CIS 456 Spring 2004. Dr Ott. All homework is assigned on this page. Homework must be done before / is due on the date stated. Homework to be handed in: Unless stated differently, and unless you make a different arrangement with the TA (Mr Rahul Jain), homework must be handed in on the day stated, before 6:00 pm, by putting it in the envelope on the door of the Internet Laboratory. That is GITC 4325. January 27: Read Comer pp 1 - 33 carefully. Read Comer pp 33 - 51. (You must have seen this material, it is not central to CIS 456). IETF stands for ``Internet Engineering Task Force''. RFC stands for ``Request for Comments''. IETF RFCs can be obtained on the web. Find out how. (For example, first use GOOGLE to find IETF). Get IETF RFC 1700 and read page 1. (The whole RFC is too long and too out-dated to read). Get IETF RFC 3232 and read the whole thing. (2 pages). Use the mechanism described to find out what the content of the ``Frame Type Field'' in an ethernet frame header is, in case the ethernet frame contains an IP version 4 (IP v4) packet. (The answer is 0800 in hexadecimal, 0000 1000 0000 0000 in binary, 2048 in decimal). To prove you found the answer in the location I want you to know about, copy 5 lines from the page you found: the line with the answer, two lines above it, two lines below it (five lines total). Note: What Comer calls ``Frame Type'' (Comer page 30) many other people call ``EtherType'' or ``Ether Type''. If you have trouble with this assignment, go to ``help with RFC 1700 homework''. --- February 03: Read Comer pp 53 - 76 (Ch 3, 4). Read ``Notes on nslookup, dig, and dns'' on my web site. Visit http://cyberatlas.internet.com/big_picture/traffic_patterns/article/0,,5931_3298891,00.html (I found this site by typing ``Internet Traffic Patterns'' into GOOGLE and then going with the flow). What fraction of the USA population was considered an ``active internet user'' in Nov 2003? Hand in your response. What is the value of the ``Frame Type'' field in an ethernet frame if the packet the frame contains is an IPv6 packet? Go to the ``on-line database'' you now know about and give 5 lines of output: The line that gives the information, plus two lines above and 2 lines below. Find the IP addresses (two of them!) of the computer(name) ftp.eu.uu.NET . For both addresses, find back what the name of the computer is. Hand in a copy of what you saw on the screen (your commands and the responses). Give an explanation of what you saw. (There is no single ``correct'' answer, just make sure that what you say makes sense). --- Febr 10: Read Comer pp 77 - 114 (Ch 5, 6, 7). Read the discussion of Quiz 1 on this site. Addition on 02/08: for problem 1 below, I recommend you first read the ``Domain Names and URLs'' file on this site. (1) Find a computer in Africa, Asia, Australia, or Europe. From its name, find its Internet Address (or Addresses). From the Internet Address (or Adresses), find back the name(s). Hand in enough copy of output that we can see what you did. Within that constraint as little output as possible! (2) Log on the one of the computers afs1 - afs36 and for 5 or 6 minutes, obtain its arp table once every 20 or 30 seconds. (If you forgot how: do "man arp"). Figure out how this computers handles the ``soft state'' situation for the arp cache (arp table) that was discussed in class. Write a SHORT!! paragraph explaining how these computers achieve the objective of being, for IP address - Physical Address translation, rarely wrong and never wrong for a long time. Hand in. Add copies of a SMALL AMOUNT!! of output to back up your claim that you understand how afs1 - afs36 handle this. Just enough to back up your claim. Not more! (Hint: If you want to ``prove'' at what time you executed a command, do ``date'' just before and/or after you execute the command.) E.g.: maan-2057 ott>: date Sat Jan 31 15:29:17 EST 2004 maan-2058 ott>: accurate to about 1 sec. (3) Go to the famous "on line database" for Internet numbers that you already know so well. Find the Frame Types (in Ethernet) of ARP and Reverse ARP. (5 lines