Computer Networks - Final Exam Prof. J.-P. Hubaux and Dr. M. H. Manshaei January 27, 2009 Duration: 3:15 hours, closed book. Please write your answers on these sheets, at the end of each question; use extra sheets if necessary (put your name on them). You may write your answers in English or in French. The total number of points is 60. This document contains 18 pages. Student First name: Last name: Division: ✷ Communication Systems ✷ Computer Science ✷ Other (mention it): ......... Year: ✷ Bachelor Year 2 ✷ Bachelor Year 3 ✷ Other (mention it): .........
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
EPFL-logo
Computer Networks - Final ExamProf. J.-P. Hubaux and Dr. M. H. Manshaei
January 27, 2009
Duration: 3:15 hours, closed book.
Please write your answers on these sheets, at the end of each question;use extra sheets if necessary (put your name on them).
You may write your answers in English or in French.
The total number of points is 60.
This document contains 18 pages.
Student First name:Last name:
Division: 2 Communication Systems 2 Computer Science2 Other (mention it): . . . . . . . . .
Year: 2 Bachelor Year 2 2 Bachelor Year 32 Other (mention it): . . . . . . . . .
1 Socket Programming (6 points)Consider the following Java program:
1: public class TCPServer {2: public static void main(String argv[]) throws Exception {3: String clientSentence;4: String capitalizedSentence;5: ServerSocket welcomeSocket = new ServerSocket(6789);6: while(true) {7: Socket connectionSocket = ...8: BufferedReader inFromClient = new BufferedReader(9: new InputStreamReader(connectionSocket.getInputStream()));
10: DataOutputStream outToClient = new DataOutputStream(11: connectionSocket.getOutputStream());12: clientSentence = inFromClient.readLine();13: capitalizedSentence = clientSentence.toUpperCase() + ’\n’;14: outToClient.writeBytes(capitalizedSentence);15: }16: }17: }
Question 1: Complete line 7.
Question 2: Extend the server to print the IP address/port of every connecting client. Use line numbersto indicate which lines should be changed/removed and where new code should be added.
Question 3: Assume that 3 different machines connect to the server (sequentially). As a result, howmany Socket objects will be created by the server? How many TCP ports will be assigned to the server(not including the already assigned port 6789)?
2
Question 4: Complete the code of the TCP client provided below. This client takes one command-line argument, sends it to the server, and displays the answer on the screen. Assume that the addressof the server is compnet.epfl.ch. For simplicity, ignore exception handling.
public class TCPClient {public static void main(String argv[]) throws Exception {
String clientSentence = argv[0] + ’\n’;
}}
Question 5: Implement a program that lists ports between 4096 and 8192 that are assigned to UDPservers or clients (on the local machine). The information printed on the standard output should be ofthe following format: ”UDP Port # is busy”. Complete the code below.
public class UDPscanner{public static void main (String[] args){
for (int i = 4096; i < 8192; i++){
}}
}
3
2 Transport Layer (11 points)
Consider the following plot of TCP window size as a function of time for two TCP connections A andB. In this problem we will suppose that both TCP senders are sending large files. We also assumethat the packet loss events are independent in connection A and B.
2 64 108 1412 16 18
2
4
6
8
10
12
14
Transmission round
Co
ng
est
ion
Win
do
w
(in
se
gm
en
ts)
Connection B
Connection A
20
Figure 1: Evolution of TCP’s congestion windows for two TCP connections A and B.
Question 1: Considering the above values of congestion window (CongWin) for these connections,can we identify the type of TCP connections (Reno or Tahoe) that have been used by connection Aand B? Justify your answers.
4
Question 2: What are the values of the Threshold parameter between the 1st and the 14th transmis-sion rounds for each connection?
Question 3: At the 12th transmission round for connection A, is segment loss detected by a tripleduplicate ACK or by timeout? Justify your answer.
Question 4: Draw (on Figure 1) the CongWin values of both connections up to the 20th transmissionround, considering that there is neither timeout nor duplicate ACK for any of the connections.
Question 5: Assume that the segment size is 1460 bytes and that a total of 87600 bytes havebeen successfully transmitted over connection A before the 13th transmission round. At whichtransmission round the cumulative amount of the successful transmitted data is equal to 163520bytes? Again we assume that there is neither timeout nor duplicate ACK after the 13th transmissionround.
5
3 Network Layer (11 points)
Consider the network in the figure below. The numbers on links between the nodes represent the costscorresponding to these links. Assume that nodes initially know only the costs to their neighbors.
D
BC
E
A
3
7
5
1
2 9
Figure 2: A computer network.
Question 1: Using the distance-vector algorithm, show the distance tables at node E. Assume that thealgorithm works in a synchronous manner, where all nodes simultaneously receive distance vectorsfrom their neighbors, compute their new distance vectors, and inform their neighbors if their distancevectors have changed.
cost toA B C D E
cost toA B C D E
cost toA B C D E
cost toA B C D E
6
Afrom B
DE
Afrom B
DE
Afrom B
DE
Afrom B
DE
Question 2: Create a routing loop between the nodes B and C by changing the cost of the linkbetween the nodes C and D. What is the minimum change in link cost that creates the routing loop?What is this problem alternatively called?
