Winter 2011 Master of Computer Application (MCA) Semester 3 MC0075 Computer Networks 4 Credits (Book ID: B0813 &

p; B0814) Assignment Set 1 (60 Marks) Answer all Questions Book ID: B0813 1. Describe the following: a. Networks Software b. Reference Models c. Network Standards Ans: a. Networks Software Network software is highly structured. In this section we examine the software techniques. In the following sections we examine the software structuring technique in some detail. The method described here forms the keystone of the entire book and will occur repeatedly later on. Protocol Hierarchy A protocol is an agreement between the communicating parties on how communication is to proceed. To reduce their design complexity, most networks are organized as a stack of layers or levels, each one built upon the one below it. The number of layers, the name of each layer, the contents of each layer, and the function of each layer differ from network to network. The purpose of each layer is to offer certain services to the higher layers, shielding those layers from the details of how the offered services are actually implemented. In a sense, each layer is a kind of virtual machine, offering certain services to the layer above it. That is the rules and conventions used in the conversations collectively known as a protocol. This concept is actually a familiar one and used throughout computer science, where it is variously known as information hiding, abstract data types, data encapsulation, and object-oriented programming. The fundamental idea is that a particular piece of software (or hardware) provides a service to its users but keeps the details of its internal state and algorithms hidden from them. Layer n on one machine carries on a conversation with layer n on another machine. The rules and conventions used in this conversation are collectively known as the layer n protocol. Basically, a protocol is an agreement between the communicating parties on how communication is to proceed. Violating the protocol will make communication more difficult, if not completely impossible. A five-layer network is illustrated in figure 2.1. The entities comprising the corresponding layers on different machines are called peers. It is the peers that communicate using the protocol. In reality, no data are directly transferred from layer n on one machine to layer n on another machine. Instead the data and control information is passed to the layer immediately below it, until it reaches the lowest layer. This lowest layer is usually referred as physical layer, which interfaces directly with the physical medium. The virtual communication is indicated by dotted lines and physical communication by solid lines in figure 2.1 Each Question carries FIFTEEN Marks

Figure 2.1: Layers, protocols and interfaces Between each pair of adjacent layers there is an interface. The interface defines which primitive operations and services the lower layer offers to the upper one. When network designers decide how many layers to include in a network and what each one should do, one of the most important considerations is defining clean interfaces between the layers. Doing so, in turn, requires that each layer perform a specific collection of well-understood functions. In addition to minimizing the amount of information that must be passed between layers, clearcut interfaces also make it simpler to replace the implementation of one layer with a completely different implementation (e.g., all the telephone lines are replaced by satellite channels) because all that is required of the new implementation is that it offer exactly the same set of services to its upstairs neighbor as the old implementation did. In fact, it is common that different hosts use different implementations. The set of layers and protocols is called Network architecture. A list of protocols used by a system is called a protocol stack. The subjects of network architectures, protocol stacks, and the protocols themselves are the principal topics of this book.

Figure 2.2: Communication of information in a five-layer network. Consider the communication between two hosts using a five-layer network. Let M be the source message produced by the application process running at layer 5. This message is to be transmitted to the layer 5 of the destination machine. This message is given to layer 4 for transmission as shown in Figure 2.2. Layer 4 puts a header for identification in front of the message and passes it to lower layer 3. The header includes control information, such as sequence numbers, to allow layer 4 on the destination machine to deliver messages in the right order if the lower layers do not maintain sequence. In some layers, headers can also contain sizes, times, and other control fields. There might be limit on the size of the message and hence messages can also be segmented. In many networks, there is no limit to the size of messages transmitted in the layer 4 protocol, but there is nearly always a limit imposed by the layer 3 protocol. Consequently, layer 3 must break up the

incoming messages into smaller units, packets, prepending layer 3 headers to each packet. In this example, M is split into two parts, M1 and M2. Layer 3 decides which of the outgoing lines to use and passes the packets to layer 2. Layer 2 adds not only a header to each piece, but also a trailer, and gives the resulting unit to layer 1 for physical transmission. Thus the message reaches the lowest layer where it is transmitted through the physical medium. The actual flow of the message from the top layer of source machine to the top layer of the destination machine is illustrated in figure 2.2. The message has to be delivered in proper sequence to the layers of the destination machine. At the receiving machine the message moves upward, from layer to layer, with the headers being stripped off as it progresses by the appropriate layers. Note that none of the headers for layers below n are passed up to layer n. The important thing is to see the relation of actual flow and virtual flow, the different protocols and interfaces. Even though we refer network software for the design of all layers, the lower layers are implemented in hardware or firmware. Design Issues for the Layers There are some key design issues that are to be considered in computer networks. Every layer needs a mechanism for identifying senders and receivers. As many computers are normally connected in networks, few of which have multiple processes. A means for a process on one machine is needed to specify with whom it wants to communicate to. Thus some form of addressing scheme is to be devised. Another design issue is data transmission modes. It concerns the rules for the data transfer. The systems can use serial or parallel transmission, synchronous or Asynchronous transmission, simplex or duplex transmission. The protocol also must determine how many logical channels the connection corresponds to and what their priorities are. Another major design issue is Error Control techniques as physical circuits are not perfect. Some of the error detecting or correcting codes are to be used at both the ends of the connection. At the same time we need to consider Flow Control techniques is necessary to keep a fast sender from swamping a slow receiver. Some systems use some kind of feedback from receiver, which is useful to limit the transmission rate. It is inconvenient or expensive to set up separate connection for each pair of communicating processes. Same connection can be used by multiple & unrelated conversation. Thus we need to focus on Multiplexing and de-multiplexing techniques as one of the design issue. Multiplexing is needed in the physical layer, where all the traffic for all connections has to be sent over at most a few physical circuits. When there are multiple paths between the source and destination the complexity lies in finding the best, optimum and shortest path. Hence to find optimum path we need Routing schemes. Apart from these some of the design issues can be related to security, compression techniques and so on. Merits and de-merits of Layered Architecture Advantages of Layered Architecture Any given layer can be modified or upgraded without affecting the other layers. Modulazition by means of layering simplifies the overall design. Different layers can be assigned to different standards, committees, and design teams. Mechanisms like packet-switching, circuit-switching may be used without effecting more than one layer. Different machines may be plugged in at different layers. The relation between different control functions can be better understood.

 Common lower levels may be shared by different higher levels. Functions (especially at lower levels) may be removed from software to hardware and micro-codes. Increases the compatibility of different machines. Disadvantages of Layered Architecture Total overhead is higher. Two communicating machines may have to use certain functions which they could do without layers. As technology changes, the functions may not be in the most cost-effective layer. Connection-Oriented and Connectionless Services Layers can offer two types of services to the layers above them. They are Connection oriented and Connection less. Connection oriented service is modeled after telephone system. To use this service, the service user first establishes a connection, uses the connection and then releases the connection. In most of the cases the order is preserved so that bits arrive at receiver in the same order as they were sent by the transmitter. In some cases when a connection is established the source, the subnet, and the receiver conduct negotiation of certain parameters like the maximum size of the message, quality of service (QoS) required and other issues. We have another type of service called Connection less service. This is modeled after the postal system. Here each message carries the full destination address, and each one is routed through the system independent of each others. Here messages may not arrive at the receiver in the same order as they were sent, as it depends on the route each message takes on the way to the destination. Six different types of services are summarized in table 2.1.

Table 2.1: Comparisons of different services Service Primitives A service is formally specified by a set of primitives or operations available to the user to access the service. These primitives tell the service to perform some action or report an action taken by the peer entity. The primitives for the connection-oriented service are given in table 2.2.

Table 2.2: Service primitives for a connection oriented service Communication in a simple client server model using the above service primitives is illustrated in figure 2.3. First the server executes the LISTEN to indicate that is ready to accept incoming connections. The client executes CONNECT (1) to establish the connection with the server. The server now unblocks the listener and sends back an acknowledgement (2). Thus the connection is established.

Figure 2.3: Simple client server model on a connection oriented network The next step for a server is to executes a RECEIVE (3) to prepare to accept the first request. The arrival of the request packet unblocks the server so that it can process the request. After it has done the work it uses SEND (4) to answer to the client. It all the data transfer is done then it can use DISCONNECT (5) suspending the client. When the server gets this packet, it also issues a DISCONNECT (6) and when it reaches the client, the client process is releases and the connection is broken. In the process packets may get lost, timings may be wrong, many other complex issues.

The Relationship of Services to Protocols

Figure 2.4: Relationship between the service and protocols A service is a set of primitives that a layer provides to the layer above it. The service defines what operation the layer is prepared to perform on behalf of its users. It says nothing about the implementation of these operations. A protocol is a set of rules governing the format and meaning of the packets, or messages that are exchanged by the peer entities within a layer. Figure 2.4 illustrates the relationship of services to protocols. Entities use protocols to implement their service primitives. Protocols relate to the packets sent between entities. b. Reference models There are two important network architectures. They are ISO-OSI reference model and TCP/IP reference model. These two are discussed below. The OSI Reference Model This reference model is proposed by International standard organization (ISO) as a a first step towards standardization of the protocols used in various layers in 1983 by Day and Zimmermann. This model is called Open system Interconnection (OSI) reference model. It is referred OSI as it deals with connection open systems. That is the systems are open for communication with other systems. It consists of seven layers.

