CHAPTER 2

APPLICATION LAYER

Contents

Chapter Summary ​2

Learning Objectives ​2

Lecture Outline ​2

Test Your Knowledge ​3

Key Terms ​3
Questions ​4

Homework for the 1st Lab Exam, Part 2 out of 2 ​9

1 (15)
Chapter Summary
The Application Layer (also called layer 5) is the software that enables the user to perform useful work. The
software at the application layer is the reason for having the network because it is this software that provides the
business value. This chapter examines the five fundamental types of application architectures used at the
application layer (host-based, client-based, client-server, cloud-based, peer to peer). It then looks at the Internet
and the primary software application packages it enables: the Web, email, Telnet, and instant messaging.

Learning Objectives
After reading this chapter, students should be able to:
1. understand host-based, client-based, client-server, cloud-based, and peer-to-peer application
architectures,
2. understand how the Web works,
3. understand how email works, and
4. be aware of how Telnet and instant messaging works.

Lecture Outline

Hour Content Mode

1st 1. INTRODUCTION Lecture by

2. APPLICATION ARCHITECTURES Hanna
a. Host-Based Architectures
b. Client-Based Architectures
c. Client-Server Architectures
d. Cloud Computing Architectures
e. Peer-to-Peer Architectures
f. Choosing Architectures
3. WORLD WIDE WEB
a. How the Web Works
b. Inside an HTTP Request
c. Inside an HTTP Response
4. ELECTRONIC MAIL
a. How E-Mail Works
b. Inside an SMTP Packet
c. Attachments in Multipurpose Internet Mail Extension
5. OTHER APPLICATIONS
a. Telnet
b. Instant Messaging
c. Videoconferencing
6. IMPLICATIONS FOR MANAGEMENT
SUMMARY

2nd Team 1: Minicase I Problem-ba

Team 2: Minicase II sed learning
Team 3: Minicase III in small
Team 4: Minicase IV teams
Team 5: Case Study (Next-day Air Service), Exercise 1
Team 6: Case Study (Next-day Air Service), Exercise 2
Team 7: Case Study (Next-day Air Service), Exercise 3

2 (15)
Test Your Knowledge

Key Terms
application architecture n-tier architecture
application logic peer-to-peer architecture
client-based architecture personal computer
client-server architecture Post Office Protocol (POP)
cloud computing presentation logic
cluster protocol
data access logic request body
data storage request header
desktop videoconferencing request line
distributed computing response body
model response header
dumb terminal response status
email scalability
green computing server virtualization
H.320 Simple Mail Transfer Protocol (SMTP)
H.323 SMTP header
host-based architecture SMTP body
HTTP request Telnet
HTTP response terminal
Hypertext Markup Language (HTML) thick client
Hypertext Transfer Protocol (HTTP) thin client
instant messaging (IM) three-tier architecture
Internet transaction terminal
Internet Message Access Protocol (IMAP) two-tier architecture
mail transfer agent uniform resource locator (URL)
mail user agent videoconferencing
mainframe virtual server
middleware World Wide Web
MPEG-2 Web browser
Multipurpose Internet Mail Extension (MIME) Webcasting
network computer Web server

3 (15)
Questions
1. What are the different types of application architectures?
2. Describe the four basic functions of an application software package.
3. What are the advantages and disadvantages of host-based networks versus client-server networks?
4. What is middleware and what does it do?
5. Suppose your organization was contemplating switching from a host-based architecture to client-server.
What problems would you foresee?
6. Which is less expensive: host-based networks or client-server networks? Explain.
7. Compare and contrast two-tiered, three-tiered, and ​n-tiered client server architectures. What are the
technical differences, and what advantages and disadvantages do each offer?
8. How does a thin client differ from a thick client?
9. What are the benefits of cloud computing?
10. Compare and contrast the three cloud computing models.
11. What is a network computer?
12. For what is HTTP used? What are its major parts?
13. For what is HTML used?
14. Describe how a Web browser and Web server work together to send a Web page to a user.
15. Can a mail sender use a two-tier architecture to send mail to a receiver using a three-tier architecture?
Explain.
16. Describe how mail user agents and message transfer agents work together to transfer mail messages.
17. What roles do SMTP, POP, and IMAP play in sending and receiving e-mail on the Internet?
18. What are the major parts of an e-mail message?
19. What is a virtual server?
20. What is Telnet, and why is it useful?
21. What is cloud computing?
22. Explain how instant messaging works.
23. Compare and contrast the application architecture for videoconferencing with the architecture for
e-mail.
24. Which of the common application architectures for e-mail (two-tier client-server, Web-based) is
"best"? Explain.
25. Some experts argue that thin-client client-server architectures are really host-based architectures in
disguise and suffer from the same old problems. Do you agree? Explain.