each, as before). Hand in. (4) Go to the famous "on line database" for Internet numbers that you already know so well. Go to ``ARP Parameters'' and to ``Address Family Numbers''. Give the first 5 lines of the ``Operation Code'' subsection. Hand in. (5) What is the content of the ``Hardware Type'' field in an ARP or RARP packet if the LAN involved is a hyperchannel? Give it in Hexadec as well as binary. Hand in. What is the ``Protocol Type'' in an ARP packet when the Protocol used is IPv6 ? Give it in Hexadec as well as binary. Hand in. (6) From last week, do now, hand in: Find the IP addresses (two of them!) of the computer(name) ftp.eu.uu.NET . For both addresses, find back what the name of the computer is. Hand in a copy of what you saw on the screen (your commands and the responses). Give an explanation of what you saw. (There is no single ``correct'' answer, just make sure that what you say makes sense). --- Febr 17: Read Comer Ch 8 (pp 115 - 126) and Ch 9 (pp 129 - 145). Read the files ``Domain Names and URLs'' and ``Use of Ping and Traceroute'' on my website. If you have not done so yet, read the other files. In particular, the file ``notes on nslookup, dig, and dns''. If you have trouble with remote access, see Mr Jain. Make sure to use Google. If you have trouble using Google, see Mr Jain. Do ``man ifconfig'' and try it. Do not hand in. Do ``man netstat'' and try it. Do not hand in. 1. Suppose a router (R1) has the following forwarding table: Mask Network Action Interf NextHop I 255.255.240.0 128.235.192.0 F eth0 128.235.223.2 II 255.255.252.0 128.235.32.0 DD eth1 III 255.255.252.0 128.235.204.0 F eth1 128.235.35.1 IV 255.255.255.0 128.235.223.0 DD eth0 V 0.0.0.0 0.0.0.0 F eth0 128.235.223.2 VI 255.0.0.0 127.0.0.1 DD lo0 and suppose you also know that eth0 has IP address 128.235.223.1, and that eth1 has IP address 128.235.32.1 A. Make a drawing of this system of routers and networks that is consistent with the facts above. To make grading easy: Let 128.235.223.2 be a port on R2 and let 128.235.35.1 be a port on R3. B. What is the LENGTH of the mask of the network that eth1 is on? C. Which network(s) is (are) prefix(es) to which? D. This forwarding table has 6 ``routes'': I, II, III, IV, V, VI For each of the following destination adresses, what does R1 do if it gets a packet with that destination address? Assume no problems with TTL, packetsizes, fragmentation, etc. 128.235.32.7 (answer: Route II. The rest you do yourself. To facilitate grading, just answer I, or II, or III, or IV, V or VI.)) 128.235.33.8 128.235.34.9 128.235.35.10 128.235.36.11 128.235.37.12 128.235.223.1 128.235.223.254 128.235.224.7 128.235.225.8 128.235.204.3 128.235.205.4 128.235.206.5 128.235.207.6 128.235.208.7 128.235.203.8 129.235.32.7 128.234.204.1 Hand in. (Do not hand in for E:) E. Often, what a router does with a packet depends not only on the destination address, but also on the interface that the packet comes in on. Examples: A packet with destination address 128.235.35.255 comes in on interface eth1. What does router R1 do? Answer: It ONLY gives the packet to its own software. This is a directed broadcast on network 128.235.32.0/22 . It comes from that network, so all stations on that network have already seen it. R1 is IS a station on that network, so it must look at the packet to see whether it has to further act on it. A packet with destination address 128.235.35.255 comes in on interface eth0. What does router R1 do? Answer: Now it gives the packet to its own software (for the reason above) AND it broadcasts it out over eth1. (Because the other stations on 128.235.32.0/22 have not seen the packet yet.) A packet with destination address 255.255.255.255 comes in on any interface. What does router R1 do? Answer: It only gives it to its own software. Does not send it out over any interface. There are many other (and more realistic) cases where the incoming interface matters. Later. 