Web technology and commerce unit 1

UNIT : I
PREPARED BY ARUN PRATAP SINGH
WEB TECHNOLOGY AND COMMERCE (MCSE 201)

PREPARED BY ARUN PRATAP SINGH 1
1
INTRODUCTION TO BUILDING BLOCKS OF ELECTRONIC COMMERCE :
UNIT : I

2

3
IP ADDRESSING :

4
An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g.,
computer, printer) participating in a computer network that uses the Internet Protocol for
communication.[1]
An IP address serves two principal functions: host or network
interface identification and location addressing. Its role has been characterized as follows:
"A name indicates what we seek. An address indicates where it is. A route indicates how to get there."

5

6

7

8

9
ADDRESS RESOLUTION PROTOCOL (ARP) :
ARP converts an Internet Protocol (IP) address to its corresponding physical network address.
ARP is a low-level network protocol, operating at Layer 2 of the OSI model.
The address resolution protocol (ARP) is a protocol used by the Internet Protocol (IP) [RFC826],
specifically IPv4, to map IP network addresses to the hardware addresses used by a data link
protocol. The protocol operates below the network layer as a part of the interface between the
OSI network and OSI link layer. It is used when IPv4 is used over Ethernet.

10
The term address resolution refers to the process of finding an address of a computer in a
network. The address is "resolved" using a protocol in which a piece of information is sent by a
client process executing on the local computer to a server process executing on a remote
computer. The information received by the server allows the server to uniquely identify the
network system for which the address was required and therefore to provide the required address.
The address resolution procedure is completed when the client receives a response from the
server containing the required address.
An Ethernet network uses two hardware addresses which identify the source and destination of
each frame sent by the Ethernet. The destination address (all 1's) may also identify
a broadcast packet (to be sent to all connected computers). The hardware address is also known
as the Medium Access Control (MAC) address, in reference to the standards which
define Ethernet. Each computer network interface card is allocated a globally unique 6 byte link
address when the factory manufactures the card (stored in a PROM). This is the normal link
source address used by an interface. A computer sends all packets which it creates with its own
hardware source link address, and receives all packets which match the same hardware address
in the destination field or one (or more) pre-selected broadcast/multicast addresses.
The Ethernet address is a link layer address and is dependent on the interface card which is used.
IP operates at the network layer and is not concerned with the link addresses of individual nodes
which are to be used. The address resolution protocol (ARP) is therefore used to translate
between the two types of address. The ARP client and server processes operate on all computers
using IP over Ethernet. The processes are normally implemented as part of the software driver
that drives the network interface card.
There are four types of ARP messages that may be sent by the ARP protocol. These are identified
by four values in the "operation" field of an ARP message. The types of message are:
1. ARP request
2. ARP reply
3. RARP request
4. RARP reply
The format of an ARP message is shown below:

11
Format of an ARP message used to resolve the remote MAC Hardware Address (HA)
To reduce the number of address resolution requests, a client normally caches resolved
addresses for a (short) period of time. The ARP cache is of a finite size, and would become full
of incomplete and obsolete entries for computers that are not in use if it was allowed to grow
without check. The ARP cache is therefore periodically flushed of all entries. This deletes unused
entries and frees space in the cache. It also removes any unsuccessful attempts to contact
computers which are not currently running.
If a host changes the MAC address it is using, this can be detected by other hosts when the cache
entry is deleted and a fresh ARP message is sent to establish the new association. The use of
gratuitous ARP (e.g. triggered when the new NIC interface is enabled with an IP address) provides
a more rapid update of this information.
Position of ARP in TCP/IP protocol suite

