guide to tcp/ip, second edition1 guide to tcp/ip, second edition chapter 6 basic tcp/ip services

Guide to TCP/IP, Second Edition 1

Guide To TCP/IP, Second Edition

Chapter 6

Basic TCP/IP Services


Objectives

• Understand how TCP/IP Application layer protocols and services work

• Explain the capabilities, message types, and request/reply architectures for a variety of basic TCP/IP services, including FTP, Telnet, SMTP, and HTTP

• Understand the operations of other basic TCP/IP services, including Echo, Whois, TFTP, Finger, Remote Procedure Call (RPC), NetBIOS services over TCP/IP (also known as NBT), and SNMP


Objectives (cont.)

• Explain how to decode packets that contain Application layer protocols, and how to relate message types or other similar information to the kinds of requests and replies moving between a client and a server (or between hosts in general)


How Application Layer IP Protocols Work And Behave

• Conventions and behaviors– Specifications for the message structures that the

protocol or service supports

– Definition of a well-known port address (or addresses) on which servers listen for service requests

– Availability of appropriate software components that implement the various roles that hosts can play in requesting or providing such services


How Application Layer IP Protocols Work And Behave (cont.)

• Request/reply messages• Client/server architecture• Peer-to-peer services• Server-to-server traffic

– Load balancing– Replication– Pull– Push– Push-pull


Understanding FTP

• FTP User Interface (UI)

• Protocol Interpreter (PI)

• FTP Commands

• Data Transfer Process (DTP)

• File System


Understanding FTP (cont.)

• TCP Transport

• TCP-based Command Connection

• TCP-based Data Transfer Connection


Sample FTP Communications


Sample FTP Communications (cont.)


Understanding Telnet

• Bidirectional byte-oriented communication

• Terminal Access

• Well-known Port 23 server side

• Dynamic port number client side


Sample Telnet Communications


Packet-By-Packet Sequence


Packet-By-Packet Sequence (cont.)


Understanding SMTP

• SMTP elements– Sender-SMTP and Receiver-SMTP– SMTP commands and extensions– SMTP reply codes


Understanding SMTP (cont.)


Sample SMTP Communications


Sample SMTP Communications (cont.)


Understanding HTTP

• Http elements– URIs

• Uniform Resource Locator (URL)

• Uniform Resource Name (URN)

– HTTP methods– Status codes


Understanding HTTP (cont.)


Sample HTTP Communications


Packet-By-Packet Sequence


Packet-By-Packet Sequence (cont.)


Other Common IP-based Services

• Echo (TCP and UDP)

• Whois

• Trivial File Transfer Protocol (TFTP)


Decoding Application Layer Protocols

• Decoding TCP/IP Application layer traffic largely depends on two separate but simultaneous forms of analysis– Understanding request/reply messages,

recognize related headers and payload information

– Assemble multiple lower-layer packets to reconstitute Application layer messages


Decoding Application Layer Protocols (cont.)


Other Common IP-based Services (cont.)

• Finger

• Remote Procedure Call (RPC)

• Simple Network Management Protocol (SNMP)

• NetBIOS over TCP/IP


Chapter Summary

• The foundation upon which all TCP/IP Application layer services rest is a request/reply message architecture, in which clients send requests and servers issue corresponding replies

• When the client and server roles are clearly distinct and separate, such services may be called client/server services; when a client can also act as a server and vice versa, such services may be called peer-to-peer services


Chapter Summary (cont.)

• Among its hundreds of Application layer services, the TCP/IP protocol suite includes many instances of both kinds

• Certain client/server Application layer services also involve server-to-server traffic, in which multiple servers cooperate to share common data

• The sharing process is called replication and may occur as a push operation, in which the sending server initiates data transfer, or as a pull operation, in which the receiving server initiates data transfer



• Some TCP/IP Application layer services even use push-pull replication, so that a server whose data was changed can immediately push its data to replication partners after the change is completed, but other servers can also request replication at regular intervals to make sure their copies of data are as current as possible

• FTP is a file transfer service that permits a local host to connect to a remote host, navigate and manage files on the remote system, and transfer files to and from that remote host

• Although FTP is an old TCP/IP service, it remains useful today



• Telnet provides a method to log on and access the command line on a remote computer using TCP/IP, a technique known as terminal emulation (because it makes

• the local host behave as if it were a terminal attached to the remote host)

• Because Telnet provides a convenient way to operate on a remote host across a network, it too remains useful to this day

• Security problems with Telnet (especially moving account and password information as clear text) prompted development and widespread adoption of Secure Telnet implementations in many organizations



• SMTP provides store and forward services for e-mail messages, and manages how e-mail is routed from its sender to its designated receiver(s)

• SMTP makes global e-mail possible on today’s Internet, and continues to deliver one of the most useful and valuable networking services around



• HTTP provides the underpinnings for the leading service and protocol used on today’s Internet—namely the World Wide Web

• HTTP’s rich collection of message types, and its ability to invoke other protocols (including e-mail, news, and FTP), make it a powerful tool for general remote data access

• Its hyperlinking abilities make it easy for users to move rapidly through huge information spaces and explain why the Web is so compelling and appealing to most Internet users



• Other common TCP/IP Application layer services include Echo (which echoes the data delivered to a receiver back to the sender), TFTP, Finger, Remote Procedure Call (RPC), NetBIOS over TCP/IP (also known as NBT), and SNMP



• Understanding how to decode Application layer protocols means learning how to identify and interpret request and reply messages related to such protocols, and how to reassemble related payloads, when necessary

• Fortunately, many modern protocol analyzers (for example, Ethereal) are able to assist with this task

guide to tcp/ip, second edition1 guide to tcp/ip, second edition chapter 6 basic tcp/ip services

Documents

basic tcpip services

edition1 guide

general slide

snmp slide

packet sequence slide

smtp smtp elements sendersmtp

receiversmtp smtp commands

extensions smtp