1
Internet and Intranet Protocols and Applications
Lecture 2: Application Layer 1:
HTTP and FTPSpring 2006
Arthur GoldbergComputer Science Department
New York [email protected]
2
Chapter 2Application Layer
Computer Networking: A Top Down
Approach Featuring the Internet, 3rd edition.
Jim Kurose, Keith Ross
Addison-Wesley, July 2004.
A note on the use of these ppt slides:We’re making these slides freely available to all (faculty, students, readers). They’re in PowerPoint form so you can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following:
If you use these slides (e.g., in a class) in substantially unaltered form, that you mention their source (after all, we’d like people to use our book!)
If you post any slides in substantially unaltered form on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material.
Thanks and enjoy! JFK/KWR
All material copyright 1996-2004J.F Kurose and K.W. Ross, All Rights Reserved
3
Chapter 2: Application layer
• 2.1 Principles of network applications
• 2.2 Web and HTTP• 2.3 FTP • 2.4 Electronic Mail
– SMTP, POP3, IMAP• 2.5 DNS
• 2.6 P2P file sharing• 2.7 Socket
programming with TCP
• 2.8 Socket programming with UDP
• 2.9 Building a Web server
4
Chapter 2: Application LayerOur goals:• conceptual,
implementation aspects of network application protocols– transport-layer
service models– client-server
paradigm– peer-to-peer
paradigm
• learn about protocols by examining popular application-level protocols– HTTP– FTP– SMTP / POP3 / IMAP– DNS
• programming network applications– socket API
2
5
Some network apps
• E-mail• Web• Instant messaging• Remote login• P2P file sharing• Multi-user network
games• Streaming stored
video clips
• Internet telephone• Real-time video
conference• Massive parallel
computing
6
Creating a network appWrite programs that
– run on different end systems and
– communicate over a network.
– e.g., Web: Web server software communicates with browser software
No software written for devices in network core– Network core devices do
not function at app layer– This design allows for
rapid app development
applicationtransportnetworkdata linkphysical
applicationtransportnetworkdata linkphysical
applicationtransportnetworkdata linkphysical
7
Chapter 2: Application layer
• 2.1 Principles of network applications
• 2.2 Web and HTTP• 2.3 FTP • 2.4 Electronic Mail
– SMTP, POP3, IMAP• 2.5 DNS
• 2.6 P2P file sharing• 2.7 Socket
programming with TCP
• 2.8 Socket programming with UDP
• 2.9 Building a Web server
8
Application architectures
• Client-server• Peer-to-peer (P2P)• Hybrid of client-server and P2P
3
9
Client-server architectureserver:
– always-on host– permanent IP address– server farms for scaling
clients:– communicate with
server– may be intermittently
connected– may have dynamic IP
addresses– do not communicate
directly with each other
10
Pure P2P architecture• no always-on server• arbitrary end systems
directly communicate• peers are intermittently
connected and change IP addresses
• example: Gnutella
Highly scalable
But difficult to manage
11
Hybrid of client-server and P2P
Napster– File transfer is P2P– File search centralized:
• Peers register content at central server• Peers query same central server to locate content
Instant messaging– Chatting between two users is P2P– Presence detection/location centralized:
• User registers its IP address with central server when it comes online
• User contacts central server to find IP addresses of buddies
12
Processes communicatingProcess: program running
within a host• within a host, two
processes communicate using inter-process communication (defined by OS)
• processes in different hosts communicate by exchanging messages
Client process: process that initiates communication
Server process: process that waits to be contacted
• Note: applications with P2P architectures have client processes & server processes
4
13
Sockets
• process sends/receives messages to/from its socket
• socket analogous to door– sending process shoves
message out door– sending process relies on
transport infrastructure on other side of door which brings message to socket at receiving process
process
TCP withbuffers,variables
socket
host orserver
process
TCP withbuffers,variables
socket
host orserver
Internet
controlledby OS
controlled byapp developer
• API: (1) choice of transport protocol; (2) ability to fix a few parameters (lots more on this later)
14
Addressing processes• For a process to
receive messages, it must have an identifier
• A host has a unique 32-bit IP address
• Q: does the IP address of the host on which the process runs suffice for identifying the process?
