12'1 Introduction

1
Chapter 12 Internet Application Protocols

• 12.1 Introduction
• This chapter is intended to discuss some popular
  application layer internet protocols. These
  protocols have been implemented to provide a more
  user friendly and convenient internet
  environment.
• 12.2 The Domain Name System (DNS)
• 12.2.1 Basic DNS concept
• The 32-bit IP address described before was clear
  to computers but difficult for people to
  remember. More meaningful and higher level names
  are preferred in order to run application access
  to a host, a server, etc. This is why DNS exists.
• DNS assigns names in a hierarchical way, with
  different fields (periods) separated by . DNS
  names are case insensitive.

2

• The name-space is organized as a tree. At the top
  level are
• Generic domains (usually, but not necessarily
  associated with names in the USA)
• com - commercial organizations
• edu - educational institutions
• gov - (US) governmental organizations
• net - networks and network providers
• int - international organizations
• mil - (US) military
• org - other organizations
• Country or geographical domains, using
  two-character country-name codes from ISO3166.
  Subdivision of country domains is done by
• geography, e.g. state or province (this happens
  in the USA)
• three-letter generic codes, similar to those in
  the top level (Australia, Canada, etc.)

3

• two-letter generic domain codes, e.g. ac, co, or,
  etc. (UK, Japan, NZ)
• no generic domains, just organizations (France,
  Germany)
• DNS names are stored at different levels of
  registries, against their IP addresses. Multi DNS
  can have the same IP.
• There is no standard to dictate what organisation
  must be registered under which top level DNS. It
  is popular to have both, eg, monsh.edu.au.
• A realistic DNS server structure.

4

• The administration of domain names are
  distributed (and commercialized). For example, a
  company is licensed to handle one or more name
  registry of DNS such as .com.au.
• The DNS has the following features for DNS/IP
  resolution
• a hierarchy of servers
• client-server and server-server operation
• caching of mappings
• reverse mappings (not actually used)
• 12.2.2 DNS name resolution
• Each client host must know at least a local DNS
  server in order to find the matching IP of a
  name. This server in turn knows a root server. It
  may also know parent servers. This local/top
  level server structure improves efficiency.
• Client hosts and servers keep a cache of mappings
  to reduce unnecessary queries. Entries in the
  cache have time out values for update, supplied
  by the registry server.

5

• Domain Server Message is transmitted using
  well-known TCP (server-server) or UDP
  (client-server) ports. The client uses this
  message to query server. The server responds with
  similar message with answer, or other servers if
  it does not know the answer. The format is as
  follows
• The IDENTIFICATION field is for the client to
  match responses to queries.

6

• The PARAMETER field consists types and subtypes
  of operations, which includes
• Query standard, inverse.
• Response no error, query error, server failure,
  name not exist.
• The four NUMBERS OF fields specify how many
  entries that are included in each of the four
  corresponding sections.
• The QUESTION SECTION contains queries. The client
  fills in this section only in a query message, in
  the following format
• The Query Name field is a general variable.
• Query Type specifies the type of query, eg. Email
  address or machine name.

Query Domain Name
Query Type
Query Class
7

• Query Class allows the domain name to be treat as
  other objects than internet names.
• The ANSWER, AUTHORITY and ADDITIONAL INFORMATION
  sections all have the same format
• The Domain Name field contains the domain name to
  which this resource record refers.
• The TYPE field specifies the type of resource
  record, eg. 1 for host IP, 2 for an authoritative
  name server, 15 for mail exchanger.
• The CLASS field specifies whether the resource is
  for internet (1) or other types of networks.

8

• TIME TO LIVE specifies time in seconds the entry
  should stay in cache.
• RESOURCE DATA LENGTH is the count of octets of
  the binding, while RESOURCE DATA provides the
  binding.
• 12.3 Remote Login (Telnet, Rlogin)
• Telnet is a simple remote terminal protocol
  provided by the TCP/IP suite. It allows
• a default network virtual terminal (NVT) which
  can operate between any two systems.
• a large set of options which can be negotiated
  (by either side)
• a symmetric data flow. Either side can be a
  program or a human.
• an unstructured flow of characters between
  system, with commands embedded as required.

