Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Q.1 Write down the features of Fast Ethernet and Gigabit Ethernet. Answer: Fast Ethernet Technology Fast Ethernet, or 100BaseT, is conventional Ethernet but faster, operating at 100 Mbps instead of 10 Mbps. Fast Ethernet is based on the proven CSMA/CD Media Access Control (MAC) protocol and can use existing 10BaseT cabling (See Appendix for pinout diagram and table). Data can move from 10 Mbps to 100 Mbps without protocol translation or changes to application and networking software. Data- Link Layer: Fast Ethernet maintains CSMA/CD, the Ethernet transmission protocol. However, Fast Ethernet reduces the duration of time each bit is transmitted by a factor of 10, enabling the packet speed to increase tenfold from 10 Mbps to 100 Mbps. Data can move between Ethernet and Fast Ethernet without requiring protocol translation, because Fast Ethernet also maintains the 10BaseT error control functions as well as the frame format and length. Other highspeed technologies such as 100VG-AnyLAN, FDDI, and Asynchronous Transfer Mode (ATM) achieve 100 Mbps or higher speeds by implementing different protocols that require protocol translation when moving data to and from 10BaseT. This protocol translation involves changes to the frame that typically mean higher latencies when frames are passed through layer 2 LAN switches. Physical Layer Media Options: Fast Ethernet can run over the same variety of media as 10BaseT, including UTP, shielded twisted-pair (STP), and ber. The Fast Ethernet specication denes separate physical sublayers for each media type: 100BaseT4 for four pairs of voice- or data-grade Category 3, 4, and 5 UTP wiring 100BaseTX for two pairs of data-grade Category 5 UTP and STP wiring 100BaseFX for two strands of 62.5/125-micron multimode ber In many cases, organizations can upgrade to 100BaseT technology without replacing existing wiring. However, for installations with Category 3 UTP wiring in all or part of their locations, four pairs must be available to implement Fast Ethernet. The MII layer of 100BaseT couples these physical sublayers to the CSMA/CD MAC layer. The MII provides a single interface that can support external transceivers for any of the 100BaseT physical sublayers. For the physical connection, the MII is implemented on Fast Ethernet devices such as routers, switches, hubs, and adapters, and on transceiver devices using a 40-pin connector. Cisco Systems contributed to the MII specication. Physical Layer Signaling Schemes Each physical sublayer uses a signaling scheme that is appropriate to its media type. 100BaseT4 uses three pairs of wire for 100-Mbps transmission and the fourth pair for collision detection. This

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 method lowers the 100BaseT4 signaling to 33 Mbps per pair, making it suitable for Category 3, 4, and 5 wiring. 100BaseTX uses one pair of wires for transmission (125-MHz frequency operating at 80-percent efciency to allow for 4B5B encoding) and the other pair for collision detection and receive. 100BaseFX uses one ber for transmission and the other ber for collision detection and receive. The 100BaseTX and 100BaseFX physical signaling channels are based on FDDI physical layers developed and approved by the American National Standards Institute (ANSI) X3T9.5 committee. 100BaseTX uses the MLT-3 line encoding signaling scheme, which Cisco developed and contributed to the ANSI committee as the specication for FDDI over Category 5 UTP. Today MLT-3 also is used as the signaling scheme for ATM over Category 5 UTP. Gigabit Ethernet: Gigabit Ethernet is a 1-gigabit/sec (1,000-Mbit/sec) extension of the IEEE 802.3 Ethernet networking standard. Its primary niches are corporate LANs, campus networks, and service provider networks where it can be used to tie together existing 10-Mbit/sec and 100Mbit/sec Ethernet networks. Gigabit Ethernet can replace 100-Mbit/sec FDDI (Fiber Distributed Data Interface) and Fast Ethernet backbones, and it competes with ATM (Asynchronous Transfer Mode) as a core networking technology. Many ISPs use Gigabit Ethernet in their data centers. Gigabit Ethernet provides an ideal upgrade path for existing Ethernet-based networks. It can be installed as a backbone network while retaining the existing investment in Ethernet hubs, switches, and wiring plants. In addition, management tools can be retained, although network analyzers will require updates to handle the higher speed. Gigabit Ethernet provides an alternative to ATM as a high-speed networking technology. While ATM has built-in QoS (quality of service) to support realtime network traffic, Gigabit Ethernet may be able to provide a high level of service quality by providing more bandwidth than is needed. This topic continues in "The Encyclopedia of Networking and Telecommunications" with a discussion of the following: Gigabit Ethernet features and specification Gigabit Ethernet modes and functional elements Gigabit Ethernet committees and specifications, including: 1000Base-LX (IEEE 802.3z) 1000Base-SX (IEEE 802.3z) 1000Base-CX (IEEE 802.3z) 1000Base-T (IEEE 802.3ab) 10-Gigabit Ethernet (IEEE 802.3ae) Gigabit Ethernet switches

