Computer Networks

Iulian ILIE-NEMEDI
inemedi@ie.ase.ro
 Evaluation

• Laboratories:
– Test: TCP server for a given protocol (1 point).
– Project: TCP or RMI client-server application for a
given functionality (2 points).
• Exam:
– Closed questions (5 points).
– Exercises (2 points).
• Extra:
– Lecture on computer networks for Cloud (1 point).
 References

• Andrew TANENBAUM
– Computer Networks, 5th edition

• http://nemedi.ase.ro
OSI and TCP/IP Model
Objectives
• Discuss the OSI model and its layer
architecture and show the interface
between the layers.
• Briefly discuss the functions of each
layer in the OSI model.
• Introduce the TCP/IP protocol.
• Show the functionality of each layer in
the TCP/IP Model.
• Similarities and comparison between
OSI and TCP/IP Model.
 Network Model

• A method of describing and analyzing data

communication networks by breaking the entire
set of communication process into a number of
layers.

• Each layer has a specific function.

• The model facilitates communication between

clients and servers.
 The OSI Model

• International standard organization (ISO)

established a committee in 1977 to develop an
architecture for systems communication.

• Open System Interconnection (OSI) reference

model is the result of this effort.

• This model allows any two different systems to

communicate regardless of their underlying
architecture.
 The OSI Model

• The OSI model describes how data flows from one

computer, through a network to another computer.

• The OSI model is not a protocol; it is a model for

understanding and designing a network
architecture that is flexible and robust.

• The OSI model consists of seven separate but

related layers, each of which defines a part of the
process of moving information across a network.
Layers of the OSI Model
 Why So Many Layers?

• To reduce the complexity, networks are organized

as a stack of layers, one below the other.

• Each layer performs a specific task; it provides

services to an adjacent layer.
OSI Layers
 OSI Layers

• Layers 1,2, 3- physical, data link and network are

network support layers.

• Layer 4, the transport layer, links the two

subgroups.

• Layers 5,6,7- session, presentation, and application

are user support layers.
Exchange Using OSI Model
 Physical Layer

• Physical layer is the bottom(layer 1) of OSI model.

• It is responsible for the actual physical connection

between the devices.

• The physical layer is responsible for movements of

individual bits from one node to next.
Physical Layer
 Functions of Physical Layer

• Convert bits to signals

• Bit synchronization
• Manage physical connection
• Bit rate control
• Line configuration
• Physical topology
• Transmission mode
• Multiplexing
• Switching
 Data Link Layer

• The data link layer is responsible for moving frames

from one node to the next.
 Functions of Data Link Layer
• Framing: divides the data from network layer into frames.
• Physical Addressing: add a header to the frame to define
the physical address of the source and the destination
machines.
• Flow Control: it is the traffic regulatory mechanism
implemented by Data Link layer that prevents the fast
sender from drowning the slow receiver.
• Error Control: it provides the mechanism of error control in
which it detects and retransmits damaged or lost frames.
• Feedback: after transmitting the frames, the system waits
for the feedback.
Network Layer
 Functions of Network Layer

• It is responsible for the source to destination

delivery of a packets across multiple networks.

• Routing: provide mechanism to transmit data over

independent networks that are linked together.

• Logical Addressing: adds logical addresses of

sender and receiver.
 Transport Layer

• It is responsible for source process to destination

process delivery of entire message.
 Transport Layer

• Transport layer provides two types of services:

– Connection Oriented Transmission: in this type

of transmission the receiving device sends an
acknowledgment back to the source after a
packet or group of packet is received.

– Connectionless Transmission: in this type of

transmission the receiver does not acknowledge
receipt of a packet.
 Functions of Transport Layer
• Segmentation and Reassembly: divide the message
received from Session layer into segments and number
them to make a sequence for reassembly at the receiving
side.
• Service Point Addressing: transport layer makes sure that
the message is delivered to the correct process on
destination machine.
• Error Control: make sure that the entire message arrives
without errors else retransmit.
• Flow Control: transport layer makes sure that the sender
and the receiver communicate at a rate they both can
handle.
 Session Layer

• It is responsible for beginning, maintaining and ending the

communication between two devices, which is called
session.
 Functions of Session Layer

• Establishment, maintaining and ending a session:

– Sends SYN packet – establish request
– Receives ACK and SYN- established
– To end – Sender sends ACK

• Dialog Control: the session layer allows two systems to

enter into a dialog.

• Synchronization: allows a process to add checkpoints

to a stream of data.
 Presentation Layer

• This layer is concerned with the syntax and semantics

of the information exchanged between two systems.
 Functions of
Presentation Layer
• Data Translation: encoding and decoding
– Sender to common format on sending side.
– Common to receiving format on receiver side.

• Data Encryption: for security and privacy purpose.

• Data Compression: data compression reduces the

number of bits contained in the information.
 Application Layer

• Provides user interfaces and support for services,

like web, e-mail, file transfer, network management.
 Functions of Application Layer

• Network Virtual Terminal: it allows a user to log on to a

remote host.

• File Transfer Access, and Management: this application

allows a user to access files in a remote host.

• Mail Services: this application provides various e-mail

services.

• Directory Services: this application provides the distributed

database sources and access for global information about
various objects and services.
 TCP/IP Model

• TCP/IP forms the base of present day Internet.

• TCP and IP are two protocols of this model.

• This model was initially used by ARPANET.

• The TCP/IP protocol suite was defined as having four layers:

1. Network Access
2. Internet
3. Transport
4. Application
TCP/IP Model
Exchange Using TCP/IP Model
Exchange Using TCP/IP Model
 Network Access Layer

• It is the bottom layer of TCP/IP model also known

as Network interface layer.

• The purpose of this layer is to connect the host to

the network.
 Internet Layer

• Internet layer is similar to network layer of OSI

model in functionality.

• This layer is responsible for delivering IP packets to

their destinations.

• An important protocol of this layer is IP (Internet

Protocol).
 Internet Protocol (IP)

• It is an unreliable and connectionless protocol.

• IP transports data in packets called datagrams.

• IP does not keep track of the routes.

 Transport Layer

• Transport layer is similar in functionality to

transport layer of OSI model.

• Transport layer of TCP/IP model also provides

connection oriented and connectionless services.

• Connection Oriented – TCP (Transmission Control

Protocol)
• Connection Less – UDP (User Datagram Protocol)
 TCP

• Transport layer used TCP for reliable connection

oriented service.

• The various functions of TCP are:

– Error Control
– Flow Control
– Sequencing
 UDP

• Transport layer used this protocol for unreliable

connectionless service.

• No assurance that packet reached.

• No sequencing and no error checking.

• Useful in real time data transfer and quick transfer of large

data.

• It follows that delivery is more important than accurate

delivery.
 TCP vs. UDP
TCP is connection-oriented protocol; when sending a
message, it will get delivered unless connections fails.
UDP is connectionless protocol; If connection lost, the server will request the lost part.
when you send a message, you
don’t know if it will get there.

If you send two

If you send two
messages, you know
messages out, you
the first message will
don’t know what
get there first.
order they’ll arrive.

When the low level parts of the TCP

stream arrive in the wrong order,
resend requests have to be sent, and
No ordering of messages, no all the out of sequence parts have to
tracking connections, etc. be put back together, so requires a
It’s just fire and forget, thus bit of work to piece together.
it’s a lot quicker.
Data is read as a stream, with
nothing distinguishing where one
Packets are sent individually and are
packet ends and another begins.
guaranteed to be whole if they
arrive. One packet per one read call.
Demo: UDP Talk
Demo: TCP Chat
 Application Layer

• This layer is the combination of Application,

Presentation and Session layer of the OSI model.

• This layer provides various services to different

user applications.
 Application Layer

• Application layer includes several high-level protocols

that are used for wide variety of applications like:

– TELNET (Terminal Network): used for remote login.

– FTP (File Transfer Protocol): for transfer of file from

one system to another.

– HTTP (Hyper Text Transfer Protocol): for fetching

web pages on world wide web.
 Similarities between
OSI & TCP/IP

• Both are based on the concept of a stack of

independent protocols.

• Functionality of layers is roughly similar.

• Up to Transport – network oriented.

• Above – user oriented.

 Differences between
OSI & TCP/IP

• OSI model has seven layers.

• TCP/IP has four layers.

• OSI model provides clear distinction between services,

interfaces and protocols.
• TCP/IP doesn’t provide clearly distinguish between
services, interfaces and protocols.

• In OSI model transport layer is connection oriented.

• In TCP/IP transport layer is both connection oriented
and connectionless.
 Differences between
OSI & TCP/IP

• In OSI Data Link layer and Physical layer are separate

layers.
• In TCP Data Link layer and Physical layer are combined
as one in Network Access layer.

• Protocols do not fit well into the OSI model.

• Protocols fit well in TC/IP model.

• Minimum size of OSI header is 5 bytes.

• In TCP/IP minimum size of the header is 20 bytes.
OSI vs. TCP/IP
Application Layer
Application Layer
• HTTP(S);
• DNS;
• Web Sockets;
• REST Resources;
• XML Web Services;
• SMTP;
• POP3;
• IMAP;
• Webmail.
HTTP(s)
 About HTTP

• The Hyper Text Transfer Protocol (HTTP) is a client-

server network protocol.

• In use by the World-Wide Web since 1990.

• It is based on Request – Response Paradigm.

 HTTP Request Message

GET /website/template/photography/ HTTP/1.1

Accept:*/*
Accept-Language: en-gb
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Host: www.httpwatch.com
Connection: Keep-Alive
 HTTP Response
HTTP/1.1 200 OK
X-Seen-By: sputnik3.aus_dsp
X-Seen-By: s3.aus_pp
Date: Wed, 21 Aug 2013 09:02:49 GMT
Server: Apache
cache-control: max-age=604800
cache-control: no-cache
Pragma: no-cache
Set-Cookie: _wixAB2=5371#5567#2014-03-19T14-27-00.000-0500|15711#3472#2014-08-13T11-01-00.000;
Domain=.wix.com; Expires=Tue, 21-Aug-2018 14:06:39 GMT; Path=/
Vary: User-Agent,Accept-Encoding
Content-Language: en
Content-Encoding: gzip
Content-Length: 8162
Content-Type: text/html;charset=UTF-8
Expires: 0
Cache-Control: no-cache

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:og="http://ogp.me/ns#"
xmlns:fb="https://www.facebook.com/2008/fbml" >
<body></body>
Wireshark Demo
 Everything Is
an Extendable Convention
• You may create your own headers.

• You may create your own methods.

• You may not implement some methods.

• You may not implement header logic.

 HTTP Methods
• GET: Retrieve whatever information identified by the Request-URI
• POST: Used to send data to the server for updates.
• PUT: Requests that the enclosed entity be stored under the
supplied Request-URI.
• DELETE: Requests that the origin server delete the resource
identified by the Request-URI.
• HEAD: Identical to GET except that the server MUST NOT return a
message-body in the response.
• TRACE: Allows the client to see what is being received at the other
end of the request chain and use that data for testing or
diagnostic.
• CONNECT: Used with a proxy that can dynamically switch to being
a tunnel.
 HTTP Headers
• Accept: text/plain; specify certain media types which are
acceptable for the response.
• Accept-Encoding: compress, gzip;
• Accept-Language: da, en-gb;q=0.8, en;q=0.7.
• Cache-Control: max-age=0, must-revalidate.
• User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0)
• Set-Cookie: _wixAB2=15361#2985#2014-08-05T13-30-00.000-
0500
• Access-Control-Allow-Origin: *
• X-Seen-By: sputnik3.aus_dsp
• X-Wix-Dispatcher-Cache-Hit: no
• X-Wix-Renderer-Server: apu2.aus.wixpress.com
• X-Wix-Not-Found-Reason: Meta Site was not found
 HTTP Status Codes
and Errors

• 1xx – Informational – intermediate response and indicates

that the server has received the request but has not finished
processing it.
• 2xx – Successful: 200 OK.
• 3xx – Redirection: 301-permanent, 302-temporary.
• 4xx - Client Error: 400-bad request, 403-forbidden, 404-not
found.
• 5xx - Server Error: 500 Internal Server Error, 503-Service
Unavailable, 504-Gateway Timeout
 Cookies
Servers supply cookies by populating the
set-cookie response header with the
following details: Set-Cookie: name=value

Name Name of the cookie

Value Textual value to be held by the cookie
Expires Date/time when the cookie should be discarded by the browser.
If this field is empty the cookie expires at the end of the current
browser session. This field can also be used to delete a cookie by
setting a date/time in the past.
Path Path below which the cookie should be supplied by the browser.
Domain Web site domain to which this cookie applies.
This will default to the current domain and attempts to set cookies on
other domains are subject to the privacy controls built into the
browser.
 Type of Cookies
• Session cookie - Web browsers normally delete session cookies
when the user closes the browser.
• Persistent cookie - A persistent cookie will outlast user sessions –
expires on a set timestamp.
• Secure cookie - A secure cookie has the secure attribute enabled
and is only used via HTTPS
• HttpOnly cookie - On a supported browser, only when
transmitting HTTP (or HTTPS) requests. Not accessible to
JavaScript.
• Third-party cookie - cookies that belong to domains different from
the one shown in the address bar.
• Super-cookie - cookie with an origin of a top-level domain (.com).

Browsers send cookies via request header.

Cookie: name=value; name2=value2
 HTTP Caching

• Preventing Caching – Cache-Control: no-cache (HTTP 1.1);

Pragma: no-cache (HTTP 1.0).
• Last-Modified: Wed, 15 Sep 2004 12:00:00 GMT – Browser can
check the server for changes.
• Expires: Sun, 17 Jan 2038 19:14:07 GMT – browser can reuse the
content without having to check the server.

GET /images/logo.gif HTTP/1.1

Accept: */*
Referer: http://www.google.com/
Accept-Encoding: gzip, deflate
If-Modified-Since: Thu, 23 Sep 2004 17:42:04 GMT
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
5.1;)
HTTP/1.1 304 Not Modified
Host: www.google.com
Content-Type: text/html
Server: GWS/2.1
Content-Length: 0
Date: Thu, 04 Oct 2004 12:00:00 GMT
 HTTP Submit
• GET - method is used to retrieve information from a specified URI
and is assumed to be a safe, have no side effects repeatable
operation by browsers, caches and other HTTP aware
components:
– GET can only supply data in the form of parameters encoded in
the URI (Query String) or as cookies. Therefore, GET cannot be
used for uploading files or other operations that require large
amounts of data to be sent to the server.
• POST method is used for operations that have side effects and
cannot be safely repeated:
– POST request message has a content body that is normally
used to send parameters and data. Unlike using the request
URI or cookies, there is no upper limit on the amount of data
that can be sent.
 POST Request
POST /httpgallery/methods/default.aspx HTTP/1.1
Host: www.httpwatch.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Referer: http://www.httpwatch.com/httpgallery/methods/
Cookie: __utma=1.1256977602.1377003403.1377082307.1377092487.5; __utmc=1;
__utmz=1.1377003403.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided);
__utmb=1.4.9.1377092850054
Proxy-Authorization: Basic b21lckB3aXguY29tOmg2M2ZycQ==
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 19
Set-Cookie: _wixUIDX=10647958|1a2c4034-469d-4f4d-bbd9-17deddaf67ec; Domain=.wix.com; Expires=Mon, 17-Feb-
2014 09:02:49 GMT; Path=/
Cache-Control: no-cache

Amount=10&B2=Submit
 Redirection
• HTTP allows servers to redirect a client request to a different
location. Although, this will usually result in another network
round trip.
301 Permanent redirect – Content move permanently at the location specified by the Location
header and future requests should be directed to this location.
302 Temporary Redirect - future requests should still be sent to the original location
303 This status code was intended to be the only status code that caused a POST to be
converted to a GET. However, most browsers treat a 302 like a 303.
304 Not modified - Used in response to an If-Modified header to redirect a request to the
browser's local cache.

HTTP/1.1 302 Found

Cache-Control: private,Public
Content-Length: 162
Content-Type: text/html; charset=utf-8
Location: /httpgallery/redirection/default.aspx#example
Set-Cookie: balance=990; path=/httpgallery/redirection/
 AJAX
Asynchronous JavaScript And XML

• AJAX is a technology used by interactive web

applications to make HTTP requests to a server
without causing page transitions.
• Requests have to go to the same domain as the page.
<script type="text/javascript">
function GetShoppingList()
{
// Create an instance of the HTTP request object
var xmlHttp = new XMLHttpRequest();
// Specify HTTP GET by default and supply the relative url
xmlHttp.open("GET", "getlist.aspx", false);

// Start a synchronous AJAX request and wait for the response

xmlHttp.send(null);
var targetNode = document.getElementById("divShoppingList");
// Use the HTML returned from server to create list
targetNode.innerHTML = xmlHttp.responseText;
}
</script>
 CORS
Cross-origin Resource Sharing

• Allows JavaScript on a web page to make

XMLHttpRequests to another domain.

