DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Name of the Staff: Mr.E.Ramesh Reddy

UNIT-II
Application Layer
5.1. Introduction:
Application layer is the top most layer in OSI and TCP/IP layered model. This layer exists in both
layered Models because of its significance, of interacting with user and user applications. This layer is for
applications which are involved in communication system.

A user may or may not directly interacts with the applications. Application layer is where the actual
communication is initiated and reflects. Because this layer is on the top of the layer stack, it does not serve
any other layers. Application layer takes the help of Transport and all layers below it to communicate or
transfer its data to the remote host.

The application layer provides services to the user. Communication is provided using a logical
connection, which means that the two application layers assume that there is an imaginary direct connection
through which they can send and receive messages.

The Application Layer contains a variety of protocols that are commonly needed by users. One
widely-used application protocol is HTTP(HyperText Transfer Protocol), which is the basis for the World
Wide Web. When a browser wants a web page, it sends the name of the page it wants to the server using
HTTP. The server then sends the page back.

Other Application protocols that are used are: File Transfer Protocol(FTP), Trivial File Transfer
Protocol(TFTP), Simple Mail Transfer Protocol(SMTP), TELNET, Domain Name System(DNS) etc.

Functions of Application Layer

1. Mail Services: This layer provides the basis for E-mail forwarding and storage.
2. Network Virtual Terminal: It allows a user to log on to a remote host. The application creates
software emulation of a terminal at the remote host. User's computer talks to the software terminal
which in turn talks to the host and vice versa. Then the remote host believes it is communicating
with one of its own terminals and allows user to log on.
3. Directory Services: This layer provides access for global information about various services.
4. File Transfer, Access and Management (FTAM): It is a standard mechanism to access files and
manages it. Users can access files in a remote computer and manage it. They can also retrieve files
from a remote computer.

Application-Layer Paradigms:

Two paradigms have been developed during the lifetime of the Internet:
o the client-server paradigm
o the peer-to-peer paradigm.
Traditional Paradigm: Client-Server:
1
 The traditional paradigm is called the client-server paradigm. It was the most popular paradigm until
a few years ago. In this paradigm, the service provider is an application program, called the server process;
it runs continuously, waiting for another application program, called the client process, to make a connection
through the Internet and ask for service. There are normally some server processes that can provide a specific
type of service, but there are many clients that request service from any of these server processes. The server
process must be running all the time; the client process is started when the client needs to receive service.

Several traditional services are still using this paradigm, including the World Wide Web (WWW) and its
vehicle HyperText Transfer Protocol (HTTP), file transfer protocol (FTP), secure shell (SSH), e-mail, and
so on.

New Paradigm: Peer-to-Peer:

A new paradigm, called the peer-to-peer paradigm (often abbreviated P2P paradigm) has emerged
to respond to the needs of some new applications. In this paradigm, there is no need for a server process to
be running all the time and waiting for the client processes to connect. The responsibility is shared between
peers. A computer connected to the Internet can provide service at one time and receive service at another
time.

5.2. CLIENT-SERVER PROGRAMMING:

In a client-server paradigm, communication at the application layer is between two running

application programs called processes: a client and a server. A client is a running program that initializes
the communication by sending a request; a server is another application program that waits for a request
from a client. The server handles the request received from a client, prepares a result, and sends the result
back to the client. This definition of a server implies that a server must be running when a request from a
2
client arrives, but the client needs to be run only when it is needed.

Application Programming Interface:

A computer program is normally written in a computer language with a predefined set of instructions that
tells the computer what to do. A computer language has a set of instructions for mathematical operations, a
set of instructions for string manipulation, a set of instructions for input/ output access, and so on. An
interface in programming is a set of instructions between two entities.

In this case, one of the entities is the process at the application layer and the other is the operating
system that encapsulates the first four layers of the TCP/IP protocol suite. A set of instructions of this kind
is normally referred to as an application programming interface (API). Several APIs have been designed for
communication. Three among them are common: socket interface, Transport Layer Interface (TLI), and
STREAM.

Socket interface started in the early 1980s at UC Berkeley as part of a UNIX environment. The socket
interface is a set of instructions that provide communication between the application layer and the
operating system, as shown in Figure.

The idea of sockets allows us to use the set of all instructions already designed in a programming
language for other sources and sinks. the application layer is concerned, communication between a client
process and a server process is communication between two sockets, created at two ends, as shown in
Figure. The client thinks that the socket is the entity that receives the request and gives the response; the
server thinks that the socket is the one that has a request and needs the response. If we create two sockets,
one at each end, and define the source and destination addresses correctly.

