Computer Network: A top-down approach

Whats a route/path in the Internet infrastructure?

A sequence of communication links and packet switches traversed by sending a packet from one end system to another

Five network access technologies for the home

F.x. DSL, cable, FTTH (fiber to the home), satellite links and dial-up access

fiber-to-the-home (FTTH)

Optical fiber path is provided from the central office to the home. The fiber near the central office is shared by many homes then split into individual customer-specific fibers once relatively close to a home.

What types of network access do DSL (digital subscriber line) and cable modem provide?

Residential broadband access

What are the two main purposes of a protocol?

Defining the format and order of messages exchanged between two or more communicating entities and defining the action taken on transmission and/or reciept of a message or an event

What is a cable modem?

An external device that connects to the home PC via an Ethernet port

What is the purpose of a multiple access protocol?

To coordinate transmissions and avoid collisions on a shared upstream link

What are access networks?

Networks physically connecting end systems to an edge router (first router)

What is a data center?

Pool of resources that are interconnected by a communication network. Most of today's web servers reside in such data centers

What is the purpose of an Application Programming Interface?

A set of rules the sending program must follow. Specifying how a program running on one end system asks the Internet infrastructure to deliver data to a specific destination program running on another end system

What are distributed applications?

Applications involving multiple end systems that exhange data with each other

What's an ISP?

An Internet Service Provider. Simply put, a network of packet switches and communication links

What are routers and link-layer switches?

They are today's most prominient types of packet switches

Whats an host/end system?

Devices that connect to a network, typically the Internet, whether directly by users or not. Examples: PCs, web servers, PDAs, email servers, cell phones, TVs etc.

In what unit is transmission rate measured?

In bits per second

List the four types of delay in packet switching networks and briefly describe why they occur

1. Processing delays: time required to read packet header to determine destination (or other information) relevant to transfer

2. Queueing delays: when packet waits for link to be available if it's busy transmitting another packet

3. Propagation delays: time it takes for a bit, once pushed onto link, to propagate to next router. Depends on propagation speed.

4. Transmission delays: delays due to packet having to arrive in it's entirety before forwarding to outbound link.

What's the basic difference between packet switching and circuit switching?

Circuit switching reserves resources needed for each communication (f.x. transmission rate, links, buffers etc) whereas packet switching uses resources on demand and as a consequence messages may need to wait for accessing a communication link

Name two fundamental approaches of moving data through network of links and switches

Circuit switching and packet switching

What is the purpose of a forwarding table?

To map destination IP-addresses to router's outbound links. When a router receives a packet it searches it's forwarding table using packet's destination address to determine which outbound link to forward the packet on

Why might packet loss occur?

Output buffer space is finite. Overfull output buffer results in dropped arriving packet or dropped packets in buffer queue.

Why can packets experience a. store and forward delays and b. queueing delays

a. Due to router receving entire packet before forwarding it to outbound link

b. If a link is busy with transmission of another packet, the arriving packet must wait in output buffer queue for the link to finish transmission

Describe store-and-forward transmission

Packet switch must receive entire packet before forwarding it to outbound link

Suppose packet is L bits and sent over link with R bit/seconds transmission rate. How long does the transmission take?

L/R seconds

Describe packet-sniffing and IP-spoofing

PS: View packet traffic to extract vulnerable information such as passwords passed between sender and receiver

IP-S: Hand-craft packets with arbitary source address, content or destination address. Can work as a masquerade for another user.

What's the difference between worms and viruses malwares?

Viruses require host interaction and/or information to infect device, f.x. an email with a link can infect a device with virus.

Worms don't necessarily require such things, but can be sent to host when host is f.x. running a network application

What's a packet called in the:

a. Application layer

b. Transport layer

c. Network layer

d. Link layer

a. Message

b. Segment

c. Datagram

d. Frame

Throughput

Rate at which host recieves a file in bps

What is the difference between the transport layer and the network layer?

Transport layer:

Provides logical communication between processes, acting as they have a direct path between each other even though they could be on separate sides of the planet

Network layer:

Provides logical communication between hosts, difference being that hosts can run multiple processes.

