Application Layer Protocols

Unit 3.0
Learning Outcomes
Learners will be able to:

Describe the services offered by the application layer

to other layers
Identify application layer protocols
Describe the roles of application layer protocols
Compare and contrast application layer protocols
 Application Layer Protocols
Those protocols that run on top of/over TCP/IP:

Telnet
File Transfer Protocol (FTP)
Hyper Text Transfer Protocol (HTTP)
Simple Mail Transfer Protocol (SMTP), Post Office Protocol
3(POP3), Internet Message Access Protocol (IMAP)
Network News Transfer Protocol (NNTP)
Domain Name System (DNS)
Dynamic Host Configuration Protocol (DHCP)
Telnet
Provides terminal emulation
Comes with nearly all vendor implementations of
TCP/IP
Open standard
Supported by wide range of workstations
Not a secure protocol
Telnet Communications
Options
7- or 8-bit compatibility
Use of different terminal nodes
Character echoing at sending and receiving ends
Synchronized communications
Transmission of character streams or single
characters
Flow control
TELNET vs. telnet
TELNET is a protocol that provides “a general, bi-
directional, eight-bit byte oriented communications
facility”.

telnet is a program that supports the TELNET

protocol over TCP.

Many application protocols are built upon the

TELNET protocol.
The TELNET Protocol
 Reference: Request for Comments (RFC) - RFC 854

TCP connection
data and control over the same connection.

Network Virtual Terminal (terminal independence)

 intermediate representation of a generic terminal.
 provides a standard language for communication of terminal
control functions.
Network Virtual Terminal

Server
Process

NVT NVT

TCP TCP
Negotiated

Options
All NVTs support a minimal set of capabilities.
Some terminals have more capabilities than the minimal
set.
The set of options is not part of the TELNET protocol,
new terminal features can be incorporated without
changing the TELNET protocol.
Two endpoints negotiate a set of mutually acceptable
options
Line mode vs. character mode
echo modes
character set (EBCDIC vs. ASCII)
Control Functions
TELNET includes support for a series of control
functions commonly supported by servers.

This provides a uniform mechanism for

communication of (the supported) control functions.
Control Functions
Interrupt Process (IP)
suspend/abort process.

Abort Output (AO)

send no more output to user’s terminal.

Are You There (AYT)

check to see if system is still running.

Erase Character (EC)

delete last character sent

Erase Line (EL)

delete all input in current line.
Command Structure
All TELNET commands and data flow through the
same TCP connection.
Commands start with a special character called the
Interpret as Command escape character
The IAC code is 255.
If a 255 is sent as data - it must be followed by another
255.
If IAC is found and the next byte is IAC
a single byte is presented to application/terminal
If IAC is followed by any other code
the TELNET layer interprets this as a command.

Interpret as Command
Playing with TELNET
You can use the telnet program to play with the
TELNET protocol.
telnet is a generic TCP client.
Sends whatever you type to the TCP socket.
Prints whatever comes back through the TCP socket
Useful for testing TCP servers (ASCII based protocols).

Many Unix systems have these servers running (by

default):
echo port 7 discard port 9
daytime port 13 chargen port 19
telnet hostname port
> telnet amele-2.cse.unr.edu 7
Trying 134.197.40.246...
Connected to amele-2.cse.unr.edu
(134.197.40.246).
Escape character is '^]'.
Hi mehmet
Hi mehmet
stop it
stop it
^]
telnet> quit
Connection closed.
 telnet vs. TCP
Not all TCP servers talk TELNET (most don't)

You can use the telnet program to play with these

servers, but the fancy commands won't do anything.
type ^], then "help" for a list of fancy TELNET stuff you
can do in telnet.
FTP
FTP – File transfer protocol. Commonly used over
the Internet.
Numerous FTP servers over the world allow
people anywhere on the Internet to log in and
download whatever files they have placed on the
FTP server, or upload other files.
Uses two TCP ports (20 for data channel and 21
for control channel) – this is in active mode.
In passive FTP mode, it uses 21 for the control
channel, and an temporary (ephemeral) port for
the data channel.
Commonly used on the Internet
Not a secure protocol
HyperText Transfer Protocol
(HTTP)
HTTP is the protocol that supports communication
between web browsers and web servers.