Layers of OSI Model

Figure 2.5: ISO OSI Reference Model The ISO-OSI reference model is as shown in figure 2.5. Each layer of the ISO-OSI reference model are discussed below: 1. Physical Layer This layer is the bottom most layer that is concerned with transmitting raw bits over the communication channel (physical medium). The design issues have to do with making sure that when one side sends a 1 bit, it is received by other side as a 1 bit, and not as a 0 bit. It performs direct transmission of logical information that is digital bit streams into physical phenomena in the form of electronic pulses. Modulators/demodulators are used at this layer. The design issue here largely deals with mechanical, electrical, and procedural interfaces, and the physical transmission medium, which lies below this physical layer. In particular, it defines the relationship between a device and a physical medium. This includes the layout of pins, voltages, and cable specifications. Hubs, repeaters, network adapters and Host Bus Adapters (HBAs used in Storage Area Networks) are physical-layer devices. The major functions and services performed by the physical layer are: Establishment and termination of a connection to a communications medium. Participation in the process whereby the communication resources are effectively shared among multiple users. For example, contention resolution and flow control. Modulation, is a technique of conversion between the representation of digital data in user equipment and the corresponding signals transmitted over a communications channel. These are signals operating over the physical cabling (such as copper and fiber optic) or over a radio link. Parallel SCSI buses operate in this layer. Various physical-layer Ethernet standards are also in this layer; Ethernet incorporates both this layer and the data-link layer. The same applies to other local-area networks, such as Token ring, FDDI, and IEEE 802.11, as well as personal area networks such as Bluetooth and IEEE 802.15.4. 2. Data Link Layer The Data Link layer provides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the Physical layer. That is it makes sure that the message indeed reach the other end without corruption or without signal distortion and noise. It accomplishes this task by having the sender break the input data up into the frames called data frames. The DLL of transmitter, then transmits the frames sequentially, and processes

acknowledgement frames sent back by the receiver. After processing acknowledgement frame, may be the transmitter needs to re-transmit a copy of the frame. So therefore the DLL at receiver is required to detect duplications of frames. The best known example of this is Ethernet. This layer manages the interaction of devices with a shared medium. Other examples of data link protocols are HDLC and ADCCP for point-to-point or packetswitched networks and Aloha for local area networks. On IEEE 802 local area networks, and some nonIEEE 802 networks such as FDDI, this layer may be split into a Media Access Control (MAC) layer and the IEEE 802.2 Logical Link Control (LLC) layer. It arranges bits from the physical layer into logical chunks of data, known as frames. This is the layer at which the bridges and switches operate. Connectivity is provided only among locally attached network nodes forming layer 2 domains for unicast or broadcast forwarding. Other protocols may be imposed on the data frames to create tunnels and logically separated layer 2 forwarding domain. The data link layer might implement a sliding window flow control and acknowledgment mechanism to provide reliable delivery of frames; that is the case for SDLC and HDLC, and derivatives of HDLC such as LAPB and LAPD. In modern practice, only error detection, not flow control using sliding window, is present in modern data link protocols such as Point-to-Point Protocol (PPP), and, on local area networks, the IEEE 802.2 LLC layer is not used for most protocols on Ethernet, and, on other local area networks, its flow control and acknowledgment mechanisms are rarely used. Sliding window flow control and acknowledgment is used at the transport layers by protocols such as TCP. 3. Network Layer The Network layer provides the functional and procedural means of transferring variable length data sequences from a source to a destination via one or more networks while maintaining the quality of service requested by the Transport layer. The Network layer performs network routing functions, and might also perform fragmentation and reassembly, and report delivery errors. Routers operate at this layer sending data throughout the extended network and making the Internet possible. This is a logical addressing scheme values are chosen by the network engineer. The addressing scheme is hierarchical. The best known example of a layer 3 protocol is the Internet Protocol (IP). Perhaps its easier to visualize this layer as managing the sequence of human carriers taking a letter from the sender to the local post office, trucks that carry sacks of mail to other post offices or airports, airplanes that carry airmail between major cities, trucks that distribute mail sacks in a city, and carriers that take a letter to its destinations. Think of fragmentation as splitting a large document into smaller envelopes for shipping, or, in the case of the network layer, splitting an application or transport record into packets. The major tasks of network layer are listed It controls routes for individual message through the actual topology. Finds the best route. Finds alternate routes. It accomplishes buffering and deadlock handling. 4. Transport Layer The Transport layer provides transparent transfer of data between end users, providing reliable data transfer while relieving the upper layers of it. The transport layer controls the reliability of a given link through flow control, segmentation/de-segmentation, and error control. Some protocols are state and connection oriented. This means that the transport layer can keep track of the segments and retransmit those that fail. The best known example of a layer 4 protocol is the Transmission Control Protocol (TCP). The transport layer is the layer that converts messages into TCP segments or User Datagram Protocol (UDP), Stream Control Transmission Protocol (SCTP), etc. packets. Perhaps an easy way to visualize the Transport Layer is to compare it with a Post Office, which deals with the dispatch and classification

of mail and parcels sent. Do remember, however, that a post office manages the outer envelope of mail. Higher layers may have the equivalent of double envelopes, such as cryptographic Presentation services that can be read by the addressee only. Roughly speaking, tunneling protocols operate at the transport layer, such as carrying non-IP protocols such as IBMs SNA or Novells IPX over an IP network, or end-to-end encryption with IP security (IP sec). While Generic Routing Encapsulation (GRE) might seem to be a network layer protocol, if the encapsulation of the payload takes place only at endpoint, GRE becomes closer to a transport protocol that uses IP headers but contains complete frames or packets to deliver to an endpoint. The major tasks of Transport layer are listed below: It locates the other party It creates a transport pipe between both end-users. It breaks the message into packets and reassembles them at the destination. It applies flow control to the packet stream. 5. Session Layer The Session layer controls the dialogues/connections (sessions) between computers. It establishes, manages and terminates the connections between the local and remote application. It provides for either full-duplex or half-duplex operation, and establishes check pointing, adjournment, termination, and restart procedures. The OSI model made this layer responsible for "graceful close" of sessions, which is a property of TCP, and also for session check pointing and recovery, which is not usually used in the Internet protocols suite. The major tasks of session layer are listed It is responsible for the relation between two end-users. It maintains the integrity and controls the data exchanged between the end-users. The end-users are aware of each other when the relation is established (synchronization). It uses naming and addressing to identify a particular user. It makes sure that the lower layer guarantees delivering the message (flow control). 6. Presentation Layer The Presentation layer transforms the data to provide a standard interface for the Application layer. MIME encoding, data encryption and similar manipulation of the presentation are done at this layer to present the data as a service or protocol developer sees fit. Examples of this layer are converting an EBCDIC-coded text file to an ASCII-coded file, or serializing objects and other data structures into and out of XML. The major tasks of presentation layer are listed below: It translates the language used by the application layer. It makes the users as independent as possible, and then they can concentrate on conversation. 7. Application Layer (end users) The application layer is the seventh level of the seven-layer OSI model. It interfaces directly to the users and performs common application services for the application processes. It also issues requests to the presentation layer. Note carefully that this layer provides services to user-defined application processes, and not to the end user. For example, it defines a file transfer protocol, but the end user must go through an application process to invoke file transfer. The OSI model does not include human interfaces.

The common application services sub layer provides functional elements including the Remote Operations Service Element (comparable to Internet Remote Procedure Call), Association Control, and Transaction Processing (according to the ACID requirements). Above the common application service sub layer are functions meaningful to user application programs, such as messaging (X.400), directory (X.500), file transfer (FTAM), virtual terminal (VTAM), and batch job manipulation (JTAM). The TCP/IP Reference Model The TCP/IP reference model is the network model used in the current Internet architecture. It was created in the 1970s by DARPA for use in developing the Internets protocols, and the structure of the Internet is still closely reflected by the TCP/IP model. It has fewer, less rigidly defined layers than the commonly referenced OSI model, and thus provides an easier fit for real world protocols. It is considered as the grandfather of the Internet, the ARPANET. This was a research network sponsored by the Department of Defense in the United States. A goal was of continuing the conversation between source and destination even if transmission went out of operation. The reference model was named after two of its main protocols, TCP (Transmission Control Protocol) and IP (Internet Protocol). No document officially specifies the model. Different names are given to the layers by different documents, and different numbers of layers are shown by different documents. There are versions of this model with four layers and with five layers. The original four-layer version of the model has layers as shown in figure 2.7. It consists of the following four layers Layer 4 Process Layer or Application Layer: This is where the "higher level" protocols such as FTP, HTTP, etc. operate. The original TCP/IP specification described a number of different applications that fit into the top layer of the protocol stack. These applications include Telnet, FTP, SMTP and DNS. These are illustrated in figure 2.10. Telnet is a program that supports the TELNET protocol over TCP. TELNET is a general two-way communication protocol that can be used to connect to another host and run applications on that host remotely. FTP (File Transfer Protocol) is a protocol that was originally designed to promote the sharing of files among computer users. It shields the user from the variations of file storage on different architectures and allows for a reliable and efficient transfer of data. SMTP (Simple Mail Transport Protocol) is the protocol used to transport electronic mail from one computer to another through a series of other computers along the route. DNS (Domain Name System) resolves the numerical address of a network node into its textual name or vice-versa. It would translate www.yahoo.com to 204.71.177.71 to allow the routing protocols to find the host that the packet is destined for. Layer 3 Host-To-Host (Transport) Layer: This is where flow-control and connection protocols exist, such as TCP. This layer deals with opening and maintaining connections, ensuring that packets are in fact received. The transport layer is the interface between the application layer and the complex hardware of the network. It is designed to allow peer entities on the source and destination hosts to carry on conversations. Data may be user data or control data. Two modes are available, full-duplex and half duplex. In full-duplex operation, both sides can transmit and receive data simultaneously, whereas in half duplex, a side can only send or receive at one time. Layer 2 Internet or Internetworking Layer: This layer defines IP addresses, with many routing schemes for navigating packets from one IP address to another. The job of the network layer is to inject packets into any network and have them travel independently to the destination. The layer defines IP (Internet Protocol) for its official packet format and protocol. Packet routing is a major job of this protocol.

