University of Toronto Faculty of Applied Science and Engineering Final Exam, December 2009 ECE 461: Internetworking Examiner: J. Liebeherr Exam Type: A Calculator: Type 2 There are a total of 10 problems. Note the information about header formats and a binary-decimal conversion table on the last pages. Write your solutions into an answer book. Make sure your name is on the answer book. Do not write answers in this handout. 1
Problem 1. (10 points) Below is the traffic capture of a packet in hexadecimal notation. The capture consists of an Ethernet II header, followed by an IP header, followed by a TCP header. (Hint: Each digit corresponds to 4 bits.) 00e0 f923 a820 00a0 2471 e444 0800^4500 002c 9d08 4000 8006 8bff 808f 8990 808f 4715^065b 0050 0009 465b 0000 0000 6002 2000 598e 0000 0204 05b4 a. (2 points) Indicate the beginning and end of the IP header. b. (2 points) Provide the value of the Source IP Address and the Destination IP address (Use dotted decimal notation!) c. (2 points) How can you tell that the Ethernet header is followed by an IP header? How can you tell that the IP header is followed by a TCP header? Indicate the relevant information in the captured data. d. (2 points) How can you tell from the captured data that the IP datagram has not been fragmented? Indicate the relevant information in the captured data. e. (2 points) How can you tell that there is no payload following the TCP header? Since there is no payload in the above packet, what is the purpose of this packet? (a) see ^ above. (b) Source IP address: 128.143.137.144 Destination IP address: 128.143.71.21 (c) (d) See bold entries above. Type filed in Ethernet header (type = 0x800) indicates IP in payload. Protocol field in IP header (protocol=6) indicates TCP in payload See underline data. Flags are set to: 010 = 1 st bit = 0 2 nd bit = DF=1 3 rd bit = MF=0 Payment offset is set to all 0 s (e) (see green solution) IP header total length = 44 bytes IP header size = 5 x 4 = 20 bytes TCP header size = 6 x 4 = 24 bytes. IP and TCP header length are equal to IP header size. Purpose of packet is in the flag (The second bit from the right is set to 1) SYN packet 1. URG: Urgent Pointer field significant 2. ACK: Acknowledgment field significant 2
3. PSH: Push Function 4. RST: Reset the connection 5. SYN: Synchronize sequence numbers 6. FIN: No more data from sender 3
Problem 2. (10points) ConsiderthefollowingfigurewithfourIPsubnetworks(A,B,C,D)andthreerouters(R1,R2, R3).TheIPconfigurationoftherouterinterfacesisindicated. a. (5 points) Consider the following hosts and their IP addresses: Host IP address Solution H1 142.150.7.23 B H2 128.100.197.4 C H3 128.100.240.22 C+D For each host, determine the subnetworks, if any, that the host can be placed on. For each feasible placement, provide the name of the subnetwork (A,B,C, D) and the required subnetmask. b. (3 points) Fill up the remaining routing table entries at router R2 (One entry is given.) Network with Prefix Next hop 142.150.11.0/24 128.142.150.5.36 142.150.0.0/16 direct 128.100.192.0/1 8 128.100.224.0/1 9 direct 128.100.200.2 c. (2 points) Could two hosts have the same IP address but different subnetmasks? Explain your answer. Answer is No, but there is >1 reason: - Largest prefix match will select entry for smallest subnet (i.e., longest prefix). - ARP resolution is no longer unique. 4
5
Problem 3. (10 Points) a. (2 points) Explain why the use of CIDR (Classless Interdomain routing) in the Internet helps to reduce the size of routing tables. b. (2 points) Using CIDR leads to a hierarchical allocation of IP addresses. What is a disadvantage of allocating IP addresses in a hierarchical fashion? Explain. c. (2 points) Express the entire Class B address space using the CIDR notation for IP addresses. d. (4 points) In the following routing table, indicate the entries that result in a match for destination address 128.9.200.20? On which interface will an IP datagram with this destination address be transmitted? Explain. Network with Interface Solutions Prefix 128.0.0.0/8 3 Hit 128.9.0.0/16 5 Hit 128.9.192.0/20 2 Hit 128.9.192.0/22 4 128.9.192.0/24 7 128.9.200.0/24 8 Hit 128.9.200.0/28 10 128.9.200.16/28 1 Hit Selected Interface 128.9.200.16/30 9 128.9.192.8/30 6 a) CIDR permits aggregation for path with same outgoing interface. b) When IP addresses are derived hierarchically, then IP addresses are a subblock of those from the ISP. Changing ISP then requires changing IP addresses. c) 128.0.0.0/2 d) see table 6
