DNS, TCP and UDP (w4-5) Flashcards

1
Q

what does heirarchy tell us about the address name (DNS)

A

Heirarchy tells you who issued the name, not where the address is located physically

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

gTLD and ccTLD stand for? examples?

A

generic Top Level Domain and country-code Top Level Domain

gtld: .com, .net…
cctld: .nz, .au…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Secondary Level Domain includes which type of address?

A

.co.nz, .org.nz, whitehouse.gov …

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What server is above the TLD servers? how many instances of them are there?
how many pre-defined IP addresses are there?

A

Root Servers. roughly 1400 Root servers, widely distributed. 13 pre-defined addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

which command would you use to look up an IP address of an named address eg www.waikato.cms.ac.nz?
why is it an iterative look up

A

dig command. it is iterative, as we have to work our way down through the DNS resolver servers, starting from the root server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

do DNS resolvers have to go through the iterative look-up every time someone wants to use an address?

A

DNS resolvers keep a cache of recently looked up records. The lenght of time each entry is kept for is defined by a person and varies from minutes to days

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

when looking up a name with DNS, what happens if the first name server does not respond?

A

when looking up a name, the reply will often contain multiple other name servers, so if the first does not respond, the resolver can try one of the others

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the 4 basic contents of a UDP packet?

A

Src and Dest Port, UDP Length and a checksum

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

when sending a Datagram packet, what are the 4 parameters you will need to fill out

A

ip, port, byte array and length of data (not lenght of array)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How would you recieve a datagram packet?

4lines of code

A

DatagramSocket ds = new DatagramSocket();

byte[] buf = new byte[65535];

DatagramPacket dp = new
DatagramPacket(buf, 65535);

ds.recv(dp)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

To echo back a datagram packet (as a server) you use the method .getSocketAddress() to get what information about the sender

A

returns the senders InetAddress and senders port in a single object

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Why would you predominantly use UDP for DNS lookups?

A

since DNS lookups preceed nearly every interaction, we need the fastest method possible, TCP = slower

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

where is TCP implemented in? the operating system, or application software? Do sockets use UDP or TCP?

A

TCP is implemented in the operating system kernel, sockets use TCP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which part of the osi model is TCP?

A

Transport layer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Is TCP reliable? why? is it half duplex?

A

lost messages are re-transmitted in TCP, and use a weak checksum to protect the messages. It is full duplex, so client and server can send messages simultaneously

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why might a tcp connection have two ports?

A

Allows client to have multiple connections with the server, meaning it can for example fetch the html and an image resource at the same time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is the sequence number in a TCP frame. why is this needed?

A

it is the position in the series of frames that the particular frame belongs to. Needed to order the frames correctly by the receiver

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is the ack number sent by the reciever? TCP

A

It acknowledges the previously sent data cumulatively, while advising the sender on which byte the receiver expects next

19
Q

Explain why random initial sequence numbers are sent in the three way TCP handshake?

A

security, reduces chance third party can impersonate one of the two parties
if system reboots, reduces chance that old packets will interfere with new connection

20
Q

if a server sends rst-ack after client sends syn, what could this mean?

A
  • The requested port is not open
  • there is a backlog of pending connections
  • theres is a firewall between the client and server that is blocking access
21
Q

Which part of TCP detects corruption

A

the checksum can detect corruption

22
Q

does the reciever tell the sender that it is missing packets, or if a packet was corrupted? TCP

A

No, the sender can infer this when an ack is not received before a time-out occurs.

23
Q

In TCP, how is packet loss detected? 2 ways

A

No ack is received before timeout occurs, or, multiple duplicate acks are received

24
Q

TCP assumes that if a packet was lost, the network is experiencing congestion, how does this explain why the receiver does not simply tell the sender when a packet is lost?

A

the theory is that sending such a packet into an already congested network only adds to the congestion problem.

25
Q

when receiver gets a SYN request, what must he do and what systems are taxed because of this? The receiver is then vulnerable to which attack?

A

Receiver searches table of existing connections (CPU taxing) then allocate a record (Memory taxing). This leaves the receiver vulnerable to SYN flooding. Syn flooding means the system is so caught up on these spoof SYN requests, it is unable to accept genuine requests.

26
Q

How are Checksums calculated. are they strong methods of detecting corruption?

A

fold 32 bit value into a 16 bit value, then negate the binary values. Very weak method of checking corruption

27
Q

Explain how a tcp connection is ended.

A

A sends a FIN bit to B, telling B that A has nothing more to send. Connection now half-closed. Eventually, B sends its own FIN bit to signal it is also finished. FIN bits are acknowledged with an ACK

28
Q

if server sends 200 bytes of data, in 50byte chuncks, but client receives only 150 bytes of data, what does client ack? and what does server send back?

A

Client sends 150 ack. Server then knows client has everything up to byte 150, and resends byte 150-200.

29
Q

the sender is required to decide when data is lost when to retransmit. how do they decide this?

A

Operating systems keep track of how long previous data took to be acknowledged

30
Q

Since TCP is a stream based protocol, what does this mean in terms of how the client sees the incoming data.

A

Client does not know how large the incoming packets are, rather only sending a ack pack once a certain amount of bytes has been sent.

31
Q

in terms of RTT round trip time, which is considered more important: the most recent measurement or prior estimations?

A

The most recent measurement is the most important, which is acknowledged by using weighting when calculating the RTT

32
Q

what is RTO?

A

Retransmission time-out

33
Q

Estimated RTT = ?

A

(1 - a)CurrentEstimatedRTT + aNewRTT. Where a = 0.125 (usually) and NewRTT is the latest RTT

34
Q

DevRTT = ? (Delay Variation)

A

(1 - b)CurrentDevRTT + b|NewRTT - EstimatedRTT| where b = 0.25 and newRTT is the latest RTT

35
Q

then RTO = ?

A

EstimatedRTT + 4*DevRTT

36
Q

What is a slow start?

A

at the start of a tcp, the two hosts have no reliable measure of available capacity, so starting with one sending out one packet, they introduce two packets for each packet that is acknowledged. process continues until data is lost

37
Q

What happens when the ssthresh (slow start threshold) is encountered?

A

congestion avoidance starts, which increases the rate of transmission by one data unit per RTT.

38
Q

if congestion is encountered at 16 data bits per RTT, what happens to the SSTHRESH in terms of the CWND. ssthresh = rate at which congestion advoidance occurs, CWND is the amount of data a sender can transmit without err.

A

if congestion occurs at 16, this is the CWND. the CWND is then halfed, and this value is now the new ssthresh.

39
Q

what is fast retransmit? why is it safe to use? what does fast retransmit avoid?

A

fast retransmit is used on the third duplicate ack, retransmits the assumed missing data piece. Because the sender is still receiving duplicate acks, this means that the data is still being received by the receiver. Avoids going back to slow start.

40
Q

Step one of Fast Recovery

A

set ssthresh to half the value of CWND
set CWND to ssthresh + 3 x segment size
retransmit missing segment

41
Q

What is fast recovery?

A

after a packet goes missing and is replaced by fast retransmit, fast recovery is responsible for transmission of new data until a non-duplicate ack arrives

42
Q

Step two of fast recovery

A

each time another dup-ack is received, cwnd = cwnd + segment size, then transmit new segment

43
Q

Step three of fast recovery

A

when ack asking for new data arrives, set CWND to ssthresh, then enter congestion advoidance.