COMP2190 – Semester 1 2016/2017

Tutorial 0
Problems
1. Imagine that you have trained your St. Bernard, Bernie, to carry a box of three 8mm
tapes instead of a flask of brandy. These tapes each contain 2 terabytes. The dog can travel to
your side, wherever you may be, at 18 km/hr. For what range of distances does Bernie have a
higher data rate than a transmission line whose data rate (excluding overhead) is 48 Gbps? [1]
= 3 × 8 × 2 × 240
1000
=18 × = 5𝑚/𝑠
3600
3×8 ×2×2 40
= = 1099.5𝑠 = 18 𝑚𝑖𝑛𝑠
48 ×10 9

Range:
= 1099.5 × 5 = 550𝑘𝑚 or = 1099.5 × 6 = 650𝑘𝑚

2. An image is 1366 x 768 pixels with 4 bytes/pixel. Assume the image is uncompressed. How long
does it take to transmit it over a 56-kbps modem channel? Over a 1 Mbps cable modem? Over a
10-Mbps Ethernet? Over a 100-Mbps Ethernet? [1]
First convert image to bits:
1366 × 768 × 4 × 8 = 33,570,816 𝑏𝑖𝑡𝑠
Transmission Delay = 𝐿�𝑅 , Where L = Packets (bits), R = Link Bandwidth (bps)

At 56 kbps channel: At 10 Mbps channel:

33,570,816 𝑏𝑖𝑡𝑠 33,570,816 𝑏𝑖𝑡𝑠
= = 599.48𝑠 = = 3.36𝑠
56 × 10 3 𝑏𝑝𝑠 10 × 10 6 𝑏𝑝𝑠

At 1 Mbps channel: At 100 Mbps channel:

33,570,816 𝑏𝑖𝑡𝑠 33,570,816 𝑏𝑖𝑡𝑠
= = 33.57𝑠 = = 0.34𝑠
1 × 10 6 𝑏𝑝𝑠 100× 10 6 𝑏𝑝𝑠
3. Consider the figure below, in which a single router is transmitting packets, each of length L bits,
over a single link with transmission rate R Mbps to another router at the other end of the link.

Suppose that the packet length is L= 8000 bits, and that the link transmission rate along the link
to router on the right is R = 1 Mbps.
a. What is the transmission delay (the time needed to transmit all of a packet's bits into
the link)?
Transmission Delay = 𝐿�𝑅 , Where L = Packets (bits), R = Link Bandwidth (bps)
8000
= = 0.008𝑠
1 × 10 6

b. What is the maximum number of packets per second that can be transmitted by the
link?
1 × 10 6 𝑏𝑝𝑠
= = 125 𝑝𝑎𝑐𝑘𝑒𝑡𝑠 𝑝𝑒𝑟 𝑠𝑒𝑐𝑜𝑛𝑑 𝑎𝑡 1 𝑀𝑏𝑝𝑠
8000 𝑏𝑖𝑡𝑠

4. Consider an application that transmits data at a steady rate (e.g., the sender generates an N-bit
unit of data every k time units, where k is small and fixed.) Also, when such an application starts,
it will continue running for a relatively long period of time. Answer the following questions,
briefly justifying your answer:
a. Would a packet-switched network or a circuit-switched network be more appropriate
for this application? Why?
A circuit-switched network is best in this case because the application has long
sessions with predictable smooth bandwidth. Therefore bandwidth can be
reserved for each application session with no significant waste.

b. Suppose that a packet-switched network is used and the only traffic in this network
comes from such applications as described above. Furthermore, assume that the sum of
the application data rates is less than the capacities of each and every link. Is some form
of congestion control needed? Why?

Insert Answer to question 4b here cause IDK

5. Suppose users share a 3 Mbps link. Also suppose each user requires 150 kbps when
transmitting, but each user transmits only 10% of the time.
a. When circuit switching is used how many users can be supported?
3 × 10 6
= = 20 𝑢𝑠𝑒𝑟𝑠
150 × 10 3

b. What is the probability that a user is transmitting? What is the probability that a user is
idle?
P(I) = Probability user idle
P(T) = Probability user transmitting
P(I) = 1 – P(I) = 1 – 0.1 = 0.9

c. For the remainder of this problem, suppose packet switching is used. Suppose that there
are 120 users. Can this number of users be supported under circuit switching?
No because their aggregate demands will exceed the link capacity.

d. What is the probability that a given (specific) user is transmitting, and the remaining
users are not transmitting?
= (0.1)(0.9)119

e. What is the probability that one user (any one of the 120) is transmitting, and the
remaining users are not transmitting? When one user is transmitting, what fraction of
the link capacity will be used by this user?
= 120C1 (P) (1 - P)120 – 1
= 120C1 (0.1)(0.9)119
The user gets 100% of the link capacity.

f. Find the probability that at any given time exactly n users are transmitting
simultaneously.
= 120Cn (P)n (1 - P)120 – n
= 120Cn (0.1)n (0.9)120 – n

g. Find the probability that there are 21 or more users transmitting.

120 n 120 – n
= 1 − ∑20𝑛=0.( Cn (0.1) (0.9) ) = 0.992
= 1 – 0.992
= 0.008
COMP2190 – Semester 1 2016/2017
Tutorial 1
Problems
1. What are two reasons for using layered protocols? What is one possible disadvantage of
using layered protocols? [1, prob. 10]

One advantage with protocol layering is that it allows protocol designers break up each
layer into smaller manageable pieces so that they can focus on each layer
independently.
Another advantage of protocol layering is that any layer can be easily replaced with a
different implementation due to the separation of responsibilities of each layer.
A disadvantage is that each layer potentially imposes overhead both in terms of
processing time and control information stored in protocol headers.
2. Which of the layers in the reference model reviewed in lecture handles each of the
following:
a. Dividing the transmitted bit stream into frames.
Data Link Layer

b. Determining which route through the subnet to use. [1, prob. 16]
Network Layer

3. Consider two hosts, A and B, connected by a single link of rate R bps. Suppose that the
two hosts are separated by m meters, and suppose the propagation speed along the link
is s meters/sec. Host A is to send a packet of size L bits to Host B.
a. Express the propagation delay, dprop, in terms of m and s.
dprop = m/s seconds

b. Determine the transmission time of the packet, dtrans , in terms of L and R.

