MC0075 -Winter Drive Assignment-2011

Winter 2011Master of Computer Application (MCA) – Semester 3

MC0075 – Computer Networks– 4 Credits(Book ID: B0813 & B0814)

Assignment Set – 1 (60 Marks)

Answer all Questions Each Question carries FIFTEEN Marks

Book ID: B08131. Describe the following:

a. Networks Softwareb. Reference Modelsc. Network Standards

Ans: a. Networks Software

Network software is highly structured. In this section we examine the software techniques. In thefollowing sections we examine the software structuring technique in some detail. The method describedhere forms the keystone of the entire book and will occur repeatedly later on.

Protocol Hierarchy

A protocol is an agreement between the communicating parties on how communication is to proceed.To reduce their design complexity, most networks are organized as a stack of layers or levels, each onebuilt upon the one below it. The number of layers, the name of each layer, the contents of each layer,and the function of each layer differ from network to network. The purpose of each layer is to offercertain services to the higher layers, shielding those layers from the details of how the offered servicesare actually implemented. In a sense, each layer is a kind of virtual machine, offering certain services tothe layer above it. That is the rules and conventions used in the conversations collectively known as aprotocol.

This concept is actually a familiar one and used throughout computer science, where it is variouslyknown as information hiding, abstract data types, data encapsulation, and object-oriented programming.The fundamental idea is that a particular piece of software (or hardware) provides a service to its usersbut keeps the details of its internal state and algorithms hidden from them. Layer n on one machinecarries on a conversation with layer n on another machine. The rules and conventions used in thisconversation are collectively known as the layer n protocol. Basically, a protocol is an agreementbetween the communicating parties on how communication is to proceed. Violating the protocol willmake communication more difficult, if not completely impossible.

A five-layer network is illustrated in figure 2.1. The entities comprising the corresponding layers ondifferent machines are called peers. It is the peers that communicate using the protocol. In reality, nodata are directly transferred from layer n on one machine to layer n on another machine. Instead thedata and control information is passed to the layer immediately below it, until it reaches the lowest layer.This lowest layer is usually referred as physical layer, which interfaces directly with the physicalmedium. The virtual communication is indicated by dotted lines and physical communication by solidlines in figure 2.1

Figure 2.1: Layers, protocols and interfaces

Between each pair of adjacent layers there is an interface. The interface defines which primitiveoperations and services the lower layer offers to the upper one. When network designers decide howmany layers to include in a network and what each one should do, one of the most importantconsiderations is defining clean interfaces between the layers. Doing so, in turn, requires that each layerperform a specific collection of well-understood functions. In addition to minimizing the amount ofinformation that must be passed between layers, clearcut interfaces also make it simpler to replace theimplementation of one layer with a completely different implementation (e.g., all the telephone lines arereplaced by satellite channels) because all that is required of the new implementation is that it offerexactly the same set of services to its upstairs neighbor as the old implementation did. In fact, it iscommon that different hosts use different implementations.

The set of layers and protocols is called Network architecture. A list of protocols used by a system iscalled a protocol stack. The subjects of network architectures, protocol stacks, and the protocolsthemselves are the principal topics of this book.

Figure 2.2: Communication of information in a five-layer network.

Consider the communication between two hosts using a five-layer network. Let ‘M’ be the sourcemessage produced by the application process running at layer 5. This message is to be transmitted tothe layer 5 of the destination machine.

This message is given to layer 4 for transmission as shown in Figure 2.2. Layer 4 puts a header foridentification in front of the message and passes it to lower layer 3. The header includes controlinformation, such as sequence numbers, to allow layer 4 on the destination machine to delivermessages in the right order if the lower layers do not maintain sequence. In some layers, headers canalso contain sizes, times, and other control fields. There might be limit on the size of the message andhence messages can also be segmented.

In many networks, there is no limit to the size of messages transmitted in the layer 4 protocol, but thereis nearly always a limit imposed by the layer 3 protocol. Consequently, layer 3 must break up the

incoming messages into smaller units, packets, prepending layer 3 headers to each packet. In thisexample, M is split into two parts, M1 and M2.

Layer 3 decides which of the outgoing lines to use and passes the packets to layer 2. Layer 2 adds notonly a header to each piece, but also a trailer, and gives the resulting unit to layer 1 for physicaltransmission. Thus the message reaches the lowest layer where it is transmitted through the physicalmedium. The actual flow of the message from the top layer of source machine to the top layer of thedestination machine is illustrated in figure 2.2. The message has to be delivered in proper sequence tothe layers of the destination machine.

At the receiving machine the message moves upward, from layer to layer, with the headers beingstripped off as it progresses by the appropriate layers. Note that none of the headers for layers below nare passed up to layer n.

The important thing is to see the relation of actual flow and virtual flow, the different protocols andinterfaces. Even though we refer network software for the design of all layers, the lower layers areimplemented in hardware or firmware.

Design Issues for the Layers

There are some key design issues that are to be considered in computer networks. Every layer needs amechanism for identifying senders and receivers. As many computers are normally connected innetworks, few of which have multiple processes. A means for a process on one machine is needed tospecify with whom it wants to communicate to. Thus some form of addressing scheme is to be devised.

Another design issue is data transmission modes. It concerns the rules for the data transfer. Thesystems can use serial or parallel transmission, synchronous or Asynchronous transmission, simplex orduplex transmission. The protocol also must determine how many logical channels the connectioncorresponds to and what their priorities are.

Another major design issue is Error Control techniques as physical circuits are not perfect. Some of theerror detecting or correcting codes are to be used at both the ends of the connection. At the same timewe need to consider Flow Control techniques is necessary to keep a fast sender from swamping a slowreceiver. Some systems use some kind of feedback from receiver, which is useful to limit thetransmission rate.

It is inconvenient or expensive to set up separate connection for each pair of communicating processes.Same connection can be used by multiple & unrelated conversation. Thus we need to focus onMultiplexing and de-multiplexing techniques as one of the design issue. Multiplexing is needed in thephysical layer, where all the traffic for all connections has to be sent over at most a few physical circuits.

When there are multiple paths between the source and destination the complexity lies in finding thebest, optimum and shortest path. Hence to find optimum path we need Routing schemes.

Apart from these some of the design issues can be related to security, compression techniques and soon.

Merits and de-merits of Layered Architecture

Advantages of Layered Architecture

· Any given layer can be modified or upgraded without affecting the other layers.

· Modulazition by means of layering simplifies the overall design.

· Different layers can be assigned to different standards, committees, and design teams.

· Mechanisms like packet-switching, circuit-switching may be used without effecting more than onelayer.

· Different machines may be plugged in at different layers.

· The relation between different control functions can be better understood.

· Common lower levels may be shared by different higher levels.

· Functions (especially at lower levels) may be removed from software to hardware and micro-codes.

· Increases the compatibility of different machines.

Disadvantages of Layered Architecture

· Total overhead is higher.

· Two communicating machines may have to use certain functions which they could do without layers.

· As technology changes, the functions may not be in the most cost-effective layer.

Connection-Oriented and Connectionless Services

Layers can offer two types of services to the layers above them. They are Connection oriented andConnection less. Connection oriented service is modeled after telephone system. To use this service,the service user first establishes a connection, uses the connection and then releases the connection. Inmost of the cases the order is preserved so that bits arrive at receiver in the same order as they weresent by the transmitter. In some cases when a connection is established the source, the subnet, and thereceiver conduct negotiation of certain parameters like the maximum size of the message, quality ofservice (QoS) required and other issues.

We have another type of service called Connection less service. This is modeled after the postalsystem. Here each message carries the full destination address, and each one is routed through thesystem independent of each others. Here messages may not arrive at the receiver in the same order asthey were sent, as it depends on the route each message takes on the way to the destination. Sixdifferent types of services are summarized in table 2.1.

Table 2.1: Comparisons of different services

Service Primitives

A service is formally specified by a set of primitives or operations available to the user to access theservice. These primitives tell the service to perform some action or report an action taken by the peerentity. The primitives for the connection-oriented service are given in table 2.2.

Table 2.2: Service primitives for a connection oriented service

Communication in a simple client server model using the above service primitives is illustrated in figure2.3. First the server executes the LISTEN to indicate that is ready to accept incoming connections. Theclient executes CONNECT (1) to establish the connection with the server. The server now unblocks thelistener and sends back an acknowledgement (2). Thus the connection is established.

Figure 2.3: Simple client server model on a connection oriented network

The next step for a server is to executes a RECEIVE (3) to prepare to accept the first request. Thearrival of the request packet unblocks the server so that it can process the request. After it has done thework it uses SEND (4) to answer to the client. It all the data transfer is done then it can useDISCONNECT (5) suspending the client. When the server gets this packet, it also issues aDISCONNECT (6) and when it reaches the client, the client process is releases and the connection isbroken. In the process packets may get lost, timings may be wrong, many other complex issues.

The Relationship of Services to Protocols

Figure 2.4: Relationship between the service and protocols

A service is a set of primitives that a layer provides to the layer above it. The service defines whatoperation the layer is prepared to perform on behalf of its users. It says nothing about theimplementation of these operations.

A protocol is a set of rules governing the format and meaning of the packets, or messages that areexchanged by the peer entities within a layer. Figure 2.4 illustrates the relationship of services toprotocols. Entities use protocols to implement their service primitives. Protocols relate to the packetssent between entities.

b. Reference models

There are two important network architectures. They are ISO-OSI reference model and TCP/IPreference model. These two are discussed below.

The OSI Reference Model

This reference model is proposed by International standard organization (ISO) as a a first step towardsstandardization of the protocols used in various layers in 1983 by Day and Zimmermann. This model iscalled Open system Interconnection (OSI) reference model. It is referred OSI as it deals with connectionopen systems. That is the systems are open for communication with other systems. It consists of sevenlayers.

