Business Data Communications By Manish Agrawal
Email: Richard@qwconsultancy.com
Business Data Communications Instructor manual containing solutions to end-of-chapter questions This document has been created for the convenience of instructors. Answers to all the end of chapter questions have been provided here. All chapters have four kinds of questions. These questions are designed to give students the opportunity to learn the chapter material more effectively. The format has been motivated by Bloom’s taxonomy,1 which is shown Figure 1: Bloom’s taxonomy in Figure 1. Learning is believed to be classified into levels with recall at the lowest layer and increasingly complex and abstract mental levels at higher layers. The challenge Creating is that while most school work requires learning at the Evaluating remembering level, most professional work requires sustained performance at the evaluating and creating levels.
Analyzing Applying
Understanding The review questions at the end of chapter help students Remembering develop a base of knowledge at the remembering level. The hands-on exercises help students learn at the understanding and applying levels. The example case in each chapter is intended to facilitate applying and analyzing. Finally, the network design case promotes evaluation and creation. The questions do take time to answer. The hands-on exercise and network design case in particular, can be significantly time consuming. But most students express a strong desire for hands-on activities and fortunately, a lot of information about computer networks can be gathered using simple utilities available on every personal computer. I believe that the time invested in completing these end-ofchapter exercises will be well rewarded at the time of job interviews and in the workplace. Some chapters also have question(s) under the head “critical thinking”. The goal of these questions is to facilitate learning at the evaluating level. Unfortunately however, this section was not fully developed for this edition. I ask students to answer all four categories of end-of-chapter questions. Students overwhelmingly prefer being assigned one chapter at a time, immediately after the chapter has been covered in class. Since the questions involve a good amount of work in answering and grading, I find it useful to allow students to work in group of up to two students each. This gives students the opportunity to work in a team, and also to get to know another student in the class.
Comments to instructors are shaded for convenience. 1
http://www.odu.edu/educ/roverbau/Bloom/blooms_taxonomy.htm (accessed 11/18/2010)
Chapter 1 - Introduction Review questions 1. What is business data communications? Business data communications is the movement of information from one computer application on one computer to another application on another computer by means of electrical or optical transmission systems. 2. What are some of the ways in which computer networks are used in large businesses? Large businesses use computer networks in various ways. Web sites are used to provide marketing information to customers. Internal networks are used by employees to share inventory and other information from a central repository. Applications such as mail allow employees to communicate with internal and external stakeholders. Networks allow sharing of hardware such as printers. Instructors may like to identify a prominent local company and find out how they use computer networks. Even simple examples are interesting to students. This and the next question are a great topic for a guest speaker, who can be invited to come in and talk about how their company uses computer networks to add business value. 3. What are some of the ways in which small businesses can benefit from computer networks? Small businesses can use computer networks for things such as online marketing, email and printer sharing. Small businesses could also create small database applications to be shared from multiple computers. 4. Look at the websites of some departments of your county government. What three services offered at these sites do you find most interesting? County governments offer many services such as property records search, online property tax payments, traffic citation payments, library catalogs, meeting schedules and job postings. 5. Describe how the three online government services you chose could be helpful to you. Residents can verify tax property payment status and other information from the convenience of their homes; they can pay any traffic citations online, reserve library books online, find out about public meetings about issues that concern them and also apply for jobs online.
Page 2
6. Describe the major trends in the growth of Internet traffic. Projected statistics about the growth of the Internet are drawn from the Cisco report. It is estimated that the total volume of Internet traffic in 2008 was 7,294 Peta Bytes per month. And this number is growing at the rate of 42% per year. Internet traffic growth is being driven by both consumers and businesses, with consumers driving a larger share of the growth recently. This is because of the emergence of video as a major Internet application. The highest growth rates are in Latin America, driven by the entry of new Internet users in these countries. These statistics are primarily from the CISCO IP traffic forecast report for 2006 – 2012 that is referenced in the chapter. Students may note that there are few other business statistics that are already so large and yet are experiencing such high growth rates. 7. What is packetization? Packetization is the process of breaking down user data into small segments and packaging each of these segments appropriately so that they can be delivered and reassembled across the network. Data segments produced by packetization are generally called packets, although the terms frames and datagrams are also used. Packetization is therefore the idea of sending information as small blocks of information. 8. Why is packetization useful in business data communication? Packetization is useful in business data communication because it makes for easy transport of data. Packet networks can serve as a common infrastructure for all forms of information transfer, including phone, video and data. 9. What are some of the factors that make packet switching more complex technologically than traditional phone circuits (circuit switching)? Packet switching is more complex than circuit switching because it requires data to be segmented into packets at the sending end, and reassembled from packets at the receiving end. The packets need to be delivered reliably to the destination. However, the rewards of the complexity are efficiency. Experiments suggest that packet switching can send up to 100 times more data using the same network resources as circuit switching. 10. Provide a high-level overview of the structure of a typical data packet. What are the kinds of information you are likely to find in the header of a typical packet? Page 3
Each packet has 2 parts – the body and the header. The body of the packet is the segment from the original data carried by the packet. The header is the information added to the body during packetization. The header information aids in the delivery of the packet to the correct destination without errors. The header also enables the body of the packet to be correctly reassembled with the bodies delivered by other packets. The kinds of information in a typical packet header include the address of the data source, the destination, and error detecting information. 11. Consider a typical office memo as a data packet. What information in the memo would be characterized as header information? What information would be characterized as the body of the packet? The information in the memo that would be characterized as header information would be the identification of the sender, the receiver, and the subject line. Information that would be characterized as the body of the packet would be the actual writing in the main part of the memo - the content that the memo is intended to convey. The goal of this question is to motivate students to think in terms of analogies. The memo is a very close analogue of a data packet. 12. Why is Internet traffic considered “bursty” compared to voice traffic? Bursty traffic is traffic that occurs in distinct spurts, interspersed by periods of silence. Internet traffic is considered bursty compared to voice traffic because people generally speak in long sentences and the periods of silence are few and far between. By contrast, on the Internet, users typically ask for information that is delivered almost instantaneously by the network generating a burst of traffic. This burst is followed by a relatively long period of silence as the user processes the downloaded information before seeking additional information. Therefore on the Internet, the traffic flow generated by an individual user is quite bursty. 13. What is layering? Layering is the practice of arranging functionality of components in a system in a hierarchical manner such that lower layers provide functions and services that support the functions and services of higher layers. The end user in a layered system interacts only with the top-most layer. The lowest layer typically interacts with physical world to perform the task requested by the end user. 14. Why is layering useful in organizations?
Page 4
Layering is useful in organizations because it provides an effective way to decompose highlevel organizational objectives into meaningful task assignments for executives, while enabling the monitoring of these tasks. At the top level, CEOs are responsible for meeting stakeholder goals. CEOs are helped by VPs, who may be helped by area managers, who may in turn be helped by fresh college graduates acting as foot soldiers in the organization. 15. Why is layering useful in computer networking? Layering is useful in computer networking because it provides an effective way to organize all the functionality required for data communication. Each layer is responsible for a specific function in data communication and developers of each layer of the software can focus on improving how that specific functionality is delivered. A side benefit of layering is that it enables up gradation of each layer independently of other layers. For example, you can upgrade a version of your web browser or switch to a different web browser without changing any other network software. You can also easily move between wired and wireless computer networks without changing browsers or email clients. Again, this is possible because the network access functionality is defined in a layer independent of the application layer. 16. What are the five layers of the TCP/ IP stack? The 5 layers of the TCP/IP stack are: Application layer Transport layer Network layer Data-link layer Physical layer 17. What are the primary functions of each layer in the TCP/ IP stack? The primary functions of the 5 layers of the TCP/IP stack are: 5. Application layer
: commands to support common end user network needs
4. Transport layer
: reliable end-to-end data delivery
3. Network layer
: routing and network addressing
Page 5
2. Data-link layer
: error-free transmission over 1 link
1. Physical layer
: converts data to signals for transmission over physical media
18. TCP is often considered the most important layer of the TCP/ IP model. What are the primary responsibilities of TCP? The primary responsibility of TCP is segmentation and reassembly of packets. TCP provides highly reliable host-to-host data delivery over packet switched networks of arbitrary levels of complexity and unreliability. 19. What are requests for comments (RFCs)? RFCs are the documents that specify the protocols at the network, transport and application layers of the TCP/ IP stack. 20. What is the OSI model? What was the motivation for the development of the OSI model? The OSI model is the Open Standards Interconnect model. It is a model, not a real technology solution for networking. The motivation for the development of the OSI model was that in the early days of networking, many firms developed their own proprietary technologies for computer networking. Each of these technologies was a complete networking solution, and the technologies were usually not properly layered. Unfortunately, IT managers had a hard time getting these technologies to interoperate with each other. The result was that if a firm adopted the networking technology of one company, it was forced to buy all computer equipment from the same company. The result was that the choice of a networking technology often made organizations captive customers of the technology vendor, which could charge steep prices for subsequent sales. The challenge therefore was to ensure interoperability between these competing technologies. To overcome this challenge, the ISO came up with the OSI model. The primary contribution of the OSI model in modern networking is that it specified the concept of layers in computer networking and defined the services to be offered at each layer. This improved interoperability between networking technologies. 21. How has the OSI model been useful in the development of computer networks? The OSI model helped the development of computer networking because technology developers were able to define their technologies in terms of the layers served by their technology. In the end, all proprietary technologies were seen as operating at the data link layer. IP and TCP were used for network and transport layer functionality.
Page 6
22. What are the seven layers of the OSI model? The seven layers of the OSI model are: 7. Application layer 6. Presentation layer 5. Session layer 4. Transport layer 3. Network layer 2. Data link layer 1. Physical layer 23. What are the primary functions of each of the seven layers of the OSI model? The primary functions of the seven layers of the OSI model are: 7. Application layer
: request-reply mechanism for remote operations across a network
6. Presentation layer : syntax conversion from host-specific syntax to syntax for network transfer 5. Session layer
: create and terminate connection; establish synchronization points for recovery in case of failure
4. Transport layer
: segmentation, reassembly of packets in one connection, multiplexing connections on one machine
3. Network layer
: routing and network addressing
2. Data link layer
: error-free data transmission over a single link
1. Physical layer
: convert data to signals for transmission over physical media
24. The packets used to transmit voice on the Internet are similar to the packets that are used to send email. What are some of the advantages of this approach? An advantage of using a common packet format is that a single device such as a computer, laptop or PC, is able to run any network communication application. This is possible because one packet format, IP, can serve all these applications and can be transferred across all Page 7
networks. As long as the device can process IP packets, it can support any networked application. 25. What are the two design principles behind Internet protocols? The first principle is that computer networks would be organized as a federation of networks, where each network could adopt any arbitrary design or technology. This principle allows wireless Ethernet networks in homes to interoperate with fiber optic networks in carriers. Interoperation can be expected even with networking technologies that do not exist yet. The second principle is that multiple applications, even those that have not yet been conceived, should be able to use the Internet for network connectivity.
Hands-on exercise
Figure 2: Traceroute output
1. Briefly describe what traceroute does and how it is useful (you may find articles on traceroute on sources such as Wikipedia useful). Traceroute is a computer network tool used to show the route taken by packets across an Internet Protocol (IP) network. Traceroute is often used for network troubleshooting. By showing a list of routers traversed, it allows the user to identify the path taken to reach a particular destination on the network. This can help identify routing problems or firewalls that may be blocking network traffic. (Wikipedia.com) 2. Use traceroute to trace the route from your home or work computer to your university’s website. Show the traceroute output. What networks were encountered along the way? What information about the geographic locations of the routers can you infer from the trace? What was the longest mean delay on any 1 hop along the way? For my computer, this is shown in figure 17 in chapter 1. The figure is included here for reference as Figure 2. The networks encountered include USF, Florida lambda rail (flrnet), and national lambda rail (nlr). The flrnet routers seem to be located in Tampa (tpa), Tallahassee (tlh), Houston (hous), and Chicago (chic-hous). The longest mean delay is 107 seconds at the 74.114.96.113 router. 3. Use traceroute to trace the route from your home or work computer to the website of a university or company on another continent. Show the traceroute output. What networks Page 8
were encountered along the way? What information about the geographic locations of the routers can you infer from the trace? What was the longest mean delay on any 1 hop along the way? What factors do you think caused this delay? This is shown in figure 18 Figure 3: Tracing the route to The University of Tokyo in chapter 1 and is included here as Figure 3 for reference. The networks encountered include flrnet, nlr, and pacificwave. In addition to the routers above, one of the routers seems to be located in Tokyo. The longest hop takes about 115 msecs (transpac). This delay is due to the length of the cable that crosses the Pacific Ocean. 4. Visit the websites of the ISPs on your route. Show the network coverage map of any one ISP on the route that provides this information. (Note: This information is useful in marketing, therefore, most ISPs provide some graphical information about their coverage areas.) Figure 4: Network coverage map of Cogent The coverage map of Cogent is shown in Figure 4. Most vendors provide similar maps on their websites.
Network design exercise 1. What are the ways in which computer networks can help Coolco in its business? Think of all the different ways in which the company can use computer networks at all its different offices. Coolco can create a simple informational web site and use the web to generate awareness of its products and promote its brand through various marketing activities. It can also conduct electronic commerce over the web, by taking online orders. It can use email, calendaring and voice communication to streamline internal communications. It can also use networked applications that provide a unified view across the firm of inventory status, order status, accounting and other business functions.
Page 9
In this question, students often think of complex activities such as supply chain management etc. If so, it is useful to remind them of simpler uses such as creating a website for marketing purposes and for putting out contact information, email for inexpensive communication, shared printers etc.
Case questions 1. Visit the websites of Domino’s pizza and one other quick-service pizza restaurant. How long does it take for you to order a pizza of your choice from each of these restaurants? (Of course, you don’t have to actually place the order for this exercise. Just get to the point where you are ready to place the order.) It usually takes about 2-10 minutes, depending upon the familiarity of the person making the order with the site, and whether they have saved their preferences. 2. If you haven’t ordered pizza online before, to what extent has this exercise influenced the probability that you may consider online ordering the next time you decide to order pizza? Most students who were not aware of this functionality respond that the exercise greatly increased the probability that they would consider online ordering the next time they decide to order pizza. They conclude that online ordering would be much more easy, reliable and efficient than talking to someone. 3. What features of the websites most influenced your decision? Students like many features including: 1. 2. 3. 4.
Being able to customize your own pizza Not feeling rushed to complete the order Easy payments Seeing how the pizza looks
4. Identify three of your friends who haven’t ordered pizza online. What are the primary reasons these friends give for not ordering pizza online? To what extent have the pizzeria websites addressed these concerns? Some reasons I have seen include: 1. 2. 3. 4.
Preference to get other people to take the order Family preferring to make their own food Not being aware of the online ordering feature Not being online much in the first place
Page 10
Of these, pizzerias could attend to (3) by running marketing campaigns to educate customers about the online ordering capability and the associated convenience. 5. (Optional) Find a friend who works at a restaurant that takes online orders, and gather the following information: a. What fraction of the restaurant’s revenues comes from the online-ordering system? Most students do not answer this question because it is optional. It is optional because many students will not know a person who can answer this question. Answers will vary. The chain says that about 20% of orders came online in 2009. b. What are the common items ordered online? At my neighborhood store, the manager told me that whatever is on promotion at any time is the item that is ordered most online. c. What are the demographics of the customers who order online? Again, at my neighboring store, it is mostly people in their 20’s and 30’s. d. What features of the website are used the most? The coupons e. How do customers find the website (e.g., local ads, search engines, etc.)? Most customers know about it from friends.
Page 11
Chapter 2 – Physical layer Review questions 1. What is federal standard 1037C? Federal standard 1037C is the telecom glossary. This is an American National Standard that is developed and maintained by the Alliance for Telecommunications Industry Solutions (ATIS). It provides definitions for common terms used in telecommunications. 2. What is the primary responsibility of the physical layer in data communication? The primary responsibility of the physical layer is to convert data into a signal that can be transmitted over a physical medium. The physical layer receives data in the form of numbers from the data link layer and transmits the signals over a medium. 3. The need to adapt to the physical world around us influences many details in the world around us. An example from sports is the dimples on golf balls. How do these dimples help golfers? Use the Internet to find the answer. (From Wikipedia) It was discovered accidentally that defects in the ball from knicks and scrapes of normal use could provide the ball with a truer flight than a pure sphere. Thus, makers started creating intentional defects in the surface by hammering the ball to give it an evenly dimpled shape which would cause the ball to have a more consistent ball flight. This question is included to get students to think about the whys associated with phenomena around us. Many students just take things for granted and assume that there is only one way to do things. This question is intended to show them that it is rewarding to look for opportunities for improving the status quo. 4. Define physical medium in the context of computer networking. What are the common physical media used in computer networks? A physical medium in data communications is the transmission path over which a signal propagates. Common media include wire pairs, coaxial cable, optical fiber and wireless radio paths. Transmission media used in data communication are called physical media because they are generally made out of substances such as copper or glass, which have physical properties. The wireless medium does not have physical properties, but the name “physical layer” has stuck. 5. What properties are required for a material to be suitable for use as a physical medium in computer networks?
Page 12
To be suitable for use as a physical medium, the material must be good at carrying signals and must be economical to use. 6. What is UTP? Why is the copper cable commonly used in computer networks called UTP? UTP stands for unshielded twisted pair and is the most common form of copper cable used in telecommunications. As commonly used, UTP cable has 8 strands of copper wire organized as 4 pairs. The wires in each pair are twisted around each other. The twisting reduces cross-talk between the wires. 7. What are the common categories of copper cable used in networks? Under what conditions would you prefer to use each category of cable? The common categories of copper cables are categories 3, 5, 6 and 7. The higher the category, the better the signal carrying properties of the category, and the higher the data rates supported by the category. Cable manufacturers use the appropriate twist density to achieve the required signal carrying specifications of the standard. Category is abbreviated as “cat” for marketing purposes, so that category 5e cable is called Cate5e cable. The older cable, with 3-4 twists per foot, is called category 3 cable. The newer cable, with 3-4 twists per inch is called category 5 cable. Category 5 has been further enhanced and is known as category 5e cable. Category 3 supports data rates of up to 10 mbps. Cat5 supports data rates up to 100 mbps. Cat5e and Cat6 supports data rates of up to 1000 mbps and category 7 supports up to 10 gbps. 8. What factors favor the use of optical fiber as a physical medium over copper? Four major factors favor optical fiber over copper – data rates, distance, installation and costs. Optical fiber can carry huge amounts of data compared to copper. Also, whereas signals need periodic amplification on copper links, optical fiber can be run hundreds of miles before signals need to be repeated. Glass is lighter than copper as well, and one optical fiber cable weighing a few hundreds of pounds can carry data equivalent to hundreds of copper lines weighing many tons, thus cutting down the need for specialized heavy lifting equipment during installation. Optical fiber may also be more earth-friendly because whereas copper has to be mined from the earth, optical fiber is made out of glass, which is made out of sand, which is available in plenty in most parts of the world. 9. What is total internal reflection? How does it help optical fiber transmit light signals efficiently?
Page 13
Total internal reflection is the phenomenon where light is unable to leave the glass edge going out, unless it hits the edge almost exactly at a right angle. This means that all the light in the glass is reflected back into the glass. Optical fiber works on the principle of total internal reflection. Total internal reflection is helpful because it makes optical fiber a very efficient physical medium, since no signal can leak from the sides of the glass. Fig 10 and figure 11 in the chapter show this phenomenon. 10. What are the two categories of optical fiber? Under what conditions is each category preferred? The two categories of optical fiber are multi mode and single mode. Multi-mode fiber uses LEDs, which are an inexpensive light source, and is used to carry signals over shorter distances, up to about 2 kilometers (1.2 miles). Single mode fiber is about 10 microns in diameter and can carry signals over distances of tens of miles. It uses a laser light source, which is relatively expensive. While both fibers cost approximately the same, multi-mode is preferred for shorter distances because the LED light source used in multimode fiber costs less than the laser light source necessary for single mode fiber. 11. What are the components of optical fiber? What is the role of each component? Optical fiber used in communication has a central light path surrounded by reinforcements to prevent wear and tear. At the center of the fiber is the core. This is the glass with a very high refractive index through which the light travels. The core is surrounded by a special glass coating called the cladding. The cladding has a very low refractive index. The high refractive index of the core together with the low refractive index of the cladding restricts the light signal to stay within the core and move along the fiber. The coating and fibers cushion the glass. The jacket makes the fiber easy to handle, adds weather-proofing, and encloses the fibers. 12. Define data. Data are numbers, letters or other representation of information that can be processed by people or machines. 13. Define signal. Signals are detectable transmitted energy that can be used to carry information. 14. What is the need to convert data to signals? Data needs to be converted to signals because data cannot be transmitted over wires. Only signals can be transmitted over physical media.
Page 14
15. What are the properties of a good signal? The properties of a good signal are as follows: 1. It must be easily detectable at the receiver 2. The signal should be good at resisting noise that gets added during transmission 3. The signal should be efficient at using bandwidth so that more information can be sent within the available bandwidth of a transmission medium 4. The signal should make it easy for signals to be multiplexed so that multiple channels of transmission can be created within the same medium. 16. What is modulation? How does modulation help in data transmission? Changing one or more properties of a carrier wave in response to data is called modulation. To create analog signals, we start by generating a sine wave at the sender end. This wave is called a carrier wave, and is chosen for its ability to travel from the sender to the receiver over the medium. To transfer information using this carrier wave, we change one or more properties of the carrier wave – amplitude, frequency or phase, in response to data. This process is called modulation. The modulations are detected at the receiving end and are interpreted as data. 17. What is amplitude modulation? In amplitude modulation, the amplitude of the carrier wave is changed in accordance with the data. For example, a data bit of 1 may be sent as a wave of high amplitude and a 0 may be sent as a low amplitude wave. 18. How does noise affect signals? What happens if the level of noise becomes too high relative to the strength of the signal? Noise is any disturbance that interferes with a signal. Noise is one of the most important constraints in signaling. As the signal travels through the medium, noise from various sources keeps getting added to the signal. Sources of noise include cross-talk and heating of the wire from the signal flowing through it. The result is that though the signal keeps getting weaker with distance, noise keeps accumulating. If the level of noise becomes too high relative to the strength of the signal, it becomes very difficult to detect the signal from the background noise at the receiving end. 19. Why is binary representation preferred in computers over common representations such as decimal? Binary representation is preferred in computers over common representations such as decimal because binary numbers help improve the reliability of data reception in the presence of noise. Binary representations are the most reliable form of representing data. Page 15
20. Briefly describe the standard procedure used by the physical layer to send and receive data as a signal. The standard procedure used by the physical layer to send and receive data involves four steps, which are performed in sequence as follows: 1. At the sender end, the data is coded as binary numbers representing the data 2. The carrier signal is modulated as specified by the binary representation of the data 3. These steps are inverted at the receiving end where the incoming signal is demodulated into the corresponding binary numbers 4. The binary numbers are decoded into the data 21. What is the ASCII code? Why is it useful in data communication? What is the ASCII code for the letter a? For the letter A? The ASCII code is the American Standard Code for Information Interchange. It is useful in data communication because it is used to encode the characters in the English alphabet as binary numbers. The upper case A in ASCII code is 65, and the lower case a in ASCII code is 97. 22. What is multiplexing? Multiplexing is the combination of 2 or more information channels over a common medium. 23. Why is multiplexing useful in data communication? Multiplexing is useful in data communication because it makes data communication economical by allowing multiple phone, TV, and data signals to be combined for transmission over the same cable. This drastically reduces the need for laying out communication cables to homes and businesses. Since cabling costs are one of the biggest costs in data communication, a reduction in cabling costs significantly reduces the overall costs of setting up and maintaining a communication network. 24. What are some examples of multiplexing in day-to-day life? Examples of multiplexing in day-to-day life include the transmission of multiple TV channels over the same coaxial (TV) cable, or the transmission of multiple radio stations in the same air space over a metro area. 25. Describe how the interstate system may be seen as a multiplexed transportation system. The interstate system may be seen as a multiplexed transportation system because it allows multiple vehicles to share a single road by dividing the traffic into multiple lanes. In this way, the cost of building and maintaining the road can be shared among multiple vehicles. Also, Page 16
multiple lanes provide for faster transit and less congested roads. Just as the TV cable can transmit multiple channels simultaneously, the interstate allows multiple vehicles to transit simultaneously through multiple lanes of highway. 26. What are the two categories of multiplexing? The two categories of multiplexing are frequency division multiplexing (FDM) and time division multiplexing (TDM). FDM is used with analog signals. In FDM, signals from one channel are sent at one frequency and signals from another channel are sent at another frequency. Fortunately, as a result of the properties of sine waves, signals at different frequencies do not interfere with each other even when they overlap geographically. To receive signals in one channel, the receiver tunes into the sender’s frequency. This is what you do when you tune to a station on a car radio. TDM is used with digital signals. In TDM, signals from different streams are sent at different time slots. To receive signals in one channel, the receiver collects the bits sent at the specified time slot.
Hands-on exercise Most students are unfamiliar with Excel. This exercise is an excellent way to get students to explore its capabilities. It may be helpful to walk students through the exercise in class before they are asked to do it on their own for the assignment. There is a spreadsheet that is available at the instructor section of the companion website with the answers to this exercise. 1. If the signal sends out data at the rate of 20 bits per second, how long does it take for the signal to send each bit? This time is called the bit interval or bit period. 1/20 seconds = 50 milli seconds 2. If we send 25 bits per second, what will be the bit interval of the new signal?
Figure 5: Plot of bit pattern at 40 bps
Data2 1
1/25 seconds = 40 milli seconds 3. Using a bit rate of 25 bits per second, modify the contents of Column B so that it represents the bit pattern
0 0.000
0.200
0.400
0.600
0.800
1.000
Page 17
0011100101111000101001011. Show a graph of the data in Column B. Students are often not familiar enough with Excel. It therefore helps them if they are shown how to represent a few bits. A part of the goal for this exercise is to get students to use Excel to draw some non-trivial charts. All they have to do is mark the value 0 for 40 rows (since each row represents a millisecond) when the data for the bit period is 0 and 1 for 40 rows where the bit is 1. They can then use a scatter plot with time on the x-axis and the data on the y-axis to create the plot, as shown in Figure 5. 4. Sine waves have values Sin(2πft) where f is the frequency of the wave. The carrier in column C of the example has a frequency of 150 Hz. Create a Figure 6: The two carriers new column where the frequency of the carrier is 100 1 Hz. Plot both signals on a graph. 0.8 0.6 0.4 0.2
Carrier 1
0 -0.2
1 11 21 31 41 51 61 71 81 91
Generating the new carrier wave is quite easy. Students can simply copy carrier 1 to a new column, select the cell in the second row, look at the formula in the cell, change 150 to 100 and extend the change to the entire column.
Carrier 2
-0.4 -0.6 -0.8
Creating the plot is a little trickier. -1 Simply selecting both columns and plotting a line chart will give the required plot. However, the plot will be very dense because it shows 2,000 observations. Instead, it will be preferable to chart about 100 rows from one column, right-click in the chart and choose “select data”, and then add the same number of rows from the second series. The result will be as shown in Figure 6. Students may note that carrier 2 in Figure 6 completes two oscillations in the same times that carrier 1 completes 3 oscillations, indicating that carrier 2 has 1.5 times the frequency as carrier 1. 5. The amplitude-modulated signal using on-off-keying is calculated as M = D*C, where M is the modulated signal, D is the digital data and C is the carrier signal. Compute the value of the modulated signal in the column titled “modulated signal.” (Hint: you can look at Columns F and G in the “Data” worksheet to see how to compute the modulated signal). Do not report anything for this question, you will do that in the next question.
Page 18
This exercise is simple. In row 2, students simply write the formula to multiply the values in row 2 for the carrier and the data. Then they extend the formula in the entire column. 6. Plot the modulated signal as a function of time. For this, students can simply select the column labeled “modulated signal” and press F11. This will create the required chart. If they like, they can embellish the chart by modifying the y-axis limits and removing grid lines to produce the chart shown in Figure 7.
Figure 7: Modulated signal
Modulated signal 1 0.5
1 85 169 253 337 421 505 589 673 757 841 925
It may be interesting to show students how 0 Figure 7 relates to Figure 5. When Figure 5 -0.5 indicates the transmission of a 1, Figure 7 shows a wave being transmitted and when Figure 5 -1 indicates the transmission of a 0, Figure 7 shows nothing being transmitted. A receiver can detect this pattern of waves and infer what the sender is trying to transmit.
7. Assume you are explaining your plot to a lay person. Describe how to interpret the signal in the question above to recover the data sequence of q3. The sender and receiver have agreed on a bit period of 40 milliseconds. When a carrier wave is detected for a bit period, the sender is trying to send the data bit 1. When no wave is detected during the bit period, the sender is trying to send data bit 0.
Critical thinking question 1. We saw in this chapter how the limitations of our physical world force us to convert data into signals for communication. List any three other examples where the limitations of the physical world force us to do things the way we do them. The examples do not have to be related to IT. 1. We have to burn fossil fuels for transportation because no other known source of energy packs so much energy into such a small volume and is safe for commercial use. 2. We walk or use other forms of transportation to move around because there is no easier way to move (teleportation for example). 3. We use electricity for energy transfer even though there is almost no use for electricity itself (except perhaps as famously used by Thomas Edison, for an electric chair). We do this because electricity is the most convenient form of transmitting energy. 4. We use money for transferring economic value even though a dollar bill by itself has almost no utility in itself. We do this because money is the easiest form by which purchasing power can be exchanged. Page 19
Network design exercise 1. For each location, identify the most suitable physical medium to build the network. Make a rough estimate of the total quantity of the media that will be needed for each location. Use online or other resources to estimate the cost of purchasing enough quantities of the medium for each location. The most suitable medium for all locations is Cat5 or Cat5e copper cable. If we assume that each employee needs a cable length slightly greater than half the length of the building, each employee in the Tampa location will need about 100 feet of cable for a total length of about 10,000 feet. The building dimensions have not been provided for the other locations, but as an approximation, we can assume that each employee needs the same length (100’) of cable. This means that for the other 500 employees, we need another 50,000 feet of cable. This means we need a total of about 60,000 feet of Cat5 cable. About 6 feet of Cat5 cable can be purchased for a dollar. This means that the cable costs will be about $10,000. 2. Identify the most suitable physical medium to connect the different locations to each other (the long-distance links). Optical fiber is the most suitable medium for the long-distance links.