dtrans = L/R seconds

c. Ignoring processing and queuing delays, obtain an expression for the end-to-end
delay.
dend-to-end = dprop + dtrans = (m/s + L/R) seconds

d. Suppose Host A begins to transmit the packet at time t = 0. At time t= dtrans , where is
the last bit of the packet?
The bit is just leaving host A.

e. Suppose dprop is greater than dtrans . At time t= dtrans , where is the first bit of the
packet?
The first bit is in the link and has not reached host B.

f. Suppose dprop is less than dtrans. At time t= dtrans , where is the first bit of the packet?
The first bit has reached host B.

g. Suppose s = 2.5 × 108, L=120 bits, and R=56 kbps. Find the distance m so that dprop
equals dtrans .
𝐿 120
m = 𝑅 𝑠𝑠 = 56 × 103 (2.5 × 108 ) = 536 𝑘𝑚
4. Consider a packet of length L which begins at end system A and travels over three links
to a destination end system. These three links are connected by two packet switches.
Let di, si, and Ri denote the length, propagation speed, and transmission rate of link i,
for i=1, 2, 3. The packet switch delays each packet by dproc. Assuming no queuing delays,
in terms of di, si, Ri, (i=1, 2, 3), and L, what is the total end-to-end delay for the packet?
Suppose now the packet is 1,500 bytes the propagation speed on all three links is 𝑠𝑠 =
2.5 × 108 m/s, the transmission rates of all three links are 2 Mbps, the packet switch
processing delay is 3 msec, the length of the first link is 5,000 km, the length of the
second link is 4,000 km, and the length of the last link is 1,000 km. For these values,
what is the end-to-end delay?

dproc = 3msec = 0.003s

delay end-to-end = dtrans + dprop + dproc

𝐿 𝐿 1 2𝐿 3 𝑑 𝑑 𝑑
= 𝑅 + 𝑅 + 𝑅 + 𝑠 + 𝑠 + 𝑠 + 2(𝑑𝑝𝑟𝑜𝑐 )
1 2 3 1 2 3

1500 × 8 𝑏𝑖𝑡𝑠 1500 × 8 𝑏𝑖𝑡𝑠 1500 × 8 𝑏𝑖𝑡𝑠 5000 ×1000𝑚

= + + + +
2 ×10 6 2 ×10 6 2 ×10 6 2 .5 ×10 8
4000 ×1000𝑚 1000 ×1000𝑚
+ + 2(0.003𝑠𝑠)
2 .5 ×10 8 2 .5 ×10 8

= 0.006𝑠𝑠 + 0.006𝑠𝑠 + 0.006𝑠𝑠 + 0.02𝑠𝑠 + 0.016𝑠𝑠 + 0. 004𝑠𝑠 + 0.006𝑠𝑠

= 0.064𝑠𝑠 𝑜𝑟 64𝑚𝑠𝑠

5. Suppose two hosts, A and B, are separated by 20,000 km and are connected by a direct
link of R=2 Mbps. Suppose the propagation speed over the link is 2.5 × 108 m/s.
a. Calculate the bandwidth-delay product, R∙dprop.
m
R x dprop = R ×
s
= 2 × 10 ×
6 20,000 ×1000m
2 .5 ×108

= 160,000 bits
b. Consider sending a file of 800,000 bits from Host A to Host B. Suppose the file is
sent continuously as one large message. What is the maximum number of bits that
will be in the link at any given time?
The link can only carry a maximum of 160,000 bits at any given time.
c. Provide an interpretation of the bandwidth-delay product.
The Bandwidth-delay product is the max number of bits that can be in the link at any
time.

d. What is the width (in meters) of a bit in the link? Is it longer than a football field
(100 m)?
𝐿𝑒𝑛𝑔𝑡ℎ 𝑜𝑓 𝑙𝑖𝑛𝑘
Width =
𝐵𝑎𝑛𝑑𝑤𝑖𝑑𝑡ℎ 𝐷𝑒𝑙𝑎𝑦 𝑃𝑟𝑜𝑑𝑢𝑐𝑡
20,000 ×1000𝑚
=
160,000 𝑏𝑖𝑡𝑠

= 125m, so yes it is larger than a football field.

e. Derive a general expression for the width of a bit in terms of the propagation speed
s, the transmission rate R, and the length of the link m.

𝐿𝑒𝑛𝑔𝑡ℎ 𝑜𝑓 𝑙𝑖𝑛𝑘
Width =
𝐵𝑎𝑛𝑑𝑤𝑖𝑑𝑡ℎ 𝐷𝑒𝑙𝑎𝑦 𝑃𝑟𝑜𝑑𝑢𝑐𝑡
𝑚
=𝑅×𝑑
𝑝𝑟𝑜𝑝
𝑚1
= 𝑚1 �𝑠
𝑅×
𝑠
=𝑅
COMP2190 – Semester 1 2016/2017
Tutorial 2
Problems
1. Consider an HTTP client that wants to retrieve a Web document at a given URL. The IP address
of the HTTP server is initially unknown. What transport and application layer protocols besides
HTTP are needed in this scenario? [2, chp. 2, prob. 3]
• Application Layer: DNS & HTTP
• Transport Layer: UDP for DNS & then TCP for HTTP

2. Consider the following string of ASCII characters that were captured by Wireshark when the
browser sent an HTTP GET message. The characters <cr><lf> are carriage return and line-feed
characters, i.e., the italicized character string <cr> in the text below represent the single
carriage-return character that was contained at that point in the HTTP header. Answer the
following questions, indicating where in the HTTP GET message below you find the answer.

GET /cs453/index.html HTTP/1.1<cr><lf>HOST:

gaia.cs.umass.edu<cr><lf>User-Agent: Mozilla/5.0
(Windows;U; Windows NT 5.1; en-US; rv:1.7.2)
Gecko/20040804 Netscape 7.2 (ax)
<cr><lf>Accept:ext/xml, application/xml,
application/xhtml+xml, text/html;q=0.9,
text/plain;q=0.8,image/png,*/*;q=0.5
<cr><lf>Accept-Language: en-us,en;q=0.5<cr><lf>Accept-
Encoding: zip,deflate<cr><lf>Accept-Charset: ISO,utf-
8,q=0.7,*;q=0.7<cr><lf>Keep-Alive: 300<cr>
<lf>Connection:keep-alive<cr><lf><cr><lf>

a. What is the URL of the document requested by the browser?

gaia.cs.umass.edu/cs453/index.html

b. What version of HTTP is the browser running?

