Computer Network Notes - Application Layer

6. Application layer

6.1 Network application model

Each application layer protocol is designed to solve a certain type of application problem, and the problem is often solved through communication and collaborative work between multiple application processes located in different hosts.The specific content of the application layer is to stipulate the protocol that the application process follows when communicating.. Communication and collaboration between these application processes usually adopt certain patterns.Common ones include client/server model and P2P model

Client/server model (C/S model)

Client and Server both refer to the two application processes involved in communication.. The client/server model describes the relationship between services and being served. A service can be any application, such as a file transfer service, an email service, etc.In this model, the client is the requester of the service and the server is the provider of the service.. For example, host A issues a service request to host B, host A is the client, and host B provides services to host A, and host B is the server.The client program must know the address of the server program, but the server program does not need to know the address of the client program。

Main features of client/server model :

• The status of computers in the network is unequal, the server can achieve the purpose of managing clients by restricting user permissions, so that they cannot store data at will, let alone delete data at will, or perform other restricted network activities.
• The management of the entire network is undertaken by a few servers, so network management is very centralized and convenient. This advantage is even more obvious in large-scale networks.
• Poor scalability. Due to limitations of server hardware and network bandwidth, the number of clients that a server can support is relatively limited. When the number of clients grows rapidly, it will drastically affect the efficiency of the network application system.

P2P model

The P2P model means that two hosts do not distinguish which one is the service requester and which one is the service provider when communicating. As long as both hosts are running P2P software, they can communicate on equal peer-to-peer connections., for example, both parties can download the other party's shared documents that have been stored in the hard disk (and under the client/server model, only when the client actively initiates a request, the document can be obtained from the server, or the document can be passed to the server, and multiple clients If you want to share files between computers, you can only transfer them through the server). For example, the commonly used software such as QQLive and eDonkey use the P2P model.

The P2P model is still essentially a client/server model, except that each host in the peer-to-peer connection is both a client and a server.

brought about by the P2P modelThe advantage is that any host can become a server, changing the original model that required a dedicated server. Obviously, documents can be shared directly between multiple clients. In addition, the P2P network model can be used to solve the performance bottleneck problem of dedicated servers(For example, playing streaming media puts too much pressure on the server, but through the P2P model, a large number of clients can be used to provide services).

Main features of the P2P model :

• Heavy computer tasks can be assigned to various nodes, using the idle computing power and storage space of each node.Aggregation enables powerful services。
• Good system scalability. Traditional servers have connection bandwidth limitations and can only reach a certain number of client connections. But in the P2P model, this problem can be avoided.
• The network is more robust and there is no problem of central node failure.. When some nodes fail to connect, the remaining nodes can still form a complete network.

6.2 DNS system

If you are not allowed to access homepage B through www.abc.com, is there any other way? You can directly use the IP address (XX.XX) of the server that stores homepage B to access it. Of course, if there are only a few websites on the entire network, people can still barely remember the IP address of their servers to access them. However, thousands of websites need to remember the IP addresses of their servers in order to access them correctly. I believe not many of them can access them correctly. Individual users can fall in love with the Internet, so domain names appear, so that people can access websites through domain names that are easy to remember. But this is superficial. In fact, real access still requires IP address.Then we naturally thought that there should be something that could convert domain names into corresponding IP addresses, so the DNS system was born.。

6.2.1 Concept of DNS system

DNS is conceptually divided into 3 parts:

• hierarchical domain name space
• domain name server
• parser

6.2.2 Hierarchical domain name space

The Internet uses a hierarchical tree structure naming method.Any host or router connected to the Internet has a unique hierarchical name, that is, domain name (Domain Name).

Domains can also be divided into subdomains, and subdomains can be divided into subdomains of subdomains, thus introducing top-level domain names, second-level domain names, third-level domain names, etc.

Each domain name consists of a sequence of labels (Each label represents a different level of domain name.), separated by dots between each label, the format is as follows:

···. Third-level domain name. Second-level domain name. Top-level domain name

The domain name with the lowest level is written on the far left, and the top-level domain name with the highest level is written on the far right, and the domain name is not case-sensitive.

Top-level domain names are mainly divided into the following three categories :

• National top-level domain names (nTLD), such as .cn for China, .us for the United States, .uk for the United Kingdom, etc.
• Generic top-level domain names (gTLD), the earliest top-level domain names are as follows:
  • .com (companies and businesses)
  • .net (network service organization)
  • .org (non-profit organization)
  • .edu (U.S. dedicated educational institution)
  • .gov (U.S.-specific government department)
  • .mil (the dedicated military branch of the United States)
  • .int (international organization)
• Infrastructure Domain, this top-level domain nameThere is only one, arpa, used for reverse domain name resolution, so it is also called reverse domain name .