Case questions 1. Visit the website www.greatachievements.org. Which of the top technologies of the 20th century could be categorized as a networking technology, if a network is defined in more general terms as an interconnection of three or more interacting entities? This example case has been created to link the course with one of the most relevant topics of our generation – energy conservation. The goal of most current smart-grid initiatives is to shift peak demand to base demand. The more successful we are at doing this, the fewer peak load plants we will need to install, lowering capital costs. Data communication will play a major part in facilitating this change. 1. Electrification (interaction between customers, power generators, and power distributors) 2. Airplane (interaction between customers, aircraft and airports) 3. Water supply and distribution (interaction between water sources and customers through pipelines) 4. Highways (road space shared by multiple vehicles) 5. Internet (network resources shared by multiple users) Page 20
2. For each of these technologies, briefly describe how networking (interaction) improves the utility of stand-alone components in the network. 1. Networking makes electricity cheaper for everyone. Without the network, very few people could afford all the expense of producing electricity. 2. Networking makes air travel affordable. Without networking, very few individuals could afford the costs of acquiring an aircraft, maintain runways and control towers. 3. Networking brings safe, potable water from distant sources to everyone. 4. Networking improves the utility of Highways because without large numbers of people paying taxes to build and use the highways, highways as we know them today could not have existed. There would probably just be dirt roads. 5. Networking improves the utility of the Internet because without consumers, no one would create content and without content, no one would want to use the Internet. 3. Why should power be cheap at night and expensive during the day? You may find the Wikipedia article on capacity factors useful: http://en.wikipedia.org/wiki/Capacity_factor. Different sources of power have different costs. At night, when power demand is lowest, all the demand is met by the lowest cost sources of power, usually nuclear power and hydroelectric power. During the day, higher cost sources have to be brought online to meet peak demand. 4. What changes in behaviors will be required of people to exploit the potential of the smart grid? The main change that will be required is that people will need to change some ways of life. Instead of using power whenever they please, they will need to shift as many workloads as possible to times when power demand is lower, elevating the base load, where their demands can be fulfilled by lower cost sources of power. 5. It is expected that smart meters will report the current price of power and smart appliances will be programmable to operate only when power prices fall below values you specify. How might you change your energy usage if smart meters and smart appliances were installed in your house? This is an interesting question for class discussion. Some students may say that they might not turn the AC on when power is very expensive. Also, some would program the dishwasher and dryer to operate when power costs are lower. In fact, this is what most people in the Netherlands already do. 6. It is expected that the smart grid will allow you to sell power stored in batteries (charged when power prices are low) or generated using solar, wind, and other means. What changes do you expect to see in your neighborhood if these technologies go mainstream? Page 21
This is another interesting question for class discussion. More people might install solar panels and sell the surplus power during peak periods. Some people may store the energy in batteries and hot water tanks to sell when prices rise. Some people may even charge the batteries from the grid when power prices are lower and sell it back to the grid when prices are higher. 7. Broadband over power line (BPL) may allow your local power company to compete as an Internet Service Provider (ISP). What advantages for the power company do you foresee over your current ISP if your power company decides to actually offer ISP service? The power company would have an advantage over other service providers because everyone already has power. Another advantage could be that people in remote areas who do not have a broadband service provider might get high speed Internet service. The entry of the power utility may also lower Internet service prices by introducing competition. 8. Using information from the Internet and other sources, write a short report (two to three paragraphs) about the smart-grid initiatives being undertaken by your local power company. Most utilities are taking a wait and watch approach before deciding how much to invest and how. In Tampa, TECO, the local utility has been installing smart thermostats at no charge in homes as part of its "Energy Planner" demand reduction program. The device allows customers to control energy use based upon spot electricity prices. It has also installed some switches that talk to each other during periods of power outage to automatically reroute power.
Page 22
Chapter 3 – Data link layer Review questions 1. What are the primary functions of the data-link layer? The primary functions of the data link layer are addressing over a single link and errordetection. 2. Ethernet is the most popular end-user technology at the data-link layer. What is ether in the context of computer networking? “Ether” in the context of computer networking is the shared high speed networking cable that is available in all parts of a networked building to serve as an omnipresent medium. 3. What are the components of a typical Ethernet? What are the functions of each component? The components of a typical Ethernet are a cable and hosts with network interface cards (NICs). The cable was called Ether, and it was visualized as a technology that would be available anywhere in a building wired for Ethernet. The NICs tap into the ether and provide network connectivity to their hosts. 4. What is broadcast in the context of Ethernet? Broadcasting is the transmission of signals over a medium so that that may be simultaneously received by stations connected to the medium. The receiving stations usually make no acknowledgement of the signal. In Ethernet, the data to be transmitted is sent out to all hosts over the medium. 5. What are the advantages of broadcasting data in Ethernet? What are some other examples of communication in day-to-day life that use broadcast? The main advantage of broadcasting data in Ethernet is that it simplifies communication, thereby lowering costs in LANs. An example of communication in day-to-day life that uses broadcast is shouting, or a school/college classroom. 6. What are the limitations of broadcast as a method of sending data to the intended receiver of communication? The major limitation of broadcast as a communication mechanism is that it is very inefficient. Most of the data a station receives in broadcast networks such as Ethernet is not of interest to the station. The same thing happens with the ECRWSS service offered by the Page 23
Postal Service, where the mail carrier delivers mail to every address along his route. As a result, a lot of the ECRWSS broadcast mail users receive every day falls in the category of junk mail. As a result, while broadcast is great for small networks, it is unsuitable for large networks. 7. What is carrier sensing in Ethernet? What is multiple access? What is a collision and what is collision detection? How are collisions detected in Ethernet? Carrier sensing is an ongoing activity of a data station in a multiple access network to detect whether another station is transmitting. Multiple access is a scheme that gives more than one computer access to the network for the purpose of transmitting information. A collision is the situation that occurs when two or more demands are made simultaneously on a system that can only handle one demand at any given instant. Collision detection is the requirement that a transmitting computer that detects another signal while transmitting data, stops transmitting that data. To detect collisions, stations listed to the medium even as they are transmitting data. If the signal they detect in the medium is different from the signal they transmit into the medium, they know that a collision has occurred. 8. Describe some techniques you have used in the past to ensure error-free communication over the telephone. Some techniques include repeating back numbers to make sure they are heard right, or ask a confirmatory question, or ask the person to repeat what they said. 9. Provide a lay person’s overview of CRC. CRC is a procedure where the sender computes some meta-data from the data to be transmitted and sends this meta-data to the receiver in addition to the data to be sent. The receiver independently computes this meta-data. If the computed meta-data is the same as the received meta-data, the receiver knows that the data was received without error. If not, the receiver knows that some error was introduced during data transmission. 10. What is CRC used for in data communication? CRC is used in data communication to make sure that computers communicate between each other without errors. 11. Why is CRC preferred over simpler computational techniques? Simpler computational techniques for error-detection are very unreliable because they are unable to detect most errors introduced during data transmission.
Page 24
12. With a divisor of 1101, perform the sender-side computation and calculate the CRC when the data is 1001011. 1001011000 1101 01000 1101 01011 1101 01101 1101 0000000 CRC Remainder = 000 (exactly three digits) 13. Check your computation by performing the receiver-side computation. 1001011000 1101 01000 1101 01011 1101 01101 1101 0000000 CRC Remainder = 0 no errors 14. What is the size of the smallest Ethernet frame? The largest frame? The smallest Ethernet frame is 72 Bytes long. The largest frame can be 1526 bytes long. 15. List the fields in the Ethernet header. What are the roles of each of these fields? Preamble +SFD: These fields help the receiver locate the beginning of an incoming data link layer packet, muck like the whistle of an arriving train. The SFD is the start of frame delimiter. It simply adds 8 bits to the 56 Bits of the preamble to help determine that the packet begins. Destination Address: Helps computers on the network determine whether the packet is addressed to them or to another host. Source Address: Is required when creating a response to a frame. If a response is required, the computer uses the information given in this field to address the response of frame. Length/Type: Length field specifies the length of the data in the packet. It is required because there is no other field that explicitly defines the end of the packet. It just helps the Page 25
receiver to determine where the packet data ends by counting bytes till it gets “length”numbers of bytes. Data from IP-Layer and Padding: Contains the actual data which is to be transmitted, represented by the amount of bytes already determined through “Length”. FCS: contains CRC data for error-checking. 16. The start-of-frame and preamble fields are unique to the data-link layer in that they do not carry any useful information. What is the role of these fields? The preamble and start-of-frame delimiter fields are necessary because in normal operation, there are stray signals in the medium even if there is no network traffic. When signals from a packet arrive at a receiver, it is extremely helpful to the receiver if it gets a clear indication that the signals represent valid data, and are not random noise. 17. The SFD field alerts the receiver about the beginning of a data frame. How does the receiver know when the frame ends? The receiver knows where the frame ends through the information in the length field. After the header fields, the receiver can count “length” number of bytes as well as the next four bytes of FCS to identify the end of the frame. 18. What is the structure of a MAC address? What information can be gathered from a MAC address? The MAC address is 48 bits long. These 48 bits are split into 2 parts of 24 bits (3 Bytes) each. The first 24 bits determine the OUI or manufacturer ID of the network interface card. The remaining 24 bits are assigned by the manufacturer in a way that no two NIC’s made by a manufacturer have the same ID. 19. What is the MAC address of your computer? You can get this information by typing ipconfig /all in Windows, or ifconfig on mac/ linux. One of the MAC addresses on my own computer is 00-15-c5-57-1d-1a. 20. What is the hexadecimal notation? How is the number 14 represented in hexadecimal? The hexadecimal notation is a way of representing binary numbers. In the hexadecimal notation, 4-bit blocks of binary numbers are represented using one of a set of 16 characters. For example, the binary number 1110, or decimal number 14 is written in hexadecimal notation as E.
Page 26
21. Write the binary number 01010000 in hex (hint: break the number into two four-bit blocks and represent each four-bit block in hexadecimal notation). 010100002 = 5016 22. What are hubs? Hubs are network devices that broadcast all data on any incoming port to every computer connected to the device. 23. What are switches? Switches are network devices that can transfer data between one or more pairs of computers connected to the device. Switches can read the destination addresses of incoming frames and send the frames only to the intended recipients. 24. What are the advantages of switches over hubs in Ethernets? Under what conditions may you prefer to use a hub instead of a switch? Switches greatly reduce collisions and thereby vastly increase the data transmission efficiency of Ethernets over hubs. Hubs can be useful when there is a need to watch all network traffic for example, for debugging purposes. 25. What are the common data transfer speeds in Ethernet? What is the maximum possible speed of the network card on your computer? In Windows Vista, you can right-click on the network adapter to check its speed (Control panel → Network connections → <select adapter>) Figure 8: ipconfig /all
Common data rates range from 100 Mbit/s to 1,000 Mbit/s. Maximum speed of my network card: 1 Gbps (1,000 Mbps).
Hands-on exercise 1. Show the output of the command ipconfig /all or ipconfig /all | more (if there are numerous adapters on your computer). This was shown in fig 23 of chapter 3. The figure is reproduced here for reference as Figure 8. 2. From q1 above, what are the Mac addresses of the different interfaces on your computer? Page 27
One of these in Figure 8 is 00-1A-6B-30-C1-C8 3. Express each of these Mac addresses as 48-bit binary addresses. In binary, this is 0000 0000-0001 1010-0110 1011-0011 0000-1110 0001-1110 1000 4. Look up the OUIs of each of these Mac addresses and list the names and locations of the manufacturers of these Mac cards. To find the manufacturer of a card, the public OUI listing provided by IEEE can be used. URLs are notoriously fickle, therefore the best way to locate the relevant site is to Google for “IEEE OUI.” Entering the OUI (the first 6 digits of the MAC address) in the search field will give the required vendor name. One goal of this exercise is to introduce students to relevant industry resources. The exercise also exposes students to the names and locations of these OEM manufacturers. One of the cards in the output above has a MAC address of 00-1A-6B. Information about this address from the IEEE OUI public listing is shown below. It shows that the card is made by USI, located in Taiwan, China. 0-1A-6B 001A6B
(hex) (base 16)
USI USI 141, LANE 351, TAIPING RD. SEC.1, TSAO TUEN, NAN-TOU 542 TAIWAN, REPUBLIC OF CHINA
Network design exercise 1. Assume that all locations use Ethernet for local connectivity within the buildings. Typically, each floor in each building will have its own Ethernet, and these Ethernets will be connected to other Ethernets in the same building through a switch. Draw the Ethernet diagram for the second floor of the AP service center. Figure 9: Network diagram for second floor of AP service center
Case questions
To router Switch
50 users
This is a simple diagram and is shown in Figure 9. A switch connects all users and directs outgoing traffic to the router serving the location.
1. What are some of the ways in which computer networks helped Page 28
the resorts in the case improve their business operations? The LANs save about 10 – 15 seconds during each guest check-in. Networking capabilities at slot machines enable customer-friendly features such as electronic funds transfers for bets and winnings. These capabilities improve revenues at the resort. The WAN also enables the resorts to save customer preferences and use them across all hotels. 2. What changes in attitudes of the managers of individual Harrah’s resorts were necessary to exploit the potential of the chain-wide rewards program? (You may need to read the articles in the references. They can be Googled). The managers needed to be convinced that their own customers were going to get an advantage out of the program and the rewards program would not shift customers to other resorts within the chain. 3. A leading competitor to Harrah’s on the Vegas strip is Mirage, which is famous for its volcano show. If you haven’t seen the glittery show yourself, view a video of the famous volcano at Mirage on the Internet. What do you think are the business benefits of the investment in the spectacle? Compare the costs and benefits of investing in spectacular shows such as the Volcano to the costs and benefits of investing in computer networking, based on the example of Harrah’s Entertainment. One obvious benefit of investing in a spectacle like the volcano is the associated publicity, and the associated traffic. If competitors do not have something comparable, the feature allows them to distinguish themselves from the competition. The benefit to Harrah’s is that it is now able to “track” its customers and leverage information about customers’ preferences. This knowledge can be used to improve revenue. The networked applications provide benefits to the customer too in terms of special prices, presents, cash backs and other offers. While a complete comparison is difficult to make without more information about costs and revenues, generally, the IT-system is likely to be a better investment. The volcano spectacle will lose its novelty after some time, but the networked applications can be used to create a wide range of customized offerings depending upon customer tastes. Therefore, while the spectacle creates a limited window of opportunity, the IT investment will pay dividends for a long time. 4. Consider a nationwide resort chain with computers, but without computer networks. Briefly describe how you would implement a rewards program for the chain. In your description, include ideas on how you would collect data about guest activities; how you would store and update such data in your records; and how you would inform guests about their current rewards status?
Page 29
To implement the program, there will be the need to have employees to record all customer activity. Periodically, these activities would be entered into the chain’s databases and snapshots of the database would have to be mailed to each resort in the chain where the data would be uploaded onto the resort’s computers. When customers came in, the latest information about the customer in the database would be used to customize the offerings to the customer. If it is felt that customers like to be informed about their reward status, the chain would have to mail out letters every month or quarter. 5. Consider any one organization you have worked for. What ideas could you use at this organization from the ways in which the two resorts have used computer networks to improve their business? There are different possibilities. Students who have worked at restaurants (which is quite common) suggest that a rewards program could help drive up business if the restaurant could track customer orders and send out coupons appropriately. For example, if a certain item is in season (which means that the raw material costs for the item are lower at a certain time), the restaurant could send out coupons to customers who have ordered that item frequently in the past. Some students suggest that having Wi-Fi access may also boost business at the restaurant. Students working in companies that maintain inventories suggest that networked applications might improve the management of inventories. 6. What are some of the ethical questions that arise when companies tap into customer psychology to encourage them to spend more on slot machines in order to earn rewards points? While it is a personal choice to walk into a casino, it is not yet well understood whether people really act on their free will if companies exploit their superior knowledge about customers to get them to spend more than they intended or can afford. Therefore, the ethical issues involved include whether these companies are exploiting people so that they can improve their own profits. Did customers really receive a valuable service in return for the money they spent at the casino in response to the IT-system-driven inducements. 7. What are some financial impacts (revenues, profits) of computer networking for the two resorts — Venetian and Harrah’s? At Harrah’s, the occupancy rate at the company’s hotels exceeded 90% compared to an industry average of about 60%. Much of this gain can be attributed to the networked applications. The company has also improved its ability to attract more of its customers’ gaming budgets — 43% in 2002, compared to 36% in 1997.
Page 30
In 1999, the company had an annual profit of $594 million. According to Harrah’s estimates that year, WINet and associated programs saved the company over $20 million. The number of customers playing at more than one resort has increased by over 70%, contributing almost $50 million in additional annual profits. At the Venetian, the LAN is believed to save 10 – 15 seconds during each guest check-in and check-out. Networking capabilities at slot machines enable customer-friendly features, such as electronic funds transfers for bets and winnings, and improve revenues at the resort 8. (Optional) Report on yet another company in the hospitality industry that has used computer networks to improve its business operations. In the report, include information on the business processes affected and the financial impacts. Marriott Hotels has also invested considerably in attending to customer preferences. The Wall Street Journal allows customers to register their newspaper preferences at the WSJ site and Marriott delivers the newspaper in the morning to the subscribers’ rooms.
Page 31
Chapter 4 Review questions 1. Briefly describe routing — the primary function of the network layer. Routing is the process of selecting a path on the Internet which can be used to deliver data to a destination. Routing is performed using devices called routers. Routers exchange network information with each other to be automatically informed about the network’s layout. Routers save this information as a routing table. When a packet arrives at a router, the device uses its routing table to determine the most suitable neighboring router to pass the packet. Through this process, the packet eventually reaches its destination. 2. How are IP addresses similar to MAC addresses? In what ways are the two addresses different? The two addresses are similar in that both IP addresses and MAC addresses are used to address hosts on the network. Also, both addresses have multiple parts. The differences include the fact that the left-most part of a MAC address identifies its manufacturer whereas the left-most part of an IP addresses identifies the network where the address is located. MAC addresses are assigned by the manufacturer, whereas IP addresses are assigned by the network administrator. 3. What is the need for a computer address at the IP layer when computers also have a MAC address? MAC addresses are local to a network, but IP addresses are global identifiers. The use of two different addresses enables technology independence so that the MAC technology can change without any change in IP. If IP addresses were also used at the data link layer, a change in IP would require a change in all data link layer technologies as well. 4. What are the advantages of designing the Internet in such a way that specialized devices called routers handle all the details of routing? What may be the possible disadvantages? The biggest advantage of concentrating all the complexity of routing to specialized devices within the network is that the end user devices do not need to be very complex. Even a simple device can access Internet services as long as it can label outgoing packets correctly and intercept incoming packets addressed to it. A possible disadvantage is that end users cannot do anything to overcome problems within the network. Also, if pricing policies are not properly designed, network providers may be able to exploit their indispensability or form coalitions and charge premium prices. Page 32
5. What are the advantages of designing IP as a best-effort protocol? The primary advantage of designing IP as a best effort protocol is that routers can focus on routing the packet to the next router. Limiting IP functions to best effort greatly simplifies the design and technology of routers. 6. What were the primary motivations for the development of IP version 6? The primary motivation for the development of IP version 6 was to accommodate the growth in the Internet by vastly increasing the number of available IP addresses. The push is coming primarily from developing countries, particularly China. 7. Which, in your opinion, are the three most important fields in the IP header? Briefly describe the functions of these fields. Students may specify any 3 fields, what is important is that they justify their answers. As an example, students may specify the following fields: Address fields: These fields specify the source and destination of the packets. Without these fields, routers would not know where to deliver the packets and receivers would not know who sent the data to them. Time to live: This field specifies the remaining life of the packet on the network. This field ensures that no packet can live on forever on the Internet even if mal-configured routers send packets on endless circular routes. This field therefore acts as a safety valve on the Internet. Header checksum: This field carrier error-detection information for the packet header. The IP header checksum gives a certain amount of assurance that IP packets will only get delivered to the correct destination. 8. What is the need for the time-to-live field in the IP header? This field ensures that no packet can live on forever on the Internet even if mal-configured routers send packets on endless circular routes. This field therefore acts as a safety valve on the Internet. 9. What is the size of the largest possible IP packet? Since the total length field is 16 bits long and the largest 16-bit number is 65,536, the maximum possible size of an IP packet is 65,536 Bytes. 10. How many objects can be uniquely labeled with 10-bit address labels? Page 33
Since 210 = 1,024, with a 10-bit address label, we can uniquely label 1,024 objects with a 10bit address field. 11. You wish to assign unique labels to 200 objects using binary numbers. What is the minimum number of bits needed? Since 27 = 128 and 28 = 256, we need at least 8 bits to have enough labels to uniquely label 200 items. 12. How would you represent 217 in binary? 168? 217 = 1*128 + 1*64 + 0*32 + 1*16 + 1*8 + 0*4 + 0*2 + 1*1. Therefore 21710 = 110110012. 168 = 1*128 + 0*64 + 1*32 + 0*16 + 1*8 + 0*4 + 0*2 + 0*1. Therefore 16810 = 101010002. 13. What decimal number does the binary number 10001101 represent? 11011001? 10001101 represents 128 + 8 + 4 + 1 = 141 11011001 represents 128 + 64 + 16 + 8 + 1 = 217 14. What is dotted decimal notation? The dotted decimal notation is the standard manner in which IP addresses are written for the convenience of end users. For convenience of representation, the 32 bit IP addresses are broken down into 4 blocks of 8-bits each. Each of these 8-bit blocks is called an octet. For user display, each octet is converted to decimal and the 4 decimal numbers are separated by dots. An example IP address in dotted decimal notation is 192.168.3.4. 15. What information is conveyed by each part of a three-part IP address? The left-most part identifies the network in which the address is located. The second part identifies the subnet within the network where the address is located and the right-most part identifies the individual host within the subnet. This partition is done to facilitate the delivery of data packets. The network part identifies the network to which the address belongs. The remaining bits of the IP address identify the computer within this network. 16. How are the 32 bits of an IP address organized in a typical large network? Within a large network, the host part of the IP address is split into two sub-parts. The first of these is the subnet ID and the second is the host ID. The subnet ID is used to route packets within the network.
Page 34
17. Find the IP addresses of any five department websites at your school. Do you observe any patterns in the IP addresses of the websites? (You can find the IP addresses for URLs in many ways. Many websites will give you the IP address if you provide a URL. An example is http://www.selfseo.com/find_ip_address_of_a_website.php. Alternately, you can open a command prompt or terminal window and type in nslookup <URL>, for example, nslookup www.msu.edu.) At USF, some addresses are: College of Business:
131.247.89.124
College of Education:
131.247.120.54
College of Engineering:
131.247.14.134
College of Arts and Sciences:
131.247.250.66
USF Health:
131.247.67.122
We see that all IP addresses begin with 131.247. This indicates that the network part of IP addresses in USF is 131.247. 18. In what way are the 32 bits of an IP address organized similarly to the 10 digits of phone numbers? In what way are they different? IP addresses are similar to the 10 digits of phone numbers in that they are both multi-part addresses. The differences are in the manner in which the different parts of phone numbers and IP addresses are interpreted. In phone numbers, the first part identifies the geographical area, the second part identifies the local exchange within the geographical area, and the remaining digits identify the specific user within the exchange. In IP addresses, the first part identifies the network and the remaining bits identify the host within the network. Unlike phone numbers, IP addresses have limited geographic significance. An IP address identifies the network, but the network can expand globally. This has happened because the phone networks in most countries were government monopolies or state-regulated utilities. As a result, phone networks were organized along national boundaries. However, the Internet has developed in a more entrepreneurial environment. On the Internet, intellectual-property based boundaries are better recognized than national boundaries. As a result, IP network addresses identify networks (organization), but not geographies.
Page 35
19. What were the three address classes in early IP networks? How many hosts (computers) could be accommodated in a network in each address class? The three initial IP address classes were Class A. Class B and Class C. Their size limits were as follows: Class A could have 224 = 16,777,216 hosts Class B could have 216 = 65,536 hosts Class C could have 28 = 256 hosts 20. What are the disadvantages of using address classes? How does CIDR overcome these disadvantages? The primary disadvantage of using address classes is that there are only three possible network sizes. As a result, most organizations end up with too many or too few addresses. A secondary disadvantage is that 128 networks own half the addresses on the Internet, an unsustainable design. CIDR addresses the problem of unavailability of address blocks of reasonable size. CIDR eliminates the concept of address classes and allows address blocks of arbitrary length. Address block sizes of any power of 2 are possible with CIDR. Thus, CIDR enables nearsurgical precision in allocating IP addresses. 21. What is registry in the context of IP addresses? A registry in the context of IP address is the custodian of IP addresses. The Internet Assigned Numbers Authority (IANA), which is responsible for managing all available IP addresses, distributes these addresses among regional registries. Users who need IP address blocks contact these registries to obtain IP addresses. 22. What are regional registries? What is the need for regional registries? For the convenience of end users and to democratize the Internet, there are 5 registries in the world at this time – ARIN for North America, RIPE for Europe, Middle East and Central Asia, APNIC for the Far East, LACNIC for Latin America and AfriNIC for Africa. Users contact the registries within their respective continents to obtain IP addresses. Once an organization obtains and IP address block, it can use the address blocks to assign IP addresses to hosts on their network anywhere in the world 23. What requirements must an organization satisfy in order to obtain IP addresses directly from a registry? Page 36
Formally, the policy adopted by the registries for address allocation is specified in RFC 2050. Only networks that are connected to two or more networks are allowed to apply to the registries to obtain a network address. Most organizations that need IP addresses will therefore contract with their local ISPs to obtain network addresses. The registries actively try not to allocate IP addresses directly to individuals and very small organizations. 24. On your home computer, what is the IP address reported by ipconfig /all (Windows) or ifconfig (MAC/ Linux)? 192.168.1.3 This exercise asks students to use the ipconfig tool to obtain IP addresses. They have used ipfonfig in earlier chapters. 25. From your home computer, go to www.whatismyip.com and make a note of your IP address. Type this address into the search box at www.arin.net. Who is the owner of that address block? My IP address was 68.238.65.112. ARIN reports that Verizon Online LLC (VRIS) is the owner of this IP address. Verizon is my network service provider. This is a little hands-on exercise which gets students to use the ARIN WHOIS registry.
Hands-on exercise ipconfig
1. What are the IP addresses assigned to the interfaces on your computer? This is obtained by the command ipconfig /all | more 131.247.116.192 (from VPN connection) 192.168.1.6 192.168.1.8 Instructors using Windows may find it convenient to install the free Microsoft utility Windows Power Shell. It introduces some shell language features into Windows.
Page 37
2. We have seen in this chapter that the network parts of IP addresses identify the owners of IP address blocks. Use the WHOIS search facility at the American Registry for Internet numbers (http://www.arin.net) to search the WHOIS database and identify the owner of the address block to which your IP address belongs. You can do this by visiting http://www.arin.net → typing in your IP address into the search WHOIS field on the site → press enter or click the button next to the search field. Follow the link to the “related organization’s POC records” just below the table to gather information on the following fields associated with your IP address: a. OrgName: University of South Florida/ PRIVATE-ADDRESS-CBLK-RFC1918-IANARESERVED
b. NetRange: 131.247.0.0 – 131.247.255.255/ 192.168.0.0 – 192.168.255.255
c. NetType: Direct assignment/ IANA Special Use
d. NameServer: {justincase, mother, ziggy}.usf.edu/ {blackhole-1, blackhole2}.IANA.ORG
e. OrgTechName: Ted Netterfield/ ICANN
f. OrgTechPhone: +1-813-974-1799/ +1-310-301-5820 The / is used to separate the information for USF from the information for IANA. 3. Is the OrgName the same as your ISP’s name? (If not, we will explore the main reason for this in Chapter 7) Most students will report PRIVATE-ADDRESS-CBLK-RFC1918-IANA-RESERVED as their orgname. The intent is to get at least some students to become curious about why their ISP is not showing up. This is addressed in the NAT section in chapter 7.
Page 38
ping
1. How does ping work? Use Wikipedia or other resource to write a brief description of how ping works. Ping is a computer network administration utility used to test the reachability of a host on an IP network and to measure the round-trip time for messages sent from the originating host to a destination computer. The name comes from sonar terminology. Ping operates by sending Internet Control Message Protocol (ICMP) echo request packets to the target host and waiting for an ICMP response. In the process it measures the time from transmission to reception (round-trip time) and records any packet loss (Wikipedia). The reason for the inclusion of this question is that many students do not know about what ping does. Rather than spend class time on telling students what it is, they can learn about it themselves. I believe that this also gets them into the habit of seeking information themselves, something they will need to do a lot at work. 2. Use Wikipedia or other resource to write a brief description of the Internet Control Message Protocol (ICMP) and its use. The Internet Control Message Protocol (ICMP) is one of the core protocols in TCP/ IP. It is chiefly used by the operating systems of networked computers to send error messages indicating, for instance, that a requested service is not available or that a host or router could not be reached. ICMP relies on IP to perform its tasks. It is typically not used to send and receive data between end systems. 3. Ping the website of your university. Show the output. What is the average round-trip time? PS > ping www.google.com Pinging www.l.google.com [74.125.229.48] with 32 bytes of data: Reply from 74.125.229.48: bytes=32 time=57ms TTL=54 Reply from 74.125.229.48: bytes=32 time=62ms TTL=54 Reply from 74.125.229.48: bytes=32 time=46ms TTL=54 Ping statistics for 74.125.229.48: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Min = 46ms, Max = 62ms, Av = 53ms The average round-trip time was 53 ms. Page 39
My university has locked down its hosts, so ping does not work here. I therefore tried Google instead. 4. Ping the website of a university in a neighboring city or town. Show the output. What is the average round-trip time? PS > ping www.fau.edu Pinging www.fau.edu [131.91.128.83] with 32 bytes of data: Reply from 131.91.128.83: bytes=32 time=57ms TTL=247 Reply from 131.91.128.83: bytes=32 time=49ms TTL=247 Reply from 131.91.128.83: bytes=32 time=48ms TTL=247 Ping statistics for 131.91.128.83: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Min = 47ms, Max = 57ms, Av = 50ms The average round-trip time was 50ms. The goal of this set of questions is to let students see that signals take time to propagate. The greater the distance, the longer it takes for signals to propagate. 5. Ping the website of a company located abroad. Show the output. What is the average round-trip time? PS > ping www.u-tokyo.ac.jp Pinging www.u-tokyo.ac.jp [133.11.114.194] with 32 bytes of data: Reply from 133.11.114.194: bytes=32 time=222ms TTL=46 Reply from 133.11.114.194: bytes=32 time=220ms TTL=46 Reply from 133.11.114.194: bytes=32 time=220ms TTL=46 Ping statistics for 133.11.114.194: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Min = 220ms, Max = 222ms, Av = 220ms The average round-trip time was 220ms.
Page 40
It is surprisingly difficult to find hosts abroad that will respond to ping queries. Networks are becoming increasingly security-conscious. But students may notice that crossing the seas takes time. 6. You wake up one day to find that you are unable to connect to the Internet from home. You make some calls to your friends and neighbors and find that they have no issues connecting to the Internet. You conclude that the fault is within your home. As shown, there are two networking components within your home—your computer and your home router. As shown, the IP address of the home router is the IP address of the default gateway in your ipconfig output, and home routers typically respond to ping requests. How can you use ping to determine whether the network connectivity problem is at the home router or at your computer? Assuming you have at least two computers at home, which could both connect to the Internet without problems, you could ping the home router from both computers. If you get no response, chances are that it is the home router that is defective. If you are able to get a ping response from the router on one computer but not the other, chances are that the problem is with the computer. There may also be other methods. The goal of this question is to get students to start thinking about applying these utilities to real world problems. 7. The creator of ping has an interesting description of its creation at http://ftp.arl.army.mil/~mike/ping.html. What is the most interesting story narrated by the author of the use of ping for network trouble-shooting? The story relates to an incident where a network administrator with an intermittent Ethernet had linked the ping program to his vocoder program, in essence writing: ping goodhost | sed -e 's/.*/ping/' | vocoder
He wired the vocoder's output into his office stereo and turned up the volume as loud as he could stand. The computer sat there shouting "Ping, ping, ping..." once a second, and he wandered through the building wiggling Ethernet connectors until the sound stopped. And that's how he found the intermittent failure. I found the story of the creation of ping very inspiring. It shows how some of the most useful utilities may in fact be very simple to create. Hopefully, it will inspire some students to create other similar utilities. I also found the page quite poignant in that the creator of ping, Mike Muus, met an untimely death in a car accident.
Page 41
Critical thinking questions 1. The genetic code uses three-letter DNA-words, where each letter can take four values — A, C, G, and T. How many words are possible in the DNA dictionary? Since there are 3 positions, and four possible values at each position, we can have 4 3 = 64 possible words in the DNA dictionary.
Network design exercise 1. If each computer on Coolco’s network is allocated an IP address, how many IP addresses is Coolco likely to need? The employees at Coolco are located as follows: United States: 300 employees; The Netherlands: 100 employees; India: 200 employees; Singapore : 200 employees. Total = 800 employees. If Coolco provisions 1 IP address for each employee desktop. It needs 800 IP addresses for employee desktops. In addition, Coolco needs to provision some IP addresses for laptops and servers. Assuming about half the employees are mobile, and 1 IP address per employee for servers, printers, routers, other network devices and future growth, the company needs 800 + 400 + 800 = 2,000 IP addresses. This is my assessment. Your assessment may differ based on your assumptions. Also, students may simply report that the company needs 800 IP addresses because the company has 800 employees, and the questions ask them to give 1 IP address per employee. 2. Based on this estimate, what is a CIDR address-block size suitable for Coolco? To obtain 2,000 IP addresses, the company needs 11 bits because 211 = 2,048. If 11 bits are taken for the host address, 32 – 11 = 21 bits are available for the network part. Therefore, Coolco needs a /21 address block. If students choose 800 IP addresses, Coolco will need a /22 address block.
