docExam in Computer Networks (SAMPLE VG EXAM) Date 2005-12-13 Course code 1DT633
download 
Report Transcription
Exam in Computer Networks (SAMPLE VG EXAM) Date 2005-12-13 Course code 1DT633
Exam in Computer Networks (SAMPLE VG EXAM) Date Course code Exam time Problems Teacher Phone Aid 2005-12-13 1DT633 3 hours 5 (out of 6), Total 50 points Lars-˚ Ake Larzon 070-5228109 English dictionary Name: Personnr: Indicate what problems you have handed in solutions to with an ’X’ in the ’hand-in’ column. Clearly indicate what problems you have chosen to exclude in the rightmost column. Problem Hand-in Grading 1 [ ] Excluded from exam 2 [ ] Excluded from exam 3 [ ] Excluded from exam 4 [ ] Excluded from exam 5 [ ] Excluded from exam 6 [ ] Excluded from exam TOTAL Grade Include this page with your answers Exam in Computer Networks (SAMPLE VG EXAM) Date Course code Exam time Problems Teacher Phone Aid 2005-12-13 1DT633 3 hours 5 (out of 6), Total 50 points Lars-˚ Ake Larzon 070-5228109 English dictionary This exam contains 6 problems, but no more than 5 can be handed in. Choose any 5 problems and clearly specify what problems you have chosen to exclude at the front of the envelope You must answer the questions instructively. Only one problem/sheet. If details needed to solve a problem have been left out, make reasonable assumptions and present them in your solution. You may answer in English or Swedish. The problems will be discussed on December 13:th. For VG, you need 30 points, distributed over at least 4 of the chosen problems. Good Luck! Good luck! IMPORTANT You must choose one problem to exclude from the exam. Indicate what problems you have chosen to solve at the cover sheet before handing it in. 1 Short answers The statements below describe a property of different protocols, terms or mechanisms in the Internet architecture. Identify the corresponding protocols/terms/mechanisms by simply giving their name. Same protocol/term/mechanism can occur multiple times. a) Using extra bits to distinguish actual data from special tokens used to delimit frames. b) Used for IP-related error reports and queries. c) Delivery of IP datagrams to multiple receivers (not necessarily in the same LAN). d) Used together with IP addresses on a per-interface basis to determine whether a packet must be routed or not. e) Link layer protocol used on top of modem connections. f) Framework for encryption and authentication of IP packets g) Transport protocol normally used by the DNS system h) Mechanism to avoid data loss due to full buffers at the receiver i) Trusted intermediary in a system using asymmetric encryption j) Translates from IP addresses to link layer addresses. 2 Collision handling in Ethernet Two machines A and B are attached to a 10 Mbit/s CSMA/CD Ethernet with 600m cable between them. The signal propagation of the cable is 2 · 108 m/s. At time ta = 0, A transmits the message mA to B. At time tb = 1µs, machine B wants to transmit the message mB to A. mA contains an IPv4 datagram with 20 bytes IP payload, while mB is a maximum-sized Ethernet frame. In case of a detected collision, A will always choose K = 0, while B will always chose the largest possible value of K. At what times will the frames be successfully received at the destination? Use 107 instead of 10 ∗ 220 to represent 10 Mbit/s to simplify the calculations. For full points, you need to present a time line showing in what order different key events occur so that it is clear how you have obtained the answer. (10p) 3 Network security a) Compare filter-based firewalls to proxy-based (a.k.a. application gateways) with respect to differences in operation, limitations and impact from IPsec and SSL (5p) b) Alice works in a company that uses Kerberos for authentication. Now, Alice wants to contact the server Bob and access a service on it. Describe the steps involved to set up an encrypted session between Alice and Bob. (3p) c) Worms are becoming more and more common in the Internet. Assuming the risk of being infected is independent of the OS you are using, give two suggestions of how to reduce the risk of being infected. (2p) 4 Routing and Forwarding a) A routing domain is illustrated in figure 1. One of the routers have an error in its routing table. Locate this error and fix it before continuing. (1p) b) The link between router 2 and router 3 goes down. After