HTTP 1.1

c. Does the browser request a non-persistent or persistent connection?

It requests a persistent connection (see Connection:keep-alive)

d. What is the IP address of the host on which the browser is running?

There is no IP address given in the HTTP GET message above (this is a trick question smh)

1
 e. What type of browser initiates this message? Why is the browser type needed in
an HTTP request message?
Mozilla 5.0 running on Windows XP. The server may need to send different
versions of an object to different browsers.

3. The text below shows the reply sent from the server in response to the HTTP GET message in
the question above. Answer the following questions, indicating where in the message below
you find the answer.

HTTP/1.1 200 OK<cr><lf>Date: Tue, 07 Mar 2008

12:39:45GMT<cr><lf>Server: Apache/2.0.52 (Fedora)
<cr><lf>Last-Modified: Sat, 10 Dec2005 18:27:46
GMT<cr><lf>ETag: "526c3-f22-a88a4c80"<cr><lf>Accept-
Ranges: bytes<cr><lf>Content-Length: 3874<cr><lf>
Keep-Alive: timeout=max=100<cr><lf>Connection:
Keep-Alive<cr><lf>Content-Type: text/html; charset=
ISO-8859-1<cr><lf><cr><lf><!doctype html public "-
//w3c//dtd html 4.0 transitional//en"><lf><html><lf>
<head><lf> <meta http-equiv="Content-Type"
content="text/html; charset=iso-8859-1"><lf> <meta
name="GENERATOR" content="Mozilla/4.79 [en] (Windows NT
5.0; U) Netscape]"><lf> <title>CMPSCI 453 / 591 /
NTU-ST550A Spring 2005 homepage</title><lf></head><lf>
<much more document text following here (not shown)>

a. Was the server able to successfully find the document or not? What time was the
document reply provided?
Yes it was successful (see 200 OK status code above). It was provided Tue, 07 Mar
2008 12:39:45 GMT

b. When was the document last modified?

Sat, 10 Dec 2005 18:27:46 GMT

c. How many bytes are in the document being returned?

Content-length: 3874 bytes

d. What are the first 5 bytes of the document being returned? Did the server agree to a
persistent connection?
<!DOC are the first 5 bytes being returned from the HTML document. Yes the server agreed
to a persistent connection (Connection: keep-alive)

2
 4. Consider the scenario shown in the figure below in which a client wants to access a web server. The
web server is connected to the Internet by a link with a transmission capacity of 1 Gbps, i.e.,
1,000,000,000 bits per second.

a. Suppose a web page (including all of its images, stylesheets, and JavaScript, which are
stored on the Web server) is 1,000,000 bits long. How long does it take for the server to
send a web page (including all of the referenced objects) into the Internet over the gigabit
link?
𝐿 1,000,000 𝑏𝑖𝑡𝑠
= = 0.001s
𝑅 1,000,000,000 bits

b. What is the maximum number of web pages that the web server can transmit per second,
assuming all of the web pages (including all of its images, which are stored on the web
server) are the same size as in (a)?

1,000,000,000
= 1000 pages /s
1,000,000

Now let us consider the case that the web server serves a base page, but that the base page has three
advertisements, each of which is served by the ad server shown in the figure above.
c. Suppose now that (i) the base web page takes 𝑥𝑥 1 seconds to transmit into the Internet,
and that the client-to-web server RTT is RTT 1 , (ii) each advertisement takes 𝑥𝑥 2 seconds
to transmit into the Internet, and the client-to-ad-server RTT is RTT 2 . How much time is
taken from when the client first clicks on the link to access a web page containing these
three ads until the page is displayed? Your answer should be in the form of a formula
involving 𝑥𝑥 1 , RTT 1 , 𝑥𝑥 2 , and RTT 2 . Briefly explain how you arrived at your formula. You
should remember that HTTP runs over TCP. You do NOT have to worry about DNS delays
for this problem. You can assume that: 1) “small” messages (i.e., messages that do not
contain a web page or an image) take zero time to transmit into a link, but do
experience a propagation delay; 2) non-persistent HTTP connections are used.

3
 Total Delay = 2RTT1 + x1 + 3(2RTT2 + x2).
Base web page takes x1 seconds to transmit client-to-web-server RTT1 each ad takes x2 seconds
to transmit client-to-ad-server RTT2

d. Now suppose that the client’s browser has a cache and the client has previously visited
the web page. The web page at the server has changed since the client last viewed the
web page, but the advertisements have not changed. Under the otherwise same
assumptions as (c), how much time is taken from when the client first clicks on the link
to access a web page containing these three ads until the page is displayed? Your
answer should again be in the form of a formula. Briefly explain why your formula here
differs from your answer to (c).
Total Delay = 2RTT1 + x1 + 3 * 2RTT2

e. Let us reconsider (c), but now account for DNS delays. Assume that the local DNS cache
is empty. Suppose now that (i) the RTT between the client and the local DNS server is
RTT 3 , (ii) the time needed to resolve a request through the root, TLD, and authoritative
name servers is RTT 4 . How much time is taken from when the client clicks on the link to
access a web page containing these three ads until the page is displayed, including the
DNS delays. Briefly explain how you arrived at your formula.
RTT3 + RTT4 (Client-to-web server DNS lookup)
RTT3 + RTT4 (Client-to-ad-server DNS lookup for the 1st ad)
RTT3 (DNS Ad lookup for the 2nd ad, no RTT4 necessary)
RTT3 (DNS Ad lookup for the 3rd ad, no RTT4 necessary)
2RTT1 + x1 (Download webpage)
3(2RTT1 + x2) (Download Ads)

Therefore total delay = 4RTT3 + 2RTT4 + 2RTT1 + x1 + 3(2RTT2 + x2)

5.
a. Can a machine with a single DNS name have multiple IP addresses? How could this
occur?
Yes this is possible because of the use of load balancing. DNS uses load distribution
among replicated servers so a client’s request for a domain is distributed across a
group of server machines.

b. Can a computer have two DNS names that fall in different top-level domains? If so give a
plausible example. If not, explain why not?
TLD servers include .com .gov & all of the country top-level domains such as .uk .ca. For
example www.google.com.jm & www.google.co.uk both resolve the same IP address.
4
 6. Suppose that UWI did not have a Web cache. Further, suppose that the Department of
Computing has a local DNS server for all computers in the department. You are an ordinary user.
Can you come up with a way to determine if an external Web site was very likely accessed from
a computer in your department a couple of seconds ago? Explain.
Yes, by using the terminal utility Dig. Dig is a command tool used for querying DNS name servers
for information about host addresses mail exchanges name servers and related information.
This could be used to solve the problem above.

