CSE 3711 Lecture-No. 3 (Summer 2023)

CSE 3711
-Computer Networks “Application Layer”-

Prof. Dr. A.K.M. Muzahidul Islam
Computer Science & Engineering (CSE)
United International University (UIU)
Summer 2023
Outline
2.1 principles of network applications
2.2 Web and HTTP
2.3 electronic mail

SMTP, POP3, IMAP
2.4 DNS
Spring 2006
Chapter 2: application layer
• We study the conceptual and implementation

aspects of network applications.
• We define key application-layer concepts, including
network services required by applications, clients
and servers, processes, and transport-layer
interfaces.
• We examine several network applications in detail:
– Web
– E-mail, and
– DNS.
Application Layer 2-3
2.1 Principals of Network Applications
• Suppose you have an idea for a new Network Application.
How do you transform the idea into a real-world network
application?
– Answer: Writing programs that run on different end systems and
communicate with each other over the network.
Example A: In the Web application there are two distinct programs
that communicate with each other:
1. The browser program running in the user’s host (desktop,
laptop, tablet, smartphone, and so on); and
2. The Web server program running in the Web server host.
Example B: In a Video on Demand application such as Netflix,
3. There is a Netflix-provided program running on the user’s
smartphone, tablet, or computer; and
4. Netflix server program running on the Netflix server host. Servers
often (but certainly not always) are housed in a data center. 2-4
2.1 Principals of Network Applications
Thus, when developing a new application,
• Write software that will run on multiple end systems.
– The Languages of the software,
• C, Java, or Python.
– Importantly, you do not need to write software that runs on
network-core devices e.g. routers or link-layer switches.
– Even if you wanted to write application software for these
network-core devices, you wouldn’t be able to do so.
– Note that Network-core devices do not function at the
application layer
• But instead function at lower layers— specifically at the network
layer and below.
2-5
Some Network Apps
• e-mail • voice over IP (e.g.,
• web Skype)
• text messaging • real-time video
• remote login conferencing
• P2P file sharing • social networking
• multi-user network
games
• search
• streaming stored video • …
(YouTube, Hulu, • …
Netflix)
Creating a network app
application
transport
network
Write programs that: data link

physical
• run on (different) end systems

• communicate over network
• e.g., web server software
communicates with browser
software
No need to write software application

transport
for network-core devices network
data link application
physical transport
• network-core devices do not run network
data link
user applications physical
• applications on end systems

allows for rapid app
development, propagation
Fig. Communication for a network application takes
2-7
place between end systems at the application layer
Application architectures
• Application’s architecture is distinctly different from the
network architecture (e.g., 5-layer Architecture).
• The Network Architecture is fixed and provides a specific set of
services to applications.
• The Application architecture, is designed by the application
developer and dictates how the application is structured over
the various end systems.
• There are two predominant architectural paradigms used in
modern network applications:
– Client-server
– Peer-to-peer (P2P)
2-8
Client-server architecture
In a client-server architecture, there is
an always-on host, called the server,
which services requests from many
other hosts, called clients.
Server:
• always-on host
• permanent IP address
• data centers for scaling
• E.g., Web Server
client/server
Clients:
• Do not communicate directly with each other
– e.g. browsers don’t talk to each other.
• communicate with server
• may be intermittently/irregularly connected
• may have dynamic IP addresses 2-9
• In a client-server application, a single-server host is incapable of
keeping up with all the requests from clients.
– A popular social-networking site can quickly become overwhelmed
if it has only one server handling all of its requests.
– A data center, housing a large number of hosts, is often used to
create a powerful virtual server.
– For example,
• Search engines (e.g., Google, Bing, Baidu),
• Internet commerce (e.g., Amazon, eBay, Alibaba),
• Web-based e-mail (e.g., Gmail and Yahoo Mail),
• Social media (e.g., Facebook, Instagram, Twitter, and WeChat), etc.
• Run in one or more data centers.
– Google has 19 data centers distributed around the world,
• To collectively handle search, YouTube, Gmail, and other services.
– A data center can have hundreds of thousands of servers, which
must be powered and maintained.
P2P architecture
• In a P2P architecture, there is minimal (or no) reliance
on dedicated servers in data centers. peer-peer
• Instead the application exploits direct communication
between pairs of intermittently connected hosts, called
peers.
• No always-on server
• Arbitrary end systems directly communicate
• Peers request service from other peers, provide service
in return to other peers
– Self scalability – new peers bring new
service capacity, as well as new service
demands
• For example, in a P2P file-sharing application,
although each peer generates workload by
requesting files, each peer also adds service
capacity to the system by distributing files to
other peers.
• Peers are intermittently connected and change IP
addresses 2-11
Processes communicating
• It is not actually programs clients, servers
but processes that A network application consists of pairs
of processes that send messages to
communicate each other over a network.
• A process: client process: process that initiates
communication
– is a program running within server process: process that waits to be
an end system or host contacted
• Within same host, two processes  With the Web, a browser is a

