Transcription
Network Applications DriveNetwork Design Important to remember that networkapplications are the reason we care aboutbuilding a network infrastructure Applications range from text basedcommand line ones popular in the 1980s(like telnet, ftp, news, chat, etc) tomultimedia applications (Web browsers,audio and video streaming, real-time videoconferencing, etc.)3: Application Protocols:HTTP and DNSLast Modified:2/3/2003 8:13:18 PM2: Application Layer2: Application Layer1Top-down: Internet protocolstackCredit:CAIDA (1999)What is the Internet used for?networkusersApplicationTransportHTTP, SMTP, FTP, TELNET, DNS, TCP, UDP.IPNetworkPhysical2: Application Layer3EnglishSMTPe-mail serverTCP serverTCPTCP serverethernetdriver/cardIPIEEE 802.3 standardelectric signalsApplication: communicating,distributed processes running in network hosts in“user space” exchange messages toimplement app e.g., email, file transfer, theWebApplication-layer protocols one “piece” of an app (webbrowser do more than speakHTTP) define messages exchangedby apps and actions taken user services provided bylower layer protocolsuser Ye-mail clientIP serverPoint-to-point links,LANs, radios, .2: Application Layer4Applications and application-layer protocolsProtocol stackuser X2IP serverethernetdriver/card2: Application Layer5applicationtransportnetworkdata linkphysicalapplicationtransportnetworkdata linkphysicalapplicationtransportnetworkdata linkphysical2: Application Layer61
HTTPClient-server paradigmTypical network app has twopieces: client and serverClient: initiates contact with server(“speaks first”) typically requests service fromserver, for Web, client is implementedin browser; for e-mail, in mailreaderServer: Running first (always?) provides requested service toclient e.g., Web server sendsrequested Web page, mailserver delivers e-mailapplicationtransportnetworkdata kdata linkphysical2: Application Layer2: Application Layer7The Web: the http protocolThe http protocol: morehttp: hypertext transferprotocolhttp: TCP transportservice:Web’s application layerprotocol client/server model client: browser thatrequests, receives,“displays” Web objects server: Web server hasaccess to storagecontaining a set of Webdocuments; sends copies inresponse to requests http1.0: RFC 1945 http1.1: RFC 2616 r (e.g. Java applet)httpPC runningExplorerhttprequestresponse client initiates erMac runningNavigator2: Application Layerconnection (creates socket)to server, port 80 server accepts TCPconnection from client http messages (applicationlayer protocol messages)exchanged between browser(http client) and Web server(http server) TCP connection closedUniform Resource Locator(URL)http is “stateless” server maintains noinformation aboutpast client requestsasideProtocols that maintain“state” are complex! past history (state) mustbe maintained if server/client crashes,their views of “state” maybe inconsistent, must bereconciled2: Application Layer9810Note: Static vs Dynamic vsActive Web Pages Static: Stored in a file and unchangingprotocol://authority:port/p/a/th/item name?query Dynamic: Formed by server on demand inresponse to a requestprotocol http authority server machine port 80 by default /p/a/th/item name specifies a file to bereturned or possibly a program to be executedto produce the file to be returned query data to be interpreted by server 2: Application LayerOutput from a program (e.g. Common GatewayInterface (CGI) ) Often use query data sent with URL Active: Executed at the client! Computer program (not just output) that caninteract with user (e.g. Java applet)112: Application Layer122
http examplehttp example (cont.)Suppose user enters URLwww.someSchool.edu/someDepartment/home.index1a. http client initiates TCPconnection to http server(process) atwww.someSchool.edu. Port 80is default for http server.TCP connection socket5. http client receives responsewww.someSchool.edu waitingfor TCP connection at port 80.