Computer Networks Unit 5

UNIT V APPLICATION LAYER 9

Internet Architecture – Network software – Introduction to Sockets - Traditional

applications - Electronic Mail (FTP, SMTP, POP3, IMAP, MIME, Telnet, SSH) –
HTTP – Web Services – DNS - SNMP

Computer Network Architecture

Computer Network Architecture is defined as the physical and logical design of the software,
hardware, protocols, and media of the transmission of data. Simply we can say that how
computers are organized and how tasks are allocated to the computer.

The two types of network architectures are used:

Peer-To-Peer network
o Peer-To-Peer network is a network in which all the computers are linked together
with equal privilege and responsibilities for processing the data.
o Peer-To-Peer network is useful for small environments, usually up to 10 computers.
o Peer-To-Peer network has no dedicated server.
o Special permissions are assigned to each computer for sharing the resources, but this
can lead to a problem if the computer with the resource is down.

Advantages Of Peer-To-Peer Network:

o It is less costly as it does not contain any dedicated server.

o If one computer stops working but, other computers will not stop working.

1
Computer Networks Unit 5

o It is easy to set up and maintain as each computer manages itself.

Disadvantages Of Peer-To-Peer Network:

o In the case of Peer-To-Peer network, it does not contain the centralized system .
Therefore, it cannot back up the data as the data is different in different locations.

o It has a security issue as the device is managed itself.

Client/Server Network

o Client/Server network is a network model designed for the end users called clients, to
access the resources such as songs, video, etc. from a central computer known as
Server.

o The central controller is known as a server while all other computers in the network
are called clients.

o A server performs all the major operations such as security and network management.

o A server is responsible for managing all the resources such as files, directories,
printer, etc.

o All the clients communicate with each other through a server. For example, if client1
wants to send some data to client 2, then it first sends the request to the server for the
permission. The server sends the response to the client 1 to initiate its communication
with the client 2.

Advantages Of Client/Server network:

o A Client/Server network contains the centralized system. Therefore we can back up

the data easily.

o A Client/Server network has a dedicated server that improves the overall performance
of the whole system.

o Security is better in Client/Server network as a single server administers the shared

resources.

o It also increases the speed of the sharing resources.

2
Computer Networks Unit 5

Disadvantages Of Client/Server network:

o Client/Server network is expensive as it requires the server with large memory.

o A server has a Network Operating System(NOS) to provide the resources to the

clients, but the cost of NOS is very high.

o It requires a dedicated network administrator to manage all the resources.

Network software

Network software is defined as a wide range of software that streamlines the operations,
design, monitoring, and implementation of computer networks.

Functions of Network Software

 Helps to set up and install computer networks
 Enables users to have access to network resources in a seamless manner
 Allows administrations to add or remove users from the network
 Helps to define locations of data storage and allows users to access that data
 Helps administrators and security system to protect the network from data breaches,
unauthorized access and attacks on a network
 Enables network virtualizations

SDN Framework

The Software Defined Networking framework has three layers as depicted in the following
diagram −

 APPLICATION LAYER − SDN applications reside in the Application Layer. The

applications convey their needs for resources and services to the control layer through
APIs.
 CONTROL LAYER − The Network Control Software, bundled into the Network
Operating System, lies in this layer. It provides an abstract view of the underlying

3
Computer Networks Unit 5

network infrastructure. It receives the requirements of the SDN applications and

relays them to the network components.
 INFRASTRUCTURE LAYER − Also called the Data Plane Layer, this layer
contains the actual network components. The network devices reside in this layer that
shows their network capabilities through the Control to data-Plane Interface.

1. Network storage software

 Network storage software allows businesses to utilize a standard interface that

manages countless databases between users or clients.
 It serves as a good manager of access between various departments or essential
communities within an organization.

2. Data archiving software

 Data archiving software enables better management of such information and is an

optimal solution to reduce costs while ensuring that the data is being protected.
 Archive software does not function the same way as regular standard backups. Hence,
it is always recommended to ensure that the archived data doesn’t need to be accessed
soon.

3. Patch management software

 Patch management software aids in the smoother management of updates across

numerous devices on the network through the installation of patches.
 This makes the process more seamless and enables each machine to download a patch
managed by central software and run updates automatically.
 Patch management software is the more hassle-free and effective way to perform
continuous updates across devices and systems in an organization.

4
Computer Networks Unit 5

4. Security surveillance software

 It monitors and connects the various security solutions within a network.

 Specific software is ideal for large networks as it effortlessly links throughout
locations and provides credible browser-based live and recorded footage to an
organization.
 On the other hand, better-targeted software works well in protecting vulnerable units
by building a network architecture that reduces attack surfaces, thereby keeping
components hidden from any malicious parties.

5. Asset management software

 Compared to most of its counterparts, asset management software operates from a

centralized server room or hub and is not connected to any hardware.
 This is good in terms of cost reduction and offers an excellent experience to the users
and clients.

6. Deployment and migration software

 The use of deployment and migration software aids organizations in making processes
such as upgrading systems hassle-free.
 The software provides an interface that enables easy monitoring of any deployment or
data movement between the hardware and databases within the network.
 It also ensures mandatory checks on compatibility when any data is being moved
between regular backups and archives, thereby significantly reducing the chances of
data loss.

7. Printer and fax software

 Printers and fax machines are indispensable equipment for any working organization.
 This software provides an easy-to-use interface that enables the undertaking and
maintenance of multiple tasks.

8. Network management software

 Their primary function is to monitor, manage, and troubleshoot any hurdles in

network performance across the whole device infrastructure.
 While a network monitoring software might have some basic options plugged in to
troubleshoot, network management software is equipped to manipulate and modify
network performance for the better.

Introduction to Sockets

 A socket is one endpoint of a two way communication link between two programs
running on the network.
 The socket mechanism provides a means of inter-process communication (IPC) by
establishing named contact points between which the communication take place.
 Like ‘Pipe’ is used to create pipes and sockets is created using ‘socket’ system call.
The socket provides bidirectional FIFO Communication facility over the network.

5
Computer Networks Unit 5

 A socket connecting to the network is created at each end of the communication.

 Each socket has a specific address. This address is composed of an IP address and a
port number.
 Socket are generally employed in client server applications.
 The server creates a socket, attaches it to a network port addresses then waits for the
client to contact it.
 The client creates a socket and then attempts to connect to the server socket.
 When the connection is established, transfer of data takes place.

Types of Sockets :
There are two types of Sockets: the datagram socket and the stream socket.
1. Datagram Socket :
This is a type of network which has connection less point for sending and receiving
packets. It is similar to mailbox. The letters (data) posted into the box are collected and
delivered (transmitted) to a letterbox (receiving socket).
2. Stream Socket :
In Computer operating system, a stream socket is type of inter process
communications socket or network socket which provides a connection-oriented,
sequenced, and unique flow of data without record boundaries with well defined
mechanisms for creating and destroying connections and for detecting errors. It is
similar to phone. A connection is established between the phones (two ends) and a
conversation (transfer of data) takes place.

6
Computer Networks Unit 5

Function Call Description

Socket() To create a socket

Bind() It’s a socket identification like a telephone number to contact

Listen() Ready to receive a connection

Connect() Ready to act as a sender

Accept() Confirmation, it is like accepting to receive a call from a sender

Write() To send data

Read() To receive data

Close() To close a connection

FTP (FILE TRANSFER PROTOCOL)

 FTP stands for File transfer protocol.

 FTP is a standard internet protocol provided by TCP/IP used for transmitting the files
from one host to another.
 It is mainly used for transferring the web page files from their creator to the computer
that acts as a server for other computers on the internet.
 It is also used for downloading the files to computer from other servers.
 Although we can transfer files using HTTP, FTP is a better choice to transfer large
files or to transfer files using different formats.

