Protocols: DNS, TELNET, e-Mail, FTP, WWW, NNTP, SNMP, NTP etc.

Protocols: DNS, TELNET,Protocols: DNS, TELNET,e-Mail, FTP, WWW, NNTP,e-Mail, FTP, WWW, NNTP,

SNMP, NTPSNMP, NTPetc.etc.

Lecture #21: Lecture #21: Application LayerApplication Layer

2

TCP/IP Application LayerTCP/IP Application LayerUser application 1 ...

Encryption/decryption

compression/expansion

Choice of syntax

Sessioncontrol

Session to transportmapping

Session management

Sessionsynch.

Layer and flowcontrol

Error recovery

Multiplexing

Connection control

Routing Addressing

Errorcontrol

Flowcontrol

Data link establishment

Synch Framing

Access to transm. media

Physical and electrical interface

Activation/ deactivation of con.

Application layer

Presentation layer

Session layer

Transport layer

Network layer

Link layer

Physical layer

OSI layers

Wide used Application protocols: Wide used Application protocols: DNS, HTTP, FTP, DNS, HTTP, FTP, SMTP, POP3, IMAP, NNTP, SNMP, NTP, RPC, SMTP, POP3, IMAP, NNTP, SNMP, NTP, RPC,

TELNET, SSH ...TELNET, SSH ...

3

DNS - The purposeDNS - The purpose

To map a To map a hostnamehostname to an to an IP-addressIP-address and vice versa.and vice versa.

Example:Example:www.acad.bg www.acad.bg 194.141.0.9194.141.0.9

Each hostname may has zero or more Each hostname may has zero or more corresponding IP-addresses.corresponding IP-addresses.

Each IP-address may correspond to zero or more Each IP-address may correspond to zero or more hostnames.hostnames.

4

DNS - Historical DNS - Historical remarksremarksHost name to address mappings were maintained by Host name to address mappings were maintained by

the the Network Information CenterNetwork Information Center (NIC) in a (NIC) in a single single filefile ( (HOSTS.TXTHOSTS.TXT) which was transferred to ) which was transferred to all hostsall hosts using FTP (about 25 years ago).using FTP (about 25 years ago).

Disadvantages:Disadvantages:

Ineffective – Bandwidth consumed in distributing a new Ineffective – Bandwidth consumed in distributing a new version by this scheme is proportional to the square of version by this scheme is proportional to the square of the number of hosts in the network. the number of hosts in the network.

The network population was also changing in character. The network population was also changing in character.

The applications on the Internet were getting more The applications on the Internet were getting more sophisticated and creating a need for general purpose sophisticated and creating a need for general purpose name service. name service.

5

DNS design goalsDNS design goals

The primary goal is a consistent name The primary goal is a consistent name space which will be used for referring to space which will be used for referring to resources. resources.

The database which holds the names The database which holds the names must be distributed.must be distributed.

The costs of implementing such a facility The costs of implementing such a facility dictate that it be generally useful, and dictate that it be generally useful, and not restricted to a single application. not restricted to a single application.

6

DNS design goals DNS design goals (contd.)(contd.)

Use the same Use the same name spacename space with different with different protocol families or management. protocol families or management.

Name server transactions must be Name server transactions must be independentindependent of the communications of the communications system that carries them.system that carries them.

The system should be useful across a wide The system should be useful across a wide

spectrum of host capabilities. Both spectrum of host capabilities. Both personal computerspersonal computers and large and large timeshared timeshared hostshosts (mainframes) should be able to use (mainframes) should be able to use the system, though perhaps in different the system, though perhaps in different ways.ways.

7

Elements of the DNSElements of the DNSThree main componetsThree main componets

1.1. The The DOMAIN NAME SPACEDOMAIN NAME SPACE and and RESOURCE RECORDSRESOURCE RECORDS, which are , which are specifications for a tree structured name specifications for a tree structured name space and data associated with the space and data associated with the names. names.

2.2. NAME SERVERSNAME SERVERS are server programs are server programs which hold information about the domain which hold information about the domain tree's structure and set information. tree's structure and set information.

3.3. RESOLVERSRESOLVERS are programs that extract are programs that extract information from name servers in information from name servers in response to client requests.response to client requests.

8

Elements of the DNS Elements of the DNS (contd.)(contd.)

These three components roughly correspond These three components roughly correspond to the three layers or views of the DNS:to the three layers or views of the DNS:

From the user's point of view, the domain system From the user's point of view, the domain system is accessed through a simple procedure. is accessed through a simple procedure.

From the resolver's point of view, the domain From the resolver's point of view, the domain system is composed of an unknown number of system is composed of an unknown number of name servers. name servers.

From a name server's point of view, the domain From a name server's point of view, the domain system consists of separate sets of local system consists of separate sets of local information called information called zoneszones. .

9

Name space specifications Name space specifications and terminology and terminology

The domain name space is a tree The domain name space is a tree structure composed by structure composed by nodesnodes. .

Each node has a label, which is zero to 63 Each node has a label, which is zero to 63 octets in length. octets in length.

The domain name of a node is the list of The domain name of a node is the list of the labels on the path from the node to the labels on the path from the node to the root of the tree. the root of the tree.

The name of the The name of the root noderoot node is empty is empty string (zero length) – “”.string (zero length) – “”.

10

Internally, programs that manipulate Internally, programs that manipulate domain names should represent them as domain names should represent them as sequences of labels, where each label is a sequences of labels, where each label is a length octetlength octet followed by an followed by an octet stringoctet string. .

Domain names are Domain names are case-insensitivecase-insensitive using using the ASCII codes with high order zero bit.the ASCII codes with high order zero bit.

When a user types a domain name, the When a user types a domain name, the length of each label is omitted and the length of each label is omitted and the labels are separated by dots ("."). Since a labels are separated by dots ("."). Since a complete domain name ends with the root complete domain name ends with the root label, this leads to a printed form which label, this leads to a printed form which ends in a dot. ends in a dot.

Name space specifications Name space specifications and terminology and terminology (contd.)(contd.)

11

Example Name Example Name SpaceSpace(a graphical tree view)(a graphical tree view)

com edu bg eu info

ucla

physics

yahoo

joe

acad

amigo val

see-grid

www

kevinmary

Top Level Domains (TLD)

One Root domain (“”)

test

sigma

book

mail

Del

egat

ion

2nd Level Domains

Up to 127 levels

3rd Level Domains

ICANN, IANA

12

Top Level DomainsTop Level Domains Generic domains (gTLD):Generic domains (gTLD):

com, org, net, intcom, org, net, int (all around the world); (all around the world);edu, gov, miledu, gov, mil (located in USA only); (located in USA only);aero, biz, coop, info, museum, name, proaero, biz, coop, info, museum, name, pro

(new domains, since 2000).(new domains, since 2000).

Country code domains (ccTLD):Country code domains (ccTLD):bg, uk, fr, it,bg, uk, fr, it, ... ...

Special infrastructure domain:Special infrastructure domain:arpaarpa

Loopback domains:Loopback domains:localhost, localdomainlocalhost, localdomain

And the domain And the domain eueu for for European UnionEuropean Union!!

13

Resource RecordsResource Records

The distributed database which holds The distributed database which holds the names consists of several the names consists of several Resource Resource RecordsRecords..

Resource recordResource record - Set of resource - Set of resource information associated with a particular information associated with a particular name.name.

