FINAL Exam: SOLUTIONS

CMPSCI 453/591 ST550A: Computer Networks

Spring 2002
(These solutions revised slightly, January 2003)
Prof. Jim Kurose

Question 1: ``Quickies'' (21 points, 24 minutes) Answer each of the following questions briefly,
i.e., in at most a few sentences.

3 points each:

a) Consider the BGP protocol, an autonomous system (AS) A, and some destination network X.
How does A control whether or not other autonomous systems route traffic destined to X
through A?
By the paths that it advertises to its neighboring ASs. If A never advertises a path to X to its
neighbors, the neighbors will never route to X via A.
b) What does it mean to be “multi-homed”?
A computer is multihomed when it is connected to two or more networks. Alternatively, a
“stub” network is multihomed if it is attach to two or more ISPs.
c) What is one important difference between a bridge and a router?
A bridge performs layer 2 “routing,” using frame addresses rather than layer 3 network address,
and does not exchange routing tables with its neighbors.
d) Does an ATM cell carry a source or destination address in its header? Explain.
No. An ATM cell instead carries a VPI/VCI pair that tells the ATM switch the output port (and
new VPI/VCI pair) for an arriving cell. ATM is switched (using a virtual circuit identifier)
rather than routed (on the basis of an explicit destination address).
e) What is the purpose of a trap message in SNMP?
To indicate to the NSM that some exceptional condition, or trigger event, has occurred.
f) What is meant by TLV encoding?
TLV-encoded data is “self identifying,” with the type, length, and then value of the data
explicitly transmitted, as in ASN.1
g) Why is it that multimedia applications such as Internet phone will typically add a playout delay
at the receiver?
In order to compensate for varying delays from the sender to the receiver.

Question 2: A wireless TCP (18 points, 23 minutes)

Consider the scenario shown below – a number of clients that communicate over a wireless link to a
router, and from there to a server.
1
 R1

server

clients

The wireless link often introduces bit errors into the transmitted frames (much more so than a
wireline link). Assume that the wireless link neither detects nor corrects bit errors. The wireless
link and the wired link between the router and the server have enough bandwidth so that there is
only occasional congestion. In fact, it is more likely that a client packet will suffer from bit errors
than be dropped at the router-to-server link due to congestion.

• What mechanism does TCP use to detect bit errors?

(4 points) TCP uses the Internet checksum to detect bit errors
• The goal of the transport-layer error and congestion control in this scenario should be to (a)
retransmit a packet if it is dropped at the receiver due to bit errors, provided that the sender-to-
receiver path is not congested, and (b) reduce the sending rate if the packet is lost due to buffer
overflow at a congested link, using an algorithm such as TCP’s slowstart/congestion-avoidance
(and increase the rate when the path is not congested). How well does TCP meet these goals?
Explain your answer.
6 points total. Not very well. (i- 2 points) The Internet checksum is a very weak form of bit-
error protection. It would be better to use a more powerful code such as CRC (cyclic
redundancy check). (ii – 4 points) The problem with using TCP’s congestion control in this
setting is that TCP will decrease its sending rate whenever a packet is not acked. If there is a bit
error then TCP will decrease its sending rate (due to lack of an ACK) even if the network is not
congested.
• What modifications would you make to TCP to achieve goals (a) and (b)? You can add any new
messages or mechanisms that you want to TCP. You can describe your additions in English (you
do not need to draw a FSM), but make sure there is enough detail to provide a clear statement
of what you are proposing.
8 points. I would add a mechanism to TCP to allow it to explicitly indicate when a packet is
received but in error, as opposed to lost. The easiest way to do this is to add a NAK(x) that
indicates that packet x was received, but had bit errors. A TCP sender receiving a NAK(x)
would not have to decrease its sending rate, since the loss was not due to congestion. It would
also be OK to add two kinds of NAK messages: NAK_bit_error(x) and NAK_lost_packet(x),
where the latter is sent by the receiver as soon as a gap in the received sequence number space is
detected.

Question 3: Multiple access protocols (18 points, 20 minutes)

2
We studied a number of multiple access protocols in this course, including (1) TDMA, (2) CSMA,
(3) Slotted Aloha and (4) Token passing.