4 (15)
Answers

1. Host-based application architectures (all processing done on host system and all data on host with
terminals providing access), ​client-based application architectures (with processing done on client and
all data stored on server), and ​client-server application architectures (balanced processing; usually host
provides data access and storage while the client provides application and presentation logic).

2. The four basic functions of an application software package are ​data storage, ​data access logic,
application logic, and ​presentation logic.

3.
Host-based Client-server
Centralized security Balanced processing demands
Integrated architecture from single Lower cost; inexpensive infrastructure
Pros vendor Can use software and hardware from different
Simpler, centralized installation vendors
Scalability
Having all processing on host may lead Problems with using software and/or hardware
to overload from different vendors
Cons Cost of software and upgrades; More complex installation or updating (although
expensive infrastructure automated installation software helps greatly in
Terminal totally dependent on server this area).

4. Middleware manages client-server message transfer and shields application software from impacts of
hardware changes. Middleware provides standard communication between products of different
vendors through translation.

5. When ​switching from a host-based to client-server network, infrastructure supporting cabling hardware
and software will need to be redesigned to support the client-server approach to the architecture.
Someone would need to be designated to manage what would now become the local area network, so
there may be a personnel impact. Security would be one area of concern, since processing can be done
on individual workstations. There may be somewhat greater complexity of upgrades, although newer
software is reducing the impact of this kind of problem.

6. Client-server networks are less expensive than host-based networks because in a competitive market
involving multiple vendors, software and hardware upgrades cost substantially less. Upgrades for
host-based networks are generally very expensive, and occur in what is generally termed a “step
function,” meaning requiring large, discrete steps in expenditure. LANs have the ability to be deployed
with a smoother cost curve in less severe increments.

7. Two-tiered architectures have only clients and servers. ​Three-tiered architectures typical separate (1)
presentation logic, (2) application logic, and (3) and data access logic and storage. In ​n-tiered
architecture more than one tier may be used to support application logic, typically due to a Web server
tier being included. Three-tiered or n-tiered architectures place a greater load on the network, but
balances server load better and is more scalable.

8. Thick clients support all or most application logic while ​thin clients support little or no application
logic. Development and maintenance costs for more complex thick-client environments can be higher
than for thin clients.

9. Benefits of ​cloud computing include gaining access to experts to manage the cloud, potentially lower
costs, scalability, and pay-as-you-go.

5 (15)
10. Figure 2-7:

11. A ​network computer supports Internet access but has no hard disk local storage.

12. The standard protocol for communication between a Web browser and a Web server is ​HyperText
Transfer Protocol (HTTP). An HTTP request from a Web browser to a Web server has three parts.
Only the first part is required; the other two are optional.
● the ​request line, which starts with a command (e.g., GET), provides the URL, and ends with
the HTTP version number that the browser understands.
● the ​request header, which contains a variety of optional information such as the Web browser
being used (e.g., Internet Explorer), the date, and a userid and password for use if the Web
page is password-protected.
● the ​request body, which contains information sent to the server, such as information from a
form.

The format of an HTTP response from the server to the browser is very similar to the browser request.
It has three parts, but only the last part is required; the first two are optional:
● the ​response status, which contains the HTTP version number the server has used, a status
code (e.g., 200 means OK, 404 means page not found), and reason phrase (a text description
of the status code)
● the ​response header, which contains a variety of optional information such as the Web server
being used (e.g., Apache), the date, the exact URL of the page in the response body, and the
format used for the body (e.g., HTML)
● the ​response body, which is the Web page itself.

13. HyperText Markup Language (HTML) is the language in which web pages are created. The response
body of an HTTP response can be in any format, such as text, Microsoft Word, Adobe PDF, or a host
of other formats, but the most commonly used format is HTML. The major parts of HTML are the
heading (denoted by the <head> tag) and the body (denoted by the <body> tag) of the response.