Acknowledgment
Problems 1—3 and 5—6 come from “Computer Networking: A Top-Down Approach,” 7/E by J. F.
Kurose and K. W. Ross. Problem 4 was developed by J. F. Kurose for his CMPSCI290W exam.

5
COMP2190 – Semester 1 2016/2017
Tutorial 3
Problems
1. Both UDP and TCP use port numbers to identify the destination entity when delivering a message.
Give two reasons why these protocols invented a new abstract ID (port numbers), instead of using
process IDs, which already existed when these protocols were designed.

The port number is needed to identify which process within the host is to receive the packet.
Process IDs are not necessarily static for processes in an operating system. Services can also listen
to well-known ports for incoming and outgoing traffic.

2. Suppose Client A initiates a Telnet session with Server S. At about the same time, Client B also
initiates a Telnet session with Server S. Provide possible source and destination port numbers for:
a. The segments sent from A to S.

b. The segments sent from B to S.

c. The segments sent from S to A

d. The segments from S to B.

Hint: Telnet runs on port 23 but why would you need to know that in this day and age?

Segment Source Destination

A to S 32628 23
B to S 43826 23
S to A 23 34628
S to B 23 43826

e. If A and B are different hosts, is it possible that the source port number in the segments
from A to S is the same as that from B to S.
Yes, because there is no relationship between port numbers on different hosts.

f. How about if they are the same host?

No, because a port number univocally identifies a process.
3. UDP and TCP use 1s complement for their checksums. Suppose you have the following three 16-
bit numbers: 0100101101010011, 0101010101010001, 0111010001011100. What is the 1s
complement of the sum of these 16-bit numbers? Show all work. Why is it that UDP takes the 1s
complement of the sum, i.e., why not just use the sum? With the 1s complement scheme how
does the receiver detect errors? Is it possible that a 1-bit error will go undetected? How about a 2-
bit error?

0100 1011 0101 0011

+0101 0101 0101 0001
1010 0000 1010 0100
+0111 0100 0101 1100
1 0001 0101 0000 0000 add the leftover bit to the end of the sum which equals to
0001 0101 0000 0001 for the sum.

The one’s complement is obtained by flipping or inverting all the bits in the sum we got earlier so:
0001 0101 0000 0001 to one’s complement would be 1110 1010 1111 1110.

UDP uses the 1s complement as a basic error detection mechanism which when the checksum
(the 1’s complement of the sum) is added to the sum, it should return all 1s if there were no
errors. If the sum contains a zero, the receiver knows there has been an error. All
1-bit errors will be detected, but 2-bit errors can be undetected (e.g., if the last digit
of the first word is converted to a 0 and the last digit of the second word is converted to a
1).

For example, to check for errors in our data stream, we add the previous sum (0001 0101 0000
0001) to the 1’s complement / checksum (1110 1010 1111 1110) and we get:

0001 0101 0000 0001

+1110 1010 1111 1110
1111 1111 1111 1111 All 1’s which means no errors were present.

4. Consider transferring an enormous file of L bytes from Host A to Host B. Assume an MSS of 536
bytes.
a. What is the maximum value of L such that TCP sequence numbers are not exhausted?
Recall that the TCP sequence number field has 4 bytes.

4 bytes = 32 bits (4 bytes * 8 bits)

232 = 4,294,967,296 bytes or 4GB

Therefore the maximum value of L is equal to 4GB.

 b. For the L you obtain in (a), find how long it takes to transmit the file. Assume that a total
of 66 bytes of transport, network, and data-link header are added to each segment before
the resulting packet is sent over a 155 Mbps link. Ignore flow control and congestion
control so A can pump out the segments back to back and continuously.

First we find the number of segments. We have 536 bytes for each segment of which 66 bytes
is used for the header (transport, datalink, network).

R = 155 Mbps = 155 x 106bps

232
= 8,012,999 segments
536

Then we find the number of bytes for the header info using the total segments from before:

66 x 8,012,999 = 528,857,934 bytes for the total header size for all the segments.

So the bytes transmitted,

= 232 bytes + 528,857,934 bytes

= 4,294,967,296 bytes + 528,857,934 bytes

= 4,823,825,230 bytes

Therefore the total time taken

(4,294,967,296 bytes + 528,857,934 bytes) × 8 bits

=
155 ×106

= 249 seconds
 5. Host A and B are communicating over a TCP connection, and Host B has already received from A
all bytes up through byte 126. Suppose Host A sends two segments to Host B back-to-back. The
first and second segments contain 70 and 50 bytes of data, respectively. In the first segment the
sequence number is 127, the source port number is 302, and the destination port number is 80.
Host B sends an acknowledgment whenever it receives a segment from Host A.
a. In the second segment sent from Host A to B, what are the sequence number, source port
number, and destination port number?

Sequence # = 197, Source Port # = 302, Destination Port # = 80

b. If the first segment arrives before the second segment, in the acknowledgment of the first
arriving segment, what is the acknowledgment number, the source port number, and the
destination port number?

ACK # = 197, Source Port # = 80, Destination Port # = 302

c. If the second segment arrives before the first segment, in the acknowledgment of the first
arriving segment, what is the acknowledgment number?

The acknowledgement number is 127, indicating that it is still waiting for bytes 127 and
onwards.

d. Suppose the two segments sent by A arrive in order at B. The first acknowledgment is lost
and the second acknowledgment arrives after the first timeout interval. Draw a timing
diagram, showing these segments and all other segments and acknowledgments sent.
(Assume there is no additional packet loss). For each segment in your figure, provide the
sequence number and the number of bytes of data; for each acknowledgment that you
add, provide the acknowledgment number.