 Layer 1 Network Access Layer: This layer describes the physical equipment necessary for communications, such as twisted pair cables, the signalling used on that equipment, and the low-level protocols using that signalling. The Host-toNetwork layer interfaces the TCP/IP protocol stack to the physical network. The TCP/IP reference model does not specify in any great detail the operation of this layer, except that the host has to connect to the network using some protocol so it can send IP packets over it. As it is not officially defined, it varies from implementation to implementation, with vendors supplying their own version.

Figure 2.7: TCP/IP Network Protocol The basic idea of the networking system is to allow one application on a host computer to talk to another application on a different host computer. The application forms its request, then passes the packet down to the lower layers, which add their own control information, either a header or a footer, onto the packet. Finally the packet reaches the physical layer and is transmitted through the cable onto the destination host. The packet then travels up through the different layers, with each layer reading, deciphering, and removing the header or footer that was attached by its counterpart on the originating computer. Finally the packet arrives at the application it was destined for. Even though technically each layer communicates with the layer above or below it, the process can be viewed as one layer talking to its partner on the host. The relations of all protocols that reside in corresponding layers are as shown in figure 2.10.

Figure 2.10: Protocols in TCP/IP reference model. c. Network standardization Network standardization is a definition that has been approved by a recognized standards organization. Standards exist for programming languages, operating systems, data formats, communications protocols, and electrical interfaces. Two categories of standards: De facto (Latin for from the fact) standards:

These are those that have just happened without any formal plan. These are formats that have become standard simply because a large number of companies have agreed to use them. They have not been formally approved as standards E.g., IBM PC for small office computers, UNIX for operating systems in CS departments. PostScript is a good example of a de facto standard. De jure (Latin for by law) standards: These are formal legal standards adopted by some authorized standardization body. Two classes of standard organizations Organizations established by treaty among national governments. Voluntary, nontreaty organizations. From a users standpoint, standards are extremely important in the computer industry because they allow the combination of products from different manufacturers to create a customized system. Without standards, only hardware and software from the same company could be used together. In addition, standard user interfaces can make it much easier to learn how to use new applications. Most official computer standards are set by one of the following organizations: ANSI (American National Standards Institute) ITU (International Telecommunication Union) IEEE (Institute of Electrical and Electronic Engineers) ISO (International Standards Organization) VESA (Video Electronics Standards Association) Benefits of standardization: Allow different computers to communicate. Increase the market for products adhering to the standard.

2. Discuss the following Switching Mechanisms: a. Circuit switching b. Message switching c. Packet switching Ans: a. Circuit switching A circuit switching network is one that establishes a dedicated circuit (or channel) between nodes and terminals before the users may communicate. Each circuit that is dedicated cannot be used by other callers until the circuit is released and a new connection is set up. Even if no actual communication is taking place in a dedicated circuit then, that channel still remains unavailable to other users. Channels that are available for new calls to be set up are said to be idle. Circuit switching is used for ordinary telephone calls. It allows communications equipment and circuits, to be shared among users. Each user has sole access to a circuit (functionally equivalent to a pair of copper wires) during network use.

Figure 4.5: (a) circuit switching (b) packet switching For call setup and control (and other administrative purposes), it is possible to use a separate dedicated signalling channel from the end node to the network. ISDN is one such service that uses a separate signalling channel. The method of establishing the connection and monitoring its progress and termination through the network may also utilize a separate control channel. Circuit switching can be relatively inefficient because capacity is wasted on connections which are set up but are not in continuous use (however momentarily). On the other hand, the connection is immediately available and capacity is guaranteed until the call is disconnected Communication using circuit switching involves three phases discussed below: 1. Connection establishment: Before any signal can be transmitted, an end to end circuit must be established. 2. Data transfer: Information can now be transmitted from source through the network to the destination using the dedicated path established. 3. Termination: After some period of data transfer, the connection is terminated Consider communication between two points A and D in a network as shown in fig. 4.6. The connection between A and D is provided using (shared) links between two other pieces of equipment, B and C.

Figure 4.6: A four node and 3 link network Network use is initiated by a connection phase, during which a circuit is set up between source and destination, and terminated by a disconnect phase as listed above. These phases, with associated timings, are illustrated in the figure 4.7.

Figure 4.7: A circuit switched connection between A and D (Information flows in two directions. Information sent from the calling end is shown in grey and information returned from the remote end is shown in black) After a user requests a circuit, the desired destination address must be communicated to the local switching node (B). In a telephony network, this is achieved by dialing the number. Node B receives the connection request and identifies a path to the destination (D) via an intermediate node (C). This is followed by a circuit connection phase handled by the switching nodes and initiated by allocating a free circuit to C (link BC), followed by transmission of a call request signal from node B to node C. In turn, node C allocates a link (CD) and the request is then passed to node D after a similar delay. The circuit is then established and may be used. While it is available for use, resources (i.e. in the intermediate equipment at B and C) and capacity on the links between the equipment are dedicated to the use of the circuit. After completion of the connection, a signal confirming circuit establishment (a connect signal in the diagram) is returned; this flows directly back to node A with no search delays since the circuit has been established. Transfer of the data in the message then begins. After data transfer, the circuit is disconnected; a simple disconnect phase is included after the end of the data transmission. Delays for setting up a circuit connection can be high, especially if ordinary telephone equipment is used. Call setup time with conventional equipment is typically on the order of 5 to 25 seconds after completion of dialing. New fast circuit switching techniques can reduce delays. Trade-offs between circuit switching and other types of switching depend strongly on switching times. b. Message switching Message switching was the precursor of packet switching, where messages were routed in their entirety and one hop at a time. It was first introduced by Leonard Kleinrock in 1961. Message switching systems are nowadays mostly implemented over packet-switched or circuit-switched data networks Hop-by-hop Telex forwarding are examples of message switching systems. E-mail is another example of a message switching system. When this form of switching is used, no physical path is established in advance in between sender and receiver. Instead, when the sender has a block of data to be sent, it is stored in the first switching office (i.e. router) then forwarded later at one hop at a time. Each block is received in its entity form, inspected for errors and then forwarded or re-transmitted. It is a form of store-and-forward network. Data is transmitted into the network and stored in a switch. The network transfers the data from switch to switch when it is convenient to do so, as such the data is not transferred in real-time. Blocking can not occur, however, long delays can happen. The source and destination terminal need not be compatible, since conversions are done by the message switching networks. Again consider a connection of a network shown in figure 4.6. For instance, when a telex (or email) message is sent from A to D, it first passes over a local connection (AB). It is then passed at some later time to C (via link BC), and from there to the destination (via link CD). At each message switch, the received message is stored, and a connection is subsequently made to deliver the message to the neighboring message switch. Message switching is also known as store-and-forward switching since the messages are stored at intermediate nodes en route to their destinations.

Figure 4.8: Message switching to communicate between A and D The figure 4.8 illustrates message switching; transmission of only one message is illustrated for simplicity. As the figure indicates, a complete message is sent from node A to node B when the link interconnecting them becomes available. Since the message may be competing with other messages for access to facilities, a queuing delay may be incurred while waiting for the link to become available. The message is stored at B until the next link becomes available, with another queuing delay before it can be forwarded. It repeats this process until it reaches its destination. Circuit setup delays are replaced by queuing delays. Considerable extra delay may result from storage at individual nodes. A delay for putting the message on the communications link (message length in bits divided by link speed in bps) is also incurred at each node enroute. Message lengths are slightly longer than they are in circuit switching, after establishment of the circuit, since header information must be included with each message; the header includes information identifying the destination as well as other types of information. Most message switched networks do not use dedicated point-to-point links. c. Packet switching Packet switching splits traffic data (for instance, digital representation of sound, or computer data) into chunks, called packets. Packet switching is similar to message switching. Any message exceeding a network-defined maximum length is broken up into shorter units, known as packets, for transmission. The packets, each with an associated header, are then transmitted individually through the network. These packets are routed over a shared network. Packet switching networks do not require a circuit to be established and allow many pairs of nodes to communicate almost simultaneously over the same channel. Each packet is individually addressed precluding the need for a dedicated path to help the packet find its way to its destination. Packet switching is used to optimize the use of the channel capacity available in a network, to minimize the transmission latency (i.e. the time it takes for data to pass across the network), and to increase robustness of communication. Again consider the same network as shown in figure 4.6. Now the message of figure 4.8 is broken into three small units called packets and labeled 1-3 as illustrated in figure 4.9.

