PEER-TO-PEER AND SERVER-BASED NETWORKS

A network is an interconnection between various communication elements connected by various

communication links for information interchange. A network can be classified on various basis. But one of the
most important network classifications is based on network design.
Based on network design, a computer network can be divided into the following two types:
1. Peer-to-Peer Network
2. Server-Based Network
Now, we will learn about these two types of networks in detail.
Peer-to-Peer Network
The Peer-to-Peer network is also called P2P or computer-to-computer network. 'Peers' are the nodes or
computer system which are connected to each other. In this kind of network, each node is connected to each other
node in the network.

The nodes can share printers or CDROM drives, and allow other devices to read or write to its hard disk, allowing
sharing of files, access to its internet connection, and other resources. Files or resources can be shared directly
between the system on the network, without the need of any central server. Such kind of network, where we allow
nodes to become a server and share things in this manner, can be referred to as a peer-to-peer network.
In a peer-to-peer network, each node can work as either a server as well as a client. This network does not
distinguish between the client or server. Each of the nodes can act as both client/server depending on whether the
node is requesting or providing the service. All the nodes are functionally equal and can send or receive data directly
with one another.
Peer-to-Peer networks can be deployed very easily with most modern Operating Systems such as Windows and Mac
O.S., etc. Computers in the peer-to-peer network run the same network protocols and software. Once connected to
the network, P2P software allows users to search for files and other resources on some other node. The pattern of
communication between peers depends entirely on the application requirement. Each object is replicated in several
computers to further distribute the load and to provide flexibility in the event of disconnection of the individual
computer.
A peer-to-peer network can be configured as both wired as well as a wireless network. It is most commonly used in
the Local Area Network, especially in small offices, or within a single department of a large organization. The nodes
present in the network are situated very near to each other. Each node has access to devices and files on other
computers and can store independently its own software and information.
For Example, BitTorrent is a widely used peer-to-peer network.
Following are the advantages of using a peer-to-peer network:
1. Easy to implement and manage.
2. Nodes or workstations are independent of one another. Also, no access permissions are needed.
3. The network is reliable in nature. If a peer fails, it will not affect the working of others.
4. There is no need for any professional software in such kind of networks.
5. The cost of implementation of such networks is very less.
Following are the disadvantages of using a peer-to-peer network:
1. Storage is decentralized, and also not so efficiently managed.
2. No data backup options are available in peer-to-peer networks.
3. These kinds of networks are not so secure.
Server-Based Networks
A Server-Based network can also be termed as a Client-Server network. A server is a node that acts as a service
provider for clients. They wait for client requests and then respond to them. The server is located elsewhere on the
network, usually on a more powerful machine. Here, the server is the central location where users share and access
network resources. It controls the level of access that users have to share resources. In other words, a server provides
functionality and serve other programs called clients.

There is various kind of servers depending upon their use, they can be a web server(which servers HTTP requests),
Database servers(which runs DBMS), File server(which provides files to clients), Mail server, print server, Game
server, Application server, and so on. A server can contain web resources, host web applications, store user and
program data, etc.
A client is a machine or program requesting services from a server. Clients are often situated at workstations or on
personal computers. They can be a simple application or a whole system that accesses services being provided by a
server. A client program provides an interface to allow a computer user to request for services of the server and to
display the results the server returns. Each client has to log on to the system or server to access the data and its
resources.
A server-based network is centralized in nature. Also, the storage in this kind of network is centralized. In other
words, we can say that a server-based network is based on a centralized structure and provides a way to
communicate via the web. The Internet is the most widely used client-server network.
The Server-based network can be applied for various uses and applications. Some of them are as follows:
1. Centralization: The server administers the whole set-up in the network. Access rights and resource
allocations are also done by the server.
2. Proper Management: Due to centralized storage, it becomes easy to find a file or some other resource.
3. Backup and Recovery: A centralized server makes data backup and recovery possible in a convenient
manner.
4. Upgradation and Scalability: Changes in the network can be made very easily by just upgrading the server.
Also, the network is easily scalable.
5. Accessibility: Servers can be accessed remotely from various platforms in the network.
6. Security: Rules defining security and access rights can be defined at the time of the set-up of the server.
Following are the advantages of using a server-based network:
1. It facilitates a Centralized storage system.
2. Centralization makes administration easy.
3. Data can be easily backed in such networks.
4. The network is easy to scale.
5. Data sharing speed is high.
6. Servers can serve multiple clients at a time.
Following are the disadvantages of using a server-based network:
1. Dependency is more on a centralized server.
2. If the server's data is corrupted, all nodes will be affected.
3. A network administrator is required.
4. The cost of the server and network software is very high.