Network configuration and design Flat network or subnetsGigabit Ethernet backbones Switch-to-server links Reg. No. 511114771

Sandeep Haldar

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Gigabit Ethernet to the desktop Switch-to-switch links

Gigabit Ethernet versus ATM Hybrid Gigabit Ethernet/ATM Core Network

10-Gigabit Ethernet As if 1 Gbits/sec wasn't enough, the IEEE is working to define 10-Gigabit Ethernet (sometimes called "10 GE"). The new standard is being developed by the IEEE 802.3ae Working Group. Service providers will be the first to take advantage of this standard. It is being deployed in emerging metro-Ethernet networks. See "MAN (Metropolitan Area Network)" and "Network Access Services." As with 1-Gigabit Ethernet, 10-Gigabit Ethernet will preserve the 802.3 Ethernet frame format, as well as minimum and maximum frame sizes. It will support full-duplex operation only. The topology is star-wired LANs that use point-to-point links, and structured cabling topologies. 802.3ad link aggregation will also be supported. The new standard will support new multimedia applications, distributed processing, imaging, medical, CAD/CAM, and a variety of other applications-many that cannot even be perceived today. Most certainly it will be used in service provider data centers and as part of metropolitan area networks. The technology will also be useful in the SAN (Storage Area Network) environment. Q.2 Differentiate the working between pure ALOHA and slotted ALOHA. Answer: ALOHA: Aloha is a computer networking system which was introduced in the early 1970 by Norman Abramson and his colleagues at university of Hawaii to solve the channel allocation problem. On the basis of global time synchronization. Aloha is divided into two different versions or protocols. i.e Pure Aloha and Slotted Aloha. Pure Aloha: Pure Aloha does not require global time synchronization. The basic idea of pure aloha system is that it allows its users to transmit whenever they have data.A sender just like other users can listen to what it is transmitting, and due to this feedback broadcasting system is able to detect collision, if any. If the collision is detected the sender will wait a random period of time and attempt transmission again. The waiting time must not be the same or the same frames will collide and destroyed over and over. Systems in which multiple users share a common channel in a way that can lead to conflicts are widely known as contention systems. Efficiency of Pure Aloha: Let "T" be the time needed to transmit one frame on the channel, and "frame-time" as a unit of time equal to T. Let "G" refer to the mean used in the Poisson distribution over transmission-attempt amounts that is, on average, there are G transmission-attempts per frame-time. Let "t" be the time at which the sender wants to send a frame. We want to use the channel for one frame-time beginning at t, and so we need all other stations to refrain from Sandeep Haldar Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 transmitting during this time. Moreover, we need the other stations to refrain from transmitting between t-T and t as well, because a frame sent during this interval would overlap with our frame.

