Back to Subject

Unit 2 - Notes

CSE306 7 min read

Unit 2: APPLICATION LAYER

The Application Layer is the topmost layer in the OSI and TCP/IP models. It provides the interface between the applications we use to communicate and the underlying network over which our messages are transmitted. Application layer protocols are used to exchange data between programs running on the source and destination hosts.

Domain Name System (DNS)

The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It translates easily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices.

Key Concepts

  • Namespace: DNS uses a hierarchical tree structure. At the top is the root domain (.), followed by Top-Level Domains (TLDs like .com, .edu, .org), Second-Level Domains (like google.com), and subdomains (like mail.google.com).
  • Name Servers: Servers that store DNS records.
    • Root Servers: Know the IP addresses of the TLD servers.
    • TLD Servers: Know the IP addresses of authoritative servers for specific domains.
    • Authoritative Servers: The final authority for a specific domain name, holding the actual IP address mapping.

DNS Resolution Process

  1. Local Cache/Hosts File: The OS checks its local cache.
  2. Recursive Query: If not found, the client sends a query to the local DNS resolver (usually provided by the ISP).
  3. Iterative Query: The local resolver contacts a Root server, which points to a TLD server, which in turn points to an Authoritative server.
  4. Resolution: The Authoritative server returns the IP address to the resolver, which caches it and returns it to the client.

Common DNS Record Types

  • A Record: Maps a domain name to an IPv4 address.
  • AAAA Record: Maps a domain name to an IPv6 address.
  • CNAME (Canonical Name): Maps an alias name to a true (canonical) domain name.
  • MX (Mail Exchanger): Directs email to a mail server.
  • NS (Name Server): Delegates a DNS zone to use the given authoritative name servers.

E-Mail

Electronic Mail is one of the most widely used applications on the Internet. It relies on an asynchronous communication model and a client-server architecture.

E-Mail Architecture

  • User Agent (UA): The email client (e.g., Outlook, Apple Mail, Gmail web interface) used to compose, read, and manage emails.
  • Message Transfer Agent (MTA): Mail servers that route and deliver emails (e.g., Postfix, Sendmail).
  • Message Access Agent (MAA): Retrieves emails from the server to the user agent.

E-Mail Protocols

  • SMTP (Simple Mail Transfer Protocol):
    • Used for pushing or sending emails from the UA to the MTA, and between MTAs.
    • Operates on TCP port 25 (historically), 587 (submission with TLS), or 465 (SMTPS).
  • POP3 (Post Office Protocol version 3):
    • Used for pulling emails from the mail server to the local client.
    • Typically downloads the email and deletes it from the server ("download-and-delete" mode).
    • Operates on TCP port 110 (or 995 for POP3S).
  • IMAP (Internet Message Access Protocol):
    • A more advanced protocol for pulling emails.
    • Keeps emails on the server, allowing synchronization across multiple devices.
    • Operates on TCP port 143 (or 993 for IMAPS).
  • MIME (Multipurpose Internet Mail Extensions):
    • An extension to SMTP that allows the transmission of non-text attachments (images, audio, video) and text in character sets other than ASCII.

File Transfer Protocol (FTP)

FTP is a standard network protocol used for the transfer of computer files between a client and server on a computer network.

FTP Architecture

FTP utilizes an out-of-band control model, meaning it uses two separate connections:

  1. Control Connection (TCP Port 21): Used to send commands and receive replies (e.g., user authentication, directory navigation). This connection remains open for the entire session.
  2. Data Connection (TCP Port 20): Used specifically for transferring the actual file data. This connection is opened and closed for each file transferred.

Connection Modes

  • Active Mode: The client opens a random port for data transfer, tells the server the port number, and the server initiates the data connection from port 20 to the client's randomly chosen port.
  • Passive Mode (PASV): To solve firewall issues on the client side, the client requests passive mode. The server opens a random data port and tells the client, and the client initiates the connection to that port.

TRANSPORT LAYER

The Transport Layer is responsible for end-to-end communication, delivering data from a process on the source machine to a process on the destination machine.