14

DNS serverDNS server A computer with software which:A computer with software which:

1.1. Holds and maintains specified part of the Holds and maintains specified part of the distributed database of resource records.distributed database of resource records.

2.2. Responds to the name queries.Responds to the name queries.

3.3. Exchanges the zone information with other DNS Exchanges the zone information with other DNS servers.servers.

These tasks are described in the These tasks are described in the DNS protocolDNS protocol (RFC 1035) (RFC 1035) located on the located on the Application LayerApplication Layer of the “ of the “TCP/IP TCP/IP reference model”reference model”..

15

The root DNS serversThe root DNS serversAt the heart of the DNS are 13 special At the heart of the DNS are 13 special computers, called computers, called root serversroot servers. They are . They are coordinated by coordinated by ICANNICANN and are and are distributeddistributed around the world.around the world.

A.ROOT-SERVERS.NET. 198.41.0.4A.ROOT-SERVERS.NET. 198.41.0.4B.ROOT-SERVERS.NET. 192.228.79.201B.ROOT-SERVERS.NET. 192.228.79.201C.ROOT-SERVERS.NET. 192.33.4.12C.ROOT-SERVERS.NET. 192.33.4.12D.ROOT-SERVERS.NET. 128.8.10.90D.ROOT-SERVERS.NET. 128.8.10.90E.ROOT-SERVERS.NET. 192.203.230.10E.ROOT-SERVERS.NET. 192.203.230.10F.ROOT-SERVERS.NET. 192.5.5.241F.ROOT-SERVERS.NET. 192.5.5.241G.ROOT-SERVERS.NET. 192.112.36.4G.ROOT-SERVERS.NET. 192.112.36.4H.ROOT-SERVERS.NET. 128.63.2.53H.ROOT-SERVERS.NET. 128.63.2.53I.ROOT-SERVERS.NET. 192.36.148.17I.ROOT-SERVERS.NET. 192.36.148.17J.ROOT-SERVERS.NET. 192.58.128.30J.ROOT-SERVERS.NET. 192.58.128.30K.ROOT-SERVERS.NET. 193.0.14.129K.ROOT-SERVERS.NET. 193.0.14.129L.ROOT-SERVERS.NET. 199.7.83.42L.ROOT-SERVERS.NET. 199.7.83.42M.ROOT-SERVERS.NET. 202.12.27.33M.ROOT-SERVERS.NET. 202.12.27.33

16

K.ROOT-SERVERS.NETK.ROOT-SERVERS.NET(operated by (operated by RIPE NCC)RIPE NCC)

Source: Source: http://k.root-servers.orghttp://k.root-servers.org

17

DNS servers (contd.)DNS servers (contd.)Delegation:Delegation:

ICANN organization delegates root DNS servers.ICANN organization delegates root DNS servers.

The root servers delegate TLD DNS servers.The root servers delegate TLD DNS servers.

A TLD DNS server delegates Second Level DNS server.A TLD DNS server delegates Second Level DNS server.etc.etc.

Primary DNS serverPrimary DNS server for a given domain – holds resource for a given domain – holds resource records for the records for the zonezone. The zone configuration is written by . The zone configuration is written by the system administrator.the system administrator.

Secondary DNS serverSecondary DNS server for a given domain – it exists for the for a given domain – it exists for the case when the Primary DNS server is failed or overloaded. case when the Primary DNS server is failed or overloaded. The Secondary server downloads the The Secondary server downloads the zonezone information from information from the the PrimaryPrimary periodically or by notification. periodically or by notification.

18

DNS servers (contd.)DNS servers (contd.)

Every domain must have one Primary DNS Every domain must have one Primary DNS server and at least one Secondary. server and at least one Secondary.

The The Primary and Secondary DNS serversPrimary and Secondary DNS servers are are also called also called authoritativeauthoritative for their domain and for their domain and non-authoritativenon-authoritative for the rest of domains in the for the rest of domains in the world. E.g. the world. E.g. the authoritative authoritative servers always hold servers always hold up to date zone information for the domain.up to date zone information for the domain.

Caching only DNS serversCaching only DNS servers – – they cache DNS they cache DNS queries and answers for speed-up the service. queries and answers for speed-up the service. These servers are not authoritative for any domain.These servers are not authoritative for any domain.

Most of the authoritative DNS servers are caching too.Most of the authoritative DNS servers are caching too.

19

DNS query flowDNS query flow

1.1. A A DNS clientDNS client forms the query and sends it according the OS forms the query and sends it according the OS configuration. configuration.

2.2. The local The local resolverresolver opens a special file called opens a special file called hostshosts and looks in and looks in case the answer is already written here. If not then next:case the answer is already written here. If not then next:

3.3. The The clientclient calls one of the OS configured calls one of the OS configured DNS serversDNS servers..

4.4. If the If the DNS serverDNS server knows (or already cached) the answer, then knows (or already cached) the answer, then returns it. returns it.

5.5. If the If the DNS serverDNS server doesn’t know the answer, it sends a doesn’t know the answer, it sends a recursive queryrecursive query through the DNS hierarchy, starting from through the DNS hierarchy, starting from the root domain. The recursive query consists of several sub-the root domain. The recursive query consists of several sub-queries to the corresponding queries to the corresponding DNS serversDNS servers..

6.6. The The DNS serversDNS servers returns the result – the answer or error returns the result – the answer or error message.message.

20

Reverse DNS queryReverse DNS query The reverse query uses the special The reverse query uses the special

infrastructure domain infrastructure domain in-addr.arpain-addr.arpa The IP is written before this special domain The IP is written before this special domain

in reverse order of numbers separated with in reverse order of numbers separated with dots.dots.– Example: 1Example: 194.141.0.094.141.0.0 corresponds to corresponds to 0.0.141.194.in-addr.arpa0.0.141.194.in-addr.arpa

The reverse query starts from a root DNS The reverse query starts from a root DNS server and follows the delegation path.server and follows the delegation path.– Example in Unix/Linux:Example in Unix/Linux:

dig 0.0.141.194.in-addr.arpa +tracedig 0.0.141.194.in-addr.arpa +trace

(It traces and shows the delegation path from (It traces and shows the delegation path from the the root name serversroot name servers down to SOA DNS down to SOA DNS server)server)

21

DNS protocol detailsDNS protocol details

The protocol uses two transport protocols from The protocol uses two transport protocols from the lower layer:the lower layer:

UDP UDP onon port 53 port 53 andand TCP TCP onon port 53. port 53.

The The queries and answersqueries and answers are transferred using are transferred using the unreliable protocol the unreliable protocol UDPUDP for speed. But it is for speed. But it is preferred because the OS configured DNS preferred because the OS configured DNS servers are near, usually in the same LAN. servers are near, usually in the same LAN.

The The zone transferszone transfers between the DNS servers between the DNS servers are performed through are performed through TCPTCP, because it must be , because it must be reliable.reliable.

22

DNS protocol detailsDNS protocol details (contd.)(contd.)

Resource Records describedResource Records describedEach resource record consists of the Each resource record consists of the

following data fields following data fields

( ( in text readable format! in text readable format! ):):

owner type class TTL owner type class TTL RDATARDATA

23

Resource RecordsResource RecordsThe data fieldsThe data fields

ownerowner - A string which is the domain - A string which is the domain name where the RR is found. name where the RR is found.

typetype - which is an encoded 16 bit value - which is an encoded 16 bit value that specifies the type of the resource in that specifies the type of the resource in this resource record. Types refer to this resource record. Types refer to abstract resources. Each abstract abstract resources. Each abstract resource has memo name:resource has memo name:

AA - a host address - a host address

CNAMECNAME - identifies the canonical name of an alias - identifies the canonical name of an alias

MXMX - identifies a mail exchange for the domain - identifies a mail exchange for the domain

PTRPTR - a pointer to another part of the domain name - a pointer to another part of the domain name spacespace etc.etc.