“accepts” connection, notifyingclientconnection.message containing html file,displays html. Parsing htmlfile, finds 10 referenced jpegobjects1b. http server at host2. http client sends http requestmessage (containing URL) into4. http server closes TCP(contains text,references to 10jpeg images)time6. Steps 1-5 repeated for eachof 10 jpeg objects3. http server receives requesttimemessage, forms responsemessage containing requestedobject(someDepartment/home.index),sends message into socket2: Application Layerhttp message format: request Two types of http messages:2: Application Layer1314http request message: general formatrequest, response Http request message: ASCII (human-readable format)request line(GET, POST,HEAD commands)GET /somedir/page.html HTTP/1.0User-agent: Mozilla/4.0Accept: text/html, image/gif,image/jpegheader Accept-language:frlinesCarriage return,line feedindicates endof message(extra carriage return, line feed)2: Application Layerhttp message format: responsestatus line(protocolstatus codestatus phrase)headerlinesdata, e.g.,requestedhtml file2: Application Layer1516http response status codesHTTP/1.0 200 OKDate: Thu, 06 Aug 1998 12:00:15 GMTServer: Apache/1.3.0 (Unix)Last-Modified: Mon, 22 Jun 1998 .Content-Length: 6821Content-Type: text/htmldata data data data data .In first line in server- client response message.A few sample codes:200 OK request succeeded, requested object later in this message301 Moved Permanently requested object moved, new location specified later inthis message (Location:)400 Bad Request request message not understood by server404 Not Found requested document not found on this server505 HTTP Version Not Supported2: Application Layer172: Application Layer183
Conditional GET Goal: don’t send object ifAuthentication (and statelessness)serverclientclient has up-to-date stored(cached) version client: specify date ofcached copy in http requesthttp request msgobjectnotmodifiedIf-modified-since: date http responseIf-modified-since: date HTTP/1.0304 Not Modified server: response containsno object if cached copy upto-date:http request msgIf-modified-since: date HTTP/1.0 304 NotModifiedobjectmodifiedhttp responseHTTP/1.0 200 OK data 2: Application Layer19 client in response mstSet-cookie: client presents cookie inlater requestscookie: server matchespresented-cookie withserver-stored info authentication remembering userpreferences, previouschoices Get client to remember“state” so server can bestateless!WWW authenticate:header line in responseusual http request msg Authorization:line Authorization will go witheach request to servertimeusual http response msgBrowser caches name & password sothat user does not have to repeatedly enter it.2: Application Layer20HTTP 1.1 : Persistent connectionsCookies (and statelessness ?)serverserver sends “cookie” to clientAuthentication goal: controlserveraccess to server documents client stateless: client must presentusual http request msgauthorization in each request401: authorization req. authorization: typically name,WWW authenticate:password authorization: headerline in requestusual http request msg Authorization:line if no authorizationpresented, server refusesusual http response msgaccess, sendsusual http request msgusual http response Set-cookie: #usual http request msgcookie: #usual http response msgusual http request msgcookie: #usual http response msgcookiespectificactioncookiespectificaction2: Application Layer21Persistent default for HTTP/1.1 on same TCPconnection: server,parses request,responds, parses newrequest,. Client sends requestsfor all referencedobjects as soon as itreceives base HTML. Fewer RTTsNon-persistent HTTP/1.0 server parses request,responds, and closesTCP connection Each object transfersuffers from TCPconnection setupoverhead 2 RTTs to fetch eachobjectBut most 1.0 browsers useparallel TCP connections. Do1.1 browsers do this? 2: Application LayerOther Features in HTTP 1.1Web Caches (proxy server) Hostname Identification Allows one physical web server to serve content formultiple logical servers user sets browser:Goal: satisfy client request without involving origin serverWeb accesses via webcache client sends all httprequests to web cache Content Negotiation Allows client to request a specific version of a resource Chunked Transfers For dynamic content, server needn’t specify allcharacteristics like size ahead of time Byte Ranges Clients can ask for small pieces of documents Support for Proxies and Caches2: Application Layer2223if object at webcache, web cacheimmediately returnsobject in httpresponseelse requests objectfrom origin server,then returns httpresponse to clientoriginserverhttpProxystserver unsetphttestpohtsprreespptonshteclient httpclientoriginserver2: Application Layer244
