UNIT V

APPLICATION LAYER

1.ELECTRONIC MAIL (or) SMTP (simple mail transfer protocol)

Electronic Mail
Electronic mail allows a message to include text, audio, and video. It also allows
one message to be sent to one or more recipients. e-mail system has three main
components:
1. User Agent,
2. Message Transfer Agent
3. Message Access Agent
Email Architecture
1. First Scenario - sender and the receiver on the same system
2. Second Scenario - sender and the receiver on two different systems.
3. Third Scenario – sender(or Rx) directly connected to his system
and receiver(or Tx) separated from system.
4. Fourth common scenario – sender and receiver is connected to mail server
by a WAN or a LAN and uses an MAA (message access agents) to retrieve
messages.

First scenario in electronic mail

When the sender and the receiver of an e-mail are on the same system, we need
only two user agents
Second scenario in electronic mail

When the sender and the receiver of an e-mail are on different systems, we
need two UAs and a pair of MTAs (client and server).
Third scenario in electronic mail
 When the sender/ receiver is connected to the mail server via a LAN or a WAN,
we need two UAs and two pairs of MTAs (client and server).
Fourth scenario in electronic mail

When both sender and receiver are connected to the mail server via a LAN or a WAN,
we need two UAs, two pairs of MTAs and a pair of MAAs.
E – mail:
One of the most popular Internet services is electronic mail (e-mail).

User Agent
• The first component of an electronic mail system is the user agent (UA).
• It provides service to the user to make the process of sending and receiving a
message easier.

Services Provided by a User Agent

• A user agent is a software package that composes, reads, replies to, and
forwards messages.
• It also handles mailboxes.
• Figure shows the services of a typical user agent.
Composing Messages
• A user agent helps the user compose the e-mail message to be sent out.
• Most user agents provide a template on the screen to be filled in by the user.

Reading Messages
• The second duty of the user agent is to read the incoming messages.
• When a user invokes a user agent, it first checks the mail in the incoming
mailbox.
• Most user agents show a one-line summary of each received mail.
• Each e-mail contains the following fields.
1. A number field.
2. A flag field that shows the status of the mail such as new, already read but
not replied to, or read and replied to.
3. The size of the message.
4. The sender.
5. The optional subject field.

Replying to Messages
• After reading a message, a user can use the user agent to reply to a message.
• The reply message may contain the original message and the new message.

Forwarding Messages
• Forwarding is defined as sending the message to a third party.
• A user agent allows the receiver to forward the message, with or without extra
comments, to a third party.

Handling Mailboxes
• A user agent normally creates two mailboxes: an inbox and an outbox.
• The inbox keeps all the received e-mails until they are deleted by the user.
• The outbox keeps all the sent e-mails until the user deletes them.

User Agent Types

There are two types of user agents: command-driven and GUI-based.

1. Command-Driven
• A command-driven user agent normally accepts a one-character command
from the keyboard to perform its task.
• For example, a user can type the character r, at the command prompt, to reply
to the sender of the message, or type the character R to reply to the sender and
all recipients.
2. GUI-Based
• They contain graphical-user interface (GUI) components that allow the user to
interact with the software by using both the keyboard and the mouse.
• They have graphical components such as icons, menu bars, and windows that
make the services easy to access.
• Some examples of GUI-based user agents are Eudora, Microsoft's Outlook,
and Netscape.

Sending Mail
•To send mail, the user, through the UA, creates mail that looks very similar to postal mail.
• It has an envelope and a message

Envelope
The envelope usually contains the sender and the receiver addresses.

Message
• The message contains the header and the body.
• The header of the message defines the sender, the receiver, the subject of the
message,
• The body of the message contains the actual information to be read by the
recipient.

Receiving Mail
• If the user is ready to read the mail a list is displayed in which each line
contains a summary of the information about a particular message in the
mailbox.
• The user can select any of the messages and display its contents on the screen.

