lab + hw
Popular in Networking
Popular in INFO
verified elite notetaker
This 10 page Bundle was uploaded by Nishtha on Wednesday May 18, 2016. The Bundle belongs to INFO 330 at Drexel University taught by Dikran Kassabian in Spring 2016. Since its upload, it has received 10 views. For similar materials see Networking in INFO at Drexel University.
Reviews for lab + hw
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 05/18/16
INFO330 Name:Nishtha H. Dalal Lab 3 Answer Sheet. Please complete this answer sheet and turn it in via Bb Learn by the due date posted. Questio Answer n 1 (10 pts) Pku.edu.cn 22.214.171.124 2 Authoritative addresses for ox.ac.uk are (10 pts) 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 3 (10 pts) 18.104.22.168 4 It’s over UDP (6 pts) 5 Both destination and source are port 53 (10 pts) 6 22.214.171.124 – noc.irt.drexel.edu (10 pts) 7 Type is AAAA (8 pts) 8 6 responses – name, type, class, TTL, (8 pts) length, and primary name 9 Yes, to 126.96.36.199 (10 pts) 10 No new DNS query is made. Uses the same (10 pts) one INFO 330 – HW3 – Transport Layer Name: _______________________________ This assignment is to be done individually. Please use complete sentences for your responses. You will need to use the textbook as a reference guide to answer many of the questions, and for some questions you may want to have your laptop connected to the Internet to research or capture results. 1. (6 points) Describe what is meant by a “connection oriented” transport layer protocol. What makes it “connection oriented” and what is the benefit? Connectionoriented is when one application process can begin to send data to another only after a "handshake" is completed, which is that some preliminary segments must be sent to establish the parameters of the ensuing data transfer. The benefit is that the connection oriented protocol service is reliable, in that, it guarantees that the data will arrive in proper sequence. 2. (6 points) Describe the threeway handshake used by TCP. In the threeway handshake used by TCP/IP, the method requires both the client and sever to exchange SYN and ACK packets before the actual data communication begins. The first step is when the client node sends a SYN data packet over an IP network to a server on the same or an external network. The objective of this packet is to check if the server is open for a new connection. The second part of the handshake occurs when the target server has an open port to accept and initiate new connections, and it receives the SYN packet from the first step, and responds with a confirmation receipt which is an ACK or SYN.ACK packet. The third part is when the client node receives the SYN/ACK from the server and responds with an ACK packet. 3. (8 points) List at least two applications that should use TCP as their transport layer protocol, and two applications that should use UDP. Describe why you chose each application’s appropriate transport layer protocol TCP Email (SMTP, IMAP/POP), Web, SSH, FTP UDP Media streaming, VPN 4. (10 points total) TCP uses a concept called “pipelining” a. (5 points). Describe why longer RTT on a high capacity network link can result in low link utilization and how a pipelined network protocol can greatly improve efficiency b. (5 points) Describe how pipelining and window size are related in TCP. 5. (10 pts) When developing a reliable data transfer protocol, why is it necessary to introduce timers? 6. (8 pts) The TCP protocol uses sequence numbers. a) What does the value of a TCP sequence number represent? b) Provide three reasons why sequence numbers are required in TCP? 7. (8 pts) Suppose a process in host C has a UDP socket with port number 6789. Suppose both host A and host B each send a UDP segment to host C with destination port number 6789. a. Will both of these segments be directed to same socket at host C? Yes b. If so, how will the process at host C know that these two segments originated from two different hosts? 8. (12 points) Suppose client PC named X initiates a telnet session to a server called S. At the same time a laptop client named Y initiates a telnet session to server S also. Provide possible source and destination port numbers for: a. The segments sent from X to S b. The segments sent from Y to S c. The segments sent from S to X d. The segments sent from S to Y e. If X and Y are different hosts is it possible for them to both use the same source port number? f. If X and Y are the same host, is it possible for them to both user the same source port number? 9. (8 pts) Consider a TCP connection between host B and server C. Suppose that the TCP segments traveling from host B to server C have source port number 2345 and destination port number 443. a. What are the source and destination port numbers for the segments traveling from host C to host B? b. What can you deduce about server C? What kind of server is it? 10. (8 pts) What is the TCP “rwnd” value and what role does it play in flow control? 