Unit -5

TRANSPORT LAYER & APPLICATION LAYER

Syllabus:
The Transport Layer: Transport layer protocols: Introduction-services- port number-User data gram
protocol-User datagram-UDP services-UDP applications-Transmission control protocol: TCP services- TCP
features- Segment- A TCP connection- windows in TCP- flow control-Error control, Congestion
control in TCP.
Application Layer –- World Wide Web: HTTP, Electronic mail-Architecture- web based mail- email
security- TELENET-local versus remote Logging-Domain Name System: Name Space, DNS in Internet
,Resolution-Caching- Resource Records- DNS messages- Registrars-security of DNS Name Servers, SNMP.

Functionalities of transport layer:

• It is responsible for process to process delivery of messages. it manages the end to end delivery of packets
• A message is divided into transmittable segments; each segment consists of a sequence number. These
numbers enables the transport layer to reassemble the messages correctly upon arrival at destination.
• It identifies the duplication of data units.
• It checks that the data units are error free.
• Connection control: connectionless service and connection oriented service

5 THE TRANSPORT SERVICE:

5.1 Services Provided to the Upper Layers:

The transport layer makes use of the services provided by the network layer. The software and/or hardware
within the transport layer that does the work is called the transport entity. The transport entity can be located
in the operating system kernel, in a library package bound into network applications, in a separate user process,
or even on the network interface card. The first two options are most common on the Internet. The (logical)
relationship of the network, transport, and application layers is illustrated in Fig. 1-1.
5.2 Transport Service Primitives:

To allow users to access the transport service, the transport layer must provide some operations to
application programs, that is, a transport service interface. To see how these primitives might be used, consider an
application with a server and a number of remote clients. To start with, the server executes a LISTEN primitive,
typically by calling a library procedure that makes a system call that blocks the server until a client turns up. When

client wants to talk to the server, it executes a CONNECT primitive. The client’s CONNECT call causes a
CONNECTION REQUEST segment to be sent to the server. When it arrives, the transport entity checks to see that
the server is blocked on a LISTEN (i.e., is interested in handling requests). If so, it then unblocks the server and
sends a CONNECTION ACCEPTED segment back to the client. When this segment arrives, the client is unblocked
and the connection is established. The transport entity carries out this primitive by blocking the caller and sending a
packet to the server. Data can now be exchanged using the SEND and RECEIVE primitives. In the simplest form,
either party can do a (blocking) RECEIVE to wait for the other party to do a SEND. When the segment arrives, the
receiver is unblocked. It can then process the segment and send a reply. As long as both sides can keep track of
whose turn it is to send, this scheme works fine. Encapsulated in the payload of this packet is a transport layer
message for the server’s transport entity.

The term segment is used for messages sent from transport entity to transport entity. TCP, UDP and other
Internet protocols use this term. Some older protocols used the ungainly name TPDU n(Transport Protocol Data
Unit). Thus, segments (exchanged by the transport layer) are contained in packets (exchanged by the network
layer). In turn, these packets are contained in frames (exchanged by the data link layer). When a frame arrives, the
data link layer processes the frame header and, if the destination address matches for local delivery, passes the
contents of the frame payload field up to the network entity. The network entity similarly processes the packet
header and then passes the contents of the packet payload up to the transport entity. This nesting is illustrated in Fig.
1-2.

5.3 Berkeley Sockets:

The primitives are now widely used for Internet programming on many operating systems, especially UNIX-
based systems.

The first four primitives in the list are executed in that order by servers. The SOCKET primitive creates a new
endpoint and allocates table space for it within the transport entity. Newly created sockets do not have network
addresses. These are assigned using the BIND primitive. Once a server has bound an address to a socket, remote
clients can connect to it. Next comes the LISTEN call, which allocates space to queue incoming calls for the case
that several clients try to connect at the same time. in the socket model LISTEN is not a blocking call. To block
waiting for an incoming connection, the server executes an ACCEPT primitive.
 At the client side. Here, too, a socket must first be created using the SOCKET primitive, but BIND is not
required since the address used does not matter to the server. The CONNECT primitive blocks the caller and
actively starts the connection process. When it completes (i.e., when the appropriate segment is received from the
server), the client process is unblocked and the connection is established. Both sides can now use SEND and
RECEIVE to transmit.

