Final Exam Revision

Question 1

Suppose Alice, with a Web-based email account (such as Hotmail or gmail), sends a message to Bob, who accesses his email from his mail server using POP3. Discuss how the message gets from Alice’s host to Bob’s host. Be sure to list the series of application layer protocols that are used to move the message between the two hosts.

Answer 1

Message is sent from Alice’s host to her mail server over HTTP. Alice’s mail server then sends the message to Bob’s mail server over SMTP. Bob then transfers the message from his mail server to his host over POP3.

Question 2

What is meant by a handshaking protocol?

Answer 2

A protocol uses handshaking if the two communicating entities first exchange control packets before sending data to each other. SMTP uses handshaking at the application layer whereas HTTP does not.

Question 3

In BitTorrent, suppose Alice provides chunks to Bob throughout a 30-second interval. Will Bob necessarily return the favor and provide chunks to Alice in this same interval? Why or why not?

Answer 3

It is not necessary that Bob will also provide chunks to Alice. Alice has to be in the top 4 neighbors of Bob for Bob to send out chunks to her; this might not occur even if Alice is provides chunks to Bob throughout a 30-second interval. (see lecture note 2, p.74-76)

Question 4

Consider a new peer Alice that joins BitTorrent without processing any chunks. Without any chunks, she cannot become a top-four uploader for any of the other peers, since she has nothing to upload. How then will Alice get her first chunk?

Answer 4

Alice will get her first chunk as a result of her being selected by one of her neighbors as a result of an “optimistic unchoke,” for sending out chunks to her. (see lecture note 2, p.74-76)

Question 5

Explain how sequence numbers and acknowledgement numbers are used in TCP. Illustrate you answer with an example data exchange in a telnet session.

Answer 5

The sequence number for a segment is the byte-stream number of the first byte in the segment. The acknowledgment number in a segment is the sequence number of the next byte the host sending the segment is expecting from the receiving host. An example of a telnet session is shown below, where we suppose the starting sequence numbers are 42 and 79 for the client and server, respectively. (See textbook, p. 245- 248)



Question 6

Suppose that a web server runs in Host C on port 80. Suppose this web server uses persistent connections, and is currently receiving requests from two different hosts, A and B. Are all of the requests being sent through the same socket at Host C? If they are being passed through different sockets, do both of the sockets have port 80? Discuss and explain.

Answer 6

For each persistent connection, the Web server creates a separate “connection socket”. Each TCP connection socket is identified with a four-tuple: (source IP address, source port number, destination IP address, destination port number). When host C receives and IP datagram, it examines these four fields in the datagram/segment to determine to which socket it should pass the payload of the TCP segment. Thus, the requests from A and B pass through different sockets. The identifier for both of these sockets has 80 for the destination port; however, the identifiers for these sockets have different values for source IP addresses.

Question 7

In rdt protocols, why do we need to have sequence numbers?

Answer 7

Sequence numbers are required for a receiver to find out whether an arriving packet contains new data or is a retransmission.

Question 8

What is the difference between persistent HTTP with pipelining and persistent HTTP without pipelining?

Answer 8

With persistent HTTP connection, the http server leaves the TCP connection open after sending a response. Subsequent requests and responses can be made using the same TCP connection. With pipelining, subsequent requests can be made back-to- back, without waiting for replies to earlier requests. When a server receives the back- to-back requests, it sends the objects back-to-back. When pipelining is not used, the client sends a new request only after it obtains a response to its earlier request.

Question 9

Host A and B are communicating over a TCP connection, and Host B has already received from A all bytes up to and including byte 248. Suppose that Host A then sends two segments to Host B back-to-back. The first and second segments contain 40 and 60 bytes of data, respectively. In the first segment, the sequence number is 249, source port number is 503, and the destination port number is 80. Host B sends an acknowledgement whenever it receives a segment from host A.

a) In the second segment sent from Host A to B, what are the sequence number, source port number, and destination port number?
b) If the first segment arrives before the second segment, in the acknowledgement of the first arriving segment, what is the acknowledgement number, the source port number, and the destination port number?
c) If the second segment arrives before the first segment, in the acknowledgement of the first arriving segment, what is the acknowledgement number?
d) Suppose that the two segments sent by A arrive in order at B. The first acknowledgement is lost and the second acknowledgment arrives after the first timeout interval, as shown in the figure below. Complete the diagram, showing all other segments and acknowledgements sent. (Assume there is no additional packet loss). For each segment you add to the diagram, provide the sequence number and number of bytes of data; for each acknowledgement that you add, provide the acknowledgement number.