FTP OBJECTIVES

 It provides the sharing of files.

 It is used to encourage the use of remote computers.
 It transfers the data more reliably and efficiently.

FTP MECHANISM

7
Computer Networks Unit 5

The above figure shows the basic model of the FTP.

The FTP client has three components:

 user interface, control process, and data transfer process.

The server has two components:

 server control process and server data transfer process.

FTP CONNECTIONS

There are two types of connections in FTP -

Control Connection and Data Connection.

The two connections in FTP have different lifetimes.

The control connection remains connected during the entire interactive FTP session.

The data connection is opened and then closed for each file transfer activity. When a user
starts an FTP session, the control connection opens.

While the control connection is open, the data connection can be opened and closed
multiple times if several files are transferred.

FTP uses two well-known TCP ports:

 Port 21 is used for the control connection

 Port 20 is used for the data connection.

Control Connection:

 The control connection uses very simple rules for communication.

8
Computer Networks Unit 5

 Through control connection, we can transfer a line of command or line of response at

a time.
 The control connection is made between the control processes.
 The control connection remains connected during the entire interactive FTP session.

Data Connection:

 The Data Connection uses very complex rules as data types may vary.
 The data connection is made between data transfer processes.
 The data connection opens when a command comes for transferring the files and
closes when the file is transferred.

FTP COMMUNICATION

FTP Communication is achieved through commands and responses.

FTP Commands are sent from the client to the server

FTP responses are sent from the server to the client.

FTP Commands are in the form of ASCII uppercase, which may or may not be followed
by an argument.

Some of the most common commands are:

Every FTP command generates at least one response.

A response has two parts: a three-digit number followed by text.

9
Computer Networks Unit 5

The numeric part defines the code; the text part defines needed parameter.

FTP FILE TYPE

FTP can transfer one of the following file types across the data connection:

ASCII file, EBCDIC file, or image file.

FTP DATA STRUCTURE

FTP can transfer a file across the data connection using one of the following

data structure : file structure, record structure, or page structure.

The file structure format is the default one and has no structure. It is a continuous stream of
bytes.

In the record structure, the file is divided into records. This can be used only with text
files.

In the page structure, the file is divided into pages, with each page having a page number
and a page header. The pages can be stored and accessed randomly or sequentially.

FTP TRANSMISSION MODE

FTP can transfer a file across the data connection using one of the following three
transmission modes: stream mode, block mode, or compressed mode.

The stream mode is the default mode; data are delivered from FTP to TCP as a continuous
stream of bytes.

In the block mode, data can be delivered from FTP to TCP in blocks.

In the compressed mode, data can be compressed and delivered from FTP to TCP.

FTP FILE TRANSFER

File transfer occurs over the data connection under the control of the commands sent over
the control connection.

File transfer in FTP means one of three things:

 retrieving a file (server to client)

 storing a file (client to server)
 directory listing (server to client).

FTP SECURITY

FTP requires a password, the password is sent in plaintext which is unencrypted. This
means it can be intercepted and used by an attacker.

10
Computer Networks Unit 5

The data transfer connection also transfers data in plaintext, which is insecure.

To be secure, one can add a Secure Socket Layer between the FTP application layer and
the TCP layer.

In this case FTP is called SSL-FTP.

EMAIL (SMTP, MIME, IMAP, POP)

One of the most popular Internet services is electronic mail (E-mail).

Email is one of the oldest network applications.

The three main components of an Email are

1. User Agent (UA)

2. Messsage Transfer Agent (MTA) – SMTP

3. Messsage Access Agent (MAA) - IMAP , POP

When the sender and the receiver of an e-mail are on the same system, we need only two
User Agents and no Message Transfer Agent

When the sender and the receiver of an e-mail are on different system, we need two UA,
two pairs of MTA (client and server), and two MAA (client and server).

WORKING OF EMAIL

11
Computer Networks Unit 5

When Alice needs to send a message to Bob, she runs a UA program to prepare the
message and send it to her mail server.

The mail server at her site uses a queue (spool) to store messages waiting to be sent. The
message, however, needs to be sent through the Internet from Alice’s site to Bob’s site using
an MTA.

Here two message transfer agents are needed: one client and one server.

The server needs to run all the time because it does not know when a client will ask for a
connection.

The client can be triggered by the system when there is a message in the queue to be sent.

The user agent at the Bob site allows Bob to read the received message.

Bob later uses an MAA client to retrieve the message from an MAA server running on the
second server.

USER AGENT (UA)

The first component of an electronic mail system is the user agent (UA).

It provides service to the user to make the process of sending and receiving a message
easier.

A user agent is a software package that composes, reads, replies to, and forwards
messages. It also handles local mailboxes on the user computers.

12
Computer Networks Unit 5

There are two types of user agents: Command-driven and GUI-based.

Command driven

o Command driven user agents belong to the early days of electronic mail.

o A command-driven user agent normally accepts a one character command from the
keyboard to perform its task.

o Some examples of command driven user agents are mail, pine, and elm.

GUI-based

o Modern user agents are GUI-based.

o They allow the user to interact with the software by using both the keyboard and the mouse.

o They have graphical components such as icons, menu bars, and windows that make the
services easy to access.

o Some examples of GUI-based user agents are Eudora and Outlook.

MESSAGE TRANSFER AGENT (MTA)

The actual mail transfer is done through message transfer agents (MTA).

To send mail, a system must have the client MTA, and to receive mail, a system must have
a server MTA.

The formal protocol that defines the MTA client and server in the Internet is called Simple
Mail Transfer Protocol (SMTP).

MESSAGE ACCESS AGENT (MAA)

MAA is a software that pulls messages out of a mailbox.

POP3 and IMAP4 are examples of MAA.

ADDRESS FORMAT OF EMAIL

E-mail address is userid @ domain where domain is hostname of the mail server.

13
Computer Networks Unit 5

MESSAGE FORMAT OF EMAIL

Email message consists of two parts namely header and body.

Each header line contains type and value separated by a colon (:).

Some header contents are:

o From: identifier sender of the message.

o To: mail address of the recipient(s).

o Subject: says about purpose of the message.

o Date: timestamp of when the message was transmitted.

Header is separated from the body by a blank line.

Body contains the actual message.

Email was extended in 1993 to carry many different types of data: audio, video, images,
Word documents, and so on.

This extended version is known as MIME(Multipurpose Mail Extension).

SIMPLE MAIL TRANSFER PROTOCOL (SMTP)

SMTP is the standard protocol for transferring mail between hosts in the TCP/IP protocol
suite.

SMTP is not concerned with the format or content of messages themselves.

14
Computer Networks Unit 5

SMTP uses information written on the envelope of the mail (message header), but does not
look at the contents (message body) of the envelope.

SMTP clients and servers have two main components

o User Agents(UA) – Prepares the message, encloses it in an envelope.

o Mail Transfer Agent (MTA) – Transfers the mail across the internet

SMTP also allows the use of Relays allowing other MTAs to relay the mail.

SMTP MAIL FLOW

15
Computer Networks Unit 5

To begin, mail is created by a user-agent program in response to user input.

Each created message consists of a header that includes the recipient's email address and
other information, and a message body containing the message to be sent.

These messages are then queued in some fashion and provided as input to an SMTP Sender
program.

SMTP COMMANDS AND RESPONSES

The operation of SMTP consists of a series of commands and responses exchanged

between the SMTP sender and SMTP receiver.

The initiative is with the SMTP sender, who establishes the TCP connection.

