computer networks final
what is the 32 bit binary equivalent of IP address 223.1.3.27 (ch 4)
11011111 00000001 00000011 00011011
what is the purpose of a nonce in an end point authentication protocol (ch 8)
a nonce is a number used to identify if a sender is live and an end point protocol never uses a nonce more than once.
what is meant by the term "route aggregation"?(ch 4)
a router mechanism that generates a summary route from a set of child routes falling under a common parent prefix and advertises the single summary route in lieu of announcing all the child routes.
from a service perspective, what is an important difference between a symmetric-key sys and a public key sys (ch 8)
a symmetric key system uses a single secret key agreed on ahead of time by the sender and receiver to encrypt and decrypt data. A public key system uses a pair of keys one for encryption and one for decryption. the encryption key is public, only the receiver knows the decryption key.
internet entities (routers, switches, dns servers, etc) often need to communicate securely. give three example pairs of internet entities that may want a secure connection (ch 8)
clients and servers requiring secure information exchange, mail systems requiring secure mail exchange, e-commerce requiring secure payment transactions.
Describe the main role of the communication layer, the network wide state management layer, and the network control app layer in an SDN controller (ch 5)
communication layer: responsible for the transfer of info among SDN controller and controlled network devices. network wide state management layer: makes sure that the controller has up to date info. Network Control App layer: responsible for flow tables and provides notification when state changes occur.
what are the differences between message confidentiality and message integrity? (ch 8)
confidentiality is insuring that the message can't be understood by anyone other than the sender or receiver. Integrity is insuring that the message has not been altered.
compare and contrast link state and distance vector routing algorithms (ch 5)
in link state all link costs are input, computes least cost path from source to dest, shortest path using dijkstras algorithm. in distance vector input costs are associated with neighbors, bellman ford algorithm used.
What is the role of a SIP registrar? how is the role of an SIP registrar different from that of a home agent in mobile ip? (ch 9)
the role of the SIP is to track the records of the users and store them. The difference with SIP registrar versus home agent is that the SIP does not provide a proxy or tunneling service.
suppose host A sends host B a tcp segment encapsulated in an ip datagram. when host B receives the datagram, how does the network layer in host B know it should pass the segment to tcp rather than udp or to some other upper-layer protocol (ch 4)
when a host sends a datagram or tcp segment the ip datagram consists of 8 bit field which indicates the ip datagram of the destination where to send info. if the field is 6 it is related to tcp. if 11 it is related to udp
suppose there are three routers between a source host and a dest host. ignoring fragmentation, an ip datagram sent from the source host to the destination host will travel over how many interfaces? how many forwarding tables will be indexed to move the datagram from the source to destination (ch 4)
will travel over eight interfaces (3 routers, 2 hosts, 3 forwarding tables)
it has been said that when ipv6 tunnels through ipv4 routers, ipv6 treats the ipv4 tunnels as link layer protocols. Do you agree? why or why not? (ch 4)
yes because the ipv6 message is encapsulated within an ipv4 message
will a BGP router always choose the loop-free route with the shortest ASpath length? (ch 5)
yes because when using AS-PATH the routes to the BGP router are always loop free.
suppose 2 nodes start to transmit at the same time a packet of length L over a broadcast channel at rate R. denote the propagation delay between the 2 nodes as drop. will there be a collision is drop<L/R why or why not? (ch 6)
yes there will be a collision
summarize 2 FEC schemes (ch 9)
1. First Forward Error Correction: redundant info and original info is sent 2. Second Forward Error Correction: Bit rate audio is sent as redundant information
List 3 disadvantages of udp streaming: (ch 9)
1. bandwidth is unpredictable so udp streaming fails to transmit at a constant rate or provide continuous playout. 2. no tracking and processing with udp. 3. many firewalls don't allow udp traffic.
four security service model requirements (ch 8)
1. confidentiality: sender and receiver only ones who can understand message. 2: integrity: message is received unaltered. 3: availability: access to message. 4: authentication: guaranteed from sender.
