SlideShare a Scribd company logo

6 app-tcp

Download as PPT, PDF
Olivier Bonaventure, profile picture
Olivier Bonaventure

The document discusses internet applications, specifically focusing on DNS, email (MIME), and web communication protocols (UDP, TCP). It outlines the structure and functioning of DNS messages, the importance of MIME in email for supporting various content types, and details the roles of HTTP methods in client-server interactions. Additionally, it explores TCP's reliable connection-oriented nature compared to UDP's connectionless approach and highlights various networking concepts and operations.

Engineering
1 of 52
Downloaded 226 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
Week 6 Internet applications UDP and TCP
Agenda • Internet applications • DNS • Email • Web • UDP • TCP
DNS messages Each DNS request contains a number that will be returned in the response by the server to allow the client to match the request. 32 bits Identification Flags 12 bytes Number of questions Number of answers Number of authority Number of additional Questions (variable number of resource records) Answers (variable number of resource records) Authority (variable number of resource records) Additional information (variable number of resource records) lQuestion/Response lRecursive question or not lAuthoritative answer or not lPossible error
Examples • Wireshark packet traces • openDNS resovers • 8.8.8.8 • 2001:4860:4860::8888
dig dig www.ietf.org @2001:4860:4860::8888 ; <<>> DiG 9.8.3-P1 <<>> www.ietf.org @2001:4860:4860::8888 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36945 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.ietf.org. IN A ;; ANSWER SECTION: www.ietf.org. 1441 IN CNAME www.ietf.org.cdn.cloudflare.net. www.ietf.org.cdn.cloudflare.net. 43 IN A 104.20.1.85 www.ietf.org.cdn.cloudflare.net. 43 IN A 104.20.0.85 ;; Query time: 39 msec ;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888) ;; WHEN: Tue Oct 21 09:16:50 2014
dig • Packets exchanged sudo tcpdump -n -i en4 -vv udp port 53 tcpdump: listening on en4, link-type EN10MB (Ethernet), capture size 262144 bytes 09:16:50.749400 IP6 (flowlabel 0x8ea5d, hlim 64, next-header UDP (17) payload length: 38) 2001:6a8:3080:2:2908:3cb4:bbb4:ae0e.56551 > 2001:4860:4860::8888.53: [bad udp cksum 0x602c -> 0x0ffa!] 36945+ A? www.ietf.org. (30) 09:16:50.769351 IP6 (hlim 55, next-header UDP (17) payload length: 115) 2001:4860:4860::8888.53 > 2001:6a8:3080:2:2908:3cb4:bbb4:ae0e.56551: [udp sum ok] 36945 q: A? www.ietf.org. 3/0/0 www.ietf.org. CNAME www.ietf.org.cdn.cloudflare.net., www.ietf.org.cdn.cloudflare.net. A 104.20.1.85, www.ietf.org.cdn.cloudflare.net. A 104.20.0.85 (107)
wireshark
wireshark
DNS spoofing attack • What is this attack ? • How to counter it ?
Agenda • Internet applications • DNS • Email • Web • UDP • TCP
MIME • Multipurpose Internet Mail Extensions • Constraints • must remain compatible with old email servers • short US-ASCII Lines • must support non-English text • must support various formats • must allow to transmit audio, video, ..
MIME (2) • New header fields • MIME-Version: • version of MIME used to encode message • Content-Description: • comment describing the content of the message • Content-Type: • type of information inside message • Content-Transfer-Encoding: • how the message has been encoded • Content-Id: • unique identifier for the content
MIME: Content-Type • Content-Type : type/encoding • type of content • text, image, video, application • multipart • encoding of content • text/plain , text/html, image/gif, image/jpeg , audio/basic, video/mpeg, video/quicktime, application/octet-stream, application/postscript • multipart/alternative, multipart/mixed • attachment
Character sets l How to support rich character sets ? • Content-Type: text/plain; charset=us-ascii • Content-Type: text/plain; charset=iso-8859-1 • Character set suitable for Western European languages, defined by ISO, 8 bits per character • Content-Type: text/plain; charset=unicode • Universal character set
Content encoding • How to encode non-text data ? • Base64 • Base64 • uses ASCII characters A...Z,a...z,0...9, "+" et "/" • A=0, B=1, C=2, ... +=62 et /=63 • Each character is used to encode 6 bits • 24 bits from initial message -> 4 ASCII characters • Special character “=” used for padding
Multipart/mixed Date: Mon, 20 Sep 1999 16:33:16 +0200 From: Nathaniel Borenstein <nsb@bellcore.com> To: Ned Freed <ned@innosoft.com> Subject: Test MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="simple boundary" preamble, to be ignored --simple boundary Content-Type: text/plain; charset=us-ascii partie 1 --simple boundary Content-Type: text/plain; charset=us-ascii partie 2 --simple boundary
Agenda • Internet applications • DNS • Email • Web • UDP • TCP
HTTP Client Server Request Method Header CRLF MIME Document Method GET lPOST l... Header contains additional information about request sent by client Response Status line Header CRLF MIME Document Header contains information about server and optional parameters specific to response Success or failure HTTP is a stateless protocol, server does not maintain any state from one request to another
HTTP/1.0 • HTTP 1.0 - non-persistent connection Client Server CONNECT.request CONNECT.indication CONNECT.confirm CONNECT.response DATA.request(Request) DATA.ind(Request) DATA.req(Response) DATA.ind(Response) DISCONNECT.ind DISCONNECT.req DISCONNECT.req DISCONNECT.ind
HTTP : Methods • Methods • GET • method used to request a "document" stored on server • GET <document> HTTP/1.0 • POST • method used to send a "document" to a server • document is part of the request and encoded as a MIME document
Request headers • Host: <name> • Name of the server where the document is stored • Authorization • allows to perform access control • If-Modified-Since: <date> • server will only send if more recent than date • Referer: <url> • URL visited by the client before this request • User-Agent: <agent> • client’s browser
HTTP : Status line • Format : Version_HTTP Code Comment • Success/Failure • 2xx : Success • Example : HTTP/1.0 200 OK • 3xx : Redirection • 4xx : Client-side error • 5xx : Server-side error
HTTP Response • Date • date of the document attached to response • Server • Name and version of http server used • Content-* • MIME header of the attached document
HTTP 1.1 HTTP 1.0 a single TCP connection is used to transmit a single document (html file, image,...) HTTP 1.1 uses a single persistent TCP connection This TCP connection can be used for several requests and the corresponding responses the cost of establishing and releasing the TCP connection is amortised over multiple requests Although HTTP 1.1 uses a single TCP connection for multiple requests, HTTP 1.1 remains stateless
HTTP 1.1 Client Server CONNECT.request CONNECT.indication CONNECT.confirm CONNECT.response DISCONNECT.ind HTTP/1.1 200 OK Keep-Alive: timeout=15, max=99 Connection: Keep-Alive ... DISCONNECT.req DISCONNECT.req DISCONNECT.ind GET / HTTP1.1 Connection: Keep-Alive ... HTTP/1.1 200 OK Keep-Alive: timeout=15, max=100 Connection: Keep-Alive GET /images/logo.gif HTTP1.1 ... Connection: Keep-Alive ...