A “Web Server” is a HTTP server

Most clients/servers today speak version 1.1, but 1.0 is also

in use.
RFC 1945 (HTTP 1.0)
RFC 2616 (HTTP 1.1)
From the RFC
“HTTP is an application-level protocol with the
lightness and speed necessary for distributed,
hypermedia information systems.”

Transport Independence
The HTTP protocol generally takes place over a TCP
connection,
but the protocol itself is not dependent on a specific
transport layer.
Request - Response
HTTP has a simple structure:
client sends a request
server returns a reply.

HTTP can support multiple request-reply exchanges

over a single TCP connection.

The “well known” TCP port for HTTP servers is port

80.
Other ports can be used as well... 8080, 81
 HTTP 1.0+ Request
Lines of text (ASCII).

Lines end with Carriage Return and Line Feed (CRLF) “\

r\n”
First line is called “Request-Line”

Request-Line
Headers
.
.
.
blank line

Content...
Request Line
Method URI HTTP-Version\r\n

The request line contains 3 tokens (words).

space characters “ “ separate the tokens.

Newline (\n) seems to work by itself

but the protocol requires CRLF
Request Method
The Request Method can be:
GET HEAD DELETE
PUT POST TRACE
OPTIONS
future expansion is supported
GET, HEAD and POST are supported everywhere
(including Lab 2!).
HTTP 1.1 servers often support PUT, DELETE,
OPTIONS & TRACE.
Methods
GET: retrieve information identified by the
URI.
Typically used to retrieve an HTML document

HEAD: retrieve meta-information about the

URI.
used to find out if a document has changed

POST: send information to a URI and

retrieve result.
used to submit a form
More Methods
PUT: Store information in location named by
URI.

DELETE: remove entity identified by URI.

TRACE: used to trace HTTP forwarding

through proxies, tunnels, etc.

OPTIONS: used to determine the capabilities

of the server, or characteristics of a named
resource.
URI: Universal Resource Identifier
URIs defined in RFC 2396.

Absolute URI:
scheme://hostname[:port]/path
http://www.cse.unr.edu:80/~mgunes/cpe401

Relative URI:
/path
/blah/foo
No server mentioned
URI Usage
When dealing with a HTTP 1.1 server, only a path is
used (no scheme or hostname).
HTTP 1.1 servers are required to be capable of
handling an absolute URI, but there are still some out
there that won’t…

When dealing with a proxy HTTP server, an

absolute URI is used.
client has to tell the proxy where to get the
document!
HTTP Version Number
“HTTP/1.0” or “HTTP/1.1”

Starting with HTTP 1.0 the version number is part of

every request.
Client tells the server what version it can talk (what
options are supported, etc).

HTTP 0.9 did not include a version number in a

request line.
If a server gets a request line with no HTTP version
number, it assumes 0.9
HTTP 0.9 was used for many years.
The Header Lines
Request Headers provide information to the server
about the client
what kind of client
what kind of content will be accepted
who is making the request

Each header line contains

an attribute name followed by a “:” followed by a space
and the attribute value.
There can be 0 headers (HTTP 1.0)
HTTP 1.1 requires a Host: header
Example HTTP Headers
Accept: text/html

Host: www.cse.unr.edu

From: mgunes@cse.unr.edu

User-Agent: Mozilla/4.0

Referrer: http://www.unr.edu/
End of the Headers
Each header ends with a CRLF ( \r\n )

The end of the header section is marked with a

blank line.
just CRLF

For GET and HEAD requests, the end of the headers

is the end of the request!
 POST
A POST request includes some content (some data)
after the headers (after the blank line).

There is no format for the data (just raw bytes).

