Lecture #21: Application Layer Protocols: DNS, TELNET,e-Mail, FTP, WWW, NNTP,SNMP, NTPetc.
TCP/IP Application Layer User application 1 ... Application layer Encryption/ decryption compression/ expansion Choice of syntax Presentation layer Session control Session synch. Session to transport mapping Session management Session layer Layer and flow control Error recovery Multiplexing Transport layer Connection control Routing Addressing Network layer Data link establishment Error control Flow control Framing Synch Link layer Access to transm. media Physical and electrical interface Activation/ deactivation of con. Physical layer OSI layers Wide used Application protocols: DNS, HTTP, FTP, SMTP, POP3, IMAP, NNTP, SNMP, NTP, RPC, TELNET, SSH ...
DNS - The purpose • To map a hostname to an IP-address and vice versa. Example: www.acad.bg 184.108.40.206 Each hostname may has zero or more corresponding IP-addresses. Each IP-address may correspond to zero or more hostnames.
DNS - Historical remarks Host name to address mappings were maintained by the Network Information Center (NIC) in a single file (HOSTS.TXT) which was transferred to all hosts using FTP (about 25 years ago). Disadvantages: • Ineffective – Bandwidth consumed in distributing a new version by this scheme is proportional to the square of the number of hosts in the network. • The network population was also changing in character. • The applications on the Internet were getting more sophisticated and creating a need for general purpose name service.
DNS design goals • The primary goal is a consistent name space which will be used for referring to resources. • The database which holds the names must be distributed. • The costs of implementing such a facility dictate that it be generally useful, and not restricted to a single application.
DNS design goals (contd.) • Use the same name space with different protocol families or management. • Name server transactions must be independent of the communications system that carries them. • The system should be useful across a wide spectrum of host capabilities. Both personal computers and large timeshared hosts (mainframes) should be able to use the system, though perhaps in different ways.
Elements of the DNSThree main componets • The DOMAIN NAME SPACE and RESOURCE RECORDS, which are specifications for a tree structured name space and data associated with the names. • NAME SERVERS are server programs which hold information about the domain tree's structure and set information. • RESOLVERS are programs that extract information from name servers in response to client requests.
Elements of the DNS (contd.) These three components roughly correspond to the three layers or views of the DNS: • From the user's point of view, the domain system is accessed through a simple procedure. • From the resolver's point of view, the domain system is composed of an unknown number of name servers. • From a name server's point of view, the domain system consists of separate sets of local information called zones.
Name space specifications and terminology • The domain name space is a tree structure composed by nodes. • Each node has a label, which is zero to 63 octets in length. • The domain name of a node is the list of the labels on the path from the node to the root of the tree. The name of the root node is empty string (zero length) – “”.
Name space specifications and terminology (contd.) • Internally, programs that manipulate domain names should represent them as sequences of labels, where each label is a length octet followed by an octet string. • Domain names are case-insensitive using the ASCII codes with high order zero bit. • When a user types a domain name, the length of each label is omitted and the labels are separated by dots ("."). Since a complete domain name ends with the root label, this leads to a printed form which ends in a dot.
Example Name Space(a graphical tree view) ICANN, IANA One Root domain(“”) Top Level Domains (TLD) Delegation com edu bg eu info yahoo ucla acad see-grid 2nd Level Domains physics amigo val www 3rd Level Domains mary joe kevin test book mail sigma Up to 127 levels
Top Level Domains • Generic domains (gTLD): com, org, net, int (all around the world); edu, gov, mil (located in USA only); aero, biz, coop, info, museum, name, pro (new domains, since 2000). • Country code domains (ccTLD): bg, uk, fr, it, ... • Special infrastructure domain: arpa • Loopback domains: localhost, localdomain • And the domain eu for European Union!
Resource Records • The distributed database which holds the names consists of several Resource Records. • Resource record - Set of resource information associated with a particular name.
DNS server A computer with software which: • Holds and maintains specified part of the distributed database of resource records. • Responds to the name queries. • Exchanges the zone information with other DNS servers. These tasks are described in the DNS protocol(RFC 1035) located on the Application Layer of the “TCP/IP reference model”.
