Unit – 5

b) What is HTTP? Explain HTTP request and reply messages. [8 Marks]

1. Definition of HTTP

• HTTP (HyperText Transfer Protocol) is the underlying protocol used by the World Wide Web
(WWW). It defines how messages are formatted and transmitted, and what actions web
servers and browsers should take in response to various commands.

• It operates on the Client-Server model. The client (usually a web browser) sends a request to
the server, and the server returns a response.

• It is a stateless protocol, meaning the server does not keep track of previous requests from
the same client.

2. HTTP Message Format HTTP messages are of two types: Requests and Responses. Both share a
similar basic structure consisting of a start line, headers, a blank line, and an optional body.

A. HTTP Request Message

An HTTP request is sent by a client to a server to access a resource.

Structure:

1. Request Line: The first line of the message. It contains three parts:

o Method: Indicates the action to be performed (e.g., GET to retrieve a page, POST to
send data).

o URL: The address of the resource being requested (e.g., /[Link]).

o HTTP Version: The version of the protocol being used (e.g., HTTP/1.1).

2. Request Headers: These provide additional information about the client and the request
(e.g., Host, User-Agent, Accept-Language).

3. Body: Optional. Used to send data to the server (e.g., form data in a POST request).

Example (from Source 3025):

HTTP

GET /[Link] HTTP/1.1

Host: [Link]

• GET: The method asking for a resource.

• /[Link]: The path to the file.

• HTTP/1.1: The protocol version.

B. HTTP Reply (Response) Message

An HTTP response is sent by the server to the client after processing the request.

Structure:

1. Status Line: The first line of the message. It contains three parts:

o HTTP Version: The protocol version (e.g., HTTP/1.1).

o Status Code: A 3-digit number indicating the result of the request (e.g., 200 for
success, 404 for not found).

o Status Phrase: A text description of the status code (e.g., OK, Not Found).

2. Response Headers: Provide information about the server and the data being sent (e.g.,
Server, Content-Type, Content-Length, Date).

3. Body: Contains the requested resource (e.g., HTML code, image data).

Example (from Source 3045):

HTTP

HTTP/1.1 200 OK

Date: Wed, 8 Oct 2014 13:00:13 GMT

Server: Apache/1.3.27

Content-Type: text/html

Content-Length: 200

<html>

<head><title>Welcome to India</title></head>

<body>...</body>

</html>
 • 200 OK: Indicates the request was successful.

• Content-Type: Tells the browser the file is an HTML document.

• Body: Contains the actual HTML code to be displayed.

Q6) a) What is DNS? Explain DNS working. [9 Marks]

1. Definition of DNS

The Domain Name System (DNS) is a client-server application that functions as a directory service
for the Internet.1

• Purpose: To identify an entity, TCP/IP protocols use the IP address (e.g., [Link]), which
acts like a unique identifier.2 However, people prefer to use names (e.g., [Link])
because they are easier to remember.3

• Mapping: DNS acts as a bridge, mapping these human-readable hostnames to their

corresponding machine-readable IP addresses.4

• Distributed System: The information is not stored on a single huge computer; instead, it is a
distributed database implemented in a hierarchy of many name servers. 5

2. Structure of DNS (The Domain Name Space)

To manage the mapping of millions of computers, DNS uses a hierarchical name space with a tree-
like structure.6

• Root Level: The root of the tree is at the top.7

• Top-Level Domains (TLDs): The level below the root is divided into specific domains: 8

o Generic Domains: Define registered hosts according to their generic behavior (e.g.,
.com for commercial, .edu for educational, .org for nonprofit).
 o Country Domains: Use two-character country abbreviations (e.g., .in for India, .us for
United States).9

• Domain Name: Each node in the tree has a label (a string).10 A full domain name is a
sequence of labels separated by dots (e.g., [Link]). 11

3. DNS Components

The DNS system relies on three main components to function:

1. Resolver: The client program (e.g., within a browser) that generates a DNS request to map an
address to a name or vice versa.12

