Department of Computer Science Institute for System Architecture, Chair for Computer Networks

Internet Services & Protocols Application Layer and its Services

Dr.-Ing. Stephan Gro Room: INF 3099 E-Mail: stephan.gross@tu-dresden.de

Internet Protocol Stack

Application layer: supports network applications
HTTP, FTP, DNS

Application layer Transport layer Network layer Link layer Physical layer

Transport layer: transporting messages between client and server

TCP, UDP

Network layer: routing and delivering of datagrams

IP, routing protocols

Link layer: data transfer between neighbouring network nodes

Ethernet, PPP

Physical layer: Bits on the wire

Application Layer
The goal today: Conception and implementation of application protocols
Transport layer service model Client-server paradigm

Learn about application protocols by studying popular application-level protocols like:

HTTP FTP TELNET DNS

Application Layer: Application & Protocols

Application user space process on end systems Communicating processes : Through inter process communication (IPC) if they are on the same computer Through application protocol if they are on different nodes Application protocols Part of the application Define the exchange of messages between applications Services needed by the application are provided by lower layer protocols

An Application Protocol Defines

... all the rules, managing communication between nodes: Message types, like request & response messages Syntax (data formats and their encoding into the message frame) Semantic of messages and their fields e.g. their information Protocol timing: when and how processes send and answer to messages Public-domain Protocols: Defined in RFCs Through them interoperability possible Example: HTTP, SMTP Proprietary protocols: Example: KaZaA

Client-Server Paradigm
A typical network application consists of two parts: Client Starts contact to Server demands services Examples: Email Reader, Web Browser Server Provides services to the client Example: Mail Server delivers emails to the client , a Web Server sends requested web pages

application transport network data link physical

request

reply
application transport network data link physical

Communicating Processes

Process sends and receives protocol messages from its socket Socket layer is an interface between application layer and transport layer (ISO/OSI) Is also called API (Application Programming Interface): Transport protocol can be chosen Parameter of transport protocol can be set like buffer size

Controlled by application engineer

Process socket TCP with buffers, variables

Process socket TCP with buffers, variables

Controlled by OS

Internet

Client

Server
7

Process Addressing
Address consists of two parts: Name or IP-address of the destination (unique identifier) Process identifier to specify the destination process Allocation of Ports
Examples: HTTP server: Mail server: 80 25

Example:
http://www.tu-dresden.de resolves to 141.30.61.152:80

You can use Telnet to use almost every Internet protocol

World Wide Web

Web page consists of Objects like: HTML file, JPEG image, Java applet, audio file, Web page contains a basic HTML-file, which references other objects Every object is addressed by an URI (Uniform Resource Identifier) : Example URL (Uniform Resource Locator): URL: http://www.whatis.com/bluelaser.htm
File Address Service (ftp, etc)

URI URL URN

= string identifying a resource = URI + description of primary access mechanism = Uniform Resource Name, URI identifying a resource by name in a particular namespace (e.g. ISBN ID)

A Short HTTP Overview (I)

HTTP: hypertext transfer protocol Application protocol of the Web Client/Server Model client: Browser, which requests, receives and displays Web objects server: Web server, which sends requested objects HTTP 1.0: RFC 1945, 1996 HTTP 1.1: RFC 2068
Client: PC with Explorer

req ue htt st pr esp ons e

htt p

t es u eq e Web-Server r p ns t o t p h es r p htt

Client: Mac with Navigator

10

A Short HTTP Overview (II)

uses TCP (Port 80) Two message types: request and response (sent in ASCII format) Performed operations: Options, Get, Head, Post, Put, Delete, etc.
request line (GET, POST, HEAD)

GET /somedir/page.html HTTP/1.0 Host: somehost.com User-agent: Mozilla/4.0 header Accept: text/html, image/gif,image/jpeg lines Accept-language:de (extra carriage return, line feed)

Carriage return, line feed end of message

11

HTTP Response Status Codes

Performed codes: 1xx 2xx 3xx 4xx 5xx (informative sense e.g. request received) (success) (redirection, other actions necessary) (client Error, bad syntax) (server Error, server failed)

protocol status code

header

HTTP/1.0 200 OK Date: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 ... Content-Length: 6821 Content-Type: text/html data data data data data ...