Layers of OSI Model

Figure 2.5: ISO – OSI Reference Model

The ISO-OSI reference model is as shown in figure 2.5.

Each layer of the ISO-OSI reference model are discussed below:

1. Physical Layer

This layer is the bottom most layer that is concerned with transmitting raw bits over the communicationchannel (physical medium). The design issues have to do with making sure that when one side sends a1 bit, it is received by other side as a 1 bit, and not as a 0 bit. It performs direct transmission of logicalinformation that is digital bit streams into physical phenomena in the form of electronic pulses.Modulators/demodulators are used at this layer. The design issue here largely deals with mechanical,electrical, and procedural interfaces, and the physical transmission medium, which lies below thisphysical layer.

In particular, it defines the relationship between a device and a physical medium. This includes thelayout of pins, voltages, and cable specifications. Hubs, repeaters, network adapters and Host BusAdapters (HBAs used in Storage Area Networks) are physical-layer devices. The major functions andservices performed by the physical layer are:

· Establishment and termination of a connection to a communications medium.

· Participation in the process whereby the communication resources are effectively shared amongmultiple users. For example, contention resolution and flow control.

· Modulation, is a technique of conversion between the representation of digital data in user equipmentand the corresponding signals transmitted over a communications channel. These are signals operatingover the physical cabling (such as copper and fiber optic) or over a radio link.

Parallel SCSI buses operate in this layer. Various physical-layer Ethernet standards are also in thislayer; Ethernet incorporates both this layer and the data-link layer. The same applies to other local-areanetworks, such as Token ring, FDDI, and IEEE 802.11, as well as personal area networks such asBluetooth and IEEE 802.15.4.

2. Data Link Layer

The Data Link layer provides the functional and procedural means to transfer data between networkentities and to detect and possibly correct errors that may occur in the Physical layer. That is it makessure that the message indeed reach the other end without corruption or without signal distortion andnoise. It accomplishes this task by having the sender break the input data up into the frames called dataframes. The DLL of transmitter, then transmits the frames sequentially, and processes

acknowledgement frames sent back by the receiver. After processing acknowledgement frame, may bethe transmitter needs to re-transmit a copy of the frame. So therefore the DLL at receiver is required todetect duplications of frames.

The best known example of this is Ethernet. This layer manages the interaction of devices with a sharedmedium. Other examples of data link protocols are HDLC and ADCCP for point-to-point or packet-switched networks and Aloha for local area networks. On IEEE 802 local area networks, and some non-IEEE 802 networks such as FDDI, this layer may be split into a Media Access Control (MAC) layer andthe IEEE 802.2 Logical Link Control (LLC) layer. It arranges bits from the physical layer into logicalchunks of data, known as frames.

This is the layer at which the bridges and switches operate. Connectivity is provided only among locallyattached network nodes forming layer 2 domains for unicast or broadcast forwarding. Other protocolsmay be imposed on the data frames to create tunnels and logically separated layer 2 forwardingdomain.

The data link layer might implement a sliding window flow control and acknowledgment mechanism toprovide reliable delivery of frames; that is the case for SDLC and HDLC, and derivatives of HDLC suchas LAPB and LAPD. In modern practice, only error detection, not flow control using sliding window, ispresent in modern data link protocols such as Point-to-Point Protocol (PPP), and, on local areanetworks, the IEEE 802.2 LLC layer is not used for most protocols on Ethernet, and, on other local areanetworks, its flow control and acknowledgment mechanisms are rarely used. Sliding window flow controland acknowledgment is used at the transport layers by protocols such as TCP.

3. Network Layer

The Network layer provides the functional and procedural means of transferring variable length datasequences from a source to a destination via one or more networks while maintaining the quality ofservice requested by the Transport layer. The Network layer performs network routing functions, andmight also perform fragmentation and reassembly, and report delivery errors. Routers operate at thislayer sending data throughout the extended network and making the Internet possible. This is a logicaladdressing scheme values are chosen by the network engineer. The addressing scheme is hierarchical.

The best known example of a layer 3 protocol is the Internet Protocol (IP). Perhaps it’s easier tovisualize this layer as managing the sequence of human carriers taking a letter from the sender to thelocal post office, trucks that carry sacks of mail to other post offices or airports, airplanes that carryairmail between major cities, trucks that distribute mail sacks in a city, and carriers that take a letter toits destinations. Think of fragmentation as splitting a large document into smaller envelopes for shipping,or, in the case of the network layer, splitting an application or transport record into packets.

The major tasks of network layer are listed

· It controls routes for individual message through the actual topology.

· Finds the best route.

· Finds alternate routes.

· It accomplishes buffering and deadlock handling.

4. Transport Layer

The Transport layer provides transparent transfer of data between end users, providing reliable datatransfer while relieving the upper layers of it. The transport layer controls the reliability of a given linkthrough flow control, segmentation/de-segmentation, and error control. Some protocols are state andconnection oriented. This means that the transport layer can keep track of the segments and retransmitthose that fail. The best known example of a layer 4 protocol is the Transmission Control Protocol(TCP).

The transport layer is the layer that converts messages into TCP segments or User Datagram Protocol(UDP), Stream Control Transmission Protocol (SCTP), etc. packets. Perhaps an easy way to visualizethe Transport Layer is to compare it with a Post Office, which deals with the dispatch and classification

of mail and parcels sent. Do remember, however, that a post office manages the outer envelope of mail.Higher layers may have the equivalent of double envelopes, such as cryptographic Presentationservices that can be read by the addressee only.

Roughly speaking, tunneling protocols operate at the transport layer, such as carrying non-IP protocolssuch as IBM’s SNA or Novell’s IPX over an IP network, or end-to-end encryption with IP security (IPsec). While Generic Routing Encapsulation (GRE) might seem to be a network layer protocol, if theencapsulation of the payload takes place only at endpoint, GRE becomes closer to a transport protocolthat uses IP headers but contains complete frames or packets to deliver to an endpoint.

The major tasks of Transport layer are listed below:

· It locates the other party

· It creates a transport pipe between both end-users.

· It breaks the message into packets and reassembles them at the destination.

· It applies flow control to the packet stream.

5. Session Layer

The Session layer controls the dialogues/connections (sessions) between computers. It establishes,manages and terminates the connections between the local and remote application. It provides foreither full-duplex or half-duplex operation, and establishes check pointing, adjournment, termination,and restart procedures. The OSI model made this layer responsible for "graceful close" of sessions,which is a property of TCP, and also for session check pointing and recovery, which is not usually usedin the Internet protocols suite.

The major tasks of session layer are listed

· It is responsible for the relation between two end-users.

· It maintains the integrity and controls the data exchanged between the end-users.

· The end-users are aware of each other when the relation is established (synchronization).

· It uses naming and addressing to identify a particular user.

· It makes sure that the lower layer guarantees delivering the message (flow control).

6. Presentation Layer

The Presentation layer transforms the data to provide a standard interface for the Application layer.MIME encoding, data encryption and similar manipulation of the presentation are done at this layer topresent the data as a service or protocol developer sees fit. Examples of this layer are converting anEBCDIC-coded text file to an ASCII-coded file, or serializing objects and other data structures into andout of XML.

The major tasks of presentation layer are listed below:

· It translates the language used by the application layer.

· It makes the users as independent as possible, and then they can concentrate on conversation.

7. Application Layer (end users)

The application layer is the seventh level of the seven-layer OSI model. It interfaces directly to the usersand performs common application services for the application processes. It also issues requests to thepresentation layer. Note carefully that this layer provides services to user-defined application processes,and not to the end user. For example, it defines a file transfer protocol, but the end user must gothrough an application process to invoke file transfer. The OSI model does not include humaninterfaces.

The common application services sub layer provides functional elements including the RemoteOperations Service Element (comparable to Internet Remote Procedure Call), Association Control, andTransaction Processing (according to the ACID requirements). Above the common application servicesub layer are functions meaningful to user application programs, such as messaging (X.400), directory(X.500), file transfer (FTAM), virtual terminal (VTAM), and batch job manipulation (JTAM).

The TCP/IP Reference Model

The TCP/IP reference model is the network model used in the current Internet architecture. It wascreated in the 1970s by DARPA for use in developing the Internet’s protocols, and the structure of theInternet is still closely reflected by the TCP/IP model. It has fewer, less rigidly defined layers than thecommonly referenced OSI model, and thus provides an easier fit for real world protocols. It isconsidered as the grandfather of the Internet, the ARPANET. This was a research network sponsoredby the Department of Defense in the United States.

A goal was of continuing the conversation between source and destination even if transmission went outof operation. The reference model was named after two of its main protocols, TCP (TransmissionControl Protocol) and IP (Internet Protocol). No document officially specifies the model. Different namesare given to the layers by different documents, and different numbers of layers are shown by differentdocuments. There are versions of this model with four layers and with five layers.

The original four-layer version of the model has layers as shown in figure 2.7. It consists of the followingfour layers

· Layer 4 – Process Layer or Application Layer:

This is where the "higher level" protocols such as FTP, HTTP, etc. operate. The original TCP/IPspecification described a number of different applications that fit into the top layer of the protocol stack.These applications include Telnet, FTP, SMTP and DNS. These are illustrated in figure 2.10.

Telnet is a program that supports the TELNET protocol over TCP. TELNET is a general two-waycommunication protocol that can be used to connect to another host and run applications on that hostremotely.

FTP (File Transfer Protocol) is a protocol that was originally designed to promote the sharing of filesamong computer users. It shields the user from the variations of file storage on different architecturesand allows for a reliable and efficient transfer of data.

