Høst 08

=HØST 08=

Oppgave 1
A)

Assuming no packet loss.

Processing delay:' This delay covers the time taken to process the header, checking integrity by calculating checksums and bit-level errors.

Queuing delay: This is the time it takes from the packets are transmitted until the first packet reaches the link.

Transmission delay: Transmission is the time it takes to push all the packets bits from the router to the link.

Propagation delay: This is the time required to transmit packets from router A (from the beginning of the link) and to router B.

B)

Application Layer
Service models: API forwarded to applications for end-users.

Packet formats: Message formats defined by a application protocol, generally a string.

Addressing: Addressing is done through sockets. Sockets are bound to a host identifier and a process identifier; on the Internet, IP is the host identifier and a port works as a process identifier.

Transport Layer
Service models: Two main services:

- Multiplexing and demultiplexing: Translating host-to-host communication to process-to-process (demultiplexing), and the other way around (multiplexing)

- Integrity checking: A checksum is calculated to ensure integrity

Four other possible services:

- Reliable Data Transfer

- In-order packet delivery

- Throughput: can guarantee a certain level of throughput

- Timing: guaranteed arrival within a certain time (practically impossible)

- Security: for example encryption of the data transferred

Packet formats: Messages encapsulated with the headers of the given transport layer protocol – namely a SEGMENT.

Minimum requirement: Dest port #, src port #, length of message, checksums and the actual message

Addressing: Destination and source ports.

Network Layer
Service models:

Packet routing

Host-to-host delivery

Four other possible services (almost never supported):

- Reliable Data Transfer

- In-order packet delivery

- Throughput: can guarantee a certain level of throughput

- Timing: guaranteed arrival within a certain time (practically impossible)

- Security: for example encryption of the data transferred The infamously known Internet Protocol (IP) lies within this layer, but does not support anything except packet routing and host-to-host delivery.

Packet formats:

Datagrams – Encapsulated header of the actual network layer protocol and the segment.

Addressing

Addressing downwards is the host identifier (IP), and upwards the each packet is tagged with a header that contains the meta-data for the purpose of delivery

Link Layer
Service models:

Node-to-Node transport: Adjacent link transport between routers.

Framing: Building frames to be sent through the links

Half-duplex

Full-duplex

Flow Control

Error detection

Packet formats:

Frame: A digital data transmission unit or data packet that includes frame synchronization, i.e. a sequence of bits or symbols making it possible for the receiver to detect the beginning and end of the packet in the stream of symbols or bits.

Addressing:

MAC address: Theoretically unique physical address for each networking unit.

Physical Layer
Hardware for sending the actual bits:

- Twisted pair copper cable:

- Fiber

- Coaxial cable

- Over the air transfer

B)

The semantics of the GET method change to a "conditional GET" if the request message includes an If-Modified-Since, If-Unmodified-Since, If-Match, If-None-Match, or If-Range header field. A conditional GET method requests that the entity be transferred only under the circumstances described by the conditional header field(s). The conditional GET method is intended to reduce unnecessary network usage by allowing cached entities to be refreshed without requiring multiple requests or transferring data already held by the client.

Oppgave 2
A)

The reason why TCP uses the approach with one socket for listening and one for the open connection is that TCP establishes connections between specific parties, and maintains connection state at all times. This connection state includes receive and send buffers, congestion control parameters and seq and ack numbers. This is best preserved by having one socket listen for new connection request, and then spawning new sockets for each actual connection. If TCP were to be implemented using only one socket, the other connections would have to wait to connect until the current connection was closed.

B)

UDP can be implemented using only one socket because it does not, as opposed to TCP, keep a connection state. UDP only works as a "forwarder" from the network layer, only keeping track of the source and destination port numbers, the size of the data and a checksum for integrity. This means that there is no need for UDP to keep track of anything, not even if the packet is delivered, so it can execute at a much faster pace than TCP and all communication can go through just one shared socket.

B)



Oppgave 3
A)

Congestion Control

The purpose of congestion control is that we want to be able to utilize network capacity. If we cause network congestion then we will suffer from lost packets (buffer overflow in routers) and long delays (queueing in router buffers).