The root DNS servers At the heart of the DNS are 13 special computers, called root servers. They are coordinated by ICANN and are distributed around the world. A.ROOT-SERVERS.NET. 220.127.116.11 B.ROOT-SERVERS.NET. 18.104.22.168 C.ROOT-SERVERS.NET. 22.214.171.124 D.ROOT-SERVERS.NET. 126.96.36.199 E.ROOT-SERVERS.NET. 188.8.131.52 F.ROOT-SERVERS.NET. 184.108.40.206 G.ROOT-SERVERS.NET. 220.127.116.11 H.ROOT-SERVERS.NET. 18.104.22.168 I.ROOT-SERVERS.NET. 22.214.171.124 J.ROOT-SERVERS.NET. 126.96.36.199 K.ROOT-SERVERS.NET. 188.8.131.52 L.ROOT-SERVERS.NET. 184.108.40.206 M.ROOT-SERVERS.NET. 220.127.116.11
K.ROOT-SERVERS.NET(operated by RIPE NCC) Source: http://k.root-servers.org
DNS servers (contd.) Delegation: • ICANN organization delegates root DNS servers. • The root servers delegate TLD DNS servers. • A TLD DNS server delegates Second Level DNS server. etc. Primary DNS server for a given domain – holds resource records for the zone. The zone configuration is written by the system administrator. Secondary DNS server for a given domain – it exists for the case when the Primary DNS server is failed or overloaded. The Secondary server downloads the zone information from the Primary periodically or by notification.
DNS servers (contd.) • Every domain must have one Primary DNS server and at least one Secondary. The Primary and Secondary DNS servers are also called authoritative for their domain and non-authoritative for the rest of domains in the world. E.g. the authoritative servers always hold up to date zone information for the domain. • Caching only DNS servers– they cache DNS queries and answers for speed-up the service. These servers are not authoritative for any domain. Most of the authoritative DNS servers are caching too.
DNS query flow • A DNS client forms the query and sends it according the OS configuration. • The local resolver opens a special file called hosts and looks in case the answer is already written here. If not then next: • The client calls one of the OS configured DNS servers. • If the DNS server knows (or already cached) the answer, then returns it. • If the DNS server doesn’t know the answer, it sends a recursive query through the DNS hierarchy, starting from the root domain. The recursive query consists of several sub-queries to the corresponding DNS servers. • The DNS servers returns the result – the answer or error message.
Reverse DNS query • The reverse query uses the special infrastructure domain in-addr.arpa • The IP is written before this special domain in reverse order of numbers separated with dots. • Example: 18.104.22.168 corresponds to 0.0.141.194.in-addr.arpa • The reverse query starts from a root DNS server and follows the delegation path. • Example in Unix/Linux: dig 0.0.141.194.in-addr.arpa +trace (It traces and shows the delegation path from the root name servers down to SOA DNS server)
DNS protocol details The protocol uses two transport protocols from the lower layer: UDP on port 53 and TCP on port 53. The queries and answers are transferred using the unreliable protocol UDP for speed. But it is preferred because the OS configured DNS servers are near, usually in the same LAN. The zone transfers between the DNS servers are performed through TCP, because it must be reliable.
DNS protocol details (contd.)Resource Records described Each resource record consists of the following data fields ( in text readable format! ): owner type class TTL RDATA
Resource RecordsThe data fields owner- A string which is the domain name where the RR is found. type - which is an encoded 16 bit value that specifies the type of the resource in this resource record. Types refer to abstract resources. Each abstract resource has memo name: A - a host address CNAME - identifies the canonical name of an alias MX - identifies a mail exchange for the domain PTR - a pointer to another part of the domain name space etc.
DNS protocol details(contd.)Resource RecordsThe data fields • class - which is an encoded 16 bit value which identifies a protocol family or instance of a protocol. This memo uses the following classes: IN - the Internet system or CH - the Chaos system • TTL - which is the time to live of the RR. This field is a 32 bit integer in units of seconds, an is primarily used by resolvers when they cache RRs. The TTL describes how long a RR can be cached before it should be discarded. • RDATA - which is the type and sometimes class dependent data which describes the resource.
Resource RecordsExample (in text readable format!) acad.bg. IN A 22.214.171.124 acad.bg. IN MX 10 mx-a.acad.bg. IN MX 20 mx-b.acad.bg. IN NS amigo.acad.bg. IN NS unicom.acad.bg. localhost IN A 127.0.0.1 poseidon IN A 126.96.36.199 backbone IN A 188.8.131.52 iris IN A 184.108.40.206 amigo IN AAAA 2001:4b58:acad::3 unicom IN AAAA 2001:4b58:acad::9 bis-21++ IN CNAME unicom.acad.bg. 3 IN PTR amigo.acad.bg. ...
DNS protocol details (contd.)The DNS message in binary format(RR means Resource Record)
DNS protocol details(contd.)The DNS message data fields • The IDENTIFICATION field is set by the client and returned by the server. • The 16-bit PARAMETER consists of: • 0-th bit field: 0 means the message is a query,1 means it's a response. • 1-4 bit fields - OPCODE: • 0000 - is a normal value (Standard query). • 0001 - an inverse query. • 0010 - the server status request. • 5-th bit field - Authoritative answer. The name server is authoritative for the domain in the question section. • 6-th bit field is set if message truncated. With UDP this means that the total size of the reply exceeded 512 bytes, and only the first 512 bytes the of the reply were returned. • 7-th bit field - Recursion Desired. This bit can be set in a query and is then returned in the response. • 8-th bit field - Recursion Available. • 9-11 -th bits field has to be 0. • 12-15 -th bits field - Return Code. 0- no error, 3- name error.