3 THE INTERNET TRANSPORT PROTOCOLS: TCP and UDP

3.1 TCP (Transmission Control Protocol):
It was specifically designed to provide a reliable end-to-end byte stream over an unreliable internetwork.
An internetwork differs from a single network because different parts may have wildly different topologies,
bandwidths, delays, packet sizes, and other parameters. TCP was designed to dynamically adapt to properties of the
internetwork and to be robust in the face of many kinds of failures.

3.1.1 The TCP Service Model:

For obtaining the TCP service, it is necessary for both sender and receiver to create end points called
sockets. Each socket has socket number or socket address. The socket address is made of two parts.
1. An IP address of the host.
2. A port number which is a 16 bit local to host
Various socket calls are listed below:

3.1.2 TCP protocol:

A key feature of TCP, and one that dominates the protocol design, is that every byte on a TCP connection
has its own 32-bit sequence number. These numbers are used for acknowledgement and window mechanism.
Segments: The sending and receiving entities exchange data in the form of segments. A TCP segment consists of a
fixed 20-byte header (plus an optional part) followed by zero or more data bytes.
Segment size: The TCP software decides how big segments should be. It can accumulate data from several writes
into one segment or can split data from one write over multiple segments. Two limits restrict the segment size.
• First, each segment, including the TCP header, must fit in the 65,515- byte IP payload.
 • Second, each link has an MTU (Maximum Transfer Unit). Each segment must fit in the MTU at the
sender and receiver so that it can be sent and received in a single, unfragmented packet.
Fragmentation: If segment is too large, then it should be taken into small segments. Using fragmentation by a
router, each segment gets a new IP header.

**The TCP Segment Header:

Every segment begins with a fixed-format, 20-byte header. The fixed header may be followed by header
options.
TCP header field by field:
• The Source port and Destination port fields identify the local end points of the connection.
• The Sequence number identifies the current position of the first data byte in the segment within the entire
byte stream for TCP connection.
• The Acknowledgement number identifies the next data byte the sender accepts from receiver. This field is
used when the ACK control bit is turned on.

• The TCP header length tells how many 32-bit words are contained in the TCP header.
• Next comes a 4-bit field that is not used.
• CWR and ECE are used to signal congestion when ECN (Explicit Congestion Notification ).ECE is set to
signal an ECN-Echo to a TCP sender to tell it to slow down when the TCP receiver gets a congestion
indication from the network. CWR is set to signal Congestion Window Reduced from the TCP sender to the
TCP receiver so that it knows the sender has slowed down and can stop sending the ECN-Echo.
• URG is set to 1 if the Urgent pointer is in use. The Urgent pointer is used to indicate a byte offset from the
current sequence number at which urgent data are to be found.
• The ACK bit is set to 1 to indicate that the Acknowledgement number is valid.
• The PSH bit indicates PUSHed data. The receiver is hereby kindly requested to deliver the data to the
application upon arrival and not buffer it until a full buffer has been received.
• The RST bit is used to abruptly reset a connection that has become confused due to a host crash or some
other reason. It is also used to reject an invalid segment or refuse an attempt to open a connection.
• The SYN bit is used to establish connections.
• The FIN bit is used to release a connection.
• The Window size field tells how many bytes may be sent starting at the byte acknowledged.
• Checksum is also provided for extra reliability. It checksums the header, the data, and a conceptual
pseudoheader.
3.1.3 TCP Connection Establishment:

Connections are established in TCP by means of the three-way handshake. To establish a connection, one side,
say, the server passively waits for an incoming connection by executing the LISTEN and ACCEPTS primitives in
that order, either specifying a specific source or nobody in particular.
The other side, say, the client, executes a CONNECT primitive, specifying the IP address and port to which it
wants to connect, the maximum TCP segment size it is willing to accept, and optionally some user data (e.g., a
password). The CONNECT primitive sends a TCP segment with the SYN bit on and ACK bit off and waits for a
response.
When this segment arrives at the destination, the TCP entity there checks to see if there is a process that has
done a LISTEN on the port given in the Destination port field. If not, it sends a reply with the RST bit on to reject
the connection.
3.1.4 TCP Connection Release:

