Cmu Final2005springsoln

8/10/2019 Cmu Final2005springsoln

1/20

Carnegie MellonComputer Science Department.

15-441 Spring 2005

Final

Name:

Andrew ID:

INSTRUCTIONS:

There are 20 pages (numbered at the bottom). Make sure you have all of them.

Please write your name on this cover and at the top of each page in this booklet.

If you find a question ambiguous, be sure to write down any assumptions you make.

It is better to partially answer a question than to not attempt it at all.

Be clear and concise. Limit your answers to the space provided.

Question A B C D EPoints / / / / /

F G H I J/ / / / /


2/20

A Multiple Choice

1. Terry C. Packet implements a NAT box according to the basic NAT description. (It is not the morecomplicated port-translating NAT). Whenever Terrys NAT box sees a packet from a local address, itreplaces the source address with one of the boxs available global addresses and records the local addressto global address mapping. For some reason, Terry is unable to properly use certain TCP-based client

applications from behind the NAT box. Which of these reasons is a good explanation for the problem?(Circle ALL that apply)

A. The client application might be sending its IP address in the payload for the server to process.

Solution: YES. The NAT box needs to translate all IP addresses belonging to hostsbehind it, and the failing clients are said to be behind it. But the NAT box must knowwhere to find those IP addresses in the packet. Addresses in the end-to-end payload arelikely to slip through the NAT box unnoticed.

B. The server application might be sending its IP address in the payload for the client to process.

Solution: NO. Since the NAT box translates only IP addresses belonging to hosts be-hind it, and it is the client that is behind the NAT box, server IP addresses dont needtranslation. So there is no problem with carrying them in end-to-end payloads.

C. Terrys client is trying to communicate with a server that is behind the same NAT box, andthe NAT does not know how to forward those packets.

Solution: NO. Assuming that Terrys client application is not configured to use a proxyserver that is outside the private network, the path between a client and server that areboth behind the same NAT does not require address translation. If the NAT for somereason is in that path (for example, it is also acting as an ordinary forwarder) it will notlook in its translation table for addresses within the private network. And in its role asan ordinary forwarder it should have a route to the server.

D. Terry has forgotten to modify the Ethernet CRC sequence in the NAT after adjusting the IPsource address, so packets are being dropped by the switch at the other end of Terrys NATbox.

Solution:

NO. The Ethernet CRC is in the link-layer header. The link layer doesnt calculate the CRCuntil the NAT box calls on it to send the packet, so the CRC calculation automaticallyincludes any address translations the NAT box did. At the other end of the link, the linklayer may receive a packet with a bad CRC and discard it, but the reason for the badCRC cant be that the NAT box translated some network-layer address after calculationof the CRC.

2. Otto Pilot creates a new network for the 150 PC computers he mounted within his car. Each computersends indepenent UDP query/response packets to the other computers in the car when it needs to knowor do something. After running the OttoNet for a few days, Otto notices that network congestion

Page 2


3/20

occasionally causes a congestion collapse because too many packets are sent into the network, only tobe dropped before reaching the eventual destination. These packets consume valuable resources.

Which of the following techniques is likely to reduce the likelihood of a congestion collapse? (Circle ALLthat apply)

A. Increase the size of the queue in each router from 4 packets to 8 packets.

Solution: NO. There are two possibilities for the timeout value. First, suppose that Benused the answer to question 9 to set the timeout. Given a fixed timeout, lengtheningqueues would increase, not decrease, the chance of congestion collapse. The longer queuesmay cause clients to time out and resend their request packets, even though a response mayalready be on its way back. Second, suppose that Ben adjusted the timeout for the longerqueues. Doubling queue lengths certainly doesnt prevent congestion collapse, becausecongestion collapse can occur with queues of any length. There is no a priori reason tobelieve that it is less likely with 8-packet queues than with 4-packet queues. Increasingthe size of the queue to 8 packets might have a positive effect: some packets that wouldotherwise have been dropped might eventually reach their destination. However, it mightalso have a negative effect: packets that would otherwise have been dropped remain in thesystem and may cause congestion elsewhere.

B. Use exponential backoff in the timeout mechanism while retrying queries.

Solution: YES. Exponential backoff reduces the injection rate of packets to a level thatthe network can tolerate.

C. If a query is not answered within a timeout interval, multiplicatively reduce the maximum rateat which the client application sends OttoNet query packets.