HTTP Authentication Client Server HTTP/1.0 401 Authorization req WWW authenticate: machin ... GET / HTTP1.1 ... Browser asks user/password to user HTTP/1.1 200 OK ... GET / HTTP1.1 Authorization: User-password ... GET /images/t.gif HTTP1.1 Authorization: User-password ... Browser sends user/password in each request
HTTP Cookies Client Server HTTP/1.0 200 OK Set-Cookie: machin ... GET / HTTP1.1 ... Browser saves cookie Normal response HTTP/1.1 200 OK ... GET /doc HTTP1.1 Cookie: machin ... GET /images/t.gif HTTP1.1 Cookie: machin ... Browser sends cookie in all requests sent to server Response is function of URL and cookie
Examples • Wireshark packet traces • Google chrome network diagnostics
Example curl -v www.ietf.org * Rebuilt URL to: www.ietf.org/ * Hostname was NOT found in DNS cache * Trying 2400:cb00:2048:1::6814:155... * Connected to www.ietf.org (2400:cb00:2048:1::6814:155) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.38.0 > Host: www.ietf.org > Accept: */* >
Example < HTTP/1.1 200 OK < Date: Tue, 21 Oct 2014 07:31:08 GMT < Content-Type: text/html < Transfer-Encoding: chunked < Connection: keep-alive < Set-Cookie: __cfduid=d90d850d78da8f53eb24ac0bed60aa2231413876667742; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.ietf.org; HttpOnly < Last-Modified: Fri, 10 Oct 2014 22:38:16 GMT < ETag: W/"8842406-4ac2-50519347abeda" < Vary: Accept-Encoding * Server cloudflare-nginx is not blacklisted < Server: cloudflare-nginx < CF-RAY: 17cbc0f5613b0c23-AMS < <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/GeneralPage.dwt" codeOutsideHTMLIsLocked="false" -->
Chrome
Agenda • Internet applications • DNS • Email • Web • UDP • TCP
Transport layer Transport Segments Transport Network Network Network Datalink Datalink Datalink Physical Physical Physical • Objectives • Improve service provided to applications • Multiplexing
Network service Network Packets Network Packets Network Datalink Datalink Datalink Physical Physical Physical • Characteristics • Connectionless • Unreliable • Maximum packet size
UDP protocol 32 bits Source Port Destination port Used to identify the application that sent this segment on sending host 8 bytes UDP length UDP Checksum Payload Used to identify the application that will receive this segment on destination host Constraint Each UDP segment must fit inside a single IP packet Checksum computed over the entire UDP segment and part of the IP header to detect transmission errors. 0 means that the sender did not compute a checksum.
UDP ports Request Client Server Source port : 1234 Destination port: 5678 Source port : 5678 Destination port: 1234 Response
UDP : limitations • Maximum length of UDP SDUs depends on maximum size of IP packets • Unreliable connectionless service • SDUs can get lost but transmission errors will be detected • UDP does not preserve ordering • UDP does not detect nor prevent duplication
Usage of UDP • Request-response applications • DNS, RPC, NFS, .. • Applications with short delay • Games • Multimedia transfer • Voice over IP • Video over IP
Agenda • Internet applications • DNS • Email • Web • UDP • TCP
TCP • Service provided • Connection-oriented • Reliable • No losses, no errors, no duplications • Bytestream
TCP port numbers Request Client : C Server : S Source Port : 1234 Destination Port: 5678 Source Port : 5678 Destination Port: 1234 Response Established TCP connections on client Local IP Remote IP Local Port Remote Port C S 1234 5678 Established TCP connections on server Local IP Remote IP Local Port Remote Port S C 5678 1234
TCP segment 32 bits Source port Destination port THL Reserved Flags Window Checksum Urgent pointer Payload 20 bytes Sequence number Optional header extension Flags : used to indicate the function of a segment SYN : used during establishment FIN : used during connection release RST : used in case of problems ACK : if true, means that the Acknowledgement number inside the segment is valid Computed over the entire segment and part of the IP header Acknowledgement number Segment header length
Multiple connections Client: A Client : B Server : S TCP connections on server IP local IP remote Port local Port remote S A 80 1234 S A 80 1235 S B 80 1235 TCP connections on host A IP local IP remote Port local Port remote A S 1234 80 A S 1235 80 TCP connections on host B IP local IP remote Port local Port remote B S 1235 80
Three-way handshake ACK(seq=x+1, ack=y+1) CONNECT.req CONNECT.ind SYN+ACK(ack=x+1,seq=y) CONNECT.resp Initial sequence number (x) CONNECT.conf Initial sequence number (y) SYN(seq=x) Connection established Connection established The sequence numbers of all segments A->B will start at x+1 The sequence numbers of all segments B->A will start at y+1
Connection refused RST+ACK(ack=x+1,seq=0) DISCONNECT.req CONNECT.req DISCONNECT.ind CONNECT.ind SYN(seq=x) Connection refused A TCP entity should never send a RST segment upon reception of another RST segment
Reliable data transfer DATA.req ("abcd") DATA.ind("abcd") (seq=123,"abcd") DATA.req ("jkl") (seq=127,"efg") (seq=132,"jkl") DATA.req ("efg") (ack=127) (ack=135) DATA.ind("efghijkl") DATA.req ("hi") (seq=130,"hi")
Reliable data transfer (seq=123,"abcd") (seq=127,"ef") (seq=123,"abcd") (seq=127,"ef") (ack=123) Retransmission timer (ack=129) (ack=129) "abcdef" unnecessary retransmission Retransmission of all unacked segments “ef” placed in buffer
Fast retransmit (seq=120,"xyz") (seq=123,"abcd") (ack=123) (seq=129,"gh") (seq=131,"ij") (ack=123) First duplicate ack (ack=123) Second duplicate ack (ack=123) Third duplicate ack (seq=127,"ef") Out of sequence Out of sequence Out of sequence
Fast retransmit (seq=123,"abcd") (ack=123) (ack=123) (ack=123) (ack=123) (ack=133) (seq=123,"abcd") "abcdefghij" (seq=127,"ef") Out of sequence, in buffer (seq=129,"gh") Out of sequence, in buffer (seq=131,"ij") Out of sequence, in buffer
Flow control (seq=122,"abcd") (ack=126,rwin=0) Last_ack=122, swin=100, rwin=4 To transmit : abcdefghijklm Last_ack=122, swin=96, rwin=0 Last_ack=126, swin=100, rwin=0 (ack=126,rwin=2) (seq=126,"ef") (ack=128,rwin=20) Last_ack=126, swin=100, rwin=2 Last_ack=126, swin=98, rwin=0 Last_ack=128, swin=100, rwin=20 Last_ack=128, swin=93, rwin=13 (seq=128,"ghijklm") (ack=135,rwin=20) Last_ack=135, swin=100, rwin=20
Connection release FIN(seq=x) DISCONNECT.req (A-B) DISCONNECT.ind(A-B) ACK(ack=x+1) DISCONNECT.conf(A-B) ACK(ack=y+1) DISCONNECT.req(B-A) DISCONNECT.conf(A-B) outgoing connection closed DISCONNECT.ind(B-A) FIN(seq=y) Time WAIT Maintain state for this connection during twice MSL to be able to retransmit ACK if a segment is received from the other entity incoming connection closed incoming connection closed outgoing connection closed State can be removed Last sent data : x-1 Last sent data : y-1
Abrupt release RST(seq=x) DISCONNECT.req (abrupt) DISCONNECT.ind(abrupt) Connection closed Connection closed State can be removed State can be removed Last sent data : x