Once the connection is established, the SMTP sender sends commands over the connection
to the receiver.

The command is from an MTA client to an MTA server; the response is from an MTA
server to the MTA client.

SMTP Commands

Commands are sent from the client to the server. It consists of a keyword

followed by zero or more arguments. SMTP defines 14 commands.

16
Computer Networks Unit 5

SMTP Responses

Responses are sent from the server to the client.

A response is a three digit code that may be followed by additional textual information.

17
Computer Networks Unit 5

SMTP OPERATIONS

Basic SMTP operation occurs in three phases:

1. Connection Setup

2. Mail Transfer

3. Connection Termination

Connection Setup

An SMTP sender will attempt to set up a TCP connection with a target host when it has
one or more mail messages to deliver to that host.

The sequence is quite simple:

1. The sender opens a TCP connection with the receiver.

2. Once the connection is established, the receiver identifies itself with "Service Ready”.

18
Computer Networks Unit 5

3. The sender identifies itself with the HELO command.

4. The receiver accepts the sender's identification with "OK".

5. If the mail service on the destination is unavailable, the destination host returns a "Service
Not Available" reply in step 2, and the process is terminated.

Mail Transfer

Once a connection has been established, the SMTP sender may send one or

more messages to the SMTP receiver.

There are three logical phases to the transfer of a message:

1. A MAIL command identifies the originator of the message.

2. One or more RCPT commands identify the recipients for this

message.

3. A DATA command transfers the message text.

Connection Termination

The SMTP sender closes the connection in two steps.

First, the sender sends a QUIT command and waits for a reply.

The second step is to initiate a TCP close operation for the TCP connection.

The receiver initiates its TCP close after sending its reply to the QUIT command.

19
Computer Networks Unit 5

LIMITATIONS OF SMTP

SMTP cannot transmit executable files or other binary objects.

SMTP cannot transmit text data that includes national language characters, as these are
represented by 8-bit codes with values of 128 decimal or higher, and SMTP is limited to 7-bit
ASCII.

SMTP servers may reject mail message over a certain size.

SMTP gateways that translate between ASCII and the character code EBCDIC do not use
a consistent set of mappings, resulting in translation problems.

Some SMTP implementations do not adhere completely to the SMTP standards defined.

Common problems include the following:

1. Deletion, addition, or recording of carriage return and linefeed.

2. Truncating or wrapping lines longer than 76 characters.

3. Removal of trailing white space (tab and space characters).

4. Padding of lines in a message to the same length.

5. Conversion of tab characters into multiple-space characters.

MULTIPURPOSE INTERNET MAIL EXTENSION (MIME)

SMTP provides a basic email service, while MIME adds multimedia capability to SMTP.

MIME is an extension to SMTP and is used to overcome the problems and limitations of
SMTP.

Email system was designed to send messages only in ASCII format.

Languages such as French, Chinese, etc., are not supported.

Image, audio and video files cannot be sent.

MIME adds the following features to email service:

Be able to send multiple attachments with a single message;

Unlimited message length;

Use of character sets other than ASCII code;

Use of rich text (layouts, fonts, colors, etc)

Binary attachments (executables, images, audio or video files, etc.), which

20
Computer Networks Unit 5

may be divided if needed.

MIME is a protocol that converts non-ASCII data to 7-bit NVT(Network

Virtual Terminal) ASCII and vice-versa.

MIME HEADERS

Using headers, MIME describes the type of message content and the encoding used.

Headers defined in MIME are:

MIME-Version- current version, i.e., 1.1

Content-Type - message type (text/html, image/jpeg, application/pdf)

Content-Transfer-Encoding - message encoding scheme (eg base64).

Content-Id - unique identifier for the message.

Content-Description - describes type of the message body.

MIME CONTENT TYPES

There are seven different major types of content and a total of 14 subtypes.

21
Computer Networks Unit 5

In general, a content type declares the general type of data, and the subtype specifies a
particular format for that type of data.

MIME also defines a multipart type that says how a message carrying more than one data
type is structured.

This is like a programming language that defines both base types (e.g., integers and floats)
and compound types (e.g., structures and arrays).

One possible multipart subtype is mixed, which says that the message contains a set of
independent data pieces in a specified order.

Each piece then has its own header line that describes the type of that piece.

The table below lists the MIME content types:

ENCODING FORMATS OF MIME

MIME uses various encoding formats to convert binary data into the ASCII character set.

To transfer binary data, MIME offers five encoding formats which can be used in the
header transfer-encoding:

7-bit : 7-bit text format (for messages without accented characters);

8-bit : 8-bit text format;

quoted-printable : Quoted-Printable format, recommended for messages which use a 7-bit

alphabet (such as when there are accent marks);

22
Computer Networks Unit 5

base-64 : Base 64, for sending binary files as attachments;

binary : binary format; not recommended.

MESSAGE TRANSFER IN MIME

MTA is a mail daemon (sendmail) active on hosts having mailbox, used to send an email.

Mail passes through a sequence of gateways before it reaches the recipient mail server.

Each gateway stores and forwards the mail using Simple mail transfer protocol (SMTP).

SMTP defines communication between MTAs over TCP on port 25.

In an SMTP session, sending MTA is client and receiver is server. In each exchange:

Client posts a command (HELO, MAIL, RCPT, DATA, QUIT, VRFY, etc.)

Server responds with a code (250, 550, 354, 221, 251 etc) and an explanation.

Client is identified using HELO command and verified by the server

Client forwards message to server, if server is willing to accept.

Message is terminated by a line with only single period (.) in it.

Eventually client terminates the connection.

IMAP (INTERNET MAIL ACCESS PROTOCOL)

IMAP is an Application Layer Internet protocol that allows an e-mail client to access e-
mail on a remote mail server.

It is a method of accessing electronic mail messages that are kept on a possibly shared mail
server.

IMAP is a more capable wire protocol.

IMAP is similar to SMTP in many ways.

IMAP is a client/server protocol running over TCP on port 143.

23
Computer Networks Unit 5

IMAP allows multiple clients simultaneously connected to the same mailbox, and through
flags stored on the server, different clients accessing the same mailbox at the same or
different times can detect state changes made by other clients.

In other words, it permits a "client" email program to access remote message stores as if
they were local.

For example, email stored on an IMAP server can be manipulated from a desktop
computer at home, a workstation at the office, and a notebook computer while travelling,
without the need to transfer messages or files back and forth between these computers.

IMAP can support email serving in three modes:

Offline

Online

Users may connect to the server, look at what email is available, and access it online. This
looks to the user very much like having local spool files, but they’re on the mail server.

Disconnected operation

A mail client connects to the server, can make a “cache” copy of selected messages, and
disconnects from the server. The user can then work on the messages offline, and connect to
the server later and resynchronize the server status with the cache.

OPERATION OF IMAP

The mail transfer begins with the client authenticating the user and identifying the mailbox
they want to access.

Client Commands

LOGIN, AUTHENTICATE, SELECT, EXAMINE, CLOSE, and LOGOUT

24
Computer Networks Unit 5

Server Responses

OK, NO (no permission), BAD (incorrect command),

When user wishes to FETCH a message, server responds in MIME format.

Message attributes such as size are also exchanged.

Flags are used by client to report user actions.

SEEN, ANSWERED, DELETED, RECENT

IMAP4

The latest version is IMAP4. IMAP4 is more powerful and more complex.

IMAP4 provides the following extra functions:

A user can check the e-mail header prior to downloading.

A user can search the contents of the e-mail for a specific string of characters prior to
downloading.

A user can partially download e-mail. This is especially useful if bandwidth is limited and
the e-mail contains multimedia with high bandwidth requirements.