A POST request must include a Content-Length line

in the headers:
Content-length: 267
Example POST Request
POST /~mgunes/cpe401/grades.cgi HTTP/1.1
Accept: */*
Host: www.cse.unr.edu
User-Agent: SecretAgent V2.3
Content-Length: 35
Referer: http://www.unr.edu/

stuid=6660182722&item=test1&grade=99
Example GET Request
GET /~mgunes/cpe401/lab1.htm HTTP/1.1
Accept: */*
Host: www.cse.unr.edu
User-Agent: Internet Explorer
From: mgunes@cse.unr.edu
Referer: http://www.unr.edu/
There is a blank line here!
 Status-Line
HTTP Response Headers
.
.
.
blank line
ASCII Status Line

Content...
Headers Section

Content can be anything (not just text)

typically an HTML document or some kind of image.
Response Status Line
HTTP-Version Status-Code Message

Status Code is 3 digit number (for computers)

1xx Informational
2xx Success
3xx Redirection
4xx Client Error
5xx Server Error

Message is text (for humans)

Example Status Lines
HTTP/1.0 200 OK

HTTP/1.0 301 Moved Permanently

HTTP/1.0 400 Bad Request

HTTP/1.0 500 Internal Server Error

Response Headers
Provide the client with information about the
returned entity (document).
what kind of document
how big the document is
how the document is encoded
when the document was last modified

Response headers end with blank line

Response Header Examples
Date: Wed, 30 Jan 2002 12:48:17 EST

Server: Apache/1.17

Content-Type: text/html

Content-Length: 1756

Content-Encoding: gzip
Content
Content can be anything (sequence of raw bytes).

Content-Length header is required for any response

that includes content.

Content-Type header also required.

Single Request/Reply
The client sends a complete request.
The server sends back the entire reply.
The server closes it’s socket.

If the client needs another document it must open a

new connection.

This was the default for HTTP 1.0

Persistent Connections
HTTP 1.1 supports persistent connections (this is the
default).
Multiple requests can be handled over a single TCP
connection.
The Connection: header is used to exchange
information about persistence (HTTP/1.1)
1.0 Clients used a Keep-alive: header
Try it with telnet
> telnet www.cse.unr.edu 80
Requ
GET / HTTP/1.0 est-l
ine
Blank
L
HTTP/1.0 200 OK (end o ine
f head
ers)
Server: Apache
...
nse
spo
Re
Try it with telnet
(persistent)
> telnet www.cse.unr.edu 80
GET / HTTP/1.1
Host: www.cse.unr.edu
Req
uire
HTTP/1.0 200 OK d!
Server: Apache
...
HTTP Proxy Server

HTTP
Browser Proxy
Server
Network Lab #2 HTTP Proxy
You need to write a proxy server.

Must be able to handle GET, HEAD and POST

requests.

Filtering: Your proxy will be given a list of domain

names on the command line, you should refuse to
forward requests to any server whose name is within a
specified domain.
send back status line: 403 Forbidden.
The code you need
Proxy is both a client and a server

Parsing the HTTP request is needed.

You need to understand HTTP

You will need to parse headers.

need to look at Content-length, Connection, etc.
Testing
Tell your browser to use a proxy
Edit preferences/options.

Interrupt a long transfer (press stop).

Fill out a form (probably uses POST).

Test it with a browser.

Test it with telnet
Write an abusive client and a rude server!
What

is expected
We should be able to surf through your proxy!
Proxy should print some info about each request
(print the request line).
No memory leaks!
Check every system call for errors!
We should not be able to kill your proxy by
 sending a bad request.
 using a server that sends bad replies.
No crashes, no matter what kind of nonsense we send
your proxy.
HTTP

V1.1 Details
The RFC is 114 pages!
we don’t expect you to read it all or to support every
nitty-gritty detail.
work on creating a working proxy (one you can use
through a browser).
performance is not a big deal (but it shouldn’t be
horribly worse than without your proxy).
Don’t worry about persistence, pipelining, chunking,
etc.
you need to turn off persistence if you don't want to
handle it.
HTTP Headers
You will need to look at the Content-Length header
in a POST.
you need to know how many bytes to read after the end
of the headers.

 You will need to either look at Connection

(Proxy-Connection) headers or (at a minimum) to
force Connection: close as a request header.
SMTP
Designed for exchange of email between networked systems

Within the Internet, email is delivered by having the source

machine establish a TCP connection to port 25 of the
destination machine / server.
Listening on this port would be an SMTP (Simple Mail Transfer
Protocol) daemon / service that speaks SMTP.

