Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
91 Cards in this Set
- Front
- Back
|
Application Layer Protocols |
• DNS to resolve the name theendofinternet.com to an IP address. |
|
|
Which application layer messages are sent and recieved from your computer (in |
• DNS request for the ip number • DNS response with the ip number • HTTP GET request for the ip on port 80 • HTTP response with code 200 from server |
|
|
Which transport layer protocols are used for HTTP and DNS application layer messages?
|
• HTTP uses TCP • DNS uses UDP |
|
|
What is the main purpose of DNS? Which other services does it provide (name at least 2)? |
• main purpose: resolve host names to IP addresses |
|
|
Name two record types of DNS and shortly explain the meaning of their fields. |
• A record: name is host name, value is ip address
|
|
|
How is the reliability and scalability of DNS ensured? |
Reliability is ensured by redundancy: authoritative name servers always come at least in pairs, root level name servers and top level name servers are typically replicated more often.
|
|
|
Which transport protocol is used by DNS? Why? |
Generally UDP while the packet is smaller than 512 bytes, otherwise TCP.
|
|
|
Suppose users share a 2Mbps link. Also suppose each user transmits continuously at 1 Mbps, when transmitting, but each user only transmits 20% of the time. There is no correlation between when different users transmit. How many users can be supported when circuit switching is used? |
2 users, because each user would get a 1 Mbps share of the bandwidth of the link. |
|
|
For the remainder of the problem, suppose packet switching is used. Why will there be essentially no queuing delay before that link if there are only two or fewer users? |
If both users transmit at the same time, they will use the full bandwidth, but not more. Thus, packets can be forwarded immediately and will not be queued.
|
|
|
Why will there be queuing delay if three users use the link?
|
Although the users only transmit 20% of the time, they can still occasionally transmit all at the same time. In that case they will exceed the bandwidth of the link and packets will be queued until some of the users stop transmitting. |
|
|
What does it mean if an access medium is shared between users or is dedicated to a user?
|
If a medium is shared between users then there are several users that use the same medium. Signals from the transmissions of those users might interfere with each other, so some protocol is needed to make sure that users don’t all transmit at the same time and all get a fair share of the bandwidth. If a medium is dedicated to a user, that user can use the medium alone and gets the full bandwidth at all times.
|
|
|
Name and shortly explain two methods for sharing a physical link between users if circuit switching is to be used. |
With FDM (Frequency Division Multiplexing) the bandwidth of a link is divided in the frequency spectrum. Each user gets a part of the bandwidth and can use that all part all the time. With TDM (Time Division Multiplexing) the time is segmented into frames and each frame into slots. Each user gets a slot in each frame and can transmit only during his time slots while using the full bandwidth of the link. |
|
|
From the following, select the link layers of the internet protocol stack and put in right order:
Session Layer Link Layer Encapsulation Layer Presentation Layer Application Layer Media Layer Interface Layer Physical Layer Network Layer Message Layer Transport Layer Communication Layer. |
Physical Layer Link Layer Network Layer Transport Layer Application Layer |
|
|
For a communication session between a pair of processes, which process is the client and which is the server?
|
The client is the process initiating the communication, while the server is the process that waits for the communication to be initiated. |
|
|
How is a process identified by another process that wants to send the first process a message over the network? |
by an IP address and a port number |
|
|
If you do a Google search, which HTTP method is used to send the text you entered in the search field?
|
The GET method. Form parameters appear in the URL. |
|
|
HTTP is state-less. What does that mean? How can web servers nevertheless keep state about their users?
|
It means, that HTTP does not need to remember anything about previous requests from the same client. In order to keep state, the HTTP protocol allows the server to set cookies that are stored on the client side and send to the server with subsequent requests. Cookies can be used to identify users and information about users can then be stored in a database that the web server accesses. |
|
|
Consider a new peer Alice that joins BitTorrent without possessing any chunks.
|
She will get optimistically unchoked by one one of the peers. Every 30 seconds each peer chooses a random neighbor that is not in the top-four list and sends chunks to that neighbor. Eventually, this will happen to Alice.
|
|
|
Why is instant messaging (such as Skype chat) with a centralized index a hybrid of client-server and P2P architectures?
|
The centralized index is hosted on a server that is always on. Every user (client) can ask that server for the IP address of a specific peer (client server architecture). The actual communication is then directly between peers (P2P) and does not involve the central server.
|
|
|
BitTorrent uses a distributed hash table. What is it used for?