12
ARP operation -
Encapsulation of ARP packet :

13
Four cases using ARP :

14

15
Proxy ARP:

16
RARP (REVERSE ADDRESS RESOLUTION PROTOCOL) :
RARP (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local
area network can request to learn its IP address from a gateway server's Address Resolution
Protocol (ARP) table or cache. A network administrator creates a table in a local area network's
gateway router that maps the physical machine (or Media Access Control -MAC address)
addresses to corresponding Internet Protocol addresses. When a new machine is set up, its
RARP client program requests from the RARP server on the router to be sent its IP address.
Assuming that an entry has been set up in the router table, the RARP server will return the IP
address to the machine which can store it for future use.
RARP is available for Ethernet, Fiber Distributed-Data Interface, and token ring LANs.
The Reverse Address Resolution Protocol (RARP) is an obsolete computer networking protocol
used by a client computer to request its Internet Protocol (IPv4) address from a computer network,
when all it has available is its Link Layer or hardware address, such as a MAC address. The client
broadcasts the request, and does not need prior knowledge of the network topology or the identities
of servers capable of fulfilling its request.
RARP is described in Internet Engineering Task Force (IETF) publication RFC 903.[1] It has been
rendered obsolete by the Bootstrap Protocol (BOOTP) and the modern Dynamic Host Configuration
Protocol (DHCP), which both support a much greater feature set than RARP.
RARP requires one or more server hosts to maintain a database of mappings of Link Layer addresses
to their respective protocol addresses. Media Access Control (MAC) addresses needed to be
individually configured on the servers by an administrator. RARP was limited to serving only IP
addresses.
Reverse ARP differs from the Inverse Address Resolution Protocol (InARP) described in RFC 2390,
which is designed to obtain the IP address associated with a local Frame Relay data link connection
identifier. InARP is not used in Ethernet.
Position of ARP and RARP in TCP/IP protocol suite

17
RARP operation -

18
Format of an ARP message
BOOTP (Bootstrap Protocol) :
The Bootstrap Protocol (BOOTP) is a client/server protocol that configures a diskless computer
or a computer that is booted for the first time. BOOTP provides the IP address, net mask, the
address of a default router, and the address of a name server.
The Bootstrap Protocol (BOOTP) is an obsolescent computer networking protocol used in Internet
Protocol networks to automatically assign an IP address to network devices from a configuration
server. The BOOTP protocol was originally defined in RFC 951.
When a computer that is connected to a network is powered up and boots its operating system, the
system software broadcasts BOOTP protocol messages onto the network to request an IP address
assignment. A BOOTP configuration server assigns an IP address based on the request from a pool
of addresses configured by an administrator.
BOOTP is implemented with the User Datagram Protocol (UDP) as transport protocol, and operates
on IPv4 networks only.
Historically, BOOTP has also been used for Unix-like diskless workstations to obtain the network
location of their boot image, in addition to the IP address assignment. Enterprises used it to roll out a
pre-configured client (e.g., Windows) installation to newly installed PCs.

19
Originally requiring the use of a boot floppy disk to establish the initial network connection,
manufacturers of network cards later embedded the protocol in the BIOS of the interface cards as well
as system boards with on-board network adapters, thus allowing direct network booting.
Although still available in many networks to support legacy equipment, BOOTP has been effectively
superseded by the Dynamic Host Configuration Protocol (DHCP), which is a more advanced protocol
for the same purpose. DHCP servers also provide the legacy BOOTP functionality.
Client and server on the same network

20
Client and server on two different networks
BOOTP packet format

21
Use of UDP ports
DHCP (Dynamic Host Configuration Protocol) :
The Dynamic Host Configuration Protocol (DHCP) is a standardized networking protocol used
on Internet Protocol (IP) networks for dynamically distributing network configuration parameters,
such as IP addresses for interfaces and services. With DHCP, computers request IP addresses
and networking parameters automatically from a DHCP server, reducing the need for a network
administrator or a user to configure these settings manually.
The Dynamic Host Configuration Protocol is used by computers for requesting Internet Protocol
parameters, such as an IP address from a network server. The protocol operates based on
the client-server model. DHCP is very common in all modern networks[1]
ranging in size from home
networks to large campus networks and regional Internet service provider networks. Most
residential network routers receive a globally unique IP address within the provider network.
Within a local network, DHCP assigns a local IP address to devices connected to the local
network.

