IST 220 Exam 1

residential access nets, institutional access networks (school, company), mobile access networks (WiFi, 4G/5G)

How to connect end systems to edge router?

store-and-forward transmission

(means that the packet switch (router) must receive the entire packet before it can begin to transmit the first bit of the packet onto the outbound link.

network

- layer is responsible for moving network-layer packets known as datagrams from one host to another - includes ip protocol, defines fields in datagram as well as how end systems and routers act on the

peer-peer architecture (has client/server processes)

- no always on server - arbitrary end systems directly communicate - peers request service from other peers, provide service in return to other peers (self scalability: new peers bring new service capacity and demands) - peers are intermittently connected and change IP address -ex : P2P file sharing

- defined in RFCs, everyone has access to protocol definition HTTP, SMTP - skype zoom

- open protocols -proprietary protocols

Transport Layer Security (TLS)

- provides encrypted TCP connections - data integrity - end-point authentication

persistent http

- tcp connection opened to a server, multiple objects can be sent over single TCP connection btwn client and server, tcp connection closed

POST method

- web page often includes imput - user input sent from client to server in entity body of HTTP POST request message

non-persistent http

http connection type - tcp connection opened, at most one object sent over TCP, tcp connection closed

routers and link-layer switches

2 types of of packet switches; forward packets to ultimate destination

nodal processing, queueing delay, transmission delay, propagation delay

4 sources of packet delay - check bit errors, determine output link - time waiting at output link for transmission, depends on congestion level of router - L/R, packet length and link transmission rate - length of physical link and propagation speed d/s

Source port number y and destination port number x.

Consider a TCP connection between Host A and Host B. Suppose that the TCP segments traveling from Host A to Host B have source port number x and destination port number y. What are the source and destination port num- bers for the segments traveling from Host B to Host A?

Recall that in BitTorrent, a peer picks a random peer and optimistically unchokes the peer for a short period of time. Therefore, Alice will eventually be optimistically unchoked by one of her neighbors, during which time she will receive chunks from that neighbor.

Consider a new peer Alice that joins BitTorrent without possessing any chunks. Without any chunks, she cannot become a top-four uploader for any of the other peers, since she has nothing to upload. How then will Alice get her first chunk?

When the user first visits the site, the server creates a unique identification number, creates an entry in its back-end database, and returns this identification number as a cookie number. This cookie number is stored on the user's host and is managed by the browser. During each subsequent visit (and purchase), the browser sends the cookie number back to the site. Thus the site knows when this user (more precisely, this browser) is visiting the site.

Consider an e-commerce site that wants to keep a purchase record for each of its customers. Describe how this can be done with cookies.

Web caching can bring the desired content "closer" to the user, possibly to the same LAN to which the user's host is connected. Web caching can reduce the delay for all objects, even objects that are not cached, since caching reduces the traffic on links.

Describe how Web caching can reduce the delay in receiving a requested object. Will Web caching reduce the delay for all objects requested by a user or for only some of the objects? Why?

An application developer may not want its application to use TCP's congestion control, which can throttle the application's sending rate at times of congestion. Often, designers of IP telephony and IP videoconference applications choose to run their applications over UDP because they want to avoid TCP's congestion control. Also, some applications do not need the reliable data transfer provided by TCP.

Describe why an application developer might choose to run an application over UDP rather than TCP.

routing

network core function, global action: determine source-destination paths taken by packets; routing algorithms

- multimedia apps often do not use TCP ( do not want rate throttled by congestion control) - instead use UDP sending Audi/video at constant rate tolerate packet loss - no policing of use of congestion control

Fairness and UDP-

No. In a P2P file-sharing application, the peer that is receiving a file is typically the client and the peer that is sending the file is typically the server.

For a P2P file-sharing application, do you agree with the statement, "There is no notion of client and server sides of a communication session"? Why or why not?

The process which initiates the communication is the client; the process that waits to be contacted is the server.

