COMPUTER NETWORKS (R20) 2022-23

UNIT -V

Introduction to Application Layer: Introduction, WWW and HTTP – FTP - E-mail - TELNET
- Secure Shell - Domain Name System - SNMP.

INTRODUCTION TO APPLICATION LAYER:

INTRODUCTION:

➢ The application layer provides services to the user. Communication is provided using a
logical connection, which means that the two application layers assume that there is an
imaginary direct connection through which they can send and receive messages.

Services:

➢ All communication networks that started before the Internet were designed to provide
services to network users.
➢ Most of these networks, however, were originally designed to provide one specific
service. For example, the telephone network was originally designed to provide voice
service: to allow people all over the world to talk to each other.
➢ This network, however, was later used for some other services, such as facsimile (fax),
enabled by users adding some extra hardware at both ends.
➢ The Internet was originally designed for the same purpose: to provide service to users
around the world.
➢ The layered architecture of the TCP/IP protocol suite, however, makes the Internet more
flexible than other communication networks such as postal or telephone networks.
➢ Each layer in the suite was originally made up of one or more protocols, but new
protocols can be added or some protocols can be removed or replaced by the Internet
authorities.
➢ However, if a protocol is added to each layer, it should be designed in such a way that it
uses the services provided by one of the protocols at the lower layer.
➢ If a protocol is removed from a layer, care should be taken to change the protocol at the
next higher layer that supposedly uses the services of the removed protocol.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 1

COMPUTER NETWORKS (R20) 2022-23
➢ The application layer, however, is somewhat different from other layers in that it is the
highest layer in the suite.
➢ The protocols in this layer do not provide services to any other protocol in the suite; they
only receive services from the protocols in the transport layer.
➢ This means that protocols can be removed from this layer easily. New protocols can be
also added to this layer as long as the new protocols can use the services provided by one
of the transport-layer protocols.

Standard and Nonstandard Protocols:

➢ To provide smooth operation of the Internet, the protocols used in the first four layers of
the TCP/IP suite need to be standardized and documented.

Standard Application-Layer Protocols:

➢ There are several application-layer protocols that have been standardized and
documented by the Internet authority, and we are using them in our daily interaction with
the Internet.
➢ Each standard protocol is a pair of computer programs that interact with the user and the
transport layer to provide a specific service to the user.

Nonstandard Application-Layer Protocols:

➢ A programmer can create a nonstandard application-layer program if she can write two
programs that provide service to the user by interacting with the transport layer.

Application-Layer Paradigms

➢ It should be clear that to use the Internet we need two application programs to interact
with each other: one running on a computer somewhere in the world, the other running on
another computer somewhere else in the world.
➢ The two programs need to send messages to each other through the Internet
infrastructure.
➢ However, we have not discussed what the relationship should be between these programs.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 2

COMPUTER NETWORKS (R20) 2022-23
➢ Should both application programs be able to request services and provide services, or
should the application programs just do one or the other?
➢ Two paradigms have been developed during the lifetime of the Internet to answer this
question: the client-server paradigm and the peer-to-peer paradigm.

Traditional Paradigm: Client-Server:

➢ The traditional paradigm is called the client-server paradigm. It was the most popular
paradigm until a few years ago.
➢ In this paradigm, the service provider is an application program, called the server
process; it runs continuously, waiting for another application program, called the client
process, to make a connection through the Internet and ask for service.
➢ There are normally some server processes that can provide a specific type of service, but
there are many clients that request service from any of these server processes.
➢ The server process must be running all the time; the client process is started when the
client needs to receive service.

New Paradigm: Peer-to-Peer:

➢ A new paradigm, called the peer-to-peer paradigm (often abbreviated P2Pparadigm)

has emerged to respond to the needs of some new applications.
➢ In this paradigm, there is no need for a server process to be running all the time and
waiting for the client processes to connect. The responsibility is shared between peers.
➢ A computer connected to the Internet can provide service at one time and receive service
at another time. A computer can even provide and receive services at the same time.

Client - Server Programming:

➢ In a client-server paradigm, communication at the application layer is between two

running application programs called processes: a client and a server.
➢ A client is a running program that initializes the communication by sending a request; a
server is another application program that waits for a request from a client.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 3

COMPUTER NETWORKS (R20) 2022-23
➢ The server handles the request received from a client, prepares a result, and sends the
result back to the client. This definition of a server implies that a server must be running
when a request from a client arrives, but the client needs to be run only when it is needed.
➢ This means that if we have two computers connected to each other somewhere, we can
run a client process on one of them and the server on the other. However, we need to be
careful that the server program is started before we start running the client program.