More Related Content

PPTX
9 ipv6-routing
Olivier Bonaventure
 
PPT
5 sharing-app
Olivier Bonaventure
 
PPTX
8 congestion-ipv6
Olivier Bonaventure
 
PPTX
Part 5 : Sharing resources, security principles and protocols
Olivier Bonaventure
 
PPTX
Part 9 : Congestion control and IPv6
Olivier Bonaventure
 
PPTX
Part 4 : reliable transport and sharing resources
Olivier Bonaventure
 
PPTX
12 ethernet-wifi
Olivier Bonaventure
 
PPTX
4 transport-sharing
Olivier Bonaventure
 
9 ipv6-routing
Olivier Bonaventure
 
5 sharing-app
Olivier Bonaventure
 
8 congestion-ipv6
Olivier Bonaventure
 
Part 5 : Sharing resources, security principles and protocols
Olivier Bonaventure
 
Part 9 : Congestion control and IPv6
Olivier Bonaventure
 
Part 4 : reliable transport and sharing resources
Olivier Bonaventure
 
12 ethernet-wifi
Olivier Bonaventure
 
4 transport-sharing
Olivier Bonaventure
 

What's hot (20)

PPTX
Part 7 : HTTP/2, UDP and TCP
Olivier Bonaventure
 
DOCX
Surviving The Stump The Chump Interview Questions
Duane Bodle
 
PPTX
10 routing-bgp
Olivier Bonaventure
 
PPTX
Part 8 : TCP and Congestion control
Olivier Bonaventure
 
DOCX
Network interview questions
rajasekar1712
 
PPTX
TCPLS presentation @ietf 109
Olivier Bonaventure
 
PPTX
IPv6 Segment Routing : an end-to-end solution ?
Olivier Bonaventure
 
PPTX
Future Internet protocols
Olivier Bonaventure
 
PPTX
7 tcp-congestion
Olivier Bonaventure
 
PPTX
Part 1 : reliable transmission
Olivier Bonaventure
 
PPTX
11 bgp-ethernet
Olivier Bonaventure
 
PPT
Computer Networking : Principles, Protocols and Practice - lesson 1
Olivier Bonaventure
 
PPTX
Beyond TCP: The evolution of Internet transport protocols
Olivier Bonaventure
 