A user can create, delete, or rename mailboxes on the mail server.

A user can create a hierarchy of mailboxes in a folder for e-mail storage.

25
Computer Networks Unit 5

ADVANTAGES OF IMAP

With IMAP, the primary storage is on the server, not on the local machine.

Email being put away for storage can be foldered on local disk, or can be foldered on the
IMAP server.

The protocol allows full user of remote folders, including a remote folder hierarchy and
multiple inboxes.

26
Computer Networks Unit 5

It keeps track of explicit status of messages, and allows for user-defined status.

Supports new mail notification explicitly.

Extensible for non-email data, like netnews, document storage, etc.

Selective fetching of individual MIME body parts.

Server-based search to minimize data transfer.

Servers may have extensions that can be negotiated.

POST OFFICE PROTOCOL (POP3)

Post Office Protocol (POP3) is an application-layer Internet standard protocol used by

local e-mail clients to retrieve e-mail from a remote server over a TCP/IP connection.

There are two versions of POP.

• The first, called POP2, became a standard in the mid-80's and requires SMTP to send
messages.

• The current version, POP3, can be used with or without SMTP. POP3 uses TCP/IP port
110.

POP is a much simpler protocol, making implementation easier.

POP supports offline access to the messages, thus requires less internet usage time

POP does not allow search facility.

In order to access the messages, it is necessary to download them.

It allows only one mailbox to be created on server.

It is not suitable for accessing non mail data.

POP mail moves the message from the email server onto the local computer, although
there is usually an option to leave the messages on the email server as well.

POP treats the mailbox as one store, and has no concept of folders.

POP works in two modes namely, delete and keep mode.

In delete mode, mail is deleted from the mailbox after retrieval. The delete mode is
normally used when the user is working at their permanent computer and can save and
organize the received mail after reading or replying.

In keep mode, mail after reading is kept in mailbox for later retrieval. The keep mode is
normally used when the user accesses her mail away from their primary computer .

27
Computer Networks Unit 5

POP3 client is installed on the recipient computer and POP server on the mail server.

Client opens a connection to the server using TCP on port 110.

Client sends username and password to access mailbox and to retrieve messages.

POP3 Commands

POP commands are generally abbreviated into codes of three or four letters

The following describes some of the POP commands:

1. UID - This command opens the connection

2. STAT - It is used to display number of messages currently in the mailbox

28
Computer Networks Unit 5

3. LIST - It is used to get the summary of messages

4. RETR -This command helps to select a mailbox to access the messages

5. DELE - It is used to delete a message

6. RSET - It is used to reset the session to its initial state

7. QUIT - It is used to log off the session

DIFFERENCE BETWEEN POP AND IMAP

Advantages of IMAP over POP

IMAP is more powerful and more complex than POP.

User can check the e-mail header prior to downloading.

User can search e-mail for a specific string of characters prior to downloading.

User can download partially, very useful in case of limited bandwidth.

29
Computer Networks Unit 5

User can create, delete, or rename mailboxes on the mail server.

TELNET (TERMINAL NETWORK)

TELNET is the original remote logging protocol, based on client-server program.

Telnet provides a connection to the remote computer in such a way that a local terminal
appears to be at the remote side.

TELNET allows us to explain the issues and challenges related to the concept of remote
logging.

Network administrators often use TELNET for diagnostic and debugging purposes.

TELNET requires a logging name and password.

It is vulnerable to hacking because it sends all data including the password in plaintext (not
encrypted).

A hacker can eavesdrop and obtain the logging name and password. Because of this
security issue, the use of TELNET has diminished.

TYPES OF TELNET LOGGING

There are two types of TELNET logging:

Local Logging and Remote Logging

Local Login

When a user logs into a local system, it is called local logging.

As a user types at a terminal or at a workstation running a terminal emulator, the

keystrokes are accepted by the terminal driver.

The terminal driver passes the characters to the operating system.

The operating system, in turn, interprets the combination of characters and invokes the
desired application program or utility.

Remote Logging

30
Computer Networks Unit 5

When a user wants to access an application program or utility located on a remote

machine, they perform remote logging.

Remote Logging uses TELNET client and TELENT server programs.

The user sends the keystrokes to the terminal driver where the local operating system
accepts the characters but does not interpret them.

The characters are sent to the TELNET client, which transforms the characters into a
universal character set called Network Virtual Terminal (NVT) characters and delivers them
to the local TCP/IP stack.

The commands or text, in NVT form, travel through the Internet and arrive at the TCP/IP
stack at the remote machine.

The characters are delivered to the operating system and passed to the TELNET server,
which changes the characters to the corresponding characters understandable by the remote
computer.

The characters cannot be passed directly to the operating system because the remote
operating system is not designed to receive characters from a TELNET server; it is designed
to receive characters from a terminal driver.

A piece of software called pseudo terminal driver, is added to this, which pretends that the
characters are coming from a terminal.

The operating system then passes the characters to the appropriate application program.

TELENT OPTIONS

TELNET lets the client and server negotiate options before or during the use of the service.

Options are extra features available to a user with a more sophisticated terminal.

Users with simpler terminals can use default features.

TELENT COMMANDS

31
Computer Networks Unit 5

NETWORK VIRTUAL TERMINAL (NVT)

The mechanism to access a remote computer is complex.

We are dealing with heterogeneous systems.

This is because every computer and its operating system accepts a special combination of
characters as tokens.

For example, the end-of-file token in a computer running the DOS operating system is
Ctrl+z, while the UNIX operating system recognizes Ctrl+d.

If we want to access any remote computer in the world, we must first know what type of
computer we will be connected to, and we must also install the specific terminal emulator
used by that computer.

TELNET solves this problem by defining a universal interface called the Network Virtual
Terminal (NVT) character set.

Via this interface, the client TELNET translates characters (data or commands) that come
from the local terminal into NVT form and delivers them to the network.

The server TELNET, on the other hand, translates data and commands from NVT form
into the form acceptable by the remote computer.

NVT Character Format

NVT uses two sets of characters, one for data and one for control.

For data, NVT normally uses what is called NVT ASCII. This is an 8-bit character set in
which the seven lowest order bits are the same as ASCII and the highest order bit is 0.

32
Computer Networks Unit 5

To send control characters between computers , NVT uses an 8-bit character set in which
the highest order bit is set to 1.

SSH (SECURE SHELL)

Secure Shell (SSH) is a secure application program that can be used today for several
purposes such as remote logging and file transfer, it was originally designed to replace
TELNET.

There are two versions of SSH: SSH-1 and SSH-2, which are totally incompatible. The
first version, SSH-1, is now deprecated because of security flaws in it.

SSH COMPONENTS

SSH is an application-layer protocol with three components:

1. SSH Transport-Layer Protocol (SSH-TRANS)

2. SSH Authentication Protocol (SSH-AUTH)

3. SSH Connection Protocol (SSH-CONN)

SSH Transport-Layer Protocol (SSH-TRANS)

SSH first uses a protocol that creates a secured channel on top of the TCP.

This new layer is an independent protocol referred to as SSH-TRANS.

When the procedure implementing this protocol is called, the client and server first use the
TCP protocol to establish an insecure connection.

33
Computer Networks Unit 5

Then they exchange several security parameters to establish a secure channel on top of the
TCP.

Services provided by this protocol:

1. Privacy or confidentiality of the message exchanged

2. Data integrity, which means that it is guaranteed that the messages exchanged between the
client and server are not changed by an intruder

3. Server authentication, which means that the client is now sure that the server is the one that
it claims to be

4. Compression of the messages, which improves the efficiency of the system and makes
attack more difficult

SSH Authentication Protocol (SSH-AUTH)

After a secure channel is established between the client and the server and the server is
authenticated for the client.

