CIDR

CIDR (Classless Inter Domain Routing)tries to balance desire to minimize number of routes a
router needs to know, against the need to hand out addresses efficiently. To this CIDR aggregates
routes. That is, it lets us use a single entry in a forwarding table to tell us how to each a lot of
network . Therefore, a routing protocol must now understand that a network number may be of
any length. Modern routing protocols like BGP, do exactly that. The network numbers that
carried in the routing protocol are represented simply by network address and net mask(number
of bits in the network prefix).
CIDR means that network prefixes may be of any length. Furthermore, it is sometimes possible to
have prefixes in the forwarding table that “overlap ”,in the sense that some addresses may match
more than one prefix. The rule in this case is based on the principle of “longest-match ”.That is,
the packet matches the longest prefix. The task of efficiently .finding the longest match between
and IP address and the variable-length prefixes in a forwarding table has been a fruitful .field of
research in recent years. An obvious,(of course, inefficient),algorithm is to do a linear search of
all entries in the forwarding table.
Suppose P,Q and R are network service providers, with respective CIDR address allocations
C1.0.0.0/8 (the notation /8 denotes a net mask with 8 leading 1 bits,i.e.,FF.0.0.0),C2.0.0.0/8 and
C3.0.0.0/8.Each provider’s customers initially receive address allocations that are a subset of the
provider ’s. P has the following customers:
•PA,with allocation C1.A3.0.0/16,and
•PB,with allocation C1.B0.0.0/12
Q has the following customers:
•QA,with allocation C2.0A.10.0/20 and
•QB,with allocation C2.0B.0.0/16
Assume there are no other providers or customers.
a)Give routing tables for P,Q and R,assuming each provider connects to both of the others (Hint:
each outing table has address, net mask and next hop information).
(b)Now assume P is connected to Q and Q is connected to R,but P and R are not directly
connected. Give tables for P and R.
Solution :
a) P’s table
Address Next hop
C2.0.0.0/8 Q
C3.0.0.0/8 R
C1.A3.0.0/16 PA
C1.B0.0.0/12 PB
Q’s table
Address Next hop
C1.0.0.0/8 P
C3.0.0.0/8 R
C2.0A.10.0/20 QA
C2.0B.0.0/16 QB
R’s table
Address Next hop
C1.0.0.0/8 P
C2.0.0.0/8 Q

Leaky Bucket
The following packets arrive at the output port of a switch using a leaky bucket algorithm.
The bucket can contain up to 3000 bytes.
Packet number Arrival time (msec) size(bytes)
1 1 100
2 2 400
3 3 400
4 4 1000
5 5 1000
6 6 1000
7 7 1000
8 8 1100
9 9 1000

a. The leaky bucket operates on packets, and can send 1 packet every 3 milliseconds.
Assuming no packet arrives
past time 10, show when packets leave and what packet(s) are left in the buffer, if any, at
time 10.
Depending on when the first outgoing batch is scheduled, there are several
possible solutions:
leaves in buffer dropped
___________________________________________
1 1
2 2
3 2,3
4 2 3,4
5 3,4,5
6 3,4,5 6
7 3 4,5,7
8 4,5,7 8
9 4,5,7 9
10 4 5,7
1 1
2 1 2
3 2,3
4 2,3,4
5 2 3,4,5
6 3,4,5 6
7 3,4,5 7
8 3 4,5 8
9 4,5,9
10 4,5,9

1 1
2 1,2
3 1 2,3
4 2,3,4
5 2,3,4 5
6 2 3,4,5 6
7 3,4,5 7
8 3,4,5 8
9 3 4,5,9
10 4,5,9
b. If the leaky bucket operates on bytes, show the departure schedule if the algorithm can
send 1200 bytes every
3 milliseconds.
Possible Solutions:
leaves in buffer dropped
___________________________________________
1 1
2 2
3 2,3
4 2,3 4
5 4,5
6 4,5,6
7 4 5,6,7
8 5,6,7 8
9 5,6,7 9
10 5 6,7

1 1
2 1,2
3 3
4 3,4
5 3 4,5
6 4,5,6
7 4,5,6 7
8 4 5,6 8
9 5,6,9
10 5,6,9

1 1
2 1,2
3 1,2,3
4 4
5 4,5
6 4 5,6
7 5,6,7
8 5,6,7 8
9 5 6,7,9
10 6,7,9.