What is the difference between end-to-end delay and packet jitter? (ch 9)
1. end-to-end delay: time taken for a packet to go from source to destination. 2. packet jitter: is a variation of end-to-end, and is a variation in packet delay caused by queuing contention effects.
describe 2 types of open flow messages sent from controller to controlled device (ch 5)
1. modified state messages: set up there properties of a switch port. 2. Real state messages: used to collect statistics
four different types of ICMP messages (Internet Protocol Message Control) (ch 5)
1. source quench message. 2.echo reply message. 3. TTL (time to live). 4.port unreachable message
3 main features of streaming stored audio (ch 9)
1. streaming 2. interactivity(pausing, ff, rw, etc) 3. continuous layout (client must receive data from server in time)
multimedia apps can be classified into 3 categories. name and describe each(ch 9)
1. streaming stored video or audio where prerecorded audio and video is placed on a server. 2. conversational voice/ video over ip where users can have a real time conversation over the internet. 3. streaming live audio or video where the user receives live audio or video streaming online.
List and discribe the three types of switching fabrics. which if any can send multiple packets across the fabric in parallel (ch 4)
1. switching via memory 2. switching via bus 3. switching via an inter connection network
streaming video systems can be classified into 3 categories, what are they (ch 9)
1. udp streaming: video is transmitted by the server at a rate in which client plays video. 2. http streaming: video is stored on a server as a file with an url and a tcp connection is established. 3. adaptive http streaming: streamed based on the client's bandwidth specifications
stateful packet filters maintain 2 data structures. Name them and briefly describe what they do(ch 8)
1: connection table that is used to trace info regarding an ongoing tcp connection 2: access control list that helps in allowing or rejecting a packet through a firewall
describe the purpose of 2 types of OpenFlow messages sent from a control device to a controller. (ch 5)
1: flow removed: messages are used to inform controller about something that has been removed from a flow table. 2: Port status messages: used to report port status change.
what is the maximum number of VLANS that can be configured on a switch supporting 802.1Q protocol? Why? (ch 6)
4096. is the max number because the lan id is 12 bits and 2^12 is 4096
what are the fields of the ethernet structure (ch 6)
Data Filed, Destination, Source, type, Cycle Redundancy Check, Preamble
suppose nodes A, B, and C can attach to the same broadcast LAN. I A sends thousands of IP datagrams to B with each encapsulating frame addressed to the MAC address of B, will C's adapter process these frames? if so, will Cs adapter pass the ip datagrams in these frames to network layer C? how would your answers change if A sends frames with MAC broadcast address? (ch 6)
Every node connected to the lan will process the message and send it to the protocol stack, including C. It would be the same for A
compare and contrast the properties of a centralized and distributed routing algorithm. (ch 5)
For a centralized approach of finding the least cost path, it is done between the source and dest. with complete knowledge of the global network. decentralized is done by the routers in a more local manner. Starting knowledge for decent. only neighbors are known, while centralized allows all nodes and costs to be taken as input.
What is the purposes of the SNMP GetRequest and SetRequest messages (ch 5)
GetRequests are sent to request or get value of one or more MIB objects. SetRequests are sent to set value of one or more MIB objects
What is HOL blocking? Does it occur in input or output ports?(ch 4)
Head of the Line Blocking and it is when two packets are destined for same position in output queue . the packet at head of line blocks second packet. Generally occurs in input ports.
Is it necessary that every autonomous system use the same intra-AS routing algorithm? why or why not? (ch 5)
It is not necessary because each system has an administrative control for routing within it. Gateway routers are responsible for forwarding packets outside of AS
how big is the MAC address space? the ipv4 address space? the ipv6 address space? (ch 6)
Mac is 48 bits, 2^48 address space. ipv4 is 32 bits, 2^32 address space. ipv6 is 128 bits, 2^128 address space.