data, e.g., requested html file

12

Cookies: State Information client

usual http request msg usual http response +

HTTP: stateless protocol (but cookies) Server sends cookie to client as a response message Set-cookie: 1678453 Client sends/uses cookie in following requests cookie: 1678453 Server compares sent cookies with serversided cookies Authentification User actions

server

Set-cookie: #
usual http request msg

cookie: #

usual http response msg

cookiespecific action cookiespecific action

usual http request msg

cookie: #
usual http response msg

13

The Web-Alphabet Soup

HTM L

SV G

L M T H c i m a n y D

VRML
XML

SOAP XHTML

I D D U

XMLP Static HTML XSL

W SD L

TCP

/IP

I RM

S CS

HTTP

XML-RPC

14

Web-Development

XML
gy o l o /IP n h CP c T e T

H T ML
Presentation Programmability

ail, G I nn oph ova er tio n

FTPConnectivity , E-m

W eb Page s

no Web Browse Web

Web Serv i ce s
Web programming
15

Static Web Documents

Data, which can be requested HTML (Hyper Text Markup Language) Common description for documents, especially formats Markup: text contains typographic elements first standard: RFC 1866 HTML 2.0, 1995 HTML 3.0 supports tables, RFC 1942, 1996 HTML supports images, RFC 1980, 1996 HTML 4.0: embedding of arbitrary objects and script languages Introduction of CSS (Cascading Style Sheets) Easy formatting; Definition of logical tags like strong (bold), blue etc. at the beginning of a page; easy and fast changing of style formats Increased separation of data and presentation (format) (e.g. search engines)

16

XML and XSL

Searching HTML-documents wasteful, whole document has to be processed W3C developed in 1998: eXtensible Markup Language (XML) for description of Web Content eXtensible Style Language (XSL) for description of styles independent of content data XML compromise: SGML and HTML Description of data structures and documents Generic, stringent Syntax Also for application-to-application communication e.g. by using of SOAP (Simple Object Access Protocol) XHTML as new HTML 5 Web Standard <img src=bild01.jpeg height=400/>

17

Dynamic Web Documents

Server-sided dynamic processing CGI (Common Gateway Interface) Common interface / communication between web server and backend programs or scripts Accepting input, answering HTML content in response PHP (Hypertext Pre-processor) In HTML content embedded scripts, executed by server, producing HTML in response JSP (Java Server Pages); similar to PHP ASP (Active Server Pages); Microsoft derivate

User

Browser shows Web HTML- client page

HTTP

Web server Database

CGIscript

18

Dynamic Web Documents

Client-sided dynamic processing: programs/scripts, embedded in HTML pages, executed on client side: JavaScript Interaction between user and client host Applets Java-programs, executed through JVM-able (Java Virtual Machine) browser ActiveX Microsoft, hardware statements

User

Browser shows Java HTML- script page Locale file system

Web server

19

Web Services
What are web services: Standards for Interfaces between applications and content services in the Internet New: a web service may request another, using its functions, like system intern modules Based on new standards of the W3C: XML (data description), SOAP (data transfer), WDSL (Web Service Description Language), UDDI (Universal Description, Discovery and Integration; central register) Why web services: interaction of application much more easier Changing of client-server to peer-to-peer web application Examples: Authentification: e.g. Microsoft Passport. E-Government (web forms) Online shops

20

Web Service Components

Service Requestor: Request central UDDI directory service (Broker) for service needed Receives document in WSDL format, containing address and statement instruction of service Service request to Provider. Service Broker: Provides service (& descriptions). Service Provider: Provides availability of service with help of a registry provides E-Business service

Publish (UDDI) Service Broker

Service Provider

Bind (SOAP) Service Requestor

Find (WSDL)

Web service model using SOAP

21

FTP File Transfer Protocol

FTP FTP user client interface user at host local file system

file transfer

FTP server remote file system

Transfers data from/to destination host Client/Server model: Client requests transfer Server (destination host) ftp: RFC 959 ftp server: port 21

22

FTP File Transfer Protocol

Connection for controlling and data control information are transmitted out of band stateful protocol, in opposite to HTTP: Server manages state of connection: actual directory, authentification
TCP control connection port 21

FTP Client

TCP data connection port 20

FTP Server

FTP statements are transmitted over control connection in ASCII: USER username: Identification for server PASS password: Sends Password to server LIST: request Server to send file list of an actual directory RETR filename: (retrieve) get Data STOR filename: (store) put Data
23

Remote terminal TELNET and telnet

TELNET is an application protocol, using TCP (port 23) Data und control information use one channel In-band signalling - Byte 0xff means the following is a statement - If symbol 0xff needs to be sent, it must be sent twice telnet is a client/server application using TELNET: Interchange of connection contexts first (e.g. terminal type, transmission speed etc.) Client sends one to one via TCP Socket, displays information received by socket For testing of various TCP server (ASCII-based protocols) Example: telnet <server_name> 25 220 reply from server (ok) Statement: HELLO, MAIL FROM, RCPT TO, DATA, QUIT (Sending an Email without using an Email Reader)