24

DNS protocol detailsDNS protocol details (contd.)(contd.)Resource RecordsResource Records

The data fieldsThe data fields classclass - which is an encoded 16 bit value which - which is an encoded 16 bit value which

identifies a protocol family or instance of a identifies a protocol family or instance of a protocol. protocol.

This memo uses the following classes:This memo uses the following classes: ININ - the Internet system or - the Internet system or CHCH - the Chaos system - the Chaos system

TTLTTL - which is the time to live of the RR. This field - which is the time to live of the RR. This field is a 32 bit integer in units of seconds, an is is a 32 bit integer in units of seconds, an is primarily used by resolvers when they cache RRs. primarily used by resolvers when they cache RRs. The TTL describes how long a RR can be cached The TTL describes how long a RR can be cached before it should be discarded. before it should be discarded.

RDATARDATA - which is the type and sometimes class - which is the type and sometimes class dependent data which describes the resource. dependent data which describes the resource.

25

Resource RecordsResource RecordsExampleExample

(in text readable format!)(in text readable format!)

acad.bg. IN A 194.141.0.9acad.bg. IN A 194.141.0.9acad.bg. IN MX 10 mx-a.acad.bg.acad.bg. IN MX 10 mx-a.acad.bg. IN MX 20 mx-b.acad.bg.IN MX 20 mx-b.acad.bg. IN NS amigo.acad.bg.IN NS amigo.acad.bg. IN NS unicom.acad.bg.IN NS unicom.acad.bg.localhost IN A 127.0.0.1localhost IN A 127.0.0.1poseidon IN A 194.141.0.1poseidon IN A 194.141.0.1backbone IN A 194.141.252.2backbone IN A 194.141.252.2iris IN A 194.141.0.2iris IN A 194.141.0.2amigo IN AAAA 2001:4b58:acad::3amigo IN AAAA 2001:4b58:acad::3unicom IN AAAA 2001:4b58:acad::9unicom IN AAAA 2001:4b58:acad::9bis-21++ IN CNAME unicom.acad.bg.bis-21++ IN CNAME unicom.acad.bg.

3 IN PTR amigo.acad.bg.3 IN PTR amigo.acad.bg.......

26

DNS protocol details DNS protocol details (contd.)(contd.)The DNS message in binary formatThe DNS message in binary format

(RR means Resource Record)(RR means Resource Record)

27

DNS protocol detailsDNS protocol details (contd.)(contd.)

The DNS message data fieldsThe DNS message data fields The The IDENTIFICATIONIDENTIFICATION field is set by the client and returned by the field is set by the client and returned by the server. server.

The 16-bit The 16-bit PARAMETERPARAMETER consists of: consists of: – 0-th bit field: 0 means the message is a query,1 means it's a 0-th bit field: 0 means the message is a query,1 means it's a

response. response. – 1-4 bit fields - OPCODE: 1-4 bit fields - OPCODE:

• 0000 - is a normal value (Standard query). 0000 - is a normal value (Standard query). • 0001 - an inverse query. 0001 - an inverse query. • 0010 - the server status request. 0010 - the server status request.

– 5-th bit field - Authoritative answer. The name server is 5-th bit field - Authoritative answer. The name server is authoritative for the domain in the question section. authoritative for the domain in the question section.

– 6-th bit field is set if message truncated. With UDP this means 6-th bit field is set if message truncated. With UDP this means that the total size of the reply exceeded 512 bytes, and only that the total size of the reply exceeded 512 bytes, and only the first 512 bytes the of the reply were returned. the first 512 bytes the of the reply were returned.

– 7-th bit field - Recursion Desired. This bit can be set in a query 7-th bit field - Recursion Desired. This bit can be set in a query and is then returned in the response. and is then returned in the response.

– 8-th bit field - Recursion Available. 8-th bit field - Recursion Available. – 9-11 -th bits field has to be 0. 9-11 -th bits field has to be 0. – 12-15 -th bits field - Return Code. 0- no error, 3- name error.12-15 -th bits field - Return Code. 0- no error, 3- name error.

28

DNS protocol detailsDNS protocol details (contd.)(contd.)

The DNS message data fieldsThe DNS message data fields The fields labeled The fields labeled NUMBER OF ...NUMBER OF ... give each a count of give each a count of

entries in the corresponding sections in the message. entries in the corresponding sections in the message.

The The QUESTION SECTIONQUESTION SECTION contains queries for which contains queries for which answers are desired. The client fills in only the question answers are desired. The client fills in only the question section; the server returns the question and answers section; the server returns the question and answers with its response. Each question has with its response. Each question has Query Domain Query Domain NameName followed by followed by Query TypeQuery Type and and Query ClassQuery Class fields fields (as depicted in the next slides) (as depicted in the next slides)

ANSWER,AUTHORITY,ADDITIONAL INFORMATIONANSWER,AUTHORITY,ADDITIONAL INFORMATION sections consist of a set of resource records that sections consist of a set of resource records that describe domain names and mappings. Each resource describe domain names and mappings. Each resource record describes one name (as depicted in the next record describes one name (as depicted in the next slides)slides)

29

DNS protocol detailsDNS protocol details (contd.)(contd.)The QUESTION section format in the DNS The QUESTION section format in the DNS

messagemessage

The DOMAIN NAME has variable length.

Clients fill in the questions; servers return them along with the answers.

30

DNS protocol detailsDNS protocol details (contd.)(contd.)

The RESOURCE RECORD binary format The RESOURCE RECORD binary format returned by the DNS serversreturned by the DNS servers

31

DNS DNS Further readingFurther reading

InterNICInterNIC organization - organization - provides the public provides the public information regarding Internet information regarding Internet Domain NameDomain Name registration services. - http://www.internic.net registration services. - http://www.internic.net

ICANNICANN - responsible for the global coordination - responsible for the global coordination of the Internet's system of unique identifiers - of the Internet's system of unique identifiers - http://www.icann.org/ http://www.icann.org/

RFC1034, RFC1035, STD0013 - http://www.rfc-RFC1034, RFC1035, STD0013 - http://www.rfc-editor.org editor.org

BINDBIND (Berkeley Internet Name Domain) – the most (Berkeley Internet Name Domain) – the most popular implementation of the DNS software popular implementation of the DNS software -http://www.isc.org/index.pl?/sw/bind/ -http://www.isc.org/index.pl?/sw/bind/

Paul Albitz, Cricket Liu, “DNS and BIND”, 4Paul Albitz, Cricket Liu, “DNS and BIND”, 4thth edition, O’REILLY edition, O’REILLY

32

TELNET protocolTELNET protocol

TELNETTELNET (TELecommunication NETwork) was developed (TELecommunication NETwork) was developed in in 19691969 beginning with beginning with RFC 15RFC 15 and standardized as and standardized as IETFIETF STD 8STD 8, one of the first Internet standards., one of the first Internet standards.

TELNET clients have been available on most Unix TELNET clients have been available on most Unix systems for many years and are available for virtually systems for many years and are available for virtually all platforms. Most network equipment and OSs with a all platforms. Most network equipment and OSs with a TCP/IP stack support some kind of TELNET service TCP/IP stack support some kind of TELNET service server for their remote configuration (including ones server for their remote configuration (including ones based on MS Windows NT and later). based on MS Windows NT and later).