EFFICIENCY OF ALOHA: Vulnerable period for the shaded frame is 2t, if t is the frame time. A frame will not collide if no other frames are sent within one frame time of its start, before and after. For any frame-time, the probability of there being k transmission-attempts during that frame-time is: {G^k e^{-G}} / {k!} If throughput (number of packets per unit time) is represented by S, under all load, S =GPo, where Po is the probability that the frame does not suffer collision. A frame does not have collision if no frames are send during the frame time. Thus, in t time Po=(e)^(-G). In 2t time Po=e^(-2G), as mean number of frames generated in 2t is 2G. From the above, throughput in 2t time S=G*(Po)=G*e^(-2G) Slotted Aloha Channel: Slotted Aloha does require global time synchronization. Efficiency of Slotted Aloha Channel: Assume that the sending stations has to wait until the beginning of a frame time (one frame time is one time slot) and arrivals still follow Poisson Distribution, where they are assumed probabilistically independent: In this case the vulnerable period is just t time units. Then the Probability that k frames are generated in a frame time is effective:Pk=(G^k)*(e^-G)/k! In t time, the probability of zero frames, Po=e^(-G) From the above throughput becomes: S=GPo=G*(e^-G) Comparison Of Pure Aloha And Slotted Aloha:

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 PURE ALOHA VS SLOTTED ALOHA: Throughput versus offered traffic for pure ALOHA and slotted ALOHA systems, ie, plot of S against G, from S=Ge^(-2G) and S=Ge^(-G) formulas. CSMA: CSMA is a set of rules in which the devices attached to a network first determines whether the channel or carrier is in use or free and then act accordingly. As in this MAC protocol,the network devices or nodes before transmission senses the channel,therefore, this protocol is known as carrier sense multiple access protocol. Multiple Access indicates that many devices can connect to and share the same network and if a node transmits anything, it is heard by all the stations on the network. Q.3 Write down distance vector algorithm. Explain path vector protocol. Answer: Distance Vector Routing algorithm: 1) For each node, estimate the cost from itself to each destination. 2) For each node, send the cost information the neighbors. 3) Receive cost information from the neighbor, update the routing tables accordingly. 4) Repeat steps 1 to 3 periodically. Path vector protocol: A path vector protocol is a computer network routing protocol which maintains the path information that gets updated dynamically. Updates which have looped through the network and returned to the same node are easily detected and discarded. This algorithm is sometimes used in BellmanFord routing algorithms to avoid "Count to Infinity" problems. It is different from the distance vector routing and link state routing. Each entry in the routing table contains the destination network, the next router and the path to reach the destination. Path Vector Messages in BGP: The autonomous system boundary routers (ASBR), which participate in path vector routing, advertise the reachability of networks. Each router that receives a path vector message must verify that the advertised path is according to its policy. If the messages comply with the policy, the ASBR modifies its routing table and the message before sending it to the next neighbor. In the modified message it sends its own AS number and replaces the next router entry with its own identification. BGP is an example of a path vector protocol. In BGP the routing table maintains the autonomous systems that are traversed in order to reach the destination system. Exterior Gateway Protocol (EGP) does not use path vectors.

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Q.4 State the working principle of TCP segment header and UDP header. Answer: TCP Header Format: TCP segments are sent as internet datagrams. The Internet Protocol header carries several information fields, including the source and destination host addresses [2]. A TCP header follows the internet header, supplying information specific to the TCP protocol. This division allows for the existence of host level protocols other than TCP. TCP Header Format 0 1 2 3