For connection establishment it takes three segments while for connection release it takes four segments.
When a TCP receives a FIN, it must notify the application that the other end has terminated that direction of flow.
The sending of a FIN is normally the result of application issuing a close. The receipt of FIN only means there will
be no more data flowing in that direction. When a server receives the FIN it sends the ACK and closes its
connection by sending the FIN, which the client TCP must send the ACK to the server.
 TCP CONGESTION CONTROL:

TCP does to try to prevent the congestion from occurring in the first place in the following way:
When a connection is established, a suitable window size is chosen and the receiver specifies a window based on
its buffer size. If the sender sticks to this window size, problems will not occur due to buffer overflow at the
receiving end. But they may still occur due to internal congestion within the network. Let’s see this problem
occurs.

(a) A fast network feeding a low-capacity receiver. (b) A slow network feeding a high-capacity receiver.
In fig (a): We see a thick pipe leading to a small- capacity receiver. As long as the sender does not send more
water than the bucket can contain, no water will be lost.
In fig (b): The limiting factor is not the bucket capacity, but the internal carrying capacity of the n/w. if too much
water comes in too fast, it will backup and some will be lost.
➢ When a connection is established, the sender initializes the congestion window to thesize of the max
segment in use our connection.
➢ It then sends one max segment .if this max segment is acknowledged before the timer
➢ goes off, it adds one segment s worth of bytes to the congestion window to make it two maximum size
segments and sends 2 segments.
➢ As each of these segments is acknowledged, the congestion window is increased byone max segment size.
➢ When the congestion window is ‘n’ segments, if all ‘n’ are acknowledged on time, thecongestion window is
increased by the byte count corresponding to ‘n’ segments.
➢ The congestion window keeps growing exponentially until either a time out occurs orthe receiver’s window
is reached.
➢ The internet congestion control algorithm uses a third parameter, the “threshold” inaddition to receiver
and congestion windows.

THE INTERNET TRANSPORT PROTOCOLS: UDP

The Internet protocol suite supports a connectionless transport protocol called UDP (User Datagram Protocol).
UDP provides a way for applications to send encapsulated IP datagrams without having to establish a connection.

UDP HEADER:
UDP transmits segments consisting of an 8-byte header followed by the payload. The header is shown in
Fig. 6-27. The two ports serve to identify the endpoints within the source and destination machines. When a UDP
packet arrives, its payload is handed to the process attached to the destination port. This attachment occurs when the
BIND primitive or something similar is used.
• The source port is primarily needed when a reply must be sent back to the source. By copying the Source
port field from the incoming segment into the Destination port field of the outgoing segment, the process
sending the reply can specify which process on the sending machine is to get it.
• The UDP length field includes the 8-byte header and the data. The minimum length is 8 bytes, to cover the
header. The maximum length is 65,515 bytes, which is lower than the largest number that will fit in 16 bits
because of the size limit on IP packets.
 • An optional Checksum is also provided for extra reliability. It checksums the header, the data, and a
conceptual IP pseudoheader.

The pseudoheader for the case of IPv4 is shown in Fig. 6-28. It contains the 32-bit IPv4 addresses of the
source and destination machines, the protocol number for UDP (17), and the byte count for the UDP segment
(including the header). It is different but analogous for IPv6. Including the pseudoheader in the UDP checksum
computation helps detect misdelivered packets, but including it also violates the protocol hierarchy since the IP
addresses in it belong to the IP layer, not to the UDP layer. TCP uses the same pseudoheader for its checksum.