For a communication session between a pair of processes, which process is the client and which is the server?

forwarding

network core function, switching, local action: move arriving packets from router's input links to appropriate router output link

It is not necessary that Bob will also provide chunks to Alice. Alice has to be in the top 4 neighbors of Bob for Bob to send out chunks to her; this might not occur even if Alice provides chunks to Bob throughout a 30-second interval.

In BitTorrent, suppose Alice provides chunks to Bob throughout a 30-second interval. Will Bob necessarily return the favor and provide chunks to Alice in this same interval? Why or why not?

hosts: clients and servers (servers often in data centers)

network edge

Sequence numbers are required for a receiver to find out whether an arriving packet contains new data or is a retransmission.

In our rdt protocols, why did we need to introduce sequence numbers?

To handle losses in the channel. If the ACK for a transmitted packet is not received within the duration of the timer for the packet, the packet (or its ACK or NACK) is assumed to have been lost. Hence, the packet is retransmitted

In our rdt protocols, why did we need to introduce timers?

Yes. The application developer can put reliable data transfer into the application layer protocol.

Is it possible for an application to enjoy reliable data transfer even when the application runs over UDP? If so, how?

The Web: HTTP; file transfer: FTP; remote login: Telnet; e-mail: SMTP; BitTorrent file sharing: BitTorrent protocol

List five nonproprietary Internet applications and the application-layer proto- cols that they use.

a) Reliable data transfer TCP provides a reliable byte-stream between client and server but UDP does not. b) A guarantee that a certain value for throughput will be maintained Neither c) A guarantee that data will be delivered within a specified amount of time Neither d) Confidentiality (via encryption) Neither

List the four broad classes of services that a transport protocol can provide. For each of the service classes, indicate if either UDP or TCP (or both) pro- vides such a service.

SSL operates at the application layer. The SSL socket takes unencrypted data from the application layer, encrypts it and then passes it to the TCP socket. If the application developer wants TCP to be enhanced with SSL, she has to include the SSL code in the application.

Recall that TCP can be enhanced with TLS to provide process-to-process security services, including encryption. Does TLS operate at the transport layer or the application layer? If the application developer wants TCP to be enhanced with TLS, what does the developer have to do

One such example is remote word processing, for example, with Google docs. However, because Google docs runs over the Internet (using TCP), timing guarantees are not provided.

Referring to Figure 2.4, we see that none of the applications listed in Figure 2.4 requires both no data loss and timing. Can you conceive of an application that requires no data loss and that is also highly time-sensitive?

The message is first sent from Alice's host to her mail server over HTTP. Alice's mail server then sends the message to Bob's mail server over SMTP. Bob then transfers the message from his mail server to his host over POP3.

Suppose Alice, with a Web-based e-mail account (such as Hotmail or Gmail), sends a message to Bob, who accesses his mail from his mail server using IMAP. Discuss how the message gets from Alice's host to Bob's host. Be sure to list the series of application-layer protocols that are used to move the message between the two hosts.

- Yes, both segments will be directed to the same socket. - For each received segment, at the socket interface, the operating system will provide the process with the IP addresses to determine the origins of the individual segments.

Suppose a process in Host C has a UDP socket with port number 6789. Suppose both Host A and Host B each send a UDP segment to Host C with destination port number 6789. Will both of these segments be directed to the same socket at Host C? If so, how will the process at Host C know that these two segments originated from two different hosts?

- For each persistent connection, the Web server creates a separate "connection socket". Each connection socket is identified with a four‐tuple: (source IP address, source port number, destination IP address, destination port number). When host C receives and IP datagram, it examines these four fields in the datagram/segment to determine to which socket it should pass the payload of the TCP segment. Thus, the requests from A and B pass through different sockets. - The identifier for both of these sockets has 80 for the destination port; however, the identifiers for these sockets have different values for source IP addresses.

Suppose that a Web server runs in Host C on port 80. Suppose this Web server uses persistent connections, and is currently receiving requests from two different Hosts, A and B. Are all of the requests being sent through the same socket at Host C? If they are being passed through different sockets, do both of the sockets have port 80? Discuss and explain.