Define the following terms in context of snap: managing server, managed device, network management agent, MIB (ch 5)
Managing server is an app that focuses on network management. Manage device is the equipment and sw included on a managed network. network management agent is a process running on a managed device that takes local decisions
there are 2 types of redundancy in video. Describe them and discuss how they can be exploited for efficient compression (ch 9)
Spatial redundancy occurs within an image and most of the pixels have redundant values. temporal redundancy occurs in the subsequent frames or images.
what is meant by a control plane that is based on per-router control? (ch5)
The control plane is how data is routed long distances from a source to a destination.
in the case of sin name three fields that can be matched and three actions that can be taken (ch 4)
The fields matched are the source ip, dest ip, tcp source and dest ports. If a match is found the attached actions are executed.
What is meant by the control plane that is based on logically centralized control? In such cases are the data plane and the control plane implemented within the same device or in separate devices? Explain. (ch 5)
The forwarding tables are computed and distributed by being logically controlled in each and every router. The data and control plane can either be implemented on the same device, or separate devices.
what 2 types of ICMP messages are received at the sending host executing the Tracerout (ch 5)
Time to Live and port unreachable
Suppose Alice has a message that she is ready to send to anyone who asks. Thousands of people want to obtain Alice's message, but each wants to be sure of the integrity do you think a Mac based or digital signature based integrity scheme is more suitable. why?(ch 8)
a digital signature is better because it is verifiable and non forgable
why is a packet that is received after it's scheduled play-out time considered lost? (ch 9)
all packets will have a fixed threshold in order for the packets to be accepted and played out. For the packet to be played it should arrive in a fixed threshold, and if it arrives after it can't be played. if they arrive after they are discarded and lost.
why would token ring protocol be inefficient if a lan had a very large perimeter? (ch 6)
because it sends a frame only when it receives a token, if L/R is small in comparison to prop, token ring protocol becomes inefficient.
why is an arp response sent within a Frame with a specific destination Mac address? (ch 6)
because the node that sends the ARP response knows the MAC of the source node.
what is the service model of the internets network layer?(ch 4)
best effort delivery service, and doesn't guarantee end to end delivery of packets. Does not guarantee orderly delivery
in what ways does a hash provide better message integrity check than a checksum (ch 8)
both techniques take an input and compute a fixed size string, but hash functions make it highly improbable to have two messages which have the same hash value, and if anything happens to the integrity of a file the hash value will change.
describe how loops in paths can be detected by bgp (ch 5)
by using AS-PATH and NEXT-HOP
name three header fields with an ip datagram that can be matched in open flow 1.0 generalized forwarding. what are 3 ip datagram header fields that can't be matched (ch6)
can be matched: 1. ip source, 2. ip dest, 3. ip protocol field. can't be matched: 1. version number, 2. TTL field, 3. datagram length
Give an example of a routing protocol that takes a centralized and decentralized approach. (ch 5)
centralized: Open Shortest Path First (OSPF)-complete map constructed by each distributed: border gateway protocol (BGP) now maintains cost estimates
what are the causes of packet jitter? (ch 9)
congestion at routers in network, low bandwidth links, changes in the traveling path of the packet.
what is the name of the network layer packet(ch 4)
data gram
If all the links in the internet were to provide reliable delivery service, would tcp be redundant?(ch 6)
data will reach a destination without errors when each link in the internet provides reliable service but the order may differ. Different datagrams may choose different routes.
Network Layer service model (ch 4)
defines characteristics of end-to-end transport of packets between sending and receiving hosts
Routing Information Protocol is an example of what routing algorithm (ch 5)
distance vector
what is the "count to infinity" problem in distance vector routing (ch 5)
due to routing loops and occurs when a line breaks in the network and the news of the break is not updated which results in an infinity loop calculation of the shortest path.
in what way does the public key encrypted hash provide a better digital signature than the public-key encrypted message?(ch 8)
encryption of a message takes a lot of time and takes longer to verify.
do routers have ip addresses? if so, how many? (ch 4)
every router has an IP address for each interface.
what are some of the possible services that the link layer protocol can offer to the network layer? which of these link layer services have corresponding services in ip? in tcp? (ch 6)
farming: link layer encapsulates it datagram received from the network layer. link access: data is delivered across the link without any errors. error detection and correction. framing, link access and error detection correspond to ip. framing, link access, reliable delivery, and error detection correspond to tcp.