11. (8 pts) Examine the TCP segment header (you may refer to page 234 in the text). The flag field contains 6 bits in the segment structure. a. What does the last bit, (reading the bits from left to right), signify? b. When is it used? 12. (8 pts) Refer to page 257 in the text. a. What portion of the TCP session is used as an attack? b. What is the purpose of a SYN cookie? INFO 330 – Test # 1Study Guid (eocus Areas) ere are some of the acronyms that may appear on test #1: API P2P DNS FTP HTTIP ISP IXP UPPOP RFC RTT SMTPTCP TLD 80W21i1 Study the following : The Internet (or TCP/IP) protocol stack. What are the layers what do theydo? Know which layers are “endto end”and which are not The structure of Internet Service Provider (ISP)connectivity Peer to peerapplication vs client server unaderliantons each, and the difference The 4 main sources of delay on the Internet How to calculate transmission delay given bits and bit rate What a “socket” is and how it is used What a MAC address is and know its bit length What an IPv4 address wis isndbkinolength Have a familiarity with the application layer protocols we discussed in class, including at least HTTP, POP,IMAP, DNS Differences between the mail access protocols POP3 and IMAP. HTTP packets (GET, 200 OK, and tT he caonditional GE ports usedby HTTP Basics of web caching Basic understanding of what the DNS is and how it works types, types of DNS servers, etc.) DNS hierarchy; root servers, TLD servers, authoritative servers; default servers How multiplexing an-mdueltiplexing work wha atnd a “port” is in this context. How reliable datatransfer works (using ACKs, NAKs, sequence numbers,timers, etc.) Some basic differences between TCP and UDP What con igestion contralnd wfhawt conirol ? INFO330 Name: Nishtha H. Dalal Lab 2 Answer Sheet. Please complete this answer sheet and turn it in via Bb Learn by the due date posted. Question Answer 1 HTTP/1.1 (4 pts) 2 enUS, en (5 pts) 3 My IP: 188.8.131.52 (4 pts) Gaia IP: 184.108.40.206 4 200 (OK) (5 pts) 5 Tue, 12 Apr 2016 05:59:02 GMT (4 pts) 6 126 bytes (4 pts) 7 No, there is no IfModifiedSince header (4 pts) 8 (8 pts) Yes, the server returned the contents of the file which can be found under the “LineBased Text” data 9 IfModifiedSince: Tue, 12 Apr 2016 05:59:02 GMT (8 pts) 10 (10 pts) 304 (Not Modified) 11 No, the file contents aren’t explicitly there as they (4 pts) were in the first request 12 One HTTP GET request was sent INFO330 Name: Nishtha H. Dalal (4 pts) 13 3 TCP segments were needed (4 pts) 14 200 (OK) (4 pts) 15 4 HTTP GET requests were sent: (8 pts) ~kurose/cover.jpg ~kurose/cover.jpg ethereallabs/banner.jpg ethereallabs/HTTPetherealfile5.html All to the same IP address: 192.168.0.105 16 Seems as though the browser downloaded them in (8 pts) parallel because the two GET requests were in the same time frame, and the two responses were also together so the browser didn’t wait for the first one to be completed to make the second one 17 Yes, the status code and phrase are in response to (4 pts) the GET request. The server responds with a 401 (Unauthorized) 18 I think the most significant part of this lab was being able to differentiate specifically between the different types of responses that the server sends back to a GET request. In the past, as a developer, I often used to see the AJAX responses (within the browser tools), but watching the list populate in wireshark as the page loads gave me a lot of insight into how the browser interacts with the server. Even though I was aware that TCP packets can be broken down for large files, I never knew how exactly that happened, and I think I have a better idea now :) 1 INFO 330 – HW2 – Application Layer, Transport Layer Name: Nishtha H. Dalal This assignment is to be done individually. Please use complete sentences for your responses. You will need to use the textbook as a reference guide to answer many of the questions, and for some questions you may want to have your laptop connected to the Internet to research or capture results. 1. (10 points) A student types in www.ed.ac.uk in their web browser to learn about the University of Edinburgh. The IP address of the web server is initially unknown. Name all application and transport layer protocols that are required in this web session in addition to HTTP? DNS UDP, TCP, if secure, then TLS/SSL 2. (8 points) Use the SMTP RFC 5321 posted in LEARN to assist you with this question. a. What are the differences between MAIL FROM: in SMTP and From: in an actual mail message itself? MAIL FROM: is the message from the SMTP client that identifies the sender of the mail message to the SMTP server. The From: is just a line in the body text, not an SMTP message. b. What command in SMTP is used to see if an email address is valid? HELO 3. (8 points) Concerning electronic mail. a. List (2) mail access protocols described in the text. IMAP and POP b. What mail access protocol might be better suited for a smartphone? Explain, and include one specific reason for the protocol you chose. IMAP because it supports push (the email gets to you when it’s sent, as opposed to waiting for the user to open the mail application and download the email). IMAP is also better because if the user downloads the email on their device using POP(3), and then also on their PC, they would have two duplicated repositories of their email. 