Bài giảng môn Mạng máy tính - Chapter 3: Application layer functionality and protocols

1Chapter 3- Application Layer Functionality and Protocols CCNA Exploration 4.0 Học viện mạng Bach Khoa - Website: www.bkacad.com 2 Objectives • Describe how the functions of the three upper OSI model layers provide network services to end user applications. • Describe how the TCP/IP Application Layer protocols provide the services specified by the upper layers of the OSI model. • Define how people use the Application Layer to communicate across the information network. • Describe the function of well-known TCP/IP applications, such as the World Wide Web and email, and their related services (HTTP, DNS, SMB, DHCP, STMP/POP, and Telnet). • Describe file-sharing processes that use peer-to-peer applications and the Gnutella protocol. • Explain how protocols ensure services running on one kind of device can send to and receive data from many different network devices. • Use network analysis tools to examine and explain how common user applications work. Học viện mạng Bach Khoa - Website: www.bkacad.com 3 Applications – The Interface Between the Networks Học viện mạng Bach Khoa - Website: www.bkacad.com 4 OSI and TCP/IP model • The Application layer (Layer 7): The top layer of both the OSI and TCP/IP models. • It provides the interface between the applications we use to communicate and the underlying network over which our messages are transmitted. • Application layer protocols are used to exchange data between programs running on the source and destination hosts. 3.1.1.1 Học viện mạng Bach Khoa - Website: www.bkacad.com 5 OSI and TCP/IP model Học viện mạng Bach Khoa - Website: www.bkacad.com 6 OSI model Học viện mạng Bach Khoa - Website: www.bkacad.com 7 OSI model Học viện mạng Bach Khoa - Website: www.bkacad.com 8 OSI model Học viện mạng Bach Khoa - Website: www.bkacad.com 9 OSI model Học viện mạng Bach Khoa - Website: www.bkacad.com 10 OSI model Học viện mạng Bach Khoa - Website: www.bkacad.com 11 OSI and TCP/IP Model • Functionality of the TCP/IP Application layer protocols fit roughly into the framework of the top three layers of the OSI model: Application, Presentation and Session layers. 3.1.1.2 Học viện mạng Bach Khoa - Website: www.bkacad.com 12 The Presentation layer functions • Coding and conversion of Application layer data to ensure that data from the source device can be interpreted by the appropriate application on the destination device. – An example of a presentation service would be the conversion of an EBCDIC-coded text file to an ASCII-coded file. • Compression of the data in a manner that can be decompressed by the destination device. • Encryption of the data for transmission and the decryption of data upon receipt by the destination. Học viện mạng Bach Khoa - Website: www.bkacad.com 13 Example: JPEG format original image 75% image quality The Presentation layer functions • Presentation layer implementations are not typically associated with a particular protocol stack Học viện mạng Bach Khoa - Website: www.bkacad.com 14 Học viện mạng Bach Khoa - Website: www.bkacad.com 15 The Session Layer • Functions at this layer create and maintain dialogs between source and destination applications. • The Session layer handles the exchange of information to initiate dialogs, keep them active, and to restart sessions that are disrupted or idle for a long period of time. Học viện mạng Bach Khoa - Website: www.bkacad.com 16 The Session Layer • Most applications, like web browsers or e-mail clients, incorporate functionality of the OSI layers 5, 6 and 7. Học viện mạng Bach Khoa - Website: www.bkacad.com 17 Application Layer Protocols • Domain Name Service Protocol (DNS) • Dynamic Host Configuration Protocol (DHCP) • Hypertext Transfer Protocol (HTTP) • Simple Mail Transfer Protocol (SMTP) • Telnet (terminal emulation protocol) • File Transfer Protocol (FTP) 3.1.1.3 Học viện mạng Bach Khoa - Website: www.bkacad.com 18 Application Layer Software • Within the Application layer, there are two forms of software programs or processes that provide access to the network: applications and services. • Network-Aware Applications – They implement the application layer protocols and are able to communicate directly with the lower layers of the protocol stack. Example: IE, Firefox, Outlook ... • Application layer Services – Other programs may need the assistance of Application layer services to use network resources, like file transfer or network print spooling. Example: setup a HTTP server , using IIS. 3.1.2 Học