communicate using inter-process client process and a Web server
communication (defined by OS) is a server process.
• Processes in different hosts  With P2P file sharing, the peer
communicate by exchanging that is downloading the file is
messages labeled as the client, and the
peer that is uploading the file is
labeled as the server. 2-12
Sockets
• Message sent from one process to another must go through the underlying network.
• A process sends messages into, and receives messages from, the network through a
software interface called a socket.
• A process is analogous to a house and its socket is analogous to its door.
– When a process wants to send a message to another process on another host, it
pushes the message out its door (socket).
– Once the message arrives at the destination host, the message passes through
the receiving process’s door (socket), and the receiving process then acts on the
message.
• Socket is the interface between application and transport layers within a host and
• Socket is referred to as Application Programming Interface (API) between application
and network. controlled by
application application app developer
socket
process process
transport transport controlled

network
by OS
network
link Internet link
physical physical
2-13
Addressing processes
• For a process running on one host • identifier includes both IP
to send packets to a process address and port numbers
running on another host, the associated with process on
receiving process needs to have an
address.
host.
• To identify the receiving process, • example port numbers:
two pieces of information need to – HTTP server: 80
be specified: – mail server: 25
– (1) Address of the host i.e. IP address •
to send HTTP message to
– (2) Identifier that specifies the
receiving process i.e. the receiving
gaia.cs.umass.edu web
socket in the destination host. server:
• A destination port number serves this – IP address: 128.119.245.12
purpose
– port number: 80
• Q: does IP address of host on which
process runs suffice for identifying • more shortly…
 A: no, many processes can be
the process? 2-14
running on same host
App-layer protocol defines
• The application at the sending side open protocols:
pushes messages through the
socket
• defined in RFCs
• types of messages exchanged, • allows for interoperability
– e.g., request, response • e.g., HTTP, SMTP
• message syntax: proprietary protocols:
– what fields in messages & • e.g., Skype
how fields are described
• message semantics
– meaning of information in
fields
• rules for when and how processes
send & respond to messages

What transport service does an app need?
• The services that a transport-layer protocol can offer to applications can be
classified:
– reliable data transfer, throughput, timing, and security.
Data integrity
 some apps (e.g., file transfer, web transactions) require 100% reliable data transfer
 other apps (e.g., audio) can tolerate some loss
Timing
• some apps (e.g., Internet telephony, interactive games) require low delay to be
“effective”
Throughput
 some apps (e.g., multimedia) require minimum amount of throughput to be
“effective”
 other apps (“elastic apps”) make use of whatever throughput they get
Security
 encryption, data integrity, …
2-16
Transport service requirements: common apps
application data loss throughput time sensitive
file transfer no loss elastic no

e-mail no loss elastic no
Web documents no loss elastic no
real-time audio/video loss-tolerant audio: 5kbps-1Mbps yes, 100’s msec
video:10kbps-5Mbps
stored audio/video loss-tolerant same as above yes, few secs
interactive games loss-tolerant few kbps up yes, 100’s msec
text messaging no loss elastic yes and no

