Chapter 2 Application layer r 2 1 Principles

Chapter 2: Application layer r 2. 1 Principles of r 2. 6 P 2 P file sharing r r 2. 8 Socket programming r r r network applications 2. 2 Web and HTTP 2. 3 FTP Online gaming 2. 4 Electronic Mail v v SMTP, POP 3, IMAP r 2. 5 DNS r 2. 7 VOIP with TCP v v Introduce c sock program Programming assignment r 2. 9 Socket programming with UDP r 2. 10 Building a Web server 2: Application Layer 1

Online Gaming Design Requirement r Consistency v Every gamer has the exactly same view of the game r Security v No cheating, fair play Robustness v A failure of one client has no impact on others r Real time v Processes are delivered no later than the time needed for effective control r Robustness v The failure of one client does not affect others r Scalable r Less bandwidth requirement v Dial-up connection is good to work 2: Application Layer 2

Basic Game Model r Single machine game basic model v Basic animation: small time-delay refreshing v Interaction: command action in next turn time r Multiplayer online game basic model v Each machine runs the exact simulation • How? Random number generator A client’s commands known to all clients v A command is executed on all client at the same time v 2: Application Layer 3

Consistency : Bucket Synchronization A time B r Bucket interval > transmission delay v All calculations are delayed until the end of each cycle r Bucket frequency = rate a human vision perceives smooth motion r What if the network delay is longer? 2: Application Layer 4

Consistency: Pipelining 1 2 3 4 5 time 6 r Commands issued between turn 2 and turn 3 will be executed at turn 6 v Suppose transmission delay is < 3 turns r Speed control and “lag” v Adaptive turn frequency and delay time for exact view on all clients • Communication delay, computer simulation speed • One client too slow all clients run slow 2: Application Layer 5

Solving Inconsistency • Happens if a command packet is lost or received too late. q Methods v All clients pause and wait for lost command v Server update states to all clients • v Others? • • • v Example: your role player returns back to original position Sacrifice one client by forcing this client synchronizes with the server Kick out the slowest client ? ? Goal: minimize the inconsistency period 2: Application Layer 6

Transmission Protocol r Usually use UDP for transport protocol r Achieve reliable transfer by application layer v Benefit: • Game program can decide which data should be reliably delivered – Do: game session update message – Don’t: too late command message • Game will not stuck by one not transmitted packet v Disadvantage: • Make programming much more complex 2: Application Layer 7

Security: Game Cheating r Suppress-correct cheat : v Host gains advantage by purposefully dropping update messages r Look ahead cheat : v Cheat program makes decision right after receiving updates from participating players • Example: automatic dodge bullet, automatic aim target v Popular in war gaming • Gamer (human) response is much slower than look ahead response! 2: Application Layer 8

Security: Game Cheating r Solutions: v Remote client program verification • Install verification patch – This has been widely used in grid computing • Client uploading gaming data continuously to verifying server – Verifying server detects anomaly behaviors – Can use statistical pattern for detection, e. g. , » Steven Gianvecchio, Zhenyu Wu, Mengjun Xie, and Haining Wang, Battle of Botcraft: Fighting Bots in Online Games with Human Observational Proofs, In ACM CCS 2009, Chicago, IL, November 2009. v Cryptographic method for pure distributed systems 2: Application Layer 9

Materials on Online Gaming r Chris Gauthier. Dickey “COMP 4705: Networks and Games” r "1500 archers on a 28. 8: Network Programming in the Age of Empires and Beyond" r http: //www. 3 impact. com/3 Impact_Engine/hulk 7123/multiplayer. htm r Learn Internet Game Programming with Java v Talks about how to program java-based web online game • Not multiplayer, but play through the Internet 2: Application Layer 10

Chapter 2: Application layer r 2. 1 Principles of network applications r 2. 2 Web and HTTP r 2. 3 FTP r 2. 4 Electronic Mail v SMTP, POP 3, IMAP r 2. 5 DNS r 2. 6 P 2 P file sharing r 2. 7 VOIP r 2. 8 Socket programming with TCP r 2. 9 Socket programming with UDP r 2. 10 Building a Web server 2: Application Layer 11

FTP: the file transfer protocol user at host FTP user client interface file transfer local file system FTP server remote file system r transfer file to/from remote host r client/server model client: side that initiates transfer (either to/from remote) v server: remote host r ftp: RFC 959 r ftp server: port 21 v 2: Application Layer 12