Socket Addresses:

The interaction between a client and a server is two-way communication. In a two-way

communication, we need a pair of addresses: local (sender) and remote (receiver). The local address in one
direction is the remote address in the other direction and vice versa. Since communication in the client-server
paradigm is between two sockets, we need a pair of socket addresses for communication: a local socket
address and a remote socket address.

3
Local Socket Address The local (server) socket address is provided by the operating system. The operating
system knows the IP address of the computer on which the server process is running.

Remote Socket Address The remote socket address for a server is the socket address of the client that makes
the connection. Since the server can serve many clients, it does not know beforehand the remote socket
address for communication. The server can find this socket address when a client tries to connect to the
server.

5.3. WORLD WIDE WEB:

The idea of the Web was first proposed by Tim Berners-Lee in 1989 at CERN†, the European
Organization for Nuclear Research, to allow several researchers at different locations throughout Europe to
access each others’ researches. The commercial Web started in the early 1990s.

The Web today is a repository of information in which the documents, called web pages, are
distributed all over the world and related documents are linked together. The popularity and growth of the
Web can be related to two terms in the above statement:

➢ Distributed
➢ Linked

Distribution allows the growth of the Web. Each web server in the world can add a new web page to the
repository and announce it to all Internet users without overloading a few servers. Linking allows one web
page to refer to another web page stored in another server somewhere else in the world. The linking of web
pages was achieved using a concept called hypertext.

Architecture:
The WWW today is a distributed client-server service, in which a client using a browser can access
a service using a server. However, the service provided is distributed over many locations called sites. Each
site holds one or more web pages. Each web page, however, can contain some links to other web pages in
the same or other sites.

Web Client (Browser):

A variety of vendors offer commercial browsers that interpret and display a web page, and all of
them use nearly the same architecture. Each browser usually consists of three parts: a controller, client
protocols, and interpreters.
4
 The controller receives input from the keyboard or the mouse and uses the client programs to access
the document. After the document has been accessed, the controller uses one of the interpreters to display
the document on the screen. The client protocol can be one of the protocols described later, such as HTTP
or FTP. The interpreter can be HTML, Java, or JavaScript, depending on the type of document. Some
commercial browsers include Internet Explorer, Netscape Navigator, and Firefox.

Web Server:
The web page is stored at the server. Each time a request arrives, the corresponding document is
sent to the client. To improve efficiency, servers normally store requested files in a cache in memory;
memory is faster to access than a disk. A server can also become more efficient through multithreading or
multiprocessing. In this case, a server can answer more than one request at a time. Some popular web
servers include Apache and Microsoft Internet Information Server.

Uniform Resource Locator (URL):

A web page, as a file, needs to have a unique identifier to distinguish it from other web pages. To
define a web page, we need three identifiers: host, port, and path. However, before defining the web page,
we need to tell the browser what clientserver application we want to use, which is called the protocol.

Protocol. The first identifier is the abbreviation for the client-server program that we need in order to
access the web page. Although most of the time the protocol is HTTP (HyperText Transfer Protocol), also
use other protocols such as FTP (File Transfer Protocol).

Host. The host identifier can be the IP address of the server or the unique name given to the server. IP
addresses can be defined in dotted decimal notation.

Port. The port, a 16-bit integer, is normally predefined for the client-server application. For example, if the
HTTP protocol is used for accessing the web page, the well-known port number is 80.

Path. The path identifies the location and the name of the file in the underlying operating system. The
format of this identifier normally depends on the operating system.

To combine these four pieces together, the uniform resource locator (URL) has been designed; it uses three
different separators between the four pieces as shown below:

• protocol://host/path Used most of the time

• protocol://host:port/path Used when port number is needed

Web Documents

The documents in the WWW can be grouped into three broad categories: static, dynamic,
and active.

Static Documents
Static documents are fixed-content documents that are created and stored in a server. The client can
get a copy of the document only. In other words, the contents of the file are determined when the file is
5
created, not when it is used. Static documents are prepared using one of several languages: HyperText
Markup Language (HTML), Extensible Markup Language (XML), Extensible Style Language (XSL), and
Extensible Hypertext Markup Language (XHTML).