SSH can call another procedure that can authenticate the client for the server.

This layer defines a number of authentication tools similar to the ones used in SSL.

Authentication starts with the client, which sends a request message to the server.

The request includes the user name, server name, the method of authentication, and the
required data.

The server responds with either a success message, which confirms that the client is
authenticated, or a failed message, which means that the process needs to be repeated with a
new request message.

SSH Connection Protocol (SSH-CONN)

After the secured channel is established and both server and client are authenticated for
each other, SSH can call a piece of software that implements the third protocol, SSHCONN.

One of the services provided by the SSH-CONN protocol is multiplexing.

SSH-CONN takes the secure channel established by the two previous protocols and lets the
client create multiple logical channels over it.

Each channel can be used for a different purpose, such as remote logging, file transfer, and
so on.

SSH APPLICATIONS

SSH is a general-purpose protocol that provides a secure connection between a client and
server.

34
Computer Networks Unit 5

SSH for Remote Logging

Several free and commercial applications use SSH for remote logging.

Among them, we can mention PuTTy, by Simon Tatham, which is a client SSH program
that can be used for remote logging.

Another application program is Tectia, which can be used on several platforms.

SSH for File Transfer

One of the application programs that is built on top of SSH for file transfer is the Secure
File Transfer Program (sftp).

The sftp application program uses one of the channels provided by the SSH to transfer
files.

Another common application is called Secure Copy (scp).

This application uses the same format as the UNIX copy command, cp, to copy files.

Port Forwarding

One of the interesting services provided by the SSH protocol is port forwarding.

We can use the secured channels available in SSH to access an application program that
does not provide security services.

Applications such as TELNET and Simple Mail Transfer Protocol (SMTP),can use the
services of the SSH port forwarding mechanism.

The SSH port forwarding mechanism creates a tunnel through which the messages
belonging to other protocols can travel.

For this reason, this mechanism is sometimes referred to as SSH tunneling.

SSH PACKET FORMAT

The length field defines the length of the packet but does not include the padding.

The Padding field is added to the packet to make the attack on the security provision more
difficult.

The type field designates the type of the packet used in different SSH protocols.

The data field is the data transferred by the packet in different protocols.

The CRC field is used for error detection.

35
Computer Networks Unit 5

SECURING FTP APPLICATIONS USING SSH

The FTP client can use the SSH client on the local site to make a secure connection

with the SSH server on the remote site.

Any request from the FTP client to the FTP server is carried through the tunnel provided
by the SSH client and server.

Any response from the FTP server to the FTP client is also carried through the tunnel
provided by the SSH client and server.

DNS (DOMAIN NAME SYSTEM)

Domain Name System was designed in 1984.

DNS is used for name-to-address mapping.

The DNS provides the protocol which allows clients and servers to communicate with each
other.

Eg: Host name like www.yahoo.com is translated into numerical IP addresses like
207.174.77.131

Domain Name System (DNS) is a distributed database used by TCP/IP applications to map
between hostnames and IP addresses and to provide electronic mail routing information.

Each site maintains its own database of information and runs a server program that other
systems across the Internet can query.

WORKING OF DNS

The following six steps shows the working of a DNS. It maps the host name to an IP

address:

36
Computer Networks Unit 5

1. The user passes the host name to the file transfer client.

2. The file transfer client passes the host name to the DNS client.

3. Each computer, after being booted, knows the address of one DNS server. The DNS client
sends a message to a DNS server with a query that gives the file transfer server name using
the known IP address of the DNS server.

4. The DNS server responds with the IP address of the desired file transfer server.

5. The DNS server passes the IP address to the file transfer client.

6. The file transfer client now uses the received IP address to access the file transfer server.

NAME SPACE

To be unambiguous, the names assigned to machines must be carefully selected from a

name space with complete control over the binding between the names and IP address.

The names must be unique because the addresses are unique.

A name space that maps each address to a unique name can be organized in two ways: flat
(or) hierarchical.

Flat Name Space

In a flat name space, a name is assigned to an address.

A name in this space is a sequence of characters without structure.

The main disadvantage of a flat name space is that it cannot be used in a large system such
as Internet because it must be centrally controlled to avoid ambiguity and duplication.

Hierarchical Name Space

In a hierarchical name space, each name is made of several parts.

The first part can define the organization, the second part can define the name, the third
part can define departments, and so on.

In this case, the authority to assign and control the name spaces can be decentralized.

A central authority can assign the part of the name that defines the nature of the
organization and the name.

The responsibility for the rest of the name can be given to the organization itself. Suffixes
can be added to the name to define host or resources.

The management of the organization need not worry that the prefix chosen for a host is
taken by another organization because even if part of an address is the same, the whole
address is different.

37
Computer Networks Unit 5

The names are unique without the need to be assigned by a central authority.

The central authority controls only part of the name, not the whole name.

DOMAIN NAME SPACE

To have a hierarchical name space, a domain name space was designed. In this design, the
names are defined in an inverted-tree structure with the root at the top.

Each node in the tree has a label, which is a string with a maximum of 63 characters.

The root label is a null string.

DNS requires that children of a node have different labels, which guarantees the
uniqueness of the domain names.

Each node in the tree has a label, which is a string with a maximum of 63 characters.

The root label is a null string (empty string). DNS requires that children of a node (nodes
that branch from the same node) have different labels, which guarantees the uniqueness of the
domain names.

Domain Name

Each node in the tree has a label called as domain name.

A full domain name is a sequence of labels separated by dots (.)

The domain names are always read from the node up to the root.

The last label is the label of the root (null).

This means that a full domain name always ends in a null label, which means the last
character is a dot because the null string is nothing.

If a label is terminated by a null string, it is called a fully qualified domain name (FQDN).

If a label is not terminated by a null string, it is called a partially qualified domain name
(PQDN).

38
Computer Networks Unit 5

Domain

A domain is a subtree of the domain name space.

The name of the domain is the domain name of the node at the top of the subtree.

A domain may itself be divided into domains.

DISTRIBUTION OF NAME SPACE

The information contained in the domain name space must be stored.

But it is very inefficient and also not reliable to have just one computer store such a huge
amount of information.

It is inefficient because responding to requests from all over the world, places a heavy load
on the system.

It is not reliable because any failure makes the data inaccessible.

The solution to these problems is to distribute the information among many computers
called DNS servers.

HIERARCHY OF NAME SERVERS

39
Computer Networks Unit 5

The way to distribute information among DNS servers is to divide the whole space into
many domains based on the first level.

Let the root stand-alone and create as many domains as there are first level nodes.

Because a domain created this way could be very large,

DNS allows domains to be divided further into smaller domains.

Thus we have a hierarchy of servers in the same way that we have a hierarchy of names.

ZONE

What a server is responsible for, or has authority over, is called a zone.

The server makes a database called a zone file and keeps all the information for every node
under that domain.

If a server accepts responsibility for a domain and does not divide the domains into smaller
domains, the domain and zone refer to the same thing.

But if a server divides its domain into sub domains and delegates parts of its authority to
other servers, domain and zone refer to different things.

The information about the nodes in the sub domains is stored in the servers at the lower
levels, with the original server keeping some sort of references to these lower level servers.

But still, the original server does not free itself from responsibility totally.

It still has a zone, but the detailed information is kept by the lower level servers.

40
Computer Networks Unit 5

ROOT SERVER

A root sever is a server whose zone consists of the whole tree.

A root server usually does not store any information about domains but delegates its
authority to other servers, keeping references to those servers.

Currently there are more than 13 root servers, each covering the whole domain name
space.

The servers are distributed all around the world.