Application Programming Interface:

➢ A client process communicate with a server process with the help of a computer program
which is normally written in a computer language with a predefined set of instructions
that tells the computer what to do.
➢ A computer language has a set of instructions for mathematical operations, a set of
instructions for string manipulation, a set of instructions for input/output access, and so
on.
➢ If we need a process to be able to communicate with another process, we need a new set
of instructions to tell the lowest four layers of the TCP/IP suite to open the connection,
send and receive data from the other end, and close the connection. A set of instructions
of this kind is normally referred to as an application programming interface (API).
➢ An interface in programming is a set of instructions between two entities. In this case,
one of the entities is the process at the application layer and the other is the operating
system that encapsulates the first four layers of the TCP/IP protocol suite.
➢ Several APIs have been designed for communication. One of the most common one is:
socket interface. The socket interface is a set of instructions that provide communication
between the application layer and the operating system, as shown in Figure 5.1.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 4

COMPUTER NETWORKS (R20) 2022-23

➢ It is a set of instructions that can be used by a process to communicate with another

process. The idea of sockets allows us to use the set of all instructions already designed in
a programming language for other sources and sinks.
➢ For example, in most computer languages, like C, C++, or Java, we have several
instructions that can read and write data to other sources and sinks such as a keyboard (a
source), a monitor (a sink), or a file (source and sink). We can use the same instructions
to read from or write to sockets.

Sockets:

➢ Although a socket is supposed to behave like a terminal or a file, it is not a physical entity
like them; it is an abstraction. It is an object that is created and used by the application
program.

Socket Addresses:

➢ The interaction between a client and a server is two-way communication. In a two-way

communication, we need a pair of addresses: local (sender) and remote (receiver).
➢ The local address in one direction is the remote address in the other direction and vice
versa.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 5

COMPUTER NETWORKS (R20) 2022-23
➢ Since communication in the client-server paradigm is between two sockets, we need a
pair of socket addresses for communication: a local socket address and a remote socket
address.
➢ However, we need to define a socket address in terms of identifiers used in the TCP/IP
protocol suite.
➢ A socket address should first define the computer on which a client or a server is running.
Socket address should be a combination of an IP address (32 bit) and a port number (16
bit).
➢ Since a socket defines the end-point of the communication, we can say that a socket is
identified by a pair of socket addresses, a local and a remote.

Finding Socket Addresses:

➢ How can a client or a server find a pair of socket addresses for communication? The
situation is different for each site.

Server Site:

➢ The server needs a local (server) and a remote (client) socket address for communication.

Local Socket Address

➢ The local (server) socket address is provided by the operating system. The operating
system knows the IP address of the computer on which the server process is running. The
port number of a server process, however, needs to be assigned.
➢ If the server process is a standard one defined by the Internet authority, a port number is
already assigned to it. For example, the assigned port number for a Hypertext Transfer
Protocol (HTTP) is the integer 80, which cannot be used by any other process.

Remote Socket Address

➢ The remote socket address for a server is the socket address of the client that makes the
connection. Since the server can serve many clients, it does not know beforehand the
remote socket address for communication.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 6

COMPUTER NETWORKS (R20) 2022-23
➢ The server can find this socket address when a client tries to connect to the server. The
client socket address, which is contained in the request packet sent to the server, becomes
the remote socket address that is used for responding to the client.

Client Site:

➢ The client also needs a local (client) and a remote (server) socket address for
communication.

Local Socket Address

➢ The local (client) socket address is also provided by the operating system. The operating
system knows the IP address of the computer on which the client is running.
➢ The port number, however, is a 16-bit temporary integer that is assigned to a client
process each time the process needs to start the communication.
➢ The port number, however, needs to be assigned from a set of integers defined by the
Internet authority and called the ephemeral (temporary) port numbers. The operating
system, however, needs to guarantee that the new port number is not used by any other
running client process.

Remote Socket Address

➢ Finding the remote (server) socket address for a client, however, needs more work. When
a client process starts, it should know the socket address of the server it wants to connect
to.

Using Services of the Transport Layer:

➢ A pair of processes provide services to the users of the Internet, human or programs. A
pair of processes, however, need to use the services provided by the transport layer for
communication because there is no physical communication at the application layer.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 7

COMPUTER NETWORKS (R20) 2022-23
WORLD WIDE WEB (WWW) AND HTTP:

World Wide Web (WWW):

➢ The idea of the Web was first proposed by Tim Berners-Lee in 1989. The Web today is a
repository of information in which the documents, called web pages, are distributed all
over the world and related documents are linked together.
➢ The popularity and growth of the Web can be related to two terms in the above statement:
distributed and linked. Distribution allows the growth of the Web.
➢ Each web server in the world can add a new web page to the repository and announce it
to all Internet users without overloading a few servers.
➢ Linking allows one web page to refer to another web page stored in another server
somewhere else in the world.
➢ The linking of web pages was achieved using a concept called hypertext, which was
introduced many years before the advent of the Internet.
➢ The idea was to use a machine that automatically retrieved another document stored in
the system when a link to it appeared in the document.
➢ The Web implemented this idea electronically to allow the linked document to be
retrieved when the link was clicked by the user.
➢ Today, the term hypertext, coined to mean linked text documents, has been changed to
hypermedia, to show that a web page can be a text document, an image, an audio file, or
a video file.