6.2.3 Domain Name Server

The Internet's Domain Name System (DNS) is designed to be aOnline distributed database system, and adopts the client/server model .The resolution from name to domain name is completed by several domain name servers. The domain name server program runs on a dedicated node. The machine running the program is called a domain name server.。

The range that a server is responsible for (or has authority over) is called a zone.. As shown in Figure 6-5, each unit divides the areas under its jurisdiction according to specific circumstances, but inAll nodes in a zone must be connected。Each zone is set up with a corresponding authority domain name server to save the mapping from domain names to IP addresses of all hosts in the zone.. The jurisdiction of the DNS server is not based on "domain", but on "zone", and the zone must be smaller than or equal to the domain .

The domain name server system on the Internet isArranged according to the hierarchy of domain names, each domain name server only governs a part of the domain name system.. Therefore, there are 4 different types of nameservers:

• Root domain name server (the highest level domain name server).The root domain name server is the most important domain name server. All root domain name servers know the domain names and IP addresses of all top-level domain name servers. No matter which local domain name server it is, if it wants to resolve any domain name on the Internet, as long as it cannot resolve it itself, it will first turn to the root domain name server.
  • The root domain name server is used to govern top-level domain names (such as com). It does not directly convert the domain name to be queried into an IP address, butTell the local domain name server which top-level domain name server to query next.。
• Top-level domain name server. These name serversResponsible for managing all second-level domain names registered in this top-level domain name server. When a DNS query request is received, a corresponding answer is given (it may be the final result, or it may be the IP address of the domain name server that should be found next).
• Authoritative domain name server (authorized domain name server). This is the domain name server responsible for a zone as mentioned earlier.When an authoritative domain name server cannot provide the final query answer, it will tell the DNS client that issued the query request which authoritative domain name server to find next.。
• Local domain name server. Local name servers are very important to the domain name system.When a host issues a DNS query request, the query request message is sent to the local domain name server. Each Internet Service Provider (ISP) or a university, or even a department within a university, can have a local name server.This type of name server is sometimes called the default name server.. When people use local connections, they need to fill in the DNS server, and this is the address of the local DNS server.

6.2.4 Domain name resolution process

The host queries the local domain name server usingrecursive query。

If the local domain name server queried by the host does not know the IP address of the queried domain name, then the local domain name server will continue to send query request messages to other domain name servers as a DNS client.

Query from local domain name server to root domain name serverIterative query is usually used, but of course recursive query can also be used, depending on the setting of the initial query request message which query method is required.。

Iterative query

When the root domain name server receives the iterative query request message from the local domain name server,Either give the IP address to be queried, or tell the local domain name server "which domain name server should be queried next", and then let the local domain name server perform subsequent queries.

recursive query

Recursive query meansThe local domain name server only needs to query the root domain name server once, and subsequent queries are performed among several other domain name servers.. In step 7, the local domain name server obtains the required IP address from the root domain name server. Finally, in step 8, the local domain name server tells the host m.xyz.com the query result.

Domain names of hosts connected to the Internet must be unique

6.3 FTP

6.3.1 How FTP works

File Transfer Protocol (FTP) is the most widely used transfer protocol on the Internet. FTP provides interactive access, allowing clients to specify file types and formats, and allows file access rights.FTP shields the details of each computer system and is therefore suitable for transferring files between any computers in heterogeneous networks.。

FTP only provides some basic services for file transfer, which uses TCP to transport services reliably . FTP uses a client/server model .One FTP server process can provide services to multiple client processes at the same time. FTP server processIt consists of two parts, a main process responsible for receiving new requests; and several slave processes responsible for processing single requests.。

The working steps of the main process:

• Open the well-known port (port number is 21) so that the client process can connect.
• Wait for the client process to issue a connection request.
• Start slave processes to handle requests from client processes. The slave process terminates after processing its request to the client process, but the slave process may also create some other child processes as needed during its operation.
• Return to the waiting state and continue to receive requests from other client processes.The processing of the main process and the slave process is performed concurrently。

6.3.2 Control connection and data connection

When transferring files,Two TCP connections are established between the FTP client and the server. One is used to transmit control commands and responses, called a control connection ; the other is used for actual file content transmission, called a data connection.。

The FTP server listens on port 21 and waits for client connections. The connection established on this port is called a control connection., the client can send various requests to the server through this connection , such as logging in, changing the current directory, switching data transmission mode, listing directory contents, uploading files, etc.When files need to be transferred, another connection is established between the server and the client. This is called a data connection.。

The control connection remains open throughout the session, and transfer requests from the FTP client are sent to the control process on the server side through the control connection, butThe control connection is not used to transfer files. actualA data connection is used to transfer files. After receiving the file transfer request sent by the FTP client, the server-side control process creates a data transfer process and a data connection to connect the client and server-side data transfer processes . The data transfer process actually completes the file transfer, closes the data transfer connection and ends the operation after the transfer is completed.

