EPFL-logo

Computer Networks - Final Exam

Prof. J.-P. Hubaux and Dr. M. H. Manshaei January 18, 2010 Duration: 3:00 hours, closed book.

Please write your answers on these sheets in a readable way. Poorly written answers will not be corrected. Use extra sheets if necessary (put your name on them).

You may write your answers in English or in French.

The total number of points is 60.

This document contains 20 pages.

Student First name: Last name: 2 Communication Systems 2 Other (mention it): . . . . . . . . . 2 Computer Science

Division:

Year:

2 Bachelor Year 2 2 Other (mention it): . . . . . . . . .

2 Bachelor Year 3

Short questions

(5 points)

For each question, please circle a single best answer. 1. In the CSMA/CD protocol, what condition on the transmission delay Ttrans and the propagation delay Tprop has to be satised to guarantee that a node always detects a collision? (a) Ttrans > Tprop (b) Ttrans > 2Tprop (c) Ttrans < Tprop (d) 2Ttrans < Tprop 2. Alice and Bob communicate in an alphabet that has L letters. They use a monoalphabetic substitution cipher with key K. Assume that Trudy obtains a plaintext m and the corresponding ciphertext c. Under what conditions can Trudy recover the key K completely? (a) m contains at least L 1 unique letters. (b) |m| L. (c) |m| |K|. (d) m is not empty. 3. The WiMaX protocol: (a) provides the maximum available data rate over a wireless channel. (b) uses unlicensed spectrum, such as WiFi. (c) provides a mechanism for scheduling. (d) All of the above options are correct. 4. Two hosts simultaneously send data through a link of capacity 1Mbps. Host A generates data with a rate of 1Mbps and uses TCP. Host B uses UDP and transmits a 100bytes packet every 1ms. Which host will obtain higher throughput? (a) Host A. (b) Host B (c) They obtain roughly the same throughput. (d) They experience congestion collapse and negligible throughput. 5. What is the theoretical upper-bound on the number of simultaneous TCP/IPv4 connections that a host with a single IP address can handle? (Ignore memory limitations.) (a) 216 (b) 232 (c) 264 (d) unlimited 2

6. Host A sends a TCP segment (Seq = 43, ACK = 103), to which host B replies with a TCP segment (Seq = 103, ACK = 57). The payload of the rst TCP segment is (a) 14 bytes long. (b) 43 bytes long. (c) 46 bytes long. (d) 57 bytes long. (e) 60 bytes long. 7. The Distance-Vector algorithm is not: (a) iterative. (b) asynchronous. (c) distributed. (d) used in RIP. (e) None of the above. 8. Longest prex matching is used: (a) in routers to know on which link interface to forward packets. (b) in classless addressing to use the address space more efciently than in classful addressing. (c) by NAT to increase the available address space in home networks. (d) to assign subnet masks. (e) None of the above. 9. An authoritative DNS server knows a top-level domain server via: (a) hostname. (b) IP address. (c) canonical hostname. (d) alias. (e) domain. 10. A user requests a Web page that consists of some text and 3 images. The browsers cache is empty. For this page, the clients browser: (a) sends 1 http request message and receives 1 http response messages. (b) sends 1 http request message and receives 3 http response messages. (c) sends 1 http request message and receives 4 http response messages. (d) sends 3 http request messages and receives 3 http response messages. (e) sends 4 http request messages and receives 4 http response messages.

Application Layer

(7 points)

Question 1: Consider a scenario where an EPFL student joins a BitTorrent torrent, but he does not allow other peers to download any content from his machine (so called free-riding). a. The student claims that he can download complete copies of the les shared by torrent. Is this possible? Why or why not?

b. The student further claims that he can make his free-riding more efcient by using a collection of multiple computers (with distinct IP addresses). Is this possible? Why or why not?

Question 2: Consider a circular Distributed Hash Table (DHT) with node identiers in the range [0, 15]. Suppose there are seven peers with identiers 1, 3, 4, 5, 8, 12 and 14. a. Suppose that the following (key,value) pairs should be stored in the DHT: (2,1), (6,5), (7,15) and (15,5). Which peers will store which (key,value) pairs? Fill in the table below.

(key,value) (2,1) (2 1) (6,5) (7,15) (15,5)

Identifier of the responsible peer 3 8 8 1

b. Suppose that peer 3 learns that peer 5 has left the DHT. How does peer 3 update its successor state information? Which peer is now its rst successor? Its second successor?

c. Suppose that a new peer with the identier 6 wants to join the DHT and peer 6 initially only knows the IP address of the peer 14. What steps are taken for peer 6 to join the system?

