HyperText Transfer Protocol (HTTP)

 The HyperText Transfer Protocol (HTTP) is used to define how the

client-server programs can be written to retrieve web pages from the Web.
 An HTTP client sends a request; an HTTP server returns a response.
 The server uses the port number 80; the client uses a temporary port number.
 HTTP uses the services of TCP, which, as discussed before, is a connection-
oriented and reliable protocol.
 This means that, before any transaction between the client and the server can
take place, a connection needs to be established between them.
 After the transaction, the connection should be terminated.
 Nonpersistent Connections
In a nonpersistent connection, one TCP connection is made for each
request/response.
The following lists the steps in this strategy:
1. The client opens a TCP connection and sends a request.
2. The server sends the response and closes the connection.
3. The client reads the data until it encounters an end-of-file marker; it then
closes the connection.
In this strategy, if a file contains links to N different pictures in different files
(all located on the same server), the connection must be opened and closed N
+ 1 times.
The nonpersistent strategy imposes high overhead on the server because the
server needs N + 1 different buffers each time a connection is opened.
Figure 26.3 shows an example of a nonpersistent connection.
 The client needs to access a file that contains one link to an image.
 The text file and image are located on the same server.
 Here we need two connections. For each connection, TCP requires at least
three handshake messages to establish the connection, but the request can be
sent with the third one.
 After the connection is established, the object can be transferred.
 After receiving an object, another three handshake messages are needed to
terminate the connection.
 This means that the client and server are involved in two connection
establishments and two connection terminations.

Persistent Connections
 HTTP version 1.1 specifies a persistent connection by default.
 In a persistent connection,the server leaves the connection open for more
requests after sending a response.
 The server can close the connection at the request of a client or if a time-out
has been reached.
 The sender usually sends the length of the data with each response.
 there are some occasions when the sender does not know the length of the
data. This is the case when a document is created dynamically or actively. In
these cases, the server informs the client that the length is not known and
closes the connection after sending the data so the client knows that the end
of the data has been reached.
 Time and resources are saved using persistent connections. Only one set of
buffers and variables needs to be set for the connection at each site.
 The round trip time for connection establishment and connection termination
is saved.
 Figure 26.4 shows the same scenario as in Example 26.3, but using a
persistent connection.
 Only one connection establishment and connection termination is used, but
the request for the image is sent separately.
FTP
File Transfer Protocol (FTP) is the standard protocol provided by TCP/IP for copying a file
from one host to another.
  The basic model of FTP. The client has three components: the user interface, the client
control process, and the client data transfer process.
 The server has two components:the server control process and the server data transfer
process. The control connection is made between the control processes.
 The data connection is made between the data transfer processes.
 Separation of commands and data transfer makes FTP more efficient. The control
connection uses very simple rules of communication.
 We need to transfer only a line of command or a line of response at a time.
 The data connection, on the other hand, needs more complex rules due to the variety of
data types transferred.
Two Connections
The two connections in FTP have different lifetimes. The control connection remains
connected during the entire interactive FTP session. The data connection is opened and
then closed for each file transfer activity. It opens each time commands that involve
transferring files are used, and it closes when the file is transferred.
Control Connection
During this control connection, commands are sent from the client to the server and
responses are sent from the server to the client. Commands, which are sent from the
FTP client control process, are in the form of ASCII uppercase, which may or may not
be followed by an argument. Some of the most common commands are shown in Table
26.4.
Every FTP command generates at least one response. A response has two parts: a
three-digit number followed by text. The numeric part defines the code; the text part
defines needed parameters or further explanations. The first digit defines the status of
the command. The second digit defines the area in which the status applies. The third
digit provides additional information.