Internet transport protocols services
• The Internet (TCP/ IP networks) makes two transport protocols
available to applications : UDP and TCP.
• When create a new network application for the Internet, one of the first
decisions you have to make is whether to use UDP or TCP.
TCP service: UDP service:
• reliable transport between  unreliable data transfer
sending and receiving process between sending and receiving
• flow control: sender won’t process
overwhelm receiver  does not provide: reliability,
• congestion control: control sender flow control, congestion
when network overloaded control, timing, throughput
• does not provide: timing, guarantee, security, or
minimum throughput guarantee, connection setup,
security
• connection-oriented: setup Q: why bother? Why is there a
required between client and UDP?
server processes 2-18
Internet apps: application, transport protocols
application underlying
application layer protocol transport protocol
e-mail SMTP [RFC 2821] TCP

remote terminal access Telnet [RFC 854] TCP
Web HTTP [RFC 2616] TCP
file transfer FTP [RFC 959] TCP
streaming multimedia HTTP (e.g., YouTube), TCP or UDP
RTP [RFC 1889]
Internet telephony SIP, RTP, proprietary
(e.g., Skype) TCP or UDP

Securing TCP
Neither TCP nor UDP provides any TLS
encryption—the data that the sending • The Internet community has developed
process passes into its socket is the an enhancement for TCP, called Transport
same data that travels over the Layer Security (TLS) [RFC 5246].
network to the destination process. • TCP-enhanced-with-TLS not only does
everything that traditional TCP does but
also provides critical process-to-process
TCP & UDP
security services, including encryption,
 no encryption
data integrity, and end-point
 cleartext passwords sent into socket
authentication.
traverse Internet in cleartext
SSL
SSL is at app layer
 provides encrypted TCP connection • apps use SSL libraries, that “talk” to TCP
 data integrity SSL socket API
 end-point authentication  cleartext passwords sent into socket traverse
2-20
Internet encrypted
Chapter 2: outline
2.1 principles of 2.5 P2P applications
network 2.6 video streaming
applications and content
2.2 Web and HTTP distribution
2.3 electronic mail networks
• SMTP, POP3, 2.7 socket
IMAP programming with
2.4 DNS UDP and TCP

Web and HTTP
First, a review…
• web page consists of objects
• object can be HTML file, JPEG image, Java
applet, audio file,…
• web page consists of base HTML-file which
includes several referenced objects
• each object is addressable by a URL, e.g.,
www.someschool.edu/someDept/pic.gif
host name path name

HTTP overview
HTTP: hypertext
transfer protocol HT
TP
• Web’s application layer req
ues
PC running
protocol Firefox browser
HT
TPr
t
• client/server model esp
ons
e
– client: browser that
requests, receives, u es
t
eq
(using HTTP T P r
nse
server
HT po running
protocol) and P res
Apache Web
“displays” Web HT
T
server
objects
– server: Web server iPhone running
sends (using HTTP Safari browser
protocol) objects in
response to Application Layer 2-24
requests
HTTP overview (continued)
uses TCP: HTTP is
 client initiates TCP “stateless”
connection (creates socket) to • server maintains no
information about
server, port 80 past client requests
 server accepts TCP aside
connection from client protocols that maintain
 HTTP messages (application- “state” are complex!
layer protocol messages)  past history (state) must be
maintained
exchanged between browser  if server/client crashes, their
(HTTP client) and Web server views of “state” may be
(HTTP server) inconsistent, must be
reconciled
 TCP connection closed
HTTP connections
non-persistent HTTP persistent HTTP
• at most one object sent over TCPobjects
• multiple connection
– connection then closed can be sent over
singlerequired
• downloading multiple objects TCP
multiple connections connection
between client,
server

Non-persistent HTTP
suppose user enters URL: (contains text,
www.someSchool.edu/someDepartment/home.index references to 10
jpeg images)
1a. HTTP client initiates TCP

connection to HTTP server 1b. HTTP server at host
(process) at www.someSchool.edu waiting
www.someSchool.edu on port for TCP connection at port 80.
80 “accepts” connection, notifying
2. HTTP client sends HTTP client
request message (containing
URL) into TCP connection 3. HTTP server receives request
socket. Message indicates that message, forms response
client wants object message containing requested
someDepartment/home.index object, and sends message into
its socket
time
Non-persistent HTTP (cont.)
4. HTTP server closes TCP
connection.
5. HTTP client receives response
message containing html file,
displays html. Parsing html file,
finds 10 referenced jpeg objects
time
6. Steps 1-5 repeated for each of 10
jpeg objects

