Exam in Computer Networks (SAMPLE VG EXAM) Date 2005-12-13 Course code 1DT633

Transcription

Exam in Computer Networks (SAMPLE VG EXAM) Date 2005-12-13 Course code 1DT633
Exam in Computer Networks (SAMPLE VG EXAM)
Date
Course code
Exam time
Problems
Teacher
Phone
Aid
2005-12-13
1DT633
3 hours
5 (out of 6), Total 50 points
Lars-˚
Ake Larzon
070-5228109
English dictionary
Name:
Personnr:
Indicate what problems you have handed in solutions to with an ’X’ in the ’hand-in’ column.
Clearly indicate what problems you have chosen to exclude in the rightmost column.
Problem Hand-in Grading
1
[ ] Excluded from exam
2
[ ] Excluded from exam
3
[ ] Excluded from exam
4
[ ] Excluded from exam
5
[ ] Excluded from exam
6
[ ] Excluded from exam
TOTAL
Grade
Include this page with your answers
Exam in Computer Networks (SAMPLE VG EXAM)
Date
Course code
Exam time
Problems
Teacher
Phone
Aid
2005-12-13
1DT633
3 hours
5 (out of 6), Total 50 points
Lars-˚
Ake Larzon
070-5228109
English dictionary
This exam contains 6 problems, but no more than 5 can be handed in.
Choose any 5 problems and clearly specify what problems
you have chosen to exclude at the front of the envelope
You must answer the questions instructively.
Only one problem/sheet.
If details needed to solve a problem have been left out, make reasonable assumptions and present them in your
solution.
You may answer in English or Swedish.
The problems will be discussed on December 13:th.
For VG, you need 30 points, distributed over at least 4 of the chosen problems.
Good Luck!
Good luck!
IMPORTANT
You must choose one problem to exclude from the exam. Indicate what problems you have chosen to solve at the
cover sheet before handing it in.
1
Short answers
The statements below describe a property of different protocols, terms or mechanisms in the Internet architecture.
Identify the corresponding protocols/terms/mechanisms by simply giving their name. Same protocol/term/mechanism
can occur multiple times.
a)
Using extra bits to distinguish actual data from special tokens used to delimit frames.
b)
Used for IP-related error reports and queries.
c)
Delivery of IP datagrams to multiple receivers (not necessarily in the same LAN).
d)
Used together with IP addresses on a per-interface basis to determine whether a packet must be routed or not.
e)
Link layer protocol used on top of modem connections.
f)
Framework for encryption and authentication of IP packets
g)
Transport protocol normally used by the DNS system
h)
Mechanism to avoid data loss due to full buffers at the receiver
i)
Trusted intermediary in a system using asymmetric encryption
j)
Translates from IP addresses to link layer addresses.
2
Collision handling in Ethernet
Two machines A and B are attached to a 10 Mbit/s CSMA/CD Ethernet with 600m cable between them. The signal
propagation of the cable is 2 · 108 m/s. At time ta = 0, A transmits the message mA to B. At time tb = 1µs, machine
B wants to transmit the message mB to A. mA contains an IPv4 datagram with 20 bytes IP payload, while mB is a
maximum-sized Ethernet frame. In case of a detected collision, A will always choose K = 0, while B will always chose
the largest possible value of K.
At what times will the frames be successfully received at the destination? Use 107 instead of 10 ∗ 220 to represent 10
Mbit/s to simplify the calculations.
For full points, you need to present a time line showing in what order different key events occur so that it is clear how
you have obtained the answer.
(10p)
3
Network security
a)
Compare filter-based firewalls to proxy-based (a.k.a. application gateways) with respect to differences in operation, limitations and impact from IPsec and SSL
(5p)
b)
Alice works in a company that uses Kerberos for authentication. Now, Alice wants to contact the server Bob
and access a service on it. Describe the steps involved to set up an encrypted session between Alice and Bob.
(3p)
c)
Worms are becoming more and more common in the Internet. Assuming the risk of being infected is independent of the OS you are using, give two suggestions of how to reduce the risk of being infected.
(2p)
4
Routing and Forwarding
a)
A routing domain is illustrated in figure 1. One of the routers have an error in its routing table. Locate this
error and fix it before continuing.
(1p)
b)
The link between router 2 and router 3 goes down. After this event, routing information is exchanged between
the routers to reflect the new topology. What will the forwarding tables in each of the routers look like after
all update messages have been processed?