• Answer: No, many processes can run on one host
• Identifier includes both the IP address and port numbersassociated with the process on the host.
• Example port numbers:– HTTP server: 80– Mail server: 25
15
App-layer protocol defines• Types of messages
exchanged, e.g., request & response messages
• Syntax of message types: what fields in messages & how fields are delineated
• Semantics of the fields, i.e., meaning of information in fields
• Rules for when and how processes send & respond to messages
Public-domain protocols• defined in RFCs• allows for
interoperability• E.g., HTTP, SMTPProprietary protocols• E.g., KaZaA
16
What transport service does an app need?
Data loss• some apps (e.g., audio) can
tolerate some loss• other apps (e.g., file
transfer, telnet) require 100% reliable data transfer
Timing• some apps (e.g.,
Internet telephony, interactive games) require low delay
Bandwidth• some apps (e.g.,
multimedia) require a minimum amount of bandwidth
• other apps (“elastic apps”) make use of whatever bandwidth they get
5
17
Transport service requirements of common apps
Application
file transfere-mail
Web documentsreal-time audio/video
stored audio/videointeractive gamesinstant messaging
Data loss
no lossno lossno lossloss-tolerant
loss-tolerantloss-tolerantno loss
Bandwidth
elasticelasticelasticaudio: 5kbps-1Mbpsvideo:10kbps-5Mbpssame as above few kbps upelastic
Time Sensitive
nononoyes, 100s msec
yes, few secsyes, 100s msecyes and no
18
Internet transport protocols services
TCP service:• connection-oriented: setup
required between client and server processes
• reliable transport: between sending and receiving process
• flow control: sender won’t overwhelm receiver
• congestion control: throttle sender when network overloaded
• does not provide: timing, minimum bandwidth guarantees
UDP service:• unreliable data transfer
between sending and receiving process
• does not provide: connection setup, reliability, flow control, congestion control, timing, or bandwidth guarantee
Q: Why bother? Why is there a UDP?
19
Internet apps: application, transport protocols
Application
e-mailremote terminal access
Web file transfer
streaming multimedia
Internet telephony
Applicationlayer protocol
SMTP [RFC 2821]Telnet [RFC 854]HTTP [RFC 2616]FTP [RFC 959]proprietary(e.g. RealNetworks)proprietary(e.g., Dialpad)
Underlyingtransport protocol
TCPTCPTCPTCPTCP or UDP
typically UDP
20
Chapter 2: Application layer
• 2.1 Principles of network applications – app architectures– app requirements
• 2.2 Web and HTTP• 2.4 Electronic Mail
– SMTP, POP3, IMAP• 2.5 DNS
• 2.6 P2P file sharing• 2.7 Socket
programming with TCP
• 2.8 Socket programming with UDP
• 2.9 Building a Web server
6
2/7/2006 21
WWW - Invention (hypertext)
• Invented by Tim Berners-Lee at CERN in 89– "HyperText is a way to link and access
information of various kinds as a web of notes in which the user can browse at will. It provides a single user-interface to large classes of information.”
– "A hypertext page has pieces of text which refer to other texts. Such references are highlighted and can be selected... When you select a reference, the browser presents you with the text which is referenced: you have made the browser follow a hypertext link" 22
WWW - Invention• Tim Berners-Lee (CERN) Proposal 11/90
– “The current incompatibilities of the platforms and tools make it impossible to access existing information through a common interface, leading to waste of time, …”
– “A link is specified as an ASCII string from which the browser can deduce a suitable method of contacting an appropriate server. When a link is followed, the browser addresses the request for the node [document] to the server.”