What is transport layer multiplexing/demultipexing?

The extension of host-to-host delivery to process-to-process delivery

Describe how multiplexing is achieved in UDP

- A process in host A wants to send application data chunk to process in host B

- Transport layer of process A creates a segment with data, source and destination port and passes it to network layer

- Network layer encapsulates segment and attempts to send it to Host B

- If segment arrives at Host B the transport layer examines the destination port of segment and delivers segment to the socket assigned to the port

- Numerous processes could be running on B so the host directs (demultiplexes) each segment to appropriate socket

Describe how multiplexing is achieved in TCP

A TCP socket is a 4-tuple with source and destination IP and Port.

The welcoming socket creates a socket with these 4 values and as such segments are delivered to a socket with these 4 values

What does a UDP segment contain (headers and body)

- Source port

- Destination port

- Length

- Checksum

- Application Data

Why use UDP over TCP

- Finer application level control of data sent:

TCP might delay do to congestion or flow

control. Also TCP retransmits packets that fail

to send which is tolerable in some

applications

- No connection establishment:

No handshake establishment that takes

additional time

- No connection state:

TCP maintains the state of each connection,

UDP does not

- Small packet overhead:

TCP header - 20 bytes

UDP header- 8 bytes

(Basically, it's faster)

Can UDP be reliable?

Yes if reliability is built into the application itself

Why is reliable data transfer not ensured?

The layer below the transport layer (network layer) might be unreliable (e.g. IP is unreliable and TCP is reliable).

What are distributed hash tables?

Tables accessible to peers in a peer-to-peer network architecture with mappings of files/packets to IP addresses of owner peers

Briefly describe the four DNS server types

1. Root DNS servers: On top of the hierarchy and provide access to lover level servers. 13 root servers exists

2. Top Level Domain (TLD): Contain information on hostname (f.x. if it's a .com, .org, .net domain)

3. Authorative DNS server: Every organization with publicly accessable hosts have their own such server (f.x. xxx.ru.is is for HR)

4. Locale DNS server: Not part of hierarchy, but caches IPs and forwards queries into hierarchy if it doesn't contain requested IP

DNS maps hostnames to IP addresses. Name three additional features of DNS.

Host aliasing: Website can have many aliases along with it's regular hostname

Mail server ailiasing: Hostname after the @ in email addresses can have ailiases as well

Load distribution: Distributing traffic if website is available on multiple servers

What exacty is DNS? (2 things)

1. A database in hierarchy of DNS servers with website hostnames and their IP addresses

2. An application layer protocol that allows host to query that database

Describe briefly the three major components of the mail system

1. User agent: Allows users to interact with mail server, f.x. read or write an email

2. Mail servers: Have mailboxes for every user and message queues

3. Simple Mail Transport Protocol (SMTP): Sends mail between hosts

What two parallel connections does FTP run on? Describe their different purposes briefly.

1. Control connection: used to send information, often sensitive like user IDs and passwords between client and server on a dedicated port number 21

2. Data connection: Used to send files between client and server

What is the purpose of the conditional GET request conducted by web cache?

On every request from a client for a resource to web cache, the web cache sends a conditional GET request to web server with the header field if-modified-since with the date and time when resource was stored in web cache. If it has been modified since then, web server sends it to web cache in an HTTP request which stores it locally and sends it to client. If not web server responds with only a status line with the status code 304: NOT MODIFIED indicating that web cache's resource is not outdated and that he can use his own resource to send back to client (much faster)

Name the three delays that make up total response time and describe them briefly

1. Internet delay: Time it takes for a internet-side edge router to transmit to web server or host and receive request

2. Access delay: Time it takes to travel between two routers

3. LAN delay: Time it takes for a host to travel to it's access link

Define round trip time

Time it takes for a small packet to travel from client to server and come back

What does it mean for HTTP to be stateless?

It doesn't store any information on client or on requests

Upon an HTTP request, are objects returned immediately that make up an HTML page?