• The client first send an HTTP OPTIONS request to the

resource on the other domain, to determine if the
request is safe to send.

• If cross domain requests are safe to be made, then the

server will include in the response Allow-Control-*
headers.
 CORS
Cross-origin Resource Sharing

OPTIONS /resources/post-here/ HTTP/1.1

Host: bar.other
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1b3pre)
Gecko/20081130 Minefield/3.1b3pre
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Connection: keep-alive
Origin: http://foo.example
Access-Control-Request-Method: POST
Access-Control-Request-Headers: X-PINGOTHER

HTTP/1.1 200 OK
Date: Mon, 01 Dec 2008 01:15:39 GMT
Access-Control-Allow-Origin: http://foo.example
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000

POST /resources/post-here/ HTTP/1.1

Host: bar.other
…
 JSONP
JavaScript Object Notation with Padding
Step 1 - You need to create a callback
• Provides a method to function. The function accepts some data.
request data from a function w3r_callback(data){
server in a different console.log(data);
}
domain.
Step 2 - Include a script in your web page which contains
the callback function created a step 1 as a parameter.
<script src="http://www.example.com?q=w3r_callback"><script>

• JSONP has nothing to Step 3 - It outputs a script w3r_callback({

which calls the function and "FirstName" : "xyz",
do with Ajax, since it requested data is passed. "LastName" : "abc",
does not use "Grade" : "A"
XMLHttpRequest. }
Instead it dynamically );
inserts.
 Advantages of HTTP

• Platform independent: Allows straight cross platform

porting.

• No runtime support required to run properly.

• Usable over firewalls: Global applications possible.

• Not connection-oriented: No network overhead to create

and maintain session state and information.
 HTTP Is Stateless

• The lifetime of a connection corresponds to a single request-

response sequence:
– An HTTP client opens a TCP/IP connection to the server via a
socket, transmits a request for a document, then waits for a
reply from the server. Once the request-response sequence is
completed, the socket is closed.
– There is no "memory" between client connections.
– The pure HTTP server implementation treats every request as if
it was brand-new.
– HTTP pages are stored on server and client caches. The pages
load faster, but they are stored on systems that you potentially
don't have control over, such as ISP's caching proxy.
 HTTP Limitations
• Security Concerns:
– Privacy: Anyone can see content.
– Integrity: Someone might alter content. HTTP is insecure since
no encryption methods are used. Hence is subject to man in
the middle and eavesdropping of sensitive information.
– Authentication: Not clear who you are talking with.
Authentication is sent in clear, thus anyone who intercepts the
request can determine the username and password being
used.

• Stateless: Need state management techniques to

maintain the information across multiple request-
response cycles.
 Evolution of
Communication Model
1991 Today
http://www.ibarakiken.gr.jp/www/index.html http://www.ocn.ne.jp/ https://www.facebook.com/

Multiple resources
Single resource +
Multiple resources Bi-directional
 Issue in HTTP

REQUEST GET index.html

RESPONSE

REQUEST GET style.css

RESPONSE
 Issue in HTTP

• Response time become slower when required

resources increased.

And each transaction has

overlapped headers.
 SPDY in HTTP 2.0

Current practice • SPDY

• Multiplexing request under single TCP

• Header compression
• Server push feature
 HTTPS
• HTTPS stands for Hypertext Transfer Protocol over Secure Socket
Layer, or HTTP over SSL.
• SSL acts like a sub layer under regular HTTP application layering.
• HTTPS encrypts an HTTP message prior to transmission and decryp
ts a message upon arrival.
• HTTPS by default uses port 443 as opposed to the standard HTTP
port of 80.
• URL's beginning with HTTPS indicate that the connection between
client and browser is encrypted using SSL
• e.g.: https://login.yahoo.com/config/login_verify2?&.src=ym
• SSL transactions are negotiated by means of a key based encryption
algorithm between the client and the server, this key is usually
either 40 or 128 bits in strength (the higher the number of bits the
more secure the transaction).
 SSL Diagram
1. When any modern browser is installed, it is sent with
several CA issuer certificates. These issuer certificates
contain a public key for the issuer, among other
information.
2. When a web designer decides to use SSL he needs to
purchase a certificate that is signed using the CA's private
key.
3. The web browser starts a connection to an HTTPS site.
Along with this request the client sends all supported
encryption schemes.
4. As a response to the browser's connection request, the
Server sends a copy of the certificate from step 2. Along
with this transmission is the server's answer to the
encryption negotiation.
5. Once a certificate is downloaded, the signature of the
certificate (that was signed using the CA's private key) is
checked using the CA's public key (installed in the
browser in step 1.
6. The connection succeeds, the client can now download
and upload to the web site with the security of
encryption.
 SSL Handshake
• A HTTP-based SSL connection is always initiated by the client using
a URL starting with https:// instead of with http://.
• At the beginning of an SSL session, an SSL handshake is performed
• This handshake produces the cryptographic parameters of the
session:
– The client issues a secure request.
– The server sends X.509 certificate containing public key.
– The client authenticates certificate against list of known CAs.
– If a CA is unknown, the browser can give the user the option to
accept certificate at user’s risk).
– The Client generates random symmetric key and encrypts it
using server’s public key.
– The client and server now both know the symmetric key and
encrypt end-user data using symmetric key during the session.
 How SSL Overcomes
HTTP Security Concerns
• Secure Sockets Layer technology protects your Web site and
makes it easy for your Web site visitors to trust you in three
essential ways:

– Privacy: An SSL Certificate enables encryption of sensitive

information during online transactions.

– Integrity: A Certificate Authority verifies the identity of the

certificate owner when it is issued.

– Authentication: Each SSL Certificate contains unique,

authenticated information about the certificate owner.
 Limitations of HTTPS
• An HTTPS server can only provide one "virtual host" behind a
single socket, as opposed to multiple ones behind an http
socket:
– This is because all security negotiation takes place before the
HTTP protocol starts & hence before the server knows which
URL the client is asking for.
• HTTPS cannot prevent stealing confidential information from
the pages cached on the browser:
– Since in SSL data is encrypted only during transmission on the
network, it is in clear text in the browser memory.
• HTTPS is slightly slower than HTTP:
– HTTPS adds computational overhead as well as network
overhead.
Web Sockets
 HTTP Polling

Connect-Poll
No data in response

Connect-Poll
Client No data in response Server

Connect-Poll
Data
 Server-Sent Events
(Long Polling)

Connect-Poll

Data

Client Server
Poll

Data
 Streaming

Connect

Push
Push
Client Push Server
Push

Close Connection
 Web Sockets

• Standard W3C protocol (RFC6455)

• Web Browsers include window.WebSocket object; no plugins
required.
• Java EE 7 includes WebSocket API (JSR-356).
• How it works:
1. Establish a socket connection via HTTP for the initial
handshake.
2. Switch the protocol from HTTP to a socket-based protocol.
3. Send messages in both directions simultaneously.
 The Web Sockets Handshake

Browser request Server response

GET /mychat HTTP/1.1 HTTP/1.1 101 Switching Protocols
Host: server.example.com Upgrade: websocket
Upgrade: websocket Connection: Upgrade
Connection: Upgrade Sec-WebSocket-Accept:
Sec-WebSocket-Key: HSmrc0sMlYUkAGmm5OPpG2HaGWk=
x3JJHMbDL1EzLkh9GBhXDw== Sec-WebSocket-Protocol: chat
Sec-WebSocket-Protocol: chat
Sec-WebSocket-Version: 13
Origin: http://example.com
 Web Sockets Events
and Methods in JavaScript
Event Event Handler Description
open ws.onopen This event occurs when socket
connection is established.
message ws.onmessage This event occurs when client
receives data from server.
error ws.onerror This event occurs when there is
any error in communication.
close ws.onclose This event occurs when
connection is closed.

Method Description
ws.send() The send(data) method transmits data
using the connection.
ws.close() The close() method would be used to
terminate any existing connection.
 Web Socket
Object in JavaScript
 Programmatic
Endpoints in Java

To deploy this programmatic endpoint, use the following code in your Java EE application:
 Annotated
Endpoints in Java

Annotation Event Example

OnOpen Connection opened. @OnOpen public void open(Session session,
EndpointConfig conf) { }
OnMessage Message received. @OnMessage public void message (Session
session, String msg) { }
OnError Connection error. @OnError public void error(Session session,
Throwable error) { }
OnClose Connection closed. @OnClose public void close(Session session,
CloseReason reason) { }
Talk Using Web Sockets
REST Resources
 What Is REST?

• REpresentational State Transfer.

• An architecture style, not a standard.

• Client-server communication protocol.
• Stateless, lightweight.

• HTTP requests to read, create, update or delete

data.
• Nouns as URIs, verbs as HTTP methods (POST,…).
 The Resource

• Anything important enough to be referenced:

– The building block of REST.

• Is identified by at least one URI:

– http://www.example.com/hr/employees/1234567
• Can contain sub-resources.

• Exposed through representations:

– A projection of the state of the resource in a certain
format (XML, JSON…).
 Resource-Oriented
Architecture Principles
• Addressability.

• Statelessness:
– No connection state maintained between REST
invocations.
– Simpler to design and evolve, no side effects, scalable.

• Connectedness:
– Resources should link together in their representations.

• Uniform interface:
– Same set of operations for each resource.
 Uniform Interface

• HTTP Methods
GET /users/10123 200 OK
POST /users (representation in request) 201 Created
* Location
PUT /users/10123 (representation in request) 200 OK
DELETE /users/10123 200 OK
HEAD /users/10123
OPTIONS /users/10123

• HTTP Headers:
– Content-Type, Accept, Location.
– Last-Modified, Cache-Control, Etag, … (for caching).
 Uniform Interface
• Several HTTP Status Codes:
– 200 OK.
– 201 Created: a resource was created.
– 202 Accepted: the request was accepted for asynchronous
processing.
– 204 No Content: the request was successful, but no content was
returned.
– 400 Bad Request (no more details).
– 404 Not Found.
– 406 Not Acceptable: request’s Accepted ≠ response Content-Type.
– 415 Unsupported Media Type: request Content-Type cannot be
processed.
– 422 Un-processable Entity (HTTP Extension): request is
semantically wrong.
– 500 Internal Server Error: something went really bad on the server.
 Safety and Idem-potency

• GET is safe:
– It’s a request to read data, not to change the server state.
– Client feels safe that nothing terrible will happen on the
server.
– Applying them 0, 1, n times => the same server state.

• All but POST are idempotent operations:

– Will render the same result on server if they are applied
multiple times.
– Applying them 1, n times => the same server state
– 2 x GET, 2 x DELETE, 2 x PUT(!).
– Sending 2 POSTs => + 2 new instances with the same
representation.
 PUT vs. POST

• Use PUT…
– If you can specify the FULL content of the resource you
create/update.
– Creating with PUT = the client knows upfront the URI of the
new resource (id!).
PUT /users/10123 (representation in request)  200 OK

• Use POST…
– If you to create/update one or more subordinates of the
resource.
– Creating with POST = the server generates the URI of the new
resource, returning to the client in the Location response
header.
 Content Negotiation

• Different resource representation formats:

– XML, JSON (rich client web-apps), HTML, PDF, …

• Content negotiation methods:

– Headers: Accept or Content-Type: application/xml
– Query parameter: GET /users/123456?format=json
– URI extension: PUT /users/123456.xml
– Multiple formats for the same resource can be used
for representation versioning – fade-out/fade-in
 Versioning

• At resource-level:
– GET /v1/users/123456

• At representation-level:
– Content-Type:
application/vnd.bpost.excell.common.task.v2+xml

• At request-level: custom header

– X-Version: v2
 Handle Errors with
HTTP Status Codes
• hard to work with an API that ignores error handling. Pure reIt is
turning of a HTTP 500 with a stack-trace is not very helpful:
– 200 – OK – Everything is working.
– 201 – OK – New resource has been created.
– 204 – OK – The resource was successfully deleted.
– 304 – Not Modified – The client can use cached data.
– 400 – Bad Request – The request was invalid or cannot be served. The exact error
should be explained in the error payload.
– 401 – Unauthorized – The request requires an user authentication.
– 403 – Forbidden – The server understood the request, but is refusing it or the
access is not allowed.
– 404 – Not found – There is no resource behind the URI.
– 422 – Un-processable Entity – Should be used if the server cannot process the
entity, e.g. if an image cannot be formatted or mandatory fields are missing in the
payload.
– 500 – Internal Server Error – API developers should avoid this error. If an error
occurs in the global catch blog, the stack-trace should be logged and not returned
as response.
104
 Use Error Payloads

• All exceptions should be mapped in an error payload. Here is

an example how a JSON payload should look like:

{
"errors": [
{
"userMessage": "Sorry, the requested resource does not exist",
"internalMessage": "No car found in the database",
"code": 34,
"more info":
"http://dev.mwaysolutions.com/blog/api/v1/errors/12345"
}
]
}

105
 Web Services Architectures
How is the method How is the target
conveyed? identified?
RESTful and HTTP Method URI
Resource-oriented
RPC-like HTTP request Body HTTP request Body
URI query parameter URI
REST-RPC Hybrid HTTP Method + URI
(HTTP + Plain Old Xml) others*

• GET /flicker/photo?tag=bee ~= REST

• GET /flicker/rest?method=update.photo&... ≠ REST
(No Uniform Interface)
 Designing REST Services

• Answer the following questions, in order:

– What are the URIs?

(What are the resources of your application?)

– What is the representational format(s) of the resources?

– What HTTP methods are supported by each URI?

– What status codes could be returned for each method?

RESTful CRUD Example
 Common REST
Design Mistakes
• Using REST as a RPC-like mechanism:
– A service is not a resource!

• Putting actions in the URI:

– http://www.example.com/hr/employee/123456/fire
but /fired
– Difficult cases: send an email, print the document,…
«do something»

• Maintaining session on the server.

 Implementations

• .NET:
– Windows Communication Foundation (WCF).

• Java (before the specs):

– Spring MVC.

• Java specs – JAX-RS (JSR-311) implementations:

– Jersey – JAX-RS: reference implementation from Oracle.
– RESTEasy from JBoss.
– Apache CXF.
– RESTlet.
XML Web Services
 Web Services Basics

• Interoperability has highest priority:

– XML over HTTP.
– Web services can be created regardless of the programming
language.
• Reusable application components:
– Software can be reused as service components in a service-
oriented architecture to support the requirements of
software users.
– Compositionality is realized with open standards.
• Connect existing software:
– Publish the application as a service.
– Applications connect and interact by encoding and decoding
data in XML.
 XML Web Services Protocols
• SOAP:
– Simple Object Access Protocol is an XML messaging protocol.
– Typically remote procedure call (RPC) request-response messages.
– Or XML-based messages (document/literal style).
• WSDL:
– Web Service Description Language is an XML document that
defines the service interface, protocol bindings, and service
endpoint addresses.
– Uses XML schema to define XML types.
– Typically uses SOAP to bind the messaging protocol.
• UDDI:
– Universal Description, Discovery and Integration is a
repository/database of services (e.g. defined by WSDLs).
– Not very popular, won’t discuss.
 WSDL
• WSDL represents a contract between the service
requestor and the service provider.
• WSDL is an XML specification that defines four critical
pieces of information of an XML Web service:
– Interface information describing all publicly available
functions.
– Data type information for all message requests and
message responses.
– Binding information about the transport protocol to be
used.
– Address information for locating the specified service.
 WSDL Specification
• The definitions root element defines the name and namespace of the
web service.
• The types element contains a set of XML schemas with all the data
types (XML elements and types) used between the client and server.
• One or more message elements define the names of the messages,
each contains zero or more message part elements, which can refer to
message parameters or message return values.
• The portType element combines multiple message elements to form a
complete one-way or round-trip operation.
• The binding element describes how the service will be implemented
on the wire.
• The service element defines the endpoint address for invoking the
service.
WSDL 1.1 vs 2.0
 WSDL definition Root Element

• Defines the name and targetNamespace:

<definitions name="HelloService”
targetNamespace="http://www.ecerami.com/wsdl/HelloService.wsdl”
xmlns="http://schemas.xmlsoap.org/wsdl/”
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/”
xmlns:tns="http://www.ecerami.com/wsdl/HelloService.wsdl”
xmlns:xsd="http://www.w3.org/2001/XMLSchema”>

• Typically the xmlns namespace bindings are included in

the root element and are used in the remainder of the
WSDL.
• Note that the WSDL namespace is declared as the default
namespace for all of the other WSDL elements
(http://schemas.xmlsoap.org/wsdl/) so these elements are
not explicitly namespace qualified.
117
 The WSDL message Elements

• Two message elements are defined

• The first represents a request message, SayHelloRequest, and the second
represents a response message, SayHelloResponse:

<message name="SayHelloRequest">
<part name="firstName" type="xsd:string"/>
</message>
<message name="SayHelloResponse">
<part name="greeting" type="xsd:string"/>
</message>

• For the request, the part specifies the function parameters

• For the response, the part specifies the function return values
• The type is a QName value, indicating the schema type of the part
118
 The WSDL portType Element

• The portType element defines a single operation, sayHello

• The operation consists of a single input message (SayHelloRequest) and a
single output message (SayHelloResponse):
<portType name="Hello_PortType">
<operation name="sayHello">
<input message="tns:SayHelloRequest"/>
<output message="tns:SayHelloResponse"/>
</operation>
</portType>

• The input/output elements specify a message attribute of

tns:SayHelloRequest or tns:SayHelloResponse
• The tns prefix references the targetNamespace defined within the
definitions element

119
 Message Exchange Patterns

• The operation in portType uses input and/or output

to define the message exchange pattern.
• WSDL supports four basic patterns of operation:
– One-way.
– Request-response.
– Solicit-response.
– Notification.
• The one-way and request-response are most often
used.
120
 The WSDL binding Element

• The binding element provides specific details on how a

portType operation will actually be transmitted over the
wire.
• Bindings can be made available via multiple transports.
• Multiple bindings for a single portType can be specified.
• The binding element itself specifies name and type
attributes:
<binding name="Hello_Binding" type="tns:Hello_PortType">

• The type attribute references the portType.