SMTP (Simple Mail Transport Protocol) is the protocol used to transport electronic mail from onecomputer to another through a series of other computers along the route.

DNS (Domain Name System) resolves the numerical address of a network node into its textual name orvice-versa. It would translate www.yahoo.com to 204.71.177.71 to allow the routing protocols to find thehost that the packet is destined for.

· Layer 3 – Host-To-Host (Transport) Layer:

This is where flow-control and connection protocols exist, such as TCP. This layer deals with openingand maintaining connections, ensuring that packets are in fact received. The transport layer is theinterface between the application layer and the complex hardware of the network. It is designed to allowpeer entities on the source and destination hosts to carry on conversations. Data may be user data orcontrol data. Two modes are available, full-duplex and half duplex. In full-duplex operation, both sidescan transmit and receive data simultaneously, whereas in half duplex, a side can only send or receive atone time.

· Layer 2 – Internet or Internetworking Layer:

This layer defines IP addresses, with many routing schemes for navigating packets from one IP addressto another. The job of the network layer is to inject packets into any network and have them travelindependently to the destination. The layer defines IP (Internet Protocol) for its official packet format andprotocol. Packet routing is a major job of this protocol.

· Layer 1 – Network Access Layer:

This layer describes the physical equipment necessary for communications, such as twisted pair cables,the signalling used on that equipment, and the low-level protocols using that signalling. The Host-to-Network layer interfaces the TCP/IP protocol stack to the physical network. The TCP/IP reference modeldoes not specify in any great detail the operation of this layer, except that the host has to connect to thenetwork using some protocol so it can send IP packets over it. As it is not officially defined, it varies fromimplementation to implementation, with vendors supplying their own version.

Figure 2.7: TCP/IP Network Protocol

The basic idea of the networking system is to allow one application on a host computer to talk to anotherapplication on a different host computer. The application forms its request, then passes the packet downto the lower layers, which add their own control information, either a header or a footer, onto the packet.Finally the packet reaches the physical layer and is transmitted through the cable onto the destinationhost.

The packet then travels up through the different layers, with each layer reading, deciphering, andremoving the header or footer that was attached by its counterpart on the originating computer. Finallythe packet arrives at the application it was destined for. Even though technically each layercommunicates with the layer above or below it, the process can be viewed as one layer talking to itspartner on the host.

The relations of all protocols that reside in corresponding layers are as shown in figure 2.10.

Figure 2.10: Protocols in TCP/IP reference model.

c. Network standardization

Network standardization is a definition that has been approved by a recognized standards organization.Standards exist for programming languages, operating systems, data formats, communicationsprotocols, and electrical interfaces.

Two categories of standards:

· De facto (Latin for “from the fact”) standards:

These are those that have just happened without any formal plan. These are formats that have becomestandard simply because a large number of companies have agreed to use them. They have not beenformally approved as standards E.g., IBM PC for small office computers, UNIX for operating systems inCS departments. PostScript is a good example of a de facto standard.

· De jure (Latin for “by law”) standards:

These are formal legal standards adopted by some authorized standardization body.

Two classes of standard organizations

· Organizations established by treaty among national governments.

· Voluntary, nontreaty organizations.

From a user’s standpoint, standards are extremely important in the computer industry because theyallow the combination of products from different manufacturers to create a customized system. Withoutstandards, only hardware and software from the same company could be used together. In addition,standard user interfaces can make it much easier to learn how to use new applications.

Most official computer standards are set by one of the following organizations:

· ANSI (American National Standards Institute)

· ITU (International Telecommunication Union)

· IEEE (Institute of Electrical and Electronic Engineers)

· ISO (International Standards Organization)

· VESA (Video Electronics Standards Association)

Benefits of standardization:

· Allow different computers to communicate.

· Increase the market for products adhering to the standard.

2. Discuss the following Switching Mechanisms:a. Circuit switching

b. Message switching

c. Packet switchingAns: a. Circuit switching

A circuit switching network is one that establishes a dedicated circuit (or channel) between nodes andterminals before the users may communicate. Each circuit that is dedicated cannot be used by othercallers until the circuit is released and a new connection is set up. Even if no actual communication istaking place in a dedicated circuit then, that channel still remains unavailable to other users. Channelsthat are available for new calls to be set up are said to be idle. Circuit switching is used for ordinarytelephone calls. It allows communications equipment and circuits, to be shared among users. Each userhas sole access to a circuit (functionally equivalent to a pair of copper wires) during network use.

Figure 4.5: (a) circuit switching (b) packet switching

For call setup and control (and other administrative purposes), it is possible to use a separate dedicatedsignalling channel from the end node to the network. ISDN is one such service that uses a separatesignalling channel. The method of establishing the connection and monitoring its progress andtermination through the network may also utilize a separate control channel.

Circuit switching can be relatively inefficient because capacity is wasted on connections which are setup but are not in continuous use (however momentarily). On the other hand, the connection isimmediately available and capacity is guaranteed until the call is disconnected

Communication using circuit switching involves three phases discussed below:

1. Connection establishment: Before any signal can be transmitted, an end to end circuit must beestablished.

2. Data transfer: Information can now be transmitted from source through the network to the destinationusing the dedicated path established.

3. Termination: After some period of data transfer, the connection is terminated

Consider communication between two points A and D in a network as shown in fig. 4.6. The connectionbetween A and D is provided using (shared) links between two other pieces of equipment, B and C.

Figure 4.6: A four node and 3 link network

Network use is initiated by a connection phase, during which a circuit is set up between source anddestination, and terminated by a disconnect phase as listed above. These phases, with associatedtimings, are illustrated in the figure 4.7.

Figure 4.7: A circuit switched connection between A and D

(Information flows in two directions. Information sent from the calling end is shown in grey andinformation returned from the remote end is shown in black)

After a user requests a circuit, the desired destination address must be communicated to the localswitching node (B). In a telephony network, this is achieved by dialing the number. Node B receives theconnection request and identifies a path to the destination (D) via an intermediate node (C). This isfollowed by a circuit connection phase handled by the switching nodes and initiated by allocating a freecircuit to C (link BC), followed by transmission of a call request signal from node B to node C. In turn,node C allocates a link (CD) and the request is then passed to node D after a similar delay.

The circuit is then established and may be used. While it is available for use, resources (i.e. in theintermediate equipment at B and C) and capacity on the links between the equipment are dedicated tothe use of the circuit.

After completion of the connection, a signal confirming circuit establishment (a connect signal in thediagram) is returned; this flows directly back to node A with no search delays since the circuit has beenestablished. Transfer of the data in the message then begins. After data transfer, the circuit isdisconnected; a simple disconnect phase is included after the end of the data transmission.

Delays for setting up a circuit connection can be high, especially if ordinary telephone equipment isused. Call setup time with conventional equipment is typically on the order of 5 to 25 seconds aftercompletion of dialing. New fast circuit switching techniques can reduce delays. Trade-offs betweencircuit switching and other types of switching depend strongly on switching times.

b. Message switching

Message switching was the precursor of packet switching, where messages were routed in their entiretyand one hop at a time. It was first introduced by Leonard Kleinrock in 1961. Message switching systemsare nowadays mostly implemented over packet-switched or circuit-switched data networks

Hop-by-hop Telex forwarding are examples of message switching systems. E-mail is another exampleof a message switching system. When this form of switching is used, no physical path is established inadvance in between sender and receiver. Instead, when the sender has a block of data to be sent, it isstored in the first switching office (i.e. router) then forwarded later at one hop at a time.

Each block is received in its entity form, inspected for errors and then forwarded or re-transmitted. It is aform of store-and-forward network. Data is transmitted into the network and stored in a switch. Thenetwork transfers the data from switch to switch when it is convenient to do so, as such the data is nottransferred in real-time. Blocking can not occur, however, long delays can happen. The source anddestination terminal need not be compatible, since conversions are done by the message switchingnetworks.

Again consider a connection of a network shown in figure 4.6. For instance, when a telex (or email)message is sent from A to D, it first passes over a local connection (AB). It is then passed at some latertime to C (via link BC), and from there to the destination (via link CD). At each message switch, thereceived message is stored, and a connection is subsequently made to deliver the message to theneighboring message switch. Message switching is also known as store-and-forward switching since themessages are stored at intermediate nodes en route to their destinations.

Figure 4.8: Message switching to communicate between A and D

The figure 4.8 illustrates message switching; transmission of only one message is illustrated forsimplicity. As the figure indicates, a complete message is sent from node A to node B when the linkinterconnecting them becomes available. Since the message may be competing with other messagesfor access to facilities, a queuing delay may be incurred while waiting for the link to become available.The message is stored at B until the next link becomes available, with another queuing delay before itcan be forwarded. It repeats this process until it reaches its destination.

Circuit setup delays are replaced by queuing delays. Considerable extra delay may result from storageat individual nodes. A delay for putting the message on the communications link (message length in bitsdivided by link speed in bps) is also incurred at each node enroute. Message lengths are slightly longerthan they are in circuit switching, after establishment of the circuit, since header information must beincluded with each message; the header includes information identifying the destination as well as othertypes of information. Most message switched networks do not use dedicated point-to-point links.

c. Packet switching

Packet switching splits traffic data (for instance, digital representation of sound, or computer data) intochunks, called packets. Packet switching is similar to message switching. Any message exceeding anetwork-defined maximum length is broken up into shorter units, known as packets, for transmission.The packets, each with an associated header, are then transmitted individually through the network.These packets are routed over a shared network. Packet switching networks do not require a circuit tobe established and allow many pairs of nodes to communicate almost simultaneously over the samechannel. Each packet is individually addressed precluding the need for a dedicated path to help thepacket find its way to its destination.