PPTX
Making our networking stack truly extensible
Olivier Bonaventure
 
PPTX
16 coms 525 tcpip - routing protocols -all
Palanivel Kuppusamy
 
PPTX
Part 2 : reliable transmission and building a network
Olivier Bonaventure
 
PDF
Networking Fundamentals: Transport Protocols (TCP and UDP)
Andriy Berestovskyy
 
PPTX
10 coms 525 tcpip - internet protocol - ip
Palanivel Kuppusamy
 
PPTX
0-RTT TCP converters
Olivier Bonaventure
 
PPTX
Multipath TCP
Olivier Bonaventure
 
Part 7 : HTTP/2, UDP and TCP
Olivier Bonaventure
 
Surviving The Stump The Chump Interview Questions
Duane Bodle
 
10 routing-bgp
Olivier Bonaventure
 
Part 8 : TCP and Congestion control
Olivier Bonaventure
 
Network interview questions
rajasekar1712
 
TCPLS presentation @ietf 109
Olivier Bonaventure
 
IPv6 Segment Routing : an end-to-end solution ?
Olivier Bonaventure
 
Future Internet protocols
Olivier Bonaventure
 
7 tcp-congestion
Olivier Bonaventure
 
Part 1 : reliable transmission
Olivier Bonaventure
 
11 bgp-ethernet
Olivier Bonaventure
 
Computer Networking : Principles, Protocols and Practice - lesson 1
Olivier Bonaventure
 
Beyond TCP: The evolution of Internet transport protocols
Olivier Bonaventure
 
Making our networking stack truly extensible
Olivier Bonaventure
 
16 coms 525 tcpip - routing protocols -all
Palanivel Kuppusamy
 
Part 2 : reliable transmission and building a network
Olivier Bonaventure
 
Networking Fundamentals: Transport Protocols (TCP and UDP)
Andriy Berestovskyy
 
10 coms 525 tcpip - internet protocol - ip
Palanivel Kuppusamy
 
0-RTT TCP converters
Olivier Bonaventure
 
Multipath TCP
Olivier Bonaventure
 
Ad

Viewers also liked (6)

PDF
Beyond TCP: The evolution of Internet transport protocols
Olivier Bonaventure
 
PPT
Internet innovation with Multipath TCP
Olivier Bonaventure
 
PPTX
Some lessons learned developing OERs over a decade
Olivier Bonaventure
 
PPTX
Implementing IPv6 Segment Routing in the Linux kernel
Olivier Bonaventure
 
PPT
3 network-transport
Olivier Bonaventure
 
PPT
2 reliability-network
Olivier Bonaventure
 
Beyond TCP: The evolution of Internet transport protocols
Olivier Bonaventure
 
Internet innovation with Multipath TCP
Olivier Bonaventure
 
Some lessons learned developing OERs over a decade
Olivier Bonaventure
 
Implementing IPv6 Segment Routing in the Linux kernel
Olivier Bonaventure
 
3 network-transport
Olivier Bonaventure
 
2 reliability-network
Olivier Bonaventure
 
Ad

Similar to 6 app-tcp (20)

PPTX
Part 6 : Internet applications
Olivier Bonaventure
 
PDF
Computer network (10)
NYversity
 
PDF
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Codemotion
 
PPTX
An Introduction to HTTP
Keerthana Krishnan
 
PPT
HTTP.ppt
NapoMosola
 
PPT
Hypertext Transfer Protocol Hypertext Transfer Protocol
sambreaker1
 
PPT
HTTP.ppt
Jagdeep Singh
 
PPT
HTTP (syper text transfer protocol)(6).ppt
IshaanKumar43
 
PPT
HTTP_2.ppt
Ankit Mune
 
PPT
computer networking
seyvan rahimi
 
PPTX
Unit 6 : Application Layer
Chandan Gupta Bhagat
 
PPTX
CN_Unit V_PPT_15_11_2022 its Computer Networks.pptx
tanu232001
 
PPT
Http VS. Https
Raed Aldahdooh
 
PDF
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
Alessandro Nadalin
 
PDF
HTTP colon slash slash: the end of the road?
Alessandro Nadalin
 
PPTX
Http protocol
Arpita Naik
 
PDF
Lec 6(Application Layer)
maamir farooq
 
PDF
Application layer
Mohamed Sajith
 
PDF
HTTPs Strict Transport Security
Gol D Roger
 
PDF
HTTP In-depth
Vinayak Hegde
 
Part 6 : Internet applications
Olivier Bonaventure
 
Computer network (10)
NYversity
 
Angelo van der Sijpt - How well do you know your network stack? - Codemotion ...
Codemotion
 
An Introduction to HTTP
Keerthana Krishnan
 
HTTP.ppt
NapoMosola
 
Hypertext Transfer Protocol Hypertext Transfer Protocol
sambreaker1
 
HTTP.ppt
Jagdeep Singh
 
HTTP (syper text transfer protocol)(6).ppt
IshaanKumar43
 
HTTP_2.ppt
Ankit Mune
 
computer networking
seyvan rahimi
 
Unit 6 : Application Layer
Chandan Gupta Bhagat
 
CN_Unit V_PPT_15_11_2022 its Computer Networks.pptx
tanu232001
 
Http VS. Https
Raed Aldahdooh
 
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
Alessandro Nadalin
 
HTTP colon slash slash: the end of the road?
Alessandro Nadalin
 
Http protocol
Arpita Naik
 
Lec 6(Application Layer)
maamir farooq
 
Application layer
Mohamed Sajith
 
HTTPs Strict Transport Security
Gol D Roger
 
HTTP In-depth
Vinayak Hegde
 

More from Olivier Bonaventure (20)