|
DHT is used for storing the (IP addresses of) peers that are part of a torrent in a distributed fashion (without a centralized server). In other words, the DHT in BitTorrent stores the addresses of the peers that are uploading a particular file that was shared as a torrent.
|
|
|
What is the key field in an entry of BitTorrent's distributed hash table? |
The name of a torrent/file that was shared. (Technically, only the hash value of info part of a torrent file.)
|
|
|
What is the value field in an entry of BitTorrent's distributed hash table?
|
The address of a peer (consisting of hostname/IP and port). |
|
|
Suppose that a web server runs in host C on port 80. Suppose this web server uses persistent connections, and is currently receiving requests from two different hosts, A and B. Are all of the requests being sent through the same socket at host C?
|
No, the server gets a separate connection socket for each connection (as a result of the socket.accept() call). |
|
|
By which information is a TCP socket uniquely identified? |
Source IP, source port, destination IP, destination port. |
|
|
Suppose a process in host C has a UDP socket with port number 6789. Suppose both host A and host B each send a UDP segment to host C with destination port number 6789. Will both of these segments be directed to the same socket at host C? |
Yes (technically, only if A and B send to the same IP address in case C has several IP addresses).
|
|
|
By which information is a UDP socket uniquely identified? |
Destination IP, destination port |
|
|
What is the maximum number of bytes that can be included in a UDP payload? |
The maximum length of a datagram is 65535 (16bit for the length field in the header). However, that includes the header which is 8 bytes. Thus, the maximal payload is 65527 bytes. If UDP is used over IP, then the IP header has to fit into the datagram as well, which reduces the payload further. The IP header is at least 20 bytes long, which means that the payload of a UDP datagram can not be more than 65507 bytes in practice. Both 65527 and 65507 count as correct answer.
|
|
|
What is the largest possible source port number? |
Port numbers are encoded in 16 bits, so the largest port number is 2^16−1 = 65535.
|
|
|
True or false? Host A is sending host B a large file over a TCP connection. Assume host B has no data to send host A. Host B will not send acknowledgments to host A because host B cannot piggyback the acknowledgments on data.
|
False, B will send ACK segments without data |
|
|
True or false? Suppose host A sends one segment with sequence number 38 and 4 bytes of data over a TCP connection to host B. In this same segment the acknowledgment number is necessarily 42. |
False, the acknowledgment number in a segment acknowledges sequence numbers used by the other peer (essentially counting the bytes received) while the sequence number counts the bytes sent. So these numbers are independent of each other.
|
|
|
For what reasons do reliable transport protocols require timers? Which problem is solved and how?
|
To detect packet loss. The sender of a packet will wait a specified amount of time for an acknowledgment. If that does not arrive (in time) he assumes that either the packet or the acknowledgment got lost and resends the packet.
|
|
|
For what reasons do reliable transport protocols require sequence numbers? Which problem is solved and how? |
Packets can get resend because the original packet got lost or because the acknowledgment got lost. If the acknowledgment got lost, the receiver needs to know that the packet contains data that he already received to not hand the data up to the application twice. Also, if packets or acknowledgments get delayed beyond the timeout and resent because of that, they may be received twice and must only be taken into account once. For that reason each packet gets a sequence number such that acknowledgments and packets can be associated and duplicate packets can be detected by seeing that they have the same sequence numbers. |
|
|
In which component of a router does HOL blocking occur? |
Input port (or input queue) |
|
|
Name three possible switching fabrics in a router?
|
Memory, bus, interconnected network (e.g., a crossbar)
|
|
|
What does the forwarding table in an internet router contain precisely?
|
Each entry in the table is a pair of subnet address (that is an IP address and a netmask) and the name or id of the link interface, that packets with a matching destination address should be forwarded to. |
|
|
Both UDP and TCP are encapsulated in IP datagrams. How does the receiver know whether an IP datagram contains a UDP or a TCP segment?
|
From the “Protocol” field in the IPv4 header or the “Next Header” field in the IPv6 header. |
|
|
NAT can be used to let several devices share a network connection that provides only a single IP address. Why does NAT not provide a solution to the IPv4 address shortage? What is the limiting factor of using NAT for large networks?
|
Each connection passing the router uses a port on the NAT router. Thus, there can not be more than 2^16 = 65536 connections going on in parallel. This limits how many hosts behind the NAT router can communicate with hosts outside of the local network at the same time, especially since each host typically runs several network applications and thus uses several connections in parallel.
