Understand the application layer

1 Overview

• The application layer is the topmost layer of the computer network architecture;
• The application layer accepts the services provided by the transport layer to realize communication between application processes;
• The application layer includes various application software used in daily life, and different application software corresponds to different application layer protocols, such as

2. How the application is organized

• Applications are distributed on different hosts at the edge of the network;
• Common organization methods of network applications on various end systems are: 1) C/S method; 2) P2P method;

2.1 C/S mode

• Client/Server: client-server mode;
• Client and server are two application processes involved in network communication;
• The client is the service requester, and the server is the service provider;
• The server is always running, waiting for user requests;
• The server has a fixed IP address and port number;
• C/S-based application services are usually service-centralized construction, and the server pressure is usually high, so server clusters are often used to build virtual servers;
  

2.1 P2P way

• Peer-to-Peer: peer-to-peer mode;
• In the P2P organization mode, there is no distinction between fixed service requesters and service providers;
• The application processes distributed on the end systems are peers, called peers;
• Direct communication between peers, each peer is both a service requester and a service provider;
• The scalability of the P2P method is strong, and the system performance will not be reduced due to the expansion of the scale;
• The cost of P2P mode is low. Popular P2P applications include P2P file sharing, instant messaging, P2P streaming media and distributed storage, etc.;
• P2P-based application services are distributed;
  

3. Dynamic Host Configuration Protocol DHCP

• DHCP：Dynamic Host Configuration Protocol；
• It can automatically configure network information for hosts in the LAN, such as IP address, subnet mask, default gateway and DNS server;
• It can avoid manual configuration of host network information, reduce workload and reduce error rate;
• Application layer protocol, based on UDP transport layer protocol;
• The two sides of DHCP communication are divided into server and client. The corresponding port of the server process is 67, and the corresponding port of the client process is 68;
• The client DHCP starts automatically when it is turned on, and the DHCP server runs forever;
• In order to reduce the number of DHCP, a DHCP relay agent (usually a router) can be used as a bridge between computers and DHCP servers in each network;
• The IP address information of the DHCP server is configured in the DHCP relay agent;

3.1 DHCP workflow

• 1) The client starts the DHCP client process automatically after booting, and the corresponding port is 68;
• 2) The client process broadcasts and sends a DHCP discovery message, and the content of the message includes the MAC address of the client host and the transaction ID. Note that the source address of this message is 0.0.0.0, and the destination address is 255.255.255.255;
• 3) After the DHCP server process receives the request message, it broadcasts and sends a DHCP offer message , which includes transaction ID, network configuration information (such as address lease, IP address, subnet mask, default gateway, and DNS server). At this time, the source address of the message is the IP address of the server itself, and the destination address is 255.255.255.255. When the DHCP server selects an IP address for the client host, it will use ARP to detect whether the IP address is occupied by other hosts in the network;
• 4) The client receives the first arriving DHCP service providing message, responds, and broadcasts a DHCP request message , which includes the transaction ID, MAC address of the DHCP client, IP address in the DHCP lease accepted by the host, The DHCP service provides information such as the server IP address corresponding to the message. At this time, the source address of the message is the IP address of the server itself, and the destination address is 255.255.255.255.
• 5) The server corresponding to the lease accepts the request message and confirms the IP address lease. A DHCP confirmation message is sent by broadcast , the source address of the message is the server's own IP address, and the destination address is 255.255.255.255.
• 6) The client host receives the confirmation message, and uses ARP to detect whether the IP address provided by the lease is occupied by other hosts. If the IP address is available, the host confirms the configuration information, and the IP address can be used for network communication! !

4. Domain Name System DNS

• DNS：Domain Name System；
• Function: resolve the domain name to the corresponding host IP address ;
• Application layer protocol, based on UDP transport layer protocol;
• The corresponding port number of the DNS server process is 53, and the mapping relationship between the domain name and the IP address is recorded in the server;
• When the user host accesses the specified domain name, it first checks whether there is a corresponding IP address in the cache of the local host, and if not, accesses the DNS server to obtain the corresponding IP address of the domain name;
• The workload of a single DNS server is too large, and a distributed cluster is generally used to build the domain name system DNS;
• DNS enables most domain name resolution to be completed locally, and only a small amount of resolution needs to be communicated on the Internet, so the system efficiency is very high;
• The Internet uses a hierarchical naming tree as the domain name of the host;