Problem 4. (10 points) The Path MTU is the smallest MTU of each hop between the source and the destination. In the example below, the path MTU is given by 100 bytes. a. (4 Points) Explain how a source host that has knowledge of the Path MTU can improve the performance of IP datagram transmissions to a destination host. b. (6 Points) Describe how a source host can take advantage of the ICMP protocol to determine the Path MTU to a destination host. a) When a source knows the Path MTU, it can enforce that IP datagrams do not exceed the Path MTU. In this way, fragmentation is avoided. This will improve performance. b) (This was discussed in one of the lectures). If the DF bit is set in an IP datagram, a packet is not fragmented if it exceeds the MTU. Instead an ICMP message is sent to the source. The ICMP message has Type=3, Code-4, meaning Fragmentation Needed and DF Bit Set. The procedure is as follows: A source sends a large datagram to the destination, if it receives an ICMP message (of above type and code), then the datagram has exceeded the MTU on one link. Next, the source sends a smaller IP datagrams, and waits for an ICMP. This procedure is repeated until ICMP message is received. This means the Path MTU is found. 7
Problem 5. (10 points)consider the following set of prefixes A. 010* B. 1100* C. 101* D. 00* E. 0111* F. 01* G. 111* H. 1* I. 11* a) (4 points) Construct a binary trie for the set of prefixes. b) (3 points) Construct a disjoint-prefix binary trie. c) (3 points) Suppose the last two prefixes (H and I) are removed. Construct the disjointprefix binary trie after the removal. a) b) c) Remove nodes H and I in (b) above. 8
Problem 6. (10 Points) The figure shows a network of bridges (LAN switches) and LANs. The bridges run the IEEE 802.1d spanning tree protocol (STP). The Bridge IDs and port IDs are given in the figure. d r d r d r d r d r d r d r a. (5 points) After the spanning tree algorithm has converged, provide the following information for each bridge: Which is the root port? Which, if any, are designated ports of a bridge? Which, if any, are blocked ports. Provide your answer in a table with the following format: Bridge 1 Bridge 2 Bridge 3 Bridge 4 Bridge 5 Bridge 6 Bridge 7 Bridge 8 Root Port - 1 2 2 2 1 1 1 Designated Ports Blocked ports 1,2 2 3 3 3,4 - - - - - 1 1 1 2 2 2 b. (5 points) After the spanning tree algorithm has converged, provide the content of the BPDU(s) sent on each LAN. For each BPDU, provide <root, cost, bridge, port> fields. Provide your answer in a table with this format: LAN A LAN B LAN C LAN D LAN E LAN F LAN G Content of the BPDU(s) 1,0,1,1 1,1,2,2 1,0,1,2 1,1,5,3 1,2,4,3 1,1,5,4 1,2,3,3 9
Problem 7. (10 Points) The figure (next page) shows a network of bridges (LAN switches), routers and hosts. The IP configuration of the hosts and routers is as follows: Ethernet Interface Default Gateway Ethernet Interface eth1 eth0 Host1 10.0.3.21/24 -- 10.0.3.3 Host2 10.0.3.12/16 -- 10.0.1.2 Host3 10.0.1.11/24 -- 10.0.1.2 Host4 10.0.4.41/16 -- 10.0.4.3 Router1 10.0.3.3/24 10.0.1.2/24 10.0.3.2 Router2 10.0.3.2/24 10.0.4.3/24 10.0.3.3 Assume that Proxy ARP is enabled on all interfaces on all routers. a. (4 points) Describe the route taken by the Echo Request and Echo Reply messages of the following PING commands. For each PING command, state if it is successful. If not, state where the command fails. 1. On Host 2: ping 10.0.3.21 2. On Host 4: ping 10.0.1.11 Host 4: ARP Request R2 (or R4): ARP Reply Host 2: ICMP Echo Request R2 (or R1) H1 Host 1: ARP Request No answer to ARP Request FAILURE b. (3 points) Suppose that Proxy ARP is disabled on all routers. Explain how the outcomes in (a) changes. Host 4: ARP Request Host 3: ARP Reply Host 4: ICMP Echo Request (Host 4 Bridge 2 Bridge 1 Host 3) Host 3: ICMP Echo Reply (Host 3 Bridge 1 Bridge 2 Router 1 Router 2 Bridge2 Host 4) SUCCESS 10