Remote Procedure Call:

When a process on machine 1 calls a procedure on machine 2, the calling process on 1 is suspended and
execution of the called procedure takes place on 2. Information can be transported from the caller to the callee in the
parameters and can come back in the procedure result. No message passing is visible to the application programmer.
This technique is known as RPC (Remote Procedure Call) and has become the basis for many networking
applications.
The idea behind RPC is to make a remote procedure call look as much as possible like a local one. In the
simplest form, to call a remote procedure, the client program must be bound with a small library procedure, called
the client stub that represents the server procedure in the client’s address space. Similarly, the server is bound with
a procedure called the server stub. These procedures hide the fact that the procedure call from the client to the
server is not local.

The actual steps in making an RPC are shown in Fig. 6-29. Step 1 is the client calling the client stub. This
call is a local procedure call, with the parameters pushed onto the stack in the normal way. Step 2 is the client stub
packing the parameters into a message and making a system call to send the message. Packing the parameters is
called marshaling. Step 3 is the operating system sending the message from the client machine to the server
machine. Step 4 is the operating system passing the incoming packet to the server stub. Finally, step 5 is the server
stub calling the server procedure with the unmarshaled parameters. The reply traces the same path in the other
direction.
 APPLICATION LAYER

TELNET:

TELNET is basically the short form for Terminal Network. It is basically a TCP/IP protocol that is used for
virtual terminal services and was mainly proposed by International Organization for Standards(ISO).
• It is a general-purpose client/server application program.
• This program enables the establishment of the connection to the remote system in such a way that the
local system starts to appear as a terminal at the remote system.
• It is a standard TCP/IP protocol that is used for virtual terminal service.
• In simple words, we can say that the telnet allows the user to log on to a remote computer. After
logging on the user can use the services of the remote computer and then can transfer the results back
to the local computer.
• The TELNET was mainly designed at the time when most operating systems operate in the time-
sharing environment. And in this type of environment, a large computer can support multiple users.
Usually, the interaction between the computer and user occurs via terminal(It is a combination of
keyboard, mouse, and monitor).
• TELNET makes the use of only one TCP/IP connection.

Logging

As in the timesharing environment, the users are a part of the system having some rights in order to access the
resources. It is important to note that each user has an identification along with the password. This user
identification mainly indicates that the user is a part of the system.
In order to access the system the user logs in to the system by the user-id.The system also includes password
checking in order to prevent unauthorized access to the resources of a system.
The logging process can be further categorized into two:
1. Local log-in
2. Remote log-in

Local Log-in

Whenever a user logs in into a local timesharing system then it referred to as local log-in.

The figure indicates Local log-in

1. Once the user types at the terminal, then the keystrokes are accepted by the terminal driver.
2. The characters are then passed on to the Operating system by the terminal driver.
 3. After that, the operating system interprets the combination of the characters and then invokes the
desired application program.

Remote Log-in

Whenever a user wants to access those application programs or utilities that locate on to the remote machine
then it is referred to as remote log-in. In this type of log-in, the TELNET client/server program mainly comes
into use.

The figure shows the concept of Remote Log-in

• In this, the user mainly sends the keystroke to the terminal driver where the Operating system only
accepts the characters and does not interpret them.
• After that, the characters are sent to the TELNET client that mainly translates these characters into the
universal character set that is commonly known as Network Virtual Terminal (NVT) characters.
• After converting the TELNET client transfers them to the TCP/IP protocol stack.
• The text that is in the form of NVT then travels through the internet and then arrives at the TCP/IP
protocol stack present at the remote machine.
• After that, the characters are delivered to the operating system which then passes these on to the
TELNET Server,
• The TELNET Server then changes these NVT characters to the corresponding characters that can be
understood by the Remote computer.
• The characters cannot be directly passed to the Operating system of the remote computer because the
remote operating system is not designed in such a way so as to receive the characters from the
TELNET server.
• It is designed in such a way so as to receive the characters from the Terminal Driver.
• There is a software program commonly known as Pseudoterminal driver that is added and mainly
pretends as the characters are coming from the Terminal.
 SNMP:
SNMP mainly stands for Simple Network Management protocol.
• It is basically a framework that is used for managing the devices on the internet by using the TCP/IP
protocol suite.
• Basically, SNMP provides a set of fundamental operations in order to monitor and maintain the
Internet.
• It is an application layer protocol that was defined by the Internet engineering task force.
• This protocol is mainly used to monitor the network, detect the faults in the Network, and sometimes it
is also used to configure the remote devices.