PPTX
Part3-reliable.pptx
Olivier Bonaventure
 
PPTX
Part10-router.pptx
Olivier Bonaventure
 
PPTX
Part1-Intro-Apps.pptx
Olivier Bonaventure
 
PPTX
Part9-congestion.pptx
Olivier Bonaventure
 
PPTX
Part2-Apps-Security.pptx
Olivier Bonaventure
 
PPTX
Part11-lan.pptx
Olivier Bonaventure
 
PPTX
Part5-tcp-improvements.pptx
Olivier Bonaventure
 
PPTX
Part8-ibgp.pptx
Olivier Bonaventure
 
PPTX
Part4-reliable-tcp.pptx
Olivier Bonaventure
 
PPTX
Part7-routing.pptx
Olivier Bonaventure
 
PPTX
Part6-network-routing.pptx
Olivier Bonaventure
 
PPTX
Part1-Intro-Apps.pptx
Olivier Bonaventure
 
PPTX
Part2-Apps-Security.pptx
Olivier Bonaventure
 
PPTX
Part4-reliable-tcp.pptx
Olivier Bonaventure
 
PPTX
Part3-reliable.pptx
Olivier Bonaventure
 
PPTX
A personal journey towards more reproducible networking research
Olivier Bonaventure
 
PPTX
Part 12 : Local Area Networks
Olivier Bonaventure
 
PPTX
Part 11 : Interdomain routing with BGP
Olivier Bonaventure
 
PPTX
Part 10 : Routing in IP networks and interdomain routing with BGP
Olivier Bonaventure
 
PPTX
Part 3 : building a network and supporting applications
Olivier Bonaventure
 
Part3-reliable.pptx
Olivier Bonaventure
 
Part10-router.pptx
Olivier Bonaventure
 
Part1-Intro-Apps.pptx
Olivier Bonaventure
 
Part9-congestion.pptx
Olivier Bonaventure
 
Part2-Apps-Security.pptx
Olivier Bonaventure
 
Part11-lan.pptx
Olivier Bonaventure
 
Part5-tcp-improvements.pptx
Olivier Bonaventure
 
Part8-ibgp.pptx
Olivier Bonaventure
 
Part4-reliable-tcp.pptx
Olivier Bonaventure
 
Part7-routing.pptx
Olivier Bonaventure
 
Part6-network-routing.pptx
Olivier Bonaventure
 
Part1-Intro-Apps.pptx
Olivier Bonaventure
 
Part2-Apps-Security.pptx
Olivier Bonaventure
 
Part4-reliable-tcp.pptx
Olivier Bonaventure
 
Part3-reliable.pptx
Olivier Bonaventure
 
A personal journey towards more reproducible networking research
Olivier Bonaventure
 
Part 12 : Local Area Networks
Olivier Bonaventure
 
Part 11 : Interdomain routing with BGP
Olivier Bonaventure
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Olivier Bonaventure
 
Part 3 : building a network and supporting applications
Olivier Bonaventure
 

Recently uploaded (20)

PPTX
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPT
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
PDF
737-MAX_SRG.pdf student reference guides
ssusere2119a1
 
PDF
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
PPTX
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PDF
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
PPT
Project quality management in manufacturing
BarMusaTetik
 
PDF
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
PPTX
Construction Project Organization Group 2.pptx
vj5agdales
 
PDF
TFEC-4-2020-Design-Guide-for-Timber-Roof-Trusses.pdf
AinieButt1
 
PPTX
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
PDF
Well-logging-methods_new................
ZafriFarid
 
PPTX
additive manufacturing of ss316l using mig welding
premcdr7799
 
PDF
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PDF
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
PDF
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
DOCX
573137875-Attendance-Management-System-original
AYUSHMANAV
 
PPTX
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
PPTX
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 
Infosys Presentation by1.Riyan Bagwan 2.Samadhan Naiknavare 3.Gaurav Shinde 4...
bapushinde7218
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
Mechanical Engineering MATERIALS Selection
arsalanahmad705384
 
737-MAX_SRG.pdf student reference guides
ssusere2119a1
 
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
The CXO Playbook 2025 – Future-Ready Strategies for C-Suite Leaders Cerebrai...
Cerebraix Technologies
 
Project quality management in manufacturing
BarMusaTetik
 
BMEC211 - INTRODUCTION TO MECHATRONICS-1.pdf
ryankakungu
 
Construction Project Organization Group 2.pptx
vj5agdales
 
TFEC-4-2020-Design-Guide-for-Timber-Roof-Trusses.pdf
AinieButt1
 
Engineering Ethics, Safety and Environment [Autosaved] (1).pptx
MehrabTaseenTalukder
 
Well-logging-methods_new................
ZafriFarid
 
additive manufacturing of ss316l using mig welding
premcdr7799
 
R24 SURVEYING LAB MANUAL for civil enggi
MNANDITHACIVILSTAFF
 
PREDICTION OF DIABETES FROM ELECTRONIC HEALTH RECORDS
ijaia
 
keyrequirementskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
mojeeburahmanwardak
 
573137875-Attendance-Management-System-original
AYUSHMANAV
 
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
Current and future trends in Computer Vision.pptx
Subramanyam Natarajan
 