9

• In order to operate between heterogeneous
  systems, e.g. Windows Unix, Telnet uses a basic
  NVT format for the character flow
• 7-bit ASCII (bytes with 8th bit set are used for
  commands)
• 95 printable characters and 33 control codes
• limited subset of control characters (e.g. TAB
  not defined)
• end-of-line coded as CR/LF pair

10

• Telnet Command System in Telnet, command signals
  need to be embedded in the data flow between
  client and server. Typical commands include the
  Interrupt Process, Erase Character, etc.
• Commands are embedded in the data stream
  beginning with a decimal 255 (IAC - Interpret As
  Command), which means interpret the next
  character as a command. This is followed by
  either
• a single command character or
• a multi-character command encapsulated by
  characters 250 and 240.
• The list of commands can be found with D E Comer.
• Telnet Options A large number of options have
  been discussed and standardized for Telnet. They
  must be negotiated between the client and server,
  and can often be invoke/revoked during a session
  using the DO/WILL/DONT/WONT commands.
• The list includes the following

11

• Telnet can function in these modes
• half-duplex. The default, but rarely used.
  Characters are echoed locally and a GA signal is
  used for line forwarding.
• character-at-a-time. Most common now. Uses remote
  echo, resulting in delays and higher network
  traffic.

12

• Line-mode. Only transmits complete lines.
  Appearing in modern versions.
• RLOGIN - Remote Login (RFC 1282)
• similar in concept to Telnet, but for Unix-Unix
  operation.
• can log in automatically using .rhosts file
• little negotiation - inherits window sizes, etc.
• mainly concerned with interrupt and flow-control
  handling
• much smaller than Telnet (approx 10).
• 12.4 File Transfer and Access (FTP, TFTP, NFS)
• 12.4.1 FTP the major TCP/IP File Transfer
  Protocol
• Essential features
• client/server mode of operation.
• clients can send/put files to the server, or get
  files from the server.

13

• uses two TCP connections one for control and one
  for data transfer.
• recognizes four file types image or binary.
  ASCII (default). Actually Telnet NVT ASCII.
  Adjusts End-Of-Line conventions.
• EBCDIC - alternative to ASCII local type
  - for non-8-bit bytes (7, 9, etc.)
• file structures can be unstructured (default) ,
  records (used with ASCII EBCDIC)
• a rich set of user commands to send/receive
  files, manipulate directories, etc.
• Requires a valid user name and password at the
  server. (Also the
• anonymous option, which is a special
  user-name which does
• not require a valid password and provides
  (usually) read-only
• access to limited files.)

14

• FTP Processes

15

• FTP commands FTP commands are text strings in
  NVT ASCII,with a 3 or 4 byte upper-case operation
  code, and optional parameters.

16

• FTP responses consist of a 3-digit code, and
  informational text string.
• Typical responses might be
• 125 Data connection already open transfer
  starting.
• 200 Command OK.
• 214 Help message (for human user).
• 331 Username OK, password required.
• 425 Can't open data connection.
• 452 Error writing file.
• 500 Syntax error (unrecognized command).
• 501 Syntax error (invalid arguments).
• 502 Unimplemented MODE type.

17

• FTP Operation FTP establishes the client/server
  dialogue as follows
• the server will be listening for connections on
  TCP port 21
• the client will select an ephemeral TCP port
  number, and using this port, the client will
  establish a TCP connection to the server port 21,
  and go through the USER/PASS sequence.
• the client will obtain a second ephemeral port
  number, perform a passive open on this port, and
  pass the number and the IP address to the server
  via a PORT message.
• the server will perform an active TCP open from
  its port 20 to the client ephemeral port, and
  reply with a 200 response. This establishes the
  data connection.
• the client can then request an activity on the
  data connection, such as a LIST or a RETR.

18
(No Transcript)
19

• 12.4.2 TFTP and NFS
• TFTP (Trivial FTP) is the cut-down version of
  FTP. Its implementation is smaller and functions
  reduced.
• TFTP uses UDP, with fixed (512 byte) blocks,
  positive acknowledgement and timeout
  retransmission.
• NFS was developed by Sun Microsystems and the
  protocols, etc. placed in the public domain,
  along with a reference implementation.
• It is mainly used with Unix and PCs.
• NFS was developed in three versions/stages
• RCP (Remote copy) Simply allowed a remote file
  copy initiated at the user level,
• e.g. rcp sun1/usr/jwb/file_x sun2/usr/jwb/file_
  y
• Network Disk Supports diskless workstations,
  disk server has a partition for each workstation,
  special device driver routed I/O from workstation
  to server and back

20

• NFS Full stateless interaction with complete
  directory structures.
• Allows remote directories to be mounted locally
  
• uses a network disk
• file systems must be exported by the server
  (uses /etc/exports)
• NFS is built from a small application stack
  consisting of
• the NFS application (RFC1094)
• the RPC (Remote Procedure Call) layer (RFC1057),
  originated from Sun and provides an analogue of
  O/S Procedure Calls, but targeted at remote
  services.
• XDR (eXternal Data Representation) (RFC1014),
  handles presentation issues, mainly used for
  NFS/RPC PDUs, and directory information. It can
  be used by other applications and supports
  various data types (integers, float, boolean,
  array, etc.)

