Application Layer Internet Protocols

1
Application Layer Internet Protocols
2
Review

• What kinds of network interconnections might a
  message traverse when traveling from a host on
  the U-M network to a host connected to the Sprint
  network?
• How does a NAT box know which host to send
  incoming traffic to?
• If you want to make sure a message reaches its
  destination intact, should you check for errors
  at a higher layer, a lower layer, or both?
• How do you guarantee performance with the TCP/IP
  protocol stack?

3
Learning Objectives

• Understand how UDP differs from TCP
• Understand how DNS works
• Understand protocols built on TCP
• FTP
• Telnet
• HTTP
• Understand URLs
• Understand URL query parameters
• Understand How Cookies Work
• Who can set/access them
• What they contain
• Assess cookies threat to privacy
• SMTP and IMAP

4
Conceptual Layering of Internet Protocols/Services
Application (FTP, Telnet, DNS, etc.)
Todays topics
HyperText Transport Protocol (HTTP)
Real-time Transport Protocol (RTP)
Application Layer
User Datagram Protocol (UDP)
Transmission Control Protocol (TCP)
Transport Layer
Internet Protocol (IP)
Internet Protocol (IP)
Network Layer
Subnets
Data Link and Physical Layer
5
UDP Protocol

• Like TCP, builds on top of IP
• But provides less
• Better for real-time applications (video, audio,
  etc.)
• Includes
• Checksum for error detection
• Port numbers
• Does not include
• Guaranteed delivery through resends
• Sessions
• Reordering packets (datagrams) based on sequence
  number

6
UDP Protocol

• Why do the different services offered by UDP
  make it a better transport protocol for real-time
  applications than TCP?

7
Domain Name System

• IP addresses are inconvenient
• 32 bits hard to remember
• 128 bits very hard to remember
• Domain names are easier
• Alphanumeric names divided into several segments
• For example, www.si.umich.edu
• Segments are hierarchically organized
• Use servers in the Domain Name System (DNS) to
  lookup
• Get an IP address from a domain name

8
Domain Name System

• Right-most segment is broadest
• Two types of top-level domains (TLDs)
• Generic TLDs
• Originally seven .COM, .NET, .ORG, .EDU, .INT,
  .MIL and .GOV.
• Recently added .aero, .biz, .coop, .info,
  .museum, .name, and .pro
• Two-letter country codes
• (.uk, .de, .jp, .us, .tv, etc.)
• All other segments refer to a lower-level domain
  (Second-level domains, third-level domains, etc.)
• Lower-level domains are a subset of the name
  space above them

9
Global Hierarchy ofLocal Namespaces
NS
umich.edu
Nameserver
Hosts
NS
root
NS
NS
eecs.umich.edu
si.umich.edu
.edu
10
Namespace Administration

• If SI adds a server or changes a servers IP
  address
• SI makes a change to the SI nameserver
• All names in the si.umich.edu domain are resolved
  by the SI nameserver
• As a result, name allocation/use requires
  permission from SI

11
Other Examples of Local Namespaces

• Subdirectories
• Other examples?
• Non-computer examples?

12
DNS Query Resolution

• Tiered process until name is resolved
• Try local cache
• Try preferred DNS server
• Server checks its cache
• Try other DNS servers
• Ask TLD DNS server (e.g., edu)
• May be passed to second-level domain DNS servers
  (e.g., umich.edu)
• May be passed to third-level domain DNS servers
  (e.g., www.umich.edu)
• Etc.

13
DNS Query Resolution
From Windows 2000 documentation
14
DNS Query Resolution
From Windows 2000 documentation
15
Architecture Question

• Why does primary DNS server do all the work to
  resolve?
• Why not have client directly query other DNS
  servers?

16
DNS Vulnerability

• If someone wanted to disable the DNS entirely,
  what machine(s) should s/he focus on attacking?
• If someone wanted to make www.georgewbush.com
  resolve to an IP address controlled by a
  Democrat, what would they have to do?

17
DNS Controversies

• Allocation of TLDs
• How many?
• Which?
• Name allocation
• Charges
• Trademarks
• Who decides?
• Was IANA and a few others
• Now Internet Corporation for Assigned Names and
  Numbers (ICANN)

18
Defining A Namespace

• Ideally, names should be
• easy to remember
• easy to guess
• unambiguous
• Can these goals be simultaneously achieved in a
  single namespace?
• What would happen if name resolution varied with
  geography of requestor (e.g., speedy.com
  different in Chicago vs. Ann Arbor)?