– WorldWideWeb: Proposal for a HyperText Project, 11/12/90, http://www.w3.org/Proposal.html
23
Links may become invalid – Link is simply a text name for a remote document– Remote document may be removed while name in
link remains in place– Guys who invented hypertext worried about this
(Douglas Engelbart invented and implemented hypertext in early 60s, Ted Nelson named it in ’65, continues pursuing ‘Xanadu’)
– Berners-Lee had brilliance to ignore it
24
Identifying a Page (URL) RFC 2396• Page identified by:
– Protocol used to access page – Computer on which page is stored – TCP port to access page – Pathname of file on server
• URL Syntaxprotocol://computer_name[:port][/document_name]
• protocol (scheme) = http, ftp, etc• port is optional• document_name is path to document
– Which parts are case sensitive?
7
2/7/2006 25
URL Schemesftp : // [ user [:password] @ ] host / pathnews : newsgrouptelnet : ipaddressgopher : // host [ gtype ]mailto : userid @ hostnamewais : // hostport / database [ ? search ] wais : // hostport / database / wtype / wpathfile: // pathnamehttp: // host [: port ][ / path ]
• http://www.w3.org/Addressing/rfc1738.txt
26
How Did Berners-Lee Start the Web Growing?
• What good were Web servers if there were no browsers?
• What good were browsers if there were no Web servers?
• Why were any of them deployed?
27
Web and HTTP
First some jargon• A Web page consists of objects• Object can be HTML file, JPEG image, Java applet,
audio file,…• Web page consists of base HTML-file which includes
several referenced objects• Each object is addressable by a URL• Example URL:
www.someschool.edu/someDept/pic.gif
host name path name
28
HTTP overview
HTTP: hypertext transfer protocol
• Web’s application layer protocol
• client/server model– client: browser that
requests, receives & “displays” Web objects
– server: Web server sends objects in response to requests
• HTTP 1.0: RFC 1945• HTTP 1.1: RFC 2616
PC runningExplorer
Server running
Apache Webserver
Mac runningNavigator
HTTP request
HTTP request
HTTP response
HTTP response
8
29
HTTP overview (continued)Uses TCP:• client initiates TCP connection
(creates socket) to server, typically port 80
• server accepts TCP connection from client
• HTTP messages (application-layer protocol messages) exchanged between browser (HTTP client) and Web server (HTTP server)
• TCP connection closed
HTTP is “stateless”• server maintains no
information about past client requests
Protocols that maintain “state” can be complex
• past history (state) must be maintained
• if server/client crashes, their views of “state” may be inconsistent, may need to be reconciled
aside
30
HTTP connections
Nonpersistent HTTP• At most one object is
sent over a TCP connection.
• HTTP/1.0 uses nonpersistent HTTP
Persistent HTTP• Multiple objects can
be sent over single TCP connection between client and server.
• HTTP/1.1 uses persistent connections in default mode
31
Nonpersistent HTTPSuppose user enters URL
www.someSchool.edu/someDepartment/home.index
1a. HTTP client initiates TCP connection to HTTP server (process) at www.someSchool.edu on port 80
2. HTTP client sends HTTP request message (containing URL) into TCP connection socket; message indicates that client wants object someDepartment/home.index
1b. HTTP server at host www.someSchool.edu waiting for TCP connection at port 80. “accepts” connection, notifying client
3. HTTP server receives request message, forms response messagecontaining requested object, and sends message into its sockettime
(contains text, references to 10
jpeg images)
32
Nonpersistent HTTP (cont.)
5. HTTP client receives response message containing html file, displays html. Parsing html file, finds 10 referenced jpeg objects
