BANGALORE INSTITUTE OF TECHNOLOGY

K.R. ROAD, V.V PURAM, BANGALORE – 560 004

(AFFILIATED TO VTU, BELAGAVI)

DEPARTMENT OF INFORMATION SCIENCE AND ENGINEERING

COMPUTER NETWORKS AND SECURITY

SUBJECT CODE: 18CS52

As per Outcome Based Education (OBE) and Choice Based

Credit System (CBCS)

FOR V SEMESTER ISE AS PRESCRIBED BY VTU

Academic year 2020-2021

Prepared By:
Mohan Babu G, M.Tech
Assistant Professor
Dept. of ISE, BIT
 BANGALORE INSTITUTE OF TECHNOLOGY
K R Road, V V Pura, Bangalore-560004
Department of Information Science & Engineering
TABLE OF CONTENTS
Page
Contents
No.

Vision Mission of Bangalore Institute of Technology i

Vision Mission of Department of Information Science and Engineering ii

iii
Program Outcomes (POs)

Programme Educational Objectives & Program Specific Outcomes iv-v

VTU CNS Syllabus 1-2

Module-1: Application Layer 3-42

Module-2: Transport Layer 43-99

Module-3: Network Layer 100-135

Module-4: Network Security 136-158

Module-5: Multimedia Networking Applications 159-193

Module Wise Questions 194-202

VTU Previous Year Questions

 BANGALORE INSTITUTE OF TECHNOLOGY

VISION
To establish and develop the Institute as the center of higher
learning, ever abreast with expanding horizon of knowledge in the
field of Engineering and Technology with entrepreneurial
thinking, leadership excellence for life-long success and solve
societal problems.

MISSION
 Provide high quality education in the Engineering disciplines
from the undergraduate through doctoral levels with creative
academic and professional programs.
 Develop the Institute as a leader in Science, Engineering,
Technology, Management and Research and apply knowledge
for the benefit of society.
 Establish mutual beneficial partnerships with Industry,
Alumni, Local, State and Central Governments by Public
Service Assistance and Collaborative Research.
 Inculcate personality development through sports, cultural and
extracurricular activities and engage in the social, economic
and professional challenges.

i
 Department of Information Science & Engineering

VISION

Empower every student to be innovative, creative and productive in the

field of Information Technology by imparting quality technical education,
developing skills and inculcating human values.

MISSION

1. To evolve continually as a center of excellence in offering quality

Information Technology Education.
2. To nurture the students to meet the global competency in industry for
Employment.
3. To promote collaboration with industry and academia for constructive
Interaction to empower Entrepreneurship.
4. To provide reliable, contemporary and integrated technology to
support and facilitate Teaching, Learning, Research and Service.

ii
PROGRAMME OUTCOMES (POs)
Students in the Information Science and Engineering programme should at the time
of their graduation be in possession of:

1. Engineering Knowledge: Ability to apply knowledge of mathematics, computing,

science, and engineering.
The graduates of Information Science and Engineering can apply mathematics,
science, computing and engineering knowledge to solve complex engineering
problems.

2. Problem Analysis: Ability to design and conduct experiments, as well as to

analyze and interpret data.
The graduates of Information Science and Engineering will be able to identify,
formulate, research literature and analyze complex engineering problems reaching
substantiated conclusions using mathematics, science, engineering and technology.

3. Design and Development: Ability to design and construct a hardware and

software system, component, or process to meet desired needs, within realistic
constraints.
The graduates of Information Science and Engineering will possess strong
fundamental concepts in design and development of software and hardware
components. The outcome of the design features meets the specified needs of the
society in the following aspects.
 Public administration, health, finance, business, cultural, education and
industry.

4. Conduct Investigations of Complex problems: Ability to identify, formulate, and

solve complex engineering problems.
The graduates of Information Science and Engineering will be able to design,
conduct and demonstrate engineering problems through excellent programming using
analytical, logical and problem solving skills. The obtained result and data can be
interpreted for simulation and synthesis to provide valid conclusions.

5. Modern tool usage: Ability to create and use the techniques, skills and modern
engineering tools necessary for engineering practice.
The graduates of Information Science and Engineering can develop and use IT tools
necessary for resolve complex engineering activity.

6. The Engineer and Society: Ability to understand the impact of engineering

solutions in a global, economic, and societal context.
The graduates of Information Science and Engineering professionals have their
consequential responsibilities to assess the societal, health, safety, legal and cultural
issues locally and globally.

iv
7. Environment and Sustainability: Ability to apply the IT professional knowledge
to produce the sustainable development without affecting environmental issues.
The graduates of Information Science and Engineering professionals works towards
the sustainable growth of the society without causing or having the knowledge of its
effects on the environmental and societal contexts.

8. Ethics: Ability to understand professional, social and ethical responsibility.

The graduates of Information Science and Engineering commits best professional
and ethical practices with social concern by following the norms of professional
engineering practice.

9. Individual and Team work: Ability to function as individual or as a member of

team.
The graduates of Information Science and Engineering will be able to work
effectively as an individual or a member of a team in an IT industry or a multi-
disciplinary organization with a diverse team.

10. Communication: Ability to communicate effectively.

The graduates of Information Science and Engineering will be able to communicate
effectively in both verbal and written forms on complex engineering activities for
engineering community and public and also able to write design documents and
presentations effectively.

11. Project management Finance: Ability to work with good engineering and
managerial skills under proper financial constraints.
The graduates of Information Science and Engineering will be able to understand the
project management techniques and teamwork necessary for successful completion
of projects within the stipulated period with effective utilization of resources and
allocated budget.

12. Life-Long Learning: Ability to recognize the need for and to engage in life-long
learning.
The graduates of Information Science and Engineering will be able recognize the
advances in relevant field by learning and adapting new engineering technologies to
sustain in the modern technological arena.

v
 PROGRAMME EDUCATIONAL OBJECTIVES (PEOs)
1. Uplift the students through Information Technology Education.
2. Provide exposure to emerging technologies and train them to
Employable in multidisciplinary industries.
3. Motivate them to become good professional Engineers and
Entrepreneur.
4. Inspire them to prepare for Higher Learning and Research.

PROGRAM SPECIFIC OUTCOMES (PSO)

1. To provide our graduates with Core Competence in Information

Processing and Management.
2. To provide our graduates with higher learning in Computing Skills.

iii
COMPUTER NETWORKS AND SECURITY-18CS52 2020

COMPUTER NETWORKS AND SECURITY

Subject Code: 18CS52 I.A. Marks: 40
Hours/Week: 04 Exam Hours: 03
Total Hours: 50 Exam Marks: 60

MODULE–1 10 Hours
Application Layer: Principles of Network Applications: Network Application
Architectures, Processes Communicating, Transport Services Available to
Applications, Transport Services Provided by the Internet, Application-Layer
Protocols. The Web and HTTP: Overview of HTTP, Non-persistent and Persistent
Connections, HTTP Message Format, User-Server Interaction: Cookies, Web
Caching, The Conditional GET, File Transfer: FTP Commands & Replies, Electronic
Mail in the Internet: SMTP, Comparison with HTTP, Mail Message Format, Mail
Access Protocols, DNS; The Internet's Directory Service: Services Provided by DNS,
Overview of How DNS Works, DNS Records and Messages, Peer-to-Peer
Applications: P2P File Distribution, Distributed Hash Tables, Socket Programming:
creating Network Applications: Socket Programming with UDP, Socket
Programming with TCP.

MODULE–2 10 Hours
Transport Layer : Introduction and Transport-Layer Services: Relationship
Between Transport and Network Layers, Overview of the Transport Layer in the
Internet, Multiplexing and Demultiplexing: Connectionless Transport: UDP,UDP
Segment Structure, UDP Checksum, Principles of Reliable Data Transfer: Building a
Reliable Data Transfer Protocol, Pipelined Reliable Data Transfer Protocols, Go-
Back-N, Selective repeat, Connection- Oriented Transport TCP: The TCP
Connection, TCP Segment Structure, Round-Trip Time Estimation and Timeout,
Reliable Data Transfer, Flow Control, TCP Connection Management, Principles of
Congestion Control: The Causes and the Costs of Congestion, Approaches to
Congestion Control, Network-assisted congestion-control example, ATM ABR
Congestion control, TCP Congestion Control: Fairness.

MODULE–3 10 Hours
The Network layer: What's Inside a Router?: Input Processing, Switching, Output
Processing, Where Does Queuing Occur? Routing control plane, IPv6,A Brief foray
into IP Security, Routing Algorithms: The Link-State (LS) Routing Algorithm, The
Distance-Vector (DV) Routing Algorithm, Hierarchical Routing, Routing in the
Internet, Intra-AS Routing in the Internet: RIP, Intra-AS Routing in the Internet:

DEPARTMENT OF ISE, BIT Page 1

COMPUTER NETWORKS AND SECURITY-18CS52 2020

OSPF, Inter/AS Routing: BGP, Broadcast and Multicast Routing: Broadcast Routing
Algorithms and Multicast.

MODULE–4 10 Hours
Network Security: Overview of Network Security: Elements of Network Security,
Classification of Network Attacks, Security Methods, Symmetric-Key Cryptography:
Data Encryption Standard (DES), Advanced Encryption Standard (AES), Public-Key
Cryptography: RSA Algorithm, Diffie-Hellman Key-Exchange Protocol,
Authentication: Hash Function, Secure Hash Algorithm (SHA), Digital Signatures,
Firewalls and Packet Filtering, Packet Filtering, Proxy Server

MODULE–5 10 Hours
Multimedia Networking Applications: Properties of video, properties of Audio,
Types of multimedia Network Applications, Streaming stored video: UDP
Streaming, HTTP Streaming, Adaptive streaming and DASH, content distribution
Networks, case studies: Netflix, You Tube and Kankan. Network Support for
Multimedia: Dimensioning Best-Effort Networks, Providing Multiple Classes of
Service, Diffserv, Per-Connection Quality-of- Service (QoS) Guarantees: Resource
Reservation and Call Admission
Question paper pattern:
 The question paper will have TEN questions.
 There will be TWO questions from each module.
 Each question will have questions covering all the topics under a module.
 The students will have to answer FIVE full questions, selecting ONE full question
from each module.
Text Books:
1. James F Kurose and Keith W Ross, Computer Networking, A Top-Down Approach,
Sixth edition, Pearson,2017 .

Reference Books:
1. Behrouz A Forouzan, Data and Communications and Networking, Fifth
Edition,McGraw Hill, Indian Edition
2. Larry L Peterson and Brusce S Davie, Computer Networks, fifth edition, ELSEVIER
3. Andrew S Tanenbaum, Computer Networks, fifth edition, Pearson
4. Mayank Dave, Computer Networks, Second edition, Cengage Learning.

DEPARTMENT OF ISE, BIT Page 2

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Module-1: Application Layer

Principles of Network Applications: Network Application Architectures, Processes
Communicating, Transport Services Available to Applications, Transport Services Provided
by the Internet, Application-Layer Protocols. The Web and HTTP: Overview of HTTP,
Non-persistent and Persistent Connections, HTTP Message Format, User-Server
Interaction: Cookies, Web Caching, The Conditional GET, File Transfer: FTP Commands
& Replies, Electronic Mail in the Internet: SMTP, Comparison with HTTP, Mail Message
Format, Mail Access Protocols, DNS; The Internet's Directory Service: Services Provided
by DNS, Overview of How DNS Works, DNS Records and Messages, Peer-to-Peer
Applications: P2P File Distribution, Distributed Hash Tables, Socket Programming:
creating Network Applications: Socket Programming with UDP, Socket Programming with
TCP.

DEPARTMENT OF ISE, BIT Page 3

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.1. Principles of Network Applications

Suppose you have an idea for a new network application. Perhaps this application Will be a
great service to humanity, or will please your professor, or will bring you Great wealth, or
will simply be fun to develop. Whatever the motivation may be, let’s now examine how
you transform the idea into a real-world network application.
At the core of network application development is writing programs that run on different
end systems and communicate with each other over the network. For example, in the Web
application there are two distinct programs that communicate with each other: the browser
program running in the user’s host (desktop, laptop, tablet, Smartphone, and so on); and the
Web server program running in the Web server host. As another example, in a P2P file-
sharing system there is a program in each host that participates in the file-sharing
community. In this case, the programs in the various hosts may be similar or identical.

• Examples of network-applications:
1) Web
2) File transfers
3) E-mail
4) P2P file sharing
5) Social networking (Facebook, Twitter)
6) Video distribution (YouTube)
7) Real-time video conferencing (Skype)
8) On-line games (World of Warcraft)

• In network-applications, program usually needs to

→ run on the different end-systems and
→ communicate with one another over the network.

• For ex: In the Web application, there are 2 different programs:

1) The browser program running in the user's host (Laptop or Smartphone).
2) The Web-server program running in the Web-serverhost.

1.1.1. Network Application Architectures

• Two approaches for developing an application:
1) Client-Server architecture 2) P2P (Peer to Peer) architecture

1) Client-Server Architecture
• In this architecture, there is a server and many clients distributed over the network
(Figure 1.1a).
• The server is always-on while a client can be randomly run.
• The server is listening on the network and a client initializes the communication.

DEPARTMENT OF ISE, BIT Page 4

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• Upon the requests from a client, the server provides certain services to the client.
• Usually, there is no communication between two clients.
• The server has a fixed IP address.
• A client contacts the server by sending a packet to the server's IP address.
• A server is able to communicate with many clients.
• The applications such as FTP, telnet, Web, e-mail etc use the client-server architecture.

1.1. Data Center

• Earlier, client-server architecture had a single-server host.
• But now, a single-server host is unable to keep up with all the requests from large no. of
clients.
• For this reason, data-center a is used.
• A data-center contains a large number of hosts.
• A data-center is used to create a powerful virtual server.
• In date center, hundreds of servers must be powered and maintained.
• For example:
 Google has around 50 data-centers distributed around the world.
 These 50 data-centers handle search, YouTube, Gmail, and other services.

2) P2P Architecture
• There is no dedicated server (Figure 1.1b).
• Pairs of hosts are called peers.
• The peers communicate directly with each other.
• The peers are not owned by the service-provider. Rather, the peers are laptops controlled
by users.
• Many of today's most popular and traffic-intensive applications are based on P2P
architecture.
• Examples include file sharing (BitTorrent), Internet telephone (Skype) etc.
• Main feature of P2P architectures: self-scalability.
• For ex: In a P2P file-sharing system,
 Each peer generates workload by requesting files.
 Each peer also adds service-capacity to the system by distributing files to other
peers.
• Advantage: Cost effective, normally, server-infrastructure & server bandwidth are not
required.
• Three challenges of the P2P applications:

DEPARTMENT OF ISE, BIT Page 5

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1. ISP Friendly
 Most residential ISPs have been designed for asymmetrical bandwidth usage.
 Asymmetrical bandwidth means there is more downstream-traffic than
upstream-traffic.
 But P2P applications shift upstream-traffic from servers to residential ISPs,
which stress on the ISPs.
2. Security
 Since the highly distribution and openness, P2P applications can be a
challenge to security.
3. Incentive
 Success of P2P depends on convincing users to volunteer bandwidth &
resources to the applications.

Figure 1.1: (a) Client-server architecture; (b) P2P architecture

1.2. Processes Communicating

Before building your network application, you also need a basic understanding of how the
programs, running in multiple end systems, communicate with each other.
In the jargon of operating systems, it is not actually programs but processes that
communicate. A process can be thought of as a program that is running within an end

DEPARTMENT OF ISE, BIT Page 6

COMPUTER NETWORKS AND SECURITY-18CS52 2020

System. When processes are running on the same end system, they can communicate with
each other with interprocess communication, using rules that are governed by the end
system’s operating system

1.2.1 Process
• A process is an instance of a program running in a computer.(IPC inter-process
communication).
• The processes may run on the 1) same system or 2) different systems.
1) The processes running on the same end-system can communicate with each other
using IPC.
2) The processes running on the different end-systems can communicate by exchanging
messages.
i) A sending-process creates and sends messages into the network.
ii) A receiving-process receives the messages and responds by sending messages
back.
1.2.2. Client & Server Processes
• A network-application consists of pairs of processes:
1) The process that initiates the communication is labeled as the client.
2) The process that waits to be contacted to begin the session is labeled as the server.
• For example:
1) In Web application, a client-browser process communicates with a Web-server-
process.
2) In P2P file system, a file is transferred from a process in one peer to a process in
another peer.

1.2.3. Interface between the Process and the Computer Network Socket
• Any message sent from one process to another must go through theunderlying-network.
• A process sends/receives message through a software-interface of underlying-network
called socket.
• Socket is an API between the application-layer and the transport layer within a host
(Figure 1.2).
• The application-developer has complete control at the application-layer side of the
socket.
• But, the application-developer has little control of the transport-layer side of the socket.
For ex: The application-developer can control:
 The choice of transport-protocol: TCP or UDP. (API Application
Programming Interface)
 The ability to fix parameters such as maximum-buffer & maximum-segment-
sizes.

DEPARTMENT OF ISE, BIT Page 7

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 1.2: Application processes, sockets, and transport-protocol

1.2.4. Addressing Processes

• To identify the receiving-process, two pieces of information need to be specified:
1) IP address of the destination-host.
2) Port-number that specifies the receiving-process in the destination-host.
• In the Internet, the host is identified by IP address.
• An IP address is a 32-bit that uniquely identify thehost.
• Sending-process needs to identify receiving-process ‘.’ a host may run several network-
applications.
• For this purpose, a destination port-number is used.
• For example,
A Web-server is identified by port-number 80. A mail-server is identified by port-
number 25.

1.3. Transport Services Available to Applications

• Networks usually provide more than one transport-layer protocols for different
applications.
• An application-developer should choose certain protocol according to the type of
applications.
• Different protocols may provide different services.
What are the services that a transport-layer protocol can offer to applications invoking it?
We can broadly classify the possible services along four dimensions:
Reliable data transfer, throughput, timing, and security.

1. Reliable Data Transfer

• Reliable means guaranteeing the data from the sender to the receiver is delivered

DEPARTMENT OF ISE, BIT Page 8

COMPUTER NETWORKS AND SECURITY-18CS52 2020

correctly. For ex: TCP provides reliable service to an application.

• Unreliable means the data from the sender to the receiver may never arrive. For ex: UDP
provides unreliable service to an application.
• Unreliability may be acceptable for loss-tolerant applications, such as multimedia
applications.
• In multimedia applications, the lost data might result in a small glitch in the audio/video.

2. Throughput
• Throughput is the rate at which the sending-process can deliver bits to the receiving-
process.
• Since other hosts are using the network, the throughput can fluctuate with time.
• Two types of applications:
2.1. Bandwidth Sensitive Applications
 These applications need a guaranteed throughput. For ex: Multimedia applications
 Some transport-protocol provides guaranteed throughput at some specified rate (r
bits/sec).
2.2. Elastic Applications
 These applications may not need a guaranteed throughput. For ex: Electronic
mail, File transfer & Web transfers.

3. Timing
• A transport-layer protocol can provide timing-guarantees.
• For ex: guaranteeing every bit arrives at the receiver in less than 100 msec.
• Timing constraints are useful for real-time applications such as
→ Internet telephony
→ Virtual environments
→ Teleconferencing and
→ Multiplayer games

4. Security
• A transport-protocol can provide one or more security services.
• For example,
1) In the sending host, a transport-protocol can encrypt all the transmitted-data.
2) In the receiving host, the transport-protocol can decrypt the received-data.

DEPARTMENT OF ISE, BIT Page 9

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.4. Transport Services Provided by the Internet

• The Internet makes two transport-protocols available to applications, UDP and TCP.
• An application-developer who creates a new network-application must use either: UDP
or TCP.
• Both UDP & TCP offers a different set of services to the invoking applications.
Table 1.1 shows the service requirements for some selected applications.

Table 1.1: Requirements of selected network-applications

Application Data Loss Throughput Time Sensitive
File transfer/download No loss Elastic No
E-mail No loss Elastic No
Web documents No loss Elastic (few kbps) No
Internet- Loss-tolerant Audio: few kbps–1 Yes: 100s of ms
telephony/ Mbps Video: 10
Video- kbps–5 Mbps
conferencing
Streaming stored audio/video Loss-tolerant Same as above Yes: few seconds
Interactive games Loss-tolerant Few kbps–10 kbps Yes: 100s of ms
Instant messaging No loss Elastic Yes and no

1.4.1. TCP Services

• An application using transport-protocol TCP, receives following 2 services.

1. Connection-Oriented Service
 Before the start of communication, client & server need to exchange control-
information.
 This phase is called handshaking phase.
 Then, the two processes can send messages to each other over the connection.
 After the end of communication, the applications must tear down the connection.
2. Reliable Data Transfer Service
 The communicating processes must deliver all data sent without error & in the
proper order.
• TCP also includes a congestion-control.
• The congestion-control throttles a sending-process when the network is congested.

1.4.2. UDP Services

• UDP is a lightweight transport-protocol, providing minimal services.

DEPARTMENT OF ISE, BIT Page 10

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• UDP is connectionless, so there is no handshaking before the 2 processes start to

communicate.
• UDP provides an unreliable data transfer service.
• Unreliable means providing no guarantee that the message will reach the receiving-
process.
• Furthermore, messages that do arrive at the receiving-process may arrive out-of-order.
• UDP does not include a congestion-control.
• UDP can pump data into the network-layer at any rate.

1.5. Application Layer Protocols

We have just learned that network processes communicate with each other by sending
messages into sockets. But how are these messages structured? What are the meanings of
the various fields in the messages? When do the processes send the messages? These
questions bring us into the realm of application-layer protocols. An application-layer
protocol defines how an application’s processes, running on different end systems, pass
messages to each other. In particular, an application-layer protocol defines:

• The types of messages exchanged, for example, request messages and response
Messages
• The syntax of the various message types, such as the fields in the message and how the
fields are delineated the semantics of the fields, that is, the meaning of the information in
the fields
• Rules for determining when and how a process sends messages and responds to Messages

It is important to distinguish between network applications and application-layer Protocols.

An application-layer protocol is only one piece of a network application Let’s look at a
couple of examples:

Example 1: The Web is a client-server application that allows users to obtain documents
from Web servers on demand. The Web application consists of many components,
including a standard for document formats (that is, HTML), Web browsers (for example,
Firefox and Microsoft Internet Explorer), and web servers (for Example, Apache and
Microsoft servers), and an application-layer protocol. The Web’s application-layer
protocol, HTTP, defines the format and sequence of messages exchanged between browser
and Web server. Thus, HTTP is only one piece of the Web application.

DEPARTMENT OF ISE, BIT Page 11

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Example 2: an Internet e-mail application also has many components, including mail
servers that house user mailboxes; mail clients (such as Microsoft Outlook) that allow users
to read and create messages; a standard for defining the structure of an e-mail message; and
application-layer protocols that define how messages are passed between servers, how
messages are passed between servers and mail clients, and how the contents of message
headers are to be interpreted. The principal application-layer protocol for electronic mail is
SMTP (Simple Mail Transfer Protocol) [RFC 5321]. Thus, e-mail’s principal application-
layer protocol, SMTP, is only one piece (albeit, an important piece) of the e-mail
application.
1.6. The Web & HTTP
• The appearance of Web dramatically changed the Internet.
• Web has many advantages for a lot of applications.
• It operates on demand so that the users receive what they want when they want it.
• It provides an easy way for everyone make information available over the world.
• Hyperlinks and search engines help us navigate through an ocean of Web-sites.
• Forms, JavaScript, Java applets, and many other devices enable us to interact with pages
and sites.
• The Web serves as a platform for many killer applications including YouTube, Gmail,
and Face book.

1.6.1. Overview of Web

• A web-page consists of objects (HTML Hyper Text Markup Language).
• An object is a file such as an HTML file, a JPEG image, a Java applet, a video chip.
• The object is addressable by a single URL (URL Uniform Resource Locator).
• Most Web-pages consist of a base HTML file & several referencedobjects.
• For example:
If a Web-page contains HTML text and five JPEG images; then the Web-page has
six objects:
1) Base HTML file and
2) Five images.
• The base HTML file references the other objects in the page with the object's URLs.
• URL has 2 components:
1) The hostname of the server that houses the object and
2) The object’s path name.
• For example:
“http://www.someSchool.edu/someDepartment/picture.gif”
In above URL,

DEPARTMENT OF ISE, BIT Page 12

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Hostname = “www.someSchool.edu ”
2) Path name = “/some Department/picture.gif”.
• The web browsers implement the client-side of HTTP. For ex: Google Chrome, Internet
Explorer
• The web-servers implement the server-side of HTTP. For ex: Apache

1.6.2. HTTP
• HTTP is Web’s application-layer protocol (Figure 1.3) (HTTP HyperText Transfer
Protocol).
• HTTP defines
→ How clients request Web-pages from servers and
→ How servers transfer Web-pages to clients.

Figure 1.3: HTTP request-response behavior

• When a user requests a Web-page, the browser sends HTTP request to theserver.
• Then, the server responds with HTTP response that contains the requested-objects.
• HTTP uses TCP as its underlying transport-protocol.
• The HTTP client first initiates a TCP connection with theserver.
• After connection setup, the browser and the server-processes access TCP through their
sockets.
• HTTP is a stateless protocol.
• Stateless means the server sends requested-object to client w/o storing state-info about
the client.
• HTTP uses the client-server architecture:
1) Client
 Browser that requests receive and displays Web objects.

DEPARTMENT OF ISE, BIT Page 13

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2) Server
 Web-server sends objects in response to requests.

1.6.3. Non-Persistent & Persistent Connections

• In many internet applications, the client and server communicate for an extended period
of time.
• When this client-server interaction takes place over TCP, a decision should be made:
1) Should each request/response pair be sent over a separate TCP connection or
2) Should all requests and their corresponding responses be sent over same TCP
connection?
• These different connections are called non-persistent connections (1) or persistent
connections (2).
• Default mode: HTTP uses persistent connections.

HTTP with Non-Persistent Connections

• A non-persistent connection is closed after the server sends the requested-object to the
client.
• In other words, the connection is used exactly for one request and one response.
• For downloading multiple objects, multiple connections must beused.
• Suppose user enters URL: "http://www.someSchool.edu/someDepartment/home.index"
• Assume above link contains text and references to 10 jpegimages.

Figure 1.4: Back-of-the-envelope calculation for the time needed to request and receive
an HTML file

DEPARTMENT OF ISE, BIT Page 14

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• Here is how it works:

• RTT is the time taken for a packet to travel from client to server and then back to the
client.
• The total response time is sum of following (Figure 1.4):
i) One RTT to initiate TCP connection (RTT Round Trip Time).
ii) One RTT for HTTP request and first few bytes of HTTP response to return.
iii) File transmission time.
i.e. Total response time = (i) + (ii) + (iii) = 1 RTT+ 1 RTT+ File transmission time
= 2(RTT) + File transmission time
HTTP with Persistent Connections
• Problem with Non-Persistent Connections:
1) A new connection must be established and maintained for each requested-object.
 Hence, buffers must be allocated and state info must be kept in both the client and
server.
 This results in a significant burden on the server.
2) Each object suffers a delivery delay of two RTTs:
i) One RTT to establish the TCP connection and
ii) One RTT to request and receive an object.
• Solution: Use persistent connections.
• With persistent connections, the server leaves the TCP connection open after sending
responses.
• Hence, subsequent requests & responses b/w same client & server can be sent over same
connection
• The server closes the connection only when the connection is not used for a certain
amount of time.

DEPARTMENT OF ISE, BIT Page 15

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• Default mode of HTTP: Persistent connections with pipelining.

• Advantages:
1) This method requires only one RTT for all the referenced-objects.
2) The performance is improved by 20%.