4. (8 points) TCP can be enhanced with SSL to provide processtoprocess encryption. Between what two layers does SSL operate? If an application developer needs TCP to be enhanced with SSL, what does the developer need to do? SSL operates at the application layer. It takes data that is not encrypted from the application layer, encrypts it and then passes it to the TCP socket. If the application developer wants TCP to be enhanced with SSL, they have to include the SSL code in the application 5. (8 points) Suppose you are asked to write (2) new applications. Application 1 must transfer sensitive information using encryption. It is very important that the information is transmitted reliably and completely over the network. Application 2 will be designed to send out small bits of information, 1 2 INFO 330 – HW2 – Application Layer, Transport Layer such as alerts and notifications, from one server to many other servers as quickly as possible. This second application will continue to send these alerts more than once each, and the receiving servers will collect all the alerts in a local database as time passes. What transport protocol will you use for: a. Application 1? Explain your choice. TCP because it guarantees delivery of packets in order, if any packet is not acknowledged, the sender will resend it b. Application 2? Explain your choice. UDP because it’s stateless, and is able to answer small queries from a large number of clients 6. (9 points) For this question, refer to the DNS section of the text book. a. Explain the role of Root DNS servers (23 sentences) Root name server is a name server for the root zone of it’s Domain Name System(DNS). It directly responds to requests for records in the root zone and answers other requests by returning a list of the authoritative nameservers for the appropriate toplevel domain (TLD) b. Explain the role of TLD DNS servers (23 sentences) and name 3 different TLDs TLD servers are responsible for toplevel domains such as .com, .org, .net, .edu, and .gov Verisign’s Global Registry Service maintains the TLD servers for the .com TLD, and Educause maintains the TLD for the .edu TLD c. Explain the role of Authoritative DNS servers (23 sentences) Every organization with publicly accessible hosts (like web and mail servers) on the internet must provide publicly accessible DNS records that map the names to the DNS records. It provides original and definitive answers to DNS queries. It only returns answers to queries about domain names that are installed in its configuration system. 7. (8 points) Describe the following DNS resource record types (one sentence each). a. A record If the type is A, then the Name is a hostname and Value is the IP address for the hostname. Thus, a Type A record provides the standard hostname to IP address mapping b. AAAA record The AAAA record is also known as a quadA record, which specifies an IPv6 address for the hostname c. TXT record The TXT record is used to provide associations of some arbitrary and unformatted text with a host or other name, such as human readable information about a server, network, data center, and other accounting information 2 3 INFO 330 – HW2 – Application Layer, Transport Layer d. CNAME record If the type is CNAME then the value is a canonical hostname for the alias hostname. This record can provide querying hosts the canonical name for a hostname 8. (8 points) In the DNS, there are different types of servers and different types of queries. a. Explain what recursive queries are (23 sentences). A recursive DNS query happens when the DNS server you asked for an address, doesn't know the answer itself, so it has to check with another server. The DNS server is configured to pass unresolved name queries to another DNS server, in the case of a DNS server configured to use a forwarder. b. Explain what iterative queries are (23 sentences). An iterative name query when a DNS client allows the DNS server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have a match for the queried name, the best possible information it can return is a referral (which points to a DNS server authoritative for a lower level of the domain). The DNS client can then query the DNS server for which it obtained a referral. It continues this process until it locates a DNS server that is authoritative for the queried name, or until an error or timeout condition is met. 9. (8 points) Describe how DNS caching can reduce delays in DNS name to IP address lookups. Every time a user visits a website, there is a DNS query to translate the hostname to an IP address, by caching this result, the query resolves much faster than it would have. Caching involves storing key value pairs, where the key is the hostname, and the resulting value is the IP address. Because of caching, the local DNS server can immidiately return the IP address without having to query any other DNS servers. A local DNS servers can calso cache the IP addresses of TLD servers, which allows the local DNS servers to bypass the root DNS servers in a query chain, which further reduces delays. 10. (8 points) Describe how Web caching can reduce the delay in receiving a requested object. Will Web caching reduce the delay for all objects requested by a user or for only some of the objects? Web caching brings the requested content closer to the user, and easily accessible, by keeping it on the LAN which the user is connected to. Web caching can reduce delay for all objects, even ones that weren’t previously cached since caching reduces the other traffic that would have been on the link. 11. (8 points) Use the HTTP RFC (2616) posted in LEARN for this question. a. What mechanism is used to signal that a persistent connection is being closed? Idle time is used to signal that a persistent connection is being closed b. Can the client, or server, or both use that signal? Yes, both the client and the server can signal the close of the connection if they aren’t transferring any kind of information. 3 4 INFO 330 – HW2 – Application Layer, Transport Layer 12. (9 points) Research the SNMP protocol. a. What does the acronym SNMP stand for? Simple Network Management Protocol b. What is this protocol used for? Internetstandard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior c. What layer in the model does this protocol operate? Operates in the application layer protocol 4
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'