We move on to the next topic:
1.3 Identify common applications and their impact on the network
When you work in networking, it’s important to have an understanding of how applications work and what are their characteristics. Is it sensitive to packet loss? Is it sensitive to jitter? What ports does it use? Let’s have a look at some of the common applications that you need to be aware of for the CCNA certification.
HTTP is the most important protocol on the Internet. The major part of all traffic from the Internet is HTTP. With sites like Facebook, Youtube, Netflix, this will not decrease in the future, rather web traffic will dominate even more. HTTP is normally run on TCP port 80 but it’s possible to run it on custom ports as well. Because HTTP runs over TCP, it is not very sensitive to packet loss and it does not have strict requirements for delay or jitter. However, people still don’t have a lot of patience for a web page loading and if there is a lot of packet loss, it may affect streaming services such as Netflix or services where downloading/uploading of files is done. From a QoS perspective, HTTP does not require any special treatment. HTTP is not a secure protocol since everything is sent in clear text. Applications based on HTTP such as Webex can require special treatment but general HTTP traffic does not.
HTTPs is a secure version of HTTP which encrypts the traffic with Transport Layer Security (TLS) or older implementations that use Secure Sockets Layer (SSL). HTTPs is used at online banks and shopping sites and any other sites that require higher security than what HTTP can provide. HTTPs is getting more and more of the traffic since it’s a more secure protocol and Content Delivery Networks (CDN) such as Cloudflare have helped in accelerating the use of HTTPs. HTTPs normally runs over port 443 and from a QoS standpoint, it behaves the same as HTTP.
DNS is one very important protocol because it resolves names to numbers and vice versa. Humans are better with remembering names than numbers, without DNS, the web as we know it today would not exist. DNS normally runs on UDP port 53 but there are exceptions when TCP can be used as well, such as when large queries are sent or when zone transfers are done. Answers to DNS queries could only be a maximum of 512 bytes previously but extensions to the protocol have raised this limit to 4096 bytes. DNS does not have any specific requirements regarding delay, jitter or packet loss. DNS is a very important service though so a poorly performing DNS architecture will affect everything else.
Telnet is a protocol used to connect to and manage servers, networking devices and much more. It runs over TCP port 23 and is not a secure protocol. This means that passwords are sent in clear text which can be a large risk, someone could snoop the password and get access to devices they should not have. Telnet is very light weight and does not have any specific requirements regarding delay, jitter or packet loss.
SSH is the more secure protocol used to access and manage devices. SSH is an encrypted protocol which means passwords are not sent in clear text. Always use SSH instead of Telnet if at all possible! SSH runs over TCP port 22 but it’s possible to define a custom port as well. SSH does not have any specific requirements for QoS.
FTP is a protocol used to transfer files and has been around for a very long time. It is not a secure protocol. FTP runs on TCP port 21 for the control connection but uses a data channel on port 20 for the actual transfer of data. FTP can also run in passive mode. FTP does not have special requirements for QoS and is generally placed in a bulk class together with e-mail, backup traffic and similar.
There are different versions of e-mail and they run on different ports. Post Office Protocol 3 (POP3) normally runs on TCP/110 for non secure transfer and 995 for secure transfer. POP3 downloads mails from the server which is often not desirable. Internet Message Access Protocol (IMAP) normally runs on TCP/143 for non secure transfer and 993 for secure transfer. IMAP is more common than POP3 these days. Simple Mail Transfer Protocol (SMTP) normally runs on TCP/25 for non secure transfers and 465 for secure transfers. Many ISPs block port 25 towards end users because of the large amount of spam that originates from hacked computers. E-mail does not have special requirements regarding QoS and is considered to be bulk traffic.
Voice over IP (VoIP) is a protocol used to transfer audio over IP with the use of a special phone or a soft phone. VoIP is very sensitive to both delay, jitter and packet loss and requires preferential treatment. Voice traffic is normally marked with DSCP EF or CS5. The one-way requirements for voice are:
- Latency ≤ 150 ms
- Jitter ≤ 30 ms
- Loss ≤ 1%
VoIP normally requires 30-128 kbps of traffic. VoIP traffic should be put into a Low Latency Queue (LLQ).
Video is another application that requires special treatment. Compared to voice it normally uses more bandwidth and can tolerate a bit more delay and jitter but is very sensitive to packet loss. The one-way requirements for video are:
- Latency 200 – 400 ms
- Jitter ≤ 30 -50 ms
- Loss ≤ 0.1 – 1%
Video applications can use anywhere from around 384 kbps up to 20 Mbps for a HD stream.
While some applications like Telnet, SSH, DNS don’t really require preferential treatment, it could still be suitable to put them into a management class if they are critical to your network. It is quite common to have a management class with packets marked as CS6 or CS7 where only the most critical traffic gets put into. Remember, if you are trying to help a customer with troubleshooting and you can’t even access the device because SSH is not getting any bandwidth, then you will have a very long day…
This should give you a brief overview of what kind of applications you will find in a network and what their characteristics are. As always, good luck in your studies!