EP2120 Internetworking
IK2218 Protocols and Principles of the Internet
Homework assignment 2
(Solutions due 23:00, Wednesday, 2016.Sept.14)
(Review due 23:00, Friday, 2016.Sept.16)
1. ARP (20/100)
The figure above illustrates four hosts H1, H2, H3, and H4 connected by an inter-network
running IPv4. The learning bridge B1 connects hosts H1, H2, and router R1, the learning bridge
B2 connects routers R1 and R2, and the learning bridge B3 connects hosts H3, H4, and router
R2. For the hosts and routers, the interfaces’ logical (IP) addresses are represented by capital
letters, and physical (MAC) addresses are represented by small letters. The interface names of
the bridges are denoted by N, E, S or W. Assume that the ARP caches of the routers and of
the hosts, and the MAC address tables of the bridges are initially empty and that no packets
have been sent yet. The forwarding tables of all hosts and the router are correctly configured.
All hosts know each others’ IP addresses. ARP snooping is enabled.
Consider that host H1 sends an IPv4 unicast datagram to host H4.
Let us first look at how the datagram will be delivered.
The steps are the following:
1) Host H1 knows the IP address of Host H4 . Based on its forwarding table, host H1
knows that H4 is not on the same subnet and knows that router R1 is the next hop. Hence,
H1 has to forward the datagram to router R1. Host H1 knows the IP address of router R1
but does not know its MAC address. Hence it will perform an ARP request for the IP
address ‘E’.
2) The ARP request is received by the bridge B1 on its interface ‘North’, and the bridge
forwards the request on all the other interfaces. Hence, the request is received by host H2
and by router R1. Both will learn the binding (A,a). Bridge B1 learns that the MAC
address ‘a’ is on its ‘North’ interface.
3) Router R1 replies to the ARP request, and provides its MAC address.
4) Bridge B1 learns that the MAC address ‘e’ is on its 'East' interface.
5) Bridge B1 forwards the ARP reply on its ‘North’ interface to H1, which learns the MAC
address of router R1 and stores the pair (E,e) in its ARP table. Note that H2 does not
receive the ARP reply.
6) Host H1 can send the datagram to router R1 now.
7) Upon receiving the datagram, router R 1 checks its forwarding table and finds based on
the destination IP address that host H4 is not on any of the subnets directly connected, and
R2 is the next hop. Hence, router R 1 has to forward the datagram to router R2 . Router R1
knows the IP address of router R2 but does not know its MAC address. Hence, it will
perform an ARP request (broadcast on the ‘East’ interface) for the IP address 'G'.
8) The ARP request is received by bridge B2 on its interface ‘West’, and the bridge
forwards the request on its 'East' interface. Hence, the request is received by router R2,
which will learn the binding (F,f). The bridge learns that the MAC address ‘f’ is on its
'West' interface.
9) Router R2 replies to the ARP request, and provides its MAC address.
10) Bridge B2 learns that the MAC address 'g' is on its 'East' interface.
11) Bridge B2 forwards the ARP reply to R1, which learns the MAC address of router R2
and stores the pair (G,g) in its ARP table.
12) Router R1 can send the datagram to router R2 now.
13) Upon receiving the datagram, router R2 checks its forwarding table and finds based
on the destination IP address that host H4 is on the network connected to its ’East’
interface (IP: D, MAC: d), but it does not know the MAC address of H4. Hence, router R2
performs an ARP resolution for the MAC address of host H4. It first sends an ARP request
(broadcast on the ‘East’ interface) with the IP address D of H4.
14) The ARP request is received by bridge B3 on its interface ‘West’, and the bridge
forwards the request on all the other interfaces. Hence, the request is received by hosts H3
and H4 , which will learn the binding (H,h). Bridge B3 learns that the MAC address ‘h’ is
on its 'West' interface.
15) Host H4 sees that the ARP request is intended for itself. After storing the pair (H,h) in
its ARP table, H4 sends an ARP reply to router R2.
10) Bridge B3 learns that the MAC address ‘d’ is on its South interface. It forwards the
ARP reply on its ‘East’ interface.
11) Router R2 receives the ARP reply and stores the pair (D,d) in its ARP table.
12) Router R2 can now forward the datagram to H4.
(This explanation is not part of the expected solution, but it explains the reasoning that
leads to the correct solution.)
a) Provide the state of the six ARP caches as they will appear after the IPv4 unicast
datagram has been delivered to host H4, that is, after dynamic ARP resolution has been
made (16p).