Solution: YES. If this question had said current rather than maximum rate, it wouldhave exactly been exponential backoff. Reducing the maximum rate eventually producesthe same end result.

D. Use a flow control window at each receiver to prevent buffer overruns.

Solution: NO. Flow control windows apply to streams of data. OttoNet requests are notstreams, they are independent packets, each one of which may be delivered to a differentserver, so a flow control window is not applicable. Moreover, flow control is an end-to-endmechanism to ensure that a slow receivers buffers dont get overwritten by a fast sender.But the problem states that the server and client processing are both infinitely fast, soadding flow control would not accomplish anything.

3. We discussed three different routing protocols: link state routing (LS), distance vector routing (DV),and path vector routing (PV). Please answer the following questions by circling the protocol(s) for whichthe claim applies:

LS, DV, PV - Requires a map of the complete topology

Solution: LS

LS, DV, PV - Sends its routing table to its neighbors

Page 3


4/20

Solution: DV PV

LS, DV, PV - Requires flooding

Solution: LS

LS, DV, PV - Suffers the count to infinity problem

Solution: DV

LS, DV, PV - BGP is this type of routing protocol

Solution: PV

Page 4


5/20

B Short Answer

4. Why is there a minimum packet size on Ethernet?

Solution: To ensure that CDMAs collision detection works. The sender must ensure that they are

still transmitting one maximum bit round-trip later.

5. Why is there a maximum packet size on Ethernet?

Solution: A maximum packet size helps ensure that everybody gets a chance to talk, helps reducethe maximum amount of buffering needed in switches and routers, and reduces the amount of datathat is lost by a single error.

6. Give one reason that DNS lookups are run over UDP rather than TCP:

Solution: OK: Connection-setup overhead, short-duration interaction NOT OK: Header overhead

Page 5


6/20

7. Right before the final, Srini decides that hes had it with Pittsburgh weather and transfers to CMU-Qatar, taking the only copy of the final with him. Dave, being the new guy, is stuck with running theclass, and not wanting to re-write the whole thing, needs to get the final from Srini in a secure way.Using advanced gnome agents, a group of nefarious 441 students has somehow installed a device thatcan intercept and modify packets sent from Srini to Dave. The exam must not fall into undergraduatehands, or be replaced by a false exam!

Dave and Srini already have both PGP keys and other private keys for each other. These keys have notbeen compromised.

For each of the following methods, can the exam be stolen? Can it be replaced with another? Why?

(a) Srini sends the exam in plaintext.

(b) Srini signs the exam with his private key, sends it.

(c) Srini encrypts the exam with Daves public key, sends it.

(d) Srini encrypts the exam with Daves public key, signs it with his private key.

(e) Srini signs and encrypts the exam with a shared secret key.

(f) Srini and Dave use Diffie-Hellman to negotiate a session key, and encrypt the exam using that.

Page 6


7/20

C QoS

Consider the figure below showing a flow passing through 2 leaky buckets before it enters the network.

Packets Token

wait

remove

token

removetoken

Bucket

size

Bucket

size

sendto

network

Rate Rate

3000 1

100 pkts/sec 1000 pkts/sec

8. On the next page, you are shown 4 flow behaviors. Circle those which could have been generated by thetandem leaky bucket policer.

Solution: The 2nd and 4th graphs. The first graph is wrong because there can only be 3 secondsof peak rate 1000 pkts/sec. The third graph is wrong because the maximum number of packets ina single second is 1000.

Circle 1 correct graph (with or without anything else) 5 points. Circle 2 correct graphs (and nothingelse) 10 points. Circle 3 (or more) graphs: 5 points

Page 7


8/20

6000 6003 6004 6005 60066001 6002

122001210012000

11000

8000

10000

9000

t seconds

6000 6003 6004 6005 60066001 6002

50150250

1250

2250

3250

time t seconds

6000 6003 6004 6005 60066001 6002

230200150

32303330

time t seconds

6000

600,000

6001 6002 6003 6004 6005 60076006

600,100

600,600600,700

time t seconds

to network by time

t seconds

Packets delivered

to network by time

t seconds

Packets delivered

to network by time

t seconds

Packets delivered

to network by time

t seconds

Packets delivered

Page 8


9/20

D Label Swapping

You are trying to debug a problem with your companys virtual circuit-based network. A diagram of thenetwork is shown below. A, B, and C are hosts attached to the network. S1, S2, and S3 are switchesconfigured to act as label swapping virtual circuit switches.