This daemon accepts incoming connections and copies

messages from them into the appropriate mailboxes. If a
message cannot be delivered, an error report of the
undeliverable message is returned to the sender, which contains
the first part of the message.
SMTP
SMTP is a simple ASCII protocol.
After establishing the TCP connection to port 25,
the sending machine, operating as the client,
waits for the receiving machine, operating as the
server, to talk first.
The server starts by sending a line of text giving
its identity and telling whether or not it is
prepared to receive mail.
If it is not, the client releases the connection and
tries again later.
 SMTP
 If the server is willing to accept email, the
client announces whom the email is
coming from and whom it is going to.
 If such recipient exists at the destination,
the server gives the client the go-ahead to
send the message. Then the client sends
the message, and the server
acknowledges it.
 No checksums needed because TCP
provides a reliable byte stream.
 When all e-mail has been exchanged in
both directions, the connection is released.
 POP3
 To send or receive messages, a PC must
talk to an email server using some kind of
delivery protocol.
 POP3
 A simple protocol used for fetching email
from a remote mailbox is POP3 (Post Office
Protocol).

 It has commands for the user to log in, log

out, fetch messages, and delete messages.

 The protocol itself consists of ASCII text and

has something of the flavor of SMTP
 The point of POP3 is to fetch email from the
remote mailbox and store it on the user’s
local machine to read later
IMAP
A more sophisticated delivery protocol is IMAP
(Interactive Mail Access Protocol).
It was designed to help the user who uses
multiple computers, perhaps a workstation in the
office, a PC at home, and a laptop on the road.
The basic idea behind IMAP is for the email
server to maintain a central repository that can be
accessed from any machine.
Thus unlike POP3, IMAP does not copy email to
the user’s personal machine because the user may
have many machines
EMail
Independent of whether email is delivered directly to the
user’s workstation or to a remote server, many systems
provide hooks for additional processing of incoming
email.

An especially valuable tool for many email users is the

ability to set up filters. These are rules that are checked
when email comes in or when the user agent is started.

Each rule specifies a condition and an action. For example,

a rule could say that any message from Angeline Ngoepe
should be displayed in a 24-point flashing red boldface
font (or alternatively, be discarded automatically without
comment).
NNTP
NNTP (Network News Transfer Protocol) is
similar to SMTP in a sense that a client issues
commands in ASCII and a server issues responses
as decimal numbers coded in ASCII.

NNTP was designed for two purposes:

To allow news articles to propagate from one machine
to another over reliable connection (e.g. TCP)
To allow users whose desktop computers cannot
receive news to read news remotely.
NNTP
To acquire recent articles, a client must first
establish a TCP connection with port 119 on the
newsfeed server.

Behind this port is the NNTP daemon/service,

which is either there all the time waiting for
clients or is created on the fly as needed.

After the connection has been established, the

client and server communicate using a sequence
of commands and responses.
DHCP
With the growth of the Internet, TCP/ IP has now become
a must-have protocol for most computer networks.
It provides a single network protocol that is supported by
almost every type of computer system, a plethora of
applications that use it, and it is well suited to both large
and small networks. It’s also essential if one wishes to set
up an intranet.

However, TCP/ IP needs addresses and configuration

settings to be defined on each computer or peripheral on
the network. This can entail an immense amount of
system administration work.
DHCP
DHCP stands for Dynamic Host Configuration Protocol,
and is used to centrally allocate and manage TCP/ IP
configurations of client nodes.
If one has more than a handful of computers to manage,
then DHCP can help to save a great deal of time in setting
up and administering a TCP/ IP network.
DHCP offers the following features:

 It allows to define “pools” of TCP/ IP addresses, which are then

allocated to client PCs by the DHCP server. These pools are called
scopes in DHCP terminology.

 It also configures settings of the subnet mask, default gateway,

DNS server
DHCP
 DHCP works across most TCP/ IP routers and allocates IPs
according to the subnet the request came from. This means one
won’t need to reconfigure a PC that is moved from one subnet to
another.

 Addresses can be leased for periods of time - so an IP address that

is not used for the duration of the lease is put back into the
unallocated pool. This helps recover TCP/ IP addresses that are no
longer used – Dynamic allocation

Internet Service Providers are often using DHCP to

provide clients with IP address as well.