Architecture:

➢ The WWW today is a distributed client-server service, in which a client using a browser
can access a service using a server.
➢ However, the service provided is distributed over many locations called sites. Each site
holds one or more web pages.
➢ Each web page, however, can contain some links to other web pages in the same or other
sites.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 8

COMPUTER NETWORKS (R20) 2022-23
➢ In other words, a web page can be simple or composite. A simple web page has no links
to other web pages; a composite web page has one or more links to other web pages.
Each web page is a file with a name and address.

Web Client (Browser):

➢ A variety of vendors offer commercial browsers that interpret and display a web page,
and all of them use nearly the same architecture. Each browser usually consists of three
parts: a controller, client protocols, and interpreters.
➢ The controller receives input from the keyboard or the mouse and uses the client
programs to access the document.
➢ After the document has been accessed, the controller uses one of the interpreters to
display the document on the screen.
➢ The client protocol can be one of the protocols described later, such as HTTP or FTP.
The interpreter can be HTML, Java, or JavaScript, depending on the type of document.
Some commercial browsers include Internet Explorer, Netscape Navigator, and Firefox.

Web Server:

➢ The web page is stored at the server. Each time a request arrives, the corresponding
document is sent to the client.
➢ To improve efficiency, servers normally store requested files in a cache in memory;
memory is faster to access than a disk.
➢ A server can also become more efficient through multithreading or multiprocessing. In
this case, a server can answer more than one request at a time.
➢ Some popular web servers include Apache and Microsoft Internet Information Server.

Uniform Resource Locator (URL):

➢ A web page, as a file, needs to have a unique identifier to distinguish it from other web
pages. To define a web page, we need three identifiers: host, port, and path.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 9

COMPUTER NETWORKS (R20) 2022-23
➢ However, before defining the web page, we need to tell the browser what clientserver
application we want to use, which is called the protocol. This means we need four
identifiers to define the web page.
➢ The first is the type of vehicle to be used to fetch the web page; the last three make up the
combination that defines the destination object (web page).

Protocol:

➢ The first identifier is the abbreviation for the client-server program that we need in order
to access the web page.
➢ Although most of the time the protocol is HTTP (HyperText Transfer Protocol), we can
also use other protocols such as FTP (File Transfer Protocol).

Host:

➢ The host identifier can be the IP address of the server or the unique name given to the
server. IP addresses can be defined in dotted decimal notation. Port. The port, a 16-bit
integer, is normally predefined for the client-server application.

Path:

➢ The path identifies the location and the name of the file in the underlying operating
system. The format of this identifier normally depends on the operating system.
➢ To combine these four pieces together, the uniform resource locator (URL) has been
designed; it uses three different separators between the four pieces as shown below:

Web Documents:

➢ The documents in the WWW can be grouped into three broad categories: static, dynamic,
and active.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 10

COMPUTER NETWORKS (R20) 2022-23
Static Documents:

➢ Static documents are fixed-content documents that are created and stored in a server.
The client can get a copy of the document only. In other words, the contents of the file
are determined when the file is created, not when it is used.
➢ Static documents are prepared using one of several languages: HyperText Markup
Language (HTML), Extensible Markup Language (XML), Extensible Style Language
(XSL), and Extensible Hypertext Markup Language (XHTML).

Dynamic Documents:

➢ A dynamic document is created by a web server whenever a browser requests the

document. When a request arrives, the web server runs an application program or a script
that creates the dynamic document.
➢ The server returns the result of the program or script as a response to the browser that
requested the document.
➢ Because a fresh document is created for each request, the contents of a dynamic
document may vary from one request to another.
➢ A very simple example of a dynamic document is the retrieval of the time and date from
a server.

Active Documents:

➢ For many applications, we need a program or a script to be run at the client site. These
are called active documents.
➢ For example, suppose we want to run a program that creates animated graphics on the
screen or a program that interacts with the user.