Non-persistent HTTP: response time
RTT (Round Trip Time): Time requires

for a small packet to travel from
client to server and back
HTTP response time: initiate TCP
• one RTT to initiate TCP connection connection
• one RTT for HTTP request and first RTT

few bytes of HTTP response to request
file
return time to
RTT
• file transmission time transmit
file
• non-persistent HTTP response file
time = received
2RTT+ file transmission

time
time time

Persistent HTTP
non-persistent HTTP persistent HTTP:

issues:  server leaves connection
 requires 2 RTTs per object open after sending response
 OS overhead for each TCP  subsequent HTTP messages
connection between same client/server
sent over open connection
 browsers often open parallel
TCP connections to fetch  client sends requests as
referenced objects soon as it encounters a
referenced object
 as little as one RTT for all
the referenced objects

Examples
Questions : Assume that you have base HTML file with 30 embedded images, images & base file are small enough to fit in one TCP
segment. How many RTT are required to retrieve base file & images under-following condition :
(i) Non-Persistent connection without parallel connection
(ii) Non-persistent connection with 10 parallel connection
(iii) Persistent connection without pipe-lining
(iv) Persistent connection with pipe-lining
(Assume RTT dominates all other time)
Explanation :
2RTT is the initial required connection one for TCP connection and one for HTML base file.
Total time = 2RTT + transmit time
(i) Non-Persistent connection with no parallel connection :
Here for each image 2 RTT are required one for TCP connection and one for image to send.
So transmit time for 30 images = 2*(30 RTT) = 60 RTT
Total time = 2 RTT+60 RTT = 62RTT
(ii) Non-persistent connection with 10 parallel connection :
Here 10 images can be send simultaneously.
So for 30 images it required -> 2*(30/10) = 6RTT
Total time = 2 RTT + 6 RTT = 8RTT
(iii) Persistent connection without pipelining :
Here TCP connection is required again and again.
So for 30 images it requires -> 30 RTTs
(iv) Persistent connection with pipe-lining :
Since it is Persistent connection TCP connection is not required again and again.
Pipe-lining means in one packet only images which can fit, can be send.
In Pipe-lining connection we can send all images in 1RTT.
• https://www.geeksforgeeks.org/http-non-persistent-persistent-connection-set-2/
Comparison
Persistent Non-Persistent
• 1 RTT for TCP • 1 RTT for TCP
Connection Connection
• 1 RTT for the Base File • 1 RTT for the Base File
• 1 RTT for all objects • For each Object do
– 1 RTT for TCP
Connection
– 1 RTT for the Object
HTTP request message
• two types of HTTP messages: request, response
• HTTP request message:
– ASCII (human-readable format)
carriage return character
line-feed character
request line
(GET, POST, GET /index.html HTTP/1.1\r\n
HEAD commands) Host: www-net.cs.umass.edu\r\n
User-Agent: Firefox/3.6.10\r\n
Accept: text/html,application/xhtml+xml\r\n
headerAccept-Language: en-us,en;q=0.5\r\n
linesAccept-Encoding: gzip,deflate\r\n
carriage return, Accept-Charset: ISO-8859-1,utf-8;q=0.7\r\n
line feed at start Keep-Alive: 115\r\n
Connection: keep-alive\r\n
of line indicates \r\n
end of header lines
* Check out the online interactive exercises for more

Application Layer
examples: http://gaia.cs.umass.edu/kurose_ross/interactive/ 2-34
HTTP response message

User-server state: cookies
It is desirable for a Web site to identify users:
• either because the server wishes to restrict user access or
• because it wants to serve content as a function of the user identity.
many Web sites use cookies
example:
four components:
 Susan always access Internet
1) cookieheader line from PC
of HTTP response  visits specific e-commerce
message site for first time
2) cookie header line  when initial HTTP requests
in next HTTP arrives at site, site creates:
request message
• unique ID
3) cookie file kept on
user’s host, • entry in backend
managed by user’s database for ID
browser Application Layer 2-36
Cookies: keeping “state” (cont.)
client server
ebay 8734
usual http request msg Amazon server
cookie file creates ID
usual http response
1678 for user create backend
ebay 8734
set-cookie: 1678 entry database
amazon 1678
usual http request msg
cookie: 1678 cookie- access
specific
usual http response msg action
one week later:

access
ebay 8734 usual http request msg
amazon 1678 cookie: 1678 cookie-
specific
usual http response msg action
Cookies (continued)
aside
what cookies can be cookies and privacy:
used for:  cookies permit sites to
• authorization learn a lot about you
• shopping carts  you may supply name and
• recommendations e-mail to sites
• user session state (Web e-
mail)
how to keep “state”:

 protocol endpoints: maintain state at
sender/receiver over multiple transactions
 cookies: http messages carry state