Figure 4.9: Packet-switched communication between A and D The most well-known use of packet switching is the Internet. The Internet uses the Internet protocol suite over a variety of data link layer protocols. For example, Ethernet and Frame relay are very common. Newer mobile phone technologies (e.g., GPRS, I-mode) also use packet switching. Packet switching is also called connectionless networking because no connections are established There are two important benefits from packet switching. 1. The first and most important benefit is that since packets are short, the communication links between the nodes are only allocated to transferring a single message for a short period of time while

transmitting each packet. Longer messages require a series of packets to be sent, but do not require the link to be dedicated between the transmission of each packet. The implication is that packets belonging to other messages may be sent between the packets of the message being sent from A to D. This provides a much fairer sharing of the resources of each of the links. 2. Another benefit of packet switching is known as "pipelining". Pipelining is visible in the figure above. At the time packet 1 is sent from B to C, packet 2 is sent from A to B; packet 1 is sent from C to D while packet 2 is sent from B to C, and packet 3 is sent from A to B, and so forth. This simultaneous use of communications links represents a gain in efficiency; the total delay for transmission across a packet network may be considerably less than for message switching, despite the inclusion of a header in each packet rather than in each message.

Book ID: B0814 3. Explain the different classes of IP addresses with suitable examples. Ans: a. In order to provide the flexibility required to support different size networks. The designers decided that the IP address space should be divided into five different address classes. They are 1. Class A 2. Class B 3. Class C 4. Class D 5. Class E Primary addresses Out of five the three classes are called Class A, Class B, and Class C. These three classes together are often referred to as "classful" addressing or primary address class.

Fig. 2.1(a): Principle Classful IP Address Formats Each class fixes the boundary between the network-prefix and the host-number at a different point within the 32-bit address. The formats of the fundamental address classes are illustrated in Figure 2.1(a). One of the fundamental features of classful IP addressing is that each address contains a selfencoding key that identifies the dividing point between the network-prefix and the host-number. Class A Networks (/8 Prefixes) Each Class A network address has an 8-bit network-prefix with the highest order bit set to 0 and a seven-bit network number, followed by a 24-bit host-number. Today, it is no longer considered modern to refer to a Class A network. Class A networks are now referred to as "/8s" (pronounced "slash eight" or just "eights") since they have an 8-bit network-prefix.

A maximum of 126 (2 -2) /8 networks can be defined as shown in figure 2.1(b). The calculation requires that the 2 is subtracted because the /8 network 0.0.0.0 is reserved for use as the default route and the /8 network 127.0.0.0 (also written 127/8 or 127.0.0.0/8) has been reserved for the "loop back" 24 function. Each /8 supports a maximum of 16,777,214 (2 -2) hosts per network. The host calculation requires that 2 is subtracted because the all-0s ("this network") and all-1s ("broadcast") host-numbers may not be assigned to individual hosts. Since the/8 address block contains 2 (2,147,483,648) individual addresses and the IPv4 address 32 space contains a maximum of 2 (4,294,967,296) addresses, the /8 address space is 50% of the total IPv4 unicast address space. Class B Networks (/16 Prefixes) Each Class B network address has a 16-bit network-prefix with the two highest order bits set to 1-0 and a 14-bit network number, followed by a 16-bit host-number as illustrated in figure 2.1(b). Class B networks are now referred to as"/16s" since they have a 16-bit network-prefix. A maximum of 16,384 (2 ) /16 networks can be defined with up to 65,534 (2 -2) hosts per network. 30 Since the entire /16 address block contains 2 (1,073,741,824) addresses, it represents 25% of the total IPv4 unicast address space. Class C Networks (/24 Prefixes) Each Class C network address has a 24-bit network-prefix with the three highest order bits set to 1-1-0 and a 21-bit network number, followed by an 8-bit host-number as shown in figure 2.1(b). Class C networks are now referred to as "/24s" since they have a 24-bit network-prefix. A maximum of 2,097,152 21 8 (2 ) /24 networks can be defined with up to 254 (2 -2) hosts per network. Since the entire /24 address 29 block contains 2 (536,870,912) addresses, it represents 12.5% (or 1/8th) of the total IPv4 unicast address space. 2.4.5 Other Classes In addition to the three most popular classes, there are two additional classes as shown in figure 2.1 (b). This figure also shows the way we can distinguish these Classes of IP addresses from each other. Class D Networks These addresses have their leading four-bits set to 1-1-1-0 and the remaining 28 bits are used to support IP Multicasting. Class E addresses They have their leading four-bits set to 1-1-1-1 and are reserved for experimental use or future use.
14 16 31

Fig. 2.1(b): Class C and Class D addressing along with Class A, B & C

4. Discuss the following with respect to Internet Control Message Protocols: a. Congested and Datagram Flow control

b. Route change requests from routers c. Detecting circular or long routes Ans: a. Congested and Datagram Flow control As IP is a connectionless, a router cannot reserve communication resources or memory in advance of receiving datagram. Hence routers can be overrun with traffic. This situation is called network congestion or simply congestion. Congestion arises because of two reasons: 1. A high speed computer generating traffic faster than a network can transfer 2. The datagram may need to cross a slower speed WAN . When datagram arrive at host or router to process at faster rate, it enqueues them in memory temporarily. So for small bursts temporary memory solves the problem. But if the traffic continues the memory will be exhausted and results in discarding the datagram. A machine uses ICMP source quench messages to report to the original source. It is request for the source to reduce its current rate of the datagram transmission. In general a router sends one source quench message for every datagram that they discard. There is no ICMP message to reverse the effect of a source quench. As soon as any host gets this source quench message, it lowers the rate at which the datagram it sends to that destination until it stops getting source quench messages. It then gradually increases the rate as long as further source quench messages are not received. Source quench format

Figure 5.5 source quench message format The format of source quench message is as shown in figure 5.5. It contains the TYPE field equal to 4 and CODE filed equal to 0. it contains a datagram prefix. As most ICMP messages report an error, the datagram prefix field contains a prefix of the datagram that triggered the source quench request. A congested router discards the datagram, sends one source quench request and the datagram prefix in source quench message identifies the datagram that was dropped. b. Route change requests from routers Routers are assumed to know the correct routes. Host begins with minimal routing information and learns new routes from routers. Hosts initialize the Internet routing tables from a configuration file at system startup, system administrators make routing changes during normal operations. Whenever the network topology changes, routing tables in routers or host may become incorrect. Routers exchange routing information periodically to accommodate network changes and keep their routes up-to-date. When a router detects a host using non optimal route, it sends the host an ICMP message called redirect, requesting that the host must change its route to that specific destination. The router also forwards the original datagram.

Redirect message format The Format for RE-DIRECT message as shown in figure 5.6. it contains the TYPE field with value equal to 5. It contains a 32-bit ROUTER INTERNET ADDRESS field. It specifies address of the router that the host is to use to reach the destination mentioned in the datagram. INTERNET HEADER which is also a 32bit contains an IP header plus 64 bits of the datagram that invokes the message. A host that receives ICMP redirect message examines the datagram prefix to determine the datagrams destination address.

Figure 5.6 Redirect message format The CODE field is 8-bit long specifies how to interpret the destination address based on the values which is illustrated in table 5.2. Table 5.2: Code value of redirect message CODE Value 0 1 2 Meaning Redirect datagram for the Net Redirect datagram for the host Redirect datagram for the type of service and Net Redirect datagram for the type of service and Host

ICMP redirect message is sent to hosts only and not to routers. c. Detecting circular or long routes Internet routers use routing tables and error in routing table can produce routing cycle. A routing cycle can consists of two or more routers in which the datagram is circulated among themselves only. Once a datagram enters a routing cycle it will pass around the cycle endlessly. To prevent this each datagram consists of time to live field in IP header sometimes it is also referred to as hop count. A router decrements this time to live counter when ever it processes a datagram and discards the datagram when this counter hits zero. Whenever a datagram is discarded by a router because of counter time out it sends an ICMP time exceeded message back to the source of the discarded datagram.

Time exceeded message format

Figure 5.7 Time exceeded message format The format for Time exceeded message is as shown in figure 5.7. A router sends this message whenever a datagram is discarded because 1. Time to live field of IP datagram header has reached zero. 2. re-assembling timer expires while waiting for more fragments of that datagram It uses TYPE field value equal to 11. It supports two values for CODE filed 0 and 1 to specify the nature of time out being reported according to the list shown in table 5.3. Table 5.3 Code value of Time exceeded message CODE Value Meaning 0 1 Time to live count of IP datagram exceeded Fragment re-assembling timer exceeded

Winter 2011 Master of Computer Application (MCA) Semester 3 MC0075 Computer Networks 4 Credits (Book ID: B0813 & B0814) Assignment Set 2 (60 Marks) Answer all Questions Book ID: B0813 1. Discuss the following design issues of DLL: a. Framing b. Error control c. Flow control Ans: a. Framing The DLL translates the physical layers raw bit stream into discrete units (messages) called frames. That is because the physical layer just accepts a raw bit stream and to deliver it to the destination. This bit stream is not guaranteed to be error free. The number of bits received may be less than, equal to, or more than the number of bits transmitted. They may also have different values. It is up to DLL to detect and if necessary correct errors. If not correct at least detect errors and take proper action like ask for retransmission etc. The usual approach of DLL is to break the bit stream up into discrete frames and then for the purpose of error detection or correction, it uses some coding technique that finds some checksum for each frame. When a frame arrives at the destination, the checksum is recomputed. If the newly computed checksum is different from the one contained in the frame, the DLL knows that an error has occurred and takes steps to deal with it. Now the question is how can the receiver detect frame boundaries? That is, how can the receiver recognize the start and end of a frame? Thus breaking the bit streams up into frames is more difficult than it appears to be. One way is to insert time gaps between frames, much like spaces used between words in ordinary text. But hardly networks make any guarantees about timings, since it is too risky to count on timings to mark start and end of each frame, other framing techniques have been devised and discussed below. Here in this unit we discuss four methods, that are used or even combinations of these methods are used in different protocols. 1. Length Count: Make the first field in the frames header be the length of the frame. Each Question carries FIFTEEN Marks

Figure 6.2: A character stream without errors The technique is illustrated as shown in figure 6.2 for three frames. The three frames are sizes 6, 5, and 4 respectively and are indicated as character count. That way the receiver knows how big the current frame is and can determine where the next frame ends. Disadvantage: Receiver loses synchronization when bits become garbled. This is also illustrated as shown in figure 6.3.