Leaky Bucket (2)

Computer A has 19.5MB to send on a network and transmits the data in a
burst @ 6 Mbps. The maximum transmission rate across routers in the
network is 4 Mbps. If Computer A's transmission is shaped using a leaky
bucket, how much capacity must the queue in the bucket hold not to discard
any data? (Show your work)
Solution
time for computer to transmit data = total bits / max trans rate
= (19.5 MB * 8 bits/byte) / 6 Mbps
= 156 Mb / 6 Mb/s
= 26 s
actual data sent on network in 26 s = network rate * 26s
= 4 Mb/s * 26s
= 104 Mbits = 13 Mbytes
bucket size = 19.5 MB - 13 MB = 6.5MB(or 52Mb)

Token Bucket
You have constructed a token bucket class in Java using a queue of length 4, a thread and
a timer. The token bucket
class operates on packets, and replenishes tokens at the rate of 1 token/ms. The maximum
token count is 3. If possible,
the class replenishes tokens before any other operations.
A. Given the following packet arrival schedule, fill in the system state: token count,
scheduled departures, and
queued packets, at each packet arrival time. The class is fast enough such that you can
assume packets are sent
instantaneously, if possible.
Packet number Arrival Time Departure Token Count Queued Packets
(msec) Time
0 3 empty
1 1 1 2 empty
2 1.1 1.1 1 empty
3 1.5 1.5 0 empty
4 2 2 0 empty
5 2.7 3 0 5
6 2.9 4 0 5,6
7 3 5 0 6,7
8 3.1 6 0 6,7,8
9 3.2 7 0 6,7,8,9
B. How would you alter the behavior of the token bucket class to turn it into a leaky
bucket with a departure rate of 1 packet/2 ms? Explain.
Remove the token field. Just have the thread wake up every 2 ms and send whatever is at
the head of the queue,
if anything.
Weighted Fair Queueing
An output link for a router runs at 1 Mb/s. Given the packet arrival schedule at a router in the
table below (in real time):
Packet Input Port Real Arrival Size
Time (ms) (bytes)
1 1 0 6
2 2 0 3
3 3 0 2
4 3 2 2
5 2 5 3
6 3 8 2
A. Show the packet departure schedule for a router running the fair queueing algorithm.
Real Number of Virtual Port 1 Port 2 Port 3
Time
(ms) connections Time Finish Service Finish Service Finish Service
Time Time Time
0 3 0.0 6 - 3 - 2 Packet 3
1 3 0.333 6 - 3 - 2
2 3 0.666 6 - 3 - 2.666 Packet 4
3 3 1.000 6 - 3 - 2.666 -
4 2 1.333 6 2 3 Packet 2 2 -
5 2 1.833 6 - 4.833 - - -
6 2 2.333 6 - 4.833 - - -
7 2 2.833 6 - 4.833 Packet 5 - -
8 3 3.333 6 - 4.833 - 6.833 -
9 3 3.666 6 - 4.833 - 6.833 -
10 2 4.000 6 Packet 1 - - 6.833 -
11 2 4.5 6 - - - 6.833 -
12 2 5.0 6 - - - 6.833 -
In the Fair Queuing (FQ) algorithm the goal is approximate a “perfect fluid flow model” when
multiple inputs complete for a single output. In this idealized world each input port gets an equal
share of the available output port bandwidth. However, because packets cannot be divided, the
router’s scheduler can only approximate such an allocation.
Recall the FQ scheduler maintains a virtual clock to schedule outgoing packets. The virtual clock
runs at a rate inversely proportional to the number of packets contending for the output port. At
each packet completion, the FQ scheduler selects the packet with the lowest finish time to go next.
The finish time is computed as the earliest time the packet could have departed in virtual time.
This is either (1) the packet arrival time or (2) the previous packet’s arrival time, plus the size of
the packet. E.g., if the arrival time for packet i is Ai Ai and the size of thepacket is Sii, then the
finish time,Fi i is:Fi=MAX(Fi-1, Ai) +Si