Packet switching is used to optimize the use of the channel capacity available in a network, to minimizethe transmission latency (i.e. the time it takes for data to pass across the network), and to increaserobustness of communication.

Again consider the same network as shown in figure 4.6. Now the message of figure 4.8 is broken intothree small units called packets and labeled 1-3 as illustrated in figure 4.9.

Figure 4.9: Packet-switched communication between A and D

The most well-known use of packet switching is the Internet. The Internet uses the Internet protocolsuite over a variety of data link layer protocols. For example, Ethernet and Frame relay are verycommon. Newer mobile phone technologies (e.g., GPRS, I-mode) also use packet switching. Packetswitching is also called connectionless networking because no connections are established

There are two important benefits from packet switching.

1. The first and most important benefit is that since packets are short, the communication links betweenthe nodes are only allocated to transferring a single message for a short period of time while

transmitting each packet. Longer messages require a series of packets to be sent, but do not require thelink to be dedicated between the transmission of each packet. The implication is that packets belongingto other messages may be sent between the packets of the message being sent from A to D. Thisprovides a much fairer sharing of the resources of each of the links.

2. Another benefit of packet switching is known as "pipelining". Pipelining is visible in the figure above.At the time packet 1 is sent from B to C, packet 2 is sent from A to B; packet 1 is sent from C to D whilepacket 2 is sent from B to C, and packet 3 is sent from A to B, and so forth. This simultaneous use ofcommunications links represents a gain in efficiency; the total delay for transmission across a packetnetwork may be considerably less than for message switching, despite the inclusion of a header in eachpacket rather than in each message.

Book ID: B0814

3. Explain the different classes of IP addresses with suitable examples.Ans: a. In order to provide the flexibility required to support different size networks. The designersdecided that the IP address space should be divided into five different address classes. They are

1. Class A

2. Class B

3. Class C

4. Class D

5. Class E

Primary addresses

Out of five the three classes are called Class A, Class B, and Class C. These three classes together areoften referred to as "classful" addressing or primary address class.

Fig. 2.1(a): Principle Classful IP Address Formats

Each class fixes the boundary between the network-prefix and the host-number at a different pointwithin the 32-bit address. The formats of the fundamental address classes are illustrated in Figure2.1(a). One of the fundamental features of classful IP addressing is that each address contains a self-encoding key that identifies the dividing point between the network-prefix and the host-number.

Class A Networks (/8 Prefixes)

Each Class A network address has an 8-bit network-prefix with the highest order bit set to 0 and aseven-bit network number, followed by a 24-bit host-number. Today, it is no longer considered ‘modern’to refer to a Class A network. Class A networks are now referred to as "/8s" (pronounced "slash eight"or just "eights") since they have an 8-bit network-prefix.

A maximum of 126 (2 7 -2) /8 networks can be defined as shown in figure 2.1(b). The calculationrequires that the 2 is subtracted because the /8 network 0.0.0.0 is reserved for use as the default routeand the /8 network 127.0.0.0 (also written 127/8 or 127.0.0.0/8) has been reserved for the "loop back"function. Each /8 supports a maximum of 16,777,214 (2 24 -2) hosts per network. The host calculationrequires that 2 is subtracted because the all-0s ("this network") and all-1s ("broadcast") host-numbersmay not be assigned to individual hosts.

Since the/8 address block contains 231 (2,147,483,648) individual addresses and the IPv4 addressspace contains a maximum of 2 32 (4,294,967,296) addresses, the /8 address space is 50% of the totalIPv4 unicast address space.

Class B Networks (/16 Prefixes)

Each Class B network address has a 16-bit network-prefix with the two highest order bits set to 1-0 anda 14-bit network number, followed by a 16-bit host-number as illustrated in figure 2.1(b). Class Bnetworks are now referred to as"/16s" since they have a 16-bit network-prefix.

A maximum of 16,384 (2 14) /16 networks can be defined with up to 65,534 (2 16 -2) hosts per network.Since the entire /16 address block contains 2 30 (1,073,741,824) addresses, it represents 25% of thetotal IPv4 unicast address space.

Class C Networks (/24 Prefixes)

Each Class C network address has a 24-bit network-prefix with the three highest order bits set to 1-1-0and a 21-bit network number, followed by an 8-bit host-number as shown in figure 2.1(b). Class Cnetworks are now referred to as "/24s" since they have a 24-bit network-prefix. A maximum of 2,097,152(2 21) /24 networks can be defined with up to 254 (2 8 -2) hosts per network. Since the entire /24 addressblock contains 2 29 (536,870,912) addresses, it represents 12.5% (or 1/8th) of the total IPv4 unicastaddress space.

2.4.5 Other Classes

In addition to the three most popular classes, there are two additional classes as shown in figure 2.1 (b).This figure also shows the way we can distinguish these Classes of IP addresses from each other.

Class D Networks

These addresses have their leading four-bits set to 1-1-1-0 and the remaining 28 bits are used tosupport IP Multicasting.

Class E addresses

They have their leading four-bits set to 1-1-1-1 and are reserved for experimental use or future use.

Fig. 2.1(b): Class C and Class D addressing along with Class A, B & C

4. Discuss the following with respect to Internet Control Message Protocols:a. Congested and Datagram Flow control

b. Route change requests from routersc. Detecting circular or long routes

Ans: a. Congested and Datagram Flow control

As IP is a connectionless, a router cannot reserve communication resources or memory in advance ofreceiving datagram. Hence routers can be overrun with traffic. This situation is called networkcongestion or simply congestion.

Congestion arises because of two reasons:

1. A high speed computer generating traffic faster than a network can transfer

2. The datagram may need to cross a slower speed WAN .

When datagram arrive at host or router to process at faster rate, it enqueues them in memorytemporarily. So for small bursts temporary memory solves the problem. But if the traffic continues thememory will be exhausted and results in discarding the datagram. A machine uses ICMP source quenchmessages to report to the original source. It is request for the source to reduce its current rate of thedatagram transmission.

In general a router sends one source quench message for every datagram that they discard. There is noICMP message to reverse the effect of a source quench. As soon as any host gets this source quenchmessage, it lowers the rate at which the datagram it sends to that destination until it stops getting sourcequench messages. It then gradually increases the rate as long as further source quench messages arenot received.

Source quench format

Figure 5.5 source quench message format

The format of source quench message is as shown in figure 5.5. It contains the TYPE field equal to 4and CODE filed equal to 0. it contains a datagram prefix. As most ICMP messages report an error, thedatagram prefix field contains a prefix of the datagram that triggered the source quench request.

A congested router discards the datagram, sends one source quench request and the datagram prefixin source quench message identifies the datagram that was dropped.

b. Route change requests from routers

Routers are assumed to know the correct routes. Host begins with minimal routing information andlearns new routes from routers. Hosts initialize the Internet routing tables from a configuration file atsystem startup, system administrators make routing changes during normal operations. Whenever thenetwork topology changes, routing tables in routers or host may become incorrect. Routers exchangerouting information periodically to accommodate network changes and keep their routes up-to-date.

When a router detects a host using non optimal route, it sends the host an ICMP message calledredirect, requesting that the host must change its route to that specific destination. The router alsoforwards the original datagram.

Redirect message format

The Format for RE-DIRECT message as shown in figure 5.6. it contains the TYPE field with value equalto 5.

It contains a 32-bit ROUTER INTERNET ADDRESS field. It specifies address of the router that the hostis to use to reach the destination mentioned in the datagram. INTERNET HEADER which is also a 32-bit contains an IP header plus 64 bits of the datagram that invokes the message. A host that receivesICMP redirect message examines the datagram prefix to determine the datagram’s destination address.

Figure 5.6 Redirect message format

The CODE field is 8-bit long specifies how to interpret the destination address based on the valueswhich is illustrated in table 5.2.

Table 5.2: Code value of redirect message

CODE Value Meaning

0 Redirect datagram for the Net

1 Redirect datagram for the host

2 Redirect datagram for the type of service andNet

3 Redirect datagram for the type of service andHost

ICMP redirect message is sent to hosts only and not to routers.

c. Detecting circular or long routes

Internet routers use routing tables and error in routing table can produce routing cycle. A routing cyclecan consists of two or more routers in which the datagram is circulated among themselves only. Once adatagram enters a routing cycle it will pass around the cycle endlessly. To prevent this each datagramconsists of time to live field in IP header sometimes it is also referred to as hop count. A routerdecrements this time to live counter when ever it processes a datagram and discards the datagramwhen this counter hits zero.

Whenever a datagram is discarded by a router because of counter time out it sends an ICMP timeexceeded message back to the source of the discarded datagram.

Time exceeded message format

Figure 5.7 Time exceeded message format

The format for Time exceeded message is as shown in figure 5.7. A router sends this messagewhenever a datagram is discarded because

1. Time to live field of IP datagram header has reached zero.

2. re-assembling timer expires while waiting for more fragments of that datagram

It uses TYPE field value equal to 11. It supports two values for CODE filed 0 and 1 to specify the natureof time out being reported according to the list shown in table 5.3.