PRIMARY AND SECONDARY SERVERS

DNS defines two types of servers: primary and secondary.

A Primary Server is a server that stores a file about the zone for which it is an authority.

Primary Servers are responsible for creating, maintaining, and updating the zone file.

Primary Server stores the zone file on a local disc.

A secondary server is a server that transfers the complete information about a zone from
another server (Primary or Secondary) and stores the file on its local disc.

If updating is required, it must be done by the primary server, which sends the updated
version to the secondary.

A primary server loads all information from the disk file; the secondary server loads all
information from the primary server.

DNS IN THE INTERNET

DNS is a protocol that can be used in different platforms.

In the Internet, the domain name space (tree) is divided into three different sections -
Generic domains, Country domains, and Inverse domain.

Generic Domains

The generic domains define registered hosts according to their generic behavior.

41
Computer Networks Unit 5

Each node in the tree defines a domain, which is an index to the domain name space
database.

The first level in the generic domains section allows seven possible three character levels.

These levels describe the organization types as listed in following table.

Country Domains

The country domains section follows the same format as the generic domains but uses two
characters for country abbreviations

E.g.; in for India, us for United States etc) in place of the three character organizational
abbreviation at the first level.

Second level labels can be organizational, or they can be more specific, national
designation.

India for example, uses state abbreviations as a subdivision of the country domain us. (e.g.,
ca.in.)

Inverse Domains

Mapping an address to a name is called Inverse domain.

The client can send an IP address to a server to be mapped to a domain name and it is
called PTR(Pointer) query.

To answer queries of this kind, DNS uses the inverse domain

DNS RESOLUTION

Mapping a name to an address or an address to a name is called name address resolution.

A host that needs to map an address to a name or a name to an address calls a DNS client
named a Resolver.

The Resolver accesses the closest DNS server with a mapping request.

If the server has the information, it satisfies the resolver; otherwise, it either refers the
resolver to other servers or asks other servers to provide the information.

After the resolver receives the mapping, it interprets the response to see if it is a real
resolution or an error and finally delivers the result to the process that requested it.

A resolution can be either recursive or iterative.

DNS RESOURCE RECORDS (RR)

The zone information associated with a server is implemented as a set of resource records.

42
Computer Networks Unit 5

In other words, a name server stores a database of resource records.

A resource record is a 5-tuple structure :

(Domain Name, Type, Class, TTL, Value)

The domain name identifies the resource record.

The type defines how the value should be interpreted.

The value defines the information kept about the domain name.

The TTL defines the number of seconds for which the information is valid.

The class defines the type of network

Types of Resource Records

DNS MESSAGES

DNS has two types of messages: query and response.

Both types have the same format.

The query message consists of a header and question section.

The response message consists of a header, question section, answer section, authoritative
section, and additional section .

Header

Both query and response messages have the same header format with some fields set to
zero for the query messages.

The header fields are as follows:

The identification field is used by the client to match the response with the query.

The flag field defines whether the message is a query or response. It also includes status of
error.

The next four fields in the header define the number of each record type in the message.

43
Computer Networks Unit 5

Question Section

The question section consists of one or more question records. It is present in both query
and response messages.

Answer Section

The answer section consists of one or more resource records. It is present only in response
messages.

Authoritative Section

The authoritative section gives information (domain name) about one or more authoritative
servers for the query.

Additional Information Section

The additional information section provides additional information that may help the
resolver.

DNS CONNECTIONS

DNS can use either UDP or TCP.

In both cases the well-known port used by the server is port 53.

UDP is used when the size of the response message is less than 512 bytes because most
UDP packages have a 512-byte packet size limit.

If the size of the response message is more than 512 bytes, a TCP connection is used.

DDNS (DYNAMIC DOMAIN NAME SYSTEM)

In DNS, when there is a change, such as adding a new host, removing a host, or changing
an IP address, the change must be made to the DNS master file.

The DNS master file must be updated dynamically.

The Dynamic Domain Name System (DDNS) is used for this purpose.

In DDNS, when a binding between a name and an address is determined, the information is
sent to a primary DNS server.

The primary server updates the zone.

The secondary servers are notified either actively or passively.

In active notification, the primary server sends a message to the secondary servers about
the change in the zone, whereas in passive notification, the secondary servers periodically
check for any changes.

44
Computer Networks Unit 5

In either case, after being notified about the change, the secondary server requests
information about the entire zone (called the zone transfer).

To provide security and prevent unauthorized changes in the DNS records, DDNS can use
an authentication mechanism.

SNMP (SIMPLE NETWORK MANAGEMENT PROTOCOL)

The Simple Network Management Protocol (SNMP) is a framework for managing

devices in an internet using the TCP/IP protocol suite.

SNMP is an application layer protocol that monitors and manages routers, distributed over
a network.

It provides a set of operations for monitoring and managing the internet.

SNMP uses services of UDP on two well-known ports: 161 (Agent) and 162 (manager).

SNMP uses the concept of manager and agent.

SNMP MANAGER

A manager is a host that runs the SNMP client program

The manager has access to the values in the database kept by the agent.

A manager checks the agent by requesting the information that reflects the behavior of the
agent.

A manager also forces the agent to perform a certain function by resetting values in the
agent database.

For example, a router can store in appropriate variables the number of packets received and
forwarded.

The manager can fetch and compare the values of these two variables to see if the router is
congested or not.

SNMP AGENT

45
Computer Networks Unit 5

The agent is a router that runs the SNMP server program.

The agent is used to keep the information in a database while the manager is used to access
the values in the database.

For example, a router can store the appropriate variables such as a number of packets
received and forwarded while the manager can compare these variables to determine whether
the router is congested or not.

Agents can also contribute to the management process.

A server program on the agent checks the environment, if something goes wrong, the agent
sends a warning message to the manager.

SNMP MANAGEMENT COMPONENTS

Management of the internet is achieved through simple interaction between a manager and
agent.

Management is achieved through the use of two protocols:

o Structure of Management Information (SMI)

o Management Information Base (MIB).

Structure of Management Information (SMI)

To use SNMP, we need rules for naming objects.

SMI is a protocol that defines these rules.

SMI is a guideline for SNMP

It emphasizes three attributes to handle an object: name, data type, and

encoding method.

Its functions are:

To name objects.

To define the type of data that can be stored in an object.

46
Computer Networks Unit 5

To show how to encode data for transmission over the network.

Name

SMI requires that each managed object (such as a router, a variable in a router, a
value,etc.) have a unique name. To name objects globally.

SMI uses an object identifier, which is a hierarchical identifier based on a tree structure.

The tree structure starts with an unnamed root. Each object can be defined using a
sequence of integers separated by dots.

The tree structure can also define an object using a sequence of textual names separated by
dots.

Type of data

The second attribute of an object is the type of data stored in it.

To define the data type, SMI uses Abstract Syntax Notation One (ASN.1) definitions.

SMI has two broad categories of data types: simple and structured.

The simple data types are atomic data types. Some of them are taken directly from
ASN.1; some are added by SMI.

SMI defines two structured data types: sequence and sequence of.

Sequence - A sequence data type is a combination of simple data types, not necessarily of
the same type.

Sequence of - A sequence of data type is a combination of simple data types all of the
same type or a combination of sequence data types all of the same type.

Encoding data

SMI uses another standard, Basic Encoding Rules (BER), to encode data to be transmitted
over the network.

BER specifies that each piece of data be encoded in triplet format (TLV): tag, length, value

Management Information Base (MIB)

The Management Information Base (MIB) is the second component used in network
management.

Each agent has its own MIB, which is a collection of objects to be managed.

MIB classifies objects under groups.