viện mạng Bach Khoa - Website: www.bkacad.com 19 Application Layer Software 3.1.2 Học viện mạng Bach Khoa - Website: www.bkacad.com 20 Application Layer Software • Alg.exe: Application Layer Gateway service is a component of of Windows OS. It is required if you use a 3rd party firewall or Internet Connection Sharing (ICS) to connect to the internet. Do not end this program in task manager - you will lose all internet connectivity until next restart or login. • "lsass.exe" is the Local Security Authentication Server. It verifies the validity of user logons to your PC/Server. It generates the process responsible for authenticating users for the Winlogon service. Học viện mạng Bach Khoa - Website: www.bkacad.com 21 Application Layer Software • Học viện mạng Bach Khoa - Website: www.bkacad.com 22 User Applications, Services, and Application Layer Protocols • Applications provide people a way to create messages. • Application layer services establish an interface to the network. • Protocols provide the rules and formats that govern how data is treated. The Application layer uses protocols that are implemented within applications and services. Học viện mạng Bach Khoa - Website: www.bkacad.com 23 User Applications, Services, and Application Layer Protocols 3.1.3 Học viện mạng Bach Khoa - Website: www.bkacad.com 24 Application Layer Protocol Functions 3.1.4 Applications and services may also use multiple protocols in the course of a single conversation. One protocol may specify how to establish the network connection and another describe the process for the data transfer when the message is passed to the next lower layer. Học viện mạng Bach Khoa - Website: www.bkacad.com 25 Making Provisions for Applications and Services Học viện mạng Bach Khoa - Website: www.bkacad.com 26 The Client-Server Model • In the client/server model, the device requesting the information is called a client and the device responding to the request is called a server. 3.2.1 The Client-Server Model Học viện mạng Bach Khoa - Website: www.bkacad.com 27 Học viện mạng Bach Khoa - Website: www.bkacad.com 28 Servers • In a general networking context, any device that responds to requests from client applications is functioning as a server. • In a client/server network, the server runs a service, or process, sometimes called a server daemon (?) 3.2.2 Học viện mạng Bach Khoa - Website: www.bkacad.com 29 Application Layer Services and Protocols • The Application layer processes and services rely on support from lower layer functions to successfully manage the multiple conversations. 3.2.3.1 Lab 3.2.3.2 Học viện mạng Bach Khoa - Website: www.bkacad.com 30 Q/A • What is an advantage of client-server network ? •Centralized management Học viện mạng Bach Khoa - Website: www.bkacad.com 31 Học viện mạng Bach Khoa - Website: www.bkacad.com 32 Peer-to-Peer Networking and Applications (p2p) The Peer-to-Peer Model • Peer-to-peer networking involves two distinct forms: 1. Peer-to-peer network design 2. Peer-to-peer applications (P2P) • Both forms have similar features but in practice work very differently. Học viện mạng Bach Khoa - Website: www.bkacad.com 33 Peer-to-Peer Networking and Applications (p2p) • In a peer-to-peer network, two or more computers are connected via a network and can share resources (such as printers and files) without having a dedicated server. Peer-to-Peer Networks Học viện mạng Bach Khoa - Website: www.bkacad.com 34 Peer-to-Peer Networking and Applications (p2p) 3.2.4.1 Peer-to-Peer Network Học viện mạng Bach Khoa - Website: www.bkacad.com 35 Học viện mạng Bach Khoa - Website: www.bkacad.com 36 Peer-to-Peer Networking and Applications (p2p) • Allows a device to act as both a client and a server within the same communication. • Require that each end device provide a user interface and run a background service. • Some P2P applications use a hybrid system where resource sharing is decentralized but the indexes that point to resource locations are stored in a centralized directory • Can be used on peer-to-peer networks, client/server networks, and across the Internet. Peer-to-Peer Applications Học viện mạng Bach Khoa - Website: www.bkacad.com 37 Peer-to-Peer Networking and Applications (p2p) 3.2.4.2 Học viện mạng Bach Khoa - Website: www.bkacad.com 38 Peer-to-Peer Networking and Applications (p2p) Học viện mạng Bach Khoa - Website: www.bkacad.com 39 Application Layer Protocols and Services Examples Học viện mạng Bach Khoa - Website: www.bkacad.com 40 Application Layer Protocols and Services • Domain Name System (DNS) - TCP/UDP Port 53 • Hypertext Transfer Protocol (HTTP) - TCP Port 80 • Simple Mail Transfer Protocol (SMTP) - TCP Port 25 • Internet Message Access Protocol (IMAP)- TCP Port 143 • Post Office Protocol (POP) - UDP Port 110 • Telnet - TCP Port 23 • Secure Shell – SSH port 22 • Dynamic Host Configuration Protocol (DHCP) - UDP Port 67 • File Transfer Protocol (FTP) - TCP Ports 20 and 21 Học viện mạng Bach Khoa - Website: www.bkacad.com 41 DNS Services and protocol • The Domain Name System (DNS) is a system used on the Internet for translating names of domains and their publicly advertised network nodes into IP addresses. 