Network Layer

(14 points)

Question 1: Consider sending a 1500-byte datagram into a link that has an MTU of 500 bytes. Suppose the original datagram is stamped with the identication number 1. Assume that IPv4 is used. Hint: The IPv4 header is 20bytes long. a. Where does fragmentation happen? Where are the fragments reassembled?

b. How many fragments are generated?

c. In addition to the identication number, what are the elds in the generated IP datagram(s) that are related to fragmentation?

d. What are the values of the fragmentation-related elds in the generated IP datagram(s)?

e. What changes if IPv6 were used?

Question 2: Consider destinations connected to a single source by a binary tree of routers as shown below (the source is the node at the top). Each time a packet (or copy of a packet) is sent over a single link, it incurs a unit of cost. In a single time step, a node can receive all transmitted broadcast packets from its neighbors, duplicate the packets, and send them to all of its neighbors (except to the node that sent a given packet). At the next time step, neighboring nodes can receive, duplicate, and forward these packets, and so on.

Figure 1: A computer network.

a. Assume that uncontrolled ooding is used to provide broadcast in this network. At time step k, how many copies of the broadcast packet will be transmitted, assuming that during time step 1, a single broadcast packet is transmitted by the source node to its three neighbors?

b. Assuming there are only 48 destinations (as shown in the gure), what is the cost of sending a broadcast packet using N-way-unicast?

c. Assuming there are 48 destinations, what is the cost of sending a broadcast packet using spanning-tree broadcast?

Question 3: IPv4 multicast addresses are in the group historically called Class D, based on the leading bits of these addresses. This group has been allocated the address block 224.0.0.0/4. a. Assume that 5000 multicast groups are ongoing at the same time and choose their multicast group addresses at random such that no two addresses interfere with each other. What is the probability that an additional multicast group chooses an address that does not interfere with any of the other 5000 group addresses and without knowing any of these 5000 addresses?

b. Now assume that all 5001 multicast groups choose their multicast group addresses simultaneously at random. What is the probability that no two addresses interfere with each other?

Link Layer

(10 points)

Question 1: Figure 2 shows a network with three routers and ve hosts. The administrator of the network has assigned two subnet masks 192.168.1.0/29 and 192.168.2.0/30 to the Router 1. Router 2 can use three subnet masks 192.168.2.0/30, 192.168.3.0/30, and 192.168.4.0/30. Router 3 can use two subnet masks 192.168.4.0/30 and 192.168.5.0/29.

C
IP: 192.168.3.2 MAC: R Router 2 IP: 192.168.4.1 MAC: R
2 3 2 2

IP

MAC: C

A
IP: 192.168.2.2 MAC: R
1 2 2 1

Router 1 IP: 192.168.1.3 MAC: R

1 1

IP: 192.168.1.1 MAC: A

IP: 192.168.2.1 MAC: R

MAC: B

IP

IP: 192.168.4.2 MAC: R Router 3 IP: 192.168.5.3 MAC: R

3 2 3 1

E
IP

D
IP

MAC: E

MAC: D

Figure 2: A computer network with 3 routers and 5 hosts.

a. Assign missing IP addresses (hosts and router interfaces). Write your answer in the gure.

n b. Assume that the MAC addresses of Router i are Ri , n {1, 2, } (For example, Router 1 1 and R2 ). Assign the missing MAC addresses. Write your answer has two MAC addresses R1 1 in the gure.

10

c. Assume that the ARP tables in E and D are empty. Host D wants to send a packet to host C and host E wants to send a packet to host A. Explain how the ARP tables of these two hosts should be updated.

d. Now assume that all ARP tables are up to date and host A wants to send an IP datagram to host C. Enumerate all the steps that should be taken to send this datagram. Please write the IP and MAC addresses of datagram and frames in routers and host.

11

Question 2: Suppose two active nodes n1 , n2 share a channel using slotted ALOHA. The channel capacity is 10 Mbps. Assume that each node has an innite number of packets to send. Node 1 attempts to transmit in each slot with probability p1 = 0.8. What should be the probability of transmission for node 2 (p2 ) if it wants to obtain 1 Mbps throughput over the channel? What is the network throughput in this case?