1.6.4. HTTP Message Format

• Two types of HTTP messages: 1) Request-message and 2) Response-message.

HTTP Request Message

Figure 1.5: General format of an HTTP request-message

• An example of request-

GET/somedir/page.html HTTP/1.1
Host: www.someschool.edu
Connection: close
User-agent: Mozilla/5.0
Accept-language: english

• The request-message contains 3 sections (Figure 1.5):

1) Request-line
2) Header-line and
3) Carriage return.
• The first line of message is called the request-line. The subsequent lines are called the
header-lines.
• The request-line contains 3 fields. The meaning of the fields is as follows:
1) Method
 “GET”: This method is used when the browser requests an object from the server.

DEPARTMENT OF ISE, BIT Page 16

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2) URL
“/somedir/page.html”: This is the object requested by the browser.
3) Version
 “HTTP/1.1”: This is version used by the browser.
• The request-message contains 4 header-lines. The meaning of the header-lines is as
follows:
1) “Host: www.someschool.edu” specifies the host on which the object resides.
2) “Connection: close” means requesting a non-persistent connection.
3) “User-agent: Mozilla/5.0” means the browser used is the Firefox.
4) “Accept-language:eng” means English is the preferred language.
• The method field can take following values: GET, POST, HEAD, PUT and DELETE.
1) GET is used when the browser requests an object from the server.
2) POST is used when the user fills out a form & sends to the server.
3) HEAD is identical to GET except the server must not return a message-body in
the response.
4) PUT is used to upload objects to servers.
5) DELETE allows an application to delete an object on a server.

HTTP Response Message

Figure 1.6: General format of an HTTP response-message

• An example of response- Mesage

HTTP/1.1 200 OK
Connection: Close
Date: Tue, 09 Aug 2011 15:44:04 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 09 Aug 2011 15:11:03 GMT
Content-Length: 6821
Content-Type: text/html (data data data data data ...)

DEPARTMENT OF ISE, BIT Page 17

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• The response-message contains 3 sections (Figure 1.6):

1) Status line
2) Header-lines and
3) Data (Entity body).
• The status line contains 3 fields:
1) Protocol version
2) Status-code and
3) Status message.
• Some common status-codes and associated messages include:
1) 200 OK: Standard response for successful HTTP requests.
2) 400 Bad Request: The server cannot process the request due to a client error.
3) 404 Not Found: The requested resource cannot be found.
• The meaning of the Status line is as follows:
“HTTP/1.1 200 OK”: This line indicates the server is using HTTP/1.1 & that
everything is OK.
• The response-message contains 6 header-lines. The meaning of the header-lines is as
follows:
1) Connection: This line indicates browser requesting a non-persistent connection.
2) Date: This line indicates the time & date when the response was sent by the
server.
3) Server: This line indicates that the message was generated by an ApacheWeb-
server.
4) Last-Modified: This line indicates the time & date when the object was last
modified.
5) Content-Length: This line indicates the number of bytes in the sent-object.
6) Content-Type: This line indicates that the object in the entity body is HTML
text.

1.7. User-Server Interaction: Cookies

• Cookies refer to a small text file created by a Web-site that is stored in the user's
computer.
• Cookies are stored either temporarily for that session only or permanently on the hard
disk.
• Cookies allow Web-sites to keep track of users.
• Cookie technology has four components:
1) A cookie header-line in the HTTP response-message.
2) A cookie header-line in the HTTP request-message.

DEPARTMENT OF ISE, BIT Page 18

COMPUTER NETWORKS AND SECURITY-18CS52 2020

3) A cookie file kept on the user’s end-system and managed by the user’sbrowser.
4) A back-end database at the Web-site.

Figure 1.7: Keeping user state with cookies

• Here is how it works (Figure 1.7):

1) When a user first time visits a site, the server
→ creates a unique identification number (1678) and
→ creates an entry in its back-end database by the identification number.
2) The server then responds to user’s browser.
 HTTP response includes Set-cookie: header which contains the identification
number (1678)
3) The browser then stores the identification number intothe cookie-file.
4) Each time the user requests a Web-page, the browser
→ extracts the identification number from the cookie file, and
→ puts the identification number in the HTTP request.
5) In this manner, the server is able to track user’s activity at the web-site.
• Here is how it works (Figure 1.7):
1. When a user first time visits a site, the server

DEPARTMENT OF ISE, BIT Page 19

COMPUTER NETWORKS AND SECURITY-18CS52 2020

→ creates a unique identification number (1678) and

→ creates an entry in its back-end database by the identification number.
2. The server then responds to user’s browser.
 HTTP response includes Set-cookie: header which contains the identification
number (1678)
3. The browser then stores the identification number intothe cookie-file.
4. Each time the user requests a Web-page, the browser
→ extracts the identification number from the cookie file, and
→ puts the identification number in the HTTP request.
5. In this manner, the server is able to track user’s activity at the web-site.

1.8. Web Caching

• Web-cache is a network entity that satisfies HTTP requests on the behalf of an original
Web-server.
• The Web-cache has disk-storage.
• The disk-storage contains copies of recently requested-objects.

Figure 1.8: Clients requesting objects through a Web-cache (or Proxy Server)

• Here is how it works (Figure 1.8):

1) The user's HTTP requests are first directed to the web-cache.
2) If the cache has the object requested, the cache returns the requested-object to the
client.
3) If the cache does not have the requested-object, then the cache
→ connects to the original server and
→ asks for the object.
4) When the cache receives the object, the cache
→ stores a copy of the object in local-storage and
→ sends a copy of the object to the client.
• A cache acts as both a server and a client at the same time.

DEPARTMENT OF ISE, BIT Page 20

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) The cache acts as a server when the cache

→ receives requests from a browser and
→ sends responses to the browser.
2) The cache acts as a client when the cache
→ requests to an original server and
→ receives responses from the origin server.
• Advantages of caching:
1) To reduce response-time for client-request.
2) To reduce traffic on an institution’s access-link to the Internet.
3) To reduce Web-traffic in the Internet.

The Conditional GET

• Conditional GET refers a mechanism that allows a cache to verify that the objects are up
to date.
• An HTTP request-message is called conditional GET if
1) Request-message uses the GET method and
2) Request-message includes an If-Modified-Since: header-line.
• The following is an example of using conditional GET:
GET /fruit/kiwi.fig
HTTP1.1 Host:
www.exoriguecuisine.com
• The response is:
HTTP/1.1 304 Not Modified
Date: Sat, 15 Oct 2011 15:39:29

1.9. File Transfer: FTP

• FTP is used by the local host to transfer files to or from a remote-host over the network.
• FTP uses client-server architecture (Figure 1.9).
• FTP uses 2 parallel TCP connections (Figure 1.10):
1) Control Connection
 The control-connection is used for sending control-information b/w local and
remote-hosts.
 The control-information includes:
→ User identification
→ Password
→ Commands to change directory and

DEPARTMENT OF ISE, BIT Page 21

COMPUTER NETWORKS AND SECURITY-18CS52 2020

→ commands to put & get files.

2) Data Connection
 The data-connection is used to transfer files.

Figure 1.9: FTP moves files between local and remote file systems

Figure 1.10: Control and data-connections

• Here is how it works:

1) When session starts, the client initiates a control-connection with the server on
port 21.
2) The client sends user-identity and password over the control-connection.
3) Then, the server initiates data-connection to the client on port 20.
4) FTP sends exactly one file over the data-connection and then closes the data-
connection.
5) Usually, the control-connection remains open throughout the duration of the user-
session.
6) But, a new data-connection is created for each file transferred within a session.
• During a session, the server must maintain the state-information about the user.
• For example:
The server must keep track of the user's current directory.
• Disadvantage:
Keeping track of state-info limits the no. of sessions maintained simultaneously by a
server.
FTP Commands & Replies
• The commands are sent from client to server.

DEPARTMENT OF ISE, BIT Page 22

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• The replies are sent from server to client.

• The commands and replies are sent across the control-connection in 7-bit ASCII format.
• Each command consists of 4-uppercase ASCII characters followed by optional
arguments.
• For example:
1) USER username
 Used to send the user identification to the server.
2) PASS password
 Used to send the user password to the server.
3) LIST
 Used to ask the server to send back a list of all the files in the current remote
directory.
4) RETR filename
 Used to retrieve a file from the current directory of the remote-host.
5) STOR filename
 Used to store a file into the current directory of the remote-host.
• Each reply consists of 3-digit numbers followed by optional message.
• For example:
1) 331 Username OK, password required.
2) 125 Data-connection already open; transfer starting.
3) 425 Can’t open data-connection.
4) 452 Error writing file.

1.10. Electronic Mail in the Internet

• E-mail is an asynchronous communication medium in which people send and read
messages.
• E-mail is fast, easy to distribute, and inexpensive.
• e-mail has features such as
→ Messages with attachments
→ Hyperlinks
→ HTML-formatted text and
→ embedded photos.
• Three major components of an e-mail system (Figure 1.11):
1) User Agents
 User-agents allow users to read, reply to, forward, save and compose messages.
 For example: Microsoft Outlook and Apple Mail
2) Mail Servers

DEPARTMENT OF ISE, BIT Page 23

COMPUTER NETWORKS AND SECURITY-18CS52 2020

 Mail-servers contain mailboxes for users.

 A message is first sent to the sender's mail-server.
 Then, the sender’s mail-server sends the message to the receiver's mail-server.
 If the sender’s server cannot deliver mail to receiver’s server, the sender’s server
→ holds the message in a message queue and
→ attempts to transfer the message later.

1.10.1. SMTP (Simple Mail Transfer Protocol)

 SMTP is an application-layer protocol used for email.
 SMTP uses TCP to transfer mail from the sender’s mail-server to the recipient’s
mail-server.
 SMTP has two sides:
1) A client-side, which executes on the sender’s mail-server.
2) A server-side, which executes on the recipient’s mail-server.
 Both the client and server-sides of SMTP run on every mail-server.
 When a mail-server receives mail from other mail-servers, the mail-server acts as
a server. When a mail-server sends mail to other mail-servers, the mail-server
acts as a client.

Figure 1.11: A high-level view of the Internet e-mail system

DEPARTMENT OF ISE, BIT Page 24

COMPUTER NETWORKS AND SECURITY-18CS52 2020

SMTP
• SMTP is the most important protocol of the email system.
• Three characteristics of SMTP (that differs from other applications):
 Message body uses 7-bit ASCII code only.
 Normally, no intermediate mail-servers used for sending mail.
 Mail transmissions across multiple networks through mail relaying.
• Here is how it works:
1) Usually, mail-servers are listening at port 25.
2) The sending server initiates a TCP connection to the receiving mail-server.
3) If the receiver's server is down, the sending server will try later.
4) If connection is established, the client & the server perform application-layer
handshaking.
5) Then, the client indicates the e-mail address of the sender and the recipient.
6) Finally, the client sends the message to the server over the same TCP connection.

1.10.2. Comparison of SMTP with HTTP

1) HTTP is mainly a pull protocol. This is because
→ someone loads information on a web-server and
→ Users use HTTP to pull the information from the server.
 On the other hand, SMTP is primarily a push protocol. This is because
→ the sending mail-server pushes the file to receiving mail-server.
2) SMTP requires each message to be in seven-bit ASCII format.
 If message contains binary-data, the message has to be encoded into 7-bit ASCII
format.
 HTTP does not have this restriction.
3) HTTP encapsulates each object of message in its own response-message.
 SMTP places all of the message's objects into one message.

1.10.3. Mail Access Protocols

• It is not realistic to run the mail-servers on PC & laptop. This is because
→ mail-servers must be always-on and
→ mail-servers must have fixed IP addresses
• Problem: How a person can access the email using PC or laptop?
• Solution: Use mail access protocols.
• Three mail access protocols:
1) Post Office Protocol (POP)
2) Internet Mail Access Protocol (IMAP) and
3) HTTP.

DEPARTMENT OF ISE, BIT Page 25

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.10.3.1. POP
• POP is an extremely simple mail access protocol.
• POP server will listen at port 110.
• Here is how it works:
 The user-agent at client's computer opens a TCP connection to the main server.
 POP then progresses through three phases:
1) Authentication
 The user-agent sends a user name and password to authenticate the user.
2) Transaction
 The user-agent retrieves messages.
 Also, the user-agent can
→ mark messages for deletion
→ remove deletion marks &
→ obtain mail statistics.
 The user-agent issues commands, and the server responds to each command with
a reply.
 There are two responses:
i) +OK: used by the server to indicate that the previous command was fine.
ii) –ERR: used by the server to indicate that something is wrong.
3) Update
 After user issues a quit command, the mail-server removes all messages marked
fordeletion.
• Disadvantage:
The user cannot manage the mails at remote mail-server. For ex: user cannot delete
messages.

1.10.3.2. IMAP
• IMAP is another mail access protocol, which has more features than POP.
• An IMAP server will associate each message with a folder.
• When a message first arrives at server, the message is associated with recipient's INBOX
folder
• Then, the recipient can
→ move the message into a new, user-created folder
→ read the message
→ delete the message and
→ search remote folders for messages matching specific criteria.
• An IMAP server maintains user state-information across IMAP sessions.

DEPARTMENT OF ISE, BIT Page 26

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• IMAP permits a user-agent to obtain components of messages.

For example, a user-agent can obtain just the message header of a message.

1.10.3.3. Web-Based E-Mail

• HTTPs are now used for Web-based email accessing.
• The user-agent is an ordinary Web browser.
• The user communicates with its remote-server via HTTP.
• Now, Web-based emails are provided by many companies including Google, Yahoo etc.

1.11. DNS — The Internet’s Directory Service

• DNS is an internet service that translates domain-names into IP addresses.
For ex: the domain-name “www.google.com” might translate to IP address
“198.105.232.4”.
• Because domain-names are alphabetic, they are easier to remember for human being.
• But, the Internet is really based on IP addresses (DNS Domain Name System).
1.11.1. Services Provided by DNS
• The DNS is
1) A distributed database implemented in a hierarchy of DNS servers.
2) An application-layer protocol that allows hosts to query the distributed database.
• DNS servers are often UNIX machines running the BIND software.
• The DNS protocol runs over UDP and uses port 53. (BIND Berkeley Internet Name
Domain)
• DNS is used by application-layer protocols such as HTTP, SMTP, and FTP.
• Assume a browser requests the URL www.someschool.edu/index.html.
• Next, the user’s host must first obtain the IP address of www.someschool.edu

This is done as follows:

1) The same user machine runs the client-side of the DNS application.
2) The browser
→ extracts the hostname “www.someschool.edu” from the URL and
→ passes the hostname to the client-side of the DNS application.
3) The client sends a query containing the hostname to a DNS server.
4) The client eventually receives a reply, which includes the IP address for the
hostname.
5) After receiving the IP address, the browser can initiate a TCP connection to the
HTTP server.
• DNS also provides following services:

DEPARTMENT OF ISE, BIT Page 27

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Host Aliasing
 A host with a complicated hostname can have one or more alias names.

2) Mail Server Aliasing

 For obvious reasons, it is highly desirable that e-mail addresses be mnemonic.

3) Load Distribution
 DNS is also used to perform load distribution among replicated servers.
 Busy sites are replicated over multiple servers & each server runs on a different
system.

1.11.2. Overview of How DNS Works

• Distributed database design is more preferred over centralized design because:
1) A Single Point of Failure
 If the DNS server crashes then the entire Internet will notstop.

2) Traffic Volume
 A Single DNS Server cannot handle the huge global DNS traffic.
 But with distributed system, the traffic is distributed and reduces overload on
server.

3) Distant Centralized Database

 A single DNS server cannot be “close to” all the querying clients.
 If we put the single DNS server in Mysore, then all queries from USA must travel
to the other side of the globe.
 This can lead to significant delays.

4) Maintenance
 The single DNS server would have to keep records for all Internet hosts.
 This centralized database has to be updated frequently to account for every new
host.

DEPARTMENT OF ISE, BIT Page 28

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.11.3. A Distributed, Hierarchical Database

Figure 1.12: Portion of the hierarchy of DNS servers

•Suppose a client wants to determine IP address for hostname “www.amazon.com”

(Figure 1.12):
1) The client first contacts one of the root servers, which returns IP addresses for
TLD servers
2) Then, the client contacts one of these TLD servers.
 The TLD server returns the IP address of an authoritative-server for
“amazon.com”.
3) Finally, the client contacts one of the authoritative-servers for amazon.com. The
authoritative-server returns the IP address for the hostname “www.amazon.com”.
There are three classes of DNS servers:
1. Root DNS Servers: In the Internet there are 13 root DNS servers (labeled A through
M), most of which are located in North America. An October 2006 map of the root
DNS servers is shown in Figure 2.20; a list of the current root DNS servers is
available via [Root-servers 2012]. Although we have referred to each of the 13 root
DNS servers as if it were a single server, each “server” is actually a network of
replicated servers, for both security and reliability purposes. All together, there are
247 root servers as of fall 2011.

2.Top-level domain (TLD) Servers: These servers are responsible for top-level
Domains such as com, org, net, edu, and gov, and all of the country top-level
domains such as uk, fr, ca, and jp. The company Verisign Global Registry Services
Maintains the TLD servers for the com top-level domain, and the company Educause
maintains the TLD servers for the edu top-level domain.

3. Authoritative DNS servers. Every organization with publicly accessible hosts

(Such as Web servers and mail servers) on the Internet must provide publicly
accessible DNS records that map the names of those hosts to IP addresses. An

DEPARTMENT OF ISE, BIT Page 29

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Organization’s authoritative DNS server houses these DNS records. An organization

can choose to implement its own authoritative DNS server to hold these records;
alternatively, the organization can pay to have these records stored in an authoritative
DNS server of some service provider. Most universities and large companies
implement and maintain their own primary and secondary (backup) authoritative
DNS server.

1.11.4. Recursive Queries & Iterative Queries

Figure 1.13: Interaction of the various DNS servers

• The example shown in Figure 1.13 makes use of both recursive queries and iterative
queries.
• The query 1 sent from cis.poly.edu to dns.poly.edu is a recursive query. This is because
→ the query asks dns.poly.edu to obtain the mapping on its behalf.
• But the subsequent three queries 2, 4 and 6 are iterative. This is because
→ all replies are directly returned to dns.poly.edu.

1.11.5. DNS Records & Messages

DNS Records:
• The DNS server stores resource-records (RRs).
• RRs provide hostname-to-IP address mappings.
• Each DNS reply message carries one or more resource-records.

DEPARTMENT OF ISE, BIT Page 30

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• A resource-record is a 4-tuple that contains the following fields: (Name, Value, Type,
TTL)
• TTL (time to live) determines when a resource should be removed from a cache.
• The meaning of Name and Value depend on Type:
1) If Type=A, then Name is a hostname and Value is the IP address for the
hostname.
 Thus, a Type A record provides the standard hostname-to-IP address mapping. For
ex: (relay1.bar.foo.com, 145.37.93.126, A)
2) If Type=NS, then
i) Name is a domain (such as foo.com) and
ii) Value is the hostname of an authoritative DNS server.
 This record is used to route DNS queries further along in the query chain. For ex:
(foo.com, dns.foo.com, NS) is a Type NS record.
3) If Type=CNAME, then Value is a canonical hostname for the alias hostname
Name.
 This record can provide querying hosts the canonical name for a hostname. For
ex: (foo.com, relay1.bar.foo.com, CNAME) is a CNAME record.
4) If Type=MX, Value is the canonical name of a mail-server that has an alias
hostname Name.
 MX records allow the hostnames of mail-servers to have simple aliases. For ex:
(foo.com, mail.bar.foo.com, MX) is an MX record.
DNS Messages
• Two types of DNS messages: 1) query and 2) reply.
• Both query and reply messages have the same format.

Figure 1.14: DNS message format

DEPARTMENT OF ISE, BIT Page 31

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• The various fields in a DNS message are as follows (Figure 1.14):

1) Header Section
• The first 12 bytes is the header-section.
• This section has following fields:
i) Identification
 This field identifies the query.
 This identifier is copied into the reply message to a query.
 This identifier allows the client to match received replies with sent queries.
ii) Flag
 This field has following 3 flag-bits:
a) Query/Reply
¤ This flag-bit indicates whether the message is a query (0) or a reply
b) Authoritative
¤ This flag-bit is set in a reply message when a DNS server is an
authoritative-server.
c) Recursion Desired
¤ This flag-bit is set when a client desires that the DNS server perform
recursion.
iii) Four Number-of-Fields
 These fields indicate the no. of occurrences of 4 types of data sections that follow
the header.
2) Question Section
• This section contains information about the query that is being made.
• This section has following fields:
i) Name
 This field contains the domain-name that is being queried.
ii) Type
 This field indicates the type of question being asked about the domain-name.
3) Answer Section
• This section contains a reply from a DNS server.
• This section contains the resource-records for the name that was originally queried.
• A reply can return multiple RRs in the answer, since a hostname can have multiple IP
addresses.
4) Authority Section
• This section contains records of other authoritative-servers.
5) Additional Section
• This section contains other helpful records.

DEPARTMENT OF ISE, BIT Page 32

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.12. Peer-to-Peer Applications

• Peer-to-peer architecture is different from client-server architecture.
• In P2P, each node (called peers) acts as a client and server at the same time.
• The peers are not owned by a service-provider.
• The peers not supposed to be always listening on the Internet.
• The peers are dynamic, i.e., some peers will join some peers will leave from time to time.

1.12.1. P2P File Distribution

• One popular P2P file distribution protocol is BitTorrent
• Consider the following scenarios:
Suppose a server has a large file and ‘N’ computers want to download the file (Figure
1.15).
1) In client-server architecture, each of the N computers will
→ connect to the server &
→ download a copy of the file to local-host.
2) In P2P architecture, a peer need not necessarily download a copy from the server.
 Rather, the peer may download from other peers.

Figure 1.15: An illustrative file distribution problem

• Let us define the following:

Length of the file = F
Upload rate for the server = us
Upload rate for ith computer = ui

DEPARTMENT OF ISE, BIT Page 33

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Download-rate for ith computer = di

Distribution-time for the client-server architecture = Dcs
Server needs transmit = NF bits.
Lowest download-rate of peer = dmin
Distribution-time for the P2P architecture = DP2P

Case 1: Client-Server Architecture

• We have 2 observations:
1) The server must transmit one copy of the file to each of the N peers.
 Since the server's upload rate is us, the distribution-time is at least NF/us.
2) The peer with the lowest download-rate cannot obtain all F bits of the file in less
than F/dmin.
 Thus, the minimum distribution-time is at least F/ dmin.
• Putting above 2 observations together, we have

Case 2: P2P Architecture

• We have 2 observations:
1) At the beginning of the distribution, only the server has the file.
 So, the minimum distribution-time is at least F/us.
2) The peer with the lowest download-rate cannot obtain all F bits of the file in less
than F/dmin.
 Thus, the minimum distribution-time is at least F/ dmin.
3) The total upload capacity of the system as a whole is utotal = us + u1 + u2 . . . + uN.
 The system must deliver F bits to each of the N peers.
 Thus, the minimum distribution-time is at least NF/( us + u1 + u2 . . . + uN).
• Putting above 3 observations together, we have

• Figure 1.16 compares the minimum distribution-time for the client-server and P2P
architectures.

DEPARTMENT OF ISE, BIT Page 34

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 1.16: Distribution-time for P2P and client-server architectures

• The above comparison shows that when N is large,

i) P2P architecture is consuming less distribution-time.
ii) P2P architecture is self-scaling.

Bittorrent
• The collection of all peers participating in the distribution of a particular file is called a
torrent.
• Peers download equal-size chunks of the file from one another. Chunk size = 256
KBytes.
• The peer also uploads chunks to other peers.
• Once a peer has acquired the entire file, the peer may leave the torrent or remain in the
torrent.
• Each torrent has an infrastructure node called tracker.
• Here is how it works (Figure 1.17):
1) When a peer joins a torrent, the peer
→ registers itself with the tracker and
→ periodically informs the tracker that it is in the torrent.
2) When a new peer joins the torrent, the tracker
→ randomly selects a subset of peers from the set of participating peers and
→ sends the IP addresses of these peers to the new peer.
3) Then, the new peer tries to establish concurrent TCP connections with all peers
on this list.
 All peers on the list are called neighboring-peers.
4) Periodically, the new peer will ask each of the neighboring-peers for the set of
chunks.
DEPARTMENT OF ISE, BIT Page 35
COMPUTER NETWORKS AND SECURITY-18CS52 2020

• To choose the chunks to download, the peer uses a technique called rarest-first.
• Main idea of rarest-first:
→ Determine the chunks that are the rarest among the neighbors and
→ Request then those rarest chunks first.

Figure 1.17: File distribution with BitTorrent

1.13. Distributed Hash Table

• We can use P2P architecture to form a distributed database.
• We consider a simple database, which contains (key, value) pairs.
• Each peer will only hold a small subset of the data.
• Any peer can query the distributed database with a particular key.
• Then, the database will
→ locate the peers that have the corresponding (key, value) pairs and
→ return the key-value to the querying peer.
• Any peer will also be allowed to insert new key-value pairs into the database.
• Such a distributed database is referred to as a distributed hash table (DHT).
• To construct the database, we need to use some hash-functions.
• The input of a hash-function can be a large number.
But the output of the hash-function is of fixed-size bit-string.
• The outline of building a DHT is as follows:
1) Assign an identifier to each peer, where the identifier is an n-bit string.
 So, we can view the identifier as an integer at the range from 0 to 2n-1.
2) For a data pair (key, value), the hash value of the key is computed.
 Then the data is stored in the peer whose identifier is closest to the key.
3) To insert or retrieve data, first we need to find the appropriate peer.
DEPARTMENT OF ISE, BIT Page 36
COMPUTER NETWORKS AND SECURITY-18CS52 2020

 Problem: It is not realistic to let the peer to store all of the other peer's identifiers.
Solution: Use a circular arrangement.

Figure 1.18: (a) A circular DHT. Peer 3 wants to determine who is responsible for key 11.
(b) A circular DHT with shortcuts

1.13.1. Circular Arrangement

• In this example, the identifiers are range [0, 15] (4-bit strings) and there are eight peers.
• Each peer is only aware of its immediate successor and predecessor (Figure 1.18a).
• So, each peer just needs to track two neighbors.
• When a peer asks for a key, the peer sends the message clockwise around the circle.
• For example:
 The peer 4 sends a message saying “Who is responsible for key 11?"
 The message will forward through peers 5, 8, 10 and reach peer 12.
 The peer 12 determines that it is the closest peer to key 11.
 At this point, peer 12 sends a message back to the querying peer 4.
• But when the circle is too large, a message may go through a large number of peers to
get answer.
• Problem: There is tradeoff between
i) Number of neighbors each peer has to track and
ii) Number of message to be sent to resolve a single query.
• Solution: To reduce the query time, add “shortcuts" to the circular arrangement (Figure
1.18b).
1.14. Socket Programming: Creating Network Applications
• Two types of network-applications:
1) First type is an implementation whose operation is specified in a protocol
standard (RFC)

DEPARTMENT OF ISE, BIT Page 37

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Such an application is referred to as “open”.


 The client & server programs must conform to the rules dictated by the RFC.
2) Second type is a proprietary network-application.
 The client & server programs use an application-layer protocol not openly
published in a RFC.
 A single developer creates both the client and server programs.
 The developer has complete control over the code.
• During development phase, the developer must decide whether the application uses TCP
or UDP.

1.14.1. Socket Programming with UDP

• Consider client-server application in which following events occurs:
1) The client
→ reads a line of characters (data) from the keyboard and
→ sends the data to the server.
2) The server receives the data and converts the characters to uppercase.
3) The server sends the modified data to the client.
4) The client receives the modified data and displays the line on its screen.