C

1

3

24

1

3

24

1

3

24

A S1

S2

S3

B

The label swapping tables for the switches are configured as follows. Some of the entries are stale and notactually in use right now.

Switch Input Port Input Label Output Port Output Label

S1 2 2 3 4S1 4 2 3 1S1 4 17 2 2S2 2 19 4 2S2 3 1 2 19S2 3 2 2 15S2 3 5 4 2S2 4 2 2 1S2 4 1 4 1

S3 2 1 1 2S3 2 2 4 5S3 4 1 1 1S3 4 4 1 5

Page 9


10/20

9. Write the sequence of (Switch, Input Port, Input Label) tuples and the destination node and label foreach of these packets. Weve given you the start node and starting label. The intermediate tuples shouldlook like (S1, 1, 999) [e.g., switch S1, input port 1, label 999].

(a) Start node A, label 17.

Switch tuples:

Solution: (S1, 4, 17) (S2, 4, 2)

Dest node and final label:

Solution:

(b) Start node A, label 2.

Switch tuples:

Solution:


Solution:

(c) Start node C, label 1.

Switch tuples:

Solution:


Solution:

10. You are explaining your network to a colleague, who remarks on an interesting feature of your network.

(a) What do you tell your colleague when she asks why you configured the paths for packets (a) and(b) above?

Solution: The configuration is most likely to load balance the path between A and B. It couldalso be to provide a redundant fail-over path.

(b) Your colleague thinks this feature is neat, and asks you how to implement it in her packet-switched,IP network. What do you tell her?

Solution: This form of load balancing cant be implemented in a basic IP network that does

only destination-based forwarding.

11. You notice that the network seems much more sluggish than normal. Packets are getting through, butthey take a lot longer than they did before your assistant made some changes to the label swapping tablesyesterday. You do some debugging and find that the problem shows up when node B starts transmittingwith local label 19. Whats going on?

Page 10


11/20

E Congestion Window

12. Consider the following plot of TCP window size as a function of time. Note that the transfer endsnormally in the 26th round.

0

5

10

15

20

25

30

35

40

45

0 5 10 15 20 25 30

Transmission Round

onge

ston

n

ow

ze

(segments)

Assuming TCP Reno is the protocol experiencing the behavior shown above, answer the following ques-

tions.

(a) List each round other than the 16th in which a packet loss occurred.

Solution: Only round 22.

(b) How many packets were sent between the start of the 7th round and the end of the 15th round?

Solution: 33 + 34 + ... + 41 = 333

(c) Identify the intervals of time when TCP slow start is operating. (2 pts)

Solution: 1-6, 23-26

(d) Identify the intervals of time when TCP congestion avoidance is operating (AIMD). (1 pt)

Solution: 6-23

(e) After the 16th transmission round, is segment loss detected by a triple duplicate ACK or by atimeout? (2 pts)

Page 11


12/20

Solution: dupack

(f) What is the initial value of ssthreshold at the first transmission round? (2 pts)

Solution: 32

(g) What is the value of ssthreshold at the 18th transmission round? (2 pts)

Solution: 21

(h) What is the value of ssthreshold at the 24th transmission round? (2 pts)

Solution: 13

(i) During what transmission round is the 70th segment sent? (2 pts)

Solution: 7

(j) Assuming a packet loss is detected after the 26th round by the receipt of a triple duplicate ACK,what will be the values of the congesion-window size and of ssthreshold? (2 pts)

Solution: 4,4

Page 12


13/20

F Link Utilization

13. In the simple network shown below, we would like a TCP connection to fully utilize the bottleneck link.What should we make the size of buffer B? Show your calculations. Assume that the advertised receiverwindow is very large. The link latencies below are one-way.

100 Mbit/s

Router Receiver

10 Mbit/s

20 msec

buffer B

Sender20 msec

Solution: buffer size = RTT * Bottleneck bandwidth buffer size = 80 ms * 10 Mbps buffer size =800 Kbits buffer size = 100 KB

(3 pts were deducted if 1-way delay was used instead of RTT)

(3 pts were deducted if 100 MB vs 10MB was used)

Page 13


14/20

G Mobile IP

Mobile Node (128.2.87.111)

Sender (121.29.13.28)

FA

M

M

S

HA Home Agent (128.2.87.242)

Foreign Agent (100.11.21.23)

14. A sender S is sending TCP data to a mobile host M (see Figure). Initially the mobile host is in its homenetwork. Later on it moves to a different network and needs to use Mobile IP in order to receive data fromS. All local area networks are Ethernets.