Case questions 1. Based on the case, what computer networking technologies do retailers like Wal-Mart use? The case shows that retailers like Wal-Mart use computer networking technologies such as phone lines, satellite networks, and application layer technologies such as EDI. Page 42
2. Based on the case, how do retailers like Wal-Mart use computer networks to lower the costs of goods sold? Retailers use computer networks to lower the costs of goods sold by monitoring merchandise levels in each store, identifying what was selling and what was not selling. This helped managers determine what items needed to be marked-down to push out the store, and what items needed to be reordered. This ensures that the store space is utilized efficiently. Networks also help suppliers such as Proctor and Gamble to check on store inventory levels and sales data in real time to determine their own manufacturing and delivery schedules. This helped vendors keep their manufacturing plants and transportation fleets operating at optimal capacity with minimal wastage. 3. What is cross-docking? Cross-docking is the procedure where manufacturers send full-trucks of merchandise to distribution centers. At these centers, goods are quickly repacked and loaded to trucks for delivery to stores, often within 48 hours of arrival. There is no storage of goods at warehouses. For this system to be successful without inventory accumulation or stock-outs, it is critically necessary that information about store demand be transmitted as far back in the supply chain as possible. 4. Among the processes at a retailer that can be managed using IT are merchandise planning, sourcing, distribution, and store operations. Briefly define each process using any information source available to you (such as Wikipedia or Google). Merchandise Planning - A systematic approach that is aimed at maximizing return on investment in a store, through planning sales and inventory. It is done by maximizing sales potential and minimizing losses from mark - downs and stock - outs. In a typical chain, it takes the form of planning and allocating thousands of products for hundreds of stores in different markets and even varied climates. (Kohl’s and Planning Factory) Sourcing - The supply of resources needed by a business process (Wikipedia) Distribution - The process by which goods get to final consumers over a geographical market. Distribution includes storing, selling, shipping and advertising. (Wikipedia) Store operations – Store operations involves managing the day-to-day functions of retail establishments. It includes profiling the target customers, developing policies, practices and procedures that ensure the best experience for the customer. Store operations also include new associate training. (Dionco) 5. For each of these processes, give an example of how IT can be used to manage the process. If your example uses computer networks, highlight the role of the network.
Page 43
IT can be used in merchandise planning by aggregating inventory levels and helping estimate when items are likely to run out and need to be replenished. IT can be used in sourcing by comparing products prices from different vendors, and estimating when an out-of-stock item is likely to arrive at the store. IT can be used in distribution by anticipating when trucks are expected to arrive with needed goods to maintain just-in-time delivery schedules. IT can be used for store operations to run cash registers, manage inventory, process credit cards, and process employee check-in and check-out. 6. Based on the case, what are some reasons that Kmart did not achieve the same benefits from IT investments as Wal-Mart? The primary reason that K-Mart did not achieve the same benefits from IT as Wal-Mart was that managers at K-Mart believed that store managers had the best knowledge about the store’s neighborhood, and good store managers could accomplish anything. When K-Mart installed a computerized system, it faced strong resistance from managers who did not want to give up their power. K-Mart also had no long term vision for IT and went through 6 CIOs over 8 years. Each CIO threw out what was created by the previous CIO and started from scratch again. When computer systems were installed, they did not link all parts together, so a large number of store operations still needed to be performed manually.
Page 44
Chapter 5 Review questions 1. What are the functions of the transport layer? The main function of the transport layer is segmentation and re-assembly of user data. If requested, the transport layer keeps track of these segments to account for packet loss or duplication during transmission by the network layer. The Transport layer also provides a mechanism (port addresses) to distinguish between the data streams created by each individual application on the computer. Finally, the Transport layer provides flow control by allowing receiving computers to specify the data transfer rate. 2. Why are two protocols, TCP and UDP, defined at the transport layer instead of just TCP? TCP provides reliable transmission of data, but at the cost of computation overhead and network delays. Many applications, particularly voice and video applications prefer real time delivery more than reliability. For these applications a simpler Transport layer protocol called the User Datagram Protocol has been defined. UDP eliminates all the computational processing associated with TCP. 3. What is segmentation? Segmentation is the process of breaking down large blocks of data into smaller blocks. This is done because the maximum packet size at the network layer is 65,536 bytes. If an application has a bigger block of data to transfer (audio and video files come to mind), some entity needs to chop the larger block of data into smaller segments before handing the segments to the network layer. Therefore the transport layer performs segmentation when necessary. 4. Why is segmentation useful? Segmentation is useful because if the transport layer did not perform segmentation, the application developers would have to do it while developing their applications, and also keep track of lost and duplicate packets. 5. What is reliability in the context of the transport layer? The network layer only provides best effort delivery and may drop packets or duplicate packets during transmission. Some entity needs to resolve these losses and duplications. Reliability in the context of the transport layer therefore refers to the correction of lost and duplicate packets.
Page 45
6. What are the important potential problems with reliability that are handled by the transport layer? The transport layer handles all duplicate or lost packets. 7. How does TCP provide reliability? TCP provides reliability through the use of sequence numbers. Each TCP datagram is assigned a sequence number. The receiver keeps track of the sequence numbers of the incoming datagrams and alerts the sender if a datagram is not received within a reasonable amount of time. The receiver also periodically sends acknowledgments of incoming datagrams to the sender. If an acknowledgment is not received within a reasonable amount of time, the sender assumes the worst and resends the datagram. 8. What is flow control? Flow control is the control of the rate at which data is transmitted from the sender to the receiver. Flow control is useful if a receiver is too slow to process data at the rate at which it is being delivered by the sender. In other words, flow control minimizes the problem of “drinking from a fire hose”. 9. Why is it more useful to allow the receiver to control flow speed, rather than the sender? The sender is programmed to always transmit at the highest speed possible. The only issue of concern is whether the receiver can handle data at the rate at which it is being transmitted. Therefore, the flow control mechanism allows the receiver to slow the sender down when necessary. 10. How is flow control implemented? Flow control is implemented in TCP by each side indicating a “window size” to the other side. The window size is the amount of data the receiver is capable of processing. This is therefore the amount of data that the sender may send without waiting for an acknowledgement from the receiver. 11. What is sliding window in the context of flow control? Describe its operation. Sliding window is the flow control mechanism used by TCP. The sliding window refers to a variable-length window that allows the sender to transmit a specified number of data units even if no acknowledgement is received. The window can be called the “sent window” since all the data in the window has been sent and is waiting to be acknowledged. As the acknowledgments are received, the window keeps sliding over the remaining data to be sent. When new data enters the window, it is sent out to the receiver.
Page 46
12. What is multiplexing in the context of the transport layer? Multiplexing at the transport layer refers to the ability of multiple applications on a computer to share the common transmission medium. TCP enables multiplexing by providing port addresses to each application on a host. Each application that needs a network connection, a browser tab for example is assigned a port number. Incoming data is sent to the correct application by the operating system based on the port number. 13. How is the multiplexing at the transport layer different from the multiplexing at the physical layer? Multiplexing at the physical layer refers to detection of a signal among multiple signals over a shared medium. Each of these signals typically is from a different host. Multiplexing at the transport layer refers to multiple applications on the same host sharing the common medium. All applications at a host create one signal stream. The physical medium multiplexes signal streams from multiple hosts. 14. What is a socket? A network IP address and a port address together constitute a communication socket. Applications can send data over the network using a socket. Each network connection is identified by a pair of sockets – the port and IP addresses of the sender are the socket at one end of the connection and the port and IP addresses of the receiver are the socket at the other end of the connection. Together, the two sockets make up the network connection. 15. What is a port? A port identifies a communication channel on the host. Each application on the PC is assigned a separate port by the client operating system. 16. Why is it necessary to define port numbers at the receiving end for network services (such as web, email, etc.)? Before sending a datagram, the sender needs to know the port number at which the receiver is running the server application. Defining standard ports makes it easy for senders to guess the correct port number from the name of the service. If standard port numbers were not defined, senders would have to first ask receivers for the correct port number before sending any application data. 17. From the /etc/services file on your computer, list any five standard ports not listed in the text. directplay8
6073/tcp
#DirectPlay8
Page 47
man rasadv imip-channels directplaysrvr
9535/tcp 9753/udp 11320/tcp 47624/udp
#Remote Man Server #IMIP Channels Port #Direct Play Server
This is a little hands-on exercise for students to see the /etc/services file. Each student will have their own answer. The lines above are from the end of the file. 18. If you were developing an application that provided services over the network, could you have your application listen to client requests on port 80 (the port for web servers)? If yes, do you think it would be a good idea? Why, or why not? If you are an application developer, and you develop an application that listens on port 80, in most cases, the application w ill run fine because client PCs rarely run web servers. But if your application is deployed on a server that is also running a web server provided by the OS vendor, chances are that packets sent to port 80 will be directed to the web server and not to your application. Your application will appear unresponsive as a result. As an application developer therefore, it is a good idea to avoid the reserved ports (0-1023). 19. What is connection establishment in TCP? Why is it necessary? Connection establishment relates to the initialization of sequence numbers for a TCP connection and exchange of this initialization information between sender and receiver. Connection establishment is necessary to help the sender and receiver to generate suitable sequence numbers and to ensure that both sender and receiver know what sequence numbers to expect from the other side. 20. Describe the three-way handshake used in TCP. In the 3-way handshake, the sender and receiver exchange a total of 3 packets using which they inform each other of the initial sequence number they intend to use for the connection. In the first packet, the sender sends its ISN. In the second packet, the receiver sends its own ISN as well as an acknowledgment of the sender’s ISN. In the third packet, the sender acknowledges the receiver’s ISN. 21. What is the maximum number of possible TCP ports on a machine? Since the port address field is 16 bits long, the maximum number of ports per machine = 2 16 = 65,536. 22. Why is the initial sequence number for a connection chosen at random? The initial sequence number is chosen at random to maximize the possibility that a duplicate ISN can be detected easily. Page 48
23. A receiver sends an acknowledgment packet with the number 2817 in the acknowledgment number field. What inference can the sender draw from this packet? The sender can infer that the receiver has correctly all data up to the byte numbered 2,816 correctly and it is now waiting to receiving data beginning with byte number 2,817. 24. What is the function of the window-size field in TCP? The window size field indicates the number of data bytes the sender of the datagram is willing to accept. 25. What are some application scenarios where UDP may be more useful than TCP? Why? Real time applications such as voice and video commonly use UDP. Also, most network services such as DNS use UDP.
Hands-on exercise 1. Show the output of netstat on your computer. PS > netstat Active Connections Proto Local Address
Foreign Address
State
TCP 127.0.0.1:4242
U252406:22334
ESTABLISHED
TCP 127.0.0.1:22334
U252406:4242
ESTABLISHED
TCP 127.0.0.1:22376
U252406:22377
ESTABLISHED
TCP 127.0.0.1:22377
U252406:22376
ESTABLISHED
TCP 127.0.0.1:51239
U252406:51241
ESTABLISHED
TCP 127.0.0.1:51241
U252406:51239
ESTABLISHED
TCP 131.247.116.192:5751 autodiscover:imap
ESTABLISHED
TCP 131.247.116.192:5754 autodiscover:imap
ESTABLISHED
TCP 131.247.116.192:5775 pei219-94:2598
ESTABLISHED
Page 49
TCP 131.247.116.192:49444 gx-in-f100:https
CLOSE_WAIT
TCP 131.247.116.192:49876 gx-in-f113:http
CLOSE_WAIT
TCP 131.247.116.192:51235 gx-in-f19:https
ESTABLISHED
TCP 192.168.1.8:22379
vpn:https
ESTABLISHED
TCP 192.168.1.8:53672
lacie-2big:microsoft-ds ESTABLISHED
TCP 192.168.1.8:53688
LACIE-2BIG-2:microsoft-ds ESTABLISHED
TCP 192.168.1.8:53697
lacie-2big:microsoft-ds ESTABLISHED
2. netstat has an option, -b, that shows the applications on the computer that open each port. Using the –b option requires that netstat be run with administrator privileges. You can do this by right-clicking the Command Prompt icon and selecting “Run as Administrator”). What applications have opened each open port on your computer? PS > netstat -b Active Connections Proto Local Address
Foreign Address
State
TCP 127.0.0.1:4242
U252406:22334
ESTABLISHED
U252406:4242
ESTABLISHED
U252406:22377
ESTABLISHED
U252406:22376
ESTABLISHED
U252406:51241
ESTABLISHED
[dsNcService.exe] TCP 127.0.0.1:22334 [dsNetworkConnect.exe] TCP 127.0.0.1:22376 [dsNcService.exe] TCP 127.0.0.1:22377 [dsNcService.exe] TCP 127.0.0.1:51239 [googletalkplugin.exe] Page 50
TCP 127.0.0.1:51241
U252406:51239
ESTABLISHED
[opera.exe] TCP 131.247.116.192:5751 autodiscover:imap
ESTABLISHED
[opera.exe] TCP 131.247.116.192:5754 autodiscover:imap
ESTABLISHED
[opera.exe] TCP 131.247.116.192:5775 pei219-94:2598
ESTABLISHED
[WFICA32.EXE] TCP 131.247.116.192:32122 usfps1:59506
ESTABLISHED
[spoolsv.exe] TCP 131.247.116.192:32219 gx-in-f17:https
ESTABLISHED
[opera.exe] TCP 131.247.116.192:49444 gx-in-f100:https
CLOSE_WAIT
[GoogleCalendarSync.exe] TCP 131.247.116.192:49876 gx-in-f113:http
CLOSE_WAIT
[GoogleToolbarNotifier.exe] TCP 192.168.1.8:22379
vpn:https
ESTABLISHED
[dsNcService.exe] The open applications are shown in [] parentheses below the port numbers. 3. Visit your university or college website. Then run netstat again. Show the output. (before connecting to the university home page) PS > netstat Active Connections Page 51
Proto Local Address TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP
Foreign Address
127.0.0.1:4242 127.0.0.1:22334 127.0.0.1:22376 127.0.0.1:22377 127.0.0.1:51239 127.0.0.1:51241 131.247.116.192:5751 131.247.116.192:5754 131.247.116.192:5775 131.247.116.192:32122 131.247.116.192:32219 131.247.116.192:32245 131.247.116.192:49444 131.247.116.192:49876 192.168.1.8:22379 192.168.1.8:53672 192.168.1.8:53688 192.168.1.8:53697
State
U252406:22334 ESTABLISHED U252406:4242 ESTABLISHED U252406:22377 ESTABLISHED U252406:22376 ESTABLISHED U252406:51241 ESTABLISHED U252406:51239 ESTABLISHED autodiscover:imap ESTABLISHED autodiscover:imap ESTABLISHED pei219-94:2598 ESTABLISHED usfps1:59506 ESTABLISHED gx-in-f17:https ESTABLISHED gx-in-f19:https ESTABLISHED gx-in-f100:https CLOSE_WAIT gx-in-f113:http CLOSE_WAIT vpn:https ESTABLISHED lacie-2big:microsoft-ds ESTABLISHED LACIE-2BIG-2:microsoft-ds ESTABLISHED lacie-2big:microsoft-ds ESTABLISHED
There are 18 ports open before connecting to the university home page. (after connecting to the university home page) PS > netstat Active Connections Proto Local Address TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP
Foreign Address
127.0.0.1:4242 127.0.0.1:22334 127.0.0.1:22376 127.0.0.1:22377 127.0.0.1:51239 127.0.0.1:51241 131.247.116.192:5751 131.247.116.192:5754 131.247.116.192:5775 131.247.116.192:32122 131.247.116.192:32219 131.247.116.192:32245 131.247.116.192:32248 131.247.116.192:32249 131.247.116.192:32250 131.247.116.192:32251
State
U252406:22334 U252406:4242 U252406:22377 U252406:22376 U252406:51241 U252406:51239 autodiscover:imap autodiscover:imap pei219-94:2598 usfps1:59506 gx-in-f17:https gx-in-f19:https gx-in-f19:https 131.247.222.249:http 131.247.222.249:http 131.247.222.249:http
ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED ESTABLISHED TIME_WAIT ESTABLISHED TIME_WAIT TIME_WAIT TIME_WAIT Page 52
TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP
131.247.116.192:32252 131.247.116.192:32254 131.247.116.192:32255 131.247.116.192:32256 131.247.116.192:32257 131.247.116.192:32258 131.247.116.192:32259 131.247.116.192:32260 131.247.116.192:32262 131.247.116.192:32265 131.247.116.192:32266 131.247.116.192:49444 131.247.116.192:49876 192.168.1.8:22379 192.168.1.8:53672 192.168.1.8:53688 192.168.1.8:53697
sitecheck2:http TIME_WAIT 131.247.222.249:http TIME_WAIT accord:http TIME_WAIT accord:http ESTABLISHED usfdc01:netbios-ssn ESTABLISHED accord:http ESTABLISHED accord:http ESTABLISHED usfdc01:netbios-ssn ESTABLISHED usfdc01:netbios-ssn ESTABLISHED www-13-02-snc5:http TIME_WAIT gw-in-f139:http TIME_WAIT gx-in-f100:https CLOSE_WAIT gx-in-f113:http CLOSE_WAIT vpn:https ESTABLISHED lacie-2big:microsoft-ds ESTABLISHED LACIE-2BIG-2:microsoft-ds ESTABLISHED lacie-2big:microsoft-ds ESTABLISHED
There are 33 ports open after connecting to the university home page. 4. How many new ports were opened by the browser to gather all the information on the page? There were 33 ports open after connecting to the university home page. This suggests that the browser opened 15 ports to download the university home page 5. How does opening multiple ports simultaneously speed up the display of the web page on your browser? The multiple ports enable parallelized downloading of content. Each file on the web page requires a separate web connection. These files include style sheets, images and flash files. By opening up a separate port for each file, the browser can speed up the user experience. This is the reason why web pages sometimes appear distorted initially, but become wellformed in less than a second. The initial download brings down the html page, which the browser attempts to render, but with no information about the style sheet. Once the style sheet is downloaded, the browser is able to use the information to render the page as intended by the designer.
Network design exercise 1. What is the average data rate in bits per second required to support the database queries with no unnecessary delays? To do this, you would like to have enough capacity so that all agents can run queries simultaneously. Remember that 1 byte = 8 bits and carriers report data rates in bits per second because this gives a larger number, which is useful for marketing purposes (10 mega-bits-per-second is more marketable than 1.25 mega-bytesper-second) Page 53
There are 200 agents in Mumbai. Each agent generates 3 queries every 3 minutes, which is equivalent to 1 query per minute. Each such query generates 3,000 bytes of data. Thus, each agent generates 3,000/ 60 = 50 bytes/ second of network traffic from database queries. 200 agents generate 50 * 200 = 10,000 bytes/ second of traffic. 10,000 bytes/ second = 80,000 bits per second. Therefore, the database traffic from Amsterdam to Mumbai requires a bandwidth of 80 kbps. 2. What is the data rate required to support the voice traffic? If each agent generates 31.5 kbps of voice traffic, 200 agents generate 200 * 31.5 = 6,300 kbps = 6.3 mbps. 3. Adding both the above, what is the total data rate required on the Amsterdam–Mumbai link? What fraction of this traffic is data, and what fraction is voice? The total data rate required on the Amsterdam-Mumbai link is 6,300 kbps + 80 kbps = 6,380 kbps = 6.38 mbps. The fraction of the traffic that is data = 80/6380 = 1.25% The fraction of the traffic that is voice = 6300/6380 = 98.75%
Case questions 1. Watch your personal expenses for a week. What fraction of your total expenses is in the form of cash? What fraction is in the form of network data exchange (credit and debit cards, online payments)? For privacy reasons, please do not report actual amounts, just report fractions. Over 90% of my expenses are in the form of network data exchange (credit and debit cards, online payments. Less than 10% of my transactions are in the form of cash. In fact, I use cash so infrequently that most times when I have to use cash, I don’t even have cash on me. Every student will have a different answer. In my experience, cash transactions are a very high fraction of students’ personal expenses. 2. Do a similar exercise for your net worth. What fraction of your net worth is in the form of cash or cash equivalents (checking and savings accounts)? What fraction is in the form of networked data (retirement assets, brokerage account assets)? Again, please only report
Page 54
fractions. Hint: you may find websites such as mint (www.mint.com) helpful in gathering this information from multiple financial institutions in which you have accounts. Again, over 90% of my net worth is in the form of networked data and less than 10% is in the form of cash and cash equivalents. Again, every student will have a different answer. Most students haven’t yet reached the point where they have significant assets, so most of their assets are in cash or cash equivalents. 3. What is the sequence of actions in settling a trade in securities markets? How many of these actions are completed over computer networks? How many by manual transfer? Hint: Look at the broker-to-broker trade in the DTCC publication, “following a trade.” The sequence of actions in settling a trade in securities markets is as follows: 1. Investors send orders to broker/dealers to buy or sell securities. 2. The broker/dealers send the order for execution to an exchange or marketplace. 3. The trade is made with another broker/dealer or specialist on an exchange or marketplace. 4. Trade information is sent by the exchange or marketplace to NSCC for post-trade processing. 5. NSCC processes and records trades, and issues to broker/dealers a summary of all compared or recorded trades, including information on net securities positions and net money to be settled. 6. NSCC sends instructions to DTC with net securities positions to be settled. As deliveries are processed, net money to be settled is posted to NSCC’s settlement system. 7. DTC transfers ownership of securities electronically, moving net securities positions from the selling broker’s Account to NSCC’s account, and then from NSCC’s account to the buying broker’s account. 8. Broker/dealers’ settling banks send or receive funds to/from DTC (as NSCC’s agent) to complete settlement, at which time all securities movements become final. Apart from 1 above, all transactions are completed over electronic networks. Many orders come to brokers over the phone, but a sizeable fraction of orders now come from online brokers. 4. What is the Nagle algorithm? Why is it useful in TCP? Why might it be a good idea to disable the use of the algorithm when TCP is used in the financial services industry? Nagle's algorithm is a means of improving the efficiency of TCP/IP networks by reducing the number of packets that need to be sent over the network. It works by combining a number of small outgoing messages, and sending them all at once. Specifically, as long as there is a sent packet for which the sender has received no acknowledgment, the sender should keep Page 55
buffering its output until it has a full packet's worth of output, so that output can be sent all at once. Therefore it is useful in TCP to minimize the number of packets transmitted. It might be a good idea to disable the algorithm for the financial services industry because these services are very time sensitive so data packets have to be transmitted really fast to not cause delays 5. Specialist firms have emerged to help organizations reduce latency. One such firm is Corvil. Visit the firm’s website and write a brief report on the services offered by the firm. If you prefer, you may report on another firm that focuses on helping organizations reduce latency in the financial services industry. Corvil is a provider of unified application and network latency management systems for financial markets. Corvil’s products are used by the world’s leading global banks, exchanges, electronic market makers and service providers to proactively monitor and assure latency compliance, quickly troubleshoot and respond to latency problem and independently validate and report latency performance. This exercise asks students to look at the marketing material from a firm involved in latency management so that students see how critical this aspect of TCP is. Students may choose to identify other firms in the market that provide these services. 6. What is an Internet socket? What is socket-oriented programming or network programming? Why do you think financial services firms are interested in experts in computer network programming? An Internet socket is an endpoint of a bidirectional communication flow across an IP network. Internet sockets constitute a mechanism for delivering incoming data packets to the appropriate application process or thread, based on a combination of local and remote IP addresses and port numbers. Socket-oriented programming/network programming is the process of developing an application which uses Internet sockets. Financial services firms are interested in network programming experts because their business depends upon fast and highly optimized electronic communication. These professionals are expected to help financial firms gain a competitive advantage over other firms. 7. The ad on page 20 mentions pthreads. What are pthreads? Why are they useful? Hint: You may find this site very useful: https://computing.llnl.gov/tutorials/pthreads/ Pthreads are a set of C language programming types and procedure calls, implemented with a pthread.h header/ include file and a thread library - though this library may be part of another library, such as libc, in some implementations. The primary motivation for using
Page 56
Pthreads is that in comparison to a process, a thread can be created with significantly lower processing overhead, thereby speeding up applications.
Page 57
Chapter 6 Review questions 1. What are the functions of the application layer? How were the earliest application-layer protocols defined? What application do you spend the most time on? The application layer enables end user applications to use TCP and UDP in meaningful ways, for example to send email or to download web pages. The primary function of the Application layer is to hide the details of TCP and IP from end user applications. The earliest application layer protocols defined were SMTP, FTP, and Telnet. I spend the most time on the web (HTTP). 2. How has the web been most useful to you? The web enables me to search for information quickly. It has also become one of my most important shopping channels. This is a good question for class discussion. 3. What are the three most popular websites in the world today? What primary service does each site offer? The three most popular websites today are Google, Facebook and YouTube. Google helps people search for information, Facebook is the primary social media site and YouTube helps people upload short videos for anyone to see. This is a little hands-on exercise requiring students to visit Alexa to obtain website rankings. 4. Describe some changes in the patterns of Internet usage based on changes in the list of most popular websites globally. In 2005, the most popular sites were information providing sites. In 2008, many social media sites were extremely popular. In 2010, again the information providing sites seem to have become popular again. 5. Why is the web gaining popularity as a marketing tool over traditional methods such as yellow pages? The web is gaining popularity because most users have access to the web through the computer or phones at all times. The web enables highly targeted marketing which serves the interests of both customers and vendors. Finally, the major search engines have created Page 58
cost-effective programs for advertisers who pay only when an ad brings a customer to their site. 6. What is a hyperlink? What is an inlink? What information about a web page can be inferred from inlinks to the page? A hyperlink is a link from one web page to another web page. Links on other web pages that point to a page are called inlinks. Therefore, the more inlinks to a page, the more likely it is that the page contains relevant information. Inlinks help website owners identify other web sites that link to their site. Inlinks to a web page therefore provide a measure of interest in the page on the web. 7. What is HTML? HTML is the language that is used to create web pages. It defines how a certain piece of text should be displayed on the screen and what page the browser should load if the user clicks on a hyperlink. 8. What is search advertising? Why is it a powerful method of advertising compared to traditional media such as newspapers? Search advertising is the placement of advertisements on web search results. It is powerful because a web surfer who is searching for a product or service that a business offers, and is located within the coverage area of the business is a potential customer. It is therefore useful to attract his attention. Search advertising makes the web a powerful marketing medium and as a result, search engines are becoming a powerful intermediary in web marketing. 9. What is AdWords? Ad-words are the key words that advertisers can specify when advertising through search advertising. The ad is displayed when a user performs a search for that key-word. 10. What is URL? Describe the parts of a typical web URL. A URL, or uniform resource locator, is a character string describing the location and access method of a resource on the Internet. It is a way to represent any resource available through the internet. The first part of the URL begins with the protocol used (e.g. http.) The second part of the URL identifies the host. The third part is optional and specifies the port number. The fourth part of a URL specifies the resource on the host.
Page 59
11. What is a killer application? A killer application is an industry term used to describe a computer application to die for. It is an application that is so useful that it causes people to buy a large, expensive system just to get the functionality of the killer app. Internet entrepreneurs are always on the lookout for the next killer app. 12. In what ways do you use e-mail in your daily life? When do you prefer to use e-mail over the postal system? When do you prefer the postal system over e-mail? Most people use email to send short messages and articles, pictures etc as attachments. For most kinds of information transfer, people prefer email over the postal system. The postal system is used when sending bulky items such as books or gifts, or legal documents such as contracts. 13. Describe the differences between pull and push forms of communication, using the web and e-mail as examples. In the pull form of communication, the receiver decides what information to pull from a repository. This happens on the web, where there is no assurance that a web page will be read by a potential customer. In the push form of communication, the sender decides who to send the message to and when to send the message. Since email uses the push form of communication, email ensures that a message will reach the recipient’s mailbox. Of course, this has resulted in the problem of spam, where a lot of email reaching our inboxes is unsolicited. 14. Using examples from your own life, describe some advantages of e-mail as a communication medium compared to your other choices (such as cell phones, meetings). Email offers a few big advantages over other forms of communication. It allows me and my collaborators to respond at times convenient to us. Another advantage is that the email thread maintains a record of the entire conversation. Finally, the inbox is a great information storage where I can search for messages using keywords, dates etc. 15. What are some potential disadvantages with e-mail as a communication medium? Can you describe some occasions when you have run into these disadvantages of e-mail? A huge disadvantage is spam. Another problem is that particularly among friends, email encourages people to “shoot” emails before thinking. Finally, I have occasionally sent emails to lists when I meant to just send the mail to an individual. This could have been ruinous for me had I made adverse remarks about someone in the mail.
Page 60
Finally, a potential disadvantage, one that I have not personally experienced, is that if I made adverse remarks about someone in an email, that email may get circulated around and reach the subject of my remarks, hurting personal relations between us. 16. What is flaming? Sending emails while angry or email that provoke others to get angry is called flaming. 17. Describe the high-level structure of the e-mail system. The email system is composed to mail servers (MTAs) and clients (MUAs). Each email user uses a client to access their mailbox on a server. Outgoing email is sent by their server to the receiver’s server. The receiver’s server delivers the email to the recipient’s mailbox. The recipient sees this mail the next time they access their mailbox. 18. What are an MTA and an MUA in the context of e-mail? The MTA is the mail transfer agent and is the email server. It is always connected to the Internet. It sends and receives email on behalf of its users. The MUA is the mail user agent and is the software used by the end user to access their mail server. 19. What is the role of SMTP in e-mail? SMTP is the Simple Mail Transfer Protocol. SMTP is the protocol used by MTAs to transfer email between mail servers. 20. What is the role of POP/ IMAP in e-mail? POP and IMAP are protocols used by MUAs to retrieve and manipulate email in mailboxes located on the MTAs (mail servers). 21. What are some important differences between POP and IMAP? POP is the early MUA protocol and did not allow multiple email clients to maintain synchronization with each other and the mailbox. IMAP was created to overcome this limitation of POP. IMAP adds message IDs to every message on the mailbox. These IDs can be used by multiple clients to synchronize themselves with the mailbox on the server. IMAP also allows clients to conveniently manipulate the mailbox by performing operations such as creating, deleting, and renaming mailboxes, setting and clearing flags, and selective fetching of messages. 22. What is FTP? How is FTP different from HTTP?
Page 61
FTP is an application layer protocol for transferring files from one computer to another, regardless of the hardware and software configurations of the two computers. Whereas HTTP only creates one channel of communication, FTP creates two channels of communication, one for commands and one for the data. This allows FTP users to abruptly stop data transfer if necessary. 23. What is SSH? SSH is an application layer protocol for secure remote login and other secure network services over an insecure network. It is a replacement for Telnet. 24. What is instant messaging? How is IM different from e-mail? IM is an application layer protocol that allows users to send short quick messages to each other. The primary difference between IM and email is the absence of a mailbox in IM. If you need a record of an IM conversation, you are required to do that by manually saving the communication after it is completed. (Of course, corporate IM systems save IM conversations for legal purposes, but they are automatically deleted after the period specified by corporate policy). 25. What is presence in the context of IM? Presence is the ability of users to subscribe to each other and be notified of changes in state in users, such as when they come online or get busy or go away.