6 app-tcp

  • 1. Week 6 Internet applications UDP and TCP
  • 2. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  • 3. DNS messages Each DNS request contains a number that will be returned in the response by the server to allow the client to match the request. 32 bits Identification Flags 12 bytes Number of questions Number of answers Number of authority Number of additional Questions (variable number of resource records) Answers (variable number of resource records) Authority (variable number of resource records) Additional information (variable number of resource records) lQuestion/Response lRecursive question or not lAuthoritative answer or not lPossible error
  • 4. Examples • Wireshark packet traces • openDNS resovers • 8.8.8.8 • 2001:4860:4860::8888
  • 5. dig dig www.ietf.org @2001:4860:4860::8888 ; <<>> DiG 9.8.3-P1 <<>> www.ietf.org @2001:4860:4860::8888 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36945 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.ietf.org. IN A ;; ANSWER SECTION: www.ietf.org. 1441 IN CNAME www.ietf.org.cdn.cloudflare.net. www.ietf.org.cdn.cloudflare.net. 43 IN A 104.20.1.85 www.ietf.org.cdn.cloudflare.net. 43 IN A 104.20.0.85 ;; Query time: 39 msec ;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888) ;; WHEN: Tue Oct 21 09:16:50 2014
  • 6. dig • Packets exchanged sudo tcpdump -n -i en4 -vv udp port 53 tcpdump: listening on en4, link-type EN10MB (Ethernet), capture size 262144 bytes 09:16:50.749400 IP6 (flowlabel 0x8ea5d, hlim 64, next-header UDP (17) payload length: 38) 2001:6a8:3080:2:2908:3cb4:bbb4:ae0e.56551 > 2001:4860:4860::8888.53: [bad udp cksum 0x602c -> 0x0ffa!] 36945+ A? www.ietf.org. (30) 09:16:50.769351 IP6 (hlim 55, next-header UDP (17) payload length: 115) 2001:4860:4860::8888.53 > 2001:6a8:3080:2:2908:3cb4:bbb4:ae0e.56551: [udp sum ok] 36945 q: A? www.ietf.org. 3/0/0 www.ietf.org. CNAME www.ietf.org.cdn.cloudflare.net., www.ietf.org.cdn.cloudflare.net. A 104.20.1.85, www.ietf.org.cdn.cloudflare.net. A 104.20.0.85 (107)
  • 9. DNS spoofing attack • What is this attack ? • How to counter it ?
  • 10. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  • 11. MIME • Multipurpose Internet Mail Extensions • Constraints • must remain compatible with old email servers • short US-ASCII Lines • must support non-English text • must support various formats • must allow to transmit audio, video, ..
  • 12. MIME (2) • New header fields • MIME-Version: • version of MIME used to encode message • Content-Description: • comment describing the content of the message • Content-Type: • type of information inside message • Content-Transfer-Encoding: • how the message has been encoded • Content-Id: • unique identifier for the content
  • 13. MIME: Content-Type • Content-Type : type/encoding • type of content • text, image, video, application • multipart • encoding of content • text/plain , text/html, image/gif, image/jpeg , audio/basic, video/mpeg, video/quicktime, application/octet-stream, application/postscript • multipart/alternative, multipart/mixed • attachment
  • 14. Character sets l How to support rich character sets ? • Content-Type: text/plain; charset=us-ascii • Content-Type: text/plain; charset=iso-8859-1 • Character set suitable for Western European languages, defined by ISO, 8 bits per character • Content-Type: text/plain; charset=unicode • Universal character set
  • 15. Content encoding • How to encode non-text data ? • Base64 • Base64 • uses ASCII characters A...Z,a...z,0...9, "+" et "/" • A=0, B=1, C=2, ... +=62 et /=63 • Each character is used to encode 6 bits • 24 bits from initial message -> 4 ASCII characters • Special character “=” used for padding
  • 16. Multipart/mixed Date: Mon, 20 Sep 1999 16:33:16 +0200 From: Nathaniel Borenstein <nsb@bellcore.com> To: Ned Freed <ned@innosoft.com> Subject: Test MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="simple boundary" preamble, to be ignored --simple boundary Content-Type: text/plain; charset=us-ascii partie 1 --simple boundary Content-Type: text/plain; charset=us-ascii partie 2 --simple boundary
  • 17. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  • 18. HTTP Client Server Request Method Header CRLF MIME Document Method GET lPOST l... Header contains additional information about request sent by client Response Status line Header CRLF MIME Document Header contains information about server and optional parameters specific to response Success or failure HTTP is a stateless protocol, server does not maintain any state from one request to another
  • 19. HTTP/1.0 • HTTP 1.0 - non-persistent connection Client Server CONNECT.request CONNECT.indication CONNECT.confirm CONNECT.response DATA.request(Request) DATA.ind(Request) DATA.req(Response) DATA.ind(Response) DISCONNECT.ind DISCONNECT.req DISCONNECT.req DISCONNECT.ind
  • 20. HTTP : Methods • Methods • GET • method used to request a "document" stored on server • GET <document> HTTP/1.0 • POST • method used to send a "document" to a server • document is part of the request and encoded as a MIME document
  • 21. Request headers • Host: <name> • Name of the server where the document is stored • Authorization • allows to perform access control • If-Modified-Since: <date> • server will only send if more recent than date • Referer: <url> • URL visited by the client before this request • User-Agent: <agent> • client’s browser
  • 22. HTTP : Status line • Format : Version_HTTP Code Comment • Success/Failure • 2xx : Success • Example : HTTP/1.0 200 OK • 3xx : Redirection • 4xx : Client-side error • 5xx : Server-side error
  • 23. HTTP Response • Date • date of the document attached to response • Server • Name and version of http server used • Content-* • MIME header of the attached document
  • 24. HTTP 1.1 HTTP 1.0 a single TCP connection is used to transmit a single document (html file, image,...) HTTP 1.1 uses a single persistent TCP connection This TCP connection can be used for several requests and the corresponding responses the cost of establishing and releasing the TCP connection is amortised over multiple requests Although HTTP 1.1 uses a single TCP connection for multiple requests, HTTP 1.1 remains stateless
  • 25. HTTP 1.1 Client Server CONNECT.request CONNECT.indication CONNECT.confirm CONNECT.response DISCONNECT.ind HTTP/1.1 200 OK Keep-Alive: timeout=15, max=99 Connection: Keep-Alive ... DISCONNECT.req DISCONNECT.req DISCONNECT.ind GET / HTTP1.1 Connection: Keep-Alive ... HTTP/1.1 200 OK Keep-Alive: timeout=15, max=100 Connection: Keep-Alive GET /images/logo.gif HTTP1.1 ... Connection: Keep-Alive ...
  • 26. HTTP Authentication Client Server HTTP/1.0 401 Authorization req WWW authenticate: machin ... GET / HTTP1.1 ... Browser asks user/password to user HTTP/1.1 200 OK ... GET / HTTP1.1 Authorization: User-password ... GET /images/t.gif HTTP1.1 Authorization: User-password ... Browser sends user/password in each request