Figure 6.3: A character stream with one error

If the bits in the count become corrupted during transmission, the receiver will think that the frame contains fewer (or more) bits than it actually does. For example: if the character count of 5 of frame 2 is changed to charcter 6, the destination will get out of synchronization and considers that the next count is 8 instead of 4. Although checksum will detect the incorrect frames, the receiver will have difficulty resynchronizing to the start of a new frame. Thus subsequently all others frames also will be in error as it losses the start of the next all frames. Also the destination does not know how many characters to skip over to get to the start of the retransmission. This technique is not used anymore, since better techniques are available but it concept can be combined with other techniques and is used in some few protocols like length field used in Ethernet frame. 1. Character stuffing: This method gets around the problem of synchronization after an error by having each frame start and end with special bytes. This method operates on bytes. The special bytes are reserved characters to indicate the start and end of a frame. A serious problem occurs when binary data like floating point numbers or object programs are transmitted. In such cases For instance, use the two-character sequence DLE STX (Data-Link Escape, Start of TeXt) to signal the beginning of a frame, and the sequence DLE ETX (End of TeXt) to flag the frames end. Example 1: What happens if the two-character sequence DLE ETX happens to appear in the frame itself? Solution: Use character stuffing; within the frame, replace every occurrence of DLE with the twocharacter sequence DLE DLE. The receiver reverses the processes, replacing every occurrence of DLE DLE with a single DLE. Example 2: If the frame contained A B DLE D E DLE, the characters transmitted over the channel would be DLE STX A B DLE DLE D E DLE DLE DLE ETX. In past years the starting and ending bytes were different as discussed above (STX and ETX). But in recent years most protocols have used the same byte, called a flag byte, as both starting and ending delimiter as shown in figure 6.4. Thus in this way, if the receiver ever loses synchronization, it can just search for the flag bytes to find the end of the current frame. Two consecutive flag bytes indicate the end of one frame and the start of the next second (next) frame. A similar problem arises as discussed above when the data might contain flag bit pattern which usually interferes with the framing. same way as before we can solve this problem. The solution is to have sender DLL insert a special escape byte (ESC) just before each accidental flag byte in the data as shown in figure 3.4.

Figure 6.4: (a) A frame delimited by flags (b) examples before and after byte stuffing The DLL of destination machine upon receiving these frames removes the escape byte before the data are given to the network layer. This technique is called byte stuffing or charcter stuffing. Thus a framing flag byte can be distinguished from the one in the data by the absence or presence of an escape character before it. Example 3: What happens if an escape byte occurs in the middle of the data? Solution: As shown in figure 3.4, it is also stuffed with an escape byte. Thus a single byte is a part of an escape sequence, where as a doubled one indicates that a single escape occurred naturally in the data. Disadvantage: character is the smallest unit that can be operated on. That is smallest unit is 8-bits. And not all architectures are byte oriented. For example UNICODE uses 16 bit characters. 1. Bit Stuffing: This new technique allows data frames to contain an arbitrary number of bits and allows character codes of arbitrary number of bits per character. This method uses reserved bit patterns to indicate the start and end of a frame. For instance, use the 8-bit sequence of 01111110 also called as flag pattern to delimit consecutive frames. A frame consists of everything between two delimiters. Example 4: What happens if the reserved delimiter happens to appear in the frame itself? Solution: Use bit stuffing. Within the frame, replace every occurrence of five consecutive 1s with five ones followed by a zero bit.

Likewise, the receiver converts five consecutive 1s followed by a 0 into five 1s, but recognizes the 01111110 sequence as the end of the frame. Just as byte stuffing, the bit stuffing method is also completely transparent to the network layer. That is if the users data contains the flag pattern 01111110 it is transmitted as 011111010 but stored in the receivers memory as 01111110. Bit stuffing is illustrated with an example as shown in figure 6.5.

Figure 6.5: Bit stuffing By using bit stuffing, locating the start/end of a frame is easy, even when frames are damaged. The receiver simply scans arriving data for the reserved patterns. Moreover, the receiver will resynchronize quickly with the sender as to where frames begin and end, even when bits in the frame get garbled. Disadvantage: The main disadvantage with bit stuffing is the insertion of additional bits into the data stream, wasting bandwidth. How much expansion? The precise amount depends on the frequency in which the reserved patterns appear as user data. 1. Encoding Violations: This method is applicable only to the networks in which encoding on the physical medium contains some redundancy. That is send a signal that doesnt conform to any legal bit representation. In Manchester encoding, for instance, 1-bits are represented by a high-low sequence and 0-bits by low-high sequences. The start/end of a frame could be represented by the signal low-low or high-high. Advantage: Advantage of encoding violations is that no extra bandwidth is required as in bit-stuffing. The IEEE 802.4 standard uses this approach. Finally, some systems use a combination of these techniques. IEEE 802.3, for instance, has both a length field and special frame start and frame end patterns. b. Error control Error control is concerned with insuring that all frames are eventually delivered and possibly in order to a destination as they are sent from the source. How? Three items are required. Acknowledgements: Typically, reliable delivery is achieved using the acknowledgments with retransmission. Here the receiver returns a special acknowledgment (ACK) frame to the sender indicating the correct receipt of a frame. In some systems, the receiver also returns a negative acknowledgment (NACK) for incorrectlyreceived frames. This is nothing more than a hint to the sender so that it can retransmit a frame right away without waiting for a timer to expire.

Timers: One problem that simple ACK/NACK schemes fail to address is recovering from a frame that is lost, and as a result, fails to solicit an ACK or NACK. What happens if an ACK or NACK becomes lost? Retransmission timers are used to resend frames that dont produce an ACK. When sending a frame, schedule a timer to expire at some time after the ACK should have been returned. If the timer goes off, retransmit the frame. Sequence Numbers: Retransmissions introduce the possibility of duplicate frames. To suppress duplicates, add sequence numbers to each frame, so that a receiver can distinguish between new frames and old copies. In data communication, line noise is a fact of life (e.g., signal attenuation, natural phenomenon such as lightning, and the telephone repairman). Moreover, noise usually occurs as bursts rather than independent, single bit errors. For example, a burst of lightning will affect a set of bits for a short time after the lightning strike. Detecting and correcting errors requires redundancy sending additional information along with the data. c. Flow control Flow control deals with throttling the speed of the sender to match that of the receiver. Usually, this is a dynamic process, as the receiving speed depends on such changing factors as the load, and availability of buffer space. There are two approaches 1. feedback-based flow control 2. rate based flow control In feedback-based flow control, the receiver sends back information to the sender giving it permission to send more data or at least telling the sender how the receiver is doing.

In rate based flow control, the protocol has a built in mechanism that limits the rate at which senders may transmit the data without using feedback from the receiver. DLL deals implements the flow control using the feedback-based techniques. And Rate based flow control methods are not used in the data link layer.

2. Discuss the following with respect to Routing algorithms: a. Shortest path algorithm b. Flooding c. Distance vector routing Ans: a. Shortest path algorithm This technique is widely used because of its simplicity and easy to understand. It is a static algorithm. Consider a subnet given in figure 8.4 (a). Several algorithms for computing shortest path between the two nodes of a graph are known. We will be discussing the Dijkstra method.