HyperText Transfer Protocol (HTTP):

➢ The HyperText Transfer Protocol (HTTP) is used to define how the client-server
programs can be written to retrieve web pages from the Web. An HTTP client sends a
request; an HTTP server returns a response.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 11

COMPUTER NETWORKS (R20) 2022-23
➢ The server uses the port number 80; the client uses a temporary port number. HTTP uses
the services of TCP, which, as discussed before, is a connection-oriented and reliable
protocol.
Nonpersistent versus Persistent Connections:
➢ If the web pages, objects to be retrieved, are located on different servers, we do not have
any other choice than to create a new TCP connection for retrieving each object.
➢ However, if some of the objects are located on the same server, we have two choices: to
retrieve each object using a new TCP connection or to make a TCP connection and retrieve
them all. The first method is referred to as a nonpersistent connection, the second as a
persistent connection.
Nonpersistent Connections
➢ In a nonpersistent connection, one TCP connection is made for each request/response.
➢ The following lists the steps in this strategy:
1. The client opens a TCP connection and sends a request.
2. The server sends the response and closes the connection.
3. The client reads the data until it encounters an end-of-file marker; it then closes
the connection.
Persistent Connections
➢ HTTP version 1.1 specifies a persistent connection by default. In a persistent
connection, the server leaves the connection open for more requests after sending a
response.
➢ The server can close the connection at the request of a client or if a time-out has been
reached. The sender usually sends the length of the data with each response. However,
there are some occasions when the sender does not know the length of the data.
➢ This is the case when a document is created dynamically or actively. In these cases, the
server informs the client that the length is not known and closes the connection after
sending the data so the client knows that the end of the data has been reached. Time and
resources are saved using persistent connections.
➢ Only one set of buffers and variables needs to be set for the connection at each site. The
round trip time for connection establishment and connection termination is saved.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 12

COMPUTER NETWORKS (R20) 2022-23
Message Formats:
➢ The HTTP protocol defines the format of the request and response messages. Each
message is made of four sections. The first section in the request message is called the
request line; the first section in the response message is called the status line.
➢ The other three sections have the same names in the request and response messages.
However, the similarities between these sections are only in the names; they may have
different contents. We discuss each message type separately.
Request Message:
➢ There are three fields in this line separated by one space and terminated by two
characters (carriage return and line feed). The fields are called method, URL, and
version.
➢ The method field defines the request types. Several methods are defined like GET,
PUT, HEAD, POST, TRACE, DELETE, etc. The URL defines the address and name
of the corresponding web page. The version field gives the version of the protocol; the
most current version of HTTP is 1.1.
Response Message:
➢ A response message consists of a status line, header lines, a blank line, and sometimes
a body. The first line in a response message is called the status line. There are three
fields in this line separated by spaces and terminated by a carriage return and line feed.
➢ The first field defines the version of HTTP protocol, currently 1.1. The status code field
defines the status of the request. It consists of three digits. Whereas the codes in the
100 range are only informational, the codes in the 200 range indicate a successful
request.
➢ The codes in the 300 range redirect the client to another URL, and the codes in the 400
range indicate an error at the client site. Finally, the codes in the 500 range indicate an
error at the server site.
➢ The status phrase explains the status code in text form. After the status line, we can
have zero or more response header lines. Each header line sends additional information
from the server to the client.
Web Caching: Proxy Servers:

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 13

COMPUTER NETWORKS (R20) 2022-23
➢ HTTP supports proxy servers. A proxy server is a computer that keeps copies of
responses to recent requests. The HTTP client sends a request to the proxy server. The
proxy server checks its cache.
➢ If the response is not stored in the cache, the proxy server sends the request to the
corresponding server. Incoming responses are sent to the proxy server and stored for
future requests from other clients.
➢ The proxy server reduces the load on the original server, decreases traffic, and
improves latency. However, to use the proxy server, the client must be configured to
access the proxy instead of the target server.

HTTP Security:

➢ HTTP per se does not provide security. HTTP can be run over the Secure Socket Layer
(SSL). In this case, HTTP is referred to as HTTPS. HTTPS provides confidentiality,
client and server authentication, and data integrity.