Based on the above description the ARP tables of the hosts are:
H1: (E,e)
H2: (A,a)
H3: (H,h)
H4: (H,h)
R1: (A,a), (G,g)
R2: (F,f), (D,d)
(If ARP snooping is not enabled then the ARP tables of H2 and H3 are empty.)
b) Provide the state of the bridge B3's MAC address table as it will appear after the IPv4
unicast datagram has been delivered to host H4, that is, after dynamic ARP resolution has
been made. (4p)
Based on the above description the MAC address table of B1 is:
B3: (h, West), (d,South)
2. UDP and fragmentation (15/100)
Assume an Ethernet link with an MTU of 1300 bytes connects hosts A and B. An application
process on Host A sends 5200 bytes of application data via UDP to a process on Host B. IPv4
is used at the network layer.
Let us first look at how the datagram will be fragmented. There are 5208 bytes of payload for
IP to send (5200 bytes UDP payload and 8 bytes of UDP header). Each link layer frame can
contain 1300 bytes of payload. Every fragment has to contain an IP header, of course, which
takes 20 bytes. The fragment length has to be a multiple of 8 bytes (except for the last
fragment), so that up to floor[(1300-20)/8]*8=1280 bytes of data can be sent in one IP
fragment (but the last one).
a) How many fragments are transmitted? (5p)
5(five) (=ceil(5208/1280))
b) Give the values of the MF bit, the offset and the total length field of the IP header of each
fragment! (10p)
Using the "tcpdump" notation (offset in bytes):
Fragment 1: 1280@0+ (1280 bytes of data, offset of 0 bytes, and more fragments bit set)
Fragment 2: 1280@1280+
Fragment 3: 1280@2560+
Fragment 4: 1280@3840+
Fragment 5: 88@5120(no more fragments)
Any other notation that contains the same information is correct (e.g., the offset could be
divided by 8, as it is contained in the IP header, or one could provide the total length of
the IP fragments, which are 20+“bytes of data” shown above). It is important, however,
to specify what the solution contains (e.g., offset byte vs. contents of the offset field).
3. Routing (25/100)
In the IPv4 network shown in the figure all routers (A-F) run RIPv2 and all link metrics are 1.
The addresses of the IPv4 networks and the associated interface addresses are given in the
figure. Note that the letters A-F do not denote addresses. Assume an initial state for all
routers, where only the addresses of the directly connected networks are present in the routing
tables. The destinations in the network are the /24 prefixes. Assume also that all RIP
implementations support Equal-cost-multi-path (ECMP). All routers implement split-horizon
and poison reverse.
Express routes as 'destination, metric, next-hop'. If the destination is a directly connected
network, the route is given as 'destination, metric, -'.
a) What is the initial routing state of F? (3p)
208.218.3.0/24, 1, - # North interface
208.218.5.0/24, 1, - # West interface
b) Assume that router E starts by sending a RIP response to its neighbours. What is the
routing state of F after it has received the initial distance-vector from E? (5p)
208.218.3.0/24, 1, - # North interface
208.218.5.0/24, 1, - # West interface
208.218.4.0/24, 2, 208.218.5.2
# West interface
208.218.2.0/24, 2, 208.218.5.2
# West interface
c) Assume that the second event that happens in the network is that router C sends RIP
responses to its neighbours. Which RIP response message does C send, and which
distance-vectors do they contain? You should indicate source and destination address of
each RIP message, on which interface they are sent out (and to where) and which
distance-vector (destination, metric tuples) are contained in each message. (6p)
On the east interface, C sends a RIP response message with src address 208.218.3.2 and
destination address 224.0.0.9. The distance-vector of this message using split-horizon with
poison reverse is:
208.218.3.0/24, 1
(# RIP implementations may announce this network but it is not necessary since all connected
routers have this as a directly connected network: it is accepted both to have this route and to
omit it)
208.218.5.0/24, 1
208.218.2.0/24, 2
208.218.4.0/24, 2
On the south interface, C sends a RIP response message with src address 208.218.5.1 and
destination address 224.0.0.9. The distance-vector of this message using split-horizon with
poison reverse is:
208.218.3.0/24, 1
208.218.5.0/24, 1
(# RIP implementations may announce this network but it is not necessary since all connected
routers have this as a directly connected network: it is accepted both to have this route and to
omit it)
208.218.2.0/24, 16
208.218.4.0/24, 16
d) What is the routing state of E after it has received the distance-vector from C in the
previous step (c)? (5p)
Routing state of E:
a) 208.218.2.0/24, 1, - # North interface
b) 208.218.4.0/24, 1, - # West interface
c) 208.218.5.0/24, 1, - # East interface
d) 208.218.3.0/24, 2, 208.218.5.1
# East interface
e) Assume now that after step (d) the West interface of router B and the East interface of
router E go down (e.g., an administrator accidentally uses “ifdown” to switch them off),
and assume that split-horizon with poison reverse is not used by any of the routers any
more. As a consequence of E’s East interface being down, routers C and F will stop
receiving updates from E, and once their Invalid timer expires they will remove all entries
that they learned from E. Assume now that after the Invalid timer expires at router C and
at router F, it is router B that sends out a RIP response first, after which router C sends out
its RIP responses. What will happen to the route to network 208.218.4.0/24 in routers B
and C?