6. Steps 1-5 repeated for each of 10 jpeg objects
4. HTTP server closes TCP connection.
time
9
33
Response time modelingDefinition of Round Trip
Time (RTT): time to send a small packet from client to server and back
Response time:• one RTT to initiate TCP
connection• one RTT for HTTP
request and first few bytes of HTTP response to return
• file transmission timetotal = 2RTT + file transmit
time
time to transmit file
initiate TCPconnection
RTT
requestfile
RTT
filereceived
time time
34
Persistent HTTP
Nonpersistent HTTP issues:• requires 2 RTTs per object• OS must work and allocate
host resources for each TCP connection
• but browsers often open parallel TCP connections to fetch referenced objects
Persistent HTTP:• server leaves connection
open after sending response• subsequent HTTP messages
between same client/server are sent over connection
Persistent without pipelining:• client issues new request
only when previous response has been received
• one RTT for each referenced object
Persistent with pipelining:• default in HTTP/1.1• client sends requests as
soon as it encounters a referenced object
• as little as one RTT for all the referenced objects
35
HTTP request message
• two types of HTTP messages: request, response• HTTP request message:
– ASCII (human-readable format)
GET /somedir/page.html HTTP/1.1Host: www.someschool.edu User-agent: Mozilla/4.0Connection: close Accept-language: fr
(extra carriage return, line feed)
request line(GET, POST,
HEAD commands)
headerlines
Carriage return, line feed
indicates end of message 36
HTTP request message: general format
10
37
Uploading form input
Post method:• Web page often
includes form input• Input is uploaded to
server in entity body
URL method:• Uses GET method• Input is uploaded in
URL field of request line:
www.somesite.com/animalsearch?monkeys&banana
38
Method types
HTTP/1.0• GET• POST• HEAD
– asks server to leave requested object out of response
HTTP/1.1• GET, POST, HEAD• PUT
– uploads file in entity body to path specified in URL field
• DELETE– deletes file specified in
the URL field
39
HTTP response message
HTTP/1.1 200 OK Connection: closeDate: Thu, 06 Aug 1998 12:00:15 GMT Server: Apache/1.3.0 (Unix) Last-Modified: Mon, 22 Jun 1998 …... Content-Length: 6821 Content-Type: text/html
data data data data data ...
status line(protocol
status codestatus phrase)
headerlines
data, e.g., requestedHTML file
40
HTTP response status codes
200 OK– request succeeded, requested object later in this message
301 Moved Permanently– requested object moved, new location specified later in
this message (Location:)400 Bad Request
– request message not understood by server404 Not Found
– requested document not found on this server505 HTTP Version Not Supported
In first line in server->client response message.A few sample codes:
11
41
Trying out HTTP (client side) for yourself
1. Telnet to your favorite Web server:Opens TCP connection to port 80(default HTTP server port) at cis.poly.edu.Anything typed in is sent to port 80 at cis.poly.edu
telnet cis.poly.edu 80
2. Type in a GET HTTP request:GET /~ross/ HTTP/1.1Host: cis.poly.edu
By typing this in (hit carriagereturn twice), you sendthis minimal (but complete) GET request to HTTP server
3. Look at response message sent by HTTP server!
42
User-server state: cookies
Many major Web sites use cookies
Four components:1) cookie header line in the
HTTP response message2) cookie header line in
HTTP request message3) cookie file kept on user’s
host and managed by user’s browser
4) back-end database at Web site
Example:– Susan access Internet
always from same PC– She visits a specific e-
commerce site for first time
– When initial HTTP requests arrives at site, site creates a unique ID and creates an entry in backend database for ID
43
Cookies: keeping “state” (cont.)client server
usual http request msgusual http response +Set-cookie: 1678
usual http request msgcookie: 1678
usual http response msg
usual http request msgcookie: 1678
usual http response msg
cookie-specificaction
cookie-specificaction
servercreates ID
1678 for user
entry in backend
database
access
access
Cookie file
amazon: 1678ebay: 8734
Cookie file
ebay: 8734
Cookie file
amazon: 1678ebay: 8734
one week later:
44
Cookies (continued)What cookies can bring:• authorization• shopping carts• recommendations• user session state
(Web e-mail)
Cookies and privacy:• cookies permit sites to
learn a lot about you• you may supply name
and e-mail to sites• search engines use
redirection & cookies to learn yet more
• advertising companies obtain info across sites
aside
12
45
Chapter 2: Application layer
• 2.1 Principles of network applications
• 2.2 Web and HTTP• 2.3 FTP• 2.4 Electronic Mail
– SMTP, POP3, IMAP• 2.5 DNS
• 2.6 P2P file sharing• 2.7 Socket
programming with TCP
• 2.8 Socket programming with UDP
• 2.9 Building a Web server
46
FTP: the file transfer protocol
• transfer file to/from remote host• client/server model
– client: side that initiates transfer (either to/from remote)
– server: remote host• ftp: RFC 959• ftp server: port 21
file transfer FTPserver
FTPuser
interface
FTPclient
local filesystem
remote filesystem
user at host
47
FTP: separate control, data connections
• FTP client contacts FTP server at port 21, specifying TCP as transport protocol
• Client obtains authorization over control connection
• Client browses remote directory by sending commands over control connection
• When server receives a command for a file transfer, the server opens a TCP data connection to client
• After transferring one file, server closes connection
FTPclient
FTPserver
TCP control connectionport 21
TCP data connectionport 20
• Server opens a second TCP data connection to transfer another file.