Answer 9

a) In the second segment from Host A to B, the sequence number is 289, source port number is 503 and destination port number is 80.
b) If the first segment arrives before the second, in the acknowledgement of the first arriving segment, the acknowledgement number is 289, the source port number is 80 and the destination port number is 503.
c) If the second segment arrives before the first segment, in the acknowledgement of the first arriving segment, the acknowledgement number is 249, indicating that it is still waiting for bytes 249 and onwards.
d)

Question 10

Suppose Host A sends two TCP segments back to back to Host B over a TCP connection. The first segment has sequence number 90; the second has sequence number 110.

a) How much data is in the first segment?
b) Suppose the first segment is lost but the second segment arrives at B. In the acknowledgment that B sends to A, what will be the acknowledgment number?

Answer 10

a) 20 bytes b) Ack number = 90

Question 11

Suppose that the UDP receiver computes the Internet checksum for the received UDP segment and finds that it matches the value carried in the checksum field. Can the receiver be absolutely certain that no bit errors have occurred? Explain.

Answer 11

No, the receiver cannot be absolutely certain that no bit errors have occurred. This is because of the manner in which the checksum for the packet is calculated. If the corresponding bits (that would be added together) of two 16-bit words in the packet were 0 and 1 then even if these get flipped to 1 and 0 respectively, the sum still remains the same. Hence, the 1s complement the receiver calculates will also be the same. This means the checksum will verify even if there was transmission error.

Question 12

What is the sequence of messages for acquiring an IP via DHCP?

Answer 12

The sequence are: (a) host broadcasts “DHCP discover”msg, (b) DHCP server responds with “DHCP offer”msg, (c) host requests IP address: “DHCP request”msg, (d) DHCP server sends address: “DHCP ack”msg. See diagram in lecture note 4, p.36.

Question 13

What is network address translation (NAT)? In what situation do you need to use NAT?

Answer 13

NAT allows many devices to be connected using just one IP address. It uses the NAT translation table to map a single IP address to many local private addresses by taking advantage of the 16 bits port number. The situations where one uses NAT is when you have only one IP address but with many devices in a home network trying to access the internet.

Question 14

Discuss how a hierarchical organization of the internet (i.e., through hierarchical routing) has made it possible to scale to millions of users.

Answer 14

Routers are aggregated into autonomous systems (ASs). Within an AS, all routers run the same intra-AS routing protocol. Special gateway routers in the various ASs run the inter-autonomous system routing protocol that determines the routing paths among the ASs. The problem of scale is solved since an intra-AS router need only know about routers within its AS and the gateway router(s) in its AS.

Question 15

Suppose a peer with username Alice discovers through querying that a peer with username Bob has a file it wants to download. Also suppose that Alice and Bob are both behind a NAT. Can you devise a technique that will allow Alice to establish a TCP connection with Bob without application-specific NAT configuration? If you have difficulty devising such a technique, discuss why.

Answer 15

It is not possible to devise such a technique. In order to establish a direct TCP connection between Alice and Bob, either Alice or Bob must initiate a connection to the other. But the NATs covering Alice and Bob drop SYN packets arriving from the

WAN side. Thus neither Alice nor Bob can initiate a TCP connection to the other if they are both behind NATs. This is one of the impacts of NAT on P2P applications.

Question 16

List one disadvantage of the link-state routing algorithm, and one disadvantage of the distance vector routing algorithm.

Answer 16

See page 378 of text for a comparison of the two algorithms in terms of message complexity, speed of convergence, and robustness.
One disadvantage of LS is that message about the entire network topology needs to be sent to every node. One disadvantage of DV is that error in a node can be propagated to the entire network since a node’s (incorrect) calculation will be passed to its neighbours and then indirectly to its neighbour’s neighbour on the next iteration.

Question 17

What are the three categories of media access control protocols? To which category does CDMA belong?

Answer 17

(a) Channel partitioning, which divide channel into smaller “pieces” and allocate piece to node for exclusive use, (b) Random access, where channel is not divided and collision is allowed. (c) Taking turns, where nodes take turns to transmit. CDMA belongs to (a), since each node uses a unique code in the codespace to encode and transmit the data.

Question 18

Recall that with the CSMA/CD protocol, the adapter waits K*512 bit times after a collision, where K is drawn randomly. For K = 100, how long does the adapter wait until retransmission for a 10 Mbps Ethernet? For a 100 Mbps Ethernet?

Answer 18

Wait for 51,200 bit times. For 10 Mbps, this wait is 51.2103bits/10106bps = 5.12 msec. For 100 Mbps, the wait is 512 μsec.

Question 19

Suppose nodes A and B are on the same 10 Mbps Ethernet bus, and the propagation delay between the two nodes is 225 bit times. Suppose A and B send frames at the same time, the frames collide, and then A and B choose different values of K in the CSMA/CD algorithm. Assuming no other nodes are active, can the retransmissions from A and B collide? Note that the CSMA/CD protocol specifies that a jam signal of 48 bit times is transmitted when collision is detected at a node. It also specifies that the channel be sensed for 96 bit times to confirm that the channel is idle. For this question, suppose A and B begin transmission at t = 0 bit times. Suppose KA=0 and KB=1. At what time does B schedule its retransmission? At what time does A begin transmission? At what time does A’s signal reach B? Does B refrain from transmitting at its scheduled time?

