Networking fundamentals tutorial – Application layer and it’s protocols

This post will be focused on explaining the role of the Application layer in the communication process. We will also talk about some of the main applications and processes that run on this layer. As we talked in the previous post, Application layer is the 7’th layer in the OSI stack followed by Presentation and Session layers:
Application layer


 In the TCP/IP model, the Application layer incorporates the last three upper layers of the OSI suite.
Application layer is responsible for maintaining the interface between the user and the lower network layers. The Presentation layer in the OSI model is used for coding,conversion, compression and decompression at the source and destination. The Session layer is responsible for the exchange of messages between applications at source and destination. In most applications these three layers are incorporated. There are many protocols that run under the application layer but among the well known are:
– The HTTP (Hypertext Transfer Protocol) protocol – this protocol is used for browsing Web pages over the Internet. Uses port 80
FTP (File Transfer Protocol) protocol – used for file transfer. Uses the port 20 and 21
DNS (Domain Name System) protocol – this protocol is used to translate names into IP addresses. Uses port 53
SMTP (Simple Mail Transfer Protocol) – this is used by the email service. Uses port 25
DHCP (Dynamic Host Control Protocol) – used to assign dynamic configuration for the elements used in communications (Ip address, Mask, Gateway and DNS servers). Uses port 67 and 68
– Telnet protocol – protocol used for remote connections between devices – Uses port 25We will talk more about ports when we will talk about Transport layer, for now you’ll have to know that ports are used so that devices. Under the Application layer several processes run. I will give you an example. When you’re opening notepad, behind the user interface a new process is created. For notepad an application process is created this kind of processes are generally started by the user intervention. There are also other processes running at the same time that belong to the operating system, one example is the svchost.exe or the Host Process for Windows Services that is used to provide several services for the OS. Another one is WmiPrvSE.exe or the WMI Provider Host. You can view the processes by opening Task Manager and looking at the Processes tab. You will also find processes that are created by the System, one example would be the Sytem Idle Processes ( Percentage of time the processor is idle)
The Client-Server model is used in the Application layer to describe how data is transmitted over the network. The Client is the entity that requests a file from the server and the server is the one that responds with the corresponding file. You can read more about the Client-Server model here on wikipedia: Traffic flows in both directions, from client to server which is also called an upload and reverse which is called download. Based of this principle when you’re requesting a web page from a remote server you are actually making an upload and the server responds with a download. In the following image this mechanism is displayed:
Client Server model
Another model that we can talk about is the peer-to-peer model or p2p. In this model every host on a network can act as a server or a host. This model is used for sharing resources over a network. You can read more about p2p on wikipedia :
Now let’s talk a little about some of the well known protocols used by the Application layer:
HTTP (Hypertext Transfer Protocol) protocol – this protocol is used to retrieve webpages from the Internet. Suppose you want to access a page for example by typing this URL on your browser. By sending a request over the Internet with the port 80, devices know that this is a HTTP request. DNS servers are queried for the desired record and when the record is found it is given to the user. Watch our IIS tutorial to learn more about web hosting. When a website is created a so called binding is made on that page so the DNS servers to know how that website can be reached.
FTP (File Transfer Protocol) protocol – this protocol is used to make possible transfer of files between a server and a host. The client is a host that runs a ftp application an a server is the one that runs a ftp service
DNS or Domain Name System ( is used for translating web pages names into their IP addresses. For humans is easier to remember the name of a page than their IP address. For example if you’re trying to access a good search engine like it is easier to type in the browser than then ip address . You can try to type the IP, the result will be the same thing. What happens is that your host queries the DNS server and the DNS server gives your desired record. DNS is a global hierarchy of servers that contain records that match names with ip addresses. The image from below will let you understand how DNS works:
DNS hierarchy
First the local DNS server is queried if the server has a record of the desired page then it will give the record, if not then the local DNS server will make a query to the top level domains for example .ro .com .org  .net and they will know where is the record for the desired page. The root DNS servers keep records of how to reach the top level domain records. A server that has a record for a given record it’s called an authoritative server. In windows you can query a DNS server for the desired record by using the nslookup command for example nslookup to display it’s records.
SMTP (Simple Mail Transfer Protocol) – it is the most common protocol used for mail transfer over IP. When talking of SMTP you’ll have to know some term used:
MUA – Mail User Agent – is an application that runs on a host computer and it’s used by the user to send/receive mail. An example is Outlook or Lotus Nodes
MTA – Mail Transfer Agent – is a service that runs on an email server used to forward emails to other servers
MDA – Mail Delivery Agent – service that runs on an email server and is used for final delivery of a email.
A server can be MTA and MDA at the same time
POP/POP3 – Post Office Protocol – used for receiving messages. Read more here :
SMTP is used by Servers or MDA to transfer messages between email servers and by hosts usually only to send emails. Read more about SMTP here :
The picture from below will help you understand the mechanism of SMTP:
User1 is trying to send two emails, one for user2 and one for user3. He is using his personal computer which is the MUA. The host uses SMTP to send the emails to the MX Server1. Because user2 is on the local network, the MX Server1 will also be a MDA and will send the email directly to user2’s laptop. Because user3 is on a remote location, the server will be also a MTA and will pass the email to the next server MX Server2 and so on. For sending and receiving between servers SMTP protocol is used. The mail arrives to MX Server5 and this server will send the email to user3’s computer. MX Server5 is the MDA for user3’s email.
DHCP (Dynamic Host Control Protocol) – this protocol is used by hosts to obtain automatic IP, mask,gateway and DNS servers from a server that runs the DHCP service. When a host is trying to connection to a network using dynamic configuration, he sends a DHCP Discover message to find out the available DHCP servers. The servers responds with a DHCP Offer message to the host. After the host receives the messages he must choose only one DHCP server and he sends a DHCP Request message. Finally when the host receives it’s configuration he sends a DHCP Acknowledge message.
That’s it for this post dear readers, there are many other used protocols but I’ve talked about the well known protocols. I hope you understood the basics of the Application layer. In the next post we will continue discovering the next layer in the TCP/IP stack.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s