• Control connection: “out of band”
• FTP server maintains “state”: current directory, earlier authentication
48
FTP commands, responses
Sample commands:• sent as ASCII text over
control channel• USER username• PASS password• LIST return list of file in
current directory• RETR filename
retrieves (gets) file• STOR filename stores
(puts) file onto remote host
Sample return codes• status code and phrase
(as in HTTP)• 331 Username OK, password required
• 125 data connection already open; transfer starting
• 425 Can’t open data connection
• 452 Error writing file
13
HTTP 1.1Slides courtesy
ofRobert Grimm
New York University
50
HTTP/1.0 Performance
• Main message: Performance is suboptimal– Interaction latency– Server scalability
51
Interaction between HTTPand TCP
• Three-way handshake– SYN, SYN+ACK, ACK
• Slow start– Open congestion window for each successfully
transmitted packet– Then send successive packets without waiting for
acknowledgements• Nagle’s algorithm
– Delay transmission to collect additional data• telnet, rlogin
• TIME_WAIT state 52
HTTP/1.1 to the Rescue!
• Extensibility• Caching• Bandwidth optimization• Network connection management• Message transmission• Internet address conservation• Error notification• Security, integrity, and authentication• Content negotiation
14
53
HTTP/1.1 to the Rescue!
• Extensibility• Caching• Bandwidth optimization• Network connection management• Message transmission• Internet address conservation• Error notification• Security, integrity, and authentication• Content negotiation
54
HTTP/1.1 Extensibility
• Goal: full backwards compatibility– HTTP/0.9– HTTP/1.0– HTTP/1.1 draft implementations
• Via header– Collect end-to-end path information
• OPTIONS method– Query for supported features
• Upgrade header– Switch to different protocol
55
HTTP/1.1 Caching(discuss during Caching lecture)
• Reduces latency for cached resources• Reduces bandwidth consumption• Indirectly reduces latency for uncached
resources• Indirectly reduces load on origin servers
56
HTTP/1.1 Caching
• Goal: semantic transparency• HTTP/1.0
– Based on timestamps• Limited resolution (1 second)• Unsynchronized clocks
• HTTP/1.1– Based on relative times
• max-age in Cache-Control header
– Based on opaque tokens• ETag• If-None-Match, If-Match
15
57
HTTP/1.1 Bandwidth Optimizations
• Goal: conserve bandwidth• Range requests
– Only transmit necessary data• Expect and 100 (Continue)
– Ask for permission before transmitting large resources
• Compression– Use more compact on-the-wire representation
• Content-Encoding: end-to-end• Transfer-Encoding: hop-by-hop
58
HTTP/1.1 Network ConnectionManagement
• Goal: be more friendly to TCP• Connection header
– Declare what headers are hop-by-hop• Persistent connections
– Send many request/response interactions over the same TCP connection
• Pipelining– Do not wait for response before sending next
request
59
HTTP/1.1 Message Transmission
• Goal: reduce buffering requirements– Content-Length header requires resource size
• Chunked transfer-coding– Break resource into many pieces
• Trailers– Send headers after resources
• Content-MD5
60
HTTP/1.1 Internet AddressConservation
• Goal: turn one server into many servers– Treat DNS-to-IP mapping as many-to-one
• IPv4 addresses are scarce, aren’t they?
