Application Layer
Internet applications are end system applications or processes. These processes may exchange messages, which act as an input to a process. These processes may be running on different end systems. The web uses the HTTP protocol.
1. Client Server Model
A client is a process that initiates the communication. A server is a process that waits to be contacted. Some applications have processes that act as both clients and servers, this is called Peer to Peer (P2P) architecture.
2. Processes and Hosts
An end system (host) may run multiple programs which run multiple processes. A process is addressed within its host by a port number (transport layer). This allows a host to run multiple processes at the same time. An alternative is to have two IP addresses, (for which you need two NICs).
3. Sockets
The operating system manages the network interfaecs. Applications use the network through sockets. The client application:
- Creates a socket
by connecting to the server application. - Uses the socket
to send and receive data. - Disconnects the socket
.
The server application:
- Creates a socket
by accepting a connection. - Uses the socket
to send and receive data. - Disconnects the socket
.
4. The Web and HTTP
The world wide web is based on hypertext and hyperlinks. It uses the simple HTML and HTTP protocols.
- A document is a webpage. One website has one or more documents.
- A document may contain several objects (files) like images, videos, etc.
- A Uniform Resource Locator (URL) specifies the address of an object.
- A browser (user agent) is a program that users run to get and display documents.
- A web server is an application that houses documents and objects, making them available via HTTP.
HTTP uses TCP (although it could work over UDP). It consists of a sequence of requests issued by the client, and corresponding responses issued by the server. It is stateless, meaning the behaviour of the server is independent of the requests it has received. Since HTTP1.1, a persistent connection is used to send multiple requests over the same connection. These can also be pipelined by sending a burst of requests at once. A HTTP request contains:
- The protocol version.
- URL specification.
- Connection attributes (e.g. persistent).
- Content / feature negotiation.
The response contains:
- Protocol version.
- Reply status.
- Connection attributes.
- Object attributes.
- Content specification.
- Content.
Protocol Version
Generally, a protocol should contain its version in the first few bits of a request. This allows the server to know how to interpret the rest of the message.
A mechanism to negotiate the protocol version allows the protocol design to change.
4.1 HTTP Request
A HTTP request contains:
| Line | Example |
|---|---|
| Request Line | GET /index.html HTTP/1.1 |
| Headers (zero or more) | Host: www.example.com |
| Empty Line | |
| Optional Message Body |
The request can contain multiple methods:
- GET: retrieve a document.
- POST: send data to the server.
- HEAD: like GET, but you only get the headers.
- PUT: upload a document.
- DELETE: remove a document.
- OPTIONS: ask for the options available.
4.2 HTTP Response
| Line | Example |
|---|---|
| Status Line | HTTP/1.1 405 Method Not Allowed |
| Headers (zero or more) | Content-Length: 1234 |
| Content-Type: text/html | |
| Empty Line | |
| Optional Message Body | <html>...</html> |
The status code is a 3-digit number that indicates the status of the request:
- 1xx: Informational.
- 2xx: Success.
- 3xx: Redirection.
- 4xx: Client Error.
- 5xx: Server Error.
4.3 Web Caching
Every time you need to send data from source to destination, the destination may decide to keep the data by caching it in a proxy cache server.
The proxy may:
- Forward the request to the origin server, acting as a client.
- Get the response and forward it to the client, acting as a server.
- Possibly store (cache) the object for some time, in case it is asked again.
If the proxy already has the data in its cache, it can send it directly to the client. This is called a cache hit. If the data is not in the cache, it is called a cache miss. This increases performance by reducing latency and network traffic, and enchances security by abstracting the client from the server, and vice versa. It may also implement a firewall. However, it may also increase latency caused by finding the data in the cache, introduces complexity, and can create problems with data freshing.
The proxy/cache architecture is central to HTTP, and affects the overall design. As HTTP is defined as a request / response protocol, the request chain may pass through many proxies between the client and server. The protocol defines:
- How protocol versions are handled on the request chain.
- How each method must be handled with regard to the request chain. (e.g. responses to
OPTIONSare not cacheable.) - Specific authentication methods for proxies.
- A lot of headers to control the caching behaviour.
4.4 Sessions & Cookies
HTTP is a stateless protocol, but it provides means for applications to maintain stateful sessions:
- The
Set-Cookieheader is sent from the server to the client, containing a unique "cookie' ID as a session identifier for the client. - The
Cookieheader is sent from the client to the server, containing the session identifier.
A session identifies the actions of a user. Websites may use cookies to compile and collect user profiles.
4.5 Dynamic Content
Insteade of storing and returning static webpages, serven often generate pages on-the-fly. A common gateway interface (CGI) allows you to identify a program and its parameters in a URL. The server will start a process to execute that program, returning the results as a regular webpage.
Servlets are a webserver that contains an instance of the JVM, which can manage state (since CGI is stateless).
Alternatively, web pages incorporate interpretable code, like server-side PHP and client-side JavaScript. When a page is being processed, the embedded script is executed.