Host A Host B
Seq = 127, 70 bytes

Seq = 197, 50 bytes

ACK = 197

X
ACK = 247

ACK = 247

Acknowledgment
All problems come from “Computer Networking: A Top-Down Approach,” 7/E by J. F. Kurose and K.
W. Ross
COMP2190 – Semester 1 2016/2017
Tutorial 4
Problems
1. Suppose that TCP's current estimated values for the round trip time (estimatedRTT) and deviation
in the RTT (DevRTT) are 310 msec and 37 msec, respectively. Suppose that the next three measured
values of the RTT are 320, 360, and 330 respectively. Compute TCP's new value of estimatedRTT,
DevRTT, and the TCP timeout value after each of these three measured RTT values is obtained. Use
the values of α = 0.125 and β = 0.25.

Formulas:

EstimatedRTT = (1 – α) • EstimatedRTT + α • SampleRTT

DevRTT = (1 – β) • DevRTT + β •| SampleRTT – EstimatedRTT |
TimeoutInterval = EstimatedRTT + 4 • DevRTT

At First RTT:

EstimatedRTT = (1 – 0.125) • 310 msec + 0.125 • 320 msec = 311.25 msec

DevRTT = (1 – 0.25) • 37 msec + 0.25 •| 320 msec - 311.25 msec | = 29.94 msec
TimeoutInterval = 311.25 msec + 4 • 29.94 msec = 431.01 msec

At Second RTT:

EstimatedRTT = (1 – 0.125) • 311.25 msec + 0.125 • 360 msec = 317.34 msec

DevRTT = (1 – 0.25) • 29.94 msec + 0.25 •| 360 msec - 317.34 msec | = 33.12 msec
TimeoutInterval = 317.34 msec + 4 • 33.12 msec = 449.82 msec

At Third RTT:

EstimatedRTT = (1 – 0.125) • 317.34 msec + 0.125 • 330 msec = 318.92 msec

DevRTT = (1 – 0.25) • 33.12 msec + 0.25 •| 330 msec - 318.92 msec | = 27.61 msec
TimeoutInterval = 318.92 msec + 4 • 27.61 msec = 429.36 msec

2. Host A and B are directly connected with a 100 Mbps link. There is one TCP connection between the
two hosts, and Host A is sending to Host B an enormous file over this connection. Host A can send
its application data into its socket at a rate as high as 120 Mbps, but Host B can read out of its
buffer at a maximum rate of 50 Mbps. Describe the effect of TCP flow control.

Since the link capacity is only 100 Mbps, so host A’s sending rate can be at most 100Mbps. Still, host
A sends data into the receive buffer faster than Host B can remove data from the buffer. The
receive buffer fills up at a rate of roughly 50Mbps. When the buffer is full, Host B signals to Host A
to stop sending data by setting the Receive Window = 0. Host A then stops sending until it receives
a TCP segment with Receive Window > 0. Host A will thus repeatedly stop and start sending as a
function of the Receive Window values it receives from Host B. On average, the long-term rate at
which Host A sends data to Host B as part of this connection is no more than 50Mbps.
 3. Host A and B are communicating over a TCP connection. Host B allocates a buffer of 4096 bytes.
Host A sends two 2 KB segments back-to-back. Suppose that the segments are not immediately
read out of the receive buffer. In the acknowledgment of the second arriving segment which
receive window size does Host B advertise to Host A? At this point can Host A send more data to
Host B? If not, how will Host A be allowed to transmit additional data to Host B?

Host B allocates 4096 bytes in the buffer and Host A sends 2 kb segments back-to-back.

2 kb = 1024 bytes * 2 = 2048 kb

Two 2kb segments = 2 * 2048 bytes = 4096 bytes.

After Host A sends two 2kb segments, Host B’s buffer is full and Host B sets the Receive Window to
0 which signals to Host A to stop sending data because it can’t accept any more data. Host A is
allowed to continue sending data when Host B sends a receive window size that is greater than 0
which signals to Host A to continue with the rest of the data.

4. The sequence number field in the TCP header is 32 bits long, which is big enough to cover 4 billion
bytes of data. Even if this many bytes were never transferred over a single connection, why might
the sequence number still wrap from 232 -1 to 0?

When a new connection starts, the sequence number doesn’t always begin at 0 for a transfer and is
randomly set to a value. The sequence number being set to a random value to help avoid
interference between successive incarnations of the same connection. As a result, the sequence
number can wrap around after only a few packets, if the sequence number is set with a number
close to 232.

5. If host A receives two SYN packets from the same port from remote host B, the second may be
either a retransmission of the original, or if B has crashed and rebooted, an entirely new connection
request. Describe the difference as seen by host A between these two cases.

If a SYN packet is simply a duplicate, its Initial Sequence Number (ISN) value will be the same as the
initial ISN. If the SYN is not a duplicate, and ISN values are clock generated, then the second SYN’s
ISN will be different.

Acknowledgment
Questions 1 and 2 are from “Computer Networking: A Top-Down Approach,” 7/E by J. F. Kurose and
K. W. Ross. Questions 4 and 5 are from “Computer Networks: A Systems Approach” 5/E by L. L.
Peterson and B. S. Davie.
COMP2190 – Semester 1 2016/2017
Tutorial 5
Problems
1. Consider a datagram network using 32-bit host addresses. Suppose a router has four links,
numbered 0 through 3, and packets are to be forwarded to the link interfaces as follows:

Destination Address Range Link Interface

11100000 00000000 00000000 0000000 0
through
11100000 00111111 11111111 11111111
11100000 01000000 00000000 00000000 1
through
11100000 01000000 11111111 11111111
11100000 01000001 00000000 00000000 2
through
11100001 01111111 11111111 11111111
otherwise 3

a. Provide a forwarding table that has five entries, uses longest prefix matching, and forwards
packets to the correct link interfaces.

Prefix Match Link Interface

11100000 00 0
11100000 01000000 1
1110000 2
11100001 1 3
otherwise 3

b. Describe how your forwarding table determines the appropriate link interface for datagrams
with destination addresses:

11001000 10010001 01010001 01010101

11100001 01000000 11000011 00111100
11100001 10000000 00010001 01110111

Prefix match for first address is 5th entry: link interface 3

Prefix match for second address is 3nd entry: link interface 2
Prefix match for third address is 4th entry: link interface 3
 2. Consider the network shown in Fig. 1. Suppose that the addresses for the home network come
from the 192.168.1.0/24 block.