FTP: separate control, data connections TCP control connection port 21 r FTP client contacts FTP r r server at port 21, specifying TCP as transport protocol Client obtains authorization over control connection Client browses remote directory by sending commands over control connection. When server receives a command for a file transfer, the server initiates a TCP data connection to client After transferring one file, server closes connection. FTP client TCP data connection port 20 FTP server r Server initiates a second TCP data connection to transfer another file. r Control connection: “out of band” r FTP server maintains “state”: current directory, earlier authentication 2: Application Layer 13

Chapter 2: Application layer r 2. 1 Principles of network applications r 2. 2 Web and HTTP r 2. 3 FTP r 2. 4 Electronic Mail v SMTP, POP 3, IMAP r 2. 5 DNS r 2. 6 P 2 P file sharing r 2. 7 VOIP r 2. 8 Socket programming with TCP r 2. 9 Socket programming with UDP r 2. 10 Building a Web server 2: Application Layer 14

Electronic Mail outgoing message queue user mailbox user agent Three major components: r user agents r mail servers mail server SMTP r simple mail transfer protocol: SMTP User Agent r a. k. a. “mail reader” r composing, editing, reading mail messages r e. g. , Eudora, Outlook, elm, Netscape Messenger r outgoing, incoming messages stored on server SMTP mail server user agent SMTP user agent mail server user agent 2: Application Layer 15

Electronic Mail: mail servers user agent Mail Servers r mailbox contains incoming messages for user r message queue of outgoing (to be sent) mail messages r SMTP protocol between mail servers to send email messages v client: sending mail server v “server”: receiving mail server SMTP mail server user agent SMTP user agent mail server user agent 2: Application Layer 16

Electronic Mail: SMTP [RFC 2821] r uses TCP to reliably transfer email message from client to server, port 25 r direct transfer: sending server to receiving server r three phases of transfer v handshaking (greeting) v transfer of messages v closure r command/response interaction v commands: ASCII text v response: status code and phrase r messages must be in 7 -bit ASCII v The reason why an email with an attached file sent out is bigger than original attached file 2: Application Layer 17

Scenario: Alice sends message to Bob 4) SMTP client sends Alice’s message over the TCP connection 5) Bob’s mail server places the message in Bob’s mailbox 6) Bob invokes his user agent to read message 1) Alice uses UA to compose message and “to” bob@someschool. edu 2) Alice’s UA sends message to her mail server; message placed in message queue (SMTP protocol) 3) Client side of SMTP opens TCP connection with Bob’s mail server 1 user agent 2 mail server 3 mail server 4 5 6 user agent 2: Application Layer 18

Sample fake email sending S: 220 longwood. cs. ucf. edu C: HELO fake. domain S: 250 Hello crepes. fr, pleased to meet you C: MAIL FROM: <alice@crepes. fr> S: 250 alice@crepes. fr. . . Sender ok C: RCPT TO: <bob@cs. ucf. edu> S: 250 bob@hamburger. edu. . . Recipient ok C: DATA S: 354 Enter mail, end with ". " on a line by itself C: from: “fake man” <fake@fake> C: to: “dr. who” <who@who> C: subject: who am I? C: Do you like ketchup? C: How about pickles? C: . S: 250 Message accepted for delivery C: QUIT S: 221 longwood. cs. ucf. edu closing connection 2: Application Layer 19

Try SMTP interaction for yourself: r telnet servername 25 r see 220 reply from server r enter HELO, MAIL FROM, RCPT TO, DATA, QUIT commands v “mail from” the domain may need to be existed v “rcpt to” the user needs to be existed v A mail server may or may not support “relay” • CS email server supports relay in campus above lets you send email without using email client (reader) 2: Application Layer 20

SMTP: final words r SMTP uses persistent connections r SMTP requires message (header & body) to be in 7 bit ASCII r SMTP server uses CRLF to determine end of message Comparison with HTTP: r HTTP: pull r SMTP: push r both have ASCII command/response interaction, status codes r HTTP: each object encapsulated in its own response msg r SMTP: multiple objects sent in one msg Problem: Only support ASCII content 2: Application Layer 21

Message format: multimedia extensions r MIME (Multi-purpose Internet Mail Extensions) v multimedia mail extension, RFC 2045, 2056 r additional lines in msg header declare MIME content type MIME version method used to encode data multimedia data type, subtype, parameter declaration encoded data From: alice@crepes. fr To: bob@hamburger. edu Subject: Picture of yummy crepe. MIME-Version: 1. 0 Content-Transfer-Encoding: base 64 Content-Type: image/jpeg base 64 encoded data. . . . . base 64 encoded data 2: Application Layer 22