A timer would still be necessary in the protocol rdt 3.0. If the round trip time is known then the only advantage will be that, the sender knows for sure that either the packet or the ACK (or NACK) for the packet has been lost, as compared to the real scenario, where the ACK (or NACK) might still be on the way to the sender, after the timer expires. However, to detect the loss, for each packet, a timer of constant duration will still be necessary at the sender.

Suppose that the roundtrip delay between sender and receiver is constant and known to the sender. Would a timer still be necessary in protocol rdt 3.0, assuming that packets can be lost? Explain.

You would use UDP. With UDP, the transaction can be completed in one roundtrip time (RTT) - the client sends the transaction request into a UDP socket, and the server sends the reply back to the client's UDP socket. With TCP, a minimum of two RTTs are needed - one to set-up the TCP connection, and another for the client to send the request, and for the server to send back the reply.

Suppose you wanted to do a transaction from a remote client to a server as fast as possible. Would you use UDP or TCP? Why?

False. Piggyback is only for efficiency. If there's no data packet to be piggybacked to, then B will just send the acknowledgement packet.

T/F: Host A is sending Host B a large file over a TCP connection. Assume Host B has no data to send Host A. Host B will not send acknowledgments to Host A because Host B cannot piggyback the acknowledgments on data.

True. The number of unacknowleged bytes that A sends cannot exceed the size of the receiver's window. But if it can't exceed the receiver's window, then it surely has no way to exceed the receiver's buffer as the window size is always less than or equal to the buffer size.

T/F: Suppose Host A is sending Host B a large file over a TCP connection.The number of unacknowledged bytes that A sends cannot exceed the size of the receive buffer.

False. The sequence number of the subsequent segment depends on the number of 8-byte characters in the current segment.

T/F: Suppose Host A is sending a large file to Host B over a TCP connection. If the sequence number for a segment of this connection is m, then the sequence number for the subsequent segment will necessarily be m + 1.

True. The sequence number for a segment is the byte-stream number of the first byte in the segment, in this case, 38. The acknowledgement number is the sequence number of the next byte expected, or the first byte of the next segment, in this, since bytes 38, 39, 40, and 41 would be sent, the next byte segment expected is 42, which is the value placed as the acknowledgement number.

T/F: Suppose Host A sends one segment with sequence number 38 and 4 bytes of data over a TCP connection to Host B. In this same segment, the acknowledgment number is necessarily 42.

True. EstimatedRTT is a weighted average of SampleRTT, the latter being the amount of time between when the segment is sent and when it is received. Since the TimeoutInterval should be greater than or equal to EstimatedRTT, it is safe to deduce that TimeoutInterval should be greater than or equal to the the value of which EstimatedRTT is an average of, or SampleRTT.

T/F: Suppose that the last SampleRTT in a TCP connection is equal to 1 sec. The current value of TimeoutInterval for the connection will necessarily be ≥ 1 sec.

True

T/F: The TCP segment has a field in its header for rwnd.

False. It is the size of the receiver's buffer that's never changed. {rwnd} is the part of the receiver's buffer that's changing all the time depending on the processing capability at the receiver's side and the network traffic

T/F: The size of the TCP rwnd never changes throughout the duration of the connection.

- reliable transport between sending and receiving process - flow control: sender won't overwhelm receiver - congestion control: throttle sender when network overloaded - connection-oriented: setup required between client and server processes (handshaking) - point to point one sender, receiver - reliable in order byte stream - full duplex: bidirectional data flow In same connection - cumulative ACKS - piping: TCP congestion and flow control set window size - DOES NOT PROVIDE: timing, minimum throughput guarantee, security

TCP Service

senders can increase sending are until packet loss (congestion) occurs, then decrease sending rate on loss event Additive Increase: increase sending rate by 1 max segment size every RTT until loss detected Multiplicative Decrease: cut sending rate in half at each loss event probing for bandwidth

TCP congestion control AIMD

-

Telnet into a Web server and send a multiline request message. Include in the request message the If-modified-since: header line to force a response message with the 304 Not Modified status code.