01234567890123456789012345678901 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| Window | | |

| Offset| Reserved |R|C|S|S|Y|I| | | |G|K|H|T|N|N|

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data |

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 TCP Header Format Note that one tick mark represents one bit position. Source Port: 16 bits The source port number. Destination Port: 16 bits The destination port number. Sequence Number: 32 bits The sequence number of the first data octet in this segment (except when SYN is present). If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1. Acknowledgment Number: 32 bits If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive. Once a connection is established this is always sent. Data Offset: 4 bits The number of 32 bit words in the TCP Header. This indicates where the data begins. The TCP header (even one including options) is an integral number of 32 bits long. Reserved: 6 bits Reserved for future use. Must be zero. Control Bits: 6 bits (from left to right): URG: Urgent Pointer field significant ACK: Acknowledgment field significant PSH: Push Function RST: Reset the connection SYN: Synchronize sequence numbers FIN: No more data from sender Window: 16 bits The number of data octets beginning with the one indicated in the acknowledgment field which the sender of this segment is willing to accept. Checksum: 16 bits The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header and text. If a segment contains an odd number of header and text octets to be checksummed, the last octet is padded on the right with zeros to form a 16 bit word for checksum purposes. The pad is not transmitted as part of the segment. While computing the checksum, the checksum field itself is replaced with zeros. The checksum also covers a 96 bit pseudo header conceptually prefixed to the TCP header. This Sandeep Haldar Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 pseudo header contains the Source Address, the Destination Address, the Protocol, and TCP length. This gives the TCP protection against misrouted segments. This information is carried in the Internet Protocol and is transferred across the TCP/Network interface in the arguments or results of calls by the TCP on the IP. +--------+--------+--------+--------+ | Source Address |

+--------+--------+--------+--------+ | Destination Address |

+--------+--------+--------+--------+ | zero | PTCL | TCP Length |

+--------+--------+--------+--------+ The TCP Length is the TCP header length plus the data length in octets (this is not an explicitly transmitted quantity, but is computed), and it does not count the 12 octets of the pseudo header. Urgent Pointer: 16 bits This field communicates the current value of the urgent pointer as a positive offset from the sequence number in this segment. The urgent pointer points to the sequence number of the octet following the urgent data. This field is only be interpreted in segments with the URG control bit set. Options: variable Options may occupy space at the end of the TCP header and are a multiple of 8 bits in length. All options are included in the checksum. An option may begin on any octet boundary. There are two cases for the format of an option: Case 1: A single octet of option-kind. Case 2: An octet of option-kind, an octet of option-length, and the actual option-data octets. The option-length counts the two octets of option-kind and option-length as well as the optiondata octets. Note that the list of options may be shorter than the data offset field might imply. The content of the header beyond the End-of-Option option must be header padding (i.e., zero). A TCP must implement all options. Currently defined options include (kind indicated in octal): Kind Length Meaning Reg. No. 511114771

Sandeep Haldar

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 ---0 1 2 -----4 ------End of option list. No-Operation. Maximum Segment Size.

Specific Option Definitions End of Option List +--------+ |00000000| +--------+ Kind=0 This option code indicates the end of the option list. This might not coincide with the end of the TCP header according to the Data Offset field. This is used at the end of all options, not the end of each option, and need only be used if the end of the options would not otherwise coincide with the end of the TCP header. No-Operation +--------+ |00000001| +--------+ Kind=1 This option code may be used between options, for example, to align the beginning of a subsequent option on a word boundary. There is no guarantee that senders will use this option, so receivers must be prepared to process options even if they do not begin on a word boundary. Maximum Segment Size +--------+--------+---------+--------+ |00000010|00000100| max seg size |

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 +--------+--------+---------+--------+ Kind=2 Length=4