Mail access protocols user agent SMTP sender’s mail server access protocol user agent receiver’s mail server r SMTP: deliver to receiver’s server r Mail access protocol: retrieval from server v v v POP: Post Office Protocol [RFC 1939] • authorization (agent <-->server) and download • Port: 110 IMAP: Internet Mail Access Protocol [RFC 1730] • more features (more complex) • manipulation of stored msgs on server HTTP: Hotmail , Yahoo! Mail, etc. 2: Application Layer 23

POP 3 protocol (tcp: 110) authorization phase r client commands: v v user: declare username pass: password r server responses v v +OK -ERR transaction phase, client: r list: list message numbers r retr: retrieve message by number r dele: delete r quit Telnet example (also check MIME) S: C: S: +OK POP 3 server ready user bob +OK pass hungry +OK user successfully logged C: S: S: S: C: C: S: list Length(bytes) 1 498 2 912. retr 1 <message 1 contents>. dele 1 retr 2 <message 1 contents>. dele 2 quit +OK POP 3 server signing off 2: Application Layer 24 on

POP 3 (more) and IMAP More about POP 3 r Read a message will get a copy of it into client machine v User can delete the message on server by choice r One Message as a unit v Cannot read a message without downloading all of it attachments v Trouble for lowbandwidth users IMAP r Keep all messages in one place: the server r Allows user to organize messages in folders v Create/delete folders on email server r Can retrieve any parts of a message v v Header only Header + text content r More popular than POP 3 Both have encrypted protocols 2: Application Layer 25

Web-based Email r Hotmail, Yahoo mail, AOL, … r Convenient: v only need Internet Browser v User can access any where r Unified interface: v Same interface, email folders, any where v Similar to IMAP on message organizing r Combination with other Web services v Hotmail+MSN messenger, AOL, new mail reminder r Free! 2: Application Layer 26

Chapter 2: Application layer r 2. 1 Principles of network applications r 2. 2 Web and HTTP r 2. 3 FTP r 2. 4 Electronic Mail v SMTP, POP 3, IMAP r 2. 5 DNS r 2. 6 P 2 P file sharing r 2. 7 VOIP r 2. 8 Socket programming with TCP r 2. 9 Socket programming with UDP r 2. 10 Building a Web server 2: Application Layer 27

DNS: Domain Name System People: many identifiers: v SSN, name, passport # Internet hosts, routers: v v IP address (32 bit) – 128. 119. 40. 12 unique ID “name”, e. g. , www. yahoo. com - used by humans Q: map between IP addresses and name ? Domain Name System: r distributed database implemented in hierarchy of many name servers r application-layer protocol host, routers, name servers to communicate to resolve names (address/name translation) v note: core Internet function, implemented as application-layer protocol v complexity at network’s “edge” philosophy 2: Application Layer 28

DNS services r Hostname to IP address translation r Host aliasing v v Canonical and alias names Many names for a single host r Mail server aliasing Why not centralize DNS? r single point of failure r traffic volume r distant centralized database r maintenance doesn’t scale! r Load distribution v Replicated Web servers: set of IP addresses for one canonical name 2: Application Layer 29

Distributed, Hierarchical Database Root DNS Servers com DNS servers yahoo. com amazon. com DNS servers org DNS servers pbs. org DNS servers edu DNS servers ucf. edu umass. edu DNS servers Client wants IP for www. amazon. com; 1 st approx: r Client queries a root server to find com DNS server r Client queries “com” DNS server to get amazon. com DNS server r Client queries amazon. com DNS server to get IP address for www. amazon. com 2: Application Layer 30

DNS: Root name servers a Verisign, Dulles, VA c Cogent, Herndon, VA (also Los Angeles) d U Maryland College Park, MD g US Do. D Vienna, VA h ARL Aberdeen, MD j Verisign, ( 11 locations) k RIPE London (also Amsterdam, Frankfurt) i Autonomica, Stockholm (plus 3 other locations) m WIDE Tokyo e NASA Mt View, CA f Internet Software C. Palo Alto, CA (and 17 other locations) b USC-ISI Marina del Rey, CA l ICANN Los Angeles, CA 13 root name servers worldwide 2: Application Layer 31

TLD and Authoritative Servers r Top-level domain (TLD) servers: responsible for com, org, net, edu, etc, and all top-level country domains uk, fr, ca, jp. Network solutions maintains servers for com TLD v Educause for edu TLD v r Authoritative DNS servers: organization’s DNS servers, providing authoritative hostname to IP mappings for organization’s servers (e. g. , Web and mail). v Can be maintained by organization or service provider (paid by the organization) 2: Application Layer 32