IP spoofing - solution: end-point authentication, allows to determine if message originates from where we think

The ability to inject packets into the Internet with a false source address is known as

link layer (packets are frames)

To move a packet from one node (host or router) to the next node in the route, the network layer relies on the services of the link layer. In particular, at each node, the network layer passes the datagram down to the link layer, which delivers the datagram to the next node along the route. At this next node, the link layer passes the datagram up to the network layer. -ex protocols: ethernet, wii, cable access networks DOCSIS protocol

packets

To send a message from a source end system to a destination end system, the source breaks long messages into smaller chunks of data known as pack- ets.

- unreliable data transfer between sending and receiving process - bare bones -best effort, segments may be lost or delivered out of order - connectionless: no handshaking between UDP sender, receiver Each UDP segment handles independently of others - no RTT incurred - can function when network service is compromises - bull additional functionality of UDP in application layer (HTTP/3) - simple - small header size - no congestion control = faster, can function in face of congestion - uses streaming multimedia apps, DNS, SNMP, HTTP/3 - if reliable needed, add at application layer and add congestion control at application layer - does not provide: reliability, flow control, congestion control, timing, throughput guarantee, security, or connection set up

UDP service

The IP address of the destination host and the port number of the socket in the destination process.

What information is used by a process running on one host to identify a pro- cess running on another host?

The overlay network in a P2P file sharing system consists of the nodes participating in the file sharing system and the logical links between the nodes. There is a logical link (an "edge" in graph theory terms) from node A to node B if there is a semi-permanent TCP connection between A and B. An overlay network does not include routers.

What is an overlay network? Does it include routers? What are the edges in the overlay network?

A protocol uses handshaking if the two communicating entities first exchange control packets before sending data to each other. SMTP uses handshaking at the application layer whereas HTTP does not.

What is meant by a handshaking protocol?

Network architecture refers to the organization of the communication process into layers (e.g., the five-layer Internet architecture). Application architecture, on the other hand, is designed by an application developer and dictates the broad structure of the application (e.g., client-server or P2P).

What is the difference between network architecture and application architecture?

- data integrity (file transfer, web transaction) 199% reliable data transfer - timing some apps require low delay to be effective (telephony, interactive ames)g - throughput (multimedia) require min amount of throughput to be effective; elastic apps make use of whatever throughput they get - security encryption, data integrity

What transport service does an app need?-

The applications associated with those protocols require that all application data be received in the correct order and without gaps. TCP provides this service whereas UDP does not.

Why do HTTP, SMTP, and IMAP run on top of TCP rather than on UDP?

Since most firewalls are configured to block UDP traffic, using TCP for video and voice traffic lets the traffic though the firewalls.

Why is it that voice and video traffic is often sent over TCP rather than UDP in today's Internet? (Hint: The answer we are looking for has nothing to do with TCP's congestion-control mechanism.)

link-layer, router

___ switch typically used in access networks, ___ used in the network core

PoP

a group of one or more routers (at the same location) in the provider's network where customer ISPs can connect into the provider ISP

physical

bits on the wire

packet sniffing

broadcast media (shared Ethernet, wireless) promiscuous network interface reads/records all packets (including passwords) passing by

wired, wireless communication links

access networks, physical media

web caches (proxy server)

acts as both client and server; server tells about object's allowable caching in response header - reduces response time for client request (cache is closer to client) - reduce traffic on an institutions access link - internet is dense with caches (enables poor content providers to more effectively deliver content

server

always-on host, permanent IP address, often in data centers for scaling

- types of messages exchanged (request, response) - message syntax - message semantics: meaning of info - rules for when/how processes send and respond to messages

an application-layer protocol defines:

SMTP

application: email transport protocol: TCP

FTP

application: file transfer/download transport protocol: TCP

WOW, FPS (proprietary)

application: interactive games transport protocol: UDP or TCP

SIP, RTP, or proprietary

application: internet telephony transport protocol: TCP or UDP

HTTP, DASH

application: streaming audio/video transport protocol: TCP

HTTP 1.1

application: web documents transport protocol: TCP

instantaneous throughput

at any instant of time is the rate (in bits/sec) at which Host B is receiving the file

200 OK

code: request succeeded, requested object late in this message

too maNy sources sending too much data too fast for network to handle - long delays (queueing in router buffers) - packet loss ( buffer overflow at routers) end-end cc -no explicit feedback from network - congestion inferred from observed loss, delay - approach taken by TCP network-assisted congestion control - routers provide directt feedback to sending/receving hosts with flows passing through congested router - may indicate congestion level or explicit set sending rate

congestion control

client

contact, communicate with server; may be intermittently connected, may have dynamic IP addresses, do not communicated directly with each other ex: HTTP, IMAP, FTP

link

data transfer between neighboring network elements (ethernet 802.11/wifi, PPP); protocol transfers datagram from host to neighboring host using network-layer services - encapsulates network datagram with link-layer header to create link-layer frame

- authentication - confidentiality via encryptions - integrity checks: digital signatures to re prevent/detect tampering -access restrictions: password-protected VPNs - firewalls

defense against DoS

protocol

define the format, order of messages sent and received among network entities, and actions taken on message transmission, receipt

Frequency Division Multiplexing (FDM)

different channels transmitted in different frequency bands

clients, servers (reside in large data centers)

tend to be desktops, laptops, smartphones, and so on. __ tend to be more powerful machines that store distribute web pages, stream video, related email...

Domain Name System (DNS)

distributed database implemented in hierarchy of many name servers - application-layer protocol: hosts, DNS servers communicate to resolve names services - hostname to IP address translation - host aliasing -mail server aliasing - load distribution

internet service providers

end systems access the Internet through ___ ; each is a network of packet switches and communication links. Provide a variety of types of network access to the end systems; provide internet access to content provides, connecting servers directly to the Internet.

- application can open multiple parallel connections between two hosts

fairness, parallel TCP connections

fiber optic cable

glass fiber carrying light pulses, each pulse a bit - high speed operantion - Low error rate

multiplexing

handle data from multiple sockets, add transport header (later used for demultiplexing)

GET method (for sending data to server)

include user data in URL field of HTTP GET request message

IMAP

internet mail access protocol; messages stored on server, provides retrieval deletion, folders of stored messages on server

application, transport, network, link, physical

layered internet protocol stack

bottleneck link

link on end-end path that constrains end-end throughput

network layer

logical communication between hosts

transport layer

logical communication between processes (relies on network layer services)

user agent

mail reader, composing, editing, reading mail messages outgoing, incoming messages stored on server

network core

mesh of interconnected routers - packet switching: hosts break application-layer messages into packets - network forwards packets from one router to the next, across links on path from source to destination

interconnected routers, network of networks

network core

queueing (packet switching)

occurs when work arrives faster than it can be serviced. if arrival rate to link exceeds transmission rate of link for some period of time: - packets will __, waiting to be transmitted on output link - packets can be dropped (lost) if memory (buffer) in router fills up

frequency division multiplexing

optical, electromagnetic frequencies divided into (narrow) frequency bands; each call allocated its own band, can transmit at max rate of that narrow band

socket

process sends/receives messages from this - sending process shoves out message - sending pro ess relies on transport infrastructure on other door to deliver message to _ at receiving process

client process

process that initiates communication

server process

process that was waits to be contacted

transport

process-process data transfer (TCP, UDP); layer protocol transfers (reliably) from one process to another, using services of network layer; encapsulates application-layer message with transport layer-layer header to create transport layer segment

process

program running within a host; different hosts communicate by exchanging messages

bit

propagates between transmitter/receiver pairs

IP Protocol

protocol that specifies the format of the packets that are sent and received among routers and end systems

transport services and protocols

provide logical communication between application processes running on different hosts in end systems: sender breaks application messages into segments, passes to network layer. receiveiner reassembles segments into messages, passes to application layer 2 apps: TCP, UDP

trace route program

provides delay measurement from source to router along end-end internet path towards destination

throughput

rate at which bits are being sent from sender to receiver - instantaneous, average

segment

refer to a transport-layer packet as a _____.