  • 27. HTTP Cookies Client Server HTTP/1.0 200 OK Set-Cookie: machin ... GET / HTTP1.1 ... Browser saves cookie Normal response HTTP/1.1 200 OK ... GET /doc HTTP1.1 Cookie: machin ... GET /images/t.gif HTTP1.1 Cookie: machin ... Browser sends cookie in all requests sent to server Response is function of URL and cookie
  • 28. Examples • Wireshark packet traces • Google chrome network diagnostics
  • 29. Example curl -v www.ietf.org * Rebuilt URL to: www.ietf.org/ * Hostname was NOT found in DNS cache * Trying 2400:cb00:2048:1::6814:155... * Connected to www.ietf.org (2400:cb00:2048:1::6814:155) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.38.0 > Host: www.ietf.org > Accept: */* >
  • 30. Example < HTTP/1.1 200 OK < Date: Tue, 21 Oct 2014 07:31:08 GMT < Content-Type: text/html < Transfer-Encoding: chunked < Connection: keep-alive < Set-Cookie: __cfduid=d90d850d78da8f53eb24ac0bed60aa2231413876667742; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.ietf.org; HttpOnly < Last-Modified: Fri, 10 Oct 2014 22:38:16 GMT < ETag: W/"8842406-4ac2-50519347abeda" < Vary: Accept-Encoding * Server cloudflare-nginx is not blacklisted < Server: cloudflare-nginx < CF-RAY: 17cbc0f5613b0c23-AMS < <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/GeneralPage.dwt" codeOutsideHTMLIsLocked="false" -->
  • 32. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  • 33. Transport layer Transport Segments Transport Network Network Network Datalink Datalink Datalink Physical Physical Physical • Objectives • Improve service provided to applications • Multiplexing
  • 34. Network service Network Packets Network Packets Network Datalink Datalink Datalink Physical Physical Physical • Characteristics • Connectionless • Unreliable • Maximum packet size
  • 35. UDP protocol 32 bits Source Port Destination port Used to identify the application that sent this segment on sending host 8 bytes UDP length UDP Checksum Payload Used to identify the application that will receive this segment on destination host Constraint Each UDP segment must fit inside a single IP packet Checksum computed over the entire UDP segment and part of the IP header to detect transmission errors. 0 means that the sender did not compute a checksum.
  • 36. UDP ports Request Client Server Source port : 1234 Destination port: 5678 Source port : 5678 Destination port: 1234 Response
  • 37. UDP : limitations • Maximum length of UDP SDUs depends on maximum size of IP packets • Unreliable connectionless service • SDUs can get lost but transmission errors will be detected • UDP does not preserve ordering • UDP does not detect nor prevent duplication
  • 38. Usage of UDP • Request-response applications • DNS, RPC, NFS, .. • Applications with short delay • Games • Multimedia transfer • Voice over IP • Video over IP
  • 39. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  • 40. TCP • Service provided • Connection-oriented • Reliable • No losses, no errors, no duplications • Bytestream
  • 41. TCP port numbers Request Client : C Server : S Source Port : 1234 Destination Port: 5678 Source Port : 5678 Destination Port: 1234 Response Established TCP connections on client Local IP Remote IP Local Port Remote Port C S 1234 5678 Established TCP connections on server Local IP Remote IP Local Port Remote Port S C 5678 1234
  • 42. TCP segment 32 bits Source port Destination port THL Reserved Flags Window Checksum Urgent pointer Payload 20 bytes Sequence number Optional header extension Flags : used to indicate the function of a segment SYN : used during establishment FIN : used during connection release RST : used in case of problems ACK : if true, means that the Acknowledgement number inside the segment is valid Computed over the entire segment and part of the IP header Acknowledgement number Segment header length
  • 43. Multiple connections Client: A Client : B Server : S TCP connections on server IP local IP remote Port local Port remote S A 80 1234 S A 80 1235 S B 80 1235 TCP connections on host A IP local IP remote Port local Port remote A S 1234 80 A S 1235 80 TCP connections on host B IP local IP remote Port local Port remote B S 1235 80
  • 44. Three-way handshake ACK(seq=x+1, ack=y+1) CONNECT.req CONNECT.ind SYN+ACK(ack=x+1,seq=y) CONNECT.resp Initial sequence number (x) CONNECT.conf Initial sequence number (y) SYN(seq=x) Connection established Connection established The sequence numbers of all segments A->B will start at x+1 The sequence numbers of all segments B->A will start at y+1
  • 45. Connection refused RST+ACK(ack=x+1,seq=0) DISCONNECT.req CONNECT.req DISCONNECT.ind CONNECT.ind SYN(seq=x) Connection refused A TCP entity should never send a RST segment upon reception of another RST segment
  • 46. Reliable data transfer DATA.req ("abcd") DATA.ind("abcd") (seq=123,"abcd") DATA.req ("jkl") (seq=127,"efg") (seq=132,"jkl") DATA.req ("efg") (ack=127) (ack=135) DATA.ind("efghijkl") DATA.req ("hi") (seq=130,"hi")
  • 47. Reliable data transfer (seq=123,"abcd") (seq=127,"ef") (seq=123,"abcd") (seq=127,"ef") (ack=123) Retransmission timer (ack=129) (ack=129) "abcdef" unnecessary retransmission Retransmission of all unacked segments “ef” placed in buffer
  • 48. Fast retransmit (seq=120,"xyz") (seq=123,"abcd") (ack=123) (seq=129,"gh") (seq=131,"ij") (ack=123) First duplicate ack (ack=123) Second duplicate ack (ack=123) Third duplicate ack (seq=127,"ef") Out of sequence Out of sequence Out of sequence
  • 49. Fast retransmit (seq=123,"abcd") (ack=123) (ack=123) (ack=123) (ack=123) (ack=133) (seq=123,"abcd") "abcdefghij" (seq=127,"ef") Out of sequence, in buffer (seq=129,"gh") Out of sequence, in buffer (seq=131,"ij") Out of sequence, in buffer
  • 50. Flow control (seq=122,"abcd") (ack=126,rwin=0) Last_ack=122, swin=100, rwin=4 To transmit : abcdefghijklm Last_ack=122, swin=96, rwin=0 Last_ack=126, swin=100, rwin=0 (ack=126,rwin=2) (seq=126,"ef") (ack=128,rwin=20) Last_ack=126, swin=100, rwin=2 Last_ack=126, swin=98, rwin=0 Last_ack=128, swin=100, rwin=20 Last_ack=128, swin=93, rwin=13 (seq=128,"ghijklm") (ack=135,rwin=20) Last_ack=135, swin=100, rwin=20
  • 51. Connection release FIN(seq=x) DISCONNECT.req (A-B) DISCONNECT.ind(A-B) ACK(ack=x+1) DISCONNECT.conf(A-B) ACK(ack=y+1) DISCONNECT.req(B-A) DISCONNECT.conf(A-B) outgoing connection closed DISCONNECT.ind(B-A) FIN(seq=y) Time WAIT Maintain state for this connection during twice MSL to be able to retransmit ACK if a segment is received from the other entity incoming connection closed incoming connection closed outgoing connection closed State can be removed Last sent data : x-1 Last sent data : y-1
  • 52. Abrupt release RST(seq=x) DISCONNECT.req (abrupt) DISCONNECT.ind(abrupt) Connection closed Connection closed State can be removed State can be removed Last sent data : x