4.1 Domain name structure

• The domain name is constructed using a hierarchical tree structure;
• The domain name structure is composed of multiple components, and each component represents a different level of domain name, separated by '.';
  
• The level of each component in the domain name structure decreases from right to left;
• The full domain name does not exceed 255 characters;
• Each level of domain name is composed of letters and numbers that are not case-sensitive, and shall not exceed 63 characters;
• Domain names at all levels are managed by the domain name management agency at the next level, and the highest top-level domain name is managed by ICANN, the Internet Corporation for Assigned Names and Numbers;
• The naming method of hierarchical management facilitates the maintenance of the uniqueness of the domain name ;
  

4.2 Domain Name Classification

4.3 Domain name server

• The mapping relationship between domain names and IP addresses must be saved in the domain name server for all other applications to query;
• DNS uses domain name servers distributed in various places to realize the conversion of domain names and IP addresses;

4.3.1 Classification

4.4 DNS domain name resolution process

• There are two query methods in the domain name resolution process: 1) recursive query; 2) iterative query;
• The recursive query method needs to visit the domain name server involved multiple times, which puts a lot of pressure on the domain name server, so the iterative method is often used for domain name resolution;
• In the iterative query, recursive query is only used when the machine sends DNS query messages to the local domain name server, while the iterative method is used when the local domain name server sends DNS messages to other domain name servers;
• In order to improve DNS query efficiency, caches are widely used in local domain name servers and user hosts. The cache records the mapping relationship between the recently queried domain name and IP address, so as to avoid unnecessary access to the domain name server;
• The data in the cache needs to be correct, so set a timer for each record and delete the timeout record to ensure the correctness of the record;
• When the user host accesses the specified domain name, it first checks in the cache in the local host, and if the query cannot be found, it sends a DNS query message to the local domain name server ;
  

5. File Transfer Protocol FTP

• FTP：File Transfer Protocol；
• Function: transfer files between different hosts in the network;
• Application layer protocol, built on the TCP transport layer protocol;
• The FTP server process generally uses port 21/20;
• FTP is the most widely used file transfer protocol on the Internet;
• FTP provides interactive access, allows customers to specify the type and format of files, and allows files to have access rights;

5.1 FTP workflow

• The FTP transfer mode is divided into active mode and passive mode , and the two modes are slightly different;

• Regardless of the mode, two parallel TCP connections must be established between the FTP client server:
  1) The control connection, which is opened by use, is used to transmit FTP-related control commands;
  2) The data connection, used for file transfer, is only used in Open during file transfer and close immediately after the transfer ends;

• Active mode (default) :
  1) The FTP client initiates a TCP connection establishment request, and the server uses port 21 to establish a control connection with the client;
  2) The server (using port 20) actively sends a TCP connection establishment request to the client, and the client uses Temporary port number to establish a data connection;

• Passive mode :
  1) The FTP client initiates a TCP connection establishment request, and the server uses port 21 to establish a control connection with the client;
  2) The client notifies the server to open a temporary port number and passively waits for a TCP connection, the client (using a temporary port number) server Send a TCP connection establishment request to establish a data connection;

6. E-mail system

• The system adopts C/S organization mode ;
• Three major components of the email system: 1) user agent; 2) mail server; 3) protocols required for email ;
• The user agent is the interface between the user and the mail system, also known as email client software ;
• The mail server is used to send and receive mail, and maintain user mailboxes;
• Protocols include mail sending protocols (such as SMTP) and mail reading protocols (such as POP3, IMAP);
• Brief workflow of the mail system:
  1) The sender uses the user agent to send mail to the sender's mail server using the SMTP protocol;
  2) The sender's mail server uses the SMTP protocol to forward the mail to the receiver's mail server;
  3) The receiver uses the user agent to send mail to the sender's mail server; Use the POP3 protocol to read mail from the recipient's mail server;
  

6.1 Email message format

• The format of the mail information is defined by RFC 822, and the mail needs to include two parts: the envelope and the content;
• The content part includes the header and the subject, both of which need to be filled in by the sender;
• The header includes the following keywords: 1) From: the sender; 2) To: the receiver; 3) Cc: the copy of the email; 4) Subject: the subject of the email;
• The subject content is the body of the email;
• The information required by the envelope is automatically extracted from the header by the mail system;
  