121
 WSDL SOAP Bindings
• WSDL 1.1 includes built-in extensions for SOAP 1.1:
<binding name="Hello_Binding" type="tns:Hello_PortType">
<soap:binding style="rpc"
transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="sayHello">
<soap:operation soapAction="sayHello"/>
<input>
<soap:body
encodingStyle=“http://schemas.xmlsoap.org/soap/encoding/”
namespace="urn:examples:helloservice”
use="encoded"/>
</input>
<output>
<soap:body
encodingStyle=“http://schemas.xmlsoap.org/soap/encoding/”
namespace="urn:examples:helloservice”
use="encoded"/>
</output>
</operation>
</binding>

122
 WSDL SOAP Bindings
• The soap:binding element indicates a SOAP binding over HTTP
transport:
– The style attribute indicates rpc for an RPC format or document
for a document-oriented message format.
– The transport attribute defines the transport mechanism.
• The soap:operation element indicates the binding of a specific
operation to a SOAP implementation:
– The soapAction attribute specifies that the SOAPAction HTTP
header should be used for identifying the service (SOAP 1.1 only).
• The soap:body element specifies the details of the input and
output messages:
– The encodingStyle attribute defines the encoding format when
the use attribute is encoded (RPC encoded) and the namespace
attribute defines the RPC message namespace.
– For document/literal messaging, the use attribute is literal.
123
 Using WSDL
• Most Web service development toolkits support
WSDL:
– Generate WSDL from server (interface) code.
– Translate WSDL to server objects and client
proxies.
• Dynamic invocation obtains the WSDL, select an
operation, populate the parameters and send the
request message:
– Generic SOAP client: soapUI
http://www.soapclient.com/soaptest.html

124
 soapUI Demo

125
 SOAP Message

• A SOAP message consists of:

– SOAP Part (SOAP Envelope):

• SOAP Header (headers, if any).
• SOAP Body (XML content or fault).

– Additional Attachment Parts:

• MIME Headers.
• Content (XML or non-XML).

126
 SOAP Request Message

• An RPC request message uses the encodingStyle

and namespace:
<?xml version='1.0' encoding='UTF-8'?>
<soap:Envelope
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance’
xmlns:xsd='http://www.w3.org/2001/XMLSchema’
xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/’
xmlns:soapenc='http://schemas.xmlsoap.org/soap/encoding/’
soap:encodingStyle='http://schemas.xmlsoap.org/soap/encoding/'>
<soap:Body>
<n:sayHello xmlns:n='urn:examples:helloservice'>
<firstName xsi:type='xsd:string'>World</firstName>
</n:sayHello>
</soap:Body>
</soap:Envelope>

127
 SOAP Response Message

• An RPC request message:

<?xml version='1.0' encoding='UTF-8'?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV='http://schemas.xmlsoap.org/soap/envelope/’
xmlns:xsi='http://www.w3.org/1999/XMLSchema-instance’
xmlns:xsd='http://www.w3.org/1999/XMLSchema'>
<SOAP-ENV:Body>
<ns1:sayHelloResponse xmlns:ns1='urn:examples:helloservice'
SOAP-ENV:encodingStyle=
'http://schemas.xmlsoap.org/soap/encoding/'>
<greeting xsi:type='xsd:string'>Hello, World!</greeting>
</ns1:sayHelloResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

128
 SOAP With MTOM Attachments
• Raw binary data can be transported in a SOAP message as
base64.
• MTOM (Message Transmission Optimization Mechanism)
using MIME attachments to carry binary data with a SOAP
message:
– Supports embedding of type and other information.
– Allows streaming (attachments produced on demand).
– Example HTTP header for SOAP with MTOM:
POST / HTTP/1.1
Host: www.example.com
Content-Type: multipart/related;
boundary=”mimeboundary";
type="application/xop+xml";
start="<soapmsg>";
start-info="application/soap+xml;
charset=utf-8"

129
 SOAP With MTOM Attachments
• Example HTTP body with SOAP message and MTOM attachment:
--mimeboundary
Content-Type: application/xop+xml;charset=utf-
8;type=application/soap+xml
Content-Transfer-Encoding: binary
Content-ID: <soapmsg>
<SOAP-ENV:Envelope xmlns:SOAP-ENV=”…”
xmlns:xop="http://www.w3.org/2004/08/xop/include"
xmlns:xmlmime="http://www.w3.org/2004/11/xmlmime"
<SOAP-ENV:Body>
<m:PutImage xmlns:m="http://www.example.com/test.wsdl">
<m:data xmlmime:contentType=”image/jpeg">
<xop:Include href="cid:image"/>
</m:data>
</m:PutImage>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
--mimeboundary
Content-Type: image/jpeg
Content-Transfer-Encoding: binary
Content-ID: <image>
… image data …
--mimeboundary--
130
 WS-Addressing
• WS-Addressing is a Web services protocol for routing
messages (request, response, and faults).
• Supports message transmission through networks with
processing nodes such as endpoint managers, firewalls, and
gateways:
<S:Envelope
xmlns:S="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
<S:Header>
<wsa:MessageID>
uuid:6B29FC40-CA47-1067-B31D-00DD010662DA
</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://business456.example/client1</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://fabrikam123.example/Purchasing</wsa:To>
<wsa:Action>http://fabrikam123.example/SubmitPO</wsa:Action>
</S:Header>
<S:Body>
...
</S:Body>
</S:Envelope>

131
 WS-Addressing
• WS-Addressing header elements within the SOAP Header:
– <wsa:MessageID> xs:anyURI </wsa:MessageID>
defines a unique message ID, e.g. UUID (optional).
– <wsa:RelatesTo RelationshipType="..."?> xs:anyURI </wsa:RelatesTo>
conveys the message ID of the related message, e.g. the request
message ID when this is a reply message (required for responses).
– <wsa:To> xs:anyURI </wsa:To>
the destination address (required).
– <wsa:Action> xs:anyURI </wsa:Action>
conveys the SOAP action property (required).
– <wsa:From> endpoint-reference </wsa:From>
the source endpoint information (optional).
– <wsa:ReplyTo> endpoint-reference </wsa:ReplyTo>
the reply endpoint (required for request with an expected reply).
– <wsa:FaultTo> endpoint-reference </wsa:FaultTo>
the fault endpoint (optional).

132
 WS-Addressing

133
 WS-Security

• WS-Security provides message-level security:

– HTTPS provides end-to-end transport-level security.
• Authentication:
– Username and (digest) password (with nonce,
timestamps).
• Digital signatures:
– XML DSig with DSA, HMAC, etc.
– Can sign all or specific parts of the message.
– Embedding of security tokens such as certificates.
– Support for SAML.
• Encryption:
– XML Enc with RSA, etc.
134
 Username Token
• The Username token security header in wsse:Security contains a
username and password in plain text or a digest password:
<SOAP-ENV:Envelope xmlns:SOAP-ENV=“…” xmlns:wsse=“…”
xmlns:wsu=“…”>
<SOAP-ENV:Header>
<wsse:Security SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="User">
<wsse:Username>engelen</wsse:Username>
<wsse:Password Type="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-username-token-profile-
1.0#PasswordDigest">/u5faawcfIeve1yHCsdXAWyIlbU=</wsse:Password
>
<wsse:Nonce>NDU0MGE5YjljYTUzYzAzZjA2MTc=</wsse:Nonce>
<wsu:Created>2006-10-26T12:27:37Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
…
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

135
 Security Timestamps
• A timestamp can be included to define the lifetime of a message.
• The timestamp will only be tamper proof when digitally signed,
hence the wsu:Id which is referenced by the signature info:
<SOAP-ENV:Envelope …>
<SOAP-ENV:Header>
<wsse:Security>
<wsu:Timestamp wsu:Id="timestamp">
<wsu:Created>2001-09-13T08:42:00Z</wsu:Created>
<wsu:Expires>2001-10-13T09:00:00Z</wsu:Expires>
</wsu:Timestamp>
...
</wsse:Security>
...
</SOAP-ENV:Header>
<SOAP-ENV:Body>
...
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

136
 Signatures
• The wsse:BinarySecurityToken contains the public key.
• The ds:Signature element contains signature info with digest value for
each signed message part and the signature value:
<wsse:Security>
<wsse:BinarySecurityToken wsu:Id=“X509Token” …>
public key
</wsse:BinarySecurityToken>
<ds:Signature>
<ds:SignedInfo>
what is signed: reference URI to signed part with digest of that XML message part
how it is signed: digests algorithms and canonicalization of XML
</ds:SignedInfo>
<ds:SignatureValue>
signature
</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#X509Token"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
137
 List of WS-* Protocols
• Messaging:
– SOAP.
– SOAP with Attachments (SwA).
– SOAP with MTOM (Message Transmission Optimization
Mechanism).
– XML-RPC: a simpler XML RPC format (no WSDL or schemas).
– WS-Addressing: routing, endpoints, and addressing properties.
• Service description:
– WSDL.
– WS-MetadataExchange: how an endpoint can request the
various types of metadata it may need to effectively
communicate with the service.
– WS-Policy: describes the capabilities, requirements, and
general characteristics of a service.

138
 List of WS-* Protocols
• Directory access and discovery:
– UDDI (Universal Description, Discovery, and Integration) v2/v3.
– WS-Discovery: a multicast discovery protocol to locate services on a
network.
• Managing services:
– WS-Management: for management of servers, devices, applications.
• Transaction-based services:
– WS-Transaction: describes the coordination types atomic transaction
(TA) and business activity (BA).
• Publish/subscribe:
– WS-Eventing.
– WS-Notification.
• Security and reliability:
– HTTPS (transport-level).
– WS-Security (message-level).
– WS-ReliableMessaging.
139
 Other Notable WS-* Protocols
• Managing resources: Web Services Resource Framework (WSRF):
– WS-ResourceProperties: defines are resource’s properties.
– WS-ResourceLifetime: inspect and monitor the lifetime of a resource.
– WS-ServiceGroup: defines how resources are grouped together for a domain.
specific purpose (service classification and constraints).
– WS-BaseFaults: defines faults related to resource management.
• Managing resources:
– WS-Transfer: operations for sending and receiving the representation of a
given resource and operations for creating and deleting a resource.
• Best practices:
– Provide additional information to improve interoperability between vendor
implementations.
– WS-I Basic profile (BP1.0a, BP1.1).
– WS-I Basic security profile.

140
 Other Notable WS-* Protocols
• Device Profile for Web Services (DPWS):
– Goals similar to universal plug and play (UPnP).
– Seamless integration and discovery of devices over the
Internet:
• Printing, scanning, etc. over Internet by discovering these
services.
• Uploading images from camera to PC over the (wireless) Internet.
– Microsoft Vista natively integrates DPWS.
• Builds on:
– WS-Eventing (publish/subscribe).
– WS-Discovery.
– WS-Addressing.
– WS-Security.
– WS-Policy.
– WS-MetaExchange.
141
 Frameworks for Web Services
Framework Platform Specifications Protocols
Apache Axis2 Java WS-ReliableMessaging, WS-Security, WS- SOAP1.1, SOAP1.2,
AtomicTransaction, WS-Addressing, MTOM, MTOM, WSDL 2.0,
WS-Policy, WS-MetadataExchange
WSDL, REST
Apache CXF Java WS-ReliableMessaging, WS-Security, WS- SOAP1.1, SOAP1.2,
Addressing, MTOM, WS-Policy, WS- MTOM, WSDL 2.0,
SecureConversation, WS-SecurityPolicy, WS-
WSDL, REST
Trust

gSOAP C / C++ WS-Addressing, WS-Discovery, WS-Policy, WS- SOAP1.1, SOAP1.2,

ReliableMessaging, WS-Security, WS- MTOM, WSDL 1.1,
SecurityPolicy
WSDL 2.0, REST,
XML-RPC, JSON,
JSON-RPC, XML
Web Services Java WS-Addressing, WS-ReliableMessaging, WS- SOAP, WSDL, MTOM,
Coordination, WS-AtomicTransaction, WS- JSON, XML
Interoperability Security, WS-Security Policy, WS-Trust, WS-
Technology SecureConversation, WS-Policy, WS-
MetadataExchange

Windows .NET WS-Addressing, WS-MetadataExchange, WS- SOAP1.1, SOAP1.2,

Security, WS-Policy, WS-SecurityPolicy, WS- WSDL, XML, JSON,
Communication Trust, WS-SecureConversation, WS-
Foundation REST, MTOM,
ReliableMessaging, WS-Coordination, WS-
AtomicTransaction,WS-Discovery MSMQ, IPC, P2P, TCP,
UDP, WebSocket,
RabbitMQ
Web Services Demo
 REST vs. SOAP Web Services

Feature REST WS + ROA SOAP WS

Scalable, discoverable, Process-oriented,
lightweight, easier to distributed services
develop Can be composed in SOA
Transport HTTP SOAP over HTTP
Description Custom (e.g. Word), WSDL
WADL
Security SSL WS-Security, …
Reliability Idempotency (resend) WS-ReliableMessaging
Transactions Reservations, WS-AtomicTransaction (2PC)
compensations WS-BusinessActivity
SMTP
 Introduction to SMTP
• Simple Mail Transfer Protocol is the standard e-mail
protocol on the Internet and part of the TCP/IP protocol
suite. SMTP defines the message format and the
message transfer agent (MTA), which stores and
forwards the mail. SMTP was originally designed for
only plain text (ASCII text), but MIME and other
encoding methods enable executable programs and
multimedia files to be attached to and transported with
the e-mail message.