why are different inter AS and intra AS protocols used in the internet (ch 5)
for scalability over a large amount of networks and for performance reasons
most common SDN actions (ch 4)
forwarding a packet, modifying the packet header, and dropping the packet.
role of forwarding table within the router(ch 4)
forwarding table has headers and corresponding outgoing link interfaces. the forwarding table helps router in deciding to which outgoing link the packet is to be forwarded.
name of link layer packet (ch 4)
frame
in CSMA/CD, after the fifth collision, what is the probability that a node chooses K=4? the result K=4 corresponds to a delay of how many seconds on a 10 Mbps ethernet? (ch 6)
if five collisions have been experienced, a node chooses value at random from {0, 1, 2, ..., 2^5-1} which is what the k value is chosen from. sample size is 0-2^5-1 which is 32. the probability is 1/32. the amount of time a node waits is k*512*bitimes. bit times= 0.1microseconds. 4*512*0.1
what is meant by destination based forwarding? how does this differ from generalized forwarding? Which of the two approaches are adopted by sdn?(ch 4 )
in destination based forwarding, an input packet arriving consists of destination address where the packet has to reach. destination based forwarding routers don't decide destination path, only provide path of destination in header. SDN adopts generalized forwarding
how does generalized forwarding differ from destination based forwarding? (ch 4)
in destination based forwarding, the destination is taken into account, a route is established based on the destination. in generalized forwarding the decision is based on matched actions and the controller specifies a route, and not based on the destination address
Describe polling and token-passing protocols using the analogy of cocktail party interactions (ch 6)
in polling protocol, one node is the master node and polls each of the nodes in round-robin fashion. each node is polled in a cyclic manner. in token passing protocol there is no master node. there is a special token frame and a token is exchanged among all nodes in a fixed order.
routers have input ports, output ports, switching fabric and routing processor, data plane, control plane. which are implemented in HW and which in SW, why? (ch 4)
input ports : HW, switching fabric : HW, Output ports: HW, routing processor: SW, data plane : HW, control plane: SW
visit a host that uses DHCP to obtain its IP address, network mask, default router, and ip of local DNS server. list values (ch 4)
ip: 192.168.1.17 mask: 255.255.255.0 default router: 192.168.1.254 local dns server: 192.168.1.2
compare and contrast ipv4 and ipv6 (ch 4)
ipv4 has many fields, ipv6 has a few. header size of ipv4 is not fixed, ipv6 has a fixed 40 byte header. ipv4 has 16 bit length of datagram, ipv6 has 20 bit length. the source address in ipv4 is 32bit field, it is 128 bit in ipv6.
what is the purpose of the service abstraction layer in open daylight controller (ch 5)
it helps in invoking the controller components and applications and also to subscribe the generated events.
what is a private network address? should a datagram with a private network address be present in the larger public internet? explain. (ch 4)
it is an address assigned privately by an ISP and is not present in the larger public ip because there a router separates the private network from public. a message from the outside can get in but not vice versa
what is meant by "match plus action" operation of a router or switch? (ch 4)
matching header fields of incoming packet and taking action according to the result
RTSP (ch 9)
multimedia protocol used for initiating and directing the delivery of streaming multimedia from media servers.
can you decrypt a hash message to get the original message? (ch 8)
no because a hash is a one way function.
consider a transport layer segment encapsulated in an ip datagram. Are checksums in segment and datagram header computed over any common bytes in the ip datagram? (ch 4)
no common bytes are used, the ip header is used to compute the checksum at the network layer.
what characteristics does token ring protocol have (ch 6)
only the computer who has the token can talk
Describe how packet loss can occur at output ports. Can this loss be prevented by increasing the switch fabric speed? (ch 4)
packet loss can occur when queue of output port becomes too large. Loss can be reduced by increasing speed of switching fabric
Describe how packet loss can occur in input ports, how packet loss at inport ports can be eliminated without using infinite buffers(ch 4)
packet loss can occur when the size of the queue becomes large. slow speed of switching fabric will result in the increase of the queue, or slow switching fabric. It can be eliminated by increasing the fabric speed at least by n times faster than the input line speed. Variable n indicates number of input ports
give an example showing why a network operator might want one class of packets to be given priority over another class of packets?(ch 4)
packets contain different kinds of info depending on info that is being carried and are in a high or low priority class. some may contain a video, others may be a text message. Multimedia must reach a destination with shorter delays so they should have higher priority.