14. In order to get a page from the Web, the user must type the ​Internet Uniform Resource Locator (URL)
for the page he or she wants, or click on a link that provides the URL. The URL specifies the Internet
address of the ​Web server and the directory and name of the specific page wanted. In order for the
requests from the ​Web browser to be understood by the Web server, they must use the same standard
protocol. The standard protocol for communication between a Web browser and a Web server is
HTTP.

6 (15)
15. Yes. With e-mail, users with the two-tier architecture will use the user agent software to interface with
their email server, which will send out web based, SMTP packets to the far end receiver’s server
computer with mail server software. The server at the far end will issue an IMAP or SMTP packet to
the receiver’s server computer, which will then arrive at the receiver when they ask for the email with
an HTTP request to the web based email application. Thus, a 2-tiered system easily interfaces with a
three-tiered architecture over the internet using the appropriate protocols.

16. The sender of an e-mail uses a ​user agent (an application layer software package) to write the ​e-mail
message. The user agent sends the message to a mail server that runs a special application layer
software package called a ​message transfer agent. These agents read the envelope and then send the
message through the network (possibly through dozens of mail transfer agents) until the message
arrives at the receiver’s mail server. The mail transfer agent on this server then stores the message in
the receiver’s mailbox on the server. When the receiver next accesses his or her e-mail, the user agent
on his or her client computer contacts the mail transfer agent on the mail server and asks for the
contents of the user’s mailbox. The mail transfer agent sends the e-mail message to the client
computer, which the user reads with the user agent.

17. Simple Mail Transfer Protocol (​SMTP) defines how message transfer agents operate and how they
format messages sent to other message transfer agents. The SMTP standard covers message
transmission between message transfer agents (i.e., mail server to mail server). A different standard
called ​Post Office Protocol (POP) defines how user agents operate and how messages to and from mail
transfer agents are formatted. POP is gradually being replaced by a newer standard called ​Internet Mail
Access Protocol (IMAP). While there are several important technical differences between POP and
IMAP, the most noticeable difference is that before a user can read a mail message with a POP user
agent, the e-mail message must be copied to the client computer’s hard disk and deleted from the mail
server. With IMAP, e-mail messages can remain stored on the mail server after they are read.

18. The ​major parts of an e-mail message are:

a. the ​header, which lists source and destination e-mail addresses (possibly in text form (e.g.,
“Susan Smith”) as well as the address itself (e.g., smiths@robert-morris.edu)), date, subject,
and so on
b. the ​body, which is the message itself.

19. A ​virtual server is one computer that acts as several servers. Using special software like Microsoft
Virtual PC, WMWare, or VirtualBox, several operating systems are installed on the same physical
computer so that one computer appears as several different ones on the network.

20. Telnet enables users on one computer to login into other computers on the Internet. Once Telnet makes
the connection from the client to the server, a user can login into the server or host computer in the
same way as that person would if they dialed in with a modem; the user must know the account name
and password of an authorized user. Telnet enables a person to connect to a remote computer without
incurring long distance telephone charges. ​Telnet can be useful because it enables access to servers or
host computers without sitting at the dedicated computer’s keyboard. Most network managers use
Telnet to work on their organization’s servers, rather than physically sitting in front of them and using
the keyboards.

21. With ​cloud computing, a company contracts with another firm to provide software services over the
Internet, rather than installing the software on its own servers. The company no longer buys and
manages its own servers and software, but instead pays a monthly subscription fee or a fee based on
how much they use the application.

22. An instant messaging (client) communicates with an IM server application. Once a user is online, the
server application can monitor connections so that multiple pre-identified clients can be notified and
decide to participate in real-time messaging. IM may include video or audio. Video exchange, of
course, requires cameras. Underlying this application requires a full-duplex connection between
destination and host.

7 (15)
23. Videoconferencing must deliver real-time services demanding high capacity data transfer for both
image and voice transmission. Specialized hardware (and even rooms) may be required. ​E-mail
messages (typically without large attachments) are relatively small by comparison, can be received by
any Internet-capable computer, and do not have to be consumed in real time.

