Unit V

Application Layer Protocols

Domain Name System

In the Domain Name System (DNS) hierarchy, root-level servers, top-level domain (TLD)
servers, and authoritative name servers each play distinct roles in resolving domain names to
IP addresses. Here’s the difference between them:

1. Root-Level Server

• Function: Root servers are the starting point of DNS resolution.

• Role: When a resolver doesn't know where to find a domain, it queries a root server.
• What it knows: It doesn't have exact domain-to-IP mappings but knows where to find
the TLD servers (like .com, .org, .net, etc.).
• Example: A root server might direct a query for www.example.com to the .com TLD
server.
• How many: There are 13 root server identifiers (A to M), operated by different
organizations globally.

2. Top-Level Domain (TLD) Server

• Function: TLD servers are responsible for handling queries for domain names under a
specific TLD.
• Role: After a root server, the resolver contacts a TLD server.
• What it knows: It directs the query to the authoritative server for a specific domain.
• Example: For www.example.com, the .com TLD server will return the address of the
authoritative server for example.com.

3. Authoritative Name Server

• Function: These servers hold the actual DNS records (A, AAAA, MX, etc.) for
domain names.
• Role: Final step in the DNS resolution. They provide the actual IP address of the
requested domain.
• What it knows: Exact mappings of names to IPs.
 • Example: The authoritative server for example.com will answer with the IP address of
www.example.com.

Working of DNS:

The Domain Name System (DNS) is like the phonebook of the internet — it translates human-
readable domain names (like www.google.com) into IP addresses (like 142.250.182.4) that
computers use to identify each other.

Let’s search for www.example.com by typing it into web browser of Laptop:

1. Browser Cache Check

• First, the browser checks its internal DNS cache to see if it already knows the IP
address for www.example.com.
o If found → uses it directly.
o If not → proceeds to the next step.

2. OS-Level DNS Cache Check

• The operating system checks its local DNS cache.

o If found → returns the IP.
o If not → forwards the request to a DNS resolver.

3. Recursive DNS Resolver (usually from ISP or a public resolver like Google)

• This resolver takes charge of finding the IP address. It performs the following steps:

4. Contact Root Server

• The resolver asks a root DNS server, “Where can I find .com domains?”
• The root server responds with the IP of the TLD server responsible for .com.

5. Contact TLD Server

• The resolver then queries the .com TLD server and asks, “Where is example.com?”
• The TLD server responds with the IP of the authoritative DNS server for
example.com.
6. Contact Authoritative DNS Server

• The resolver queries the authoritative server: “What’s the IP of www.example.com?”

• The authoritative server responds with the IP address (e.g., 93.184.216.34).

7. Return the IP to Client

• The resolver sends the IP address back to your computer.

• The browser uses this IP to establish a connection to the web server and loads the site.

8. Caching the Result

• The IP address is cached at multiple levels (browser, OS, resolver) to speed up future
requests.

World Wide Web and Hyper Text Transfer Protocol

The World Wide Web is a system of interlinked hypertext documents accessed via the
Internet using a web browser.

Features of WWW:

• Uses hypertext to link documents (i.e., HTML pages).

• Accessed through URLs (Uniform Resource Locators).
 • Delivered over the Internet, using HTTP/HTTPS.

Components:

1. Web Pages – Built using HTML, often styled with CSS and interactive via JavaScript.
2. Web Servers – Computers that store and serve web content.
3. Web Browsers – Software like Chrome, Firefox, Safari that retrieve and display web
content.

Example:

When you type https://www.wikipedia.org:

• You’re accessing a web page stored on a remote server.

• Your browser fetches the content using HTTP/HTTPS.

Hypertext Transfer Protocol (HTTP)

HTTP is the protocol (set of rules) used by the Web to request and deliver web content
(HTML, images, videos, etc.) between a client (browser) and a server.

How It Works:

1. Client sends HTTP request to a server (e.g., “GET /index.html”).

2. Server responds with requested resources (e.g., an HTML file).
3. Connection may be stateless (each request is independent).

HTTPS:

• HTTPS = HTTP + SSL/TLS encryption.

• Secure version that encrypts data between browser and server.

Common HTTP Methods:

Method Purpose

GET Request a resource

POST Submit data to the server

Method Purpose

PUT Update a resource

DELETE Remove a resource

Relationship Between WWW and HTTP

Concept Role

WWW The content (web pages, images, documents, etc.)

HTTP/HTTPS The delivery mechanism (how the content is transferred)

Think of WWW as the library, and HTTP as the librarian who fetches books for you.

Electronic Mail Protocols

1. SMTP (Simple Mail Transfer Protocol)

2. POP3 (Post office protocol version 3)
3. IMAP (Internet Message Access Protocol)

SMTP:

• Simple Mail Transfer Protocol is used to send mails over the internet.

• SMTP is an application layer and connection-oriented protocol.

 • SMTP is efficient and reliable for sending emails.

• SMTP uses TCP as the transport layer protocol. It handles the sending and receiving
of messages between email servers over a TCP/IP network.

• This protocol along with sending emails also provides the feature of notification for
incoming mails.

• When a sender sends an email then the sender’s mail client sends it to the sender’s
mail server and then it is sent to the receiver mail server through SMTP.

• SMTP commands are used to identify the sender and receiver email addresses along
with the message to be sent.

