1. Domain name System

DNS is a distributed database that converts host names to IP addresses. A distributed database means that each site keeps only its own portion of the data

Domain names have a hierarchical structure, from top to bottom: root domain name, top-level domain name, second-level domain name

DNS can be transmitted using UDP or TCP, and the port number is 53. In most cases, DNS uses UDP for transmission, which requires DNS and DNS servers to handle timeouts and retransmissions themselves to ensure reliability

  • TCP is used for transport in both cases
    • If the response exceeds 512 bytes (UDP supports up to 512 bytes of data only)
    • Zone transport (zone transport is the part of the master domain name that transfers changes to the secondary domain name server)

2. File transfer protocol

FTP uses TCP connections and requires two connections to transfer a file

  • Control connection: the server starts the connection. 21 The server waits for the connection to the client. After the client actively establishes the connection, the server uses the connection to transmit the command from the client to the server and returns the reply from the server
  • Data connection: Used to transfer a file’s data

FTP can be active or passive, depending on whether the data connection is actively established by the server

  • Active mode: The server actively establishes a data connection. The port number of the server is 20, and the port number of the client is random, but must be greater than 1024, because 0-1023 is a well-known port

  • Passive mode: The client establishes the data connection actively. The port number of the client is determined by the client and the port number of the server is random

  • The active mode requires that the client open the port number to the server and configure the firewall on the client
  • In passive mode, only the server port needs to be enabled, and no firewall needs to be configured on the client
  • Passive mode, however, leads to weaker security on the server side because too many port numbers are open

3. Dynamic host configuration protocol

The Dynamic Host Configuration Protocol (DHCP) provides a plug and play networking mode, which eliminates the need to manually configure IP addresses

The DHCP configuration includes not only IP addresses, but also subnet masks and gateway IP addresses

DHCP workflow:

  • The client sends a Discover packet whose destination address is 255.255.255.255:67 and source address is 0.0.0.0:68, which is added to UDP and broadcast to all hosts on the same subnet. If the client and DHCP server are not on the same subnet, a relay agent is required
  • After receiving the Discover message, the DHCP server sends an Offer message to the client, which contains the information required by the client. Because a client may receive information from multiple DHCP servers, the client needs to make a selection
  • If the client selects the information provided by a DHCP server, it sends a Request packet to the DHCP server
  • The DHCP server sends an ACK packet to indicate that the client can use the provided information

4. Remote login protocol

Telnet is used to log in to the remote host, and output from the remote host is returned

Telnet can accommodate many computer and operating system differences, such as the newline definition for different operating system systems

5. E-mail protocol

An e – mail system consists of three parts: user agent, mail server and mail protocol

Mail protocols include the sending protocol and the reading protocol. The sending protocol usually uses SMTP, and the reading protocol commonly uses POP3 and IMAP

5.1 SMTP

SMTP can only send ASCII code, while Internet Mail extended MIME can send binary files

MIME does not modify or replace STMP, but adds to the structure of the message body and defines non-ASCII encoding rules

5.2 the POP3

POP3 features deletion of messages as soon as the user reads them from the server

But the latest version of POP3 does not delete messages

5.3 the IMAP

The IMAP protocol keeps fashionable messages synchronized between the client and the server, and messages on the server are not deleted if they are not manually deleted

IMAP allows users to access mail on the server anytime, anywhere

6. Common ports

  • Domain name resolution:

    • Application layer protocol: DNS
    • Port number: 53
    • Transport layer protocol: TCP/UDP
    • Note: If the length is greater than 512, TCP is used

  • Dynamic Host Configuration protocol:

    • Application layer protocol: DHCP
    • Port number: 67/68
    • Transport layer protocol: UDP

  • Simple Network Management Protocol:

    • The application layer protocol is SNMP
    • Port number: 161/162
    • Transport layer protocol: UDP

  • File transfer protocol

    • The application layer protocol is FTP
    • Port number: 20/21
    • Transport layer protocol: TCP
    • Note: Control connection 21, data connection 20

  • Remote Terminal Protocol:

    • Application layer protocol: TELNET
    • Port number: 23
    • Transport layer protocol: TCP

  • Hypertext Transfer Protocol:

    • Application layer protocol: HTTP
    • Port number: 80
    • Transport layer protocol: TCP

  • Simple Mail Transfer protocol

    • Application layer protocol: SMTP
    • Port number: 25
    • Transport layer protocol: TCP

  • Mail read protocol

    • Application layer protocol: POP3
    • Port number: 110
    • Transport layer protocol: TCP

  • Internet message access protocol

    • Application protocol :IMAP
    • Port number: 143
    • Transport layer protocol: TCP