RTCP (ch 9)
part of RTP and helps with lip synchronization and QOS management, among other things.
differences between passive and active attacks (ch 8)
passive attacks are when someone is monitoring information or traffic and is not taking action, it is difficult to detect and easy to prevent. active attacks require that something has been done (ex: phishing) and are easy to detect but hard to prevent.
what is meant by a "plug-and play" or "zeroconf" protocol (ch 4)
plug and play is a configuration of a host to a network. automatic configuration is zeroconf
define prefix (ch 5)
portion of a network address and generalizes the notion of subnet addressing
suppose that bob receives a PGP message from alice. how does bob know for sure that alice created the message? does PGP use a MAC for message integrity? (ch 8)
pretty good privacy (PGP): email encryption with a digitally signed message. if bob can successfully decrypt the signature using Alice's public key and has the digital signature of alice then he knows it was created by her. MAC is not used for message integrity.
what are the main functions of the control plane (ch 4)
responsible for establishing connection info. and connects different clients by exchanging their routing and forwarding info.
What is an essential difference between RR and WFQ packet scheduling? is there a case where RR and WFW will behave the same? (ch 4)
round robin scheduling algorithm classifies packets into classes and rotates the scheduler, avoiding starvation of packets. all packets get equal priority. in WFQ each class is assigned a certain weight which is like a priority. When WRQ's classes are assigned equal weights, it is similar to RR.
what is the difference between routers and link layer switches(ch 4)
routers transfer data between lan and wan networks while switches usually only transfer between same layer. Routers have tables, switches have info on Mac addresses. Routers used to transfer packets to different networks, switches transfer data packets within same network
key differences between forwarding function and routing function (ch 4)
routing finds best path from source to destination, while forwarding is actually transferring data from source to dest. Routing creates routing table while forwarding uses routing table.
Suppose you want to implement a new routing protocol in the SDN control plane. At which layer would you implement your protocol? (ch 5)
routing would occur in the management layer because it is the layer that interacts with SNMP, SSH, Telnet, and FTP
describe how a network admin of an upper-tier ISP can implement policy when configuring BGP (ch 5)
say your upper tier consists of A,B, and C. B doesn't carry traffic between A and C. A and C has B as their BGP peers. B doesn't advertise to routes of A passing through C, and doesn't advertise routes of C passing through A
name of transport layer packet (ch 4)
segment
What is the purpose of an SNMP trap message (ch 5)
sent to managers from agent and are in response to an event that occurred.
OSPF contains what kind of information (ch 5)
shortest paths of entire network
suppose an app generates chunks of 40 bytes of data every 20 ms, and each chunk gets encapsulated in a tcp segment and then an ip datagram. what % of each datagram will be overhead and what % will be app data (ch 4)
size of chunks= 40 bytes, time to make chunk= 20 ms= 0.02 s tcp header= 20 bytes ip header=20 bytes total header= 40bytes total segment = 40+40=80 bytes overhead= 50% app data = 50%
what characteristics does slotted aloha have? (ch 6)
slotted aloha always has a node to transmit continuously at time full rate. throughput = R/M bps, and average transmission rate = R/M over an interval of time. decentralized
define subnet (ch 5)
sub portion of a larger network and doesn't contain a router. logical subdivision of an ip network done by subnetting.
suppose you purchase a wireless router and connect it to your cable modem, and your ISP dynamically assigns your connected device (the router) 1 IP address. you have 5 pcs using 802.11 to wirelessly connect to the router. how are ip addresses assigned to the pcs, and why or why not does you wireless router us NAT? (ch 4)
the DHCP server assigns the IP addresses automatically. the wireless router uses NAT to obtain one IP address from the ISP
compare the frame structures for 10BASE-T, 100BASE-T, and gigabit ethernet. how do they differ? (ch 6)
the frame structures of all three are identical and use the same standard ethernet frame structure. they differ however in their transmission speed.
