IS 451 Exam 2
User Agent
"Mail Reader", used to compose, edit, read messages. Uses SMTP to send to server.
LDAP Update
(Note: these are not used very often) Add (new entry in DIT), Delete (removes entry), Modify (alters content of entry)
Directory Services
A collection of SW, HW, processes, policies, and administrative procedures involved in making the information in your directory available to the users of your directory.
Directory Information Tree (DIT)
A hierarchical tree structure and naming model. Starts with root. Each node has subnodes. There are standards for node levels. Different machines can have different chunks of the tree (generally based on who needs that chunk the most).
Web & HTML
A web page consists of objects: a base HTML file which may reference other objects (images, other HTML, etc.). Each object is addressable by a Uniform Resource Locator (URL).
IP Leases
Addresses are leased to hosts temporarily. Length depends on numer of devices, size of subnet avg usage, etc. (e.g. 64 IPs and only 15 used at any time, you can have long leases). Most clients try to renew halfway through.
What happens when a packet goes out onto the internet?
All bets are off! You don't control the network (even with TCP)
Audio
Analog media. Continuous, as opposed to digital signals (only 0 or 1). Signal sampled at constant rate. Each sample quantized. Receiver converts bits back to analog signal. Some quality reduction. Uncompressed audio is big (even if digital). Compression used (by removing redundancy or other details humans can't hear). Example formats: GSM, G.729, G.723.3, MPEG 1 Layer 3 (MP3)
LDAP Security Model
Authentication (assurance person is who they claim to be). Integrity (assurance data you sent is data they received, checksums, encryption). Confidentiality (protection of info disclosure, encryption). Authorization (assurance party who logged in is allowed to do that action, but not part of protocol in LDAP Version 3, vendor-specific implementation)
LDAP Functional Model Operations
Authentication, Interrogation, Update (no Authorization!)
X.500
Began with X.400 for email. X.500 introduced as standard directory service. A distributed database. Entities have attributes, each attribute has type and value(s). Schema is directory blueprint. Client-side protocols: DUA, DSA, DAP, DSP. Implemented an entire protocol stack.
400s Response Codes
Client error (HTTP status code)
Application architectures
Client-Server, Peer-to-Peer (P2P), Hybrid
Mail Server
Composed of Mailboxes (storing incoming messages) and Message Queues (storing outgoing to-be-sent messages). Uses SMTP to send between servers.
Root Name Server
Contacted by local name server that cannot resolve name. Contacts authoritative server if name mapping not known. Gets mapping and returns to local. 13 root name "servers" (really groups) worldwide.
Network Application Requirements
Data Loss, Timing, Bandwidth
DCCP
Datagram Congestion Control Protocol. Congestion control (like TCP) for unreliable communication (like UDP). Connection setup/teardown. Feature negotiation mechanism (a way to make sure each side knows which variable features the other has). Protection against corruption. Generally, more like TCP.
Telnet
Default not encrypted. Used for Remote Terminal Access (but you should never use it, only use SSH)
DAP
Directory Access Protocol. Communication between DUA (client) and DSA (server).
DSA
Directory System Agent. Directory software that holds (part of) the DB and information.
DSP
Directory System Protocol. Requests/responses between servers.
DUA
Directory User Agent. The User proxy, client software.
DORA
Discover (broadcast new device), Offer (server broadcasts reply with offer IP), Request (new device broadcasts asking for that IP), Acknowledge (server confirms device has that IP) (Note that when client renews lease, only Request/ACK used)
DN
Distinguished Name. Unique in the entire directory. Composed of node and every parent node. Example: C=DK; O=Fallit A/S, OU=Salg, CN=Jensen.
Local DNS Server
Does not strictly belong to hierarchy. Each ISP has one. Also "default name server". Essentially acts as Proxy ("I just got a client request, and I'm gonna take it and find out what the name is" --> then to hierarchy)
DNS
Domain Name System. Critical, core internet function. The map between IP addresses and names (URLs). A distributed database implemented in hierarchy of many name servers (no central server). Host, routers, name servers communicate to resolve names (translation). Complexity at network "edge".