Why not web caching?Why Web Caching?originserversAssume: cache is “close” toclient (e.g., in same network) smaller response time: cache“closer” to client decrease traffic to distantserverslink out of institutional/localISP network often bottleneck Other reasons? Anonymity?publicInternetcache Servers don’t see accurate number of hitsto their content1.5 Mbpsaccess linkinstitutionalnetwork institutionalcache2: Application Layer2: Application Layer25Trying out http (client side) for yourself1. HTTP 1.0telnet www.google.com 80 Opens TCP connection to port 80(default http server port) at www.eurecom.fr.Anything typed in sentto port 80 at www.eurecom.fr2. Type in a GET http request:By typing this in (hit carriagereturn twice), you sendthis minimal (but complete)GET request to http servertelnet www.google.com 80GET / HTTP/1.0 send data Connection closed by foreign host.2. HTTP 1.1telnet www.google.com 80GET / HTTP/1.1 send data GET / HTTP/1.1 send data GET / HTTP/1.03. Look at response message sent by http server!2: Application Layer26HTTP 1.0 vs 1.11. Telnet to your favorite Web server: send data Connection closed by foreign host.272: Application Layer28For the record: HTTP vs HTMLExperiment yourself1. Try some headersTo collect information on who is requestingwhat, extract fees, etc.100 Mbps LANTranslation for low featureclients (ex. PDAs)GET / HTTP/1.0 It adds time to a requests that miss in the HTML format is highly specified but is justtelnet www.google.com 80GET / HTTP/1.1Host: www.google.comconsidered the data or body of an HTTPmessage HTML is not part of the HTTP protocol Example of layering: each layer speaks to apeer layer in an agreed upon language orprotocol In this case, both are processed by theweb browser. The web browser is both anHTTP client and an HTML parser.2. Try a real query (look at syntax of URL when you usegoogle)3. Try a chunked transfer4. .2: Application Layer292: Application Layer305
DNSNames and IP addressesPeople: many identifiers: SSN, name, Passport #Internet hosts, routers: many identifiers too IP address (32 bit) - used for addressing datagrams“name”, e.g., www.google.org - used by humansQ: map between IP addresses and name ?DNS does.but before we talk about DNS lets talk more aboutnames and addresses!2: Application LayerNames and addresses:why both? One name may map to more than one IPaddress IP address: 216.239.57.101IP addresses are per network interfaceMultihomed machines have more than onenetwork interface - each with its own IPaddress Example: routers must be like this (Also Ethernet or other link-layer addresses.) IP addresses are fixed-size numbers. 32 bits. 216.239.57.101 11011000.11101111.111001.1100101 Names are memorizable, flexible: One IP address may map to more than onename Variable-length Many names for a single IP address. Change address doesn’t imply change name. iPv6 addresses are 128 bit – even harder to memorize! 2: Application LayerOne server machine may be the web server(www.foo,com), mail server (mail.foo.com)etc.2: Application Layer33How to get names andnumbers?How to get a machine name? Acquistion of Names and numbers are both First, get a domain name then you are freeregulated 32Mapping Not 1 to 1 Name: www.google.com 2: Application Layer3134to assign sub names in that domainWhy? How to get a domain name coming up Before you ask for a domain name though Should understand domain name structure Should also know that you are responsible forproviding authoritative DNS server (actually aprimary and one or more secondary DNSservers) for that domain and registrationinformation through “whois”2: Application Layer352: Application Layer366
Domain name structureTop-level Domains (TLDs)root (unnamed)com edu gov mil net org.frgrus ukgTLDsgoogleustreas.ccTLDssecond level (sub-)domains Country code Top Level Domains (ccTLDs) One for each countrygTLDs Generic Top Level DomainsccTLDs Country Code Top Level Domains2: Application Layer on for Assigned Names and Numbers(ICANN), was formed to assume responsibilityfrom the US Government ICANN authorizes other companies to registerdomains in com, org and net and new gTLDsNetwork Solutions is one of the largest and intransitional period between US Govt and ICANN hadsole authority to register domains in com, org and net Sign agreement Demonstrate 70,000 in working capital Yearly fee - 4000 for first TLD 500for each additional2: Application Layer40Internet RegistriesIf you want a block of IP addresses, go to anInternet Registry Answer 1: Normally, answer is get an IPRIPE NCC (Riseaux IP Europiens Network CoordinationCentre) for Europe, Middle-East, AfricaAPNIC (Asia Pacific Network Information Centre )for Asiaand PacificARIN (American Registry for Internet Numbers) for NorthAmerica, the Caribbean, sub-equatorial AfricaLACNIC – Latin American and Caribbean Registry (new10/2002)Note: Once again regional distribution is important forefficient routing!address from your upstream providerThis is essential to maintain efficient routing! Answer 2: If you need lots of IP addressesthen you can acquire your own block ofthem. tion.htm Application 2500 application fee39How to get an IP Address? 