Because of security issues with TELNET, it use has Because of security issues with TELNET, it use has waned as it is replaced by the use of waned as it is replaced by the use of SSHSSH for remote for remote access.access.

33

TELNET protocol (2)TELNET protocol (2) Most often, a user will be telneting to a Unix-Most often, a user will be telneting to a Unix-

like server system or a simple network device like server system or a simple network device such as a switch. Once the connection is such as a switch. Once the connection is established, he would then log in with his established, he would then log in with his account information and execute operating account information and execute operating system commands remotely on that computer, system commands remotely on that computer, such as such as lsls or or cd cd etc.etc.

For testing and debugging purposesFor testing and debugging purposes: On many : On many systems, the client may also be used to make systems, the client may also be used to make interactive interactive raw-TCP sessionsraw-TCP sessions, even when that , even when that option is not available. The sessions are option is not available. The sessions are equivalent to equivalent to raw TCPraw TCP as long as as long as byte 255byte 255 never appears in the data.never appears in the data.

TELNET works on the well known TELNET works on the well known TCP port 23TCP port 23..

34

Electronic mailElectronic mail Before 1990, it was mostly used in Before 1990, it was mostly used in academic areaacademic area - universities and - universities and

research centers.research centers. During the 1990s, it became known to the public at large and grew During the 1990s, it became known to the public at large and grew

exponentially.exponentially.

The first e-mail systems simply consisted of text file transfer The first e-mail systems simply consisted of text file transfer protocols. As time went on, the limitations of this approach became protocols. As time went on, the limitations of this approach became more obvious.more obvious.

Some of the complaints were as follows:Some of the complaints were as follows:

– Sending a message to a group of people was inconvenient.Sending a message to a group of people was inconvenient.

– Messages had no defined internal structure.Messages had no defined internal structure.

– The sender never knew if a message arrived or not.The sender never knew if a message arrived or not.

– Lack of Lack of "I'm temporary away""I'm temporary away" management. management.

– Poor user interface.Poor user interface.

– It was not possible to create and send messages containing a mixture of It was not possible to create and send messages containing a mixture of text and binary data: drawings, photos, facsimile, and voice.text and binary data: drawings, photos, facsimile, and voice.

35

E-mail: Architectures and E-mail: Architectures and servicesservices Typically, e-mail systems support five basic Typically, e-mail systems support five basic

functions:functions:– CompositionComposition refers to the process of creating refers to the process of creating

messages and answers.messages and answers.– Transfer Transfer refers to moving messages from the refers to moving messages from the

originator to the recipient. The e-mail system should originator to the recipient. The e-mail system should do this automatically, without bothering the user.do this automatically, without bothering the user.

– ReportingReporting has to do with telling the originator what has to do with telling the originator what happened to the message. happened to the message.

– DisplayingDisplaying incoming messages is needed so people incoming messages is needed so people can read their e-mail. Sometimes conversion is can read their e-mail. Sometimes conversion is required or a special viewer must be invoked. required or a special viewer must be invoked.

– DispositionDisposition is the final step and concerns what the is the final step and concerns what the recipient does with the message after receiving it. recipient does with the message after receiving it. (Delete, Replay, Forward, Save ...)(Delete, Replay, Forward, Save ...)

36

Electronic MailElectronic MailThe User AgentThe User Agent

Paper mail e-mail

37

Reading E-mailReading E-mail

An example of mailbox

38

Message Formats – Message Formats – RFC 822RFC 822

39

MIME – Multipurpose Internet Mail MIME – Multipurpose Internet Mail ExtensionsExtensions

Problems with international languages:Problems with international languages: Languages with accents Languages with accents

(French, German).(French, German). Languages in non-Latin alphabets Languages in non-Latin alphabets

(Hebrew, Cyrillic ...).(Hebrew, Cyrillic ...). Languages without alphabets Languages without alphabets

(Chinese, Japanese).(Chinese, Japanese). Messages not containing text at all Messages not containing text at all

(audio or images).(audio or images).

The original e-mail was designedto transfer 7-bit text (ASCII) characters only, so ...

40

MIMEMIME

41

MIME – a multipart message MIME – a multipart message exampleexample

42

Message Transfer exampleMessage Transfer exampleusing SMTPusing SMTP

Transferring a message from Transferring a message from [email protected]@abc.com to to [email protected]@xyz.com.

43

Final e-mail deliveryFinal e-mail delivery

(a)(a) Sending and reading mail when the receiver has a Sending and reading mail when the receiver has a permanent Internet connection and the permanent Internet connection and the user agentuser agent runs on the same machine as the message runs on the same machine as the message transfer transfer agentagent. .

(b)(b) Reading e-mail when the receiver has a dial-up Reading e-mail when the receiver has a dial-up connection to an ISP.connection to an ISP.

44

Post Office Protocol (POP3)Post Office Protocol (POP3)

Using POP3 to fetch three messages.Using POP3 to fetch three messages.

45

Internet Message Access Internet Message Access ProtocolProtocol

(IMAP. (IMAP. TCP port 143TCP port 143))A comparison of A comparison of POP3POP3 and and IMAPIMAP..

The current version of IMAP is 4 revision 1 – RFC 3501

46

File Transfer Protocol (FTP)

• File Transfer Protocol (File Transfer Protocol (FTPFTP) is the standard ) is the standard mechanism provided by TCP/IP for copying of any kind mechanism provided by TCP/IP for copying of any kind of files from one host to another. of files from one host to another.

• Defined in Defined in RFC 959RFC 959 (1985). (1985).

• FTP uses the services of TCP. It needs FTP uses the services of TCP. It needs two TCP two TCP connectionsconnections..

• The well-known The well-known TCP port 21TCP port 21 is used for the is used for the control control connectionconnection and the well-known and the well-known port 20port 20 for the for the data data connectionconnection..

47

FTP operation

File transfer

48

FTP – the file transfer proccess

49

FTP – an example sessionFTP – an example session

50

FTP - access commands

51

FTP – file management commands

52

FTP – data formatting commands

Port definition commands

53

FTP – file transfer commands

54

FTP – Miscellaneous commands

55

FTP – Some responses

56

Trivial FTP Trivial FTP (TFTP)(TFTP)A very simple file transfer protocol, with the functionality of a very basic form of FTP. Defined in 1980.

TFTP uses UDP port 69 (not TCP!)

An example of TFTP usage for remote boot through BOOTP protocol in a LAN:

57

FTP pros and consFTP pros and cons AdvantagesAdvantages::

– Simple implementationSimple implementation– Universal applicationUniversal application– Wide used and standartizedWide used and standartized

Disadvantages:Disadvantages:– Clear text passwords, unencrypted data.Clear text passwords, unencrypted data.– Multiple TCP/IP connections are used = > Firewalls Multiple TCP/IP connections are used = > Firewalls

problems. problems. – Hard to filter active mode FTP traffic on the client side by Hard to filter active mode FTP traffic on the client side by

using a firewall. using a firewall. – It is possible to abuse the protocol's built-in proxy It is possible to abuse the protocol's built-in proxy

features to tell a server to send data to an arbitrary port features to tell a server to send data to an arbitrary port of a third computer; see FXP. of a third computer; see FXP.