Table 5.3 Code value of Time exceeded message

CODE Value Meaning

0 Time to live count of IP datagramexceeded

1 Fragment re-assembling timer exceeded

Winter 2011Master of Computer Application (MCA) – Semester 3

MC0075 – Computer Networks– 4 Credits

(Book ID: B0813 & B0814)

Assignment Set – 2 (60 Marks)

Answer all Questions Each Question carries FIFTEEN Marks

Book ID: B08131. Discuss the following design issues of DLL:

a. Framingb. Error controlc. Flow control

Ans: a. FramingThe DLL translates the physical layer’s raw bit stream into discrete units (messages) called frames. That isbecause the physical layer just accepts a raw bit stream and to deliver it to the destination. This bit streamis not guaranteed to be error free. The number of bits received may be less than, equal to, or more thanthe number of bits transmitted. They may also have different values. It is up to DLL to detect and ifnecessary correct errors. If not correct at least detect errors and take proper action like ask forretransmission etc. The usual approach of DLL is to break the bit stream up into discrete frames and thenfor the purpose of error detection or correction, it uses some coding technique that finds some checksumfor each frame. When a frame arrives at the destination, the checksum is recomputed. If the newlycomputed checksum is different from the one contained in the frame, the DLL knows that an error hasoccurred and takes steps to deal with it.Now the question is how can the receiver detect frame boundaries? That is, how can the receiverrecognize the start and end of a frame? Thus breaking the bit streams up into frames is more difficult thanit appears to be. One way is to insert time gaps between frames, much like spaces used between words inordinary text. But hardly networks make any guarantees about timings, since it is too risky to count ontimings to mark start and end of each frame, other framing techniques have been devised and discussedbelow. Here in this unit we discuss four methods, that are used or even combinations of these methodsare used in different protocols.1. Length Count:Make the first field in the frame’s header be the length of the frame.

Figure 6.2: A character stream without errorsThe technique is illustrated as shown in figure 6.2 for three frames. The three frames are sizes 6, 5, and 4respectively and are indicated as character count. That way the receiver knows how big the current frameis and can determine where the next frame ends.Disadvantage: Receiver loses synchronization when bits become garbled. This is also illustrated as shownin figure 6.3.

Figure 6.3: A character stream with one error

If the bits in the count become corrupted during transmission, the receiver will think that the frame containsfewer (or more) bits than it actually does. For example: if the character count of 5 of frame ‘2’ is changedto charcter 6, the destination will get out of synchronization and considers that the next count is 8 insteadof 4. Although checksum will detect the incorrect frames, the receiver will have difficulty resynchronizing tothe start of a new frame. Thus subsequently all others frames also will be in error as it losses the start ofthe next all frames. Also the destination does not know how many characters to skip over to get to thestart of the retransmission. This technique is not used anymore, since better techniques are available but itconcept can be combined with other techniques and is used in some few protocols like length field used inEthernet frame.1. Character stuffing:This method gets around the problem of synchronization after an error by having each frame start and endwith special bytes. This method operates on bytes. The special bytes are reserved characters to indicatethe start and end of a frame. A serious problem occurs when binary data like floating point numbers orobject programs are transmitted. In such cases For instance, use the two-character sequence DLE STX(Data-Link Escape, Start of TeXt) to signal the beginning of a frame, and the sequence DLE ETX (End ofTeXt) to flag the frame’s end.Example 1: What happens if the two-character sequence DLE ETX happens to appear in the frame itself?Solution: Use character stuffing; within the frame, replace every occurrence of DLE with the two-character sequence DLE DLE. The receiver reverses the processes, replacing every occurrence of DLEDLE with a single DLE.Example 2: If the frame contained “A B DLE D E DLE”, the characters transmitted over the channel wouldbe “DLE STX A B DLE DLE D E DLE DLE DLE ETX”.In past years the starting and ending bytes were different as discussed above (STX and ETX). But inrecent years most protocols have used the same byte, called a flag byte, as both starting and endingdelimiter as shown in figure 6.4.Thus in this way, if the receiver ever loses synchronization, it can just search for the flag bytes to find theend of the current frame. Two consecutive flag bytes indicate the end of one frame and the start of thenext second (next) frame. A similar problem arises as discussed above when the data might contain flagbit pattern which usually interferes with the framing. same way as before we can solve this problem. Thesolution is to have sender DLL insert a special escape byte (ESC) just before each accidental flag byte inthe data as shown in figure 3.4.

Figure 6.4: (a) A frame delimited by flags (b) examples before andafter byte stuffingThe DLL of destination machine upon receiving these frames removes the escape byte before the dataare given to the network layer. This technique is called byte stuffing or charcter stuffing. Thus a framingflag byte can be distinguished from the one in the data by the absence or presence of an escape characterbefore it.Example 3: What happens if an escape byte occurs in the middle of the data?Solution:As shown in figure 3.4, it is also stuffed with an escape byte. Thus a single byte is a part of an escapesequence, where as a doubled one indicates that a single escape occurred naturally in the data.Disadvantage: character is the smallest unit that can be operated on. That is smallest unit is 8-bits. Andnot all architectures are byte oriented. For example UNICODE uses 16 bit characters.1. Bit Stuffing:This new technique allows data frames to contain an arbitrary number of bits and allows character codesof arbitrary number of bits per character. This method uses reserved bit patterns to indicate the start andend of a frame. For instance, use the 8-bit sequence of “01111110” also called as flag pattern to delimitconsecutive frames. A frame consists of everything between two delimiters.Example 4: What happens if the reserved delimiter happens to appear in the frame itself?Solution:Use bit stuffing. Within the frame, replace every occurrence of five consecutive 1’s with five one’s followedby a zero bit.

Likewise, the receiver converts five consecutive 1’s followed by a 0 into five 1’s, but recognizes the01111110 sequence as the end of the frame. Just as byte stuffing, the bit stuffing method is alsocompletely transparent to the network layer. That is if the users data contains the flag pattern “01111110”it is transmitted as “011111010” but stored in the receivers memory as 01111110.Bit stuffing is illustrated with an example as shown in figure 6.5.

Figure 6.5: Bit stuffingBy using bit stuffing, locating the start/end of a frame is easy, even when frames are damaged. Thereceiver simply scans arriving data for the reserved patterns. Moreover, the receiver will resynchronizequickly with the sender as to where frames begin and end, even when bits in the frame get garbled.Disadvantage: The main disadvantage with bit stuffing is the insertion of additional bits into the datastream, wasting bandwidth. How much expansion? The precise amount depends on the frequency inwhich the reserved patterns appear as user data.1. Encoding Violations:This method is applicable only to the networks in which encoding on the physical medium contains someredundancy. That is send a signal that doesn’t conform to any legal bit representation. In Manchesterencoding, for instance, 1-bits are represented by a high-low sequence and 0-bits by low-high sequences.The start/end of a frame could be represented by the signal low-low or high-high.Advantage: Advantage of encoding violations is that no extra bandwidth is required as in bit-stuffing. TheIEEE 802.4 standard uses this approach.Finally, some systems use a combination of these techniques. IEEE 802.3, for instance, has both a lengthfield and special frame start and frame end patterns.

b. Error controlError control is concerned with insuring that all frames are eventually delivered and possibly in order to adestination as they are sent from the source. How? Three items are required.Acknowledgements:Typically, reliable delivery is achieved using the “acknowledgments with retransmission’’. Here thereceiver returns a special acknowledgment (ACK) frame to the sender indicating the correct receipt of aframe. In some systems, the receiver also returns a negative acknowledgment (NACK) for incorrectly-received frames. This is nothing more than a hint to the sender so that it can retransmit a frame right awaywithout waiting for a timer to expire.

Timers:One problem that simple ACK/NACK schemes fail to address is recovering from a frame that is lost, andas a result, fails to solicit an ACK or NACK. What happens if an ACK or NACK becomes lost?Retransmission timers are used to resend frames that don’t produce an ACK. When sending a frame,schedule a timer to expire at some time after the ACK should have been returned. If the timer goes off,retransmit the frame.Sequence Numbers:Retransmissions introduce the possibility of duplicate frames. To suppress duplicates, add sequencenumbers to each frame, so that a receiver can distinguish between new frames and old copies.In data communication, line noise is a fact of life (e.g., signal attenuation, natural phenomenon such aslightning, and the telephone repairman). Moreover, noise usually occurs as bursts rather thanindependent, single bit errors. For example, a burst of lightning will affect a set of bits for a short time afterthe lightning strike. Detecting and correcting errors requires redundancy — sending additional informationalong with the data.c. Flow controlFlow control deals with throttling the speed of the sender to match that of the receiver. Usually, this is adynamic process, as the receiving speed depends on such changing factors as the load, and availability ofbuffer space.There are two approaches1. feedback-based flow control2. rate based flow controlIn feedback-based flow control, the receiver sends back information to the sender giving it permission tosend more data or at least telling the sender how the receiver is doing.

In rate based flow control, the protocol has a built in mechanism that limits the rate at which senders maytransmit the data without using feedback from the receiver.DLL deals implements the flow control using the feedback-based techniques. And Rate based flow controlmethods are not used in the data link layer.

2. Discuss the following with respect to Routing algorithms:

a. Shortest path algorithm

b. Floodingc. Distance vector routing

Ans: a. Shortest path algorithmThis technique is widely used because of its simplicity and easy to understand. It is a static algorithm.Consider a subnet given in figure 8.4 (a). Several algorithms for computing shortest path between the twonodes of a graph are known. We will be discussing the Dijkstra method.