6.4 Email

6.4.1 Structure of email

Email, also known as E-mail, is currently the most frequently used service on the Internet. It provides Internet users with a fast, convenient, and cheap way to communicate.The email sends the email to the mail server of the Internet Service Provider (ISP) and places it in the recipient's mailbox. The recipient can go online to the ISP's mail server to read it at any time.。

An email system has the following 3 main components

• User agent: The interface between the user and the email system, such as Outlook and Foxmail. Its basic functions are writing, displaying and processing.
• Mail server: All ISPs on the Internet have mail servers. The function is to send and receive mail, and also report the status of mail delivery (delivered, rejected, lost, etc.) to the sender.
• Protocols used by emails, such as Simple Mail Transfer Protocol (SMTP), Post Office Protocol-Version3 (POP3), etc.

Email sending and receiving process

• The sender calls the user agent to edit the message to be sent. The user agent uses SMTP to deliver the email to the sending mail server.
• The sending mail server puts the mail into the mail cache queue and waits for sending.
• When the SMTP client process running on the sending mail server finds that there are emails to be sent in the mail cache, it initiates the establishment of a TCP connection to the SMTP server process running on the receiving mail server.
• After the TCP connection is established, the SMTP client process starts sending emails to the remote SMTP server process. When all the emails to be sent have been sent, SMTP closes the established TCP connection.
• After receiving the email, the SMTP server process running in the receiving mail server puts the email into the recipient's user mailbox and waits for the recipient to read it at their convenience.
• When the recipient intends to receive the mail, he calls the user agent and uses POP3 (or IMAP) to retrieve his mail from the user's mailbox of the receiving mail server (if there is a letter in the mailbox).

6.4.2 Email formats and MIME

Email format

An email consists of two parts: envelope and content. Generally, only the header format of the email content is specified, while the main part of the email is freely written by the user. After the user writes the header, the email system automatically extracts the information required from the envelope and writes it on the envelope.

The header of the email content contains some keywords, followed by a colon, such as "To:" is the recipient's email address, "Subject:" is the subject of the email, etc.

MIME

Since SMTP is limited to transmitting 7-digit ASCII code emails of a certain length, it was proposedMultipurpose Internet Mail Extensions (MIME). The intention of MIME is to continue to use the current [RFC 822] format, but to add the structure of the email body and define encoding rules for transmitting non-ASCII codes .

MIME defines two encoding methods for converting non-ASCII characters into ASCII characters (not important):

• quoted-printable encoding

  Suitable for transmitting only a small amount of non-ASCII code, use a "=" followed by two numeric characters to represent a non-ASCII code character. These two numbers are the hexadecimal value of the character, and ASCII code characters are not converted.

• based64 encoding

  For arbitrary binary files, base64 encoding can be used. This encoding method is to first divide the binary code into several units of equal length of 24 bits, and then divide each 24-bit unit into four 6-bit groups. Each 6-bit group is converted into ASCII code according to the following method. The 6-bit binary code has 64 different values, ranging from 0 to 63, with A representing 0, B representing 1, etc. After the 26 uppercase letters are arranged, 26 lowercase letters are arranged, and then 10 numbers are arranged. Finally, "+" is used to represent 62, and "/" is used to represent 63. Then use two equal signs "==" and one equal sign "=" together to indicate that the last group of codes is only 8 bits or 16 bits respectively. Carriage returns and line feeds are ignored; they can be inserted anywhere.

6.4.3 SMTP and POP3

SMTP

SMTP specifies how information should be exchanged between two SMTP processes that communicate with each other.. SMTP runs on top of TCP, uses port 25, and also uses the client/server model .

SMTP specifies 14 commands and 21 types of response information (no need to remember).

3 stages of SMTP communication

• The connection is established. The connection is an SMTP established between the SMTP client of the sending host and the SMTP server of the receiving host.Not using an intermediate mail server。
• Mail delivery.
• The connection is released. After the email is sent, SMTP should release the TCP connection.

POP3

POP is a very simple, but limited-feature mail reading protocol. Now using its third version, POP3, POP also uses a client/server working method . The POP client program must be running on the user's computer that receives the mail, and the POP server program must be run on the mail server of the ISP to which the user is connected.