Maximum Segment Size Option Data: 16 bits If this option is present, then it communicates the maximum receive segment size at the TCP which sends this segment. This field must only be sent in the initial connection request (i.e., in segments with the SYN control bit set). If this option is not used, any segment size is allowed. Padding: variable The TCP header padding is used to ensure that the TCP header ends and data begins on a 32 bit boundary. The padding is composed of zeros. The User Datagram Protocol (UDP) The User Datagram Protocol (UDP) is a transport layer protocol defined for use with the IP network layer protocol. It is defined by RFC 768 written by John Postel. It provides a best-effort datagram service to an End System (IP host). The service provided by UDP is an unreliable service that provides no guarantees for delivery and no protection from duplication (e.g. if this arises due to software errors within an Intermediate System (IS)). The simplicity of UDP reduces the overhead from using the protocol and the services may be adequate in many cases. UDP provides a minimal, unreliable, best-effort, message-passing transport to applications and upper-layer protocols. Compared to other transport protocols, UDP and its UDP-Lite variant are unique in that they do not establish end-to-end connections between communicating end systems. UDP communication consequently does not incur connection establishment and teardown overheads and there is minimal associated end system state. Because of these characteristics, UDP can offer a very efficient communication transport to some applications, but has no inherent congestion control or reliability. A second unique characteristic of UDP is that it provides no inherent On many platforms, applications can send UDP datagrams at the line rate of the link interface, which is often much greater than the available path capacity, and doing so would contribute to congestion along the path, applications therefore need to be designed responsibly [RFC 4505]. One increasingly popular use of UDP is as a tunneling protocol, where a tunnel endpoint encapsulates the packets of another protocol inside UDP datagrams and transmits them to another tunnel endpoint, which decapsulates the UDP datagrams and forwards the original packets contained in the payload. Tunnels establish virtual links that appear to directly connect locations that are distant in the physical Internet topology, and can be used to create virtual (private) networks. Using UDP as a tunneling protocol is attractive when the payload protocol is not

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 supported by middleboxes that may exist along the path, because many middleboxes support UDP transmissions. UDP does not provide any communications security. Applications that need to protect their communications against eavesdropping, tampering, or message forgery therefore need to separately provide security services using additional protocol mechanisms. Protocol Header A computer may send UDP packets without first establishing a connection to the recipient. A UDP datagram is carried in a single IP packet and is hence limited to a maximum payload of 65,507 bytes for IPv4 and 65,527 bytes for IPv6. The transmission of large IP packets usually requires IP fragmentation. Fragmentation decreases communication reliability and efficiency and should theerfore be avoided. To transmit a UDP datagram, a computer completes the appropriate fields in the UDP header (PCI) and forwards the data together with the header for transmission by the IP network layer.

The UDP protocol header consists of 8 bytes of Protocol Control Information (PCI) The UDP header consists of four fields each of 2 bytes in length: Source Port (UDP packets from a client use this as a service access point (SAP) to indicate the session on the local client that originated the packet. UDP packets from a server carry the server SAP in this field) Destination Port (UDP packets from a client use this as a service access point (SAP) to indicate the service required from the remote server. UDP packets from a server carry the client SAP in this field) UDP length (The number of bytes comprising the combined UDP header information and payload data) UDP Checksum (A checksum to verify that the end to end data has not been corrupted by routers or bridges in the network or by the processing in an end system. The algorithm to compute the checksum is the Standard Internet Checksum algorithm. This allows the receiver to verify that it was the intended destination of the packet, because it covers the IP addresses, port numbers and protocol number, and it verifies that the packet is not truncated or padded, because it covers the size field. Therefore, this protects an application against receiving corrupted payload data in place of, or in addition to, the data that was sent. In the cases where this check is not required, the value of 0x0000 is placed in this field, in which case the data is not checked by the receiver. Sandeep Haldar Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Like for other transport protocols, the UDP header and data are not processed by Intermediate Systems (IS) in the network, and are delivered to the final destination in the same form as originally transmitted. At the final destination, the UDP protocol layer receives packets from the IP network layer. These are checked using the checksum (when >0, this checks correct end-toend operation of the network service) and all invalid PDUs are discarded. UDP does not make any provision for error reporting if the packets are not delivered. Valid data are passed to the appropriate session layer protocol identified by the source and destination port numbers (i.e. the session service access points). UDP and UDP-Lite also may be used for multicast and broadcast, allowing senders to transmit to multiple receivers. Using UDP Application designers are generally aware that UDP does not provide any reliability, e.g., it does not retransmit any lost packets. Often, this is a main reason to consider UDP as a transport. Applications that do require reliable message delivery therefore need to implement appropriate protocol mechanisms in their applications (e.g. tftp). UDP's best effort service does not protect against datagram duplication, i.e., an application may receive multiple copies of the same UDP datagram. Application designers therefore need to verify that their application gracefully handles datagram duplication and may need to implement mechanisms to detect duplicates. The Internet may also significantly delay some packets with respect to others, e.g., due to routing transients, intermittent connectivity, or mobility. This can cause reordering, where UDP datagrams arrive at the receiver in an order different from the transmission order. Applications that require ordered delivery must restore datagram ordering themselves. The burdon of needing to code all these protocol mechanims can be avoided by using TCP. Q.5 What is IP addressing? Discuss different classes of IP Addressing. Answer: IP addressing n identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the IP address of the destination. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 1.160.10.240 could be an IP address. Within an isolated network, you can assign IP addresses at random as long as each one is unique. However, connecting a private network to the Internetrequires using registered IP addresses (called Internet addresses) to avoid duplicates. The four numbers in an IP address are used in different ways to identify a particular network and a host on that network. Four regional Internet registries -- ARIN, RIPE NCC, LACNIC and APNIC -assign Internet addresses from the following three classes.