c. (3 points) Is it necessary to run the Spanning Tree Protocol (STP) on Bridges1 and 2? Explain your answer. No. There is no cycle and STP is not needed. Figure. Problem 7. 11
Problem 8. (10 Points) TCPincorporatesseveraloptimizationswhichattempttoimprovethetransferofdata: DelayedAcknowledgement:WhenTCPreceivesdata,itdoesnotsendanACK immediately.instead,itdelaysthetransmissionoftheackforsometime(200msisa typicaldelay). Nagle salgorithm EachTCPconnectioncanhaveonlyonesmall(1 byte)segment outstandingthathasnotbeenacknowledged.thatis,thenextsmallsegmentcanbe sent,onlyifthepreviousonehasbeenacknowledged. ExplainhowthesemechanismsimprovethetransmissionofdatainaTCPconnection.For eachofthemechanisms,describeascenariowhichdemonstratesthebenefitsofthe mechanism. Answer: Delayed Acknowledgment tries to reduce the number of ACK packets which do not carry data. Instead of sending an ACK immediately, a TCP receiver waits for some time, hoping that it has data to be sent in the opposite direction. If this is the case, then the ACK can be piggybacked, effectively saving the transmission of data. The scenario is the rlogin example shown in the text slides Nagle s algorithm tries to minimize the number of small packets (which have 1 byte of data and 40 bytes of TCP and IP header). The example scenario is an rlogin example in a wide-area network. Here, it can be observed that there are few single-byte segments. Since the sender can send only one single-byte segment, and then has to wait for an ACK, the sender has normally accumulated several bytes (typed by the user) which are sent in the next packet. 12
Problem 9. (10 Points) In TCP it may happen that the receiver only advertises small windows, and the sender only sends small packets. This situation, which may persist for a long period of time, is known as the Silly- Window Syndrome. For example, if a sender has a lot of data to send, the sender may initially send many packets, until the receive buffers are full. After that, it may happen that the receiver advertises only small windows, allowing the sender to transmit only very few bytes. Propose the addition of rules to TCP that avoid the Silly-Window Syndrome. Explain your answer. 1. The receiver should not be allowed to advertise small segments. 2. The sender should not transmit until the advertised window is large enough to sent a full sized segment. (Increasing window at receiver is a trival solution that does not earn much credit). 13
Problem 10. (10 points) Some of the Internet DNS root nameservers exist in multiple locations on different continents. For example, the M root server with IP address 202.12.27.33 exists in six locations in Japan, Korea, Europe, and North America. Propose a solution so that DNS requests to the M root server are routed to the nearest location of a M root server. Your solution must satisfy all of the following requirements: a) Each M root server must be reachable at the same IP address (202.12.27.33). b) You cannot modify the DNS protocol or any other protocol. c) You cannot use a central server that dispatches requests to the M root server. Describe your solution and explain why it works. The solution is described in RFC 3258: Distributing Authoritative Name Servers via Shared Unicast Addresses (2002) This is an anycast scenario: Anycast is usually implemented by using BGP to simultaneously announce the same destination IP address range from many different places on the Internet. This results in packets addressed to destination addresses in this range being routed to the "nearest" point on the net announcing the given destination IP address. 14