Data Connection
The data connection uses the well-known port 20 at the server site. However, the creation
of a data connection is different from the control connection. The following
shows the steps:
1. The client, not the server, issues a passive open using an ephemeral port. This must be
done by the client because it is the client that issues the commands for transferring files.
2. Using the PORT command the client sends this port number to the server.
3. The server receives the port number and issues an active open using the wellknown
port 20 and the received ephemeral port number.
The heterogeneity problem is resolved by defining three attributes of communication:
file type, data structure, and transmission modes.
File Type
FTP can transfer one of the following file types across the data connection: ASCII file,
EBCDIC file, or image file.
Data Structure
FTP can transfer a file across the data connection using one of the following interpretations
of the structure of the data: file structure, record structure, or page structure. The
file structure format (used by default) has no structure. It is a continuous stream of
bytes. In the record structure, the file is divided into records. This can be used only with
text files. In the page structure, the file is divided into pages, with each page having a
page number and a page header. The pages can be stored and accessed randomly or
sequentially.
Transmission Mode
FTP can transfer a file across the data connection using one of the following three
transmission modes: stream mode, block mode, or compressed mode. The stream mode
is the default mode; data are delivered from FTP to TCP as a continuous stream of
bytes. In the block mode, data can be delivered from FTP to TCP in blocks. In this case,
each block is preceded by a 3-byte header. The first byte is called the block descriptor;
the next two bytes define the size of the block in bytes.
File Transfer
File transfer occurs over the data connection under the control of the commands sent
over the control connection. However, we should remember that file transfer in FTP
means one of three things: retrieving a file (server to client), storing a file (client to
server), and directory listing (server to client).
Electronic Mail Architecture
 In the common scenario, the sender and the receiver of the e-mail, Alice and Bob
respectively, are connected via a LAN or a WAN to two mail servers. The administrator
has created one mailbox for each user where the received messages are stored.
 A mailbox is part of a server hard drive, a special file with permission restrictions. Only
the owner of the mailbox has access to it. The administrator has also created a queue
(spool) to store messages waiting to be sent.
 A simple e-mail from Alice to Bob takes nine different steps, as shown in the figure.
 Alice and Bob use three different agents: a user agent (UA), a message transfer
agent(MTA), and a message access agent (MAA).
 When Alice needs to send a message toBob, she runs a UA program to prepare the
message and send it to her mail server.
 The mail server at her site uses a queue (spool) to store messages waiting to be sent. The
message,however, needs to be sent through the Internet from Alice’s site to Bob’s site
using an MTA.
 Here two message transfer agents are needed: one client and one server. Like
most client-server programs on the Internet, the server needs to run all the time because it
does not know when a client will ask for a connection.
 The client, on the other hand, can be triggered by the system when there is a message in
the queue to be sent.
 The user agent at the Bob site allows Bob to read the received message. Bob later uses an
MAA client to retrieve the message from an MAA server running on the second server.
 There are two important points we need to emphasize here.
 First, Bob cannot bypass the mail server and use the MTA server directly. To use the
MTA serverdirectly, Bob would need to run the MTA server all the time because he does
not know when a message will arrive.
 This implies that Bob must keep his computer onall the time if he is connected to his
system through a LAN. If he is connected through a WAN, he must keep the connection
up all the time. Neither of these situations is feasible today.
 Second, note that Bob needs another pair of client-server programs: message
 access programs. This is because an MTA client-server program is a push program: the
 client pushes the message to the server.
 Bob needs a pull program. The client needs topull the message from the server.
 User Agent
 The first component of an electronic mail system is the user agent (UA). It provides
service to the user to make the process of sending and receiving a message easier. A
user agent is a software package (program) that composes, reads, replies to, and forwards
messages. It also handles local mailboxes on the user computers.
 There are two types of user agents: command-driven and GUI-based. Commanddriven
user agents belong to the early days of electronic mail. They are still present as
the underlying user agents. A command-driven user agent normally accepts a one
character
command from the keyboard to perform its task. For example, a user can type
the character r, at the command prompt, to reply to the sender of the message, or type
the character R to reply to the sender and all recipients. Some examples of command
driven
 user agents are mail, pine, and elm.
 Modern user agents are GUI-based. They contain graphical user interface (GUI)
components that allow the user to interact with the software by using both the keyboard
 and the mouse. They have graphical components such as icons, menu bars, and windows
that make the services easy to access. Some examples of GUI-based user agents
are Eudora and Outlook.
 Sending Mail
 To send mail, the user, through the UA, creates mail that looks very similar to postal
mail. It has an envelope and a message (see Figure 26.13).
 The envelope usually contains the sender address, the receiver address, and other
information. The messagecontains the header and the body. The header of the message
defines the sender, the receiver, the subject of the message, and some other information.
The body of the message contains the actual information to be read by the recipient.
 Receiving Mail

 The user agent is triggered by the user (or a timer). If a user has mail, the UA informs
the user with a notice. If the user is ready to read the mail, a list is displayed in which
each line contains a summary of the information about a particular message in the
mailbox.
 The summary usually includes the sender mail address, the subject, and the time
the mail was sent or received.
 The user can select any of the messages and display its contents on the screen.
 Addresses
 To deliver mail, a mail handling system must use an addressing system with
unique
addresses. In the Internet, the address consists of two parts: a local part and a
domain name, separated by an @ sign (see Figure 26.14).