No, a base HTML page is returned with only references to objects. These objects are requested after the base HTML page is returned

Name at least 4 examples of application layer protocols

SMTP

HTTP

DNS

FTP

Telnet

SNMP

What does an application layer protocol define?

Types of messages exchanged (request/response)

Syntax of message type (f.x. fields)

Semantics of fields

Rules (how and why messages are sent)

What's a socket?

An interface between application layer and the transport layer - an interface into which messages are sent to and received from

What distinguishes a client from a server

Client initiates communication and server waits for communication. Server DOES NOT need to be a dedicated one, f.x. in P2P architechture, both end systems can be client and server

Describe client-server architecture and P2P architecture

Client-Server: Based on an always-on dedicated server/s that serves multiple clients in parallel. No direct communication of clients

P2P: No dedicated servers and direct communication between client pairs end systems called peers. It is self scalable and bases on trading.

Define a. end-to-end congestion control and b. network-assisted congestion control

a. End systems detect congestion without the help of the network layer, f.x. with detecting segment loss on timeout or negative-acknowledgements

b. Network layer components such as routers provide information feedback regarding congestion state

What is a bus?

A bus is a type of computer network architecture that uses a shared system bus to transfer data between different components of a computer system.

What's the purpose of doubling the timeout interval in TCP on lost packets?

Congestion control. This way if system is congested it gets more time to "correct" itself with more timeout interval and isn't bombarded with packets

What is a maximum transmission unit (MTU)?

Maximum size of a link-layer frame that local host is able to send

What's a stop and wait protocol?

A protocol that sends a packet and awaits acknowledgement before resolving other queries or transmissions

What precautions are needed when a reliable transfer is conducted over a lossy channel with possible bit errors?

1. Error detection (f.x. checksum)

2. Sender feedback (ACKs and NAKs)

3. Retransmission if NAK

4. Timer as timeout value set to at least the round trip time of a packet

5. Retransmission on timeout - LOSS

6. Sequence numbers for receiver to detect possible duplicate packets

Explain the difference between forwarding and routing

Forwarding: transferring a packet from incoming link to the appropriate outgoing link within a single router

Routing: involves all routers in network that use routing protocols to determine paths packets take from source to destination

Define connection setup

a feature that enables router to establish connections with other routers, essentially a handshake between routers

What services can network layer provide to:

a) sender

b) flow-of-packets

a) Guaranteed delivery

Guaranteed delivery with bounded delay

b) Inorder delivery

Guaranteed minimal bandwidth

Guaranteed maximum jitter

Security services

What is the one service the Internet's network layer implements

The Best effort service (the I tried service)

What is the difference between virtual networks and datagram networks

VN: Only connection service

DN Only connectionless service

What does a virtual circuit consist of?

- Path (links & routers) between hosts

- A virtual circuit number

- Each router in path's forwarding table entries

What are the three phases that occur in the lifetime of a virtual circuit

Virtual Circuit Setup:

Network layer finds path between hosts,

dedicates virtual circuit numbers for each link,

then adds forwarding table entries to each

router along the path

Data transfer:

Transfers data (duh)

Virtual Circuit Teardown:

Network layer informs other host of shutdown and removes all forwarding table entries in routers along the VC path

Of what four components does a generic router architecture consist of? Describe briefly

Input ports: receives packet from inbound link,

performs necessary link layer

functions/decapsulation, indexes

forwarding table for outgoing link

interface

Switching fabric: Connects input & output ports

Output ports: transmits outgoing packets

Routing processor: executes routing protocols,

maintains routing tables and forwarding

tables

Describe the the five layers of the Internet protocol?

5.

4.

3.

2.

1.

