
Example: Java server (TCP)
import java.io.*;
import java.net.*;
class TCPServer {
public static void main(String argv[]) throws Exception

{
String clientSentence;
Create String capitalizedSentence;
welcoming socket
ServerSocket welcomeSocket = new ServerSocket(6789);
at port 6789
while(true) {
Wait, on welcoming
socket for contact Socket connectionSocket = welcomeSocket.accept();
by client
BufferedReader inFromClient =
Create input new BufferedReader(new
stream, attached InputStreamReader(connectionSocket.getInputStream()));
to socket

Example: Java server (TCP), cont
Create output
stream, attached DataOutputStream outToClient =
to socket new DataOutputStream(connectionSocket.getOutputStream());
Read in line
from socket clientSentence = inFromClient.readLine();
capitalizedSentence = clientSentence.toUpperCase() + '\n';

Write out line
outToClient.writeBytes(capitalizedSentence);
to socket
}
}
} End of while loop,
loop back and wait for
another client connection

2.5 DNS with TCP
with UDP

Socket programming with UDP
UDP: no “connection” between

client and server
no handshaking
sender explicitly attaches application viewpoint
IP address and port of
destination to each packet UDP provides unreliable transfer
of groups of bytes (“datagrams”)
server must extract IP
between client and server
address, port of sender
from received packet
UDP: transmitted data may be
received out of order, or
lost

Client/server socket interaction: UDP
Server (running on hostid) Client
create socket, create socket,

port= x. clientSocket =
serverSocket = DatagramSocket()
DatagramSocket()
Create datagram with server IP and
port=x; send datagram via
read datagram from clientSocket
serverSocket
write reply to
serverSocket
specifying read datagram from
client address, clientSocket
port number close
clientSocket

Example: Java client (UDP)
keyboard monitor
inFromUser
input
stream
Client
Process
Input: receives
process
packet (recall
Output: sends thatTCP received
packet (recall “byte stream”)
receivePacket
sendPacket
that TCP sent UDP
packet
UDP
packet
“byte stream”)
client UDP
clientSocket
socket UDP
socket
to network from network

Example: Java client (UDP)
import java.io.*;
import java.net.*;
class UDPClient {
public static void main(String args[]) throws Exception
{
Create
input stream BufferedReader inFromUser =
new BufferedReader(new InputStreamReader(System.in));
Create
client socket DatagramSocket clientSocket = new DatagramSocket();
Translate
InetAddress IPAddress = InetAddress.getByName("hostname");
hostname to IP
address using DNS byte[] sendData = new byte[1024];
byte[] receiveData = new byte[1024];
String sentence = inFromUser.readLine();

sendData = sentence.getBytes();
Example: Java client (UDP), cont.
Create datagram
with data-to-send, DatagramPacket sendPacket =
length, IP addr, port new DatagramPacket(sendData, sendData.length, IPAddress, 9876);
Send datagram clientSocket.send(sendPacket);

to server
DatagramPacket receivePacket =
new DatagramPacket(receiveData, receiveData.length);
Read datagram
clientSocket.receive(receivePacket);
from server
String modifiedSentence =
new String(receivePacket.getData());
System.out.println("FROM SERVER:" + modifiedSentence);

clientSocket.close();
}
}

Example: Java server (UDP)
import java.io.*;
import java.net.*;
class UDPServer {
public static void main(String args[]) throws Exception
Create {
datagram socket
DatagramSocket serverSocket = new DatagramSocket(9876);
at port 9876
byte[] receiveData = new byte[1024];
byte[] sendData = new byte[1024];
while(true)
{
Create space for
DatagramPacket receivePacket =
received datagram
new DatagramPacket(receiveData, receiveData.length);
Receive serverSocket.receive(receivePacket);
datagram
Example: Java server (UDP), cont
String sentence = new String(receivePacket.getData());
Get IP addr
InetAddress IPAddress = receivePacket.getAddress();
port #, of
sender int port = receivePacket.getPort();
String capitalizedSentence = sentence.toUpperCase();
sendData = capitalizedSentence.getBytes();
Create datagram
DatagramPacket sendPacket =
to send to client new DatagramPacket(sendData, sendData.length, IPAddress,
port);
Write out
datagram serverSocket.send(sendPacket);
to socket }
}
} End of while loop,
loop back and wait for
another datagram
Chapter 2: Summary
our study of network apps now complete!
application architectures specific protocols:
client-server HTTP
P2P FTP
hybrid SMTP, POP, IMAP
DNS
application service
P2P: BitTorrent, Skype
requirements:
reliability, bandwidth, socket programming
delay
Internet transport
service model
connection-oriented,
reliable: TCP
unreliable, datagrams: UDP

Infraestructura de Comunicaciones

Uploaded by

Copyright:

Available Formats

Infraestructura de Comunicaciones

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Infraestructura de Comunicaciones

Uploaded by

Copyright:

Available Formats

Infraestructura de Comunicaciones

A note on the use of these ppt slides:

All material copyright 1996-2009

write programs that physical

run on (different) end

No need to write software

Highly scalable but

sending process shoves socket socket

API: (1) choice of transport protocol; (2) ability to fix

Application Data loss Throughput Time Sensitive

file transfer no loss elastic no

TCP service: UDP service:

e-mail SMTP [RFC 2821] TCP

provides transport layer security to any TCP-based

block n bytes together d MB

unencrypted encrypted using EB

host name path name

1a. HTTP client initiates TCP

4. HTTP server closes TCP

Nonpersistent HTTP issues: Persistent HTTP

two types of HTTP messages: request, response

data, e.g., data data data data data ...

1. Telnet to your favorite Web server:

2. Type in a GET HTTP request:

3. Look at response message sent by HTTP server!

user sets browser: origin

Goal: don’t send object if cache server

Traffic Generated by a Request for a 5-KB Page

Traffic Type Bytes Sent

GET Request 256 (approx.)

5-KB file 5,120

Protocols overhead 1,364 (approx.)

Connection Type Connection Speed 5-KB Pages Sent per Second

Dedicated PPP/SLIP via modem 28.8 Kbps Roughly half of 1 page

Frame Relay or fast modem 56 Kbps Almost 1 page

ISDN 128 Kbps Just over 2 pages

Typical DSL 640 Kbps Almost 11 pages

DS1/T1 1.536 Mbps 26 pages

10-Mb Ethernet 8 Mbps (best case) (Up to) 136 pages

DS3/T3 44.736 Mbps 760 pages

OC1 51.844 Mbps 880 pages

100-Mb Ethernet 80 Mbps (best case) (Up to) 1,360 pages

OC3 155.532 Mbps 2,650 pages

OC12 622.128 Mbps 10,580 pages

1-Gbps Ethernet 800 Mbps (best case)

FTP file transfer

transfer file to/from remote host

Sample commands: Sample return codes

uses TCP to reliably transfer email message from client

SMTP: protocol for

sender’s mail receiver’s mail

Alice uses three keys: her private key, Bob’s public

People: many identifiers: Domain Name System:

2: Application Layer 100

2: Application Layer 101

com DNS servers org DNS servers edu DNS servers

pbs.org poly.edu umass.edu

Client wants IP for www.amazon.com; 1st approx:

2: Application Layer 103