A feature of POP3 is that as long as the user reads the email from the POP server, the POP server will delete the email.。

Summarize

• Do not confuse the Mail Reading Protocol POP with the Mail Delivery Protocol SMTP

  SMTP is used when the sender's user agent sends mail to the source mail server and when the source mail server sends mail to the destination mail server. POP is the protocol used by users to read mail from the destination mail server.

• Summary of email sending process

  • The client establishes a TCP connection to the server.
  • The server sends identity information to confirm that the connection has been established
  • The client sends identity information and the server confirms receipt.
  • The client sends the email recipient address, and the server confirms receipt.
  • The client sends the email sender address, and the server confirms receipt.
  • The client requests to send the email content, and the server confirms that it is ready.
  • The client sends the email content, ending with a line containing only a dot (.) character, and the server sends back a confirmation that the data has been received.

  It can be seen from the above process thatAny client can send emails to the mail server through SMTP, and the address of the email sender can be completely forged, and the server can only passively receive it. This is also the reason for the proliferation of spam.。

• Summary of the email receiving process

  • The client establishes a TCP connection to the server.
  • The server sends identity information to confirm that the connection has been established.
  • The client sends the USER command + user name, and the server confirms receipt.
  • The client sends the PASS command + user password, and the server confirms receipt.
  • The client sends the LIST command, and the server returns a list of the number of emails in the current mailbox.
  • The client sends the RETR command + email number, and the server sends back the corresponding email content.
  • After receiving the email, the client can choose whether to send the DELE command + email number to notify the server to delete the corresponding email from the mailbox.

  It can be seen from the above process thatIn POP3, the client decides whether to keep the received mail on the server. In addition, POP3 uses clear text to transmit the user's email password, which brings hidden dangers to email security.。

6.5 WWW

6.5.1 Concept and structure of WWW

WWW concept

WWW (Worid Wide Web, World Wide Web) is referred to as 3W. It is not a special computer network. The World Wide Web is a massive, online repository of information. Its characteristic is that it is very convenient to access another site from one site on the Internet by using links, thereby actively obtaining rich information on demand. WWW also provides various search engines to enable users to find information conveniently.

The structure of WWW

WWW combines various information in the form of pages. The information contained in a page can be in various formats such as text, graphics, images, sounds, animations, links, etc. Such a page is also called hypermedia (If there are only text and links in the page, it is called hypertext. Pay attention to the distinction.), and the links to the page are called hyperlinks.

The WWW uses Uniform Resource Locators (URLs) to identify various documents on the WWW. The general format of URL is
<protocol>: //<host>:<port number>/<path>

Common protocols include HTTP, FTP, etc.The host part is the computer where the document is stored. It can be a domain name or an IP address. The port number is the port that the server listens to (the port number can be known according to the protocol and is generally omitted). The path can generally be omitted, and the characters in the URL are capitalized. Or lowercase is not required。

The World Wide Web works in a client/server fashion.The browser is a World Wide Web client program on the user's computer, and the computer where the World Wide Web document resides runs the server program. This computer is called a World Wide Web server. The client program sends a request to the server program, and the server program sends back the document requested by the client to the client program.。

work process:

• Web users use a browser (specified URL) to establish a connection with the Web server and send a browsing request.
• The web server converts the URL into a file path and returns the information to the web browser.
• Communication is completed and the connection is closed.

6.5.2 HTTP

HTTP operation process

Hypertext Transfer Protocol (HTTP) is the protocol used to interact between client programs (such as browsers) and WWW server programs.HTTP is a transaction-oriented application layer protocol. It uses TCP connections for reliable transmission. The server listens on port 80 by default.。

From the perspective of the protocol execution process, when the browser wants to access the WWW server,First, the domain name resolution of the WWW server must be completed. Once the server's IP address is obtained, the browser sends a connection establishment request to the server via TCP. There is a service process on each server, which constantly listens to TCP port 80. When it listens to the connection request, it establishes a connection with the browser.. After the TCP connection is established,The browser sends an HTTP request to the server to obtain a certain Web page. After the server receives the HTTP request, it will construct the necessary information for the requested Web page and return it to the browser through an HTTP response. The browser then interprets the information and displays the Web page to the user.. Finally, the TCP connection is released.

HTTP message structure (understand)

• Request message - Send a request message from the client to the server.
• Response message - the answer from the server to the client.

The difference between the two message formats is that the starting line is different。

• Starting line: used to distinguish whether it is a request message or a response message . The starting line in the request message is called the request line, and the starting line in the response message is called the status line. The three fields at the beginning of the line are separated by spaces.
• Header line: used to describe some information about the browser, server or message body.
• Entity body: This field is generally not used in request messages, and this field may not be found in some response messages.

HTTP works using both non-persistent and persistent connections。