22
When a computer or other networked device connects to a network, its DHCP client software in
the operating system sends a broadcast query requesting necessary information. Any DHCP
server on the network may service the request. The DHCP server manages a pool of IP addresses
and information about client configuration parameters such as default gateway, domain name,
the name servers, and time servers. On receiving a request, the server may respond with specific
information for each client, as previously configured by an administrator, or with a specific address
and any other information valid for the entire network, and the time period for which the allocation
(lease) is valid. A host typically queries for this information immediately after booting, and
periodically thereafter before the expiration of the information. When an assignment is refreshed
by the client computer, it initially requests the same parameter values, but may be assigned a
new address from the server, based on the assignment policies set by administrators.
On large networks that consist of multiple links, a single DHCP server may service the entire
network when aided by DHCP relay agents located on the interconnecting routers. Such agents
relay messages between DHCP clients and DHCP servers located on different subnets.
Depending on implementation, the DHCP server may have three methods of allocating IP-
addresses:
 dynamic allocation: A network administrator reserves a range of IP addresses for DHCP, and
each client computer on the LAN is configured to request an IP address from the
DHCP server during network initialization. The request-and-grant process uses a lease
concept with a controllable time period, allowing the DHCP server to reclaim (and then
reallocate) IP addresses that are not renewed.
 automatic allocation: The DHCP server permanently assigns an IP address to a requesting
client from the range defined by the administrator. This is like dynamic allocation, but the
DHCP server keeps a table of past IP address assignments, so that it can preferentially assign
to a client the same IP address that the client previously had.
 static allocation: The DHCP server allocates an IP address based on a preconfigured mapping
to each client's MAC address. This feature is variously called static DHCP assignment by DD-
WRT, fixed-address by the dhcpd documentation, address reservation by Netgear, DHCP
reservation or static DHCP by Cisco and Linksys, and IP address reservation or MAC/IP
address binding by various other router manufacturers.
DHCP is used for Internet Protocol version 4 (IPv4), as well as IPv6. While both versions serve
the same purpose, the details of the protocol for IPv4 and IPv6 are sufficiently different that they
may be considered separate protocols.[2]
For IPv6 operation, devices may alternatively
use stateless address autoconfiguration. IPv4 hosts may also use link-local addressing to achieve
operation restricted to the local network link.

23
DHCP packet

24
DHCP transition diagram
Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to
automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope)
configured for a given network.
DHCP assigns an IP address when a system is started, for example:
1. A user turns on a computer with a DHCP client.
2. The client computer sends a broadcast request (called a DISCOVER or DHCPDISCOVER),
looking for a DHCP server to answer.
3. The router directs the DISCOVER packet to the correct DHCP server.
4. The server receives the DISCOVER packet. Based on availability and usage policies set on
the server, the server determines an appropriate address (if any) to give to the client. The
server then temporarily reserves that address for the client and sends back to the client an
OFFER (or DHCPOFFER) packet, with that address information. The server also configures
the client's DNS servers, WINS servers, NTP servers, and sometimes other services as well.
5. The client sends a REQUEST (or DHCPREQUEST) packet, letting the server know that it
intends to use the address.

25
6. The server sends an ACK (or DHCPACK) packet, confirming that the client has a been given
a lease on the address for a server-specified period of time.
When a computer uses a static IP address, it means that the computer is manually configured to use
a specific IP address. One problem with static assignment, which can result from user error or
inattention to detail, occurs when two computers are configured with the same IP address. This creates
a conflict that results in loss of service. Using DHCP to dynamically assign IP addresses minimizes
these conflicts.
Diagram of a typical DHCP session
INTERNET CONTROL MESSAGE PROTOCOL (ICMP) :
The Internet Control Message Protocol (ICMP) is one of the main protocols of the Internet Protocol
Suite. It is used by network devices, like routers, to send error messages indicating, for example, that
a requested service is not available or that a host or router could not be reached. ICMP can also be
used to relay query messages.[1]
It is assigned protocol number 1.[2]
ICMP[3]
differs from transport
protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor
is it regularly employed by end-user network applications (with the exception of some diagnostic tools
like ping and trace route).
ICMP for Internet Protocol version 4 (IPv4) is also known as ICMPv4. IPv6 has a similar
protocol, ICMPv6.

