Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Back to Cookies!. 2 “Cookies” Invented by Netscape, included in Netscape version 0.9β (September, 1994) Patent applied for in 1995, granted 1998. Quote.

Published byCody Fowler Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Back to Cookies!. 2 “Cookies” Invented by Netscape, included in Netscape version 0.9β (September, 1994) Patent applied for in 1995, granted 1998. Quote."— Presentation transcript:

1 1 Back to Cookies!

2 2 “Cookies” Invented by Netscape, included in Netscape version 0.9β (September, 1994) Patent applied for in 1995, granted 1998. Quote from original Netscape publication: “The state object is called a cookie, for no compelling reason.” Formalized in RFC 2109, February, 1997, which has minor differences from the original Netscape proposal.

3 3 RFC 2109 HTTP State Management Mechanism 1.Abstract 2. Terminology

4 4 RFC 2109 HTTP State Management Mechanism - continued 2. TERMINOLOGY ► client – an application program that establishes connections for the purpose of sending requests (could be a proxy) ► user agent – the client that initiates a request, usually a browser. ► server ► proxy ► origin server – the server on which a given resource resides. ► fully-qualified domain name (FQDN)

5 5 2. TERMINOLOGY - continued ► request-host ► request-URI (Universal Resource Identifier) www.mylab.org/cgi-bin/sampleform request-host request-URI URL:

6 6 2. TERMINOLOGY - continued ► domain-match Host A’s name domain-matches host B’s if ► their names or IP addresses match exactly ► A is a FDQN string and has the form NB, where N is a non-empty string, B has the form. B and B is a FQDN Examples: ► www.amazon.com domain matches.amazon.com ► www.amazon.com does not domain-match amazon.com NB

7 7 RFC 2109 HTTP State Management Mechanism 1.Abstract 2. Terminology 3. State and Sessions

8 8 3. STATE AND SESSIONS Definition of session 1. Each session has a beginning and an end. 2. Each session is relatively short-lived. 3. Session is started by the origin server 4. Either the user-agent or the origin server may terminate a session 5. The session is implicit in the exchange of state information (there is no special message to start or stop a session). An HTTP session may contain several TCP sessions Informally: a session might include access to a catalog, selection of purchase items into a shopping cart, checkout, and acknowledgement of purchase.

9 9 RFC 2109 HTTP State Management Mechanism 1.Abstract 2. Terminology 3. State and Sessions 4. Outline 4.1 Syntax 4.2 Origin Server Role 4.3 User Agent Role

10 10 4. OUTLINE Origin server sends state information (cookie) to the user agent User agent returns state information to origin server. The goal is to have minimal impact on HTTP (i.e. an add-on to HTTP) Impact will be confined to Common Gateway Interface (CGI) programs. 4.1 Syntax: General Let’s learn it as we go along!

11 11 4.2 Origin Server Role 4.2.1 General The origin server (surprising!) initiates a session, if it so desires. To initiate a session, the origin server returns an extra response header to the client, Set-Cookie A user agent returns a Cookie request header to the origin server (if the user agent chooses to continue the session). User agents should send Cookie request headers (subject to other rules detailed below) with every request. Servers may return a Set-Cookie header with any response (not necessarily every response). The origin server may include multiple Set-Cookie headers in a response.

12 12 4. OUTLINE – continued 4.2.2 Set-Cookie Syntax At least one cookie Zero or more attribute-value pairs Netscape version had “expires” If “Version” missing, defaults to Netscape