FTP:

➢ File Transfer Protocol (FTP) is the standard protocol provided by TCP/IP for copying
a file from one host to another. Although transferring files from one system to another
seems simple and straightforward, some problems must be dealt with first.
➢ Although we can transfer files using HTTP, FTP is a better choice to transfer large files
or to transfer files using different formats. Figure 5.3 shows the basic model of FTP.
The client has three components: the user interface, the client control process, and the
client data transfer process. The server has two components: the server control process
and the server data transfer process.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 14

COMPUTER NETWORKS (R20) 2022-23

➢ The control connection is made between the control processes. The data connection is
made between the data transfer processes.
➢ Separation of commands and data transfer makes FTP more efficient. The control
connection uses very simple rules of communication.
➢ We need to transfer only a line of command or a line of response at a time. The data
connection, on the other hand, needs more complex rules due to the variety of data types
transferred.
Two Connections:
➢ The two connections in FTP have different lifetimes. The control connection remains
connected during the entire interactive FTP session. The data connection is opened and
then closed for each file transfer activity.
➢ FTP uses two well-known TCP ports: port 21 is used for the control connection, and port
20 is used for the data connection.
Control Connection:
➢ During this control connection, commands are sent from the client to the server and
responses are sent from the server to the client.
➢ Commands, which are sent from the FTP client control process, are in the form of ASCII
uppercase, which may or may not be followed by an argument. Some of the most common
commands are shown in table below:

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 15

COMPUTER NETWORKS (R20) 2022-23

➢ Every FTP command generates at least one response. A response has two parts: a three-
digit number followed by text.
➢ The numeric part defines the code; the text part defines needed parameters or further
explanations.
➢ The first digit defines the status of the command. The second digit defines the area in
which the status applies. The third digit provides additional information.

ELECTRONIC MAIL:
➢ Electronic mail (or e-mail) allows users to exchange messages. The nature of this
application, however, is different from other applications discussed so far.
➢ In an application such as HTTP or FTP, the server program is running all the time, waiting
for a request from a client.
➢ When the request arrives, the server provides the service. There is a request and there is a
response.
➢ In the case of electronic mail, the situation is different. First, e-mail is considered a one-
way transaction.
➢ When Alice sends an email to Bob, she may expect a response, but this is not a mandate.
Bob may or may not respond. If he does respond, it is another one-way transaction.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 16

COMPUTER NETWORKS (R20) 2022-23
➢ Second, it is neither feasible nor logical for Bob to run a server program and wait until
someone sends an e-mail to him. Bob may turn off his computer when he is not using it.
➢ This means that the idea of client/server programming should be implemented in another
way: using some intermediate computers (servers).
➢ The users run only client programs when they want and the intermediate servers apply the
client/server paradigm
Architecture:
➢ To explain the architecture of e-mail, we give a common scenario as shown in Figure 5.4.

➢ In the common scenario, the sender and the receiver of the e-mail, Alice and Bob
respectively, are connected via a LAN or a WAN to two mail servers. The administrator
has created one mailbox for each user where the received messages are stored.
➢ A mailbox is part of a server hard drive, a special file with permission restrictions. Only
the owner of the mailbox has access to it. The administrator has also created a queue
(spool) to store messages waiting to be sent.
➢ A simple e-mail from Alice to Bob takes nine different steps. Alice and Bob use three
different agents: a user agent (UA), a message transfer agent (MTA), and a message

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 17

COMPUTER NETWORKS (R20) 2022-23
access agent (MAA). When Alice needs to send a message to Bob, she runs a UA program
to prepare the message and send it to her mail server.
➢ The mail server at her site uses a queue (spool) to store messages waiting to be sent. The
message, however, needs to be sent through the Internet from Alice’s site to Bob’s site
using an MTA. Here two message transfer agents are needed: one client and one server.
➢ Like most client-server programs on the Internet, the server needs to run all the time
because it does not know when a client will ask for a connection.
➢ The client, on the other hand, can be triggered by the system when there is a message in
the queue to be sent.
➢ The user agent at the Bob site allows Bob to read the received message. Bob later uses an
MAA client to retrieve the message from an MAA server running on the second server.
User Agent:
➢ The first component of an electronic mail system is the user agent (UA). It provides
service to the user to make the process of sending and receiving a message easier.
➢ A user agent is a software package (program) that composes, reads, replies to, and
forwards messages. It also handles local mailboxes on the user computers.
Message Transfer Agent: SMTP:
➢ Based on the common scenario, we can say that the e-mail is one of those applications that
needs three uses of client-server paradigms to accomplish its task.
➢ It is important that we distinguish these three when we are dealing with e-mail.
➢ The formal protocol that defines the MTA client and server in the Internet is called Simple
Mail Transfer Protocol (SMTP).
➢ SMTP is used two times, between the sender and the sender’s mail server and between the
two mail servers. SMTP simply defines how commands and responses must be sent back
and forth.
Message Access Agent: POP and IMAP:
➢ The first and second stages of mail delivery use SMTP. However, SMTP is not involved in
the third stage because SMTP is a push protocol; it pushes the message from the client to
the server.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 18