47
Computer Networks Unit 5

MIB Variables

MIB variables are of two types namely simple and table.

Simple variables are accessed using group-id followed by variable-id and 0

Tables are ordered as column-row rules, i.e., column by column from top to bottom. Only
leaf elements are accessible in a table type.

SNMP MESSAGES/PDU

SNMP is request/reply protocol that supports various operations using PDUs.

SNMP defines eight types of protocol data units (or PDUs):

GetRequest, GetNext-Request, GetBulkRequest, SetRequest, Response, Trap,

InformRequest, and Report

GetRequest

The GetRequest PDU is sent from the manager (client) to the agent (server) to retrieve the
value of a variable or a set of variables.

48
Computer Networks Unit 5

GetNextRequest

The GetNextRequest PDU is sent from the manager to the agent to retrieve the value of a
variable.

GetBulkRequest

The GetBulkRequest PDU is sent from the manager to the agent to retrieve a large amount
of data. It can be used instead of multiple GetRequest and GetNextRequest PDUs.

SetRequest

The SetRequest PDU is sent from the manager to the agent to set (store) a value in a
variable.

Response

The Response PDU is sent from an agent to a manager in response to GetRequest or

GetNextRequest. It contains the value(s) of the variable(s) requested by the manager.

Trap

The Trap PDU is sent from the agent to the manager to report an event. For example, if the
agent is rebooted, it informs the manager and reports the time of rebooting.

InformRequest

The InformRequest PDU is sent from one manager to another remote manager to get the
value of some variables from agents under the control of the remote manager. The remote
manager responds with a Response PDU.

Report

The Report PDU is designed to report some types of errors between managers.

HTTP (HYPERTEXT TRANSFER PROTOCOL)

The HyperText Transfer Protocol (HTTP) is used to define how the clientserver programs
can be written to retrieve web pages from the Web.

It is a protocol used to access the data on the World Wide Web (WWW).

The HTTP protocol can be used to transfer the data in the form of plain text, hypertext,
audio, video, and so on.

HTTP is a stateless request/response protocol that governs client/server communication.

An HTTP client sends a request; an HTTP server returns a response.

The server uses the port number 80; the client uses a temporary port number.

49
Computer Networks Unit 5

HTTP uses the services of TCP , a connection-oriented and reliable protocol.

HTTP is a text-oriented protocol. It contains embedded URL known as links.

When hypertext is clicked, browser opens a new connection, retrieves file from the server
and displays the file.

Each HTTP message has the general form

START_LINE <CRLF>

MESSAGE_HEADER <CRLF>

<CRLF> MESSAGE_BODY <CRLF>

where <CRLF> stands for carriage-return-line-feed.

Features of HTTP

o Connectionless protocol:

HTTP is a connectionless protocol. HTTP client initiates a request and waits for a response
from the server. When the server receives the request, the server processes the request and
sends back the response to the HTTP client after which the client disconnects the connection.
The connection between client and server exist only during the current request and response
time only.

o Media independent:

HTTP protocol is a media independent as data can be sent as long as both the client and
server know how to handle the data content. It is required for both the client and server to
specify the content type in MIME-type header.

o Stateless:

HTTP is a stateless protocol as both the client and server know each other only during the
current request. Due to this nature of the protocol, both the client and server do not retain the
information between various requests of the web pages.

HTTP REQUEST AND RESPONSE MESSAGES

The HTTP protocol defines the format of the request and response messages.

Request Message: The request message is sent by the client that consists of a request line,
headers, and sometimes a body.

Response Message: The response message is sent by the server to the client that consists
of a status line, headers, and sometimes a body.

50
Computer Networks Unit 5

HTTP REQUEST MESSAGE

The first line in a request message is called a request line.

After the request line, we can have zero or more request header lines.

The body is an optional one. It contains the comment to be sent or the file to be published
on the website when the method is PUT or POST.

Request Line

There are three fields in this request line - Method, URL and Version.

The Method field defines the request types.

The URL field defines the address and name of the corresponding web page.

The Version field gives the version of the protocol; the most current version of HTTP is
1.1.

Some of the Method types are:

Request Header

Each request header line sends additional information from the client to the server.

Each header line has a header name, a colon, a space, and a header value.

51
Computer Networks Unit 5

The value field defines the values associated with each header name.

Headers defined for request message include

Body

The body can be present in a request message. It is optional.

Usually, it contains the comment to be sent or the file to be published on the website when
the method is PUT or POST.

Conditional Request

A client can add a condition in its request.

In this case, the server will send the requested web page if the condition is met or inform
the client otherwise.

One of the most common conditions imposed by the client is the time and date the web
page is modified.

The client can send the header line If-Modified-Since with the request to tell the server that
it needs the page only if it is modified after a certain point in time.

HTTP RESPONSE MESSAGE

The first line in a request message is called a status line.

After the request line, we can have zero or more response header lines.

The body is an optional one. The body is present unless the response is an error message

52
Computer Networks Unit 5

Status Line

The Status line contains three fields - HTTP version , Status code, Status phrase

The first field defines the version of HTTP protocol, currently 1.1.

The status code field defines the status of the request. It classifies the HTTP result. It
consists of three digits.

1xx–Informational, 2xx– Success, 3xx–Redirection, 4xx–Client error, 5xx–Server error

The Status phrase field gives brief description about status code in text form.

Some of the Status codes are:

Response Header

Each header provides additional information to the client.

Each header line has a header name, a colon, a space, and a header value.

Some of the response headers are:

Body

53
Computer Networks Unit 5

The body contains the document to be sent from the server to the client.

The body is present unless the response is an error message.

HTTP CONNECTIONS

HTTP Clients and Servers exchange multiple messages over the same TCP connection.

If some of the objects are located on the same server, we have two choices: to retrieve each
object using a new TCP connection or to make a TCP connection and retrieve them all.

The first method is referred to as a non-persistent connection, the second as a persistent

connection.

HTTP 1.0 uses non-persistent connections and HTTP 1.1 uses persistent connections .

NON-PERSISTENT CONNECTIONS

In a non-persistent connection, one TCP connection is made for each request/response.

Only one object can be sent over a single TCP connection

The client opens a TCP connection and sends a request.

The server sends the response and closes the connection.

The client reads the data until it encounters an end-of-file marker.

It then closes the connection.

PERSISTENT CONNECTIONS

54
Computer Networks Unit 5

HTTP version 1.1 specifies a persistent connection by default.

Multiple objects can be sent over a single TCP connection.

In a persistent connection, the server leaves the connection open for more requests after
sending a response.

The server can close the connection at the request of a client or if a time-out has been
reached.

Time and resources are saved using persistent connections. Only one set of buffers and
variables needs to be set for the connection at each site.

The round trip time for connection establishment and connection termination is saved.

HTTP COOKIES

An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply
cookie) is a small piece of data sent from a website and stored on the user's computer by the
user's web browser while the user is browsing.

HTTP is stateless , Cookies are used to add State.

Cookies were designed to be a reliable mechanism for websites to

remember stateful information (such as items added in the shopping cart in an online store) or
to record the user's browsing activity (including clicking particular buttons, logging in, or
recording which pages were visited in the past).

They can also be used to remember arbitrary pieces of information that the user previously
entered into form fields such as names, addresses, passwords, and credit card numbers.

55
Computer Networks Unit 5

Components of Cookie

A cookie consists of the following components:

1. Name

2. Value

3. Zero or more attributes (name/value pairs). Attributes store information such as the
cookie's expiration, domain, and flags

Creating and Storing Cookies

The creation and storing of cookies depend on the implementation; however, the principle is
the same.