5. DNS
Internet applications involve end-system communication. Each system is identified and addressed by its IP Address. This may be IPv4 (4-bytes) or IPv6 (16 bytes). This is advantageous as computers a good at processing bits. However, they are not human-readable. To solve this, we can map a name to an IP address using a Domain Name System (DNS).
DNS is supported by 13 root-servers around the world, operated by 12 independent organizations. Then, each top level domain is assoicated with a top level domain server (for example, .com, .edu, .org, .uk). Then, each domain is associated with an authoratitive server which holds the map of public hosts within that domain.
5.1 DNS Caching
Although DNS is useful, it is a critical point of faliure. It implements a crucial network functionality at the end-system level. How do we improve the reliability of DNS?
Caching may dramatically imrpove the performance and decrease the load on DNS infrastructure. A DNS server may cache a reply for a name, and use it for future requests. Despite being useful, it introduces the threat of DNS Cache Poisoning.
5.2 DNS Features
DNS is a directory service database, which holds resource records (RR). Each contains:
- A
name(e.g.www.example.com). - A
value(e.g.146.179.40.24,ns0.ic.ac.uk,mail.example.com). - A
type. - A
ttl(time to live).
Types include:
- A maps a host name to the IP address.
- NS Iname server maps a domain name to an authoritative name server for that domain (indirect hit).
- CNAME canonical name maps an alias to a canonical name.
- MX mail exchange maps a domain name to a mail server that handles incoming mail.
- etc.
5.3 DNS Protocol
DNS is a connectionless protocol, which runs on UDP (port 53). It has query and reply messages, which are linked by an identifier. Both queries and replies have the same format.
DNS also supports round robin - balancing the load by cycling between multiple IP addresses for the same domain name.
6. Content Distribution Networks (CDN)
How do we stream large amounts of content to millions of simultaneous users? A single mega server would be a point of failure and network congestion, also offering a long path to distant clients. Instead, we store and serve copies at multiple geographically distrubuted sites, with a Content Distrbution Network (CDN). We can either:
- Enter deep: store the content at the edge of the network.
- Bring home: store the content at the core of the network.
A CDN DNS will select a good CDN node by picking the node geographically closest to the client or picking a node with the shortest delay to the client. A CDN only knows the address of the local DNS of the client, which may or may not be accurate. Various public DNS servers are offered by Google (8.8.8.8, 8.8.4.4) and CloudFlare (1.1.1.1, 1.1.0.0).
Alternatively, a client may decide given a list of CDN servers, which it then pings.
7. Electronic Mail (Email)
Email supports asynchronous, one-to-many communication with multimedia content. It has no authentication, no confidentiality, and little or no delivery guarantees. The architecture is as follows:
- A user agent allows a user to read, compose, send and forward messages.
- A mail server accepts messages for remote delivery, which it stores in a persistent queue.
- It delivers messages to a remote destination using a transport protocol.
- Another mail server then accepts messages for local delivery, storing them in a persistent mailbox.
- This allows another user agent to retrieve messages through an access protocol.
To transfer the message:
- Obtain the destination host from the message, and use DNS to get the destination address (MX records).
- The message is sent to the destination host using SMTP.
- The message contains the recipient, which the recieving agent can use to place the mail in the correct mailbox.
7.1 SMTP
Simple Mail Transfer Protocol (SMTP) is an old protocol (port 25) to set up a TCP connection between a client and a server to send messages. The message format consists of:
- Headers: Sender, recipient, date, subject, etc. First header is always HELO.
- Body: The message itself.
- Dot to end the message.
- QUIT to end the session.
SMTP is almost completely oblivious to the content of a message. Once exception is the received header, which specifies the path the message has taken to reach the destination.
SMTP is plaintext, but can be encrypted using STARTTLS with the SMTPS (Secure) protocol. Originally, only plaintext auth is supported. To fix this, Extended ESMTP is used (this uses EHLO instead of HELO to check if the recipient is using extended SMTP).
7.2 MIME
The standard message format has serious limitations (7-bit ASCII, only text). The Multipurpose Internet Mail Extensions (MIME) specifications define useful extensions for encoding messages in this format. This includes a normal ASCII message, HTML messages, images and multipart messages.
7.3 POP3 / IMAP
A users mailbox may be stored on a different machien than the user agent. To remotely access incoming and outgoing messages, the Post Office Protocol (POP3) is used.
However, POP3 assumes that retrieved mail is deleted at the server. Internet Message Access Protocol (IMAP) solves this problem and replaces POP3. This can be unencrypted, or encrypted with IMAPS (Secure).
More protocols
More protocols include:
- FTP: File transfer protocol. Can be encrypted with FTPS.
- SSH: Secure shell. Encrypted direct communication. Can be used for file exchange with SFTP.
- Telnet: Plaintext direct communication.
- SNMP: Simple network management protocol. Used to manage network devices.
- NFS: Network file system. Allows you to mount a remote file system as if it were local.
- DHCP: Dynamic host configuration protocol. Assigns IP addresses to hosts.
- IRC: Internet relay chat. Real-time chat.