CPSC 826 Internetworking, Link Layer, and Network Security Summary http://www.cs.clemson.edu/~mweigle/courses/cpsc826 1 Chapter 4, 5, 8 Topics» Forwarding and Routing» Router Architecture» Internet Protocol (IP)» Routing Algorithms» Routing in the Internet Link Layer» Addressing» Hubs vs. Switches vs. Routers Network Security» Cryptography» Authentication» Key Distribution and Certification 2
Forwarding and Routing» What is the main difference between forwarding and routing?» What routers are involved in forwarding? routing?» How does the routing algorithm interact with the forwarding table? Router Architecture» What are the four main parts of every router?» Where can queuing occur in a router? What is the cause of the queuing?» Where does queuing due to network congestion occur in a router?» Where are AQM techniques applied in a router? 3 IP How many bytes of IP header (assuming no options are used) are appended to each IP datagram? How many bytes of TCP header (again, assuming no options) are appended to each TCP segment? What causes datagram fragmentation? Where is fragmentation and reassembly done (at endpoints, at routers, at both endpoints and routers)? Given a large datagram that will be fragmented and the MTU, give the values of the flag, offset, and size IP header fields. Why do many TCP implementations try to avoid IP fragmentation by setting the MSS to 536 (and why does this value work)? 4
IP Given an IP address in binary, convert it to dotteddecimal notation. What is a subnet? Given a network diagram and IP addresses, identify the subnets. What are the valid IP host addresses for a given CIDR address? What are the advantages of NAT? Given a network and a list of connections, fill in the NAT table. 5 Routing Algorithms What is the goal of a routing algorithm? Give an example of a global routing algorithm and of a decentralized routing algorithm. Given a network, compute the link-state algorithm table. Can the link-state algorithm result in a routing loop? Can the distance-vector algorithm? What causes the count-to-infinity problem in the distance vector algorithm? What mechanism can avoid the count-to-infinity problem in the distance-vector algorithm? What s the main idea behind it? What are the main differences between the link-state algorithm and the distance-vector algorithm? 6
Routing in the Internet What is an AS? Can a gateway router run multiple routing algorithms? If so, what types of routing algorithms do gateway routers run? What are the two major intra-as routing protocols? Is RIP a link-state or distance-vector algorithm? Is OSPF a link-state or distance-vector algorithm? What is the main inter-as routing protocol? Do all gateway/backbone routers in the Internet have to run the same routing protocol? Do all interior routers in the Internet have to run the same routing protocol? Do all interior routers in the same AS have to run the same routing protocol? 7 Link Layer What is a MAC address? How are MAC addresses assigned? How can a host find the MAC address for an interface if it knows its IP address? Why does a host need to know another host s MAC address? Given a network with two subnets, show the IP and MAC level source and destination addresses for a packet traveling between the subnets. Can a machine on a LAN connected with a hub snoop packets from other machines on the LAN? Can a machine on a LAN connected with a switch snoop packets from other machines on the LAN? 8
Network Security Cryptography What is the main difference between symmetric key and public key cryptography? Given the key to a Caesar cipher and ciphertext, decrypt the message. What is the difference between a Caesar cipher and a monoalphabetic cipher? Given a monoalphabetic cipher and a plaintext message, encrypt the message. What algorithm standard is a symmetric key encryption algorithm? 9 Network Security Cryptography Describe how public key encryption and decryption work. What is the main public key encryption standard algorithm? Given values for p, q, e and plaintext, use RSA to encrypt the plaintext. Can public key encryption work in reverse? What could that be used for? 10
Network Security Authentication / Key Distribution and Certification Given a data transfer scenario between Alice and Bob, show how Trudy could interfere. What is the purpose of a key distribution center (KDC)? What is the purpose of a certification authority (CA)? 11