Following these route updates, router F has to forward a datagram P with destination
address 208.218.4.4. What will happen to packet P?
What will happen if routers B and C keep on sending RIP responses one after the other?
What if split-horizon with poison reverse was used by all routers? (6 p).
Even though routers C and F remove their routes to 208.218.4.0/24 via E, since router B still
has its entry to 208.218.4.0/24 with C as the next hop, after router B sends out its routes,
router C and F will update their routing tables and set router B as the next hop for
208.218.4.0/24 with metric 4.
As a result, packet P will be forwarded to router B, and then to router C and back to router B,
until its TTL reaches 0.
When router C send its update to router B with metric 4, router B will update its metric for
208.218.4.0/24 to 5. If router B and C keep on sending out RIP responses, the metric of
208.218.4.0/24 in the routing tables of router B, C, and F will increase until it reaches
infinity.
If split-horizon with poison reverse was used, router B would send an update for the network
208.218.4.0/24 with metric 16 on its South interface, and consequently router C would not use
B as next hop to 208.218.4.0/24. Furthermore, packet P would be dropped by router F and
would not loop between routers B and C.
4. ICMP (15/100)
The hosts H1, H2 and H3 are connected by a network running IPv4. The forwarding tables of
all hosts and routers are correctly configured. Note that the letters A-C do not denote
addresses but routers.
a) H3 wants to use ping to verify that H1 is reachable. Which type of ICMP messages are
exchanged between the two hosts? (5p)
H3 sends one or more ICMP Echo Request (Type 8) messages to 90.59.1.2. The datagram
is forwarded by the routers in the network until it reaches H1. Every time one of the
messages reaches the destination 90.59.1.2, H1 replies to 90.59.5.2 with an ICMP Echo
Reply (Type 0) message.
b) Assume the packet from H1 to H3 needs to pass through 9 routers in total. H1
performs a traceroute to host H3 relying on ICMP, and one message is sent for each
hop. Please list the first and the last ICMP messages that H1 send, and the
corresponding replies that H1 receives. For each message, please specify the ICMP
message type, the sender and receiver. For the message sent by H1, please also specify
the fields that differ between the subsequent packets. (10p)
The solution assumes that for each hop (TTL value) one message is sent. The number of
messages sent per hop is configurable in most implementations of traceroute, the default
value is usually 3. What matters in the solution is to have the messages’ contents right.
The first message that H1 sends:
H1 sends an ICMP Echo Request (Type 8) message to 90.59.5.2 with the TTL field set to
1. Router A receives the packet, decrements the TTL to 0 and drops the packet. Router A
replies to 90.59.1.2 with an ICMP Time Exceeded message. H1 knows that 90.59.1.1 is the
IP address of one interface of the first router on the path to H3.
The last message that H1 sends:
H1 sends an ICMP Echo Request (Type 8) message to 90.59.5.2 with the TTL field equal
to 10. The message is forwarded to H3. H3 receives the packet and replies to 90.59.1.2
with an ICMP Echo Reply packet (Type 0). H1 knows that the destination is reached.
5. TCP (25/100)
Consider a recently established TCP connection between processes PA and PB on hosts A and
B, respectively. The three-way handshake has been done, but no data has been sent yet. TCP
on Host B announced a receiver window size of 6000 bytes to TCP on Host A, and Process PB
can read the received data from TCP as soon as they arrive. Process PA has 16000 bytes to
send via TCP. The path MTU between the two hosts is known to be 1040 bytes. The
propagation time is 10ms, and the link speed is 2Mbps. It takes 1ms for TCP to generate a
segment (with or without data) and this can be done in parallel with sending a previously
generated segment.