Figure 1.19: The client-server application using UDP

• The client-side of the application is as follows (Figure 1.19):

DEPARTMENT OF ISE, BIT Page 38

COMPUTER NETWORKS AND SECURITY-18CS52 2020

from socket import * //This line declares socket within the program.
serverName = ‘hostname’ // This line sets the server name to “hostname”.
serverPort = 12000 // This line sets the server port# to “12000”.
clientSocket = socket(socket.AF_INET, socket.SOCK_DGRAM) //This line creates the client’s socket
message = raw_input(’Input lowercase sentence:’) //This line reads the data at the client
clientSocket.sendto(message,(serverName, serverPort)) //This line sends data into the socket
modifiedMessage, serverAddress = clientSocket.recvfrom(2048) // This line receives data from socket
print modifiedMessage //This line displays received-data on the screen
clientSocket.close() //This line closes the socket. The process then terminates.

Here, AF_INET indicates address family

SOCK_DGRAM indicates UDP as socket type contains server’s IP address & port#
• The server-side of the application is as follows:

from socket import

* serverPort =
12000
serverSocket = socket(AF_INET, SOCK_DGRAM)
serverSocket.bind((’’, serverPort)) // This line assigns the port# 12000 to the server’s socket.
print ”The server is ready to receive”
while 1:
message, clientAddress = serverSocket.recvfrom(2048)
modifiedMessage = message.upper() // This line converts data to upper case
serverSocket.sendto(modifiedMessage, clientAddress)

1.14.2. Socket Programming with TCP

DEPARTMENT OF ISE, BIT Page 39

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 1.20: The client-server application using TCP

• The client-side of the application is as follows (Figure 1.20):

from socket import *

serverName = ’servername’
serverPort = 12000
clientSocket = socket(AF_INET, SOCK_STREAM)
clientSocket.connect((serverName,serverPort)) // This line initiates TCP connection b/w client & server
sentence = raw_input(‘Input lowercase sentence:’)
clientSocket.send(sentence)
modifiedSentence = clientSocket.recv(1024)
print ‘From Server:’, modifiedSentence
clientSocket.close()
COMPUTER NETWORKS AND SECURITY-18CS52 2020

• The server-side of the application is as follows:

from socket import *

serverPort = 12000
serverSocket = socket(AF_INET,SOCK_STREAM)
serverSocket.bind((‘’,serverPort))
serverSocket.listen(1) // This line specifies no. of connection-requests from the client to server
print ‘The server OF
DEPARTMENT is ready
ISE,toBIT
receive’ Page 40
while 1:
connectionSocket, addr=serverSocket.accept() //allows server to accept connection request from client
sentence = connectionSocket.recv(1024)
 COMPUTER NETWORKS AND SECURITY-18CS52 2020

Differences between client-server and Peer-Peer

Basis for Client-Server Peer-Peer
Comparison
Basic There is a specific server and Clients and server are not
specific clients connected to distinguished; each node
the server act as client and server.
Service The client request for service Each node can request for
and server respond with the services and can also
service provide the services.
Focus Sharing the information. Connectivity.
Data The data is stored in a Each peer has its own
centralized server. data.
Server When several clients request As the services are
for the servicesprovided by several
simultaneously, a server can servers distributed in the
get bottlenecked. peer-to-peer system, a
server in not bottlenecked.
Expensive The client-server are Peer-to-peer are less
expensive to implement. expensive to implement.
Stability Client-Server is more stable Peer-to Peer suffers if the
and scalable. number of peers increases
in the system.

DEPARTMENT OF ISE, BIT Page 41

COMPUTER NETWORKS AND SECURITY-18CS52 2020

MODULE-WISE QUESTIONS

PART 1
1) Explain client-server & P2P architecture. (8*)
2) With block diagram, explain how application processes communicate through a socket.
(8*)
3) Explain 4 transport services available to applications. (4)
4) Briefly explain 2 transport layer protocols. (4)
5) With block diagram, explain the working of Web & HTTP. (8*)
6) Explain HTTP non-persistent & persistent connections. (8*)
7) With general format, explain HTTP request- & response-messages. (8*)
8) With a diagram, explain how cookies are used in user-server interaction. (6*)
9) With a diagram, explain the working of web caching. (6*)
10) With a diagram, explain the working of FTP. (6*)

PART 2
11) With a diagram, explain the working of e-mail system. (6*)
12) Briefly explain 3 mail access protocols. (6*)
13) Briefly explain the working of DNS. (8*)
14) With general format, explain DNS messages. (6*)
15) Explain P2P File Distribution. (6)
16) With a diagram, explain the working of BitRorrent. (6*)
17) With a diagram, explain the working of Distributed Hash Table. (6)
18) Draw flow diagram for the client-server application using TCP. Also, write code
for the client- & server-sides of the application. (8*)
19) Draw flow diagram for the client-server application using UDP. Also, write
code for the client- & server-sides of the application. (8)

DEPARTMENT OF ISE, BIT Page 42

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Module-2: Transport Layer

Introduction and Transport-Layer Services: Relationship Between Transport and Network
Layers, Overview of the Transport Layer in the Internet, Multiplexing and Demultiplexing:
Connectionless Transport: UDP,UDP Segment Structure, UDP Checksum, Principles of
Reliable Data Transfer: Building a Reliable Data Transfer Protocol, Pipelined Reliable Data
Transfer Protocols, Go-Back-N, Selective repeat, Connection-Oriented Transport TCP: The
TCP Connection, TCP Segment Structure, Round-Trip Time Estimation and Timeout,
Reliable Data Transfer, Flow Control, TCP Connection Management, Principles of
Congestion Control: The Causes and the Costs of Congestion, Approaches to Congestion
Control, Network-assisted congestion-control example, ATM ABR Congestion control,
TCP Congestion Control: Fairness.

DEPARTMENT OF ISE, BIT Page 43

 COMPUTER NETWORKS AND SECURITY-18CS52 2020

Introduction and Transport Layer Services

• A transport-layer protocol provides logical-communication b/w application-
processes running on different hosts.
• Transport-layer protocols are implemented in the end-systems but not in network-routers.
• On the sender, the transport-layer
→ receives messages from an application-process
→ converts the messages into the segments and
→ passes the segment to the network-layer.
• On the receiver, the transport-layer
→ receives the segment from the network-layer
→ converts the segments into to the messages and
→ passes the messages to the application-process.
• The Internet has 2 transport-layer protocols: TCP and UDP

2.1. Relationship between Transport and Network Layers

A transport-layer protocol provides logical-communication b/w processes running on
different hosts. Whereas, a network-layer protocol provides logical-communication
between hosts.
• Transport-layer protocols are implemented in the end-systems but not in network-routers.
• Within an end-system, a transport protocol
→ moves messages from application-processes to the network-layer and vice versa.
→ but doesn't say anything about how the messages are moved within the network-core.
• The routers do not recognize any information which is appended to the messages by the
transport- layer.
2.2. Overview of the Transport Layer in the Internet
• When designing a network-application, we must choose either TCP or UDP as transport
protocol.
 UDP (User Datagram Protocol)
 UDP provides a connectionless service to the invoking application.
 The UDP provides following 2 services:
i) Process-to-process data delivery and
ii) Error checking.
 UDP is an unreliable service i.e. it doesn’t guarantee data will arrive to
destination-process.
 TCP (Transmission Control Protocol)
 TCP provides a connection-oriented service to the invoking application.
 The TCP provides following 3 services:

DEPARTMENT OF ISE, BIT Page 44

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Reliable data transfer i.e. guarantees data will arrive to destination-process

correctly.
2) Congestion control and
3) Error checking.

2.3. Multiplexing and Demultiplexing

• A process can have one or more sockets.
• The sockets are used to pass data from the network to the process and vice versa.
1) Multiplexing
 At the sender, the transport-layer
→ gathers data-chunks at the source-host from different sockets
→ encapsulates data-chunk with header to create segments and
→ passes the segments to the network-layer.
 The job of combining the data-chunks from different sockets to create a
segment is called multiplexing.
2) Demultiplexing
 At the receiver, the transport-layer
→ examines the fields in the segments to identify the receiving-socket and
→ directs the segment to the receiving-socket.
 The job of delivering the data in a segment to the correct socket is called
demultiplexing.
• In Figure 2.1,
 In the middle host, the transport-layer must demultiplex segments arriving
from the network- layer to either process P1 or P2.
 The arriving segment’s data is directed to the corresponding process’s socket.

Figure 2.1: Transport-layer multiplexing and demultiplexing

DEPARTMENT OF ISE, BIT Page 45

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Endpoint Identification
• Each socket must have a unique identifier.
• Each segment must include 2 header-fields to identify the socket (Figure 2.2):
 Source-port-number field and
 Destination-port-number field.
• Each port-number is a 16-bit number: 0 to 65535.
• The port-numbers ranging from 0 to 1023 are called well-known port-numbers
and are restricted. For example: HTTP uses port-no 80
FTP uses port-no 21
• When we develop a new application, we must assign the application a port-
number, which are known as ephemeral ports (49152–65535).

Figure 2.2: Source and destination-port-no fields in a transport-layer segment

• How the transport-layer implements the demultiplexing service?
• Answer:
 Each socket in the host will be assigned a port-number.
 When a segment arrives at the host, the transport-layer
→ examines the destination-port-no in the segment
→ directs the segment to the corresponding socket and
→ passes then the segment to the attached process.

2.3.1. Connectionless Multiplexing and De-multiplexing

• At client side of the application, the transport-layer automatically assigns
the port-number. Whereas, at the server side, the application assigns
a specific port-number.
• Suppose process on Host-A (port 19157) wants to send data to process on Host-B (port
46428).

DEPARTMENT OF ISE, BIT Page 46

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.3: The inversion of source and destination-port-nos

• At the sender A, the transport-layer

→ creates a segment containing source-port 19157, destination-port 46428 & data
and
→ passes then the resulting segment to the network-layer.
• At the receiver B, the transport-layer
→ examines the destination-port field in the segment and
→ delivers the segment to the socket identified by port 46428.
• A UDP socket is identified by a two-tuple:
 Destination IP address &
 Destination-port-no.
• As shown in Figure 2.3,
Source-port-no from Host-A is used at Host-B as "return address" i.e. when B
wants to send a segment back to A.
2.3.2. Connection Oriented Multiplexing and Demultiplexing
• Each TCP connection has exactly 2 end-points. (Figure 2.4).
• Thus, 2 arriving TCP segments with different source-port-nos will be directed to 2
different sockets, even if they have the same destination-port-no.
• A TCP socket is identified by a four-tuple:
 Source IP address
 Source-port-no
 Destination IP address &
 Destination-port-no.

DEPARTMENT OF ISE, BIT Page 47

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.4: The inversion of source and destination-port-nos

• The server-host may support many simultaneous connection-sockets.

• Each socket will be
→ attached to a process.
→ identified by its own four tuple.
• When a segment arrives at the host, all 4 fields are used to direct the segment to
the appropriate socket. (i.e. Demultiplexing).

2.3.3. Web Servers and TCP

• Consider a host running a Web-server (ex: Apache) on port 80.
• When clients (ex: browsers) send segments to the server, all segments will have
destination-port 80.
• The server distinguishes the segments from the different clients using two-tuple:
 Source IP addresses &
 Source-port-nos.
• Figure 2.5 shows a Web-server that creates a new process for each connection.
• The server can use either i) persistent HTTP or ii) non-persistent HTTP
i) Persistent HTTP
 Throughout the duration of the persistent connection the client and server
exchange HTTP messages via the same server socket.
ii) Non-persistent HTTP
 A new TCP connection is created and closed for every request/response.
 Hence, a new socket is created and closed for every request/response.
 This can severely impact the performance of a busy Web-server.

DEPARTMENT OF ISE, BIT Page 48

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.5: Two clients, using the same destination-port-no (80) to communicate with the
same Web- server application
2.4. Connectionless Transport: UDP
• UDP is an unreliable, connectionless protocol.
 Unreliable service means UDP doesn’t guarantee data will arrive to destination-
process.
 Connectionless means there is no handshaking b/w sender & receiver before
sending data.
• It provides following 2 services:
i) Process-to-process data delivery and
ii) Error checking.
• It does not provide flow, error, or congestion control.
• At the sender, UDP
→ takes messages from the application-process
→ attaches source- & destination-port-nos and
→ passes the resulting segment to the network-layer.
• At the receiver, UDP
→ examines the destination-port-no in the segment and
→ delivers the segment to the correct application-process.
• It is suitable for application program that
→ needs to send short messages &
→ cannot afford the retransmission.
• UDP is suitable for many applications for the following reasons:

DEPARTMENT OF ISE, BIT Page 49

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Finer Application Level Control over what Data is Sent, and when.
 When an application-process passes data to UDP, the UDP
→ packs the data inside a segment and
→ passes immediately the segment to the network-layer.
 On the other hand,
In TCP, a congestion-control mechanism throttles the sender when the n/w is
congested
2) No Connection Establishment.
 TCP uses a three-way handshake before it starts to transfer data.
 UDP just immediately passes the data without any formal preliminaries.
 Thus, UDP does not introduce any delay to establish a connection.
 That’s why, DNS runs over UDP rather than TCP.
3) No Connection State.
 TCP maintains connection-state in the end-systems.
 This connection-state includes
→ receive and send buffers
→ congestion-control parameters and
→ Sequence- and acknowledgment-number parameters.
 On the other hand,
In UDP, no connection-state is maintained.
4) Small Packet Header Overhead.
 The TCP segment has 20 bytes of header overhead in every segment.
 On the other hand, UDP has only 8 bytes of overhead.

Table 2.1: Popular Internet applications and their underlying transport protocols

Application Application- Underlying

Layer Transport
Protocol Protocol
Electronic mail SMTP TCP
Remote terminal
Telnet TCP
access
Web HTTP TCP
File transfer FTP TCP
Typically
Remote file server NFS
UDP

DEPARTMENT OF ISE, BIT Page 50

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Streaming typically UDP or

multimedia proprietary TCP
typically UDP or
Internet telephony
proprietary TCP
Network Typically
SNMP
management UDP
Typically
Routing protocol RIP
UDP
Typically
Name translation DNS
UDP

2.4.1. UDP Segment Structure

Figure 2.6: UDP segment structure

• UDP Segment contains following fields (Figure 2.6):

1) Application Data: This field occupies the data-field of the segment.
2) Destination Port No: This field is used to deliver the data to correct
process running on the destination-host. (i.e. demultiplexing function).
3) Length: This field specifies the number of bytes in the segment (header plus
data).
4) Checksum: This field is used for error-detection.

2.4.2. UDP Checksum

• The checksum is used for error-detection.
• The checksum is used to determine whether bits within the segment have been altered.
• How to calculate checksum on the sender:
1. All the 16-bit words in the segment are added to get a sum.
2. Then, the 1's complement of the sum is obtained to get a result.

DEPARTMENT OF ISE, BIT Page 51

COMPUTER NETWORKS AND SECURITY-18CS52 2020

3. Finally, the result is added to the checksum-field inside the segment.

• How to check for error on the receiver:
1) All the 16-bit words in the segment (including the checksum) are added to get a
sum.
i) For no errors: In the sum, all the bits are 1. (Ex: 1111111)
ii) For any error: In the sum, at least one of the bits is a 0. (Ex: 1011111)
Example:
• On the sender:
 Suppose that we have the following three
16-bit words: 0110011001100000
0101010101010101 → three 16 bits words
1000111100001100
 The sum of first two
16-bit words is:
011001100110000
0
010101010101010
1
101110111011010
1
 Adding the third word to the above sum gives:

1011101110110101 → sum of 1st two 16 bit words

1000111100001100 → third 16 bit word
0100101011000010 → sum of all three 16 bit words
 Taking 1’s complement for the final sum:
0100101011000010 → sum of all three 16 bit words
1011010100111101 → 1’s complement for the final sum
• The 1’s complement value is called as checksum which is added inside the segment.
• On the receiver
 All four 16-bit words are added, including the checksum.
i) If no errors are introduced into the packet, then clearly the sum will
be 1111111111111111.
ii) If one of the bits is a 0, then errors have been introduced into the packet.

2.5. Principles of Reliable Data Transfer

In this section, we consider the problem of reliable data transfer in a general context.
This is appropriate since the problem of implementing reliable data transfer occurs not only
at the transport layer, but also at the link layer and the application layer as well. The general

DEPARTMENT OF ISE, BIT Page 52

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Problem is thus of central importance to networking. Indeed, if one had to identify a “top-
ten” list of fundamentally important problems in all of networking, this would be a
candidate to lead the list
Figure 2.7 illustrates the framework for our study of reliable data transfer. The
service abstraction provided to the upper-layer entities is that of a reliable channel
Through which data can be transferred. With a reliable channel, no transferred data bits are
corrupted (flipped from 0 to 1, or vice versa) or lost, and all are delivered in the order in
which they were sent.

• Figure 2.7 illustrates the framework of reliable data transfer protocol.

Figure 2.7: Reliable data transfer: Service model and service implementation

• On the sender, rdt_send() will be called when a packet has to be sent on the channel.
• On the receiver,
i) rdt_rcv()will be called when a packet has to be recieved on the channel.
ii) deliver_data() will be called when the data has to be delivered to the upper layer

In this section we consider only the case of unidirectional data transfer that is data
transfer from the sending to the receiving side. The case of reliable bidirectional (that is,
full-duplex) data transfer is conceptually no more difficult but considerably more tedious
to explain. Although we consider only unidirectional data transfer, it is important to note

DEPARTMENT OF ISE, BIT Page 53

COMPUTER NETWORKS AND SECURITY-18CS52 2020

that the sending and receiving sides of our protocol will nonetheless need to transmit
packets in both directions, as indicated in Figure 2.7.

2.5.1. Building a Reliable Data Transfer Protocol

2.5.1.1. Reliable Data Transfer over a Perfectly Reliable Channel: rdt1.0

• Consider data transfer over a perfectly reliable channel.

• We call this protocol as rdt1.0.

Figure 2.8: rdt1.0 – A protocol for a completely reliable channel

• The finite-state machine (FSM) definitions for the rdt1.0 sender and receiver are shown
in Figure 2.8.
• The sender and receiver FSMs have only one state.
• In FSM, following notations are used:
i) The arrows indicate the transition of the protocol from one state to another.
ii) The event causing the transition is shown above the horizontal line labelling the
transition.
iii) The action taken when the event occurs is shown below the horizontal line.
iv) The dashed arrow indicates the initial state.
• On the sender, rdt
→ accepts data from the upper layer via the rdt_send(data) event
→ creates a packet containing the data (via the action make_pkt(data)) and
→ sends the packet into the channel.
• On the receiver, rdt
→ receives a packet from the underlying channel via the rdt_rcv(packet) event

DEPARTMENT OF ISE, BIT Page 54

COMPUTER NETWORKS AND SECURITY-18CS52 2020

→ removes the data from the packet (via the action extract (packet, data)) and
→ passes the data up to the upper layer (via the action deliver data (data)).
2.5.1.2. Reliable Data Transfer over a Channel with Bit Errors: rdt2.0
• Consider data transfer over an unreliable channel in which bits in a packet may be
corrupted.
• We call this protocol as rdt2.0.
• The message dictation protocol uses both
→ Positive acknowledgements (ACK) and
→ Negative acknowledgements (NAK).
• The receiver uses these control messages to inform the sender about
→ what has been received correctly and
→ what has been received in error and thus requires retransmission.
• Reliable data transfer protocols based on the retransmission are known as ARQ protocols.
• Three additional protocol capabilities are required in ARQ protocols:
1) Error Detection
 A mechanism is needed to allow the receiver to detect when bit-errors have
occurred.
 UDP uses the checksum field for error-detection.
 Error-correction techniques allow the receiver to detect and correct packet bit-
errors.
2) Receiver Feedback
 Since the sender and receiver are typically executing on different end-systems.
 The only way for the sender to learn about status of the receiver is by the receiver
providing explicit feedback to the sender.
 For example: ACK & NAK
3) Retransmission
 A packet that is received in error at the receiver will be retransmitted by the
sender.
• Figure 2.9 shows the FSM representation of rdt2.0.

DEPARTMENT OF ISE, BIT Page 55

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.9: rdt2.0–A protocol for a channel with bit-errors

Sender FSM (Finite State Machine)
• The sender of rdt2.0 has 2 states:
1) In one state, the protocol is waiting for data to be passed down from the upper
layer.
2) In other state, the protocol is waiting for an ACK or a NAK from the receiver.
i) If an ACK is received, the protocol
→ knows that the most recently transmitted packet has been received
correctly
→ returns to the state of waiting for data from the upper layer.
ii) If a NAK is received, the protocol
→ retransmits the last packet and
→ waits for an ACK or NAK to be returned by the receiver.
• The sender will not send a new data until it is sure that the receiver has correctly
received the current packet.
• Because of this behavior, protocol rdt2.0 is known as stop-and-wait protocols.
Receiver FSM (Finite State Machine)
• The receiver of rdt2.0 has a single state.
• On packet arrival, the receiver replies with either an ACK or a NAK, depending
on the received packet is corrupted or not.
2.5.1.3. Sender Handles Garbled ACK/NAKs: rdt2.1
• Problem with rdt2.0:
If an ACK or NAK is corrupted, the sender cannot know whether the receiver
has correctly received the data or not.
• Solution: The sender resends the current data packet when it receives garbled ACK or
NAK packet.
DEPARTMENT OF ISE, BIT Page 56
COMPUTER NETWORKS AND SECURITY-18CS52 2020

 Problem: This approach introduces duplicate packets into the channel.

 Solution: Add sequence-number field to the data packet.
 The receiver has to only check the sequence-number to determine whether
the received packet is a retransmission or not.
• For a stop-and-wait protocol, a 1-bit sequence-number will be sufficient.
• A 1-bit sequence-number allows the receiver to know whether the sender is sending
→ previously transmitted packet (0) or
→ new packet (1).
• We call this protocol as rdt2.1.
• Figure 2.10 and 2.11 shows the FSM description for rdt2.1.

Figure 2.10: rdt2.1 sender

2.5.1.4. Sender uses ACK/NAKs: rdt2.2

• Protocol rdt2.2 uses both positive and negative acknowledgments from the receiver to
thesender.
i) When out-of-order packet is received, the receiver sends a positive
acknowledgment (ACK).
ii) When a corrupted packet is received, the receiver sends a negative
acknowledgment (NAK).
• We call this protocol as rdt2.2. (Figure 2.12 and 2.13).

DEPARTMENT OF ISE, BIT Page 57

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.11: rdt2.1 receiver

2.5.1.5. Sender uses ACK/NAKs: rdt2.2

• Protocol rdt2.2 uses both positive and negative acknowledgments from the receiver to
thesender.
i) When out-of-order packet is received, the receiver sends a positive
acknowledgment (ACK).
ii). When a corrupted packet is received, the receiver sends a negative
acknowledgment (NAK).
• We call this protocol as rdt2.2. (Figure 2.12 and 2.13).

DEPARTMENT OF ISE, BIT Page 58

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.12: rdt2.2 sender

DEPARTMENT OF ISE, BIT Page 59

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.13: rdt2.2 receiver

2.5.1.6. Reliable Data Transfer over a Lossy Channel with Bit Errors: rdt3.0
• Consider data transfer over an unreliable channel in which packet lose may occur.
• We call this protocol as rdt3.0.
• Two problems must be solved by the rdt3.0:
1) How to detect packet loss?
2) What to do when packet loss occurs?
• Solution:
 The sender
→ sends one packet & starts a timer and
→ waits for ACK from the receiver (okay to go ahead).
 If the timer expires before ACK arrives, the sender retransmits the packet
and restarts the timer.
• The sender must wait at least as long as
1) A round-trip delay between the sender and receiver plus
2) Amount of time needed to process a packet at the receiver.
• Implementing a time-based retransmission mechanism requires a countdown timer.
• The timer must interrupt the sender after a given amount of time has expired.
• Figure 2.14 shows the sender FSM for rdt3.0, a protocol that reliably transfers data over
a channel that can corrupt or lose packets;
• Figure 2.15 shows how the protocol operates with no lost or delayed packets and how it
handles lost data packets.

DEPARTMENT OF ISE, BIT Page 60

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• Because sequence-numbers alternate b/w 0 & 1, protocol rdt3.0 is known as alternating-

bit protocol.

Figure 2.14: rdt3.0 sender

Figure 2.15: Operation of rdt3.0, the alternating-bit protocol

DEPARTMENT OF ISE, BIT Page 61

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.15: Operation of rdt3.0, the alternating-bit protocol

2.5.2. Pipelined Reliable Data Transfer Protocols

• The sender is allowed to send multiple packets without waiting for acknowledgments.
• This is illustrated in Figure 2.16 (b).
• Pipelining has the following consequences:
1) The range of sequence-numbers must be increased.
2) The sender and receiver may have to buffer more than one packet.
• Two basic approaches toward pipelined error recovery can be identified:
1) Go-Back-N and 2) Selective repeat.

DEPARTMENT OF ISE, BIT Page 62

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.16: Stop-and-wait and pipelined sending

2.4. Go-Back-N (GBN)

• The sender is allowed to transmit multiple packets without waiting for an
acknowledgment.
• But, the sender is constrained to have at most N unacknowledged packets in the pipeline.
Where N = window-size which refers maximum no. of unacknowledged packets in the
pipeline
DEPARTMENT OF ISE, BIT Page 63
COMPUTER NETWORKS AND SECURITY-18CS52 2020

• GBN protocol is called a sliding-window protocol.

• Figure 2.17 shows the sender’s view of the range of sequence-numbers.

Figure 2.17: Sender’s view of sequence-numbers in Go-Back-N

• Figure 2.18 and 2.19 give a FSM description of the sender and receivers of a GBN
protocol.

Figure 2.18: Extended FSM description of GBN sender

DEPARTMENT OF ISE, BIT Page 64

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.19: Extended FSM description of GBN receiver

2.4.1. GBN Sender
• The sender must respond to 3 types of events:
1) Invocation from above.
 When rdt_send() is called from above, the sender first checks to see if the window
is full
whether there are N outstanding, unacknowledged packets.
i) If the window is not full, the sender creates and sends a packet.
ii) If the window is full, the sender simply returns the data back to the
upper layer. This is an implicit indication that the window is full.
2) Receipt of an ACK.
 An acknowledgment for a packet with sequence-number n will be taken to
be a cumulative acknowledgment.
 All packets with a sequence-number up to n have been correctly received at the
receiver.
3) A Timeout Event.
 A timer will be used to recover from lost data or acknowledgment packets.
i) If a timeout occurs, the sender resends all packets that have been
previously sent but that have not yet been acknowledged.
ii) If an ACK is received but there are still additional transmitted but
not yet acknowledged packets, the timer is restarted.
iii) If there are no outstanding unacknowledged packets, the timer is stopped.

DEPARTMENT OF ISE, BIT Page 65

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2.4.2. GBN Sender

• The sender must respond to 3 types of events:
1) Invocation from above.
When rdt_send() is called from above, the sender first checks to see if the window is full
whether there are N outstanding, unacknowledged packets.
i) If the window is not full, the sender creates and sends a packet.
ii) If the window is full, the sender simply returns the data back to the
upper layer. This is an implicit indication that the window is full.
2) Receipt of an ACK.
 An acknowledgment for a packet with sequence-number n will be taken to
be a cumulative acknowledgment.
 All packets with a sequence-number up to n have been correctly received at the
receiver.
3) A Timeout Event.
 A timer will be used to recover from lost data or acknowledgment packets.
i) If a timeout occurs, the sender resends all packets that have been
previously sent but that have not yet been acknowledged.
ii) If an ACK is received but there are still additional transmitted but
not yet acknowledged packets, the timer is restarted.
iii) If there are no outstanding unacknowledged packets, the timer is stopped.