24.34.112.235

Home network

Figure 1: Network for NAT problem

a. Assign addresses to all interfaces in the home network.

192.168.1.1
192.168.1.4

192.168.1.2
24.34.112.235

192.168.1.3

b. Suppose each host has two ongoing TCP connections, all to port 80 at host 128.119.40.86.
Provide the six corresponding entries in the NAT translation table.

Network Address Translation Table

WAN Side LAN Side
24.34.112.235: 4000 192.168.1.1: 3345
24.34.112.235: 4001 192.168.1.1: 3346
24.34.112.235: 4002 192.168.1.2: 3345
24.34.112.235: 4003 192.168.1.2: 3346
24.34.112.235: 4004 192.168.1.3: 3345
24.34.112.235: 4005 192.168.1.3: 3346
 3. Consider the topology shown in Fig. 2. Denote the subnets without hosts as networks A, B, and
C.

HQ

Subnet B

Northern Southern
Campus Campus

Figure 2: Network Topology for P3

a. Assign network addresses to each of these six subnets, with the following constraints: All
addresses must be allocated from 214.97.252.0/22; the headquarters should have enough
addresses to support 120 interfaces; and the southern campus should have enough addresses to
support 250 interfaces; and the northern campus should have enough addresses to support 120
interfaces. Of course, subnets A, B, and C should each be able to support two interfaces. For
each subnet, the assignment should take the form a.b.c.d/x.

*
HQ - 214.97.252.0/25 (128 Addresses)

Northern Campus - 214.97.252.128/25 (128 Addresses)

Southern Campus - 214.97.253.0/24 (256 Addresses)

Subnet A - 214.97.254.0/31 (2 Addresses)

Subnet B - 214.97.254.2/31 (2 Addresses)

Subnet C - 214.97.254.4/31 (2 Addresses)

 b. Using the answer to part (a) provide the forwarding tables (using longest prefix matching for
each of the three routers.

*IDK How to do this

4. Consider sending a 2400-byte datagram into a link that has an MTU of 700 bytes. Suppose the
original datagram is stamped with the identification number 422. How many fragments are
generated? What are the values in the various fields in the IP datagram(s) generated related to
fragmentation?

The maximum size of data field in each fragment = 680 (because there are 20 bytes IP header).
Thus the number of required fragments = (2400 − 20)/680 = 4

The offset = (700 − 20)/8 = 85 (because offset is measured by 8 byte blocks)

Each fragment will have Identification number 422. Each fragment except the last one will be of
size 700 bytes (including IP header). The last datagram will be of size 360 bytes (including IP
header). The offsets of the 4 fragments will be 0, 85, 170, and 255. Each of the first 3 fragments
will have the more fragment (MF) flag = 1 and the last fragment will have MF flag = 0.

So in summary,

Fragment 1: ID = 422, offset = 0, flag (MF) = 1, Datagram = 700

Fragment 2: ID = 422, offset = 85, flag (MF) = 1, Datagram = 700

Fragment 3: ID = 422, offset = 170, flag (MF) = 1, Datagram = 700

Fragment 4: ID = 422, offset = 255, flag (MF) = 0, Datagram = 360

Acknowledgment
All problems on this tutorial sheet come from “Computer Networking: A Top-Down Approach,” 6/E
by J. F. Kurose and K. W. Ross
COMP2190 – Semester 1 2016/2017
Tutorial 7
Problems
1. What are the differences between message confidentiality and message integrity? Can you have
confidentiality without integrity? Can you have integrity without confidentiality? Justify your
answer.

Confidentiality is the property that the original plaintext message cannot be determined by an
attacker who intercepts the cypher text encryption of the original plaintext message. Message
integrity is the property that the receiver can detect whether the message sent (regardless if it was
encrypted) was altered in transit. The two are different concepts and yes, you can have one
without the other. An encrypted message that is altered in transit may still be confidential (the
attacker cannot determine the original text) but will not have message integrity if the error is
undetected. Similarly, a message that is altered in transit (and detected) could have been sent in
plaintext and thus would not be confidential.

2. Consider an 8-bit block cipher. How many possible input blocks does this cipher have? How many
possible mappings are there? If we view each mapping as a key, then how many possible keys does
this cipher have?

An 8-block cipher has 28 or 256 possible input blocks. Each mapping is a permutation of the 28
input blocks so there are 28! possible mappings and 28! possible keys.

3. Suppose N people want to communicate with each of N − 1 other people using symmetric key
encryption. All communication between any two people, i and j, is visible to all other people in
this group of N, and no other person in this group should be able to decode their communication.
How many keys are required in the system as a whole? Now suppose that public key encryption is
used. How many keys are required in this case?

If each user wants to communicate with N other users, then each pair of users must have a shared
symmetric key. There are N*(N-1)/2 such pairs and thus there are N*(N-1)/2 keys.

With a public key system, each user has a public key which is known to all, and a private key (which
is secret and only known by the user). There are thus 2N keys in the public key system.

4. Consider RSA with p = 5 and q = 11.

a. What are n and 𝜑𝜑(n)?

n = p * q = 5 * 11 = 55

𝜑𝜑(n) = (p-1) * (q-1) = 4 * 10 = 40

1
 b. Let e = 3. Why is this an acceptable choice for e?

Because 3 is less than n and has no common factors with z.

c. Find d such that de = 1 (mod 𝜑𝜑(n)) and d < 160.

d = (1 + k(𝜑𝜑 (n)))/e = (1 + 40k)/e = 81/3 = 27, for k=2

d. Can you encrypt the message m = 57 using the key (n,e)?

No the message cannot be encrypted because m has to be less than n for encryption to
occur. In this case, m which is 57 is greater than n which is 55 so it cannot be encrypted.

e. Encrypt the message m = 8 using the key (n,e). Let c denote the corresponding ciphertext.
Show all work.

m = 8, me = 512, Cipher text c= m^e mod n = 17

5. In a public-key system using RSA, you intercept the ciphertext C = 10 sent to a user whose public
key is e = 7, n = 323. What is the plaintext M?

6. In an RSA system, the public key of a given user is e = 31, n = 4087. What is the private key of this
user?

Acknowledgment
Problems 1—4 come from “Computer Networking: A Top-Down Approach,” 7/E by J. F. Kurose and
K. W. Ross.