2. Log on to lafite. (lafite.njit.edu). Using ifconfig: A. Find the internal names of the ports on this computer. B. Find out which of these ports (apart from the loop-back port) are active (have an IP address assigned). C. Find the physical addresses and IP addresses of the active ports, and find the network addresses and masks of the networks these active ports are on. Hand in responses to A - C. 3. Log on to lafite. Using netstat (options -r and -rn) find the name and the IP address (IP address of the interface ``toward'' lafite) of the default router lafite uses. Hand in. Check that the information from ifconfig -a and from netstat -r to a large degree is the same. Do not hand this in. 4. Find the IETF RFC that has a table of MTUs of various LANs. Look through that table. Hand in the two lines that give the two MTUs of two versions of PPP (Point to Point Protocol). Aside: X.25 has an MTU of 576 Bytes. X.25 used to be such a dominant carrier that 576 Bytes used to be a ``default'' max packet size. No More! --- Quiz 1 was on Febr 03. Quiz 2 was on febr 13. Quizes are never announced! (apart from the first one). Common sense dictates: The probability quiz 3 will be on 12/17 is small. (But it is possible, in particular if I decide to put in an almost identical problem). The probability of 02/20 is larger, but still small. 02/24 has a pretty good chance. 02/27 a much smaller chance, then the probability goes down real fast. In quiz 3 questions will be on all material covered on or after 02/03, readings and homework for 02/03 and later. Including homework for the day of quiz 3 itself. Homework for Febr 24. (One student told me he can not handle the strain that the homework assignment can change after the first posting: Don't worry, barring exceptional circumstances I only add, so you can start working right away. I try to assign a week or more in advance, but fairly often after teaching on Tue I change my mind and add on Wed. Possibly, rarely, even add on Thu. By Fri the assignment for Tue is frozen.) Read Comer Ch 10 (You have seen much of this in class). Read Comer Ch 11 (You have seen much of this in class). Make sure to ask questions! I'll try to ``pull it all together''. Hand in: 1. Suppose an IP packet without options arrives at a router R. Suppose the packet has TL (Total Length) 6214 Bytes, TTL = 27, DF = 0 , M = 0 , FragOffset = 0. Suppose R decides to route the packet through a next LAN that has MTU = 1500 (Bytes). (How many databytes does this packet have?) 1A. How many fragments will there be? 1B. For each of the fragments, compute Total Length, TTL, DF, M, FragOffset, number of data bytes. I had counted on covering ping and traceroute on 02/13, and then assigning the following for 02/24. I have decided I covered enough on ping and traceroute to indeed assigning the following for 02/24. Do ping and traceroute from one of afsx, x = 1 , 2 , ... , 36 to another computer in the same group. Look at the result. Play with options. Do not hand in. Choose x among 1 , 2 , ... , 36 and y among 48 , ... , 56 . That afsy probably does not have ssh. So to log into it, you must first get into one of afsz, z = 1 , ... , 36, then telnet or rsh or rlogin to afsy. Hand in 2 - 6 below. 2. Do traceroute from afsx to afsy . What are the name and IP address of the router on the way from 128.235.204.0/22 to 128.235.223.0/24 ? Call the IP address IPA1. (Hand in). 3. Do traceroute from afsy to afsx . What are the name and IP address of the router on the way from 128.235.223.0/24 to 128.235.204.0/22 ? Call the IP address IPA2. (Hand in) 4. From 1, 2 above: is routing ``symmetric? (Routing is symmetric if the path from destination to source is exactly the reverse of the route from source to destination: the same routers, but in inverse order). Hand in SHORT paragraph. (More like two lines). 