 The local part defines the name of a special file, called the user mailbox, where all the
mail received for a user is stored for retrieval by the message access agent.
  The second part of the address is the domain name.
 An organization usually selects one ormore hosts to receive and send e-mail; they are
sometimes called mail servers or exchangers.
 The domain name assigned to each mail exchanger either comes from the DNS database
or is a logical name (for example, the name of the organization).

 Electronic mail allows one name, an alias, to represent several different e-mail
addresses; this is called a mailing list. Every time a message is to be sent, the system
checks the recipient’s name against the alias database; if there is a mailing list for the
defined alias, separate messages, one for each entry in the list, must be prepared and
handed to the MTA.

SMTP

The formal protocol that defines the MTA client and server in the Internet is calledSimple Mail
Transfer Protocol (SMTP). SMTP is used two times, between the sender and the sender’s mail
server and between the two mail servers.
SMTP simply defines how commands and responses must be sent back and forth.Commands
and ResponsesSMTP uses commands and responses to transfer messages between an MTA
client and an MTA server. The command is from an MTA client to an MTA server; the response
is from an MTA server to the MTA client. Each command or reply is terminated by a
twocharacter (carriage return and line feed) end-of-line token.
Mail Transfer Phases
The process of transferring a mail message occurs in three phases: connection establishment,
mail transfer, and connection termination.
Connection Establishment After a client has made a TCP connection to the wellknown
port 25, the SMTP server starts the connection phase. This phase involves the
following three steps:
1. The server sends code 220 (service ready) to tell the client that it is ready to receive
mail. If the server is not ready, it sends code 421 (service not available).
2. The client sends the HELO message to identify itself, using its domain name
address. This step is necessary to inform the server of the domain name of the client.
3. The server responds with code 250 (request command completed) or some other
code depending on the situation.
Message Transfer After connection has been established between the SMTP client
and server, a single message between a sender and one or more recipients can be
exchanged. This phase involves eight steps. Steps 3 and 4 are repeated if there is more
than one recipient.
1. The client sends the MAIL FROM message to introduce the sender of the message.
It includes the mail address of the sender (mailbox and the domain name). This
step is needed to give the server the return mail address for returning errors and
reporting messages.
2. The server responds with code 250 or some other appropriate code.
3. The client sends the RCPT TO (recipient) message, which includes the mail address
of the recipient.
4. The server responds with code 250 or some other appropriate code.
5. The client sends the DATA message to initialize the message transfer.
6. The server responds with code 354 (start mail input) or some other appropriate
message.
7. The client sends the contents of the message in consecutive lines. Each line is terminated
by a two-character end-of-line token (carriage return and line feed). The
message is terminated by a line containing just one period.
8. The server responds with code 250 (OK) or some other appropriate code.
501 Syntax error in parameters or arguments
502 Command not implemented
503 Bad sequence of commands
504 Command temporarily not implemented
550 Command is not executed; mailbox unavailable
551 User not local
552 Requested action aborted; exceeded storage location
553 Requested action not taken; mailbox name not allowed
554 Transaction failed
Connection Termination After the message is transferred successfully, the client terminates
the connection. This phase involves two steps.
1. The client sends the QUIT command.
2. The server responds with code 221 or some other appropriate code.

Post Office Protocol, version 3 (POP3) is simple but limited in functionality.