24. The ​best architecture for email can depend on how one wants to use e-mail. If a person wants to be
able to access their e-mail from anywhere, then Web-based is best. If the person wants professional
backup and storage within an organization, then two-tier client-server is best. If the person wants
storage of e-mail strictly under their control and they also want to be able to access their e-mail files
off-line when there is a network service interruption, then host-based is best. Employers may choose to
use client-server architecture for email access within the organization and Web-based architecture for
access to the same system for those times when employees are outside the company (at home, at
another business, or on travel).

25. While thin client have substantially less application logic than ​thick client, they have sufficient
application logic (as, for example, a Web browser possibly with Java applets) to participate in a
client-server relationship. The older host-based terminals did not even have this much application
logic. While thin-client use today reflects some level of return to a more centralized approach, the
client is likely served by multiple servers (and even multiple tiers), rather than a single large host server
as in the past. Thus, the two approaches are similar, but not exact, from a technological design
perspective.

8 (15)
Homework for the 1st Lab Exam, Part 2 out of 2

1. Investigate the use of the major application architectures by The ANU. Which architecture(s) does it
use most often, in general and in particular for its email? What changes would you guide it to have in
its architecture in the future and why?

2. Investigate the following:

a. What are the costs of thin client versus thick client architectures and what are the likely
reasons for the differences between the two? Search the Web for at least two different studies
and be sure to reference your sources, using ​the Harvard style (see
http://www.anu.edu.au/students/learning-development/academic-integrity/style-guides​).
b. Which companies are the most reliable cloud computing providers for small business? Explain
why you have included or excluded a given company and what makes a given cloud reliable.
c. What are (some of) your options for having your private cloud as an individual? Hint: Try the
Apple Web site.

3. The objective of this exercise is for you to capture HTTP packets and see inside them.
a. Use your browser to connect to ​http://www.rexswain.com/httpview.html​.
b. In the URL box, type any URL you like and click Submit. In the middle of the screen, under
the label “Sending request:” you will see the exact HTTP packet that your browser generated.
If you scroll this screen down, you will see the exact HTTP response packet that the server
sent back to you.
c. Try this on several sites around the Web to see what Web server they use. For example,
Microsoft uses the Microsoft IIS Web server (try, e.g., ​http://www.bing.com to see this), while
Cisco uses Apache (try, e.g.,
http://www.cisco.com/c/en_au/solutions/internet-of-things/overview.html to see this). Some
companies set their Web servers not to release this information.
d. Deliverables: Do a print/capture screen from two separate Web sites that shows your HTTP
requests and the HTTP response of the servers. Please use sites other than the Microsoft Bing
and Cisco IoT examples above.

4. Some emails today are spa​m, unwanted commercial email, or phishing, fake email designed to separate
you from your money. Criminals routinely send fake emails that try to get you to tell them your log-in
information for your bank or your PayPal account, so that they can steal the information, log-in as you,
and steal your money. It is very easy to fake a return address on an email, so simply looking to make
sure that an email has a valid sender is NOT sufficient to ensure that the email was actually sent by the
person or company that claims to have sent it. However, every SMTP email packet contains
information in its header about who actually sent the email. You can read this information yourself, or
you can use a tool designed to simplify the process for you. The objective of this exercise is for you to
trace an email you have received to see if the sending address on the email is actually the organisation
that sent it.
a. There are many tools you can use to trace your email. We like a tool called eMailTrackerPro
(​http://www.emailtrackerpro.com​), which has a free version that lasts for 15 days. Please
download and install it or use its online demo at ​http://www.emailtrackerpro.com/demo.html
or use the figures below to complete the exercise.
b. Please either i) choose an email message you want to trace or ii) use the provided example.
i. Login to your email and find the emai​l message for tracing. After you open the email,
find the option that enables you to view the Internet header or source of the message
(in Microsoft Outlook, click the Options tab and look at the bottom of the box that

9 (15)
 pops up). Take a screenshot of the outcome (see Figure 2-22 below as an example)
and also copy the entire SMTP header to the clipboard. Use the eMailTrackerPro
program or demo to analyse the header by selecting “Trace an email”, pasting the
clipboard content into the box provided, and clicking “Trace” to start the trace. It
may take up to 30 seconds to trace the email, so be patient. Take a screenshot of your
trace results ​(see Figure 2-23 below as an example) ​. Take As a deliverable, please
print the original email and aforementioned screenshots, together with an analysis of
the results (a couple of sentences).
ii. Email (supposedly) from Wachovia Bank, using the email address of
aw-login@wachovia.com that results in the Microsoft Outlook SMTP header of
Figure 2-22 below. Figure 2-23 shows the trace results by the eMailTrackerPro
program for this header. Do you agree that the email was actually from a company
named Musser and Kouri Law whose primary contact is Musser Ratliff, CPA, which
uses SBC in Plano, Texas, as its Internet service provider? What makes you question
that someone might have broken into the network of this company and used its email
server without permission, or fraudulently used the company name and contact
information on its domain registration?