5. From afsx, do traceroute to IPA2. From afsy, do traceroute to IPA1. Make a schematic drawing of the two networks and the two routers. Indicate IP adresses of ports on routers. If you can not get addresses for all the ports that ought to be there, just explain what you think is going on. 6. Find the Round Trip Time from afsx to afxy and back, for the smallest possible packet and for the largest possible packet. Explain why these are the smallest possible and largest possible packet sizes. (Do not hand in): If you do a ping or traceroute and you give the name (not IP address) of the destination computer, the computer from where you ping must first do a dns query. (Using something like nslookup). In some operating systems that time is added to the response time, so that the first ping or traceroute has an inflated response time! Find out which OSs that you can log on to have that characteristic. Linux: lafite and latour. (have ssh, not telnet, rsh, etc) Solaris: afsx, x = 1 , ... , 36. (have ssh, telnet, etc) Silicon Graphics: afsy, y = 48, ... , 56. (have telnet etc, not ssh)! I have decided to indeed assign the problems 1 - 6 above for Tue 02/24. --- Homework for March 02. Read Comer Ch 12. (UDP). Read Comer pp 209 - 218. (Start of TCP !). For the next problem, look at the ``Network Drawing'' and the ``Network Description'' on the CIS 456, Spring 2004, page in my website. 1. Make a ``forwarding table'' for Router R1. Hand it in. Keep this forwarding table! You will need it in the ``maxi-phase'' of the project. 2. Assume only the Routers R11, R10, R9, and the NAT router are there, and the networks XIV, XIII, XII, III. In the remaining network, make a forwarding table for router R11. Hand in. In the ``action'' field of the forwarding table you may put something complicated. Like ``drop packet and send ICMP error message ...''. 3. Choose x and y two different numbers in the range 1 , 2 , ... , 36. ping from afsx to afsy, for a number of different packet sizes. For each packet size, send 10 echo requests. (i) What is the smallest packet you can send? What is the largest packet you can send? Hand in and explain how you found this. In between those two values, choose about 10 more packet sizes. You will try to measure the datarate of the LAN between afsx and afsy. (ii) Plot the round trip time as function of packet size. If you are trying to measure the datarate, and if you get different values of the RTT for the 10 different packets of the same size, which RTT do you plot? (min? max? mean? something else?). Why? If you see ``strange results'', do not hide them! document them! In particular if they are reproducible. They may be ``interesting''. Hand in the plot of RTT vs packetsize. (iii) Give your best guess for the datarate of the LAN connecting afsx and afsy. Hand in. ---- Quiz 1 was on Febr 03. Quiz 2 was on Febr 13. Quiz 3 was on Febr 27. So quiz 4 will probably be on March 09 or March 12. Earlier is quite possible. Quiz 4 will be on all material done on or since Febr 13. Homework for March 09: Read Comer pp 218 - 235. (We will stick with TCP for a while). 1. Find the default route for lafite.njit.edu . Find the name of the default router and the ``next hop'' address of the default route. Describe what tool(s) you used to get the information, and how you got the information. Hand in. 2. Do traceroute from lafite.njit.edu to ucssgi6.njit.edu. What is the name of the first (and only) router on the way from lafite to ucssgi6? What is the address of the interface of that router ``toward'' lafite? Hand in. 3. Do you find an inconsistency between what you found in 1 and in 2? VERY BRIEFLY, describe what seems to be wrong. Hand in. And work on your project! (miniproject due 03/23, I recommend you finish it by 03/12 and use the break for the ``maxi project''). The miniproject is done by students individually. The maxiproject is done in teams of 1 or 2. (Teams of 2 recommended). I recommend you find a partner before March 13, so you can work together over the spring break. ----- March 23. Miniproject due! Electronically, to Mr Jain. rbj2@njit.edu . Read Comer pp 235 - 250. 1. Comer p 74 problem 10.10. Hand in. In TCP every ``endpoint'' has a ``sendbuffer'' and a ``receivebuffer''. The sendbuffer is used to store data that must be sent but has not been sent yet, and data that has been sent but has not been acknowledged yet. (Such data must be kept until it is acknowledged, in case it must be retransmitted). The receivebuffer is used to store data that has been received but has not been sent to the destination application yet, including data that is waiting for previous data. (Waiting for re-sequencing, or waiting for data with a lower sequence number that has not been received yet). The ``advertised window'' the receiver sends to the sender is at most as large as the receive buffer. 