-
Notifications
You must be signed in to change notification settings - Fork 91
/
8. The Application Layer
76 lines (66 loc) · 10.4 KB
/
8. The Application Layer
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
The Application Layer
------------------------
A. Physical Layer - Computers send electrical/optical signals to send communication across a cable;
B. Datalink layer - Individual computers can address each other and send data using the ethernet at the data-link layer;
C. Network Layer - Computers and routers communicate between diferent networks using IP.
D. Transportation Layer - Data is received and sent by proper applications;
* The TCP section has a generic data section, the payload section is the entire content of the data application - web pages from server to browser, video content, word-content a wordprocessor is sending to a printer;
- Multiple protocols operate at the application layer - HTTP, SMTP, etc - they are standardized across application types;
Most commom servers - Microsoft IIS, Apache, and nginx for web browsers they need to be compatible and communicate over the same protocol;
For Web traffic - application layer protocol - HTTP;
The Application Layer and the OSI Model
-----------------------------------------
OSI - Open System Interconnection model;
7 layer
-------
Application
Presentation - Responsible for making sure that the unencapsulated application layer data is understood by the application. It handles encryption and compression of data;
Session - Failitating communication between actual applications and the transport layer, takes the application layer data and sends it to the presentation layer;
Transportation
Network
Data link
physical
------------------------------------------------------------------------------------------------------------------------------------------
All layers working in Unison
------------------------------
_____10.1.1.1___Router A_____192.168.1.254__ _____192.168.1.1___Router B_____172.16.1.1_______
| | |
| | |
N/w A N/W B N/W C
10.1.1.0/24 192.168.1.0/24 172.16.1.0/24
| |
| |
| |
| |
Computer 1 Computer 2
10.1.1.100 172.16.1.100
Web server listening on port 80;
-> 3 Networks - computer 1 connected to network a wants data from computer 2 connected to network c;
1. Web browser on computer 1 -> (url - 172.16.1.100 entered in the address bar) - request the web page from 172.16.1.100;
2. The web browser communicates with the local networking stack which is part of the OS - handles n/w functions - that it wants to establish a TCP connection to 172.16.1.100, port 80;
3. The networking stack examines its own subnet. It sees that it lives on the network 10.1.1.0/24, which means that the destination 172.16.1.100 is on another network.
4. At this point, computer 1 knows that it'll have to send any data to its gateway for routing to a remote network - 10.1.1.1;
5. Computer 1 looks at its ARP table to determine what MAC address of 10.1.1.1 is, but it doesn't find any corresponding entry.
6. Computer A crafts an ARP request for an IP address of 10.1.1.1, which it sends to the hardware broadcast address of all Fs. This ARP discovery request is sent to every node on the local network.
7. When router A receives this ARP message, it sees that it's the computer currently assigned the IP address of 10.1.1.1. So it responds to computer 1 to let it know about its own MAC address of 00:11:22:33:44:55.
8. Computer 1 receives this response and now knows the hardware address of its gateway. This means that it's ready to start constructing the outbound packet.
9. Computer 1 knows that it's being asked by the web browser to form an outbound TCP connection - therefore needs an outbound TCP port;
10. The operating system identifies the ephemeral port of 50000 as being available, and opens a socket connecting the web browser to this port.
11. It'll need to establish a connection.
- The networking stack starts to build a TCP segment. It fills in all the appropriate fields in the header, including a source port of 50000 and a destination port of 80. A sequence number is chosen and is used to fill in the sequence number field. Finally, the SYN flag is set, and a checksum for the segment is calculated and written to the checksum field.
- The constructed TCP segment is now passed along to the IP layer of the networking stack. This layer constructs an IP header. This header is filled in with the source IP, the destination IP, and a TTL of 64, which is a pretty standard value for this field.
- The TCP segment is inserted as the data payload for the IP datagram. And a checksum is calculated for the whole thing. Now that the IP datagram has been constructed, computer 1 needs to get this to its gateway, which it now knows has a MAC address of 00:11:22:33:44:55, so an Ethernet Datagram is constructed. All the relevant fields are filled in with the appropriate data, most notably, the source and destination MAC addresses.
- Finally, the IP datagram is inserted as the data payload of the Ethernet frame, and another checksum is calculated.
- Now we have an entire Ethernet frame ready to be sent across the physical layer.
12. The network interface connected to computer 1 sends this binary data as modulations of the voltage of an electrical current running across a CAT6 cable that's connected between it and a network switch.
13. This switch receives the frame and inspects the destination MAC address. The switch knows which of its interfaces this MAC address is attached to, and forwards the frame across only the cable connected to this interface.
14. At the other end of this link is router A, which receives the frame and recognizes its own hardware address as the destination.
15. Router A knows that this frame is intended for itself. So it now takes the entirety of the frame and calculates a checksum against it. Router A compares this checksum with the one in the Ethernet frame header and sees that they match. Meaning that all of the data has made it in one piece. Next, Router A strips away the Ethernet frame, leaving it with just the IP datagram.
16. Again, it performs a checksum calculation against the entire datagram. And again, it finds that it matches, meaning all the data is correct. It inspects the destination IP address and performs a lookup of this destination in its routing table. Router A sees that in order to get data to the 172.16.1.0/24 network, the quickest path is one hop away via Router B, which has an IP of 192.168.1.1. Router A looks at all the data in the IP datagram, decrements the TTL by 1, calculates a new checksum reflecting that new TTL value, and makes a new IP datagram with this data.
17. Router A knows that it needs to get this datagram to router A, which has an IP address of 192.168.1.1. It looks at its ARP table, and sees that it has an entry for 192.168.1.1. Now router A can begin to construct an Ethernet frame with the MAC address of its interface on network B as the source. And the MAC address on router B's interface on network B as the destination. Once the values for all fields in this frame have been filled out, router A places the newly constructed IP datagram into the data payload field. Calculates a checksum, and places this checksum into place, and sends the frame out to network B.
18. This frame makes it across network B, and is received by router B. Router B performs all the same checks, removes the the Ethernet frame encapsulation, and performs a checksum against the IP datagram.
19. It then examines the destination IP address. Looking at its routing table, router B sees that the destination address of computer 2, or 172.16.1.100, is on a locally connected network. So it decrements the TTL by 1 again, calculates a new checksum, and creates a new IP datagram. This new IP datagram is again encapsulated by a new Ethernet frame. This one with the source and destination MAC address of router B and computer 2. And the whole process is repeated one last time.
20. The frame is sent out onto network C, a switch ensures it gets sent out of the interface that computer 2 is connected to. Computer 2 receives the frame, identifies its own MAC address as the destination, and knows that it's intended for itself. Computer 2 then strips away the Ethernet frame, leaving it with the IP datagram. It performs a CRC and recognizes that the data has been delivered intact. It then examines the destination IP address and recognizes that as its own.
21. Next, computer 2 strips away the IP datagram, leaving it with just the TCP segment. Again, the checksum for this layer is examined, and everything checks out. Next, computer 2 examines the destination port, which is 80. The networking stack on computer 2 checks to ensure that there's an open socket on port 80, which there is. It's in the listen state, and held open by a running Apache web server. Computer 2 then sees that this packet has the SYN flag set. So it examines the sequence number and stores that, since it'll need to put that sequence number in the acknowledgement field once it crafts the response.
22. Finally get a single TCP segment containing a SYN flag from one computer to a second one. Everything would have to happen all over again for computer 2 to send a SYN-ACK response to computer 1. Then everything would have to happen all over again for computer 1 to send an ACK back to computer 2, and so on and so on.
-----------------------------------------------------------------------------------------------------------------------------------------