|
|
|
Hosts behind a NAT router can typically not be reached from outside the local network unless they initiate the connection. Which mechanism can be used to solve this problem (e.g., to operate a server behind a NAT router)? |
Port forwarding on the NAT router can be used to setup fixed entries in the NAT table, where connections to specific ports on the internet(WAN)-side interface are forwarded to a specific host (and port) on the LAN-side interface.
|
|
|
What is the purpose of a beacon frame in 802.11 (Wifi)? |
The beacon frame is sent out by the access point periodically and allows nearby wireless stations to discover and identify the access point (1 point), that is learn its SSID and MAC address. In addition, the beacon frame is used to synchronize time between the access point and a wireless station for power management and contain a list of nodes for which the AP has buffered data.
|
|
|
As a mobile node gets farther and farther away from a base station, why does the base station increase the transmission power and reduce the transmission rate?
|
The signal-to-noise-ratio of a signal that receiver is reduced with increased distance from the sender. This increases the bit error rate and thus the number of necessary retransmissions. Both increased transmission power and reduced transmission rate increase the signal-to-noise-ratio and thus reduce the bit error rate to acceptable levels.
|
|
|
Why are there acknowledgements in 802.11 but not Ethernet? |
Because Wifi has a higher error rate, both in the form of collisions and bit errors. Both cause packets to be dropped. If those errors would only be detected at the receivers end, TCP connections over Wifi would be very slow because retransmissions would only happen after signalling from the destination host or a timeout. Thus Wifi has acknowledgements and retransmissions on the link level (between the wireless node and access point). In Ethernet collisions can be easily detected by the sender and bit error rates are much lower. Thus frames are rarely dropped on the link level and retransmissions (and acknowledgements) would have more overhead than use.
|
|
|
Consider a TCP connection going over Mobile IP. True or false: The TCP connection phase between the correspondent and the mobile host goes through the mobile’s home network, but the data transfer phase is directly between the correspondent and the mobile host, bypassing the home network.
|
False. Data from the correspondent to the mobile host is always send to the permanent address, i.e., through the mobile’s home network. |
|
|
802.11 provides power-management capabilities. If a wireless device puts its transceiver into sleep mode, why does it not miss any packets send to it?
|
A node will inform the AP that it is going to sleep by setting the power management-bit in the the header of an 802.11 frame that it sends to the AP. After that, the AP will delay sending any frames to the node until the next beacon frame has been sent. A node will also wake up in time to receive the next beacon frame. The beacon frame contains information about whether the AP has data buffered for that node, in which case the node will stay awake and request and receive the buffered data.
|
|
|
Which problem of streaming multimedia data is solved using client buffering and how?
|
Variation in the delay (jitter) causes data at the client to occasionally arrive slower than it has to be played. Having a client buffer that contains the next data to be played allows to even out these variations in delay. If the delay is shorter then on average the buffer will fill up and if the delay is longer than on average then data will be played from the buffer faster than new data arrives. |
|
|
In a virtual-circuit packet-switched network, a router maintains state information for each connection passing through the router. (T/F)
|
True |
|
|
If a router A sends a packet to router B, it is possible that the first bit reaches the router B before router A finishes transmitting. (T/F)
|
True, if the propagation delay is smaller than the transmission delay (the link is short and has a low data rate).
|
|
|
A user requests a Web page that consists of some text and two images. For this page, the client will send one request message and receive three response messages. (T/F)
|
False. Each object is requested separately |
|
|
SMTP is used to transfer messages from mail server to a user agent (mail client). (T/F)
|
False. SMTP is only used to send emails to mail servers. POP3 or IMAP are used between mail server and receiving mail client. |
|
|
Local DNS name servers cache resource records and never discard them. (T/F)
|
False. Cached resource records have a time to live and are discarded afterwards.
|
|
|
The size of the TCP RcvWindow never changes throughout the duration of the connection. (T/F)
|
False. The receive window is the amount of free buffer space in the receivers receive buffer. Thus it depends on how much data is sent and how fast the receiving application takes data out of the buffer.
|
|
|
In TCP, the acknowledgement number that a host puts in a segment is the sequence number of the next byte the host is expecting from the sender. (T/F) |
True. In TCP, the acknowledgement number that a host puts in a segment is the sequence number of the next byte the host is expecting from the sender. |
|
|
In TCP, the acknowledgement number that a host puts in a segment is the sequence number of the next byte the host is expecting from the sender. (T/F) |
False. The route through a circuit-switched network is determined and fixed before the first (data) packet is sent and does not change afterwards.