this event, routing information is exchanged between the routers to reflect the new topology. What will the forwarding tables in each of the routers look like after all update messages have been processed? (3p) c) A gnome sneaks into the network and modifies two of the links between the routers so that they become one-way links. The link between router 1 and 3 can only forward packets in the direction towards router 3, and the link between router 2 and 3 can only forward packets in the direction towards router 2. What will the forwarding tables look like in the routers after all update messages have been updated? (3p) d) All of a sudden, the gnome decides to be even more evil. After having changed two of the links to be unidirectional and awaiting the forwarding tables to stabilize as described in the previous subproblem, he now disables the capability to exchange routing messages between routers. After doing this, he restores the forwarding table of router 3 to its original state (as presented in the figure). How will his actions affect the connectivity between the three end-nodes in the figure? (Describe who will be able to connect whom and through what routers) (3p) Router 2 Destination Next hop Interface 10.42.1.0/24 10.42.13.1 10.42.13.3 10.42.2.0/24 10.42.23.2 10.42.23.3 10.42.3.0/24 - 10.42.3.1 10.42.2.1 10.42.12.2 Destination Next hop 10.42.2.0/24 10.42.1.1 10.42.3.0/24 10.42.1.1 Destination Next hop 10.42.1.0/24 10.42.2.1 10.42.3.0/24 10.42.2.1 10.42.2.2 10.42.23.2 10.42.12.1 Destination Next hop 10.42.1.0/24 10.42.3.1 10.42.2.0/24 10.42.3.1 10.42.3.2 10.42.1.2 Router 1 Destination 10.42.1.1 10.42.13.1 10.42.23.3 Next hop Interface 10.42.1.0/24 - 10.42.1.1 10.42.2.0/24 10.42.12.2 10.42.12.1 Router 3 Destination 10.42.3.0/24 10.42.13.3 10.42.13.1 10.42.13.3 10.42.3.1 Next hop Interface 10.42.1.0/24 10.42.13.1 10.42.13.3 10.42.2.0/24 10.42.23.2 10.42.23.3 10.42.3.0/24 - 10.42.3.1 Figure 1: Routing domain 192.1.3.3/24 DNS 192.1.3.2/24 WWW 192.1.3.1/24 192.1.1.42/24 192.1.1.1/24 router 192.1.2.136/16 192.1.2.1/24 a.org b.org 192.1.1.3/24 DHCP 192.1.1.2/24 SMTP 192.1.2.2/24 POP 192.1.2.3/24 DHCP Figure 2: Network setup for problem 4 5 The big picture a) 6 Consider the network outlined in figure 2 where the IP address and netmask of all interfaces are shown. The servers in the figure provides the named services. After a major power failure, all machines are rebooted and all caches used for address resolving, DNS queries, routing tables etc. are cleared so that each machines don’t know anything about the rest of the network other than the IP address of the default router. Now, the machine a.org wants to send some data to b.org using TCP. Outline what packets/frames are sent up until the first packet containing the actual data. For each packet/frame, you don’t have to specify the exact format and content. However, you must specify the source, destination and the function/intent/content of the packet/frame. (10p) Error detection and handling a) The message 1101100100111011 is protected with a CRC using the polynom X 7 + X 5 + X 4 + X 2 + 1 as generator. The calculated CRC is attached immediately after the message and thereafter sent over a wireless link. It turns out, that in the 24 bits sent (message+CRC), the last bit (i.e., the least significant bit in the CRC) is inverted when delivered. The receiver will of course detect this when it does its verification of the CRC checksum. What will the calculated remainder at the receiver side be? (3p) b) Illustrate a scenario in which there is an error that the Internet checksum can not detect. c) Illustrate how a sliding window using cumulative ACK:s works by completing figure 3. X indicates lost packets. Solid arrows represent transmission on data, while dotted arrows are the ACK:s sent in the opposite direction. The receiver buffer size is three packets and the sender has approximately infinite window size on the sending side. No piggybacking is used. Numbers in the squares represents sequence numbers of packets sent and/or received. Values of ACK:s are filled in into the dotted squares. The timeout value is set so that 7 packets can be sent between the original transmission and the retransmission caused by the timeout. Fast retransmission occurs after one duplicate ACK. (5p) Sent 3 X X Received ACK:s Figure 3: A sliding window problem (2p)