Concept of SNMP

The SNMP protocol makes the use of Manager and Agent; where the manager is usually a host that controls
and monitors the set of agents.

• The SNMP is an application-level protocol and it consists of a few manager stations that mainly
controls a set of agents. This protocol is mainly designed at the application level so that it can monitor
the devices that are mainly made by different manufacturers and that are installed on different physical
networks.

Thus there are three components in the architecture of the SNMP:

• SNMP Manager
• SNMP Agent
• Management Information Base

SNMP Manager

It is basically a centralized system and it is mainly used to monitor and manage devices that are connected
with the network.SNMP manager is typically a computer and it is used to run one or more network
management systems.
Given below are the main functions of SNMP Manager:
1. Collects response from the agents.
2. To acknowledge asynchronous events from the agents.
3. To set variables in the agent.
4. Queries the Agent

SNMP Agent

SNMP Agent is basically a software program that is packaged within the network element. It is mainly
installed on a managed device where managed devices can be switches, servers, routers, PC, etc.
Mainly the agents keep the information in the database also the manager has the access to the values present in
the database.
 Given below are the main responsibilities of the SNMP Agent:
• SNMP agents mainly collect the management information about its local environment
• The SNMP agent mainly signals an event to the manager.
• The SNMP agents also act as a proxy for some non–SNMP manageable network nodes.
Thus the management with SNMP is mainly based on these given ideas:
1. An SNMP manager checks the agent by requesting information that mainly reflects the behavior of the
SNMP agent.
2. The SNMP manager also forces the agent to perform the task by resetting the values in the database of the
agent.
3.Management process is also contributed by the agent just by warning the SNMP manager about an unusual
situation.

Management Components

In order to perform the Management tasks, the SNMP protocol makes the use of two other protocols and are
SMI and MIB. We can also say that the Management on the Internet is done by the cooperation of three
protocols and these are SNMP, MIB, SMI.

Let us discuss their roles one by one;

Role of SNMP

The SNMP protocol performs some specific roles in Network Management;

• It mainly defines the format of the packet that needs to be sent from the manager to the agent or vice-
versa.
• SNMP is also used to interpret the result and create the statistics.
• The packets that are exchanged between the manager and agent contains the name of the
object(variable) and their status(values).
• The SNMP is also responsible for reading and changing these values.

Role of SMI

In order to use the SNMP, there is a need for some rules and these rules are for naming the objects. Now its
time to take a look at the roles of SMI:
• SMI(Structure of Management Information) is mainly used to define the general rules for naming the
objects.
• It is also used to define the type of objects that includes( range and length).
• This is also used to show how to encode the objects and values.
• The SMI does not define the number of objects that should be managed by an entity.
• It also does not define the association between the objects and their values.
 Role of MIB

In order to manage each entity, this protocol is mainly used to define the number of objects and then to name
them according to the rules defined by the SMI and after that associate a type to each named object.
• MIB( Management Information Base) is mainly used to create a set of objects that are defined for each
entity that is similar to the database.
• Thus MIB mainly creates a collection of named objects, their types.

Advantages of SNMP Protocol

Given below are some of the benefits of using SNMP :

1. It is the standard network management protocol.
2. This protocol is independent of the operating system and programming language.
3. The functional design of this protocol is Portable.
4. The SNMP is basically a core set of operations and it remains the same on all managed devices. Thus
SNMP supports extendibility.
5. SNMP is a universally accepted protocol.
6. It is a lightweight protocol.
7. This protocol allows distributed management access.

Disadvantages

Some of the drawbacks of SNMP are as follows:

• This protocol leads to the reduction of the bandwidth of the network.
• Access control, authentication, and privacy of data are some largest security issues using this.
• SNMP deals with information that is neither detailed nor enough well organized.
Electronic Mail (E-Mail) in Internet:

In this topic, we will be covering one of the most popular Internet services that is Electronic Mail
(E-mail) in detail.