|
|
|
In a distance-vector routing algorithm, each node has a map of the entire network and determines the shortest path from itself to all other nodes in the network. (T/F)
|
False. In a distance-vector routing algorithm, each node has a map of the entire network and determines the shortest path from itself to all other nodes in the network.
|
|
|
The network layer of a host with IP 192.168.10.17 and netmask 192.168.10.0/24 will handle an IP datagram it receives if it is addressed to 192.168.10.255. (T/F)
|
True. 192.168.10.255 is the broadcast address of the 192.168.10.0/24 network which 192.168.10.17 belongs to.
|
|
|
Consider a twisted-pair Ethernet in which all nodes are 50 meters from the hub. The time it takes for a bit to propagate from hub to node for a 10BaseT Ethernet (10 MBit data rate) is the same as for a 100BaseT Ethernet (100 MBit data rate). (T/F) |
True. Propagation delay only depends on distance and propagation speed of the medium (twisted-pair copper wire), not on the data rate. The data rate only influences the time interval between bits.
|
|
|
In multimedia streaming over TCP, the TCP receive buffer and the media player’s client buffer are the same thing. (T/F)
|
False. The TCP receive buffer is in the transport layer and typically limited in size by the OS, while the client buffer is in the application itself and can be of arbitrary size.
|
|
|
Which layer is responsible for moving frames from one hop (node) to the next? A. network layer |
D. link layer |
|
|
When a TCP segment arrives to a host, the socket to which the segment is directed depends on |
A. the source port number
(side note: TCP sockets are defined by the combination of the four values: source and
|
|
|
In the ___ algorithm of TCP, the size of the congestion window increases exponentially |
A. slow-start |
|
|
The ICMP protocol (that is, for example, used by the ping command) |
B. runs directly on top of IP |
|
|
You have a network ID of 192.168.10.0 and require at least 16 host IDs for each subnet, with the largest amount of subnets available. Which subnet mask should you assign to the single subnets?
|
B. 255.255.255.224 (or /27) (side note: : If we have 16 host IDs in a subnet, we need at least 18 IP addresses (subnet address and broadcast address cannot be used as host IDs). Thus, we need at least 5 bits for the host part of the IP address, which leaves at most 27 bits for the subnet address. To maximize the number of subnets, we need to make each subnet as small as possible.)
|
|
|
The Routing Information Protocol (RIP) is an intra-AS (intradomain) routing based on D. store-and-forward routing |
B. link-state routing (Dijkstra) (side note: If you do not want to remember this, use this reasoning: Link state routing requires complete information about the network structure. This is not possible for inter-AS routing (between different autonomous systems), but for routing within one autonomous system.)
|
|
|
Using public-key cryptography, suppose Bob wants to send a message to Alice, and Alice wants to be sure that the message was indeed sent by Bob. Then Bob should |
C. encrypt the message with his private key and send the encrypted
|
|
|
SSL provides |
A. encryption for messages sent by both client and server |
|
|
What is the role of output queue in packet switching? |
Output queue (or output buffer) stores packets that the router is about to send. The output queue plays a key role in packet switching. If an arriving packet needs to be transmitted onto a link but finds the link busy with the transmission of another packet, the arriving packet must wait in the output queue. |
|
|
A circuit in a link is implemented with either frequency-division multiplexing (FDM) or time division multiplexing (TDM). What is the difference between FDM and TDM? |
With FDM, each circuit continuosly gets a fraction of the bandwith. With TDM, each circuit gets all of the bandwith periodically during brief intervals of time.
|
|
|
Consider sending a packet from a source host to a destination host over a fixed route. List the delay components in the end to end delay. Which of these delays are constant and which are variable?
|
Nodal processing delay (constant), queuing delay (variable), transmission delay (constant) and propagation delay (constant).
|
|
|
Network protocol stack is designed in layers and communication between two hosts happens in a peer to peer fashion. What is the motivation behind protocol layering.
|
Layering provides a structured way to discuss system components. Modularity makes it easier |
|
|
Recall that TCP can be enhaved with SSL to provide process-to-process security services, including encryption. Does SSL operate at the transport layer or the application layer? If the application developer wants TCP to be enhanced with SSL, what does the developer have to do? |
SSL operates on the application layer. If an application developer wants to enhance TCP with SSL he will need to include SSL code on both client and server side of the application |
|
|
What is the role of HTTP? Why is it called a stateless protocol? |
HTTP defines the structure that defines HTTP messages and how the client and server exchange them. HTTP is said to be stateless protocol because the HTTP servers maintain no information about the clients. That is each command or request is executed without any knowledge of the commands that came before. |
|
|
Why do HTTP, FTP, SMTP and POP3 run on top of TCP rather than on UDP? |
Because by using TCP the protocols can be sure arrives intact at the client without any data loss and in the correct order. TCP is more reliable then UDP because UDP may loose some data along the way. |