Hands-on exercise 1. Using online and any other resources, write a brief summary of how Wireshark is used to manage computer networks. Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. It is useful to detect problems arising from packet transfer whenever the network seems to behave abnormally. For example, a consultant reports the following (http://www.shaferconsulting.com/2009-wireshark-for-network-management, accessed 01/10/10): A government customer with a staff of about 12 on a small LAN had a new “big-brand-name” combination copier, printer and scanner installed. The day after the installation the manager sent me an email saying that when I had a chance to check out the network as it was definitely acting just a tad more sluggish. A 60 second capture set with Wireshark showed that the network was not only busily handling its normal load of TCP/IP traffic but was awash in both AppleTalk and IPX/SPX. Seeing how we had neither any Macs or Netware servers on the network inquiring minds wanted to know the source of this bothersome gibberish. A Page 62
quick analysis of the packets revealed the offending traffic all originating from the IP assigned to the new multifunction machine. A short walk through the network settings dialog screens for the multifunction box showed that the tech had simply left the defaults on which where to use IPv4, AppleTalk and IPX/SPX. Two quick taps to disable the latter two and Wireshark showed the network no longer bothered by unnecessary traffic and the performance slightly improved. 2. What are the sequence and acknowledgement numbers of the three TCP packets performing the three-way handshake? These packets were exchanged just before the GET request for the web page. Packet 1: SEQ = 0 (1126221826) Packet 2: SEQ = 0 (3108502424); ACK = 1 (1126221827) Packet 3: SEQ = 1 (1126221826); ACK = 1 (3108502425) These are relative numbers. For exact numbers shown in parentheses, you need to go to Edit → Preferences → Protocols → TCP, and uncheck “Relative sequence numbers and window scaling.” I think the raw sequence and acknowledge numbers are more informative than the relative numbers. The numbers originated by the sender are in bold, and the numbers from the receiver are italicized and underlined. 3. Right-click an HTTP packet and select “Follow TCP stream.” What are the HTTP header fields in the first client request and the first server response? What are the values in these fields? As an example, in the figure, one of the client fields is “Host” and the value of the field is www.ismlab.usf.edu. Client request header: GET / HTTP/1.1 User-Agent: Opera/9.80 (Windows NT 6.0; U; en) Presto/2.7.62 Version/11.00 Host: www.ucf.edu Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: en-US,en;q=0.9 Accept-Charset: iso-8859-1, utf-8, utf-16, *;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, *;q=0 Cookie: __utmz=101841029.1281563149.1.1.utmcsr=132.170.240.131|utmccn=(referra l)|utmcmd=referral|utmcct=/contact/; __utma=101841029.2041095561.1281563149.1281563149.1282137271.2 Cookie2: $Version=1 Connection: Keep-Alive
Page 63
Server response header: HTTP/1.1 200 OK Date: Mon, 10 Jan 2011 22:40:17 GMT Server: Apache Last-Modified: Mon, 10 Jan 2011 22:35:02 GMT ETag: "1f639-4798-499859433d8a8" Accept-Ranges: bytes Content-Length: 18328 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html
4. How many different GET requests did your browser have to make to download the entire page? What were the arguments to these GET requests? For example, as shown, the browser made two GET requests. The first request asked for “/html101.html” and the second GET request asked for “/favicon.ico.” If there are more than five GET requests, only list the arguments for the first five GET requests. GET / GET /css/home.css GET /img/bullet.png GET /img/header_border.png GET /js/jquery.corner.pack.js 5. What is the IP address of your default gateway? This is obtained from ipconfig. 192.168.1.1 6. What is the MAC address (physical address) of the default gateway identified above? This is obtained from arp –a. 00-18-3a-c0-9a-43 7. Select an HTTP packet. List its source and destination IP addresses as well as source and destination Ethernet addresses.
IP MAC
Source address 192.168.1.6 00-ff-98-ac-71-86
Destination address 132.170.240.131 00-18-3a-c0-9a-43
Page 64
8. Referring to the figure and the information collected in questions 5 and 6 above, what machines does each of these addresses (MAC and IP) refer to? You may be able to relate this to the idea that whereas MAC addresses are hop-by-hop addresses, IP addresses are end-to-end addresses. IP destination address is the IP address of the UCF web server. The MAC destination address is the address of the local default gateway. 9. What are the source and destination port addresses in the selected packet? Source port: 32564 Destination port: 80 10. Look up your etc\services file (In Windows, this file is usually located in C:\Windows\System32\drivers\etc). Which of these ports is a standard port? Paste the entire line from the etc\services file that contains information about this port. http
80/tcp www www-http
#World Wide Web
The idea behind this question is to de-mystify some aspects of their computer. The requirement to paste the entire line from the etc/services file is to ensure that students actually open the file.
Network design exercise 1. For at least five of these uses of computer networking, use the Internet or other sources to identify the market-leading software applications used to obtain the required functionality (for example, to serve web pages, the market-leading software is the Apache web server). In a table, provide the following information for the five uses: the application (use) category, the market-leading software application in the category, and a paragraph or two about the strengths of the selected software application. (You can use the marketing information from the application’s website to describe the strengths of the application.) Application category Web site
Market leader Strengths of market leader Apache
The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Apache has been the most popular web server on the Internet since its beginning in April 1996. Page 65
Web marketing
Electronic commerce
Yahoo! merchant solutions
Zimbra
Voice
Nextiva
Inventory Motorola management solutions
Google allows firms to create ads and choose keywords, which are words or phrases related to their business. These ads appear next to the search results when people search on Google using one of the keywords. Businesses are therefore advertising to an audience that's already interested in them. People can simply click on the ad to make a purchase or learn more about the business. Yahoo! Merchant Solutions provides all the required features to maintain an online store. It provides professional design templates, inventory management, shopping cart, payment processing, order processing and other similar features. The Zimbra Collaboration Suite (ZCS) is a communication system that includes email, calendar document storage and editing, instant messaging, and simplified administrative controls. The user interface is web-based and uses the latest AJAX web technology. ZCS also provides mobility and synchronizes with desktop client applications; the server is deployed on commodity Linux and Mac server hardware. Nextiva provides VoIP services for business customers at over 80 locations in the US. They offer all the standard business services such as a 1-800 number, auto-attendant and U.S. based customer support. Motorola Inventory Management Solutions for Retail provide visibility into inventory from the loading dock to the cash register. The solution combines mobile computers, wireless infrastructure and radio frequency identification (RFID) tag inlays and readers with partner applications.
The goal of this exercise is to get students to think about prices and the extent of customer service necessary to earn revenues online.
Case questions 1. Google offers two channels for advertising — AdWords and AdSense. What is AdWords? What is AdSense? AdWords is Google's flagship advertising product and main source of revenue. AdWords offer pay-per-click advertising, and site-targeted advertising for text, banner, and rich-media ads. AdWords generated revenues of 23 billion for Google in 2009. Advertisers are the audience for AdWords. AdSense is an ad serving application run by Google. Website owners can enroll in this program to enable text, image, and video advertisements on their websites. These Page 66
advertisements are administered by Google and generate revenue on either a per-click or per-impression basis. Website owners are the audience for AdSense. 2. The principal competitors to Google in online advertising are Yahoo and Microsoft. Briefly summarize the capabilities of the advertising platforms of these two firms. Microsoft and Yahoo have combined forces to offer various forms of online advertising. They claim to reach 33 percent of the U.S. online market with the combined platform. The different kinds of Internet advertising options available are (1) search advertising, which promotes offers next to relevant search results. Advertisers pay only when someone clicks their ad; (2) content ads placed next to relevant stories; (3) mobile search advertising helps target tech-savvy, on-the-go customers; (4) display advertising, which places banners, images, and rich media to engage the audience visually and emotionally to help improve brand recognition. 3. What are the sources of revenues of the company from its publishing business? From the 10-K form for 2009 (available at: http://www.sec.gov/Archives/edgar/data/39899/000095012310016360/c95384e10vk.htm), the sources of revenue in the publishing business of the company (Gannett) are (1) Advertising, (2) circulation, and (3) commercial printing and other (pg 32). 4. What fraction of the company’s revenues in its printing business come from advertising? In the printing business, 67% of the company’s revenues come from advertising (pg 32). The goal of this exercise is to get students to see a 10-K document and extract useful information from it. 5. What fraction of the company’s revenues in its printing business come from circulation? 27% of the company’s revenues in its printing business come from circulation (pg 32). The remaining revenues (about $262 mn) come from the commercial printing and other category. 6. Ignoring dividends, how has the company’s stock performed in the last three years and five years? Hint: Find the latest stock price, the stock price three years ago, and the stock price five years ago. Then simply calculate the returns as: return = (current price – old price)/ old price. Current price: $15.09 Price 3 years ago: $35.03 (-56.9%) Page 67
Price 5 years ago: $62.25 (-75.76%) 7. Spot Runner is a company that integrates online media with traditional TV channels. Write a brief description of the services offered by the company. In the write-up, describe how the company can benefit small businesses such as local pizza parlors trying to advertise on local TV stations. They are able to place TV-ads (which are going to be seen at ESPN, food, SPIKE, comedy central) or Online videos (at Youtube, Yahoo! Video) or simple Online-Ads (at Google, Yahoo!, MSN). The best way to describe this is to use the following statement of the Wall Street Journal: “The Internet is helping small businesses alter the way they sell themselves... [some] are using Internet firms like Spot Runner, Inc., which help small businesses create affordable commercials and buy air time for those ads in local television markets.” So the answer for a local pizza parlor is simple: Spot Runner is focused on small businesses like that and therefore perfect if a local business wants to have their ads placed on TV. They simply give Spot Runner a call, and they are going to buy airtime from television markets for an affordable pricing. 8. Take a leading national newspaper or your leading local newspaper. Briefly describe its online presence. Include information such as the following: What are the major news categories on the publication’s website? What are the main products or services advertised? What customization options does the site offer? Does it charge a subscription fee for online content? What do you think is the newspaper’s target audience? Newspaper: Wall Street Journal The newspaper has a significant online presence. It is one of the only newspapers that has always charged for online content. The paper actually thinks of its online presence as a separate publication. This means that it is possible for some news stories to be published online but not in print, and vice-versa. Even when the same article is published on both channels, the online article often has a different title than the print version of the same article. In addition, the paper has blogs that report on economic events in real-time. The online publication also allows subscribers to be alerted about significant events and end-ofday market summaries. The major news categories include World news, U.S. news, New York news, Business news, Market news, and Tech news. In addition, the home page also includes features on Personal Finance, Life & Culture, Opinion, Careers, Real Estate, and Small Business The advertisers on the site are mainly financial services firms including Fisher investments, FINS Finance for job-searches, Allianz Investments, ING Direct, and American Express Bank.
Page 68
The site allows subscribers to customize alerts and shows related stories when you select an article for viewing. The ads also seem to be customized to the article and subscriber. The paper offers various subscription offers. The print and online subscription rate is about $150/ year for the first year and the online only subscription rate is about $100/ year. The target audience for the publication is senior managers and public policy officials.
Page 69
Chapter 7 Review questions 1. What is DHCP? Why is it useful? DHCP, or dynamic host configuration protocol, is a technology that enables automatic assignment and collection of IP addresses. DHCP is useful because it greatly simplifies the allocation of IP addresses. DHCP also improves the efficiency of allocating IP addresses. 2. What are some of the reasons for the inefficiencies in allocating the available IP addresses? The main reason for inefficiencies in allocating IP addresses comes from the block allocation of IP addresses by the registries. Many organizations that have a large number of IP addresses only use a small fraction of these addresses. According to some estimates, only about 15% of the available IP addresses will actually get used. With a total of 4 billion IP addresses, we are likely to run out of IP addresses when we reach about 600 million hosts on the Internet, as is happening beginning around 2010. 3. What are the three types of address allocation schemes in DHCP? Under what conditions is each of these categories of address allocation preferred? The three types of IP address allocation schemes in DHCP are automatic, manual, and dynamic. In automatic allocation, DHCP allocates IP addresses to hosts on the network on a first come first serve basis. Once allocated, this IP address remains assigned to the host for ever. This is convenient in networks where devices are referred by name, as is common in most home networks. For this reason, most home routers use automatic allocation to distribute IP addresses. In manual allocation, the network administrator manually specifies the IP addresses to be allocated to individual devices on the network. Each time a device with a manually allocated IP address is switched on; DHCP provides it the IP address specified by the network administrator. This is useful for network devices such as printers where network administrators can permit connections through firewalls in a controlled manner. In dynamic allocation, IP addresses are leased out for short durations by the DHCP server. Before the lease expires, clients can ask the DHCP server to extend its lease. If the DHCP server does not hear from the client when the lease expires, the DHCP server reclaims the IP address and the address becomes available for another client. Dynamic allocation is very useful for computers such as client PCs. Since most residential customers need Internet Page 70
connectivity only in the mornings and evenings, they fall in this category. Dynamic allocation is therefore popular among ISPs to allocate IP addresses to subscribers. 4. What is address leasing in DHCP? Address leasing refers to the allocation of an IP address to a client for a specific duration, after which it is reclaimed by the DHCP server. The duration for which an IP address is provided is called the DHCP lease-time. Before the lease-time expires, clients can request an extension of the lease. 5. Use ipconfig /all at the command prompt of a Windows computer. What is the lease duration of the IP address? The lease duration from my home router is 24 hours (1 day). 6. Briefly describe the sequence of operations that allow a freshly booted DHCP client to obtain an IP address from a DHCP server on the network. During startup, the DHCP client broadcasts a DHCP DISCOVER message on the network asking for network parameters from DHCP servers listening on the network. Every network that uses DHCP has at least one DHCP server listening for DHCP client requests on the network. Since the DHCP REQUEST is broadcast, clients need not know the IP address of the DHCP server. When the broadcast reaches the DHCP server, the server responds by providing the client with an IP address and other essential network parameters in a DHCP OFFER message. When the client accepts one of these offers, it confirms it by broadcasting a DHCP REQUEST message with the selected parameters. All DHCP servers make note of this information and the selected DHCP server sends a DHCP ACK confirming the allocation. 7. What are non-routable IP addresses? Non-routable IP addresses are addresses from the three blocks defined in RFC 1918. This allows IP address reuse. These addresses are called non-routable addresses because routers and firewalls limit the packets using RFC 1918 addresses to the LANs in which they originate. Packets do not leave any router with an RFC 1918 address in either the source IP address or destination IP address field. Routers also do not advertise routes that include RFC 1918 IP addresses to other routers because they are aware that these addresses are likely to be reused elsewhere on the network. 8. IP addresses are used for routing. Why are non-routable IP addresses useful? Non-routable addresses are useful because they enable IP address reuse. With the help of non-routable addresses, one IP address may be used to allow hundreds of computers within a network to get Internet connectivity.
Page 71
9. Why can’t a computer with an RFC 1918 IP address be used as a public-facing web server? A computer with an RFC 1918 address cannot be used as a server because client requests will not reach it. Routers prevent packets with RFC 1918 address in the destination address from leaving the networks. 10. What is network address translation? Why is it useful? Network address translation refers to changing IP addresses from one IP address block to another. It is useful because it allows computers with RFC 1918 addresses to connect to the Internet. When a packet with a RFC 1918 address reaches the NAT device, its source address is changed to a regular, routable IP address. This allows replies to the packet to reach the NAT device, which is responsible for sending it to the original source. 11. How do DHCP, non-routable addresses, and NAT help improve the efficiency of utilizing IP addresses and reduce the shortage of IP addresses? DHCP is commonly used to assign RFC 1918 (non-routable) addresses to hosts on a network. NAT allows these hosts to connect to the outside world. Thus, while non-routable addresses and NAT enable networking, DHCP simplifies the allocation of the non-routable addresses within the network. 12. What is NAPT? How can it improve the efficiency of utilizing IP addresses, compared to NAT, without port translation? NAPT is the method by which IP addresses are mapped from one address block to another, providing transparent routing to end hosts. It is even more efficient than NAT because it allows one external IP addresses to have 65,536 simultaneous connections to a destination from any host within the network. Without port translation, it is possible to have port conflicts if two hosts within a NAT network use the same port to connect to a remote application. 13. Describe the NAPT operation, i.e., describe how the IP addresses in a packet change as a request packet travels from a source with an RFC 1918 address to a destination and the reply comes back to the source. The client sends out a request with its own address as the source IP address of the packet. As the packet leaves the network where it originated, it is intercepted by the home router which also acts as the NAPT translator. The NAT translator changes the source IP address of the packet to the translator’s own IP address. When the packet reaches its destination, the recipient sends a response to the NAT translator. The translator then modifies the destination IP address of the packet to the address of the original source and sends it over the internal network where it reaches the sender.
Page 72
14. What is ARP? What is it used for? ARP is a protocol that dynamically binds a Network-Layer IP address to a Data-Link Layer physical hardware address. It is used to find the MAC address for a known IP address. 15. Briefly describe the operation of ARP. When a device has a packet to send to a neighboring device whose IP address is known, it uses ARP to obtain the MAC address of the device. The sender broadcasts an ARP request packet on the network which includes the known IP address. Since the ARP request is broadcast, it is guaranteed to reach the target device. Upon receiving the ARP request, the target device replies with its MAC address. The sender can now use this address in the data link layer to form a packet and send it to the neighboring device over the LAN. 16. List the entries in the ASP cache of your computer using the arp –a command. On my computer, the entries at this time are: Internet Address Physical Address Type 192.168.1.1 00-18-3a-c0-9a-43 dynamic 192.168.1.5 00-11-24-95-d1-4f dynamic 192.168.1.7 f8-1e-df-d8-cf-81 dynamic 192.168.1.153 00-d0-4b-8d-8e-48 dynamic 192.168.1.154 00-d0-4b-8d-01-fb dynamic 192.168.1.255 ff-ff-ff-ff-ff-ff static 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.251 01-00-5e-00-00-fb static 224.0.0.252 01-00-5e-00-00-fc static 239.255.255.250 01-00-5e-7f-ff-fa static 255.255.255.255 ff-ff-ff-ff-ff-ff static This is a little hands-on exercise and student answers will be different from the above. 17. What is DNS? What is it used for? The domain name system is the set of databases that performs the correspondence between the fully qualified domain name and its IP address. It translates domain names such as www.bu.edu to IP addresses, wherever in the world the domain name may be located. 18. Describe the hierarchical organization of domains on the Internet. The top level of the naming universe is written as “.”. At the highest level within the naming universe are the top-level domains such as .com; .edu.; and .org.. These top level domains generally delegate mapping responsibilities to organizations and networks. These Page 73
organizations and networks get domain names such as fau.edu. and youtube.com. Domains can further delegate to sub-domains. Organizations usually delegate further until endpoint domains such as www.fau.edu. are reached. Endpoint domains are the host names that users typically access on the Internet. Each domain maintains jurisdiction over its immediate sub-domains, and only these sub-domains. Each domain is responsible to translating the immediate sub-domain names to IP addresses. 19. Why is it useful to organize domain names such as www.usf.edu hierarchically as they are done in DNS? Hierarchical organization is a very effective mechanism to co-ordinate the activities of a large number of distributed agents. Through hierarchical organization, we can organize all known domain names in a way such that each domain administrator is only responsible for the name to IP address mapping for a small number of domain names. 20. What are the different kinds of top-level domains? There are country domains and open domains. Countries domains are domains such as .us, .cn etc. Private domains include the popular names such as .com, .org, and .info. Anybody can register a domain as a sub-domain of any of these open TLDs. There are also limited domains such as .gov, .edu and .mil. Organizations need to satisfy certain criteria to obtain sub-domains of these domains. 21. Describe the process used by a name server to resolve the IP address of a URL typed by a user. When a user enters a URL in a browser, the browser passes the host name in the URL to the DNS resolver on the PC. The resolver contacts its designated DNS server to obtain the required IP address. If the DNS server has the IP address in its cache, it sends it immediately. Otherwise, the DNS server performs all necessary lookups in the DNS system to obtain the IP address. When the IP address is obtained, the DNS server passes it to the DNS client, which passes the IP address to the browser. Now, the browser can populate the destination IP address field and send out the request packets to the web server. 22. What is a zone in the context of DNS? A zone in the context of DNS is a DNS domain. Each name server is responsible for its zone and only its own zone. 23. What is a recursive query in DNS? When does it become necessary? A recursive query in DNS is when the DNS server begins a query at a higher level in the DNS hierarchy to reach the target domain. This becomes necessary when the DNS entry in a server’s cache reaches its time to live and the DNS server has to resolve the domain name. Page 74
24. What are the different network services provided by the typical home wireless router provided by ISPs? The home router acts as a DHCP server, NAT router and DNS server on the home network. 25. Use the nslookup command to obtain the IP address of www.google.com. (You may have to type in ”.” after com.) Which name server performed the name resolution for you — your local name server or the Google name server? nslookup www.google.com Server: ns1.usf.edu Address: 131.247.1.1 Non-authoritative answer: Name: www.l.google.com Addresses: 74.125.229.51 74.125.229.52 74.125.229.48 74.125.229.49 74.125.229.50
This is another little hands-on exercise.
Hands-on exercise 1. Use nslookup to obtain the IP address of your university’s website. Show the output. PS > nslookup www.usf.edu Server: ns1.usf.edu Address: 131.247.1.1 Non-authoritative answer: Name: www.usf.edu Address: 131.247.222.249 2. Use nslookup to obtain the IP address of the home page of one of the major employers in your area. Show the output. PS > nslookup www.rjf.com Server: ns1.usf.edu Page 75
Address: 131.247.1.1 Non-authoritative answer: Name: www.rjf.com Address: 170.12.69.53 3. Use nslookup to obtain the IP address of the home page of one of the companies included in the S&P 500 index. The list of these companies can be found from many sources by searching online for the term “s&p 500 companies.” Show the output from nslookup. PS C:\Windows\system32> nslookup www.microsoft.com Server: ns1.usf.edu Address: 131.247.1.1 Non-authoritative answer: Name: lb1.www.ms.akadns.net Address: 65.55.12.249 Aliases: www.microsoft.com toggle.www.ms.akadns.net g.www.ms.akadns.net Students may observe that all queries were resolved by the local name server.
Critical thinking questions 1. Read about the lawsuit filed by Nissan Motors Corporation against Nissan Computer Corporation. A timeline of the lawsuit is at http://www.nissan.com/Lawsuit/The_Story.php. Which of the two parties do you think is rightfully entitled to own the Nissan.com domain name? What are your principal arguments in favor of the party? Uzi Nissan by all accounts is the rightful owner of the nissan.com domain. The principal argument in favor of this party is that it is a pre-existing family name, which had been used for business purposes before domain names became important. The firm also registered the domain name earlier. Page 76
This is a very interesting case, which demonstrates the intersection of commercial issues and domain names.
Network design exercise 1. What services in Coolco’s network will require externally addressable IP addresses? The minimal set of services in Coolco’s network that will require externally addressable IP addresses include the web, email, and DNS. All these services need to be able to receive incoming requests from the Internet. In addition, Coolco is also very likely need to accept VPN connections from its mobile workers. All these services may run on one host. But most likely, they will run on independent systems for performance reasons. Coolco HQ
2. Update your network diagram by adding an Internet connection from the Tampa office. The Internet is typically Border router drawn as a cloud. You may find it convenient to use the Internet Network design exercise icons and template document available with the readings for Chapter 1 on the companion website. N
W
E
S
The diagram is shown above. A border router is shown separating the Coolco network from the Internet. Routers have not been covered yet. So, students may connect the Internet directly to the HQ building. This will be fixed in chapter 9 (routing). 3. Further update the diagram to include a NAPT device that translates between the internal /10 network and the
Coolco HQ
NAT firewall
Border router N
W
Internet
E
S
Page 77
external IP addresses obtained from the ISP. The updated diagram is shown here. Generally, the border router will also run NAT. But for convenience, it has been shown as a separate device here. Students begin building out the network beginning with this chapter.
Case questions 1. What are some of the essential features needed in an e-commerce website? A good starting point for your answer would be Yahoo’s small business site (http://smallbusiness.yahoo.com/ecommerce/features.php) An e-commerce site should facilitate brand-building, order-taking, order-fulfillment, ordertracking and customer-service. To provide these services, e-commerce sites have relevant domain names, visually attractive web sites, ability to send email, support forums, shopping carts, payment methods including credit cards and sales reporting. Many sites also allow easy order-tracking at FedEx, UPS and the postal service. This question is intended to get students to think about e-commerce websites for small business and the features needed at these sites. Many students can find it profitable to develop templates that offer the above services and meet the needs of small businesses. 2. What is an important agricultural or other natural product that your state is known for? Find a business that sells this product online. Describe some important e-commerce capabilities of the company’s website. If there is no such product, select one from a nearby state. Florida is best known its strawberries and oranges. Many farms sell oranges online. An example is http://www.sungroves.com/. The ecommerce capabilities on their site include a phone number, FAQs, a shopping cart and the ability to place standing orders for seasonal citrus fruits. 3. Find a hosting service provider in your city or the nearest metropolitan area. Visit the company’s website and describe some of the services offered by the company. (Select up to three services if the company offers many services.) What are the monthly fees for each of these services? For each of these services, think of a business or non-profit that might find the service useful. A Hosting service provider in the Tampa Bay Area is Infinity Computer Solutions. Their primary business is web hosting at monthly rates of $10 - $20. They also offer web development services, mostly for small businesses. For small to medium businesses such as law firms, physician offices and real-estate offices, they also offer the typical IT infrastructure services such as installation, integration, backups etc. Page 78
Incidentally, Host Infinity is a company started and run by a UG alum of our program. He got into the business by developing websites for small business using Zen-cart, an open source shopping cart solution. This is why I think that this case gives students the opportunity to investigate commercial opportunities in this sector. 4. From the ISP’s website, what are some of the job openings at the hosting service provider you selected? What are the required skills for these openings? If the selected provider has no openings at this time, pick another provider whose website lists at least one job opening. While the company has not advertised any positions, they are always looking for skilled web developers and designers. Their “Our Company” page has the following information: Can you design custom logos and graphics? Do you know how to work with ASP, PHP, or any other web development utilities? Do you have experience designing database structures that actually make sense? If you fit any of these parameters, there may be a position of prestige waiting for you in the ICS family. Please contact us at ICS@HostInfinity.com with a resume and portfolio (if applicable) for a chance to make your mark on the internet community now and into infinity! ICS@HostInfinity.com. 5. Instead of using the full suite of e-commerce services from a hosting provider, you could limit yourself to hosting services and use free software such as Zen Cart to create your online store. What are some of the capabilities of Zen Cart (www.zen-cart.com)? Zen-cart’s primary capability is a shopping cart. It allows provides other essential features such as allowing users to create item categories and sub-categories to any depth, create customer categories, add items to the cart, place ads, create newsletters, run promotions, offer quantity discounts and integrate with payment solutions. 6. What is a favicon? What is your university’s favicon? The word favicon is an abbreviation of “favorites icon”. It is an image that measures 16×16 or 32×32 pixels and is seen near the address bar of the browser when the user visits the webpage. USF’s favicon integrates USF’s colors with the Bulls sign .
Page 79
Chapter 8 Review questions 1. What is subnetting? Subnetting is the division of large blocks of IP addresses allocated to an organization into smaller address blocks called subnets. Each department within the organization can be assigned one or more of these smaller address blocks. Each department’s network administrator can use these smaller address blocks to manage their networks. 2. What is the organizational motivation for subnetting? The organizational motivation for subnetting is that it facilitates autonomy for the IT groups within organizational units. Each department within the organization can be assigned one or more smaller address blocks and each department’s network administrator can use these smaller address blocks to manage their networks. 3. In large organizations, what are some disadvantages with allocating IP addresses on a first-come, first-served basis? The primary disadvantage of allocating IP addresses on a first-come first-served basis is that the network administrator will not have any idea where a host with a given IP address is located on campus. Therefore, if a user with a network connectivity problem calls the network administrator for help, the network administrator would have a very difficult time trying to troubleshoot the problem. Also, first-come first-serve allocation prevents organization of IP addresses. 4. How does the typical campus network structure facilitate subnetting? In the typical campus network, each department or organizational unit is connected through an independent LAN. Subnetting can be used to provide the administrator of this LAN with the required number of IP addresses to meet the needs of the department. DHCP can be used to allocate these addresses to the hosts on the LAN. 5. How do you determine the number of subnets needed in an organization? An analysis of the business determines the most suitable number of subnets for the organization. Each functionally independent unit of the organization is a candidate for a subnet. 6. Using an example, describe the three-part interpretation of IP addresses when subnetting is used. Page 80
Consider the IP address 131.247.99.108. Since we know that this IP address is part of the 131.247.0.0/ 16 network, we know that the first two octets identify the network to which the address belongs. Assuming 8-bit subnet IDs, the 99 in the third octet identifies the subnet and the 108 in the fourth octet identifies the host within the subnet. 7. Describe how subnetting is similar to the three-part organization of telephone numbers. The first part of the telephone number denotes the Metro area, the second part identifies the exchange within the metro and the last 4 digits identify the phone receiver within the exchange. This is similar to IP addresses where the first part identifies the network, the second part the subnet and the third part identifies the host within the subnet. 8. Describe how subnetting is similar to the multi-part organization of zip codes. Zip codes are multi part addresses, just like IP addresses. The first digit of a zip code identifies the national region and each subsequent digit further narrows down the region until the fifth digit identifies a post office. Thus, zip codes may be considered to be 5-part addresses. 9. How does the three-part numbering system used in telephones facilitate the switching of long distance calls? With 10 digits, we can have 10 billion phones. When a call is placed, the local exchange has no need to know where the final destination is located. It only needs to know how to direct the call to one of the 1,000 3-digit area codes. Within the area, the phone system only needs to know which of the 1,000 end offices to direct the call to. This end office only has to know about the 10,000 phones within its jurisdiction. Thus, even though no entity in the phone system knows about more than 10,000 other entities, any of these devices can connect to any of the other 10 billion devices. 10. How does the multi-part numbering scheme used in zip codes simplify the mail handling tasks at a typical post office? Due to the multi-part nature of the postal addressing system, each post office only needs to know how to deal with the 10 1-digit regions in the country. Within each region, mail can be sent to one of the 10-digit sub-regions identified by the second digit. This process can continue until the mail reaches the destination post office. Thus, each entity in the postal system only needs to know about 10 other entities to be able to deliver mail anywhere in the country. 11. What are the three IP addresses on any network that are not available for allocation to hosts?
Page 81
The broadcast address (all 1’s in the host part), the network address (all 0’s in the host part) and the IP address used by the gateway router are not available for allocation to hosts within the network. 12. What factors determine the subnet structure of an organization? For example, if you have a Class B address, how will you determine if you should have 512 subnets, 256 subnets, 128 subnets, 64 subnets, or some other number of subnets? An analysis of the business determines the number of subnets the organization needs. For example, an organization with 30 different units will need at least 30 subnets. In practice, it may choose 64 subnets to allow for future expansion and better management of IP addresses. 13. What is a subnet mask? A subnet mask is a number that tells the host which bits in an IP address constitute the network ID and subnet ID of the network. The subnet mask is a 32-bit number comprising a sequence of 1’s followed by a sequence of 0’s. The 1’s are bit positions of the network and subnet ID and the 0’s are bit positions of the host ID. 14. Why are subnet masks needed? Unlike address classes where the boundary separating the network part from the host part is known from the first octet of the IP address, with CIDR addresses and subnet masks, the sizes of the various parts of the IP address are now completely flexible. For routing purposes, it is necessary to isolate the network ID + subnet ID. Subnet masks are needed to do this. 15. What do the 1s and 0s in a subnet mask represent? The 1’s indicate bits in the IP address that form the network ID and subnet ID. For example, if a subnet mask has 20 1’s, the first 20 bits of any IP address in the organization identifies the network ID and subnet ID. The 0’s represent the host ID bits in any IP address in the organization. 16. Can 255.255.253.0 be a subnet mask? Why or why not? The binary representation of 255.255.253 is 11111111.11111111.11111101.00000000 Since the sequence of 1’s is interrupted with a 0, this number cannot be a subnet mask. 17. What information about a network can be gathered by looking at its subnet mask? The subnet mask provides two pieces of information – the number of subnets in the organization and the number of hosts in each subnet. 2 raised to the power of the number of 0’s in the subnet mask is the number of hosts in each subnet. 2 raised to the power of the Page 82
number of bits in the subnet ID is the number of subnets in the organization. The number of bits in the subnet ID is the number of 1’s minus the number of bits in the network ID. The number of bits in the network ID can be obtained from ARIN. 18. Say you have a /14 network address. You are asked to create subnets with at least 1,000 hosts/ subnet. What subnet mask should you use? To obtain 1,000 hosts per subnet, we need 10 bits in the host ID part because 210 = 1,024. The remaining 22 bits in the subnet mask will be 1’s. This gives us the subnet mask: 11111111.11111111.11111100.00000000, 255.255.252.0.
which
in
dotted
decimal
notation
is
19. How many subnets can you have on the network in the question above? Of the 22 bits in the network ID and subnet ID, we know that the network ID takes up 14 bits. Therefore the subnet ID has 22 – 14 = 8 bits. This gives us 28 = 256 subnets. 20. The broadcast address on a subnet is obtained by replacing the bits in the host part with 1s instead of 0s. What is the broadcast address of the subnet 192.168.1.192/28? Since this address is part of a /28 network, only the last 4 bits are the host ID. Therefore, the broadcast address will only be different in the last octet. 192 = 11000000. Replacing the 4 bits of the host ID part with 1 gives us the octet 11001111. 11001111 2 = 207. Therefore, the broadcast address on this subnet is 192.168.1.207. 21. How many hosts can a /18 network support? A /18 network has 14 bits in the host ID part. This network can support 214 = 16,384 hosts. 22. Say you have a /15 network address. You are asked to create subnets with at least 1,000 hosts/ subnet. What is the maximum number of such subnets you can create? We need 10 bits for the host ID. 15 bits are taken up by the network ID. Therefore, the subnet ID will have 32 – 15 – 10 = 7 bits. With 7 bits, we can have 27 = 128 subnets. 23. What is the subnet mask you will use for the question above? The subnet mask will be a sequence of 15 + 7 = 22 1’s followed by 32 – 22 = 10 0’s. This number is 11111111.11111111.11111100.00000000. In dotted decimal notation, this is 255.255.252.0. 24. Consider two IP addresses: 192.168.35.56 and 192.168.36.135. If the subnet mask used is 255.255.252.0, what are the masked IP addresses (subnet IDs) for the two IP addresses? Page 83
In both addresses, the first 2 octets do not change; the fourth octet is fully masked out and becomes 0. Therefore, computations are required to determine the changes in the third octet. The third octet in the subnet mask is 11111100. This means that the last 2 bits in the third octet of both IP addresses will become 0. 3510 = 001000112 and 3610 = 001001002. After masking, the third octet of first IP address will become 00100000 (32) and for the second octet will be 00100100 (36). Therefore, the masked IP addresses are 192.168.32.0 and 192.168.36.0. 25. How can subnetting help limit network traffic at routers? Subnetting can be used to improve network efficiency by limiting the volume of traffic that needs to be routed. If the destination is on the same subnet as the source, subnetting helps the source to determine this fact and bypass routing so that it can reach the host directly over the Ethernet. Therefore, if an administrator can determine the hosts that communicate with each other extensively, they should be placed in the same subnet to minimize network traffic that needs to be routed.
