Department of Computer Science and Engineering
COSC 4213: Computer Networks II (Fall 2005)
Instructor: N. Vlajic
Final Examination
December 13, 2005
Instructions:
• Examination time: 180 min.
• Print your name and CS student number in the space provided below.
• This examination is closed book and closed notes. Use of calculators is allowed.
• There are 8 questions. The points for each question are given in square brackets, next to the
question title. The overall maximum score is 100.
• Answer each question in the space provided. If you need to continue an answer onto the back
of a page, clearly indicate that and label the continuation with the question number.
Question Points
1 / 10
FIRST NAME: ___________________________ 2 / 10
3 / 10
LAST NAME: ___________________________
4 / 20
5 / 15
STUDENT #: ___________________________
6 / 15
7 / 8
8 / 12
Total / 100
1
�1. Multiple Choice, True/False [10 points]
1.1) Multiple choice questions – each question is worth [1 point].
(a) The loopback IP address is used to send a packet from __________ to __________ .
(a) host; all other hosts in the LAN
(b) router; all other routers in the LAN
(c) host; a specific host
(d) host; itself
(b) Which IP option is used if exactly four specific routers are to handle the IP datagram?
(a) record route
(b) strict source route
(c) loose source route
(d) timestamp
(c) A system uses group-shared trees for multicasting. If there are 100 sources and 5 groups,
there is a maximum of _________________________ different trees.
(a) 5
(b) 20
(c) 100
(d) 500
(d) The symptom of the TCP Silly Window Syndrome is:
(a) TCP segments receive multiple acknowledgments.
(b) TCP segments carry only a small amount of data.
(c) TCP segments are never acknowledged.
(d) Every TCP segment is resent exactly once.
(e) Which of the following is true for Random Early Detection (RED) algorithm?
(a) RED is tolerant of bursts because it never drops consecutive packets from the same
flow.
(b) RED always drops packets, with probability 1, when the router’s queue length is
greater than the minimum threshold value.
(c) RED attempts to ‘desynchronize’ competing TCP sources by causing them to lose
packets at different times.
(d) If two flows, one TCP and one UDP, share a RED router, the RED algorithm will
ensure that both flows receive an identical share of the outgoing links.
2
�1.2) True/false questions – each question is worth [1 point].
(a) Consider a router with 3 interfaces. Suppose all three interfaces use class C addresses. The
IP addresses of the three interfaces have the same first 24 bits.
TRUE
FALSE
(b) Suppose host A sends host B a TCP segment encapsulated in an IP datagram. When the
network layer in host B receives the datagram and checks its header, it knows that the content of the
datagram should be passed to the TCP layer (i.e. TCP module).
TRUE
FALSE
(c) An ICMP Echo Request and Reply can be used to determine if we have connectivity between
a client and server at the Application Layer level?
TRUE
FALSE
(d) An application implemented on top of UDP may provide reliable communication.
TRUE
FALSE
(e) Two distinct web pages from the same server can be sent over the same persistent HTTP
connection.
TRUE
FALSE
3
�2. Routing [10 points]
You are observing Link State Packets (LSPs) entering a router.
Link State Packets:
Router A Router B Router C Router D Router E Router F
Links C 1 A 2 A 1 B 5 A 3 C 8
Links B 2 D 5 F 8 E 3 F 1 E 1
Links E 3 - - - - F 1 D 3 D 1
2.1) [3 points] Based on the above LSPs, construct the topology of the network in question.
B C B 1 C
2
8
A A 5
F 3 1 F
1
D E D E
3
2.2) [7 points] Use the Dijkstra’s shortest path algorithm to determine the shortest path from
A to D. Specify the shortest path between A and D and its respective cost!
Step Set S B C D E F
0 {A} 2 1 x 3 x
1 {A, C} 2 - x 3 9
2 {A, C, B} - - 7 3 9
3 {A, C, B, E} - - 6 - 4
4 { A, C, B, E, F} - - 5 - -
5 { A, C, B, E, F, D}
The shortest path between A and D: A-E-F-D.
The cost of the shortest path between A and D = 5.
4
�3. IP Addressing and Subnetting [10 points]
3.1) [4 points] (Assume classful IP addressing.)
A router receives a packet with destination host address of 190.240.7.91. Show how the router finds
the address of the corresponding destination network to route the given packet.
(1) The first byte of the address defines a class – class B in this case.
(2) The default mask for class B is 255.255.0.0.
The router ANDs this mask with the address to get the IP address of the destination
network:190.240.0.0.
(3) The router looks in its routing table to find out how to route this packet …
3.2) [6 points] (Assume classless IP addressing.)