COMPUTER NETWORKS (R20) 2022-23
➢ On the other hand, the third stage needs a pull protocol; the client must pull messages from
the server. The direction of the bulk data is from the server to the client. The third stage
uses a message access agent.
➢ Currently two message access protocols are available: Post Office Protocol, version 3
(POP3) and Internet Mail Access Protocol, version 4 (IMAP4).
POP3:
➢ Post Office Protocol, version 3 (POP3) is simple but limited in functionality. The client
POP3 software is installed on the recipient computer; the server POP3 software is installed
on the mail server.
➢ Mail access starts with the client when the user needs to download its e-mail from the
mailbox on the mail server. The client opens a connection to the server on TCP port 110. It
then sends its user name and password to access the mailbox. The user can then list and
retrieve the mail messages, one by one.
➢ POP3 has two modes: the delete mode and the keep mode. In the delete mode, the mail is
deleted from the mailbox after each retrieval. In the keep mode, the mail remains in the
mailbox after retrieval.
IMAP4:
➢ Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4).
IMAP4 is similar to POP3, but it has more features; IMAP4 is more powerful and more
complex.
➢ POP3 is deficient in several ways. It does not allow the user to organize her mai l on the
server; the user cannot have different folders on the server.
➢ In addition, POP3 does not allow the user to partially check the contents of the mail before
downloading.
➢ IMAP4 provides the following extra functions:
o A user can check the e-mail header prior to downloading.
o A user can search the contents of the e-mail for a specific string of characters prior
to downloading.
o A user can partially download e-mail. This is especially useful if bandwidth is
limited and the e-mail contains multimedia with high bandwidth requirements.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 19

COMPUTER NETWORKS (R20) 2022-23

o A user can create, delete, or rename mailboxes on the mail server.

TELNET:
➢ A server program can provide a specific service to its corresponding client program. For
example, the FTP server is designed to let the FTP client store or retrieve files on the
server site.
➢ However, it is impossible to have a client/server pair for each type of service we need; the
number of servers soon becomes intractable which is not scalable.
➢ Another solution is to have a specific client/server program for a set of common scenarios,
but to have some generic client/server programs that allow a user on the client site to log
into the computer at the server site and use the services available there.
➢ For example, if a student needs to use the Java compiler program at her university lab,
there is no need for a Java compiler client and a Java compiler server.
➢ The student can use a client logging program to log into the university server and use the
compiler program at the university. We refer to these generic client/server pairs as remote
logging applications.
➢ One of the original remote logging protocols is TELNET, which is an abbreviation for
TErminaL NETwork.
➢ Although TELNET requires a logging name and password, it is vulnerable to hacking
because it sends all data including the password in plaintext (not encrypted).
➢ A hacker can eavesdrop and obtain the logging name and password. Because of this
security issue, the use of TELNET has diminished in favor of another protocol, Secure
Shell (SSH).
➢ Although TELNET is almost replaced by SSH, we briefly discuss TELNET here for two
reasons:
1. The simple plaintext architecture of TELNET allows us to explain the issues and
challenges related to the concept of remote logging, which is also used in SSH when
it serves as a remote logging protocol.
2. Network administrators often use TELNET for diagnostic and debugging purposes.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 20

COMPUTER NETWORKS (R20) 2022-23
Local versus Remote Logging:
➢ When a user logs into a local system, it is called local logging. As a user types at a
terminal or at a workstation running a terminal emulator, the keystrokes are accepted by
the terminal driver.
➢ The terminal driver passes the characters to the operating system. The operating system, in
turn, interprets the combination of characters and invokes the desired application program
or utility.
➢ However, when a user wants to access an application program or utility located on a
remote machine, she performs remote logging. Here the TELNET client and server
programs come into use.
➢ The user sends the keystrokes to the terminal driver where the local operating system
accepts the characters but does not interpret them.
➢ The characters are sent to the TELNET client, which transforms the characters into a
universal character set called Network Virtual Terminal (NVT) characters and delivers
them to the local TCP/IP stack.
➢ The commands or text, in NVT form, travel through the Internet and arrive at the TCP/IP
stack at the remote machine.
➢ Here the characters are delivered to the operating system and passed to the TELNET
server, which changes the characters to the corresponding characters understandable by the
remote computer.
➢ However, the characters cannot be passed directly to the operating system because the
remote operating system is not designed to receive characters from a TELNET server; it is
designed to receive characters from a terminal driver.
➢ The solution is to add a piece of software called a pseudoterminal driver, which pretends
that the characters are coming from a terminal.
➢ The operating system then passes the characters to the appropriate application program.
➢ NVT uses two sets of characters, one for data and one for control. Both are 8-bit bytes. For
data, NVT normally uses what is called NVT ASCII.
➢ This is an 8-bit character set in which the seven lowest order bits are the same as US
ASCII and the highest order bit is 0.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 21