2. Suppose we have a supercomputer in Pittsburg and a supercomputer in San Diego, and suppose these two two computers have a file of 1 TByte (10^(12) Bytes) that has to be sent from Pittsburg to San Diego. The people involved have measured the RTT and found it is about 50 msec. Suppose the people involved expect they can do this transfer in about 4 hours. Give a lower bound for the sizes of the send buffer (in Pittsburg) and receive buffer (in San Diego) to give them a chance to be correct in their prediction. Hand in. ----- March 30. A miniquiz is likely on March 30 or April 2. Read Comer pp 253 - 264 (start of routing). Work on the maxiproject! It is due Tuesday April 13. Do problem 13.2 on page 250. Hand in. ---- Since there was no quiz on 03/30, it is very likely there will be one on 04/02. All material covered on or since Febr 27. All reading for Febr 27 and since. All homework for Febr 27 or since. Likely questions: Draw the TCP header without options. For each field, give number of bits and brief description of use or function or role. Where appropriate, give the units the field is expressed in. (bits, bytes, 32 bit words, liters, seconds, kilograms, carat, meters, ...). Look at the following output from tcpdump and ... . For example: Here is a tcpdump output for 1 IP packet, in hexadec: 4500 007a 0000 4000 4011 2568 0a07 00fe 0a07 ffff 0277 0277 0066 de61 3930 3536 2033 2069 7070 3a2f 2f74 7572 696e 672e 696e 7465 726e 6574 2e6c 6162 3a36 3331 2f70 7269 6e74 6572 732f 6665 6562 6520 2249 6e74 6572 6e65 7420 4c61 6222 2022 6665 6562 6522 2022 4850 204c 6173 6572 4a65 7420 3232 3030 220a a. This is a UDP packet. How can you see that? I planned to put a TCP packet here, but goofed and copied the wrong packet. Had this been a TCP packet, you should have answered the following questions. Find a TCP packet (preferably a ``first SYN'') in my webpage and try your hand at the questions below. b. Are there IP options? (yes/no) How can you tell? c. Are there TCP options? (yes/no) How can you tell? d. Give the values of all 8 TCP flags. ____ e. Draw a line ( like ____| ) between IP header and TCP header. f. Draw the boudaries between the various TCP options. I do NOT expect you to remember the code/type etc for the various options. In this example you have to look them up. In the real quiz, they will be given if you need them. Maybe even if you do NOT need them. But these are NOT the only possible questions! All homework questions are likely! and ... . ----- Homework for April 6: I plan to do RIP and OSPF before BGP etc. So read Ch 16 before Ch 15. Read Comer pp 264 - 267 and pp 293 - 308. ----- Homework for April 13: Read Comer pp 308 - 316. Read Comer pp 269 - 275. I have put some tcpdump output on my website. See ``tcpdump with ftp'' in my CIS 456 page. Do the problems 1 - 7 on that page. Hand in only problems 1 , 2, ,3 , 4 on that page. I recommend you also do problems 5 , 6 , 7 for yourself: such problems are likely to occur in a quiz. (I also occasionally ask a similar question where packets of various handshakes are interleaved, for example a FIN of one flow in between the FINs of another flow. Make sure to check portnumbers to see which packets belong together!) ----- Maxiproject due Monday 04/19 at 9:00 am. By Email to Mr Jain. -- On Saturday April 24 I will have a guest lecturer in my Graduate Networking class. (Sat am, Kupfrian 205). Dr Joel Gottlieb, ATT Research, will give a lecture ``how networks really work''. Sat 04/24/2004 10:45 - ~ 12:15. Students from CIS 456 are welcome to sit in. I will NOT use Dr Gottlieb's lecture in quizes etc in CIS 456. (I WILL in the graduate class!) If you want to sit in, be there by 10:35. Limited seating. (Unlike undergraduate