Dynamic Documents
A dynamic document is created by a web server whenever a browser requests the document. When a
request arrives, the web server runs an application program or a script that creates the dynamic document.
scripting languages such as Java Server Pages (JSP), which uses the Java language for scripting, or Active
Server Pages (ASP), a Microsoft product that uses Visual Basic language for scripting, or ColdFusion, which
embeds queries in a Structured Query Language (SQL) database in the HTML document.

Active Documents
For many applications, we need a program or a script to be run at the client site. These are called active
documents. For example, suppose we want to run a program that creates animated graphics on the screen or
a program that interacts with the user.

5.4. HyperText Transfer Protocol (HTTP):

The HyperText Transfer Protocol (HTTP) is used to define how the client-server programs can be
written to retrieve web pages from the Web. An HTTP client sends a request; an HTTP server returns a
response. The server uses the port number 80; the client uses a temporary port number. HTTP uses the
services of TCP.

Nonpersistent versus Persistent Connections:

Nonpersistent Connections

In a nonpersistent connection, one TCP connection is made for each request/response. The
following lists the steps in this strategy:
1. The client opens a TCP connection and sends a request.
2. The server sends the response and closes the connection.
3. The client reads the data until it encounters an end-of-file marker; it then closes the
connection.

Persistent Connections
HTTP version 1.1 specifies a persistent connection by default. In a persistent connection, the server
leaves the connection open for more requests after sending a response. The server can close the connection
at the request of a client or if a time-out has been reached. The sender usually sends the length of the data
with each response. However, there are some occasions when the sender does not know the length of the
data. This is the case when a document is created dynamically or actively.

6
Request Message:

The client uses the GET method to send a request. In this case, the body of the message is empty.
The HEAD method is used when the client needs only some information about the web page from the
server, such as the last time it was modified.
The PUT method is the inverse of the GET method;

The POST method is similar to the PUT method, but it is used to send some information to the
server to be added to the web page or to modify the web page.

The DELETE method allows the client to delete a web page on the server if the client has permission to do
so.
The CONNECT method was originally made as a reserve method; it may be used by proxy servers.
Finally, the OPTIONS method allows the client to ask about the properties of a web page.
The body can be present in a request message. Usually, it contains the comment to be sent or the file to be
published on the website when the method is PUT or POST.

7
Response Message
A response message consists of a status line, header lines, a blank line, and sometimes a body. The
first line in a response message is called the status line. There are three fields in this line separated by
spaces and terminated by a carriage return and line feed.

5.5. FILE TRANSFER PROTOCOL (FTP) :

File Transfer Protocol (FTP) is the standard protocol provided by TCP/IP for copying a file from one host
to another. Although transferring files from one system to another seems simple and straightforward, some
problems must be dealt with first.

Figure shows the basic model of FTP. The client has three components: the user interface, the client
control process, and the client data transfer process. The server has two components: The server control
process and the server data transfer process. The control connection is made between the control processes.
The data connection is made between the data transfer processes. Separation of commands and data
transfer makes FTP more efficient. The control connection uses very simple rules of communication.

Two Connections

The two connections in FTP have different lifetimes. The control connection remains connected during the
entire interactive FTP session. The data connection is opened and then closed for each file transfer activity.

Control Connection:
For control communication, FTP uses the same approach as TELNET. It uses the NVT ASCII
character set as used by TELNET. Communication is achieved through commands and responses. During
this control connection, commands are sent from the client to the server and responses are sent from the
server to the client.

Every FTP command generates at least one response. A response has two parts: a three-digit number
followed by text.

8
Some responses in FTP

Data Connection:

The data connection uses the well-known port 20 at the server site. However, the creation of a data
connection is different from the control connection. The following shows the steps:

1. The client, not the server, issues a passive open using an ephemeral port. This must be done by the client
because it is the client that issues the commands for transferring files.

2. Using the PORT command the client sends this port number to the server.

3. The server receives the port number and issues an active open using the well known port 20 and the
received ephemeral port number. The client must define the type of file to be transferred, the structure of
the data, and the transmission mode.

File Type
FTP can transfer one of the following file types across the data connection: ASCII file, EBCDIC
file, or image file.

Data Structure
FTP can transfer a file across the data connection using one of the following interpretations of the
structure of the data: file structure, record structure, or page structure. The file structure format (used by
default) has no structure. It is a continuous stream of bytes. In the record structure, the file is divided into
records. This can be used only with text files. In the page structure, the file is divided into pages, with each
page having a page number and a page header. The pages can be stored and accessed randomly or
sequentially.