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Class A - supports 16 million hosts on each of 126 networks Class B - supports 65,000 hosts on each of 16,000 networks Class C - supports 254 hosts on each of 2 million networks The number of unassigned Internet addresses is running out, so a new classless scheme called CIDR is gradually replacing the system based on classes A, B, and C and is tied to adoption of IPv6. IP address classes These IP addresses can further be broken down into classes. These classes are A, B, C, D, E and their possible ranges can be seen in Figure 2 below. Class A B C D E Figure 2. IP address Classes If you look at the table you may notice something strange. The range of IP address from Class A to Class B skips the 127.0.0.0-127.255.255.255 range. That is because this range is reserved for the special addresses called Loopback addresses that have already been discussed above. The rest of classes are allocated to companies and organizations based upon the amount of IP addresses that they may need. Listed below are descriptions of the IP classes and the organizations that will typically receive that type of allocation. Default Network: The special network 0.0.0.0 is generally used for routing. Class A: From the table above you see that there are 126 class A networks. These networks consist of 16,777,214 possible IP addresses that can be assigned to devices and computers. This type of allocation is generally given to very large networks such as multi-national companies. Loopback: This is the special 127.0.0.0 network that is reserved as a loopback to your own computer. These addresses are used for testing and debugging of your programs or hardware. Class B: This class consists of 16,384 individual networks, each allocation consisting of 65,534 possible IP addresses. These blocks are generally allocated to Internet Service Providers and large networks, like a college or major hospital. Sandeep Haldar Reg. No. 511114771 Start address 0.0.0.0 128.0.0.0 192.0.0.0 224.0.0.0 240.0.0.0 Finish address 126.255.255.255 191.255.255.255 223.255.255.255 239.255.255.255 255.255.255.255

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Class C: There is a total of 2,097,152 Class C networks available, with each network consisting of 255 individual IP addresses. This type of class is generally given to small to mid-sized companies. Class D: The IP addresses in this class are reserved for a service called Multicast. Class E: The IP addresses in this class are reserved for experimental use. Broadcast: This is the special network of 255.255.255.255, and is used for broadcasting messages to the entire network that your computer resides on. Private Addresses There are also blocks of IP addresses that are set aside for internal private use for computers not directly connected to the Internet. These IP addresses are not supposed to be routed through the Internet, and most service providers will block the attempt to do so. These IP addresses are used for internal use by company or home networks that need to use TCP/IP but do not want to be directly visible on the Internet. These IP ranges are: Class A B C Private Start Address 10.0.0.0 172.16.0.0 192.168.0.0 Private End Address 10.255.255.255 172.31.255.255 192.168.255.255