5.4.3.GBN Receiver
• If a packet with sequence-number n is received correctly and is in order, the receiver
→ sends an ACK for packet n and
→ delivers the packet to the upper layer.
• In all other cases, the receiver
→ discards the packet and
→ resends an ACK for the most recently received in-order packet.

2.4.4. Operation of the GBN Protocol

DEPARTMENT OF ISE, BIT Page 66

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.20: Go-Back-N in operation

• Figure 2.20 shows the operation of the GBN protocol for the case of a window-size of
four packets.
• The sender sends packets 0 through 3.
• The sender then must wait for one or more of these packets to be acknowledged before
proceeding.
• As each successive ACK (for ex, ACK0 and ACK1) is received, the window slides
forward and the sender transmits one new packet (pkt4 and pkt5, respectively).
• On the receiver, packet 2 is lost and thus packets 3, 4, and 5 are found to be out of order
and are discarded.

2.5. Selective Repeat (SR)

• Problem with GBN:
 GBN suffers from performance problems.
 When the window-size and bandwidth-delay product are both large, many

DEPARTMENT OF ISE, BIT Page 67

COMPUTER NETWORKS AND SECURITY-18CS52 2020

packets can be in the pipeline.

 Thus, a single packet error results in retransmission of a large number of packets.
• Solution: Use Selective Repeat (SR).

Figure 2.21: Selective-repeat (SR) sender and receiver views of sequence-number

space

• The sender retransmits only those packets that it suspects were erroneous.
• Thus, avoids unnecessary retransmissions. Hence, the name “selective-repeat”.
• The receiver individually acknowledge correctly received packets.
• A window-size N is used to limit the no. of outstanding, unacknowledged packets in the
pipeline.
• Figure 2.21 shows the SR sender’s view of the sequence-number space.

2.5.1. SR Sender
• The various actions taken by the SR sender are as follows:
1) Data Received from above.
 When data is received from above, the sender checks the next available
sequence-number for the packet.
 If the sequence-number is within the sender’s window;
Then, the data is packetized and sent;
Otherwise, the data is buffered for later transmission.
2) Timeout.
 Timers are used to protect against lost packets.
 Each packet must have its own logical timer. This is because
→ only a single packet will be transmitted on timeout.
DEPARTMENT OF ISE, BIT Page 68
COMPUTER NETWORKS AND SECURITY-18CS52 2020

3) ACK Received.
 If an ACK is received, the sender marks that packet as having been received.
 If the packet’s sequence-number is equal to send base, the window base is
increased by the smallest sequence-number.
 If there are un transmitted packets with sequence-numbers that fall within
the window, these packets are transmitted.

2.5.2. SR Receiver
• The various actions taken by the SR receiver are as follows:
1) Packet with sequence-number in [rcv_base, rcv_base+N-1] is correctly
received.
 In this case,
→ received packet falls within the receiver’s window and
→ Selective ACK packet is returned to the sender.
 If the packet was not previously received, it is buffered.
 If this packet has a sequence-number equal to rcv_base, then this packet and any
previously buffered and consecutively numbered packets are delivered to the upper
layer.
 The receive-window is then moved forward by the no. of packets delivered to the
upperlayer.
 For example: consider Figure 2.22.
¤ When a packet with a sequence-number of rcv_base=2 is received, it
and packets 3, 4, and 5 can be delivered to the upper layer.
2) Packet with sequence-number in [rcv_base-N, rcv_base-1] is correctly
received.
 In this case, an ACK must be generated, even though this is a packet that
the receiver has previously acknowledged.
3) Otherwise.
 Ignore the packet.

DEPARTMENT OF ISE, BIT Page 69

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.22: SR operation

2.5.3. Summary of Reliable Data Transfer Mechanisms and their Use

Table 2.2: Summary of reliable data transfer mechanisms and their use
Mechanism Use, Comments
Checksum Used to detect bit errors in a transmitted packet.
Timer Used to timeout/retransmit a packet because the packet (or its ACK)
was lost.
Because timeouts can occur when a packet is delayed but not lost,
duplicate copies of a packet may be received by a receiver.
Sequence- Used for sequential numbering of packets of data flowing from sender
number to receiver.
Gaps in the sequence-numbers of received packets allow the receiver
to detect a lost packet.
Packets with duplicate sequence-numbers allow the receiver to detect
duplicate copies of a packet.

DEPARTMENT OF ISE, BIT Page 70

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Acknowledgment Used by the receiver to tell the sender that a packet or set of packets
has been received correctly.
Acknowledgments will typically carry the sequence-number of the
packet or packets being acknowledged.
Acknowledgments may be individual or cumulative, depending on the
protocol.
Negative Used by the receiver to tell the sender that a packet has not been
acknowledgme received correctly.
nt Negative acknowledgments will typically carry the sequence-number
of the packet that was not received correctly.
Window, The sender may be restricted to sending only packets with sequence-
pipelining numbers that fall within a given range.
By allowing multiple packets to be transmitted but not yet
acknowledged,
Sender utilization can be increased over a stop-and-wait mode of
operation.

2.6. Connection-Oriented Transport: TCP

• TCP is a reliable connection-oriented protocol.
 Connection-oriented means a connection is established b/w sender &
receiver before sending the data.
 Reliable service means TCP guarantees that the data will arrive to destination-
process correctly.
• TCP provides flow-control, error-control and congestion-control.

The TCP Connection

• The features of TCP are as follows:
1) Connection Oriented
 TCP is said to be connection-oriented. This is because
The 2 application-processes must first establish connection with each other
before they begin communication.
 Both application-processes will initialize many state-variables associated with the
connection.
2) Runs in the End Systems
 TCP runs only in the end-systems but not in the intermediate routers.
 The routers do not maintain any state-variables associated with the connection.
3) Full Duplex Service
DEPARTMENT OF ISE, BIT Page 71
COMPUTER NETWORKS AND SECURITY-18CS52 2020

 TCP connection provides a full-duplex service.

 Both application-processes can transmit and receive the data at the same time.
4) Point-to-Point
 A TCP connection is point-to-point i.e. only 2 devices are connected by a
dedicated-link
 So, multicasting is not possible.
5) Three-way Handshake
 Connection-establishment process is referred to as a three-way
handshake. This is because 3 segments are sent between the two hosts:
i) The client sends a first-segment.
ii) The server responds with a second-segment and
iii) Finally, the client responds again with a third segment containing payload
(or data).
6) Maximum Segment Size (MSS)
 MSS limits the maximum amount of data that can be
placed in a segment. For example: MSS = 1,500
bytes for Ethernet
7) Send & Receive Buffers
 As shown in Figure 2.23, consider sending data from the client-process to the
server-process.
At Sender
i) The client-process passes a stream-of-data through the socket.
ii) Then, TCP forwards the data to the send-buffer.
iii) Each chunk-of-data is appended with a header to form a segment.
iv) The segments are sent into the network.
At Receiver
i) The segment’s data is placed in the receive-buffer.
ii) The application reads the stream-of-data from the receive-buffer.

Figure 2.23: TCP send and receive-buffers

DEPARTMENT OF ISE, BIT Page 72

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2.6.1. TCP Segment Structure

• The segment consists of header-fields and a data-field.
• The data-field contains a chunk-of-data.
• When TCP sends a large file, it breaks the file into chunks of size MSS.
• Figure 2.24 shows the structure of the TCP segment.

Figure 2.24: TCP segment structure

• The fields of TCP segment are as follows:

1) Source and Destination Port Numbers
 These fields are used for multiplexing/demultiplexing data from/to upper-layer
applications.
2) Sequence Number & Acknowledgment Number
 These fields are used by sender & receiver in implementing a reliable data-
transfer-service.
3) Header Length
 This field specifies the length of the TCP header.
4) Flag
 This field contains 6 bits.
• ACK
¤ This bit indicates that value of acknowledgment field is valid.
• RST, SYN & FIN
¤ These bits are used for connection setup and teardown.
• PSH
¤ This bit indicates the sender has invoked the push operation.

DEPARTMENT OF ISE, BIT Page 73

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• URG
¤ This bit indicates the segment contains urgent-data.
5) Receive Window
 This field defines receiver’s window size
 This field is used for flow control.
6) Checksum
 This field is used for error-detection.
7) Urgent Data Pointer
 This field indicates the location of the last byte of the urgent data.
8) Options
 This field is used when a sender & receiver negotiate the MSS for use in high-
speed networks.

2.6.2. Sequence Numbers and Acknowledgment Numbers

2.6.2.1. Sequence Numbers
• The sequence-number is used for sequential numbering of packets of data flowing
from sender to receiver.
• Applications:
1) Gaps in the sequence-numbers of received packets allow the receiver to detect a
lost packet.
2) Packets with duplicate sequence-numbers allow the receiver to detect
duplicate copies of a packet.
2.6.2.2. Acknowledgment Numbers
• The acknowledgment-number is used by the receiver to tell the sender that a
packet has been received correctly.
• Acknowledgments will typically carry the sequence-number of the packet being
acknowledged.

DEPARTMENT OF ISE, BIT Page 74

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.25: Sequence and acknowledgment-numbers for a simple Telnet application over
TCP

• Consider an example (Figure 2.25):

 A process in Host-A wants to send a stream-of-data to a process in Host-B.
 In Host-A, each byte in the data-stream is numbered as shown in Figure 2.26.

Figure 2.26: Dividing file data into TCP segments

 The first segment from A to B has a sequence-number 42 i.e. Seq=42.

 The second segment from B to A has a sequence-number 79 i.e. Seq=79.
 The second segment from B to A has acknowledgment-number 43, which
is the sequence- number of the next byte, Host-B is expecting from Host-A.
(i.e. ACK=43).
 What does a host do when it receives out-
of-order bytes? Answer: There are two
choices:
1) The receiver immediately discards out-of-order bytes.

DEPARTMENT OF ISE, BIT Page 75

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2)The receiver
→ keeps the out-of-order bytes and
→ waits for the missing bytes to fill in the gaps.

2.6.3. Telnet: A Case Study for Sequence and Acknowledgment Numbers

• Telnet is a popular application-layer protocol used for remote-login.
• Telnet runs over TCP.
• Telnet is designed to work between any pair of hosts.
• As shown in Figure 2.27, suppose client initiates a Telnet session with server.
• Now suppose the user types a single letter, ‘C’.
• Three segments are sent between client & server:
1) First Segment
 The first-segment is sent from the client to the server.
 The segment contains
→ letter ‘C’
→ sequence-number 42
→ acknowledgment-number 79
2) Second Segment
 The second-segment is sent from the server to the client.
 Two purpose of the segment:
i) It provides an acknowledgment of the data the server has received.
ii) It is used to echo back the letter ‘C’.
 The acknowledgment for client-to-server data is carried in a segment
carrying server-to-client data.
 This acknowledgment is said to be piggybacked on the server-to-client data-
segment.
3) Third Segment
 The third segment is sent from the client to the server.
 One purpose of the segment:
i) It acknowledges the data it has received from the server.

DEPARTMENT OF ISE, BIT Page 76

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.27: Sequence and acknowledgment-numbers for a simple Telnet application

over TCP

2.6.4. Round Trip Time Estimation and Timeout

• TCP uses a timeout/retransmit mechanism to recover from lost segments.
• Clearly, the timeout should be larger than the round-trip-time (RTT) of the connection.

2.6.4.1. Estimating the Round Trip Time

• SampleRTT is defined as
“The amount of time b/w when the segment is sent and when an acknowledgment is
received.”
• Obviously, the SampleRTT values will fluctuate from segment to segment due to
congestion.
• TCP maintains an average of the SampleRTT values, which is referred to as
EstimatedRTT.

• DevRTT is defined as
“An estimate of how much SampleRTT typically deviates from EstimatedRTT.”

• If the SampleRTT values have little fluctuation, then DevRTT will be small.
If the SampleRTT values have huge fluctuation, then DevRTT will be large.

2.6.4.2. Setting and Managing the Retransmission Timeout Interval

DEPARTMENT OF ISE, BIT Page 77

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• What value should be used for timeout interval?

• Clearly, the interval should be greater than or equal to EstimatedRTT.
• Timeout interval is given by:

2.6.5. Reliable Data Transfer

• IP is unreliable i.e. IP does not guarantee data delivery.
IP does not guarantee in-order
delivery of data. IP does not
guarantee the integrity of the data.
• TCP creates a reliable data-transfer-service on top of IP’s unreliable-service.
• At the receiver, reliable-service means
→ data-stream is uncorrupted
→ data-stream is without duplication and
→ data-stream is in sequence.

A Few Interesting Scenarios

First Scenario
• As shown in Figure 2.28, Host-A sends one segment to Host-B.
• Assume the acknowledgment from B to A gets lost.
• In this case, the timeout event occurs, and Host-A retransmits the same segment.
• When Host-B receives retransmission, it observes that the sequence-no has already been
received.
• Thus, Host-B will discard the retransmitted-segment.

DEPARTMENT OF ISE, BIT Page 78

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.28: Retransmission due to a lost acknowledgment

Second Scenario
• As shown in Figure 2.29, Host-A sends two segments back-to-back.
• Host-B sends two separate acknowledgments.
• Suppose neither of the acknowledgments arrives at Host-A before the timeout.
• When the timeout event occurs, Host-A resends the first-segment and restarts the timer.
• The second-segment will not be retransmitted until ACK for the second-segment
arrives before the new timeout.

Figure 2.29: Segment 100 not retransmitted

DEPARTMENT OF ISE, BIT Page 79

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Third Scenario
• As shown in Figure 2.30, Host-A sends the two segments.
• The acknowledgment of the first-segment is lost.
• But just before the timeout event, Host-A receives an acknowledgment-no 120.
• Therefore, Host-A knows that Host-B has received all the bytes up to 119.
• So, Host-A does not resend either of the two segments.

Figure 2.30: A cumulative acknowledgment avoids retransmission of the first-segment

Fast Retransmit
• The timeout period can be relatively long.
• The sender can often detect packet-loss well before the timeout occurs by noting
duplicate ACKs.
• A duplicate ACK refers to ACK the sender receives for the second time. (Figure 2.31).

Table 2.3: TCP ACK Generation Recommendation

Event
Arrival of in-order segment with
expected sequence-number.
All up to expected sequence-number in- order segment.
already acknowledged.
Arrival of in-order segment with
expected sequence-number.
One other in-order segment waiting for
ACK transmission.
DEPARTMENT OF ISE, BIT
TCP Receiver Action
Delayed ACK.
Wait up to 500 msec for arrival of another
If next in-order segment does not arrive in
this interval, send an ACK.
Immediately send single cumulative ACK,
ACKing both in-order segments.
Page 80
COMPUTER NETWORKS AND SECURITY-18CS52 2020

Arrival of out-of-order segment with Immediately send duplicate ACK,

higher- than-expected sequence-number. indicating sequence-number of next
Gap detected. expected-byte.
Arrival of segment that partially or Immediately send ACK.
completely fills in gap in received-data.

Figure 2.31: Fast retransmit: retransmitting the missing segment before the segment’s
timer expires

2.6.6. Flow Control

• TCP provides a flow-control service to its applications.
• A flow-control service eliminates the possibility of the sender overflowing the receiver-buffer.

Figure 2.32: a) Send buffer and b) Receive Buffer

• As shown in Figure 2.32, we define the following variables:
DEPARTMENT OF ISE, BIT Page 81
COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) MaxSendBuffer: A send-buffer allocated to the sender.

2) MaxRcvBuffer: A receive-buffer allocated to the receiver.
3) LastByteSent: The no. of the last bytes sent to the send-buffer at the sender.
4) LastByteAcked: The no. of the last bytes acknowledged in the send-buffer at the
sender.
5) LastByteRead: The no. of the last bytes read from the receive-buffer at the
receiver.
6) LastByteRcvd: The no. of the last bytes arrived & placed in receive-buffer at the
receiver.
Send Buffer
• Sender maintains a send buffer, divided into 3 segments namely
1) Acknowledged data
2) Unacknowledged data and
3) Data to be transmitted
• Send buffer maintains 2 pointers: LastByteAcked and LastByteSent. The relation b/w
these two is:

Receive Buffer
• Receiver maintains receive buffer to hold data even if it arrives out-of-order.
• Receive buffer maintains 2 pointers: LastByteRead and LastByteRcvd. The relation b/w
these two is:

Flow Control Operation

• Sender prevents overflowing of send buffer by maintaining

• Receiver avoids overflowing receive buffer by maintaining

•Receiver throttles the sender by advertising a window that is smaller than the
amount of free space that it can buffer as:

2.6.7. TCP Connection Management

2.6.7.1. Connection Setup & Data Transfer

• To setup the connection, three segments are sent between the two hosts.
Therefore, this process is referred to as a three-way handshake.
• Suppose a client-process wants to initiate a connection with a server-process.
• Figure 2.33 illustrates the steps involved:

DEPARTMENT OF ISE, BIT Page 82

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Step 1: Client sends a connection-request segment to the Server

 The client first sends a connection-request segment to the server.
 The connection-request segment contains:
1) SYN bit is set to 1.
2) Initial sequence-number (client_isn).
 The SYN segment is encapsulated within an IP datagram and sent to the server.
Step 2: Server sends a connection-granted segment to the Client
 Then, the server
→ extracts the SYN segment from the datagram
→ allocates the buffers and variables to the connection and
→ sends a connection-granted segment to the client.
 The connection-granted segment contains:
1) SYN bit is set to 1.
2) Acknowledgment field is set to client_isn+1.
3) Initial sequence-number (server_isn).
Step 3: Client sends an ACK segment to the Server
 Finally, the client
→ allocates buffers and variables to the connection and
→ sends an ACK segment to the server
 The ACK segment acknowledges the server.
 SYN bit is set to zero, since the connection is established.

Figure 2.33: TCP three-way handshake: segment exchange

DEPARTMENT OF ISE, BIT Page 83

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2.6.7.2. Connection Release

• Either of the two processes in a connection can end the connection.
• When a connection ends, the “resources” in the hosts are de-allocated.
• Suppose the client decides to close the connection.
• Figure 2.34 illustrates the steps involved:
1) The client-process issues a close command.
¤ Then, the client sends a shutdown-segment to the server.
¤ This segment has a FIN bit set to 1.
2) The server responds with an acknowledgment to the client.

3) The server then sends its own shutdown-segment.

¤ This segment has a FIN bit set to 1.
4) Finally, the client acknowledges the server’s shutdown-segment.

Figure 2.34: Closing a TCP connection

2.7. Principles of Congestion Control

2.7.1. The Causes and the Costs of Congestion

Scenario 1: Two Senders, a Router with Infinite Buffers

• Two hosts (A & B) have a connection that shares a single-hop b/w source & destination.
• This is illustrated in Figure 2.35.

DEPARTMENT OF ISE, BIT Page 84

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.35: Congestion scenario 1: Two connections sharing a single hop with infinite
buffers
• Let
Sending-rate of Host-A = λin bytes/sec
Outgoing Link’s capacity = R

• Packets from Hosts A and B pass through a router and over a shared outgoing link.
• The router has buffers.
• The buffers stores incoming packets when packet-arrival rate exceeds the outgoing link’s
capacity
• Figure 2.36 plots the performance of Host-A’s connection.

Figure 2.36: Congestion scenario 1: Throughput and delay as a function of host sending-
rate

DEPARTMENT OF ISE, BIT Page 85

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Left Hand Graph

• The left graph plots the per-connection throughput as a function of the connection-sending-rate.
• For a sending-rate b/w 0 and R/2, the throughput at the receiver equals the sender’s
sending-rate. However, for a sending-rate above R/2, the throughput at the receiver is
only R/2. (Figure 2.36a)
• Conclusion: The link cannot deliver packets to a receiver at a steady-state rate that exceeds R/2.
Right Hand Graph
• The right graph plots the average delay as a function of the connection-sending-rate (Figure
2.36b).
• As the sending-rate approaches R/2, the average delay becomes larger and
larger. However, for a sending-rate above R/2, the average delay
becomes infinite.
• Conclusion: Large queuing delays are experienced as the packet arrival rate nears the link
capacity.
Scenario 2: Two Senders and a Router with Finite Buffers
• Here, we have 2 assumptions (Figure 2.37):
1) The amount of router buffering is finite.
 Packets will be dropped when arriving to an already full buffer.
2) Each connection is reliable.
 If a packet is dropped at the router, the sender will eventually retransmit it.
• Let
 Application’s sending-rate of Host-A = λin bytes/sec
 Transport-layer’s sending-rate of Host-A = λin‘ bytes/sec (also called offered-load to
network)
 Outgoing Link’s capacity = R

DEPARTMENT OF ISE, BIT Page 86

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.37: Scenario 2: Two hosts (with retransmissions) and a router with finite
buffers

Case 1 (Figure 2.38(a)):

• Host-A sends a packet only when a buffer is free.
• In this case,
→ no loss occurs
→ λin will be equal to λin‘, and
→ throughput of the connection will be equal to λin.
• The sender retransmits only when a packet is lost.
• Consider the offered-load λin‘ = R/2.
• The rate at which data are delivered to the receiver application is R/3.
• The sender must perform retransmissions to compensate for lost packets due to buffer
overflow.

Figure 2.38: Scenario 2 performance with finite buffers

Case 3 (Figure 2.38(c)):

• The sender may time out & retransmit a packet that has been delayed in the queue but not yet
lost.
• Both the original data packet and the retransmission may reach the receiver.

DEPARTMENT OF ISE, BIT Page 87

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• The receiver needs one copy of this packet and will discard the retransmission.
• The work done by the router in forwarding the retransmitted copy of the original packet was
wasted.
Scenario 3: Four Senders, Routers with Finite Buffers, and Multihop Paths
• Four hosts transmit packets, each over overlapping two-hop paths.
• This is illustrated in Figure 2.39.

Figure 2.39: Four senders, routers with finite buffers, and multihop paths
• Consider the connection from Host-A to Host C, passing through routers R1 and R2.
• The A–C connection
→ shares router R1 with the D–B connection and
→ shares router R2 with the B–D connection.
• Case-1: For extremely small values of λin,
→ buffer overflows are rare (as in congestion scenarios 1 and 2) and
→ the throughput approximately equals the offered-load.
• Case-2: For slightly larger values of λin, the corresponding throughput is also larger. This is
because
→ more original data is transmitted into the network
→ Data is delivered to the destination and
→ Overflows are still rare.
• Case-3: For extremely larger values of λin.

DEPARTMENT OF ISE, BIT Page 88

COMPUTER NETWORKS AND SECURITY-18CS52 2020

 Consider router R2.

 The A–C traffic arriving to router R2 can have an arrival rate of at most R
regardless of the value of λin.
Where R = the capacity of the link from R1 to R2,.
 If λin‘ is extremely large for all connections, then the arrival rate of B–D traffic
at R2 can be much larger than that of the A–C traffic.
 The A–C and B–D traffic must compete at router R2 for the limited amount of buffer-
space.
 Thus, the amount of A–C traffic that successfully gets through R2 becomes
smaller and smaller as the offered-load from B–D gets larger and larger.
 In the limit, as the offered-load approaches infinity, an empty buffer at R2 is
immediately filled by a B–D packet, and the throughput of the A–C connection at
R2 goes to zero.
 When a packet is dropped along a path, the transmission capacity ends up having
been wasted.

2.7.2. Approaches to Congestion Control

• Congestion-control approaches can be classified based on whether the network-layer
provides any explicit assistance to the transport-layer:
1) End-to-end Congestion Control
 The network-layer provides no explicit support to the transport-layer for congestion-
control.
 Even the presence of congestion must be inferred by the end-systems based
only on observed network-behavior.
 Segment loss is taken as an indication of network-congestion and the window-size is
Decreased accordingly.
2) Network Assisted congestion Control
 Network-layer components provide explicit feedback to the sender regarding
congestion.
 This feedback may be a single bit indicating congestion at a link.
 Congestion information is fed back from the network to the sender in one of two
ways:
i) Direct feedback may be sent from a network-router to the sender (Figure 2.40).
¤ This form of notification typically takes the form of a choke packet.
ii) A router marks a field in a packet flowing from sender to receiver to
indicate congestion.
¤ Upon receipt of a marked packet, the receiver then notifies the sender of

DEPARTMENT OF ISE, BIT Page 89

COMPUTER NETWORKS AND SECURITY-18CS52 2020

the congestion indication.

¤ This form of notification takes at least a full round-trip time.

Figure 2.40: Two feedback pathways for network-indicated congestion information

2.7.3. Network Assisted Congestion Control Example: ATM ABR Congestion Control
• ATM (Asynchronous Transfer Mode) protocol uses network-assisted approach for
congestion-control.
• ABR (Available Bit Rate) has been designed as an elastic data-transfer-service.
i) When the network is under loaded, ABR has to take advantage of the spare available
bandwidth.
ii) When the network is congested, ABR should reduce its transmission-rate.

Figure 2.41: Congestion-control framework for ATM ABR service

• Figure 2.41 shows the framework for ATM ABR congestion-control.

• Data-cells are transmitted from a source to a destination through a series of intermediate
switches.
• RM-cells are placed between the data-cells. (RM Resource Management).
• The RM-cells are used to send congestion-related information to the hosts & switches.

DEPARTMENT OF ISE, BIT Page 90

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• When an RM-cell arrives at a destination, the cell will be sent back to the sender
• Thus, RM-cells can be used to provide both
→ Direct network feedback and
→ Network feedback via the receiver.

Three Methods to indicate Congestion

• ATM ABR congestion-control is a rate-based approach.
• ABR provides 3 mechanisms for indicating congestion-related information:
1) EFCI Bit
 Each data-cell contains an EFCI bit. (EFCI Explicit forward congestionindication)
 A congested-switch sets the EFCI bit to 1 to signal congestion to the destination.
 The destination must check the EFCI bit in all received data-cells.
 If the most recently received data-cell has the EFCI bit set to 1, then the destination
→ sets the CI bit to 1 in the RM-cell (CI congestion indication)
→ sends the RM-cell back to the sender.
 Thus, a sender can be notified about congestion at a network switch.
2) CI and NI Bits
 The rate of RM-cell interspersion is a tunable parameter.
 The default value is one RM-cell every 32 data-cells. (NI No Increase)
 The RM-cells have a CI bit and a NI bit that can be set by a congested-switch.
 A switch
→ sets the NI bit to 1 in a RM-cell under mild congestion and
→ sets the CI bit to 1 under severe congestion conditions.
3) ER Setting
 Each RM-cell also contains an ER field. (ER explicit rate)
 A congested-switch may lower the value contained in the ER field in a passing RM-
cell.
 In this manner, ER field will be set to minimum supportable rate of all switches on
thepath.

2.8. TCP Congestion Control

2.8.1. TCP Congestion Control
• TCP has congestion-control mechanism.
• TCP uses end-to-end congestion-control rather than network-assisted congestion-control
• Here is how it works:
 Each sender limits the rate at which it sends traffic into its connection as a
function of perceived congestion.

DEPARTMENT OF ISE, BIT Page 91

COMPUTER NETWORKS AND SECURITY-18CS52 2020

i) If sender perceives that there is little congestion, then sender increases its data-
rate.
ii) If sender perceives that there is congestion, then sender reduces its data-rate.
• This approach raises three questions:
1) How does a sender limit the rate at which it sends traffic into its connection?
2) How does a sender perceive that there is congestion on the path?
3) What algorithm should the sender use to change its data-rate?
• The sender keeps track of an additional variable called the congestion-window (cwnd).
• The congestion-window imposes a constraint on the data-rate of a sender.
• The amount of unacknowledged-data at a sender will not exceed minimum of (cwnd &
rwnd), that is:

• The sender’s data-rate is roughly cwnd/RTT bytes/sec.