Addresses
To deliver mail, a mail handling system must use an addressing system with
unique addresses.
 • In the Internet, the address consists of two parts: a local part and a domain
name, separated by an @ sign .
Local Part
The local part defines the name of a special file, called the user mailbox, where all the
mail received for a user is stored for retrieval by the message access agent.

Domain Name
An organization usually selects one or more hosts to receive and send e-mail; the
hosts are sometimes called mail servers or exchangers.
MIME (Multipurpose Internet Mail Extensions)
Electronic mail has a simple structure. It can send messages only in NVT 7-bit ASCII
format. For example, it cannot be used for languages that are not supported by 7-bit
ASCII characters (such as French, German, Hebrew, Russian, Chinese, and Japanese).
Also, it cannot be used to send binary files or video or audio data.
Multipurpose Internet Mail Extensions (MIME) is a supplementary protocol that
allows non-ASCII data to be sent through e-mail. MIME transforms non-ASCII data at
the sender site to NVT ASCII data and delivers them to the client MTA to be sent through
the Internet. The message at the receiving side is transformed back to the original data.
MIME is a set of software functions that transforms non-ASCII data (stream of bits)
to ASCII data and vice versa, as shown in Figure

MIME defines five headers that can be added to the original e-mail header section
to define the transformation parameters:
1. MIME-Version
2. Content-Type
3. Content-Transfer-Encoding
4. Content-Id
5. Content-Description
Figure shows the MIME headers
MIME-Version This header defines the version of MIME used. The current version is
1.1.

Content-Type This header defines the type of data used in the body of the message. The
content type and the content subtype are separated by a slash. Depending on the subtype,
the header may contain other parameters.

MIME allows seven different types of data.

Content-Transfer-Encoding This header defines the method used to encode the
messages into Os and Is for transport:

The five types of encoding methods

MIME defines five headers that can be added to the original e-mail header section to
define the transformation parameters:
1. MIME-Version
2. Content-Type
3. Content-Transfer-Encoding
4. Content-Id
5. Content-Description
Content-Id This header uniquely identifies the whole message in a multiple-message
environment

Content-Description This header defines whether the body is image, audio, or video.
Content-Description: <description>

Simple Mail Transfer Protocol (SMTP) Architecture:

The actual mail transfer is done through message transfer agents. To send mail, a
system must have the client MTA, and to receive mail, a system must have a server MTA.
The formal protocol that defines the MTA client and server in the Internet is called the
Simple Mail Transfer Protocol (SMTP). Figure shows the range of the SMTP protocol in
this scenario.
Commands and responses

SMTP uses commands and responses to transfer messages between an MTA client
and an MTA server. Each command or reply is terminated by a two-character end-of-line
token

Commands
Commands are sent from the client to the server. It consists of a keyword
followed by zero or more arguments.
• SMTP defines 14 commands.
• The first five are mandatory; every implementation must support these five
commands.
• The next three are often used and highly recommended.

Command format

Responses

Responses are sent from the server to the client. A response is a three digit code
that may be followed by additional textual information
Message Access Agent: POP and IMAP
The first and the second stages of mail delivery use SMTP. However, SMTP is not
involved in the third stage because SMTP is a push protocol; it pushes the message from
the client to the server. On the other hand, the third stage needs a pull protocol; the client
must pull messages from the server. The third stage uses a message access agent.
Currently two message access protocols are available: Post Office Protocol, version 3
(POP3) and Internet Mail Access Protocol, version 4 (IMAP4).

Figure shows the position of these two protocols in the most common situation

Post Office Protocol (POP3)

Post Office Protocol, version 3 (POP3) is simple and limited in functionality. The
client POP3 software is installed on the recipient computer; the server POP3 software is
installed on the mail server. Mail access starts with the client when the user needs to
download e-mail from the mailbox on the mail server. The client opens a connection to
the server on TCP port 110. It then sends its user name and password to access the
mailbox. The user can then list and retrieve the mail messages, one by one.