Figure 8.4: The computation of shortest path *Note: The arrow in figure indicates the working node Each node of the graph is labeled with its distance from the source node along the best possible known path. Initially no paths are known, so all nodes are labeled with infinity. As the algorithm proceeds and paths are found, the labels change, reflecting better paths. A label may be either permanent or tentative. Initially all labels are tentative. When it is discovered that a label represents the shortest possible path from source to that node, it is made permanent and never changed later. Now referring to the figure 8.4, (a) is a directed graph where the metric used is a distance. The steps for finding the shortest path from A node to D node are illustrated in figure 8.4 from (b) to (f). To start with mark the node A as permanent indicated by darkening the node A as shown in above figure (a). Then we make changes at all the adjacent nodes of A, relabeling them with the distance to A. Then we examine the nodes that are labeled recently and then choose the node with the smallest label as permanent as shown in figure8.4 (b). Now examine all the adjacent nodes of B. If the sum of the label on B and the distance from B to the node being considered is less than the label on that node, we have a shorter path, so the node is relabeled. After all nodes adjacent to the working node have been inspected and tentative labels changed, the entire graph is searched for the tentatively labeled node with the smallest value. This node is made permanent. This method continues until the destination node is obtained. The steps are clearly indicated in figure 8.4 (c) to (f), and the shortest path is ABEFHD with distance equal to 10kms as metric. One way of measuring path length is the number of hops and another is the distance in kilometers. Many other metrics are possible like each arc labeled with the mean queuing and transmission delay for some standard test packets. With this graph labeling the shortest path is the fastest path. In general the labels on the arcs could be computed as a function of distance, bandwidth, average traffic, communication cost, mean queue length, measured delay and other factors. b. Flooding This is also a static algorithm in which every incoming packet is sent out on every outgoing line except the one it arrives on. This method usually generates vast number of duplicate packets. One measure to control the large number of duplicate packets is to have a hop counter contained in the header of each packet. This hop counter is decremented on every hop, and when it hits zero the packet is discarded. Initially the in worst case the hop counter may contain the value equal to the full diameter of the subnet. Another technique is to keep track of which packets have been flooded, to avoid sending them out for a second time. To achieve this we need to put a sequence number in each packet it receives from its hosts.

Each router then needs a list per source router telling which sequence numbers originating at that source have already been seen. If the incoming packet is on the list it is not flooded. The list is augmented by a counter to prevent it from growing without bound. A variation of flooding is selective flooding. Here packet is flooded not on every line but only in the right direction. Flooding is not practical in most applications. But it is widely used in military applications. It is used in situations where it is necessary to update all the data bases concurrently. It is used in wireless networks. Flooding always chooses the shortest path because it chooses every possible path in parallel. Hence no other algorithm can produce a shorter delay ignoring the overhead used for flooding. c. Distance vector routing It is a dynamic routing algorithm. Distance vector routing algorithm consists of a data structure called a routing table. Each router maintains a table. It is basically a vector that keeps track of best known distance to each destination and which line to use to get there. These tables are updated by exchanging information with the neighbors. Distance vector algorithms use the Bellman-Ford algorithm. This approach assigns a number, the cost, to each of the links between each node in the network. Nodes will send information from point A to point B via the path that results in the lowest total cost (i.e. the sum of the costs of the links between the nodes used). The algorithm operates in a very simple manner. When a node first starts, it only knows of its immediate neighbors, and the direct cost involved in reaching them. (This information, the list of destinations, the total cost to each, and the next hop to send data to get there, makes up the routing table, or distance table.) Each node, on a regular basis, sends to each neighbor its own current idea of the total cost to get to all the destinations it knows of. The neighboring node(s) examine this information, and compare it to what they already know; anything, which represents an improvement on what they already have, they insert in their own routing table(s). Over time, all the nodes in the network will discover the best next hop for all destinations, and the best total cost. When one of the nodes involved goes down, those nodes which used it as their next hop for certain destinations discard those entries, and create new routing-table information. They then pass this information to all adjacent nodes, which then repeat the process. Eventually all the nodes in the network receive the updated information, and will then discover new paths to all the destinations which they can still "reach". The metric used here is the number of hops, time delay in milliseconds, total number of packets queued along the path. Assuming the metric is delay, the router can measure the it directly with special ECHO packets that the receiver just timestamps and sends back as fast as it can. Along with this measurement all the routers sends a vector of only distance to each of its neighbors once every T ms. It also receives a similar one from its neighbors. Consider as an example to compute the routing table at J of the subnet shown in figure 8.5. The table used in this method consists of two parts 1. Preferred out going line to use for that destination 2. An estimate of the time or distance to that destination.

Figure 8.5: A subnet The updating process at J node is illustrated in figure 8.6 for a subnet given in figure 8.5. The first four column show the delay vectors received from the neighbors of router J. A has delay of 12ms to B, 25 ms to C, and so on. Consider that J has measured the direct delay by sending ECHO packet to A, I, H, and K as 8, 10, 12, and 6 ms respectively. Now J computes the distance to all the routers using all possible routes and best possible option is retained in the new table.

Figure 8.6: updating of routing table at J For example J computes new route to G has four options listed below: 1. using the outgoing line A : delay (J to G) = direct delay (J to A)+ delay (A to G) = 8 +18 =26 ms 2. using the outgoing line I : delay (J to G) = direct delay (J to I)+ delay (I to G) = 10 +31 =41 ms 3. using the outgoing line H : delay (J to G) = direct delay (J to H)+ delay (H to G) = 12 +6 =18 ms 4. using the outgoing line K : delay (J to G) = direct delay (J to K)+ delay (K to G) = 6 +31 =37 ms The best of these four options for transmission from J router to G router has a delay of 18 ms and the packet is transmitted to H, from H how it is forwarded further to G is the responsibility of H. Similarly J computes delay to all the nodes from A to L and is as shown in the last column of figure 8.6. Count to infinity problem Distance vector routing has a serious drawback. It converges but the time required in some cases is too much. This problem can be stated as Good news propagates fast and bad news takes a very large delay Here good news means that the station is up and bad news mean the station is down. To record the distance as infinity, for the node that is down, it takes large number of hops and hence the name given as count to infinity problem Figure below illustrates the situation of good news and bad news propagating to all the nodes as shown in figure 8.7 (a) and (b) respectively.

Figure 8.7: count to infinity problem Book ID: B0814 3. Describe the following: a. IGP b. OSPF c. OSPF Message formats Ans: a. IGP Two routers within an autonomous system are said to be interior to one another. The administrator keeps a table of networks and updates the table when ever a new network is added to or deleted from the AS. If the internet changes the manager must reconfigure the routes in all machines. In internet architectures that have multiple paths, managers usually choose one to be the primary path. If routers along the primary path fail, routes must be changed to send traffic along the alternate path.

Changing routes manually is both time consuming and error prone. Hence automated system is used which changes routes quickly and reliably. Task of Automated system to keep Network reach ability accurate. Routers communicate with one another, exchanging either network reachability information or data. Once reachability for the entire autonomous system is deduced it is advertised by one of the routers to another autonomous system using EGP. Definition The term Interior gateway protocol (IGP) is a generic description that refers to any algorithm that interior routers use when they exchange networks reachability and routing information. Figure 6.1 illustrates the autonomous systems. Each of the autonomous system uses an IGP to propagate information among its interior routers. Few routers run BGP to advertise reachability also needed to run an IGP to obtain information from within their autonomous system. A single router may use two different protocols simultaneously, one for communication within its autonomous system and the other for communication outside its autonomous system.

Fig. 6.1 RIP One of the most widely used IGPs is Routing Information protocol (RIP). It is also known by the software called routed. This routed software was originally designed at university of California, to provide consistent routing and reachability information among the machines on their local network. It relies on physical network broadcast to make routing exchanges quickly. RIP is a straight forward implementation of distance vector routing for local networks. RIP partitions machines into active and passive. Actives Machines are those that advertise their routes to others. And passive machines are also called silent machines that listens to RIP messages and use them to update their routing table but do not advertise. Only a router can run RIP in active mode and host use passive mode. A router running RIP in active mode broadcasts the update messages every 30 seconds. Each update contains a set of pairs, where each pair contains an IP network address and an integer distance to that network. RIP uses hop count as a metric to measure distance. The number of hops or hop count refers to the number of routers that a datagram encounters along the path from source to destination. RIP uses 16 as legitimate hop count. Both active and passive machines listen to all broadcast messages and update their tables accordingly to the distance vector algorithm described earlier. Three major problems of RIP that should be taken care are: 1. It does not explicitly detect routing loops. 2. To prevent instabilities, RIP must use low count for maximum possible distance. 3. RIP suffers from slow convergence or count to infinity problem. Choosing low hop count a small infinity helps limit this problem but does not eliminate it. Few techniques like triggered updates, poison reverse and split horizon were used to solve slow convergence. These techniques solve some problems but introduce others. Hello protocol The HELLO protocol is an IGP that uses a routing metric other than hop count. It is a protocol that uses a metric of delay. It provides two functions 1. it synchronizes the clocks among a set of machines. 2. it allows each machine to compute shortest delay path to destination.