2
COMP2190 – Semester 1 2016/2017
Tutorial 8
Problems
1. Discuss the opportunities for eavesdropping in any of the following scenarios. Consider software,
hardware, network-based, and electronic means.

a. Alice visits her friend, Bob’s office. While she is there, she sits down at Bob’s computer and
uses it to access the uwimona.edu.jm WebMail server. To use WebMail, Alice needs to
enter her username and password, which are sent over an SSL-protected link to the Web
server.

i. A keylogger installed on Bob’s machine which records key strokes and can record
all of Alice’s session to retrieve her sensitive information while using his machine.

ii. An intruder could install software on Bob’s machine that collects screenshots or a
video feed of the machine’s desktop and offload these screenshots or video feed
to a remote hacker.

iii. SSL stripping – an intruder interpose on the connection just before Alice upgrades
to HTTPS. This hacker could then open up an HTTPS connection to the server,
while maintaining a regular HTTP connection to Alice. Alice may not be aware that
she is being eavesdropped on. This attack is known as a man-in-the-middle attack.

b. Ali takes his laptop to Café Blue to enjoy some coffee and free Wi-Fi wireless net access.
He uses telnet to log in to his Linux machine back at home.

i. All telnet’s data is sent in plaintext, so an eavesdropper could view Ali’s data.

ii. A packet sniffer such as WireShark and an access point in managed mode can be
used to see Ali’s data.

iii. An attacker can also eavesdrop by simply reading off his screen

2. Suppose Alice sends packets to Bob using TCP over IPsec. If the TCP acknowledgement from Bob is
lost, then the TCP sender at Alice’s side will assume the corresponding data packet was lost, and
thus retransmit the packet. Will the retransmitted TCP packet be regarded as a replay packet by
IPsec at Bob’s side and be discarded? Please briefly explain your answer.

No it will not because the retransmitted IPsec packet will get a new sequence number. The TCP
sequence number of the retransmitted segment will be the same as that of the original segment.

1
 3. Suppose an organization uses VPN to securely connect its sites over the Internet. Jim, a user in the
organization, uses the VPN to communicate with his boss, Mary. Describe one type of
communication between Jim and Mary which would not require use of encryption or other
security mechanism, and another type of communication which would require encryption or other
security mechanisms. Explain your answer.

VPN provides security for connections over the internet but not within the organization. Therefore
when communicating with his boss regarding R&D prototypes or any other communication which
need only be secure from people outside the organization, Jim does not need to use additional
encryption or other security mechanisms.

4. A few years ago some people began to “sign” their email by including, at the bottom of an
otherwise normal email message, the sender's name and the date encrypted in the sender's
private key. The message itself is unencrypted, but the signature can be validated by using the
finger command to retrieve the sender's public key. (Finger is an old utility for getting basic
information about a user. If I run the command:
> finger [email protected]
My local machine will send a message to a well-known port on the machine
linux.uwimona.edu.jm where the finger daemon will respond with the contents of the file
.finger from the user userID's home directory. So, users in this problem would just store their
public key in their finger file.) Explain why this gives a completely false sense of security, by
outlining 5 different ways that you could make it appear that the sender signed mail saying “Dr.
Fokum is literally Hitler.” The definition of “different” is that each attack has a unique fix. For each
of the five attacks you list, give a countermeasure that the sender/receiver could take to protect
themselves against just that one attack, where the countermeasure would not help against any of
the other attacks you list. You may assume that the sender and receiver are on different machines,
that both are running on "diskless" workstations whose files are provided by NFS, and that you
have the ability to spy on and/or alter packets on any network at the sender or receivers site.
However, you do not have the power to break into either the sender or receiver's machine | you
can just view/change network packets.

Attack Details Fix

Signature not tied to message
Finger request/response is not
authenticated
DNS is not authenticated
Attacker can carry out a reply attack by capturing a Include a hash in message
“signature” from a message and include it in the forged
message
Attacker can create signatures with a different key and Encrypt channel between
send wrong public key in response to finger to change user client and finger server
ID being fingered
Attacker can direct finger request to a server that they Authenticate DNS server
control

Finger binary is not secure Attacker can change finger binary to print out public key Authenticate NFS server at
receiver
Finger file date is not secure Attacker can change contents of file to different public key Authenticate NFS server at
sender

2
5. Give one reason why a firewall might be configured to inspect incoming traffic. Give one reason
why it might be configured to inspect outgoing traffic. Do you think the inspections are likely to be
useful?

Incoming traffic is inspected for presence of viruses or other malicious attacks and Outgoing traffic
might be inspected to see if a company’s confidential information is being leaked.

6. When sending encrypted traffic from firewall to firewall, why does there need to be an extra IP
header? Why can’t the firewall simply encrypt the packet, leaving the source and destination as
the original source and destination?

Untrus ted Li nk

A B
Fi rewa l l Fi rewa l l
Trus ted Li nk

The second header is needed because the sending and receiving hosts are treating the tunnel
between firewalls as a trusted link. The first header is necessary to get packets from source to
destination over the trusted link, whereas the second header is to get the packet from one
untrusted link to another.

7. Why isn’t the SPI value sufficient for the receiver to know which SA the packet belongs to?

Because the SA is defined by the SPI value, the destination address and a flag whether
Authentication Header (AH) or Encapsulating Security Payload (ESP) is being used.

8. Suppose Alice wants to communicate with Bob using symmetric key cryptography using a session
key 𝐾𝐾𝑠𝑠 . Suppose that there is a key distribution center (KDC). The KDC is a server that shares a
unique secret symmetric key with each registered user. For Alice and Bob, denote these keys by
𝐾𝐾A-KDC and 𝐾𝐾B-KDC. Design a scheme that uses the KDC to distribute to Alice and Bob. Your
scheme should use three messages to distribute the session key: a message from Alice to the KDC;
a message from the KDC to Alice; and finally a message from Alice to Bob. The first message is 𝐾𝐾A-
KDC (A,B). Using the notation 𝐾𝐾A-KDC, 𝐾𝐾B-KDC, 𝑆𝑆, A, and B answer the following questions:

a. What is the second message?

b. What is the third message?