6 points each.

• Suppose you were charged with putting together a LAN to support IP telephony (only) and that
multiple users may want to carry on a phone call at the same time. Recall that IP telephony
digitizes and packetizes voice at a constant bit rate when a user is making an IP phone call.
How well suited are these four protocols for this scenario? Provide a brief (e.g. one sentence)
explanation of each answer.
TDMA: works well here since it provides a constant bit rate service of 1 slot per frame
CSMA: will NOT work well here due to collisions and variable amount of time to access the
channel. Channel access delays can be unbounded
Slotted Aloha: same answer as CSMA
Token passing: works well here since each station gets a turn to transmit once per token round,
yielding an essentially constant bit rate service.

• Now suppose you were charged with putting together a LAN to support the occasional exchange
of data between nodes. That is, any individual node does not have data to send very often. How
well suited are these four protocols for this scenario? Provide a brief (e.g. one sentence)
explanation of each answer.
TDMA: TDMA would not work well here as if there is only one station with something to send,
it can only send once per frame. Hence the access delays are long, and the throughput over a
long period of time is only 1/N of the channel capacity.
CSMA: This would work well since at low utilization, a node will get to use the channel as soon
as it need to.
Slotted Aloha: same answer as CSMA
Token passing: This would work better than TDMA but slightly less well than CSMA and
Slotted Aloha, since it must wait for the token to be passed to the other stations (who likely
wouldn’t use it) before sending again.

• Now suppose the LAN must support both voice and data and you must choose one of these
multiple access strategies in order to support both applications on the same network, with the
understanding that voice calls are more important than data. Which would you choose and
why? How would voice and data be sent in this scenario? That is, which access protocol would
you use, or adapt/modify, and why?

Here are two possible answers:

Assign some number of TDMA slots for voice calls (e.g., one slot to each user). Also add some
additional slots and allow the stations with data to send to perform random access (e.g., slotted
aloha or CSMA) within those slots only.

Alternatively, use token passing with priorities and give priority to voice packets.

Question 4: Secure and authenticated message transfer (21 points, 23 minutes)

3
Suppose that Alice has a data file, d, that Bob needs. Alice and Bob want to make sure (i) that if
anyone intercepts the file during its transmission, then they can not understand its content. Bob
also wants to know (ii) whether or not whatever is transmitted from Alice to Bob has not been
corrupted or altered in transit, and (iii) that the file was sent by Alice (Bob will only need to
convince himself of that, no one else). Finally, (iv) Bob and Alice are computationally limited, so
their goal is to transfer the file while meeting criteria (i) – (iii) above, but at the same time, being
computationally efficient. You may assume that:
• Symmetric key. Alice and Bob share a secret symmetric key that no one else knows, and Bob
and Alice both know that no one else knows it.
• Public keys. There is a public key infrastructure available (e.g., a CA that has Bob and
Alice’s public keys, and that the public key of the CA is known to Bob and Alice).

10 points for part a), 11 points for part b.

a) Describe the steps that Alice takes to send the data file, given requirements (i) – (iv) above.
Your solution should only use as few a number of symmetric and/or public keys as necessary
while meeting requirements (i) – (iv). That is, if you use a mechanism that is not required, your
answer will not be given full credit (but you will be given partial credit), even if your approach
works. Your approach should be as simple as possible while meeting the requirements under the
stated assumptions. Be specific in describing the algorithms/approaches and steps that Alice
takes. (e.g., don’t just say “Alice encrypts the file”. If she encrypts it, state the algorithm she
uses. If she needs a key, indicate how/where she gets the key)

First, let’s recall that symmetric key encryption is MUCH faster and more efficient in terms of
computational resources that public key, so we want to use symmetric key if possible.

• To provide confidentiality (i), Alice uses symmetric key cryptography to encrypt the file,
KA-B(d).
• To make sure that the file has not been corrupted or altered, Alice will compute a hash
(e.g., MD5) over the encrypted file: H(KA-B(d))
• To “sign” the document, Alice will encrypt the hash using the shared symmetric key
KA-B (H(KA-B(d)).
• Alice thus sends KA-B(d) and KA-B (H(KA-B(d))) to Bob

a) Describes the steps that Bob takes on receiving the file, and indicate why/how he knows that
criteria (i) – (iii) have been met.

