Computer Networks, CS 514

Homework 2, 23 September 2013

This assignment is due no later than 6:20 p.m. on Thursday, 3 October.

This homework assignment has six questions; answer all of them. Please site references you use to answer your questions, including the textbooks you’re using.

Your homework may turned-in on paper or via rclayton@monmouth.edu by email. If you mail your assignment, please submit a printable document — a PostScript .ps or PDF .pdf document, for example — and not a source document — a Word .docx or Latex .tex document, for example. Make sure you mail a printable document by the deadline.

  1. You are a forensic network detective, and the authorities come to you seeking important information. The authorities show you some TCP protocol data units (PDU) from a communication between a host in Long Branch and a host in Beijing and want to know if the hosts using one or two TCP connections to communicate. Explain how you would go about answering this question.

    Note: This question is under-specified, and a correct answer requires making assumptions to fill in the details. Make sure you clearly state the assumptions you're using.

    The number of connections communicating between hosts in Long Branch and Beijing is equal to the number of different (source port, destination port) pairs extracted from the authorities' PDUs, assuming there's at least one PDU sending or acknowledging data (that is, a PDU without the SYN bit set) from each suspected connection.

    If you want to be extra careful, and you do because you're a forensic network detective, you can check the source and destination IP addresses to make sure the PDUs are moving between the right hosts, and the protocol type to make sure the PDUs are from a TCP connection, but those checks alone won't give you the answer to the question.

  2. Give an example of protocol data unit corruption that is not detected by TCP or UDP checksuming.

    Swapping two 16-bit values in a PDU leaves the checksum unchanged because addition is commutative. For example 123416 + 567816 = 567816 + 123416, which is fine for addition but terrible for checksums. Swapping half-bytes causes similar problems: 123416 + 567816 = 527416 + 163816.

  3. A host in Hannibal, Missouri is sending protocol data units (PDUs) to a host in London via a TCP connection. The Hannibal host has a send-window size of 2,500 PDUs, and the TCP connection is getting 85% network utilization. How fast is the network carrying the connection between Hannibal and London? Show your work. You may assume 1) the sender's window is the only factor controlling PDU sends (no receiver or congestion window influences); 2) communication is one-way, and acknowledgments are small that they may be ignored; 3) the network performs well and is providing reliable delivery without needing TCP mechanisms (retransmissions, for example).

    Note: Despite these assumptions, this question is under-specified, and higher-quality answers will make reasonable assumptions to fill in the details. Make sure you clearly state your assumptions.

    The network bandwidth is 50.2 Mbyte/sec. The distance between Hannibal and London is about 4,2000 miles, which takes a signal (4,200 miles)/(123,000 miles/sec) = 0.03 sec to cover. A smoothly running, long-lived sliding-window protocol keeps a window's worth of PDUs in the network at all times. If a PDU is 512 bytes, that's 2,500 PDU/window 512 bytes/PDU = 1.28 Mbytes/window, which is the delay-bandwidth product. Given a delay of 0.03 sec, the bandwidth is (1.28 Mbytes)/(0.03 sec) = 42.7 Mbytes/sec, but that's 85% of network bandwidth, which is (42.7 Mbyte/sec)/0.85 = 50.2 Mbyte/sec.

  4. Protocol G uses go-back-N to recover from lost PDUs, while protocol R uses selective repeat. Give an example of bad network behavior that protocol G handles better than does protocol R; justify your example. Give an example of bad network behavior that protocol R handles better than does protocol G; justify your example. Assume in both cases the protocols successfully deliver their data to the other side.

    Note that this question doesn't define “better.” Higher-quality answers will provide a reasonable definition for “better,” as well as a few other terms left undefined.

    When the network drops large blocks of consecutive PDUs (around N PDUs) at once, protocol G is quicker to re-transmit missing PDUs than is protocol R. In such cases protocol G triggers re-transmission of the missing PDUs with one ack, assuming the size of the missing PDU block is somewhere around N. Protocol R requires the receiver trigger re-transmission of each PDU with a separate ack.

    When the network drops isolated PDUs, protocol R is more bandwidth-efficient than is protocol G. A protocol-R sender re-transmits a single missing PDU for each ack, while a protocol-G sender re-transmits the single missing PDU and N - 1 unnecessary PDUs.

  5. Protocol implementation TCPD doesn't use slow start, it just dumps all the protocol data units (PDUs) it has onto the network. Protocol implementation TCPS uses slow start. Apart from PDU throttling, TCPD and TCPS provide standard TCP behavior. Assuming a network which is perfect except for finite bandwidth, give a numeric example demonstrating the point at which TCPS becomes a better performing protocol than TCPD.

    Let the network has bandwidth b bits/sec and end-to-end delay d sec. TCPD sends all its data, and everything after the first bd bits falls on the floor because the network's full. The TCPD sender receives an ack indicating receipt of the first bd bits, and retransmits starting with the second bd bits. This behavior is essentially equivalent to stop-and-wait with packet size equal to the network delay-bandwidth product. Assuming the same packet size (MSS size) as used by TCPD, TCPS sends a single packet and increases the packets in flight by one for each round-trip-time (assuming no loss other than a full network throwing packets on the floor). Eventually tpcs stabilizes at a rate of less than one packet size smaller than the network maximum. Once stable, TCPS preforms better than TCPD because it keeps a constant, almost maximal amount of data moving through the network, while TCPD keeps a maximal amount of data moving through the network, but it's interrupted by idle periods (of length d sec) waiting for acks. However, it takes time for TCPS to stabilize, and during that time TCPD is sending at the maximum.

  6. Explain why the alternating-bit protocol is incapable of providing sequence numbers for TCP.

    There are two problems with using the alternating-bit protocol (ABP) sequence number space ({0, 1}) in TCP. First, a two-element sequence-number space reduces whatever security results from randomly selecting an initial sequence number. The initial sequence number can still be randomly selected, but an attacker has a 50% chance of guessing right on each try (assuming a fair coin flip). Second, a two-element sequence number space reduces TCP to a stop-and-wait protocol, which is an unacceptable reduction in performance and efficiency.

This page last modified on 2013 October 14.