• Explanation of Loss event:
 A “loss event” at a sender is defined as the occurrence of either
→ Timeout or
→ Receipt of 3 duplicate ACKs from the receiver.
 Due to excessive congestion, the router-buffer along the path overflows. This
causes a datagram to be dropped.
 The dropped datagram, in turn, results in a loss event at the sender.
 The sender considers the loss event as an indication of congestion on the path.
• How congestion is detected?
 Consider the network is congestion-free.
 Acknowledgments for previously unacknowledged segments will be received at the
sender.
 TCP
→ will take the arrival of these acknowledgments as an indication that all is well
and
→ will use acknowledgments to increase the window-size (& hence data-rate).
 TCP is said to be self-clocking because
→ acknowledgments are used to trigger the increase in window-size
 Congestion-control algorithm has 3 major components:
1) Slow start
2) Congestion avoidance and
3) Fast recovery.

Slow Start
• When a TCP connection begins, the value of cwnd is initialized to 1 MSS.

DEPARTMENT OF ISE, BIT Page 92

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• TCP doubles the number of packets sent every RTT on successful transmission.
• Here is how it works:
 As shown in Figure 2.42, the TCP
→ sends the first-segment into the network and
→ waits for an acknowledgment.
 When an acknowledgment arrives, the sender
→ increases the congestion-window by one MSS and
→ sends out 2 segments.
 When two acknowledgments arrive, the sender
→ increases the congestion-window by one MSS and
→ sends out 4 segments.
 This process results in a doubling of the sending-rate every RTT.
• Thus, the TCP data-rate starts slow but grows exponentially during the slow start phase.

Figure 2.42: TCP slow start

• When should the exponential growth end?

 Slow start provides several answers to this question.
1) If there is a loss event, the sender
→ sets the value of cwnd to 1 and
→ begins the slow start process again. (ssthresh “slow start threshold”)
→ sets the value of ssthresh to cwnd/2.

DEPARTMENT OF ISE, BIT Page 93

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2) When the value of cwnd equals ssthresh, TCP enters the congestion avoidance
state.
3) When three duplicate ACKs are detected, TCP
→ performs a fast retransmit and
→ enters the fast recovery state.
• TCP’s behavior in slow start is summarized in FSM description in Figure 2.43.

Figure 2.43: FSM description of TCP congestion-control

2.8.2. Congestion Avoidance

• On entry to congestion-avoidance state, the value of cwnd is approximately half its previous
value.
• Thus, the value of cwnd is increased by a single MSS every RTT.
• The sender must increases cwnd by MSS bytes (MSS/cwnd) whenever a new
acknowledgment arrives
• When should linear increase (of 1 MSS per RTT) end?

DEPARTMENT OF ISE, BIT Page 94

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) When a timeout occurs.

 When the loss event occurred,
→ value of cwnd is set to 1 MSS and
→ value of ssthresh is set to half the value of cwnd.
2) When triple duplicate ACK occurs.
 When the triple duplicate ACKs were received,
→ value of cwnd is halved.
→ value of ssthresh is set to half the value of cwnd.

Fast Recovery
• The value of cwnd is increased by 1 MSS for every duplicate ACK received.
• When an ACK arrives for the missing segment, the congestion-avoidance state is entered.
• If a timeout event occurs, fast recovery transitions to the slow-start state.
• When the loss event occurred
→ value of cwnd is set to 1 MSS, and
→ value of ssthresh is set to half the value of cwnd.
• There are 2 versions of TCP:
1) TCP Tahoe
 An early version of TCP was known as TCP Tahoe.
 TCP Tahoe
→ cut the congestion-window to 1 MSS and
→ entered the slow-start phase after either
i) timeout-indicated or
ii) triple-duplicate-ACK-indicated loss event.
2) TCP Reno
 The newer version of TCP is known as TCP Reno.
 TCP Reno incorporated fast recovery.
 Figure 2.44 illustrates the evolution of TCP’s congestion-window for both Reno and
Tahoe.

DEPARTMENT OF ISE, BIT Page 95

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 2.44: Evolution of TCP’s congestion-window (Tahoe and Reno)

TCP Congestion Control: Retrospective

• TCP’s congestion-control consists of (AIMD additive increase, multiplicativedecrease)
→ Increasing linearly (additive) value of cwnd by 1 MSS per RTT and
→ Halving (multiplicative decrease) value of cwnd on a triple duplicate-ACK event.
• For this reason, TCP congestion-control is often referred to as an AIMD.
• AIMD congestion-control gives rise to the “saw tooth” behavior shown in Figure 2.45.
• TCP
→ increases linearly the congestion-window-size until a triple duplicate-ACK event
occurs and
→ decreases then the congestion-window-size by a factor of 2

Figure 2.45: Additive-increase, multiplicative-decrease congestion-control

Fairness
• Congestion-control mechanism is fair if each connection gets equal share of the link-
bandwidth.

DEPARTMENT OF ISE, BIT Page 96

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• As shown in Figure 2.46, consider 2 TCP connections sharing a single link with
transmission-rate R.
• Assume the two connections have the same MSS and RTT.

Figure 2.46: Two TCP connections sharing a single bottleneck link

• Figure 2.47 plots the throughput realized by the two TCP connections.
 If TCP shares the link-bandwidth equally b/w the 2 connections, then the
throughput falls along the 45-degree arrow starting from the origin.

Figure 2.47: Throughput realized by TCP connections 1 and 2

Fairness and UDP

• Many multimedia-applications (such as Internet phone) often do not run over TCP.
• Instead, these applications prefer to run over UDP. This is because
→ Applications can pump their audio into the network at a constant rate and
→ occasionally lose packets.

DEPARTMENT OF ISE, BIT Page 97

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Fairness and Parallel TCP Connections

• Web browsers use multiple parallel-connections to transfer the multiple objects within a
Web page.
• Thus, the application gets a larger fraction of the bandwidth in a congested link.
• Web-traffic is so pervasive in the Internet; multiple parallel-connections are common
nowadays.

DEPARTMENT OF ISE, BIT Page 98

COMPUTER NETWORKS AND SECURITY-18CS52 2020

MODULE-WISE QUESTIONS

PART 1
1) With a diagram, explain multiplexing and demultiplexing. (6*)
2) Explain the significance of source and destination-port-no in a segment. (4*)
3) With a diagram, explain connectionless multiplexing and demultiplexing. (4)
4) With a diagram, explain connection oriented multiplexing and demultiplexing. (4)
5) Briefly explain UDP & its services. (6*)
6) With general format, explain various field of UDP segment. Explain how checksum is
calculated (8*)
7) With a diagram, explain the working of rdt1.0. (6)
8) With a diagram, explain the working of rdt2.0. (6*)
9) With a diagram, explain the working of rdt2.1. (6)
10) With a diagram, explain the working of rdt3.0. (6*)
11) With a diagram, explain the working of Go-Back-N. (6*)
12) With a diagram, explain the working of selective repeat. (6*)
13) Explain the following terms: (8)
i) Sequence-number
ii) Acknowledgment
iii) Negative acknowledgment
iv) Window, pipelining

PART 2
14) Briefly explain TCP & its services. (6*)
15) With general format, explain various field of TCP segment. (6*)
16) With a diagram, explain the significance of sequence and acknowledgment numbers. (4*)
17) With a diagram, explain the reliable data transfer with few interesting scenarios. (8)
18) With a diagram, explain fast retransmit in TCP. (6*)
19) With a diagram, explain flow Control in TCP. (6)
20) With a diagram, explain connection management in TCP. (8*)
21) With a diagram, explain the causes of congestion with few scenarios. (8)
22) Briefly explain approaches to congestion control. (6*)
23) With a diagram, explain ATM ABR congestion control. (8)
24) With a diagram, explain slow start in TCP. (6*)
25) With a diagram, explain fast recovery in TCP. (6*)

DEPARTMENT OF ISE, BIT Page 99

COMPUTER NETWORKS AND SECURITY-18CS52 2020

MODULE 3: THE NETWORK LAYER

What's Inside a Router? Input Processing, Switching, Output Processing, Where Does Queuing
Occur? Routing control plane, IPv6, A Brief foray into IP Security Routing Algorithms: The
Link-State (LS) Routing Algorithm, the Distance-Vector (DV) Routing Algorithm,
Hierarchical Routing, Routing in the Internet, Intra-AS Routing in the Internet: RIP, Intra-AS
Routing in the Internet: OSPF Inter/AS Routing: BGP, Broadcast and Multicast Routing:
Broadcast Routing Algorithms and Multicast.

DEPARTMENT OF ISE, BIT Page 100

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.1 What’s Inside a Router?

• The router is used for transferring packets from an incoming-links to the appropriate
Outgoing-links.

Figure 3.5: Router architecture

• Four components of router (Figure 3.5):
1) Input Ports
• An input-port is used for terminating an incoming physical link at a router (Figure 3.6).
• It is used for interoperating with the link layer at the other side of the incoming-link.
• It is used for lookup function i.e. searching through forwarding-table looking for longest
prefix match.
• It contains forwarding-table.
• Forwarding-table is consulted to determine output-port to which arriving packet will be
forwarded.
• Control packets are forwarded from an input-port to the routing-processor.
• Many other actions must be taken:
i) Packet’s version number, checksum and time-to-live field must be checked.
ii) Counters used for network management must be updated.

DEPARTMENT OF ISE, BIT Page 101

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 3.6: Input port processing

2) Switching Fabric
• The switching fabric connects the router’s input-ports to its output-ports.
• In fabric, the packets are switched (or forwarded) from an input-port to an output-port.
• In fact, fabric is a network inside of a router.
• A packet may be temporarily blocked if packets from other input-ports are currently using
the fabric.
• A blocked packet will be queued at the input-port & then scheduled to send at a later point in
time.
3) Output Ports
• An output-port
→ Stores packets received from the switching fabric and
→ transmits the packets on the outgoing-link.
• For a bidirectional link, an output-port will typically be paired with the input-port.
4) Routing Processor
• The routing-processor
→ executes the routing protocols
→ maintains routing-tables & attached link state information and
→ computes the forwarding-table.
• It also performs the network management functions.

1.2 Switching
Three types of switching fabrics (Figure 3.7):
1. Switching via memory
2. Switching via a bus and
3. Switching via an interconnection network.

1. Switching via Memory

 Switching b/w input-ports & output-ports is done under direct control of CPU i.e.
routing-processor.
 Input and output-ports work like a traditional I/O devices in a computer.
Here is how it works (Figure 3.7a):
 On arrival of a packet, the input-port notifies the routing-processor via an interrupt.
DEPARTMENT OF ISE, BIT Page 102
COMPUTER NETWORKS AND SECURITY-18CS52 2020

 Then, the packet is copied from the input-port to processor-memory.

 Finally, the routing-processor
→ extracts the destination-address from the header
→ looks up the appropriate output-port in the forwarding-table and
→ copies the packet into the output-port’s buffers.
• Let memory-bandwidth = B packets per second.
Thus, the overall forwarding throughput must be less than B/2.
Disadvantage:
 Multiple packets cannot be forwarded at the same time. This is because only one memory
read/write over the shared system bus can be done at a time.

2. Switching via a Bus

• Switching b/w input-ports & output-ports is done without intervention by the routing-
processor.
Here is how it works (Figure 3.7b):
• The input-port appends a switch-internal label (header) to the packet.
• The label indicates the local output-port to which the packet must be transferred.
• Then, the packet is received by all output-ports.
• But, only the port that matches the label will keep the packet.
• Finally, the label is removed at the output-port.
Disadvantages:
• Multiple packets cannot be forwarded at the same time. This is because only one packet can
cross the bus at a time.
• The switching speed of the router is limited to the bus-speed.

3. Switching via an Interconnection Network

• A crossbar switch is an interconnection network.
• The network consists of 2N buses that connect N input-ports to N output-ports.
• Each vertical bus intersects each horizontal bus at a cross point.
• The cross point can be opened or closed at any time by the switch-controller.
Here is how it works (Figure 3.7c):
• To move a packet from port A to port Y, the switch-controller closes the cross point at the
intersection of buses A and Y.
• Then, port A sends the packet onto its bus, which is picked up by bus Y.
Advantage
• Crossbar networks are capable of forwarding multiple packets in parallel.
• For ex: A packet from port B can be forwarded to port X at the same time. This is because
A-to-Y and B-to-X packets use different input and output buses.

DEPARTMENT OF ISE, BIT Page 103

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Disadvantage
• If 2 packets have to use same output-port, then one packet has to wait. This is because only
one packet can be sent over any given bus at a time.

Figure 3.7: Three switching techniques

1.3 Output Processing

• Output-port processing
→ takes the packets stored in the output-port’s memory and
→ transmits the packets over the output link (Figure 3.8).
• This includes
→ Selecting and de-queuing packets for transmission and
→ performing the link layer and physical layer transmission functions

Figure 3.8: Output port processing

DEPARTMENT OF ISE, BIT Page 104

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.4 Where Does Queuing Occur?

• Packet queues may form at both the input-ports & the output-ports (Figure 3.9).
• As the queues grow large, the router’s memory can be exhausted and packet loss will occur.
• The location and extent of queueing will depend on
1) The traffic load
2) The relative speed of the switching fabric
3) The line speed
• Switching fabric transfer rate Rswitch is defined as “The rate at which packets can be moved
from input-port to output-port”.
• If Rswitch is N times faster than Rline, then only negligible queuing will occur at the input-ports

Figure 3.9: Output port queuing

• At output-port, packet-scheduler is used to choose one packet among those queued for
transmission.
• The packet-scheduling can be done using

→ first-come-first-served (FCFS) or
→ weighted fair queuing (WFQ).
• Packet scheduling plays a crucial role in providing QoS guarantees.
• If there is less memory to hold an incoming-packet, a decision must be made to either
1) Drop the arriving packet (a policy known as drop-tail) or
2) Remove one or more already-queued packets to make room for the newly arrived
packet.
1.5. IPV6
IPv6 (Internet Protocol version 6) is a set of specifications from the Internet Engineering Task

DEPARTMENT OF ISE, BIT Page 105

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Force (IETF) that's essentially an upgrade of IP version 4 (IPv4). The basics of IPv6 are similar
to those of IPv4 -- devices can use IPv6 as source and destination addresses to pass packets
over a network, and tools like ping work for network testing as they do in IPv4, with some
slight variations.
The most obvious improvement in IPv6 over IPv4 is that IP addresses are lengthened from 32
bits to 128 bits. This extension anticipates considerable future growth of the Internet and
provides relief for what was perceived as an impending shortage of network addresses. IPv6
also supports auto-configuration to help correct most of the shortcomings in version 4, and it
has integrated security and mobility features.
• CIDR, subnetting and NAT could not solve address-space exhaustion faced by IPv4.

• IPv6 was evolved to solve this problem

Changes from IPv4 to IPv6 (Advantages of IPv6)
1. Expanded Addressing Capabilities
 IPv6 increases the size of the IP address from 32 to 128 bits (Supports upto 3.4×10 38
nodes).
 In addition to unicast & multicast addresses, IPv6 has an any cast address.
 Any cast address allows a datagram to be delivered to only one member of the group.

2. A Streamlined 40-byte Header

 A number of IPv4 fields have been dropped or made optional.
 The resulting 40-byte fixed-length header allows for faster processing of the IP datagram.
 A new encoding of options field allows for more flexible options processing.

3. Flow Labeling & Priority

 A flow can be defined as “Labeling of packets belonging to particular flows for which
the sender requests special handling”.
 For example: Audio and video transmission may be treated as a flow.

DEPARTMENT OF ISE, BIT Page 106

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.5.1. IPV6 Datagram Format

• The format of the IPv6 datagram is shown in Figure 3.18.

Figure 3.18: IPv6 datagram format

The following fields are defined in IPv6:

1) Version
 This field specifies the IP version, i.e., 6.
2) Traffic Class
 This field is similar to the TOS field in IPv4.
 This field indicates the priority of the packet.
3) Flow Label
 This field is used to provide special handling for a particular flow of data.
4) Payload Length
 This field shows the length of the IPv6 payload.
5) Next Header
 This field is similar to the options field in IPv4 (Figure 3.19).
 This field identifies type of extension header that follows the basic header.
6) Hop Limit
 This field is similar to TTL field in IPv4.
 This field shows the maximum number of routers the packet can travel.
 The contents of this field are decremented by 1 by each router that forwards the
datagram.
 If the hop limit count reaches 0, the datagram is discarded.
7) Source & Destination Addresses
 These fields show the addresses of the source & destination of the packet.
8) Data
 This field is the payload portion of the datagram.

DEPARTMENT OF ISE, BIT Page 107

COMPUTER NETWORKS AND SECURITY-18CS52 2020

 When the datagram reaches the destination, the payload will be

→ removed from the IP datagram and
→ passed on to the upper layer protocol (TCP or UDP).

Figure 3.19: Payload in IPv6 datagram

1.5.2. IPv4 Fields not present in IPv6

1) Fragmentation/Reassembly
• Fragmentation of the packet is done only by the source, but not by the routers. The
reassembling is done by the destination.
• Fragmentation & reassembly is a time-consuming operation.
• At routers, the fragmentation is not allowed to speed up the processing in the router.
• If packet-size is greater than the MTU of the network, the router
→ drops the packet.
→ sends an error message to inform the source.
2) Header Checksum
• In the Internet layers, the transport-layer and link-layer protocols perform check summing.
• This functionality was redundant in the network-layer.
• So, this functionality was removed to speed up the processing in the router.

3) Options
• In, IPv6, next-header field is similar to the options field in IPv4.
• This field identifies type of extension header that follows the basic header.
• To support extra functionalities, extension headers can be placed b/w base header and
payload.

DEPARTMENT OF ISE, BIT Page 108

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.5.3. Differences between IPV4 and IPV6

IPV4
1 IPv4 addresses are 32 bit length
2 Fragmentation is done by
sender and forwarding routers
3 Does not identify packet flow
for QoS handling
4 Includes Options up to 40 bytes
5 Includes a checksum
6 Address Resolution Protocol
(ARP) is available to map
IPv4 addresses to MAC
addresses
7 Broadcast messages are
available
8 Manual configuration (Static) of
IP addresses or DHCP (Dynamic
configuration) is required to
configure IP addresses
9 IPSec is optional, external
10 IPv4 addresses are binary
numbers represented in decimals.
11 IPv4 is less compatible to mobile
networks than IPv6.
IPV6
IPv6 addresses are 128 bit length
Fragmentation is done only by sender
Contains Flow Label field that
specifies packet flow for QoS handling
Extension headers used for optional
data
Does not includes a checksum
Address Resolution Protocol (ARP) is
replaced with Neighbor Discovery
Protocol (NDP)
Broadcast messages are not available
Auto-configuration of addresses is
available
IPSec is required
IPv6 addresses are binary numbers
represented in hexadecimals.
IPv6 is more compatible to mobile
networks than IPv4.

1.5.4. Transitioning from IPv4 to IPv6

 IPv4-capable systems are not capable of handling IPv6 datagrams.
 Two strategies have been devised for transition from IPv4 to IPv6:
1) Dual stack and
2) Tunneling.

1. Dual Stack Approach

 IPv6-capable nodes also have a complete IPv4 implementation. Such nodes are
referred to as IPv6/IPv4 nodes.
 IPv6/IPv4 node has the ability to send and receive both IPv4 and IPv6 datagrams.
 When interoperating with an IPv4 node, an IPv6/IPv4 node can use IPv4

DEPARTMENT OF ISE, BIT Page 109

COMPUTER NETWORKS AND SECURITY-18CS52 2020

datagrams. When interoperating with an IPv6 node, an IPv6/IPv4 node

can use IPv6 datagrams.
 IPv6/IPv4 nodes must have both IPv6 and IPv4 addresses.

 IPv6/IPv4 nodes must be able to determine whether another node is IPv6-capable or

IPv4-only.
 This problem can be solved using the DNS. If the node name is resolved to IPv6-capable,
then the DNS returns an IPv6 address Otherwise, the DNS return an IPv4 address.
 If either the sender or the receiver is only IPv4-capable, an IPv4 datagram must be used.
 Two IPv6-capable nodes can send IPv4 data grams to each other.

Figure 3.20: A dual-stack approach

Dual stack is illustrated in Figure 3.20.
Here is how it works:
 Suppose IPv6-capable Node-A wants to send a datagram to IPv6-capable Node-F.
 IPv6-capable Node-B creates an IPv4 datagram to send to IPv4-capable Node-C.
 At IPv6-capable Node-B, the IPv6 datagram is copied into the data field of
the IPv4 datagram and appropriate address mapping can be done.
 At IPv6-capable Node-E, the IPv6 datagram is extracted from the data field
of the IPv4 datagram.
 Finally, IPv6-capable Node-E forwards an IPv6 datagram to IPv6-capable Node-
F.
Disadvantage
During transition from IPv6 to IPv4, few IPv6-specific fields will be lost.

2. Tunneling
• Tunneling is illustrated in Figure 3.21.
• Suppose two IPv6-nodes B and E
→ want to interoperate using IPv6 datagrams and
→ are connected by intervening IPv4 routers.
DEPARTMENT OF ISE, BIT Page 110
COMPUTER NETWORKS AND SECURITY-18CS52 2020

• The intervening-set of IPv4 routers between two IPv6 routers are referred as a tunnel.
• Here is how it works:
 On the sending side of the tunnel:
→ IPv6-node B takes & puts the IPv6 datagram in the data field of an IPv4
datagram.
→ The IPv4 datagram is addressed to the IPv6-node E.
 On the receiving side of the tunnel: The IPv6-node E
→ receives the IPv4 datagram
→ extracts the IPv6 datagram from the data field of the IPv4 datagram and
→ routes the IPv6 datagram to IPv6-node F

Figure 3.21: Tunneling

1.6 A Brief Foray into IP Security
 IPsec is a popular secure network-layer protocol.
 It is widely deployed in Virtual Private Networks (VPNs).
 It has been designed to be backward compatible with IPv4 and IPv6.
 It can be used to create a connection-oriented service between 2 entities.
 In transport mode, 2 hosts first establish an IPsec session between themselves.
 All TCP and UDP segments sent between the two hosts enjoy the security services
provided by IPsec.
 On the source-side,
1) The transport-layer passes a segment to IPsec.
2) Then, IPsec
→ encrypts the segment
DEPARTMENT OF ISE, BIT Page 111
COMPUTER NETWORKS AND SECURITY-18CS52 2020

→ appends additional security fields to the segment and

→ encapsulates the resulting payload in a IP datagram.
3) Finally, the sending-host sends the datagram into the Internet.
 The Internet then transports the datagram to the destination-host.
On the destination-side
1) The destination receives the datagram from the Internet.
2) Then, IPsec
→ decrypts the segment and
→ passes the unencrypted segment to the transport-layer.

Four services provided by an IPsec:

1. Cryptographic Agreement
 This mechanism allows 2 communicating hosts to agree on cryptographic algorithms &
keys.

2. Encryption of IP Datagram Payloads

 When the sender receives a segment from the transport-layer, IPsec encrypts the payload.
 The payload can only be decrypted by IPsec in the receiver.

3. Data Integrity
 IPsec allows the receiver to verify that the datagram’s header fields.
 The encrypted payload is not modified after transmission of the datagram into the n/w.

4. Origin Authentication
 The receiver is assured that the source-address in datagram is the actual source of
datagram.

1.7. Routing Algorithms

Typically a host is attached directly to one router, the default router for the host (also called
the first-hop router for the host). Whenever a host sends a packet, the packet is transferred to
its default router. We refer to the default router of the source host as the source router and the
default router of the destination host as the destination router. The problem of routing a
packet from source host to destination host clearly boils down to the problem of routing the
packet from source router to destination router,
 A routing-algorithm is used to find a “good” path from source to destination.
 Typically, a good path is one that has the least cost.
 The least-cost problem: Find a path between the source and destination that has least
cost.

DEPARTMENT OF ISE, BIT Page 112

COMPUTER NETWORKS AND SECURITY-18CS52 2020

A graph is used to formulate routing problems. Recall that a graph G = (N,E) is a set N of
nodes and a collection E of edges, where each edge is a pair of nodes from N. In the context
of network-layer routing, the nodes in the graph represent routers—the points at which
packet-forwarding decisions are made—and the edges connecting these nodes represent the
physical links between these routers. Such a graph abstraction of a computer network is
shown in Figure 4.27.

As shown in Figure 4.27, an edge also has a value representing its cost. Typically, an edge’s
cost may reflect the physical length of the corresponding link. we’ll simply take the edge costs
as a given and won’t worry about how they are determined.
For any edge (x,y) in E, we denote c(x,y) as the cost of the edge between nodes x and y. If the
pair (x,y) does not belong to E, we set c(x,y) = ∞. Also, throughout we consider only
undirected graphs (i.e., graphs whose edges do not have a direction), so that edge (x,y) is the
same as edge (y,x) and that c(x,y) = c(y,x). Also, a node y is said to be a neighbor of node x if
(x,y) belongs to E.

Figure 4.27: Abstract graph model of a computer network

1.7.1. Routing Algorithm Classification
A routing-algorithm can be classified as follows:
1. Global or decentralized
2. Static or dynamic
3. Load-sensitive or Load-insensitive

1. Global Routing Algorithms

• The calculation of the least-cost path is carried out at one centralized site.
• This algorithm has complete, global knowledge about the network.
• Algorithms with global state information are referred to as link-state (LS) algorithms.

DEPARTMENT OF ISE, BIT Page 113

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Decentralized Routing Algorithm

• The calculation of the least-cost path is carried out in an iterative, distributed manner.
• No node has complete information about the costs of all network links.
• Each node has only the knowledge of the costs of its own directly attached links.
• Each node performs calculation by exchanging information with its neighboring nodes.

2. Static Routing Algorithms

• Routes change very slowly over time, as a result of human intervention.
• For example: a human manually editing a router’s forwarding-table.

Dynamic Routing Algorithms

• The routing paths change, as the network-topology or traffic-loads change.
• The algorithm can be run either
→ Periodically or
→ in response to topology or link cost changes.
• Advantage: More responsive to network changes.
• Disadvantage: More susceptible to routing loop problem.

3. Load-Sensitive Routing Algorithm

• Link costs vary dynamically to reflect the current level of congestion in the underlying link.
• If high cost is associated with congested-link, the algorithm chooses routes around
congested-link.

Load Insensitive Routing Algorithm

• Link costs do not explicitly reflect the current level of congestion in the underlying link.
• Today’s Internet routing-algorithms are load-insensitive. For example: RIP, OSPF, and BGP

1.7.2. Link State (LS) Routing Algorithm

in a link-state algorithm, the network topology and all link costs are known, that is, available as
input to the LS algorithm. In practice this is accomplished by having each node broadcast link-
state packets to all other nodes in the network, with each link-state packet containing the
identities and costs of its attached links. The result of the nodes’ broadcast is that all nodes
have an identical and complete view of the network. Each node can then run the LS algorithm
and compute the same set of least-cost paths as every other node.
The link-state routing algorithm we present below is known as Dijkstra’s algorithm,
named after its inventor. A closely related algorithm is Prim’s algorithm.
For a general discussion of graph algorithms. Dijkstra’s algorithm computes the least-
cost path from one node (the source, which we will refer to as u) to all other nodes in the
DEPARTMENT OF ISE, BIT Page 114
COMPUTER NETWORKS AND SECURITY-18CS52 2020

network. Dijkstra’s algorithm is iterative and has the property that after the kth iteration of the
algorithm, the least-cost paths are known to k destination nodes, and among the least-cost paths
to all destination nodes, these k paths will have the k smallest costs. Let us define the following
notation:
 D(v): cost of the least-cost path from the source node to destination v as of this iteration
of the algorithm.
 p(v): previous node (neighbor of v) along the current least-cost path from the source to
v.
 N: subset of nodes; v is in N if the least-cost path from the source to v is definitively
known.