Web caches (proxy server)
goal: satisfy client request without involving origin server
• user sets browser: Web accesses
via cache
• browser sends all HTTP requests
proxy
to cache HT
TP est
req server u
ues req
– object in cache: cache HT
client TP t H TTP
po nse
res res origin
returns object pon
se HT
T P server
t
– else cache requests ues
req e
T P ns
object from origin HT
res
po
server, store copy and T TP

H
then returns object to
client
client origin
server

More about Web caching
• cache acts as both why Web caching?
client and server • reduce response time for
– server for original client request
requesting client • reduce traffic on an
– client to origin server
institution’s access link
• typically cache is • Internet dense with
installed by ISP caches: enables “poor”
(university, content providers to
company, effectively deliver content
(so too does P2P file
residential ISP) sharing)
Chapter 2: outline
2.4 DNS UDP and TCP

Electronic mail outgoing
message queue
user mailbox
Three major components: user
agent
• user agents
mail
• mail servers user
server agent
• simple mail transfer protocol:
SMTP SMTP mail user
server agent
User Agent SMTP
• a.k.a. “mail reader” user
SMTP agent
• composing, editing, reading mail
mail messages server
user
• e.g., Outlook, Thunderbird, agent
iPhone mail client user
• outgoing, incoming messages agent
stored on server
Electronic mail: mail servers
mail servers: user
agent
• mailbox contains incoming
mail user
messages for user server agent
• message queue of outgoing
SMTP
(to be sent) mail messages mail user
server agent
• SMTP protocol between mail
SMTP
servers to send email
messages SMTP user
agent
mail
– client: sending mail server
server user
agent
– “server”: receiving user
mail server agent

Electronic Mail: SMTP [RFC 2821]
• uses TCP to reliably transfer email message from
client to server, port 25
• direct transfer: sending server to receiving server
• three phases of transfer
– handshaking (greeting)
– transfer of messages
– closure
• command/response interaction (like HTTP)
– commands: ASCII text
– response: status code and phrase
• messages must be in 7-bit ASCI
Scenario: Alice sends message to Bob
1) Alice uses UA to compose 4) SMTP client sends Alice’s
message “to” message over the TCP
[email protected] connection
2) Alice’s UA sends message to 5) Bob’s mail server places the
her mail server; message message in Bob’s mailbox
placed in message queue 6) Bob invokes his user agent to
3) client side of SMTP opens read message
TCP connection with Bob’s
mail server
1 user mail user

mail agent
agent server server
2 3 6
4
5
Alice’s mail server Bob’s mail server
Mail message format
SMTP: protocol for exchanging

email messages header
blank
RFC 822: standard for text line
message format:
• header lines, e.g.,
– To: body
– From:
– Subject:
different from SMTP MAIL
FROM, RCPT TO:
commands!
• Body: the “message”
– ASCII characters only
Mail access protocols
user
mail user
SMTP SMTP access
agent agent
protocol
(e.g., POP,
IMAP)
sender’s mail receiver’s mail

server server
• SMTP: delivery/storage to receiver’s server

• mail access protocol: retrieval from server
– POP: Post Office Protocol [RFC 1939]: authorization, download
– IMAP: Internet Mail Access Protocol [RFC 1730]: more
features, including manipulation of stored messages on server
– HTTP: gmail, Hotmail, Yahoo! Mail, etc.