In a network which has been allocated the address of 165.65.y.z and a subnet mask of
255.255.240.0, the use of subnet/host IDs with all 1’s and all 0’s is NOT permitted.
What will be the first and last assignable addresses on the 3rd useable subnet of such a network?
Explain your work!
Network mask: 11111111 11111111 00000000 00000000
Subnet mask: 11111111 11111111 11110000 00000000
subnet bits
0th subnet ID: 0000 (not in use)
1st subnet ID: 0001
2nd subnet ID: 0010
3rd subnet ID: 0011
…
14th subnet ID: 1110
15th subnet ID: 1111 (not in use)
1st assignable add. on 3rd useable subnet: 11111111 11111111 00110000 00000001
1st assignable add. on 3rd useable subnet: 165.65.48.1
last assignable add. on 3rd useable subnet: 11111111 11111111 00111111 11111110
last assignable add. on 3rd useable subnet: 165.65.63.254
5
�4. TCP Potpourri [20 points]
4.1) [4 points] For the TCP segments indicated below, specify the omitted values. Assume
the packets are transmitted over a reliable link with no packet loss or corruption.
Seq # = 300 Seq # = 300
Ack # = 50 Ack # = 50
DataLen = 100 bytes DataLen = 100 bytes
Seq # = _______ Seq # = ___50__
Ack # = _______ Ack # = ___400_
DataLen = 120 bytes DataLen = 120 bytes
Seq # = _______ Seq # = ___400_
Ack # = _______ Ack # = ___170_
DataLen = 550 bytes DataLen = 550 bytes
4.2) [4 points] A TCP connection has just been established between two computers (A and
B). Assume:
• round trip time (RTT) = 100 [ms],
• congestion window threshold = 4 [segments],
• receiver’s advertised window = 12 [segments].
What is the largest window size that the sender is allowed to have? What is the least amount of time
before the sender reaches this window size?
Max sender window size = 12.
time [sec] 0 RTT 2RTT 3RTT 4RTT 5RTT 6RTT 7RTT 8RTT 9RTT 10RTT
Wsender 1 2 4 5 6 7 8 9 10 11 12
Clearly, the sender window reaches its max size after 10RTT = 1s.
4.3) [5 points] The graph below shows the ‘sawtooth’ evolution of a TCP sender’s window
size as a function of time. W is the maximum window size (measured in packets). Assume that all
6
�packets are P bits long, and that exactly one packet is dropped every time the window size reaches
W.
: window size
W/2
W time
RTT
2
If we ignore the “slow-start” phase at the beginning of the flow, find the average rate at which the
transmitter sends packets. Explain your work!
The transmitter sends one window worth of data each RTT. The window size increases linearly from
W/2 to W. So, the average length of transmitted window is:
Waverage = (W/2 + W) / 2 = 3W/4 [packets]
(Another possible approach:
W ⎛W ⎞
⎜ + 1⎟
W ⎛W ⎞ ⎛W ⎞ ⎛W W⎞ W ⎛W ⎞ 2 ⎝ 2 ⎠
+ ⎜ + 1⎟ + ⎜ + 2 ⎟ + .. + ⎜ + ⎟ ⋅ ⎜ + 1⎟ +
2 ⎝ 2 ⎠ ⎝ 2 ⎠ ⎝ 2 2 ⎠= 2 ⎝ 2 ⎠ 2 3W )
Waverage = = [packets]
W W 4
+1 +1
2 2
Accordingly, the average rate at which the transmitter sends packets is:
Raverage = Waverage / RTT [packets/sec] = 3W / 4RTT [packets/sec] = 3WP / 4RTT [bps]
4.4) [7 points] For the TCP connection from 4.3), what is the (average) fraction of dropped
packets? Explain your work!
In each period of the sawtooth, one packet is lost, and the transmitter send 1 + W/2 windows
of packets. The average window size is 3W/4. Therefore, 1 packet is lost for every (1+W/2)*3W/4
that are transmitted. Hence
1
average fraction of dropped packets = ______________
(1+W/2)*3W/4
7
�5. NAT and P2P [15 points]
The figure below shows a set-up with a private IP network and its respective NAT firewall. The NAT
firewall has a public address of 128.6.13.3 and a private IP address of 192.168.1.1. The two hosts
attached to the same (private) network as the NAT firewall have the IP addresses as shown.
Figure 5
5.1) [3 points] Host A in Figure 5 sends a TCP-SYN request to IP address 216.109.118.73,
port 80, with its local port set to 6789. Show the resulting entry in the NAT firewall. (You may have to
improvise some of the fields.)