The global routing algorithm consists of an initialization step followed by a loop. The number
of times the loop is executed is equal to the number of nodes in the network. Upon termination,
the algorithm will have calculated the shortest paths from the source node u to every other node
in the network.

• Example: Consider the network in Figure 3.22 and compute the least-cost paths from
u to all possible destinations.

DEPARTMENT OF ISE, BIT Page 115

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 3.22: Abstract graph model of a computer network

Solution:
 Let’s consider the few first steps in detail.
 In the initialization step, the currently known least-cost paths from u to its directly
attached neighbors, v, x, and w, are initialized to 2, 1, and 5, respectively.
 In the first iteration, we
→ look among those nodes not yet added to the set N’ and
→ find that node with the least cost as of the end of the previous iteration.
 In the second iteration,
→ nodes v and y are found to have the least-cost paths (2) and
→ we break the tie arbitrarily and
→ add y to the set N’ so that N’ now contains u, x, and y.
And so on. . . .
When the LS algorithm terminates,
We have, for each node, its predecessor along the least-cost path from the source.
• A tabular summary of the algorithm’s computation is shown in Table 3.5.

Table 3.5: Running the link-state algorithm on the network in Figure 3.20

Figure 3.23 shows the resulting least-cost paths for u for the network in Figure 3.22.

DEPARTMENT OF ISE, BIT Page 116

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 3.23: Least cost path and forwarding-table for node u

1.7.3. DV Routing Algorithm

Bellman Ford Algorithm
• Distance vector (DV) algorithm is 1) iterative, 2) asynchronous, and 3) distributed.
1) It is distributed. This is because each node
→ receives some information from one or more of its directly attached neighbors
→ performs the calculation and
→ distributes then the results of the calculation back to the neighbors.
2) It is iterative. This is because
→ the process continues on until no more info is exchanged b/w neighbors.
3) It is asynchronous. This is because
→ the process does not require all of the nodes to operate in lockstep with each
other.
• The basic idea is as follows:
1) Let us define the following notation:
Dx(y) = cost of the least-cost path from node x to node y, for all nodes in N.
Dx = [Dx(y): y in N] be node x’s distance vector of cost estimates from x to
all other nodes y in N.
2) Each node x maintains the following routing information:
i) For each neighbor v, the cost c(x,v) from node x to directly attached neighbor v
ii) Node x’s distance vector, that is, Dx = [Dx(y): y in N], containing x’s estimate
of its
cost to all destinations y in N.
iii) The distance vectors of each of its neighbors, that is, D v = [Dv(y): y in
N] for each neighbor v of x.
3) From time to time, each node sends a copy of its distance vector to each of its
neighbors.
4) The least costs are computed by the Bellman-

DEPARTMENT OF ISE, BIT Page 117

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Ford equation: Dx(y) = minv{c(x,v) + Dv(y)}

for each
node y in N
5) If node x’s distance vector has changed as a result of this update step, node x will then
send its updated distance vector to each of its neighbors.

Figure 3.24 illustrates the operation of the DV algorithm for the simple three node network

DEPARTMENT OF ISE, BIT Page 118

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 3.24: Distance-vector (DV) algorithm

• The operation of the algorithm is illustrated in a synchronous manner.

Here, all nodes simultaneously
→ receive distance vectors from their neighbours
→ compute their new distance vectors, and
→ inform their neighbours if their distance vectors have changed.
• The table in the upper-left corner is node x’s initial routing-table.
• In this routing-table, each row is a distance vector.
• The first row in node x’s routing-table is Dx = [Dx(x), Dx(y), Dx(z)] = [0, 2,7].
• After initialization, each node sends its distance vector to each of its twoneighbours.
• This is illustrated in Figure 3.24 by the arrows from the first column of tables to the
second column of tables.
• For example, node x node x sends its distance vector Dx = [0, 2, 7] to both nodes y
and z. After receiving the updates, each node recomputes its own distance vector.
• For example, node x computes
Dx(x) =0
Dx(y) = min{c(x,y) + Dy(y), c(x,z) + Dz(y)} = min{2 + 0, 7 + 1} = 2
Dx(z) = min{c(x,y) + Dy(z), c(x,z) + Dz(z)} = min{2 + 1, 7 + 0} = 3

DEPARTMENT OF ISE, BIT Page 119

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• The second column therefore displays, for each node, the node’s new distance vector
along with distance vectors just received from its neighbours.
• Note, that node x’s estimate for the least cost to node z, Dx(z), has changed from 7 to 3.
• The process of receiving updated distance vectors from neighbours, recomputing
routing-table entries, and informing neighbours of changed costs of the least-cost path
to a destination continues until no update messages are sent.
• The algorithm remains in the quiescent state until a link cost changes.

Distance Vector Protocol Link State Protocol

1 Entire routing-table is sent as an
update.
2 Distance vector protocol
send periodic update at
every 30 or 90 second.
3 Updates are broadcasted.
4 Updates are sent to
directly connected
neighbour only
5 Routers don’t have end to end
visibility of entire network.
6 Prone to routing loops.
7 Each node talks to only
directly connected
neighbors.
Updates are incremental & entire
routing- table is not sent as update.
Updates are triggered not periodic.
Updates are multicasted.
Update are sent to entire
network & to just directly
connected neighbor.
Routers have visibility of entire
network of that area only.
No routing loops.
its Each node talks with all other nodes
(via broadcast)

1.8. Hierarchical Routing

• Two problems of a simple routing-algorithm:
1) Scalability
 As no. of routers increases, overhead involved in computing & storing routing info
increases.
2) Administrative Autonomy
 An organization should be able to run and administer its network.
 At the same time, the organization should be able to connect its network to internet.
• Both of these 2 problems can be solved by organizing routers into autonomous-system (AS).
• An autonomous system (AS) is a group of routers under the authority of a single
administration. For example: same ISP or same company network.
• Two types of routing-protocol:

DEPARTMENT OF ISE, BIT Page 120

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Intra-AS routing protocol: refers to routing inside an autonomous system.

2) Inter-AS routing protocol: refers to routing between autonomous systems.

Figure 3.25: An example of interconnected autonomous-systems

Intra-AS Routing Protocol

• The routing-algorithm running within an autonomous-system is called intra-AS routing
protocol.
• All routers within the same AS must run the same intra-AS routing protocol. For ex: RIP and
OSPF
• Figure 3.25 provides a simple example with three ASs: AS1, AS2, and AS3.
• AS1 has four routers: 1a, 1b, 1c, and 1d. These four routers run the intra-AS routing
protocol.
• Each router knows how to forward packets along the optimal path to any destination within
AS1.

Intra-AS Routing Protocol

• The routing-algorithm running between 2 autonomous-systems is called inter-AS routing
protocol.
• Gateway-routers are used to connect ASs to each other.
• Gateway-routers are responsible for forwarding packets to destinations outside the AS.
• Two main tasks of inter-AS routing protocol:

DEPARTMENT OF ISE, BIT Page 121

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Obtaining reachability information from neighboring Ass.

2) Propagating the reachability information to all routers internal to the AS.
• The 2 communicating ASs must run the same inter-AS routing protocol. For ex: BGP.
• Figure 3.26 summarizes the steps in adding an outside-AS destination in a router’s
forwarding-table.

Figure 3.26: Steps in adding an outside-AS destination in a router’s forwarding-table

1.9. Routing in the Internet

• Purpose of Routing protocols:
To determine the path taken by a datagram between source and destination.
• An autonomous-system (AS) is a collection of routers under the same administrative control.
• In AS, all routers run the same routing protocol among themselves.

1.9.1. Intra-AS Routing in the Internet: RIP

• Intra-AS routing protocols are also known as interior gateway protocols.
• An intra-AS routing protocol is used to determine how routing is performed within an AS.
• Most common intra-AS routing protocols:
1) Routing-information Protocol (RIP) and 2) Open Shortest Path First (OSPF)
• OSPF deployed in upper-tier ISPs whereas RIP is deployed in lower-tier ISPs & enterprise-
networks.
RIP Protocol
• RIP is widely used for intra-AS routing in the Internet.
• RIP is a distance-vector protocol.
• RIP uses hop count as a cost metric. Each link has a cost of 1.
• Hop count refers to the no. of subnets traversed along the shortest path from source to
destination.
• The maximum cost of a path is limited to 15.
• The distance vector is the current estimate of shortest path distances from router to subnets
in AS.
• Consider an AS shown in Figure 3.27.

DEPARTMENT OF ISE, BIT Page 122

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 3.27: A portion of an autonomous-system

• Each router maintains a RIP table known as a routing-table.

• Figure 3.28 shows the routing-table for router D.

Figure 3.28: Routing-table in router D before receiving advertisement from router A

• Routers can send types of messages: 1) Response-message & 2) Request-message

1) Response Message
 Using this message, the routers exchange routing updates with their neighbors every
30 secs.
 If a router doesn’t hear from its neighbor every 180 secs, then that neighbor is not
reachable.
 When this happens, RIP
→ modifies the local routing-table and
→ propagates then this information by sending advertisements to its neighbors.
 The response-message contains
→ list of up to 25 destination subnets within the AS and
→ sender’s distance to each of those subnets.
 Response-messages are also known as advertisements.
2) Request Message
 Using this message, router requests info about its neighbor’s cost to a given
destination.
• Both types of messages are sent over UDP using port# 520.
• The UDP segment is carried between routers in an IP datagram.

DEPARTMENT OF ISE, BIT Page 123

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.9.2. Intra-AS Routing in the Internet: OSPF

• OSPF is widely used for intra-AS routing in the Internet.
• OSPF is a link-state protocol that uses
→ flooding of link-state information and
→ Dijkstra least-cost path algorithm.
• Here is how it works:
1) A router constructs a complete topological map (a graph) of the entire autonomous-
system.
2) Then, the router runs Dijkstra’s algorithm to determine a shortest-path tree to all
subnets.
3) Finally, the router broadcasts link state info to all other routers in the
autonomous-system. Specifically, the router broadcasts link state
information
→ Periodically at least once every 30 minutes and
→ whenever there is a change in a link’s state. For ex: a change in up/down
status.
• Individual link costs are configured by the network-administrator.
• OSPF advertisements are contained in OSPF messages that are carried directly by IP.
• HELLO message can be used to check whether the links are operational.
• The router can also obtain a neighboring router’s database of network-wide link state.
• Some of the advanced features include:
1) Security
 Exchanges between OSPF routers can be authenticated.
 With authentication, only trusted routers can participate within an AS.
 By default, OSPF packets between routers are not authenticated.
 Two types of authentication can be configured: 1) Simple and 2) MD5.
i) Simple Authentication
¤ The same password is configured on each router.
¤ Clearly, simple authentication is not very secure.
ii) MD5 Authentication
¤ This is based on shared secret keys that are configured in all the routers.
¤ Here is how it works:
1) The sending router
→ computes a MD5 hash on the content of packet
→ includes the resulting hash value in the packet and
→ sends the packet
2) The receiving router
→ computes an MD5 hash of the packet

DEPARTMENT OF ISE, BIT Page 124

COMPUTER NETWORKS AND SECURITY-18CS52 2020

→ compares computed-hash value with the hash value carried in packet and
verifies the packet’s authenticity
2) Multiple Same Cost Paths
 When multiple paths to a destination have same cost, OSPF allows multiple paths to
be used.
3) Integrated Support for Unicast & Multicast Routing
 Multicast OSPF (MOSPF) provides simple extensions to OSPF to provide for
multicast-routing.
 MOSPF
→ uses the existing OSPF link database and
→ adds a new type of link-state advertisement to the existing broadcast
mechanism.
4) Support for Hierarchy within a Single Routing Domain
 An autonomous-system can be configured hierarchically into areas.
 In area, an area-border-router is responsible for routing packets outside the area.
 Exactly one OSPF area in the AS is configured to be the backbone-area.
 The primary role of the backbone-area is to route traffic between the other areas in the
AS.

1.10. Inter-AS Routing: BGP

• BGP is widely used for inter-AS routing in the Internet.
• Using BGP, each AS can
1) Obtain subnet reachability-information from neighboring ASs.
2) Propagate the reachability-information to all routers internal to the AS.
3) Determine good routes to subnets based on i) reachability-information and ii) AS
policy.
• Using BGP, each subnet can advertise its existence to the rest of the Internet.

1. Basics
• Pairs of routers exchange routing-information over semi-permanent TCP connections using
port-179.
• One TCP connection is used to connect 2 routers in 2 different autonomous-systems. Semi
permanent TCP connection is used to connect among routers within an autonomous-system.
• Two routers at the end of each connection are called peers.
The messages sent over the connection is called a session.
• Two types of session:
1) External BGP (eBGP) session
 This refers to a session that spans 2 autonomous-systems.

DEPARTMENT OF ISE, BIT Page 125

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2) Internal BGP (iBGP) session

 This refers to a session between routers in the same AS.

Figure 3.29: eBGP and iBGP sessions

• BGP operation is shown in Figure 3.29.

• The destinations are not hosts but instead are CIDRized prefixes.
• Each prefix represents a subnet or a collection of subnets.

2. Path Attributes & Routes

• An autonomous-system is identified by its globally unique ASN (Autonomous-System
Number).
• A router advertises a prefix across a session.
• The router includes a number of attributes with the prefix.
• Two important attributes: 1) AS-PATH and 2) NEXT-HOP

1) AS-PATH
 This attribute contains the ASs through which the advertisement for the prefix has
passed.
 When a prefix is passed into an AS, the AS adds its ASN to the ASPATH attribute.
 Routers use the AS-PATH attribute to detect and prevent looping advertisements.
 Routers also use the AS-PATH attribute in choosing among multiple paths to the
same prefix.
2) NEXT-HOP
 This attribute provides the critical link between the inter-AS and intra-AS routing
protocols.
 This attribute is the router-interface that begins the AS-PATH.
• BGP also includes
→ attributes which allow routers to assign preference-metrics to the routes.
→ attributes which indicate how the prefix was inserted into BGP at the origin AS.
DEPARTMENT OF ISE, BIT Page 126
COMPUTER NETWORKS AND SECURITY-18CS52 2020

• When a gateway-router receives a route-advertisement, the gateway-router decides

→ whether to accept or filter the route and
→ whether to set certain attributes such as the router preference metrics.

3. Route Selection
• For 2 or more routes to the same prefix, the following elimination-rules are invoked
sequentially:
1) Routes are assigned a local preference value as one of their attributes.
2) The local preference of a route
→ will be set by the router or
→ will be learned by another router in the same AS.
3) From the remaining routes, the route with the shortest AS-PATH is selected.
4) From the remaining routes, the route with the closest NEXT-HOP router is selected.
5) If more than one route still remains, the router uses BGP identifiers to select the
route.

4. Routing Policy
• Routing policy is illustrated as shown in Figure 3.30.
• Let A, B, C, W, X & Y = six interconnected autonomous-systems. W, X & Y = three stub-
networks.
A, B & C = three backbone provider networks.
• All traffic entering a stub-network must be destined for that network.
All traffic leaving a stub-network must have originated in that network.
• Clearly, W and Y are stub-networks.
• X is a multihomed stub-network, since X is connected to the rest of the n/w via 2 different
providers
• X itself must be the source/destination of all traffic leaving/entering X.
• X will function as a stub-network if X has no paths to other destinations except itself.
• There are currently no official standards that govern how backbone ISPs route among
themselves.

Figure 3.30: A simple BGP scenario

DEPARTMENT OF ISE, BIT Page 127

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.11. Broadcast & Multicast Routing

1.11.1. Broadcast Routing Algorithms
• Broadcast-routing means delivering a packet from a source-node to all other nodes in the
network.

N-way Unicast
• Given N destination-nodes, the source-node
→ makes N copies of the packet and
→ transmits then the N copies to the N destinations using unicast routing (Figure 3.31).
• Disadvantages:
1) Inefficiency
 If source is connected to the n/w via single link, then N copies of packet will traverse
this link.
2) More Overhead & Complexity
 An implicit assumption is that the sender knows broadcast recipients and their
addresses.
 Obtaining this information adds more overhead and additional complexity to a
protocol.
3) Not suitable for Unicast Routing
 It is not good idea to depend on the unicast routing infrastructure to achieve broadcast.

Figure 3.31: Duplicate creation/transmission

Figure 3.32: Reverse path forwarding

1. Uncontrolled Flooding
• The source-node sends a copy of the packet to all the neighbors.
• When a node receives a broadcast-packet, the node duplicates & forwards packet to all
neighbors.

DEPARTMENT OF ISE, BIT Page 128

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• In connected-graph, a copy of the broadcast-packet is delivered to all nodes in the graph.

• Disadvantages:
4) If the graph has cycles, then copies of each broadcast-packet will cycle indefinitely.
5) When a node is connected to 2 other nodes, the node creates & forwards multiple copies
of packet

 Broadcast-storm refers to “The endless multiplication of broadcast-packets which will

eventually make the network useless.”

2. Controlled Flooding
• A node can avoid a broadcast-storm by judiciously choosing
→ when to flood a packet and when not to flood a packet.
• Two methods for controlled flooding:
1) Sequence Number Controlled Flooding
 A source-node
→ puts its address as well as a broadcast sequence-number into a broadcast-
packet
→ sends then the packet to all neighbors.
 Each node maintains a list of the source-address & sequence# of each broadcast-
packet.
 When a node receives a broadcast-packet, the node checks whether the packet is in
this list.
 If so, the packet is dropped; if not, the packet is duplicated and forwarded to all
neighbors.
2) Reverse Path Forwarding (RPF)
 If a packet arrived on the link that has a path back to the source; Then the router
transmits the packet on all outgoing-links. Otherwise, the router discards the
incoming-packet.
 Such a packet will be dropped. This is because
→ the router has already received a copy of this packet (Figure 3.32).
3. Spanning - Tree Broadcast
• This is another approach to providing broadcast. (MST Minimum Spanning Tree).
• Spanning-tree is a tree that contains each and every node in a graph.
• A spanning-tree whose cost is the minimum of all of the graph’s spanning-trees is called a
MST.
• Here is how it works (Figure 3.33):
1) Firstly, the nodes construct a spanning-tree.

DEPARTMENT OF ISE, BIT Page 129

COMPUTER NETWORKS AND SECURITY-18CS52 2020

2) The node sends broadcast-packet out on all incident links that belong to the spanning-
tree.
3) The receiving-node forwards the broadcast-packet to all neighbors in the spanning-
tree.

Figure 3.33: Broadcast along a spanning-tree

• Disadvantage:
Complex: The main complexity is the creation and maintenance of the spanning-tree.
4. Center Based Approach
• This is a method used for building a spanning-tree.
• Here is how it works:
1) A center-node (rendezvous point or a core) is defined.
2) Then, the nodes send unicast tree-join messages to the center-node.
3) Finally, a tree-join message is forwarded toward the center until the message either
→ arrives at a node that already belongs to the spanning-tree or
→ arrives at the center.
• Figure 3.34 illustrates the construction of a center-based spanning-tree.

Figure 3.34: Center-based construction of a spanning-tree

DEPARTMENT OF ISE, BIT Page 130

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1.11.2. Multicast
• Multicasting means a multicast-packet is delivered to only a subset of network-nodes.
• A number of emerging network applications requires multicasting. These applications
include
1) Bulk data transfer (for ex: the transfer of a software upgrade)
2) Streaming continuous media (for ex: the transfer of the audio/video)
3) Shared data applications (for ex: a teleconferencing application)
4) Data feeds (for ex: stock quotes)
5) Web cache updating and
6) Interactive gaming (for ex: multiplayer games).
• Two problems in multicast communication:
1) How to identify the receivers of a multicast-packet.
2) How to address a packet sent to these receivers.
• A multicast-packet is addressed using address indirection.
• A single identifier is used for the group of receivers.
• Using this single identifier, a copy of the packet is delivered to all multicast receivers.
• In the Internet, class-D IP address is the single identifier used to represent a group of
receivers.
• The multicast-group abstraction is illustrated in Figure 3.35.

Figure 3.35: The multicast group: A datagram addressed to the group is delivered to all
members of the multicast group

DEPARTMENT OF ISE, BIT Page 131

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1. IGMP
• In the Internet, the multicast consists of 2 components:
1) IGMP (Internet Group Management Protocol)
 IGMP is a protocol that manages group membership.
 It provides multicast-routers info about the membership-status of hosts connected to
the n/w
 The operations are i) Joining/Leaving a group and ii) monitoring membership
2) Multicast Routing Protocols
 These protocols are used to coordinate the multicast-routers throughout the Internet.
 A host places a multicast address in the destination address field to send
packets to a set of hosts belonging to a group.
• The IGMP protocol operates between a host and its attached-router.
• Figure 3.36 shows three first-hop multicast-routers.

Figure 3.36: The two components of network-layer multicast in the Internet: IGMP and
multicast- routing protocols

• IGMP messages are encapsulated within an IP datagram.

• Three types of message: 1) membership query 2) membership report 3) leave group
1) membership_query
 A host sends a membership-query message to find active group-members in the
network.
2) membership_report
 A host sends membership_report message when an application first joins a multicast-
group.
 The host sends this message w/o waiting for a membership_query message from the
router.

DEPARTMENT OF ISE, BIT Page 132

COMPUTER NETWORKS AND SECURITY-18CS52 2020

3) leave_group
 This message is optional.
 The host sends this message to leave the multicast-group.
• How does a router detect when a host leaves the multicast-group?
Answer: The router infers that a host is no longer in the multicast-group if it no longer
responds to a membership_query message. This is called soft state.

1.12. Multicast Routing Algorithms

• The multicast-routing problem is illustrated in Figure 3.37.
• Two methods used for building a multicast-routing tree:
1) Single group-shared tree.
2) Source-specific routing tree.
1) Multicast Routing using a Group Shared Tree
• A single group-shared tree is used to distribute the traffic for all senders in the group.
• This is based on Building a tree that includes all edge-routers & attached-hosts belonging to
the multicast-group.
• In practice, a center-based approach is used to construct the multicast-routing tree.
• Edge-routers send join messages addressed to the center-node.
• Here is how it works:
1) A center-node (rendezvous point or a core) is defined.
2) Then, the edge-routers send unicast tree-join messages to the center-node.
3) Finally, a tree-join message is forwarded toward the center until it either
→ arrives at a node that already belongs to the multicast tree or
→ arrives at the center.
2) Multicast Routing using a Source Based Tree
• A source-specific routing tree is constructed for each individual sender in the group.
• In practice, an RPF algorithm is used to construct a multicast forwarding tree.
• The solution to the problem of receiving unwanted multicast-packets under RPF is known as
pruning.
• A multicast-router that has no attached-hosts will send a prune message to its upstream
router.

DEPARTMENT OF ISE, BIT Page 133

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 3.37: Multicast hosts, their attached routers, and other routers

1.12.1. Multicast Routing in the Internet

• Three multicast routing protocols are:
1. Distance Vector Multicast Routing Protocol (DVMRP)
2. Protocol Independent Multicast (PIM) and
3. Source Specific Multicast (SSM)
1) DVMRP
• DVMRP was the first multicast-routing protocol used in the Internet.
• DVMRP uses an RPF algorithm with pruning. (Reverse Path Forwarding).
2) PIM
• PIM is the most widely used multicast-routing protocol in the Internet.
• PIM divides multicast routing into sparse and dense mode.
i) Dense Mode
 Group-members are densely located.
 Most of the routers in the area need to be involved in routing the data.
 PIM dense mode is a flood-and-prune reverse path forwarding technique.
ii) Sparse Mode
 The no. of routers with attached group-members is small with respect to total no. of routers.
 Group-members are widely dispersed.
 This uses rendezvous points to set up the multicast distribution tree.
3) SSM
• Only a single sender is allowed to send traffic into the multicast tree. This simplifies tree
construction & maintenance.

DEPARTMENT OF ISE, BIT Page 134

COMPUTER NETWORKS AND SECURITY-18CS52 2020

MODULE-WISE QUESTIONS

PART 1
1) List out network-layer services. (2)
2) With a diagram, explain virtual circuit network. (6*)
3) With a diagram, explain datagram network. (6*)
4) Compare datagram & virtual-circuit networks. (4*)
5) With a diagram, explain 4 components of router. (6*)
6) With a diagram for each, explain 3 types of switching fabrics. (8*)
7) Briefly explain IP & its services. (4*)
8) With general format, explain various field of IPv4. (8*)
9) Explain fragmentation. Explain 3 fields related to fragmentation (6*)
10) Briefly explain IPv4 addressing. (8)
11) With a diagram, explain subnet addressing. (6*)
12) With a diagram, explain the working of DHCP. (6*)
13) With a diagram, explain the working of NAT. (6*)
14) Briefly explain ICMP. (8)
15) Explain changes from IPv4 to IPv6. (4*)
16) With general format, explain various field of IPv6. (8*)
17) Briefly explain IPv4 fields not present in IPv6. (4)
18) Compare IPv4 & IPv6. (4*)
19) Explain 2 strategies to make transition from IPv4 to IPv6. (8*)
20) Briefly explain IPSec & its services. (6)
PART 2
21) Define routing algorithm. Explain 3 classification of routing algorithm. (6*)
22) Explain Dijkstra’s algorithm with example. (8*)
23) Explain Bellman-Ford algorithm with example. (8*)
24) Compare distance vector & link state protocols. (4*)
25) Explain the intra-AS and inter-AS routing protocols. (4*)
26) With a diagram, explain the working of RIP. (6*)
27) With a diagram, explain the working of OSPF. (6*)
28) With a diagram, explain the working of BGP. (8*)
29) What are disadvantages of N-way Unicast and Uncontrolled Flooding? (4)
30) Explain the following broadcast routing algorithms: (8*)
i) Controlled flooding
ii) Spanning - tree broadcast
31) Briefly explain multicasting & its applications. (4)
32) Briefly explain the working of IGMP. (4)
33) Briefly explain two methods used for building a multicast-routing tree. (6*)
34) Briefly explain three multicast routing protocols. (4)

DEPARTMENT OF ISE, BIT Page 135

COMPUTER NETWORKS AND SECURITY-18CS52 2020

MODULE-4: WIRELESS and MOBILE NETWORKS

Network Security: Overview of Network Security: Elements of Network Security,

Classification of Network Attacks, Security Methods, Symmetric-Key Cryptography: Data
Encryption Standard (DES), Advanced Encryption Standard (AES), Public-Key
Cryptography: RSA Algorithm, Diffie-Hellman Key-Exchange Protocol, Authentication:
Hash Function, Secure Hash Algorithm (SHA), Digital Signatures, Firewalls and Packet
Filtering, Packet Filtering, Proxy Server.

DEPARTMENT OF ISE, BIT Page 136

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 137

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 138

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 139

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 140

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 141

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 142

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 143

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 144

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 145

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 146

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 147

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 148

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 149

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 150

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 151

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 152

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 153

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 154

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 155

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 156

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 157

COMPUTER NETWORKS AND SECURITY-18CS52 2020

DEPARTMENT OF ISE, BIT Page 158

COMPUTER NETWORKS AND SECURITY-18CS52 2020

MODULE-5
Multimedia Networking: Properties of video, properties of Audio, Types of
multimedia Network Applications, Streaming stored video: UDP Streaming,
HTTP Streaming, Adaptive streaming and DASH, content distribution Networks,
case studies: Netflix, You Tube and Kankan.
Network Support for Multimedia: Dimensioning Best-Effort Networks,
Providing Multiple Classes of Service, Diffserv, Per-Connection Quality-of-
Service (QoS) Guarantees: Resource Reservation and Call Admission.