DNS protocol details(contd.)The DNS message data fields • The fields labeled NUMBER OF ... give each a count of entries in the corresponding sections in the message. • The QUESTION SECTION contains queries for which answers are desired. The client fills in only the question section; the server returns the question and answers with its response. Each question has Query Domain Name followed by Query Type and Query Class fields (as depicted in the next slides) • ANSWER,AUTHORITY,ADDITIONAL INFORMATION sections consist of a set of resource records that describe domain names and mappings. Each resource record describes one name (as depicted in the next slides)
DNS protocol details(contd.)The QUESTION section format in the DNS message The DOMAIN NAME has variable length. Clients fill in the questions; servers return them along with the answers.
DNS protocol details(contd.)The RESOURCE RECORD binary format returned by the DNS servers
DNS Further reading • InterNIC organization -provides the public information regarding Internet Domain Name registration services. - http://www.internic.net • ICANN - responsible for the global coordination of the Internet's system of unique identifiers - http://www.icann.org/ • RFC1034, RFC1035, STD0013 - http://www.rfc-editor.org • BIND (Berkeley Internet Name Domain) – the most popular implementation of the DNS software -http://www.isc.org/index.pl?/sw/bind/ • Paul Albitz, Cricket Liu, “DNS and BIND”, 4th edition, O’REILLY
TELNET protocol • TELNET (TELecommunication NETwork) was developed in 1969 beginning with RFC 15 and standardized as IETFSTD 8, one of the first Internet standards. • TELNET clients have been available on most Unix systems for many years and are available for virtually all platforms. Most network equipment and OSs with a TCP/IP stack support some kind of TELNET service server for their remote configuration (including ones based on MS Windows NT and later). • Because of security issues with TELNET, it use has waned as it is replaced by the use of SSH for remote access.
TELNET protocol (2) • Most often, a user will be telneting to a Unix-like server system or a simple network device such as a switch. Once the connection is established, he would then log in with his account information and execute operating system commands remotely on that computer, such as ls or cd etc. • For testing and debugging purposes: On many systems, the client may also be used to make interactive raw-TCP sessions, even when that option is not available. The sessions are equivalent to raw TCP as long as byte 255 never appears in the data. • TELNET works on the well known TCP port 23.
Electronic mail • Before 1990, it was mostly used in academic area - universities and research centers. • During the 1990s, it became known to the public at large and grew exponentially. • The first e-mail systems simply consisted of text file transfer protocols. As time went on, the limitations of this approach became more obvious. • Some of the complaints were as follows: • Sending a message to a group of people was inconvenient. • Messages had no defined internal structure. • The sender never knew if a message arrived or not. • Lack of "I'm temporary away" management. • Poor user interface. • It was not possible to create and send messages containing a mixture of text and binary data: drawings, photos, facsimile, and voice.
E-mail: Architectures and services • Typically, e-mail systems support five basic functions: • Composition refers to the process of creating messages and answers. • Transfer refers to moving messages from the originator to the recipient. The e-mail system should do this automatically, without bothering the user. • Reporting has to do with telling the originator what happened to the message. • Displaying incoming messages is needed so people can read their e-mail. Sometimes conversion is required or a special viewer must be invoked. • Disposition is the final step and concerns what the recipient does with the message after receiving it. (Delete, Replay, Forward, Save ...)
Electronic MailThe User Agent Paper mail e-mail
Reading E-mail An example of mailbox
MIME – Multipurpose Internet Mail Extensions The original e-mail was designedto transfer 7-bit text (ASCII) characters only, so ... • Problems with international languages: • Languages with accents (French, German). • Languages in non-Latin alphabets (Hebrew, Cyrillic ...). • Languages without alphabets (Chinese, Japanese). • Messages not containing text at all (audio or images).
Message Transfer exampleusing SMTP Transferring a message from firstname.lastname@example.org to email@example.com.
Final e-mail delivery • Sending and reading mail when the receiver has a permanent Internet connection and the user agent runs on the same machine as the message transfer agent. • Reading e-mail when the receiver has a dial-up connection to an ISP.
Post Office Protocol (POP3) Using POP3 to fetch three messages.
Internet Message Access Protocol(IMAP. TCP port 143) A comparison of POP3 and IMAP. The current version of IMAP is 4 revision 1 – RFC 3501
File Transfer Protocol (FTP) • File Transfer Protocol (FTP) is the standard mechanism provided by TCP/IP for copying of any kind of files from one host to another. • Defined in RFC 959 (1985). • FTP uses the services of TCP. It needs two TCP connections. • The well-known TCP port 21 is used for the control connection and the well-known port 20 for the data connection.
FTP operation File transfer