12

Security

(14 points)

Consider the following hypothetical situation. The government of some country, let us call it Xland, does not want its citizens (users) to access certain type of content (forbidden content) on the Internet. The government is in a position to deny users access, because it controls all the ISPs of Xland. An independent, international organization ghting for freedom of speech, OfFoS, wants to help the users in Xland to circumvent these restrictions. A group of OfFoS volunteers is preparing a report describing the technical measures used to deny access that the ISPs of Xland are employing. The report also contains a list of potential countermeasures. However, as these volunteers lack expertise in the topics of computer networks and security, you have been asked to review the report. The report identies two threats: Threat 1 The ISPs can block access to forbidden content. Threat 2 The ISPs can detect and identify users who attempt to access forbidden content (allowing the government to persecute them). The report also states that: The ISPs keep track of a blacklist of websites providing forbidden content (domain names and IP addresses). The ISPs keep track of a blacklist of words specic to forbidden content. OfFoS has the resources to deploy a limited number of machines (outside of Xland) to assist the users. Question 1: The DNS servers that the users are provided with are under the ISPs control. a. How can the ISPs take advantage of this to achieve threat 1?

b. Which protocol is (most likely) responsible for providing the IP addresses of DNS servers to the users?

13

c. What is the simplest way for the users to circumvent this blocking mechanism?

d. Assume that the countermeasure proposed above is deployed. You recall that DNS queries and replies are sent without any cryptographic protection. How can the ISPs take advantage of that to achieve threat 1? Threat 2?

e. What cryptographic mechanisms can be used to prevent the attacks described above?

14

Question 2: The report notes that in the case of some content providers, e.g. Wikipedia, the ISPs grant access to most of the information offered by the service. Only a fraction of the content is forbidden, and hence blocked. It appears that every IP packet is inspected by the ISPs, and dropped if it contains a word from a blacklist. The report lists a number of potential countermeasures, which you are asked to evaluate. Assume no other blocking/detection mechanisms are deployed by the ISPs. a. The rst proposal is switching from HTTP to HTTPS by all content providers offering forbidden content. Would this prevent threat 1? Threat 2? Explain.

b. Assume that the HTTPS countermeasure proposed above is deployed. Many of the smaller providers of forbidden content cannot be expected to pay for a certicate from a Certication Authority, and would use self-signed certicates. Could the ISPs take advantage of this to achieve threat 1 or threat 2? Explain.

c. Another countermeasure proposal is an ssh tunnel. The report recommends the users to create the tunnel as follows: ssh -L 8080:www.google.com:80 localhost and start browsing from visiting localhost:8080. Would this prevent threat 1? Threat 2? Explain.

15

d. The next countermeasure proposal is an http proxy that OfFoS would deploy. The proxys IP address is 123.45.67.89 and it accepts connections at port 8080. How can the users make use of this proxy? Would this prevent threat 1? Threat 2? Explain.

e. The nal countermeasure proposal is a combination of an http proxy with an ssh tunnel. The proxy is still at 123.45.67.89:8080. The ssh server deployed by OfFoS is at 123.45.67.80, with the login freedom and password ofspeech. How should the users create the tunnel (give the command) and congure their machines to use the proxy via the ssh tunnel? Would this prevent threat 1? Threat 2? Explain.

f. Assume that one of the successful countermeasures is deployed (choose one). What additional measures can the ISPs implement to achieve threat 1 or threat 2? Give one example.

16

Question 3: Beyond content-based ltering discussed in the previous question, the ISPs can achieve some forms of threat 1 and threat 2 based on IP addresses. The report again provides some countermeasure, and you are asked to evaluate them. Assume that the ISPs do not inspect the payload of IP packets, including DNS queries/replies (e.g., because some countermeasures reviewed in the previous questions are deployed). a. How can the ISPs achieve threat 1 based on IP addresses alone? Threat 2?

b. The rst countermeasure proposal is for each user to deploy his own NAT, and connect to the Internet from behind a NAT. Would this prevent threat 1? Threat 2? Explain.

c. The second countermeasure proposal is for OfFoS to deploy an http proxy. Would this prevent threat 1? Threat 2? Explain.

17

Wireless and Mobile Networks

(10 points)

Question 1: Can we use the following two codes for a CDMA protocol to avoid collision between two stations. Why or why not? c1 = (1, 1, 1, 1, 1, 1, 1, 1) c2 = (1, 1, 1, 1, 1, 1, 1, 1) (Hint: The output of a CDMA encoder is Zi,m = di cm and the CDMA decoder recovers the 1 data by computing di = M M Zi,m cm ) m=1

Question 2: What is triangle routing? Does mobile IP use triangle routing or direct routing?

18

Question 3: What is the main purpose of using RTS/CTS packets (Request to Send/Clear to Send packets) in wireless networks? Explain this with one example.

Question 4: Figure 3 shows ve 802.11b wireless access points. Assume that we assign channel 6 to AP3 . Which channels should be assigned to other APs such that the data throughput of the nodes connected to AP3 are maximized? (Hint: There are 11 channels available for 802.11b). Justify your answer.

AP1

AP2

AP3

AP4

AP5

Figure 3: Five access point. The distances between neighboring access points are equal.

19

20