Figure 8.4: The computation of shortest path*Note: The arrow in figure indicates the working nodeEach node of the graph is labeled with its distance from the source node along the best possible knownpath. Initially no paths are known, so all nodes are labeled with infinity. As the algorithm proceeds andpaths are found, the labels change, reflecting better paths. A label may be either permanent or tentative.Initially all labels are tentative. When it is discovered that a label represents the shortest possible pathfrom source to that node, it is made permanent and never changed later.Now referring to the figure 8.4, (a) is a directed graph where the metric used is a distance. The steps forfinding the shortest path from A node to D node are illustrated in figure 8.4 from (b) to (f). To start withmark the node A as permanent indicated by darkening the node A as shown in above figure (a). Then wemake changes at all the adjacent nodes of A, relabeling them with the distance to A. Then we examine thenodes that are labeled recently and then choose the node with the smallest label as permanent as shownin figure8.4 (b).Now examine all the adjacent nodes of B. If the sum of the label on B and the distance from B to the nodebeing considered is less than the label on that node, we have a shorter path, so the node is relabeled.After all nodes adjacent to the working node have been inspected and tentative labels changed, the entiregraph is searched for the tentatively labeled node with the smallest value. This node is made permanent.This method continues until the destination node is obtained. The steps are clearly indicated in figure 8.4(c) to (f), and the shortest path is ABEFHD with distance equal to 10kms as metric.One way of measuring path length is the number of hops and another is the distance in kilometers. Manyother metrics are possible like each arc labeled with the mean queuing and transmission delay for somestandard test packets. With this graph labeling the shortest path is the fastest path. In general the labelson the arcs could be computed as a function of distance, bandwidth, average traffic, communication cost,mean queue length, measured delay and other factors.

b. FloodingThis is also a static algorithm in which every incoming packet is sent out on every outgoing line except theone it arrives on. This method usually generates vast number of duplicate packets.One measure to control the large number of duplicate packets is to have a hop counter contained in theheader of each packet. This hop counter is decremented on every hop, and when it hits zero the packet isdiscarded. Initially the in worst case the hop counter may contain the value equal to the full diameter of thesubnet.Another technique is to keep track of which packets have been flooded, to avoid sending them out for asecond time. To achieve this we need to put a sequence number in each packet it receives from its hosts.

Each router then needs a list per source router telling which sequence numbers originating at that sourcehave already been seen. If the incoming packet is on the list it is not flooded. The list is augmented by acounter to prevent it from growing without bound.A variation of flooding is selective flooding. Here packet is flooded not on every line but only in the rightdirection.Flooding is not practical in most applications. But it is widely used in military applications. It is used insituations where it is necessary to update all the data bases concurrently. It is used in wireless networks.Flooding always chooses the shortest path because it chooses every possible path in parallel. Hence noother algorithm can produce a shorter delay ignoring the overhead used for flooding.

c. Distance vector routingIt is a dynamic routing algorithm. Distance vector routing algorithm consists of a data structure called arouting table. Each router maintains a table. It is basically a vector that keeps track of best known distanceto each destination and which line to use to get there. These tables are updated by exchanginginformation with the neighbors. Distance vector algorithms use the Bellman-Ford algorithm. This approachassigns a number, the cost, to each of the links between each node in the network. Nodes will sendinformation from point A to point B via the path that results in the lowest total cost (i.e. the sum of the costsof the links between the nodes used).The algorithm operates in a very simple manner. When a node first starts, it only knows of its immediateneighbors, and the direct cost involved in reaching them. (This information, the list of destinations, the totalcost to each, and the next hop to send data to get there, makes up the routing table, or distance table.)Each node, on a regular basis, sends to each neighbor its own current idea of the total cost to get to all thedestinations it knows of. The neighboring node(s) examine this information, and compare it to what theyalready ‘know’; anything, which represents an improvement on what they already have, they insert in theirown routing table(s). Over time, all the nodes in the network will discover the best next hop for alldestinations, and the best total cost.When one of the nodes involved goes down, those nodes which used it as their next hop for certaindestinations discard those entries, and create new routing-table information. They then pass thisinformation to all adjacent nodes, which then repeat the process. Eventually all the nodes in the networkreceive the updated information, and will then discover new paths to all the destinations which they canstill "reach".The metric used here is the number of hops, time delay in milliseconds, total number of packets queuedalong the path. Assuming the metric is delay, the router can measure the it directly with special ECHOpackets that the receiver just timestamps and sends back as fast as it can. Along with this measurementall the routers sends a vector of only distance to each of its neighbors once every T ms. It also receives asimilar one from its neighbors.Consider as an example to compute the routing table at J of the subnet shown in figure 8.5. The tableused in this method consists of two parts1. Preferred out going line to use for that destination2. An estimate of the time or distance to that destination.

Figure 8.5: A subnetThe updating process at J node is illustrated in figure 8.6 for a subnet given in figure 8.5.The first four column show the delay vectors received from the neighbors of router J. A has delay of 12msto B, 25 ms to C, and so on. Consider that J has measured the direct delay by sending ECHO packet to A,I, H, and K as 8, 10, 12, and 6 ms respectively. Now J computes the distance to all the routers using allpossible routes and best possible option is retained in the new table.

Figure 8.6: updating of routing table at JFor example J computes new route to G has four options listed below:1. using the outgoing line A :delay (J to G) = direct delay (J to A)+ delay (A to G) = 8 +18 =26 ms2. using the outgoing line I :delay (J to G) = direct delay (J to I)+ delay (I to G) = 10 +31 =41 ms3. using the outgoing line H :delay (J to G) = direct delay (J to H)+ delay (H to G) = 12 +6 =18 ms4. using the outgoing line K :delay (J to G) = direct delay (J to K)+ delay (K to G) = 6 +31 =37 msThe best of these four options for transmission from J router to G router has a delay of 18 ms and thepacket is transmitted to H, from H how it is forwarded further to G is the responsibility of H. Similarly Jcomputes delay to all the nodes from A to L and is as shown in the last column of figure 8.6.Count to infinity problemDistance vector routing has a serious drawback. It converges but the time required in some cases is toomuch. This problem can be stated as “Good news propagates fast and bad news takes a very large delay”Here good news means that the station is up and bad news mean the station is down. To record thedistance as infinity, for the node that is down, it takes large number of hops and hence the name given ascount to infinity problemFigure below illustrates the situation of good news and bad news propagating to all the nodes as shown infigure 8.7 (a) and (b) respectively.

Figure 8.7: count to infinity problem

Book ID: B08143. Describe the following:

a. IGPb. OSPFc. OSPF Message formats

Ans: a. IGPTwo routers within an autonomous system are said to be interior to one another. The administrator keepsa table of networks and updates the table when ever a new network is added to or deleted from the AS. Ifthe internet changes the manager must reconfigure the routes in all machines.In internet architectures that have multiple paths, managers usually choose one to be the primary path. Ifrouters along the primary path fail, routes must be changed to send traffic along the alternate path.

Changing routes manually is both time consuming and error prone. Hence automated system is usedwhich changes routes quickly and reliably.Task of Automated system to keep Network reach ability accurate. Routers communicate with oneanother, exchanging either network reachability information or data. Once reachability for the entireautonomous system is deduced it is advertised by one of the routers to another autonomous system usingEGP.DefinitionThe term Interior gateway protocol (IGP) is a generic description that refers to any algorithm that interiorrouters use when they exchange networks reachability and routing information. Figure 6.1 illustrates theautonomous systems. Each of the autonomous system uses an IGP to propagate information among itsinterior routers.Few routers run BGP to advertise reachability also needed to run an IGP to obtain information from withintheir autonomous system.A single router may use two different protocols simultaneously, one for communication within itsautonomous system and the other for communication outside its autonomous system.

Fig. 6.1

RIPOne of the most widely used IGPs is Routing Information protocol (RIP). It is also known by the softwarecalled routed. This routed software was originally designed at university of California, to provide consistentrouting and reachability information among the machines on their local network. It relies on physicalnetwork broadcast to make routing exchanges quickly.RIP is a straight forward implementation of distance vector routing for local networks. RIP partitionsmachines into active and passive. Actives Machines are those that advertise their routes to others. Andpassive machines are also called silent machines that listens to RIP messages and use them to updatetheir routing table but do not advertise. Only a router can run RIP in active mode and host use passivemode.A router running RIP in active mode broadcasts the update messages every 30 seconds. Each updatecontains a set of pairs, where each pair contains an IP network address and an integer distance to thatnetwork. RIP uses hop count as a metric to measure distance. The number of hops or hop count refers tothe number of routers that a datagram encounters along the path from source to destination. RIP uses 16as legitimate hop count. Both active and passive machines listen to all broadcast messages and updatetheir tables accordingly to the distance vector algorithm described earlier.Three major problems of RIP that should be taken care are:1. It does not explicitly detect routing loops.2. To prevent instabilities, RIP must use low count for maximum possible distance.3. RIP suffers from slow convergence or count to infinity problem. Choosing low hop count a small infinityhelps limit this problem but does not eliminate it.Few techniques like triggered updates, poison reverse and split horizon were used to solve slowconvergence. These techniques solve some problems but introduce others.

Hello protocolThe HELLO protocol is an IGP that uses a routing metric other than hop count. It is a protocol that uses ametric of delay.It provides two functions1. it synchronizes the clocks among a set of machines.2. it allows each machine to compute shortest delay path to destination.