Electronic mail is often referred to as E-mail and it is a method used for exchanging digital
messages.

 Electronic mail is mainly designed for human use.

 It allows a message to includes text, image, audio as well as video.

 This service allows one message to be sent to one or more than one recipient.

 The E-mail systems are mainly based on the store-and-forward model where the E-mail
server system accepts, forwards, deliver and store the messages on behalf of users who
only need to connect to the infrastructure of the Email.

 The Person who sends the email is referred to as the Sender while the person who
receives an email is referred to as the Recipient.

Need of an Email:

By making use of Email, we can send any message at any time to anyone.

 We can send the same message to several peoples at the same time.

 It is a very fast and efficient way of transferring information.

 The email system is very fast as compared to the Postal system.

 Information can be easily forwarded to coworkers without retyping it.

Components of E-mail System
The basic Components of an Email system are as follows:

1. User Agent(UA)

It is a program that is mainly used to send and receive an email. It is also known as an email
reader. User-Agent is used to compose, send and receive emails.

 It is the first component of an Email.

 User-agent also handles the mailboxes.

 The User-agent mainly provides the services to the user in order to make the sending and
receiving process of message easier.

Given below are some services provided by the User-Agent:

1. Reading the Message

2. Replying the Message

3. Composing the Message

4. Forwarding the Message.

5. Handling the Message.

2. Message Transfer Agent

The actual process of transferring the email is done through the Message Transfer Agent(MTA).

 In order to send an Email, a system must have an MTA client.

 In order to receive an email, a system must have an MTA server.

 The protocol that is mainly used to define the MTA client and MTA server on the internet
is called SMTP (Simple Mail Transfer Protocol).

 The SMTP mainly defines how the commands and responses must be sent back and forth

3. Message Access Agent

In the first and second stages of email delivery, we make use of SMTP.

 SMTP is basically a Push protocol.

 The third stage of the email delivery mainly needs the pull protocol, and at this stage, the
message access agent is used.

 The two protocols used to access messages are POP (Post Office Protocol) and IMAP4
(Internet Message Access Protocol).

Architecture of Email

Now its time to take a look at the architecture of e-mail with the help of four scenarios:

First Scenario: - When the sender and the receiver of an E-mail are on the same system, then there is the need
for only two user agents.
Second Scenario

In this scenario, the sender and receiver of an e-mail are basically users on the two
different systems. Also, the message needs to send over the Internet. In this case, we need to
make use of User Agents and Message transfer agents(MTA).

Third Scenario

In this scenario, the sender is connected to the system via a point-to-point WAN it can be either a
dial-up modem or a cable modem. While the receiver is directly connected to the system like it
was connected in the second scenario.
Also in this case sender needs a User agent(UA) in order to prepare the message. After preparing
the message the sender sends the message via a pair of MTA through LAN or WAN.

Fourth Scenario

In this scenario, the receiver is also connected to his mail server with the help of WAN or LAN.

When the message arrives the receiver needs to retrieve the message; thus there is a need for
another set of client/server agents. The recipient makes use of MAA(Message access agent)
client in order to retrieve the message.

In this, the client sends the request to the Mail Access agent(MAA) server and then makes a
request for the transfer of messages.
This scenario is most commonly used today.

Structure of Email

The message mainly consists of two parts:

1.Header
2.Body

Header
The header part of the email generally contains the sender's address as well as the receiver's
address and the subject of the message.

Body

The Body of the message contains the actual information that is meant for the receiver.
Email Address:

In order to deliver the email, the mail handling system must make use of an addressing system
with unique addresses.

The address consists of two parts:

 Local part

 Domain Name

Local Part

It is used to define the name of the special file, which is commonly called a user mailbox; it is
the place where all the mails received for the user is stored for retrieval by the Message Access
Agent.

Domain Name

It is the second part of the address is Domain Name.

Both local part and domain name are separated with the help of @.