NETWORK SEVERS AND PROTOCOLS

Hypertext Transfer Protocol HTTP:

A standard Internet protocol that specifies the client/server interaction processes between Web browsers such as
Mozilla Firefox and Web servers such as Apache. Its the network protocol used to deliver virtually all files and
other data(collectively called resources) on the World-Wide-Web, whether they are HTML files, image files, query
results or anything else. Usually HTTP takes place though TCP/IP Sockets.
A Browser is an HTTP client because it sends requests to an HTTP server (Web Sever), which then sends response
back to the client. The standard and default port for the HTTP servers to listen is 80, though they can use any port.
What are Resources?
HTTP is used to transmit resources not just files. A resource is some chunk of information that can be identified
by a URL (its R in URL). The most common kind of resource is a file, but a resource may also be a dynamically
generated query, the output of a CGI script, a document that is available in several language or anything else.

The original Hypertext Transfer Protocol (HTTP) 1.0 protocol is a stateless protocol whereby a Web browser
forms a connection with a Web server, downloads the appropriate file, and then terminates the connection. The
browser usually requests a file using an HTTP GET method request on TCP port 80, which consists of a series of
HTTP request headers that define the transaction method (GET, POST, HEAD, and so on) and indicates to the
server the capabilities of the client. The server responds with a series of HTTP response headers that indicate
whether the transaction is successful, the type of data being sent, the type of server, and finally the requested data.
IIS 4 supports a new version of this protocol called HTTP 1.1, which has new features that make it more
efficient. These new features include the following:
• Persistent connections:
An HTTP 1.1 server can keep TCP connections open after a file has been transferred, eliminating the
need for a connection to be opened and closed each time a file is transferred, as is the case with HTTP
1.0.
 • Pipelining:
This is a process whereby an HTTP 1.1 client can send multiple Internet Protocol (IP) packets to the
server without waiting for the server to respond to each packet.
• Buffering:
This process allows several HTTP requests by the client to be buffered into a single packet and sent to
the server, which results in faster transfer times because fewer and larger packets are used.
• Host headers:
This feature enables an HTTP 1.1–compliant Web server to host multiple Web sites using a single IP
address.
• Http put and http delete commands:
These commands enable Web browsers to upload and delete files from Web servers using HTTP.

HTTPS VS HTTP.
As opposed to HTTP URLs that begin with "http://" and use port 80 by default, HTTPS URLs begin with "https://"
and use port 443 by default. HTTP is unsecured and is subject to man-in-the-middle and eavesdropping attacks,
which can let attackers gain access to website accounts and sensitive information. HTTPS is designed to withstand
such attacks and is considered secure against such attacks . HTTP operates at the highest layer of the OSI Model,
the Application layer; but the security protocol operates at a lower sublayer, encrypting an HTTP message prior
to transmission and decrypting a message upon arrival. Strictly speaking, HTTPS is not a separate protocol, but
refers to use of ordinary HTTP over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS)
connection. Everything in the HTTP message is encrypted, including the headers, and the request/response load.

DHCP(Dynamic Host Configuration Protocol)

A standard Internet protocol that enables the dynamic configuration of hosts on an Internet Protocol (IP)
internetwork. Dynamic Host Configuration Protocol (DHCP) is an extension of the bootstrap protocol (BOOTP).
How It Works
DHCP is a client-server protocol that uses DHCP servers and DHCP clients. A DHCP server is a machine that
runs a service that can lease out IP addresses and other TCP/IP information to any client that requests them. For
example, on Linux System example Ubuntu you can install the DHCP Server service to perform this function. The
DHCP server typically has a pool of IP addresses that it is allowed to distribute to clients, and these clients lease
an IP address from the pool for a specific period of time, usually several days. Once the lease is ready to expire,
the client contacts the server to arrange for renewal.
DHCP clients are client machines that run special DHCP client software enabling them to communicate with
DHCP servers. All versions of Linux and Windows include DHCP client software, which is installed when the
TCP/IP protocol stack is installed on the machine.
DHCP clients obtain a DHCP lease for an IP address, a subnet mask, and various DHCP options from DHCP
servers in a four-step process:
1. DHCPDISCOVER:
The client broadcasts a request for a DHCP server.
2. DHCPOFFER:
DHCP servers on the network offer an
address to the client.
3. DHCPREQUEST:
The client broadcasts a request to lease
an address from one of the offering
DHCP servers.
4. DHCPACK:
The DHCP server that the client
 responds to acknowledges the client,
assigns it any configured DHCP options,
and updates its DHCP database. The
client then initializes and binds its
TCP/IP protocol stack and can begin
network communication.