B. What fraction of the total bandwidth available did the flow from input port 1 receive at real
time 8 ms?
The above schedule shows port 1 has had no packets output at time 8 ms, so has received 0% of
the bandwidth

C. What fraction of the bandwidth did the flow from input port 1 receive at real time 12 ms?
The above schedule shows port 1 has had 2 bytes of it’s packet send over the 12 ms interval, so
has received 17% of the bandwidth. i

Little’s Law
The average delay experienced by a packet when traversing a computer network is 100
msec. The average number of packets that cross the network per second is 130
packets/sec. What is the average number of packets in transit in the network?
Solution
Applying Little's law to the network:
Av. number of packets in transit = throughput x average delay = 130 x 0.1 = 13 packets.

M/M/1 queuing systems

On a network gate way, measurements show that the packets arrive at a mean rate of 125 packets per
second(pps) and the gateway takes about 2 milliseconds to forward them. Using an M/M/1 model,
analyze the gateway. What is the probability of buffer overflow if the gateway had only 13 buffers?
How many buffers do we need to keep packet loss below one packet per million?
Solution:
Arrival rate: 125 pps
Service rate: 500pps
Gateway utilization: 0.25
Probability of n packets in gateway: 0.75(0.25)n
Mean number of packets in gateway: 1/3
Mean time spent in gateway: 2.666msec
Probability of buffer overflow= P(more than 13 packets in gateway)=1.49* 10-8 ==14.9 packets loss
per billion packets
To limit the probability of loss to less than 10-6, n>log(10-6)/log(0.25)=9.96, so we need at least 10
buffers.

Substition /Transposition
In the following question, columnar transposition ciphers are used and no padding is
used.
The plaintext is: comparecipherblockchainingwithcipherfeedbackmode
The key is: OBJECTS
Give the ciphertext and show your work.

Answer:
E N C R Y P T
2 3 1 5 7 4 6
t h e m a n w
i l l f l y t
o w a s h i n
g t o n n e x
t w e d n s d
a y a f t e r
n o o n
Cipher Text:
ELAOEAOTIOGTANHLWTWYONYIESEMFSNDFNWTNXDRALHNNT

Encryption(public/private keys)
Suppose your are devising a public key encryption scheme. Recall in public key cryptography
you must devise
an encryption algorithm EA and decryption algorithm DA.
a. Give the equation showing the relationship between EA, DA, the private encryption key K, the
public decryption key D, and the plaintext P.
b. What are the 2 properties that must be true of EA and DA for you scheme to work? One
sentence
for each property will do.
c. In order to receive secret messages, what must A make public?
d. Assume that no decryption key is stolen and A encrypts his first message P (i.e. computes EB
(P))
and sends it to B (They have never had any contact before). If a third person, C, intercepts this
message, can C
read the encrypted message? Why or why not?

Encryption
a. DAD(EAK(P)) = P
b. It is exceedingly difficult to deduce DA from EA;
EA can not be broken by a chosen plaintext attack.
c. A must make its Encryption Key and Encryption Algorithm public.
d. C can not read the encrypted message because only B has the private decryption key, which is
required to read the message.
Digital signatures
Please tell the possible use of digital signatures in public key certification.
Solution:
The certificate issued by the CA(certification authority) should be signed by the CA using digital
signature.

Digest
Compute a third message, different from the two messages in Figure 7.19 in the book, that has the
same checksum as the messages in Figure 7.19. Please explain why this method is not good for
message digest.
Solution: message can be
IOU190.90BOB
Reason:because a (good) message digest algorithm must have the following two properties:
1) Given a message digest value, x, it is computationally infeasible to find a message, y , such
that H(y)=x.
2) It is computationally infeasibble to find any two messages x and y such that H(x)=H(y).