19
FTP Protocol

• FTP client opens TCP connection to server
• Usually on port 21
• FTP client sends commands to server
• Username, password, cd, etc.
• If client initiates retrieve command
• Server opens a second TCP connection to client
• Sends file
• Then closes connection
• FTP client software implements this service
• E.g., WS-FTP in DIAD

20
Telnet (SSH) Protocol

• Telnet client opens TCP connection to server
• Usually on port 23
• Client displays a terminal emulation window
• User types
• Characters echoed in terminal emulation window
• Characters sent over TCP connection to server
• Server sends back text
• Characters also displayed in terminal emulation
  window
• SSH uses a cryptographic authentication process
  after making TCP connection, but otherwise same
• Can use Telnet service to emulate other services
  built on top of TCP

21
HTTP Protocol

• Client can make requests
• GET for requesting a file from the server
• POST for submitting information to the server
• Some others (see section 5.1.1 of RFC2616)
• When it makes a request, the client also passes
  some client side descriptors to the server
• Server responds
• HTTP headers
• HTML document
• or JPEG, or GIF, or
• Browser implements client side of this service
• Web server implements server side of this service

22
URL Structure

• ltschemegt//lthostgtltportgt/ltpathgt
• Scheme
• HTTP, FTP, GOPHER, MAILTO, ...
• Host
• An IP address or DNS name

23
URL Questions

• Why is it bad to use an IP address to identify
  the host in a URL?
• URL versus IP address
• 141.211.144.193 is an IP address
• Is 141.com an IP address or URL?

24
HTTP example

• When a browser fetches http//www.si.umich.edu/p
  resnick/
• http// says to use HTTP protocol
• Resolve www.si.umich.edu in DNS
• E.g., 141.211.203.21
• Make TCP connection
• 141.211.203.21, port 80 (the default port)
• Send the following text string
• GET /presnick/

25
Server Sends Back HTTP Header, then HTML

• HTTP/1.x 200 OK
• Date Tue, 21 Oct 2003 191705 GMT
• Server Apache
• Connection close
• Transfer-Encoding chunked
• Content-Type text/html charsetiso-8859-1
• ltHTMLgt

26
Server Sends Back HTML
ltheadgt ltmeta http-equiv"Content-Type"
content"text/html charsetiso-8859-1"gt ltmeta
name"keywords" content"Paul Resnick"gt ltmeta
name"description" content"Paul Resnick's Home
Page"gt ltmeta name"GENERATOR" content"Microsoft
FrontPage 6.0"gt ltmeta http-equiv"PICS-Label"
content'(PICS-1.1'gt lttitlegtPaul Resnick's Home
Pagelt/titlegt lt/headgt ltbodygt lth1gtPaul
Resnicklt/h1gt lt/bodygt lt/htmlgt
27
Live Demonstration

• Mozilla Firefox browser
• Install extensions
• Web developer
• Live HTTP Headers
• Visit a web page

28
Persistent Connections

• Often have to request others pages/files (e.g.,
  inline images)
• HTTP/1.0 requires a new TCP session for each
• Introduces overhead of session establishment
• HTTP/1.1 permits reuse of one TCP session for
  multiple requests

29
URL Structure Query Parameters

• Path name can be parsed
• File name
• ?
• Query parameter
• Another query parameter
• Google query
• Term information
• URL http//www.google.com/search?hlenlrieUTF
  -8oeUTF-8qinformation
• Parameters hl, lr, ie, oe, and q
• q is the actual query term, information

30
Encoding Data in URL paths

• Some characters function as separators in URLs
• /
• To include them in data, can encode with their
  hexadecimal ASCII equivalent
• Denoted by a
• Google search
• Term http//www.si.umich.edu
• http//www.google.com/search?hlenlrieUTF-8oe
  UTF-8qhttp3A2F2Fwww.si.umich.edu
• 3A is
• 2F is /
• In other words, qhttp//www.si.umich.edu

31
(No Transcript)
32
Cookies

• Cookies allow web servers to store information on
  the client machine
• Web server says to browser, have a cookie
• Cookie has name, content, and an expiration date
• For example, Nameuniqname, Contentpresnick
• Browser saves the cookie on local machines
  long-term storage media (for example, the hard
  drive)
• Any time the browser connects to a web server in
  the domain of the server that created the cookie,
  the browser sends the cookie back to the server

33
Cookie Limitations

• Web servers can only access cookies
• That were created by web servers in the same
  domain
• When the client requests a file from the web
  server
• Cookies dont reveal new information
• Web servers can only use cookies to store
  information collected through other mechanisms
• Information that you provide by submitting a form
• Information that is automatically sent by the
  browser to the web server