38Want to be a registrar? In 1998, non-profit corporation, Internet2: Application Layer2: Application Layer37How to get a domain name? Generic Top Level Domains (gTLDs) .com - commercial organizations .org - not-for-profit organizations .edu - educational organizations .mil - military organizations .gov - governmental organizations .net - network service providers New: .biz, .info, .name, Get them from a regional Internet registryCan also get Autonomous System Numbers (ASNsfrom these registries2: Application Layer412: Application Layer427
Obtaining a Block of IPaddressesCheckpoint Now you know both how to get a machine Price (ARIN,Jan 2003) http://www.arin.net/registration/fee schedule.html 2500/year for /20 ; 20000/year for a /14 /20 20 of the 32 bits in IP address are specified, 12bits free, 212 4096 possible hosts See why a /14 would be more expensive than a /20?name and how to get an IP address Now back to DNS – how to map from one tothe other! Can’t just pay and not use them IP address space is a scarce resource You must prove you have fully utilized a small blockbefore can ask for a larger one!2: Application Layer2: Application Layer43Mapping from name to IP Address?DNS: Domain Name SystemHow could we provide this service?Domain Name System: In the beginning, file containing mapping for all hosts copiedto each new host Size of file?Propagation of changes? Centralized DNS server? single point of failuretraffic volumedistant centralized databasemaintenance44distributed database implemented in hierarchy ofmany name serversapplication-layer protocol host, routers, nameservers to communicate to resolve names(address/name translation) note: core Internet function implemented asapplication-layer protocol complexity at network’s “edge”doesn’t scale! no server has all name-to-IP address mappings2: Application Layer2: Application Layer45Mapping Name Servers to“Zones”Name Server Zone Structurerootcom gov edulucentmil net orgrootfrgrus ukcom gov eduStructure based onadministrative issues.ustreasirs46Zone: subtree with commonadministration authority.wwwlucentcornellustreascustoms.irsRoot NSLucent NSUstreas NSIRS NSwww2: Application Layer472: Application Layer488
Local Name ServersKinds of Name ServersName server: process running on a host that processesDNS requests local name servers: each ISP, company has local (default) name server host DNS query first goes to local name server authoritative name server: can perform name/address translation for a specific domain orzone root name server: intermediate name server: Each host knows the IP address of a localNS. Each local NS knows the IP addresses ofall root NSs. Knows the authoritative server for each domain Authoritative servers for a large domain may hand off queriesto lower level name servers that are responsible for a portionof the domain2: Application Layer2: Application Layer49Authoritative Name ServersRoot Name Servers Authoritative name servers for a given How do local name servers find thedomain do not “cache” the translationinstead they are the official source fortranslating all machine names in thatdomain For each domain, there must be anauthoritative name server authoritative NS for a given domain? Local name servers contact root nameservers for the address of theauthoritative name server for a domainIn fact, must be at least two- a primary andsecondary2: Application LayerPutting it together 10 root name servers inthe Internet host surf.eurecom.frwants IP address ofgaia.cs.umass.eduA. ROOT-SERVERS.NETB.ROOT-SERVERS.NET in Europe ternic.net/domain/named.cache RFC 2870: Root Name25surf.eurecom.frServer OperationalRequirements2: Application Layer53What is wrong with this picture?52root name server1. Contacts its local DNSserver, dns.eurecom.fr2. dns.eurecom.fr contacts local name serverroot name server, ifdns.eurecom.frnecessary163. root name server contactsauthoritative name server,dns.umass.edu, ifnecessaryrequesting host Most in US, 1 in Japan, 2 2: Application Layer51Root name servers 5034authorititive name serverdns.umass.edugaia.cs.umass.edu2: Application Layer549