2. Name Server: A server that stores information about a portion of the DNS database.13

3. Zone: Since the entire tree cannot be stored on one server, the name space is divided into
"zones."14 A server is responsible for a specific zone (e.g., a university might have its own
zone).15

4. How DNS Works (Resolution Process)

Mapping a name to an address is called name-address resolution.16 When a host needs to map a
name to an address, it sends a request to the nearest name server. The resolution can happen in two
ways: Recursive and Iterative.17

A. Recursive Resolution

In recursive resolution, the client (resolver) places the complete burden of finding the answer on the
name server.18

1. The client sends a query to the Local Name Server.

2. If the Local Server does not have the answer, it sends a request to the Root Server.

3. The Root Server sends a request to the TLD Server, which in turn queries the Authoritative
Server.19

4. The answer travels back down the chain: Authoritative $\rightarrow$ TLD $\rightarrow$
Root $\rightarrow$ Local $\rightarrow$ Client.
B. Iterative Resolution

In iterative resolution, the server returns the best information it has, which is usually a reference to
another server.20

1. The client queries the Local Name Server.

2. If the Local Server doesn't know, it queries the Root Server.

 3. The Root Server does not query the next level; instead, it returns the IP address of the TLD
Server to the Local Server.

4. The Local Server then queries the TLD Server directly. The TLD Server might return the IP of
the Authoritative Server.21

5. This process repeats until the Local Server gets the final IP address and returns it to the
client.22

5. Caching

To improve efficiency, DNS uses caching.23

• When a server asks for a mapping and receives an answer, it stores (caches) that information
in its memory.

• If another client asks for the same name shortly after, the server can answer directly from its
cache without querying other servers again.24

• Cached information has a TTL (Time-to-Live) counter to ensure outdated information is

eventually discarded

I. SMTP (Simple Mail Transfer Protocol)

1. Definition SMTP is the standard application layer protocol used for sending electronic mail on the
Internet. It handles the transfer of messages from the sender's mail server to the recipient's mail
server.

2. Working Principle

• Architecture: It functions as a Client-Server application. The client (User Agent or Message

Transfer Agent) initiates the connection, and the server receives it.

• Push Protocol: SMTP is a "push" protocol; it pushes the message from the client to the
server. (Note: Receiving mail requires a "pull" protocol like POP3 or IMAP).

• Underlying Transport: It uses TCP (Transmission Control Protocol) to ensure reliable delivery
and operates on Port 25.

3. Operation Phases SMTP communication occurs in three distinct phases:

1. Connection Establishment: The client connects to the server and introduces itself (using the
HELO command).

2. Mail Transfer: The actual message is sent. This involves specifying the sender (MAIL FROM),
the recipient (RCPT TO), and the message content (DATA).

3. Connection Termination: The client sends the QUIT command to close the connection.
II. MIME (Multipurpose Internet Mail Extensions)

1. Need for MIME The original SMTP protocol has a significant limitation: it can only handle 7-bit
NVT ASCII text. It cannot directly transmit:

• Languages other than English (e.g., French, Japanese).

• Multimedia files (Images, Audio, Video).

• Executable files.

2. Definition & Function MIME is a supplementary protocol that extends the capabilities of SMTP. It
allows non-ASCII data to be sent through email.

• It transforms non-ASCII data (like an image) at the sender side into 7-bit NVT ASCII data.

• This ASCII data is delivered by SMTP.

• The receiver's MIME converts the ASCII back into the original data (image/audio).
3.. Explain MIME Header

To facilitate this transformation, MIME adds specific lines to the original email header. These headers
define the parameters used for the data transfer. There are five principal MIME headers:

1. MIME-Version:

o This header declares that the message uses MIME and specifies the version of MIME
being used.

o Example: MIME-Version: 1.1

2. Content-Type:

o This header describes the type and subtype of data contained in the body of the
message. This allows the receiving client to launch the correct application to view
the data (e.g., an image viewer or a web browser).

o Example: Content-Type: text/html (for a web page) or Content-Type: image/jpeg.

