Application Layer 1

Network Applications1. Two or more end systems (Hosts)

Client server paradigmClient: initiates contact with server (“speaks first”) typically requests service from server, for Web, client is implemented in browser; for e-mail, in mail readerServer: provides requested service to client e.g., Web server sends requested Web page, mail server delivers e-mail Peer to peer paradigm Peers come and leave at any time A peer is both a client and a server Scalability is the advantage Many hybrid peer-to-peer and client-server in real world

2. One or more application Protocols define

• type of messages• syntax of messages: fields and their meaning• actions taken

user services provided by lower layer protocols

Mail (smtp), VoIP (sip, rtp)

Application Layer 2

Identifying ApplicationsQ: how does a process “identify” the other

process with which it wants to communicate? IP address of host running other process

• 32-bit• Unique ID

“port number” - allows receiving host to determine to which local process the message should be delivered

• found in RFC 1700• RFC http://www.faqs.org/rfc

The combination of IP address and port number is also called “socket”

When a client application talks to a server, we need client ip address, client port number source ip address, source port number

TCP connection

4-tuple

Socket = (ip address, port #)

Application Layer 3

The Web: introduction Web page:

consists of “objects” addressed by a URL

Most Web pages consist of: base HTML page, and several referenced

objects. URL has two components:

host name and path name:

User agent for Web is called a browser: Internet Explorer Firefox

Server for Web is called Web server: Apache (public domain) MS Internet Information

Server

www.someSchool.edu/someDept/pic.gif

Application Layer 4

The Web: the http protocol

http: hypertext transfer protocol

Web’s application layer protocol

client/server model client: browser that

requests, receives, “displays” Web objects

server: Web server sends objects in response to requests

http1.0: RFC 1945 (before 1997)

http1.1: RFC 2068 (after 1998)

PC runningExplorer

Server running

NCSA Webserver

Mac runningNavigator

http request

http re

quest

http response

http re

sponse

Application Layer 5

The http protocol: more

http: TCP transport service:

client initiates TCP connection (creates socket) to server, port 80

server accepts TCP connection from client

http messages (application-layer protocol messages) exchanged between browser (http client) and Web server (http server)

TCP connection closed

http is “stateless” server maintains no

information about past client requests

Protocols that maintain “state” are complex!

past history (state) must be maintained

if server/client crashes, their views of “state” may be inconsistent, must be reconciled

aside

Application Layer 6

HTTP connections

Nonpersistent HTTP At most one object is

sent over a TCP connection.

HTTP/1.0 uses nonpersistent HTTP

Persistent HTTP Multiple objects can

be sent over single TCP connection between client and server.

HTTP/1.1 uses persistent connections in default mode

Application Layer 7

Nonpersistent HTTPSuppose user enters URL www.someSchool.edu/someDepartment/home.index

1a. HTTP client initiates TCP connection to HTTP server (process) at www.someSchool.edu on port 80

2. HTTP client sends HTTP request message (containing URL) into TCP connection socket. Message indicates that client wants object someDepartment/home.index

1b. HTTP server at host www.someSchool.edu waiting for TCP connection at port 80. “accepts” connection, notifying client

3. HTTP server receives request message, forms response message containing requested object, and sends message into its socket

time

(contains text, references to 10

jpeg images)

Application Layer 8

Nonpersistent HTTP (cont.)

5. HTTP client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects

6. Steps 1-5 repeated for each of 10 jpeg objects

4. HTTP server closes TCP connection.

time

Q: how many TCP connections?Q2: If the browser opens one TCP connectionat one time, how many round trips altogether?

Application Layer 9

Response time modeling

Definition of RTT: time to send a small packet to travel from client to server and back.

Response time: one RTT to initiate TCP

connection one RTT for HTTP request

and first few bytes of HTTP response to return

file transmission timetotal = 2RTT+transmit time

time to transmit file

initiate TCPconnection

RTT

requestfile

RTT

filereceived

time time

Application Layer 10

Persistent HTTP

Persistent HTTP server leaves

connection open after sending response

subsequent HTTP messages between same client/server are sent over connection

Persistent without pipelining:

client issues new request only when previous response has been received

one RTT for each referenced object

Persistent with pipelining: default in HTTP/1.1 client sends requests as

soon as it encounters a referenced object

as little as one RTT for all the referenced objectsHow many round trips do we need?