Thus HELLO messages carry timestamp information as well as routing the basic idea of this protocol is each machine participating in the HELLO exchange maintains a table of its best estimate of clocks in the neighboring machine. Before transmitting a packet a machine adds its timestamp by copying the current clock value into the packet. When a packet arrives, the receiver computes an estimate of the current delay on the link or subtracting the time stamp on the incoming packet from the local estimate for the current clock in the neighbor. Periodically machines poll their neighbors to reestablish estimate of clock. HELLO messages also allow machines to compute new routes. This protocol uses modified distance vector algorithm with delay as metric. This protocol is a obsolete now. b. OSPF A working group of the Internet Engineering Task Force has designed an interior gateway protocol that uses link state algorithm. This protocol as said earlier is called Open Shortest Path First (OSPF). 6.3.1 Goals The group designing the new protocol had a long list of requirements to be met and set goals for OSPF protocol. These goals are listed below: 1. The algorithm had to be published in the OPEN literature. Hence O in OSPF stands for OPEN. Making OPEN standard anyone can implement without paying license fees, and this has encouraged many vendors to use OSPF. 2. A protocol should support a variety of distance metric, including physical distance, delay and so on. 3. It had to be a dynamic algorithm, one that adapted to the changes in the topology automatically and quickly. 4. OSPF includes type of service routing. It is first TCP/IP protocol to offer type of service routing. That is when routing a datagram, a router running OSPF uses both destination address and type of service field in an IP header to choose a route. 5. OSPF provides load balancing. Manager specifies multiple routes to a given destination at the same cost if available, and then splits the load over these lines. Again it is first IGPs to offer load balancing. Note that RIP computes a single route to each destination. 6. OSPF supported hierarchical systems. 7. To provides some form security, It specifies that all exchanges between routers can be authenticated. 8. It supports host specific, subnet specific, classless as well as classful specific routes. All types of routes may be needed in a large Internet. 9. OSPF managers describe a virtual network topology that abstracts away the details of physical networks. This permits maximum flexibility. Working of OSPF OSPF supports three kinds of connection and networks 1. Point to pint lines between exactly two routers. 2. Multi-access networks with broadcasting. 3. Multi-access networks without broadcasting. A multi-access network is one that can have multiple routers on it, each of which can directly communicate with all the others. All LANs and WANs have this property. Figure 6.2 shows an AS showing all three kinds of networks. Hosts generally do not play a role in OSPF.

Fig. 6.2(a): An Autonomous system (b) graph representation OSPF operates by abstracting the collection of actual networks, Routers and lines into a redirected graph. Each arc in graph is assigned a weight or cost. The cost can be any metric like delay, distance, etc. It then computes the shortest path based on weights on the arcs. A serial connection between two routers is represented by a pair of arc, one in each direction. Their weights may be different. A multi-access network is represented by a node for the network itself plus a node for a router. The arcs from the network node to the routers have weight zero and are omitted from the graph. Many ASes in the internet are themselves large and nontrivial to manage. Also one of the goal is to provide hierarchical system. Hence ASes are divided into numbered areas as shown in figure 6.1. An area

is a network or a set of contiguous network. Areas do not overlap and some routers may belong to no area. An area is generalization to a subnet. Outside an area, it topology and details are not visible. Every AS has a backbone area, called area zero. All areas are connected to the backbone via tunnels. Within an area, each router has the same link state database and runs the same shortest path algorithm. Its main job is to calculate the shortest path from itself to every other router in the area, including the router connected to the backbone. At least one router of every area is connected to the backbone. A router that connects to two areas run the shortest path algorithm for each one separately. During normal operation, three kinds of routes may be needed: 1. intra-area 2. interarea 3. inter AS Intra area routes are the easiest, since source router knows the shortest path to destination router. Interarea routing always proceeds in three steps: 1. go from source to backbone 2. go across the backbone to the destination area 3. go to the destination This algorithm forces the star configuration with the backbone being the hub and the areas being the spokes. Packets are routed to the destination as they are and not encapsulated or tunneled unless going to an area whose connection to the backbone is a tunnel. OSPF distinguishes four types of routers which are illustrated in figure 6.1. 1. Internal routers which are seen within one area 2. area border routers connect two or more areas 3. Backbone routers that are seen on the backbone 4. AS boundary routers talk to routers in other ASes OSPF Message Header OSPF works by exchanging information between adjacent routers and the information includes update messages. Each OSPF message begins with a fixed 24-octet header as shown in figure 6.3.

Fig. 6.3: 24-Octet OSPF message header VERSION field specifies the version of the protocol. TYPE field specifies different types of message SOURCE ROUTER IP ADDRESS field specifies the 32-bit IP address of the sender AREA ID field specifies the 32-bit identification number for the area AUTHENTICATION TYPE field specifies which authentication scheme is used. Every message can include authentication. Currently there are only two authentication types are recognized: Zero(0) : indicates no authentication One (1) indicates a simple password used. c. OSPF Message Formats TYPE Meaning 1 Hello used to test reachability 2 Database description topology 3 Link state request 4 Link state update 5 Link state acknowledgement Fig. 6.4 OSPF Message Types In OSPF each pair of adjacent router checks to see who has the most recent data, and new information is spread throughout the area. All the messages are sent as raw IP packets. Five kinds of messages are used whose number is specified in the message header in the field MESSAGE TYPE. These message types are summarized in figure 6.4. Each one is discussed in the following sections along with their formats. Hello Message format

Fig. 6.5: OSPF HELLO message format When a router boots, it sends a HELLO message on all point to pint links and multicast them on LANs to the group consisting of all other routers on WANs. It needs some configuration information who to contact. And from the responses each router learns who its neighbors are. Also OSPF sends these messages on each link periodically to establish and test the neighbor reachability. The hello message format is as shown in figure 6.5. Fields of HELLO message formats are: NETWORK MASK: It contains mask for the network over which the message has been sent. DEAD TIMER: gives a time in seconds after which a non responding neighbor is considered dead. HELLO INTER: is the normal period, in seconds between hello messages. GWAY PRIO: is the integer priority of this router, and is used in selecting a backup designated router. Basically it is inefficient to have every router on a LAN talk to every other router on the LAN. To avoid this situation, one router is elected as designated router. It is said to be adjacent to all other router s on LAN and It exchanges information with them. A backup designated router is always kept up to date to ease the transition when the primary designated router crash. DESIGNATED ROUTER: This contains the IP address that give senders view of the designated router for the network over which the message is sent. BACKUP DESIGNATED ROUTER: This also contains the IP address that give senders view of the backup designated router for the network over which the message is sent. NEIGHBOR IP ADDRESS: gives the IP addresses of all neighbors from which the sender has recently received hello messages. Database description message format Routers exchange the OSPF database description messages to initialize their network topology database. In exchange one machine serves as a master and the other a slave.

Fig. 6.6: OSPF DATABASE DESCRIPTION message format The slave acknowledges each database description message with a response. The format of database description message is as shown in figure 6.6. The fields of this message are discussed below: Flags I, M,: Because the database can be large it is divided into several messages. - Flags I: that it is initial message. - Flags M: when this bit is set it indicates that there are yet additional messages to be followed. Flag S: when this bit is set it indicates, that the message is sent by the master else by slave. DATABASE SEQUENCE NUMBER: specifies the sequence number of the messages so that the receiver can tell if any one is missing. The initial message contains a random integer R, subsequent messages contain sequential integers starting at R. LINK TYPE: describes a link according to the following table. Table 6.1: Link type LINK Meaning

TYPE 1 2 3

Router link Network link Summary link IP network Summary link link to border 4 router 5 External link link to another site LINK ID: gives identification for the link. That is IP address of a router or a network depending on the LINK TYPE ADVERTIZING ROUTER: specifies the address of the router advertising this link LINK SEQUENCE NUMBER: contains an integer generated by that router to ensure that messages are not missed or received out of order. LINK CHECKSUM: this field provides assurance that the link information has not been corrupted. LINKAGE: this field helps order the messages it gives the time in seconds since the link was established. Link state request message format

Fig. 6.6: Link state request message format After exchanging database description messages with a neighbor, the router may discover that parts of the database are out of date. The router sends this message to request the neighbor to supply updated information about the specific set of links. And the specific set of links is identified by using the LINK type, LINK ID, and the address of the router. Link state update Each router floods link state update messages to each of its destination. A router sends this message to broadcast information about its directly connected links to all other routers. This message gives its state and provides the cost used in the topological database. The format Link status update message is as shown in figure 6.7.

Fig. 6.7: Link Update message format Each link status advertisement has a header format as shown in figure 6.8. The Fields used in the header of link status advertisements are same as seen in the database description message. Following the header there is one of the four possible formats to describe: The links from a router to a given area The links from a router to a specific network The links from a router to the physical network a single or subnetted IP network The links from a router to networks at other sites. Thus a router, that receives the link status update message, knows exactly which of the described destination lie inside the site and which are external.

Fig. 6.8: Header of link status advertisement. Routers also send these messages when a line goes up or down or when its cost changes.

Link state acknowledgement The Link state acknowledgement message acknowledges the link state update. 4. Describe the following with respect to Internet Security: a. Cryptography b. DES Algorithm Ans: a. Cryptography The main constraint on cryptography is the ability of the code to perform the necessary transformation. From the top-secret military files, to the protection of private notes between friends, various entities over the years have found themselves in need of disguises for their transmissions for many different reasons. This practice of disguising or scrambling messages is called encryption. Encryption Model

Figure 9.1 the encryption model The encryption model is given in figure 9.1. The message to be encrypted is known as plain text P, are transformed by a function that is parameterized by a key. The out put of the encryption process, known as cipher text, is then transmitted, often by message or by radio etc. we assume that an enemy refered to as an intruder, hears and accurately copies down the complete text. He does not know what decryption key is and hence cannot decrypt the ciphertext easily. We recognize intruder in two different types. An intruder, which can simply listen, record and play them back later called an passive intruder. There can be an intruder who may inject his own message or modify the messages before they get to receiver is called an active intruder. The art of breaking the cipher is called cryptanalysis. And the art devising them is called cryptology. Relation between plain text P, cipher text C and keys is given below: 1. C = EK (P) This equation means that the encryption of plain text P using the key K gives the cipher text C. Similarly we have 2. P = DK (C) This equation means that the decryption of cipher text C using the key K gives the plain text P. thus using 1 and 2 equations we get 3. P = DK (C = EK (P)) P = DK (EK (P)) Here E and D are just mathematical functions. A fundamental rule of cryptography is that one must assume that the cryptography knows the method used for encryption and decryption. Thus cryptanalyst knows how the encryption method E and decryption method D mentioned in figure 9.1 work. They consist of a relatively short string that selects one of many potential encryptions. Basic model is based on Kirchoffs principles. The idea that the cryptanalyst knows the algorithm and the secrecy lies exclusively in the keys is referred to as Kirchoffs principle. Substitution cipher The first encrypted messages were developed in ancient Egypt as series of disordered hieroglyphics. This means of encryption was very simple, utilizing a method called simple substitution. The original message, or plaintext, was encoded using a substitution cipher. Each letter (or picture) of the plaintext was simply replaced by another letter of the alphabet, resulting in the encoded message, or cipher text. For example: The message or the plain text is ATTACK Could be encrypted as, BUUBDL In this example, each letter of the plaintext was simply replaced with the next letter in the alphabet. That is the key used is +1. Actually, this example is a special form of substitution cipher known as a Caesar Cipher, attributed to Julius Caesar.