Critical thinking questions 1. You have been told to provide a subnet for each major department in the business. Assuming that the business has a typical organization structure for a business of this size, list the different subnets you would like to set up for the business. The typical subnets will be for accounting, marketing, HR, finance, IT and general management. This results in about 6 subnets. 2. How many bits would you need in the subnet ID to provide the required number of subnets? Six subnets require 3 bits (yielding 8 subnets). However, keeping future expansion in mind, the organization may want to use 4-6 bits for the subnet ID, yielding 16 (4 bits), 32 (5 bits) or 64 (6 bits) subnets. 3. How many hosts IDs would be available in each subnet in your design? With 4 bit subnet IDs, we would have 12 bits available for the host IDs, allowing 4,096 hosts/ subnet. With 5 bit subnet IDs, we would have 11 bits available, allowing up to 2,048 hosts/ subnet and with 6 bit subnet IDs, we could have 1,024 hosts/ subnet. 4. Present your results in the form of a table like the table in the chapter.
Page 84
Assuming 4 bit subnet IDs, the subnets would appear as follows (net ID and subnet ID bits have been bolded and underlined): Organization unit Subnet address (binary) Subnet address (decimal) Accounting 11000000.10101000.00010000.00000000 192.168.16.0/ 20 Marketing 11000000.10101000.00100000.00000000 192.168.32.0/ 20 HR 11000000.10101000.00110000.00000000 192.168.48.0/ 20 Finance 11000000.10101000.01000000.00000000 192.168.64.0/ 20 IT 11000000.10101000.01010000.00000000 192.168.80.0/ 20 General management 11000000.10101000.01100000.00000000 192.168.96.0/ 20 … similarly, the remaining 10 subnets
Hands-on exercise 1. Write the subnet mask in the figure in 32-bit binary notation. The subnet mask is 255.255.252.0. In binary notation, the IP address is: 11111111. 11111111. 11111100.00000000 2. How many bits in IP addresses on the network are used for the host part of the IP address? Since this subnet mask has 10 0’s, 10 bits in the IP addresses on the network are used for the host part. 3. How many hosts can the subnet of the figure accommodate? With 10 bits, each subnet can accommodate 210 = 1,024 hosts. 4. How many bits in IP addresses on the network are used for the network part of the IP address? To answer this question, it is necessary to lookup the IP address at ARIN. We see that the IP address 10.247.197.61 is part of the 10.0.0.0/8 network. This means that the first 8 bits in the IP addresses on the network are used for the network part. 5. The IP address of the computer is 10.247.197.61. Write this IP address as a 32-bit binary IP address. 10.247.197.6110 = 00001010.11110111.11000101.001111012 6. What is the masked address of the host in binary notation? (This is the network ID + subnet ID part of the IP address.) Page 85
The masked IP address retains the bits in those positions where the subnet mask has 1’s in the corresponding positions, i.e. the first 22 bits. This gives us the address: 00001010.11110111.11000100.00000000 7. Express this masked address in dotted decimal notation. Express the masked address in CIDR notation. In dotted decimal notation, this masked address is 10.247.196.0. In CIDR notation, we also include the size of the subnet and write this as 10.247.196.0/ 22. 8. Show the ipconfig /all output on your computer. What is the subnet mask on the network? Since this is the same computer on which I captured the screenshot, the subnet mask is the same, i.e. 25.255.252.0. This question asks students to examine their own subnet mask. 9. Based on the subnet mask, how many computers can be addressed on the subnet on which your computer is located? Since the subnet mask has 10 0’s, as calculated in q3, this subnet can accommodate 1,024 hosts.
Network design exercise 1. What subnets would be suitable for use in the company’s four locations? The IP address allocations based on the network design calculations in chapter 4 are shown below. The subnet for the Tampa subnet is a bit tricky. This is because the company only has a /21 network, which gives it 2,048 IP addresses. Typically, a /22 subnet would be provided for Tampa, since the /22 subnet provides 1.024 IP addresses, which is sufficient for the needs in Tampa. However, once the required allocations are made to Amsterdam, Mumbai and Singapore, only 768 IP addresses remain available for Tampa. To use these 768 subnets, we will have to use two subnets. A /23 subnet, which gives 512 IP addresses and a /24 subnet, which gives 256 IP addresses. Location
Users
Other devices
Tampa Amsterdam Mumbai Singapore
300 100 200 200
450 150 300 300
IP addresses required 750 250 500 500
Subnet /23, /24 /24 /23 /23
IP addresses available 768 256 512 512 Page 86
2. Update the network diagram from Chapter 7 to show the subnets you created in the previous question. The updated diagram is shown below.
EMEA Service Center /24 Coolco HQ /23, /24
Call Center /23
NAT firewall
AP Service Center /23
Border router N
W
Internet
E
S
3. Further update the network diagram to show the four DHCP servers, one server at each location. The diagram updated yet again is shown below.
Page 87
EMEA Service Center /24 Coolco HQ /23, /24
DHCP server
Call Center /23
NAT firewall
AP Service Center /23
DHCP server DHCP server
Border router N
W
Internet
E
S
Case questions 1. How many customers can the ISP serve in San Antonio? Since San Antonio has a /21 subnet, the host part has 11 bits. This means that the ISP can serve 211 = 2,048 simultaneous customers in San Antonio. 2. How many customers can the ISP serve in Houston, combining the capacity of all the subnets? Since 5 /21 subnets have been allocated to Houston, the ISP can serve 5*2,048 = 10,240 simultaneous customers in Houston. 3. If the two /20 Houston subnets are merged together, what is the subnet address of the resulting network? Since the subnet boundaries of both subnets are in the third octet, the first, second and fourth octets are not affected by the merger. So, let us look at the third octet in binary. This Page 88
is shown in the table below. Since the two subnets are /20 subnets, pay close attention to the bit in the 20th position: Subnet address First octet Second octet Bit-wise breakdown of third octet Fourth octet (bits 0 – 8) (bits 9 – 16) 17 18 19 20 21 22 23 24 (bits 25 – 32) 66.118.32.0 66 118 0 0 1 0 0 0 0 0 0 66.118.48.0 66 118 0 0 1 1 0 0 0 0 0 It may be noted that the two subnets differ only in the bit in the 20 th position. Also, note that the bit in the 19th bit position is the same (1 in this case). Subnet aggregation makes both bits in the 20th position part of the same network, which is now identified by the bit in the 19th position. Therefore, the aggregated subnet is identified by the first three bits in the octet (001), the remaining 5 bits become part of the subnet (00000) and the mask becomes /19 instead of /20. Therefore, the resulting subnet is 66.118.32.0/ 19. 4. What are the /24 subnets that comprise the Dallas /21 subnet? (Hint: there are 2 (24 – 21) = 23 = 8 such subnets.) The Dallas subnet is 66.118.16.0/21. All hosts in this subnet have the same set of 21 bits in the network ID + subnet ID. The hosts are identified by the remaining 11 bits. This is shown in the table below, where the first and second octets are in decimal (to keep things simple, because they have no information relevant to this question). The third and fourth octets are in binary. The underlined bits are part of the subnet ID and the remaining bits are used for the host ID. 66 First octet
118 Second octet
00010 000 Third octet
00000000 Fourth octet
If we are interested in /24 subnets, then we do not care about the values of the last 8 bits in these 11 bit host IDs. Therefore, each subnet is identified by the three left-most bits in the 11-bit host ID . By taking all possible values for these 8 bits and converting the corresponding network addresses to dotted decimal notation, we get the following 8 subnet IDs. The table shows how the IDs are calculated Third octet in binary 00010 000 00010 001 00010 010 00010 011 00010 100 00010 101 00010 110
Third octet in decimal 16 17 18 19 20 21 22
Subnet address 66.118.16.0/ 24 66.118.17.0/ 24 66.118.18.0/ 24 66.118.19.0/ 24 66.118.20.0/ 24 66.118.21.0/ 24 66.118.22.0/ 24 Page 89
00010 111
23
66.118.23.0/ 24
5. What are the /24 subnets that comprise the Austin /21 subnet? Exactly as above, the /24 subnets in the /21 Austin subnet are calculated as follows: Third octet in binary 00001 000 00001 001 00001 010 00001 011 00001 100 00001 101 00001 110 00010 111
Third octet in decimal 16 17 18 19 20 21 22 23
Subnet address 66.118.8.0/ 24 66.118.9.0/ 24 66.118.10.0/ 24 66.118.11.0/ 24 66.118.12.0/ 24 66.118.13.0/ 24 66.118.14.0/ 24 66.118.15.0/ 24
It may be noticed that the two sets of subnets are different only in two bits, the bits in the 20th and 21st positions. These two questions show the students how the subnet calculations follow a very standard pattern. 6. Use BGPlay to show the network connectivity diagram for the 66.118.0.0/18 network. The diagram is shown below.
Page 90
7. What is the data rate of an OC-12 connection? An OC-12 connection offers a data-rate of 622 Mbit/s, enough to carry the highest speed ATM channel. 8. What are the remaining subnets in Dallas and Austin? Aggregate the subnets where possible. The information about the Dallas and Austin subnets from the tables above is shown below. The subnets that are moved to Houston are crossed out. The bits that have been aggregated are highlighted. The aggregated subnets are shown in column 4. Location Dallas Dallas
Third octet binary 00010 000 00010 001
in Subnet address 66.118.16.0/ 24 66.118.17.0/ 24
Aggregated addresses
Remarks
66.118.16.0/ 22
2 bits aggregated
are as
Page 91
Dallas Dallas Dallas Dallas Dallas Houston Austin Austin Austin Austin Austin Austin Austin Houston
00010 010 00010 011 00010 100 00010 101 00010 110 00010 111 00001 000 00001 001 00001 010 00001 011 00001 100 00001 101 00001 110 00010 111
66.118.18.0/ 24 66.118.19.0/ 24 66.118.20.0/ 24 66.118.21.0/ 24 66.118.22.0/ 24 66.118.23.0/ 24 66.118.8.0/ 24 66.118.9.0/ 24 66.118.10.0/ 24 66.118.11.0/ 24 66.118.12.0/ 24 66.118.13.0/ 24 66.118.14.0/ 24 66.118.15.0/ 24
66.118.20.0/ 23
highlighted in the second column 1 bit is aggregated
66.118.22.0/ 24
No aggregation
66.118.8.0/ 22
2 bits aggregated
66.118.12.0/ 23
1 bit is aggregated
66.118.14.0/ 24
No aggregation
are
Page 92
Chapter 9 Review questions 1. What is routing? Routing is the process of moving information from the source network to the destination network through intervening LANs and WANs. Routing involves the selection of paths between the two networks. 2. LANs use broadcasting to ensure that data reaches its destination. Why is it not advisable to use broadcasting between LANs? Broadcasting within the LAN only creates a limited amount of unnecessary traffic. Broadcasting data between LANs would generate too much unnecessary traffic. This traffic volume would overwhelm routers and end user computers. 3. What are routers? Find three carrier-grade router models made by the major vendors. What is the range of list prices on these routers? Routers are devices used to interconnect two or more networks. Three models from CISCO and their list prices (from EBay) are: CISCO 1921: $2,295 CISCO 2911: $2,630 CISCO 3945E: $11,340 4. What are the important similarities between switching and routing? Both switches and routers are used to deliver data from a source to a destination. 5. What are the important differences between routing and switching? Switches are used within LANs, whereas routers are used across LANs. Therefore, switches use MAC addresses whereas routers use IP addresses. Switches deliver data from a host to another host. Routers deliver packets from a source network to a destination network. Switches typically cannot handle loops within networks; whereas routers can handle any network layout. Switches typically configure themselves, whereas routers require administrative support for configuration. Page 93
6. Consider a router at the interface of two networks; say your university and its ISP. Draw a figure showing the IP addresses of the two interfaces of the router and the CIDR address blocks of the two networks. (You may need to use tracert to obtain the IP addresses at the two interfaces and arin.net to obtain the address blocks of the two networks.)
Time Warner Telecom
USF
66.192.247.226
131.247.254.229
66.192.0.0/14
131.247.0.0/16
This is a hands-on exercise, which needs to be completed in 3 steps. In the first step, students should do a tracert from their home machine to their school website. This will give them the IP address at the ISP side of the router that interfaces between their school and the Internet (66.192.247.226 in the figure above). They need to perform the second step while they are at school or when they are connected to the school over a VPN, i.e. when they have a school IP address. In this step, they should do a traceroute to the IP address identified in step 1 (i.e. 66.192.247.226 in the figure above). This will give them the IP address of the school side of the router (131.247.254.229 in the figure above). Finally in step 3, they can use ARIN to find the IP address blocks of the two networks. 7. What is an autonomous system? An autonomous system is a collection of routers that fall under one administrative entity. 8. How are post offices like autonomous systems? Each post office announces the zip codes for which it takes responsibility to deliver mail. We may treat the zip code served by the post office as it’s AS number. The post office functions like an autonomous system for these zip codes. The USPS system knows that all it has to do to get a piece of mail delivered to a home address within a zip code is to pass the mail item to the post office announcing responsibility for the zip code. The USPS system in the rest of the country does not have to worry about how the post office internally manages its mail men, mail routes, new addresses, staff shortages and the like. The post office will take care of the details of timely delivery within its area, just like an autonomous system on the Internet. Page 94
9. Briefly describe how routing works. The Internet is organized as a collection of autonomous systems. Routers connect autonomous systems to one another. Routers maintain a routing table which aggregates information about all known paths between autonomous systems. Routers also periodically exchange information about these routes with each other, informing other routers about known changes to these paths so that other routers can update their routing tables. When a packet arrives at a router, the router looks at its routing table to identify the best neighboring router to forward the packet to. The neighboring router then identifies the next best neighbor and so on, until the packet reaches its destination autonomous system. At the destination AS, the network uses whatever technology is available to direct the packet to the destination host. 10. What is a routing table? What information is stored in a routing table? A routing table is a collection of paths that can be reached from the router along with information about the path. Each entry in the routing table lists a network that can be reached, the neighboring router to forward the packet to in order to reach this network, and details about the path to the destination through this neighbor 11. One route from the routing table at the Route Views project is shown below. What does each term in the route indicate? 128.210.0.0/16 194.85.4.55
0
3277 3267 9002 11537 19782 17 i
This route indicates that the network 128.210.0.0/16 can be reached from the router at the RouteViews project. The next neighboring router on the path to 128.210.0.0/16 is 194.85.4.55. The 0 in the third column in the route indicates that a measure of the cost of sending the packet to the destination through this router is 0. This number is called the routing metric. Finally, the last column in the route is the actual path, indicating that the packet will be delivered through AS 3267, 9002, 11537, 19782 and 17. 12. Use the AS numbers website (www.cidr-report.org/as2.0/autnums.html) to find the names of all the autonomous systems referred to in Question 11 AS 3277
RUSNET-AS Regional University and Scientific Network (RUSNet)
AS 3267
ZKB Zuercher Kantonalbank
AS 9002
OPTI-AS OPTI Systems SRL
AS 11537 ABILENE - Internet2
Page 95
AS 19782 INDIANAGIGAPOP - Indiana University AS 17
PURDUE - Purdue University
13. What is a routing metric? How is the routing metric used to select the path when multiple paths are available? The routing metric for a network path is a measure of the cost of delivering a packet through the path. When choosing among multiple paths to deliver a packet, routers select the path with the lowest metric. 14. Use the tracert utility to record the route from your home computer to your university’s home page. > tracert www.fau.edu Tracing route to www.fau.edu [131.91.128.83] over a maximum of 30 hops: 1 50 ms 40 ms 40 ms 10.200.200.200 2 41 ms 41 ms 40 ms 131.247.116.252 3 41 ms 41 ms 40 ms vlan254.campus-backbone2.net.usf.edu [131.247.254.46] 4 41 ms 41 ms 40 ms 131.247.254.242 5 41 ms 41 ms 41 ms tpa-flrcore-7609-1-te31-v16011.net.flrnet.org [198.32.166.93] 6 46 ms 46 ms 46 ms mia-flrcore-7609-1-te331.net.flrnet.org [198.32.155.9] 7 48 ms 48 ms 48 ms 198.32.155.198 8 49 ms 48 ms 48 ms 131.91.188.1 9 49 ms 48 ms 48 ms wise.fau.edu [131.91.128.83] Trace complete.
USF has locked down its router to block ICMP packets. I therefore performed a tracert to FAU. 15. What are routing protocols? Routing protocols are the mechanism used by routers on the Internet to maintain routing tables. Routers use routing protocols to communicate route information with neighboring routers. 16. What are the two kinds of routing protocols? Give an example of each of the two kinds of routing protocols. There two kinds of routing protocols – exterior and interior. An example of an exterior routing protocol is the Border Gateway Protocol, or BGP. An example of an interior routing protocol is Open Shortest Path First protocol, or OSPF. Page 96
17. Provide an overview of how exterior routing protocols work. In exterior routing protocols, each router informs its immediate neighbors about the networks it can connect to. Routers collect this information from all their neighbors and pass this information on to their neighbors. This way information about available routes reaches all routers on the Internet. 18. Provide an overview of how interior routing protocols work. In interior routing protocols, routers periodically broadcast information about their immediate neighborhood to all other routers on the network. Routers use information collected from all these broadcast to compute the connectivity information about the network. 19. What is route aggregation? Route aggregation is the combination of two or more IP address blocks to one larger address block. As an example, route aggregation can be used to combine two /16 address blocks into one /15 address block. 20. Why is route aggregation useful? Route aggregation greatly reduces the size of the routing tables. Without route aggregation, if all /16 address blocks are aggregated into /15 address blocks, the routing tables will be reduced to half their size. If aggregated into /14 address blocks, routing tables will be reduced to one-fourth the size. Route aggregation therefore eliminates redundancy in routing information and simplifies routing. 21. Give an example of routes before and after route aggregation. Before aggregation: 192.168.0.0/24 and 192.168.1.0/24 After aggregation: 192.168.0.0/23 22. What is MPLS? MPLS is a packet forwarding mechanism that uses pre-defined labels to determine how to deliver packets. It simplifies IP routing by reducing the amount of information that routers need to process to make a routing decision and also the sizes of the routing tables. 23. What is the motivation for the development of MPLS? The development of MPLS was motivated by the observation that whereas routers have only one job – selecting the next hop to forward the packet, the packet header that is processed Page 97
by routers contains a lot more information than is needed to make the routing decision. Processing other header fields such as TTL puts unnecessary processing load on routers. Routing could be simplified if only the destination address field was presented to routers for processing. MPLS further simplified routing by making addresses (MPLS labels) local to the network. 24. What is a label in MPLS? Where is the label attached to a packet? Where is it removed? In MPLS, the forwarding equivalence class is called a label. The routing decision takes the form of a labeling decision. The labeling decision is only done once on a packet, when the packet enters the network. The label is therefore added to the packet at the point of entry into the network after the labeling decision is made. Throughout the packet’s path through the network, only the MPLS label is used for packet forwarding. When the packet leaves a network, the MPLS label that was added to the packet on entry into the network is removed. 25. What is a forwarding equivalence class (FEC) in MPLS? Give an example of two packets that may be assigned the same FEC even though they are addressed to two destinations. A forwarding equivalence class is a group of IP packets which are forwarded in the same manner through the network, for example over the same path. If two packets enter a network in NYC and are addressed to two different organizations in Dallas, they may be assigned the same MPLS label as the packets travel through the network from NYC to Dallas.
Hands-on exercise 1. Write a brief summary of the goals of the Route Views project from the project home page at www.routeviews.org. The Route Views project was originally conceived as a tool for Internet operators to obtain real-time information about the global routing system from the perspectives of several different backbones and locations around the Internet. While the Route Views project was originally motivated by interest on the part of operators in determining how the global routing system viewed their prefixes and/or AS space, there have been many other interesting uses of this Route Views data. For example, NLANR has used Route Views data for AS path visualization (see also NLANR), and to study IPv4 address space utilization (archive). Others have used Route Views data to map IP addresses to origin AS for various topological studies. 2. What is the network ID of the network to which your university belongs? (In some states, university networks are part of larger state networks) 131.247.0.0/ 16
Page 98
Students should have figured this out by now, since they have obtained this information for the hands-on exercises in chapters 4 and 8. 3. Show a screenshot (similar to the figure) of the BGPlay query results for your university’s network.
To be able to get this figure, it is important to get the CIDR address of your university network correctly. BGPlay only displays maps for advertised networks. 4. Pick a route originating from your university that passes through at least three autonomous systems. Write the route as a sequence of ASes (e.g., 2905 701 1239 19151 3851). 5661 (University of South Florida) → 11096 (FloridaNet) →19401 (National LambdaRail) →2153 (California State University Network). To obtain the identity of an AS, simply click on the AS in the BGPLay results window. 5. What are the network names of the ASes selected above? The networks are the University of South Florida, FloridaNet, National LambdaRail, and the California State University Network. 6. Pause BGPlay during a route announcement. Show a screenshot as shown in the figure. What is the new route added? Page 99
The new route added is AS 7018 (AT&T) → AS 174 (Cogent) → AS 5661 (USF) 7. Pause BGPlay during a route withdrawal. Show a screenshot as shown in the figure. What is the route withdrawn? The route withdrawn is the same as above, i.e. AS 7018 (AT&T) → AS 174 (Cogent) → AS 5661 (USF)
Page 100
Network design exercise 1. To connect to the other locations, Coolco needs border routers at each location. Update the network diagram from chapter 8 to include a border router at each of the four locations. This question is not in the text and is an oversight. It is necessary to prepare the network for the later chapters. The diagram is shown below.
Page 101
EMEA Service Center /24 Coolco HQ /23, /24
DHCP server
NAT firewall
EMEA border router
Call Center /23
AP Service Center /23
DHCP server DHCP server
Tampa border router N
W
Internet
E
Mumbai border router Singapore border router
S
2. If you haven’t already done so, update your network diagram so that the Internet connection from Tampa goes through the border router at Tampa. This has already been done since chapter 7. 3. Each location uses Ethernet to connect the various devices at the location to each other and to the Internet through the border router. Update the diagram to show an Ethernet at each location. Connect the DHCP server at each location to the Ethernet. Also, connect the Ethernet to the border router. The diagram is shown below.
Page 102
EMEA Service Center /24 Coolco HQ /23, /24
DHCP server
NAT firewall
EMEA border router
Call Center /23
AP Service Center /23
DHCP server DHCP server
Tampa border router N
W
Internet
E
Mumbai border router Singapore border router
S
4. Write a brief report (two – three paragraphs) on how OSPF can be helpful in dynamically adjusting network traffic between ISDN and the primary WAN. You may find it useful to search for terms such as “ospf failover.” OSPF is commonly used to provide redundancy. If a site has two or more network connections, the network administrator can define routing metrics such that the primary WAN has the lowest metric and the backup network has a high metric. This way, the primary WAN will always be preferred as long as it is available to handle traffic. As soon as a problem is detected on the primary WAN, the low priority (high metric) network will be used to send traffic.
Case questions 1. Describe some of the damage caused to communications networks due to Hurricane Katrina. According to the report of the independent panel studying the federal response to Hurricane Katrina, ,more than three million customer telephone lines in Louisiana, Alabama and Page 103
Mississippi lost service; 38 911 call centers were down; also 50 percent of area radio stations and 44 percent of area television stations went off the air. 2. Describe some of the damage caused to communications networks on 9/11. The events of September 11, 2001, damaged the physical infrastructure of the Internet in one of the network’s most important hubs — New York City. Verizon had a central office at 140 West Street, very near the World Trade Center complex. This office was destroyed. Electrical power in Lower Manhattan was disrupted, and backup power systems to telecommunications facilities in the area quickly ran out of fuel. At least 74 US and multinational telecommunications carriers have equipment in New York. The city is served by more than 100 international Internet carriers, and it has direct links with 71 countries. Many of these connections take place over the network of the local exchange carrier, Verizon, and the long-haul fiber networks pass through Verizon’s central offices. Less than half a mile from ground zero, Telehouse operates an Internet exchange point on 25 Broadway, serving about 40 Internet providers from NYC area, Europe, South America, and South Africa. About 70% of Internet traffic from Europe to the US passed through 25 Broadway. 3. Why is text messaging and VoIP more reliable than circuit-switched voice networks? Packet switching makes text messaging and VoIP more reliable than circuit switched networks. Circuit-Switched networks are very vulnerable because damage to any part of the circuit disrupts the ability of the entire circuit to forward a signal. Text messaging or VoIP use packet switching, whereby packets are routed to the destination. If one part of the network is damaged, routers can find an alternate route if one is available. 4. Name some leading Voice-over-IP service providers in the country. Compare their services — pricing, equipment required, etc. Two leading competitors in VoIP services are Vonage and Skype. Vonage offers monthly plans at about $25/ month plus taxes. The plans offer all phone features such as call forwarding, call waiting, and even international calls at no additional charge. Vonage requires that the user have broadband service and adds a router to the home network, which interfaces between phone signals and broadband signals. Skype uses the microphone and speaker on a regular computer to make calls. Calls to other Skype users connected to computers are free. Skype offers paid plans to place calls to regular phones. These plans range from per minute rates of about 3c per minute to flat monthly rates of about $14. 5. What are content delivery networks? How are they useful during disasters?
Page 104
Content delivery networks (CDN) are third-party content distribution networks such as Akamai. These providers place storage devices at ISPs to reduce the load of websites and networks. The most popular pages of the customer are replicated at the various CDN sites. When a user visits a customer’s site, the request is intercepted by the CDN and served from local sources if possible. This speeds up the customer experience, while lowering network traffic. A good example was CNN, which employed Akamai to host its website during peak time access on 9/11. 6. View the statistics on the nyiix website. What is the busiest time of day for Internet traffic? Why do you think traffic peaks at this time? Traffic peaks at 11am and 3pm EST. These are the peak morning and evening office hours across all time zones in the country. 7. What were some changes in Internet traffic patterns on 9/11? Internet traffic was lower on 9/11 than on a typical business day, most likely because people who would have normally used the internet during the day turned to the television or to phone calls for news and information about near and dear ones. Network traffic did increase in two areas – the quest for news and the use of internet communications as a substitute for phone calls. Emails and IM were used as substitutes for telephone services as well. In the aftermath of 9/11 email was less used, but news sites and IM were used more heavily 8. Why is it useful to reduce the size of a web page so it fits into one IP packet? During high-demand periods it can be useful to fit the entire web page into one IP packet to minimize web traffic and the number of packets that need to be processed at routers. It also reduces the processing workload at servers in processing acknowledgments. 9. What is a possible extreme disaster that is likely to strike your city? Create a disaster continuity plan for communication that will allow you to maintain communication with the two most important people in your life in case this disaster strikes your town. If you wish to maintain the privacy of these individuals, just call them A and B, or use other such anonymous names. The most likely disaster to strike Tampa would be a hurricane. If this happens, I expect internet connectivity to still be available. So, I would plan to use Wi-Fi to communicate over Skype. I have provided my Skype ID to my parents and have taught them to create a Skype account, download the Skype applications and use it. Fortunately, they have a computer with a speaker and microphone and broadband connection, so that was not a challenge. Many students are likely to find that their near and dear ones do not have access to a computer or broadband, do not know how to use Skype, or do not have their Skype IDs. This simple exercise can demonstrate the challenges of IT adoption to students. Page 105
Chapter 10 1. What are WANs? WANs are networks that provide data communication services to a large number of independent users. These users are usually spread over a larger geographic area than a LAN. Therefore WANs span large areas such as states, countries and even continents. 2. Why can’t we use broadcast on WANs as is done on LANs? Broadcasting is very effective for communication in small networks and lowers the cost of LAN equipment. But as number of users’ increases, broadcast CSMA slows down the network significantly. To avoid interfering with other users, each station in a broadcast network has to wait for the network to go silent before it can transmit. It is easy to see that as more computers join the network, the wait times for transmission will get longer and longer. Therefore, WANs do not use broadcast. 3. Why is Ethernet unsuitable as a WAN technology? Since the cost of each LAN link is much less than the cost of the computer it connects, it is not very important to optimize the utilization of these links. Thus, in Ethernet LANs, link utilization is very low, as the links are active only when network traffic is specifically directed to the connected computers. This inefficiency in link utilization is acceptable in LANs because it results in low costs for the technology. But cables that connect computers across cities, states or even countries are extremely expensive to install and maintain. We cannot afford low rates of utilization for these expensive assets. Therefore, Ethernet is not suitable as a WAN technology. 4. What are some similarities between the interstate system and WANs? WANs are the internet analogue for interstate highways. WAN links are long just like Interstate highways Also, just as traffic entering the interstate merges seamlessly into existing traffic, WAN traffic also merges with existing data traffic on the WAN without waiting for silence (collision avoidance and detection) on the WAN network. Just as merge ramps facilitate integration of local traffic with pre-existing traffic on the interstate; routers merge multiple streams of traffic on WANs. 5. What are some similarities between neighborhood roads and LANs? LANs are the internet analogue for neighborhood roads. LAN links are short like neighborhood roads. Just as traffic entering the neighborhood road waits for the road to clear before entering the road, LAN traffic also waits for the link to be clear before inserting
Page 106
traffic into the network. Collisions are prevented by drivers looking out for other traffic on the road. 6. What are the main categories of WANs? The main categories of WANs are point-to-point networks such as dial-up and T/DS systems; statistically multiplexed systems such as X.25, Frame relay, and ATM; TDM systems such as SONET and FDM/WDM systems such as fiber optic networks. There is also MPLS, which is a network layer technology, which can be transported over any of these WAN categories. 7. How is the phone network used as a wide-area computer-networking technology? When the signal carrying capacity of the phone network is used to transport data, each phone line is capable of providing a data rate of 56 kbps. The earliest WANs used the phone network to create wide area links. A phone connection could act as a point-to-point line connecting any two networking nodes located anywhere in the country. To convert data into a format suitable for transmission over the phone line, devices called modems were used. The first internet used phone lines to connect the four Internet nodes. 8. What are T-carriers? T-carriers, or telecom carriers are services offered by telecom companies that combine the data carrying capacity of multiple phone lines to provide higher data rates. 9. What are the common data rates of T-carriers? T-1 carriers provide a data rate of 1.544 Mbps and T-3 carriers provide 44.736 Mbps. Fractional T-3 carriers can provide data rates between 1.5 and 45 Mbps. 10. What are DS signals? The data-carrying signals transmitted over the T-carriers are called digital signals or DS for short. Formally therefore, the T-carrier is the physical line carrying signals and the DS is the signal or data transported over the T-carrier. DS is a synonym for T carriers in the industry. 11. T-carriers are used to create a full mesh network with five nodes. How many links will be required? This is computed as n(n-1)/2 where n is the number of nodes to be connected. For n = 5, this gives us 10*4/2 = 10 links. 12. What are the limitations of point-to-point WANs such as T-carriers?