26
The Internet Control Message Protocol is part of the Internet Protocol Suite, as defined in RFC
792. ICMP messages are typically used for diagnostic or control purposes or generated in
response to errors in IP operations (as specified in RFC 1122). ICMP errors are directed to the
source IP address of the originating packet.
For example, every device (such as an intermediate router) forwarding an IP datagram first
decrements the time to live (TTL) field in the IP header by one. If the resulting TTL is 0, the packet
is discarded and an ICMP Time To Live exceeded in transit message is sent to the datagram's
source address.
Although ICMP messages are contained within standard IP packets, ICMP messages are usually
processed as a special case, distinguished from normal IP processing, rather than processed as
a normal sub-protocol of IP. In many cases, it is necessary to inspect the contents of the ICMP
message and deliver the appropriate error message to the application that generated the original
IP packet, the one that sent the packet that prompted the sending of the ICMP message.
Many commonly used network utilities are based on ICMP messages. The trace route command
is implemented by transmitting IP datagrams with specially set IP TTL header fields, and looking
for ICMP Time to live exceeded in transit (above) and "Destination unreachable" messages
generated in response. The related ping utility is implemented using the ICMP "Echo request"
and "Echo reply" messages.
To give an idea of how ICMP can handle the sending and receiving of ICMP messages, we
present our version of an ICMP package made of two modules: an input module and an output
module.

27
General format of ICMP messages
Encapsulation for a complete ICMP packet (not showing the Ethernet preamble)
Position of ICMP in the network layer
ICMP encapsulation
ICMP messages are divided into two broad categories: error-reporting messages and query
messages. The error-reporting messages report problems that a router or a host (destination) may
encounter when it processes an IP packet. The query messages, which occur in pairs, help a host or
a network manager get specific information from a router or another host. Also, hosts can discover
and learn about routers on their network and routers can help a node redirect its messages.

28
ICMP always reports error messages to the original source.
Contents of data field for the error message
DOMAIN NAME SYSTEM (DNS) :
The Domain Name System (DNS) is a hierarchical distributed naming system for computers,
services, or any resource connected to the Internet or a private network. It associates various
information with domain names assigned to each of the participating entities. Most prominently, it
translates easily memorized domain names to the numerical IP addresses needed for the purpose
of locating computer services and devices worldwide. The Domain Name System is an essential
component of the functionality of the Internet.

29
An often-used analogy to explain the Domain Name System is that it serves as the phone book for
the Internet by translating human-friendly computer hostnames into IP addresses. For example,
the domain name www.example.com translates to the addresses 93.184.216.119 (IPv4) and
2606:2800:220:6d:26bf:1447:1097:aa7 (IPv6). Unlike a phone book, the DNS can be quickly
updated, allowing a service's location on the network to change without affecting the end users,
who continue to use the same host name. Users take advantage of this when they use
meaningful Uniform Resource Locators (URLs), and e-mail addresses without having to know
how the computer actually locates the services.
The Domain Name System distributes the responsibility of assigning domain names and mapping
those names to IP addresses by designating authoritative name servers for each domain.
Authoritative name servers are assigned to be responsible for their supported domains, and may
delegate authority over subdomains to other name servers. This mechanism provides distributed
and fault tolerant service and was designed to avoid the need for a single central database.