Source Source NAT NAT Destination Destination
Transport
Computer Computer Router’s Router’s Computer Computer
Protocol
Address Port IP Port Address Port
192.168.13.3 6789 128.6.13.3 5001 216.109.118.73 80 TCP
5.2) [2 points] Once the TCP-SYN request from 5.1) reaches the host at 216.109.118.73,
what will be found in the following four of its fields: destination address, destination port, source
address, source port?
destination address = 216.109.118.73, destination port = 80
source address = 128.6.13.3, source port = 5001
5.3) [3 points] Describe how the ACK for SYN sent in 5.1) will reach host A.
The ACK will initially contain the following:
destination address = 128.6.13.3, destination port = 5001
source address = 216.109.118.73, source port = 80.
However, after the NAT firewall translation process, the packet will be forwarded to:
destination address = 192.168.13.3, destination port = 6789
8
�--------------------------------------------------------------------------------------------------------------------------------------
(In the following two questions, we study the impact of Network Address Translation (NAT) on peer-
to-peer applications.)
Suppose a peer with user name Alice discovers through a Centralized Directory Server (CDS) that a
peer with user name Bob has a file she wants to download. Also, suppose Bob is behind a NAT
firewall, whereas Alice is not. Bob’s NAT firewall is not specifically configured for this P2P application.
Let 128.6.13.3 be the WAN-side address of Bob’s NAT firewall, and let 10.0.0.4 be the internal IP
address for BOB.
NOTE: The given P2P application uses port number p. P2P peers are capable of forwarding
TCP-and P2P application- related requests on behalf of other peers. However, P2P peers refuse to
upload (i.e. transfer) files on behalf of other peers.
5.4) [4 points] Can Alice obtain the file she wants from Bob, assuming she knows the WAN-
side address of Bob’s NAT firewall as well as Bob’s internal IP address? If so, how? If not, why not?
No, she cannot. Alice can send TCP-SYN packet with destination address = WAN address, port
number = p, but the NAT does not know to which internal host it should direct the packet. Also, there
is no guarantee that NAT router has any process listening at port p.
5.5) [3 points] Now suppose that Alice does not know Bob’s internal IP address. However,
both Bob and Alice have an ongoing TCP connection with another peer, Cindy, who is not behind a
NAT. Can, in this case, Alice obtain the file she wants from Bob? If so, how? If not, why not?
Yes, she can. Via the two established TCP connections, Alice can ask Bob to initiate a direct TCP
connection from Bob to Alice. Since Bob is initiating this TCP connection, it can be established
through Bob’s NAT. Once this direct TCP connection is established, Alice can ask Bob to send the
file over this direct connection.
9
�6. Leaky Bucket / Token Bucket [15 points]
6.1) [8 points] Computer A has to ‘inject’ 21 MB of data into the network. The data is
generated and transmitted in bursts of 6 Mbps. The minimum sustainable transmission rate across
routers in the network is 5 Mbps.
If computer A’s transmission is shaped using a leaky bucket (see figure below), what is the minimum
size of the buffer to prevent any data loss? (Show your work!)
21 MB of data
buffer
at 6 Mbps 5 Mbps
Leaky Bucket Regulator
Overall amount of data in bits: 21 MB = (21*8) Mbits = 168 [Mbits] (metric/decimal conversion)
Another acceptable answer: 21 MB = 21*220 bytes = 176160768 [bits] (binary conversion)
Time to ‘inject’ 168 Mbits of data in the buffer, at 6 Mbps: 168 Mbits / 6Mbps = 28 [sec]
Rate at which data accumulates in the buffer (R): 6 Mbps – 5 Mbps = 1 [Mbps]
• data accumulated in the buffer at the end of 1st second: 1 [Mbits]
• data accumulated in the buffer at the end of 2nd second: 2 [Mbits]
• data accumulated in the buffer at the end of 3rd second: 3 [Mbits]
…
• data accumulated in the buffer at the end of 28th second: 28 [Mbits]
Hence, the buffer size to prevent any data loss = 28 [Mbits].
10
�6.2) [7 points] Host A has to ‘inject’ 30 Mbits of data into a network via a token bucket
regulator. The token bucket has a capacity of 15 Mbits and is filled with tokens at the rate of 5 Mbps.
Data is buffered if it arrives at the regulator when there are no tokens in the bucket.
How long does it take, in total, for the 30 Mbits of data to enter the network, assuming that the host
sends at a peak rate of 20 Mbps and the token bucket is initially full?
