Pages

CCNA Chapter 10 Application Layer

In the OSI model, data is passed from one layer to the next, starting at the application layer on the transmitting host, and proceeding down the hierarchy to the physical layer, and then passing over the communications channel to the destination host, where the data proceeds back up the hierarchy, ending at the application layer.

Applications are computer programs with which the user interacts and which initiate the data transfer process at the user’s request.
Services are background programs that provide the connection between the application layer and the lower layers of the networking model.
Protocols provide a structure of agreed-upon rules and processes that ensure services running on one particular device can send and receive data from a range of different network devices.

The functionality of the TCP/IP application layer protocols fit roughly into the framework of the top three layers of the OSI model: application, presentation and session layers. The OSI model Layers 5, 6, and 7 are used as references for application software developers and vendors to produce products, such as web browsers that need to access networks.

The Application Layer
Some of the most widely known application layer protocols include Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP), Internet Message Access Protocol (IMAP), and Domain Name System (DNS) protocol.

The Presentation Layer
The presentation layer has three primary functions:
 - Formats, or presents, data from the source device into a compatible form for receipt by the destination device.
 - Compression of the data in a way that can be decompressed by the destination device.
 - Encryption of the data for transmission and the decryption of data upon receipt by the destination.

The presentation layer formats data for the application layer and it sets standards for file formats. Some well-known standards for video include QuickTime and Motion Picture Experts Group (MPEG). QuickTime is an Apple computer specification for video and audio, and MPEG is a standard for video and audio compression and coding.
Among the well-known graphic image formats that are used on networks are Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPEG), and Portable Network Graphics (PNG) format. GIF and JPEG are compression and coding standards for graphic images. PNG was designed to address some of the limitations of the GIF format and to eventually replace it.

The Session Layer
As the name implies, functions at the session layer create and maintain dialogs between source and destination applications. The session layer handles the exchange of information to initiate dialogs, keep them active, and to restart sessions that are disrupted or idle for a long period of time.

Most known TCP/IP protocols are: 
Domain Name System (DNS) - This protocol resolves Internet names to IP addresses.
Telnet - This is used to provide remote access to servers and networking devices.
Simple Mail Transfer Protocol (SMTP) - This protocol transfers mail messages and attachments.
Dynamic Host Configuration Protocol (DHCP) - A protocol used to assign an IP address, subnet mask, default gateway, and DNS server addresses to a host.
Hypertext Transfer Protocol (HTTP) - This protocol transfers files that make up the web pages of the World Wide Web.
File Transfer Protocol (FTP) - A protocol used for interactive file transfer between systems.
Trivial File Transfer Protocol (TFTP) - This protocol is used for connectionless active file transfer.
Bootstrap Protocol (BOOTP) - This protocol is a precursor to the DHCP protocol. BOOTP is a network protocol used to obtain IP address information during bootup.
Post Office Protocol (POP) - A protocol used by email clients to retrieve email from a remote server.
Internet Message Access Protocol (IMAP) - This is another protocol for email retrieval.

The P2P network
Peer = равноправный (одноранговый) пользователь или узел сети

The P2P network model involves two parts: P2P networks and P2P applications. Both parts have similar features, but in practice work quite differently.
In a P2P network, two or more computers are connected via a network and can share resources (such as printers and files) without having a dedicated server. Every connected end device (known as a peer) can function as both a server and a client. One computer might assume the role of server for one transaction while simultaneously serving as a client for another. The roles of client and server are set on a per request basis.
P2P networks decentralize the resources on a network.
It is difficult to enforce security and access policies in networks containing more than just a few computers. User accounts and access rights must be set individually on each peer device.

A peer-to-peer (P2P) application allows a device to act as both a client and a server within the same communication
Some P2P applications use a hybrid system where resource sharing is decentralized, but the indexes that point to resource locations are stored in a centralized directory.
P2P applications can be used on P2P networks, client/server networks, and across the Internet.

Common P2P applications include: eDonkey, eMule, Shareaza, BitTorrent, Bitcoin, LionShare.

P2P applications require that each end device provide a user interface and run a background service. When you launch a specific P2P application, it loads the required user interface and background services; afterward, the devices can communicate directly.

Client-server model
In the client-server model, the device requesting the information is called a client and the device responding to the request is called a server. 
The client begins the exchange by requesting data from the server, which responds by sending one or more streams of data to the client.
One example of a client-server network is using an ISP’s email service to send, receive and store email. The email client on a home computer issues a request to the ISP’s email server for any unread mail. The server responds by sending the requested email to the client.
Although data is typically described as flowing from the server to the client, some data always flows from the client to the server. Data flow may be equal in both directions, or may even be greater in the direction going from the client to the server.

Common Application Layer Protocols

WWW
HTTP - The browser interprets the three parts of the URL:
1. http (the protocol or scheme)
2. www.cisco.com (the server name)
3. index.html (the specific filename requested)
The three common message types are GET, POST, and PUT:
GET is a client request for data.
POST and PUT are used to upload data files to the web server.
For secure communication across the Internet, the HTTP Secure (HTTPS) protocol is used for accessing or posting web server information. HTTPS can use authentication and encryption to secure data as it travels between the client and server.

Email
Email supports three separate protocols for operation: Simple Mail Transfer Protocol (SMTP), Post Office Protocol (POP), and Internet Message Access Protocol (IMAP). The application layer process that sends mail, uses SMTP. This is the case if sending from a client to a server, as well as when sending from one server to another.
The destination email server may not be online or may be busy when email messages are sent. Therefore, SMTP spools messages to be sent at a later time. Periodically, the server checks the queue for messages and attempts to send them again. If the message is still not delivered after a predetermined expiration time, it is returned to the sender as undeliverable (see http://www.ietf.org/rfc/rfc2821.txt  #4.5.3.2 Timeouts and  #4.5.4 Retry Strategies and #4.5.4.1 Sending Strategy :
Retries continue until the message is transmitted or the sender gives up; the give-up time generally needs to be at least 4-5 days.  The parameters to the retry algorithm MUST be configurable.).