• Some of the SMTP commands are HELLO, MAIL FROM, RCPT TO, DATA, QUIT,
VERIFY, SIZE, etc. SMTP sends an error message if the mail is not delivered to the
receiver hence, reliable protocol.

Types of SMTP Protocol:

The SMTP model supports two types of email delivery methods: end-to-end and store-and-
forward.

• End-to-end delivery is used between organizations. In this method, the email is sent
directly from the sender’s SMTP client to the recipient’s SMTP server without passing
through intermediate servers.
• Store-and-forward is used within organizations that have TCP/IP and SMTP-based
networks. In this method, the email may pass through several intermediate servers
(Message Transfer Agents, or MTAs) before reaching the recipient.

POP3:

• Post Office Protocol is used to retrieve email for a single client.

• POP3 version is the current version of POP used.

• It is an application layer protocol. It allows to access mail offline and thus, needs less
internet time. To access the message it has to be downloaded.

• POP allows only a single mailbox to be created on the mail server. POP does not
allow search facilities.
 • Some of the POP commands are LOG IN, STAT, LIST, RETR, DELE, RSET, and
QUIT.

Here's how POP3 works in theory with multiple accounts:

POP3 is a protocol, and it handles each email account separately.

So if you're using three email IDs, each one has:

• Its own inbox on the mail server.

• Its own POP3 session when the app checks for mail.
• The phone/email app connects to each account's mail server using POP3 separately.

In each session:

1. The app connects to the server using your credentials (email + password).
2. It downloads the inbox emails (usually just the unread ones).
3. By default, POP3 deletes the emails from the server after download — unless the app
is set to "Leave a copy on the server".

So POP3 can work for multiple accounts, but only one mailbox (inbox) per account, and
without folder syncing (like Sent, Trash, etc.).

IMAP:

IMAP follows Client-server Architecture and is the most commonly used email protocol. It
is a combination of client and server process running on other computers that are connected
through a network.

The following steps are taken for the working of the IMAP :
• Email client Gmail establishes a connection with Gmail’s SMTP server.
• By approving the sender’s and recipient’s email addresses, the SMTP server
verifies (authenticates) that the email can be sent.
• The email is sent to the Outlook SMTP server by Gmail’s SMTP server.
• The recipient’s email address is authenticated by the Outlook SMTP server.
• IMAP or POP3 is used by the Outlook SMTP server to deliver the email to the
Outlook email client.
Architecture of IMAP:
The Internet Message Access Protocol (IMAP) protocol is a client-server model that allows
users to access and view email messages stored on remote servers.

• IMAP clients: An IMAP client is an email application or software that users use to
communicate with their email accounts. Examples include Microsoft Outlook,
Mozilla Thunderbird, Apple Mail, and mobile email applications. The client
communicates with the server to receive, manage, and send email messages.
• IMAP Server: The IMAP server manages email messages and manages user
mailboxes. It responds to requests from IMAP clients, and provides access to email
folders and messages.
The server stores emails in a structured format, usually organized in user-defined
folders or mailboxes. Common IMAP server software includes Dovecot, Courier
IMAP, Cyrus IMAP, and Microsoft Exchange Server.
• Network Protocols: It works over TCP/IP (Transmission Control Protocol/Internet
Protocol) networks, and allows an client to connect to a server over the Internet or
local area networks.

Remote Login: TELNET

• TELNET stands for Teletype Network.
• It is a client/server application protocol that provides access to virtual terminals of
remote systems on local area networks or the Internet.
• The local computer uses a telnet client program and the remote computers use a
telnet server program.
The Procedure of Remote Login:
• When the user types something on the local computer, the local operating system
accepts the character.
• The local computer does not interpret the characters, it will send them to the
TELNET client.
• TELNET client transforms these characters to a universal character set called
Network Virtual Terminal (NVT) characters and it will pass them to the local
TCP/IP protocol Stack.
 • Commands or text which are in the form of NVT, travel through the Internet and
it will arrive at the TCP/IP stack at the remote computer.
• Characters are then delivered to the operating system and later on passed to the
TELNET server.
• Then TELNET server changes those characters to characters that can be
understandable by a remote computer.
• The remote operating system receives characters from a pseudo-terminal driver,
which is a piece of software that pretends that characters are coming from a
terminal.
• The operating system then passes the character to the appropriate application
program.
Network Management Protocol: SNMP
• Simple Network Management Protocol (SNMP) is an Internet Standard protocol
used for managing and monitoring network-connected devices in IP networks.
• SNMP is an application layer protocol that uses UDP port number 161/162. SNMP
is used to monitor the network, detect network faults, and sometimes even to
configure remote devices.
Architecture of SNMP:
There are mainly three main components in SNMP architecture:
• SNMP Manager: It is a centralized system used to monitor the network. It is
also known as a Network Management Station (NMS). A router that runs the
SNMP server program is called an agent, while a host that runs the SNMP client
program is called a manager.
• SNMP agent: It is a software management software module installed on a
managed device. The manager accesses the values stored in the database, whereas
the agent maintains the information in the database. To ascertain if the router is
congested or not, for instance, a manager can examine the relevant variables that
a router stores, such as the quantity of packets received and transmitted.
• Management Information Base:MIB consists of information on resources that
are to be managed. This information is organized hierarchically. It consists of
objects instances which are essentially variables. A MIB, or collection of all the
objects under management by the manager, is unique to each agent. System,
interface, address translation, IP, UDP , and EGP , ICMP , TCP are the eight
categories that make up MIB. The MIB object is home to these groups.