Local Name Server r Does not strictly belong to hierarchy r Each ISP (residential ISP, company, university) has one v Also called “default name server” r When a host makes a DNS query, query is sent to its local DNS server v Acts as a proxy (cache), forwards query into hierarchy 2: Application Layer 33

Example root DNS server 2 r Host at cis. poly. edu wants IP address for gaia. cs. umass. edu 3 4 TLD DNS server 5 local DNS server dns. poly. edu 1 8 requesting host 7 6 authoritative DNS server dns. cs. umass. edu cis. poly. edu gaia. cs. umass. edu 2: Application Layer 34

Recursive queries recursive query: 2 r puts burden of name resolution on contacted name server r heavy load? iterated query: r contacted server replies with name of server to contact r “I don’t know this name, but ask this server” root DNS server 3 7 local DNS server dns. poly. edu 1 6 TLD DNS server 5 4 8 requesting host authoritative DNS server dns. cs. umass. edu cis. poly. edu gaia. cs. umass. edu 2: Application Layer 35

DNS: caching and updating records r once (any) name server learns mapping, it caches mapping v cache entries timeout (disappear) after some time (keep fresh copy) v TLD servers typically cached in local name servers • Thus root name servers not often visited 2: Application Layer 36

DNS records DNS: distributed db storing Resource Records (RR) RR format: (name, value, type, ttl) r Type=A v name is hostname v value is IP address r Type=CNAME v name is alias name for some “canonical” (the real) name www. ibm. com is really r Type=NS servereast. backup 2. ibm. com v name is domain (e. g. v value is canonical name foo. com) v value is IP address of r Type=MX authoritative DNS v value is name of mailserver for this domain associated with name 2: Application Layer 37

DNS protocol, messages DNS protocol : query and reply messages, both with same message format msg header r identification: 16 bit # for query, reply to query uses same # r flags: v query or reply v recursion desired v recursion available v reply is authoritative 2: Application Layer 38

DNS protocol, messages (UDP 53) Name, type fields for a query RRs in response to query records for authoritative servers additional “helpful” info that may be used Let’s check a web example using Wireshark! (MX record: nslookup –type=MX cs. ucf. edu or dig mx cs. ucf. edu) 2: Application Layer 39

Inserting records into DNS r Example: just created startup “Network Utopia” r Register name networkuptopia. com at a registrar (e. g. , Network Solutions) v v Need to provide registrar with names and IP addresses of your authoritative name server (primary and secondary) Registrar inserts two RRs into the com TLD server: (networkutopia. com, dns 1. networkutopia. com, NS) (dns 1. networkutopia. com, 212. 1, A) r Put in authoritative server dns 1. networkutopia. com v Type A record for www. networkuptopia. com • Type CName for networkuptopia. com (alias) v Type MX record for networkutopia. com (email) • Type A record for the email server r How do people get the IP address of your Web site? 2: Application Layer 40

Chapter 2: Application layer r 2. 1 Principles of network applications v v app architectures app requirements r 2. 2 Web and HTTP r Internet gaming r 2. 4 Electronic Mail v SMTP, POP 3, IMAP r 2. 6 P 2 P file sharing r VOIP r 2. 7 Socket programming with TCP r 2. 8 Socket programming with UDP r 2. 5 DNS 2: Application Layer 41

P 2 P: Example original “Napster” design 1) when peer connects, it informs central server: v v Bob centralized directory server 1 IP address content 2) Alice queries Central for “Hey Jude” 3) Central tells Alice that Bob has it and Bob’s IP 4) Alice downloads file from Bob (via HTTP, why? ) 5) While Alice downloads, others download files from Alice’s computer, too peers 1 3 1 2 1 4 Alice 2: Application Layer 42

P 2 P Example: Bit. Torrent r Online Introduction v http: //en. wikipedia. org/wiki/Bittorrent r Designed by Bram Cohen in 2001 r Bit. Torrent Features v Remove centralized management server • Use individual file-centered server v Better design on • Load balancing and robustness • File sharing enforcement 2: Application Layer 43

Bit. Torrent: Individual File-Centered P 2 P Design r User A provides a Bit. Torrent “torrent” v Metadata: Tracker IP, port, file name • Tracker provided by user A or a hosting v Publish torrent in well-know website Tracker r User A also provides a peer with full file (“seed”) v once peer has entire file, it may (selfishly) leave or (altruistically) remain (“seed”) r Other users download seed first v v Connect to tracker to get management information Download file from peers r Robustness feature v v peer File broken into many piece (256 KB/chunk) Rarest-first download • Make sure every piece has equal number of copies in P 2 P network 2: Application Layer 44