5. Application layer

4. Transport layer

3. Network Layer

2. Data link layer

1. Physical Layer

6 type of protocols on the application layer

HTTP, SMTP, FTP, DNS, DHCP, SNMP

2 types of protocols on the transport layer

TCP and UDP

4 types of protocols on the network layer

IPv4, IPv6, OSPF, BGP

2 types of protocols on the data link layer

Ethernet (ARP) and Wifi

On the transport layer a packet is called a ...

segment. datagram

On the network layer a packet is called a ...

packet

On the data link layer a packet is called a ...

frame

TCP protocol : Congestion control

Aims to prevent network congestion and ensure that data transmission is reliable and efficient. Monitors the network traffic, adjusting the rate. When congestion is detected, the sending rate is reduced, (minus the amount of data or plus time between sending packets).

TCP (Transmission Control Protocol)

- rdt, reliable data transfer

- connection-oriented

- flow and congestion control

UDP (User Datagram Protocol)

- unreliable, unordered delivery

- connectionless

- no-frills extension of "best-effort" IP

NAT (Network Address Translation)

A means of translating a system's IP address into another IP address before sending it out to a larger network. NAT manifests itself by a NAT program that runs on a system or a router. A network using NAT provides the systems on the network with private IP addresses. The system running the NAT software has two interfaces: one connected to the network and the other connected to the larger network. The NAT program takes packets from the client systems bound for the larger network and translates their internal private IP addresses to its own public IP address, enabling many systems to share a single IP address.

Two PROs of NAT

Address conservation: allows multiple devices on a private network to share a single public IP address. Reducing the number of public IP addresses needed to connect to the Internet

Security: hiding the private IP addresses needed to connect to the Internet. More difficult for attackers to target individual devices on a private network.

.

Two CONS of NAT

Limited inbound connectivity: Since the public IP address is shared by multiple devices, it makes it difficult to direct traffic to a specific device on the network. Certain apps, such as servers, that require this could have difficulties.

Network configuration complexity: NAT changes the IP addresses of packets, as they pass through the network, this makes it challenging to configure network devices and troubleshoot issues. It also requires additional hardware/software which adds to the complexity.

How could a server reach a private address?

Port Forwarding

The process of redirecting traffic from its normally assigned port to a different port, either on the client or server. In the case of using SSH, port forwarding can send data exchanges that are normally insecure through encrypted tunnels.

How could a server reach a private address?

Connection Reversal

A reverse connection is usually used to bypass firewall restrictions on open ports. A firewall usually blocks open ports, but does not block outgoing traffic. In a normal forward connection, a client connects to a server through the server's open port, but in the case of a reverse connection, the client opens the port that the server connects to. The most common way a reverse connection is used is to bypass firewall and router security restrictions.

Two PROs of WIFI

Convenience: Wi-Fi allows users to connect to a network without the need for physical cables, making it a convenient option for devices such as laptops, smartphones, and tablets. This allows users to move around freely and still maintain an internet connection.

Cost-effective: Wi-Fi can be a cost-effective alternative to traditional wired networks as it eliminates the need for expensive cabling and associated hardware. Wi-Fi access points are relatively inexpensive and easy to install, making it a popular choice for both personal and commercial use.

Two CONs of the Wifi

Limited range: Wi-Fi signals are limited in range and can be easily obstructed by walls, furniture, and other objects. This can result in weaker signals, slower speeds, and unreliable connections.

Security risks: Wi-Fi networks can be vulnerable to security breaches, including unauthorized access to sensitive data, viruses, and malware. Wi-Fi signals can also be intercepted by hackers, especially if the network is not properly secured with strong passwords and encryption.

Mobile network: what does mobile stand for?

The term "mobile" in mobile network refers to the ability to use wireless communication technology to access the network and services from different physical locations, without being limited to a fixed location or wired connection. In other words, it allows users to access network resources and services while on the move, using mobile devices such as smartphones, tablets, or laptops.

How many addresses are in a subnet prefix ?

addresses = 2^(32 - prefix)

IPv4 - 32 , IPv6

Internet Protocol: IPv4

- 32 adresses

- decimal format

- Header: 20 bytes

Internet Protocol: IPv6

- 128 addresses

- hexadecimal

- Header: 40 bytes

- no fragmentation

Traceroute

A program that shows the route a packet takes across the Internet

What would a traceroute return?