DHCP
Dynamic Host Configuration Protocol. Dynamically allocates our IP addresses (but can do lots of other configs). Can also do configs (e.g. your default gateway). Based on BOOTP. Three methods: Manual (you set it yourself), Automatic (sequential), or Dynamic (most common). Non-routable, requires relay agents to route across subnets (typically built into router)
DASH
Dynamic, Adaptive Streaming over HTTP. Server divides video file into multiple chunks, each stored, and then encoded at different rates. Manifest file provides URLs for different chunks. Client periodically measures bandwidth, consults manifest to request one chunk at a time. Chooses max coding rate sustainable with current bandwidth. "Intelligence" is at Client.
Client buffering
Ensures client has sufficient data to play. You also want enough buffer to account for jitter (variability in delay). If playout catches up and eats up all your buffer, you'll have to interrupt playbuck to buffer again.
Overcoming network delay loss in VoIP
Essentially, recovery from packet loss. CAN be done. But you need a very small delay. Forward Error Correction (FEC) --> send enough bits to allow recovery WITHOUT retransmission, like RAID parity checks, but more complicated.
Quantization
Estimating a continuous value as close as possible, converting it into bit representation. Some quality reduction, because estimation is never exact.
Control vs Data Connection
FTP uses two connections for control and data. FTP client contacts server on port 21, TCP (control). When transfer starts, server opens new TCP connection on port 20 (data). Control connection is "Out of band"
DNS Services
Hostname to IP resolution (translation). Host Aliasing (Canonical & alias names. Ex: "google.com" goes to an IP address, or another alias that goes to google that goes to an IP). Mail Server aliasing (e.g. where is your mail server?). Load distribution (Web servers can be replicated; set of IPs for one canonical name)
HTTP
Hypertext Transfer Protocol (HTTP). The web's app-layer protocol (your browser isn't the app layer, it's the network application itself, which uses HTTP). Client/Server model. 1.0 and 1.1. Uses TCP (you want accurate data). Stateless (server doesn't maintain any info about past client rqeuests). State only stored via cookies & session variables. A "pull" protocol.
100s Response Codes
Informational (HTTP status code)
IMAP
Internet Mail Access Protocol. More features (more complex). Manipulation of stored messages on server. Messages aren't downloaded to device, they stay on server. You can organize messages in folders. Keeps user state across sessions.
LDAP
Lightweight Directory Access Protocol. Originally an alternative to X.500 DAP, but uses TCP/IP. Much lighter. Evolved into complete directory service. Architecture and naming based on X.500 standard.
Major components: User Agent, Mail Servers, SMTP.
MIME
Multimedia Mail Extension. Used to send non-ASCII data in emails. Additional lines in message header declare MIME content type. Attachments encoded in base64.
VoIP packet loss, delay, playout delay
Network loss (due to congestion) or delay loss (arrived too late for playout). Loss rates between 1% and 10% can be tolerated. Playout delay is fixed, and will affect what packets might be dropped.
LDAP Security Model: Authentication Levels
No Authentication (everyone is welcome), Basic Authentication (username/password), Simple Authentication and Security Layer (SASL) (framework for other mechanisms, like SSL and TLS, or biometrics)
P2P
No always-on server. Arbitrary end systems communicate directly. Peers intermittently connected and change IPs. Very scalable but hard to manage. Ex: Bittorrent
Persistent vs Non-Persistent
Nonpersistent HTTP 1.0 sends max one object over single TCP connection. 3 objects = 3 connections. Needs 2 RTTs per object. Lots of overhead. Browsers sometimes use parallel TCP connections. Persistent HTTP 1.1 can send multiple objects over single TCP connection. Subsequent messsages sent over same connection. Faster.
OSI Application Layer Protocols
Not the application itself, but the tools the application interfaces with! Network applications are things like email, instant messaging, online games, live video, etc.
DNS Caching & Updating
Once (any) name server learns mapping, it caches it. Cached entries timeout after some time (as IPs can change). TLDs typically cached in Local name servers (and for a long time), so roots rarely visited. Optimizes DNS query response times.
LDAP Authentication
Open (replaced by init) (opens connection to LDAP server), Bind (used to authenticate clients), Unbind (closes connection)
Authoritative Server
Organization's DNS servers. Provides authoritative hostname-to-IP mappings for organization servers. At edges of internet, closest to host. Can be maintained by organization (typical) or service provider.
VoIP Fixed Playout Delay
Playout delay (Q) is fixed and affects packet loss. Large Q --> less packet loss, Small Q --> more packet loss.