DNS: iterated queriesrecursive query:2 Contacted servercompletes translationitself Puts burden oncontacted serveriterated query:iterated query37local name serverintermediate name serverdns.umass.edudns.eurecom.fr158They aren’t really the authority for each sub domain butthey can point you to the authority!gaia.cs.umass.edu2: Application Layer72: Application Layer55root name server56DNS – Point of Failure How often are failures a result of DNS62 Root name serverto contact to findauthoritativename serverCouldn’t theauthoritative name servers for a big domain getoverloaded like the root? Or maybe it isinconvenient administratively for two sub domainsto share the same DNS server? We don’t want the root to have to rememberdifferent servers for sub domains. Give the root the name of an “intermediate nameserver” surf.eurecom.frIntermediate Name Serverintermediatename server: who6authoritative name serverdns.cs.umass.edurequesting hostRoot servers disable recursive queries!may not know thereal authoritativename server may know What about big domains?recursivequery4 contacted serverreplies with name ofserver to contact “I don’t know thisname, but ask thisserver” Takes burden offcontacted serversIntermediate Name Serversroot name server3failure?Make notes of IP addresses of commonmachines you use If can’t access, try instead accessing by IPaddress If you can - DNS failure somewhere local name serverdns.eurecom.fr18requesting hostintermediate name serverdns.umass.edu45authoritative name .edu2: Application LayerDNS: distributed db storing resource records (RR) DNS designed for fairly slow/infrequent changeto these mappings RR format:Changes made via external edits to a zone's MasterFileFaster more automatic update/notify mechanismsunder design by IETFaddress all the time – can update the translationof human readable name to that new IP address;DHCP in general Once a non-authoritative name server learns amapping, it caches the mapping (name, value, type,ttl) Type A One we’ve been discussing Maps name to IP address name is hostname value is IP addressProposed Standard: RFC 2136 Example: home machines that get a new IP 58DNS records: More than Name toIP AddressDNS UPDATE 2: Application Layer57 Other common ones? NS, MX, CNAME, PTR Lots more: SOA, HINFO, MB, MR, MG, WKS, RBcache entries timeout (disappear) after some timeWhat it change faster than cache entries time out?2: Application Layer592: Application Layer6010
DNS records: More than Name toIP Address Type NS name is domain (e.g.foo.com)value is IP address ofauthoritative name serverfor this domain (why notname?) Type MX value is hostname ofmailserver associated withnamePTR Records Type CNAME name is an alias namefor some “cannonical”(the real) name value is cannonicalname Do reverse mapping from IP address toname Why is that hard? Which name server isresponsible for that mapping? How do youfind them? Answer: special root domain, arpa, forreverse lookups Type PTR name is IP address (inspecial format) value is name Reverse of type A2: Application LayerArpa top level domainmil net orgIn-addrfrietf30gr Notice that 1.33.30.128.in-addr.arpa is writtenin order of increasing scope of authorityjust like www.irs.gov From largest scope of authority, gov, up tosingle machine www.irs.gov From largest scope of activity, arpa, up tosingle machine 1.33.30.128.in-addr.arpa (or128.30.33.1) nslookup –query any 1.33.30.128.in-addr.arpa?us ukwww.ietf.org.www12833162Why is it backwards?Want to know machine name for 128.30.33.1?Issue a PTR request for 1.33.30.128.in-addr.arparootarpa com gov edu2: Application Layer611.33.30.128.in-addr.arpa.2: Application Layer2: Application Layer63In-addr.arpa domain64DNS protocol, messagesDNS protocol : query and repy messages, both with samemessage format When an organization acquires a domainname, they receive authority over thecorresponding part of the domain namespace. When an organization acquires a block ofIP address space, they receive authorityover the corresponding part of the inaddr.arpa space. Example: Acquire domain berkeley.edu andacquire a class B IP Network ID 128.1432: Application Layermsg header identification: 16 bit # forquery, repy to query usessame # flags: query or reply recursion desired recursion available reply is authoritative reply was truncated65Sample query and response?2: Application Layer6611