- the list of routers and hosts that a packet passes through on its way from the source to the destination.

- The IP address of each router or host.

- The time it took for the packet to reach that router or host.

- The total time it took for the packet to reach the destination

How does traceroute work?

A traceroute obtains information by sending a series of packets with increasing time-to-live (TTL) values to a destination. Each time a packet is sent, the TTL value is incremented. When a packet reaches a router, the router decrements the TTL value by one and then forwards the packet to the next router. If the TTL value reaches zero, the router sends an ICMP Time Exceeded message back to the source. The traceroute utility uses the ICMP Time Exceeded messages to determine the route taken by the packets and the amount of time it takes for a packet to reach each router.

Describe two reasons a packet can be delayed.

1. Queuing Delay: Queuing delay occurs when packets are waiting in a queue to be transmitted onto the link. This delay is caused by the fact that the link can only transmit a certain number of packets per second, and if the rate of incoming packets exceeds this rate, then packets will have to wait in the queue until the link is ready to transmit them.

2. Transmission Delay: Transmission delay occurs when a packet is actually being transmitted onto the link. This delay is caused by the fact that the link has a finite transmission speed, and it takes a certain amount of time for the packet to be transmitted onto the link.

What function does the HOP limit field in the IPv6s packet header have?

The HOP limit field in the IPv6 packet header is used to limit the number of routers that a packet can traverse before it is discarded. This field is used to prevent packets from cycling endlessly through the network, which can cause congestion and other problems. The HOP limit field is set to a specific value by the sender, and each router decrements the value by one as the packet passes through. If the value reaches zero, the packet is discarded. This ensures that packets are not forwarded through more than the specified number of routers.

What technique is used to divide networks into logical LANs?

The technique used to divide networks into logical LANs is called link-layer switching. Link-layer switches are typically used in access networks, while routers are typically used in the network core. Link-layer switches are used to connect multiple devices on a single network, such as computers, printers, and other devices. The switch acts as a bridge between the devices, allowing them to communicate with each other. The switch also provides a layer of security, as it can be configured to only allow certain types of traffic to pass through. This helps to ensure that only authorized users can access the network. Link-layer switching also allows for the creation of virtual LANs (VLANs), which are logical divisions of a single physical network. VLANs can be used to segment a network into different departments or user groups, allowing for more efficient use of resources and better security.

Which routing protocol does the inter-AS communication support?

The inter-AS communication supports the Border Gateway Protocol (BGP). BGP is an inter-AS routing protocol that is used to exchange routing information between autonomous systems (ASs). BGP is used to determine the best path for routing traffic between different ASs.

In order to send a data stream to a selected group of receivers, what casting is used?

Multicasting is a type of network communication where a single source sends data to a group of receivers.

The purpose of a TLD server within a DNS system is?

The purpose of a TLD server within a DNS-system is to provide the IP address of the authoritative DNS server for a given domain name. TLD servers are responsible for maintaining the resource records for the top-level domains such as com, org, net, edu, and gov, and all of the country top-level domains such as uk, fr, ca, and jp.

What is 802.11 standard for?

The 802.11 standard is a set of specifications for wireless local area networks (WLANs) developed by the Institute of Electrical and Electronics Engineers (IEEE).

What is IMAP used for?

IMAP (Internet Mail Access Protocol) is a mail access protocol used to access and manage email messages stored on a remote mail server. It is an alternative to the more commonly used POP3 (Post Office Protocol) protocol.

What is an HTTP cookie?

An HTTP cookie is a small piece of data sent from a website and stored in a user's web browser while the user is browsing. It is used to remember information about the user, such as their preferences and browsing history.

How does the TCP protocol discover and then help a congested receiver?

The TCP protocol discovers a congested receiver by monitoring the rate of acknowledgments (ACKs) that the receiver sends back to the sender. If the rate of ACKs is lower than expected, this indicates that the receiver is congested. To help the congested receiver, the TCP protocol implements congestion control mechanisms such as slow start, congestion avoidance, and fast retransmitting.