Non-persistent, persistent without pipelining, persistent with pipelining

Application Layer 11

http message format: request

two types of http messages: request, response http request message:

ASCII (human-readable format)

GET /somedir/page.html HTTP/1.0 User-agent: Mozilla/4.0Host: www.someschool.edu Accept: text/html, image/gif,image/jpeg Accept-language:fr

(extra carriage return, line feed)

request line(GET, POST,

HEAD commands)

header lines

Carriage return, line feed

indicates end of message

Application Layer 12

http request message: general format

HTTP/1.0 GET POST HEAD

asks server to leave requested object out of response

HTTP/1.1 GET, POST, HEAD PUT

uploads file in entity body to path specified in URL field

DELETE deletes file specified in the

URL field

Application Layer 13

Uploading form input

Post method: Web page often

includes form input Input is uploaded to

server in entity body

URL method: Uses GET method Input is uploaded in

URL field of request line:

www.somesite.com/animalsearch?monkeys&banana

Application Layer 14

http message format: response

HTTP/1.0 200 OK Connection: closeDate: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html data data data data data ...

status line(protocol

status codestatus phrase)

header lines

data, e.g., requestedhtml file

Application Layer 15

http response status codes

200 OK request succeeded, requested object later in this

message

301 Moved Permanently requested object moved, new location specified later

in this message (Location:)

400 Bad Request request message not understood by server

404 Not Found requested document not found on this server

505 HTTP Version Not Supported

In first line in server->client response message.A few sample codes:

Application Layer 17

User-Server Identification

Server is stateless How to identify a user

Authentication Cookies

Caching Conditional GET

Application Layer 18

User-server interaction: authentication

Authentication goal: control access to server documents

stateless: client must present authorization in each request

authorization: typically name, password authorization:

header line in request

client server

usual http request msg401: authorization req.

WWW authenticate:

usual http request msg

+ Authorization:lineusual http response

msg

usual http request msg

+ Authorization:lineusual http response

msg

time

Browser caches name & password sothat user does not have to repeatedly enter it.

Application Layer 20

Cookies: keeping “state” (cont.)

client server

http request

http response +Set-cookie: 1678

http requestcookie: 1678

http response

http requestcookie: 1678

http response

cookie-specificaction

cookie-spectificaction

servercreates ID

1678 for user

entry in backend

database

access

acce

ss

Cookie file

amazon: 1678ebay: 8734

Cookie file

ebay: 8734

Cookie file

amazon: 1678ebay: 8734

one week later:

Application Layer 21

Cookies (continued)

What cookies can bring: user accounts shopping carts Web portals Advertising

Secretly collecting users’ browsing habits What to do?

Application Layer 23

Conditional Get First time cache request

First time server response

Cache saves last modification time of the object

GET /fruit/kiwi.gif HTTP/1.1Host: www.exotiquecuisine.com

HTTP/1.1 200 OKDate: Mon, 7 Jul 2003 15:39:29Server: Apache/1.3.0 (Unix)Last-Modified: Wed, 2 Jul 2003 09:23:24Content-Type: image/gif

(data data data …)

Subsequent cache request

Subsequent server response

GET /fruit/kiwi.gif HTTP/1.1Host: www.exotiquecuisine.comIf-modified-since: Wed, 2 Jul 2003 09:23:24

HTTP/1.1 304 Not ModifiedDate: Mon, 14 Jul 2003 15:39:29Server: Apache/1.3.0 (Unix)

(empty entity body …)

Application Layer 24

Conditional GET: client-side caching

Goal: don’t send object if client has up-to-date cached version

client: specify date of cached copy in HTTP requestIf-modified-since:

<date> server: response contains

no object if cached copy is up-to-date: HTTP/1.0 304 Not

Modified

client server

HTTP request msgIf-modified-since:

<date>

HTTP responseHTTP/1.0

304 Not Modified

object not

modified

HTTP request msgIf-modified-since:

<date>

HTTP responseHTTP/1.0 200 OK

<data>

object modified

Application Layer 25

HTTPS

- Secure version of HTTP- Procedure:

Client connects, Systems exchange fresh public keys Systems agree on a symmetric (fast)

protocol (e.g. 3DES) Server presents certificate Client accepts or rejects (Client presents certificate)