This assignment is due no later than 6:20 p.m. on Thursday, 3 October.
This homework assignment has six questions; answer all of them. Please site references you use to answer your questions, including the textbooks you’re using.
Your homework may turned-in on paper or via rclayton@monmouth.edu
by
email. If you mail your assignment, please submit a printable document
— a PostScript .ps
or PDF .pdf
document, for
example — and not a source document — a
Word .docx
or Latex .tex
document, for example. Make sure you mail a
printable document by the deadline.
Note: This question is under-specified, and a correct answer requires making assumptions to fill in the details. Make sure you clearly state the assumptions you're using.
The number of connections communicating between hosts in Long Branch and Beijing is equal to the number of different (source port, destination port) pairs extracted from the authorities' PDUs, assuming there's at least one PDU sending or acknowledging data (that is, a PDU without the SYN bit set) from each suspected connection.
If you want to be extra careful, and you do because you're a forensic network detective, you can check the source and destination IP addresses to make sure the PDUs are moving between the right hosts, and the protocol type to make sure the PDUs are from a TCP connection, but those checks alone won't give you the answer to the question.
Swapping two 16-bit values in a PDU leaves the checksum unchanged because addition is commutative. For example 123416 + 567816 = 567816 + 123416, which is fine for addition but terrible for checksums. Swapping half-bytes causes similar problems: 123416 + 567816 = 527416 + 163816.
Note: Despite these assumptions, this question is under-specified, and higher-quality answers will make reasonable assumptions to fill in the details. Make sure you clearly state your assumptions.
The network bandwidth is 50.2 Mbyte/sec. The distance between Hannibal and
London is about 4,2000 miles, which takes a signal (4,200 miles)/(123,000
miles/sec) = 0.03 sec to cover. A smoothly running, long-lived sliding-window
protocol keeps a window's worth of PDUs in the network at all times. If a
PDU is 512 bytes, that's 2,500 PDU/window Note that this question doesn't define “better.” Higher-quality
answers will provide a reasonable definition for “better,” as well as a
few other terms left undefined.
When the network drops large blocks of consecutive PDUs (around N PDUs) at
once, protocol G is quicker to re-transmit missing PDUs than is protocol
R. In such cases protocol G triggers re-transmission of the missing
PDUs with one ack, assuming the size of the missing PDU block is somewhere
around N. Protocol R requires the receiver trigger re-transmission
of each PDU with a separate ack.
When the network drops isolated PDUs, protocol R is more
bandwidth-efficient than is protocol G. A protocol-R sender
re-transmits a single missing PDU for each ack, while a protocol-G sender
re-transmits the single missing PDU and N - 1 unnecessary PDUs.
Let the network has bandwidth b bits/sec and end-to-end delay d sec.
TCPD sends all its data, and everything after the first bd bits falls on
the floor because the network's full. The TCPD sender receives an ack
indicating receipt of the first bd bits, and retransmits starting with the
second bd bits. This behavior is essentially equivalent to
stop-and-wait with packet size equal to the network delay-bandwidth product.
Assuming the same packet size (MSS size) as used by TCPD, TCPS sends a single
packet and increases the packets in flight by one for each round-trip-time
(assuming no loss other than a full network throwing packets on the floor).
Eventually tpcs stabilizes at a rate of less than one packet size smaller than
the network maximum.
Once stable, TCPS preforms better than TCPD because it keeps a constant, almost
maximal amount of data moving through the network, while TCPD keeps a maximal
amount of data moving through the network, but it's interrupted by idle periods
(of length d sec) waiting for acks. However, it takes time for TCPS to
stabilize, and during that time TCPD is sending at the maximum.
There are two problems with using the alternating-bit protocol (ABP) sequence
number space ({0, 1}) in TCP. First, a two-element sequence-number space
reduces whatever security results from randomly selecting an initial sequence
number. The initial sequence number can still be randomly selected, but an
attacker has a 50% chance of guessing right on each try (assuming a fair coin
flip). Second, a two-element sequence number space reduces TCP to a
stop-and-wait protocol, which is an unacceptable reduction in performance and
efficiency.