Bit. Torrent (2) Sending Chunks: tit-for-tat r Alice sends chunks to four Pulling Chunks neighbors currently r at any given time, sending her chunks at the different peers have highest rate different subsets of v re-evaluate top 4 every file chunks 10 secs r periodically, a peer r every 30 secs: randomly (Alice) asks each select another peer, neighbor for list of starts sending chunks that they have. v newly chosen peer may r Alice sends requests for join top 4 her missing chunks v “optimistically unchoke” v rarest first 2: Application Layer 45

Bit. Torrent: Tit-for-tat (1) Alice “optimistically unchokes” Bob (2) Alice becomes one of Bob’s top-four providers; Bob reciprocates (3) Bob becomes one of Alice’s top-four providers With higher upload rate, can find better trading partners & get file faster! 2: Application Layer 46

Bit. Torrent Security Issues r Common security problems in P 2 P network v Malicious sharing files r Control-based vulnerability v Tracker provided by ordinary users • No authentication or authority v Tracker-controlled P 2 P network • Tracker provides: – Peer’s IP, connection port, peer’s obtained file pieces 2: Application Layer 47

Bit. Torrent Security Issues v Malicious tracker can • Divert P 2 P peers to connect to a victim on an arbitrary port • See our paper on bit. Torrent attack (on my webpage) 2: Application Layer 48

Distributed Hash Table (DHT) r DHT = distributed P 2 P database r Database has (key, value) pairs; v key: ss number; value: human name v key: content type; value: IP address r Peers query DB with key v DB returns values that match the key r Peers can also insert (key, value) peers 2: Application Layer 49

DHT Identifiers r Assign integer identifier to each peer in range [0, 2 n-1]. v Each identifier can be represented by n bits. r Require each key to be an integer in same range. r To get integer keys, hash original key. v eg, key = h(“transformer trailer”) v This is why they call it a distributed “hash” table 2: Application Layer 50

How to assign keys to peers? r Central issue: v Assigning (key, value) pairs to peers. r Rule: assign key to the peer that has the closest ID. r Convention in lecture: closest is the immediate successor of the key. r Ex: n=4; peers: 1, 3, 4, 5, 8, 10, 12, 14; key = 13, then successor peer = 14 v key = 15, then successor peer = 1 v 2: Application Layer 51

Circular DHT (1) 1 3 15 4 12 5 10 8 r Each peer only aware of immediate successor and predecessor. r “Overlay network” (n=4 for this example) 2: Application Layer 52

Circle DHT (2) O(N) messages on avg to resolve query, when there are N peers 0001 I am Who’s resp 0011 for key 1110 ? 1111 1110 0100 1110 1100 1110 Define closest as closest successor 1010 1110 0101 1110 1000 2: Application Layer 53

Circular DHT with Shortcuts 1 3 15 Who’s resp for key 1110? 4 12 5 10 8 r Each peer keeps track of IP addresses of predecessor, successor, short cuts. r Reduced from 6 to 2 messages. r Possible to design shortcuts so O(log N) neighbors, O(log N) messages in query 2: Application Layer 54

Peer Churn 1 • To handle peer churn, require 3 15 4 12 5 10 each peer to know the IP address of its two successors. • Each peer periodically pings its two successors to see if they are still alive. 8 r Peer 5 abruptly leaves r Peer 4 detects; makes 8 its immediate successor; asks 8 who its immediate successor is; makes 8’s immediate successor its second successor. r What if peer 13 wants to join? 2: Application Layer 55

P 2 P Case study: Skype clients (SC) r inherently P 2 P: pairs of users communicate. r proprietary application Skype login server -layer protocol (inferred via reverse engineering) r hierarchical overlay with SNs r Index maps usernames to IP addresses; distributed over SNs Supernode (SN) 2: Application Layer 56

Peers as relays r Problem when both Alice and Bob are behind “NATs”. v NAT prevents an outside peer from initiating a call to insider peer r Solution: v Using Alice’s and Bob’s SNs, Relay is chosen v Each peer initiates session with relay. v Peers can now communicate through NATs via relay 2: Application Layer 57

Why using P 2 P? r Resource bottleneck in server r Take advantage of CPU, disk storage, bandwidth of millions of computers v v v Grid computing: distributed computation (CPU) File sharing: (storage, bandwidth) Video streaming: (storage, bandwidth) r Direct communication (less delay) v Internet gaming, video/audio meeting r Copyright avoidance v Movie/music/software Piracy 2: Application Layer 58