DEPARTMENT OF ISE, BIT Page 159

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Multimedia Networking
We define a multimedia network application as any network application that employs audio or
video. In this section, we provide a taxonomy of multimedia applications. We’ll see that each
class of applications in the taxonomy has its own unique set of service requirements and design
issues. But before diving into an in-depth discussion of Internet multimedia applications, it is
useful to consider the intrinsic characteristics of the audio and video media themselves.

5.1. Properties of Video

1) High Bit Rate
• Video distributed over the Internet use
→ 100 kbps for low-quality video conferencing.
→ 3 Mbps for streaming high-definition (HD) movies.
• The higher the bit-rate,
→ better the image quality and
→ better the overall user viewing experience.
2) Video Compression
• A video can be compressed, thereby trading off video-quality with bit-rate.
• A video is a sequence of images, displayed at a constant rate.
For example: 24 or 30 images per second.
• An uncompressed digital image consists of an array of pixels.
• Each pixel is encoded into a number of bits to represent luminance and color.
• There are two types of redundancy in video:
1) Spatial Redundancy
 An image that consists of mostly white space has a high degree of redundancy.
 These images can be efficiently compressed without sacrificing image quality.
2) Temporal Redundancy
 Temporal redundancy reflects repetition from image to subsequent image.
 For example:
If image & subsequent image are same, re-encoding of subsequent image can be
avoided.

DEPARTMENT OF ISE, BIT Page 160

COMPUTER NETWORKS AND SECURITY-18CS52 2020

5.2. Properties of Audio

• PCM (Pulse Code Modulation) is a technique used to change an analog signal to digital data
(digitization).
• PCM consists of 1) Encoder at the sender and 2) Decoder at the receiver.

5.2.1. PCM Encoder

• Digital audio has lower bandwidth requirements than video.
• Consider how analog audio is converted to a digital-signal:
• The analog audio-signal is sampled at some fixed rate. This operation is referred to as
sampling.
• For example: 8000 samples per second.
• The value of each sample is an arbitrary real number.
• Each sample is then rounded to one of a finite number of values. This process is called
quantization.
• The number of such finite values is called as quantization-values.
8
• The number of quantization-values is typically a power of 2. For ex: 256(2 ) quantization-
values.
• Each of the quantization-values is represented by a fixed number of bits.
• For example:
If there are 256(28) quantization-values, then each value is represented by 8 bits.
• Bit representations of all values are then concatenated to form digital representation of the
signal. This process is called encoding.
• For example:
If an analog-signal is sampled at 8000 samples per second & each sample is represented
by 8 bits, then the digital-signal will have a rate of 64000 bits per second (8000*8=64000).
5.2.2. PCM Decoder
• For playback through audio speakers, the digital-signal can be converted back to an analog-
signal. This process is called decoding.
• However, the decoded analog-signal is only an approximation of the original signal.
• The sound quality may be noticeably degraded.
• The decoded signal can better approximate the original analog-signal by increasing
i) sampling rate and
ii) number of quantization-values,
• Thus, there is a trade-off between
→ Quality of the decoded signal and
→ bit-rate & storage requirements of the digital-signal.

DEPARTMENT OF ISE, BIT Page 161

COMPUTER NETWORKS AND SECURITY-18CS52 2020

5.3. Types of Multimedia Network Applications

• Three broad categories of multimedia applications:
1) Streaming stored audio/video
2) Conversational voice/video-over-IP and
3) Streaming live audio/video.

5.3.1. Streaming Stored Audio & Video

• The underlying medium is prerecorded video. For example: a movie.
• These prerecorded videos are placed on servers.
• The users send requests to the servers to view the videos on-demand.
• Nowadays, many Internet companies provide streaming video. For example: YouTube.
• Three key distinguishing features of streaming stored video:
1) Streaming
• The client begins video playout within few seconds after it begins receiving the video from
theserver.
• At the same time,
i) The client will be playing out from one location in the video.
ii) The client will be receiving later parts of the video from the server.
• This technique avoids having to download the entire video-file before playout begins.
2) Interactivity
• The media is prerecorded, so the user may pause, reposition or fast-forward through video-
content.
• The response time should be less than a few seconds.
3) Continuous Playout
• Once playout of the video begins, it should proceed according to the original timing of the
recording.
• The data must be received from the server in time for its playout at the client. Otherwise,
users experience video-frame skipping (or freezing).

5.3.2. Conversational Voice- and Video-over-IP

• Real-time conversational voice over the Internet is often referred to as Internet telephony.
• It is also commonly called Voice-over-IP (VoIP).
• Conversational video includes the video of the participants as well as their voices.
• Most of today‟s voice applications allow users to create conferences with three or more
participants.
• Nowadays, many Internet companies provide voice application. For example: Skype &
Google Talk.
• Two parameters are particularly important for voice applications:

DEPARTMENT OF ISE, BIT Page 162

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Timing considerations and

2) Tolerance of data loss
• Timing considerations are important because voice applications are highly delay-sensitive.
• Loss-tolerant means
Occasional loss only causes occasional glitches in audio playback & these losses
can be partially/fully hidden.
5.3.3. Streaming Live Audio & Video
• These applications are similar to broadcast radio, except that transmission takes place over
Internet.
• These applications allow a user to receive a live radio transmitted from any corner of the
world.
• For example: live cricket commentary.
• Today, thousands of radio stations around the world are broadcasting content over the
Internet.
• Live broadcast applications have many users who receive the same audio program at the
same time.
• The network must provide an average throughput that is larger than the video consumption
rate.

5.3. Streaming Stored Video

• Prerecorded videos are placed on servers.
• Users send requests to these servers to view the videos on-demand.
• The media is prerecorded, so the user may pause, reposition or fast-forward through video-
content.
• Three categories of applications:
1) UDP streaming
2) HTTP streaming and
3) Adaptive HTTP streaming.
• A main characteristic of video-streaming is the extensive use of client-side buffering.
• Two advantages of client-side buffering:
1) Client-side buffering can mitigate effects of varying end-to-end delays
2) This can mitigate effects of varying amounts of available bandwidth b/w server &
client.

5.3.1. UDP Streaming

• The server transmits video at a rate that matches the client‟s video consumption rate.
• The server transmits the video-chunks over UDP at a steady rate.

DEPARTMENT OF ISE, BIT Page 163

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• UDP does not employ a congestion-control mechanism.

• Therefore, the server can push packets into the network at the video consumption rate.
• Typically, UDP streaming uses a small client-side buffer. (RTP Real-Time Transport
Protocol).
• Using RTP, the server encapsulates the video-chunks within transport packets.
• The client & server also maintain a control-connection over which the client sends
commands (such as pause, resume and reposition).
• The RTSP (Real-Time Streaming Protocol) is a popular open protocol for a control-
connection.
• Disadvantages:
1) Unreliability
 UDP streaming can fail to provide continuous playout „.‟ of varying amt of available
bandwidth
2) Costly & Complex
 A media control server (RTSP) is required
→ to process client-to-server interactivity requests and
→ to track client-state for each ongoing client-session.
 This increases the overall cost and complexity of deploying a large-scale application.
3) Firewall Problem
 Many firewalls are configured to block UDP traffic.
 This prevents the users behind the firewalls from receiving the video.

5.3.2. HTTP Streaming

• The video is stored in an HTTP server as an ordinary file with a specific URL.
• Here is how it works:
4) When a user wants to see the video, the client
→ establishes a TCP connection with the server and
→ issues an HTTP GET request for that URL.
5) Then, the server responds with the video file, within an HTTP response message.
6) On client side, the bytes are collected in a client application buffer.
7) Once no. of bytes in this buffer exceeds a specific threshold, the client begins
playback.
• Advantages:
1) Not Costly & Complex
 Streaming over HTTP avoids the need for a media control server (RTSP).
 This reduces the cost of deploying a large-scale application.
2) No Firewall Problem
 The use of HTTP over TCP also allows the video to traverse firewalls and NATs
more easily.
DEPARTMENT OF ISE, BIT Page 164
COMPUTER NETWORKS AND SECURITY-18CS52 2020

3) Prefetching Video
 The client downloads the video at a rate higher than the consumption rate.
 Thus, prefetching video-frames that are to be consumed in the future.
 This prefetched video is stored in the client application buffer
• Nowadays, most video-streaming applications use HTTP streaming. For example: YouTube

Client Application Buffer & TCP Buffers

• Figure 5.1 illustrates the interaction between client and server for HTTP streaming.
• On the server side,
1) The bytes of the video file are sent into the server‟s socket.
2) Then, the bytes are placed in the TCP send buffer before.
3) Finally, the bytes are transmitted into the Internet.
• On the client side,
1) The application (media-player) reads bytes from the TCP receive-buffer (thro client-
socket)
2) Then, the application places the bytes into the client-buffer.
3) At the same time, the application periodically
→ grabs video-frames from the client-buffer
→ decompresses the frames and

Figure 5.1: Streaming stored video over HTTP/TCP

Early Termination & Repositioning the Video

• HTTP streaming systems make use of the byte-range header in the HTTP GET request
message.
• Byte-range header specifies the range of bytes the client currently wants to retrieve from the
video.
• This is particularly useful when the user wants to reposition to a future point in the video.
• When the user repositions to a new position, the client sends a new HTTP request.

DEPARTMENT OF ISE, BIT Page 165

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• When server receives new HTTP request, the server sends the requested-bytes.
• Disadvantage:
When a user repositions to a future point in the video, some prefetched-but-not-yet-
viewed data will go unwatched. This results in a waste of bandwidth and server-
resources.

5.3.3. Adaptive Streaming & DASH

• Problem with HTTP streaming:
All clients receive the same encoding of video, despite the large variations in the
amount of bandwidth available to different clients.
Solution: Use DASH (Dynamic Adaptive Streaming over HTTP).

DASH
• The video is encoded into several different versions.
• Each version has a different bit-rate and a different quality level.
• Two main tasks:
4) The client dynamically requests video-chunks from the different versions: low &
high.
i) When the available bandwidth is high, the client selects chunks from a
high-rate version. For ex: Fiber connections can receive a high-quality
version.
ii) When the available bandwidth is low, the client naturally selects from a
low-rate version. For ex: 3G connections can receive a low-quality version.
5) The client adapts to the available bandwidth if end-to-end bandwidth changes during
session.
 This feature is particularly important for mobile-users.
 The mobile-users see their bandwidth fluctuate as they move with respect to base-
stations.
• HTTP server stores following files:
1) Each video version with a different URL.
2) Manifest file provides a URL for each version along with its bit-rate.
• Here is how it works:
1) First, the client requests the manifest file and learns about the various versions.
2) Then, the client selects one chunk at a time by specifying
→ URL and
→ byte range in an HTTP GET request message.
3) While downloading chunks, the client
→ measures the received bandwidth and
DEPARTMENT OF ISE, BIT Page 166
COMPUTER NETWORKS AND SECURITY-18CS52 2020

→ runs a rate determination-algorithm.

i) If measured-bandwidth is high, client will choose chunk from high-rate
version.
ii) If measured-bandwidth is low, client will choose chunk from low-rate
version
4) Therefore, DASH allows the client to freely switch among different quality-levels.
• Advantages:
1) DASH can achieve continuous playout at the best possible quality level w/o frame
freezing.
2) Server-side scalability is improved: Because
→ the client maintains the intelligence to determine which chunk to send next.
3) Client can use HTTP byte-range request to precisely control the amount of prefetched
video.
5.3.4. Content Distribution Networks (CDN)
Motivation for CDN
• The streaming video service can be provided is as follows:
1) Build a single massive data-center.
2) Store all videos in the data-center and
3) Stream the videos directly from the data-center to clients worldwide.
• Three major problems with the above approach:
1) More Delay
 If links provides a throughput lesser than consumption-rate, the end-to-end
throughput will also be below the consumption-rate.
 This results in freezing delays for the user.
2) Network Bandwidth is wasted
 A popular video may be sent many times over the same links.
3) Single Point of Failure
 If the data-center goes down, it cannot distribute any video streams.
 Problem Solution: Use CDN (Content Distribution Network).

CDN Types
• A CDN
→ manages servers in multiple geographically distributed locations
→ stores copies of the videos in its servers, and
→ attempts to direct each user-request to a CDN that provides the best user experience.
• The CDN may be a private CDN or a third-party CDN.

DEPARTMENT OF ISE, BIT Page 167

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1). Private CDN

 A private CDN is owned by the content provider itself.
 For example:
Google’s CDN distributes YouTube videos
2). Third Party CDN
A third-party CDN distributes content on behalf of multiple content providers CDNs.
 Two approaches for server placement:
• Enter Deep
¤ The first approach is to enter deep into the access networks of ISPs.
¤ Server-clusters are deployed in access networks of ISPs all over the world.
¤ The goal is to get close to end users.
¤ This improves delay/throughput by decreasing no. of links b/w end user &
CDN cluster
• Bring Home
¤ The second approach is to bring the ISPs home.
¤ Large clusters are built at a smaller number of key locations.
¤ These clusters are connected using a private high-speed network.
¤ Typically, clusters are placed at a location that is near the PoPs of many tier-1
ISPs. For example: within a few miles of both Airtel and BSNL PoPs in a
major city.
¤ Advantage:
Lower maintenance and management overhead.
¤ Disadvantage:
Higher delay and lower throughput to end users.
CDN Operation
• When a browser wants to retrieve a specific video, the CDN intercepts the request.
• Then, the CDN
1) determines a suitable server-cluster for the client and
2) Redirects the client‟s request to the desired server.
• Most CDNs take advantage of DNS to intercept and redirect requests.
• CDN operation is illustrated in Figure 5.2.

DEPARTMENT OF ISE, BIT Page 168

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.2: DNS redirects a user‟s request to a CDN server

• Suppose a content provider “NetCinema” employs the CDN company ”KingCDN” to

distribute videos.
• Let URL = http://video.netcinema.com/6Y7B23V
• Six events occur as shown in Figure 5.2:
1) The user visits the Web page at NetCinema.
2) The user clicks on the following link:
http://video.netcinema.com/6Y7B23V,
 Then, the user‟s host sends a DNS query for “video.netcinema.com”.
3) The user‟s local-DNS-server (LDNS) forwards the DNS-query to an authoritative-
DNS-server “NetCinema”.
 The server “NetCinema” returns to the LDNS a hostname in the KingCDN‟s domain.
 For example: “a1105.kingcdn.com”.
4) The user‟s LDNS then sends a second query, now for “a1105.kingcdn.com”.
 Eventually, KingCDN‟s DNS system returns the IP addresses of a “KingCDN” server
to LDNS.
5) The LDNS forwards the IP address of the “KingCDN" server to the user‟s host.
6) Finally, the client
→ establishes a TCP connection with the server
→ issues an HTTP GET request for the video.
Cluster Selection Strategies
• Cluster-selection strategy is used for dynamically directing clients to a server-cluster within
the CDN.
• The CDN learns the IP address of the client‟s LDNS server via the client‟s DNS lookup.
• After learning this IP address, the CDN selects an appropriate cluster based on this IP
address.
DEPARTMENT OF ISE, BIT Page 169
COMPUTER NETWORKS AND SECURITY-18CS52 2020

• Three approaches for cluster-selection:

1) Geographically Closest
 The client is assigned to the cluster that is geographically closest.
 Using geo-location databases, each LDNS IP address is mapped to a geographic
location.
 When a DNS request is received from LDNS, the CDN chooses geographically
closest-cluster.
 Advantage:
This solution can work reasonably well for a large fraction of the clients.
 Disadvantages: The solution may perform poorly. This is because
1) Geographically closest-cluster may not be the closest-cluster along the path.
2) The LDNs location may be far from the client‟s location.
2) Based on Current Traffic Conditions
 The best cluster can be determined for a client based on the current traffic-conditions.
 CDNs perform real-time measurements of delay/loss performance b/w their clusters
& clients.
 In a CDN, each cluster periodically sends probes to all of the LDNSs around the
world.
 Disadvantage:
Many LDNSs are configured to not respond to the probes.
3) IP Any cast
 The idea behind IP any cast:
In Internet, the routers must route the packets to the closest-cluster, as
determined by BGP.
 IP any cast is illustrated in Figure 5.3.

Figure 5.3: Using IP any cast to route clients to closest CDN cluster

DEPARTMENT OF ISE, BIT Page 170

COMPUTER NETWORKS AND SECURITY-18CS52 2020

 Here is how it works:

1) During the IP-any cast configuration stage, the CDN company
→ assigns the same IP address to each clusters and
→ uses BGP to advertise the IP address from different cluster locations.
2) The BGP router treats the multiple route advertisements as different
paths to the same physical location.
3) Then, the BGP router picks the “best” route to the IP address.

5.4. Voice-over-IP (VOIP)

• Real-time voice over the Internet is often referred to as Internet telephony.
• It is also commonly called Voice-over-IP (VoIP).

5.4.1. Limitations of the Best-Effort IP Service

• The Internet’s network-layer protocol IP provides best-effort service.
• The IP makes best effort to move each datagram from source to destination.
• But IP does not guarantee deliver of the packet to the destination.
• Three main challenges to the design of real-time applications:
1) Packet-loss
2) Packet delay and
3) Packet jitter.

1. Packet Loss
• By default, most existing VoIP applications run over UDP.
• The UDP segment is encapsulated in an IP datagram.
• The datagram passes through router buffers in the path from sender to receiver
Problem:
 There is possibility that one or more buffers are full.
 In this case, the arriving IP datagram may be discarded.
Possible solution:
 Loss can be eliminated by sending the packets over TCP rather than over UDP.
 However, retransmissions are unacceptable for real-time applications they increase
delay.
 Packet-loss results in a reduction of sender‟s transmission-rate, leading to buffer
starvation.

2. End-to-End Delay
• End-to-end delay is the sum of following delays:

DEPARTMENT OF ISE, BIT Page 171

COMPUTER NETWORKS AND SECURITY-18CS52 2020

1) Transmission, processing, and queuing delays in routers.

2) Propagation delays in links and
3) Processing delays in end-systems.
• For VoIP application,
→ delays smaller than 150 msecs are not perceived by a human listener.
→ delays between 150 and 400 msecs can be acceptable but are not ideal and
→ delays exceeding 400 msecs can seriously hinder the interactivity in voice
conversations.
• Typically, the receiving-side will discard any packets that are delayed more than a certain
threshold.
• For example: more than 400 msecs.

3. Packet Jitter
• Jitter refers to varying queuing delays that a packet experiences in the network’s routers.
• If the receiver
→ ignores the presence of jitter and
→ plays out audio-chunks,
Then the resulting audio-quality can easily become unintelligible.
• Jitter can often be removed by using sequence numbers, timestamps, and a playout delay

5.4.2. Removing Jitter at the Receiver for Audio

• For VoIP application, receiver must provide periodic playout of voice-chunks in
presence of random jitter
• This is typically done by combining the following 2 mechanisms:
1) Pre pending each Chunk with a Timestamp
 The sender attaches each chunk with the time at which the chunk was generated.
2) Delaying Playout of Chunks at the Receiver
 The playout delay of the received chunks must be long.
 So, the most of the packets are received before their scheduled playout times.
 This playout delay can either be
→ fixed throughout the duration of the session or
→ vary adaptively during the session-lifetime.

5.4.3. Recovering from Packet Loss

• Loss recovery schemes attempt to preserve acceptable audio-quality in the presence of
packet-loss.

DEPARTMENT OF ISE, BIT Page 172

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• Here, packet-loss is defined in a 2 broad sense:

i) A packet is lost if the packet never arrives at the receiver or
ii) A packet is lost if the packet arrives after its scheduled playout time.
• VoIP applications often use loss anticipation schemes.
• Here, we consider 2 types of loss anticipation schemes:
1) Forward error correction (FEC) and
2) Interleaving.
• We also consider an error concealment scheme.

5.4.3.1. FEC
• The basic idea of FEC: Redundant information is added to the original packet stream.
• The redundant information can be used to reconstruct approximations of some of the lost-
packets.
• Two FEC mechanisms:
1) Block Coding
 A redundant encoded chunk is sent after every n chunks.
 The redundant chunk is obtained by exclusive OR-ing the n original chunks.
 If anyone packet in a group is lost, the receiver can fully reconstruct the lost-packet.
 Disadvantages:
1) If 2 or more packets in a group are lost, receiver cannot reconstruct the lost-
packets.
2) Increases the playout delay. This is because
→ Receiver must wait to receive entire group of packets before it can begin
playout.
2) Lower Resolution Redundant Information
 A lower-resolution audio-stream is sent as the redundant information.
 For example: The sender creates
→ Nominal audio-stream and
→ Corresponding low-resolution, low-bit-rate audio-stream.
 The low-bit-rate stream is referred to as the redundant-stream.
 As shown in Figure 5.4, the sender constructs the nth packet by
→ taking the nth chunk from the nominal stream and
→ appending the nth chunk to the (n–1)st chunk from the redundant-stream
 Advantage:
Whenever there is packet-loss, receiver can hide the loss by playing out low-bit-
rate chunk.

DEPARTMENT OF ISE, BIT Page 173

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.4: Piggybacking lower-quality redundant information

5.4.3.2. Interleaving
• A VoIP application can send interleaved audio.
• The sender resequences units of audio-data before transmission.
• Thus, originally adjacent units are separated by a certain distance in the transmitted-stream.
• Interleaving can mitigate the effect of packet-losses.
• Interleaving is illustrated in Figure 5.5.
• For example:
If units are 5 msecs in length and chunks are 20 msecs (that is, four units per chunk),
then
→ the first chunk contains the units 1, 5, 9, and 13
→ the second chunk contains the units 2, 6, 10 & 14 and so on.
• Advantages:
1) Improves the perceived quality of an audio-stream.
2) Low overhead.
3) Does not increase the bandwidth requirements of a stream.

• Disadvantage:
1) Increases latency. This limits use for VoIP applications.

DEPARTMENT OF ISE, BIT Page 174

 COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.5: Sending interleaved audio

5.4.3.3. Error Concealment

• This scheme attempts to produce a replacement for a lost-packet that is similar to the
original.
• This is possible since audio-signals exhibit large amounts of short-term self-similarity.
• Two receiver-based recovery techniques:
1) Packet Repetition
 This replaces lost-packets with copies of packets that arrived immediately before the
loss.
. Advantage: Low computational complexity.
2) Interpolation
 This uses audio before and after the loss to interpolate a suitable packet to cover the
loss.
 Advantage:
1. Performs better than packet repetition.

5.5. Protocols for Real-Time Conversational Applications

• Real-time applications are very popular. For ex: VoIP and video conferencing.
• Two standards bodies are working for real-time applications:
1) IETF (Internet Engineering Task Force)
2) ITU (International Telecommunication Union)
• Both standards (IETF & ITU) are enjoying widespread implementation in industry products.

DEPARTMENT OF ISE, BIT Page 175

COMPUTER NETWORKS AND SECURITY-18CS52 2020

5.5.1. RTP (Real Time Protocol)

• RTP can be used for transporting common formats such as
→ MP3 for sound and
→ MPEG for video
• It can also be used for transporting proprietary sound and video formats.
• Today, RTP enjoys widespread implementation in many products and research prototypes.
• It is also complementary to other important real-time interactive protocols, such as SIP.

RTP Basics
• RTP runs on top of UDP.
• The RTP packet is composed of i) RTP header & ii) audio chunk
• The header includes
i) Type of audio encoding
ii) Sequence number and
iii) Timestamp.
• The application appends each chunk of the audio-data with an RTP header.
• Here is how it works:
1) At sender-side:
i) A media chunk is encapsulated within an RTP packet.
ii) Then, the packet is encapsulated within a UDP segment.
iii)Finally, the UDP segment is handed over to IP.
2) At receiving-side:
i) The RTP packet is extracted from the UDP segment.
ii) Then, the media chunk is extracted from the RTP packet.
iii)Finally, the media chunk is passed to the media-player for decoding and rendering
• If an application uses RTP then the application easily interoperates with other multimedia
applications
• For example:
If 2 different companies use RTP in their VoIP product, then users will be able to
communicate.
• What RTP does not provide?
i) It does not provide any mechanism to ensure timely delivery of data.
ii) It does not provide quality-of-service (QoS) guarantees.
iii)It does not guarantee delivery of packets.
iv) It does not prevent out-of-order delivery of packets.
• RTP encapsulation is seen only at the end systems.
• Routers do not distinguish between

DEPARTMENT OF ISE, BIT Page 176

COMPUTER NETWORKS AND SECURITY-18CS52 2020

i) IP datagram’s that carry RTP packets and

ii) IP datagram’s that don’t carry RTP packets.
• RTP allows each source to be assigned its own independent RTP stream of packets.
• For example:
1) For a video conference between two participants, four RTP streams will be opened
i) Two streams for transmitting the audio (one in each direction) and
ii) Two streams for transmitting the video (again, one in each direction).
2) Encoding technique MPEG bundles audio & video into a single stream.
 In this case, only one RTP stream is generated in each direction.
• RTP packets can also be sent over one-to-many and many-to-many multicast trees.
RTP Packet Header Fields
• Four header fields of RTP Packet (Figure 5.6):
1) Payload type
2) Sequence number
3) Timestamp and
4) Source identifier.
• Header fields are illustrated in Figure 5.6.

Figure 5.6: RTP header fields

Table 5.1: Audio payload types supported by RTP

DEPARTMENT OF ISE, BIT Page 177

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Table 5.2: Some video payload types supported by RTP

1) Payload Type
i) For an audio-stream, this field is used to indicate type of audio encoding that is being
used.
 For example: PCM, delta modulation.
 Table 5.1 lists some of the audio payload types currently supported by RTP.
ii) For a video stream, this field is used to indicate the type of video encoding.
 For example: motion JPEG, MPEG.
 Table 5.2 lists some of the video payload types currently supported by RTP.
2) Sequence Number
• This field increment by one for each RTP packet sent.
• This field may be used by the receiver to detect packet loss and to restore packet sequence.
3) Timestamp
• This field reflects the sampling instant of the first byte in the RTP data packet.
• The receiver can use timestamps
→ to remove packet jitter in the network and
→ to provide synchronous playout at the receiver.
• The timestamp is derived from a sampling clock at the sender.
4) Source Identifier (SRC)
• This field identifies the source of the RTP stream.
• Typically, each stream in an RTP session has a distinct SRC.

5.5.2. SIP
• SIP (Session Initiation Protocol) is an open and lightweight protocol.
• Main functions of SIP:
1) It provides mechanisms for establishing calls b/w a caller and a callee over an IP
network.
2) It allows the caller to notify the callee that it wants to start a call.
3) It allows the participants to agree on media encodings.
4) It also allows participants to end calls.
5) It provides mechanisms for the caller to determine the current IP address of the
callee.

DEPARTMENT OF ISE, BIT Page 178

COMPUTER NETWORKS AND SECURITY-18CS52 2020

6) It provides mechanisms for call management, such as

→ adding new media streams during the call
→ changing the encoding during the call
→ inviting new participants during the call,
→ Call transfer and
→ call holding.
Setting up a Call to a Known IP Address
• SIP call-establishment process is illustrated in Figure 5.7.