Domain Name System (DNS):

IP address are tough for human to remember and impossible to guess. Domain Name System are usually used to
translate a hostname or Domain name (eg. nec.edu.np) into an IP address (eg. 202.37.94.177). Domain name
comprise a hierarchy so that names are unique, yet easy to remember.
DNS makes its possible to refer to the Internet protocol(IP) based system(hosts) by human friendly names (domain
names). Name resolution is that act of determining the IP address of a given hostname. The benefits of DNS are
two folds. First Domain Name can be logical and easily remembered. Secondly, should an IP address for a host
change, the domain name can still resolve transparently to the users or application. DNS name resolution is a
critical Internet service. Many network services require functional name service for correct operation.
Domain names are separated by dots with the topmost element on the right. Each element may be up to 63
characters long; the entire name may be at most 255 characters long. Letters, numbers or dashes may be used in
an element.
Domain Name Space:
To have a hierarchical name space, a domain name space was designed. In this design the names are defined in
an inverted-tree structure with the root at the top. The tree can have only 128 levels: level 0 (root) to level 127 .

Fig: Domain Name Space

Domain Name
Each node in the tree has a domain name. A
full domain name is a sequence of labels
separated by dots (.). The domain names are
always read from the node up to the root. The
last label is the label of the root (null). This
means that a full domain name always ends in
a null label, which means the last character is
a dot because the null string is nothing. Figure
shows some domain names.
Fully Qualified Domain Name
If a label is terminated by a null string, it is called a fully qualified domain name (FQDN). An FQDN is a domain
name that contains the full name of a host. It contains all labels, from the most specific to the most general, that
uniquely define the name of the host. For example, the domain name
server1.cs.nec.edu. is the FQDN of a computer named server1 installed at the NEC Collete. A DNS server can
only match an FQDN to an address. Note that the name must end with a null label, but because null means nothing,
the label ends with a dot (.).

Partially Qualified Domain Name

If a label is not terminated by a null string, it is called a partially qualified domain name (PQDN). A PQDN starts
from a node, but it does not reach the root. It is used when the name to be resolved belongs to the same site as the
client. Here the resolver can supply the missing part, called the suffix, to create an FQDN. For example, if a user
at the nec.edu. site wants to get the IP address of the challenger computer, he or she can define the partial name
server1.
The DNS client adds the suffix cs.nec.edu before passing the address to the DNS server. The DNS client normally
holds a list of suffixes. The following can be the list of suffixes at NEC College. The null suffix defines nothing.
This suffix is added when the user defines an FQDN.
cs.nec.edu
nec.edu
null

DNS in the Internet:

Generic Domains
The generic domains define registered hosts according to their generic behavior. Each node in the tree defines a
domain, which is an index to the domain name space database
 Fig: Generic Domain Labels

Country Domains
The country domains section uses two-character country abbreviations (e.g., np for Nepal and us for United
States). Second labels can be organizational, or they can be more specific, national designations. The United States,
for example, uses state abbreviations as a subdivision of us (e.g., ca.us.).

Inverse Domain
The inverse domain is used to map an address to a name. This may happen, for example, when a server has received
a request from a client to do a task. This type of query is called an inverse or pointer (PTR) query. To handle a
pointer query, the inverse domain is added to the domain name space with the first-level node called arpa (for
historical reasons). The second level is also one single node named in-addr (for inverse address). The rest of the
domain defines IP addresses.
Simple Mail Transfer Protocol (SMTP)
One of the most popular network services, email is supported by TCP/IP protocol SMTP. It provides system for
sending message to other computers and provide a mail exchange between users. SMTP supports:
• Sending a message to one or more recipients.
• Sending message that includes texts,voice, video or graphics.
• Sending message to users on the network outside the Internet.