• Host header– Declare DNS name of targeted host– Though, HTTP/1.0 allows for absolute URLs
• Interact with proxies
• Unintended benefit (?)– Amortize management effort over many sites
16
61
HTTP/1.1 Error Notification
• Goal: support advisory information in addition to status code
• Warning header– Expose status of caches
• Disconnected cache
• New status codes– 24 in all, including 100 (Continue), 206
(Partial content), 300 (Multiple choices)
62
HTTP/1.1 Authentication
• Goal: authorize users• Based on WWW-Authenticate, Authorization
headers• HTTP/1.0: Basic authentication
– User name, password in the clear• HTTP/1.1: Digest authentication
– Based on shared secret (user name, password pair)– Sends cryptographically secure checksum (MD5)
• Username, password, nonce, HTTP method, URL
• HTTP/1.1: Proxy authentication
63
HTTP/1.1 Privacy
• Goal: respect privacy of users• Rules for when to use Referer [sic] header• Rules for how to use cookies (RFC 2965)
– HTTP is stateless, yet we want state– Cookies to the rescue
• Collections of name/value pairs• Issued by server on first access• Returned by client on subsequent accesses
64
HTTP/1.1 Content Negotiation
• Goal: support different variant of same resource
• Server-driven negotiation– Client declares preferences, server chooses
• Different headers to distinguish properties– Media types, character sets, content encodings, human
languages
• Quality values (0.000-1.000) to weigh alternatives• Wildcards to express indifference
– Accept: audio/*; q=0.2, audio/basic
17
65
HTTP/1.1 – Some Issues
• How to name a resource?– HTTP/1.0: URL– HTTP/1.1: URL + headers
• Vary header to list relevant headers
• End-to-end or hop-by-hop?– Caches should be semantically transparent– Yet, they may require user interaction
• Proxy authentication• Advisory information
• Stateless or stateful?– Cookies are a separate RFC, yet widely used
66
HTTP/1.1 to the Rescue
• What do you think?
67
HTTP/1.1 Performance
• Main message– Pipelined persistent connections work
68
HTTP/1.1 Performance
• Main message– Pipelined persistent connections work
… but only if you are careful
18
69
HTTP/1.1 PerformanceExperimental Methodology
• Synthesized web site (“Microscape”)– One HTML page (42 KB)– 42 inlined GIF images (total of 125 KB)
• Three connections– LAN – 10 MBit Ethernet– WAN – MIT LCS to LBL– PPP – 28.8k modem to MIT LCS
• Software– Server: Jigsaw and Apache– Client: libwww
70
HTTP/1.1 PerformanceExperimental Methodology
• Hardware– Sun SPARC Ultra-1 server running Solaris– Digital AlphaStation and Windows NT clients
71
HTTP/1.1 PerformanceTuning
• Initial test results– HTTP/1.1 reduces number of sockets and packets– But significantly increases latency
• Buffer management is key– Flush after initial request
• Send as quickly as possible to receive HTML
– But buffer requests for inline images• Pipeline as much as possible to utilize available bandwidth
• Also need to manage connections carefully– Only half-close connection
• Close server sending side, but still accept client data72
HTTP/1.1 PerformanceResults
• HTTP/1.0 with concurrent connections is slow• HTTP/1.1 without pipelining is even slower• HTTP/1.1 with pipelining is faster• HTTP/1.1 with pipelining and compression is
even faster, especially on low bandwidth links
• It’s hard to read results presented in (8) tables
19
73
HTTP/1.1 PerformanceThe Need for Compression
• Goal: fully utilize TCP connection– Complete first request quickly to create more work– Pipeline additional requests to exploit bandwidth
• Compression can help fit more HTML into a single packet– Tag case matters
• Are there better solutions?
74
HTTP/1.1 PerformanceContent Matters
• Advantages of CSS– Reuse over many resources– Elimination of image abuse
• Symbols, spacers
• PNG vs. GIF– More compact representation
75
Questions, Discussion