Figure 5.7: SIP call establishment when Alice knows Bob‟s IP address
• Consider an example: Alice wants to call Bob.
• Alice‟s & Bob‟s PCs are both equipped with SIP-based software for making and receiving
phone calls.
• The following events occur:
1) An SIP session begins when Alice sends Bob an INVITE message.
 This INVITE message is sent over UDP to the well-known port 5060 for SIP.
 The INVITE message includes
i) An identifier for Bob ([email protected])
ii) An indication of Alice‟s current IP address
iii)An indication that Alice desires to receive audio, which is encoded in format
AVP 0.
DEPARTMENT OF ISE, BIT Page 179
COMPUTER NETWORKS AND SECURITY-18CS52 2020

2) Then, Bob sends an SIP response message (which resembles an HTTP response
message).
 The response message is sent over UDP to the well-known port 5060 for SIP.
 The response message includes
i) 200 OK
ii) An indication of Bob‟s current IP address
iii)An indication that Bob desires to receive audio, which is encoded in format
AVP 3.
3) Then, Alice sends Bob an SIP acknowledgment message.
4) Finally, Bob and Alice can talk.
• Three key characteristics of SIP:
1) SIP is an out-of-band protocol
 The SIP message & the media-data use different sockets for sending and receiving.
2) The SIP messages are ASCII-readable and resemble HTTP messages.
3) SIP requires all messages to be acknowledged, so it can run over UDP or TCP.
SIP Messages
• Suppose that Alice wants to initiate a VoIP call to Bob.
• Then, her message will look something like this:

L1) INVITE sip:[email protected] SIP/2.0

L2) Via: SIP/2.0/UDP 167.180.112.24
L3) From: sip:[email protected]
L4) To: sip:[email protected]
L5) Call-ID: [email protected] L6) Content-
Type: application/sdp
L7) Content-Length: 885
L8) c=IN IP4 167.180.112.24
L9) m=audio 38060 RTP/AVP 0

• Line by line explanation is as follows:

L1) The INVITE line includes the SIP version.
L2) Via header indicates the IP address of the SIP device.
L3) Similar to an e-mail message, the SIP message includes a From header line.
L4) Similar to an e-mail message, the SIP message includes a To header line.
L5) Call-ID uniquely identifies the call.
L6) Content-Type defines the format used to describe the message-content.
L7) Content-Length provides the length in bytes of the message-content.
L8) A carriage return followed by line feed.

DEPARTMENT OF ISE, BIT Page 180

COMPUTER NETWORKS AND SECURITY-18CS52 2020

L9) The message contains the content.

Name Translation & User Location
• IP addresses are often dynamically assigned with DHCP.
• Suppose that Alice knows only Bob‟s e-mail address, [email protected]
• In this case, Alice needs to obtain the IP address of the device associated with the
[email protected].
• How to find IP address?
1) Alice creates & sends an INVITE message to an SIP proxy.
2) The proxy responds with an SIP reply.
 The reply includes the IP address of the device associated with the [email protected].
• How can the proxy server determine the current IP address for [email protected]? Answer:
Every SIP user has an associated registrar.
 First, a user launches an SIP application on a device.
 Then, the application sends an SIP register message to the registrar.
 Finally, IP address of the device will be registered in the registrar .
• The user’s registrar keeps track of his current IP address.
• When the user switches to a new device, IP address of new device will be registered in the
registrar.
• The registrar is analogous to a DNS authoritative name server:
1) The DNS server translates fixed host names to fixed IP addresses;
2) The SIP registrar translates human identifiers (ex: [email protected]) to dynamic IP
address.
• Session initiation process is illustrated in Figure 5.8.
• [email protected](217.123.56.89) wants to initiate VoIP session with [email protected]
(197.87.54.21)
• The following steps are taken:
1) Jim sends an INVITE message to the umass SIP proxy.
2) The proxy
→ performs DNS lookup on the SIP registrar upenn.edu and
→ forwards then the message to the registrar server upenn.
3) [email protected] is not registered at the upenn registrar.
 Therefore, the upenn registrar sends a redirect response to umass proxy.
4) The umass proxy sends an INVITE message to the eurecom SIP registrar.
5) The eurecom registrar
→ knows the IP address of [email protected] and
→ forwards INVITE message to the host 197.87.54.21 which is running Keith‟s
SIP client.

DEPARTMENT OF ISE, BIT Page 181

COMPUTER NETWORKS AND SECURITY-18CS52 2020

8) An SIP response is sent back through registrars/proxies to SIP client on

217.123.56.89.
9) Media is sent directly between the two clients.

Figure 5.8: Session initiation, involving SIP proxies and registrars

5.6. Network Support for Multimedia
• Table 5.3 summarizes 3 approaches to provide network-level support for multimedia
applications.
1) Making the Best of Best-effort Service
• The application-level mechanisms can be successfully used in a n/w where packet-loss rarely
occur.
• When demand increases are forecasted, ISPs can deploy additional bandwidth & switching
capacity.
• This ensures satisfactory delay and packet-loss performance.
2) Differentiated Service
• In this, one traffic-type can be given priority over another one when both are queued at a
router
• For ex:
Packets belonging to a real-time application can be given priority over non-real-time
application.
3) Per-connection QoS Guarantees
• In this, each instance of an application explicitly reserves end-to-end bandwidth.
• Thus, end-to-end performance is guaranteed.
i) A hard guarantee means the application will receive its requested QoS with certainty.

DEPARTMENT OF ISE, BIT Page 182

COMPUTER NETWORKS AND SECURITY-18CS52 2020

ii) A soft guarantee means the application will receive its requested QoS with high
probability.

Table 5.3: Three network-level approaches to supporting multimedia applications

5.6.1. Dimensioning Best Effort Networks

• Bandwidth-provisioning is defined as
“The bandwidth capacity required at network links to achieve a given performance.”
• Network dimensioning is defined as
“The design of a network topology to achieve a given performance.”
• Three issues must be addressed to achieve a given performance:
1) Models of traffic demand between network end points.
• Models have to be specified at both the call-level and at the packet-level.
i) Example for call level: Users arriving to the network and starting up end-to-end
applications.
ii) Example for packet level: Packets being generated by ongoing applications.
2) Well-defined performance requirements.
• For example
 Consider delay-sensitive traffic, such as a conversational multimedia application.
 Here, a performance requirement can be:
→ Probability the end-to-end delay of the packet is greater than a maximum
tolerable delay
3) Models to predict end-to-end performance for a given workload model.
• Techniques to find a least cost bandwidth allocation that results in all user requirements
being met.

5.6.2. Providing Multiple Classes of Service

• The traffic can be divided into different classes.

DEPARTMENT OF ISE, BIT Page 183

COMPUTER NETWORKS AND SECURITY-18CS52 2020

•Different priority can be provided to the different traffic-classes.

• For example:
ISP provides a higher priority to delay-sensitive VoIP traffic than to elastic traffic
email/HTTP.
Motivating Scenarios
• Figure 5.9 shows a simple network scenario.
• Here, two flows
→ originate on Hosts H1 & H2 on one LAN and
→ are destined for Hosts H3 and H4 on another LAN.
• The routers on the two LANs are connected by a 1.5 Mbps link.

Figure 5.9: Competing audio and HTTP applications

• Consider the best-effort Internet.

• At output-queue of R1, the audio and HTTP packets are mixed & transmitted in a FIFO
order.
• Problem: HTTP packet from Web-server fills up the queue. This causes delay/loss of audio
packets.
• Solution:
 Use a priority scheduling discipline.
 Here, an audio packet will always be transmitted before HTTP packets.

Insight 1:
• Packet marking allows a router to distinguish among packets belonging to different classes
of traffic.
• If audio application starts sending packets at 1.5 Mbps or higher, then the HTTP packets will
starve.
DEPARTMENT OF ISE, BIT Page 184
 COMPUTER NETWORKS AND SECURITY-18CS52 2020

Insight 2:
• It is desirable to provide a degree of traffic isolation among classes.
• Thus, one class is not adversely affected by another class of traffic that misbehaves.

5.6.2.1. Approaches for Providing Isolation among Traffic Classes

• Two approaches:
1) Traffic policing can be performed.
2) Packet-scheduling mechanism explicitly allocates a fixed amount of bandwidth to
each class.

Using Traffic Policing

• Traffic policing can be performed. This scenario is shown in Figure 5.10.
• If a traffic class meets certain criteria, then a policing mechanism ensures that these
criteria are observed. (For example: the audio flow should not exceed a peak-rate of 1 Mbps).
• If the policed application misbehaves, the policing mechanism will take some action. (For
example: drop or delay packets that are in violation of the criteria)
• The leaky bucket mechanism is the most widely used policing mechanism.
• This scenario is shown in Figure 5.10.

Figure 5.10: Policing (and marking) the audio and HTTP traffic classes

Using Packet Scheduling

• Packet-scheduling mechanism explicitly allocates a fixed amount of bandwidth to each class.
• For example:
→ the audio class will be allocated 1 Mbps at R1
DEPARTMENT OF ISE, BIT Page 185
COMPUTER NETWORKS AND SECURITY-18CS52 2020

→ the HTTP class will be allocated 0.5 Mbps.

• This scenario is shown in Figure 5.11.

Figure 5.11: Logical isolation of audio and HTTP traffic classes

Insight 3:
While providing isolation among classes, it is desirable to use resources as efficiently as
possible.

5.6.2.3. Scheduling Mechanisms

• Queue-scheduling refers to “The manner in which queued packets are selected for
transmission on the link.”

1. FIFO
• FIFO (First-In-First-Out) is illustrated in Figure 5.12 & Figure 5.13.
• Packets are transmitted in order of their arrival at the queue.
• Packets arriving at the queue wait for transmission if the link is currently busy.
• Packets are discarded when they arrive at a full buffer.
• When a packet is completely transmitted over outgoing-link, the packet is removed from the
queue.
• Disadvantages:
1) This is not possible to provide different information flows with different QoS.
2) Hogging occurs when a user
→ sends packets at a high rate and
→ fills the buffers in the system
Thus, depriving other users of access to the buffer.

DEPARTMENT OF ISE, BIT Page 186

 COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.12: FIFO queueing

Figure 5.13: Operation of the FIFO queue

2. Priority Queuing
• PQ (Priority Queuing) is illustrated in Figure 5.14 & Figure 5.15.
• Number of priority classes is defined.
• A separate buffer is maintained for each priority class.
• Each time the transmission link becomes available, the next packet for transmission is
selected from the highest priority queue.
• Typically, the choice among packets in the same priority-class is done in a FIFO manner.
• In a non-preemptive PQ, the transmission of a packet is not interrupted once it has begun.
• Disadvantages:
1) This does not discriminate among users of the same priority.
2) This does not allow for providing some degree of guaranteed access to
transmission bandwidth to the lower priority classes.
3) Hogging occurs.

DEPARTMENT OF ISE, BIT Page 187

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.14 : Priority Queueing

Figure 5.15: Operation of the priority queue

3. RRQ
• RRQ (Round Robin Queuing) is illustrated in Figure 5.16 & Figure 5.17.
• The transmission bandwidth is divided equally among the buffers.
• Each user flow has its own logical buffer.
• Round-robin scheduling is used to service each non-empty buffer one bit at a time.
• In the simplest form, a class 1 packet is transmitted, followed by a class 2 packets, followed
by a class 1 packet, followed by a class 2 packet, and so on.
• RRQ is a work-conserving queuing discipline.
• Thus, RRQ will immediately move on to the next class when it finds an empty queue.
• Disadvantage: Extensive processing at the destination.

Figure 5.16: Round-robin queuing

DEPARTMENT OF ISE, BIT Page 188

 COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.17: Operation of the two-class round robin queue

4. WFQ
• WFQ (Weighted Fair Queuing) is illustrated in Figure 5.18.
• Each user flow has its own buffer, but each user flow also has a weight that determines its
relative share of the bandwidth.
• If buffer 1 has weight 1 and buffer 2 has weight 3, then buffer 1 will receive 1/4 of the
bandwidth and buffer 2 will receive 3/4 of the bandwidth.
• In each round, each non-empty buffer would transmit a number of packets proportional to its
weight.
• WFQ systems are means for providing QoS guarantees.
• WFQ is also a work-conserving queuing discipline.
• Thus, WFQ will immediately move on to the next class when it finds an empty queue.

Figure 5.18: Weighted fair queuing

5.6.3. DiffServ
• This provides QoS support to a broad class of applications.
• This provides service differentiation.
• Differentiation is defined as “The ability to handle different classes of traffic in different
ways within the Internet”.

DEPARTMENT OF ISE, BIT Page 189

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.21: Overview of DiffServ operation

• The Diffserv architecture consists of 2 functional elements:

1) Packet Classification & Traffic Conditioning
• The traffic-classifier routes packets to specific outputs, based on the values of one or
more header- fields.
• The traffic-profile contains a limit on the peak-rate of the flow.
• The traffic-conditioner detects and responds if any packet has violated the negotiated traffic-
profile.
•The traffic-conditioner has 4 major components:
i) Meter
 The meter measures the traffic to make sure that packets do not exceed their traffic
profiles
ii) Marker
 The marker marks or unmarks packets in order to keep track of their situations
in the Diffserv node.
iii) Shaper
 The shaper delays any packet that is not complaint with the traffic-profile
iv) Dropper
 The dropper discards any packet that violates its traffic-profile

2) Core Function: Forwarding

• The per-hop behavior (PHB) is performed by Diffserv-capable routers.
• A router forwards marked-packet onto its next hop according to the PHB (per-hop behavior).
• PHB influences how network-resources are shared among the competing classes of traffic.
• Two types of PHB are: i) expedited forwarding and ii) assured forwarding.
i) Expedited Forwarding (EF) PHB
 This specifies that the departure rate of a class of traffic from a router must equal or
exceed a configured rate.
DEPARTMENT OF ISE, BIT Page 190
COMPUTER NETWORKS AND SECURITY-18CS52 2020

ii) Assured Forwarding (AF) PHB

 This divides traffic into 3 classes: good, average and poor.
 Here, each class is guaranteed to be provided with some minimum amount of
bandwidth and buffering.
• PHB is defined as
“A description of the externally observable forwarding behavior of a Diffserv node
applied to a particular Diffserv behavior aggregate”
• From above definition, we have 3 considerations:
i) A PHB can result in different classes of traffic receiving different performance.
ii) A PHB does not dictate any particular mechanism for differentiating performance
(behavior) among classes.
iii)Differences in performance must be observable and hence measurable.

5.6.4. Per-Connection QoS Guarantees: Resource Reservation & Call Admission

• Consider two 1 Mbps audio applications transmitting their packets over 1.5 Mbps link
(Figure 5.22).
• The combined data-rate of the two flows (2 Mbps) exceeds the link capacity.
• There is lesser bandwidth to accommodate the needs of both applications at the same time.
• Problem: What should the network do?
Answer:
 One of the applications should be allowed to use the full 1 Mbps.
 While the other application flows should be blocked.
• For example:
 In telephone n/w, if the required resources cannot be allocated to the call, the call is
blocked.

Figure 5.22: Two competing audio applications overloading R1-to-R2 link

DEPARTMENT OF ISE, BIT Page 191

COMPUTER NETWORKS AND SECURITY-18CS52 2020

• Admission process is defined as The process of declaring flow’s QoS requirement, & then
deciding either to accept or block the flow.

Insight 4:
• If sufficient resources are not available, and QoS is to be guaranteed, a call admission
process is needed to decide whether to accept or block the flow.

Mechanisms for Guaranteed QoS

• Three mechanisms to provide guaranteed QoS:
1) Resource Reservation
 The resources are explicitly allocated to the call to meet the desired QoS.
 After reservation, the call has on-demand access to the resources throughout its
duration.
2) Call Admission
 The network must have a mechanism for calls to request & reserve resources.
 If the requested resources are not available, the call will be blocked.
 Such a call admission is performed by the telephone network.
 For ex: In telephone network, we request resources when we dial a number.
i) If the required resources are allocated, the call is completed.
ii) If the required resources cannot be allocated, the call is blocked.
3) Call Setup Signaling
 A signaling protocol can be used to coordinate following activities.
1) The per-hop allocation of local resources (Figure 5.23)
2) The overall end-to-end decision of whether or not the call has been able
to reserve sufficient resources at each and every router on the end-to-end
path.
 The RSVP protocol is a call setup protocol for providing QoS guarantees.

DEPARTMENT OF ISE, BIT Page 192

COMPUTER NETWORKS AND SECURITY-18CS52 2020

Figure 5.23: The call setup process

DEPARTMENT OF ISE, BIT Page 193

COMPUTER NETWORKS AND SECURITY-18CS52 2020

MODULE-WISE QUESTIONS

PART 1
1) Briefly explain properties of Video. (4*)
2) Briefly explain properties of Audio. (4)
3) Briefly explain three broad categories of multimedia network applications. (6*)
4) Briefly explain UDP streaming stored video application. (4*)
5) With a diagram, explain streaming stored video over HTTP/TCP. (6*)
6) Briefly explain adaptive streaming & DASH. (6*)
7) Briefly explain CDN, its motivation & its type. (6)
8) With a diagram, explain CDN Operation. (6*)
9) Briefly explain three approaches for cluster-selection. (6)
10) List out and explain three challenges to the design of real-time applications. (6)
11) Briefly explain two FEC mechanisms. (6*)
12) With a diagram, explain interleaving. (6*)

PART 2

1) Briefly explain RTP & its services. (4*)

2) With general format, explain various field of RTP. (6*)
3) Briefly explain SIP & its services. (4)
4) With a diagram, explain SIP call establishment. (6*)
5) With a diagram, explain SIP name translation & user location. (6)
6) Briefly explain three approaches to provide network-level support for multimedia applications.
(6*)
7) Briefly explain dimensioning best effort networks. (6)
8) Briefly explain 2 approaches for providing isolation among traffic classes. (6)
9) With a diagram for each, explain FIFO and priority queue scheduling. (8*)
10) With a diagram for each, explain RRQ and WFQ scheduling. (8*)
11) With a diagram, explain the working of leaky bucket. (6*)
12) With a diagram, explain various components of DiffServ. (6*)
13) Briefly explain three mechanisms for guaranteed QoS. (6*)

DEPARTMENT OF ISE, BIT Page 194

COMPUTER NETWORKS-15CS52 2017

QUESTION BANK
MODULE I

Application Layer
1. Explain briefly about the Network Application architecture

2. How process communication takes place between client and server?

3. Explain the interface between process and computer network

4. Explain the transport services available to application layer

5. Explain the Transport services provided by internet

6. Explain the Overview of http

7. Compare Non persistent and persistent connection

8. Explain http with non-persistent and persistent concepts

9. Draw and explain http message format

10. Write Short Notes on user sever and cookies

11. What is web caching?

12. Write short notes on FTP

13. Explain about Electronic mail

14. Explain about SMTP

15. Compare SMTP with HTTP

16. Write Short notes on POP3

17. Explain about Domain name service

18. Explain about DNS services

19. Explain about P2P application

20. Explain about Distributed hash table

DEPARTMENT OF ISE, BIT Page 199

COMPUTER NETWORKS-15CS52 2017

21. Describe the Socket programing with TCP and UDP

MODULE II
Transport Layer
1. Explain about Transport-Layer Services:

2. Describe the Relationship between Transport and Network Layers,

3. What is Multiplexing and De multiplexing?

4. Explain about Connectionless Transport: UDP

5. Describe UDP Segment Structure

6. Write short notes on UDP Checksum

7. Explain about the Principles of Reliable Data Transfer

8. Explain in detail about Go-Back-N

9. Explain in detail about Selective repeat

10. Write short notes on The TCP Connection

11. Write short notes on TCP Segment Structure

12. Explain about Round-Trip Time Estimation and Timeout

13. What is a Reliable Data Transfer?

14. Explain about TCP Flow Control

15. Explain about TCP Connection Management

16. What are the Causes and the Costs of Congestion?

17. List and explain the approaches to Congestion Control

18. Describe Network-assisted congestion-control with example

19. Explain about ATM ABR Congestion control

20. Write short notes on TCP Congestion Control: Fairness.

DEPARTMENT OF ISE, BIT Page 200

COMPUTER NETWORKS-15CS52 2017

MODULE III

The Network layer

1. Define Router

2. Explain input and output ports , switching fabric,Queing

3. Explain about the internet protocol

4. Explain the Datagram format

5. Explain in detail about IPV4 addressing

6. Explain about IPV6 addressing

7. Explain about IPV6 format

8. Explain about Network address translation

9. How the Transition does takes place from IPV4 to IPV6

10. Explain about IP security

11. Explain about ICMP in detail

12. Explain about Global and decentralized Routing algorithm

13. Compare Static and dynamic routing protocol

14. Explain about Link state routing protocol

15. Explain about Distance vector routing protocol

16. Explain about Hierarchical routing protocol

17. Explain about Intra AS routing RIP

18. Explain about OSPF

19. Explain about BGP

20. What is Broadcast and multicast routing?

DEPARTMENT OF ISE, BIT Page 201

COMPUTER NETWORKS-15CS52 2017

MODULE V
Multimedia Networking Applications
1. Explain how the streaming is stored for audio and video

2. Explain streaming of live audio and video

3. What are the hurdles for multimedia in the internet?

4. How should the internet evolve to support multimedia?

5. Explain the concept of audio compression in the internet?

6. Explain the video compression in the internet?

7. Write Short notes on Case study of YouTube, Muze, MSL video

8. Explain the concept of audio and video through web server

9. Explain the sending multimedia from a streaming server to a helper application?

10. Write Short notes RTSP

11. Explain the scenario of Mbps audio and FTP transfer

12. Explain the scenario of Mbps audio and higher priority FTP transfer.
13. Explain the scenario of A misbehaving audio application and FTP transfer

14. Explain FIFO scheduling mechanism

15. Explain about Priority Queuing scheduling mechanism

16. Explain about Round Robin technique

17. Explain about Weighted Fair Queuing mechanism

18. Explain about Leaky bucket policy

19. What is DiffServ?

20. Explain in detail about Diffserv architecture
21. Explain about Diffserv traffic classification and conditioning
22. What is Per hop behavior?
23. Explain about Diffserv Retrospective.

DEPARTMENT OF ISE, BIT Page 202

 15CS52
USN

Fifth Semester B.E. Degree uly 2019

Gomputer H
Time: 3 hrs Max. Marks: 80
&
&
Note: Answer any FIYE lull questions, ANEfutl Questionfupach module.
ai &@'
o
9 ry
_(€ o
1 a. Describe in detail the services o DNS and explain the DNIS message format
,&"
L
p'
(08 Marks)
"{w
(n

b. Il[ugtrate the basic operation

Y
F
a AEdFTP. (08 Marks)
d
'o
c)
d
C)
! & OR s
-. ER
.9
2 a. Exptrair the (08 Marks)
q,l
:af
b. Define a sooht socket TCP (08 Marks)
Eo(a)
*tt
*
=
coo
.-I
.g c\
ds
3 a. Draw and FSM for sender 2.1 protocol. (0t Marks)
E^
Ev
b. Elaborate handshaking used in TCF. (04 Marks)

do
c- RTT 1?Oms. Compute
EE
E! (1) RTT after each saryle RTT is obtained, Assume cr: 0.125
En RTT is 100 kfore fost of obtained.
Cor,npute DevRTT, 0"25 ard first of these
^ BE (04 Marks)
bd samples are
^dO -k
bo<
cgd
^
=L
}E
4a. three phases (08 Marks)
d4 b. structuIs (04 Marks)
^Ed
,ra a) c. of Go-Back (04 Marks)
!o
-9=
a
_ sA
tra.
5a. Give of IPV6 and explain (06 Marks)
hv b. message in IGMP? (03 Marks)
9E
5<) c. Wrib link state and if ts the following Eraph with source node
aa tE
^ EE dRefer (07 Marks)
HO
eg d&1
>\ qi
boo
qco
&M
^ ()=
a.;i
F>
69
o-
-^
U< 2*
-i ..i n
t!) "&,v b Fig.Qs(c)
o "t
z
^f
d OR
o
o. 6 a- What is the structure of a,routsr. (07 Marks)
b. List the algorithms? Explain prry one sf-them. (04 Marks)
c. Desgribe the .AS routing protocols in dgJail (05 Marks)

A
d"&l
,{ilk,/
,.%, 1 of2
&
KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi
"rfu
ww
 15CS52

Module-4
7 a. Illustrate the two difftrent approaches for routing toa (08 Marks)
b. With a neat diagranq bring out the steps for mobile to home agent.
(08 Marks)

OR
8 a" Bring out the components of 3G Cellular (08 Marks)
b. Statehandoffi lMhat are the steps invo (05 Marks)
c. Explain the tkee phases,of rnobile IP. (03 Marks)

9 a. Briug out the leaky bucket for traffrc Dohcmg-i B/ (07 Marks)
b. Clasiff the multimedia lications. *qF (03 Marks)
c. Describe the link (06 Marks)
&"\
dg
OR &sglr "Y
10 L. Lisr the storedvideo. bxDldn anv one of them. (08 Marks)
b. Explain the
,SJ

deu (08 Marks)

"
s ,1.

4tr
@

4*#"
4fu
%/
.&

&tM
4ru
&J
&
: 2 of2
q q&4
"&M,',
ru Y
&
*%"e
W KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi
KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi - 590008
KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi - 590008
KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi
KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi
 JiI
l
-".- i'r'"15CS/IS52
';' i *.4'
USN ,ri

Fifth Sem ester B.E. Degree Exam rp3Jion, Dec. 2Ol8 I J an.z0lg
Gomputer Nef:uflorks
'1.' ."lL'.
Time: 3 hrs. '' .t';' ,ti:il
i, Mu*' Marks:80
Note: Answer any FIVEfull questions,fuosing ONEfull questionftom each module.
o
-o ,-t "-"lsj-lEodule-l ""'r4,
Explain HTTP messages. . o+.'-&.i. :
O oi,ro*:a.,
d
o. I a. (08 Marks)

b. Explain web caching with dingryfi. (08 Marks)

6

(u
+t,
o
i')* .,*t' OR ,*"-f' tt:
o
2 a. Explain FTP with its cffiands and replies. (08 Mat'ks)
dg
bo- b. Explain SMTP. ..fuq;: (o4Marhs)
y- c. Explain DNS roS'<fu6c8 record. . "llltll, (04 Marks)

-o
oo
-6
ll l''
jtl vroouid-z
-
.= e.l
cd+ 3a. ExplainSepdei' s view of sequence _nyr.ob* and its opera:i:q:n Goback N protoco(h8
Marks)
!r bO
tso
b.
:du1
Draw'ffiP segment structure andie>mlain. (08 Marks)
-ol: CO
- t; -.
,j,l;',,,'
o> tn
- 3c .oR .'i-. "n,I!-'
.1
'' 'ti
'

4 a. Explain 3 way handshakeand dlosing a TCP cori'ne*tion. ',,,rii,. (08 Marks)

'cbsts"of "" 1,"
^6=

bU b. Explain the causes and congestion. (0E Marks)

do rl . "'Ia,6...'
o!
bo(
(od
..+.!. Modulo-,3
!5 3 a. With diagram explaih router architectule*. (0E Mat*s)
d<
b. Explain IP fragmentation. ; rjo
(0E Marks)
€d S "1."

oe { 'r'&,, oR
o-; 6 a. vector (08 Marks)
routers. t:,i (04 Marks)
tor (04 Marks)
ots
'- ao
qtE
90
^ =-
O.=
>.! 7 architecture. (08 Ma rks)
oo" (08 Ma rks)
trbo
o= "F"
po
,> ''rr OR ,,t
;" 'l

LJ<
8a. Explain steps of handoffarfioQ!le user. (08 Marks)
b Exp lai n H LR, VLR, horn$* ai(dress, c are-o f-ad dress. (08 Marks)
-.i c..i
u;i,#.,

z
o
,r-" @.5,
9 a. With diagram, expJ,liq, naiVe architecture for audio/video streaming (08 Marks)
-F
d

a
b. Explain audio gg1gfpssion i n internet. (08 Marks)

d' oR
10 a. With diag{ar4, explain interaction between client and server using RTSP. (08 Mad<s)
b. ExOtaw.,hn,fiistreaming from streaming server to a media player is done. (08 Marts)

.r, * ****

KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi
ll
KLE Dr. M.S. Sheshgiri College of Engineering & Technology, Library, Belagavi