Presentation is loading. Please wait.

Presentation is loading. Please wait.

Final Exam Review Knowledge questions True or false statement (explain why) Protocol Calculation Cover the contents after midterm coverage –Homework 3,

Published byOlivia Jones Modified over 9 years ago

Similar presentations

Presentation on theme: "Final Exam Review Knowledge questions True or false statement (explain why) Protocol Calculation Cover the contents after midterm coverage –Homework 3,"— Presentation transcript:

1 Final Exam Review Knowledge questions True or false statement (explain why) Protocol Calculation Cover the contents after midterm coverage –Homework 3, 4, security

2 Knowledge Question Examples Three classes of switch fabric, speed relationship –What is Head-of-the-line (HOL) blocking? Where can queue occur in router? TCP header size? IP header size? UDP header size? How many bits in IP of IPv6? Address space size? Why it is very slow to be deployed? (enough IP space, hard upgrading and compatible) Routing: what are Link state, distance vector? Internet two-level routing? (inter-AS, intra-AS) RIP, OSPF, BGP? Used where? –OSPF uses link state, BGP/RIP uses distance vector –RIP, OSPF -> intra-AS, BGP -> inter-AS Which is better? pure ALOHA, slotted ALOHA, CSMA/CD? –What are their assumptions? (collision detection, time syn) CSMA/CD? CSMA/CA? Why wireless use CSMA/CA? Ethernet Broadcast MAC addr.? What the broadcast address for? What is ARP? Why Ethernet is much better than aloha in efficiency? –Carrier sense, collision detection, exp. backoff

3 Knowledge Question Examples Hub vs. Switch? 802.11a, b, g: speed? Working frequency? 802.15? (personal area network, example: bluetooth) Wireless no collision detection? –listen while sending, fading, hidden terminal Network security three elements: –Confidentiality, authentication, integrity What is public/symmetric key cryptography? Pro vs. con? Why use “nonce” in security? (replay attack) What is man-in-the-middle attack? Usage of firewall? (block outside active traffic to inside) IP spoofing? SYN flood DoS attack? What is a botnet? IPSec vs. SSL? (different layers, tcp vs. udp)

4 Protocol Problem Examples NAT address translation procedure Digital signature procedure HTTPS connection procedure –CA, public key Secure email (assume known public key) –Confidentiality –Integrity

5 Calculation Examples subnet addressing –Figure out subnet based on host’s IP and subnet mask link state, distance vector parity checking CRC calculation wireless MAC protocol Caesar cipher decrypt, Vigenere cipher, one-time pad decrypt (given the pad)

6 Three types of switching fabrics Property? Speed order?

7 Head-of-the-Line (HOL) blocking: queued datagram at front of queue prevents others in queue from moving forward Queue can occur at both input port and output port of a router

8 Routing Algorithm classification Global or decentralized information? Global: all routers have complete topology, link cost info “ link state ” algorithms Decentralized: router knows physically-connected neighbors, link costs to neighbors iterative process of computation, exchange of info with neighbors “ distance vector ” algorithms

9 NAT: Network Address Translation 10.0.0.1 10.0.0.2 10.0.0.3 S: 10.0.0.1, 3345 D: 128.119.40.186, 80 1 10.0.0.4 138.76.29.7 1: host 10.0.0.1 sends datagram to 128.119.40.186, 80 NAT translation table WAN side addr LAN side addr 138.76.29.7, 5001 10.0.0.1, 3345 …… S: 128.119.40.186, 80 D: 10.0.0.1, 3345 4 S: 138.76.29.7, 5001 D: 128.119.40.186, 80 2 2: NAT router changes datagram source addr from 10.0.0.1, 3345 to 138.76.29.7, 5001, updates table S: 128.119.40.186, 80 D: 138.76.29.7, 5001 3 3: Reply arrives dest. address: 138.76.29.7, 5001 4: NAT router changes datagram dest addr from 138.76.29.7, 5001 to 10.0.0.1, 3345