3. Content-Transfer-Encoding:

o This header defines the method used to encode the binary data into the 7-bit ASCII
format required by SMTP.

o Common Types:

▪ 7bit: No encoding needed (standard text).

▪ Base64: Used for binary data (images, executables).

▪ Quoted-printable: Used when the data is mostly text but contains a few
non-ASCII characters.

4. Content-Id:

o This header provides a unique identifier for the content. It is useful when a message
contains multiple parts (like an email with an embedded image) so the parts can
reference each other.

5. Content-Description:

o This header defines whether the body is an image, video, or audio file. It provides a
plain text description of the content, which is helpful if the recipient usually cannot
view the specific file type.

b) Write short notes on POP3 and Webmail. [8 Marks]

I. POP3 (Post Office Protocol, version 3)

1. Definition and Purpose

POP3 is a standard protocol used by email clients (User Agents) to retrieve or "pull" messages from a
mail server.1 While SMTP is a "push" protocol used to send mail, it cannot pull mail from the server
to the client. POP3 bridges this gap.

2. Access Modes

POP3 typically operates in two modes:

• Delete Mode: The client retrieves the message from the server and then deletes it from the
server's mailbox.2 This is useful for saving server storage but prevents the user from reading
the email on another device.

• Keep Mode: The client reads the message but leaves a copy on the server. 3 This allows the
user to access the same email from different computers (e.g., a work PC and a home laptop).

3. Operation

• The client establishes a TCP connection with the server on Port 110.4

• It sends a username and password to log in.

• It then issues commands (like LIST, RETR, DELE) to manage the messages.5

4. Limitation

POP3 is very simple and limited.6 Unlike IMAP, it does not allow the user to organize emails into
different folders on the server. Organization must happen locally on the client machine.

II. Web-Based Mail (Webmail)

1. Definition
Web-based mail allows users to access their email using a standard Web Browser (like Chrome or
Edge) instead of a specialized email client (like Outlook).7 Examples include Gmail, Yahoo Mail, and
Hotmail.8

2. Architecture and Protocols

In traditional email, the client uses SMTP to send and POP3/IMAP to receive. In Webmail, the
protocols change at the client end:

• Client -> Mail Server: The communication happens via HTTP. When you view your inbox or
send an email via the browser, you are sending HTTP requests (GET/POST) to the web server.

• Mail Server -> Mail Server: The mail server still uses SMTP to exchange mail with other mail
servers on the Internet.9

3. Working Mechanism

• Sending: The user composes a message in the browser. The browser sends it to the mail
server using HTTP. The mail server then uses SMTP to forward it to the recipient's mail
server.

• Receiving: The mail server receives the email via SMTP. The user accesses the website, and
the browser retrieves the email content using HTTP.

4. Advantages

• Accessibility: Email can be accessed from any computer connected to the internet without
installing specific software.10

• Simplicity: No need to configure server addresses (POP/SMTP IPs) on the client device.

c) Differentiate between POP & IMAP protocol.

Based on Unit V (Application Layer) of the provided textbook, specifically section 5.2 File Transfer
Protocol (FTP), here is the detailed explanation for the 6-mark question.

b) Explain FTP w.r.t. control and data connection? Explain any two FTP commands. [6 Marks]

1. Definition FTP (File Transfer Protocol) is the standard mechanism provided by TCP/IP for copying a
file from one host to another. It uses the services of TCP for reliable transfer.

2. Architecture: Control vs. Data Connection Unlike other client-server applications (like HTTP or
SMTP) that use a single connection for both commands and data, FTP uses two separate TCP
connections for a session. This is known as "Out-of-Band Signaling."