COMPUTER NETWORKS (R20) 2022-23
➢ To send control characters between computers (from client to server or vice versa), NVT
uses an 8-bit character set in which the highest order bit is set to 1.
Options:
➢ TELNET lets the client and server negotiate options before or during the use of the service.
User Interface:
➢ The operating system (UNIX, for example) defines an interface with user-friendly
commands. An example of such a set of commands can be found in Table below:

SECURE SHELL (SSH):

➢ Although Secure Shell (SSH) is a secure application program that can be used today for
several purposes such as remote logging and file transfer, it was originally designed to
replace TELNET.
➢ There are two versions of SSH: SSH-1 and SSH-2, which are totally incompatible. The
first version, SSH-1, is now deprecated because of security flaws in it. In this section, we
discuss only SSH-2.
Components:
➢ SSH is an application-layer protocol with three components.
SSH Transport-Layer Protocol (SSH-TRANS):
➢ Since TCP is not a secured transport-layer protocol, SSH first uses a protocol that creates a
secured channel on top of the TCP. This new layer is an independent protocol referred to
as SSH-TRANS.
➢ When the procedure implementing this protocol is called, the client and server first use the
TCP protocol to establish an insecure connection. Then they exchange several security

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 22

COMPUTER NETWORKS (R20) 2022-23
parameters to establish a secure channel on top of the TCP. The services provided by this
protocol are:
1. Privacy or confidentiality of the message exchanged.
2. Data integrity, which means that it is guaranteed that the messages exchanged
between the client and server are not changed by an intruder.
3. Server authentication, which means that the client is now sure that the server is
the one that it claims to be.
4. Compression of the messages, which improves the efficiency of the system and
makes attack more difficult.
SSH Authentication Protocol (SSH-AUTH):
➢ After a secure channel is established between the client and the server and the server is
authenticated for the client, SSH can call another procedure that can authenticate the client
for the server.
➢ The client authentication process in SSH is very similar to what is done in Secure Socket
Layer (SSL).
➢ This layer defines a number of authentication tools similar to the ones used in SSL.
Authentication starts with the client, which sends a request message to the server.
➢ The request includes the user name, server name, the method of authentication, and the
required data.
➢ The server responds with either a success message, which confirms that the client is
authenticated, or a failed message, which means that the process needs to be repeated with
a new request message.
SSH Connection Protocol (SSH-CONN):
➢ After the secured channel is established and both server and client are authenticated for
each other, SSH can call a piece of software that implements the third protocol,
SSHCONN.
➢ One of the services provided by the SSH-CONN protocol is multiplexing. SSH-CONN
takes the secure channel established by the two previous protocols and lets the client create
multiple logical channels over it.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 23

COMPUTER NETWORKS (R20) 2022-23
➢ Each channel can be used for a different purpose, such as remote logging, file transfer, and
so on.
Applications:
➢ Although SSH is often thought of as a replacement for TELNET, SSH is, in fact, a general-
purpose protocol that provides a secure connection between a client and server.
SSH for Remote Logging:
➢ Several free and commercial applications use SSH for remote logging. Among them, we
can mention PuTTy, by Simon Tatham, which is a client SSH program that can be used for
remote logging.
➢ Another application program is Tectia, which can be used on several platforms.
SSH for File Transfer:
➢ One of the application programs that is built on top of SSH for file transfer is the Secure
File Transfer Program (sftp).
➢ The sftp application program uses one of the channels provided by the SSH to transfer
files. Another common application is called Secure Copy (scp). This application uses the
same format as the UNIX copy command, cp, to copy files.
DOMAIN NAME SYSTEM (DNS):
➢ Since the Internet is so huge today, a central directory system cannot hold all the mapping.
In addition, if the central computer fails, the whole communication network will collapse.
➢ A better solution is to distribute the information among many computers in the world. In
this method, the host that needs mapping can contact the closest computer holding the
needed information. This method is used by the Domain Name System (DNS).
➢ Figure 5.5 shows how TCP/IP uses a DNS client and a DNS server to map a name to an
address. A user wants to use a file transfer client to access the corresponding file transfer
server running on a remote host. The user knows only the file transfer server name, such as
afilesource.com.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 24