13 13 Example: Wireshark trace of response to user keying in www.amazon.com (from Lab session 8) Hypertext Transfer Protocol HTTP/1.1 302\r\n Response Code: 302 Date: Fri, 08 Oct 2004 18:24:09 GMT\r\n Server: Stronghold/2.4.2 Apache/1.3.6 C2NetEU/2412 (Unix) amarewrite/0.1 mod_fastcgi/2.2.12\r\n Set-Cookie: session-id-time=1097827200; path=/; domain=.amazon.com; expires=Friday, 15-Oct-2004 08:00:00 GMT\r\n Set-Cookie: session-id=103-3915387-7090229; path=/; domain=.amazon.com; expires=Friday, 15-Oct-2004 08:00:00 GMT\r\n Location: http://www.amazon.com/exec/obidos/subst/home/home.html/103- 3915387-7090229\r\n Connection: close\r\n Transfer-Encoding: chunked\r\n Content-Type: text/html\r\n \r\n Netscape version “version” missing

14 14 4. OUTLINE - continued 4.3 User Agent Role 4.3.1 Interpreting the Set-Cookie The user agent keeps separate track of state information that arrives via Set-Cookie response headers from each origin server. The user agent applies these defaults for optional attributes that are missing: ► Version – defaults to “old cookie” behavior as originally specified by Netscape. ► Domain – defaults to the request-host. ► Max-Age – the default behavior is to discard the cookie when the user-agent exits. ► Path – defaults to the path of the request URL that generated the Set-Cookie response.

15 15 When the user agent sends a request to an origin server, the user agent includes a Cookie request header if it has applicable cookies, based on: ► the request-host (defined earlier) – Domain Selection AND ► the request URI (defined earlier) – Path Selection AND ► the cookie’s age – Max-Age selection www.mylab.org/cgi-bin/sampleform request-host request-URI 4. OUTLINE – continued 4.3 User Agent Role – continued 4.3.4 Sending Cookies to the Origin server

16 16 4. OUTLINE – continued 4.3.4 Sending Cookies to the Origin Server - continued Domain selection: The origin server’s FQDN must domain-match the domain attribute of the cookie

17 17 4. OUTLINE – continued 4.3.4 Sending Cookies to the Origin Server - continued Path Selection: The path attribute of the cookie must match a prefix of the request-URI

18 18 4. OUTLINE – continued 4.3.4 Sending Cookies to the Origin Server - continued Max-Age Selection: Cookies that have expired should have been discarded and not sent.

19 19 RFC 2109 HTTP State Management Mechanism 1.Abstract 2. Terminology 3. State and Sessions 4. Outline 4.1 Syntax 4.2 Origin Server Role 4.3 User Agent Role 5.Examples

20 20 Example: Wireshark trace of response to user keying in www.amazon.com (from Lab session 8) Hypertext Transfer Protocol HTTP/1.1 302\r\n Response Code: 302 Date: Fri, 08 Oct 2004 18:24:09 GMT\r\n Server: Stronghold/2.4.2 Apache/1.3.6 C2NetEU/2412 (Unix) amarewrite/0.1 mod_fastcgi/2.2.12\r\n Set-Cookie: session-id-time=1097827200; path=/; domain=.amazon.com; expires=Friday, 15-Oct-2004 08:00:00 GMT\r\n Set-Cookie: session-id=103-3915387-7090229; path=/; domain=.amazon.com; expires=Friday, 15-Oct-2004 08:00:00 GMT\r\n Location: http://www.amazon.com/exec/obidos/subst/home/home.html/103- 3915387-7090229\r\n Connection: close\r\n Transfer-Encoding: chunked\r\n Content-Type: text/html\r\n \r\n Netscape version “version” missing www.amazon.com domain-matches this

21 21 trace of next HTTP message client to server www.amazon.com (www.amazon.com domain-matches.amazon.com)www.amazon.com

22 22 Server sends “customer” form Server sends “merchandise” form Client returns “customer” cookie Consequence of clicking “submit” button User completes form and clicks “submit” Server starts HTTP session with Set-Cookie Form data

23 23 Server sends “shipping” form Client sends both cookies Server sends checkout form User selects “FedEX” and clicks “submit”

24 24 User could still abort purchase but chooses to proceed User clicks on “submit” button K Server sends order acknowledgement Client sends all three cookies Form data