students, graduate students rarely skip class. There are only 14 or so free seats). Last time I had a guest lecturer from ATT Research there were so many questions the speaker went about an hour over time. So make sure to have breakfast before the talk. ----- Homework for April 20: Read Comer pp 319 - 343 (to end section 17.25). (Multicast). Excercise on RIP: R0 (Router 0) and its neighbors do RIP1. At some point, R0 has routing table: network: 1 2 3 4 5 6 7 8 distance: 0 0 1 1 3 3 5 16 next hop: DD DD R1 R2 R3 R1 R2 (If R0 gets packet for network 8, it drops the packet and sends an icmp message ``network unreachable''. If it gets a packet with a destination address that is not in any of the networks 1 , 2 , ... , 8 it drops the packet and sends an icmp message ``network unknown''.) The routers do ``Poison Reverse''. 1. If now R0 sends a route advertisement to R1, what does the advertisement say? 2. Suppose next R0 gets the following advertisement from R2: netw: 1 2 3 4 5 6 7 9 dist: 16 16 2 0 1 2 7 2 What is the R0 routing table after the update? Hand in. ----- Homework for April 27: Read Comer Ch 18 (ATM). pp 353 - 375. I covered much of this in class on 04/23/2004. I will cover a bit more on ATM and MPLS on 04/27. On 04/27 I plan to talk about BOOTP and DHCP (part of Ch 23) and about NAT and VPN (part of Ch 20). On Friday 04/29 I plan to talk about FTP (part of Ch 26) and (Time permitting) on DNS (part of Ch 24). On Tuesday 05/04 I will talk about IPv6. (part of Ch 33). Final will be Monday 05/10, 11:30 - 2:00. An IP packet has IP destination address 229.105.165.60 . 1. Give the address in binary. Please do it in the form xxxx xxxx . xxxx xxxx . xxxx xxxx . xxxx xxxx (That makes it ``almost'' easily readable, and helps in translation to and from dotted decimal and hexadecimal). 2. Explan why this is an IP broadcast address. 3. Suppose this packet is sent into a ``final LAN'' which happens to be an ethernet. What is the physical destination address of the ethernet frame that carries the packet? Give it first in binary (xxxx xxxx : xxxx xxxx : xxxx xxxx : xxxx xxxx : xxxx xxxx : xxxx xxxx), then in hexadecimal (XX:XX:XX:XX:XX:XX) The next excercise is a ``repeat'' of last week. Excercise on RIP. Mr Russo is right: the distance from a router to a network it is attached to is one, not zero. See RFC 1058. (If you want to look this up, be carefull! RFC 1058 has been updated by RFC 1753. RFC 1753 has been obsoleted by RFC 2453. RFC 2453 has not been updated or obsoleted, yet. This means some, but not all, the information in RFC 1058 is out-dated.) The distance between two routers sharing a network is one. So, if R1 and R2 have distance one to each other, then there exists a network N they both have distance one to. In the problem below, R0 and R1 share a network. R0 and R2 also share a network. R0 and R3 also share a network. (Because these are ``next hops''.) R0 (Router 0) and its neighbors do RIP1. At some point, R0 has routing table: network: 1 2 3 4 5 6 7 8 distance: 1 1 2 2 4 4 6 16 next hop: DD DD R1 R2 R3 R1 R2 (If R0 gets packet for network 8, it drops the packet and sends an icmp message ``network unreachable''. If it gets a packet with a destination address that is not in any of the networks 1 , 2 , ... , 8 it drops the packet and sends an icmp message ``network unknown''.) The routers do ``Poison Reverse''. 4. If now R0 sends a route advertisement to R1, what does the advertisement say? 5. Suppose next R0 gets the following advertisement from R2: netw: 1 2 3 4 5 6 7 9 dist: 16 1 2 1 1 2 7 2 What is the R0 routing table after the update? From the original routing table you can see that R0 has distance 1 to R1 , R2 , and R3. 6. Do you know what network R0 and R1 both have access to? R0 and R2 ? R0 and R3? Hand in all 6 (1 - 6). ----- Homework for May 04 (Last day of classes): Reading to be assigned. It will include Comer Ch 33. (IP v6). pp 599 - 613. And some more. The ``address structure'' for IPv6 as in Comer pp 614 - 619 is out-dated. See e.g. RFC 3513 and RFC 3587. I will put a ``correct'' version in my notes.