POP3
Post Office Protocol (v3). Mail Access protocol. Authorization and download. Downloads messages then deletes them from the server (can't re-read email if client changes). Download and Keep available. Stateless across sessions (like HTTP)
Processes
Process is a program running within a host. Inside computer, uses inter-process communication (OS). Outside computer, processes in different hosts exchange messages. Client and Server processes.
Addressing Processes
Process needs an identifier to receiver messages. This identifier includes both the IP address and Port Number(s) associated with the process on that host (plus Proces ID)
Sockets
Processes send/receive messages to/from their Socket. Analogous to a door. Sending process shoves message out the door (socket), and on the other side is the network. Relies on transport infrastructure to get message to receiving socket. Needs: IP, Port, Process ID
Recursive DNS Query
Puts burden of name resolution on contacted name server. "I don't know, let me go find it for you". Local DNS asks root, and root asks TLD, and TLD asks Authoritative, authoritative tells TLD, TLD tells Root, and Root tells Local. Heavier load, as all connections stay open until you have the answer.
RTP
RTP = Real Time Protocol. Used to encapsulate video over UDP. Transport-layer. Provides payload type identification, sequence numbering, timestamping. Used w/ video streams.
RTSP
RTSP = Used to control connection for Session changes (play/pause). Application-layer. Only handles control messages. Uses different port numbers (port 554) - out-of-band protocol. Can be used with DASH.
Interactive Real Time
Real-time interactive audio/video. e.g. a phone or video conference (Skype, VoIP, online gaming). More stringent delay requirements (people can notice the delay) because of real-time nature.
300s Response Codes
Redirectional (HTTP status code)
Temporal Redundancy
Redundancy between frames. Keyframes used to re-sync image by re-sending whole image again, regardless of redundancy.
Spatial Redundancy
Redundancy within a frame
RDN
Relative Distinguished Name. A unique name at that level of the tree. Example: C=DK
HTTP messages
Request and Response messages. ASCII, human-readable format. Request Line, Header Lines, then the rest of the data.
DNS Hierarchy
Root DNS Servers > TLD Servers > Authoritative Domain Name Servers (and also Local DNS servers, not strictly part of hierarchy)
LDAP Interrogation
Search (retrieves partial or complete copies of entries, based on subtree being searched), Compare (looks at specified entry attributes)
SSH
Secure Shell. Encrypted. Used for Remote Terminal Access
Video
Sequence of images displayed at constant rate (e.g. 24 frames/sec). Digital image is an array of pixels, and each pixel is represented by bits. Images can get quite large. Encoding uses redundancy to decrease # of bits used. Examples: MPEG 1, MPEG2, MPEG4, H.2
500s Response codes
Server error (HTTP status code)
Client/server
Server is always on with permanent IP and waits for connection. Client is not always connected and needs to know what server to connect to. Server has static IP, Client has dynamic IP. Servers talk to each other, Clients don't. Servers may have farms for scaling and can handle many clients. Clients connect to one server.
SMTP
Simple Mail Transfer Protocol. Used for Client-to-Server and Server-Server (but NOT Server-to-Client). A "push" protocol. Uses persistent connections (multiple messages per connection). Requires entire message to be in 7-bit ASCII. Uses CRLF.CRLF to determine end of messages. Can send multiple objects in each message.
Why not centralize DNS?
Single point of failure, traffic volume, distant connection, maintenance, doesn't scale
Data Loss
Some apps can tolerate loss (audio, streaming video), others require 100% reliable data transfer (file transfer)
Timing
Some apps require low delay to be effective (online games, VoIP), while others don't care how long it takes (File transfer)
Bandwidth
Some apps require minimum bandwidth to be effective (multimedia, to an extent), others are "Elastic applications" and will make use of the bandwidth they have (YouTube can change quality settings to make the best of it)
Network Support for Multimedia
Some support. Making best of best-effort service (no real support, everything is up to the app layer, this is used everywhere). Or Differentiated service (split traffic into classes, no guarantees and needs special HW, but can be done). Or per-connection QOS (very complex, rarely ever deployed)
Directory Service Database characteristics
Specialized database. Much higher read-to-write ratio. More easily extended. More widely distributed. Replicated on higher scale. Different performance characteristics (read efficiency more important), support for standards more important.
SCTP
Stream Control Transmission Protocol. Message-oriented (like UDP) but has TCP features. Stream of bytes, reliable transport, flow control, improved security. Still multi-streaming/homing (like UDP). Generally, more like UDP.