Suppose that an intruder has an encrypted message as well as a decrypted version of the message. can the intruder mount a ciphertext only attack, a known plaintext attack or a chosen plaintext attack (ch 8)
the intruder can do a known plain text attack because the intruder knows some of the plaintext and it's corresponding decrypted pairings
define BGP route (ch 5)
the messages along with tcp connection sent over a BGP session link
What types of messages flow across an SDN controller's northbound and southbound APIS? who is the recipient of messages sent from the south?who is the recipient of messages sent from the north? (ch 5)
the messages that flow across the north and southbound apis help in the writing of flow tables. controlled devices are the recipients of messages sent from the controller. Network control apps send messages northbound to controller
how does bgp next-hop serve as an as-path attribute (ch 5)
the next hop is the router interface that initiates the as-path, and provides critical link in inter and intra as routing.
Suppose that an arriving packet matches two or more entries in a router's forwarding table. with traditional dest-based forwarding, what rule does a router apply to determine which rules should be applied to determine output port to which the arriving packet should be switched.(ch 4)
the output port is decided by applying longest prefix match rule. longest prefix rule is where dest ip and matching address are converted to binary format and entry with longest subnet mask matching dest address is considered a match.
discuss why each input port in a high speed router stores a shadow copy of the forwarding table(ch 4)
the shadow copy helps in making forwarding decisions of packets locally at each input port. help to increase routing speed
WHY IS AN ARP QUERY sent within a broadcast frame? (ch 6)
the source node will send an ARP query as a broadcast across the lan to know the Mac address of the destination node. If the ip matches then a response is sent with the Mac.
what is meant by an area in an OSPF autonomous system? why was the concept of an area introduced? (ch 5)
the system divides its hierarchy into area consisting of routers that help in broadcasting link state to other routers in the area. It is responsible for routing traffic between other areas of the system.
what field in the ip header can be used to ensure that a packet is forwarded through no more than N routers (ch 4)
the time to live field indicates how long a packet can survive. It is decremented by 1 at each router until it is 0. if initially set to size N, then it will not allow a packet to go further than N.
when large datagram is fragmented into multiple smaller datagrams where are these smaller datagrams reassembled into a single larger datagram? (ch 4)
they are fragmented at the router and reassembled at the destination.
How are different RTP streams in different sessions identified by a receiver? How are different streams from within the same session identified? (ch 9)
they are identified using their different multicast addresses. Different streams from within the same session are identified by their source description packet in the SSRC.
with http streaming, are the TCP receive buffer and clients application buffer the same thing? if not, how do they interact? (ch 9)
they are not the same. in http streaming the video is stored on a server as a file and is given a url. when a user wants the video, the client est. a tcp connection with the server and sends a get request. the server sends the video file as a response. the video frames are buffered at the client side in the tcp receive buffer. the frames are then stored in the application buffer. the application then takes the frames and plays them.
Why must an application gateway work in conjunction with a router filter to be effective? (ch 8)
this provides a higher level of security. Packet filters can only check the content of ip, tcp, and udp headers. Application gateways provide application level security.
RTP (ch 9)
transport protocol for the delivery of realtime data including streaming audio and video.
multimedia service model (ch 9)
uninterrupted. fast approaching real time, without error, controllable continuous play.
what guarantees are made by the internet's service model regarding host-to-host delivery of datagrams
unspecified bitrate and bandwidth. can support many real time apps. if network traffic is low, the transfer rate is fast
what are the main functions of the data plane (ch 4)
used in a network to forward packets between different clients of a network.
what does it mean for a signed document to be verifiable and non-forgeable (ch 8)
verifiable is when it must be possible to prove that a document is signed by a particular user, non-forgeable is when it is possible to prove that only a particular user could have signed the document.