COMPUTER NETWORKS (R20) 2022-23

Name Space:
➢ A name space that maps each address to a unique name can be organized in two ways: flat
or hierarchical. In a flat name space, a name is assigned to an address.
➢ A name in this space is a sequence of characters without structure. The names may or may
not have a common section; if they do, it has no meaning.
➢ The main disadvantage of a flat name space is that it cannot be used in a large system such
as the Internet because it must be centrally controlled to avoid ambiguity and duplication.
➢ In a hierarchical name space, each name is made of several parts. The first part can define
the nature of the organization, the second part can define the name of an organization, the
third part can define departments in the organization, and so on.
➢ In this case, the authority to assign and control the name spaces can be decentralized.
➢ A central authority can assign the part of the name that defines the nature of the
organization and the name of the organization. The responsibility for the rest of the name
can be given to the organization itself.
➢ The organization can add suffixes (or prefixes) to the name to define its host or resources.
The management of the organization need not worry that the prefix chosen for a host is
taken by another organization because, even if part of an address is the same, the whole
address is different.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 25

COMPUTER NETWORKS (R20) 2022-23
Domain Name Space:
➢ To have a hierarchical name space, a domain name space was designed. In this design the
names are defined in an inverted-tree structure with the root at the top.
➢ The tree can have only 128 levels: level 0 (root) to level 127 (see Figure 5.6).

Label:
➢ Each node in the tree has a label, which is a string with a maximum of 63 characters. The
root label is a null string (empty string).
➢ DNS requires that children of a node (nodes that branch from the same node) have
different labels, which guarantees the uniqueness of the domain names.
Domain Name:
➢ Each node in the tree has a domain name. A full domain name is a sequence of labels
separated by dots (.). The domain names are always read from the node up to the root.
➢ The last label is the label of the root (null). This means that a full domain name always
ends in a null label, which means the last character is a dot because the null string is
nothing. Figure 5.7 shows some domain names.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 26

COMPUTER NETWORKS (R20) 2022-23
Domain:
➢ A domain is a subtree of the domain name space. The name of the domain is the name of
the node at the top of the subtree. Figure 5.8 shows some domains. Note that a domain may
itself be divided into domains.

SNMP:
➢ Several network management standards have been devised during the last few decades.
The most important one is Simple Network Management Protocol (SNMP), used by the
Internet.
➢ SNMP is a framework for managing devices in an internet using the TCP/IP protocol suite.
It provides a set of fundamental operations for monitoring and maintaining an internet.
SNMP uses the concept of manager and agent.
➢ That is, a manager, usually a host, controls and monitors a set of agents, usually routers or
servers (see Figure 5.9).

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 27

COMPUTER NETWORKS (R20) 2022-23

➢ SNMP is an application-level protocol in which a few manager stations control a set of

agents.
➢ The protocol is designed at the application level so that it can monitor devices made by
different manufacturers and installed on different physical networks.
➢ In other words, SNMP frees management tasks from both the physical characteristics of
the managed devices and the underlying networking technology.
➢ It can be used in a heterogeneous internet made of different LANs and WANs connected
by routers made by different manufacturers.
Managers and Agents:
➢ A management station, called a manager, is a host that runs the SNMP client program. A
managed station, called an agent, is a router (or a host) that runs the SNMP server
program.
➢ Management is achieved through simple interaction between a manager and an agent. The
agent keeps performance information in a database. The manager has access to the values
in the database.
➢ For example, a router can store in appropriate variables the number of packets received and
forwarded.
➢ The manager can fetch and compare the values of these two variables to see if the router is
congested or not.
➢ The manager can also make the router perform certain actions. For example, a router
periodically checks the value of a reboot counter to see when it should reboot itself.

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 28

COMPUTER NETWORKS (R20) 2022-23
➢ It reboots itself, for example, if the value of the counter is 0. The manager can use this
feature to reboot the agent remotely at any time. It simply sends a packet to force a 0 value
in the counter.
➢ Agents can also contribute to the management process. The server program running on the
agent can check the environment and, if it notices something unusual, it can send a
warning message (called a Trap) to the manager.
➢ In other words, management with SNMP is based on three basic ideas:
1. A manager checks an agent by requesting information that reflects the behavior
of the agent.
2. A manager forces an agent to perform a task by resetting values in the agent
database.
3. An agent contributes to the management process by warning the manager of an
unusual situation.
Management Components:
➢ To do management tasks, SNMP uses two other protocols: Structure of Management
Information (SMI) and Management Information Base (MIB).
Role of SNMP:
➢ SNMP has some very specific roles in network management. It defines the format of the
packet to be sent from a manager to an agent and vice versa. It also interprets the result and
creates statistics (often with the help of other management software).
Role of SMI:
➢ To use SNMP, we need rules for naming objects. This is particularly important because
the objects in SNMP form a hierarchical structure. Part of a name can be inherited from the
parent. We also need rules to define the types of objects.
Role of MIB:
➢ MIB creates a set of objects defined for each entity in a manner similar to that of a
database (mostly metadata in a database, names & types without values).

SIDDHARTH INSTITUTE OF ENGINEERING & TECHNOLOGY, PUTTUR Page 29