25 25 There are 2 32 possible IPv4 addresses. When the predecessor of the Internet started in the 1970s it did not seem possible that this address space would ever be exhausted. No effort was made to allocate IP addresses carefully. In particular: ● The classful addressing system is wasteful (2 24 addresses to MIT) Background to Chapter 9 - Classless and Subnet Address Extensions (CIDR) and Chapter 31 – A Next-Generation IP ● Every physical network had to have a unique network prefix ● Network prefixes were not allocated geographically (example – 138.26.0.0 is UAB 138.25.0.0 is in Australia)

26 26 Comer: “In the early 1980s, as Ethernet gained popularity, it became apparent that the classful addressing scheme would have insufficient network addresses, especially class B prefixes.” 1985: Subnetting allowed organizations to share a single network prefix over multiple physical networks, which helped conserve the IPv4 address space (Comer, Chapter 9A). 1993: Shortage of IPv4 network addresses threatens, especially class B. Some geographical allocation of class-C addresses Supernetting/CIDR comes to the rescue, superseding “classfull” addressing (Comer, Chapter 9B). Present situation: ● The IPv4 address space is “really” near exhaustion ● Forwarding tables in the Internet backbone are very large (200,000 entries). 2010? Large-scale adoption of IPv6 (Comer Chapter 31).

27 27 Figure 4.1 Figure 9.3 Subnetting class B network Recall:

28 28 9.16 Classless Addressing and Supernetting Under the original “classful” addressing system IPv4 address space was becoming exhausted. The rigid class scheme made allocation of IP addresses inefficient. Subnet addressing (1987) helped, but problem remained. “Temporary” solution (1993) was to abandon classes completely and let the network prefix be any length. This is called classless IP addressing, or supernetting. We already had the ability to do this, in the address mask!

29 29 9.16 Classless Addressing and Supernetting - continued Example: Organization wants a class-B network address – none available. 256 class-C addresses would have the same total number of addresses. Problem with implementation of this: software on all external routers had to be modified. Problem: Outsiders would need 256 entries in their routing tables, instead of one (contrast subnetting, which is invisible to outsiders). Solution: Classless Inter-Domain Routing aggregates 256 contiguous class-C networks together by carrying along a netmask of 255.255.0.0 (“treat these 256 contiguous class-C networks like a class-B network”) The network address is never mentioned without also stating the netmask.

30 30 9.17 CIDR Address Blocks and Bit Masks The netmask 255.255.0.0 is just one example. The division between the network part and the host part of the IP address can be placed (almost) anywhere by an appropriate address mask. CIDR notation: State number of bits in network part. e.g. address mask 255.255.255.0 is CIDR /24

31 31 9.17 CIDR Address Blocks and Bit Masks – continued The revised forwarding algorithm remains unchanged, but is now used both internally and externally. Figure 9.7

32 32 9.17 CIDR Address Blocks and Bit Masks – continued CIDR allows allocation of different sizes of address blocks. It was introduced in the context of privatization of the Internet, which also introduced Internet Service Providers (ISPs). Using CIDR, large ISPs are allocated large address blocks, which they can then divide (using CIDR) into smaller blocks to allocate to their customers.

33 33 9.17 CIDR Address Blocks and Bit Masks – continued Example: Organization is assigned a block of 2048 addresses, based on 128.211.168.0 (notice ambiguous class – under classful system 128.211 is class-B 64K addresses) Block size is 2 11 addresses, which would have been 8 class C networks. Netmask for this block is 11111111 11111111 11111000 00000000 255. 255. 248. 0 CIDR /21 Refer to this allocation as 128.211.168.0 /21

34 34 9.17 CIDR Address Blocks and Bit Masks - continued Figure 9.9

35 35 9.18 Address Blocks and CIDR Notation Figure 9.10 Possible address masks: Class A Class B Class C /31 and /32 useless!