Chapter 2: outline
2.4 DNS UDP and TCP

DNS: domain name system
people: many identifiers: Domain Name System:
– SSN, name, passport # • distributed database
Internet hosts, routers: implemented in hierarchy of
– IP address (32 bit) - many name servers
used for addressing • application-layer protocol:
datagrams hosts, name servers
– “name”, e.g., communicate to resolve names
www.yahoo.com - (address/name translation)
– note: core Internet function,
used by humans implemented as application-
Q: how to map between IP layer protocol
address and name, and vice – complexity at network’s
versa ? “edge”
DNS: services, structure
DNS services why not centralize DNS?
• hostname to IP address • single point of failure
translation • traffic volume
• host aliasing • distant centralized database
– canonical, alias names • maintenance
• mail server aliasing A: doesn‘t scale!
• load distribution
– replicated Web
servers: many IP
addresses
correspond to one
name
DNS
The DNS Domain Hierarchy
• DNS consists of a hierarchy of generic top-

level domains and numerous country-level
domains.
• The second-level domains are represented
by a domain name that is followed by a
top-level domain.
• Subdomains are found at the next level of
the DNS hierarchy and represent some
division of the second-level domain.
• Fourth level domain can represent a host in
a subdomain.
DNS Hierarchy
• Top-level domains represent either the
type of organization or country of origin.
Examples: (.org) - a non-profit organization,
(.au) – Australia.
DNS
The DNS Lookup Process
• To resolve a name to an IP address, the

resolver, will first check its local DNS cache.
If the mapping is not found, a query will be
issued to the DNS server .
• If the mapping is not found there, the DNS
server will query other higher-level DNS
servers that are authoritative for the top-
level domain in order to find the mapping.
These are known as recursive queries.
• The caching DNS servers can resolve
recursive queries without forwarding the
queries to higher level servers.
• If a server requires data for a zone, it will request a transfer of that data from an
authoritative server for that zone. The process of transferring DNS data between
servers is known as zone transfer.
DNS: a distributed, hierarchical database
Root DNS Servers
… …
com DNS servers org DNS servers edu DNS servers
pbs.org poly.edu umass.edu

yahoo.com amazon.com
DNS servers DNS serversDNS servers
DNS servers DNS servers
client wants IP for www.amazon.com; 1st approximation:

• client queries root server to find com DNS server
• client queries .com DNS server to get amazon.com DNS server
• client queries amazon.com DNS server to get IP address for
www.amazon.com

DNS: root name servers
• contacted by local name server that can not resolve name
• root name server:
– contacts authoritative name server if name mapping not known
– gets mapping
– returns mapping to local name server
c. Cogent, Herndon, VA (5 other sites)
d. U Maryland College Park, MD k. RIPE London (17 other sites)
h. ARL Aberdeen, MD
j. Verisign, Dulles VA (69 other sites ) i. Netnod, Stockholm (37 other sites)
e. NASA Mt View, CA m. WIDE Tokyo

f. Internet Software C. (5 other sites)
Palo Alto, CA (and 48 other
sites)
a. Verisign, Los Angeles CA

13 logical root name
(5 other sites)
b. USC-ISI Marina del Rey, CA
“servers” worldwide
l. ICANN Los Angeles, CA •each “server” replicated
(41 other sites)
g. US DoD Columbus,
many times
OH (5 other sites)

TLD, authoritative servers
top-level domain (TLD) servers:
– responsible for com, org, net, edu, aero, jobs,
museums, and all top-level country domains, e.g.: uk,
fr, ca, jp
– Network Solutions maintains servers for .com TLD
– Educause for .edu TLD
authoritative DNS servers:
– organization’s own DNS server(s), providing
authoritative hostname to IP mappings for
organization’s named hosts
– can be maintained by organization or service provider
Local DNS name server
• does not strictly belong to hierarchy
• each ISP (residential ISP, company, university)
has one
– also called “default name server”
• when host makes DNS query, query is sent to
its local DNS server
– has local cache of recent name-to-address
translation pairs (but may be out of date!)
– acts as proxy, forwards query into hierarchy
DNS name root DNS server
resolution example
2
• host at cis.poly.edu 3
TLD DNS server
wants IP address for 4
gaia.cs.umass.edu 5
local DNS server

iterated query: dns.poly.edu
 contacted server replies 7 6
with name of server to 1 8
contact
 “I don’t know this authoritative DNS server
dns.cs.umass.edu
name, but ask this requesting host
server” cis.poly.edu
gaia.cs.umass.edu