1. When a server receives a request from a client, it stores information about the client in a
file or a string. The information may include the domain name of the client, the contents of
the cookie (information the server has gathered about the client such as name, registration
number, and so on), a timestamp, and other information depending on the implementation.

2. The server includes the cookie in the response that it sends to the client.

3. When the client receives the response, the browser stores the cookie in the cookie
directory, which is sorted by the server domain name.

Using Cookies

When a client sends a request to a server, the browser looks in the cookie directory to see if
it can find a cookie sent by that server.

If found, the cookie is included in the request.

When the server receives the request, it knows that this is an old client, not a new one.

The contents of the cookie are never read by the browser or disclosed to the user. It is a
cookie made by the server and eaten by the server.

Types of Cookies

56
Computer Networks Unit 5

1.Authentication cookies

These are the most common method used by web servers to know whether the user is logged
in or not, and which account they are logged in with. Without such a mechanism, the site
would not know whether to send a page containing sensitive information, or require the user
to authenticate themselves by logging in.

2.Tracking cookies

These are commonly used as ways to compile individuals browsing histories.

3.Session cookie

A session cookie exists only in temporary memory while the user navigates the website. Web
browsers normally delete session cookies when the user closes the browser.

4.Persistent cookie

Instead of expiring when the web browser is closed as session cookies do, a persistent cookie
expires at a specific date or after a specific length of time. This means that, for the cookie's
entire lifespan , its information will be transmitted to the server every time the user visits the
website that it belongs to, or every time the user views a resource belonging to that website
from another website.

HTTP SECURITY

HTTP does not provide security.

However HTTP can be run over the Secure Socket Layer (SSL).

In this case, HTTP is referred to as HTTPS.

HTTPS provides confidentiality, client and server authentication, and data integrity

WEB SERVICES

 Web service is a standardized method for propagating messages between client and
server applications.
 A web service is a software module that is intended to carry out a specific set of
functions.
 Web services in cloud computing can be found and invoked over the network.

 The web service would be able to deliver functionality to the client that invoked the
web service.
 A web service is a set of open protocols and standards that allow data to be exchanged
between different applications or systems.

57
Computer Networks Unit 5

 Web services can be used by software programs written in a variety of programming

languages and running on a variety of platforms to exchange data via computer
networks
 such as the Internet in a similar way to inter-process communication on a single
computer.
 Any software, application, or cloud technology that uses standardized web protocols
(HTTP or HTTPS) to connect, interoperate, and exchange data messages – commonly
XML (Extensible Markup Language) – across the internet is considered a web
service.

Web services have the advantage of allowing programs developed in different
languages to connect with one another by exchanging data over a web service
between clients and servers.
 A client invokes a web service by submitting an XML request, which the service
responds with an XML response.

Functions of Web Services

 It’s possible to access it via the internet or intranet networks.

 XML messaging protocol that is standardized.

 Operating system or programming language independent.

 Using the XML standard, it is self-describing.

 A simple location approach can be used to locate it.

Components of Web Service

XML and HTTP is the most fundamental web services platform. The following components
are used by all typical web services:

SOAP (Simple Object Access Protocol)

 SOAP stands for “Simple Object Access Protocol.”

 It is a transport-independent messaging protocol.
 SOAP is built on sending XML data in the form of SOAP Messages.
 A document known as an XML document is attached to each message.
 Only the structure of the XML document, not the content, follows a pattern.
 The best thing about Web services and SOAP is that everything is sent through
HTTP, the standard web protocol.
 A root element known as the element is required in every SOAP document.
 In an XML document, the root element is the first element. The “envelope” is
separated into two halves.
 The header comes first, followed by the body.

58
Computer Networks Unit 5

 The routing data, or information that directs the XML document to which client it
should be sent to, is contained in the header.
 The real message will be in the body.

UDDI (Universal Description, Discovery, and Integration)

 UDDI is a standard for specifying, publishing and discovering a service provider’s

online services.
 It provides a specification that aids in the hosting of data via web services.
 UDDI provides a repository where WSDL files can be hosted so that a client
application can discover a WSDL file to learn about the various actions that a web
service offers.
 As a result, the client application will have full access to the UDDI, which serves as a
database for all WSDL files.
 The UDDI registry will hold the required information for the online service, just like a
telephone directory has the name, address, and phone number of a certain individual.
 So that a client application may figure out where it is.

WSDL (Web Services Description Language)

 The client invoking the web service should be aware of the location of the web
service.
 Second, the client application must understand what the web service does in order to
invoke the correct web service.
 The WSDL, or Web services description language, is used to accomplish this.
 The WSDL file is another XML-based file that explains what the web service does to
the client application.
 The client application will be able to understand where the web service is located and
how to use it by using the WSDL document.

How Does Web Service Work?

The client would use requests to send a sequence of web service calls to a server that would
host the actual web service.

59
Computer Networks Unit 5

 Remote procedure calls are what are used to make these requests.
 Calls to methods hosted by the relevant web service are known as Remote Procedure
Calls (RPC).
 Example: Flipkart offers a web service that displays prices for items offered on
Flipkart.com.
 The front end or presentation layer can be written in .Net or Java, but the web service
can be communicated using either programming language.
 The data that is exchanged between the client and the server, which is XML, is the
most important part of a web service design. XML (Extensible markup language) is a
simple intermediate language that is understood by various programming languages.
 It is a counterpart to HTML. As a result, when programs communicate with one
another, they do so using XML.
 This creates a common platform for applications written in different programming
languages to communicate with one another.
 For transmitting XML data between applications, web services employ SOAP
(Simple Object Access Protocol).
 The data is sent using standard HTTP. A SOAP message is data that is sent from the
web service to the application.
 An XML document is all that is contained in a SOAP message.
 The client application that calls the web service can be created in any programming
language because the content is written in XML.

Features/Characteristics Of Web Service

Web services have the following features:

(a) XML Based: The information representation and record transportation layers of a web
service employ XML. There is no need for networking, operating system, or platform binding
when using XML.

(b) Loosely Coupled: A customer of an internet service provider isn’t necessarily directly
linked to that service provider. The user interface for a web service provider can change over
time without impacting the user’s ability to interact with the service provider

(c) Capability to be Synchronous or Asynchronous: Synchronicity refers to the client’s

connection to the function’s execution. The client is blocked and the client has to wait for the
service to complete its operation, before continuing in synchronous invocations.
Asynchronous operations allow a client to invoke a task and then continue with other tasks.
Asynchronous clients get their results later, but synchronous clients get their effect
immediately when the service is completed.

(d) Coarse-Grained: Web services generation is an easy approach to define coarse-grained

services that have access to enough commercial enterprise logic.

60
Computer Networks Unit 5

(e) Supports Remote Procedural Call: Consumers can use an XML-based protocol to call
procedures, functions, and methods on remote objects utilizing web services. A web service
must support the input and output framework exposed by remote systems.

(f) Supports Document Exchanges: One of XML’s most appealing features is its simple
approach to communicating with data and complex entities

Advantages Of Web Service

Using web services has the following advantages:

(a) Business Functions can be exposed over the Internet: A web service is a controlled
code component that delivers functionality to client applications or end-users.

(b) Interoperability: Web administrations allow diverse apps to communicate with one
another and exchange information and services.

(c) Communication with Low Cost: Because web services employ the SOAP over HTTP
protocol, you can use your existing low-cost internet connection to implement them.

(d) A Standard Protocol that Everyone Understands: Web services communicate via a
defined industry protocol. In the web services protocol stack, all four layers (Service
Transport, XML Messaging, Service Description, and Service Discovery) use well-defined
protocols.

(e) Reusability: A single web service can be used simultaneously by several client
applications.

61