UDP or TCPDNS protocol, messages DNS usually uses UDPName, type fieldsfor a query Doesn’t DNS need error control? Why is UDPusually ok? RRs in reponseto query records forauthoritative serversEach object small enough to go in one datagram – no needfor reorderRetransmission? Just instrument client to resend requestif doesn’t get a response When does DNS use TCP? Truncation bit; if reply too long, set truncate bit assignal to request using TCP Also for zone transfers from primary to secondaryservers (RFC still says try UDP first)additional “helpful”info that may be used BIND can be configured to only respond to a TCP2: Application Layer67request if a corresponding UDP request was madefirst2: Application LayerWhy not always TCP?HTTP vs DNS TCP has higher overhead 2 Round Trips per query rather than 1 Many apps that use UDP implement only thesubset of TCP functionality they really need Why is HTTP human readable and DNSnot?Saves space is the limited size of thequery/response packet HTTP used by an application focused on endusers; DNS used by an application focused onnetwork management? Better answer? Also UDP requires less state on server With TCP, each connection requires significantstate More prone to overload (denial of serviceattacks?)2: Application Layer2: Application Layer69nslookupSummary Use to query DNS servers (not telnet like with We looked at two application levelhttp – why?) Examples: nslookup www.yahoo.com HTTP runs on TCP Many IP addresses why? DNS usually runs on UDP (sometimes onnslookup –query mx gnu.orgnslookup 70protocols: HTTP and DNS Interactive and Non-interactive modes 68TCP)Enter interactive shellType a host name; get its IP address infols –d domain.name (rarely supported)set debug, set recurse, set norecurse, exit HTTP is human readable; DNS not2: Application Layer712: Application Layer7212
OuttakesOther DNS forwarding Way to say if don’t find it here look hereinstead Examples I used to be authoritative for this – now I’m not lookhere Also useful for reverse lookups when organizationsdon’t have a full class A/B/C address – say where elseto look for possible reverse name lookup Internal DNS server behind firewall and has fulltranslations within domain; External has publiclyvisible like web and mail servers; Internal isfirewalled off so forwards request for outside worldto external that queries the root servers etc2: Application Layer2: Application Layer73OtherDNS Notify Need to use TCP for DNS through Used by a master server to inform thefirewalls? Common DDOS attack on DNS is to sendTCP requests to a large array of serversaround the world for some zone that theyare not authoritative for. In turn,allthose servers then go and make a largenumber of TCP requests to that zone'sauthoritative server at once.2: Application Layerslave servers that they should ask for anupdate. Zone Transfers are typicallylimited to only allow the slave servers toreceive that zone. For that reason, usingthe "ls" feature in nslookup almost neverworks.76How do clients and serverscommunicate? Markup language give general layoutAPI: applicationprogramming interface defines interfacebetween applicationand transport layer socket: Internet APIguidelines - not exact placement or formatso browsers may display the samedocument differently Free form (i.e. Spaces don’t matter) Embedded tags give guidelines Tags often appear in pairs 2: Application Layer75HTML overview 74 beginning TAGNAME ending /TAGNAME two processescommunicate by sendingdata into socket,reading data out ofsocketQ: how does a process“identify” the otherprocess with which itwants to communicate? IP address of hostrunning other process“port number” - allowsreceiving host todetermine to whichlocal process themessage should bedelivered more on this later.2: Application Layer772: Application Layer7813
Sockets Specify TransportServicesQUICK LOOK AHEAD: TCP vs UDP Sockets define the interfaces between anTCP service:application and the transport layer Applications choose the type of transportlayer by choosing the type of socket UDP Sockets – called DatagramSocket in Java,SOCK DGRAM in C TCP Sockets – called Socket/ServerSocket inJava, SOCK STREAM in C Client and server agree on the type of socket, the server port number and theprotocol2: Application Layer79connection-oriented: setuprequired between client,serverreliable transport betweensending and receiving processflow control: sender won’toverwhelm receivercongestion control: throttlesender when neworkoverloadeddoes not providing: timing,minimum bandwidthguaranteesUDP service: unreliable data transferbetween sending andreceiving process does not provide:connection setup,reliability, flow control,congestion control, timing,or bandwidth guarantee2: Application Layer8014
server: response contains no object if cached copy up-to-date: HTTP/1.0 304 Not Modified client server http request msg If-modified-since: date http response HTTP/1.0 304 Not Modified object not modified http request msg If-modified-since: date http response HTTP/1.0 200 OK data object modified 2: Application Layer 20