– High latency. High latency. – No integrity check on the receiver side. No integrity check on the receiver side. – No date/timestamp attribute transfer.No date/timestamp attribute transfer.

58

WWorld orld WWide ide WWebeb Architectural OverviewArchitectural OverviewThe parts of the Web model.The parts of the Web model.

59

The Client SideThe Client Side

(a)(a) A browser plug-in. A browser plug-in. (b)(b) A helper application. A helper application.

60

The Server SideThe Server Side

A multithreaded Web server with a front A multithreaded Web server with a front end and processing modules.end and processing modules.

61

The Server Side (2)The Server Side (2)

A server farm.A server farm.

62

The Server Side (3)The Server Side (3)

(a)(a) Normal request-reply message sequence. Normal request-reply message sequence.

(b)(b) Sequence when TCP handoff is used. Sequence when TCP handoff is used.

63

Hypertext Transfer ProtocolHypertext Transfer Protocol ( (HTTPHTTP) is a ) is a communications protocol used to transfer or communications protocol used to transfer or convey information on intranets and the World convey information on intranets and the World Wide Web. Its original purpose was to provide a Wide Web. Its original purpose was to provide a way to publish and retrieve hypertext pages, way to publish and retrieve hypertext pages, mainly scientific paper. Created in mainly scientific paper. Created in CERNCERN, , Geneva.Geneva.

Development of HTTP was coordinated by the Development of HTTP was coordinated by the W3CW3C (World Wide Web Consortium) and the (World Wide Web Consortium) and the IETFIETF (Internet Engineering Task Force), culminating in (Internet Engineering Task Force), culminating in the publication of a series of RFCs, most notablythe publication of a series of RFCs, most notablyRFC 2616RFC 2616 (June 1999), which defines (June 1999), which defines HTTP/1.1HTTP/1.1, , the current version.the current version.

HTTPHTTP is a is a request/response protocolrequest/response protocol between between a client and a server. It works on the well known a client and a server. It works on the well known TCP port 80TCP port 80..

The World Wide Web - HTTPThe World Wide Web - HTTP

64

HTTP - methodsHTTP - methods

HTTP - responsesHTTP - responses

65

HTTP - Some Message HTTP - Some Message HeadersHeaders

66

Example HTTP usage in Example HTTP usage in a TELNET session: a TELNET session:

telnet www.ietf.org 80 >test.logtelnet www.ietf.org 80 >test.logGET /rfc.htmlGET /rfc.html

Connection closed by foreign host.Connection closed by foreign host.

Trying 2610:a0:c779:b::d1ad:35b4...Connected to www.ietf.org.Escape character is '^]'.<HTML><head><TITLE>IETF RFC Page</TITLE>

<SCRIPT LANGUAGE="JavaScript">function url() { var x = document.form1.number.value if (x.length == 1) {x = "000" + x } if (x.length == 2) {x = "00" + x } if (x.length == 3) {x = "0" + x } document.form1.action = "http://www.ietf.org/rfc/rfc" + x + ".txt" document.form1.submit}</SCRIPT>

</head>

<!-- begin new headers and page layout --><body text="#000000" bgcolor="#ffffff" ><center>...

test.log partial content

67

HTTP - CachingHTTP - Caching

Hierarchical caching with 3 proxies.Hierarchical caching with 3 proxies.

68

URLs – Uniform Resource URLs – Uniform Resource LocatersLocaters

Some common URLs.Some common URLs.

69

Statelessness and CookiesStatelessness and Cookies

Some examples:Some examples:

70

In 1980, physicist In 1980, physicist Tim Berners-LeeTim Berners-Lee, who , who was an independent contractor at was an independent contractor at CERNCERN, , proposed and prototyped proposed and prototyped ENQUIREENQUIRE, a , a hypertext system for CERN researchers to hypertext system for CERN researchers to use to share documents. In use to share documents. In 19891989, Berners-, Berners-Lee and CERN data systems engineer Lee and CERN data systems engineer Robert Cailliau each submitted separate Robert Cailliau each submitted separate proposals for an Internet-based hypertext proposals for an Internet-based hypertext system providing similar functionality. In system providing similar functionality. In 19901990, they collaborated on a joint proposal, , they collaborated on a joint proposal, the the World Wide Web (W3)World Wide Web (W3) project, which project, which was accepted by CERN.was accepted by CERN.

HTML – HyperText Markup HTML – HyperText Markup LanguageLanguage

71

HTML (2)HTML (2) July, 1993July, 1993: a draft by IETF (that is: not a standard – yet).: a draft by IETF (that is: not a standard – yet).

November, 1995November, 1995: HTML 2.0 published as IETF RFC 1866, supplemented by RFC 1867: HTML 2.0 published as IETF RFC 1866, supplemented by RFC 1867 RFC 1942 (tables) in RFC 1942 (tables) in May 1996May 1996, , RFC 1980 (client-side image maps) in RFC 1980 (client-side image maps) in August 1996August 1996, and , and RFC 2070 (internationalization) in RFC 2070 (internationalization) in January 1997January 1997; ;

An HTML 3.0 standard was proposed inAn HTML 3.0 standard was proposed in April 1995. April 1995. January 14, 1997January 14, 1997: HTML 3.2, published as a W3C Recommendation.: HTML 3.2, published as a W3C Recommendation.

HTML 3.2 was never submitted to the IETFHTML 3.2 was never submitted to the IETF

December 18, 1997December 18, 1997: HTML 4.0, published as a W3C Recommendation. It offers three : HTML 4.0, published as a W3C Recommendation. It offers three "flavors""flavors"::– StrictStrict, in which deprecated elements are forbidden, , in which deprecated elements are forbidden, – TransitionalTransitional, in which deprecated elements are allowed, , in which deprecated elements are allowed, – FramesetFrameset, in which mostly only frame related elements are allowed; , in which mostly only frame related elements are allowed;

April 24, 1998April 24, 1998: HTML 4.0 was reissued with minor edits without incrementing the version : HTML 4.0 was reissued with minor edits without incrementing the version number.number.

December 24, 1999December 24, 1999: HTML 4.01, published as a W3C Recommendation. It offers the same three : HTML 4.01, published as a W3C Recommendation. It offers the same three flavors as HTML 4.0, and its last errata was published flavors as HTML 4.0, and its last errata was published May 12, 2001May 12, 2001..

HTML 4.01 and ISO/IEC 15445:2000 are the most recent and final versions of HTMLHTML 4.01 and ISO/IEC 15445:2000 are the most recent and final versions of HTML ..

May 15, 2000May 15, 2000: ISO/IEC 15445:2000 ("ISO HTML", based on HTML 4.01 Strict), published as an : ISO/IEC 15445:2000 ("ISO HTML", based on HTML 4.01 Strict), published as an ISO/IEC international standardISO/IEC international standard..

HTML 5HTML 5 is still an Editor’s Draft, and is still an Editor’s Draft, and not endorsednot endorsed by by W3CW3C yet. yet.

72

HTML (3)HTML (3)

(a)(a) The HTML for a sample page. The HTML for a sample page. (b)(b) The formatted page. The formatted page.

(b)

73

HTML (3)HTML (3)

A selection of common HTML A selection of common HTML tagstags. some can . some can have additional parameters (attributes).have additional parameters (attributes).

74

HTML TablesHTML Tables

(a)(a) An HTML table. An HTML table.

(b)(b) A possible A possible rendition of this rendition of this table.table.

75

HTML FormsHTML Forms(a) The HTML for an order (a) The HTML for an order

form.form.