Bob receives [KA-B(d)] and [KA-B (H(KA-B(d))]) (the brackets indicate what was received) and takes
the following actions:
He takes and [KA-B (H(KA-B(d))]) and uses his key to unencrypt: KA-B [KA-B (H(KA-B(d))]) to get
H(KA-B(d))A – the hash of the encrypted file, as signed by Alice.
He then takes [KA-B(d)] and decrypts: KA-B[KA-B(d)] = d. So Bob has d. The only question is - is
this the same d that Alice sent? Bob then computes H(KA-B(d))B – the hash of the encrypted
message as computed by Bob. If H(KA-B(d))A equals H(KA-B(d))B then Bob knows the file has not

4
been altered in transit. He also knows that Alice was the one who encrypted and signed the file,
since only she shares the shared key with Bob.

Question 5: Where are the protocols? (21 points, 20 minutes)

Consider the network scenario shown below. Client C1, servers S1 and S2, and routers R1 through
R4 are all part of the same autonomous system (e.g., the UMass network) and are connected to
other ASs in the rest of the Internet via router R4.

11.11.12.1/24
HTTP server
S1
11.11.12.1/24
Client C1
R1

DNS server
S2
11.11.13.1/24 11.11.16.1/24

R3 R2

11.11.14.1/24 11.11.15.1/24
R4
to public Internet via ISP

a) [4 points] Suppose the user at C1 enters a URL into the browser for a document at S1 and
refers to S1 by its name (e.g., S1.cs.umass.edu). The document stored in S1 and returned to the
user at C1 contains an embedded URL that is at another site that it outside the autonomous
system shown above (e.g., www.remotesite.com). Which of the elements C1, S1, R1 – R4 will
make a query to DNS server S2 to resolve the name S1.cs.umass.edu ?
The client C1 will need to contact the DNS in order to get the IP address of HTTP server S1
Which of the elements C1, S1, R1 – R4 (if any) will make a query to DNS server S2 to resolve
the name www.remotesite.com?
Client C1 will contact DN server S2 in order to resolve the name www.remotesite.com
If S2 does not know the IP address corresponding to www.remotesite.com, which of C1, S1, S2,
R1 – R4 will contact an external DNS server, assuming recursive queries?
S2 will contact an external DNS server, under recursive DNS queries.
b) [4 points] Which of C1, S1, S2, R1 – R4 must be running the TCP protocol? Explain your
answer.
C1 and S1 are know to be running HTTP, which requires TCP. R4 must be running BGP (the
only interdomain protocol being used in the Internet) in order for the BGP speaker in R4 to talk
to the BGP speaker on the other side of the ISP access link, in order to get and advertise BGP
tables. Hence R4 must also be running TCP. DNS uses UDP, so server S2 need not run TCP. If
the intradomain routers were running OSPF, they would not need to run TCP to exchange
tables.

5
c) [4 points] Identify the individual networks (in an IP addressing sense) in the figure above.
Specify an internet address for one interface in each of the networks.

There are six networks, as shown in the figure above. Each network must have a different
network part of the IP address. In the solution above, the first 24 bits are the network address,
and must be different from one network to another.
d) [3 points] Which of C1, S1, S2, R1 – R4 run an intra-domain routing protocol?
All of these must all run the intradomain routing protocol
e) [3 points] Which of C1, S1, S2, R1 – R4 run an inter-domain routing protocol? Given your
answer in c), what address prefix is advertised to ASs outside this network?
R4. The prefix 11.11/16 could be advertised to the outside world, since all IP addresses within
the network fall within this range.
f) [3 points] Assume that the client and servers are connected to R1 using Ethernet, and that the
routers are interconnected using a point-to-point protocol. Which of C1, S1, S2, R1 – R4 must
be running the ARP protocol? Explain your answer.
Any device connected to an Ethernet must be running ARP, so C1, S1, S2, and R2 must be
running ARP