CN Chapter 2

HTTP response status codes

*200 OK - request succeeded, requested object later in this msg *301 Moved Permanently - requested object moved, new location specified later in this msg (Location:) *400 Bad Request - request msg not understood by server *404 Not Found - requested document not found on this server *505 HTTP Version Not Supported

Method types

*HTTP/1.0: -GET -POST -HEAD asks server to leave requested object out of response *HTTP/1.1: -GET -POST -HEAD -PUT uploads file in entity body to path specified in URL field -DELETE deletes file specified in the URL field

HTTP connections

*non-persistent HTTP -at most one object sent over TCP connection connection then closed -downloading multiple objects required multiple connections *persistent HTTP multiple objects can be sent over single TCP connection between client, server

Possible structure of applications:

In a client-server architecture, there is an always-on host, called the server, which services requests from many other hosts, called clients. In a P2P architecture, there is minimal (or no) reliance on dedicated servers in data centers. Instead the application exploits direct communication between pairs of intermittently connected hosts, called peers. client server- hostano na nekom serveru p2p architecture - sam svoj host

SMTP reply codes

220 <domain> Service ready 221 <domain> Service closing transmission channel 250 Requested mail action okay, completed 251 User not local; will forward to <forward-path> 354 Start mail input; end with <CRLF>.<CRLF>

App-layer protocol defines

An application-layer protocol defines how an application's processes, running on different end systems, pass messages to each other. It defines : -types of messages exchanged(request, response) -message syntax (what fields in messages & how fields are delineated) -message semantics (meaning of information in fields) -rules ( for what and how the process sends/respond to message) -open protocol ( they are defined in RFC's ,ex HTTP, SMTP..) -property protocol ( ex skype )

DNS: domain name system

Directory service that translates hostnames to IP addresses is the main task of the Internet's domain name system (DNS). Internet identifiers : -IP address (32 bit) - used for addressing datagrams -"name", e.g., www.yahoo.com - used by humans Domain Name System: -distributed database implemented in hierarchy of many name servers -application-layer protocol: hosts, name servers communicate to resolve names (address/name translation) update/notify mechanisms proposed IETF standard RFC 2136

P2P Architecture

Do not need to be always on , end systems communicate with other end systems, peers request services from other peers , self scalability means that new peers bring new services as well as new demands , dynamic ip address

Electronic mail

Three major components: user agents mail servers simple mail transfer protocol: SMTP

Addressing process ( identifier, length of bit-ip address )

To receive messages the process must have an identifier. Identifier includes both the ip address and the port number. A host device has unique 32-bit IP address.

UDP

UDP is a lightweight transport protocol, providing minimal services. UDP is connectionless, so there is no handshaking before the two processes start to communicate. UDP service : -unreliable data transfer between sending and receiving process -does not provide: reliability, flow control, congestion control, timing, throughput guarantee, security, orconnection setup,

User Agent

User agents allow users to read, reply to, forward, save, and compose messages.

Web server identifier, mail service process port number

Web server is identified by port number 80. A mail server process (using the SMTP protocol) is identified by port number 25.

Client/server model

client: browser that requests, receives, (using HTTP protocol) and "displays" Web objects server: Web server sends (using HTTP protocol) objects in response to requests

FTP commands, responses

sample commands: sent as ASCII text over control channel -USER username -PASS password -LIST return list of file in current directory -RETR filename retrieves (gets) file -STOR filename stores (puts) file onto remote host sample return codes status code and phrase (as in HTTP) -331 Username OK, password required -125 data connection already open; transfer starting -425 Can't open data connection -452 Error writing file

SMTP protocol

SMTP uses the reliable data transfer service of TCP to transfer mail from the sender's mail server to the recipient's mail server. three phases of transfer -handshaking (greeting) -transfer of messages -closure -PORT 25 -RFC 2821 command/response interaction (like HTTP, FTP) -commands: ASCII text -response: status code and phrase messages must be in 7-bit ASCI SMTP server uses CRLF.CRLF to determine end of message

Mail access protocols

SMTP: delivery/storage to receiver's server mail access protocol: retrieval from server POP: Post Office Protocol [RFC 1939]: authorization, download POP3 is an extremely simple mail access protocol. Opens a connection on port 110. Three phases: authorization, transaction and update. IMAP downloads the messages to your local machine. It stores messages in folders. HTTP: gmail, Hotmail, Yahoo! Mail, etc.

Client-server architecture

Server is always on, it has an permanent ip adress, mostly large data centers Clients communicate with the server , do not need to be always on, dynamic ip address.

DNS: services

Services Provided by DNS are: • Host aliasing: A host with complicated hostname can have more than one alias names. • Mail server aliasing: shows the right email provider for the right way for the email. • Load distribution: Busy sites can have lots of traffic with multiple servers. This makes sure the traffic is distributed between the different servers.

TCP

The TCP service model includes a connection-oriented service and a reliable data transfer service. So it provides : -reliable transport : between sending and receiving process -flow control : sender won't overwhelm receiver -does not provide : timing, minimum throughput guarantee, security -it is connection-oriented : setup required between client and server process

Application architecture

The application architecture is designed by the application developer and dictates how the application is structured over the various end systems.

Query

iterated query: contacted server replies with name of server to contact "I don't know this name, but ask this server" recursive query: puts burden of name resolution on contacted name server heavy load at upper levels of hierarchy?