Transmission Mode
FTP can transfer a file across the data connection using one of the following three transmission
modes: stream mode, block mode, or compressed mode. The stream mode is the default mode; data are
delivered from FTP to TCP as a continuous stream of bytes. In the block mode, data can be delivered from
FTP to TCP in blocks. In this case, each block is preceded by a 3-byte header. The first byte is called the
block descriptor; the next two bytes define the size of the block in bytes.

File Transfer
File transfer occurs over the data connection under the control of the commands sent over the
control connection. However, we should remember that file transfer in FTP means one of three things:
retrieving a file (server to client), storing a file (client to server), and directory listing (server to client).

9
5.6. ELECTRONIC MAIL:
Electronic mail (or e-mail) allows users to exchange messages. In an application such as HTTP or
FTP, the server program is running all the time, waiting for a request from a client. When the request arrives,
the server provides the service. There is a request and there is a response. In the case of electronic mail, the
situation is different. First, e-mail is considered a one-way transaction. Architecture The architecture of e-
mail, , as shown in Figure.

In the common scenario, the sender and the receiver of the e-mail, Alice and Bob respectively, are
connected via a LAN or a WAN to two mail servers. The administrator has created one mailbox for each
user where the received messages are stored. A mailbox is part of a server hard drive, a special file with
permission restrictions.

A simple e-mail from Alice to Bob takes nine different steps, as shown in the figure. Alice and Bob
use three different agents: a user agent (UA), a message transfer agent (MTA), and a message access agent
(MAA). The electronic mail system needs two UAs, two pairs of MTAs (client and server), and a pair of
MAAs (client and server).

User Agent
The first component of an electronic mail system is the user agent (UA). It provides service to the user to
make the process of sending and receiving a message easier. A user agent is a software package (program)
that composes, reads, replies to, and forwards messages.

Sending Mail

To send mail, the user, through the UA, creates mail that looks very similar to postal mail. It has an
envelope and a message.

Receiving Mail
The user agent is triggered by the user (or a timer). If a user has mail, the UA informs the user with a
notice. If the user is ready to read the mail, a list is displayed in which each line contains a summary of the
information about a particular message in the mailbox.

10
Addresses
To deliver mail, a mail handling system must use an addressing system with unique addresses.

Message Transfer Agent: SMTP

Based on the common scenario (Figure), we can say that the e-mail is one of those applications that
needs three uses of client-server paradigms to accomplish its task. It is important that we distinguish these
three when we are dealing with e-mail. Figure shows these three client-server applications. We refer to the
first and the second as Message Transfer Agents (MTAs), the third as Message Access Agent (MAA).

The formal protocol that defines the MTA client and server in the Internet is called Simple Mail Transfer
Protocol (SMTP). SMTP is used two times, between the sender and the sender’s mail server and between
the two mail servers.

Commands and Responses

SMTP uses commands and responses to transfer messages between an MTA client and an MTA
server. The command is from an MTA client to an MTA server; the response is from an MTA server to the
MTA client.

Responses:Responses are sent from the server to the client. A response is a three digit code that may be
followed by additional textual information.
11
Mail Transfer Phases
The process of transferring a mail message occurs in three phases:
➢ Connection establishment,
➢ Mail transfer,
➢ Connection termination.

Message Access Agent: POP and IMAP:

The first and second stages of mail delivery use SMTP. However, SMTP is not involved in the third
stage because SMTP is a push protocol; it pushes the message from the client to the server. In other words,
the direction of the bulk data (messages) is from the client to the server. On the other hand, the third stage
needs a pull protocol; the client must pull messages from the server. The direction of the bulk data is from
the server to the client. The third stage uses a message access agent.

Currently two message access protocols are available: Post Office Protocol, version 3 (POP3) and
Internet Mail Access Protocol, version 4 (IMAP4). Figure shows the position of these two protocols.

POP3:

Post Office Protocol, version 3 (POP3) is simple but limited in functionality. The client POP3
software is installed on the recipient computer; the server POP3 software is installed on the mail server.
Mail access starts with the client when the user needs to download its e-mail from the mailbox on the mail
server. The client opens a connection to the server on TCP port 110. It then sends its user name and
password to access the mailbox. The user can then list and retrieve the mail messages, one by one.

IMAP4
Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4). IMAP4 is
similar to POP3, but it has more features; IMAP4 is more powerful and more complex.

POP3 is deficient in several ways. It does not allow the user to organize her mail on the server; the user
cannot have different folders on the server. In addition, POP3 does not allow the user to partially check the
contents of the mail before downloading.