24

Remote Terminal telnet and SSH

Username and password have to be added to a request Username and password have to be valid on this server Username and password are transmitted in plaintext (not encrypted) (telnet, ftp, rsh, etc). telnet: insufficient security: Using SSH: authentification and encrypted transmission when using insecure connections Secure Shell (SSH): login to a destination host to execute statements, transfer data etc. SSH as a replacement for: telnet, rlogin, rsh und ftp

25

DNS Domain Name Service

IP-addresses are used by router and end systems, addressing of datagrams Assignment of names to addresses: -> more intuitive (IPv6 address) DNS-parts: Distributed databases , Hierarchic order of lots of DNS-server Application protocol End user, router and name server use DNS protocol for name resolution and vice versa DNS uses UDP as transport protocol

http://www.ietf.org/rfc/rfc1034.txt http://www.ietf.org/rfc/rfc1035.txt
26

DNS Domain Name Service

Hierarchic structure of DNS
www.cse.ogi.edu

root org net ucb cse www edu ogi ece com uk bu de mit

gwu

27

DNS Domain Name Service

A DNS server never manages all name- address- allocations -> authoritative NS manages only a part of that database, called zone Zones = neighboured name spaces Zones emerge by the deputation of sub domains Every zone has a primary (manual update) und secondary NS ( automatic update) Root NS knows name server of its sub domains DNS hierarchic address resolution Every host has a reference to locale NS Every locale NS knows Root Name Server Root NS (Zone 1) references sub-level Name Server (Zone 2), Sub-level NS references lower sub-level NS (Zone 3), , till NS found, responsible for unknown address

28

TLD and Authoritative Servers

Top-level domain (TLD) servers: responsible for com, org, net, edu, etc, and all top-level country domains uk, fr, ca, jp.
Network solutions maintains servers for com TLD Educause for edu TLD

Authoritative DNS servers: organizations DNS servers, providing authoritative hostname to IP mappings for organizations servers (e.g., Web and mail).
Can be maintained by organization or service provider

29

DNS: Root Name Server

13 Root Name Server worldwide 1 NSI Herndon, VA
2 3 4 5 6 10 NASA Mt View, CA 11 Internet Software C. Palo Alto, CA PSInet Herndon, VA U Maryland College Park, MD DISA Vienna, VA ARL Aberdeen, MD NSI (TBD) Herndon, VA 7 RIPE London 8 NORDUnet Stockholm 9 WIDE Tokyo

12 USC-ISI Marina del Rey, CA 13 ICANN Marina del Rey, CA

30

DNS Domain Name Service

Root NS:

root NS 2 3 4 7 local NS 1
intermediate NS dns.umass.edu

Has not to know authoritative NS But knows intermediate name server: who has to be contacted for resolving the address? Fault-tolerance: several Root NS

Example:

dns.eurecom.fr

surf.eurecom.fr requests connection to gaia.cs.umass.edu Contact locale DNS Server locale DNS contacts root NS Root contacts authoritative NS (or NS of higher level)

surf.eurecom.fr gaia.cs.umass.edu
31

Request

authoritative NS dns.cs.umass.edu

DNS: caching and updating records

once (any) name server learns mapping, it caches mapping cache entries timeout (disappear) after some time TLD servers typically cached in local name servers
Thus root name servers not often visited

update/notify mechanisms under design by IETF

RFC 2136
http://www.ietf.org/html.charters/dnsind-charter.html

32

DNS Name Server Data Base

DB contains four-tuples called Resource Records (RR) RR format: (name, value, type, ttl) RR types:
type=A Namethe hostname Value its IP address type=NS NameDomain name (e.g. foo.com) Value IP address of authoritative NS of that domain type=CNAME Namean alias for the original name Value the original name type=MX Value name of mail server for given name

33

DNS Critics

DNS is very important, therefore also a good target for a attacker. Cache Poisoning Uses UDP for requests (RFC 2136: UDP and TCP) because of smaller overhead -> faster Trustiness TCP Has only one validation field: 16bit ID-field Very easy Spoofing RRs are not protected in zone files

34

DNSsec (RFC 2535)

Easy Conceptions: Publik key encryption based Every DNS-Zone has a pair of cryptographic keys (private/public) DNS server sends information signed with the private key of its zone. DNSsec-services: Verificated source of data Trusted distribution of public keys Requests and transmissions are authenticated New RR Entries: KEY: public key SIG: Signature for RR entry

35

Summary
First insight in network applications Client-Server paradigm Specific protocols: HTTP, FTP, TELNET, DNS Complexity at the network edge! Security is a major issue with traditional services and protocols Coming next: Content Distribution and P2P networks

36