DNS name root DNS server
resolution example
2 3
recursive query: 7
6
 puts burden of name TLD DNS
resolution on server
contacted name local DNS server
server dns.poly.edu 5 4
 heavy load at upper 1 8
levels of hierarchy?
authoritative DNS server
dns.cs.umass.edu
requesting host
cis.poly.edu
gaia.cs.umass.edu

DNS: caching, updating records
• once (any) name server learns mapping, it caches
mapping
– cache entries timeout (disappear) after some time (TTL)
– TLD servers typically cached in local name servers
• thus root name servers not often visited
• cached entries may be out-of-date (best effort name-
to-address translation!)
– if name host changes IP address, may not be known
Internet-wide until all TTLs expire
• update/notify mechanisms proposed IETF standard
– RFC 2136
DNS records
DNS: distributed database storing resource records (RR)
RR format: (name, value, type, ttl)
type=A type=CNAME
 name is hostname  name is alias name for some
 value is IP address “canonical” (the real) name
 www.ibm.com is really
type=NS servereast.backup2.ibm.com
– name is domain (e.g.,  value is canonical name
foo.com)
– value is hostname of
authoritative name server type=MX
for this domain  value is name of mailserver
associated with name

DNS
DNS Message Format (Contd.)
•Sections of DNS message format :
DNS message section Description
Question The question for the server. It contains the domain name to be resolved, the class of
domain, and the query type.
The DNS resource record, or RR, for the query including the resolved IP address
Answer
depending on the RR type.
Authority Contains the RRs for the domain authority.
Relevant to query responses only. Consists of RRs that hold additional information
Additional
that will make query resolution more efficient
DNS protocol, messages
• query and reply messages, both with same message format
2 bytes 2 bytes
message header identification flags

 identification: 16 bit # for query, # questions # answer RRs
reply to query uses same #
 flags: # authority RRs # additional RRs
 query or reply
 recursion desired questions (variable # of questions)
 recursion available
 reply is authoritative
answers (variable # of RRs)
authority (variable # of RRs)
additional info (variable # of RRs)

DNS protocol, messages
2 bytes 2 bytes
identification flags
# questions # answer RRs
# authority RRs # additional RRs
name, type fields

questions (variable # of questions)
for a query
RRs in response answers (variable # of RRs)
to query
records for authority (variable # of RRs)
authoritative servers
additional “helpful” additional info (variable # of RRs)
info that may be used
Inserting records into DNS
• example: new startup “Network Utopia”
• register name networkuptopia.com at DNS registrar
(e.g., Network Solutions)
– provide names, IP addresses of authoritative name server
(primary and secondary)
– registrar inserts two RRs into .com TLD server:
(networkutopia.com, dns1.networkutopia.com, NS)
(dns1.networkutopia.com, 212.212.212.1, A)
• create authoritative server type A record for

www.networkuptopia.com; type MX record for
networkutopia.com
Attacking DNS
DDoS attacks redirect attacks
• bombard root servers  man-in-middle
with traffic • Intercept queries
– not successful to date  DNS poisoning
– traffic filtering  Send bogus relies to DNS
– local DNS servers cache server, which caches
IPs of TLD servers, exploit DNS for DDoS
allowing root server
 send queries with
bypass
spoofed source address:
• bombard TLD servers
target IP
– potentially more
 requires amplification
dangerous
Thank You
Caching example:
assumptions:
 avg object size: 100K bits
 avg request rate from browsers to origin origin
servers:15/sec servers
 avg data rate to browsers: 1.50 Mbps public
 RTT from institutional router to any Internet
origin server: 2 sec
 access link rate: 1.54 Mbps
consequences: 1.54 Mbps
 LAN utilization: 15%
 access link utilization = 99% access link
 total delay = Internet delay + access institutional
problem!
delay + LAN delay network
= 2 sec + minutes + usecs 10 Mbps LAN