The exchange of commands and responses in POP3

POP3 has two modes: the delete mode and the keep mode.
• In the delete mode, the mail is deleted from the mailbox after each retrieval.
The delete mode is normally used when the user is working at her permanent
computer and can save and organize the received mail after reading or
replying.
.
• In the keep mode, the mail remains in the mailbox after retrieval. The keep
mode is normally used when the user accesses her mail away from her
primary computer. The mail is read but kept in the system for later retrieval
and organizing. (e.g., a laptop).

Limitations of POP3
It does not allow the user to organize her mail on the server; the user cannot have
different folders on the server. POP3 does not allow the user to partially check the
contents of the mail before downloading.
Internet Mail Access Protocol) IMAP4
Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4).
IMAP4 is similar to POP3, but it has more features; IMAP4 is more powerful and more
complex.

IMAP4 provides the following extra functions:

• A user can check the e-mail header prior to downloading.
• A user can search the contents of the e-mail for a specific string of characters
prior to downloading.
• A user can partially download e-mail. This is especially useful if bandwidth is
limited and the e-mail contains multimedia with high bandwidth requirements.
• A user can create, delete, or rename mailboxes on the mail server.
• A user can create a hierarchy of mailboxes in a folder for e-mail storage
 2. HTTP (Hyper Text Transfer Protocol )
The Hypertext Transfer Protocol (HTTP) is a protocol used mainly to access data on
the World Wide Web. HTTP functions as a combination of FTP and SMTP. It is similar
to FTP because it transfers files and uses the services of TCP.

Uniform Resource Locator

A client that wants to access a Web page needs the address. To facilitate the access of
documents distributed throughout the world, HTTP uses locators. The uniform resource
locator (URL) is a standard for specifying any kind of information on the Internet. The
URL defines four things: protocol, host computer, port, and path.

The protocol is the client/server program used to retrieve the document. Many
different protocols can retrieve a document; among them are FTP or HTTP. The most
common today is HTTP. The host is the computer on which the information is located.
The URL can optionally contain the port number of the server. If the port is included, it is
inserted between the host and the path, and it is separated from the host by a colon.
Path is the pathname of the file where the information is located. Note that the path
can itself contain slashes that, in the UNIX operating system, separate the directories
from the subdirectories and files.

HTTP vs HTML

• HTML: hypertext markup language

– Definitions of tags that are added to Web documents to control their
appearance
• HTTP: hypertext transfer protocol
– The rules governing the conversation between a Web client and a Web server
HTTP Transaction
The client initializes the transaction by sending a request message. The server replies by
sending a response.

Messages
The formats of the request and response messages are similar. A request message
consists of a request line, a header, and sometimes a body. A response message consists
of a status line, a header, and sometimes a body.
Request and Status Lines
The first line in a request message is called a request line; the first line in the response
message is called the status line.

Request type: This field is used in the request message. In version 1.1 of HTTP, several
request types are defined. The request type is categorized into methods.

Version: The most current version of HTTP is 1.1.

Status code: This field is used in the response message. The status code field is similar to
those in the FTP and the SMTP protocols. It consists of three digits. Whereas the codes in the
100 range are only informational, the codes in the 200 range indicate a successful request.
The codes in the 300 range redirect the client to another URL, and the codes in the 400 range
indicate an error at the client site. Finally, the codes in the 500 range indicate an error at the
server site.

Status phrase: This field is used in the response message. It explains the status code in text
form.
 Header: The header exchanges additional information between the client and the server.
A header line belongs to one of four categories: general header, request header, response
header, and entity header. A request message can contain only general, request, and
entity headers. A response message, on the other hand, can contain only general,
response, and entity headers.

• General header: The general header gives general information about the message and can
be present in both a request and a response.
 Request header: The request header can be present only in a request message. It specifies
the client's configuration and the client's preferred document format.