If you are on a home/office private network and want to use TCP/IP, you should assign your computers/devices IP addresses from one of these three ranges. That way your router/firewall would be the only device with a true IP address which makes your network more secure. Common Problems and Resolutions The most common problem people have is by accident assigning an IP address to a device on your network that is already assigned to another device. When this happens, the other computers will not know which device should get the information, and you can experience erratic behavior. On most operating systems and devices, if there are two devices on the local network that have the same IP address, it will generally give you a "IP Conflict" warning. If you see this warning, that means that the device giving the warning, detected another device on the network using the same address. The best solution to avoid a problem like this is to use a service called DHCP that almost all home routers provide. DHCP, or Dynamic Host Configuration Protocol, is a service that assigns addresses to devices and computers. You tell the DHCP server what range of IP addresses you would like it to assign, and then the DHCP server takes the responsibility of assigning those IP addresses to the various devices and keeping track so those IP addresses are assigned only once.

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Q.6 Define Cryptography. Discuss two cryptographic techniques. Answer: Cryptography is the science of information security. The word is derived from the Greekkryptos, meaning hidden. Cryptography is closely related to the disciplines of cryptology andcryptanalysis. Cryptography includes techniques such as microdots, merging words with images, and other ways to hide information in storage or transit. However, in today's computer-centric world, cryptography is most often associated with scrambling plaintext(ordinary text, sometimes referred to as cleartext) into ciphertext (a process calledencryption), then back again (known as decryption). Individuals who practice this field are known as cryptographers. Modern cryptography concerns itself with the following four objectives: 1) Confidentiality (the information cannot be understood by anyone for whom it was unintended) 2) Integrity (the information cannot be altered in storage or transit between sender and intended receiver without the alteration being detected) 3) Non-repudiation (the creator/sender of the information cannot deny at a later stage his or her intentions in the creation or transmission of the information) 4) Authentication (the sender and receiver can confirm each other?s identity and the origin/destination of the information) TYPES OF CRYPTOGRAPHIC ALGORITHMS There are several ways of classifying cryptographic algorithms. The two types of algorithms that will be discussed are: Secret Key Cryptography (SKC): Uses a single key for both encryption and decryption Public Key Cryptography (PKC): Uses one key for encryption and another for decryption