Thus HELLO messages carry timestamp information as well as routing the basic idea of this protocol iseach machine participating in the HELLO exchange maintains a table of its best estimate of clocks in theneighboring machine. Before transmitting a packet a machine adds its timestamp by copying the currentclock value into the packet. When a packet arrives, the receiver computes an estimate of the current delayon the link or subtracting the time stamp on the incoming packet from the local estimate for the currentclock in the neighbor. Periodically machines poll their neighbors to reestablish estimate of clock.HELLO messages also allow machines to compute new routes. This protocol uses modified distancevector algorithm with delay as metric. This protocol is a obsolete now.

b. OSPFA working group of the Internet Engineering Task Force has designed an interior gateway protocol thatuses link state algorithm. This protocol as said earlier is called Open Shortest Path First (OSPF).6.3.1 GoalsThe group designing the new protocol had a long list of requirements to be met and set goals for OSPFprotocol. These goals are listed below:1. The algorithm had to be published in the OPEN literature. Hence “O’ in OSPF stands for OPEN. MakingOPEN standard anyone can implement without paying license fees, and this has encouraged manyvendors to use OSPF.2. A protocol should support a variety of distance metric, including physical distance, delay and so on.3. It had to be a dynamic algorithm, one that adapted to the changes in the topology automatically andquickly.4. OSPF includes type of service routing. It is first TCP/IP protocol to offer type of service routing. That iswhen routing a datagram, a router running OSPF uses both destination address and type of service field inan IP header to choose a route.5. OSPF provides load balancing. Manager specifies multiple routes to a given destination at the samecost if available, and then splits the load over these lines. Again it is first IGP’s to offer load balancing.Note that RIP computes a single route to each destination.6. OSPF supported hierarchical systems.7. To provides some form security, It specifies that all exchanges between routers can be authenticated.8. It supports host specific, subnet specific, classless as well as classful specific routes. All types of routesmay be needed in a large Internet.9. OSPF managers describe a virtual network topology that abstracts away the details of physicalnetworks. This permits maximum flexibility.Working of OSPFOSPF supports three kinds of connection and networks1. Point to pint lines between exactly two routers.2. Multi-access networks with broadcasting.3. Multi-access networks without broadcasting.A multi-access network is one that can have multiple routers on it, each of which can directly communicatewith all the others. All LANs and WANs have this property. Figure 6.2 shows an AS showing all three kindsof networks. Hosts generally do not play a role in OSPF.

Fig. 6.2(a): An Autonomous system (b) graph representationOSPF operates by abstracting the collection of actual networks, Routers and lines into a redirected graph.Each arc in graph is assigned a weight or cost. The cost can be any metric like delay, distance, etc. It thencomputes the shortest path based on weights on the arcs.A serial connection between two routers is represented by a pair of arc, one in each direction. Theirweights may be different. A multi-access network is represented by a node for the network itself plus anode for a router. The arcs from the network node to the routers have weight zero and are omitted fromthe graph.Many ASes in the internet are themselves large and nontrivial to manage. Also one of the goal is toprovide hierarchical system. Hence ASes are divided into numbered areas as shown in figure 6.1. An area

is a network or a set of contiguous network. Areas do not overlap and some routers may belong to noarea. An area is generalization to a subnet. Outside an area, it topology and details are not visible. EveryAS has a backbone area, called area zero. All areas are connected to the backbone via tunnels. Within anarea, each router has the same link state database and runs the same shortest path algorithm. Its mainjob is to calculate the shortest path from itself to every other router in the area, including the routerconnected to the backbone. At least one router of every area is connected to the backbone. A router thatconnects to two areas run the shortest path algorithm for each one separately.During normal operation, three kinds of routes may be needed:1. intra-area2. interarea3. inter ASIntra area routes are the easiest, since source router knows the shortest path to destination router.Interarea routing always proceeds in three steps:1. go from source to backbone2. go across the backbone to the destination area3. go to the destinationThis algorithm forces the star configuration with the backbone being the hub and the areas being thespokes. Packets are routed to the destination as they are and not encapsulated or tunneled unless goingto an area whose connection to the backbone is a tunnel.OSPF distinguishes four types of routers which are illustrated in figure 6.1.1. Internal routers which are seen within one area2. area border routers connect two or more areas3. Backbone routers that are seen on the backbone4. AS boundary routers talk to routers in other ASesOSPF Message HeaderOSPF works by exchanging information between adjacent routers and the information includes updatemessages. Each OSPF message begins with a fixed 24-octet header as shown in figure 6.3.

Fig. 6.3: 24-Octet OSPF message header· VERSION field specifies the version of the protocol.· TYPE field specifies different types of message· SOURCE ROUTER IP ADDRESS field specifies the 32-bit IP address of the sender· AREA ID field specifies the 32-bit identification number for the area· AUTHENTICATION TYPE field specifies which authentication scheme is used. Every message caninclude authentication.Currently there are only two authentication types are recognized:· Zero(0) : indicates no authentication· One (1) indicates a simple password used.

c. OSPF Message FormatsTYPE Meaning1 Hello – used to test reachability2 Database description – topology3 Link state request4 Link state update5 Link state acknowledgementFig. 6.4 OSPF Message TypesIn OSPF each pair of adjacent router checks to see who has the most recent data, and new information isspread throughout the area. All the messages are sent as raw IP packets. Five kinds of messages areused whose number is specified in the message header in the field MESSAGE TYPE. These messagetypes are summarized in figure 6.4.Each one is discussed in the following sections along with their formats.Hello Message format

Fig. 6.5: OSPF HELLO message formatWhen a router boots, it sends a HELLO message on all point to pint links and multicast them on LANs tothe group consisting of all other routers on WANs.It needs some configuration information who to contact. And from the responses each router learns whoits neighbors are. Also OSPF sends these messages on each link periodically to establish and test theneighbor reachability. The hello message format is as shown in figure 6.5.Fields of HELLO message formats are:· NETWORK MASK: It contains mask for the network over which the message has been sent.· DEAD TIMER: gives a time in seconds after which a non responding neighbor is considered dead.· HELLO INTER: is the normal period, in seconds between hello messages.· GWAY PRIO: is the integer priority of this router, and is used in selecting a backup designated router.Basically it is inefficient to have every router on a LAN talk to every other router on the LAN. To avoid thissituation, one router is elected as designated router. It is said to be adjacent to all other router s on LANand It exchanges information with them. A backup designated router is always kept up to date to ease thetransition when the primary designated router crash.· DESIGNATED ROUTER: This contains the IP address that give sender’s view of the designated routerfor the network over which the message is sent.· BACKUP DESIGNATED ROUTER: This also contains the IP address that give sender’s view of thebackup designated router for the network over which the message is sent.· NEIGHBOR IP ADDRESS: gives the IP addresses of all neighbor’s from which the sender has recentlyreceived hello messages.Database description message formatRouters exchange the OSPF database description messages to initialize their network topology database.In exchange one machine serves as a master and the other a slave.

Fig. 6.6: OSPF DATABASE DESCRIPTION message formatThe slave acknowledges each database description message with a response. The format of databasedescription message is as shown in figure 6.6.The fields of this message are discussed below:· Flags I, M,: Because the database can be large it is divided into several messages.- Flags I: that it is initial message.- Flags M: when this bit is set it indicates that there are yet additional messages to be followed.· Flag S: when this bit is set it indicates, that the message is sent by the master else by slave.· DATABASE SEQUENCE NUMBER: specifies the sequence number of the messages so that thereceiver can tell if any one is missing. The initial message contains a random integer R, subsequentmessages contain sequential integers starting at R.· LINK TYPE: describes a link according to the following table.Table 6.1: Link typeLINK Meaning

TYPE1 Router link2 Network link3 Summary link – IP network

4 Summary link – link to borderrouter

5 External link – link to another site LINK ID: gives identification for the link. That is IP address of a router or a network depending on

the LINK TYPE ADVERTIZING ROUTER: specifies the address of the router advertising this link LINK SEQUENCE NUMBER: contains an integer generated by that router to ensure that

messages are not missed or received out of order. LINK CHECKSUM: this field provides assurance that the link information has not been corrupted. LINKAGE: this field helps order the messages – it gives the time in seconds since the link was

established.Link state request message format

Fig. 6.6: Link state request message formatAfter exchanging database description messages with a neighbor, the router may discover that parts ofthe database are out of date. The router sends this message to request the neighbor to supply updatedinformation about the specific set of links.And the specific set of links is identified by using the LINK type, LINK ID, and the address of the router.Link state updateEach router floods link state update messages to each of its destination. A router sends this message tobroadcast information about its directly connected links to all other routers. This message gives its stateand provides the cost used in the topological database.The format Link status update message is as shown in figure 6.7.

Fig. 6.7: Link Update message formatEach link status advertisement has a header format as shown in figure 6.8. The Fields used in the headerof link status advertisements are same as seen in the database description message. Following theheader there is one of the four possible formats to describe:· The links from a router to a given area· The links from a router to a specific network· The links from a router to the physical network a single or subnetted IP network· The links from a router to networks at other sites.Thus a router, that receives the link status update message, knows exactly which of the describeddestination lie inside the site and which are external.

Fig. 6.8: Header of link status advertisement.Routers also send these messages when a line goes up or down or when its cost changes.

Link state acknowledgementThe Link state acknowledgement message acknowledges the link state update.

4. Describe the following with respect to Internet Security:a. Cryptographyb. DES Algorithm

Ans: a. CryptographyThe main constraint on cryptography is the ability of the code to perform the necessary transformation.From the top-secret military files, to the protection of private notes between friends, various entities overthe years have found themselves in need of disguises for their transmissions for many different reasons.This practice of disguising or scrambling messages is called encryption.Encryption Model

Figure 9.1 the encryption model

The encryption model is given in figure 9.1. The message to be encrypted is known as plain text P, aretransformed by a function that is parameterized by a key. The out put of the encryption process, known ascipher text, is then transmitted, often by message or by radio etc. we assume that an enemy refered to asan intruder, hears and accurately copies down the complete text. He does not know what decryption key isand hence cannot decrypt the ciphertext easily. We recognize intruder in two different types. An intruder,which can simply listen, record and play them back later called an passive intruder. There can be anintruder who may inject his own message or modify the messages before they get to receiver is called anactive intruder.The art of breaking the cipher is called cryptanalysis. And the art devising them is called cryptology.Relation between plain text P, cipher text C and keys is given below:1. C = EK (P)This equation means that the encryption of plain text P using the key K gives the cipher text C.Similarly we have2. P = DK (C)This equation means that the decryption of cipher text C using the key K gives the plain text P. thus using1 and 2 equations we get3. P = DK (C = EK (P))P = DK (EK (P))Here E and D are just mathematical functions.A fundamental rule of cryptography is that one must assume that the cryptography knows the methodused for encryption and decryption. Thus cryptanalyst knows how the encryption method E and decryptionmethod D mentioned in figure 9.1 work.They consist of a relatively short string that selects one of many potential encryptions. Basic model isbased on Kirchoff’s principles. The idea that the cryptanalyst knows the algorithm and the secrecy liesexclusively in the keys is referred to as Kirchoff’s principle.