• SMTP is a relatively simple, text-based protocol, where

one or more recipients of a message are specified and
then the message text is transferred. SMTP uses TCP
port 25.
146
 SMTP Concept
The primary purpose of SMTP is to transfer email
between mail servers. However, it is critical for email
clients as well. In order to send email, the client sends
the message to an outgoing mail server, which in turn
contacts the destination mail server for delivery. For
this reason, it is necessary to specify an SMTP server
when configuring an email client.
One important point to make about the
SMTP protocol is that it does not require
authentication. This allows anyone on the
Internet to send email to anyone else or
even to large groups of people. It is this
characteristic of SMTP that makes junk
email or spam possible.
 UAs and MTAs

• MUA (Mail User Agent):

– A program that prepares the
mail and encloses it in an
envelope.
• MTA (Mail Transfer Agent):
– A program that actually routes
and deliver mails.
 Relay MTAs
• Communication using Relay:
– Routing information is included
along with e-mail address;
– Used in initial days of SMTP.
• Communication using DNS:
– SMTP servers make use of DNS to
find the domain where to route.
– This method is used today.
 Mail Gateway

• SMTP Gateways are used to

transport mails prepared by a
protocol other than SMTP.
 Sender-side Delay

• After the mail has been sent by

the MUA, it is stored in a spool
and then taken by the MTA,
which tries to send it over the
Internet to the recipient, thus
there is a delay in sending the
mail on the server-side.
 Receiver-side Delay

• When the mail finally reaches

the recipient server, it is
received by the MTA of that
server and stored either by the
file-system, or in a database,
before being available for the
MUA to take it and present to
the user.
 Aliases Expansion
• Alias expansion
indicates a specific
mode of email
forwarding:
– One-to-many;
– Many-to-one.
 One-to-many Expansion
• When you send a mail to a generic
address, the server will expand
address list and deliver a copy of the
mail to all recipients in that list.
 Many-to-one Expansion

• When you send a mail to list of

aliases belonging to the same
recipient, there will be only one
message stored for that user.
Email System
 Commands and Responses
• The server responds to each command with a reply; replies may
indicate that the command was accepted, that additional
commands are expected, or that a temporary or permanent
error condition exists;
• Once a given mail message has been transmitted, the client may
either request that the connection be shut down or may initiate
other mail transactions.
 Commands

The following are the SMTP commands:

• HELO <SP> <domain> <CRLF>
• MAIL <SP> FROM:<reverse-path> <CRLF>
• RCPT <SP> TO:<forward-path> <CRLF>
• DATA <CRLF>
• RSET <CRLF>
• NOOP <CRLF>
• QUIT <CRLF>
 Responses

• Replies to SMTP commands serve to ensure the

synchronization of requests and actions in the process of
mail transfer and to guarantee that the SMTP client always
knows the state of the SMTP server;
• Every command MUST generate exactly one reply;
• An SMTP reply consists of a three digit number followed by
some text. The number is for use by automata to determine
what state to enter next; the text is for the human user;
• Formally, a reply is defined to be the sequence: a three-
digit code, <SP>, one line of text, and <CRLF>, or a multi-
line reply.
 Connection Establishment

• When an SMTP client has a message to transmit, it

establishes a two-way transmission channel to an SMTP
server. The responsibility of an SMTP client is to transfer
mail messages to one or more SMTP servers;

• Once the transmission channel is established and initial

handshaking completed, the SMTP client normally initiates
a mail transaction. Such a transaction consists of a series of
commands to specify the originator and destination of the
mail and transmission of the message content (including
any headers or other structure) itself.
 Status Codes
• 211 System status, or system help reply;
• 214 Help message;
• 220 <domain> Service ready;
• 221 <domain> Service closing transmission channel;
• 250 Requested mail action okay, completed;
• 251 User not local; will forward to <forward-path>;
• 354 Start mail input; end with <CRLF>.<CRLF>;
• 421 <domain> Service not available, closing transmission
channel. This may be a reply to any command if the service
knows it must shut down;
• 450 Requested mail action not taken: mailbox unavailable;
• 451 Requested action aborted: local error in processing;
• 452 Requested action not taken: insufficient system storage.
 Status Codes
• 500 Syntax error, command unrecognized; this may include
errors such as command line too long;
• 501 Syntax error in parameters or arguments;
• 502 Command not implemented;
• 503 Bad sequence of commands;
• 504 Command parameter not implemented;
• 550 Requested action not taken: mailbox unavailable;
• 551 User not local, please try <forward-path>;
• 552 Requested mail action aborted: exceeded storage allocation;
• 553 Requested action not taken: mailbox name not allowed,
mailbox syntax incorrect;
• 554 Transaction failed.
Connection Establishment
 Message Transfer

There are three steps in SMTP mail transactions:

• The transaction is started with a MAIL command
which gives the sender identification. If accepted
the receiver-SMTP returns a 250 OK reply;
• A series of one or more RCPT commands follows
giving the receiver information. If accepted, the
receiver-SMTP returns a 250 OK reply, and stores
the forward-path. If the recipient is unknown the
receiver-SMTP returns a 550 Failure reply;
• Then a DATA command gives the mail data. If
accepted, the receiver-SMTP returns a 354
Intermediate reply and considers all succeeding
lines to be the message text. And finally, the end
of mail data indicator confirms the transaction.
When the end of text is received and stored the
SMTP-receiver sends a 250 OK reply.
Connection Termination
 Commands

The following are the SMTP commands:

• HELO <SP> <domain> <CRLF>
• MAIL <SP> FROM:<reverse-path> <CRLF>
• RCPT <SP> TO:<forward-path> <CRLF>
• DATA <CRLF>
• RSET <CRLF>
• NOOP <CRLF>
• QUIT <CRLF>
 Problems with SMTP

• Some older implementations cannot handle messages

exceeding 64KB;
• If the client and server have different timeouts, one of them
may give up while the other is still busy, unexpectedly
terminating the connection;
• Infinite mail storms can be triggered:
– For example, if host 1 holds mailing list A and host 2 holds
mailing list B and each list contains an entry for the other
one, then a message sent to either list could generate a
never ending amount of email traffic unless somebody
checks for it.
SMTP Demo
MIME
MIME Header
Base64
Quated-printable
 Mail Delivery

1. SMTP is used to
accept the mail from
sender client;
2. SMTP is used to
deliver the mail to
receiver server;
3. POP, IMAP or
Webmail are used to
download the mail to
receiver client from
the receiver server.
POP
 Post Office Protocol
• Protocol for receiving e-mail;
• Client – server protocol;
• Achieves transparent connection between email server and
e-mail client;
• Store-and-forward service;
• Listens on well-known port 110;
• Similar to SMTP command – reply lockstep protocol;
• Used to retrieve mail for a single user;
• Requires authentication;
• Commands and replies are ASCII lines;
• Replies start with “+OK” or “-ERR”;
• Replies may contain multiple lines.
 Commands

• USER - specify username

• PASS - specify password
• STAT - get mailbox status
• number of messages in the
mailbox.
• LIST - get a list of messages
and sizes.
• One per line, termination line
contains ‘.’ only.
• RETR - retrieve a message
 Commands

• DELE - mark a message for

deletion from the mailbox.
• NOOP - send back positive
reply
• RSET - reset. All deletion
marks are unmarked.
• QUIT - remove marked
messages and close the (TCP)
connection.
 Example
> telnet monte pop3
Trying 128.213.8.110...
Connected to monte.cs.rpi.edu (128.213.8.110).
Escape character is '^]'.
+OK POP3 monte.cs.rpi.edu v7.59 server ready
user joe
+OK User name accepted, password please
pass joepw
+OK Mailbox open, 1 messages
stat
+OK 1 412
list
+OK Mailbox scan listing follows
1 412
.
Demo
 Advantages of POP

• You can read your mail without being logged onto the
Internet;
• You may compose new messages to send to others without
being logged onto the Internet;
• Opening attachments is a quick and painless;
• There is not a maximum size on your mailbox;
• There is no advertising when you read your email;
• All messages are stored on your hard drive.
 Disadvantages of POP

• Opening attachments is a quick and painless process,

unless the attachment has a virus payload in it;
• If you have JavaScript enabled in your email reader, you
might be target of rogue JavaScript embedded in an email;
• All messages are stored on your hard drive eating up what
is sometimes very valuable space;
• Since all attachments are stored (downloaded) on your PC
there is a potential danger of virus attack if they are not
properly scanned by virus scanners;
• Email folders can become corrupted and sometimes lost
forever. Recovering is often a painful exercise.
IMAP
 Internet Message Access Protocol

• Internet message access protocol;

• Developed by Stanford University in 1986;
• Stands for accessing electronic mail that are kept on a
server;
• Access messages from more than one computer;
• More than one user;
• IMAP protocol based on a TCP connection (port 143);
• No functionality to send messages (realized with SMTP).
 Procedure of IMAP Protocol
• All emails are kept on a mail server;
• Functionality:
– Treat as local directory;
– Work directly on server;
– Different folders;
– Download message headers and later on the full
messages.
• Communication procedure:
– Connection initialization;
– Welcome of the server;
– Interaction between client and server;
– Connection closed.
 Interaction between
Client and Server
• Client sends data – server receives:
– Client command begins with alphanumeric string (‘tag’)
e.g. A001 which is created for every new command;
– Then the command with corresponding arguments
follows.
• Server sends data – client receives:
– Server receives and works with the command;
– Returns the same tag with a state (OK/NO/BAD);
– Additional information begin with ‘*’ (untagged);
– Untagged in formation can be sent at every time.
 Different States
of an IMAP Session
• Most commands are only valid in special states
(otherwise: protocol error);

• 4 states (initialization is not an own state):

– Non-Authenticated;
– Authenticated;
– Selected;
– Logout, Closed.
 Different States
of an IMAP Session

Initialization

Connect
Logout
Non-Authenticated

Logout, Close
Preauth
Login
Logout
Authenticated

Select Close
Logout
Selected
 Flags Message Attributes
• List of token associated with the message that is sent by
the server;
• A flag can be permanent or session-only;
• Types:
– System flag:
• Flag name that is pre-defined in the IMAP
specification;
• All system flags begin with ‘\’.
– Keywords:
• A keyword is defined by the server implementation;
• Keywords do not begin with ‘\’.
 Flags Message Attributes
• \Seen (Message has been read);
• \Answered (Message has been answered);
• \Flagged (Message is "flagged" for urgent/special
attention);
• \Deleted (Message is "deleted" for removal by later
EXPUNGE);
• \Draft (Message has not completed composition
marked as a draft);
• \Recent (Message is "recently" arrived in this
mailbox. This session is the first session to have been notified
about this message).
 Commands

• LOGIN username password;

• SELECT mailbox-name;
• CREATE new-mailbox-name;
• DELETE mailbox-name;
• RENAME old-name new-name;
• AUTHENTICATE;
• CLOSE;
• SEARCH;
• COPY.
 IMAP Session
S: * OK IMAP4rev1 Service Ready
C: a001 login rohit zealous
S: a001 OK LOGIN completed
C: a002 select inbox
S: * 18 EXISTS
S: * FLAGS(\Answered\Flagged\Deleted\Seen\Draft)
S: * 2 RECENT
S: * OK [UNSEEN 17] Message 17 is the first unseen
message
S: * OK [UIDVALIDITY 3857529045] UIDs valid
S: a002 OK [READ-WRITE] SELECT completed
C: a003 fetch 12 body[header]
S: * 12 FETCH (BODY[HEADER] {350}
S: Date: Wed, 11 August 2010 02:23:25 -0700 (PDT)
S: From: rohit <rohit.rk.mishra@gmail.com>
S: Subject: weekend planning
 IMAP Session
S: To: rahul <rahul1234@gmail.com>
S: cc: bharat <igbharat@gmail.com>
S: Message-Id: <B27397-0100000@TIM01.de>
S: MIME-Version: 1.0
S: Content-Type: TEXT/PLAIN; CHARSET=US-ASCII
S:
S: )
S: a003 OK FETCH completed
C: a004 store 12 +flags \deleted
S: * 12 FETCH (FLAGS (\Seen \Deleted))
S: a004 OK +FLAGS completed
C: a005 logout
S: * BYE IMAP4rev1 server terminating
connection
S: a005 OK LOGOUT completed
Demo
 POP vs. IMAP

• POP Workflow: • IMAP Workflow:

– Connect to server; – Connect to server.
– Retrieve all mail; – Fetch user requested
– Store locally as new mail; content and cache it locally,
– Delete mail from server*; e.g. list of new mail,
message summaries, or
– Disconnect. content of explicitly
selected emails;
* The default behavior of POP is – Process user edits, e.g.
to delete mail from the server.
marking email as read,
However, most POP clients also
provide an option to leave a copy deleting email, etc;
of downloaded mail on the server – Disconnect.
POP vs. IMAP
 POP vs. IMAP

• Mail stored locally, i.e. always accessible, even without

internet connection;
• Internet connection needed only for sending and
receiving mail;
• Saves server storage space;
• Option to leave copy of mail on server;
• Consolidate multiple email accounts and servers into
one inbox.
 IMAP vs. POP

• Mail stored on remote server, i.e. accessible from

multiple different locations;
• Internet connection needed to access mail;
• Faster overview as only headers are downloaded until
content is explicitly requested;
• Mail is automatically backed up if server is managed
properly;
• Saves local storage space;
• Option to store mail locally.
 What Protocol to Choose?
• Choose POP3 if…
– You want to access your mail from only one single device;
– You need constant access to your email, regardless of Internet
availability;
– Your server storage space is limited.

• Choose IMAP if…

– You want to access your email from multiple different devices;
– You have a reliable and constant internet connection;
– You want to receive a quick overview of new emails or emails
on the server;
– Your local storage space is limited;
– You are worried about backing up.
Webmail
 Overview

• Webmail is an email service that uses a web browser in

viewing, sending and receiving, editing and deleting
emails from any Internet-connected computer including
smartphones and tablets anytime, anywhere;
• Users can maximize webmail in two ways, namely:
– Getting fast, easy and secure access to current email
regardless of location and time for as long as the
personal computing device has Internet connection;
– Enjoying multiple email accounts for several
individuals.
 Webmail Advantages

• Greater privacy since webmail doesn’t have offline

cache of the e-mails;
• Better convenience because changing Internet Service
Providers will not affect the permanent email accounts
and because the emails can be easily accessed via
Internet-connected devices;
• More effective management of email accounts from a
single interface;
• More useful features like attachments, address books,
and vacation replies integrated with the e-mail
interface.
Transport Layer
 Transport Layer Features

• The transport layer is responsible for establishing a temporary

communication session between two applications and delivering data
between them;
• The transport layer provides
services, such as:
o Connection-oriented data
stream support;
o Reliability;
o Flow control;
o Multiplexing.
 Transport Layer Role

Track Individual Conversations

By tracking each individual
conversation flowing between a
source application and a
destination application
separately.
 Transport Layer Role

Segment Data and

Reassemble Segments
By dividing the data into
segments that are easier to
manage and transport.
 Transport Layer Role

Identify the Applications

By ensuring even when
multiple applications are
running on a device, all
applications receive the
correct data.
 Transport Layer Role

Conversion Multiplexing
• Segmenting the data into smaller
chunks enables many different
communications, from many
different users, to be interleaved
(multiplexed) on the same
network;
• The transport layer adds a
header that contains binary data
to identify each segment of data
and to enable various transport
layer protocols to perform
different functions in the
management of data
communication.
 Transport Layer Role
Reliability
• The transport layer is also responsible for managing reliability;
• Some applications may not require reliability. Transport layer requirements
vary from application to application;
• TCP/IP suite provides two transport
layer protocols, Transmission Control
Protocol (TCP) and User Datagram
Protocol (UDP);
• IP uses these transport protocols to
enable hosts to communicate and
transfer data;
• TCP is considered a reliable,
full-featured transport layer protocol,
which allows for packet data delivery
confirmation;
• In contrast, UDP is a very simple
transport layer protocol that does not
provide any reliability.
 Transmission Control Protocol
• TCP transport is reliable because it supports packet delivery
confirmation;
• There are three basic operations that enable reliability with TCP:
• Numbering and tracking data segments transmitted to a
specific host from a specific application;
• Acknowledging received data;
• Retransmitting any unacknowledged
data after a certain period of time.
 TCP Features

• In addition to supporting the basic functions of data

segmentation and reassembly, TCP provides the following
services:
o Establishing a Session;
o Reliable Delivery;
o Same-Order Delivery;
o Flow Control.
 TCP Packet

• TCP is a stateful protocol. It keeps track of the state of the

communication session by recording which information it has sent and
which information has been acknowledged;
• Each TCP segment has 20 bytes
of overhead in the header
encapsulating the application
layer data, as shown in this
image.
 User Datagram Protocol
• Some applications do not
require reliability. Reliability
incurs additional overhead and
possible delays in
transmission;
• Adding overhead to ensure
reliability for some
applications could reduce the
usefulness of the application
and can even be detrimental;
• If reliability is not required,
UDP is a better transport
protocol;
• UDP provides the basic
functions for delivering data
segments between the
appropriate applications,
with very little overhead and
data checking.
UDP Features
 UDP Datagram
• UDP is a stateless protocol. Neither the sender or the receiver is
obligated to keep track of the state of the communication session;
• Reliability must be handled by the application;
• Live video and voice applications must quickly deliver data and can
tolerate some data loss; they are perfectly suited to UDP;
• The pieces of communication in UDP are called datagrams;
• These datagrams are sent
as best-effort by the
transport layer protocol.;
• UDP has a low overhead
of 8 bytes.
 What Protocol to Use?