SMTP supports sending of emai only It cannot pull messages from a remote server on demand. Other protocols,
such as the Post Office Protocol (POP) and the Internet Message Access Protocol (IMAP) are specifically designed
for retrieving messages and managing mail boxes. However, SMTP has a feature to initiate mail queue processing
on a remote server so that the requesting system may receive any messages destined for it (cf. Remote Message
Queue Starting). POP and IMAP are preferred protocols when a user's personal computer is only intermittently
powered up, or Internet connectivity is only transient and hosts cannot receive message during off-line periods.

The overall flow for message creation, mail transport, and delivery may be illustrated as shown.
Email is submitted by a mail client (MUA, mail user agent) to a mail server (MSA, mail submission agent)
using SMTP on TCP port 587. Most mailbox providers still allow submission on traditional port 25. From there,
the MSA delivers the mail to its mail transfer agent (MTA, mail transfer agent). Often, these two agents are just
different instances of the same software launched with different options on the same machine. Local processing
can be done either on a single machine, or split among various appliances; in the former case, involved processes
can share files; in the latter case, SMTP is used to transfer the message internally, with each host configured to
use the next appliance as a smart host. Each process is an MTA in its own right; that is, an SMTP server.
The boundary MTA has to locate the target host. It uses the Domain name system (DNS) to look up the mail
exchanger record (MX record) for the recipient's domain (the part of the address on the right of @). The returned
MX record contains the name of the target host. The MTA next looks up the A record for that name in order to get
the IP address and connect to such host as an SMTP client.
Once the MX target accepts the incoming message, it hands it to a mail delivery agent (MDA) for local mail
delivery. An MDA is able to save messages in the relevant mailbox format. Again, mail reception can be done
using many computers or just one —the picture displays two nearby boxes in either case. An MDA may deliver
messages directly to storage, or forward them over a network using SMTP, or any other means, including the
Local Mail Transfer Protocol (LMTP), a derivative of SMTP designed for this purpose.
Once delivered to the local mail server, the mail is stored for batch retrieval by authenticated mail clients (MUAs).
Mail is retrieved by end-user applications, called email clients, using Internet Message Access Protocol (IMAP),
a protocol that both facilitates access to mail and manages stored mail, or the Post Office Protocol (POP) which
typically uses the traditional mbox mail file format or a proprietary system such as Microsoft Exchange/Outlook
or Lotus Notes/Domino. Webmail clients may use either method, but the retrieval protocol is often not a formal
standard.

IMAP:(Internet Mail Access Protocol)

An Internet standard protocol for storing and retrieving messages from Simple Mail Transfer Protocol (SMTP)
hosts. Internet Mail Access Protocol version provides functions similar to Post Office Protocol version 3 (POP3),
with additional features as described in this entry.
How It Works
SMTP provides the underlying message transport mechanism for sending e-mail over the Internet, but it does not
provide any facility for storing and retrieving messages. SMTP hosts must be continuously connected to one
another, but most users do not have a dedicated connection to the Internet.
IMAP4 provides mechanisms for storing messages received by SMTP in a receptacle called a mailbox. An
IMAP4 server stores messages received by each user until the user connects to download and read them using an
IMAP4 client such as Evolution or Microsoft Outlook Express.
IMAP4 includes a number of features that are not supported by POP3. Specifically, IMAP4 allows users to
• Access multiple folders, including public folders
• Create hierarchies of folders for storing messages
• Leave messages on the server after reading them so that they can access the messages again from
another location
• Search a mailbox for a specific message to download
• Flag messages as read
• Selectively download portions of messages or attachments only
• Review the headers of messages before downloading them
To retrieve a message from an IMAP4 server, an IMAP4 client first establishes a Transmission Control Protocol
(TCP) session using TCP port 143. The client then identifies itself to the server and issues a series of IMAP4
commands:
• LIST:
Retrieves a list of folders in the client’s mailbox
• SELECT:
Selects a particular folder to access its messages
• FETCH:
Retrieves individual messages
• LOGOUT:
Ends the IMAP4 session
Post Office Protocol version 3 (POP3)
An Internet standard protocol for storing and retrieving messages from Simple Mail Transfer Protocol (SMTP)
hosts.
How It Works
SMTP provides the underlying transport mechanism for sending e-mail messages over the Internet, but it does not
provide any facility for storing messages and retrieving them. SMTP hosts must be continuously connected to one
another, but most users do not have a dedicated connection to the Internet.
Post Office Protocol version 3 (POP3) provides mechanisms for storing messages sent to each user and received
by SMTP in a receptacle called a mailbox. A POP3 server stores messages for each user until the user connects to
download and read them using a POP3 client such as Microsoft Outlook 98, Microsoft Outlook Express, or
Microsoft Mail and News.
To retrieve a message from a POP3 server, a POP3 client establishes a Transmission Control Protocol (TCP)
session using TCP port 110, identifies itself to the server, and then issues a series of POP3 commands:
• stat:
Asks the server for the number of messages waiting to be retrieved
• list:
Determines the size of each message to be retrieved
• retr:
Retrieves individual messages
• Quit:
Ends the POP3 session
After a POP3 client reads a message in its mailbox on a POP3 server, the message is deleted. Primarily because
of this, POP3 is being supplanted by Internet Mail Access Protocol version 4 (IMAP4), which offers better
support for mobile users. POP3 is supported by Microsoft Exchange Server.