denial of service attack

renders a network, host, or other piece of infrastructure unusable by legitimate users by overwhelming resource with bogus traffic. Web servers, e-mail servers, DNS servers (discussed in Chapter 2), and institutional networks can all be subject to - vulnerability attack - bandwidth flooding -connection flooding

400 Bad request

request msg not understood by server

404 Not Found

requested document not found on this server

301 Moved Permanently

requested object moved, new location specified later in this message (in location field)

HEAD method

requests headers that would be returned if specified URL were requested with an HTTP GET method

network

routing of datagrams from source to destination (IP, routing protocols); transfers transport-layer segment from one host to abater using link layer services

pipelining

sender allows multiple, in flight, yet to be acknowledged packets - range of sequence numbers must be increased - buffering at sender or receiver

unguided media

signals propagate freely, e.g. radio

guided media

signals propagate in solid media: copper, fiber, coax

application

supporting network applications (HTTP, IMAP, SMTP, DNS); exchanges messages to implement some application service using services of transport layer

circuit-switched networks

the resources needed along a path (buffers, link transmission rate) to provide for communication between the end systems are reserved for the duration of the communication session between the end systems.; end-end resources allocated to, reserved for call between source and destination - dedicated resources: no sharing, telephone networks

packet-switches

these resources are not reserved; a session's messages use the resources on demand and, as a consequence, may have to wait (that is, queue) for access to a communication link. - great for bursty data, resource sharing, simpler, no call set up - excessive congestion possible: packet defat and loss due tp buffer overflow

time division multiplexing

time divided into slots; each call allocated periodic slot(s), can transmit at maximum rate of (wider) frequency band (only) during its time slot(s)

RTT

time for a small packet to travel from client to server and back

identifier - port Xs http 80, mail server 25

to receive messages, process must have __; 32 bit IP address; includes IP address and port numbers associated with process on host

different links can transmit data at different rates with ________ _______ of a link measured in bits/second

transmission rate

transport layer

transports application-layer messages between application endpoints. In the Internet, there are two transport protocols, TCP and UDP, either of which can transport application-layer messages. TCP provides a connection-oriented service to its applications. This service includes guaranteed delivery of application-layer messages to the destination and flow control (that is, sender/receiver speed matching). TCP also breaks long messages into shorter segments and provides a congestion-control mechanism, so that a source throttles its transmission rate when the network is con- gested. The UDP protocol provides a connectionless service to its applications. This is a no-frills service that provides no reliability, no flow control, and no congestion control. In this book, we'll refer to a transport-layer packet as a segment.

coaxial cable

two concentric copper conductors bidrectional broadband: multiple frequency channels on cable

PUT method

uploads new file (object) to server completely replaces file that exists at specified URL with content in entity body of POST HTTP request message

demultiplexing

use header info to deliver received segments to correct socket host receives datagrams, each datagram carries one transport layer segment, each segment has a source, destination port number. host uses IP addresses and port noms to direct segment to socket - UDP: port number TCP: source and dest ips and port numbers

email

user agents, mail servers, simple mail transfer protocol

HTTP: hypertext transfer protocol

web application-layer protocol; client: browser requests, receives, and displays web objects. server: web server sends objects in response to request - uses TCP, port 8- - stateless, maintains no info about past client requests

objects, can be HTML file, JPEG image, audio file..

web page consists of ____, each of which can be stored on different web servers

authorizationshopping cartsrecommendationsuser session state (Web e-mail)authorizationshopping cartsrecommendationsuser session state (Web e-mail)

what cookies can be used for:

physical link

what lies between transmitter and receiver