The receiver uses delayed acknowledgements with a delay of 100ms (or at most two full
segments). The size of a segment having a TCP header only is negligible in terms of
transmission time. IP options are not used. Process PA sends the first segment at time t0 with
sequence number ISN+1. CWND is originally set to 1 MSS and the slow start threshold is
65535 bytes. Assume that the granularity G of the heartbeat timer is 0.5 seconds.
a) What is the MSS used by TCP? (2p)
MSS = MTU – TCP header – IP header = 1040 – 20 – 20 = 1000 bytes. Note that the path
MTU is 1040 bytes, which suggests IPv4 is used at the network layer.
b) What is the bandwidth-delay product of the communication channel? Is the advertised
receiver window of B big enough to fully utilize the channel? If not, how big should it be
for A to be able to fully utilize the channel? (5p)
BWxDelay = RTT*BW = 0.02*2*10^6 = 0.04*10^6 bits = 5 kB
The receiver window is big enough.
c) Provide the sequence of segments sent by TCP from host A. For each segment sent
from host A provide the time it is sent, and the sequence number of the first byte it
contains. For the first four segments sent from host A also provide the SRTT, RTTVAR
and the RTO values of the sender TCP at the time the segment is sent. Assume that
outgoing segments are handled before incoming segments in case more than one event
happens at the same time! (15p)
Note: As of June 2011, RFC2988 has been obsoleted by RFC6298. The latest RFC states that
the initial RTO should be set to 1 s, instead of the previous 3 s. Either solution should be
considered correct.
Similarly, the RTT measurement during the handshake could be considered for updating the
SRTT before the first data segment is sent. We show the calculation for both scenarios (note
that using the RTT of the handshake is not encouraged on low bandwidth connections, as the
handshake segment does not contain data and thus its transmission time is negligible
compared to that of a full sized segment).
Finally, RFC6298 says that if the computed RTO is below 1s then the RTO should be rounded
up to 1s. In RFC terminology SHOULD is a recommendation that one may deviate from if one
knows what one is doing, and in fact most popular TCP implementations use a minimum RTO
well below 1s (200ms in Linux, approx. 300ms in Windows). We thus consider both the
computed RTO (if computed according to the RFC) and a rounded up value to 1s to be
correct.
After connection establishment (at time t0), RTO = 1 s, SRTT = 0, RTTVAR = 0.
1)
SRTT
0
RTTVAR
0
RTO
1
ACK received at t0+125. Measured RTT = 125 ms.
SRTT = RTT = 125 ms.
RTTVAR = RTT/2 = 63 ms.
RTO = SRTT + max(G, 4*RTTVAR) = 125 + 500 = 625 ms.
2)
3)
0.125
0.125
0.063
0.063
0.625
0.625
ACK received at t0+155. Measured RTT = 29 ms.
RTTVAR = 0.75*0.063 + 0.25*|0.125 – 0.029| = 71 ms
SRTT = 0.875*0.125 + 0.125*0.029 = 0.113
RTO = 0.113 + 0.500 = 0.613 (should be rounded up to 1s, both are correct)
4)
0.113
0.071
0.613
If we assume that the initial RTT measurement is made during the handshake with RTT = 21
ms, we get slightly different results.
RTTVAR = RTT/2 = 11 ms.
SRTT = RTT = 21 ms.
RTO = SRTT + max(G, 4*RTTVAR) = 21 + 500 = 521 ms. (should be rounded up to 1s, both
are correct)
1)
SRTT
0.021
RTTVAR
0.011
RTO
0.521
ACK received at t0+125. Measured RTT = 125 ms.
RTTVAR = 0.75*0.011 + 0.25*|0.021 – 0.125| = 0.034 s
SRTT = 0.875*0.021 + 0.125*0.125 = 0.034 s
RTO = SRTT + max(G, 4*RTTVAR) = 0.034 + 0.500 = 0.534 s. (should be rounded up to 1s,
both are correct)
2)
3)
0.034
0.034
0.034
0.034
0.534
0.534
ACK received at t0+155. Measured RTT = 29 ms.
RTTVAR = 0.75*0.034 + 0.25*|0.034 – 0.029| = 0.027 s
SRTT = 0.875*0.034 + 0.125*0.029 = 0.033 s
RTO = 0.033 + max(G,4*0.027) = 0.033 + 0.500 = 0.533(should be rounded up to 1s, both
are correct)
4)
0.033
0.027
0.533
Any solution should make it clear whether the initial RTT measurement is made during the
handshake, or during the transmission and acknowledgement of the first segment.
Observe that even if the RTT is constant, due to delayed acknowledgements the RTTVAR is
not 0.
d) At what time does A receive the acknowledgement for the last segment? (3p)
At t0+367 ms.
Hint 1: Try to first draw the sequence of segment exchanges to get the order of the segments
right.
Hint 2: Consult RFC 6298 for details on how to calculate the SRTT, RTTVAR and the RTO.
The description provided in the course book (3ed and 4ed) is not correct.
Grading suggestions: Important things to consider are whether flow control and congestion
control are correctly accounted for (slow start, and max 6 segments outstanding). Delayed
ACKs are also important, there should be 1 ACK for every two segments OR a delay of 100
ms. The 1 ms to prepare segments was added to spread out the reception of the segments
slightly, missing it is not a major issue, but the solution should be consistent. Missing the
transmission time (4 ms) is a mistake.