9. Suppose you have an internal network with addresses from the 222.22/16 block. Provide a filter
table and a connection table for a stateful firewall that is as restrictive as possible, but
accomplishes the following:

3
 a. Allows all internal users to establish Telnet sessions with external hosts.

b. Allows external users to surf the company web site at 222.22.0.12

c. But otherwise blocks all inbound and outbound traffic.

In your solution, suppose that the connection table is currently caching three connections, all from inside
to outside. You’ll need to invent appropriate IP addresses and port numbers.

Acknowledgment
1. Problem 1 is modified from a Problem Set by Prof. Ronald L. Rivest.
2. Problem 2 comes from a Homework Set at Vanderbilt University.
3. Problem 4 comes from a mid-semester test by Mike Dahlin.
4. Problems 3 and 5 come from “Computer Networks,” 5/E by A. S. Tanenbaum and D. J. Wetherall.
5. Problems 6 and 7 come from “Network Security: Private Communication in a Public World”, 2/E by
C. Kaufman, R. Perlman, and M. Speciner.
6. Problems 8 and 9 come from “Computer Networking: A Top-Down Approach,” 7/E by J. F. Kurose
and K. W. Ross.

4
COMP2190 – Semester 1 2016/2017
Tutorial 9
Problems
1. Use XHTML to create a document that contains the following text:

Department of Computing finalizes curriculum review

The Department of Computing has been carrying out a University-
mandated curriculum review over the last three years. As a result
of this exercise, new courses such as COMP2190, COMP3191, and
COMP3192 have been developed.
COMP2190: Net Centric Computing was taught for the first time in
2012/2013 Semester 2. This course combines aspects of networking,
cryptography, and web applications. The follow-on course,
COMP3191: Principles of Computer Networking, examines the
underlying principles of computer networking protocols.

Use h1 for the tile (the first line of text), p for text (the two paragraphs following the title). Insert a
horizontal rule between the h1 element and the first p element. Make each reference to the
Department of Computing bold.

<h1><strong>Department of Computing</strong> finalizes curriculum

review</h1>
<hr />
<p><strong>The Department of Computing</strong> has been carrying
out a University-mandated curriculum review over the last three
years. As a result of this exercise, new courses such as COMP2190,
COMP3191, and COMP3192 have been developed.</p>

<p>COMP2190: Net Centric Computing was taught for the first time
in 2012/2013 Semester 2. This course combines aspects of
networking, cryptography, and web applications. The follow-on
course, COMP3191: Principles of Computer Networking, examines the
underlying principles of computer networking protocols.</p>

2. Create an XHTML document that uses an image called uwi_crest.jpg as a hyperlink. Use attribute
alt to provide a description of the image and link.

<a href=” http://www.uwimona.jm”><img src="uwi_crest.jpg" alt="UWI Crest Logo" /></a>

3. Give three reasons for using CSS instead of in-line styles.

i. CSS gives web designers control over how the formatting is done.
ii. CSS allows reusability and inheritance.
iii. Documents formatted using CSS are easier to maintain and port to different platforms.

4. Write a CSS rule that makes all text 1.5 times larger than the base font of the system and colors
the text red.

body {font-size: 1.5em; color: red;}

5. Why is it good to use JavaScript to check the validity of form inputs before the form data is sent to
the server?

This is because client side verification and validation results in less network traffic and overall
server load. Client side validation shifts the workload from a busy server to a less busy client.
Client side validation is more efficient in that it gives a faster response to the user to let them
know when they have an error in an entry field.

N.B server side validation must still be done because the user might not have JavaScript enabled
which bypasses the client side validation and can allow errors on the server side with incorrect
data.

6. What three things should be done when a form input element is found to have incorrectly
formatted data?

i. The validation function should produce an alert message indicating the error to the user
and informing them of the correct format for the input.
ii. Put the invalid field in focus and highlighted to the user.
iii. The browser should not perform any default action associated with the event when an
error occurs such as posting the invalid data to the server.

7. Write a script that prompts the user for the radius of a circle, uses a function circleArea to
calculate the area of the circle, and prints the area of the circle.

<script type="text/javascript">
var radius = window.prompt(“Enter the radius of a circle: ”);

function circleArea(radius){
return (Math.PI * this.radius * this.radius);
}

alert(“The area of the circle is ”,circleArea(radius));

</script>

8. Write the XHTML code to create a form with the following capabilities: text widgets to collect the
course code, course title, course discipline, level, credits, and semester offered. This document
must call one PHP script when the form is submitted.

*Lol, I’m not doing that.

9. Write the PHP script that collects the data from the form of Problem 8 and writes it to a file.

<? php
$file = fopen(“coursedata.dat”,”a”);

$discipline = $_POST[“discipline”];
$crsCode = $_POST[“crsCode”];
$crsTitle = $_POST[“crsTitle”];
$level = $_POST[“level”];
$credits = $_POST[“credits”];
$semester = $_POST[“semester”];
 $courseDetails = $discipline . “\t” . $crsCode . “\t” . $crsTitle . “\t” . $level . “\t” .
$credits . “\t” . $semester;

fwrite($file, $courseDetails);
fclose($file);
?>

10. Draw a picture of how the following HTML/CSS code will look when the browser renders it on-
screen. Assume that the HTML is wrapped in a valid full page with a head and body. Indicate a
non-white background by shading lightly. It is possible that some CSS rules shown will not apply to
any elements.

<div> HTML
<span>1</span>
<div id="div">2 2</div>
</div>
<span class="div">3 3 3</span>
<div>
<div class="div">4 4 4 4</div>
<div id="span">5 5 5 5 5</div>
<div class="span">6 6 6 6 6 6</div>
</div>
div { border: 2px solid black; padding: 1em; } CSS
body > div { margin: auto; width: 50%; }
div #div, p { background-color: yellow; text-decoration:
underline; }
span div, span.div { border: 2px dashed black; }
div > div.div { float: left; }
#div, .span { clear: left; }
span#span { background-color: yellow; }

Actual Code Screenshot:

Acknowledgment
Problems 1, 2, 4, and 7 come from “Internet & World-Wide Web: How to Program,” 4/E by P.J.
Deitel and H.M. Deitel.

Problems 5 and 6 come from “Programming the World Wide Web,” 6/E by R. W. Sebesta.

Problem 10 comes from an exam in a web programming course at the University of Washington.