• TCP is a better choice for:

• Applications whose segments must arrive in a very specific
sequence to be processed successfully;
• Application in which all data must be fully received before any is
considered useful.
• Applications requiring TCP include: databases, Web browsers, e-mail
clients;
• UDP is a better choice for applications that can tolerate some data loss
during transmission, but delays in transmission are unacceptable;
• Applications using UDP include:
• Live audio streaming;
• live video streaming;
• Voice over IP (VoIP).
 Conversion Multiplexing

• The transport layer must separate and manage multiple

communications with different transport requirements;
• Different applications are sending and receiving data over the
network simultaneously;
• Unique header values allow TCP and UDP to manage these
multiple and simultaneous conversations by identifying these
applications;
• These unique identifiers
are the port numbers.
 Port Numbers

• Source Port:
• The source port number is dynamically chosen by the sending
device to identify a conversation between two devices;
• An HTTP client usually sends multiple HTTP requests to a web
server at the same time. Each separate HTTP conversation is
tracked based on the source ports.
• Destination Port:
• Used to identify an application
or service running in the server;
• A server can offer more than one
service at the same time, offering
a web service on port 80 and
FTP on port 21 simultaneously.
 Port Ranges

Port Numbers
The Internet
Assigned Numbers
Authority (IANA) is
the standards body Well-Known Port Numbers
responsible for
assigning various
addressing
standards, including
port numbers.
 Sockets

• The combination of the source IP address and source port number, or the
destination IP address and destination port number, is known as a socket;
• The socket is used to identify the server and service being requested by the
client;
• Two sockets combine to form a socket pair: (192.168.1.5:1099,
192.168.1.7:80);
• Sockets enable multiple processes
running on a client and multiple
connections to a server process to
be distinguished from each other.
• The source port number acts as a
return address for the requesting
application;
• It is the transport layer’s job to keeps
track of active sockets.
 netstat Tool

• Unexplained TCP connections can indicate a major security threat;

• netstat is an important network utility that can be used to verify the
active connections in a host;
• Use netstat to list the protocols in use, the local address and port
numbers, the foreign address and port numbers, and the connection
state;
• By default, the netstat command will attempt to resolve IP addresses
to domain names and port numbers to well-known applications;
• The -n option can be used to
display IP addresses and port
numbers in their numerical form.
 TCP Servers

• Each application process running on the server uses a port

number;
• An individual server cannot have two services assigned to the
same port number within the same transport layer service.
• An active server application assigned to a specific port is
considered to be open;
• Any incoming client request addressed to an open port is
accepted and processed by the server application bound to that
port;
• There can be many ports open simultaneously on a server, one
for each active server application.
 Establishing TCP Connection

A TCP connection is established in three steps:

1. The initiating client requests a client-to-server communication
session with the server;
2. The server acknowledges the client-to-server communication
session and requests a server-to-client
communication session;
3. The initiating client acknowledges
the server-to-client communication
session.
 Terminating a TCP Connection

The FIN TCP flag is used to terminate a TCP connection.

1. When the client has no more data to send in the stream, it sends a
segment with the FIN flag set;
2. The server sends an ACK to acknowledge the receipt of the FIN to
terminate the session from client to server;
3. The server sends a FIN to the client to
terminate the server-to-client session;
4. The client responds with an ACK to
acknowledge the FIN from the server;
5. When all segments have been
acknowledged, the session is closed.
 TCP Three-Way Handshake

• Establishes that the destination device is present on the network;

• Verifies that the destination device has an active service and is
accepting requests on the destination port number that the
initiating client intends to use;
• Informs the destination device that the source client intends to
establish a communication session on that port number.
 TCP Reliability
Message Order
• TCP segments use sequence numbers to uniquely identify and
acknowledge each segment, keep track of segment order, and indicate
how to reassemble and reorder received segments;
• An initial sequence number (ISN) is randomly chosen during the TCP
session setup. The ISN is then incremented by the number of
transmitted bytes;
• The receiving TCP process buffers
the segment data until all data is
received and reassembled;
• Segments received out of order
are held for later processing;
• The data is delivered to the
application layer only when it has
been completely received and
reassembled.
 TCP Reliability
Acknowledgements
• TCP is designed to confirm that each segment reached its destination;
• TCP session setup ensures the destination is not only reachable, but
ready to receive data;
• The TCP process on the destination host acknowledges the data it has
received from the source application;
• TCP allows for the retransmission of missed segments;
• TCP ensures all segments are properly re-ordered upon receipt;
• TCP session termination allows for parties to gracefully end a TCP
session when no data is to be transferred (FIN flag);
• A TCP endpoint can abruptly terminate a session if necessary (RST flag);
• The video on page 9.2.2.2 covers TCP Sequence Numbers and
Acknowledgements.
 TCP Reliability
Acknowledgements
• TCP provides mechanisms for flow control;
• Flow control ensures the TCP endpoints can receive and process data
reliably;
• TCP handles flow control by adjusting the rate of data flow between
source and destination for a given session;
• TCP flow control function relies on a
16-bit TCP header field called the
Window size. The window size is the
number of bytes that the destination
device of a TCP session can accept
and process at one time;
• TCP source and destination agree on
the initial window size when the TCP
session is established;
• TCP endpoints can adjust the window size during a session if necessary.
 TCP Reliability
Data Loss and Retransmission

• TCP provides methods of managing segment losses;

• Among these methods is a mechanism to retransmit
segments for unacknowledged data.
 TCP Reliability
Congestion Control
• Network congestion usually results in discarded packets;
• Undelivered TCP segments trigger re-transmission. TCP segment
retransmission can make the congestion even worse;
• The source can estimate a certain level of network congestion by looking at
the rate at which TCP segments are sent but not acknowledged;
• The source can reduce the number of
bytes it sends before receiving an
acknowledgement upon congestion
detection;
• The source reduces the number of
unacknowledged bytes it sends and not
the window size, which is determined by
the destination;
• The destination is usually unaware of the
network congestion and sees no need to
suggest a new window size.
 UDP Lightweight Reliability
• UDP is a simple protocol;
• UDP provides the basic transport layer functions;
• UDP has much lower overhead than TCP;
• UDP is not connection-oriented and does not offer the sophisticated
retransmission, sequencing, and flow control mechanisms;
• Applications running UDP can still use reliability, but it must be
implemented in the application layer;
• However, UDP is not inferior.
It is designed to be simpler
and faster than TCP at the
expense of reliability.
 Assembling UDP Datagrams

• UDP does not track sequence numbers the way TCP does;
• UDP has no way to reorder the datagrams into their transmission order;
• UDP simply reassembles
the data in the order in which
it was received;
• The application must identify
the proper sequence, if
necessary.
 UDP Servers

• UDP-based server applications are also assigned well-known or

registered port numbers;
• UDP applications and services running on a server accept UDP
client requests;
• Requests received on a specific port are forwarded to the proper
application based on port numbers.
 UDP Servers

• UDP client-server communication is also initiated by a client

application;
• The UDP client process dynamically selects a port number and
uses this as the source port;
• The destination port is usually the well-known or registered port
number assigned to the server process;
• The same source-destination pair of ports is used in the header
of all datagrams used in the transaction;
• Data returning to the client from the server uses a flipped source
and destination port numbers in the datagram header.
 Applications Using TCP

• TCP handles all transport

layer related tasks;
• This frees the application
from having to manage any
of these tasks;
• Applications can simply send
the data stream to the
transport layer and use the
services of TCP.
 Applications Using UDP

• Live video and multimedia applications – Can tolerate some

data loss, but require little or no delay. Examples include VoIP
and live streaming video.
• Simple request and reply applications – Applications with
simple transactions where a host sends a request and may or
may not receive a reply. Examples include DNS and DHCP.
• Applications that handle reliability
themselves – Unidirectional
communications where flow control,
error detection, acknowledgements,
and error recovery is not required or
can be handled by the application.
Examples include SNMP and TFTP.
 TCP Demo
Capture Screen
Network Layer
 Network Layer Features

• The network layer is concerned with getting packets from the

source all the way to the destination;
• To achieve its goals, the network layer must know about the
topology of the communication subnet and choose appropriate
paths through it. It must also take care to choose routes to avoid
overloading some of the communication lines and routers while
leaving others idle.
 Network Layer Features

The network layer provides services to allow end devices to

exchange data across the network. To accomplish this end-to-end
transport, the network layer uses four basic processes:
• Addressing end devices;
• Encapsulation;
• Routing;
• De-encapsulating.
 Network Layer Design Issues

• Store-and-Forward Packet Switching;

• Services Provided to the Transport Layer;
• Implementation of Connectionless Service;
• Implementation of Connection-Oriented Service;
• Comparison of Virtual-Circuit and Datagram Subnets.
 Store-and-Forward
Packet Switching

Customer’s equipment

fig 5-1

The environment of the network layer protocols.

 Store-and-Forward
Packet Switching

A host with a packet to send transmits it to the nearest router,

either on its own LAN or over a point-to-point link to the
carrier. The packet is stored there until it has fully arrived so
the checksum can be verified. Then it is forwarded to the next
router along the path until it reaches the destination host,
where it is delivered. This mechanism is store-and-forward
packet switching.
 Services Provided to
the Transport Layer

The network layer services have been designed with the

following goals:
• The services should be independent of the router
technology;
• The transport layer should be shielded from the number,
type, and topology of the routers present;
• The network addresses made available to the transport
layer should use a uniform numbering plan, even across
LANs and WANs.
 Services Provided to
the Transport Layer

The routers' job is moving packets around and nothing else. In

their view, the subnet is inherently unreliable, no matter how
it is designed. Therefore, the hosts should accept the fact that
the network is unreliable and do error control (i.e., error
detection and correction) and flow control themselves. So the
network service should be connectionless.

The Internet offers connectionless

network-layer service
 Services Provided to
the Transport Layer

The subnet should provide a reliable, connection-oriented

service. In this view, quality of service is the dominant factor,
and without connections in the subnet, quality of service is
very difficult to achieve, especially for real-time traffic such as
voice and video.

ATM networks offer connection-

oriented network-layer service.
 Implementation of
Connectionless Service

• Two different organizations are possible, depending on the

type of service offered;
• If connectionless service is offered, packets are injected into
the subnet individually and routed independently of each
other. No advance setup is needed. In this context, the
packets are frequently called datagrams and the subnet is
called a datagram subnet;
• If connection-oriented service is used, a path from the
source router to the destination router must be established
before any data packets can be sent. This connection is
called a VC (virtual circuit) and the subnet is called a
virtual-circuit subnet.
 Implementation of
Connectionless Service

The question is: a packet with a destination D arrives at

router A, then which router will router A send this packet to?
 Implementation of
Connection-Oriented Service
• For connection-oriented service, we need a virtual-circuit
subnet;
• The idea behind virtual circuits is to avoid having to choose
a new route for every packet sent. Instead, when a
connection is established, a route from the source machine
to the destination machine is chosen as part of the
connection setup and stored in tables inside the routers.
That route is used for all traffic flowing over the connection,
exactly the same way that the telephone system works.
When the connection is released, the virtual circuit is also
terminated;
• With connection-oriented service, each packet carries an
identifier telling which virtual circuit it belongs to.
 Implementation of
Connection-Oriented Service

Routing within a virtual-circuit subnet.

 Comparison of Virtual-Circuit
and Datagram Subnets
Issues Datagram Subnet Virtual-circuit Subnet
Circuit setup Not needed Required
Addressing Each packet contains the Each packet contains sort VC
full source and number
destination address
State information Routers do not hold state Each VC requires router table space
information about per connection
connections
Routing Each packet is routed Router chooses when VC is set up;
independently all packets follow it
Effect on routing failures None, except for packets All VCs that passed can be
lost during crash allocated in advance for each VC
Quality of service Difficult Easy if enough resources can be
allocated in advance for each VC
Congestion control Difficult Easy if enough resources can be
allocated in advance for each VC
 Comparison of Virtual-Circuit
and Datagram Subnets
• Inside the subnet, several trade-offs exist between virtual
circuits and datagrams;
• One trade-off is between router memory space and
bandwidth;
• Virtual circuits allow packets to contain circuit numbers
instead of full destination addresses. If the packets tend to
be fairly short, a full destination address in every packet
may represent a significant amount of overhead and hence,
wasted bandwidth. The price paid for using virtual circuits
internally is the table space within the routers. Depending
upon the relative cost of communication circuits versus
router memory, one or the other may be cheaper.
 Comparison of Virtual-Circuit
and Datagram Subnets
• Another trade-off is setup time versus address parsing time;
• Using virtual circuits requires a setup phase, which takes
time and consumes resources. However, figuring out what
to do with a data packet in a virtual-circuit subnet is easy:
the router just uses the circuit number to index into a table
to find out where the packet goes. In a datagram subnet, a
more complicated lookup procedure is required to locate
the entry for the destination.
 Routing Algorithms

• The routing algorithm is that part of the network layer

software responsible for deciding which output line an
incoming packet should be transmitted on.
• Properties of routing algorithm:
– Correctness;
– Simplicity; packet
– Robustness;
– Stability;
– Fairness;
– Optimality.
 Description of Routing Algorithms

• Robustness: Once a major network comes on the air, it may

be expected to run continuously for years without system-
wide failures. During that period there will be hardware and
software failures of all kinds. Hosts, routers, and lines will
fail repeatedly, and the topology will change many times.
The routing algorithm should be able to cope with changes
in the topology and traffic without requiring all jobs in all
hosts to be aborted and the network to be rebooted every
time some router crashes.
 Description of Routing Algorithms

• Stability: It is also an important goal for the routing

algorithm. There exist routing algorithms that never
converge to equilibrium, no matter how long they run.
A stable algorithm reaches equilibrium and stays there.

A B
Q
 Description of Routing Algorithms
• Fairness and optimality may sound obvious, but as it turns out, they
are often contradictory goals;

• There is enough traffic between A and A', between B and B', and
between C and C' to saturate the horizontal links. To maximize the total
flow, the X to X' traffic should be shut off altogether. Unfortunately, X
and X' may not see it that way. Evidently, some compromise between
global efficiency and fairness to individual connections is needed.
 Description of Routing Algorithms

• Categories of algorithm: non-adaptive and adaptive;

• Non-adaptive algorithms do not base their routing decisions on
measurements or estimates of the current traffic and topology.
Instead, the choice of the route to
use to get from I to J is computed in advance, off-line,
and downloaded to the routers when the network is booted;
B
A - A D
B B
C C C
D B

• This procedure is sometimes called static routing.

 Description of Routing Algorithms

• Adaptive algorithms, in contrast, change their routing decisions

to reflect changes in the topology, and usually the traffic as well;
B
A - A D
B B
C C C
D B
A -
B C
C C
D C
• This procedure is sometimes called dynamic routing.
 Routing Algorithms

• The Optimality Principle;

• Shortest Path Routing;
• Flooding;
• Distance Vector Routing;
• Link State Routing;
• Hierarchical Routing;
• Broadcast Routing.
 The Optimal Principle

• The Optimality Principle: if router J is on the

optimal path from router I to router K, then the
optimal path from J to K also falls along the same
route.

I J
K
 The Optimal Principle

• The set of optimal routes from all sources to a given

destination form a tree rooted at the destination.
Such a tree is called a sink tree;
• Figure (a) A subnet. (b) A sink tree for router B.
 The Optimal Principle

• Note: A sink tree is not necessarily unique; other

trees with the same path lengths may exist;
• The goal of all routing algorithms is to discover and
use the sink trees for all routers.
 Shortest Path Routing
• The idea is to build a graph of the subnet, with each node of the graph
representing a router and each arc of the graph representing a
communication line (often called a link);
• To choose a route between a given pair of routers, the algorithm just
finds the shortest path between them on the graph;
• One way of measuring path length is the number of hops. Another
metric is the geographic distance in kilometers . Many other metrics
are also possible. For example, each arc could be labeled with the
mean queuing and transmission delay for some standard test packet as
determined by hourly test runs;
• In the general case, the labels on the arcs could be computed as a
function of the distance, bandwidth, average traffic, communication
cost, mean queue length, measured delay, and other factors. By
changing the weighting function, the algorithm would then compute
the ''shortest'' path measured according to any one of a number of
criteria or to a combination of criteria.
 Shortest Path Routing

• Dijkstra algorithm: Each node is labeled (in parentheses)

with its distance from the source node along the best
known path. Initially, no paths are known, so all nodes are
labeled with infinity. As the algorithm proceeds and paths
are found, the labels may change, reflecting better paths. A
label may be either tentative or permanent. Initially, all
labels are tentative. When it is discovered that a label
represents the shortest possible path from the source to
that node, it is made permanent and never changed
thereafter.
 Shortest Path Routing

The first five steps

used in computing
the shortest path
from A to D. The
arrows indicate
the working node.