IMAP VS POP:

What's the difference?

The main difference, as far as we are concerned here, is the way in which IMAP or POP controls your e-mail
inbox.
When you use IMAP you are accessing your inbox on the mail server. IMAP does not actually move messages
onto your computer. You can think of an e-mail program using IMAP as a window to your messages on the server.
Although the messages appear on your computer while you work with them, they remain on the central mail server.
POP does the opposite. Instead of just showing you what is in your inbox on the U's mail server, it checks the
server for new messages, downloads all the new messages in your inbox onto your computer, and then deletes
them from the server. This means that every time you use POP to view your new messages, they are no longer on
the central mail server. Figure illustrates these concepts
IMAP makes it easier to view mail from home, work, and other locations
Because IMAP leaves all of your messages on the central mail server, you can view these messages from any
location with Internet access. This means the U of M e-mail inbox you view from home will be the same one you
see at work.
Since POP downloads new messages to your computer and removes them from the server, you will not be able to
see those new messages on another computer when you check your inbox. Those messages exist only on the
computer that downloaded them using POP.
However, if you use IMAP and create e-mail folders on the server, these folders are accessible from anywhere
you read your e-mail using IMAP. If you use POP and create e-mail folders, they are stored locally, and you
cannot access these folders from anywhere except the computer on which you created them.
POP can create problems if you alternate between it and IMAP. There is an option in many POP e-mail programs
to leave copies of the messages on the server, but this option has complications. When you leave copies of the
messages on the server, then access your e-mail using WebMail or another IMAP e-mail client, the POP client
may create duplicate messages next time it accesses the inbox; you will see each of the messages more than
once, and you will have to clean out (delete) the unwanted ones.
Virtual Private Network (VPN)
The Internet is a worldwide, publicly accessible IP network. Due to its vast global proliferation, it has become a
viable method of interconnecting remote sites. However, the fact that it is a public infrastructure has deterred most
enterprises from adopting it as a viable remote access method for branch and SOHO sites.
A virtual private network (VPN) is a concept that describes how to create a private network over a public network
infrastructure while maintaining confidentiality and security. VPNs use cryptographic tunneling protocols to
provide sender authentication, message integrity, and confidentiality by protecting against packet sniffing. VPNs
can be implemented at Layers 2, 3, and 4 of the Open Systems Interconnection (OSI) model.
Figure illustrates a typical VPN topology. Components required to establish a VPN include:
• An existing network with servers and workstations
• Connection to the Internet
• VPN gateways (i.e., routers, PIX, ASA, VPN concentrators) that act as endpoints to establish, manage,
and control VPN connections
• Software to create and manage tunnels
The key to VPN technology is security. VPNs secure data by encapsulating the data, encrypting the data, or both
encapsulating the data and then encrypting it:
• Encapsulation is also referred to as tunneling because encapsulation transmits data transparently from
network to network through a shared network infrastructure.
• Encryption codes data into a different format. Decryption decodes encrypted data into the data’s original
unencrypted format.

Fig:(a) A leased-line private network. (b) A virtual private network.