21
RPC
22

• 12.5 Electronic Mail
• Electronic mail is built on TCP/IP. The users of
  mail programs do not expect immediate responses.
  Buffer areas for both incoming and outgoing
  emails have to be created.
• The mail transfer process is in background. It
  attempts to deliver emails when they are
  generated. If the first attempt fails, the
  process sweeps the spool area periodically (eg 30
  mins) and makes more trials. The message will be
  returned to the sender if undelivered for long
  time (3-5 days).

23

• Local copy of emails in buffer will not be
  deleted until delivered or returned.
• The email message format is defined by RFC822.
  This include a header and a body, separated by a
  blank line. The header contains fields starting
  with key words such as To, From, Reply-to
  (optional).
• All messages are ASCII for transport across
  heterogeneous systems.
• The address format must be local-part_at_domain-name.
  
• SMTP (Simple Mail Transfer Protocol). This is a
  standard for the exchange of mail between
  machines, a simpler version than MTP.
• SMTP specifies the handshake format between
  machines for the passes of messages
  (client/server). It is bi-directional and known
  addresses will be forwarded to other servers
  (although not mandatory). (why personal
  workstations do not run SMTP server but only
  client to receive emails?)
• SMTP does not specify the storage and
  presentation of emails. Nor does it specify how
  frequently the mail system attempts to deliver
  messages.

24

• MIME (Multipurpose Internet Mail Extensions) is a
  format to allow non-ASCII data through email.
• MIME does not change SMTP but allows any message
  to be encoded in ASCII. MIME information is
  included in the 822 header, which includes
  MIME-Version, Content-Type, Content-Transfer-Encod
  ing (normally base64).
• MIME also allows multipart messages, which
  includes text and other parts.
• POP3 (Post Office Protocol, version 3, 1725), on
  a personal workstation (eg. PC) and certain small
  internet nodes. It may be unnecessary or have
  insufficient resource to permit an SMTP server.
  It may also be expensive to have the connection
  with internet for a long time.
• POP3 allows a workstation to retrieve mail that
  the POP server is holding for it. Mails are
  normally downloaded and deleted. Workstation
  still requires to run SMTP client to send out
  emails.
• A more sophisticated protocol IMAP4 (Internet
  Message Access Protocol, 1730) allows the
  manipulation of remote message folders.

25

• Creating, deleting, renaming mailboxes, checking
  for new messages, selective downloading are some
  of IMAP4 functions.
• IMAP4 also can be extended to support multi
  servers. (IMSP, Internet Message Support
  Protocol)
• 12.6 Network Management
• Internet network management runs on TCP/IP to
  handle heterogeneous networks.
• Client/server structure. A managers host runs
  management client while routers/hosts under
  management run server (agent) software.
• Simple Network Management Protocol (SNMP) is the
  current network management protocol.
• It is used to achieve communication between
  management client and server, ie the definition
  of message format that is used to communicate
• The information that is needed for the operation
  is specified by Management Information Base
  (MIB), another standard.

26

• The MIB for TCP/IP has eight information
  categories
• The separation of SNMP and MIB provides
  flexibility for independent updating.
• The MIB variables are defined and referenced
  using ISOs Abstract Syntax Notation 1 (ASN.1).
• ASN.1 is a formal language that consists of two
  main features a notation used in documents that
  humans read, and a compact encoded form for
  network communication protocols.

27

• ASN.1 defines the types and ranges of variables
  in the management information base.
• SNMP commands are carried with UDP (through well
  known ports).
• There are two basic SNMP command types for
  management operations fetch and store values to
  variables. Different variable values stored at
  the agent systems achieves different functions.
• Get-request fetch a value from a specific
  variable
• Get-next-request fetch a value without knowing
  its exact name
• Set-request reply to a fetch operation
• Get-response store a value in a specific
  variable
• Trap reply triggered by an event
• SNMP messages do not have fixed fields. They are
  encoded with ASN.1.

28
(No Transcript)