Caching example: fatter access link
assumptions:
 avg request rate from browsers to origin origin
servers:15/sec servers
 avg data rate to browsers: 1.50 Mbps public
 RTT from institutional router to any Internet
 LAN utilization: 15% 154 154 Mbps
 access link utilization = 99% access link
Mbps
 total delay = Internet delay + access institutional
delay + LAN delay network
= 2 sec + minutes + usecs 9.9% 10 Mbps LAN
msecs
Cost: increased access linkApplication

speed (not cheap!)
Layer 2-69
Caching example: install local cache
assumptions:
 avg request rate from browsers to origin
origin servers:15/sec servers
public
 avg data rate to browsers: 1.50 Mbps
Internet
 RTT from institutional router to any
 LAN utilization: 15% access link
 access link utilization = 100% institutional
 total delay = Internet delay + access
network
delay + LAN delay ? 10 Mbps LAN
= 2 sec + minutes
? + usecs
local web
How to compute link cache
utilization, delay?
Cost: web cache (cheap!)
Caching example: install local cache
Calculating access link
utilization, delay with cache: origin
• suppose cache hit rate is 0.4
servers
– 40% requests satisfied at cache, 60% public
requests satisfied at origin Internet
 access link utilization:

 60% of requests use access link
 data rate to browsers over access link 1.54 Mbps
= 0.6*1.50 Mbps = .9 Mbps access link
 utilization = 0.9/1.54 = .58
institutional
network
10 Mbps LAN
 total delay
 = 0.6 * (delay from origin servers) +0.4 local web
* (delay when satisfied at cache)
 = 0.6 (2.01) + 0.4 (~msecs) = ~ 1.2 secs cache
 less than with 154 Mbps link (and
cheaper too!)
Conditional GET
client server
• Goal: don’t send object if
cache has up-to-date
HTTP request msg
cached version If-modified-since: <date> object
– no object transmission delay not
– lower link utilization modified
HTTP response
before
• cache: specify date of HTTP/1.0
304 Not Modified <date>
cached copy in HTTP
request
If-modified-since:
<date> HTTP request msg
• server: response contains If-modified-since: <date> object
modified
no object if cached copy is after
HTTP response
up-to-date: HTTP/1.0 200 OK <date>
HTTP/1.0 304 Not <data>
Modified Application Layer 2-72

CSE 3711 Lecture-No. 3 (Summer 2023)

Uploaded by

Copyright:

Available Formats

CSE 3711 Lecture-No. 3 (Summer 2023)

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CSE 3711 Lecture-No. 3 (Summer 2023)

Uploaded by

Copyright:

Available Formats

CSE 3711

-Computer Networks “Application Layer”-

2.1 principles of network applications

2.2 Web and HTTP

2.3 electronic mail

• We study the conceptual and implementation

Write programs that: data link

• run on (different) end systems

No need to write software application

• applications on end systems

• Within same host, two processes  With the Web, a browser is a

transport transport controlled

Application Layer 2-15

application data loss throughput time sensitive

file transfer no loss elastic no

Application Layer 2-17

e-mail SMTP [RFC 2821] TCP

Application Layer 2-19

Application Layer 2-22

Application Layer 2-23

Application Layer 2-26

1a. HTTP client initiates TCP

Application Layer 2-28

RTT (Round Trip Time): Time requires

• one RTT for HTTP request and first RTT

2RTT+ file transmission

Application Layer 2-29

non-persistent HTTP persistent HTTP:

Application Layer 2-31

* Check out the online interactive exercises for more

Application Layer 2-35

one week later:

how to keep “state”:

Application Layer 2-38

server, store copy and T TP

Application Layer 2-39

Application Layer 2-42

Application Layer 2-44

1 user mail user

SMTP: protocol for exchanging

sender’s mail receiver’s mail

• SMTP: delivery/storage to receiver’s server

Application Layer 2-48

Application Layer 2-49

• DNS consists of a hierarchy of generic top-

• To resolve a name to an IP address, the

com DNS servers org DNS servers edu DNS servers

pbs.org poly.edu umass.edu

client wants IP for www.amazon.com; 1st approximation:

Application Layer 2-54

e. NASA Mt View, CA m. WIDE Tokyo

a. Verisign, Los Angeles CA

Application Layer 2-55

local DNS server

Application Layer 2-58

Application Layer 2-59

Application Layer 2-61

•Sections of DNS message format :

DNS message section Description

message header identification flags