SSL

provides : -encrypted TCP connection -data integrity -end-point authentication

FTP

- is also a transfer protocol -transfer file to/from remote host -client/server model client: side that initiates transfer (either to/from remote) server: remote host -FTF: RFC 959 -FTP server: port 21

HTTP & SMTP

-HTTP: pull -SMTP: push -both have ASCII command/response interaction, status codes -HTTP: each object encapsulated in its own response msg -SMTP: multiple objects sent in multipart msg

Uploading form input types

-POST method: input is uploaded to server in entity body -URL method: uses GET method input is uploaded in URL field of request line

For what can cookies be used for

-authorization -shopping carts -recommendations -user session state (Web e-mail)

Persistent HTTP:

-connection always opened -client sends request as soon as it encounters a reference object -one RTT for all referenced objects

What transport service does an app need?

-data integrity : meaning that some apps need 100% reliable data transfer, other don't -timing : some apps require low delay ( ex telephone) -throughput : some apps (e.g., multimedia) require minimum amount of throughput to be "effective", other just use what ever throughput they get . -security : encryption, data integrity ....

HTTP

-hypertext transfer protocol is a Web's application layer protocol *uses TCP : -client initiates TCP connection (creates socket) to server, port 80 -server accepts TCP connection from client -HTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server) -TCP connection closed HTTP is "stateless" server maintains no information about past client requests There are two types of HTTP messages, request messages and response messages. request message in ASCII (human-readable format)

Security in TCP and UDP

-no encryption -cleartext passwds sent into socket traverse Internet in cleartext

non-persistent HTTP issues:

-requires 2 RTTs per object -OS overhead for each TCP connection -browsers often open parallel TCP connections to fetch referenced objects

TLD, authoritative servers

-top-level domain (TLD) servers: responsible for com, org, net, edu, aero, jobs, museums, and all top-level country domains, e.g.: uk, fr, ca, jp -Network Solutions maintains servers for .com TLD -Educause for .edu TLD -authoritative DNS servers: -organization's own DNS server(s), providing authoritative hostname to IP mappings for organization's named hosts -can be maintained by organization or service provider

Web caches

A Web cache—also called a proxy server—is a network entity that satisfies HTTP requests on the behalf of an origin Web server. The Web cache has its own disk storage and keeps copies of recently requested objects in this storage. cache acts as both client and server

Web page

A Web page (also called a document) consists of objects. An object is simply a file—such as an HTML file, a JPEG image, a Java applet, or a video clip—that is addressable by a single URL. Most Web pages consist of a base HTML file and several referenced objects. www.someschool.edu/someDept/pic.gif www.someschool.edu --> host name someDept/pic.gif --> path name

Types of processes

Client process - process that initiates the communication Server process - process that waits to be contacted Example : within a web the browser is the client(request) and a web server is a server process(response) Same in p2p the peer that is downloading the file is the client and the peer that is uploading is the server.

Cookies

Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer.

Attacking DNS

DDoS attacks : -Bombard root servers with traffic (Not successful to date,Local DNS servers cache IPs of TLD servers, allowing root server bypass) -Bombard TLD servers (Potentially more dangerous) Redirect attacks : -Man-in-middle (Intercept queries) -DNS poisoning (Send bogus relies to DNS server, which caches) -Exploit DNS for DDoS (Send queries with spoofed source address: target IP)

DNS records

DNS: distributed db storing resource records (RR) RR FORMAT = (name , value, type, ttl) type=A -name is hostname -value is IP address type=NS -name is domain (e.g., foo.com) -value is hostname of authoritative name server for this domain type=CNAME -name is alias name for some "canonical" (the real) name -www.ibm.com is really servereast.backup2.ibm.com -value is canonical name type=MX -value is name of mailserver associated with name

FTP detaljno

FTP uses two parallel TCP connections to transfer a file, a control connection and a data connection. The control connection is used for sending control information between the two hosts—information such as user identification, password, commands to change remote directory, and commands to "put" and "get" files. The data connection is used to actually send a file. Because FTP uses a separate control connection, FTP is said to send its control information out-of-band.

Basic SMTP Commands

HELO - The client sends this command to the SMTP server to identify itself and initiate the SMTP conversation MAIL FROM - Specifies the e-mail address of the sender. RCPT TO - Specifies the e-mail address of the recipient DATA - The DATA command starts the transfer of the message contents (body text, attachments etc).

Conditional GET

HTTP has a mechanism that allows a cache to verify that its objects are up to date, this mechanism is called the conditional GET.

Mail servers

Mail servers form the core of the e-mail infrastructure, each recipient has a mailbox located in one of the mail servers. -mailbox contains incoming messages for user -message queue of outgoing (to be sent) mail messages

Process

Process is a program that is running within a host. Host communicate with each other by exchanging messages.In the same host process communicate using inter-process communication.

Socket

The process sends or receives messages from/to socket. Socket is the interface ( or i can be referred as the door ) between the application layer and the transport layer within a host.

Non-persistent HTTP: response time (RTT,HTTP response time)

The round-trip time (RTT) is the time it takes for a small packet to travel from client to server and then back to the client. HTTP response time: -one RTT to initiate TCP connection -one RTT for HTTP request and first few bytes of HTTP response to return -file transmission time HTTP response time = 2RTT+ file transmission time