Question 3: How does RIP solve this problem? If RIP were used for routing in the above network,what is the finite number that would play the role of∞?
Question 4: If OSPF were used in the above network, how would it handle the routing loop? Howdo nodes learn the link costs in OSPF?
Question 5: How does BGP solve this problem?
Question 6: Assume the IP addresses of the 5 nodes A, B, C, D, and E are 130.132.5.32,130.132.5.33, . . . , 130.132.5.36. Assume that the network in Fig. 2 is an autonomous system in theInternet with AS number 0. Node A is the BGP gateway of the AS. If A announces 130.132.5.0/28as the prefix of the network, is it valid? If no, please propose a valid one. Please note that this ASshould be assigned as few IP addresses as possible.
7
4 Link Layer (10 points)
Suppose three active nodes – nodes n1, n2, and n3 – are competing for access to a channel usingslotted ALOHA. The channel is capable of transmitting a given frame at the full channel rate of RMbps. Assume each node has an infinite number of packets to send. Each node attempts to transmitin each slot with probability pi, i ∈ {1, 2, 3}.
Question 1: What is the probability Ps, as a function of p1, p2, and p3, that in a given slot a frame istransmitted successfully? How is this probability related to the network throughput?
Question 2: What is the probability of successful transmission for node n1? What is the value of p1
that maximizes throughput of node n1?
Question 3: Now assume that node n3 always transmits its packets with p3 = 0.2 and that noden1 and n2 decide to cooperate with each other and send their packets with probability p (i.e.,p = p1 = p2). What is the value of p that maximizes the throughput of this network? What is thevalue of p that maximizes the throughput of nodes n1 and n2?
8
Question 4: Solve Question 3, assuming that nodes use pure ALOHA instead of slotted ALOHA.
Question 5: Consider a host A that is connected to a local network through a network interface withan IP address 1.1.1.10 and a MAC address AA-AA-AA-AA-AA-AA. At some point in time, a newhost B is connected to the same local network, through a network interface with an IP address 1.1.1.11and a MAC address BB-BB-BB-BB-BB-BB. Assume that host A knows the IP address of host B.List, in the table below, all the link layer frames that are exchanged between A and B, assumingthat A sends two IP packets to B immediately after B connects to the local network. Preserve theframe order. Note: The length of the table does not necessarily match the actual number of framesexchanged.
MAC address IP address
Frame Type source destination source destination
5.
6.
7.
9
1.
2.
3.
4.
5 Network Security (7 points)
Host A wants to send a large file of F bits to host B securely (i.e., protect the confidentiality andintegrity of packets). A and B are connected by two routers R1 and R2 (Figure 3). A TCP flow isinitiated by A towards B and all packets are forwarded by routers R1 and R2. We assume that A andB never exchanged information in the past and that there is no other communication channel betweenA and B.
A BR1 R2
Figure 3: Host A and host B are connected by R1 and R2.
Question 1: Is it possible for the routers (R1 or R2) to inject content in the TCP flow without causinga loss of any original packets sent from A to B? If yes, explain how. If no, explain why.
Question 2: Host A decides to establish an SSH connection with host B using public key authenti-cation. We assume that both hosts A and B self-generate a public/private key pair. Is it still possiblefor the routers (R1 or R2) to inject content in the TCP flow without losing any of the original packetssent from A to B? If yes, explain how. If no, explain why.
10
Question 3: Host A decides to use SSL. Hosts A and B, as well as routers R1 and R2 are assigneda public/private key pair together with its corresponding certificate signed by a common certificationauthority. All nodes know the public key of the certification authority.
a. In this example, even though SSL is used, all packets going through the routers are not en-crypted. Explain how is this possible.
b. Assuming that all packets are now properly encrypted with SSL, is it possible for the routers(R1 or R2) to inject content in the TCP flow without losing any of the original packets sentfrom A to B? Is it possible to eavesdrop communications? Justify your answers.
Question 4: Assume that host A and B want to protect the anonymity of their communications fromthe routers. To do so, the routers forwarding the packets between A and B should not know the entirecommunication pattern: R1 should only know the source of communications, whereas R2 shouldonly know the destination. Explain how A can protect the anonymity of the packets it sends to Bwith SSL. (Hint: assume that the packet format is [source||destination||payload] and that packetscan be encrypted several times.)
11
6 Wireless and Mobile Networks (5 points)
Question 1: TDMA
Assume that two hosts share a base station to access the infrastructure. They use a TDMAframe with 2 time slots of duration T1 and T2 to share the spectrum: Each node i ∈ {1, 2} trans-mits during Ti and has a transmission rate Ri. What is the total throughput? What happens if T1 = T2?