5. We have discussed about how messages are transferred using layers and the different protocol data
units (PDUs) used at each layer. The objective of this exercise is for you to see the different PDUs in
the messages that you send. To do this, we will use Wireshark again (see the Week 1 handout, home
exercise 10) and two files that we have created by capturing SMTP and POP packets (you could use
Wireshark to capture your own SMTP and POP packets too; for how-to, please complete the Week 1
home exercise 10 and use your two-tier email client to create and send an email message instead of
your Web browser).
a. Please download the following two files: SMTP_Capture.pkt at
https://drive.google.com/file/d/0B58qEFIEoLAKMDVud0l4T25WV3M/view?usp=sharing
and POP3_Capture.pkt at
https://drive.google.com/file/d/0B58qEFIEoLAKbmtnVGN5TGZid0E/view?usp=sharing​.
Note: Depending on the version of Wireshark you are using, the file extension may by pkt or
pcap - please change the extension if your version requests for this.
b. Part 1: SMTP
i. Start Wireshark and open the SMTP_Capture.pkt file or use the Figure 2-24 below to
analyse its outcomes.
ii. We used the email software on our client computer to send an email message to our
email server. Figure 2-24 below shows the packets we captured that were sent to and
from the client computer (called 192.168.1.100) and the server (128.196.40.4) to
send this message from the client to the server. The first few packets are called the
handshake, as the client connects to the server and the server acknowledges it is
ready to receive a new email message.
iii. Packet 8 is the start of the email message that identifies the sender. The next packet
from the client (packet 10) provides the recipient address and then the email message
starts with the DATA command (packet 12) and is spread over several packets (14,
15, and 17) because it is too large to fit in one Ethernet frame. (Remember that the
sender’s transport layer breaks up large messages into several smaller TCP segments
for transmission and the receiver’s transport layer reassembles the segments back
into the one SMTP message.)
iv. Packet 14 contains the first part of the message that the user wrote. It is not that easy
to read, but by looking in the bottom window, you can see what the sender wrote.
v. Deliverables:

10 (15)
 1. List the information in the SMTP header (to, from, date, subject, message
ID#).
2. Look through the packets to read the user’s message. List the user’s actual
name (not her email address), her birthdate, and her SSN.
3. Some experts believe that sending an email message is like sending a
postcard. Why? How secure is SMTP email? How could security be
improved?
c. Part 2: POP
i. Start Wireshark and open the POP3_Capture.pkt file or use the Figure 2-25 below to
analyse its outcomes.
ii. We used the email software on our client computer to read an email message that was
our email server. Figure 2-25 below shows the packets we captured that were sent to
and from the client computer (called 128.196.239.91) and the server (128.192.40.4)
to send an email message from the server to the client. The first few packets are
called the handshake, as the client logs in to the server and the server accepts the log
in.
iii. Packet 12 is the POP STAT command (status) that asks the server to show the
number of email messages in the user’s mailbox. The server responds in packet 13
and tells the client there is one message.
iv. Packet 16 is the POP LIST command that asks the server to send the client a
summary of email messages, which it does in packet 17.
v. Packet 18 is the POPRETR command (retrieve) that asks the server to send message
1 to the client. Packets 20, 22, and 23 contain the email message. It is not that easy to
read, but by looking in the bottom window for packet 20, you can see what the sender
wrote. You can also expand the POP packet in the middle packet detail window (by
clicking on the + box in front of it), which is easier to read.
vi. Deliverables:
1. Packets 5 through 11 are the log-in process. Can you read the user id and
passwords? Why or why not?
2. Look through the packets to read the user’s message. List the user’s actual
name (not her email address), her birthdate, and her SSN.

11 (15)
12 (15)
13 (15)
14 (15)
15 (15)