Page 107
The primary limitation of point-to-point networks is that there is very limited traffic aggregation that can be performed on point-to-point networks. This results in low link utilization on point-to-point networks, which raises costs. Also, a separate link must be set up for each pair of nodes that need connectivity. While this is not a major issue in small networks, it is a major issue as the network grows large. 13. What is statistical multiplexing? Statistical multiplexing refers to aggregating data based on need. In statistically multiplexed networks, switches collect data packets as they arrive from multiple input sources and send them out over a shared long-distance link to the next node. Statistically multiplexed WANs allocate network resources according to need. 14. How is statistical multiplexing useful in WANs? Statistical multiplexing aggregates traffic as it is done on the Interstate highway system. Statistical multiplexing is likely to give higher link utilization, at the cost of slightly higher system complexity. With statistical multiplexing, the data carrying capacity of the long distance link, the most expensive part of the network, can be shared among organizations, greatly improving the utilization of the capacity of the WAN link. 15. How does statistical multiplexing reduce burstiness of traffic in the physical medium? Burstiness refers to the arrival of data in bursts followed by periods of relative silence. Each individual data traffic stream is almost always bursty because of the large differences in the speed at which the network can transmit data and the speed at which human beings can process the data. But users do not generally co-ordinate their bursts. Therefore, aggregating traffic can improve link utilization by reducing the “burstiness” of the traffic on the link. When the traffic from the two organizations is aggregated, the overall traffic is “smoother” than the traffic from either organization A or B. 16. What are virtual circuits? A virtual circuit is a communications arrangement in which data from a source user may be passed to a destination user over various real circuits. The virtual circuit identifies a designated path from the source to the destination. 17. What is a circuit? How is a virtual circuit like a circuit? How is a virtual circuit different from a circuit? In telecommunications, a circuit is a specific path between two or more points along which signals can be carried. A virtual circuit is like a circuit in that it represents a complete path from source to destination over which data can be transferred. A virtual circuit is different from a circuit in that the virtual circuit is only a label, not a real medium or channel. Page 108
18. Why are IP addresses not used for addressing within virtual circuits? The primary advantage of virtual circuit IDs is that whereas IP addresses are global, virtual circuit IDs are local to the telecom carrier. Therefore, the carrier only needs to be able to manage a small number of virtual circuit IDs, making the use of virtual circuit IDs much simpler than the use of IP addresses for routing packets. Also, using a different ID prevents carriers from having to change their underlying data transport gear when IP changes. 19. What is X.25? What are some salient features of the technology? X.25 is a statistically multiplexed WAN technology which uses link-by-link acknowledgements as the data is transferred from source to destination. The extensive acknowledgments are done because X.25 was created when data networks were very unreliable. 20. What is Frame Relay? What are some salient features of the technology? Frame relay is a data communication protocol that streamlines X.25 by eliminating link-bylink acknowledgements. This was done when the underlying networks became highly reliable and the extensive acknowledgments of X.25 were no longer needed. A salient feature of Frame relay is the use of CRC to detect bit errors. When a frame is found to have errors, frame relay simply drops the frame and trusts TCP to ask for retransmission of the data in the frame. 21. What is ATM? What are some salient features of the technology? ATM (asynchronous transfer mode) is a data communication technology which improves upon Frame Relay by allowing multiple classes of priority for traffic. Traffic such as voice can be delivered with high priority and low priority traffic such as email can be delivered with low priority. 22. What is time-division multiplexing? How is TDM useful in WANs? Time division multiplexing (TDM) is a data communication technology in which the available data rate on the physical medium is divided into multiple time slots. Each customer is allotted some specific time slots from the available time slots. TDM is useful in WANs because in some media such as fiber optic cables, it is convenient to transfer data as one channel, but no end user can use the data carrying capacity of a fiber optic channel. TDM allows the high capacity of the optical channel to be split among multiple end users. 23. What are some standard data rates of SONET, the popular TDM WAN technology? Some standard SONET data rates include the following:
Page 109
OC-1
50.112 mbps
OC-3
150.336 mbps
OC-12
601.344 mbps
OC-48
2.405,376 mbps
OC-192
9.621,504 mbps
OC-768
38.486,016 mbps
24. What is frequency-division multiplexing (FDM)? How is FDM used in WANs? Frequency division multiplexing refers to the splitting of the available line bandwidth into multiple lower bandwidth channels. FDM is used in WANs in dense wavelength division multiplexing (DWDM). Modern optical fiber has a very high bandwidth and is capable of supporting extremely large data rates. This fiber is used to carry multiple channels of traditional optical signals. As mentioned in q.22, each of the traditional optical channels multiplexes many end users using TDM. 25. Describe how WANs may be considered a data-link- layer technology. Typically, WAN technologies are used to transport IP packets, just like Ethernet. Since WAN technologies lie between IP and the signals delivered by the physical layer, the natural position of LANs in the TCP/ IP stack is as a data link layer technology.
Hands-on exercise 1. Why is it useful to simulate network performance before investing in upgrading network equipment? Network simulation is useful because it identifies investments that are likely to provide the greatest return of investment. In large networks, when performs deteriorates, it is tempting for administrators to simply add more bandwidth and routers at as many locations as possible. But by simulating the network and its traffic, network administrators can run various scenarios, compare various upgrades and identify the most meaningful upgrades for their networks. 2. Run the campus_LowLoad scenario
Page 110
For this exercise, students just have to download the software and run the included test scenarios. The goal of the exercise is to introduce an interesting network tool to students. If they are interested in experimenting further, the companion website has instructions that to create networks, add traffic and collect statistics. 3. Run the campus_HighLoad scenario. Same as above. 4. Show the advanced results (as in the figure). This is included in the chapter, and is shown here for reference. 5. Discuss the results in the three windows. In the discussion, describe why email throughput is the same in all scenarios, but FTP throughput is higher in the high traffic scenario. Also describe why the FTP download response time is so high in the high traffic scenario. The same volume of email is sent in all the scenarios as seen in the figure below. E-mail traffic across scenarios
FTP traffic across scenarios
The figures above may be accessed by going to Results → View results → Displayed panel graphs and checking the boxes next to the three email statistics, and 3 FTP statistics.
Page 111
Therefore, there is no difference in the email throughput across the scenarios. However, as seen in the figure above, more files are transferred using FTP in the higher traffic scenarios. Therefore, FTP throughput is higher in the high load scenario. The FTP response time is higher because of the clients’ inability to handle the additional upload requests. This can be seen in the figure to the right, which can be obtained by selecting the low load and high load FTP statistics is panel 10 of the displayed panel graphs window. We see that in this case, the solution to improve network performance is to upgrade the clients on the network and improve their capability to handle upload requests. 6. (Optional) If you would like to learn how to use OPNET to set up a WAN and simulate it, please visit the companion website and follow the instructions for the OPNET WAN lab. These are included in the readings for this chapter. This is for the interested student. The current exercise is adequate for most undergraduate students.
Network design exercise 1. WAN links are typically shown using straight lines connecting the two endpoints. Different thicknesses or colors are used to show different data rates. Assume that the company uses the following three WAN links to connect the four locations — US–Singapore, US– Amsterdam, and Amsterdam–Mumbai. The data rate on the US–Amsterdam link is 100 Mbps to accommodate the data backup traffic. All other links are 10- Mbps links. Update the network diagram from Chapter 9 to include these WAN links. The diagram is shown below.
Page 112
EMEA Service Center /24 Coolco HQ /23, /24
Call Center /23
DHCP server
NAT firewall
N
W
Internet
DHCP server
b Mu m m– erda mbps t s Am 10
upli
Tampa border router
US – Amsterda m 100 mbps
US ISP o nk t
ai
EMEA border router
DHCP server
A
E ISP networks
AP Service Center /23
ai bMumbai um – M sborder router m da bp ter 0 m ms 1
apo ing – S mb p s S U 10
Singapore border router
re
S
2. Of the WAN technologies covered in this chapter — dial-up, T-carriers, X.25, Frame Relay, ATM, and SONET, which technology is best suited to meet Coolco’s WAN needs? We assume that Coolco prefers to standardize on one technology across the company, for reasons discussed in chapter 14. Of the six technologies suggested above, only ATM and SONET offer data rates of 100 mbps or more. Therefore, these are the two candidate technologies. Of the two, ATM is specifically designed to offer support for different classes of service, including voice and video. Therefore, ATM is a candidate technology because Coolco’s needs include support for voice (high priority for packet delivery) and data. SONET on the other hand, may be less expensive. Therefore Coolco can choose either ATM or SONET, depending upon prices. However, SONET has one major advantage over ATM. All new networks run SONET. Therefore, SONET would be the most appropriate technology for Coolco. 3. After the network outage following the Middle-East cable ruptures, Coolco has decided to also maintain a backup WAN capability using ISDN. Include this backup capability in your network diagram. Page 113
The diagram is shown below.
ISDN network
k
N
W
Internet
ISP networks
ku p bac
DHCP server
A
E
AP Service Center /23
DHCP server
b Mu m m– erda mbps t s Am 10
n upli
Tampa border router
US – Amsterda m 100 mbps
US ISP k to
ai
EMEA border router
N ISD
Call Center /23
DHCP server
NAT firewall
link
p lin a cku b ISDN
ISDN ba ck
Coolco HQ /23, /24
ISDN
up link
b a ck
up li
nk
EMEA Service Center /24
ai bMumbai um – M sborder router m da bp ter 0 m ms 1
apo ing – S mb p s S U 10
Singapore border router
re
S
4. Update your network diagram to include OSPF routers at each network location. The WAN links terminating at each location are connected to the OSPF routers so that network traffic load can be dynamically adjusted between ISDN and the primary WAN. The diagram is essentially the same as above. The only change is that the labels on the routers indicate that the routers run OSPF. The updated diagram is shown below. A question may be asked why these routers do not run BGP. The reason is that Coolco is a terminal network and is not connected to two networks. Its only network connection is to its ISP. Therefore, Coolco has no need to maintain peering relationships with other ISPs and route traffic between networks. Coolco routers maintain OSPF routing tables to direct traffic within the Coolco network. Student may recall that OSPF is an interior routing protocol, well suited for this purpose. Any traffic from Coolco that needs to leave Coolco’s network is sent out from Tampa to the ISP through the Internet link. Similarly, all traffic from the Internet arrives at Coolco from the single Internet link.
Page 114
Coolco, therefore leaves all the details of BGP to its ISP.
ISDN network
NAT firewall
k
W
Internet
ISP networks
ku p bac
DHCP server
A
E
AP Service Center /23
DHCP server
b Mu m m– erda mbps t s Am 10
n upli
N
US – Amsterda m 100 mbps
US ISP k to
ai
EMEA router running OSPF
N ISD
Call Center /23
DHCP server
Tampa router running OSPF
link
p lin a cku b ISDN
ISDN ba ck
Coolco HQ /23, /24
ISDN
up link
b a ck
up li
nk
EMEA Service Center /24
i Mumbai router ba um OSPF – Mrunning s m p da b ter 0 m ms 1
Singapore router re apo ing s running OSPF S p – b US 10 m
S
Case questions 1. Identify three advantages and three disadvantages of UAVs compared to combat aircraft. The advantages of UAVs include low risk to soldiers, relatively low costs and the ability to clearly identify targets before shooting them. The disadvantages of UAVs include the fact that they cannot carry heavy artillery because of the low powered engine powering the aircraft; lack of sensory input from the aircraft; and the weak engines which are often unable to handle extreme weather. 2. Read the Wikipedia article on the MQ-1 Predator and write a one-paragraph description of the evolution of the aircraft. The development of reconnaissance aircraft such as the MQ1 began in the 1980s. Low noise engines for the craft were developed in the early 1990’s and the new aircraft came to be Page 115
called the Predators. They were first used in Bosnia and Kosovo. In 2002, the USAF officially changed the designation of these aircraft to MQ-1 (the "M" designates multi-role) to reflect its growing use as an armed aircraft. The aircraft are built by defense contractor General Atomics. (http://en.wikipedia.org/wiki/General_Atomics_MQ-1_Predator) 3. View the YouTube video on Predators at www.youtube.com/watch?v=O4I13Cnlpkk2 (about 11 minutes). Identify as many satellite-based data-communication applications as possible that are used by Predators and their operators. Satellite-based navigation and steering of the aircraft, transmission of information about enemy positions and capabilities (reconnaissance), prosecution of enemy targets (firing), and positioning the aircraft using GPS systems. 4. How did the military come to know that Predator feeds were being captured by militants? (Use online sources if necessary.) In late 2008, U.S. military personnel in Iraq apprehended a Shiite militant whose laptop contained intercepted drone video feeds. Subsequently, the military found many days and hours of files of pirated drone video feeds on other militant laptops as well. This led the military to conclude that militant groups trained and funded by Iran were regularly intercepting feeds and sharing them with multiple extremist groups. (Siobhan G., Y. J. Dreazen, and A. Cole. “Insurgents Hack US drones.” The Wall Street Journal, December 17, 2009) 5. Information about SkyGrabber is available at www.skygrabber.com/en/skygrabber.php. Briefly, in one paragraph, describe how SkyGrabber works. What is the intended use of SkyGrabber? SkyGrabber accepts free to air data by digital satellite TV tuner card (DVB-S/DVB-S2), assemble in files and saves files in your hard drive. The intended use of the software is to obtain free video and music from satellite TV channels. 6. Technology developments can have unintended consequences. Some analysts have speculated that UAVs and satellite-based global data networks could make war more likely because the risks to soldiers’ lives are reduced. What is your opinion about this assessment? This is a subjective question. I personally fear that the concern is legitimate because one of the major factors preventing the major militaries such as the US from getting involved in conflicts around the world is the fear of loss of soldiers’ lives. Predators remove this constraint and could make the involvement of the major powers more prevalent.
2
If the link does not work, please view any other video about Predator drones
Page 116
Most people I talk to do not agree with this assessment. The question is intended to get students to realize that technology development can have very serious side-effects.
Page 117
Chapter 11 Review questions 1. What are wireless networks? Why are they useful? Wireless networks are computer networks that use the ISM wireless frequency bands for signal transmission. The reasons for the popularity of wireless networks include their convenience and ease of deployment. On battery-powered laptops, wireless networking allows users to compute and communicate without any power or network cords. Businesses like wireless networking because setting up a basic wireless network in a small office requires nothing more than an inexpensive wireless router. By comparison, wired networking requires cables to be drawn through ceilings, floors, and walls. Wireless networking is becoming so popular that many organizations are finding that more than half the Ethernet ports in the organization are unused because users prefer wireless networks over wired networks. Wireless networking may be one of those rare services loved by both businesses and employees 2. Some cities took up projects to setup wireless LANs all over the city. Read about the project taken up by one such city. Was the project a success? Why, or why not? An example is the city of St. Louis, MO. The challenge in operating the LAN was getting power to poles where the wireless routers were mounted. This proved impossible because lights were controlled for time of day through large master switches and there was no 24hour power at the pole. The city could not have kept the network on during the day without also keeping the street lights on, a wasteful proposition. Wiring the street light poles for wireless access was very expensive too. In Riverside, CA, AT&T built a network that had 20,000 daily users in the year 2000, out of a city population of about 300,000 and county population of over 2.1 million residents. AT&T wanted to give the network to the city at no cost. But, facing revenue shortfalls, the city was unable to take the network over. I found some interesting articles when I googled for the phrase “municipal wireless lan example.” For example, the article at “http://wifinetnews.com/archives/metro-scalenetworks/municipal/” had some very interesting stories about experiences with municipal wireless LANs. 3. What are some of the concerns with using wireless networks? The primary concerns with wireless networks are associated with security and speed. Wired networks have wall outlets in specific locations that can only be reached by users with access to the building. By contrast, wireless signals spread out in all directions and can easily bleed Page 118
outside the organization’s boundaries. Without adequate security, malicious users can easily access the organization’s computer network through an improperly secured wireless access point. An example is the incident with T. J. Maxx in 2006, where intruders were able to exploit weaknesses in the store wireless networks to steal over 45 million credit-card records. Wireless networks are also generally slower and less reliable than wired networks. Connection drop-offs are common with wireless networks. While this is not a major concern for browsing, email, and other light applications; when continuity or speed of the connection is essential, wired networks are still greatly preferable to wireless networks. Another potentially important issue is related to health. Though the signals generated by wireless access points have very low energy and there is no evidence yet of health hazards from these signals, our knowledge of the health hazards of exposure to wireless signals is limited. Wireless LANs have only been around for about a decade. It is possible that exposure to wireless signals over longer durations could have adverse health effects. 4. What are ISM frequency bands? Why are they useful? ISM frequency bands are the signal frequencies that enable wireless networking. These signal frequencies are available for free use for Industrial, Scientific, and Medical applications, hence the name ISM bands. The bands include 915 MHz ± 13 MHz, 2.45 GHz ± 50 MHz and 5.8 GHz ± 75 GHz. ISM bands are very useful because the terms industrial and scientific are interpreted very broadly, and ISM frequencies may be put to almost any use by anybody without permission from anyone or payments of license fees to anyone. These frequencies are therefore also called unregulated frequencies. Cordless phones, remote controlled cars, microwave ovens, wireless keyboards, and mice are other applications that use ISM frequencies. For the purposes of this chapter, these frequencies are used for free to create wireless LANs. 5. What are some differences between wired and wireless LANs? How do they impact the design of the wireless LAN header? The most important difference between wireless and wired LANs is that wireless LANs have no defined boundaries. An Ethernet wall jack is hardwired to a specific port on a specific switch. When you connect to the network through a wall jack, you become part of a welldefined network. On the other hand, wireless networks can overlap and they often do. At home, if you open up your “connect to network” dialog (right-click on the wireless icon in your system tray → Connect to a network), you are likely to see wireless networks from many of your neighbors. If any of these wireless networks is not security enabled, you can use it to connect to the Internet. Therefore, whereas geographical location uniquely defines network membership in Ethernet, it does not define network membership in wireless LANs. The technical implication is that, the network performance of a wireless connection depends upon the distance of the host from the access point. A user who is very far from an access
Page 119
point will get very weak signals. Wireless networks are also affected by adverse weather, humidity, temperature, and other environmental conditions. Another difference is that stations at two opposite ends of a wireless LAN may not be able to hear each other. As a result, collision detection may be unsuccessful in wireless LANs. Wireless LANs therefore do not use CSMA/ CD for medium access control. Instead, wireless LANs use collision avoidance, and the medium access control (MAC) mechanism used in wireless networks is called carrier sense multiple access with collision avoidance (CSMA/ CA). Yet another difference concerns multiplexing. Ethernet does not use multiplexing because it uses all the available bandwidth in the medium to transmit signals. This is possible because Ethernet cables are not used for other applications. But wireless LANs share the bandwidth in the air with other users and have to send signals in specified signal bands. Therefore, wireless LANs use multiplexing. To use the available bandwidth efficiently, multiple channels have been defined within the 2.4 and 5.8 GHz bands. The implication of these differences between wireless LANs and Ethernet is that wireless LANs require far greater error-detection capabilities than Ethernet. This is manifested in the physical layer of wireless LANs which adds error protection over and above the CRC error detection introduced in Ethernet. 6. What is a basic service set? A basic service area? The smallest component unit of a wireless LAN is the area covered by a single access point. This area is called a basic service area (BSA). The basic service area and the access point covering that area together are called a basic service set (BSS). 7. What is an access point? What are some reasons why you would prefer access points to wireless routers to create a wireless network in your organization? A wireless access point is a device that allows wireless hosts to connect to a wired network using wireless LAN technologies such as Wi-Fi. The advantage of using access points (basic service areas) over routers is that it facilitates mobility. The entire wireless network appears to end users as one large LAN. Users can move anywhere within an extended service set and still retain the same IP address and subnet membership. If each access point served as a router, it would create an independent subnet and each time a user moved from one access point to the next, he would connect to different subnet. This would potentially give him a different IP address and gateway router address. This address reallocation would stop any ongoing transfers and could also potentially disturb the network connectivity of some applications. With the concept of an extended service set, when users move from one access point to another, there is no change to any network setting, and ongoing network transfers can continue without interruption.
Page 120
8. What is a distribution system in wireless LANs? A distribution system is the technology that is used to connect basic service sets into a larger campus-wide network. Thus, a campus-wide wireless LAN consists of many basic service sets connected to each other through a distribution system. 9. What is an extended service set? An extended service set is the collection of all basic service sets that compose the campuswide wireless network. 10. What is a portal in a wireless LAN? The portal is the connection point where the entire wireless LAN is connected to the rest of the wired Internet. 11. What are some differences between the physical layers in wireless and wired LANs? The physical layer in wired LANs adds no additional information to the frame. However, the wireless physical layer adds a header-error-check field to the frame. This field provides the necessary error-detection to deal with the unreliability of the wireless medium. Another minor difference is that the sync and start-of-frame delimiter fields are considered parts of the physical layer header instead of the data link layer header. 12. What are the common wireless LAN categories? What are the important differences between them? The common wireless LAN categories are a, b, g and n. The important differences between the categories are in speed and frequency of operation. 802.11a operates in the 5.5 GHz ISM band and offers data rates of up to 54 Mbps. 802.11b operates in the 2.4 GHz band and offers data rates up to 11 Mbps. 802.11g also operates in the 2.4 Ghz band, but offers data rates up to 54 Mbps. 802.11n offers data rates up to 6000 Mbps and also allows a single base station to cover a wider geographical area than any of the other wireless LAN technologies. 13. What is 802.11 n? What are some likely advantages of 802.11 n over the traditional wireless LANs? How does 802.11 n obtain these advantages? 802.11n is the most recently developed wireless LAN technology. The standard was finalized in September 2009. 802.11n provides a data rate of up to 600 Mbps, which is one order of magnitude higher than any of the earlier wireless LAN technologies. 802.11n also aims to provide wider coverage than 802.11 b/g, so that a single access point can cover over twice the area covered by one 802.11 b/g access point.
Page 121
802.11n obtains these advantages through many innovations. Primary among these is multiple input, multiple output signal transmission. This allows 802.11n access points and receivers to use multiple antennas, where each antenna pair creates an independent data channel. Each 802.11 n transmission may therefore be seen as multiple 802.11 a/b/g transmissions, generating the additional data rate. 14. What are personal area networks? How are they different from LANs? Personal area networks like Bluetooth provide communication over short distances, usually within 30 feet. This distance is sometimes called the personal operating space because people and devices within this range can usually see each other. There are some important differences between personal area networks and LANs. Wireless LANs are largely used by computing devices such as laptops, with large batteries or direct power connections. Bluetooth is designed to be used by any electronic device to communicate with any other Bluetooth-capable electronic device. Unlike wireless LANs, Bluetooth is typically only used to connect to other nearby devices, for example a keyboard to a desktop, or a headset to a cell phone. As a result, while high data rate is a very important requirement for wireless LANs, it is less important for Bluetooth. Also, unlike wireless LANs, Bluetooth requires no infrastructure equipment such as access points. Finally, Bluetooth is considered an electronics technology more than a computer technology. Bluetooth is seen in devices such as microphones for cell phones and GPS devices in cars. 15. What are some important characteristics of Bluetooth? Bluetooth operates in the 2.4 GHz ISM band, same as 802.11 b/g wireless LANs. Bluetooth is designed to offer data rates of up to 1 Mbps. This is much slower than the 11/ 54 Mbps offered by 802.11 LANs. But 1 Mbps is adequate for applications such as keyboards and headsets that use Bluetooth. Bluetooth uses frequency hopping spread spectrum (FHSS) modulation for signal transmission. 16. What is a piconet? What are some differences between a piconet and a basic service set? A piconet is a collection of devices connected to each other using Bluetooth. On the piconet, one master device connects with up to seven other active slave devices. Whereas a basic service set is defined by the geographic area covered by an external device – the access point, the piconet has no external device. The piconet exists wherever the Bluetooth devices go. For example, the Bluetooth devices in a car form a piconet. Whereas the basic service set can support tens or even hundreds of devices, a piconet can connect at most 8 devices. 17. What are master and slave devices in a piconet? Page 122
The device in a Bluetooth piconet that performs the management functions of the piconet is called the master. All other devices in the piconet are called slaves. The master provides a synchronization clock that helps all other devices in the piconet remain in sync with each other. Whereas a device may be a slave on multiple piconets at the same time, it can only be a master on one piconet at a time 18. What is a scatternet? All piconets that co-exist in the same location are called a scatternet. Think of a gathering of tech-savvy students in a classroom, with many students carrying Bluetooth-capable cell phones, laptops and music players. Each such student forms a piconet and the entire classroom becomes a scatternet. Devices connected to two different piconets in a scatternet do not have to route packets between the piconets 19. What are some advantages of having distinct physical channels in Bluetooth? Defining multiple physical channels in Bluetooth reduces the chances of collisions. This makes Bluetooth particularly suitable for voice applications because eliminating collisions reduces the choppiness in voice that is so common in other packet voice applications such as VoIP. 20. Why is device discovery useful in Bluetooth? How is device discovery accomplished? Why is device discovery not needed in wireless LANs? A very special capability of Bluetooth is device discovery. Two Bluetooth devices in close proximity to each other will automatically discover each other. Device discovery is useful because it makes Bluetooth extremely user-friendly and eliminates configuration-related problems for end users. The devices seem to become aware of each other as if by magic. It must be remembered that Bluetooth is not a technology focused on computer-savvy users. It is a technology for inexpensive electronic devices and for a technology to be successful in this environment; it must require almost no end user effort. To enable device discovery, Bluetooth defines a special channel for inquiry requests and responses. Devices that are looking for nearby devices are called inquiring devices. Inquiring devices send out inquiry requests on the special inquiry channel. Devices willing to be found are called discoverable devices. Discoverable devices listen on the inquiry channel for inquiry requests and respond to these requests. Once the two devices become aware of each other, the inquiry procedure ends and the connection procedure begins. Device discovery is not needed in wireless LANs because in most cases, user intervention is necessary to determine the LAN to connect to. There are also security issues associated with wireless LAN membership, as a result of which, network administrators like to have control over the users who have access to the LAN. However, once a laptop successfully joins a wireless LAN, most laptops offer to join the network in the future without user intervention. Page 123
Therefore, subsequent wireless LAN connections do operate in a manner similar to the device discovery procedure. 21. Describe the mechanisms that have been defined for WLANs and WPANs to coexist at the same frequency bands without interfering with each other. The Bluetooth standard defines two mechanisms to minimize interference between WLANs and WPANs. The first of these two mechanisms is collaborative and occurs where Bluetooth and 802.11 communicate with each other. This is possible when both 802.11 and 802.15 are present on one device, such as a laptop with both 802.11 and 802.15 capability. In the collaborative mechanism, Bluetooth avoids transmission during an ongoing 802.11 transmission. Alternately, Bluetooth transmits signals on a different channel than the channel on which the ongoing 802.11 communication is taking place. The second mechanism is non-collaborative. The non-collaborative method is used when communication between 802.11 and 802.15 systems is not possible. For example, Bluetooth keyboards do not have 802.11 capability and the Bluetooth system on the keyboard has no way to collaborate with 802.11. In the non-collaborative method, the 802.15 system senses the medium before transmitting. It tries to find a channel in the 2.45 GHz ISM band that is not very busy and transmits signals on that channel 22. What are the different categories of Bluetooth? What are they used for? The three different categories of Bluetooth are 802.15.1, 802.15.3 and 802.15.4. The three categories differ primarily in speed. 802.15.1 offers data rates of up to 1 Mbps and is used for mice, keyboards, headsets etc. 802.15.3 offers data rates of up to 20 Mbps and is used in digital imagery to download images from cameras to computers. 802.15.4 offers data rates of up to 250 kbps and is used in radio receivers and home automation systems. 23. What are wireless MANs? What are their primary uses? A wireless metropolitan area network (MAN) is a moderately high-speed computer network that usually spans a city or campus. It is used to interconnect local area networks (LANs) within its coverage area to each other and to the Internet. 24. What data rates and ranges are likely to be available on wireless MANs? The data rates likely to be available on wireless MANs are 96 – 134 Mbps, 64 – 90 Mbps and 32 – 45 Mbps. The highest data rates are available close to the base station and the slower data rate is expected to be available up to 10 miles away from the base station. 25. What are the differences between wireless LANs and wireless MANs? One difference between wireless LANs and MANs is that whereas LAN access points cover only a radius of about 300 feet, a single MAN base station can cover large parts of a metro Page 124
area. Another difference is that all communication in wireless MANs is required to pass through the base station, but LANs allow ad hoc networking where stations can directly communicate with each other. A major commercial difference between the two categories of networks is that MANs allow operators to use licensed frequencies if desired, to improve network performance, in return for a subscription fee.
Hands-on exercise 1. Look at the first frame. What is the role of a Beacon frame in IEEE 802.11? Why is this frame not necessary in IEEE 802.3 Ethernet? Beacon frames are transmitted periodically by access points to announce the presence of a Wireless LAN network. Beacon frames contain all information such as the SSID, and data rates that define the network. The beacon interval field of the frame indicates that it is transmitted every 0.1 seconds (source: Wikipedia). The beacon frame is not necessary in wired LANs because Ethernet membership is automatically defined by the cable used to connect to the LAN. However, there may be multiple overlapping wireless LANs in an area. Beacon frames help identify each LAN. The goal of this exercise is to give students the opportunity to see a wireless capture for themselves and lookup information about some of the important characteristics about wireless networks. It also encourages students to look at sources outside the text book, as preparation for the work environment. 2. Which device on the wireless LAN sends out the beacon frame? Based on this information, what is the MAC address of the wireless router? The access point sends out the beacon frame. The MAC address of the router can be obtained from the source address field of the frame, which is 00:21:91:e6:35:db. 3. Based on the above question and the information in the beacon frame header fields, what information serves as the basic service set (BSS) identifier? The value in the BSS Id field of the frame is identical to the value in the source address field of the frame. This indicates that the source MAC address of the access point in the BSS also serves as the ID of the BSS. This is a good idea because MAC addresses are guaranteed to be unique and therefore no two access point will have the same BSS ID if MAC addresses are used as the ID. Also, the BSS is guaranteed to have an AP to intercept the signals in the BSS. Therefore, using information from the access point is quite acceptable. Using the source MAC address also eliminates the need to develop an algorithm to create a unique BSS ID.
Page 125
4. The second packet in the capture is a probe request. What is the role of a probe-request frame in IEEE 802.11? Why is this frame not necessary in IEEE 802.3 Ethernet? A probe request frame is a frame sent from a wireless station when it requires information from a wireless access point. The receiving access point responds with a probe response frame, which includes information such as supported data rates (source Wikipedia). 5. Which device(s) send(s) out probe requests? Any wireless device can send out a probe requests. Thus, both access points and devices on the network can send out probe requests. 6. What is the BSS ID of the destination in the probe request? What does this number signify? The destination address of the probe request is ff:ff:ff:ff:ff:ff. This indicates that the probe request is being broadcast, and is not address to any specific access point. All receiving access points are expected to respond to the probe request. 7. How are frames identified as beacon frames or probe-request frames or data frames? (Hint: look at the type/ subtype field.) The very first field in both frames is the type/ sub-type field. For beacon frames, the value in the field is 80 and for probe request frames, the value is 40. This value helps receivers decide how to process the frame. 8. Examine the MAC address fields in a few frames. What are the three MAC addresses included in all frames? All frames have three MAC addresses – the BSS ID, source address and destination address. However, the sequence of these addresses changes depending upon the frame type. Packets going from the distribution system (DS) to the host (DS status flag = 10) have these addresses in the sequence (destination address, BSS ID, source address) and packets from a wireless station to the DS (DS status flag = 01) have the addresses in the sequence (BSS ID, source address, destination address). These sequences of addresses help the stations in frame processing. It helps the wireless station to see its address in the destination address field to determine if it needs to process the rest of the frame. It helps the AP to see if the frame is in its BSS to determine if it needs to process the rest of the frame. 9. Recalling the Wireshark captures in Chapter 6, there were only two MAC addresses in the Ethernet header — source and destination. Why is it necessary to include a third MAC address, the BSS ID, in 802.11 frames?