6.2 Simple Mail Transfer Protocol SMTP

• SMTP：Simple Mail Transfer Protocol；
• Mail sending protocol, which is an application layer protocol, built on the transport layer TCP protocol;
• The SMTP server uses port 25;
• The basic working principle takes the process of forwarding mail from the sender’s mail server to the receiver’s mail server as an example:
  1) When sending mail, the SMTP client establishes a TCP connection with the server. After the connection is successfully established, the communication between the two parties is completed by command response Mail transfer. During the mail transmission, the client sends 14 SMTP commands to the server, and the server makes 21 SMTP responses for the client; 2)
  After the TCP connection is successfully established, the server actively informs the client that it is ready;
  3) The client passes The three commands indicate the name identity to the server, as well as the sender and receiver of the email, and the server responds respectively;
  4) The client informs the server that it is about to send the email content, and the server responds, ready to receive the email content;
  5) The client sends the email Complete content and terminator, the server receives the email and responds;
  6) After the client sends the message, it requests the server to disconnect, and the server responds and actively disconnects;
  
• SMTP can only transmit ASCII code text data, and cannot transmit binary data such as images;
• Binary data can be encoded and decoded through MIME, combined with SMTP for data transmission;
  
• MIME (Multipurpose Internet Mail Extensions: Multipurpose Internet Mail Extensions):
  

6.3 Mail reading protocol

6.3.1 POP3 protocol

• POP (Post Office Protocol): Post Office Protocol, POP3 is the official standard of the Internet.
• The POP protocol is relatively simple and has limited functions;
• Users can only download emails from the mail server to the local host by means of download and delete or download and keep , but cannot directly manage emails on the mail server;
• Application layer protocol, based on TCP protocol;
• The POP3 protocol uses port 110;

6.3.2 IMAP protocol

• IMAP (Internet Mail Access Protocol): Internet mail access protocol, IMAP4 is a suggested standard for the Internet.
• The IMAP protocol is more powerful than the POP protocol, and users can manage emails directly on the mail server through the local computer;
• IMAP is an online protocol;
• Application layer protocol, based on TCP protocol;
• The IMAP4 protocol uses port 143;

6.4 Web-based email

• Now most of them use e-mail based on the World Wide Web, such as QQ mail;
• Log in the mail server World Wide Web site through the browser to complete the sending and receiving of mail;
• Workflow:
  1) If the mail sender and receiver use the same mail server, HTTP protocol is used for both sending and receiving;
  2) If the mail sender and receiver use different mail servers, HTTP protocol is used for both sending and receiving, but The mail forwarding process between different servers uses the SMTP protocol;
  

7. World Wide Web WWW

• WWW（World Wide Web）；
• The World Wide Web, also known as the Web application, is not a special computer network, but a distributed application running on the Internet;
• The World Wide Web is a large-scale, online information store, using hyperlinks between web pages to connect web pages of different websites into a logical information network;
• Adopt B/S architecture, that is, browser/server architecture;
• The browser parses and renders the webpage obtained from the server through the rendering engine (browser kernel), and presents the webpage content to the user;
• Web resources are identified using a URL (Uniform Resource Locator), which marks a unique file location. The general form of URL is: 协议://主机:端口/路径?查询字符串;
• Web pages generally use HTML to write structure and content, use CSS to render styles, and use JS to control web page behavior;

7.1 HTTP protocol

See https://blog.csdn.net/qq_43665602/article/details/131733583 for details

• HTTP/1.0 adopts a non-persistent connection mode (Connection: Close), and each HTTP request needs to establish a TCP connection;
• HTTP/1.1 adopts the continuous connection (long connection, Connection: keep-alive) method, multiple HTTP requests share a TCP connection, and can use the pipeline (do not wait for the HTTP response to be sent before sending other HTTP requests) to work;

7.2 Web caching

• A web cache is a cache of the World Wide Web, which may be located on the client host or on an intermediate system;
• A web cache located on an intermediate system is also called a proxy server;
• The web cache temporarily stores some recent requests and responses (including the latest modification time, expiration time, etc.) in the local disk. When the new request is consistent with the temporary request, it returns the corresponding response in the cache directly without accessing the original server;
  

Reference: "Computer Network Micro Classroom"