IMAP4 provides the following extra functions:

❑ A user can check the e-mail header prior to downloading.
❑ A user can search the contents of the e-mail for a specific string of characters prior to downloading.

12
❑ A user can partially download e-mail. This is especially useful if bandwidth is limited and the e-mail
contains multimedia with high bandwidth requirements.
❑ A user can create, delete, or rename mailboxes on the mail server.
❑ A user can create a hierarchy of mailboxes in a folder for e-mail storage.

MIME
Electronic mail has a simple structure. Its simplicity, however, comes with a price. It can send
messages only in NVT 7-bit ASCII format. In other words, it has some limitations. Also, it cannot be used
to send binary files or video or audio data.

Multipurpose Internet Mail Extensions (MIME) is a supplementary protocol that allows non-ASCII data to
be sent through e-mail. MIME transforms non-ASCII data at the sender site to NVT ASCII data and
delivers it to the client MTA to be sent through the Internet. The message at the receiving site is
transformed back to the original data.

We can think of MIME as a set of software functions that transforms non-ASCII data to ASCII data and
vice versa, as shown in Figure.

5.7. TELNET:
Telnet is a protocol that allows you to connect to remote computers (called hosts) over a TCP/IP
network (such as the Internet). Using telnet client software on your computer, you can make a connection
to a telnet server (i.e., the remote host). Once your telnet client establishes a connection to the remote host,
your client becomes a virtual terminal, allowing you to communicate with the remote host from your
computer.

One of the original remote logging protocols is TELNET, which is an abbreviation for TErminaL
NETwork. Although TELNET requires a logging name and password, it is vulnerable to hacking because it
sends all data including the password in plaintext (not encrypted).

13
 When a user logs into a local system, it is called local logging. As a user types at a terminal or at a
workstation running a terminal emulator, the keystrokes are accepted by the terminal driver. The terminal
driver passes the characters to the operating system. The operating system, in turn, interprets the
combination of characters and invokes the desired application program or utility.

When a user wants to access an application program or utility located on a remote machine, she
performs remote logging. Here the TELNET client and server programs come into use. The user sends the
keystrokes to the terminal driver where the local operating system accepts the characters but does not
interpret them. The characters are sent to the TELNET client, which transforms the characters into a
universal character set called Network Virtual Terminal (NVT) characters and delivers them to the local
TCP/IP stack.

Network Virtual Terminal (NVT)

The mechanism to access a remote computer is complex. This is because every computer and its
operating system accepts a special combination of characters as tokens.

If we want to access any remote computer in the world, we must first know what type of computer
we will be connected to, and we must also install the specific terminal emulator used by that computer.
TELNET solves this problem by defining a universal interface called the Network Virtual Terminal (NVT)
character set. Via this interface, the client TELNET translates characters (data or commands) that come
from the local terminal into NVT form and delivers them to the network. The server TELNET, on the other
hand, translates data and commands from NVT form into the form acceptable by the remote computer.

5.8. SECURE SHELL (SSH)

Secure Shell (SSH) is a secure application program that can be used today for several purposes such
as remote logging and file transfer, it was originally designed to replace TELNET. There are two versions
of SSH: SSH-1 and SSH-2.

Components:
SSH is an application-layer protocol with three components, as shown in Figure.

SSH Transport-Layer Protocol (SSH-TRANS)

Since TCP is not a secured transport-layer protocol, SSH first uses a protocol that creates a secured
channel on top of the TCP. This new layer is an independent protocol referred to as SSH-TRANS. When the
procedure implementing this protocol is called, the client and server first use the TCP protocol to establish
an insecure connection.

14
SSH Authentication Protocol (SSH-AUTH)

After a secure channel is established between the client and the server and the server is authenticated
for the client, SSH can call another procedure that can authenticate the client for the server. The client
authentication process in SSH is very similar to what is done in Secure Socket Layer (SSL).

SSH Connection Protocol (SSH-CONN)

After the secured channel is established and both server and client are authenticated for each other,
SSH can call a piece of software that implements the third protocol, SSHCONN. One of the services provided
by the SSH-CONN protocol is multiplexing.