Page 126
The third MAC address in wireless frames is the BSS ID. This is necessary to help the AP determine if the frame belongs to its basic service set. With this information, it can determine whether the packet needs to be passed to its distribution system or not. This has to be done because basic service sets can overlap. In wired networks, there is no overlap of LANs on the same switch port. Hence LAN identification is not necessary in wired LANs. The idea about BSS ID is being enforced repeatedly to help students know the importance of identification. Many students think that identification just happens automatically. Knowing these little details will help students if and when they decide to take ownership for the design and development of any IT artifact. Questions from the radio-header capture:
1. Select any frame in the capture and expand all the sub-headers of the radiotap header (e.g., present flags and flags). What is the channel frequency at which the frame was transmitted? The channel frequency is 2437 [BG 6]. The number 2437 indicates that the center frequency of the channel is 2.437 GHz. This may be compared to the information about wireless LAN channels, for example at http://en.wikipedia.org/wiki/List_of_WLAN_channels. 2. Briefly describe the channels used by 802.11 b/g. The 802.11 b/g technology divides the 2.4000–2.4835 GHz band into 13 channels, each of width 22 MHz but spaced only 5 MHz apart, with channel 1 centered on 2.412 GHz and 13 on 2.472 GHz. This is analogous to the way radio and TV broadcast bands are sub-divided, to allow multiple stations to transmit simultaneously. Since the channels overlap, stations can only use every fourth or fifth channel without overlap. Therefore, base stations typically use channels 1, 6 and 11 to be able to operate independently of each other. Of course, as we have seen in the earlier questions, even if base stations do overlap, the frames include the BSS ID to help stations and access points to determine whether or not to process the frame. The only impact of using overlapping frequencies in 802.11 LANs is increased collisions (adapted from Wikipedia). 3. Why is channel 6 one of the recommended channels for transmitting 802.11 wireless LAN data? Channel 6 is one of the recommended channels for transmitting 802.11 wireless LAN data because it allows stations to transmit without overlapping with any other channel. This is possible if other overlapping base stations use channels 1 or 11. 4. Was the frame transmitted using FHSS (Frequency Hopping Spread Spectrum) or OFDM (Orthogonal Frequency Division Multiplexing)?
Page 127
From the flags in the channel-type field, we see that the frame was transmitted using OFDM (OFDM = true).
Network design exercise 1. What wireless technology would you recommend to create the wireless LAN — IEEE802.11 a, IEEE802.11 b, IEEE803.11g, or IEEE802.11 n? Justify your choice. Since 2009, when IEEE 802.11n has been standardized, the most suitable wireless LAN technology is 802.11n. This is most suitable as it provides coverage over a significantly greater area than the other wireless technologies, and also improves the data rates by one order of magnitude. Together, these improvements mean that with 802.11n, Coolco will need to setup fewer access points, simplifying maintenance and lowering costs. One issue with wireless LAN technology selection is whether or not client laptops have 802.11n functionality. Most laptops sold since 2009 already are 802.11n capable. If support for 802.11b is critical for Coolco, they may choose to use access points that support both 802.11b/g and 802.11n. 2. Assume that both floors of the building have the same dimensions. Making typical assumptions about the needed work space for each employee, what is the total area in the building that needs wireless coverage? The Amsterdam location has 100 employees. Assuming each employee is given a work space of 8’ x 8’ (64 ft2), we get 6,400 sq-ft of office space at the location. To account for walkways, conference rooms and other areas, we assume that these areas take 25% of the allotted office space, or 1,600 sq-ft. Thus, the total area of the building that needs wireless coverage is 6,400 + 1,600 = 8,000 sq-ft. We assume that no wireless coverage is provided in the data center area on the second floor. 3. Given your technology choice and the area calculated above, how many access points would you need to provide satisfactory coverage everywhere on both floors? Googling for “coverage of 802.11n access point” brings up many lab test reports of coverage areas for popular 802.11n access points. These reports suggest that 802.11n base stations provide satisfactory coverage at distance of up to 50 feet. This means that each access point can cover an area of π(50)2 sq-ft, which is about 7,500 sq-ft. Since the area to be covered is slightly larger and since some of the area covered by the access point may lie outside the building, we are likely to need two access point to obtain the necessary wireless coverage. 4. Update your network diagram from Chapter 8 to include the wireless subnet at Amsterdam.
Page 128
This question should read, “Update your network diagram from Chapter 10 to include the portal for the wireless network at Amsterdam.” The updated diagram is below.
ISDN network
k
ai
N
W
Internet
ISP networks
ku p bac
DHCP server
A
E
AP Service Center /23
DHCP server
b Mu m m– erda mbps t s Am 10
US – Amsterda m 100 mbps
US ISP k to
n upli
Tampa router running OSPF
N ISD
Call Center /23
DHCP server
EMEA w/l portal EMEA router running OSPF
NAT firewall
link
p lin a cku b ISDN
ISDN ba ck
Coolco HQ /23, /24
ISDN
up link
b a ck
up li
nk
EMEA Service Center /24
i Mumbai router ba um OSPF – Mrunning s m da bp ter 0 m ms 1
Singapore router ore gap Sin bps running OSPF – US 10 m
S
Case questions 1. What are the different kinds of wireless data communication technologies used in the case? The wireless data communication technologies used in the case include satellite networks which use VSAT antennas to link gas stations to a central dispatch center; monitoring equipment which helps the company respond quickly to problems, preventing fires and other hazards (there is no specific mention of wireless networks for this application, but it is a great context for wireless networking); wireless sensors on pumps and other equipment allows operators to access maintenance data on all equipment in a location directly from their trucks; wireless mesh network at remote oil fields where each field device acts as both
Page 129
a sensor and as a wireless router. Wireless technologies can eliminate 75% of the cost of networking in this context. 2. What is a retain in the context of supply chains? A retain is when a delivery truck is unable to deliver materials to the store because the store shelves do not have the required space to accommodate the delivery. Retain refers to the fact that the truck has to retain the item without being able to deliver it to the store. It appears that this term is not easily found in a Google search. However, the article referenced in the case from where this information is taken, is available online. It can be obtained by googling for “Worthen, B. “Drilling for Every Drop of Value.” CIO, June 1, 2002” 3. What is a run out in the context of supply chains? A run out is when a store shelf for a product is empty when a customer arrives. 4. What is a mesh network in the context of wireless sensor networks? What are its advantages and disadvantages? (Wikipedia is a good resource) Mesh networking is a type of networking in which each node in the network may act as an independent router. It allows for continuous connections and reconfiguration around broken paths. Mesh networks are generally not mobile. A unique property of mesh networks is that they are self-healing because there is often more than one path between a source and a destination. Wireless mesh networks were originally developed for military applications. The idea is that it is possible to air-drop billions of little mesh nodes over an enemy territory. Each node may not be larger than a grain of sand. Since it is physically impossible to remove all nodes, the mesh would provide fairly reliable connectivity to the defense forces (adapted from: Wikipedia). 5. Why do companies with a nationwide footprint use satellite-based data networks for data transmission instead of wired networks such as DSL? Companies with a nationwide footprint often have operations in locations where there are no existing network service providers. These chains therefore have to depend upon satellite networks for these locations. Also, no ISP has service at every location in the country. Therefore, large networks are built through sub-contracting and co-operation among multiple ISPs. A satellite based ISP can reach all parts of the country. Therefore, contracting with a satellite based ISP may have some managerial advantages as well. 6. A leading provider of satellite-based data-communication services is DirecPC. Visit the company’s website and write a short (one-paragraph) report on the services offered by the company based on information provided at the website. Include information such as data rates, plan prices, and other information relevant to new subscribers. Page 130
DirecPC is a satellite network offered by Hughes Networks. They use satellite networks to provide Internet service anywhere in the contiguous U.S. For residential users, they have three plans ranging from $40 pm to $90 pm. Data rates range from 1 – 2 Mbps for downloads and 200 – 300 Kbps for uploads. The plans include a download allowance of 200 MB – 400 MB in any rolling 24 hour period. The business plans are slightly more expensive and offer slightly higher data rates. The service seems very well suited for users located outside metro areas that are not connected by high-speed fiber-optic lines.
Page 131
Chapter 12 Review questions 1. What are some of the ways in which the phone network has been important for data communications over the years? Phone networks have been important for data communications because they were the primary means for long distance information exchange for over 100 years. Phone networks also served as the access mechanism for the Internet in its early years. Even today, a large fraction of business communication occurs over the phone, particularly among small businesses. 2. What are some of the important landmarks in the development of phone service? The earliest development that led to telephony was the use of the telegraph in 1840 by Samuel Morse to send information over a wire. In 1847, Edison developed multiplexing. In 1876 Alexander Graham Bell made the first telephone call. In 1891 Almon Strowger patented the most popular automatic switch. This basic structure continued until recently when most phone conversations began to be delivered as data packets. 3. What is circuit switching? Circuit switching is a process that connects two or more communicating devices on demand and permits the exclusive use of a data circuit between them until the connection is released. 4. How has the adoption of landline telephony evolved in the last decade? Over the last decade, landline adoption has been relatively steady around the world. There are approximately 19 phone lines for every 100 people in the world. This is broken down as about 50 phone lines for every 100 persons in the developed world, and about 15lines per 100 people in the developing world. 5. What is the local loop in the context of phone service? The local loop is the circuit from the customer premises to the last switch of the phone company’s network. The local loop is a very critical part of the phone network because it involves laying a line to every home. Because of the dispersion of homes and businesses, the local loop is a very expensive part of the network. 6. What is the central office or the end office?
Page 132
The end office, also called the central office, is the location where the phone company operates equipment that is responsible for providing the customer’s dial tone. The end office is the location of the last switch of the telephone company. 7. What are inter-exchange carriers (IXC)? What are some similarities and differences between the local loop and IXC links? Interexchange carriers (IECs) are networks that carry traffic between end offices. When a call is made to a subscriber connected to another end office, the local loop is responsible for carrying the call from the customers home or office to his end office and the IECs are responsible for carrying the call from the caller’s end office to the receiver’s end office. 8. What is hertz? Hertz is a unit of frequency which is equivalent to one cycle per second. Any operation that repeats once per second is said to operate at 1 Hertz. An operation that repeats twice per second is said to operate at 2 Hertz, and so on. 9. Why is the phone system designed to carry signals in the frequency range 33 Hz – 3,400 Hz? Observations suggest that the human voice lies in the frequency range 80 Hz – about 1,100 Hz. A system that can capture, transmit, and reproduce all the signals in the range 80 Hz – 1,100 Hz can therefore reproduce voice with high fidelity. The high end of the phone system captures all the required frequencies. Lower-frequency signals in the range 80 Hz – 300 are cut off because the power line transmits power at 60 Hz. Filtering away signals below 300 Hz eliminates the strong hum that is likely to be created in the phone receiver by the power line and its harmonics. 10. What is digital subscriber line (DSL)? Digital subscriber line, or DSL, is a technology that provides full-duplex data service on the phone system local loop at a rate sufficient to support basic high speed data service. It is used by phone companies to compete with cable companies in providing broadband services. 11. What was the motivation for the development of DSL technology? Cable companies had the advantage of being connected to homes through a cable that had a much higher data rate than the cable used by phone companies in the local loop. Cable companies began to use this capability to offer packages that included phone, TV, and Internet access. Phone companies had to figure out a way to compete with the cable companies. Rather than invest in a new local loop, phone companies decided to leverage their investment in the local loop through DSL technology. Page 133
12. What are the three kinds of signals on a cable providing DSL and phone service? What are the frequency ranges used by the three signals? The three kinds of signals on a cable providing DSL and phone service are phone signals, upstream data signals and downstream data signals. The phone signals are in the frequency range of 300 Hz – 3400 Hz. The upstream DSL signals are in the range 25.875 Khz – 138 Khz. The downstream DSL signal is in the range 138 Khz – 1104 Khz. 13. Why do most ISPs provide much higher downstream data rates than upstream data rates? The higher downstream data rates are provided to accommodate typical customer behavior. Most end users download huge quantities of data, but upload very little data. Downloaded data includes video, web pages, and other Internet content such as email. Uploaded data typically includes email and web page requests. Of the uploaded data, only the email attachments are typically large files. 14. Why is the modified final judgment important to the development of phone service in the United States? The modified final judgment is important to the development of phone service in the United States because it broke up the monopoly of AT&T on the telecommunication infrastructure in the United States. The MFJ introduced competition in long distance phone service, reducing prices and fostering innovation, which eventually led to the telecommunication act of 1996. 15. What was the outcome of the modified final judgment? The modified final judgment broke up the local phone service operations of AT&T into 7 local phone companies. These companies were called the Regional Bell Operating Companies (RBOCs), or Baby Bells. The RBOCs were responsible for the local loop. The long distance phone service provider market was opened up for competition to anyone with the resources to provide the service. 16. What were the circumstances that led to the Telecommunications Act of 1996? The modified final judgment introduced competition and a number of service providers into the industry. The cable companies became eager to provide phone service and phone companies were eager to provide Internet access service. These developments in the industry motivated the telecommunications act of 1996. 17. What were some of the implications of the Telecommunications Act of 1996? The Telecommunications Act of 1996 allowed any communications businesses compete in any market against any other communications business. In order to create competition in Page 134
local phone service, the act required RBOCs or other local phone companies to provide access to their networks at reasonable rates to competitors who wanted to provide local phone service. This provision created two classes of local phone companies — the incumbents and the competitors. The incumbents (the RBOCs) were called the incumbents local exchange carriers (ILECs). The competitors were called the competitive local exchange carriers (CLECs). 18. What is cellular telephony? Cellular telephony is a mobile communications system. It uses a combination of radio transmission and conventional telephone switching to permit mobile users within a specified area to access full-duplex telephone service. 19. What are the three generations of cellular telephony service? Describe the important features of each generation of cell-phone service. The first generation cell phone service used analog signals and did not transmit data. The second generation used digital signals which could be compressed and also allowed for packet data services. The second generation greatly improved the utilization of the limited cell phone system bandwidth. The third generation (3G) greatly increased data rates and allowed up to 2 mbps for data service. 20. What is frequency reuse in the context of cellular telephony? Why is frequency reuse necessary for cellular telephony? To efficiently use the available bandwidth, cell phone networks reuse frequencies across cells. The ability to reuse frequencies allows the cellular provider to service any number of customers using a limited wireless frequency bandwidth. Frequencies are reused in nonadjacent towers. 21. Why are service areas divided into small cells for cellular telephony? Dividing the service area into cells enables frequency reuse. Cell phone operators can support as many subscribers as they can sign up by dividing the service area into cells as necessary. If a particular cell becomes too busy, you can simply subdivide it into more cells. 22. What is the MTSO in cell-phone service? What are the important roles of the MTSO? Base stations in an area are connected to a mobile-telephone switching office (MTSO). The MTSO connects the cell-phone network in its area to the PSTN, or the landline phone system, through a connection to a nearby phone exchange. The MTSO is also responsible for monitoring the relative strength of cell phones as reported by each of the cell towers, and switching conversations to the cell towers with the best possible reception. The MTSO is the nerve center of cell phone service. Page 135
23. What is handoff? Why is handoff important? How does it work? Handoff is the process of transferring a phone call in progress from one cell phone tower operating at one set of sending and receiving frequencies to a neighboring cell tower operating at another pair of frequencies without interruption of the call. Handoff is necessary to keep callers connected while they move throughout their area. When the user moves away from a cell, its signals to its current cell tower weaken. Simultaneously, the signals get stronger at a tower in a neighboring cell. The MTSO uses these differences in signal strengths to handoff responsibility of handling the call to the appropriate neighboring tower 24. What is CDMA? Code division multiple access, or CDMA, is a coding scheme that uses chipping codes for modulation and multiplexing. Each communication is allocated a unique chipping code. Before transmission, signals are processed using the assigned chipping code. The receiver processes the incoming signal using the same chipping code as used by the sender. This extracts the communication of interest and eliminates the information in all other signals. Any number of chipping codes may be generated and therefore any number of users may be added to a cell. CDMA allows an almost unlimited number of users to transmit signals at any time using the entire bandwidth of the medium. 25. How is CDMA better suited than TDM or FDM for cellular telephony? The main advantage of CDMA over TDM and FDM is that whereas FDM and TDM limit the number of users supported using a given bandwidth, CDMA allows an unlimited number of users to transmit signals at any time using the entire available bandwidth of the medium. This is possible because an infinite number of chipping codes are available for use.
Hands-on exercise 1. Use Wikipedia or other resource to write a brief summary of CDMA. One of the basic concepts in data communication is the idea of allowing several transmitters to send information simultaneously over a single communication channel. This allows several users to share a band of frequencies. This concept is called multiplexing. CDMA employs a special coding scheme where each transmitter is assigned a code to allow multiple users to be multiplexed over the same physical channel. An analogy to the problem of multiple access is a room (channel) in which people wish to talk to each other simultaneously. To avoid confusion, people could take turns speaking (time division), speak at different pitches (frequency division), or speak in different languages (code division). CDMA is analogous to the last example where people speaking the same language can understand each other, but other languages are perceived as noise and rejected. Similarly, in Page 136
radio CDMA, each group of users is given a shared code. Many codes occupy the same channel, but only users associated with a particular code can communicate. (Wikipedia) 2. Use Wikipedia or other information resource to write a Walsh matrix of size 4*4. The Walsh matrix of size 4, from the Wikipedia page for “Walsh matrix” is shown below. This is the basic unit for CDMA. It may be noted that if you take the dot product of any two columns, the result is zero. To calculate the dot product, you multiply the elements in the corresponding rows of the two columns and add the products. For example, if we consider columns 1 and 2, we get 1*1 + 1*1 + 1*(-1) + 1*(-1) = 0. This is the basic concept that is exploited in CDMA. 1 1 1 1
1 1 -1 -1
1 -1 -1 1
1 -1 1 -1
I like this exercise because with a little patience, it can de-mystify CDMA to students. In my experience, this exercise needs to be walked through in class because many students have little experience in Excel. 3. Pick any two different codes in the 8*8 Walsh matrix used in the data.xlsx worksheet (cells A[28] – H[36]). Using a procedure similar to the figure, confirm that the dot product of the two codes is zero. Figure 15 (it really is a table) for this exercise is shown below. We calculate the dot product for columns A and B. This is also shown in the Ch12_CDMAexample_answers.xlsx worksheet in cells A46 – D56. Row
Code 1
Code 2
1 -1 2 -1 3 -1 4 -1 5 -1 6 -1 7 -1 8 -1 Sum of products of elements = 4*1 + 4*(-1) =
-1 1 -1 1 -1 1 -1 1
Product elements 1 -1 1 -1 1 -1 1 -1 0
of
It is convenient to open the .xlw workspace file. It opens both the readme worksheet and the data worksheet simultaneously. If the monitor resolution allows it, you may find it Page 137
convenient to zoom out a little bit. This fills the text on the screen. The readme worksheet allows the instructor to walk through the exercise 4. Repeat Question 3, but use the chipping code for B for both codes. Confirm that the dot product of a code with itself is not zero. Walsh code products (columns B and B) This is shown in cells F46 – I56 in the Ch12_CDMAexample_answers.xlsx worksheet. The cells are shown below for reference. We see that the dot product is 8 (≠ 0).
Column B
Column B
-1 1 -1 1 -1 1 -1 1 Sum of products
5. The example in the spreadsheet uses the chipping codes from the first four columns in the Walsh codes of size 8. Replace the chipping code for D with one of the unused chipping codes (any code in columns E[29-36+ … H*2936]). Confirm that the data is recovered correctly with the new code (contents in cells A22 – D26 should not change).
-1 1 -1 1 -1 1 -1 1
B*B 1 1 1 1 1 1 1 1 8
For this question, replace the Walsh code for say D (cells D11-D18) with the Walsh code in say column F (F29 – F36). This has been done in Ch12_CDMAexample_answers.xlsx. You will notice that the chipping code in column F is highlighted in red font and has been pasted into D. You will also notice that the data in cells A22-D26 is unaffected. The goal of this exercise is to show CDMA operation. 6. You saw in Question 4 above that the dot product of a code with itself is not zero. To see the impact of this, repeat Question 5 above, but this time, reuse the chipping code for user B for user D. Confirm that the data is not recovered correctly. This exercise is similar to the question above, but instead of pasting the chipping code from F, paste the chipping code from B (cells B11 – B18) into cells D11 – D18. You will notice that the recovered data for B and D is no longer the same as the transmitted data (cells B22-B26 and cells D22-D26). This shows the importance of using chipping codes that are independent of each other.
Network design exercise 1. Using the Internet or other information resource, compare the advantages and disadvantages of VoIP compared to traditional phone service (PSTN) along dimensions such as cost, performance, and reliability.
Page 138
The advantages of the traditional phone network include the fact that it (1) is a well proven technology; (2) is available almost everywhere in the world; and (3) provides very high sound quality. The disadvantages of the traditional phone network include that it (1) requires the maintenance of an additional network; and (2) typically is quite expensive. The advantages of VoIP are that (1) it allows Coolco to consolidate to one network; (2) it can be provisioned in a manner that it utilizes the firm’s network capacity very efficiently; (3) it typically has a very rich set of features because of its native integration with the data network and use of data packets to move voice. The primary disadvantage of VoIP is that its sound quality is generally noticeably inferior to the sound quality of the traditional phone network. This problem is particularly acute if the data network is not provisioned properly or if at any instant, the voice traffic has to compete with data traffic for network bandwidth. 2. Based on the above, would you recommend that Coolco switch from PSTN to VoIP? Coolco is already using VoIP for its customer service center, which is one of the largest sources of network traffic. Therefore, the company has experience with VoIP and has also provisioned its network for VoIP at a major link. Therefore, the company may be well positioned to transition to VoIP, if it is using plain switched phone networks. Switching to VoIP will allow the firm to introduce many sophisticated VoIP features.
Case questions 1. How have cell phones improved the lives of people in Bangladesh? Cell phones have considerably simplified commerce in Bangladesh. They have helped local merchants and farmers to beat the monopoly power of urban merchants by soliciting price quotes from distant traders without having to leave their stores or farms. The Grameen Phone has generated direct and indirect employment for a large number of people over the years. The company presently has more than 4500 full and temporary employees. Another 150,000 people are directly dependent on Grameen Phone for their livelihood, working for the Grameenphone dealers, retailers, scratch card outlets, suppliers, vendors, contractors and others The device has also become a device for social change. Grameen Phone empowered rural women have started small businesses by buying cell phones and offering commercial cell phone service to their village communities. These communities were now able to call their families and friends all over the world. This generates income for the women and improves their respect in the community. In addition, the Village Phone Program, started in 1997,
Page 139
provides a good income-earning opportunity to more than 210,000 mostly women Village Phone operators living in rural areas. 2. What do you think are some of the reasons that there are over 30 times as many cellphone subscribers in Bangladesh as landline subscribers? The primary reason for the disparity between the growths of cell phone subscribers compared to land line subscribers is the profit motive and competition. The cell phone service industry in the country is divided among 5 competing cell phone operators whereas landline service is dominated by the government owned monopoly. The private cell phone operators are willing to offer better customer service and business terms to find and retain customers. The government bureaucracy is generally more concerned with official ranks and privileges and is simply not oriented towards customer service. 3. What do you think are some of the important difficulties in establishing landline connectivity to all villages in Bangladesh? The important difficulties in establishing landline connectivity are costs and terrain. It is prohibitively expensive to lay out cable to all villages and cities. These invested are not likely to be recouped because most subscribers do not place enough calls to pay for the lines. Further, since most of the land is below sea level and the country is often ravaged by floods, many of these lines get irreparably damaged during the rainy season. 4. What information is available about the current status of the village-phone project in terms of number of subscribers, villages covered, etc? Use online and other resources for information. Since its inception in March 1997, Grameenphone has built the largest cellular network in the country with over 12,000 base stations in more than 6000 locations. Presently, nearly 98 percent of the country's population is within the coverage area of the Grameenphone network. Grameenphone is now the leading telecommunications service provider in the country with more than 28.7 million subscribers as of October 2010. According to the Grameenphone website, the Village Phone Program, started in 1997, provides a good income-earning opportunity to more than 210,000 mostly women Village Phone operators living in rural areas. 5. Look at MIT media lab’s note, “A phone is not just a phone,” available at www.facebook.com/note.php?note_id=138098999263. Think of a problem that afflicts over a billion people in the world and describe in about one – two paragraphs how cell phones may help alleviate the problem. Note: cell phones will not solve all aspects of every global problem. Try to make your answer relevant. You may find initial ideas at the MIT Nextlab website.
Page 140
One problem that affects over a billion people in the world is hunger and malnutrition, caused primarily due to poverty. This is coupled with affluence in other parts of the world and the desire among many people to help. It may be possible to use cell-phones to combine the two. A big concern among donors is the use of their funds. If someone ran a soup kitchen in a poor village, offering one inexpensive meal a day, and used cell phones to provide live video feeds of the operations of the soup kitchen, it may be possible to attract more donors. Each donor or groups of donors could be linked to a specific soup kitchen. If the user logged in during the time the kitchen was in operation, he would be able to see the activities at the kitchen he was funding. This is a critical thinking question. If the solutions were simple, they would have already been implemented. The goal of the exercise is to get students to stretch their thinking and imagination.
Page 141
Chapter 13 Review questions 1. What is information security? Why is it important? Information security is the provision of confidentiality, integrity, and availability to information. Information security is important because we are increasingly dependent upon information for our livelihoods and way of life. Professionals in the United States are increasingly involved in product design and software development. The IT sector constitutes almost 20% of the value of the S&P 500 index of large cap companies in the United States. Accounting and financial data in most companies is now stored almost exclusively on computer systems with no paper trail available for verification. Increasingly, our own personal workflows are becoming computerized. For example, most of our life’s memories are now stored on computers as image files. A single hard disk crash can cause permanent loss of this information. Information security then, is critical for the smooth functioning of our economy, our businesses, and our personal and professional lives. 2. What are vulnerabilities? Give some examples. Vulnerabilities are weaknesses in an information system that could be exploited by interested hackers to compromise the security of the information held in the information systems. Insecure services such as telnet, if running, are an example of vulnerabilities. Other examples are unpatched software, user accounts without passwords, or users operating their computer with administrative privileges and untrained or careless employees. 3. What are threats? Give some examples. Threats are capabilities, intentions, and attack methods of adversaries to cause harm to information. Examples of threats include disgruntled employees, malware, viruses, motivated hackers, botnets, and even foreign governments trying to disrupt large-scale systems in the country. 4. What are controls? Give some examples. Controls are measures taken to mitigate the dangers arising from information security threats. Examples of controls include anti-virus software, employee training, regular software patching, user account controls, and password policies. 5. What is confidentiality? Give some examples showing a violation of confidentiality. Confidentiality is to preserve authorized restrictions on information to protect personal privacy and proprietary information. Confidentiality is violated when people are able to read Page 142
other peoples’ data such as credit card numbers or health care records that they should not have had access to. 6. What is integrity? Give some examples showing a violation of integrity. Integrity is to guard against improper modification or destruction of information and ensure authenticity of information. Integrity is violated when users are able to modify data they should not be able to. For example, if students are able to modify their own transcripts, it would constitute a violation of integrity. 7. What is availability? Give some examples showing a violation of availability. Availability is to ensure timely and reliable use of information. Availability is violated when data is not available when it should. For example, if the university website is down on the first day of class, or an e-commerce website is down on the last Saturday before Christmas, it constitutes a violation of availability. The last Saturday before Christmas is the busiest shopping day of the year, not Black Friday as is popularly believed. 8. What is network security? Why is it important? Network security is the provision of information security in the presence of dangers created by computer networks. Network security is important because increasing parts of the nation and the world’s infrastructure is connected to the network. Financial systems, payment systems, hospital records, control systems for the nation’s electricity grid, and vital installations such as NASA, are now connected to the network. Weakness in network security can allow hackers to obtain unauthorized access to vital information on these resources. In fact, more information security threats originate from the network than from any other source. 9. What controls can be used to ensure confidentiality from incoming threats? Patching is one important control that can be used to ensure confidentiality from incoming threats. When software weaknesses become known, developers quickly issue updates to fix problems. These updates are called patches, and the process of applying updates is called patching. Another important control is authentication and authorization. Authentication is the verification of a claimed identity. Authentication is useful if it is followed by authorization. Authorization is the granting of rights to a user to access, read, modify, insert, or delete certain data, or to execute certain programs. 10. How does authorization offer additional protection after authentication?
Page 143
Authorization limits opportunities for accidents and abuse. After a user is authenticated, they are granted specific permissions to a defined set of resources. This way, even if a user account is compromised, the damage from the compromise is limited to the resources the user had access to. 11. What controls can be used to ensure integrity in the presence of incoming threats? The primary control to ensure integrity in the presence of incoming threats is a firewall. 12. What is a demilitarized zone? What are some of the network services offered in the demilitarized zone? What network services are not recommended to be offered in the demilitarized zone? The DMZ is a network that contains the organization's external services and connects them to the Internet. Some of the network services offered in the de-militarized zone include the web, DNS and email. All these services need to be able to receive requests from the outside world in order to meet user needs. All network services offering proprietary or privileged information should not be offered in the DMZ. These include the firm’s intellectual property, financial information, payroll information and any other sensitive documents. 13. Recall your visit to a store that also includes a pharmacy. Describe how the organization of the store is similar to the two-tier firewall architecture used in network security. At a typical pharmacy such as Walgreens or CVS, users are allowed to walk through all corners of the store except inside the pharmacy. The retail store selling groceries and supplies is like the de-militarized zone in the store, offering services for end users. The pharmacy is blocked off because it contains controlled drugs as well as sensitive health information about users. The pharmacy usually has a counter that opens up to the store (demilitarized zone) where customers can go and drop off prescriptions or pick up medications. When the pharmacist receives the request, he goes into the pharmacy section, the militarized zone, and returns with the items requested by the end user. 14. What is a firewall? What are the capabilities of firewalls? A firewall is a computer that lies between two networks and regulates traffic between the networks in order to protect the internal network from electronic attacks originating from the external network. Firewalls allow administrators to specify rules that limit which packets may be allowed to enter the network. With a good set of rules, administrators can ensure that only friendly packets reach computers within the network. 15. What are the limitations of firewalls? Firewalls have three major limitations. First, if an internal computer is compromised, it can successfully attack other computers in the local network. Second, firewalls are unable to Page 144
protect services that Internet users are allowed to access. For example, if a web application has any vulnerability, the firewall cannot prevent it from being exploited because the firewall rules will allow access to the web application. Finally, a firewall is only as good as the rules specified by its administrator. If the firewall rules do not block packets from attackers, the firewall will not stop the attacker. 16. What controls can be used to ensure availability in the presence of incoming threats? Virus protection and end-user training are controls used to provide availability in the presence of incoming threats. 17. How are viruses different from worms? Give an example of a well-known virus and a wellknown worm. A computer virus is an unwanted program which places itself into other programs, which are shared among computer systems, and replicates itself. A worm is a self-contained program that causes harm and can propagate itself through systems or networks. The major difference between the two is that worms are self-contained programs whereas viruses use email clients or other software to cause damage and to replicate themselves. Viruses and worms are often designed to use up available resources such as storage or processing time, thereby compromising availability. I LOVE YOU is one of the best known viruses and Slammer is one of the best known worms. 18. What are denial-of-service attacks? What can you do to reduce the losses from denial-ofservice attacks on your network? A denial-of-service (DOS) attack is when an attacker consumes the resources on a computer or network for things it was not intended to be doing, thus preventing normal use of the resources for legitimate purposes. A firewall is a good defense against denial-of-service attacks. 19. What controls can be used to ensure confidentiality of outgoing information? Encryption is the most popular control to ensure confidentiality of outgoing information. 20. What is encryption? What is an encryption algorithm? What is an encryption key? Encryption is the process of rendering plain information unintelligible in such a manner that it may later be restored to intelligible form. The output from encryption is called ciphertext. When using encryption, the ciphertext is transmitted over an open channel. An encryption algorithm is a mathematically expressed process to create ciphertext. An encryption key is a sequence of symbols that control the operation of the encryption
Page 145
algorithm. The same encryption algorithm can be used by multiple users, with each user using a different encryption key. 21. What are the advantages and limitations of symmetric key encryption? The primary advantage of symmetric key encryption is that it is computationally simple. Symmetric key algorithms can be used to provide very high levels of security without requiring complex calculations that would burden the CPU of a computer. However, its limitation is the key-exchange problem. Symmetric key encryption cannot be used to securely transmit the encryption key over an open channel. Therefore, symmetric key encryption has traditionally been used in military contexts where the key can be exchanged by armed carriers. 22. What are the advantages and limitations of asymmetric key encryption? What is the most popular asymmetric-key-encryption technology? The advantage of asymmetric key encryption is that it makes key exchange very easy. However, a major limitation of asymmetric key encryption is that the security of asymmetric key encryption depends critically upon the use of very large numbers for security. As a result, it is extremely computation-intensive and can easily overwhelm even the most powerful computers if popular web sites used asymmetric key encryption to encrypt all data between the websites and users. The most popular implementation of asymmetric key encryption is RSA. RSA is named after its three creators — Rivest, Shamir, and Adleman. 23. Briefly describe how you can use asymmetric key encryption to ensure the confidentiality of outgoing information. Clearly show the sender, receiver, and how the two keys are used to provide confidentiality. Encryption The procedure is shown in the adjacent figure. Decryption Use Bob’s public Use Bob’s private To send information using asymmetric key key to encrypt key to decrypt and message before read message sending encryption, the sender (Alice) asks the receiver (Bob) for his public key. This key may be transmitted over the network without fear because only the receiver can decrypt it. The Bob Alice sender encrypts the message with Bob’s public key and sends it over the network. None of the intruders can read it because of the properties of the encryption algorithm. When Bob receives the message, he uses his private key to decrypt the message. Transmitted message encrypted using receiver’s public key Enemy cannot read (confidentiality)
Enemy 1
Enemy 2
24. Briefly describe how you can use asymmetric key encryption to ensure the integrity of outgoing information. Clearly show the sender, receiver, and how the two keys are used to provide confidentiality.