• A) Control Connection (Port 21)

o Establishment: This connection is the first to be established when a user logs in. It
connects to Port 21 on the server.

o Persistence: It remains open (persistent) for the entire duration of the interactive
session (until the user logs out).

o Purpose: It is used only to send commands (like "Login", "Change Directory", "Get
File") from the client to the server and receive responses (like "OK", "Error"). No file
data is sent over this link.

o Analogy: Think of this as the "remote control" wire.

 • B) Data Connection (Port 20)

o Establishment: This connection is created dynamically every time a file needs to be

transferred or a directory list is requested. It connects to Port 20 on the server (in
Active mode).

o Non-Persistence: It is non-persistent. It opens to transfer a specific file and closes

immediately after the transfer is complete. If the user wants to transfer another file,
a new data connection is created.

o Purpose: It is used strictly for transferring the actual file contents (data).

o Analogy: Think of this as the "pipeline" where the water (data) actually flows.

3. Why two connections? Separating commands from data allows the control connection to remain
responsive. For example, if a large file is being downloaded over the data connection, the user can
still use the control connection to send a "Cancel" or "Abort" command to stop the transfer.

4. FTP Commands The client sends commands to the server over the Control Connection as 3 or 4-
letter ASCII strings. Two important commands are:

1. RETR (Retrieve):

o This command is used to download a file from the server to the client.

o When the client enters a command like get [Link], the FTP client sends RETR
[Link] to the server.

o The server then opens a Data Connection and sends the file.

2. STOR (Store):

o This command is used to upload a file from the client to the server.

o When the client enters a command like put [Link], the FTP client sends STOR
[Link] to the server.
 o The server accepts the Data Connection and stores the incoming data as a file.

II. TELNET (TErminaL NETwork)

1. Definition TELNET is a standard TCP/IP protocol for virtual terminal service. It enables a user on
one computer to log into another computer that is part of the same network.

• It allows a user to access a remote machine as if they were sitting directly in front of it.

• It operates on TCP Port 23.

2. The Concept of NVT (Network Virtual Terminal) The biggest challenge in remote login is that
different operating systems (e.g., Windows vs. Linux) use different codes for keystrokes (like "End of
Line").

• To solve this, TELNET defines a universal interface called the Network Virtual Terminal
(NVT).

• Client Side: The client software translates the user's local keystrokes into NVT format and
sends them to the server.

• Server Side: The server receives NVT format and translates it into the remote computer's
acceptable format. This ensures interoperability between different types of computers.

3. Operation

1. The user starts the Telnet client and specifies the IP address of the remote server.

2. The client establishes a TCP connection to Port 23.

3. The server asks for a Login ID and Password.

4. Once authenticated, the user is presented with a command-line interface (shell) of the
remote machine.

4. Security Limitation TELNET sends all data, including passwords, in plain text. This makes it
vulnerable to eavesdropping. In modern networks, it has been largely replaced by SSH (Secure Shell),
which encrypts the connection.
Q6) a) What is DHCP? Explain DHCP working with client state diagram. [9 Marks]

1. Definition

DHCP (Dynamic Host Configuration Protocol) is a client-server protocol that automatically provides
an Internet Protocol (IP) host with its IP address and other related configuration information such as
the subnet mask and default gateway.

• It operates on the Application Layer but uses UDP services (Port 67 for Server, Port 68 for
Client).

• It relieves the network administrator from manually configuring every device.

2. DHCP Working (The DORA Process)

Before looking at the states, the general working involves four messages (DORA):

1. Discover: Client broadcasts a message to find a DHCP server.

2. Offer: Server responds with an available IP address.

3. Request: Client accepts the offer and requests to lease the IP.

4. Acknowledgment: Server officially assigns the IP and starts the lease timer.

3. DHCP Client State Transition Diagram

The DHCP client goes through a specific set of states to acquire and maintain an IP address.