(b) The formatted page.(b) The formatted page.

76

HTML Forms (2)HTML Forms (2)

A possible response from the browser to A possible response from the browser to the server with information filled in by the server with information filled in by the user.the user.

77

XML and XSLXML and XSLeeXXtensible tensible MMarkuparkup L Languageanguage

A simple Web page in XML.A simple Web page in XML.

78

A style sheet in XSL.A style sheet in XSL.

XML and XSLXML and XSLeeXXtensible tensible SStylesheet tylesheet LLanguageanguage

79

Dynamic Web DocumentsDynamic Web Documents

Steps in processing the information from an HTML form.Steps in processing the information from an HTML form.

80

Dynamic Web Documents Dynamic Web Documents (2)(2)

A sample HTML page with embedded A sample HTML page with embedded PHPPHP script. script.

81

““Web Services”Web Services” The The W3CW3C defines a defines a Web ServiceWeb Service as as

“A software system designed to support “A software system designed to support interoperable Machine to Machine interaction over interoperable Machine to Machine interaction over a network.“a network.“Web services are frequently just Web Web services are frequently just Web APIAPIs that can be s that can be accessed over a network, such as the Internet, and accessed over a network, such as the Internet, and executed on a remote system hosting the requested executed on a remote system hosting the requested services.services.

The The W3CW3C Web Service definition encompasses many Web Service definition encompasses many different systems, but in common usage the term refers different systems, but in common usage the term refers to clients and servers that communicate using to clients and servers that communicate using XML XML messagesmessages that follow the that follow the SOAPSOAP (Simple Object Access (Simple Object Access Protocol)Protocol) standard. Common in both the field and the standard. Common in both the field and the terminology is the assumption that there is also a terminology is the assumption that there is also a machine readable description of the operationsmachine readable description of the operations supported by the server written in the supported by the server written in the Web Services Web Services Description Language (Description Language (WSDLWSDL)). The latter is not a . The latter is not a requirement of a SOAP endpoint, but it is a prerequisite requirement of a SOAP endpoint, but it is a prerequisite for automated client-side code generation in the for automated client-side code generation in the mainstream mainstream JavaJava, , .NET.NET SOAP etc. frameworks. SOAP etc. frameworks.

82

Network News Transfer Network News Transfer ProtocolProtocol(NNTP)(NNTP) An Internet application protocol used An Internet application protocol used

primarily for reading and posting primarily for reading and posting UsenetUsenet articles (aka netnews or simply: news), as articles (aka netnews or simply: news), as well as transferring news among well as transferring news among news news serversservers..

Created by Brian Kantor of the University of Created by Brian Kantor of the University of California, San Diego.California, San Diego.

Phil Lapsley of the University of California, Phil Lapsley of the University of California, Berkeley completed Berkeley completed RFC 977RFC 977 (1986). (1986).

Originally designed around the Originally designed around the UUCPUUCP (Unix (Unix to Unix CoPy) network, with most article to Unix CoPy) network, with most article transfers taking place over direct computer-transfers taking place over direct computer-to-computer telephone links. to-computer telephone links.

83

NNTP (2)NNTP (2) Because networked Internet-compatible Because networked Internet-compatible

filesystems were not yet widely available, filesystems were not yet widely available, it was decided to develop a new it was decided to develop a new texttext protocol that resembled protocol that resembled SMTPSMTP, but was , but was tailored for reading newsgroups.tailored for reading newsgroups.

The well-known The well-known TCP port 119TCP port 119 is reserved is reserved for NNTP. for NNTP. TCP port 563TCP port 563 is used for is used for connectiong through connectiong through SSLSSL (a.k.a. (a.k.a. NNTPS)NNTPS)..

IETFIETF released released RFC 3977RFC 3977 in Oct 2006, in Oct 2006, which updates the NNTP protocol.which updates the NNTP protocol.

The The IMAPIMAP protocol can also be used for protocol can also be used for reading newsgroups.reading newsgroups.

84

An e-mail client as a News An e-mail client as a News readerreader

Public News servers: http://www.dmoz.org/Computers/Usenet/Public_News_Servers

85

Simple Network Management Simple Network Management ProtocolProtocol(SNMP)(SNMP)

Application layer protocol within the OSI Application layer protocol within the OSI model. It uses model. It uses UDPUDP as transport. as transport.

““The protocol that specifies how a The protocol that specifies how a network management station network management station communicates with communicates with agent softwareagent software in in remote devices such as routers. SNMP remote devices such as routers. SNMP defines the format of messages and their defines the format of messages and their meaning.” meaning.”

- - Computer Networks and Computer Networks and InternetsInternets by Douglas E. Comer. by Douglas E. Comer.

86

SNMP – some historySNMP – some history Size and number of networks required a Size and number of networks required a

standard protocol in order to communicate standard protocol in order to communicate with devices on the network.with devices on the network.

1970’s1970’s - - SNMPv1SNMPv1, the first network , the first network management protocol.management protocol.– Originally designed as a Originally designed as a “quick-fix”“quick-fix” . .

19881988 - - SNMPv2SNMPv2 standard designed. standard designed.

20042004 – – SNMPv3SNMPv3, the current version, the current version– RFC 3411 – RFC 3418RFC 3411 – RFC 3418 (also known as (also known as STD0062STD0062).).

87

Exchanges network information through Exchanges network information through PDUPDU’s.’s. Part of the Internet Network Management Part of the Internet Network Management

ArchitectureArchitecture

Internet Management ModelInternet Management Model– Network elementsNetwork elements– AgentsAgents– Managed objectsManaged objects– MIB’s MIB’s (Management Information Bases)(Management Information Bases)

– Syntax notationSyntax notation– SMI SMI (Structure of Management Info)(Structure of Management Info)

– NMS NMS (Network-management systems)(Network-management systems)

– PartiesParties– Management protocolsManagement protocols

SNMP TechnologySNMP Technology

Agent Agent Agent

MIB MIB MIB

NetworkManagementApplication

User Interface

SNMPSNMPSNMP

Managed Device Managed DeviceManaged Device

NMS

88

SNMP OperationsSNMP Operations SNMPSNMP is a simple is a simple “request/response”“request/response”

protocol which uses six operations:protocol which uses six operations:

– GetGet– GetNextGetNext– GetBulkGetBulk– SetSet– TrapTrap– InformInform

89

SNMP v1 Packet FormatSNMP v1 Packet Format SNMP v1SNMP v1 packets contain two parts: packets contain two parts:

– First part contains version and First part contains version and community namecommunity name..– Second part contains Second part contains PDUPDU..

Version Community SNMP PDU

PDUType

Request ID

ErrorStatus

ErrorIndex

Object 1,Value 1

Object 2,Value 2

Object X,Value X ...

90

SNMP v2 Packet FormatSNMP v2 Packet Format Like SNMP v1, Like SNMP v1, SNMP v2SNMP v2 contain two parts: contain two parts:

– First part is called a First part is called a wrapperwrapper which contains which contains authentication, privacy information and a context.authentication, privacy information and a context.

– Second contains a Second contains a PDUPDU with similarities to SNMP v1. with similarities to SNMP v1.

Wrapper SNMP PDU

PDUType

Request ID

ErrorStatus

ErrorIndex

Object 1,Value 1

Object X,Value X ...