The shortest path from A to D is: ABEFHD

 Flooding

• Every incoming packet is sent out on every outgoing line

except the one it arrived on;
• Flooding obviously generates vast numbers of duplicate
packets, in fact, an infinite number unless some measures
are taken to damp the process;
• One such measure is to have a hop counter contained in the
header of each packet, which is decremented at each hop,
with the packet being discarded when the counter reaches
zero;
• An alternative technique for damming the flood is to keep
track of which packets have been flooded, to avoid sending
them out a second time.
 Flooding

• A variation of flooding that is slightly more practical is

selective flooding. In this algorithm the routers do not send
every incoming packet out on every line, only on those lines
that are going approximately in the right direction.
• Applications of flooding algorithm:
– Military applications;
– Distributed database applications;
– Wireless networks;
– As a metric against which other routing algorithms can be
compared.
 Distance Vector Routing

• A dynamic routing algorithm;

• Distance vector routing algorithms operate by having each
router maintain a table (i.e. a vector) giving the best known
distance to each destination and which line to use to get
there. These tables are updated by exchanging information
with the neighbors (also named the distributed Bellman-
Ford routing algorithm and the Ford-Fulkerson algorithm);
• Table content: In distance vector routing, each router
maintains a routing table indexed by, and containing one
entry for, each router in the subnet. This entry contains two
parts: the preferred outgoing line to use for that destination
and an estimate of the time or distance to that destination.
 Distance Vector Routing

• Table updating method: Assume that the router knows the

delay to each of its neighbors. Once every T msec. each
router sends to each neighbor a list of its estimated delays
to each destination. It also receives a similar list from each
neighbor. Imagine that one of these tables has just come in
from neighbor X, with Xi being X's estimate of how long it
takes to get to router i. If the router knows that the delay to
X is m msec., it also knows that it can reach router i via X in
Xi + m msec. By performing this calculation for each
neighbor, a router can find out which estimate seems the
best and use that estimate and the corresponding line in its
new routing table. Note that the old routing table is not
used in the calculation.
 Distance Vector Routing

Part (a) shows a subnet. The first four columns of part (b)
show the delay vectors received from the neighbors of router
J. Suppose that J has measured or estimated its delay to its
neighbors, A, I, H, and K as 8, 10, 12, and 6 msec., respectively.
 Link State Routing

• A dynamic routing algorithm;

• The idea behind link state routing can be stated as five parts.
Each router must do the following:
– Discover its neighbors and learn their network addresses;
– Measure the delay or cost to each of its neighbors;
– Construct a packet telling all it has just learned;
– Send this packet to all other routers;
– Compute the shortest path to every other router.
• In effect, the complete topology and all delays are
experimentally measured and distributed to every router. Then
Dijkstra's algorithm can be run to find the shortest path to every
other router.
 Link State Routing

• Learning about the Neighbors:

– It accomplishes this goal by sending a special HELLO packet on each
point-to-point line. The router on the other end is expected to send
back a reply telling who it is. These names must be globally unique
because when a distant router later hears that three routers are all
connected to F, it is essential that it can determine whether all
three mean the same F.
• Measuring Line Cost:
– The most direct way to determine this delay is to send over the line
a special ECHO packet that the other side is required to send back
immediately. By measuring the round-trip time and dividing it by
two, the sending router can get a reasonable estimate of the delay.
For even better results, the test can be conducted several times,
and the average used. Of course, this method implicitly assumes
the delays are symmetric, which may not always be the case.
 Link State Routing

• Building Link State Packets:

– The packet starts with the identity of the sender, followed by a
sequence number and age (to be described later), and a list of
neighbors. For each neighbor, the delay to that neighbor is given.

(a) A subnet. (b) The link state packets for this subnet
 Link State Routing

• Building the link state packets is easy. The hard part is determining
when to build them. One possibility is to build them periodically, that
is, at regular intervals. Another possibility is to build them when some
significant event occurs, such as a line or neighbor going down or
coming back up again or changing its properties appreciably.
• Distributing the Link State Packets:
– The basic distribution algorithm: The fundamental idea is to use flooding
to distribute the link state packets. To keep the flood in check, each
packet contains a sequence number that is incremented for each new
packet sent. Routers keep track of all the (source router, sequence) pairs
they see. When a new link state packet comes in, it is checked against the
list of packets already seen. If it is new, it is forwarded on all lines except
the one it arrived on. If it is a duplicate, it is discarded. If a packet with a
sequence number lower than the highest one seen so far ever arrives, it is
rejected as being obsolete since the router has more recent data.
 Link State Routing

• First problem with this algorithm: if the sequence numbers wrap

around, confusion will reign. The solution here is to use a 32-bit
sequence number. With one link state packet per second, it
would take 137 years to wrap around, so this possibility can be
ignored;
• Second problem: if a router ever crashes, it will lose track of its
sequence number. If it starts again at 0, the next packet will be
rejected as a duplicate;
• Third problem: if a sequence number is ever corrupted and
65,540 is received instead of 4 (a 1-bit error), packets 5 through
65,540 will be rejected as obsolete, since the current sequence
number is thought to be 65,540.
 Link State Routing

• The solution to all these problems is to include the age of each

packet after the sequence number and decrement it once per
second. When the age hits zero, the information from that router
is discarded.
• Computing the New Routes:
– Once a router has accumulated a full set of link state packets, it can
construct the entire subnet graph because every link is
represented;
– Now Dijkstra's algorithm can be run locally to construct the
shortest path to all possible destinations.
 Hierarchical Routing

• The routers are divided into what we will call regions, with
each router knowing all the details about how to route
packets to destinations within its own region, but knowing
nothing about the internal structure of other regions;
• For huge networks, a two-level hierarchy may be
insufficient; it may be necessary to group the regions into
clusters, the clusters into zones, the zones into groups, and
so on, until we run out of names for aggregations.
 Hierarchical Routing

• The full routing table for

router 1A has 17 entries, as
shown in (b). When routing is
done hierarchically, as in (c),
there are entries for all the
local routers as before, but all
other regions have been
condensed into a single
router, so all traffic for region
2 goes via the 1B -2A line, but
the rest of the remote traffic
goes via the 1C -3B line.
Hierarchical routing has
reduced the table from 17 to
7 entries.
 Hierarchical Routing

• Unfortunately, these gains in space are not free. There is a

penalty to be paid, and this penalty is in the form of
increased path length. For example, the best route from 1A
to 5C is via region 2, but with hierarchical routing all traffic
to region 5 goes via region 3, because that is better for most
destinations in region 5.
 Broadcast Routing

• Sending a packet to all destinations simultaneously is called

broadcasting;
• The source simply sends a distinct packet to each
destination. Not only is the method wasteful of bandwidth,
but it also requires the source to have a complete list of all
destinations;
• Flooding: The problem with flooding as a broadcast
technique is that it generates too many packets and
consumes too much bandwidth.
 Broadcast Routing

• Multi-destination routing;
• If this method is used, each packet contains either a list of
destinations or a bit map indicating the desired
destinations. When a packet arrives at a router, the router
checks all the destinations to determine the set of output
lines that will be needed. (An output line is needed if it is
the best route to at least one of the destinations.) The
router generates a new copy of the packet for each output
line to be used and includes in each packet only those
destinations that are to use the line. In effect, the
destination set is partitioned among the output lines. After
a sufficient number of hops, each packet will carry only one
destination and can be treated as a normal packet.
 Broadcast Routing

• A fourth broadcast algorithm makes explicit use of the sink

tree for the router initiating the broadcast—or any other
convenient spanning tree for that matter;
• A spanning tree is a subset of the subnet that includes all
the routers but contains no loops;
• If each router knows which of its lines belong to the
spanning tree, it can copy an incoming broadcast packet
onto all the spanning tree lines except the one it arrived on.
 Broadcast Routing

• Reverse path forwarding: When a broadcast packet arrives

at a router, the router checks to see if the packet arrived on
the line that is normally used for sending packets to the
source of the broadcast. If so, there is an excellent chance
that the broadcast packet itself followed the best route
from the router and is therefore the first copy to arrive at
the router. This being the case, the router forwards copies
of it onto all lines except the one it arrived on. If, however,
the broadcast packet arrived on a line other than the
preferred one for reaching the source, the packet is
discarded as a likely duplicate.
 Broadcast Routing

• How does the reverse path algorithm works?

Reverse path forwarding. (a) A subnet. (b) A sink tree. (c) The
tree built by reverse path forwarding.
 The Network Layer in the Internet

• The IP Protocol;
• IP Addresses;
• Internet Control Protocols.
 The IP Protocol

• An IP datagram consists of a header part and a text part.

The header has a 20-byte fixed part and a variable length
optional part.
 IP Addresses

• Every host and router on the Internet has an IP address, which

encodes its network number and host number;
• All IP addresses are 32 bits long. It is important to note that an IP
address does not actually refer to a host. It really refers to a network
interface, so if a host is on two networks, it must have two IP
addresses;
• IP addresses were divided into the five categories

network mask

255.0.0.0
255.255.0.0
255.255.255.0
 IP Addresses

• The values 0 and -1 (all 1s) have special meanings. The value 0
means this network or this host. The value of -1 is used as a
broadcast address to mean all hosts on the indicated network.
 IP Addresses

• All the hosts in a network must have the same network number.
This property of IP addressing can cause problems as networks
grow;
• The problem is the rule that a single class A, B, or C address
refers to one network, not to a collection of LANs;
• The solution is to allow a network to be split into several parts
for internal use but still act like a single network to the outside
world.
 IP Addresses

• To implement subnetting, the main router needs a subnet mask

that indicates the split between network + subnet number and
host;
• For example, if the university has a B address(130.50.0.0) and 35
departments, it could use a 6-bit subnet number and a 10-bit
host number, allowing for up to 64 Ethernets, each with a
maximum of 1022 hosts;

• The subnet mask can be written as 255.255.252.0. An alternative

notation is /22 to indicate that the subnet mask is 22 bits long.
 Internet Control Protocols

• The Internet Control Message Protocol (ICMP):

– The operation of the Internet is monitored closely by the routers;
When something unexpected occurs, the event is reported by the
ICMP, which is also used to test the Internet;
– Each ICMP message type is encapsulated in an IP packet.
 Internet Control Protocols

• ARP—The Address Resolution Protocol:

– Most hosts at companies and universities are attached to a
LAN by an interface board that only understands LAN
addresses.;
– The question: How do IP addresses get mapped onto data link
layer addresses, such as Ethernet?
– Let us start out by seeing how a user on host 1 sends a packet
to a user on host 2.
 Internet Control Protocols

• The upper layer software on host 1 now builds a packet with

192.31.65.5 in the Destination address field and gives it to the IP
software to transmit;
• The IP software can look at the address and see that the destination is
on its own network, but it needs some way to find the destination's
Ethernet address;
• Host 1 outputs a broadcast packet onto the Ethernet asking: Who
owns IP address 192.31.65.5? The broadcast will arrive at every
machine on Ethernet 192.31.65.0, and each one will check its IP
address;
• Host 2 alone will respond with its Ethernet address (E2). In this way
host 1 learns that IP address 192.31.65.5 is on the host with Ethernet
address E2;
• The protocol used for asking this question and getting the reply is
called ARP (Address Resolution Protocol).
 Internet Control Protocols

• The IP software on host 1 builds an Ethernet frame addressed to E2,

puts the IP packet (addressed to 192.31.65.5) in the payload field, and
dumps it onto the Ethernet;
• The Ethernet board of host 2 detects this frame, recognizes it as a
frame for itself, scoops it up, and causes an interrupt. The Ethernet
driver extracts the IP packet from the payload and passes it to the IP
software, which sees that it is correctly addressed and processes it.
 Internet Control Protocols

• RARP, BOOTP, and DHCP:

– Given an Ethernet address, what is the corresponding IP
address? In particular, this problem occurs when a diskless
workstation is booted.
– The first solution devised was to use RARP (Reverse Address
Resolution Protocol). This protocol allows a newly-booted
workstation to broadcast its Ethernet address and say: My 48-
bit Ethernet address is 14.04.05.18.01.25. Does anyone out
there know my IP address? The RARP server sees this
request, looks up the Ethernet address in its configuration
files, and sends back the corresponding IP address.
 Internet Control Protocols

• A disadvantage of RARP is that it uses a destination address

of all 1s (limited broadcasting) to reach the RARP server.
However, such broadcasts are not forwarded by routers, so
a RARP server is needed on each network;
• Unlike RARP, BOOTP uses UDP messages, which are
forwarded over routers. It also provides a diskless
workstation with additional information, including the IP
address of the file server holding the memory image, the IP
address of the default router, and the subnet mask to use;
• A serious problem with BOOTP is that it requires manual
configuration of tables mapping IP address to Ethernet
address.
 Internet Control Protocols

• DHCP allows both manual IP address assignment and

automatic assignment;
• Like RARP and BOOTP, DHCP is based on the idea of a
special server that assigns IP addresses to hosts asking for
one. This server need not be on the same LAN as the
requesting host.
 Internet Control Protocols

• To find its IP address, a newly-booted machine broadcasts a

DHCP DISCOVER packet. The DHCP relay agent on its LAN
intercepts all DHCP broadcasts. When it finds a DHCP
DISCOVER packet, it sends the packet as a unicast packet to
the DHCP server, possibly on a distant network. The only
piece of information the relay agent needs is the IP address
of the DHCP server.
 Internet Control
Message Protocol
 Types of Messages

ICMP messages are divided into error-reporting messages and

query messages. The error-reporting messages report
problems that a router or a host (destination) may encounter.
The query messages get specific information from a router or
another host.
Types of Messages
 Message Format

An ICMP message has an 8-byte header and a variable-size

data section. Although the general format of the header is
different for each message type, the first 4 bytes are common
to all.
 Error Reporting

• IP, as an unreliable protocol, is not concerned with error

checking and error control. ICMP was designed, in part, to
compensate for this shortcoming. ICMP does not correct
errors, it simply reports them;
• ICMP always reports error messages to the original
source.
 Error Reporting

• The following are important points about ICMP error

messages:
– No ICMP error message will be generated in response
to a datagram carrying an ICMP error message;
– No ICMP error message will be generated for a
fragmented datagram that is not the first fragment;
– No ICMP error message will be generated for a
datagram having a multicast address;
– No ICMP error message will be generated for a
datagram having a special address such as 127.0.0.0 or
0.0.0.0.
Contents of Data Field
for Error Messages
 Destination-Unreachable Format

• Destination unreachable is generated by the host or its

inbound gateway to inform the client that the destination is
unreachable for some reason. A Destination Unreachable
message may be generated as a result of a TCP or UDP.
Unreachable TCP ports notably respond with TCP RST rather
than a Destination Unreachable type 3 as might be
expected.
• The error will not be generated if the original datagram has
a multicast destination address. Reasons for this message
may include: the physical connection to the host does not
exist (distance is infinite); the indicated protocol or port is
not active; the data must be fragmented but the 'don't
fragment' flag is on.
 Destination-Unreachable Format

• Destination-unreachable messages with codes 2 or 3 can be

created only by the destination host;
• Other destination-unreachable messages can be created
only by routers;
• A router cannot detect all problems that prevent the
delivery of a packet;
• There is no flow-control mechanism in the IP protocol.
 Source-quench Format
• Source Quench requests that the sender decrease the rate of messages sent to a
router or host. This message may be generated if a router or host does not have
sufficient buffer space to process the request, or may occur if the router or host buffer
is approaching its limit.
• Data is sent at a very high speed from a host or from several hosts at the same time to
a particular router on a network. Although a router has buffering capabilities, the
buffering is limited to within a specified range. The router cannot queue any more
data than the capacity of the limited buffering space. Thus if the queue gets filled up,
incoming data is discarded until the queue is no longer full. But as no
acknowledgement mechanism is present in the network layer, the client does not
know whether the data has reached the destination successfully. Hence some
remedial measures should be taken by the network layer to avoid these kind of
situations. These measures are referred to as source quench. In a source quench
mechanism, the router sees that the incoming data rate is much faster than the
outgoing data rate, and sends an ICMP message to the clients, informing them that
they should slow down their data transfer speeds or wait for a certain amount of time
before attempting to send more data. When a client receives this message, it will
automatically slow down the outgoing data rate or wait for a sufficient amount of
time, which enables the router to empty the queue. Thus the source quench ICMP
message acts as flow control in the network layer.
 Source-quench Format

• A source-quench message informs the source that a datagram has

been discarded due to congestion in a router or the destination host;
• The source must slow down the sending of datagrams until the
congestion is relieved;
• One source-quench message is sent for each datagram that is
discarded due to congestion;
• Whenever a router decrements a datagram with a time-to-live value to
zero, it discards the datagram and sends a time-exceeded message to
the original source.
 Source-quench Format

• Whenever a router decrements a datagram with a time-to-live value to

zero, it discards the datagram and sends a time-exceeded message to
the original source;
• In a time-exceeded message, code 0 is used only by routers to show
that the value of the time-to-live field is zero. Code 1 is used only by
the destination host to show that not all of the fragments have arrived
within a set time.
 Time-exceeded Message Format