Response header: The response header can be present only in a response message. It
specifies the server's configuration and special information about the request.

Entity header: The entity header gives information about the body of the document.

Body: The body can be present in a request or response message.

Persistent Versus Nonpersistent Connection:
HTTP prior to version 1.1 specified a nonpersistent connection, while a persistent
connection is the default in version 1.1.
Nonpersistent Connection:
In a nonpersistent connection, one TCP connection is made for each
request/response.
The following lists the steps in this strategy:
1. The client opens a TCP connection and sends a request.
2. The server sends the response and closes the connection.
3. The client reads the data until it encounters an end-of-file marker; it then
closes the connection.
In this strategy, for N different pictures in different files, the connection must be opened
and closed N times. The nonpersistent strategy imposes high overhead on the server because
the server needs N different buffers and requires a slow start procedure each time a
connection is opened.

Persistent Connection:
• HTTP version 1.1 specifies a persistent connection by default. In a persistent
connection, the server leaves the connection open for more requests after sending a
response.
• The server can close the connection at the request of a client or if a time-out has
been reached. The sender usually sends the length of the data with each response.
However, there are some occasions when the sender does not know the length of
the data.
• This is the case when a document is created dynamically or actively. In these
cases, the server informs the client that the length is not known and closes the
connection after sending the data so the client knows that the end of the data has
been reached.
Proxy Server:
• HTTP supports proxy servers. A proxy server is a computer that keeps copies of
responses to recent requests. The HTTP client sends a request to the proxy server.
• The proxy server checks its cache. If the response is not stored in the cache, the
proxy server sends the request to the corresponding server. Incoming responses
are sent to the proxy server and stored for future requests from other clients.
• The proxy server reduces the load on the original server, decreases traffic, and
improves latency. However, to use the proxy server, the client must be configured
to access the proxy instead of the target server.

3. DNS (Domain Name System)

Domain Name System (DNS) is used to resolve human-readable hostnames like
www.google.com into machine-readable IP addresses like 216.58.197.68. DNS is like a
phone book for the Internet
History
During early days of internet, there were only few hundred hosts. A central authority
called the Network Information Center (NIC) maintained name-to-address bindings in a
flat-file called hosts.txt. A new host that joins the internet would mail its name and IP
address to NIC. NIC updates hosts.txt and mails to all hosts. Name server resolved domain
names using a simple lookup on hosts.txt. As hosts grew to thousands and millions, the
flat file approach failed, leading to evolution of DNS in mid 1980s.
NAME SPACE
The names assigned to machines must be unique, the binding between
the names and IP addresses should be perfect. A name space that maps each address
to a unique name can be organized in two ways:
1. Flat
2. Hierarchical.
Flat Name Space
In a flat name space, a name is assigned to an address. A name in this space is a
sequence of characters without structure. The names may or may not have a
common section; if they do, it has no meaning. The main disadvantage of a flat name
space is that it cannot be used in a large system such as the Internet because it must be
centrally controlled to avoid ambiguity and duplication.

Hierarchical Name Space

DNS uses hierarchical name space for domains in the Internet. Hierarchical naming
permits use of same sub-domain name in different domains. Domain names are case
insensitive and can be up to 63 characters. DNS names are processed from right to
left
and use periods (.) as separator. DNS can be used to map names to values, not
necessarily domain names to IP address.