36 36 9.19 A Classless Addressing Example A large ISP has been allocated the entire class-B address 128.211.0.0 i.e. 128.211.0.0/16 Large ISP has allocated the address block shown previously to a smaller ISP, i.e. 128.211.168.0/21 So smaller ISP has available 128.211.168.0 128.211.169.0 128.211.170.0 128.211.171.0 128.211.172.0 128.211.173.0 128.211.174.0 128.211.175.0 128.211.10101000.00000000

37 37 9.19 A Classless Addressing Example - continued 128.211.168.0/21 Expands to: 3 rd octet 4 th octet 128.211.168.01010100000000000 128.211.169.010101 001 128.211.170.010101 010 128.211.171.010101011 128.211.172.010101100 128.211.173.010101101 128.211.174.010101110 128.211.175.010101111 128.211. 168.0/22 128.211. 172.0/23 /24

38 38 1024 addresses 128.211.168.0/22 512 addresses 128.211.172.0/23 256 addresses 128.211.174.0/24 256 addresses 128.211.175.0/24 The smaller ISP could further partition 128.211.175.0/24 Smaller ISP has been allocated 128.211.168.0/21 Can allocate partitions to customers:

39 39 9.19 A Classless Addressing Example - continued Figure 9.11 An ISP owning 128.211.0.0/16 might assign an individual needing only two IP addresses 128.211.176.212 /30 The two IP usable addresses are: 128.211.176.213 and 128.211.176.214

40 40 9.19 A Classless Addressing Example - continued Classless addressing, which is now used throughout the Internet, treats IP addresses as arbitrary integers, and allows a network administrator to partition addresses into contiguous blocks, where the number of addresses in a block is a power of 2.

41 41 9.21 Longest-Match and Mixtures of Route Types Consider the smaller ISP’s routers – entry router is R 0 From R 0 assume that all networks except 128.211.175.0 /24 are reached through router R 1 and 128.211.175.0 /24 is reached through R 2 3 rd octet4 th octet 128.211.168.01010100000000000 128.211.169.010101 001 128.211.170.010101 010 128.211.171.010101011 128.211.172.010101100 128.211.173.010101101 128.211.174.010101110 128.211.175.010101111

42 42 1024 addresses 128.211.168.0/22 512 addresses 128.211.172.0/23 256 addresses 128.211.174.0/24 256 addresses 128.211.175.0/24 9.19 A Classless Addressing Example – continued Smaller ISP has been allocated 128.211.168.0/21 R2

43 43 3 rd octet R0 table entry 128.211.168.010101000 128.211.169.010101 001 128.211.170.010101 010 128.211.171.010101011 128.211.172.010101100 128.211.173.010101101 128.211.174.010101110 9.21 Longest-Match and Mixtures of Route Types – continued 128.211.175.010101111 128.211.168.0/21 to R 1 128.211.175.0/24 to R 2 Nothing gets forwarded to R 2

44 44 9.21 Longest-Match and Mixtures of Route Types – continued Figure 9.14 All traffic will be sent to 10.0.0.2

45 45 9.21 Longest-Match and Mixtures of Route Types – continued Conclusion: We need another modification to the forwarding algorithm: Forward on basis of longest match in routing table Can help by putting the most specific routes first.

46 46 9.22 CIDR Blocks Reserved for Private Networks Figure 9.15

47 47 Please fill out the IDEA evaluation of this course! The Dean is after me!

Download ppt "1 Back to Cookies!. 2 “Cookies” Invented by Netscape, included in Netscape version 0.9β (September, 1994) Patent applied for in 1995, granted 1998. Quote."

Similar presentations

Chapter 5 IPv4 Addresses TCP/IP Protocol Suite

Chapter 5 IPv4 Addresses TCP/IP Protocol Suite
IP Addressing Introductory material.