Question 2: Channel Allocation
Consider that there are 4 apartments on the same floor in your building. In each apartment, thereis an IEEE 802.11b wireless access point to connect to the Internet.
Assume that their SSIDs are “home1”, “home2”, “home3”, and “home4”. The distance betweenthe access points “home1” and “home4” is the highest among distances between access points, butthey are all in the transmission range of each other.
a. If all APs have been configured to operate over channel 8, can anybody use its wireless connec-tion? Justify your answer.
12
b. What is the optimum design for channel allocation in this problem such that at least two AP donot interfere with each other?
Question 3: Mobile IP
a. In mobile IP with indirect routing, will the end-to-end delays of datagrams increase? Justifyyour answer. What if direct routing is used?
b. What are the advantages and disadvantages of direct routing over indirect routing?
13
7 The Web (10 points)
Recently in the UK, the major UK ISPs blocked its users from viewing a particular entry of Wikipedia(more precisely, a URL). This was done after the request from the Internet Watch Foundation, whichfound this particular entry offensive. The action, aside from igniting a debate on Internet censorship,had an interesting side-effect. Quoting an administrative noticeboard on Wikipedia:
“Due to the way the block was created (via transparent proxies), users from the affectedISPs now share a small number of IP addresses. This means that a user committingvandalism cannot be distinguished from all the other people on the same ISP. Unfortu-nately, the effect of this is that all users from the affected ISPs are temporarily blockedfrom editing Wikipedia. Simply viewing the site is not affected, aside from the blockedcomposition and image.”
Based on this text, and your networking knowledge, answer the following questions:Question 1: Does Wikipedia block any users from viewing its content? If yes, in what way?
Question 2: Does Wikipedia block any users from editing its content? If yes, in what way?
We have seen in the lecture and the TPs that to use a web proxy, a user needs to specificallyconfigure his web browser. This is not the case for the transparent proxies deployed by the ISPs inthis example: The http traffic of every user is handled by the transparent proxy. In the next 4 questions,we are going to investigate how such a proxy could be implemented, such that its behavior would beconsistent with the behavior described in the Wikipedia noticeboard. For simplicity we ignore theTCP connection and acknowledgement mechanisms. NOTE: There is more than one solution thatwill be considered correct.
We assume that the ISP configures its network such that every TCP/IP packet with destinationport 80 originated at a user is routed to the transparent proxy. We further assume that the IP ad-dress of Wikipedia is IPwiki, and the URL to be blocked is URLblock = hostname(URLblock) +pathname(URLblock).
A following TCP/IP packet carrying an HTTP message arrives at the transparent proxy:source IP destination IP . . . source port destination port . . .IPuser IPweb−server portuser portweb−server = 80GET pathname(URL) HTTP/1.1Host: hostname(URL)
14
Question 3: Define a condition based on which the transparent proxy decides to block the HTTPrequest or allow it through.
Question 4: If the transparent proxy decided to block the request, it is going to immediately reply tothe client. Describe (fill in all the fields in the table below) the packet that the transparent proxy isgoing to reply with. For simplicity, assume that the reply fits in a single IP packet. Give an overviewof the HTTP payload, not an actual HTTP message.
source IP destination IP . . . source port destination port . . .
Question 5: If the transparent proxy decided to allow the request through, it is going to be routed tothe web server. Describe the packet that the transparent proxy sends to the web server, and the packetwith which the web server replies. If the reply packet is modified by the transparent proxy beforereaching the client, describe the reply packet that the proxy send to the client. For simplicity, assumethat the reply fits in a single IP packet. Give an overview of the HTTP payload, not an actual HTTPmessage.
source IP destination IP . . . source port destination port . . .
source IP destination IP . . . source port destination port . . .
source IP destination IP . . . source port destination port . . .
15
Question 6: Does the the transparent proxy operate differently if the arriving packet contains a POSTor a PUT request, instead of a GET request? If yes, how?
NOTE: Questions 7 and 8 must be answered based on the proxy implementation you proposed inquestions 3-6.Question 7: Consider a user of one of the blocking UK ISPs that configures his browser to use a webproxy located in Switzerland. Would such a user be able to edit Wikipedia? Would such a user beable to view the blocked Wikipedia entry? Explain.
Question 8: Consider a user of one of the UK ISPs that is accessing the ISP network from behind aNAT. Would such a user be able to edit Wikipedia? Would such a user be able to view the offendingWikipedia entry? Explain.
16
Question 9: Would it be possible for the ISPs to block only the offending Wikipedia entry, withoutpreventing their users from editing Wikipedia? If yes, explain how. If no, explain why not.
Question 10: Assume, hypothetically, that communication with Wikipedia would be done overHTTPS (with correctly deployed certificates). Could the ISPs block only the offending Wikipediaentry, but allow access to other Wikipedia entries? Explain.
17
18
Related Documents