10 Intra-AS and Inter-AS routing Host h2 a b b a a C A B d c A.a A.c C.b B.a c b Host h1 Intra-AS routing within AS A Inter-AS routing between A and B Intra-AS routing within AS B –RIP: Routing Information Protocol –OSPF: Open Shortest Path First –BGP: Border Gateway Protocol (Inter-AS)

11 ARP protocol: Same LAN (network) A wants to send datagram to B, and B ’ s MAC address not in A ’ s ARP table. A broadcasts ARP query packet, containing B's IP address –Dest MAC address = FF-FF-FF-FF-FF-FF –all machines on LAN receive ARP query B receives ARP packet, replies to A with its (B's) MAC address –frame sent to A ’ s MAC address (unicast) A caches (saves) IP-to-MAC address pair in its ARP table until information becomes old (times out) –soft state: information that times out (goes away) unless refreshed ARP is “ plug-and-play ” : –nodes create their ARP tables without intervention from net administrator

12 What is network security? Confidentiality: only sender, intended receiver should “ understand ” message contents –sender encrypts message –receiver decrypts message Authentication: sender, receiver want to confirm identity of each other –Virus email really from your friends? –The website really belongs to the bank? Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection –Digital signature

13 Collision Avoidance: RTS-CTS exchange AP A B time RTS(A) RTS(B) RTS(A) CTS(A) DATA (A) ACK(A) reservation collision defer Textbook Page 522 figure DIFS CIFS

14 Firewall Block outside-initiated traffic to inside of a local network Usually do not block any traffic initiated from inside to outside Have at least two NICs (two IPs) firewall

15 ap5.0: security hole Man (woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) Difficult to detect:  Bob receives everything that Alice sends, and vice versa. (e.g., so Bob, Alice can meet one week later and recall conversation)  problem is that Trudy receives all messages as well!

16 large message m H: Hash function H(m) digital signature (encrypt) Bob’s private key K B - + Bob sends digitally signed message: Alice verifies signature and integrity of digitally signed message: K B (H(m)) - encrypted msg digest K B (H(m)) - encrypted msg digest large message m H: Hash function H(m) digital signature (decrypt) H(m) Bob’s public key K B + equal ? Digital signature = signed message digest No confidentiality !

17 Secure e-mail Alice:  generates random symmetric private key, K S.  encrypts message with K S (for efficiency)  also encrypts K S with Bob’s public key.  sends both K S (m) and K B (K S ) to Bob.  Alice wants to send confidential e-mail, m, to Bob. K S ( ). K B ( ). + + K S (m ) K B (K S ) + m KSKS KBKB + Internet KSKS

18 Secure e-mail Bob:  uses his private key to decrypt and recover K S  uses K S to decrypt K S (m) to recover m  Alice wants to send confidential e-mail, m, to Bob. K S ( ). K B ( ). + + - K S (m ) K B (K S ) + m KSKS KSKS KBKB + Internet K S ( ). K B ( ). - KBKB - KSKS m K S (m ) K B (K S ) +

19 Secure e-mail (continued) Alice wants to provide message integrity (unchanged, really written by Alice). Alice digitally signs message. sends both message (in the clear) and digital signature. H( ). K A ( ). - + - H(m ) K A (H(m)) - m KAKA - Internet m K A ( ). + KAKA + K A (H(m)) - m H( ). H(m ) compare

20 Secure e-mail (continued) Alice wants to provide secrecy, sender authentication, message integrity. Alice uses three keys: her private key, Bob’s public key, newly created symmetric key H( ). K A ( ). - + K A (H(m)) - m KAKA - m K S ( ). K B ( ). + + K B (K S ) + KSKS KBKB + Internet KSKS

21 How SSL (https) works? K B + Client Server B time Three-way handshake Request server certificate K - CA (K + B ) K + B (K A-B ) K A-B (m) Symmetric session key Certificate from CA