IP Addressing Introductory material.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLSM and CIDR Routing Protocols and Concepts – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLSM and CIDR Routing Protocols and Concepts – Chapter 6.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 25 Introduction to Computer Networks.
IPv4 Addresses. Internet Protocol: Which version? There are currently two versions of the Internet Protocol in use for the Internet IPv4 (IP Version 4)

IPv4 Addresses. Internet Protocol: Which version? There are currently two versions of the Internet Protocol in use for the Internet IPv4 (IP Version 4)
Network Layer: Logical Addressing. 4-1 IPv4 ADDRESSES An IPv4 address is a 32-bit address that uniquely and universally defines the connection of a device.

Network Layer: Logical Addressing. 4-1 IPv4 ADDRESSES An IPv4 address is a 32-bit address that uniquely and universally defines the connection of a device.
CECS 474 Computer Network Interoperability Notes for Douglas E. Comer, Computer Networks and Internets (5 th Edition) Tracy Bradley Maples, Ph.D. Computer.

CECS 474 Computer Network Interoperability Notes for Douglas E. Comer, Computer Networks and Internets (5 th Edition) Tracy Bradley Maples, Ph.D. Computer.
Chapter 18. IP: Internet Protocol Addresses

Chapter 18. IP: Internet Protocol Addresses
© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets, 5e By Douglas E. Comer Lecture PowerPoints.

© 2009 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets, 5e By Douglas E. Comer Lecture PowerPoints.
1 IP: Internet Protocol Addresses. 2 Internet Protocol (IP) Only protocol at Layer 3 Fundamental in suite Defines –Internet addressing –Internet packet.

1 IP: Internet Protocol Addresses. 2 Internet Protocol (IP) Only protocol at Layer 3 Fundamental in suite Defines –Internet addressing –Internet packet.
TCP/IP Protocol Suite 1 Chapter 5 Objectives Upon completion you will be able to: IP Addresses: Classless Addressing Understand the concept of classless.

TCP/IP Protocol Suite 1 Chapter 5 Objectives Upon completion you will be able to: IP Addresses: Classless Addressing Understand the concept of classless.
COS 420 DAY 7. Agenda Assignment 2 posted Due Feb 13 (next class) Individual Projects Assigned Due March 20 & 23 Classless And Subnet Address Extensions.

COS 420 DAY 7. Agenda Assignment 2 posted Due Feb 13 (next class) Individual Projects Assigned Due March 20 & 23 Classless And Subnet Address Extensions.
Oct 28, 2004CS573: Network Protocols and Standards1 IP: Routing and Subnetting Network Protocols and Standards Autumn 2004-2005.

Oct 28, 2004CS573: Network Protocols and Standards1 IP: Routing and Subnetting Network Protocols and Standards Autumn
1 K. Salah Module 5.1: Internet Protocol TCP/IP Suite IP Addressing ARP RARP DHCP.

1 K. Salah Module 5.1: Internet Protocol TCP/IP Suite IP Addressing ARP RARP DHCP.
Oct 26, 2004CS573: Network Protocols and Standards1 IP: Routing and Subnetting Network Protocols and Standards Autumn 2004-2005.

Oct 26, 2004CS573: Network Protocols and Standards1 IP: Routing and Subnetting Network Protocols and Standards Autumn
CS 6401 Efficient Addressing Outline Addressing Subnetting Supernetting.

CS 6401 Efficient Addressing Outline Addressing Subnetting Supernetting.
Network Addressing Issues in 1994 94/err_con/crc.htm.

Network Addressing Issues in /err_con/crc.htm.
IP Addressing. Dotted Decimal Notation IP addresses are written in a so-called dotted decimal notation Each byte is identified by a decimal number in.

IP Addressing. Dotted Decimal Notation IP addresses are written in a so-called dotted decimal notation Each byte is identified by a decimal number in.
Subnet & Classless Address Extensions Linda Wu (CMPT 471 2003-3)

Subnet & Classless Address Extensions Linda Wu (CMPT )

Similar presentations

Ads by Google