VoIP
Streaming application. End-to-end delay requirement more stringent (<150 msec is good, >400 msec is bad). Includes app-layer, network delay, process of packetization, and actually playing the audio. Alternating talk spurts and silence. Packets only generated during talk. Key is low delay. Often very, very, very small packets (like 53 bytes).
Unidirectional Real Time
Streaming live audio/video. Real-time broadcasting (e.g. of a sports event). Not interactive, just listen and view. Similar to existing TV/radio, but delivery is on the network.
Application Classes
Streaming stored audio/video, streaming live audio/video, real-time interactive audio and video
Streaming (Stored Multimedia)
Streaming stored audio/video. Clients request files from servers, and pipeline reception over network and display. Can be interactive (like a VCR). Delay can be 1 to 10 seconds (buffering ensures client has sufficient data to play). Client gets metafile, and streams chunks.
200s Response Codes
Successful (HTTP status code)
FTP Ports
TCP Port 20 (data) and Port 21 (control)
SSH Port
TCP Port 22
Telnet Ports
TCP Port 23
SMTP Port
TCP Port 25
HTTP Ports
TCP Port 80
Streaming Multimedia Challenges
TCP/UDP/IP suite provides best-effort, but no guarantees. 5-10 delay is acceptable. Interactive requirements generally satisfied by over-provisioning. These apps require QoS and level of performance to be effective, but you can't enforce QoS over the internet. App-layer techniques can be used to mitigate effects of delay and loss as much as possible. Interactivity requires a way to control the channel and handle re-streaming new data.
TLD Server
Top-level Domain Servers. Responsbile for com, org, net, edu, and so forth, as well as all top-level country domains (uk, fr, ca, jp, etc.). Network Solutions maintains com TLD. Educause maintains edu TLD.
TCP
Transmission Control Protocol. Connection-oriented. Point-to-point, 1-to-1 connection. Stream interface (stream of bytes). Sequencing (stream stays in order). Reliable transport (checks if it arrived). Flow control. Congestion control. Does NOT provide timing or bandwidth guarantee.
App-layer protocols are responsible for what?
Types of messages exchanged (request, response, etc.), message syntax (fields, etc.), message semantics (what do fields mean), Rules for when and how processes send and respond to messages (like formatting). Two key aspects of this interaction are data representation and data transfer.
DNS Port
UDP Port 53 (primarily, but it -can- use TCP for zone transfer, msg over 512 bytes, and IPv6)
DHCP Port
UDP Port 67
Why TCP (via HTTP) or UDP
UDP is best effort and has low overhead, low playout delay. TCP is reliable but has lots of overhead, bigger playout delay. UDP requires a streaming server (non-HTTP), but can send at encoding rate and be oblivious to congestion levels. However, UDP cannot go through firewalls, and TCP can.
Pipelining vs non-pipelining
Used in persistent HTTP (1.1). Non-pipeline = client issues request ONLY when previous response has been received (1 RTT per ojbect). Pipeline = client sends requests as soon as object referenced. As little as 1 RTT for all objects!
FTP
Used to move files. No encryption or security. Client/server. Uses TCP. Includes the UI, the local file system, the client, the server, and the remote file system. Uses two connections. FTP commands/responses sent as ASCII text over control channel.
UDP
User Datatagram Protocol. Message-oriented. Unreliable (best effort) transfer. Many-to-many interaction (because no connection is needed, you don't even have to make sure the other guy is even there!). Does NOT provide: connection setup, reliability, flow control, congestion control, timing, or bandwidth guarantee.
How do clients get messages from server?
Uses a Mail Access Protocol. Messages just sit on server until recipient asks for them. Does NOT use SMTP!
Hybrid
Uses a bit of both Client/Server and P2P. Ex: Skype. Centralized server has address book, but call connection is P2P.
Iterative DNS Query
Uses referral. "I don't know what the answer is, but ask this server over there". The local DNS server asks the root, which tells local to ask TLD, which tells local to ask authoritative, which provides the answer.
Multimedia fundamental characteristics
Very delay sensitive (End-to-end delay = the delay in sending something, and Delay jitter = variability of packet delay in packet stream) Loss tolerant (infrequent losses cause only minor glitches). Antithesis of data, which are very loss intolerant but delay tolerant.
HTTP Client access (email)
Web-based mail access. Used by Hotmail, Yahoo, Gmail, etc.