Format of the SSH Packets

5.9. DOMAIN NAME SYSTEM (DNS)

To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies the connection of
a host to the Internet. However, people prefer to use names instead of numeric addresses. Therefore, the
Internet needs to have a directory system that can map a name to an address.
➢ The “Domain Name System”
➢ What Internet users use to reference anything by name on the Internet
➢ The mechanism by which Internet software translates names to attributes such as addresses.
Figure shows how TCP/IP uses a DNS client and a DNS server to map a
name to an address. A user wants to use a file transfer client to access the corresponding
➢ file transfer server running on a remote host. The user knows only the file transfer

server name, such as afilesource.com. However, the TCP/IP suite needs the IP address of the file transfer
server to make the connection. The following six steps map the host name to an IP address:

1. The user passes the host name to the file transfer client.
2. The file transfer client passes the host name to the DNS client.
3. Each computer, after being booted, knows the address of one DNS server. The DNS client sends a
message to a DNS server with a query that gives the file transfer server name using the known IP address
of the DNS server.

15
4. The DNS server responds with the IP address of the desired file transfer server.
5. The DNS server passes the IP address to the file transfer client.
6. The file transfer client now uses the received IP address to access the file transfer server.

There are 3 components:

➢ Name Space:
o Specifications for a structured name space and data associated with the names
➢ Resolvers:
o Client programs that extract information from Name Servers.
➢ Name Servers:
o Server programs which hold information about the structure and the names.

Name Space
A name space that maps each address to a unique name can be organized in two ways: flat or
hierarchical. In a flat name space, a name is assigned to an address. In a hierarchical name space, each
name is made of several parts. The first part can define the nature of the organization, the second part can
define the name of an organization, the third part can define departments in the organization, and so on. In
this case, the authority to assign and control the name spaces can be decentralized.

For the Internet, the top of the naming hierarchy is managed by an organization called ICANN (Internet
Corporation for Assigned Names and Numbers). ICANN was created for this purpose in 1998, as part of
the maturing of the Internet to a worldwide, economic concern. Each domain is partitioned into
subdomains, and these are further partitioned, and so on.

The top-level domains come in two flavors: generic and countries

16
Name Servers:

A single name server could contain the entire DNS database and respond to all queries about it. In practice,
this server would be so overloaded as to be useless. To avoid the problems associated with having only a
single source of information, the DNS name space is divided into non overlapping zones.

Figure: Part of the DNS name space divided into zones (which are circled).

17
5.10. SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP):

A popular protocol for network management. It is used for collecting information from, and
configuring, network devices, such as servers, printers, hubs, switches, and routers on an Internet Protocol
(IP) network.

Several network management standards have been devised during the last few decades. The most
important one is Simple Network Management Protocol (SNMP), used by the Internet. SNMP uses the
concept of manager and agent. That is, a manager, usually a host, controls and monitors a set of
agents, usually routers or servers (see Figure)

SNMP is an application-level protocol in which a few manager stations control a set of agents. The
protocol is designed at the application level so that it can monitor devices made by different manufacturers
and installed on different physical networks. In other words, SNMP frees management tasks from both the
physical characteristics of the managed devices and the underlying networking technology.

Managers and Agents

A management station, called a manager, is a host that runs the SNMP client program. A managed
station, called an agent, is a router (or a host) that runs the SNMP server program. Management is achieved
through simple interaction between a manager and an agent. The agent keeps performance information in a
database. The manager has access to the values in the database.

Agents can also contribute to the management process. The server program running on the agent can
check the environment and, if it notices something unusual, it can send a warning message (called a Trap) to
the manager.

In other words, management with SNMP is based on three basic ideas:

1. A manager checks an agent by requesting information that reflects the behavior of the agent.
2. A manager forces an agent to perform a task by resetting values in the agent database.
3. An agent contributes to the management process by warning the manager of an unusual situation.

Management Components

To do management tasks, SNMP uses two other protocols: Structure of Management Information (SMI)
and Management Information Base (MIB). In other words, management on the Internet is done through the
cooperation of three protocols: SNMP, SMI, and MIB, as shown in Figure.

18
Role of SNMP
SNMP has some very specific roles in network management. It defines the format of the packet to
be sent from a manager to an agent and vice versa. It also interprets the result and creates statistics. SNMP
defines the format of packets exchanged between a manager and an agent. It reads and changes the status
of objects (values of variables) in SNMP packets.

Role of SMI
To use SNMP, we need rules for naming objects. This is particularly important because the objects
in SNMP form a hierarchical structure. SMI defines the general rules for naming objects, defining object
types (including range and length), and showing how to encode objects and values.

Role of MIB

MIB creates a collection of named objects, their types, and their relationships to each other in an
entity to be managed.

19