|
|
An application-layer protocol defines four items. What are they? |
1. The types of messages exchanged. F.x. request and response message.
|
|
|
HTTP/1.1: Explain the mechanism used for signaling between the client and server to indicate that a persistent connection is being closed. Can the client, the server, or both |
The signaling takes place using the Connection header field. Once a close of a connection has been signaled the client must not send any request on that connection. |
|
|
HTTP/1.1: What encryption services are provided by HTTP? |
HTTP doesn't provide any encryption service. |
|
|
HTTP/1.1: Can a client open three or more simultaneous connections with a given server? |
It's possible but not recommended. Clients that use persistent connection should limit the number of simultaneous connections. A single-user should not have more then two connections with any server or proxy. |
|
|
HTTP/1.1: Either a server or a client may close a transport connection between them if either one detects the connection has been idle for some time. Is it possible that one side starts closing a connection while the other side is transmitting data via this connection? Explain.
|
Yes, it is possible. A client might have started to send a new request but at the same time the server is closing the connection. From the server point of view the connection is being close because it was idle, even though the client |
|
|
Name three error-detection strategies employed by link layer: |
1. Parity checking
|
|
|
While TDM and FDM assign time slots and frequencies, CDMA assigns a different code to each node. Explain the basic principle in which CDMA works |
After CDMA assigns a different code to each node, each node then uses its unique code to encode the data bits it sends. If the codes are chosen carefully, CDMA networks have the property that different nodes can transmit simultaneously and yet have their repective receivers correctly receive a sender's encoded data bits in spite of interfering transmissions by other nodes.
|
|
|
Why does collision occur in CDMA, if all nodes perform carrier sensing before transmission? |
Propagation delay means two nodes may not hear each other’s transmission. The longer this propagation delay, the larger the chance that a carrier-sensing node is not yet able to sense a transmission that has already begun at another node in the network.
|
|
|
Each host and router has an ARP table in its memory. What are the contents of this table? |
IP address, MAC address, TTL
|
|
|
What are the two main purposes of a CTS frame? |
It gives the sender explicit permission to send and also instructs the other stations not to send for the reserved duration
|
|
|
Each host and router has an ARP table in its memory. What are the contents of this table? |
IP address, MAC address, TTL |
|
|
What are the two main purposes of a CTS frame?
|
It gives the sender explicit permission to send and also instructs the other stations not to send for the reserved duration
|
|
|
If a node has a wireless connection to the Internet, does that node have to be mobile ? Explain.
|
No, wireless does not always mean mobility. It’s called to be stationary if it’s non- mobile |
|
|
Suppose that a user with a laptop walks around the house with the laptop, and always accesses the Internet through the same access point. Is this user mobile from a network standpoint? Explain. |
This user is called mobile wireless user, with no mobility since he uses the same access point all the time.
|
|
|
What are the purposes of the HLR and VLR in GSM networks? What elements of mobile IP are similar to the HLR and VLR?
|
HLR: database in home network containing permanent cell phone number, profile information (services, performances, billing) and information about current location. Home network – HLR
|
|
|
What are the advantages of client buffering? |
It mitigates the effects of varying end-to-end delays and varying amounts of available bandwidth between server and client. |
|
|
What mechanisms are used at the receiver side to eliminate packet jitter? |
Delaying playout of chunks at the receiver. The playout delay of the received audio chunks must be long enough so that most of the packets are received before their scheduled playout times. This playout delay can either be fixed throughout the duration of the audio session or vary adaptively during the audio session lifetime.
|
|
|
Operational devices such as firewalls and intrusion detection systems are used to counter attacks against an organization's network. What is the basic difference between a firewall and an intrusion detection system
|
A firewalls its between the organization 's network and the public network, controlling packet access to and from the network. An intrusion detection system performs "deep packet inspection," alerting the network administrators about suspicious activity.
|
|
|
In what way does a hash provide a better message integrity check than a checksum (such as the Internet checksum)? |
Checksum is a poor crypto hash function, because a message with a given hash value, it is easy to find another message with the same hash value. But with hash function a given message digest z is computationally infeasible to find m such that x = H(m).
|
|
|
Name two popular secure networking protocols in which public key certification is used.
|
SSL protocol and IPsec protocol.
|