• Time Exceeded is generated by a gateway to inform the

source of a discarded datagram due to the time to live field
reaching zero. A time exceeded message may also be sent
by a host if it fails to reassemble a fragmented datagram
within its time limit;
• Time exceeded messages are used by the traceroute utility
to identify gateways on the path between two hosts.
 Parameter-Problem
Message Format

• A host usually starts with a small routing table that is

gradually augmented and updated. One of the tools to
accomplish this is the redirection message.
 Redirection Message Format
• Redirect requests data packets be sent on an alternative route. ICMP Redirect
is a mechanism for routers to convey routing information to hosts. The
message informs a host to update its routing information (to send packets on
an alternative route). If a host tries to send data through a router (R1) and R1
sends the data on another router (R2) and a direct path from the host to R2 is
available (that is, the host and R2 are on the same Ethernet segment), then
R1 will send a redirect message to inform the host that the best route for the
destination is via R2. The host should then send packets for the destination
directly to R2. The router will still send the original datagram to the intended
destination.[8] However, if the datagram contains routing information, this
message will not be sent even if a better route is available;
• A redirection message is sent from a router to a host on the same local
network.
 Query

ICMP can also diagnose some network problems through the

query messages, a group of four different pairs of messages. In
this type of ICMP message, a node sends a message that is
answered in a specific format by the destination node.
 Echo-request and Echo-reply
Message Format

• An echo-request message can be sent by a host or router. An

echo-reply message is sent by the host or router which receives
an echo-request message;
• Echo-request and echo-reply messages can be used by network
managers to check the operation of the IP protocol;
• Echo-request and echo-reply messages can test the reachability
of a host. This is usually done by invoking the ping command.
 Timestamp-request and
Timestamp-reply Message Format

• Timestamp is used for time synchronization. The originating timestamp is set

to the time (in milliseconds since midnight) the sender last touched the
packet. The receive and transmit timestamps are not used;
• Timestamp-request and timestamp-reply messages can be used to calculate
the round-trip time between a source and a destination machine even if their
clocks are not synchronized;
• The timestamp-request and timestamp-reply messages can be used to
synchronize two clocks in two machines if the exact one-way time duration is
known.
 Mask-request and
Mask-reply Message Format

• Address mask request is normally sent by a host to a router in

order to obtain an appropriate subnet mask;
• Recipients should reply to this message with an Address mask
reply message;
• Address mask reply is used to reply to an address mask request
message with an appropriate subnet mask.
Router-advertisement
Message Format
 Checksum

In ICMP the checksum is calculated over the entire message

(header and data).
 ICMP Package

To give an idea of how ICMP can handle the sending and

receiving of ICMP messages, we present our version of an
ICMP package made of two modules: an input module and an
output module.
 Debugging Tools

• We use the ping program to test the server Nemedi.ase.ro. The

result is shown below:
Pinging s-lnx-web-7.ase.ro [193.226.34.74] with 32 bytes of
data:
Reply from 193.226.34.74: bytes=32 time=222ms TTL=55
Reply from 193.226.34.74: bytes=32 time=6ms TTL=55
Reply from 193.226.34.74: bytes=32 time=9ms TTL=55
Reply from 193.226.34.74: bytes=32 time=14ms TTL=55
Ping statistics for 193.226.34.74:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 6ms, Maximum = 222ms, Average = 62ms
 Debugging Tools

• The traceroute program operation

Tracing route to s-lnx-web-7.ase.ro [193.226.34.74] over a maximum of 30 hops:
1 3 ms 2 ms 4 ms 192.168.100.1
2 14 ms 18 ms 12 ms 10.0.0.1
3 * * * Request timed out.
4 6 ms 4 ms 5 ms br01.bucuresti.rdsnet.ro [213.154.124.7]
5 8 ms 6 ms 13 ms roedunet.bucuresti.rdsnet.ro [81.196.1.206]
6 9 ms 15 ms 5 ms te-3-4.core2.nat.roedu.net [37.128.239.49]
7 9 ms 5 ms 5 ms te-3-4.acc1.nat.roedu.net [37.128.232.6]
8 24 ms 12 ms 23 ms 37.128.230.38
9 10 ms 5 ms * s-lnx-web-7.ase.ro [193.226.34.74]
10 19 ms 8 ms 5 ms s-lnx-web-7.ase.ro [193.226.34.74]
Trace complete.
ARP and RARP
 Address Resolution Protocol and
Reverse Address Resolution Protocol

• ARP associates an IP address with its physical address. On a

typical physical network, such as a LAN, each device on a
link is identified by a physical or station address that is
usually imprinted on the NIC;
• Logical address to physical address translation can be done
statically (not practical) or dynamically (with ARP).
 Address Resolution Protocol and
Reverse Address Resolution Protocol
ARP Packet

Hardware
Type - Ethernet
is type 1

Protocol Type-
IPv4=x0800

Hardware
Length:length of
Ethernet
Address (6)

Protocol
Length:length of
IPv4 address (4)
 Encapsulation of ARP Packet

The ARP packet is encapsulated within an Ethernet packet.

Note: Type field for Ethernet is x0806
Four Cases Using ARP
 Example 1

A host with IP address 130.23.43.20 and physical address

B2:34:55:10:22:10 has a packet to send to another host with
IP address 130.23.43.25 and physical address
A4:6E:F4:59:83:AB (which is unknown to the first host). The
two hosts are on the same Ethernet network. Show the ARP
request and reply packets encapsulated in Ethernet frames.
 Example 1

Note that the ARP data field in this case is 28 bytes,

and that the individual addresses do not fit in the 4-
byte boundary. That is why we do not show the
regular 4-byte boundaries for these addresses. Also
note that the IP addresses are shown in
hexadecimal.
 Proxy ARP

A proxy ARP, running in a router, can respond to an ARP

request for any of its portages. The proxy ARP replies
with its own MAC address. When the packet arrives, the
router delivers it to the appropriate host.
 The Cache Table

• If ARP just resolved an IP address, chances are a few

moments later someone is going to ask to resolve the same
IP address;
• When ARP returns a MAC address, it is placed in a cache.
When the next request comes in for the same IP address,
look first in the cache;
• The cache table contents:
– Queue number: which queue the ARP request is sitting in;
– Attempts: how many times have you tried to resolve this address?
– Time-out: how long until this address is tossed out (need the room in
cache);
– Hardware address: destination hardware address;
– Protocol address: destination IP address.
The Cache Table
 How Does the Cache Work?

• The output module waits for an IP packet with a request;

• Checks the cache for an existing entry;
• If entry found and state RESOLVED, we already have this MAC address;
• If entry found and state PENDING, packet waits until destination hard address
found;
• If no entry found, output module places this request in queue, and a new
entry is placed in cache with state PENDING and ATTEMPTS set to 1. An ARP
request is then broadcast;
• The input module waits until an ARP request or reply arrives
• Module checks the cache for this entry
• If entry is found and state is PENDING, module updates entry’s target
hardware address, changes state to RESOLVED, and sets the TIME-OUT value;
• If entry is found and state RESOLVED, module still updates the entry (target
hardware address could have changed) and the TIME-OUT value reset;
 How Does the Cache Work?

• If entry not found, module creates a new entry. State is set to RESOLVED and
TIME-OUT is set;
• Now the module checks to see if arrived ARP packet is a Request. If it is, the
module immediately creates an ARP Reply message and sends it back to
sender;
• The cache-control module periodically checks each cache entry
• If entry’s state is FREE, skips it
• If entry’s state is PENDING, Attempts field is incremented by 1. This value
greater than max? Toss this entry (and mark entry as FREE). Less than max?
Send another ARP request;
• If state of entry is RESOLVED, module decrements value of Time-out field
accordingly
• If Time-out field < 0, then remove entry and set state to FREE.
 Reverse Address
Resolution Protocol
• RARP finds the logical address for a machine that only knows its
physical address;
• This if often encountered on thin-client workstations. No disk, so
when machine is booted, it needs to know its IP address (don’t want to
burn the IP address into the ROM);
• RARP requests are broadcast, RARP replies are unicast;
• If a thin-client workstation needs to know its IP address, it probably
also needs to know its subnet mask, router address, DNS address, etc.;
• So we need something more than RARP. BOOTP, and now DHCP have
replaced RARP.
 Reverse Address
Resolution Protocol
RARP Packet
Encapsulation of RARP Packet
 Internet Group
Management Protocol
 Internet Group
Management Protocol
• IGMP is a protocol that manages group membership. The IGMP
protocol gives the multicast routers information about the
membership status of hosts (routers) connected to the network;
• IGMP is a group management protocol. It helps a multicast
router create and update a list of loyal members related to each
router interface.
IGMP Message Format
 IGMP Operation

• A multicast router connected to a network has a list of multicast

addresses of the groups with at least one loyal member in that
network. For each group, there is one router that has the duty of
distributing the multicast packets destined for that group;
• The topics discussed in this section include:
– Joining a Group;
– Leaving a Group;
– Monitoring Membership.
 Membership and Leave Report

• In IGMP, a membership
report is sent twice, one
after the other.
General Query Message
 Encapsulation

• The IGMP message is encapsulated in an IP datagram, which is itself

encapsulated in a frame;
• The IP packet that carries an IGMP packet has a value of 2 in its
protocol field;
• The IP packet that carries an IGMP packet has a value of 1 in its
TTL field.
 IGMP Package

We can show how

IGMP can handle the
sending and receiving
of IGMP packets
through our simplified
version of an IGMP
package. In our design
an IGMP package
involves a group table,
a set of timers, and
four software
modules.
IPv6
 IPv4 Overview

• Forth revision of development of Internet Protocol;

• Most widely used protocol at present;
• Connection-less protocol used on packet-switched Link
Layer networks;
• A system of addresses:
– To identify devices;
– 32 bits.
• 232 combinations;
• Nearly 4.3 billion;
• Not enough and more addresses are needed.
 Problems of IPv4

• Insufficiency:
– Only four bytes;
– Maximum nodes ~ 4.3 billion;
– Much less than the human population (~ 7 billion);
– Not enough for growing number of users;
– Will be exhausted in near future.
• Increasing routing information:
– Rapid growth of routing tables in backbones.
• Increasing the number of Network Address Translation:
– Breaking the Internet architecture.
 Problems of IPv4

• Security issues:
– Number of ways to encrypt IPv4 traffic (example: IPSec);
– No real standard encryption method.
• Real-time delivery of multimedia content and necessary
bandwidth allocation:
– Quality of Service (QoS);
– Different interpretations;
– QoS compliant devices are not compatible one another.
 Routing Private Addresses
in IPv4 Using NAT

• Allows to maintain public IP addresses and private IP

addresses separately;
• Also used in server load balancing;
• This operates inside the router;
• Maintains an address pool;
• First the destination is checked;
• The address is translated;
• The network address information in the datagram is
modified.
 IPv6

• Next development version of Internet protocol;

• Address size is 128 bits;
• IPv6 address representation:
– xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx;
– Each x is a 4bit hexadecimal digit;
– IPv6 addresses range from
0000:0000:0000:0000:0000:0000:0000:0000 to
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff.
 IPv6

• Two other formats:

– Omit leading zeros:
• Specify IPv6 addresses by omitting leading zeros;
• E.g. : 1050:0000:0000:0000:0005:0600:300c:326b can
be written as 1050:0:0:0:5:600:300c:326b
– Double colon:
• Specify IPv6 addresses by using double colons (::) in
place of a series of zeros
• E.g. : ff06:0:0:0:0:0:0:c3 may be written as ff06::c3
• Double colons can be used only once in one IP
address.
 What’s Good about IPv6

• Bigger address space:

– 128 bits for addressing;
– No NATs are needed;
– Allows full IP connectivity for Computers and mobile devices.
• Mobility:
– Facility for mobile devices;
– Allows roaming between different networks.
• Built-in security:
– Includes IPSec;
– Authentication;
– Encryption;
– Compression.
 IPv4 and IPv6
Header Comparison
IPv6 Addressing
 Addressing Format

Representation:
• 16-bit hexadecimal numbers;
• Numbers are separated by (:);
• Abbreviations are possible:
– Leading zeros in contiguous block could be represented
by (::);
– Example:
• 2001:0db8:0000:130F:0000:0000:087C:140B
• 2001:0db8:0:130F::87C:140B
– Double colon only appears once in the address.
 Addressing Format

Prefix Representation:
• Representation of prefix is just like CIDR (Classless
InterDomain Routing);
• In this representation you attach the prefix length;
• Like v4 address:
– 198.10.0.0/16.
• V6 address is represented the same way:
– 2001:db8:12::/48.
• Only leading zeros are omitted. Trailing zeros are not
omitted:
– 2001:0db8:0012::/48 = 2001:db8:12::/48
2001:db8:1200::/48 ≠ 2001:db8:12::/48
 Address Representation

• Loopback address representation:

– 0:0:0:0:0:0:0:1=> ::1;
– Same as 127.0.0.1 in IPv4;
– Identifies self.
• Unspecified address representation:
– 0:0:0:0:0:0:0:0=> ::;
– Used as a placeholder when no address available
(Initial DHCP request, Duplicate Address Detection).
 IPv6 Addressing Model

• Addresses are assigned to interfaces:

– Change from IPv4 mode.
• Interface expected to have multiple addresses;
• Addresses have scope:
– Link local;
– Unique local;
– Global.
• Addresses have lifetime:
– Valid and preferred lifetime.
 Types of IPv6 Addresses

• Unicast:
– Address of a single interface;
– One-to-one delivery to single interface.
• Multicast:
– Address of a set of interfaces;
– One-to-many delivery to all interfaces in the set.
• Anycast:
– Address of a set of interfaces;
– One-to-one-of-many delivery to a single interface in the
set that is closest.
• No more broadcast addresses.
Types of IPv6 Addresses
 IPv6 Unicast

• Used to transmit data from one point to another;

• Multiple users might request:
– Same data;
– From the same server;
– At the same time duplicate data streams are transmitted
one to each user.
• Scope may be Global or Local:
– Global for worldwide communication;
s d
– Local for communication within a site.
 IPv6 Unicast

This is similar to the unicast address in IPv4 – a single address identifying a

single interface. There are four types of unicast addresses:
• Global unicast addresses, which are conventional, publicly routable address,
just like conventional IPv4 publicly routable addresses;
• Link-local addresses are akin to the private, non-routable addresses in IPv4
(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). They are not meant to be routed,
but confined to a single network segment. Link-local addresses mean you can
easily throw together a temporary LAN, such as for conferences or meetings,
or set up a permanent small LAN the easy way;
• Unique local addresses are also meant for private addressing, with the
addition of being unique, so that joining two subnets does not cause address
collisions;
• Special addresses are loopback addresses, IPv4-address mapped spaces, and
6-to-4 addresses for crossing from an IPv4 network to an IPv6 network.
 Aggregatable Global
Unicast Addresses

Site-Level
Aggregation

• Aggregatable Global Unicast Addresses are:

– Addresses for generic use of IPv6;
– Structured as a hierarchy to keep the aggregation.
 Global Addressing

• The assignment procedure for global addresses is similar to local

address construction. The prefix is supplied from router
advertisements on the network. Multiple prefix announcements cause
multiple addresses to be configured;
• Stateless address autoconfiguration (SLAAC) requires a /64 address
block. Local Internet registries are assigned at least /32 blocks, which
they divide among subordinate networks.
• Each IPv6 address has a scope, which specifies in which part of the
network it is valid and unique. Some addresses are unique only on the
local (sub-)network. Others are globally unique;
• Some IPv6 addresses are reserved for special purposes, such as
loopback, 6to4 tunneling, and Teredo tunneling. Also, some address
ranges are considered special, such as link-local addresses for use on
the local link only, Unique Local addresses (ULA) and solicited-node
multicast addresses used in the Neighbor Discovery Protocol.
 IPv6 Address Allocation Process
(Internet Assigned Network Authority)
 Unique-Local

• Unique-Local Addresses are used for:

– Local communications;
– Inter-site VPNs;
– Not routable on the Internet.
 Address Uniqueness

• Hosts verify the uniqueness of addresses assigned by sending a

neighbor solicitation message asking for the Link Layer address
of the IP address. If any other host is using that address, it
responds. However, MAC addresses are designed to be unique
on each network card which minimizes chances of duplication;
• The host first determines if the network is connected to any
routers at all, because if not, then all nodes are reachable using
the link-local address that already is assigned to the host. The
host will send out a Router Solicitation message to the all-routers
multicast group with its link local address as source. If there is no
answer after a predetermined number of attempts, the host
concludes that no routers are connected. If it does get a
response from a router, there will be network information inside
that is needed to create a globally unique address.
 Link-Local