 The client POP3 software is installed on the recipient computer; the server POP3
software is installed on the mail server.
 Mail access starts with the client when the user needs to download its e-mail
from the
mailbox on the mail server.
 The client opens a connection to the server on TCP port 110.
 It then sends its user name and password to access the mailbox.
 The user can then list and retrieve the mail messages.
 POP3 has two modes: the delete mode and the keep mode. In the delete mode,
the
 mail is deleted from the mailbox after each retrieval.
  In the keep mode, the mail remains in the mailbox after retrieval. The delete
mode is normally used when the user is working at her permanent computer and
can save and organize the received mail after reading or replying.
 The keep mode is normally used when the user accesses her mail away from her
primary computer (for example, from a laptop).
 The mail is read but kept in the system for later retrieval and organizing.
IMAP4
Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4).
IMAP4 is similar to POP3, but it has more features; IMAP4 is more powerful and more
complex.
POP3 is deficient in several ways. It does not allow the user to organize her mail on
the server; the user cannot have different folders on the server. In addition, POP3 does
not allow the user to partially check the contents of the mail before downloading.
IMAP4 provides the following extra functions:
A user can check the e-mail header prior to downloading.
A user can search the contents of the e-mail for a specific string of characters prior
to downloading.
A user can partially download e-mail. This is especially useful if bandwidth is limited
and the e-mail contains multimedia with high bandwidth requirements.
A user can create, delete, or rename mailboxes on the mail server.
A user can create a hierarchy of mailboxes in a folder for e-mail storage.
TELNET
 One of the original remote logging protocols is TELNET, which is an abbreviation
for TErminaL NETwork.
 Although TELNET requires a logging name and password, it
is vulnerable to hacking because it sends all data including the password in plaintext
(not encrypted).
 A hacker can eavesdrop and obtain the logging name and password.
 Because of this security issue, the use of TELNET has diminished in favor of another
protocol, Secure Shell (SSH), which we describe in the next section.
 Although TELNET is almost replaced by SSH, we briefly discuss TELNET here for two
reasons:
 The simple plaintext architecture of TELNET allows us to explain the issues and
challenges related to the concept of remote logging, which is also used in SSH
when it serves as a remote logging protocol.
 Network administrators often use TELNET for diagnostic and debugging
purposes.

Local versus Remote Logging

 When a user logs into a local system, it is called local logging. As a user types at a
terminal or at a workstation running a terminal emulator, the keystrokes are accepted by
the terminal driver.
 The terminal driver passes the characters to the operating system.
 The operating system, in turn, interprets the combination of characters and invokes the
desired application program or utility.
 However, when a user wants to access an application program or utility located on
a remote machine, she performs remote logging.
  Here the TELNET client and server programs come into use. The user sends the
keystrokes to the terminal driver where the local operating system accepts the characters
but does not interpret them.
 The characters are sent to the TELNET client, which transforms the characters into a
universal character set called Network Virtual Terminal (NVT) characters (discussed
below) and delivers them to the local TCP/IP stack.
 The commands or text, in NVT form, travel through the Internet and arrive at the
TCP/IP stack at the remote machine.
 Here the characters are delivered to the operating system and passed to the TELNET
server, which changes the characters to the corresponding characters understandable by
the remote computer.

 However, the characters cannot be passed directly to the operating system because the
remote operating system is not designed to receive characters from a TELNET server; it
is designed to receive characters from a terminal driver.
 The solution is to add a piece of software called a pseudoterminal driver, which pretends
that the characters are coming from a terminal.
 The operating system then passes the characters to the appropriate application program.

DNS
The Domain Name System (DNS) is a system that translates domain names into IP addresses,
which are used by browsers to load web pages.
Figure 26.28 shows how TCP/IP uses a DNS client and a DNS server to map a
name to an address. A user wants to use a file transfer client to access the corresponding
file transfer server running on a remote host. The user knows only the file transfer
server name, such as afilesource.com. However, the TCP/IP suite needs the IP address
of the file transfer server to make the connection. The following six steps map the host
name to an IP address:
1. The user passes the host name to the file transfer client.
2. The file transfer client passes the host name to the DNS client.
3. Each computer, after being booted, knows the address of one DNS server. The
DNS client sends a message to a DNS server with a query that gives the file transfer
server name using the known IP address of the DNS server.
4. The DNS server responds with the IP address of the desired file transfer server.
5. The DNS server passes the IP address to the file transfer client.
6. The file transfer client now uses the received IP address to access the file transfer
server.