Relationship between Transport and Network Layer

  • Network Layer: Provides logical communication between hosts (Host-to-Host delivery). It moves packets from the source machine to the destination machine using IP addresses. It does not care which application generated the data.
  • Transport Layer: Provides logical communication between processes (Process-to-Process delivery). It takes messages from the application layer, encapsulates them into segments, and uses port numbers to ensure the data is delivered to the correct application on the destination host.

Transport Layer Services

  • Multiplexing and Demultiplexing: Using port numbers to allow multiple applications to share the same network interface simultaneously.
  • Reliable Data Transfer: Guaranteeing that data arrives at the destination uncorrupted, in order, and without loss or duplication (e.g., using acknowledgments and retransmissions).
  • Flow Control: Preventing a fast sender from overwhelming a slow receiver by regulating the flow of data.
  • Congestion Control: Preventing a sender from overwhelming the network itself, adjusting transmission rates based on network traffic.

Transmission Control Protocol (TCP)

TCP is a connection-oriented, reliable, and byte-stream-oriented transport layer protocol.

TCP Header Format

A standard TCP header is 20 bytes long (up to 60 bytes with options).

  • Source Port (16 bits): Identifies the sending application.
  • Destination Port (16 bits): Identifies the receiving application.
  • Sequence Number (32 bits): The byte-stream number of the first byte in the segment's data. Used to order packets.
  • Acknowledgment Number (32 bits): The sequence number of the next byte the receiver expects to receive.
  • Header Length / Data Offset (4 bits): Indicates where the data begins (size of the TCP header in 32-bit words).
  • Reserved (3 bits): Set to zero, reserved for future use.
  • Control Flags (9 bits): Includes important flags like:
    • URG: Urgent pointer is valid.
    • ACK: Acknowledgment number is valid.
    • PSH: Push data to the receiving application immediately.
    • RST: Reset the connection.
    • SYN: Synchronize sequence numbers (used in connection setup).
    • FIN: Finish connection (sender has no more data).
  • Window Size (16 bits): Used for flow control. Indicates the number of bytes the receiver is willing to accept.
  • Checksum (16 bits): Used for error-checking of the header and data.
  • Urgent Pointer (16 bits): Points to the sequence number of the last byte in a sequence of urgent data.
  • Options (Variable): Optional fields like Maximum Segment Size (MSS).

TCP Handshaking Operation

Connection Establishment (3-Way Handshake)

Before exchanging data, TCP establishes a connection to synchronize sequence numbers and allocate resources.

  1. Step 1 (SYN): The client sends a segment with the SYN flag set and an initial sequence number (Client_ISN).
  2. Step 2 (SYN-ACK): The server receives the SYN, allocates buffers, and replies with a segment having both SYN and ACK flags set. The ACK number is Client_ISN + 1. The server also provides its own initial sequence number (Server_ISN).
  3. Step 3 (ACK): The client receives the SYN-ACK, allocates buffers, and sends an ACK segment back. The ACK number is Server_ISN + 1.

Connection Termination (4-Way Handshake)

  1. Step 1 (FIN): The client sends a segment with the FIN flag set to indicate it has no more data to send.
  2. Step 2 (ACK): The server acknowledges the FIN packet. (The server can still send data if needed).
  3. Step 3 (FIN): Once the server is done sending data, it sends its own FIN segment.
  4. Step 4 (ACK): The client acknowledges the server's FIN segment. The connection is closed.

User Datagram Protocol (UDP)

UDP is a connectionless, unreliable transport layer protocol. It provides a lightweight transport service with minimal overhead, suitable for applications that prioritize speed over reliability (e.g., live video streaming, VoIP, DNS).

UDP Characteristics

  • No connection establishment (no handshake delay).
  • No guarantees of message delivery (no acknowledgments).
  • No ordering of messages (datagrams may arrive out of order).
  • No congestion or flow control.

UDP Header Format

The UDP header is extremely simple and is fixed at 8 bytes long.

  • Source Port (16 bits): Identifies the sending application. (Optional, can be zero if no reply is expected).
  • Destination Port (16 bits): Identifies the receiving application.
  • Length (16 bits): The length of the entire UDP datagram (header + data) in bytes. The minimum value is 8 (header only).
  • Checksum (16 bits): Used for error-checking of the header and data. Unlike TCP, the checksum in IPv4 UDP is optional, but it is mandatory in IPv6.
Previous
Unit 1
Next
Unit 3