A client retrieves email, however, using one of two application layer protocols: POP or IMAP.
Post Office Protocol (POP) enables a workstation to retrieve mail from a mail server. With POP, mail is downloaded from the server to the client and then deleted on the server.
However, unlike POP, when the user connects to an IMAP-capable server, copies of the messages are downloaded to the client application. The original messages are kept on the server until manually deleted. Users view copies of the messages in their email client software.


Overview of the mail server architecture
http://pic.dhe.ibm.com/infocenter/lnxinfo/v3r0m0/index.jsp?topic=%2Fliaaz%2Fmailflow.htm

DNS
The Domain Name System (DNS) was created for domain name to address resolution for these networks. DNS uses a distributed set of servers to resolve the names associated with these numbered addresses. Click the buttons in the figure to see the steps to resolve DNS addresses.
How DNS Works
The DNS protocol uses a hierarchical system to create a database to provide name resolution. The hierarchy looks like an inverted tree with the root at the top and branches below (see the figure). DNS uses domain names to form the hierarchy.

Some of DNS record types are: 
A - An end device IPv4 address 
AAAA - An end device IPv6 address
NS - An authoritative name server 
CNAME - The canonical name (or Fully Qualified Domain Name) for an alias; used when multiple services have the single network address, but each service has its own entry in DNS 
MX - Mail exchange record; maps a domain name to a list of mail exchange servers for that domain

Windows DNS commands
ipconfig /displaydns
nslookup

DHCP
The Dynamic Host Configuration Protocol (DHCP) service enables devices on a network to obtain IP addresses and other information from a DHCP server. This service automates the assignment of IP addresses, subnet masks, gateway, and other IP networking parameters. This is referred to as dynamic addressing. The alternative to dynamic addressing is static addressing. When using static addressing, the network administrator manually enters IP address information on network hosts.

DHCP-distributed addresses are not permanently assigned to hosts, but are only leased for a period of time. If the host is powered down or taken off the network, the address is returned to the pool for reuse.
DHCP makes it possible to access the Internet using wireless hotspots at airports or coffee shops.
DHCP Operation
FTP
The File Transfer Protocol (FTP) is another commonly used application layer protocol. FTP was developed to allow for data transfers between a client and a server. An FTP client is an application that runs on a computer that is used to push and pull data from a server running an FTP daemon (FTPd).
FTP Server Modes
http://docs.cpanel.net/twiki/bin/view/AllDocumentation/WHMDocs/FTPPassiveMode
SMB
The Server Message Block (SMB) is a client/server file sharing protocol, developed by IBM in the late 1980s, to describe the structure of shared network resources, such as directories, files, printers, and serial ports. It is a request-response protocol.
SMB messages can:
 - Start, authenticate, and terminate sessions
 - Control file and printer access
 - Allow an application to send or receive messages to or from another device.

SMB file-sharing and print services have become the mainstay of Microsoft networking. With the introduction of the Windows 2000 software series, Microsoft changed the underlying structure for using SMB. In previous versions of Microsoft products, the SMB services used a non-TCP/IP protocol to implement name resolution. Beginning with Windows2000, all subsequent Microsoft products use DNS naming, which allows TCP/IP protocols to directly support SMB resource sharing.

Unlike the file sharing supported by File Transfer Protocol (FTP), clients establish a long-term connection to servers. After the connection is established, the user of the client can access the resources on the server as if the resource is local to the client host.
The LINUX and UNIX operating systems also provide a method of sharing resources with Microsoft networks using a version of SMB called SAMBA.
The Apple Macintosh operating systems also support resource sharing using the SMB protocol.

How Data Flow
Trends like bring your own device (BYOD), access anywhere, virtualization, and machine-to-machine (m2m) connections have made way to a new breed of applications. It is estimated that approximately 50 billion devices will be connected by 2020.

Using the TCP/IP model, a complete communication process includes six steps:
1) Creation of the Data
The first step is the creation of data at the application layer of the originating source end device. In this case, after building the web client’s request, known as an HTTP GET, that data will then be encoded, compressed, and encrypted if necessary.
2) Segmentation and Initial Encapsulation
The next step is segmentation and encapsulation of the data as it passes down the protocol stack. At the transport layer, the HTTP GET message will be broken down into smaller more manageable pieces and each part of the message will have a transport layer header added to it. Inside the transport layer header are indicators on how to rebuild the message. Also included is an identifier, port number 80. This is used to tell the destination server that the message is destined for its web server application. A randomly generated source port is added as well, to ensure that the client can track return communication and forward it up to the correct client application.
3) Addressing
The network layer accomplishes this by encapsulating each segment within an IP packet header. The IP packet header contains the IP addresses of the source and destination devices.

4) Preparing for Transportation
After IP addressing is added, the packet is passed to the network access layer for generation of the data onto the media. Once the network access layer has prepared the frame with source and destination addresses, it then encodes the frame into bits, and then into electrical pulses or flashes of light that are sent across the network media.

5) Transporting the Data
The data is transported through the internetwork, which consists of media and any intermediate devices. As the encapsulated message is transmitted across the network it may travel across several different media and network types.

6) Delivering the Data to the Correct Destination Application
Finally, at the destination end device, the frame is received. De-encapsulate and reassembly of the data occurs, as the data is passed up the stack in the destination device. The data is continually passed up the layers, from the network access layer to the network layer, to the transport layer, until it finally reaches the application layer and can then be processed.