Basically, a VPN is a private network that uses a public network (usually the Internet) to connect remote sites or
users together. Instead of using a dedicated, real-world connection such as leased line, a VPN uses "virtual"
connections routed through the Internet from the company's private network to the remote site or employee.
A well-designed VPN can greatly benefit a company. For example, it can:
• Extend geographic connectivity
• Improve security
• Reduce operational costs versus traditional WAN
• Reduce transit time and transportation costs for remote users
• Improve productivity
• Simplify network topology
• Provide global networking opportunities
• Provide telecommuter support
• Provide broadband networking compatibility
• Provide faster ROI (return on investment) than traditional WAN
What features are needed in a well-designed VPN? It should incorporate:
• Security
• Reliability
• Scalability
• Network management
• Policy management

IPSEC
IPsec provides a mechanism for secure data transmission over IP networks, ensuring confidentiality, integrity, and
authenticity of data communications over unprotected networks such as the Internet . IPsec encompasses a suite
of protocols and is not bound to any specific encryption or authentication algorithms, key generation technique,
or security association (SA). IPsec provides the rules while existing algorithms provide the encryption,
authentication, key management, and so on. IPsec acts at the network layer, protecting and authenticating IP
packets between IPsec devices (peers), such as Cisco PIX Firewalls, Adaptive Security Apliances (ASA), Cisco
routers, the Cisco Secure VPN Client, and other IPsec-compliant products.

IPsec is an Internet Engineering Task Force (IETF) standard (RFC 2401-2412) that defines how a VPN can be
created over IP networks.

IPsec provides the following essential security functions:

Data confidentiality: IPsec ensures confidentiality by using encryption. Data encryption prevents third parties
from reading the data, especially data that is transmitted over public networks or wireless networks. The IPsec
sender can encrypt packets before transmitting the packets across a network and prevent anyone from hearing or
viewing the communication (eavesdropping).

Data integrity: IPsec ensures that data arrives unchanged at the destination; that is, that the data is not
manipulated at any point along the communication path. IPsec ensures data integrity by using hashes.

Data origin authentication: The IPsec receiver can authenticate the source of the IPsec packets. Authentication
ensures that the connection is actually made with the desired communication partner.
Anti-replay: Anti-replay protection verifies that each packet is unique, not duplicated. IPsec packets are protected
by comparing the sequence number of the received packets and a sliding window on the destination host, or
security gateway. A packet whose sequence number is before the sliding window is considered late, or a duplicate.
Late and duplicate packets are dropped.

Proxy server
A computer that can act on the behalf of other computers to request content from the Internet or an intranet. Proxy
Server is placed between a user's machine and the Internet. It can act as a firewall to provide protection and as a
cache area to speed up Web page display.
A firewall mechanism that replaces the IP address of a host on the internal (protected) network with its own IP
address for all traffic passing through it. A software agent that acts on behalf of a user, typical proxies accept a
connection from a user, make a decision as to whether or not the user or client IP address is permitted to use the
proxy, perhaps does additional authentication, and then completes a connection on behalf of the user to a remote
destination.

Proxy servers have two main purposes:

• Improve Performance: Proxy servers can dramatically improve performance for groups of users. This is
because it saves the results of all requests for a certain amount of time. proxy server is often on the same
network as the user, this is a much faster operation. Real proxy servers support hundreds or thousands of
users.
• Filter Requests: Proxy servers can also be used to filter requests.

Types of Proxy:

1. Forward Proxy:
Forward proxies are proxies where the client server names the target server to connect to. Forward proxies are
able to retrieve from a wide range of sources (in most cases anywhere on the Internet).
The terms "forward proxy" and "forwarding proxy" are a general description of behavior (forwarding traffic) and
thus ambiguous. Except for Reverse proxy

Fig:A forward proxy taking requests from an internal network and forwarding them to the
Internet
2. Open Proxy:
An open proxy is a forward proxy server that is accessible by any Internet user. There are "hundreds of
thousands" of open proxies on the Internet.. An anonymous open proxy allows users to conceal their IP address
while browsing the Web or using other Internet services.
 Fig: An open proxy forwarding requests from and to anywhere on the
Internet.

3. Reverse Proxy:
A reverse proxy is a proxy server that appears to clients to be an ordinary server. Requests are forwarded to one
or more origin servers which handle the request. The response is returned as if it came directly from the proxy
server

Fig: A reverse proxy taking requests from the Internet and forwarding them to servers
in an internal network. Those making requests connect to the proxy and may not be
aware of the internal network.