3.3.1 Domain name ? Học viện mạng Bach Khoa - Website: www.bkacad.com 42 DNS - Example Học viện mạng Bach Khoa - Website: www.bkacad.com 43 DNS - Example Học viện mạng Bach Khoa - Website: www.bkacad.com 44 DNS - Example Học viện mạng Bach Khoa - Website: www.bkacad.com 45 DNS - Example Học viện mạng Bach Khoa - Website: www.bkacad.com 46 DNS - Example Học viện mạng Bach Khoa - Website: www.bkacad.com 47 DNS - Example Học viện mạng Bach Khoa - Website: www.bkacad.com 48 DNS Services and Protocol • Computer operating systems also have a utility called nslookup that allows the user to manually query the name servers to resolve a given host name. • This utility can also be used to troubleshoot name resolution issues and to verify the current status of the name servers. Học viện mạng Bach Khoa - Website: www.bkacad.com 49 DNS Services and Protocol • These records contain the name, address, and type of record. Học viện mạng Bach Khoa - Website: www.bkacad.com 50 DNS Services and Protocol • A - an end device address • NS - an authoritative name server • CNAME - the canonical name (or Fully Qualified Domain Name) for an alias; used when multiple services have the single network address but each service has its own entry in DNS • MX - mail exchange record; maps a domain name to a list of mail exchange servers for that domain DNS Services and Protocol Học viện mạng Bach Khoa - Website: www.bkacad.com 51 Học viện mạng Bach Khoa - Website: www.bkacad.com 52 DNS Services and Protocol • The ipconfig /displaydns command displays all of the cached (?) DNS entries on a Windows XP or 2000 computer system. Học viện mạng Bach Khoa - Website: www.bkacad.com 53 DNS Services and Protocol Học viện mạng Bach Khoa - Website: www.bkacad.com 54 DNS Services and Protocol vnn com edu gov com edu gov ukfrvn . Học viện mạng Bach Khoa - Website: www.bkacad.com 55 DNS Services and Protocol vnn yahoo comvn . server Address of com server Address of yahoo.com Address of www.yahoo.com Address of www.yahoo.com Request Reply Q/A .VN ? Học viện mạng Bach Khoa - Website: www.bkacad.com 56 Học viện mạng Bach Khoa - Website: www.bkacad.com 57 WWW Service and HTTP • URLs (or Uniform Resource Locator) and URIs (Uniform Resource Identifier) are the names most people associate with web addresses. 3.3.2 Học viện mạng Bach Khoa - Website: www.bkacad.com 58 Extra: URL • Abbreviation of Uniform Resource Locator, the global address of documents and other resources on the World Wide Web. – The first part of the address is called a protocol identifier and it indicates what protocol to use. – The second part is called a resource name and it specifies the IP address or the domain name where the resource is located. Example • • ftp://www.bkacad.com • • ftp://mail.bkacad.com Học viện mạng Bach Khoa - Website: www.bkacad.com 59 Học viện mạng Bach Khoa - Website: www.bkacad.com 60 WWW Service and HTTP • In order to access the content, web clients make connections to the server and request the desired resources. The server replies with the resources and, upon receipt, the browser interprets the data and presents it to the user. Học viện mạng Bach Khoa - Website: www.bkacad.com 61 WWW Service and HTTP • Browsers can interpret and present many data types, such as plain text or Hypertext Markup Language (HTML, the language in which web pages are constructed). Other types of data, however, may require another service or program, typically referred to as plug-ins or add-ons. Học viện mạng Bach Khoa - Website: www.bkacad.com 62 WWW Service and HTTP • GET • POST/PUT • HTTPS Học viện mạng Bach Khoa - Website: www.bkacad.com 63 E-mail Services and SMTP/POP Protocols • E-mail, the most popular network service, has revolutionized how people communicate through its simplicity and speed. • E-mail requires several applications and services: POP/SMTP 3.3.3 Học viện mạng Bach Khoa - Website: www.bkacad.com 64 E-mail Services and SMTP/POP Protocols • Mail User Agent (MUA) (application or e-mail client): allows messages to be sent and places received messages into the client's mailbox, both of which are distinct processes. • MUA includes: POP and SMTP Học viện mạng Bach Khoa - Website: www.bkacad.com 65 E-mail Services and SMTP/POP Protocols •Mail Transfer Agent (MTA) •Mail Delivery Agent (MDA) E-mail Server Processes Học viện mạng Bach Khoa - Website: www.bkacad.com 66 E-mail Services and SMTP/POP Protocols • Mail Transfer Agent (MTA) Học viện mạng Bach Khoa - Website: www.bkacad.com 67 E-mail Services and SMTP/POP Protocols • The Mail Delivery Agent (MDA) Học viện mạng Bach Khoa - Website: www.bkacad.com 68 E-mail Services and SMTP/POP Protocols Học viện mạng Bach Khoa - Website: www.bkacad.com 69 Extra: E-Mail Security • SMTP Relay attack Học viện mạng Bach Khoa - Website: www.bkacad.com 70 FTP The client establishes the first connection to the server on TCP port 21 The client establishes the second connection to the server over TCP port 20 FTP daemon (FTPd) ??? 3.3.4 Học viện mạng Bach Khoa - Website: www.bkacad.com 71 Q/A •Active Mode ? •Passive Mode ? Học viện mạng Bach Khoa - Website: www.bkacad.com 72 Học viện mạng Bach Khoa - Website: www.bkacad.com 73 FTP Client Học viện mạng Bach Khoa - Website: www.bkacad.com 74 Extra: FTP • Setting up a FTP server in Microsoft Windows 2000, XP Professional, Media Center Edition, Tablet PC Edition or Windows Server 2003. Học viện mạng Bach Khoa - Website: www.bkacad.com 75 Extra: Secure FTP Commands in PKT • PC> ftp 192.168.1.251 • User: cisco • Pass: cisco • ftp> help • ftp> dir • ftp> get {file_name} • ftp> quit • PC> dir Học viện mạng Bach Khoa - Website: www.bkacad.com 76 On Client, using DOS for downloading a file Commands in PKT • PC> ftp 192.168.1.251 • User: cisco • Pass: cisco • ftp> put {file_name} Học viện mạng Bach Khoa - Website: www.bkacad.com 77 On Client, using DOS for uploading a file Học viện mạng Bach Khoa - Website: www.bkacad.com 78 DHCP • The Dynamic Host Confirmation Protocol (DHCP) service enables devices on a network to obtain IP addresses and other information from a DHCP server. 3.3.5 Học viện mạng Bach Khoa - Website: www.bkacad.com 79 Why Use DHCP? DHCP reduces the complexity and amount of administrative work by using automatic TCP/IP configuration Manual TCP/IP Configuration IP addresses are entered manually on each client computer Possibility of entering incorrect or invalid IP address Incorrect configuration can lead to communication and network issues Administrative overload on networks where computers are frequently moved Automatic TCP/IP Configuration IP addresses are supplied automatically to client computers Ensures that clients always use correct configuration information Client configuration is updated automatically to reflect changes in network structure Eliminates a common source of network problems Học viện mạng Bach Khoa - Website: www.bkacad.com 80 DHCP • The DHCP server maintains a pool of IP addresses and leases an address to any DHCP-enabled client when the client is powered on. • DHCP Packet: • DHCP DISCOVER • DHCP OFFER • DHCP REQUEST • DHCP ACK Học viện mạng Bach Khoa - Website: www.bkacad.com 81 DHCP Học viện mạng Bach Khoa - Website: www.bkacad.com 82 How the DHCP Operation DHCP client broadcasts a DHCPDISCOVER packet1 DHCP servers broadcast a DHCPOFFER packet2 DHCP client broadcasts a DHCPREQUEST packet3 DHCP Server1 broadcasts a DHCPACK packet4 DHCP Client DHCP Server1 DHCP Server2 Commands •C:/> ipconfig /release •C:>ipconfig /renew •C:>ipconfig /all Học viện mạng Bach Khoa - Website: www.bkacad.com 83 Học viện mạng Bach Khoa - Website: www.bkacad.com 84 File Sharing Services and SMB Protocol 3.3.6 Học viện mạng Bach Khoa - Website: www.bkacad.com 85 File Sharing Services and SMB Protocol • The Server Message Block (SMB) is a client/server file sharing protocol. • Unlike the file sharing supported by FTP, clients establish a long term connection to servers. Once the connection is established, the user of the client can access the resources on the server as if the resource is local to the client host. • SMB file-sharing and print services have become the mainstay of Microsoft networking. • SAMBA ? Học viện mạng Bach Khoa - Website: www.bkacad.com 86 File Sharing Services and SMB Protocol • Start, authenticate, and terminate sessions • Control file and printer access • Allow an application to send or receive messages to or from another device SMB messages can: Học viện mạng Bach Khoa - Website: www.bkacad.com 87 File Sharing Services