An alphabet is an ordered set of symbols. For example, the normal English alphabet consists of the symbols {A, B, C,, Z}. is an ordered set of symbols. A simple substitution is one in which each letter of the plaintext is always replaced by the same cipher text symbol. In other words, there is a 1-1 relationship between the letters of the plaintext and the cipher text alphabets. For the normal English alphabet, how many different cipher text alphabets can we get if we use the same letters? In other words, in how many different ways can we permute or rearrange the English alphabet? The answer is 26!. Thats approximately equal to the 403291461126605635584000000. To understand how we got that number imagine that you are given the task of making an arbitrary permutation of the English alphabet. You have to make 26 choices. On the first choice you can choose any one of the 26 letters in the alphabet. On the second choice you can choose any one of the remaining 25 letters. On the third choice you can choose any one of the remaining 24 letters. And so on. On the last choice, there is just one letter remaining. So, in all there are 26! = 26 x 25 x 24 x x 1 different ways to make these choices. Although there are 26! Possible cipher text alphabets, any fan of puzzle books or newspaper cryptograms knows that simple substitution ciphers are relatively easy to break by hand by analyzing letter frequencies and guessing at common words. The nine most frequent letters in English are E, T, N, A, O, R, I, S, and H. The five letters that occur least often are J, K, Q, X, and Z. Generally, we would need a letter of considerable length in order to make very good use of our knowledge of letter frequencies. The most common two letter combinations or digrams are: th, in, er, re, and an etc. The most common three letter combinations or trigrams are : the, ing, and, and ion. For example, consider the following cipher text message from an account firm: It is arranged into group of five: CTBMN BYCTC BTJDS QXBNS GSTJC BTSWX CTQTZ CQVUJ QJSGS TJQZZ MNQJS VLNSX VSZJU JDSTS JQUUS JUBXJ DSKSU JSNTK BGAQJ ZBGYQ TLCTZ BNYBN QJSW A likely word will be financial in an accounting firm: The financial word has repeated letter (i ), with four other letters between their occurrences. We look for repeated letters in the cipher text with four letter spacing. We get at positions: 6, 15, 27, 31, 42, 48, 56, 66, 70, 71, 76, and 82. The next letter to i is n which is also repeated with one letter between them. Only two out of these 31 and 42 have the repeated in proper place. And now we have only 31 has the letter a correctly positioned. Thus we know financial begins at position 30. Substitution preserves the order of the plain text but disguise them. Thus deducing key is easy by using the frequency statistics for English text or may be any language. Transposition cipher Transposition cipher reorders the letters but do not disguise them. The key can be a word or a phrase without any repeated letters. There are two variants: 1. Columnar Transposition 2. Row Transposition The purpose of the key is to number the columns in case of columnar transposition cipher or to number the rows in case of row transposition cipher. We discuss the columnar transposition cipher with an example illustrated in Figure 9.2 to 9.4.

Figure 9.2: the pain text Consider a plain text which is string of characters as shown in figure 9.2. The key used in this example is MEGABUCK. The characters are numbers according to the order of alphabets as shown in figure 9.3.

Figure 9.3: Matrix used in columnar transposition cipher In case of columnar transposition cipher, arrange the plain text below the key word in sequence horizontally or in row wise, padded to fill the matrix as shown in figure 9.3. To obtain cipher text read the characters by column, starting with the column whose key letter is lowest. In this example first the column heading letter A of the key, that is fourth column is read out. Then the column heading letter B of the key, that is fifth column is read out. Then the column heading letter C of the key, that is seventh column is read out. Then the column heading letter E of the key, that is second column is read out. Then the column heading letter G of the key, that is third column is read out. Then the column heading letter K of the key, that is eighth column is read out Then the column heading letter M of the key, that is first column is read out. Then the column heading letter U of the key, that is sixth column is read out Hence the cipher text for this example is as shown in figure 9.4.

Figure 9.4 the Cipher text Similarly in case of row transposition cipher, we arrange the plain text characters column wise and obtain the cipher text by reading out row wise selecting the row with respect to the order of the characters of the key. b. DES The Data Encryption Standard (DES) is a cipher a method for encrypting information selected as an official Federal Information Processing Standard (FIPS) for the United States in 1976. The algorithm was initially controversial, with classified design elements, a relatively short key length, and suspicions about a National Security Agency (NSA) backdoor. DES consequently came under intense academic scrutiny, and motivated the modern understanding of block ciphers and their cryptanalysis. DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key size being too small. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. In recent years, the cipher has been superseded by the Advanced Encryption Standard (AES). Description DES is the block cipher, an algorithm that takes a fixed-length string of plaintext bits and transforms it through a series of complicated operations into another cipher text, bit string of the same length. In the case of DES, the block size is 64 bits. DES also uses a key to customize the transformation, so that decryption can only be performed by those who know the particular key used to encrypt. The algorithm is parameterized by a 56 bits key and has 19 distinct stages. Eight bits are used solely for checking parity, and are thereafter discarded. Hence the effective key length is 56 bits, and it is usually quoted as such. Like other block ciphers, DES by itself is not a secure means of encryption but must instead be used in a mode of operation. Overall structure

Figure 9.7: the overall Feistel structure of DES The algorithms overall structure is shown in Figure 9.7. There are 16 identical stages of processing, termed rounds. There is also an initial and final permutation, termed IP and FP, which are inverses (IP "undoes" the action of FP, and vice versa). IP and FP have almost no cryptographic significance, but were apparently included in order to facilitate loading blocks in and out of mid-1970s hardware, as well as to make DES run slower in software. Before the main rounds, the block is divided into two 32-bit halves and processed alternately; this crisscrossing is known as the Feistel scheme. The Feistel structure ensures that decryption and encryption are very similar processes the only difference is that the subkeys are applied in the reverse order when decrypting. The rest of the algorithm is identical. This greatly simplifies implementation, particularly in hardware, as there is no need for separate encryption and decryption algorithms. The red symbol denotes the exclusive-OR (XOR) operation. The F-function scrambles half a block together with some of the key. The output from the F-function is then combined with the other half of the block, and the halves are swapped before the next round. After the final round, the halves are not swapped; this is a feature of the Feistel structure which makes encryption and decryption similar processes. The Feistel (F) function The F-function, depicted in Figure 9.8, operates on half a block (32 bits) at a time and consists of four stages:

Figure 9.8 The Feistel function (F-function) of DES Expansion the 32-bit half-block is expanded to 48 bits using the expansion permutation, denoted E in the diagram, by duplicating some of the bits. Key mixing the result is combined with a subkey using an XOR operation. Sixteen 48-bit subkeys one for each round are derived from the main key using the key schedule (described below). Substitution after mixing in the subkey, the block is divided into eight 6-bit pieces before processing by the S-boxes, or substitution boxes. Each of the eight S-boxes replaces its six input bits with four output bits according to a non-linear transformation, provided in the form of a lookup table. The

S-boxes provide the core of the security of DES without them, the cipher would be linear, and trivially breakable. Permutations finally, the 32 outputs from the S-boxes are rearranged according to a fixed permutation, the P-box. The alternation of substitution from the S-boxes, and permutation of bits from the P-box and E-expansion provides so-called "confusion and diffusion" respectively, a concept identified by Claude Shannon in the 1940s as a necessary condition for a secure yet practical cipher. Key schedule Figure 9.9 illustrates the key schedule for encryption. The algorithm which generates the subkeys. Initially, 56 bits of the key are selected from the initial 64 by Permuted Choice 1 (PC-1) and the remaining eight bits are either discarded or used as parity check bits. The 56 bits are then divided into two 28-bit halves; each half is thereafter treated separately. In successive rounds, either halves are rotated left by one or two bits (specified for each round), and then 48 subkey bits are selected by Permuted Choice 2 (PC-2): 24 bits from the left half, and 24 from the right. The rotations, denoted by "<<<" in figure 9.9 mean that a different set of bits is used in each subkey; each bit is used in approximately 14 out of the 16 subkeys.

Figure 9.9: The key-schedule of DES The key schedule for decryption is similar. It must generate the keys in the reverse order. Hence the rotations are to the right, rather than the left.