File Transfer Protocol (FTP)

An Internet standard application-level TCP/IP protocol that can be used for transferring files between hosts on a
TCP/IP internetwork.
How It Works
File Transfer Protocol (FTP) is one of the earliest Internet protocols, and is still used for uploading and
downloading files between clients and servers. An FTP client is an application that can issue FTP commands to
an FTP server, while an FTP server is a service or daemon running on a server that responds to FTP commands
from a client. FTP commands can be used to change directories, change transfer modes between binary and ASCII,
upload files, and download files. FTP uses Transmission Control Protocol (TCP) for reliable network
communication by establishing a session before initiating data transfer. TCP port number 21 on the FTP server
listens for connection attempts from an FTP client and is used as a control port for establishing a connection
between the client and server, for allowing the client to send an FTP command to the server, and for returning the
server’s response to the command. Once a control connection has been established, the server opens port number
20 to form a new connection with the client for transferring the actual data during uploads and downloads.
While transferring Data over the
network, two modes can be used:
1. Ascii Mode
2. Binary Mode

The two types differ from the way they

send the data. When a file is sent using an
ASCII-type transfer, the individual letters,
numbers and characters are sent. The
receiving machine saves these in a text file
in the appropriate format (for example, a
Unix machine saves it in a Unix format, a
Macintosh saves it in a Mac format).
Hence if an ASCII transfer is used it can
be assumed plain text is sent, which is
stored by the receiving computer in its own
format.

Sending a file in binary mode is different.

The sending machine sends each file bit
for bit and as such the recipient stores the
bit-stream as it receives it.

By default, most FTP clients use ASCII mode.

Some clients, nevertheless are more clever and
try to
determine the required transfer-mode by inspecting the file's contents.

Network Management
Introduction to Network management, Internet Network – Management framework (SMI & HIB) &
SNMP protocol
Introduction to Network Management:
Network management is defined as monitoring, testing, configuring, and troubleshooting network
components to meet a set of requirements defined by an organization. These requirements include the
smooth, efficient operation of the network that provides the predefined quality of service for users. To
accomplish this task, a network management system uses hardware, software, and humans.

Functions of Network Management System:

1. Configuration Management
2. Fault Management
3. Performance Management
4. Security management
5. Accounting management

Configuration Management
A large network is usually made up of hundreds of entities that are physically or logically connected to
one another. These entities have an initial configuration when the network is set up, but can change
with time. Desktop computers may be replaced by others; application software may be updated to a
newer version; and users may move from one group to another. The configuration management system
must know, at any time, the status of each entity and its relation to other entities . Configuration
management can be subdivided into two parts reconfiguration and Documentation.

Fault Management:
Falls on two categories.
• Reactive Fault Management
A reactive fault management system is responsible for detecting, isolating, correcting, and
recording faults. It handles short-term solutions to faults.
• Proactive Fault Management
Proactive fault management tries to prevent faults from occurring. Although this is not always
possible, some types of failures can be predicted and prevented.
Performance management:
It is is closely related to fault management and tries to monitor and control the network to ensure that
it is running as efficiently as possible.

Security Management
Security management is responsible for controlling access to the network based on the predefined
policy.
Accounting Management
Accounting management is the control of users' access to network resources through charges. Charging
does not necessarily mean cash transfer; it may mean debiting the departments or divisions for
budgeting purposes. Today, organizations use an accounting management system for the following
reasons:
• It prevents users from monopolizing limited network resources.
• It prevents users from using the system inefficiently.
• Network managers can do short- and long-term planning based on the demand for network use.

SIMPLE NETWORK MANAGEMENT PROTOCOL(SNMP)

Simple Network Management Protocol (SNMP) is an "Internet-standard protocol for managing
devices on IP networks. Devices that typically support SNMP include routers, switches, servers,
workstations, printers, modem racks, and more. It is used mostly in network management systems to
monitor network-attached devices for conditions that warrant administrative attention.

The Simple Network Management Protocol (SNMP) is a framework for managing devices in an Internet
using the TCPIIP protocol suite. It provides a set of fundamental operations for monitoring and
maintaining an Internet.

Concept
SNMP uses the concept of manager and agent. That is, a manager, usually a host, controls and monitors
a set of agents, usually routers . SNMP is an application-level protocol in which a few manager stations
control a set of agents. The protocol is designed at the application level so that it can monitor devices
made by different manufacturers and installed on different physical networks.

Managers and Agents

A management station, called a manager, is a host that runs the SNMP client program. A managed
station, called an agent, is a router (or a host) that runs the SNMP server program. Management is
achieved through simple interaction between a manager and an agent. The agent keeps performance
information in a database. The manager has access to the values in the database. For example, a router
can store in appropriate variables the number of packets received and forwarded. The manager can
fetch and compare the values of these two variables to see if the router is congested or not.