(3p)
c)
A gnome sneaks into the network and modifies two of the links between the routers so that they become
one-way links. The link between router 1 and 3 can only forward packets in the direction towards router 3,
and the link between router 2 and 3 can only forward packets in the direction towards router 2. What will the
forwarding tables look like in the routers after all update messages have been updated?
(3p)
d)
All of a sudden, the gnome decides to be even more evil. After having changed two of the links to be unidirectional and awaiting the forwarding tables to stabilize as described in the previous subproblem, he now disables
the capability to exchange routing messages between routers. After doing this, he restores the forwarding table
of router 3 to its original state (as presented in the figure). How will his actions affect the connectivity between
the three end-nodes in the figure? (Describe who will be able to connect whom and through what routers) (3p)
Router 2
Destination
Next hop
Interface
10.42.1.0/24
10.42.13.1
10.42.13.3
10.42.2.0/24
10.42.23.2
10.42.23.3
10.42.3.0/24
-
10.42.3.1
10.42.2.1
10.42.12.2
Destination
Next hop
10.42.2.0/24
10.42.1.1
10.42.3.0/24
10.42.1.1
Destination
Next hop
10.42.1.0/24
10.42.2.1
10.42.3.0/24
10.42.2.1
10.42.2.2
10.42.23.2
10.42.12.1
Destination
Next hop
10.42.1.0/24
10.42.3.1
10.42.2.0/24
10.42.3.1
10.42.3.2
10.42.1.2
Router 1
Destination
10.42.1.1
10.42.13.1
10.42.23.3
Next hop
Interface
10.42.1.0/24
-
10.42.1.1
10.42.2.0/24
10.42.12.2
10.42.12.1
Router 3
Destination
10.42.3.0/24
10.42.13.3
10.42.13.1
10.42.13.3
10.42.3.1
Next hop
Interface
10.42.1.0/24
10.42.13.1
10.42.13.3
10.42.2.0/24
10.42.23.2
10.42.23.3
10.42.3.0/24
-
10.42.3.1
Figure 1: Routing domain
192.1.3.3/24
DNS
192.1.3.2/24
WWW
192.1.3.1/24
192.1.1.42/24
192.1.1.1/24
router
192.1.2.136/16
192.1.2.1/24
a.org
b.org
192.1.1.3/24
DHCP
192.1.1.2/24
SMTP
192.1.2.2/24
POP
192.1.2.3/24
DHCP
Figure 2: Network setup for problem 4
5
The big picture
a)
6
Consider the network outlined in figure 2 where the IP address and netmask of all interfaces are shown. The
servers in the figure provides the named services. After a major power failure, all machines are rebooted and
all caches used for address resolving, DNS queries, routing tables etc. are cleared so that each machines don’t
know anything about the rest of the network other than the IP address of the default router.
Now, the machine a.org wants to send some data to b.org using TCP. Outline what packets/frames are sent
up until the first packet containing the actual data. For each packet/frame, you don’t have to specify the exact
format and content. However, you must specify the source, destination and the function/intent/content of the
packet/frame.
(10p)
Error detection and handling
a)
The message 1101100100111011 is protected with a CRC using the polynom X 7 + X 5 + X 4 + X 2 + 1 as
generator. The calculated CRC is attached immediately after the message and thereafter sent over a wireless
link. It turns out, that in the 24 bits sent (message+CRC), the last bit (i.e., the least significant bit in the
CRC) is inverted when delivered. The receiver will of course detect this when it does its verification of the
CRC checksum. What will the calculated remainder at the receiver side be?
(3p)
b)
Illustrate a scenario in which there is an error that the Internet checksum can not detect.
c)
Illustrate how a sliding window using cumulative ACK:s works by completing figure 3. X indicates lost packets.
Solid arrows represent transmission on data, while dotted arrows are the ACK:s sent in the opposite direction.
The receiver buffer size is three packets and the sender has approximately infinite window size on the sending
side. No piggybacking is used. Numbers in the squares represents sequence numbers of packets sent and/or
received. Values of ACK:s are filled in into the dotted squares. The timeout value is set so that 7 packets can
be sent between the original transmission and the retransmission caused by the timeout. Fast retransmission
occurs after one duplicate ACK.
(5p)
Sent 3
X
X
Received
ACK:s
Figure 3: A sliding window problem
(2p)