Substitution cipherThe first encrypted messages were developed in ancient Egypt as series of disordered hieroglyphics. Thismeans of encryption was very simple, utilizing a method called simple substitution. The original message,or plaintext, was encoded using a substitution cipher. Each letter (or picture) of the plaintext was simplyreplaced by another letter of the alphabet, resulting in the encoded message, or cipher text.For example:The message or the plain text is “ ATTACK “Could be encrypted as, “BUUBDL”In this example, each letter of the plaintext was simply replaced with the next letter in the alphabet. That isthe key used is +1. Actually, this example is a special form of substitution cipher known as a CaesarCipher, attributed to Julius Caesar.

An alphabet is an ordered set of symbols. For example, the normal English alphabet consists of thesymbols {A, B, C,…, Z}. is an ordered set of symbols. A simple substitution is one in which each letter ofthe plaintext is always replaced by the same cipher text symbol. In other words, there is a 1-1 relationshipbetween the letters of the plaintext and the cipher text alphabets.For the normal English alphabet, how many different cipher text alphabets can we get if we use the sameletters? In other words, in how many different ways can we permute or rearrange the English alphabet?The answer is 26!. That’s approximately equal to the 403291461126605635584000000. To understandhow we got that number imagine that you are given the task of making an arbitrary permutation of theEnglish alphabet. You have to make 26 choices.On the first choice you can choose any one of the 26 letters in the alphabet. On the second choice youcan choose any one of the remaining 25 letters. On the third choice you can choose any one of theremaining 24 letters. And so on. On the last choice, there is just one letter remaining. So, in all there are26! = 26 x 25 x 24 x … x 1 different ways to make these choices.Although there are 26! Possible cipher text alphabets, any fan of puzzle books or newspaper cryptogramsknows that simple substitution ciphers are relatively easy to break by hand by analyzing letter frequenciesand guessing at common words.The nine most frequent letters in English are E, T, N, A, O, R, I, S, and H. The five letters that occur leastoften are J, K, Q, X, and Z. Generally, we would need a letter of considerable length in order to make verygood use of our knowledge of letter frequencies.The most common two letter combinations or digrams are: th, in, er, re, and an etc.The most common three letter combinations or trigrams are : the, ing, and, and ion.For example, consider the following cipher text message from an account firm: It is arranged into group offive:CTBMN BYCTC BTJDS QXBNS GSTJC BTSWX CTQTZ CQVUJQJSGS TJQZZ MNQJS VLNSX VSZJU JDSTS JQUUS JUBXJDSKSU JSNTK BGAQJ ZBGYQ TLCTZ BNYBN QJSWA likely word will be financial in an accounting firm:The financial word has repeated letter (i ), with four other letters between their occurrences. We look forrepeated letters in the cipher text with four letter spacing.We get at positions: 6, 15, 27, 31, 42, 48, 56, 66, 70, 71, 76, and 82.The next letter to i is n which is also repeated with one letter between them.Only two out of these 31 and 42 have the repeated in proper place. And now we have only 31 has theletter a correctly positioned. Thus we know financial begins at position 30.Substitution preserves the order of the plain text but disguise them. Thus deducing key is easy by usingthe frequency statistics for English text or may be any language.

Transposition cipherTransposition cipher reorders the letters but do not disguise them. The key can be a word or a phrasewithout any repeated letters. There are two variants:1. Columnar Transposition2. Row TranspositionThe purpose of the key is to number the columns in case of columnar transposition cipher or to numberthe rows in case of row transposition cipher.We discuss the columnar transposition cipher with an example illustrated in Figure 9.2 to 9.4.

Figure 9.2: the pain textConsider a plain text which is string of characters as shown in figure 9.2. The key used in this example is“MEGABUCK”. The characters are numbers according to the order of alphabets as shown in figure 9.3.

Figure 9.3: Matrix used in columnar transposition cipher

In case of columnar transposition cipher, arrange the plain text below the key word in sequencehorizontally or in row wise, padded to fill the matrix as shown in figure 9.3.To obtain cipher text read the characters by column, starting with the column whose key letter is lowest.· In this example first the column heading letter ‘A’ of the key, that is fourth column is read out.· Then the column heading letter ‘B’ of the key, that is fifth column is read out.· Then the column heading letter ‘C’ of the key, that is seventh column is read out.· Then the column heading letter ‘E’ of the key, that is second column is read out.· Then the column heading letter ‘G’ of the key, that is third column is read out.· Then the column heading letter ‘K’ of the key, that is eighth column is read out· Then the column heading letter ‘M’ of the key, that is first column is read out.· Then the column heading letter ‘U’ of the key, that is sixth column is read outHence the cipher text for this example is as shown in figure 9.4.

Figure 9.4 the Cipher text

Similarly in case of row transposition cipher, we arrange the plain text characters column wise and obtainthe cipher text by reading out row wise selecting the row with respect to the order of the characters of thekey.

b. DESThe Data Encryption Standard (DES) is a cipher a method for encrypting information selected as anofficial Federal Information Processing Standard (FIPS) for the United States in 1976. The algorithm wasinitially controversial, with classified design elements, a relatively short key length, and suspicions about aNational Security Agency (NSA) backdoor.DES consequently came under intense academic scrutiny, and motivated the modern understanding ofblock ciphers and their cryptanalysis. DES is now considered to be insecure for many applications. This ischiefly due to the 56-bit key size being too small. The algorithm is believed to be practically secure in theform of Triple DES, although there are theoretical attacks. In recent years, the cipher has beensuperseded by the Advanced Encryption Standard (AES).DescriptionDES is the block cipher, an algorithm that takes a fixed-length string of plaintext bits and transforms itthrough a series of complicated operations into another cipher text, bit string of the same length. In thecase of DES, the block size is 64 bits. DES also uses a key to customize the transformation, so thatdecryption can only be performed by those who know the particular key used to encrypt. The algorithm isparameterized by a 56 bits key and has 19 distinct stages. Eight bits are used solely for checking parity,and are thereafter discarded. Hence the effective key length is 56 bits, and it is usually quoted as such.Like other block ciphers, DES by itself is not a secure means of encryption but must instead be used in amode of operation.Overall structure

Figure 9.7: the overall Feistel structure of DES

The algorithm’s overall structure is shown in Figure 9.7. There are 16 identical stages of processing,termed rounds. There is also an initial and final permutation, termed IP and FP, which are inverses (IP"undoes" the action of FP, and vice versa). IP and FP have almost no cryptographic significance, but wereapparently included in order to facilitate loading blocks in and out of mid-1970s hardware, as well as tomake DES run slower in software.Before the main rounds, the block is divided into two 32-bit halves and processed alternately; this criss-crossing is known as the Feistel scheme. The Feistel structure ensures that decryption and encryption arevery similar processes — the only difference is that the subkeys are applied in the reverse order whendecrypting. The rest of the algorithm is identical. This greatly simplifies implementation, particularly inhardware, as there is no need for separate encryption and decryption algorithms.The red symbol denotes the exclusive-OR (XOR) operation. The F-function scrambles half a blocktogether with some of the key. The output from the F-function is then combined with the other half of theblock, and the halves are swapped before the next round. After the final round, the halves are notswapped; this is a feature of the Feistel structure which makes encryption and decryption similarprocesses.

The Feistel (F) functionThe F-function, depicted in Figure 9.8, operates on half a block (32 bits) at a time and consists of fourstages:

Figure 9.8 —The Feistel function (F-function) of DES

Expansion – the 32-bit half-block is expanded to 48 bits using the expansion permutation, denoted E inthe diagram, by duplicating some of the bits.Key mixing – the result is combined with a subkey using an XOR operation. Sixteen 48-bit subkeys – onefor each round – are derived from the main key using the key schedule (described below).

Substitution – after mixing in the subkey, the block is divided into eight6-bit pieces before processing by the S-boxes, or substitution boxes. Each of the eight S-boxes replacesits six input bits with four output bits according to a non-linear transformation, provided in the form of alookup table. The

S-boxes provide the core of the security of DES – without them, the cipher would be linear, and triviallybreakable.

Permutations – finally, the 32 outputs from the S-boxes are rearranged according to a fixed permutation,the P-box.The alternation of substitution from the S-boxes, and permutation of bits from the P-box and E-expansionprovides so-called "confusion and diffusion" respectively, a concept identified by Claude Shannon in the1940s as a necessary condition for a secure yet practical cipher.

Key scheduleFigure 9.9 illustrates the key schedule for encryption. The algorithm which generates the subkeys. Initially,56 bits of the key are selected from the initial 64 by Permuted Choice 1 (PC-1) and the remaining eightbits are either discarded or used as parity check bits.The 56 bits are then divided into two 28-bit halves; each half is thereafter treated separately. In successiverounds, either halves are rotated left by one or two bits (specified for each round), and then 48 subkey bitsare selected by Permuted Choice 2 (PC-2): 24 bits from the left half, and 24 from the right.The rotations, denoted by "<<<" in figure 9.9 mean that a different set of bits is used in each subkey; eachbit is used in approximately 14 out of the 16 subkeys.

Figure 9.9: The key-schedule of DESThe key schedule for decryption is similar. It must generate the keys in the reverse order. Hence therotations are to the right, rather than the left.