An SNMP-managed network consists of three key components:

• Managed device
• Agent — software which runs on managed devices
• Network management system (NMS) — software which runs on the manager
A managed device is a network node that implements an SNMP interface that allows unidirectional
(read-only) or bidirectional access to node-specific information. Managed devices exchange node-
specific information with the NMSs. Sometimes called network elements, the managed devices can be
any type of device, including, but not limited to, routers, access servers, switches, bridges, hubs, IP
telephones, IP video cameras, computer hosts, and printers.
An agent is a network-management software module that resides on a managed device. An agent has
local knowledge of management information and translates that information to or from an SNMP
specific form.
A network management system (NMS) executes applications that monitor and control managed
devices. NMSs provide the bulk of the processing and memory resources required for network
management. One or more NMSs may exist on any managed network.
Management with SNMP is based on three basic ideas:
1. A manager checks an agent by requesting information that reflects the behavior of the agent.
2. A manager forces an agent to perform a task by resetting values in the agent database.
3. An agent contributes to the management process by warning the manager of an unusual
situation.

SNMP operates in the Application Layer of the Internet Protocol Suite (Layer 7 of the OSI model). The
SNMP agent receives requests on UDP port 161. The manager may send requests from any available
source port to port 161 in the agent. The agent response will be sent back to the source port on the
manager. The manager receives notifications (Traps and InformRequests) on port 162. The agent may
generate notifications from any available port.
To do management tasks, SNMP uses two other protocols:
1. Structure of Management Information (SMI)
2. Management Information Base (MIB).

Role of SNMP
SNMP has some very specific roles in network management. It defines the format of the packet to be
sent from a manager to an agent and vice versa. It also interprets the result and creates statistics (often
with the help of other management software). The packets exchanged contain the object (variable)
names and their status (values). SNMP is responsible for reading and changing these values.

Roles of SMI
SMI defines the general rules for naming objects, defining object types (including range and length),
and showing how to encode objects and values. SM1 does not define the number of objects an entity
should manage or name the objects to be managed or define the association between the objects and
their values.
The Structure of Management Information, version 2 (SMIv2) is a component for network
management. Its functions are
1. To name objects
2. To define the type of data that can be stored in an object
3. To show how to encode data for transmission over the network
SMI is a guideline for SNMP. It emphasizes three attributes to handle an object: name, data type, and
encoding method .

Roles of MIB
For each entity to be managed, this protocol must define the number of objects, name them according
to the rules defined by SMI, and associate a type to each named object .MIB creates a collection of
named objects, their types, and their relationships to each other in an entity to be managed.
Each agent has its own MIB2, which is a collection of all the objects that the manager can manage. The
objects in MIB2 are categorized under 10 different groups: system, interface, address translation, ip,
icmp, tcp, udp, egp, transmission, and snmp.

Analogy:
We can compare the task of network management to the task of writing a program.
• Both tasks need rules. In network management this is handled by SMI.
• Both tasks need variable declarations. In network management this is handled by MIB.
• Both tasks have actions performed by statements. In network management this is handled by
SNMP.

Network Management Architectures

Network management system contains two primary elements: a manager and agents. The Manager is
the console through which the network administrator performs network management functions. Agents
are the entities that interface to the actual device being managed. Bridges, Hubs, Routers or network
servers are examples of managed devices that contain managed objects. These managed objects might
be hardware, configuration parameters, performance statistics, and so on, that directly relate to the
current operation of the device in question. These objects are arranged in what is known as a virtual
information database , called a management information base, also called MIB. SNMP allows managers
and agents to communicate for the purpose of accessing these objects.
 A typical agent usually:
 Implements full SNMP protocol.
 Stores and retrieves management data as defined by the Management Information Base
 Can asynchronously signal an event to the manager
 Can be a proxy (The proxy agent then translates the protocol interactions it
receives from the management station) for some non-SNMP manageable network
node.
A typical manager usually:
 Implemented as a Network Management Station (the NMS)
 Implements full SNMP Protocol
 Able to
o Query agents
o Get responses from agents
o Set variables in agents

NB: You can download a free copy of the Simple Network Management Protocol software version 5 or
latter from the internet, “ net.snmp”