Editor's Notes

  • #13: MIME was defined in N. Freed and N. Borenstein. Multipurpose internet mail extensions (MIME) part one: Format of internet message bodies. Request for Comments 2045, Internet Engineering Task Force, November 1996. N. Freed and N. Borenstein. Multipurpose internet mail extensions (MIME) part two: Media types. Request for Comments 2046, Internet Engineering Task Force, November 1996.
  • #18: Exemple de message MIME Received: from loriot.info.fundp.ac.be (loriot.info.fundp.ac.be [138.48.32.96]) by leibniz.info.fundp.ac.be (8.9.1/8.9.1) with SMTP id QAA19679; Mon, 20 Sep 1999 16:37:25 +0200 (MET DST) Message-Id: &amp;lt;3.0.5.32.19990920163316.00866340@info.fundp.ac.be&amp;gt; Date: Mon, 20 Sep 1999 16:33:16 +0200 To: pers-aca, pers-sci From: Gysele HENRARD &amp;lt;ghe@info.fundp.ac.be&amp;gt; Subject: listes Mime-Version: 1.0 Content-Type: multipart/mixed; boundary=&amp;quot;=====================_937830796==_&amp;quot; --=====================_937830796==_ Content-Type: text/plain; charset=&amp;quot;iso-8859-1&amp;quot; Content-Transfer-Encoding: quoted-printable Bonjour, Voici des listes de 1M-1L, 2M-2L et ERASMUS mises =E0 jour ce lundi 20 septembre. Gyselle --=====================_937830796==_ Content-Type: application/octet-stream; name=&amp;quot;1M_99_00.xls&amp;quot;; x-mac-type=&amp;quot;584C5334&amp;quot;; x-mac-creator=&amp;quot;5843454C&amp;quot; ...
  • #21: HTTP 1.0 is defined in : T. Berners-Lee, R. Fielding, and H. Frystyk. Hypertext transfer protocol -- HTTP/1.0. Request for Comments 1945, Internet Engineering Task Force, May 1996.
  • #26: HTTP 1.1 is defined in : R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee. Hypertext transfer protocol -- HTTP/1.1. Request for Comments 2616, Internet Engineering Task Force, June 1999.
  • #37: The computation of the UDP checksum is defined in : R. Braden, D. Borman, C. Partridge, Computing the Internet Checksum, RFC1071, Septembre 1988
  • #39: UDP is mainly used for applications where either short messages are exchanged or losses or not a severe problem (either because they can be supported by the application or because they are used in LAN environment where there are almost no losses) Domain Name System, Network File System (NFS), Remote Procedure Call (RPC), jeux Multimedia (conversational) applications such as VoIP or VideooverIP often use UDP. In this case, UDP is often combined with RTP H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson.RTP: A Transport Protocol for Real-Time Applications. RFC1889, Jan 1996
  • #44: Urgent pointer is rarely used and will not be described. The THL is indicated in blocs of 32 bits. The TCP header may contain options, these will be discussed later.
  • #46: MSL in IP networks : 120 seconds
  • #50: Don’t forget that TCP’s acknowledgements are cumulative.
  • #51: See e.g. RFC2001 TCP Slow Start, Congestion Avoidance, Fast Retransmit, and Fast Recovery Algorithms. W. Stevens. January 1997.
  • #54: Some heavily loaded web servers, use abrupt release to close their connection to avoid maintaining state for 2*MSL seconds.