DOMAIN NAME SPACE

To have a hierarchical name space, a domain name space was designed. In this
design the names are defined in an inverted-tree structure with the root at the top. The
tree can have only 128 levels: level 0 (root) to level 127

Label

Each node in the tree has a label, which is a string with a maximum of 63
characters. The root label is a null string (empty string). DNS requires that children of a
node that (nodes that branch from the same node) have different labels, which guarantees
the uniqueness of the domain names.
Domain Name
Each node in the tree has a domain name. A full domain name is
a sequence of labels separated by dots (.). The domain names are always read from
the node up to the root.
Domain names and labels

Fully Qualified Domain Name(FQDN)

If a label is terminated by a null string, it is called a fully qualified domain

name(FQDN). An FQDN is a domain name that contains the full name of a host. It
contains all labels, from the most specific to the most general, that uniquely define the
name of the host. For example, the domain name challenger.ate.tbda.edu. is the FQDN
of a computer named challenger installed at the Advanced Technology Center (ATC) at
De Anza College. A DNS server can only match an FQDN to an address.
Note that the name must end with a null label, but because null means nothing, the label
ends with a dot (.)
Partially Qualified Domain Name (PQDN)
If a label is not terminated by a null string, it is called a partially qualified domain
name (PQDN). A PQDN starts from a node, but it does not reach the root. It is used when
the name to be resolved belongs to the same site as the client. Here the resolver can
supply the missing part, called the suffix, to create an FQDN.

Domain
A domain is a subtree of the domain name space. The name of the domain is the
domain name of the node at the top of the subtree.

Distribution of Name Space

The information contained in the domain name space must be stored. However, it is
very inefficient and also unreliable to have just one computer store such a huge amount of
information. It is inefficient because responding to requests from all over the world places
a heavy load on the system. It is not unreliable because any failure makes the data
inaccessible. The solution to these problems is to distribute the information among many
computers called DNS servers. One way to do this is to divide the whole space into many
domains based on the first level.
Hierarchy of Name Servers
Zone
Since the complete domain name hierarchy cannot be stored on a single server, it is divided among
many servers What a server is responsible for or has authority over is called a zone. We can
define a zone as a contiguous part of the entire tree. The domain hierarchy is partitioned into
zones. Topmost domains are managed by NIC. Each zone acts as central authority for that part
of the sub-tree. Each zone can be further sub-divided that manage using their own name servers

Zones and Domains

Root Server
A root server is a server whose zone consists of the whole tree. A root server
usually does not store any information about domains but delegates its authority to other
servers, keeping references to those servers. There are several root servers, each covering
the whole domain name space. The servers are distributed all around the world.
Primary and Secondary Servers
DNS defines two types of servers: primary and secondary. A primary server is a
server that stores a file about the zone for which it is an authority. It is responsible for
creating, maintaining, and updating the zone file. It stores the zone file on a local disk. A
secondary server is a server that transfers the complete information about a zone from
another server (primary or secondary) and stores the file on its local disk. The secondary
server neither creates nor updates the zone files.
DNS in the Internet
DNS is a protocol that can be used in different platforms. In the Internet, the
domain name space (tree) is divided into three different sections:
1.Generic Domains
2.Country Domains
3.Inverse Domain

Generic Domains
 The generic domains define registered hosts according to their generic behavior.
Each node in the tree defines a domain, which is an index to the domain
name space database

Generic domain labels

Label Description
aero Airlines and aerospace companies
biz Businesses or firms (similar to "com")
com Commercial organizations
coop Cooperative business organizations

edu Educational institutions

gov Government institutions
info Information service providers
int International organizations
mil Military groups
museum Museums and other nonprofit organizations
name Personal names (individuals)
net Network support centers
org Nonprofit organizations
pro Professional individual organizations

Country Domains
The country domains section uses two-character country abbreviations.
United States- .us
India - .in
Inverse Domain
 The inverse domain is used to map an address to a name. This may happen when a
server has received a request from a client to do a task.
Country domains