Part 1: The sender S sends TCP data to the mobile node while is in its home network.

(a) What headers does each packet have (names only), starting with the layer 2 header and up to thetransport layer header?

Solution: ethernet, ip, tcp

(b) What are the source and destination IP addresses in the packet?

Solution: src: 121.29.13.28 dst: 128.2.87.111

Part 2: The correspondent node is sending TCP data to the mobile node which has moved to theforeign network.

(c) What headers does each packet have (names only), starting with the layer 2 header and up to thetransport layer header, as the packets arrive at the mobiles home agent?

Solution: ethernet, ip, tcp

(d) What headers does each packet have (names only), starting with the layer 2 header and up to thetransport layer header, as the packets arrive at the mobiles foreign agent?

Solution: ethernet, ip, ip, tcp

(e) What are the source and destination IP addresses in the packet in (d)?

Page 14


15/20

Solution: src: 128.2.87.242 dst: 121.29.13.28

Page 15


16/20

H Wireless MAC Issues

15. Consider the following topology of wireless laptops A, B, C and D. The dotted lines indicate the rangeof wireless transmissions from each node. For example, B is within range of A, A & C are within rangeof B, B & D are within range of C and only C is within range of D.

DA B C

Assume that each node uses an RTS/CTS based MAC protocol (i.e. like MACAW)

(a) If C is sending B an RTS, why does A know not to transmit?

Solution: A hears the CTS

(b) If B is sending data to C, why does D know not to transmit?

Solution: D heard the RTS from C

(c) Using the nodes above, give an example of the hidden terminal problem.

Solution: If A wants to transmit to B and C wants to transmit to D, the transmissions willclobber each other, even though A and C cannot hear each others transmissions.

(d) Irene Packet is considering implementing a walkie-talkie service for her wireless PDAs. Her pro-gram largely uses small packets to avoid delaying any voice. Should Irene use RTS/CTS for herdeployment? Why?

Solution: No. RTS/CTS is primarily to permit collision resolution to finish quickly. Theoverhead of RTS/CTS isnt worth it for really small packets.

Page 16


17/20


18/20


19/20

17. Assume that the client A has no local Web or DNS cache and that cache C has no DNS cache. However,all other cacheable things are cached. On a subsequent request for http://S/ index.html which of themessages from Table 1 would be eliminated (use the ID column to name the messages)?

Solution: Answer: 3, 4, 5, 7, 10

Page 19


20/20

J Firewalls

Sparky McFirewall has networks 10.0.2/24, 10.0.4/24 and notices that hosts 10.0.0.32, 10.0.0.252, 10.0.1.54,10.0.3.2 and 10.0.3.129 are attacking her host 10.0.2.23. He sees that his firewall already contains:

deny ip to/from 10.0.0.0/25 to any

18. Which hosts does this rule match?

Which of the following rules would work to block the remaining hosts? (Select only one).

A. deny ip to/from 10.0.0.0/22

B. deny ip to/from 10.0.3.0/24

C. deny ip to/from 10.0.3.2/32, deny ip to/from 10.0.3.129/32

D. deny ip to/from 10.0.0.0/22, deny ip to/from 10.0.3.0/24,

E. deny ip to/from 10.0.0.0/23, deny ip to/from 10.0.3.0/24

F. deny ip to/from 10.0.0.0/24, deny ip to/from 10.0.1.0/23

G. deny ip from brain to paper

19. After adding in this rule, someone complains that they cant get to a popular web site in the firewalledrange. Sparky decides to allow internal users to browse Web sites in the firewalled range. Which rulesneed to be added? (You may not need all of the spaces below).

Src IP/mask Src Port Dst IP/mask Dst Port ACK set Action

20. A disgruntled employee tells the attacker about your new firewall rules. How could the attacker takeadvantage of these rules to continue attacking your hosts?

The End Congratulations! Have a great summer!

Page 20

Cmu Final2005springsoln

Documents

Transcript of Cmu Final2005springsoln