Secret Key Cryptography With secret key cryptography, a single key is used for both encryption and decryption. As shown in Figure 1A, the sender uses the key (or some set of rules) to encrypt the plaintext and sends the ciphertext to the receiver. The receiver applies the same key (or ruleset) to decrypt the message and recover the plaintext. Because a single key is used for both functions, secret key cryptography is also called symmetric encryption. With this form of cryptography, it is obvious that the key must be known to both the sender and the receiver; that, in fact, is the secret. The biggest difficulty with this approach, of course, is the distribution of the key. Secret key cryptography schemes are generally categorized as being either stream ciphers or block ciphers. Stream ciphers operate on a single bit (byte or computer word) at a time and implement some form of feedback mechanism so that the key is constantly changing. A block cipher is socalled because the scheme encrypts one block of data at a time using the same key on each block. In general, the same plaintext block will always encrypt to the same ciphertext when using the Sandeep Haldar Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 same key in a block cipher whereas the same plaintext will encrypt to different ciphertext in a stream cipher. Stream ciphers come in several flavors but two are worth mentioning here. Selfsynchronizing stream ciphers calculate each bit in the keystream as a function of the previous n bits in the keystream. It is termed "self-synchronizing" because the decryption process can stay synchronized with the encryption process merely by knowing how far into the n-bit keystream it is. One problem is error propagation; a garbled bit in transmission will result in n garbled bits at the receiving side. Synchronous stream ciphers generate the keystream in a fashion independent of the message stream but by using the same keystream generation function at sender and receiver. While stream ciphers do not propagate transmission errors, they are, by their nature, periodic so that the keystream will eventually repeat. Secret key cryptography algorithms that are in use today include: Blowfish: A symmetric 64-bit block cipher invented by Bruce Schneier; optimized for 32-bit processors with large data caches, it is significantly faster than DES on a Pentium/PowerPCclass machine. Key lengths can vary from 32 to 448 bits in length. Blowfish, available freely and intended as a substitute for DES or IDEA, is in use in over 80 products. Twofish: A 128-bit block cipher using 128-, 192-, or 256-bit keys. Designed to be highly secure and highly flexible, well-suited for large microprocessors, 8-bit smart card microprocessors, and dedicated hardware. Designed by a team led by Bruce Schneier and was one of the Round 2 algorithms in the AES process. Public-Key Cryptography Public-key cryptography has been said to be the most significant new development in cryptography in the last 300-400 years. Modern PKC was first described publicly by Stanford University professor Martin Hellman and graduate student Whitfield Diffie in 1976. Their paper described a two-key crypto system in which two parties could engage in a secure communication over a non-secure communications channel without having to share a secret key. PKC depends upon the existence of so-called one-way functions, or mathematical functions that are easy to computer whereas their inverse function is relatively difficult to compute. Let me give you two simple examples: Multiplication vs. factorization: Suppose I tell you that I have two numbers, 9 and 16, and that I want to calculate the product; it should take almost no time to calculate the product, 144. Suppose instead that I tell you that I have a number, 144, and I need you tell me which pair of integers I multiplied together to obtain that number. You will eventually come up with the solution but whereas calculating the product took milliseconds, factoring will take longer because you first need to find the 8 pairs of integer factors and then determine which one is the correct pair.

Sandeep Haldar

Reg. No. 511114771

Sikkim Manipal University

- MBA -

MI0035 Computer Network

Semester: 3 - Assignment Set: 2 Exponentiation vs. logarithms: Suppose I tell you that I want to take the number 3 to the 6th power; again, it is easy to calculate 36=729. But if I tell you that I have the number 729 and want you to tell me the two integers that I used, x and y so that logx 729 = y, it will take you longer to find all possible solutions and select the pair that I used. While the examples above are trivial, they do represent two of the functional pairs that are used with PKC; namely, the ease of multiplication and exponentiation versus the relative difficulty of factoring and calculating logarithms, respectively. The mathematical "trick" in PKC is to find a trap door in the one-way function so that the inverse calculation becomes easy given knowledge of some item of information. (The problem is further exacerbated because the algorithms don't use just any old integers, but very large prime numbers.) Generic PKC employs two keys that are mathematically related although knowledge of one key does not allow someone to easily determine the other key. One key is used to encrypt the plaintext and the other key is used to decrypt the ciphertext. The important point here is that it does not matter which key is applied first, but that both keys are required for the process to work. Because a pair of keys are required, this approach is also called asymmetric cryptography. In PKC, one of the keys is designated the public key and may be advertised as widely as the owner wants. The other key is designated the private keyand is never revealed to another party. It is straight forward to send messages under this scheme. Suppose Alice wants to send Bob a message. Alice encrypts some information using Bob's public key; Bob decrypts the ciphertext using his private key. This method could be also used to prove who sent a message; Alice, for example, could encrypt some plaintext with her private key; when Bob decrypts using Alice's public key, he knows that Alice sent the message and Alice cannot deny having sent the message (nonrepudiation). Public-key cryptography algorithms that are in use today for key exchange or digital signatures include: Diffie-Hellman: After the RSA algorithm was published, Diffie and Hellman came up with their own algorithm. D-H is used for secret-key key exchange only, and not for authentication or digital signatures. Digital Signature Algorithm (DSA): The algorithm specified in NIST's Digital Signature Standard (DSS), provides digital signature capability for the authentication of messages.

Sandeep Haldar

Reg. No. 511114771