22 Forwarding table Destination Address Range Link Interface 11001000 00010111 00010000 00000000 through 0 11001000 00010111 00010111 11111111 11001000 00010111 00011000 00000000 through 1 11001000 00010111 00011000 11111111 11001000 00010111 00011001 00000000 through 2 11001000 00010111 00011111 11111111 otherwise 3

23 Longest prefix matching Prefix Match Link Interface 11001000 00010111 00010 0 11001000 00010111 00011000 1 11001000 00010111 00011 2 otherwise 3 DA: 11001000 00010111 00011000 10101010 Examples DA: 11001000 00010111 00010110 10100001 Which interface? DA: 11001000 00010111 10011000 10101010 Which interface?

24 Subnet calculation (quiz 2) Suppose an ISP has a chunk of IP addresses of 128.119.0.0/17, it allocates this space to three companies. Two companies get equal size space, the third company gets half of the space with higher IP addresses. Show the IP space allocated to the three companies.

25 CRC Example Want: D. 2 r XOR R = nG equivalently: D. 2 r = nG XOR R equivalently: if we divide D. 2 r by G, want remainder R R = remainder[ ] D.2rGD.2rG

26 Dijkstra ’ s algorithm: example Step 0 1 2 3 4 5 N D(B),p(B) D(C),p(C) D(D),p(D) D(E),p(E) D(F),p(F) 2 2 1 3 1 1 2 5 3 5 A 2,A 5,A 1,A infinity,- infinity,- AD 2,A 4,D 1,A 2,D infinity,- ADE 2,A 3,E 1,A 2,D 4,E ADEB 2,A 3,E 1,A 2,D 4,E ADEBC 2,A 3,E 1,A 2,D 4,E ADEBCF 2,A 3,E 1,A 2,D 4,E E D CB F A

27 x y z x y z 0 2 7 ∞∞∞ ∞∞∞ from cost to from x y z x y z 0 2 3 from cost to x y z x y z 0 2 3 from cost to x y z x y z ∞∞ ∞∞∞ cost to x y z x y z 0 2 7 from cost to x y z x y z 0 2 3 from cost to x y z x y z 0 2 3 from cost to x y z x y z 0 2 7 from cost to x y z x y z ∞∞∞ 710 cost to ∞ 2 0 1 ∞ ∞ ∞ 2 0 1 7 1 0 2 0 1 7 1 0 2 0 1 3 1 0 2 0 1 3 1 0 2 0 1 3 1 0 2 0 1 3 1 0 time x z 1 2 7 y node x table node y table node z table D x (y) = min{c(x,y) + D y (y), c(x,z) + D z (y)} = min{2+0, 7+1} = 2 D x (z) = min{c(x,y) + D y (z), c(x,z) + D z (z)} = min{2+1, 7+0} = 3

28 Caesar cipher decrypt: –“welcome”, key= +2  Vigenere cipher –“final exam” key=3,4,-1 (blank space does not change)

Download ppt "Final Exam Review Knowledge questions True or false statement (explain why) Protocol Calculation Cover the contents after midterm coverage –Homework 3,"

Similar presentations

1 o Two issues in practice – Scale – Administrative autonomy o Autonomous system (AS) or region o Intra autonomous system routing protocol o Gateway routers.

1 o Two issues in practice – Scale – Administrative autonomy o Autonomous system (AS) or region o Intra autonomous system routing protocol o Gateway routers.
Communication Networks (0368-3030) / Spring 2011 The Blavatnik School of Computer Science, Tel-Aviv University Allon Wagner.

Communication Networks ( ) / Spring 2011 The Blavatnik School of Computer Science, Tel-Aviv University Allon Wagner.
Review r Error Detection: CRC r Multiple access protocols m Slotted ALOHA m CSMA/CD r Homework 3 out r Project 3 out, link state only. Some slides are.