OR OR

91

SNMP v1 and v2SNMP v1 and v2Advantages and Advantages and DisadvantagesDisadvantages

AdvantagesAdvantages– Simple design.Simple design.– Easy Easy

implementationimplementation– Wide spread usage.Wide spread usage.– Expandability.Expandability.

DisadvantagesDisadvantages– Security holes.Security holes.– Old technology.Old technology.

92

The new SNMP v3The new SNMP v3 Structure, components and architecture similar to Structure, components and architecture similar to v1v1

and and v2v2..

New features include:New features include:– Authentication and privacy.Authentication and privacy.– Authorization and access control.Authorization and access control.– Naming of entities.Naming of entities.– People and policies.People and policies.– Usernames and key management.Usernames and key management.– Notification destinations.Notification destinations.– Remotely configurable via SNMP operations.Remotely configurable via SNMP operations.

http://www.ietf.org/html.charters/snmpv3-charter.htmlhttp://www.ietf.org/html.charters/snmpv3-charter.html

93

SNMP ConclusionSNMP Conclusion The goals: The goals: Integrated network management, Integrated network management,

Interoperability, Standards.Interoperability, Standards.

Network management applications based on SNMP Network management applications based on SNMP rely on the standards based TCP/IP protocol to rely on the standards based TCP/IP protocol to effectively oversee effectively oversee large heterogeneous large heterogeneous networksnetworks..

SNMP sits on the application layer and uses UDP SNMP sits on the application layer and uses UDP protocol to communicate with each network device.protocol to communicate with each network device.

SNMP is essential in order to effectively SNMP is essential in order to effectively maintain today’s large networks.maintain today’s large networks.

94

NTP - IntroductionNTP - Introduction Network Time ProtocolNetwork Time Protocol (NTP) synchronizes clocks of (NTP) synchronizes clocks of

hosts and routers in the Internet.hosts and routers in the Internet.

NTPNTP provides nominal accuracies of low tens of provides nominal accuracies of low tens of milliseconds on WANs, submilliseconds on LANs, and milliseconds on WANs, submilliseconds on LANs, and submicroseconds using a precision time source such as submicroseconds using a precision time source such as a cesium oscillator or GPS receiver.a cesium oscillator or GPS receiver.

NTP software has been ported to almost every NTP software has been ported to almost every workstation and server platform available today - from workstation and server platform available today - from PCs to Crays - Unix, Windows, VMS and embedded PCs to Crays - Unix, Windows, VMS and embedded systems, even home routers and battery backup systems, even home routers and battery backup systems.systems.

The NTP architecture, protocol and algorithms have The NTP architecture, protocol and algorithms have been evolved over the last two decades to the latest been evolved over the last two decades to the latest NTP Version 4NTP Version 4 software distributions. software distributions.

95

Needs for precision timeNeeds for precision time Distributed database transaction journalling and loggingDistributed database transaction journalling and logging Stock market buy and sell ordersStock market buy and sell orders Secure document timestamps (with cryptographic Secure document timestamps (with cryptographic

certification)certification) Aviation traffic control and position reportingAviation traffic control and position reporting Radio and TV programming launch and monitoringRadio and TV programming launch and monitoring Intruder detection, location and reportingIntruder detection, location and reporting Multimedia synchronization for real-time teleconferencingMultimedia synchronization for real-time teleconferencing Interactive simulation event synchronization and orderingInteractive simulation event synchronization and ordering Network monitoring, measurement and controlNetwork monitoring, measurement and control Early detection of failing network infrastructure devices and Early detection of failing network infrastructure devices and

air conditioning equipmentair conditioning equipment Differentiated services traffic engineeringDifferentiated services traffic engineering Distributed network gaming and trainingDistributed network gaming and training ... and ... and Grid computingGrid computing

96

NTP summaryNTP summary Primary (stratum 1)Primary (stratum 1) servers synchronize to national servers synchronize to national

time standards via radio, satellite and modem.time standards via radio, satellite and modem. Secondary (stratum 2, ...)Secondary (stratum 2, ...) servers and clients servers and clients

synchronize to primary servers via hierarchical synchronize to primary servers via hierarchical subnet.subnet.

Clients and serversClients and servers operate in master/slave, operate in master/slave, symmetric and multicast modes with or without symmetric and multicast modes with or without cryptographic authentication.cryptographic authentication.

Reliability assured by Reliability assured by redundant serversredundant servers and and diverse network paths.diverse network paths.

Engineered algorithms reduce jitter, mitigate multiple Engineered algorithms reduce jitter, mitigate multiple sources and avoid improperly operating servers.sources and avoid improperly operating servers.

The system clock is disciplined in time and frequency The system clock is disciplined in time and frequency using an adaptive algorithm responsive to network using an adaptive algorithm responsive to network time jitter and clock oscillator frequency wander.time jitter and clock oscillator frequency wander.

97

NTP Messages

NTP architecture overviewNTP architecture overview

Multiple servers/peers provide Multiple servers/peers provide redundancyredundancy and diversity. and diversity. Clock filtersClock filters select best from a window of eight time offset select best from a window of eight time offset

samples.samples. Intersection and clustering algorithms pick best Intersection and clustering algorithms pick best

truechimerstruechimers and discard and discard falsetickersfalsetickers.. Combining algorithm computes weighted average of time Combining algorithm computes weighted average of time

offsets.offsets. Loop filter and variable frequency oscillator (VFO) Loop filter and variable frequency oscillator (VFO)

implement hybrid phase/frequency-lock (P/F) feedback loop implement hybrid phase/frequency-lock (P/F) feedback loop to minimize jitter and wander.to minimize jitter and wander.

Peer 1

Peer 2

Filter 1

Peer 3

Filter 2

Filter 3

Selectionand

ClusteringAlgorithms

CombiningAlgorithm

Loop Filter

VFOTimestamps

Clock DisciplineAlgorithm

P/F-Lock Loop

98

NTP subnet configurationsNTP subnet configurations

(a) (a) WorkstationsWorkstations use multicast mode with multiple department use multicast mode with multiple department servers.servers.

(b) (b) Department serversDepartment servers use client/server modes with multiple use client/server modes with multiple campus servers and symmetric modes with each other.campus servers and symmetric modes with each other.

(c) (c) Campus serversCampus servers use client/server modes with up to six use client/server modes with up to six different external primary servers and symmetric modes with different external primary servers and symmetric modes with each other and external each other and external secondarysecondary (buddy) servers. (buddy) servers.

S3 S3 S3 S2 S2 S2 S2

S4 S3 S3* *

Workstation(a)

S1 S1 S1 S1

S2* *

S1 S1

*

* to buddy (S2)

S2 S2

Clients(c)

Clients(b)

99

NTP - Goals and non-goalsNTP - Goals and non-goals GoalsGoals

– Provide the best accuracy under prevailing network and server Provide the best accuracy under prevailing network and server conditions.conditions.

– Resist many and varied kinds of failures, including two-face, fail-stop, Resist many and varied kinds of failures, including two-face, fail-stop, malicious attacks and implementation bugs.malicious attacks and implementation bugs.

– Maximize utilization of Internet diversity and redundancy.Maximize utilization of Internet diversity and redundancy.– Automatically organize subnet topology for best accuracy and Automatically organize subnet topology for best accuracy and

reliability.reliability.– Self contained cryptographic authentication based on both symmetric Self contained cryptographic authentication based on both symmetric

key and public key infrastructures and independent of external key and public key infrastructures and independent of external services.services.