Answer 19

Time, t
0
225
273 273+225=498
498+96=594 273+512 = 785
Event
A and B begin transmission
A and B detect collision
A and B finish transmitting jam signal B 's last bit arrives at A ; A detects an idle channel
A starts transmitting
B returns to retransmission step. B must

sense idle channel for 96 bit times
before it transmits. 594+225=819 A’s transmission reaches B
785+96=881 B starts transmitting
Because A 's retransmission reaches B before B 's scheduled retransmission time, B refrains from transmitting while A retransmits. Thus A and B do not collide. Thus the factor 512 appearing in the exponential backoff algorithm is sufficiently large.

Question 20

What is the difference between a permanent address and a care-of address? Who assigns a care-of address?

Answer 20

A permanent address for a mobile node is its IP address when it is at its home network. A care-of-address is the one its gets when it is visiting a foreign network. The COA is assigned by the foreign agent (which can be the edge router in the foreign network or the mobile node itself).

Question 21

Consider two mobile nodes in a foreign network having a foreign agent. Is it possible for two mobile nodes to use the same care-of address in mobile IP? Explain your answer.

Answer 21

Two mobiles could certainly have the same care-of-address in the same visited network. Indeed, if the care-of-address is the address of the foreign agent, then this address would be the same. Once the foreign agent decapsulates the tunneled datagram and determines the address of the mobile, then separate addresses would need to be used to send the datagrams separately to their different destinations (mobiles) within the visited network.

Question 22

Explain how indirect routing can be used to route traffic to a mobile node residing in a foreign network. How can this be done with direct routing.

Answer 22

See lecture note 6, p. 35 for registration, p. 36-38 for indirect routing, and p.39- 41 for direct routing.

Question 23

What are the differences between message confidentiality and message integrity? Can you have one without the other?

Answer 23

Confidentiality is the property that the original plaintext message can not be determined by an attacker who intercepts the ciphertext-encryption of the original plaintext message. Message integrity is the property that the receiver can detect whether the message sent (whether encrypted or not) was altered in transit. The two are thus different concepts, and one can have one without the other. An encrypted message that is altered in transmit may still be confidential (the attacker can not determine the original plaintext) but will not have message integrity if the error is undetected. Similarly, a message that is altered in transit (and detected) could have been sent in plaintext and thus would not be confidential.

Question 24

What is the difference between public and symmetric key encryption? Give two advantages and disadvantages of each.

Answer 24

One important difference between symmetric and public key systems is that in symmetric key systems both the sender and receiver must know the same (secret) key. In public key systems, the encryption key (i.e. public key) and decryption key (i.e.

private key) are distinct. The encryption key is known by the entire world (including the sender), but the decryption key is known only by the receiver.
Symmetric key encryption:
Advantages:
(I) Since the key is only known to the sender and receiver, it implicitly identifies the sender to the receiver and the receiver to the sender.
(II) Symmetric-key algorithms are generally much less computationally intensive than public key algorithms.
Disadvantages:
(I) the two parties must know the shared secret key in advance.
(II) In order to ensure secure communications between everyone in a population of n person a total of n(n − 1)/2 keys are needed.
Public key encryption: Advantages:
(I) There is no need for the sender and receiver to meet and agree on a shared secret key in advance.
(II) Public key provides a way to authenticate a message. A person can authenticate his/her message by using his/her private key.
Disadvantages:
(I) The receiver cannot determine who the sender is since anyone can send an encrypted message to the receiver using the receiver’s public key. A digital signature is needed to bind a sender to a message.
(II) Public key algorithms are generally much more computationally intensive than symmetric-key algorithms

Question 25

What is the man-in-the middle attack? Can this attack occur when symmetric keys are used?

Answer 25

In a man-in-the-middle attacker, the attacker interposes him/herself between the sender and receiver, often performing some transformation (e.g., re-encoding or altering) of data between the sender and receiver, or simply listens in. Man-in-the- middle attacks can be particularly difficult to detect since the sender and receiver will each receive what the other has sent and since they are using encryption would think that they have achieved confidentiality. This attack is possible when public keys are used for authentication (see scenario in lecture note 8, p.38). This attack cannot occur when symmetric keys are used, assuming that the shared symmetric key is only known between sender and receiver.

Question 26

Explain (with the aid of a diagram) how public key encryption can be used for message authentication for large messages.

Answer 26

See lecture note 8, p. 22, which shows how hash function is used to produce a fixed length hash value that is then encrypted with the sender’s private key. Encrypting the hash value instead of the large message save on computation while still providing message authentication.