34
Browsers-Server Communication

• Browser requests file, and sends the following
• In HTTP headers
• The browser type, your OS
• The referer (spelling intentional)
• The URL you last looked at
• plugins installed
• Also available to web server
• Your IP address
• Servers sends back
• File
• HTTP headers, including Set-cookie header
• Header includes name, content, and expiration
  date of all cookies associated with web servers
  domain

35
Cookies Demonstrations

• cookies1.php3
• visitcounter.php3
• Source code for visitcounter can be found in the
  optional lab exercises

36
Cookies and Privacy

• Do cookies
• Reveal your IP address?
• Reveal your email address?
• Reveal your past activity at this site?
• Reveal your past activity at other sites?

37
Ad Networks Use Of Cookies

• Ad networks pay web companies to display
  advertisements hosted on ad networks web servers
• For example, DoubleClick might pay to have its
  ads displayed on eBay, CNN.com, USAToday.com, and
  Yahoo
• Each time an ad is displayed, it is being served
  by the ad networks web servers, so the ad
  network can create and access cookies from all of
  these site
• In the example above, DoubleClick would be able
  to access its cookies whenever a user visits
  eBay, Half.com, CNN, USAToday, or Yahoo.

38
Ad Networks Use of Cookies

• href"http//ad.doubleclick.net/clk4608458748494
  5b?http//ads.netsol.com/landing/P13C22S1N0B12A8D
  0V103"

39
Ad Networks Use Of Cookies

• Ad network places at least one cookie containing
  a unique identifier on the users computer
• The ad network can then identify the user any
  time s/he accesses a web site of an ad network
  affiliate
• When requesting the ad, the browser tells the ad
  network what the referring site
• The ad network then tracks all the referring
  sites associated with a particular user ID
• The ad network could also buy additional
  identifying information from the web company

40
Basic Email Architecture
Sender client
SMTP
Mail Server (relay)
SMTP
SMTP
Mail Server
Mail server
POP3 or IMAP
Recipient client
41
Sending Mail With Simple Mail Transport Protocol
(SMTP)

• Message gets an SMTP header
• Includes host name and timestamp
• TCP Connection on Port 25
• Mail client transmits message to its default SMTP
  server
• Header updated by each mail server handling it
• Sender-SMTP server transmits to recipient-SMTP
  server
• Uses DNS to get recipient-SMTP IP address
• Recipient-SMTP server can forward message to
  another mail server
• For example, a message sent to umich.edu mail
  server may be forwarded to imap.umich.edu

42
Sending Mail With SMTP

• Sender I have mail from xxx to yyy
• May specify relay path to yyy
• Recipient OK for yyy
• OR, No such user here
• S data (including message headers and content)
• R OK

Can repeat first step, specifying multiple users
at single recipient SMTP server
Data only sent once to each recipient SMTP server
43
Retrieving Mail With Post Office Protocol v3
(POP3)

• POP3 Client occasionally connects to mail server
• Downloads copies of messages
• Marks as deleted or leaves them there
• Leaving them allows retrieval from a second
  client
• Client keeps track of messages already received

44
Retrieving Mail With Internet Message Access
Protocol (IMAP)

• User connects with IMAP client from multiple
  machines
• Messages stored on server
• Client has commands to
• Get list of message headers
• Get body of specified messages
• Search message contents
• Move messages among folders

45
SI Players E-Mail

• Need eight players sitting close to one another
• Human sender
• Senders email client
• Senders default mail server (umich.edu)
• DNS
• Recipients mail server (vt.edu)
• Recipients POP3 email client
• Recipients IMAP email client
• Human recipient

46
SI Players E-Mail
Destination mail server

• Process
• Human gives message to client
• From user_at_umich.edu to user_at_vt.edu
• Client adds header sends to default mail server
• Header is an envelope with source and destination
• Mail server updates header, adding its name, the
  name of host that gave it the message, and when
  it received the message
• Mail server consults DNS for address of
  destination mail server
• DNS converts vt.edu to an IP address (a name
  here)
• Mail server sends to destination mail server
• Human recipient connects to mail server to get
  message
• First uses IMAP, view message on server
• Then uses POP3, getting message from server

47
Summary

• Understand how UDP differs from TCP
• Understand how DNS works
• Understand protocols built on TCP
• FTP
• Telnet
• HTTP
• Understand URLs
• Understand URL query parameters
• Understand How Cookies Work
• Who can set/access them
• What they contain
• Assess cookies threat to privacy
• SMTP and IMAP