• Link-Local Addresses are used for:

– Mandatory address for communication between
two IPv6 device;
– Automatically assigned by router as soon as IPv6
is enabled;
– Also used for next-hop calculation in routing
protocols;
– Only link-specific scope;
– Remaining 54 bits could be zero or any manual
configured value.
 Link-Local Address

• All interfaces of IPv6 hosts require a link-local address. A

link-local address is derived from the MAC address of the
interface and the prefix fe80::/10. The process involves
filling the address space with prefix bits left-justified to the
most-significant bit, and filling the MAC address in EUI-64
format into the least-significant bits. If any bits remain to be
filled between the two parts, those are set to zero;
• The uniqueness of the address on the subnet is tested with
the Duplicate Address Detection (DAD) method.
 IPv6 Special Addresses

• Four basic types of special IPv6 addresses:

– Reserved;
– Private;
– Loopback;
– Unspecified.
• Reserved Addresses:
– Reserved block is at the top of the address space:
– Starting with 0000:0000.
 IPv6 Special Addresses

• Private Addresses:
– Called local-use addresses or link-layer addresses;
– No NATs;
– So local-use addresses are intended for communication
inherently designed only to be sent to local devices.
• Loopback Address:
– A special loopback address for testing;
– Datagrams sent to this address loops-back to the sending
device;
– The loopback address is 0:0:0:0:0:0:0:1 or as ::1;
– Ping ::1 should answer myself.
 IPv6 Multicast

• Ability to send a single packet to multiple destinations;

• No broadcast:
– Ability to send a packet to all hosts on the attached link;
– Same effect can be achieved by sending a packet to the
link-local all hosts multicast group.
• Applications:
– Telephony and video conference;
g
– Database simultaneous update; s
g
– Parallel computing; g
– Real time news.
 IPv6 Multicast

• Multicast in IPv6 is similar to the old IPv4 broadcast

address: a packet sent to a multicast address is
delivered to every interface in a group;
• The IPv6 difference is it's targeted instead of annoying
every single host on the segment with broadcast
blather, only hosts who are members of the multicast
group receive the multicast packets;
• IPv6 multicast is routable, and routers will not forward
multicast packets unless there are members of the
multicast groups to forward the packets to. Anyone
who has ever suffered from broadcast storms will
appreciate this mightily.
 IPv6 Anycast

• Uses Anycast address:

– Identifies a set of nodes;
– Packet will reach only one out of many (usually,
topologically closest one).
• Anycast address can be assigned to routers only;
• Anycast address cannot be used as a source.
a
s
a
a
 IPv6 Anycast

• An anycast address is a single address assigned to multiple

nodes. A packet sent to an anycast address is then delivered
to the first available node. This is a slick way to provide both
load-balancing and automatic failover;
• Several of the DNS root servers use a router-based anycast
implementation, which is really a shared unicast addressing
scheme. The same IP address is assigned to multiple
interfaces, and then multiple routing tables entries are
needed to move everything along;
• IPv6 anycast addresses contain fields that identify them as
anycast. The IPv6 protocol itself takes care of getting the
packets to their final destinations.
 IPv4 Address in IPv6

• IPv6 site is island surrounded IPv4 ocean;

• Connect IPv6 island each other:
– Encapsulate IPv6 packet in IPv4 packet (IPv6 tunneling);
– Threat as IPv4 as data link layer.
IPv6 tunneling in IPv4 packet

Packet IPv6 Site

IPv6 Site
IPv4 Ocean

IPv6 Site
 Transition Plan

• Current status:
– Only IPv4.
• Phase I:
– IPv4/v6 dual node;
– IPv4 address in IPv6 address format;
– IPv6 tunneling on the IPv4 network.
• Phase II:
– Combination of IPv6 infrastructure and IPv4
infrastructure;
– Translate between IPv4/v6 each other (optional);
– More IPv6 nodes.
 Migration to IPv6

• Dual Stack:
– Involves running IPv4 and IPv6 at the same time;
– End nodes and routers/switches run both protocols.
• Tunnel:
– To carry one protocol inside another;
– Take IPv6 packets and encapsulate them in IPv4 packets
to be sent across portions of the IPv4 networks.
• Translator:
– Protocol translation (NAT-PT) simply translate IPv6
packets into IPv4 packets.
 IPv6 Advantages

• Provides more address space (which is being needed in

larger business scales);
• More powerful Internet (128-bit versus IPv4's current 32-
bit);
• Offers and overall larger scale Internet which again will be
needed in the future;
• Address allocation is done by the device itself;
• Support for security using Internet Protocol Security (IPsec).
 IPv6 Disadvantages

• It will be much harder to remember IP addresses (compared

to the addresses now);
• Creating a smooth transition from IPv4 to IPv6;
• IPv6 is not available to machines that run IPv4;
• Any consumer costs in having to replace an IPv4 machine;
• Time to convert over to IPv6.
 IPv4 vs. IPv6 Conclusion

• IPv4 has served us well for a long time;

• IPv4 has some limitations which are going to present
insurmountable problems in the near future;
• IPv6 will solve those problems by:
– Changing the strategy for allocating addresses;
– Making improvements to ease the routing of packets;
– Making it easier to configure a machine when it first joins
the network.
IPv4 Subnetting
 Introduction

• In the early stages of development of the Internet Protocol, network

administrators interpreted an IP address in two parts: network number
portion and host number portion. The highest order byte in an address
was designated as the network number and the remaining bits were
called the rest field or host identifier and were used for host
numbering within a network.
 Introduction

• Classful network design served its purpose in the startup

stage of the Internet, but it lacked scalability in the face of
the rapid expansion of the network in the 1990s;
• The class system of the address space was replaced with
Classless Inter-Domain Routing (CIDR) in 1993;
• CIDR is based on variable-length subnet masking (VLSM) to
allow allocation and routing based on arbitrary-length
prefixes.
 Introduction

• A subnet is a logical subdivision of an IP network;

• Subnets are created by borrowing bits from the host
part of the address and reserving them to define subnet
address instead.
Introduction
 Benefits of Subnetting

Benefits of subnetting a physical network include:

• Reduced network traffic;
• Optimized network performance;
• Simplified management;
• Facilitated spanning of large geographical distances.
 Subnet Masks

A subnet mask is a 32 bit number that allows the receiving

device to distinguish between the network ID portion of IP
address and the Host ID portion of the IP address. A subnet
mask is composed of 1’s and 0’s where the 1’s represent the
network part while the 0’s represent the host part.

Class Default Subnet Mask Number of Networks Number of Hosts per Network
A 255.0.0.0 256 16,777,216
B 255.255.0.0 65,536 65,534
C 255.255.255.0 16,777,216 126
 Class Inter Domain Routing (CIDR)
• This refers to the method used by ISPs to provide /
allocate a number of IP addresses to their clients:
– e.g. 192.168.1.0/28
• The /28 refers to the number of bits that are turned on
(there are 32 bits in an IP Address, with 4 octets, hence 8
bits per octet);
• A class A address has a subnet mask of 255.0.0.0. This
means that all the bits in the first byte have been turned
on. To achieve the slash function, count the number of
turned on bits in the mask.
• The 255.0.0.0 is considered a /8 since only 8 bits are 1’s.
 CIDR Examples
• Consider a class B subnet mask of 255.255.0.0, what is
its CIDR Value?
• Calculate the subnet masks of the following CIDR Values.
/9,/10,/13,/16,/21,/22,/23,/25,/26,/27,/28,/29,/30

The /8 through /15 can only be used with Class A network

addresses. /16 through /23 can be used by Class A and B
network addresses. /24 through /30 can be used by Class
A, B, and C network addresses. This is a big reason why
most companies use Class A network addresses. Since they
can use all subnet masks, they get the maximum flexibility
in network design.
 Network Address
and Broadcast Address
• The first IP address of a network is reserved for the network;
• The last IP address of a network is reserved as a broadcast
address;
• Hosts in a network can only exchange packages with the other
hosts of the network or with hosts from a superior network;
• For a given IP, the Network Address (NA) and Broadcast Address
are computed as such:
– Net-address = IP-address AND Net-mask
– Broadcast-address = NOT (Net-address XOR Net-mask)
IP = 11000000.10101000.00001100.01001000
NM = 11111111.11111111.11111111.11110000 (AND)
NA = 11000000.10101000.00001100.01000000 =̆ 192.168.12.64
NM = 11111111.11111111.11111111.11110000 (XOR)
00111111.01010111.11110011.10110000 (NOT)
BA = 11000000.10101000.00001100.01001111 = 192.168.12.79
 Subnetting Class C

In a class C network, there are only 8 bits in the host part. The table
below shows all the subnets in class C networks. We can’t use a /31 or /32
because, as I’ve said, we must have at least 2 host bits for assigning IP
addresses to hosts.

Network Bits Subnet Mask Bits Borrowed Subnets Hosts/Subnet

24 255.255.255.0 0 1 254
25 255.255.255.128 1 2 126
26 255.255.255.192 2 4 62
27 255.255.255.224 3 8 30
28 255.255.255.240 4 16 14
29 255.255.255.248 5 32 6
30 255.255.255.252 6 64 2
 Subnetting Class C

• How many subnets does the chosen subnet mask

produce?
• How many valid hosts per subnet are available?
• What are the valid subnets?
• What’s the broadcast address of each subnet?
• What are the valid hosts in each subnet?
 Subnetting Class C

• A subnet mask of 255.255.255.192:

a) Number of subnets:
• Solution: 2X where X represents the number of 1’s in
the host part
• Answer: 255.255.255. 11000000,
22 = 4 Subnets
b) Number of valid hosts per subnet?
• Solution: (2Y - 2 ) where Y represents the number of 0’s
in the host part
• Answer: 255.255.255.11000000,
26 = 64 -2 = 62
 Subnetting Class C

c) What are the valid subnets?

256 – subnet mask = block size
256 - 192 = 64
Valid subnets = 0,64,128,192
There are only 4 valid subnets
d) What’s the broadcast address of each subnet?
– The broadcast address is always the number right before
the next subnet. For example, the 0 subnet has a
broadcast address of 63 because the next subnet is 64.
The 64 subnet has a broadcast address of 127 because
the next subnet is 128, and so on.
 Subnetting Class C

e) What are the valid hosts in each subnet?

• Valid hosts are the numbers between the subnets,
omitting the all-0s and all-1s. For example, if 64 is the
subnet number and 127 is the broadcast address, then
65–126 is the valid host range. Your valid range is
always the group of numbers between the subnet
address and the broadcast address.
 Subnetting Class C

• We’re going to subnet the Class C network address

192.168.10.0:
192.168.10.0 = Network address
255.255.255.128 = Subnet mask
Answer all the five questions highlighted in previous slides.
Show how the logical network can be implemented.
 Subnetting Class C

• We’re going to subnet the network address

192.168.10.0 using the subnet mask 255.255.255.192.
192.168.10.0 = Network address
255.255.255.192 = Subnet mask
Answer all the questions
Show how the logical network can be implemented
 Questions

• Adopt the same standard of answering questions:

a) We’ll subnet the network address 192.168.10.0 and subnet mask
255.255.255.224.
192.168.10.0 = Network address
255.255.255.224 = Subnet mask
b) Let’s practice another one:
192.168.10.0 = Network address
255.255.255.240 = Subnet mask
c) Let’s keep practicing:
192.168.10.0 = Network address
255.255.255.248 = Subnet mask
d) 4. Okay—just one more:
192.168.10.0 = Network address
255.255.255.252 = Subnet mask
 Subnetting Class B

• Class B network address has 16 bits available for host

addressing. This means we can use up to 14 bits for
subnetting because we need to leave at least 2 bits for
host addressing;
• The process of subnetting a Class B network is pretty
much the same as it is for a Class C, except that you
have more host bits and you start in the third octet.
 Subnetting Class B
Network Bits Subnet Mask Bits Borrowed Subnets Hosts/Subnet
16 255.255.0.0 0 1 65534
17 255.255.128.0 1 2 32766
18 255.255.192.0 2 4 1638
19 255.255.224.0 3 8 8190
20 255.255.240.0 4 16 4094
21 255.255.248.0 5 32 2046
22 255.255.252.0 6 64 1022
23 255.255.254.0 7 128 510
24 255.255.255.0 8 256 254
25 255.255.255.128 9 512 126
26 255.255.255.192 10 1024 62
27 255.255.255.224 11 2048 30
28 255.255.255.240 12 4096 14
29 255.255.255.248 13 8192 6
30 255.255.255.252 14 16384 2
 Subnetting Class B

172.16.0.0 = Network address

255.255.128.0 = Subnet mask
Binary representation: 11111111.11111111.10000000.00000000
a) How many subnets? 2X, where X is the number if 1’s in the host
part
21 = 2 Subnets
b) How many hosts? (2Y – 2) where Y is the number of 0’s in the
host part
215 = 32,766 -2 = 32,764
c) How many valid subnets?
Block size = 256-128 = 128
Subnets = 0.0 and 128.0
 Subnetting Class C - Questions

172.16.0.0 = Network address

255.255.192.0 = Subnet mask
• Subnets?
• Hosts?
• Valid subnets?
• Broadcast address for each subnet?
• Valid hosts?
 Subnetting Class C - Questions

172.16.0.0 = Network address

255.255.240.0 = Subnet mask
• Subnets?
• Hosts?
• Valid subnets?
• Broadcast address for each subnet?
• Valid hosts?
 Subnetting Class C - Questions

172.16.0.0 = Network address

255.255.248.0 = Subnet mask
• Subnets?
• Hosts?
• Valid subnets?
• Broadcast address for each subnet?
• Valid hosts?
 Subnetting Class C - Questions

172.16.0.0 = Network address

255.255.252.0 = Subnet mask
• Subnets?
• Hosts?
• Valid subnets?
• Broadcast address for each subnet?
• Valid hosts?
 Subnetting Class A

• In class A, there are 24 bits to play with instead of the

16 in a Class B address and the 8 in a Class C address.
 Subnetting Class A

• Practice Example : 255.255.0.0 (/16)

Class A addresses use a default mask of 255.0.0.0, which
leaves 22 bits for subnetting because you must leave 2
bits for host addressing. The 255.255.0.0 mask with a
Class A address is using 8 subnet bits:
a) Subnets? 28 = 256.
b) Hosts? 216 – 2 = 65,534.
c) Valid subnets? What is the interesting octet? 256 –
255 = 1. 0, 1, 2, 3, etc. (all in the second octet). The
subnets would be 10.0.0.0, 10.1.0.0, 10.2.0.0,
10.3.0.0, etc., up to 10.255.0.0.
 Practical Questions

Subnet Mask = 255.255.240.0 (/20)

Network address = 10.0.0.0
• Subnets?
• Hosts?
• Valid subnets?
• Broadcast address for each subnet?
• Valid hosts?
 Practical Questions

What are the network address, broadcast address, and

the subnet mask for a host with the IP Addresses below
• 201.37.251.226/20
• 6.133.173.67/26
• 87.24.16.243/29
• 141.251.172.184/20
• 51.248.115.173/29
• 217.64.116.172/26
• 35.224.197.50/29
• 66.143.136.106/24
• 92.187.144.26/20
 Practical Questions

A company needs to create 8 subnets from the Network

192.168.4.0/24
• Determine the new subnet mask;
• Determine the number of Hosts in one subnet;
• Write down the subnet ranges.
A company needs to create 60 subnets from the Network
148.16.0.0/16
• Determine the new subnet mask;
• Determine the number of Hosts in one subnet;
• Write down the subnet ranges.
 Practical Questions

A company needs to create 1000 subnets from the Network

18.0.0.0/8
• Determine the new subnet mask;
• Determine the number of Hosts in one subnet;
• Write down the subnet ranges.
A company needs to create 50 subnets from the Network
150.16.0.0/24
• Determine the new subnet mask;
• Determine the number of Hosts in one subnet;
• Write down the subnet ranges.
Final Exam
 Evaluation

• Closed Questions (30 x 0.2p = 5p):

– Five choice items;
– Only one is correct.
• Exercise on Subnetting (1 x 1p = 1p):
– Compute the number of available subnets.
• Time to Answer: 45 minutes;
• When?
– January, 23rd 2017, 13:30 – 14:15;
• Where?
– Room #1102.
 Topics

• Models: • Transport Layer:

– OSI Model; – TCP/IP;
– TCP/IP Model. – UDP.
• Application Layer: • Network Layer:
– HTTP(s); – Routing Algorithms;
– FTP; – IPv4 / IPv6;
– WebSockets; – IPv4 Subnetting;
– REST Resources; – ICMP;
– XML Web Services; – ARP / RARP;
– SMTP; – IGMP.
– POP;
– IMAP;
– Webmail.