Page 146
The procedure is shown in the adjacent figure. To help the receiver (Bob) confirm the integrity of the message during transmission, Bob Alice the sender (Alice) computes a digest of the Integrity check Integrity message and encrypts the digest with her Compute digest. Use Alice’s public key to decrypt Encrypt digest with digest. Compare own private key. At the receiving end, Bob Alice’s private key with locally before sending computed digest independently computes the digest of the message and also decrypts the encrypted digest sent by Alice. Bob can decrypt the digest using Alice’s public key. If the two digests are the same, Bob can be confident that the message was not modified during transmission. Because of the properties of asymmetric key encryption, if the message had been modified by an enemy during transmission, the two digests would not have been the same. Enemy 1
Enemy 2
Digest of transmitted message encrypted using sender’s private key Enemy cannot modify(integrity)
25. What controls can be used to ensure availability of outgoing information? The primary control to ensure availability of outgoing information is redundancy. Redundancy is surplus capability provided to improve the availability and quality of service.
Hands-on exercise 1. Why is SSL useful? SSL is useful because it provides security for application data with no effort on the part of the application developer. SSL is commonly used to secure e-commerce web traffic. When using SSL for encryption, web application developers do not need to be security experts since SSL provides a very high level of security to all application data. 2. Use Wikipedia or other information resources to write a brief summary of the evolution of SSL and TLS. The SSL protocol was originally developed by Netscape. Version 1.0 was never publicly released. Version 2.0 was released in February 1995 but contained a number of security flaws which led to the design of SSL version 3.0, which was released in 1996. TLS 1.0 was first defined as an Internet standard in RFC 2246 in January 1999 as an upgrade to SSL Version 3.0. Though the RFC stated that TLS 1.0 was not very different from SSL 3.0, TLS 1.0 and SSL 3.0 did not interoperate. TLS 1.1 was defined in RFC 4346 in April 2006. It fixed certain security vulnerabilities in TLS 1.0. TLS 1.2 was defined in RFC 5246 in August 2008. Its primary difference with TLS 1.1 is that it replaces the MD5 hash function with the SHA1 hash, because of documented weaknesses in the MD5 hash algorithm. 3. What is the port number used by the remote web server for SSL connections? Page 147
The https port is 443. 4. Right-click on a packet sent using SSL and select “Follow TCP Stream.” Show the screenshot of the TCP stream. The screen shot is shown below. The goal of this question is to get students to see for themselves the difference between unencrypted and encrypted data.
Network design exercise 1. How can a firewall help Coolco? Update your network diagram from Chapter 11 to include a firewall at Coolco’s gateway to the Internet. A firewall can help Coolco by blocking the common categories of malicious traffic and by logging all traffic that was blocked in such a manner. These logs can be used for later analysis to identify any evolving attacks. The network diagram already includes a firewall, as shown in the figure below.
ISDN network
k
ai
N
W
Internet
ISP networks
ku p bac
DHCP server
A
E
AP Service Center /23
DHCP server
u mb –M dam s ster 0 mbp m A 1
US – Amsterda m 100 mbps
US ISP nk to upli
Tampa router running OSPF
N ISD
Call Center /23
DHCP server
EMEA w/l portal EMEA router running OSPF
NAT firewall
link
p lin acku b ISDN
ISDN ba ck
Coolco HQ /23, /24
ISDN
up link
b a ck
up lin
k
EMEA Service Center /24
i Mumbai router ba um – Mrunning OSPF m bps a d ter 0 m ms 1
Singapore router re apo running OSPF ing – S mb p s S U 10
S
Page 148
2. How can VPNs help Coolco in securing traffic that flows through its WAN? The routers included in the network in Chapter 9 have hardware capabilities to perform the encryption. Update your network diagram to reflect the VPN capabilities of the OSPF routers introduced in chapter 9. Virtual private networks allow mobile users to connect to the company over an encrypted channel. This keeps the traffic secure during transit over the network. The standard use case is of an employee accessing company resources from a hotel room. The VPN ensures that the data is encrypted and unreadable from the time it leaves the laptop till the time it enters Coolco’s network. VPNs thus make it very easy to deal with sensitive corporate data from the outside world. All VPN connections will arrive at Coolco from the Internet. Therefore, the Tampa router is best suited to provide VPN service. The updated network diagram is shown below.
b a ck ISDN
b ISDN
Call Center /23
DHCP server
EMEA w/l portal EMEA router running OSPF
W
Internet
–M
u mb
DHCP server dam ster Am b p s m 0 1
N
US – Amsterda m 100 mbps
US k to IS n upli
P
Tampa VPN router running OSPF
E ISP networks
S
AP Service Center /23
DHCP server
ai
NAT firewall
N ISD
k p lin
up li
a cku
nk
up link ISDN ba ck
EMEA Service Center /24 Coolco HQ /23, /24
bac
ku p
link
ISDN network
am rd ste ps m A mb 10
Mumbai router
–
m Mu
ai brunning OSPF
ore gap
Singapore router running OSPF
in –S U S mb p s 10
Page 149
3. What encryption technology will you use to secure the wireless traffic in Amsterdam? Update your network diagram to reflect the encryption technology used in the wireless network. The current best practice for wireless security is WPA 2. Therefore, this would be the recommendation for the network. The updated network diagram is shown below.
b a ck ISDN
b ISDN
Call Center /23
DHCP server EMEA w/l portal w/ EMEA router WPA 2 security running OSPF
W
Internet
–M
u mb
DHCP server dam ster Am b p s m 0 1
N
US – Amsterda m 100 mbps
US k to IS n upli
P
Tampa VPN router running OSPF
E ISP networks
S
AP Service Center /23
DHCP server
ai
NAT firewall
N ISD
k p lin
up li
a cku
nk
up link ISDN ba ck
EMEA Service Center /24 Coolco HQ /23, /24
bac
ku p
link
ISDN network
am rd ste ps m b A m 10
Mumbai router
–
m Mu
ai brunning OSPF
ing –S U S mb p s 10
a
e por
Singapore router running OSPF
Case questions 1. Read the 10-K statement filed by T. J. Maxx on March 28, 2007, with the SEC. Use the section on “Computer intrusion” to list the major events related to the security breach at the company and the dates on which they occurred. (An easy way is to use Yahoo finance, search for TJX, and follow the link to all filings on EDGAR. On the resulting page, all filings made by TJX are listed in reverse chronological order). The 10-K file is available on the companion website. The goal of this exercise is to get students to see a 10-K statement. The 10-K is probably the best kept secret in the business
Page 150
world. Most students have no idea about its existence and its importance because hardly any other class requires students to go through a 10-K filing. Dec 18, 2006: The computer intrusion was suspected, which was confirmed three days later. Dec. 22, 2006: Law enforcement officials were informed of the suspected Computer Intrusion. The U.S. Secret Service requested confidentiality of the intrusion to be maintained to aid in the investigation. Dec. 26-27, 2006: Banks and credit/ debt/ check card processing companies were informed about the suspected intrusion. Also, the SEC was notified. Jan 17, 2007: The intrusion was publicly announced through an SEC filing. Feb. 18, 2007: Investigations revealed that the intrusion had started earlier than suspected and led to a loss of more information than previously believed. The initial date of the intrusion was pinned at July 2005. The systems compromised and information stolen were also identified. 2. What are some best practices to secure wireless networks? Some simple measures can ensure that the wireless network is protected against the common attacks. These include Changing default passwords: Most wireless routers do not use any password or use a standard password such as “admin.” Changing this to an easily remembered password will protect the network. Use encryption: All wireless devices these days can use WPA, but routers typically disable encryption by default for ease of use. WPA encryption should be enabled to prevent information leaks over the network. Other typical network security best practices such as using a firewall and anti-virus software are also useful. In addition, expert users can take a few more security precautions. Access may be restricted to specific hosts on the network. These hosts can be identified by their MAC addresses. Most wireless routers provide an easy web-based interface to make these specifications. Some routers and wireless can hide the SSID of the network. The tips above are fairly general. But the specific list above is from the US CERT, at http://www.us-cert.gov/cas/tips/ST05-003.html (accessed 01/15/2011) 3. What is a SQL injection attack?
Page 151
An SQL injection attack is an exploitation of a security vulnerability in the logic used by a web application to connect to a database. When the application does not check or improperly checks user input, SQL statements can be written in user input fields with the help of string literal escape characters. These SQL statements can unexpectedly get executed, revealing or modifying data from the database that was not intended to be directly accessed from the application in such a manner (adapted from Wikipedia). 4. Compare the sales at T. J. Maxx in its latest financial year and in 2007. Discuss any trends. Net sales in 2007 were $17.404 Bn in 2007. In 2010, net sales were $20.288 Bn. The firm’s sales have been growing consistently. There is no apparent impact of the computer intrusion on the company’s sales. When students write reports about the computer intrusion, many students write that people are less likely to shop at TJX because of the intrusion. This question gets students to see that the intrusion had had very little effect upon the company’s sales. 5. What does Heartland Payment Systems (NYSE: HPY) do? How does its financial performance compare to its competitors? (Yahoo Finance and Wolfram Αlpha are good sites for such comparisons.) Heartland Payment Systems, Inc. provides bankcard payment processing services to merchants in the United States and Canada. It delivers credit/debit/prepaid card processing, check management, and payments solutions. The company principally serves small and midsized merchants, as well as large national merchants, primarily in the petroleum industry. As of February 18, 2010, it delivered solutions to approximately 250,000 business locations nationwide. The company was incorporated in 2000 and is headquartered in Princeton, New Jersey (source Yahoo Finance → Profile page for HPY). Compared to the industry average, Heartland is experiencing slower revenue growth rates (12.8% vs. 17.2%) and lower gross margins (8.95% vs. 33.85%). However, it is one of the larger firms in its industry, with revenues of $1.81 Bn compared to the industry average of $127.5 Mn. 6. What offense is defined by 18 USC, section 371? (Search online.) The section defines conspiracy. It defines the penalty for conspiring with a person to commit an offense, even if the offense was actually committed by someone else. The section reads as follows: 18 U.S.C. § 371 : US Code - Section 371: Conspiracy to commit offense or to defraud United States
Page 152
If two or more persons conspire either to commit any offense against the United States, or to defraud the United States, or any agency thereof in any manner or for any purpose, and one or more of such persons do any act to effect the object of the conspiracy, each shall be fined under this title or imprisoned not more than five years, or both. If, however, the offense, the commission of which is the object of the conspiracy, is a misdemeanor only, the punishment for such conspiracy shall not exceed the maximum punishment provided for such misdemeanor. The intent behind this question is to get students to see the definition of a section of law. Many students are ignorant about the existence of these legal provisions 7. Read the indictment against Albert Gonzalez filed in the District Court of New Jersey (available at the companion website or at many places online). What evidence is provided in the indictment to support the charge of conspiracy? US prosecutors listed the following acts as evidence to support the charge of conspiracy (violation of Title 18, United States Code, Section 371.) against Albert Gonzalez. a. On or about November 6, 2007, GONZALEZ transferred a computer file to the Ukranian Server named “sqlz.txt” that contained information stolen from Company A’s computer network. b. On or about November 6, 2007, GONZALEZ transferred a computer file to the Ukranian Server named “injector.exe” that matched malware placed on both Heartland and Company A’s servers during the hacks of those companies. c. On or about December 26, 2007, HACKER 1 and HACKER 2 accessed Heartland’s computer network by means of a SQL Injection Attack from the Leaseweb Server and using the ESTHOST Server. d. In or about January 2008, over an internet messaging service, GONZALEZ sent P.T. a SQL Injection String that was used to penetrate Company B’s computer network (the “Company B SQL String”). The Company B SQL String was programmed to direct data to Hacking Platforms, including the ESTHOST Server and the Ukranian Server. e. On or about March 13, 2008, at approximately 10:41 p.m., GONZALEZ connected to the Latvian Server. f. On or about March 13, 2008, at approximately 10:42 p.m., GONZALEZ connected to the Ukranian Server. g. On or about April 22, 2008, GONZALEZ modified a file on the Ukranian Server that contained computer log data stolen from Company B’s computer network. h. Between in or after March 2007 and in or about May 2008, GONZALEZ participated in a discussion over an internet messaging service in which one of the participants stated “planning my second phase against Hannaford.” i. Between in or after March 2007 and in or about May 2008, GONZALEZ participated in a discussion over an internet messaging service in which one of the participants stated “core still hasn’t downloaded that *Company B+ sh-t.” Page 153
j.
Between in or after December 2007 and in or about May 2008, P.T. participated in a discussion over an internet messaging service in which one of the participants stated “that’s how *HACKER 2+ hacked Hannaford.”
The intent of this question is to get students to see what a real indictment looks like and the kind of evidence that is needed to support an indictment.
Page 154
Chapter 14 Review questions 1. What are the goals of network design and implementation? The goal of network design is to meet current and foreseeable end-user needs, using the most appropriate technology and addressing any organizational constraints in a manner that minimizes costs over a specified time period. Costs include the costs of setting up the network initially and maintaining the network over the specified time period. If the network is too slow or unreliable, there are also costs associated with user downtime, when users are unable to perform their jobs because they could not access the network. 2. What are some of the important pieces of information you should gather during the requirements-analysis phase of network design? During the requirements analysis phase, network designers identify the different categories of users and applications. It is also necessary to determine the office locations of the different categories of users within the organization so that the network can support high bandwidth at the required locations. 3. What is a logical network design? The logical network design indicates the layout of the network, the subnets in the network, IP addressing and naming schemes used in the network and management strategies used in the network. It is a very good idea to document the logical network design as a diagram. 4. Why is it useful to represent the logical network design as a drawing? Drawings of the logical network design provide a visual guide and facilitate group discussion. Drawings are a very effective tool to facilitate communication between end users and technical analysts. End users are extremely unlikely to infer critical features of a design from text, tables and charts. 5. What are some important pieces of information you should show in a drawing of the logical network design? To ensure that the logical design captures end user needs, the logical diagram should show the total number of general-purpose desktops, servers, shared devices such as printers, and any devices with special network needs for every area of the network. 6. What is a physical network design?
Page 155
The physical network design indicates the technologies (for example, copper/fiber media for cabling, switches, routers, data link layer technologies such as Ethernet) that will be used to implement the logical design. 7. What is a building network? What data-link-layer technology are you most likely to see in a building network? A building network is a network that connects devices located within a single building. It is the basic building block when a campus network is build using a modular approach. You would most likely see Ethernet in a building network. 8. Why is it useful to develop a standardized design for the building network and to use it as a building block to network every building, even buildings that have much lower network demands? A standardized design for the building network is useful because it facilitates inventory management and human resource management. Once a design is standardized, network administrators can focus on developing deep expertise in the chosen technologies. This expertise helps them manage large networks with thousands, or even hundreds of thousands of routers, switches, and network devices. Also, the fewer the device models used in the network; the simpler it is for network administrators and vendors to keep an inventory of spare devices to maintain the network. 9. What is a campus network? A network that spans multiple buildings is called a campus network. Campus networks are commonly built in a modular fashion by first perfecting the design for a building network and then repeating the design in every building. The campus network is typically organized into three layers — the core layer, the distribution layer, and the access layer. 10. What is the core layer in a campus network? What is the role of the core layer? The core layer in a campus is connected to all parts of the network and is responsible for fast and reliable transportation of data across the different parts of the network. The core layer is also called the network backbone. All traffic between different parts of the network passes through the core. The network core is optimized for fast and efficient packet handling. 11. What is the distribution layer in a campus network? What are the roles of the distribution layer? The distribution layer is the administrative layer of the network. It organizes the network into subnets to minimize traffic that needs to be handled by the core. The distribution layer also uses policies to filter traffic, for example, by using firewalls and authentication to deny network access to unauthorized users. Page 156
12. What is the access layer in a campus network? What service is offered by the access layer? The access layer is responsible for providing network ports to end users. It typically comprises hubs and switches that organize the devices in a building into Ethernets. The aggregated traffic from these Ethernets is passed to the distribution layer for processing. The typical building network is at the access layer. 13. Which layer in the campus network is most suitable to provide Internet connectivity? Why? The most suitable layer on a campus for Internet connection is the distribution layer. This is because the distribution layer is the administrative layer of the network where services such as firewalls are maintained. The Internet connection typically requires a firewall to block unwanted connections and is therefore best suited for the distribution layer. 14. What is an enterprise network? An enterprise network is one organization’s geographically scattered network. The enterprise network connects campus networks at the organization’s various locations. An ISP provides WAN connectivity between campuses. It is quite common for organizations to have offices in locations outside the service area of any single ISP. In such cases, the ISP typically subcontracts with other ISPs to provide connectivity to all the campuses. 15. What is network maintenance? What are the important activities in network maintenance? Network maintenance is the set of activities performed to keep networks in a serviceable condition or to restore defective network components to serviceability. Network maintenance includes activities such as inspection, testing, and servicing of devices and software. Broadly speaking, therefore, network maintenance requires regular monitoring and updating of both hardware and software on all the computer equipment in an organization. 16. What is SNMP? Briefly describe how it is used to maintain network hardware. The Simple Network Management Protocol (SNMP) is a protocol used to manage and control IP devices. Devices that can be managed by SNMP store configuration information in a database called the management information base (MIB). A managed network has one or more network management stations and a large number of managed network elements such as hosts, switches, and routers. Network administrators monitor the network from a network management station. SNMP communicates management information from the MIB between the network management stations and the agents in the network elements.
Page 157
With SNMP, the management application on the network management station can poll all the managed elements, say, once per hour and observe the status of all the information items. If any discrepancy is observed, the management application can alert the administrator by email, SMS, phone, page, or other mechanism. Thus, using SNMP, the network administrator can focus on his/ her work and attend only to configuration problems and failures when they arise. 17. What is the management information base (MIB)? What are some pieces of information you are likely to find in an MIB? The management information base (MIB) is an information store that contains information which is essential for fault management or configuration management of network elements such as hosts and routers. The information in the MIS is organized as a tree with the name of the device at the root and the information elements defined for the device as nodes of the tree. Items of information include temperature, number of frames received with CRC errors, firmware version etc. 18. What are the typical concerns in software maintenance on the network? The typical concerns with maintaining network software is to ensure information security and compliance in the organization. Therefore, network administrators are interested to know the vulnerability status of all operating system and application software installed on all the devices in the network. Vulnerabilities that are thus located need to be fixed to prevent attacks on the network. Administrators are also interested in ensuring that all software installed on the system is properly licensed. 19. What are standards? How are they useful? Standards are documents established by consensus and approved by a recognized body that provide rules, guidelines, or characteristics aimed at the achieving order in a given context. More simply, standards are rules that ensure interoperability. Standards help developers, working independently of each other, to create products that are guaranteed to inter operate with other standard based products created by other developers. 20. What is the typical procedure by which a standard is developed? Standards development begins with the identification of a user need that is not met by current technologies. The organization that is generally agreed to be in the best position to lead the development of a standard for the identified need takes the initiative to develop a standard for the technology. For example, the IEEE takes the lead in developing data-linklayer standards for LANs. The lead organization for the standard establishes a working group to specify requirements for the proposed standard. These requirements are such that they can be implemented with current technologies at reasonable costs. Companies and expert groups next propose technical solutions to implement the proposed requirements. Members Page 158
of the lead organization then vote on the various proposed solutions to identify a solution that wins an overwhelming majority of the vote. This solution becomes the standard for the technology. 21. How did the government facilitate the development of the technologies (TCP and IP) on which the Internet is based? The development of TCP and IP was largely funded by the US Department of Defense (DoD) with the goal of building a computer network resilient to enemy attacks. The DoD made these taxpayer-funded technologies freely available for general use, without a profit motive. This allowed early UNIX implementations to use TCP and IP for networking, bringing the technologies within reach of a wider audience. Eventually, all computer manufacturers replaced their proprietary network- and transport-layer networking technologies with TCP and IP, enabling TCP/ IP to provide a standard platform for computer communication across the globe. 22. How did the government facilitate the creation of the Internet? The DoD insisted that TCP/ IP should be used for network functionality in all computer software sold to the DoD. To improve TCP/ IP technology, the DoD also funded the development of a communication network, the ARPANET, which functioned from 1969 to 1990. The US National Science Foundation initiated a program in 1985 to fund the development of a nationwide network, NSFNET, to serve the entire academic community in the United States. NSF required US universities requesting NSF funding for an Internet connection to make the connection available to all departments on campus. This initiative liberated the Internet from the confines of Computer Science departments and enabled nontechnical departments to get access to the Internet. NSF chose to use TCP/IP for the NSFNET program, thereby introducing the Department of Defense’s TCP/ IP to the nontechnical community. In some sense, NSFNET may be considered the earliest version of the Internet. NSFNET functioned until 1995, by which time the Internet had become wildly popular and commercial service providers had emerged to offer the functionality provided by NSFNET, even to home users. 23. What is the role of the government in facilitating wireless LANs? The government has identified some wireless bandwidth for free use by wireless LAN and other technologies. This allocation of bandwidth has enabled the development of many generations of 802.11 WLAN technologies. Without the availability of this free ISM bandwidth, cell phones would probably have been used for wireless LANs, substantially raising the costs of network connectivity. 24. What has been the role of the government in the evolution of the phone industry?
Page 159
In 1984, the government broke the monopoly of AT&T in the phone business in the United States. Today, two decades after that judgment, competition and technology development has made long-distance phone service almost free, even to many international destinations. Congress also ultimately changed the law that governed how telecommunication companies operated in the United States. In 1996, the Telecommunications Act was passed to open all forms of communication to competition. As a result, today we are beginning to see services such as Skype, Vonage and MagicJack emerge as viable competitors to phone services. 25. What are the general ways in which the government influences the development of the data communication industry? In general, the government has three roles — executive, regulatory, and legislative. The involvement of the government in data communications has emerged from all these three roles. In the executive role, the government is one of the largest users of technology and invests in technology development to meet its own needs. In this role, the government funded the development of TCP, IP, and a host of other Internet technologies in widespread use today. The GPS system is another example of such a technology developed by the government for its own needs, but which is now available for civilian use. In the role of a coordinator or regulator, the government intervened to remove the monopoly of AT&T on phone service. Also in this role, the government has coordinated the allocation of scarce wireless spectrum for Wi-Fi and public interest such as broadcast TV, police, fire, and Defense. In the legislative role, the government passed the Telecommunications Act in 1996 to generate competition in all telecommunication services. The industry is continuing to evolve in response to this development in the legal infrastructure of the country.
Hands-on exercise 1. What are the traffic characteristics of the email heavy application? To view the specific traffic characteristics simulated for email, expand the email heavy node, expand the description node within this node. You will observe that whereas all other traffic such as database and print is off, email is set to heavy. Right-click on email and select view attribute. This will bring up the table shown here.
Page 160
The application sends and receives emails, each email is 2kB in size, and is sent and received in groups of 3 each. Email transmission and reception occurs at intervals drawn from an exponential distribution with parameter 6 minutes. 2. What are the applications associated with the Ethernet LAN user profile? Database access (light), Email (heavy) and File transfer (light). This information is obtained from PROFILE DEFS, in a manner similar to the drill-down procedure above, and is seen in the figure here. 3. What are the TCP protocol specifications for the different applications associated with the Human Resources workstation in the switched_ethernet scenario? These are accessed from the Application: Transport Protocol Specifications node when you edit attributes for the host. These are shown in the table below. The screenshot when editing attributes (from where this information is taken) is also shown below for reference. Application Custom application transport Database transport Email transport Ftp transport Http transport Remote login transport Print transport Video conferencing transport Voice transport Remote storage server transport
Transport protocol TCP + UDP
TCP TCP TCP TCP TCP TCP UDP
UDP TCP
Page 161
4. Show and briefly describe the results from Results → View Results (Advanced) in the switched_ethernet scenario. The results are shown below.
The graphs show that email constitutes approximately 20% of the overall traffic flowing through the switch. The plot also shows that the variance of the overall traffic (central switch throughput) has much lower variance than the variance in email traffic alone. This indicates how traffic aggregation reduces the burstiness of network traffic. 5. (Optional) If you would like to learn how to use OPNET to set up a LAN and simulate it, please visit the companion website and follow the instructions for the OPNET LAN lab. These are included in the readings for this chapter. This is an optional exercise for the interested student.
Network design exercise 1. Create a job ad that Coolco can use to attract the right individual to the job. In the ad, include all the relevant information to maximize the likelihood that the most suitable individuals will be attracted to the opening. Network Architect – Location: Tampa, FL Network engineering architect required with in-depth knowledge of current technologies required to support an evolving business environment and skilled in the design, testing and deployment of enterprise scale networks.
Page 162
The candidate will work with SMB routers and switches with emphasis on design, configuration, implementation and troubleshooting networks. Participate as needed in all phases of network design and implementation development with emphasis on planning, analysis, testing, integration, documentation, and presentation phases. Apply principles, methods, and knowledge of Information Technology to specific customer requirements and in the process use advanced analytical principles and methods to arrive at practical, innovative solutions. The ideal candidate will also provide engineering support and analysis to a variety of new and innovative projects. Design and prepare technical reports, studies, and related documentation; make charts and graphs to record results. Prepare and deliver presentations and briefings as required. Must have knowledge of security requirements for specialized information transfer applications and skilled in preparing technical reports and providing other services as required. Document meetings and other research in writing using approved Client formats. Job Requirements: Bachelor’s degree from an accredited college or university. Minimum of six years of “hands-on” successful IT enterprise architecture experience with projects ranging from $500K to $5M in value. Must possess strong technology insight and experience implementing strategy with integration across multiple technologies. Hands-on experience in building and/or deploying systems including applications, network architecture components and network security. Current certification such as Cisco Certified Internetwork Expert (CCIE) required Expert knowledge of systems engineering methodologies and procedures Expert knowledge of network protocols including RIP, OSPF, BGP, and IPSEC Expert knowledge of network topologies (Fast Ethernet, ATM, MPLS, CWDM/DWDM, SONET), layer 2 & 3 switching and packet analysis, and application and switch load balancing techniques Expert knowledge of network security including filtering and access control lists, Firewalls and VPN required Page 163
Excellent written and verbal communication skills including advanced technical writing skills Excellent project management skills Experience with network systems integration, network management, and IT support Knowledge of wireless LAN and wireless broadband technology, such as 802.11, WiMax, and EVDO. Good understanding of related security technologies VoIP experience required. Current VoIP certification strongly preferred 2. Recommend three media outlets to advertise the opening. Three recommended media outlets would be (1) Network World (a print publication targeting networking professionals); (2) Monster (an online job board); and (3) newsgroup of expert IT professionals in the area such as AITP (Association of IT Professionals) or ISACA (Information Security and Control Association).
Case questions 1. What is your desired career path? Look at the characteristics of tasks for which you could telecommute, found on pages 15 – 16 of the article by Matthew Mariani. (Please see references in the case; the article is available online.) Which of these characteristics does your dream job possess? Based on these characteristics, how suitable is your career path for telecommuting? My chosen career path is of a Professor. Of the 5 characteristics of telecommutable jobs identified by Mariani, this job possesses three characteristics: time blocks, portability and lack of supervision. Of the two other characteristics, Internet service provides access to all required specialized material. The only characteristic identified by Mariani that this job does not possess is definition. Every student will have a different answer to this and the next question. 2. Use the “Telecommuter self-assessment” in the same article (pages 16 – 17) to assess your ability to succeed at telecommuting. What is your score on the self-assessment? In what areas do you need to improve to be able to telecommute successfully? Personally, I rate myself as “yes” on all items. Given the specific nature of my job (professor), items 5 and 6 (supervisor and changing routines) do not apply to me. 3. What practices would you recommend to a manager who is supervising teleworkers, to optimize their professional performance?
Page 164
The primary challenge I have identified in telecommuting is management. Workers tend to focus on the aspects of the work that are most enjoyable to them, not what is most important to the organization. A manager of telecommuters must therefore focus on keeping all telecommuters focused on the priorities of the workplace. The manager must also be able to enforce the required group structure among workers who are no longer meeting each other. If a worker is dependent upon the completion of work by a specific time by another worker, the manager needs to be able to ensure that the works stays on track. When everybody works at the same office, these monitoring activities get performed automatically. 4. The University of Miami is a leading center for telemedicine in the United States. Visit the telemedicine site at the University of Miami (www.med.miami.edu/telemedicine/, accessed February 12, 2010) and briefly describe at least three telemedicine projects/ activities being run by the group. Three projects and a brief description of each project from the web site are as follows: Patient care - University of Miami Telemedicine, in conjunction with Children's Medical Services, a program of the Florida Department of Health, provides remote specialized patient care. Live-interaction telemedicine brings expert knowledge to underserved communities PICMED Dermatology Lecture Series – The University organizes and hosts a monthly international dermatology lecture series. University of Miami Dermatology faculty members deliver the lectures via interactive videoconferencing to sites throughout Latin America as well as Hawaii, Alaska, and Guam Education - Grand Rounds to Boca Raton Community Hospital – An educational partnership between the University of Miami School of Medicine, and Boca Raton Community Hospital offers Grand Rounds conferences in Plastic Surgery using interactive technology for real time, two-way discussions. 5. Recall a medical procedure that was performed on someone you know. If telemedicine was used during any stage of the disease, briefly describe how telemedicine was used in the case. If not, briefly describe how telemedicine may have been used in the case (Assign anonymous names, such as A, B, etc. to prevent revealing personal information). A recent procedure was a cataract surgery. The diagnosis, procedure and post-evaluation were all performed by a live doctor. I would assume that some of these procedures, specially the diagnosis and post-evaluation could have been performed through telemedicine if a high resolution camera was available in a nearby location.
Page 165