Non-goalsNon-goals– Local time – this is provided by the operating system.Local time – this is provided by the operating system.– Access control - this is provided by firewalls and address filtering.Access control - this is provided by firewalls and address filtering.– Privacy - all protocol values, including time values, are public.Privacy - all protocol values, including time values, are public.– Non-repudiation - this can be provided by a layered protocol if Non-repudiation - this can be provided by a layered protocol if

necessary.necessary.– Conversion of NTP timestamps to and from other time Conversion of NTP timestamps to and from other time

representations and formats.representations and formats.

100

NTP Version 4NTP Version 4 Current Current NTP v3NTP v3 has been in use since 1992, with nominal has been in use since 1992, with nominal

accuracy in the low accuracy in the low millisecondsmilliseconds.. Modern workstations and networks are much faster today, Modern workstations and networks are much faster today,

with attainable accuracy in the low with attainable accuracy in the low microsecondsmicroseconds.. NTP v4NTP v4 architecture, protocol and algorithms have been architecture, protocol and algorithms have been

evolved to achieve this degree of accuracy.evolved to achieve this degree of accuracy.– Improved clock models which accurately predict the time and Improved clock models which accurately predict the time and

frequency adjustment for each synchronization source and network frequency adjustment for each synchronization source and network path.path.

– Engineered algorithms reduce the impact of network jitter and Engineered algorithms reduce the impact of network jitter and oscillator wander while speeding up initial convergence.oscillator wander while speeding up initial convergence.

– Redesigned clock discipline algorithm operates in frequency-lock, Redesigned clock discipline algorithm operates in frequency-lock, phase-lock and hybrid modes.phase-lock and hybrid modes.

The improvements, confirmed by simulation, improve The improvements, confirmed by simulation, improve accuracy by about accuracy by about a factor of tena factor of ten, while allowing , while allowing operation at much longer poll intervals without significant operation at much longer poll intervals without significant reduction in accuracy.reduction in accuracy.

101

NTP v4 Autonomous System NTP v4 Autonomous System modelmodel

Fire-and-forget softwareFire-and-forget software– Single software distribution can be compiled and installed Single software distribution can be compiled and installed

automatically on most host architectures and operating systems.automatically on most host architectures and operating systems.– Run-time configuration can be automatically determined and Run-time configuration can be automatically determined and

maintained in response to changing network topology and server maintained in response to changing network topology and server availability.availability.

Optional autonomous configurationOptional autonomous configuration ( (AutoconfigureAutoconfigure))– Multicast survey nearby network environment to construct a list of Multicast survey nearby network environment to construct a list of

suitable servers.suitable servers.– Select best servers from among the list using a defined metric.Select best servers from among the list using a defined metric.– Reconfigure the subnet for best accuracy with overhead constraints.Reconfigure the subnet for best accuracy with overhead constraints.– Periodically refresh the list in order to adapt to changing topology.Periodically refresh the list in order to adapt to changing topology.

Optional autonomous authenticationOptional autonomous authentication ( (AutokeyAutokey))– For each new server found, fetch and verify its cryptographic For each new server found, fetch and verify its cryptographic

credentials.credentials.– Authenticate each message received using engineered protocol.Authenticate each message received using engineered protocol.– Regenerate keys in a timely manner to resist compromise.Regenerate keys in a timely manner to resist compromise.

102

An example of a busy NTP An example of a busy NTP serverserver

NTP primary (stratum 1) server rackety is a server supporting 734 clients all over the world.

This machine supports NFS, NTP, RIP, IGMP and a mess of printers, radio clocks and an 8-port serial multiplexor

The mean input packet rate is 6.4 packets/sec, which corresponds to a mean poll interval of 157 seconds for each client

Each input packet generates an average of 0.64 output packets and requires a total of 2.4 ms of CPU time for the input/output transaction

In total, the NTP service requires 1.54% of the available CPU time and generates 10.5, 608-bit packets per second, or 0.41% of a T1 line

The conclusion is that even a slow machine can support substantial numbers of clients with no significant degradation on other network services.

103

Precision timekeeping equipmentPrecision timekeeping equipment(prior to 2000)(prior to 2000)

Austron 2200A GPS Receiver

Austron 2000 LORAN-C Receiver

Spectracom 8170 WWVB Reciver

Hewlett Packard 5061A Cesium BeamFrequency Standard

NTP primary time server rackety

104

Squeezing the nanosecondsSqueezing the nanoseconds

This shows the residual error measured between the This shows the residual error measured between the Austron Austron 2201 GPS2201 GPS receiver and the receiver and the HP 5061A cesium clockHP 5061A cesium clock

The GPS receiver is stabilized using the The GPS receiver is stabilized using the LORAN-C receiverLORAN-C receiver, , which improves its accuracy to which improves its accuracy to about 50 nsabout 50 ns, in spite of the , in spite of the intentional degradation introduced in the GPS signal available intentional degradation introduced in the GPS signal available to the publicto the public

105

NTP resourcesNTP resources NTPNTP home: home: http://www.ntp.orghttp://www.ntp.org NTP v3NTP v3 Specification Specification RFC 1305RFC 1305 Simple NTPSimple NTP (SNTP) v4 specification (SNTP) v4 specification RFC 2030RFC 2030

– Applicable to IPv4, Applicable to IPv4, IPv6IPv6 and ISO CNLS and ISO CNLS

List of public NTP time servers (as of Dec 2007)List of public NTP time servers (as of Dec 2007)– 177177 active primary ( active primary (stratum 1stratum 1) servers) servers– 278278 active active stratum 2stratum 2 servers servers

pool.ntp.orgpool.ntp.org – A a big virtual cluster of timeservers striving to – A a big virtual cluster of timeservers striving to provide reliable easy to use NTP service for millions ofclients provide reliable easy to use NTP service for millions ofclients without putting a strainwithout putting a strain on the big popular timeservers. on the big popular timeservers.

106

Miscellaneous Application Miscellaneous Application ProtocolsProtocols

Remote Procedure CallRemote Procedure Call (RPC)(RPC) is a technology is a technology that allows a computer program to cause a that allows a computer program to cause a subroutine or procedure to execute in another subroutine or procedure to execute in another address space (commonly on another computer address space (commonly on another computer on a shared network) without the programmer on a shared network) without the programmer explicitly coding the details for this remote explicitly coding the details for this remote interactioninteraction. RPC may be referred to as remote . RPC may be referred to as remote invocation or invocation or remote method invocation remote method invocation (RMI)(RMI)..

Strictly said: Strictly said: RPCRPC is a part of the OSI is a part of the OSI Session Session layerlayer..

Many different (!) implementations of Many different (!) implementations of RPCRPC: ONC : ONC RPC, DCE/RPC, MSRPC etc.RPC, DCE/RPC, MSRPC etc.

107

Miscellaneous Application Protocols Miscellaneous Application Protocols (2)(2)

Network File System (Network File System (NFSNFS) – a protocol ) – a protocol for sharing files and directories for access for sharing files and directories for access over a network. It is based on over a network. It is based on RPCRPC. . Developed by Sun Microsystems, 1984. Developed by Sun Microsystems, 1984. The current version is The current version is 44 ( (RFC 3530RFC 3530))

Common features:Common features:– Several security mechanismsSeveral security mechanisms– the COMPOUND procedurethe COMPOUND procedure– Filesystem Replication and Migration Filesystem Replication and Migration – File OPEN and CLOSE (File OPEN and CLOSE (netnet)operations)operations– File lockingFile locking– Client Caching and Delegation Client Caching and Delegation