and SMB Protocol Practice •Using Wireshark for capturing SMB packets Học viện mạng Bach Khoa - Website: www.bkacad.com 88 Học viện mạng Bach Khoa - Website: www.bkacad.com 89 P2P Services and Gnutella Protocol 3.3.7 P2P Services and Gnutella Protocol • How Does GNUtella (Limewire) Work? • Học viện mạng Bach Khoa - Website: www.bkacad.com 90 Học viện mạng Bach Khoa - Website: www.bkacad.com 91 P2P Services and Gnutella Protocol • Many P2P applications do not use a central database to record all the files available on the peers. • When a user is connected to a Gnutella service, the client applications will search for other Gnutella nodes to connect to. • The actual file transfers usually rely on HTTP services. Học viện mạng Bach Khoa - Website: www.bkacad.com 92 P2P Services and Gnutella Protocol Học viện mạng Bach Khoa - Website: www.bkacad.com 93 P2P Services and Gnutella Protocol 1. ping - for device discovery 2. pong - as a reply to a ping 3. query - for file location 4. query hit - as a reply to a query 5. push - as a download request The Gnutella protocol defines five different packet types Học viện mạng Bach Khoa - Website: www.bkacad.com 94 Extra: Gnutella Protocol • Gnutella2 is a protocol for distributed search. • Although the Gnutella protocol supports a traditional client/centralized server search paradigm, Gnutella’s distinction is its peer-to-peer, decentralized model. • In this model, every client is a server, and vice versa. These so-called Gnutella servents perform tasks normally associated with both clients and servers. • They provide client-side interfaces through which users can issue queries and view search results, while at the same time they also accept queries from other servents, check for matches against their local data set, and respond with applicable results. Due to its distributed nature, a network of servents that implements the Gnutella protocol is highly fault-tolerant, as operation of the network will not be interrupted if a subset of servents goes offline. Học viện mạng Bach Khoa - Website: www.bkacad.com 95 Extra: Gnutella Protocol Telnet Services and Protocol Học viện mạng Bach Khoa - Website: www.bkacad.com 96 3.3.8 Học viện mạng Bach Khoa - Website: www.bkacad.com 97 Telnet Services and Protocol • Server runs Telnet daemon. • A virtual terminal connection is established • Most operating systems include an Application layer Telnet client. • Telnet clients: DOS, HyperTerminal, Minicom, and TeraTerm. • Telnet provides a standard method of emulating text-based terminal devices over the data network. • To support Telnet client connections: Học viện mạng Bach Khoa - Website: www.bkacad.com 98 Telnet Services and Protocol Học viện mạng Bach Khoa - Website: www.bkacad.com 99 Telnet Services and Protocol • Telnet is a client/server protocol and it specifies how a VTY (?) session is established and terminated. • Each Telnet command consists of at least two bytes. The first byte is a special character called the Interpret as Command (IAC) character. • If security is a concern, the Secure Shell (SSH) protocol offers an alternate and secure method for server access. Học viện mạng Bach Khoa - Website: www.bkacad.com 100 SSH Protocol Học viện mạng Bach Khoa - Website: www.bkacad.com 101 Lab: Client Sever interaction Q&A • Two forms of application layer software: –applications –services Học viện mạng Bach Khoa - Website: www.bkacad.com 102 Q&A • The advantages of using a client- server model –centralized administration –security is easier to enforce Học viện mạng Bach Khoa - Website: www.bkacad.com 103 Q&A • Three properties of peer-to-peer applications –acts as both a client and server within the same communication –hybrid mode includes a centralized directory of files –can be used in client-server networks Học viện mạng Bach Khoa - Website: www.bkacad.com 104 Q&A • Which statements are correct concerning the role of the MTA in handling email? –receives email from the client's MUA –passes email to the MDA for final delivery –uses SMTP to route email between servers Học viện mạng Bach Khoa - Website: www.bkacad.com 105 Q&A • Refer to the exhibit. What is the destination port for the communication that is represented on line 5? Học viện mạng Bach Khoa - Website: www.bkacad.com 106 Q&A • Two characteristics of peer-to-peer networks: –decentralized resources –resource sharing without a dedicated server Học viện mạng Bach Khoa - Website: www.bkacad.com 107 Học viện mạng Bach Khoa - Website: www.bkacad.com 108 Summary Học viện mạng Bach Khoa - Website: www.bkacad.com 109