Flow Control

Imagine a sender (host A) and a receiver (host B) communicating over a TCP connection. Everything works perfectly fine as long as the communication is happening at the same rate, but what happens when the receiving host is busy at receiving or is a slow receiver? This will eventually lead to filling up the receiving buffer and overflowing the connection, and it is absolutely critical to have a service to control the flow. Flow control is the service that is provided by TCP to ... well ... control the flow of the communication. This service ensures that the possibility of overflowing the receiver's buffer is eliminated. It basically matches the sending rate of the sender with the reading rate of the receiving application.

The Difference

Congestion is when a router suffers from packet loss due to spam from clients, flow control protects the buffer of the receiver from overflowing.

B)

In a network using a NAT router, the router does not look like a router to the outside world; it behaves like a single unit with a single IP address. This means that the outside world will send and receive packages to and from this device directly, and the NAT translation table is used to delegate the traffic inside the home network.



Considering the example in the figure, the computer (host) with the IP 10.0.0.1 wants to communicate with a Web server (IP 128.119.40.186). The host assigns an arbitrary port number 3345, and sends the datagram to the LAN, when the NAT router receives this datagram it generates a new port number 5001 for the datagram, and stores this information in the translation table. The datagram is then sent to the Web server with the source IP set to the WAN IP (137.76.29.7) and the source port 5001. When the Web server then replies, the NAT router looks up which computer maps to port 5001 on the LAN side of the network. When the host is found, the datagram from the Web server is rewritten and sent to the correct local IP.

C)

Link-state algorithms are global algorithms, and thus all link costs are known at runtime. This is done by each node broadcasting link-state packages to all other nodes, with the contents of these packages being the identities and costs of its attached links. Each node uses this information to find the same set of least-cost paths.

Dijsktra’s algorithm is often used to calculate the shortest paths from one node to another.

The complexity of this algorithm is [1]

Being a decentralized algorithm, the DV algorithm is iterative, asynchronous and distributed. It is distributed because each node receives some information directly from its attached neighbors, and distributes the results of the calculations performed back to the neighbors. It iterates until all information is exchanged. Since it does not need the nodes to operate in lockstep with each other, the algorithm is asynchronous. The DV algorithm is suitable for networks with a rapid topology changes and because of its distributed nature, has a lower complexity than the LS algorithm since it does not need to inform all nodes in the network of the changes made.

It works by first waiting until a link cost change to a neighbor is changed or until it receives a distance vector from a neighbor. The distance vector is then updated for all destinations from the node to all nodes, and if the distance vector changes as a result of this update, the node sends its new distance vector to all neighbors.

When it comes to comparing LS and DV, the low complexity of DV makes it preferable in bigger networks with a lot of topological changes, whilst LS is more robust. The reason why LS is more robust, is that sabotaging a router in a network using LS routing algorithms will only tamper with the link costs of the sabotaged router, while using DV would lead to iteratively spreading the false information.

1
In order for A to communicate securely with B, A will first contact the key server to retrieve B's public key, which when used to encrypt a message can only be opened by B. A trusted third party FML

2
Wikipedia.org ECB

3
Since ECB encrypts each block individually, and deterministically, a span of many blocks containing the same plaintext will produce identical ciphertext, revealing the fact that they are identical.

1
The principle of public-key encryption is the use of key-pairs, where encryption is done with one key and decryption can only be done with the other.

Digital Signatures can be achieved using asymmetric encryption, because if someone's public key can be used to decrypt an encrypted message, it means that that message was in fact encrypted using that someone's private key.

Two-way one-to-one
A one to one communication channel using shared encryption is achieved by the two end-points somehow knowing a shared key which is used to secure the communication between them.

With public encryption, each side needs to know the other's public key and use that key to encrypt the directional communication, allowing the receiver to decrypt the message with their private key.

One-way many-to-one
If a single system is the receiving end of a many-to-one communications channel, then secure communications can be achieved by having all senders encrypting their messages using the system's public key.

One-way one-to-many
In a one-to-many scenario (broadcasting), having a shared encryption scheme would be the most sensible solution since all recipients will be receiving the same thing. Otherwise the source would need to individually encrypt the message and send it to each recipient.