CS/네트워크

[TCP/IP] Application Layer - CS Model

tjdms4327 2024. 11. 11. 13:07

CS(Client-Server) Architectures

  • server
    • always-on host
    • permanent IP address
    • data centers for scaling
  • client
    • communicate with server     <- not directly with each other
    • dynamic IP addresses
    • may be intermittently connected

 

 

HTTP(Hyper Text Transfer Protocol)

  • URL(Uniform Resource Locator) <- host name + path name
  • HTTP
    • Web's application layer protocol
    • client(browser)-server(Web server) model
    • stateless (forgetful)
    • runs on TCP with port 80
    • RTT(Round Trip Time): time for small packet to travel form client to server and back

  • non-persistent HTTP
    • one object sent over single TCP connection
    • in HTTP/1.0
    • time to get and object for non-persistent HTTP: 2RTT + file transmission time

  • persistent HTTP
    • muliple objects can be sent over single TCP connection between client and server
    • default for HTTP/1.1 and HTTP/2.0
    • pros
      • lower CPU & memory usages
      • fewer RTT
      • less congestion
    • cons
      • client can close the connection after all data received => server keeps the connecion open and unavailable for other clients

 

HTTP Performance Improvements

  • Cookie
    • Client-Server Interaction
    • a small piece of data
    • to record the user's browsing activity on user's host
    • back-end database at Website
  • Proxy Server (Web caching)
    • goal: satisfy client request without involving origin server
    • have its own disk storage to keep copies from origin server
    • act as both a server and a client
      • server: when it has copies
      • client: when it requests objects to origin server
    • why proxy server?
      • reduce response time for clien request
      • reduce traffic on an istitution's access link
      • Internet dense with caches
      • enables "poor" content providers to effectively deliver content
  • conditional GET
    • goal: do not send object if cache has up-to-date cached version
      • no object transmission delay
      • lower link utilization

 

Security Concerns on HTTP

  • Privacy: written in ordinary ASCII text -> anyone can see content of HTTP messages
  • Integrity: no encryptin in HTTP -> inseure (the middle attack and eavesdropping)
  • Authentication: not clear who you are talking with -> messages can be intercepted by malicious users

HTTPS(HTTP Secure)

  • sublayer between HTTP and TCP is embedded
  • TLS handshake
    • before exchanging data over TLS
    • the encrypted tunnel is configured
    • then encrypted data are exchanged
  • encrypts an HTTP message prior to transmission and decrypts a message upon arrival
  • 3RTTs before HTTP message exchange (1RTT for TCP connection -> 2 RTT for TLS 1.2 connection)
  • default port 443

 

 

E-Mail 

  • Three major components of E-Mail
    • mail servers
      • provide each mail usere with a mail account, mailbox(contains incoming message)
      • manage message queues (for outgoing mail messages to other servers)
    • user agents
      • a tool to compose, edit, read and send mail messages
      • caches outgoing and incoming messges on local storage
    • protocols
      • to send email messages
        • SMTP     #between a user agent and a mail server, and  servers
      • mail access     #from mail server to user(UA)
        • POP
        • IMAP
        • HTTP
    • Example Scenario 
      • Alice uses UA to compose message “to” bob@mmcn.com
      • Alice’s UA sends message to her mail server using SMTP
      • Message is placed in message queue at Alice’s mail server
      • Alice’s mail server opens TCP connection with Bob’s mail server
      • Alice’s mail server sends the message to Bob’s mail server over the TCP connection using SMTP
      • Bob’s mail server places the message in Bob’s mailbox
      • Bob invokes his user agent to read message using mail access protocol (POP3, IMAP,
        HTTP, …)

 

SMTP (Simple Mail Transfer Protocol)

  • Basic Features
    • direct transfer => push
    • three phases of transfer
      • handshaking (greeting)
      • transfer of messges
      • closure
    • messges in 7-bit ASCII code
    • TCP with port 25
    • persistent connections
  • Two major sections: Header + Body

 

POP(Post Office Protocol)

  • POP3(Post Office Protocol-Version 3)
    • belongs on the application layer with same side of SMTP
    • TCP with port 110
    • stateless across sessions
    • user agent and POP3 server are not synchronized
  • POP3 Phases
    • authorization phase
      • client commands
      • server responses
    • transaction phase
    • termination phase

 

IMAP(Internet Mail Access Protocol)

  • all messages are kept at server
  • messges stored on the server can be manipulated by user
  • user state is maintained across sessions
  • user agent and mail server are synchronized

 

 

DNS(Domain Name System)

  • DNS(Domain Name System)
    • RFC 1034 and RFC 1035
    • runs over UDP with port 53
    • basically, used to resolve host names to IP addresses, and other resolution services
    • TTL(Time to Live)
      • cached entries are discarded after given TTL
      • P) if name host changes IP address, may not be known Internet-wide util all TTLs expire   => S) update/notify mechanisms
    • RRs(Resource Records) format: (name, value, type, ttl)
      • type=A => name: hostname, valuer: IP address
      • type=MX => name: @mailserver, valuer: name of mail server
      • type=CNAME => name: alias name, value: canonical name
      • type=NS => name: domain, value: hostname of authoritative name server
    • DNS message types

  • Classes of DNS servers    # a distributed, hierarchical database 
    • Official three classes
      • Root DNS servers
        • contacted by local namer server that can not resolve name
        • incredibly important <- Internet couldn't function without it!
      • Top-level Domain(TLD) servers
        • responsible for top-level domains
          • generic domains
          • country domains
        • Each TLD server is maintained by a company or an organization
      • Authoritative DNS servers
        • organization's own DNS servers
        • providing authoritative hostname to IP mappings for organization's named hosts
        • can be maintained by organization or service provider
    • Local DNS name servers
      • do not strictly belong to hierarchy
      • acts as a proxy, forwards query into hierarchy
      • each ISP has its own local DNS server(default namer server)
      • When host makes DNS query, query is sent to its local DNS server
    • Why not centralize DNS?
      • single point of failure
      • traffic volume
      • distant centralized database
      • maintenance
  • Name Resolution mechanism     #the type of query is determined by a bit in the DNS query
    • Recursive queries (by default)
    • Iterative (non-recursive) queries

 

DNS Attacking

  • DDos attacks
    • Bombard root servers with traffic
      • not successful to date
      • traffic filtering
      • local DNS servers cache IPs of TLD servers, allowing root server bypass
    • Bombard TLD servers <- potentially more dangerous
  • Redirect attacks
    • Man-in-middle <- intercept queries
    • DNS poisoning <- send bogus relies to DNS server, which caches
  • Exploit DNS for DDos
    • send queries with spoofed source address: target IP
    • requires amplification

 

 

FTP(File Transfer Protocol)

  • old file transfer protocol     #http: recent major file transfer protocol
  • runs on TCP 
  • OOB(out-ot-band)
    • port 21 for control
    • port 20 for data connections
  • authentication control: login and password

 

 

QUIC(Quick UDP Internet Connections)

  • goal: improve performance for HTTPs traffic and make streaming better and faster
  •  runs over UDP
  • security equivalent to TLS
  • multiplexing and flow control equivalent to HTTP/2
  • connecion semantics, Reliability and Congestion control equivalent to TCP
  • connection migration
  • FEC(forward error correction)

 

저작자표시 비영리 변경금지 (새창열림)