30

31

32
TRIVIAL FILE TRANSFER PROTOCOL (TFTP) :
Trivial File Transfer Protocol (TFTP) is a file transfer protocol notable for its simplicity. It is generally
used for automated transfer of configuration or boot files between machines in a local environment.
Compared to FTP, TFTP is extremely limited, providing no authentication, and is rarely used
interactively by a user.
Due to its simple design, TFTP can be implemented using a very small amount of memory. It is
therefore useful for booting computers such as routers which may not have anydata storage devices.
It is an element of the Preboot Execution Environment (PXE) network boot protocol, where it is
implemented in the firmware ROM / NVRAM of the host's network card.

33

34

35
TELNET :
Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional
interactive text-oriented communication facility using a virtual terminal connection. User data is
interspersed in-band with Telnet control information in an 8-bit byte oriented data connection over
the Transmission Control Protocol (TCP).
Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized
as Internet Engineering Task Force (IETF) Internet Standard STD 8, one of the first Internet standards.
Historically, Telnet provided access to a command-line interface (usually, of an operating system) on
a remote host. Most network equipment and operating systems with a TCP/IP stack support a Telnet
service for remote configuration (including systems based on Windows NT). However, because of
serious security issues when using Telnet over an open network such as the Internet, its use for this
purpose has waned significantly in favor of SSH.
The term telnet may also refer to the software that implements the client part of the protocol. Telnet
client applications are available for virtually all computer platforms. Telnet is also used as a verb. To
telnet means to establish a connection with the Telnet protocol, either with command line client or with
a programmatic interface. For example, a common directive might be: "To change your password,
telnet to the server, log in and run the passwd command." Most often, a user will be telnetting to a Unix-
like server system or a network device (such as a router) and obtaining a login prompt to a command
line text interface or a character-based full-screen manager.

36
When Telnet was initially developed in 1969, most users of networked computers were in the
computer departments of academic institutions, or at large private and government research
facilities. In this environment, security was not nearly as much a concern as it became after the
bandwidth explosion of the 1990s. The rise in the number of people with access to the Internet,
and by extension the number of people attempting to hack other people's servers, made
encrypted alternatives necessary.
Experts in computer security, such as SANS Institute, recommend that the use of Telnet for
remote logins should be discontinued under all normal circumstances, for the following reasons:
 Telnet, by default, does not encrypt any data sent over the connection (including passwords),
and so it is often practical to eavesdrop on the communications and use the password later
for malicious purposes; anybody who has access to a router, switch, hub or gateway located
on the network between the two hosts where Telnet is being used can intercept the packets
passing by and obtain login, password and whatever else is typed with a packet analyzer.
 Most implementations of Telnet have no authentication that would ensure communication is
carried out between the two desired hosts and not intercepted in the middle.
 Several vulnerabilities have been discovered over the years in commonly used
Telnet daemons.
These security-related shortcomings have seen the usage of the Telnet protocol drop rapidly[citation
needed]
, especially on the public Internet, in favor of the Secure Shell (SSH) protocol, first released

37
in 1995. SSH provides much of the functionality of telnet, with the addition of strong encryption to
prevent sensitive data such as passwords from being intercepted, and public key authentication,
to ensure that the remote computer is actually who it claims to be. As has happened with other
early Internet protocols, extensions to the Telnet protocol provide Transport Layer Security (TLS)
security and Simple Authentication and Security Layer (SASL) authentication that address the
above issues. However, most Telnet implementations do not support these extensions; and there
has been relatively little interest in implementing these as SSH is adequate for most purposes.
It is of note that there are a large number of industrial and scientific devices which have only
Telnet available as a communication option. Some are built with only a standard RS-232 port and
use a serial server hardware appliance to provide the translation between the TCP/Telnet data
and the RS-232 serial data. In such cases, SSH is not an option unless the interface appliance
can be configured for SSH.

Web technology and commerce unit 1

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (13)

Similar to Web technology and commerce unit 1

Similar to Web technology and commerce unit 1 (20)

Recently uploaded

Recently uploaded (20)

Web technology and commerce unit 1