Review r Error Detection: CRC r Multiple access protocols m Slotted ALOHA m CSMA/CD r Homework 3 out r Project 3 out, link state only. Some slides are.
8-1 Last time □ Network layer ♦ Introduction forwarding vs. routing ♦ Virtual circuit vs. datagram details connection setup, teardown VC# switching forwarding.

8-1 Last time □ Network layer ♦ Introduction forwarding vs. routing ♦ Virtual circuit vs. datagram details connection setup, teardown VC# switching forwarding.
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.

Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.

8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.
Routing & IP Routing Protocols

Routing & IP Routing Protocols
MAC Addresses and ARP 32-bit IP address: –network-layer address –used to get datagram to destination IP subnet MAC (or LAN or physical or Ethernet) address:

MAC Addresses and ARP 32-bit IP address: –network-layer address –used to get datagram to destination IP subnet MAC (or LAN or physical or Ethernet) address:
16 – CSMA/CD - ARP Network Layer4-1. 5: DataLink Layer5-2 CSMA (Carrier Sense Multiple Access) CSMA: listen before transmit: If channel sensed idle: transmit.

16 – CSMA/CD - ARP Network Layer4-1. 5: DataLink Layer5-2 CSMA (Carrier Sense Multiple Access) CSMA: listen before transmit: If channel sensed idle: transmit.
Announcement r Project 2 Extension ? m Previous grade allocation: Projects 40% –Web client/server7% –TCP stack21% –IP routing12% Midterm 20% Final 20%

Announcement r Project 2 Extension ? m Previous grade allocation: Projects 40% –Web client/server7% –TCP stack21% –IP routing12% Midterm 20% Final 20%
EE 122: Intra-domain routing Ion Stoica September 30, 2002 (* this presentation is based on the on-line slides of J. Kurose & K. Rose)

EE 122: Intra-domain routing Ion Stoica September 30, 2002 (* this presentation is based on the on-line slides of J. Kurose & K. Rose)
IP Address 0 network host 10 network host 110 networkhost 1110 multicast address A B C D class 1.0.0.0 to 127.255.255.255 128.0.0.0 to 191.255.255.255.

IP Address 0 network host 10 network host 110 networkhost 1110 multicast address A B C D class to to
Network Layer Moving datagrams. How do it know? Tom-Tom.

Network Layer Moving datagrams. How do it know? Tom-Tom.
Lecture 10 Overview. Border Gateway Protocol(BGP) De facto standard for Internet inter-AS routing allows subnet to advertise its existence to rest of.

Lecture 10 Overview. Border Gateway Protocol(BGP) De facto standard for Internet inter-AS routing allows subnet to advertise its existence to rest of.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.

8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
Network Security7-1 Today r Collect Ch6 HW r Assign Ch7 HW m Ch7 #2,3,4,5,7,9,10,12 m Due Wednesday Nov 19 r Continue with Chapter 7 (Security)

Network Security7-1 Today r Collect Ch6 HW r Assign Ch7 HW m Ch7 #2,3,4,5,7,9,10,12 m Due Wednesday Nov 19 r Continue with Chapter 7 (Security)
Introduction1-1 Data Communications and Computer Networks Chapter 5 CS 3830 Lecture 26 Omar Meqdadi Department of Computer Science and Software Engineering.

Introduction1-1 Data Communications and Computer Networks Chapter 5 CS 3830 Lecture 26 Omar Meqdadi Department of Computer Science and Software Engineering.
Network LayerII-1 RSC Part II: Network Layer 4. IP in operation Redes y Servicios de Comunicaciones Universidad Carlos III de Madrid These slides are,

Network LayerII-1 RSC Part II: Network Layer 4. IP in operation Redes y Servicios de Comunicaciones Universidad Carlos III de Madrid These slides are,
5: DataLink Layer5-1 LAN technologies Data link layer so far: m services, error detection/correction, multiple access Next: LAN technologies m addressing.

5: DataLink Layer5-1 LAN technologies Data link layer so far: m services, error detection/correction, multiple access Next: LAN technologies m addressing.

Similar presentations

Ads by Google