Inverse domain

RESOLUTION
Mapping a name to an address or an address to a name is called name-address
resolution.
Resolver
DNS is designed as a client/server application. A host that needs to map an
address to a name or a name to an address calls a DNS client called a resolver.. The
resolver accesses the closest DNS server with a mapping request. If the server has the
information, it satisfies the resolver; otherwise, it either refers the resolver to other
servers or asks other servers to provide the information.
Mapping Names to Addresses
Most of the time, the resolver gives a domain name to the server and asks for the
corresponding address. In this case, the server checks the generic domains or the country
 domains to find the mapping. If the domain name is from the generic domains section
the query is sent by the resolver to the local DNS server for resolution. If the local server
cannot resolve the query, it either refers the resolver to other servers or asks other
servers directly.
Mapping Addresses to Names
A client can send an IP address to a server to be mapped to a domain name. To
answer queries of this kind, DNS uses the inverse domain. However, in the request, the
IP address is reversed and the two labels in-addr and arpa are appended to create a
domain acceptable by the inverse domain section.

Recursive Resolution
The client (resolver) can ask for a recursive answer from a name server. This
means that the resolver expects the server to supply the final answer.. If the server is the
authority for the domain name, it checks its database and responds. If the server is not the
authority, it sends the request to another server (the parent usually) and waits for the
response. If the parent is the authority, it responds; otherwise, it sends the query to yet
another server. When the query is finally resolved, the response travels back until it
finally reaches the requesting client. This is called recursive resolution. In Recursive
Resolution, the client sends its request to a server that eventually returns a response.

Iterative Resolution
If the client does not ask for a recursive answer, the mapping can be done
iteratively. If the server is an authority for the name, it sends the answer. If it is not, it
returns (to the client) the IP address of the server that it thinks can resolve the query. The
client is responsible for repeating the query to this second server. Now the client must
repeat the query to the server. This process is called iterative resolution because the client
repeats the same query to multiple servers. In Iterative Resolution , the client may send its
request to multiple servers before getting an answer.
Caching
Caching is a method whereby an answer to a query is stored in memory (for a
limited time) for easy access to future requests. If a server caches a mapping for a long
time, it may send an outdated mapping to the client. To counter this, two techniques are
used. First, the authoritative server always adds information to the mapping called time-
to-live (TTL). It defines the time in seconds that the receiving server can cache the
information. After that time, the mapping is invalid and any query must be sent again to
the authoritative server.. Second, DNS requires that each server keep a TTL counter for
each mapping it caches. The cache memory must be searched periodically, and those
mappings with an expired TTL must be purged.
DNS MESSAGES
DNS has two types of messages: query and response. The query message
consists of a header and question records. The response message consists of a header,
question records, answer records, authoritative records, and additional records
Header
Both query and response messages have the same header format with some fields
set to zero for the query messages. The header is 12 bytes.

Question Section
This is a section consisting of one or more question records. It is present on both
query and response messages. We will discuss the question records in a following
section.
Answer Section
This is a section consisting of one or more resource records. It is present only on
response messages. This section includes the answer from the server to the client
(resolver).
Authoritative Section
This is a section consisting of one or more resource records. It is present only on
response messages. This section gives information (domain name) about one or more
authoritative servers for the query.
Additional Information Section
This is a section consisting of one or more resource records. It is present only on
response messages. This section provides additional information that may help the
resolver. For example, a server may give the domain name of an authoritative server to
the resolver in the authoritative section, and include the IP address of the same
authoritative server in the additional information section.
Types of records
Question Record
A question record is used by the client to get information from a server. This
contains the domain name.
Resource Record
Each domain name (each node on the tree) is associated with a record called the
resource record. The server database consists of resource records. Resource records are
also what is returned by New domains are added to DNS through a registrar, a
commercial entity accredited by ICANN. A registrar first verifies that the requested
domain name is unique and then enters it into the DNS database.
DYNAMIC DOMAIN NAME SYSTEM (DDNS)
In DNS, when there is a change, such as adding a new host, removing a host, or
changing an IP address, the change must be made to the DNS master file. These types of
changes involve a lot of manual updating. The size of today's Internet does not allow for
this kind of manual operation. The DNS master file must be updated dynamically. The
Dynamic Domain Name System (DDNS) automatically updates the DNS master file.