The host can send all 30 Mbits to the token bucket at the rate of 20 Mbps.
The data arrives to the token bucket in two phases:
1st second: first burst of size 20 Mbps arrives
2nd second: burst of size 10 Mbps arrives
The data leaves the token bucket (i.e. enters the network) in three phases:
1st second: burst of 20 Mbits, using the full bucket (15 Mbits) and the first next token that arrives
2nd second: burst of 5 Mbits (using the 2nd token)
3rd second: burst of 5 Mbits (using the 3rd token)
Thus, it takes (at most) 3 seconds for the data to enter the network.
11
�7. Multimedia [8 points]
Recall there are two types of Forward Error Correction (FEC) that help recover packet losses in
multimedia traffic: (1) redundancy encoding: a redundant encoded packet is sent after every n
packets by XOR-ing the n original packets; (2) low-bit redundant encoding: a lower-resolution
stream is sent.
Suppose the first scheme generates a redundant packet for every 4 original packets. Suppose the
second scheme uses a low-bit rate encoding whose transmission rate is 25 percent of the
transmission rate of the nominal stream.
7.1) [2 points] How much additional bandwidth does each scheme require?
Both schemes require 25% more bandwidth.
7.2) [2 points] How much playback delay (in terms of number of packets) does each scheme
add?
The first scheme has a playback delay of 5 packets; the second has a delay of 2 packets.
7.3) [2 points] Assume in every group of five packets the first packet gets lost. Which scheme
will provide better quality of the received multimedia stream?
The first scheme will be able to completely reconstruct the original high-quality video encoding.
The second scheme will use the low quality audio encoding for the lost packets and will have lower
quality.
7.4) [2 points] Now assume that every second packet gets lost. Which scheme will provide
better quality of the received multimedia stream?
The first scheme will have many of the original packets lost and suffer from degraded audio quality.
For the second scheme, every audio packet will be available at the receiver; although some of which
will be lower quality, overall quality of the received stream will be better then with the first scheme.
12
�8. Security [12 points]
In network communications, there are several desirable security properties.
For example, confidentiality is the property that the original plain-text message cannot be
determined by an attacker who intercepts the ciphertext-encryption of the original plaintext message.
Another important property is message integrity. This means that the receiver can detect whether
the message sent (regardless if it was encrypted) was altered in transit.
Digital signatures is an electronic signature used to authenticate the identity of the sender of a
message.
8.1) [3 points] For the two properties of confidentiality and message integrity, can you have
one without the other? Justify your answer. (If your answer is yes, show an example of where one
can exist without the other. If your answer is no, explain why one would imply the other.)
Yes, you can have one without the other.
An encrypted message that is altered in transit may still be confidential (the attacker cannot
determine the original text), but will not have message integrity if the error is undetected.
Similarly, a message (containing a FEC protection) that is altered in transit could have been sent in
plaintext and thus would not be confidential. Nevertheless, its ‘message integrity’ would be ensured
through FEC.
8.2) [3 points] Assume that you want to send a non-confidential message M to your lawyer,
while giving him/her the assurance that:
1) the message was unchanged from what you sent (message integrity);
2) the message is really from you (message authenticity).
Describe how you can achieve this using public key encryption. Both you and your lawyer posses a
pair of keys: (Kyou-public, Kyou-private), (Klawyer-public, Klawyer-private).
The message itself must remain non-confidential at all times!)
You obtain a message hash using some one-way hash function, e.g. H(M). Then, you use your
private key to encrypt the hash. Finally, you send M and encrypted hast to your layer:
M || Kyou-private(H(M)).
The layer first computes the hash of the message, and then uses your public key (obtained from a
certificate authority) to decrypt H(M) part of the message. If the computed hash of the message
matches the decrypted hash, i.e.
H(M)=Kyou-public ( Kyou-private (H(M)))
then the message integrity and authenticity are assured.
13
�8.3) [3 points] You have achieved message integrity and authenticity in 8.2). Describe how
you can add message confidentiality to 8.2), by (slightly) modifying your solution.
In this case, instead of sending M directly, encrypt M using your lawyer’s public key:
Klayer-public(M) || Kyou-private(H(M))
That way, no one except your layer can see the message.
8.4) [3 points] To prevent reply attacks (you do not want an attacker resend the same
message to your lawyer, and yet remain undetected), describe a simple modification to your solution
from 8.3).
A nonce can be used. For example, the lawyer must send you a nonce first. Then you send the
following to the layer:
Klawyer-public(M, nonce) || Kyou-private(H(M)).
To defeat the reply attack, the receiver should never accept the message with the same nonce …
14
�15