Explanation of States:

1. INIT State:

o This is the starting state when the client first boots up.

o The client broadcasts a DHCPDISCOVER message to find servers.

o Transition: INIT $\rightarrow$ SELECTING

2. SELECTING State:

o The client waits for DHCPOFFER messages from servers.

o If it receives multiple offers, it selects one (usually the first one).

o It then broadcasts a DHCPREQUEST message indicating which server it accepted.

o Transition: SELECTING $\rightarrow$ REQUESTING

3. REQUESTING State:

o The client waits for a DHCPACK from the selected server.

o Once the ACK is received, the client configures its IP address.

o Transition: REQUESTING $\rightarrow$ BOUND

4. BOUND State:

o The client has a valid IP address and can communicate on the network.
 o It remains in this state until the lease time reaches 50% (Timer T1).

o Transition: BOUND $\rightarrow$ RENEWING (when T1 expires).

5. RENEWING State:

o The client sends a DHCPREQUEST (unicast) to the server that gave the IP, asking to
extend the lease.

o If ACK received: Timer resets, return to BOUND.

o If no response: The client waits until the lease time reaches 87.5% (Timer T2).

o Transition: RENEWING $\rightarrow$ REBINDING (when T2 expires).

6. REBINDING State:

o Since the original server didn't respond, the client broadcasts a DHCPREQUEST to
any available DHCP server.

o If ACK received: New lease starts, return to BOUND.

o If Lease Expires: The client must stop using the IP immediately.

o Transition: REBINDING $\rightarrow$ INIT.

Q5) a) What is SNMP? Explain SNMP working. [9 Marks]

1. Definition
SNMP (Simple Network Management Protocol) is a framework used for managing devices on an IP
network.

• Purpose: It provides a set of fundamental operations for monitoring and maintaining the
internet. It allows a network administrator to monitor the health of network devices (like
routers, switches, servers, and printers) and configure them remotely.

• Protocol Stack: It is an Application Layer protocol that typically uses UDP (User Datagram
Protocol) for data transport. It uses Port 161 for general messages and Port 162 for trap
messages.

2. Core Components

SNMP architecture is based on a manager-agent model containing three main components:

1. SNMP Manager (Management Station):

o A host (computer) running the management software.

o It initiates requests to query or modify the status of network devices.

o It receives alerts (traps) from devices.

2. SNMP Agent (Managed Device):

o A software module running on the managed device (e.g., a router or switch).

o It collects information about the device (e.g., CPU usage, bandwidth) and stores it in
a database.

o It responds to the manager's queries and sends alerts.

3. MIB (Management Information Base):

o This is the shared database between the Manager and the Agent.

o It is a collection of "objects" (variables) that the agent tracks (e.g., ipInReceives

counts incoming IP packets).

o The structure of these objects is defined by SMI (Structure of Management

Information).

3. How SNMP Works (Operations)

The working of SNMP involves the exchange of packets (called Protocol Data Units or PDUs) between
the Manager and the Agent.

A) Basic Interactions The Manager monitors the network by reading variables from the Agent's MIB,
and controls the network by writing variables to the MIB.

1. Get Request:

o Sent by the Manager to the Agent.

o Purpose: To retrieve the value of a specific variable (e.g., "What is your current
uptime?").

2. Get-Next Request:
 o Sent by the Manager.

o Purpose: To retrieve the value of the next variable in the MIB tree. This is used to
read through tables or lists of data sequentially.

3. Set Request:

o Sent by the Manager to the Agent.

o Purpose: To modify the value of a variable (e.g., "Set the status of Interface 2 to
DOWN"). This is how configuration changes are made remotely.

4. Response:

o Sent by the Agent to the Manager.

o Purpose: To reply to a Get, Get-Next, or Set request with the requested data or
confirmation.

B) The Trap Mechanism (Event-Driven) Standard polling (asking "Are you okay?" every second)
creates too much traffic. SNMP uses "Traps" to solve this.

5. Trap:

o Sent by the Agent to the Manager.

o Purpose: Unlike other messages, this is initiated by the Agent without being asked. It
creates an interrupt to inform the Manager of a critical event (e.g., "Link Down,"
"Overheating," or "Reboot")