Download Solution to test 2

Computer Communications Network (COMP312), 2003/04
Mid-term Test #2


Answer ALL FOUR questions and each question carries equal weight. If there are multiple
parts in a question, each part carries equal weight.
Please do not use extra paper to answer the questions.
Your name: __________________________________________________________
Student ID: __________________________________________________________
1. (Spanning tree protocol) Consider the following switched Ethernet network again (with two
new bridges B8-B9). Previously we have seen how a spanning tree rooted at B1 is formed
by the spanning tree protocol. Consider that B1 later malfunctions; as a result, it no longer
sends out (B1, B1, 0) on the attached LANs. On the diagram, point out the root ports and
designated LANs after the spanning tree protocol is succeeded in building a new spanning
tree after B1 fails. Briefly explain the results.
A
B3
B
B5
B3
C
B5
B2
B7
D
B2
E
B5
B2
B8
B7
B9
B8
G
H
B4
B6
I
F
B7
B1
K
B4
B6
B4
J
After B1 fails, eventually all bridges elect B2 as a new root bridge. It is quite
straightforward to find the root ports and designated bridges. For B9, either port can
be the root port. But if the decision is based on the bridge ID, it will select the lower
port. In either case, B9 essentially disables both ports for frame forwarding.
1
2. Consider a class B network 158.132.0.0 which is subnetted with a subnet mask of 255.255.255.0.
Moreover, a host with IP address 158.132.1.1 is compromised in that an attack program was
installed in that machine. Discuss the effect of the attack if the attack program in that machine
sends out an ICMP echo request message (ping) with the following source and destination
addresses. Note that the source addresses in ping messages are spoofed, i.e., not equal to
158.132.1.1.
Assume the followings:
 All routers inside the network turn off the support for subnet-directed and all-subnet-directed
IP broadcasts, i.e., drop those packets.
 All nodes (hosts and routers) must reply with an ICMP echo reply message when receiving an
ICMP echo request message.
 When forwarding a packet, a router only examines the destination IP address, but not the
source IP address.
 The destination addresses of the ping messages belong to hosts, but not to routers.
a)
Source address = 158.132.1.100 and destination address = 255.255.255.255.
All nodes on subnet 1 will receive this ICMP request message and send reply messages to
158.132.1.100. If the number is large enough, the victim host will be overwhelmed by these
packets.
b)
Source address = 158.132.2.100 and destination address = 255.255.255.255.
All nodes on subnet 1 will receive this ICMP request message and send reply messages to
158.132.2.100. Since the routers do not check the source addresses when forwarding, all the
reply messages will be forwarded to subnet 2. If the number is large enough, the router that
is responsible for forwarding these packets or the victim host will be overwhelmed by these
packets.
c)
Source address = 158.132.2.100 and destination address = 158.132.2.255.
Since the ICMP request message is a subnet-directed packet, the router will drop it. As a
result, this attack does not have any impact on the network.
2
3. (Virtual LANs and IP) Consider a LAN switched network configured with two virtual LANs,
each of which is configured as a different IP subnet, as depicted below.
R
LAN switched network with subnets
140.32.1.0 and 140.32.2.0
subnet mask = 255.255.255.0
A router R is connected for the inter-virtual LAN (IP subnet) communications. Write down the
routing tables for R, a host A on virtual LAN 1 (IP subnet 1), and a host B on virtual LAN 2 (IP
subnet 2), so that the two virtual LANs can communicate with each other. Note that R’s interface
is configured with two IP addresses, say 140.32.1.1 and 140.32.2.1.
Router R
Destination
140.32.1.0
140.32.2.0
Subnet mask
255.255.255.0
255.255.255.0
Next-hop
140.32.1.1
140.32.2.1
Host A (assuming that its address is 140.33.1.10)
Destination
Subnet mask
Next-hop
140.32.1.0
255.255.255.0
140.32.1.10
0.0.0.0
0.0.0.0
140.32.1.1
Host B (assuming that its address is 140.33.2.10)
Destination
Subnet mask
Next-hop
140.32.2.0
255.255.255.0
140.32.2.10
0.0.0.0
0.0.0.0
140.32.2.1
3
4. (IP fragmentation) Consider a host A sends IP packets to a host B, and they are separated by a
number of different IP networks. Suppose we know that the path MTU for A to send packets to B
is given by P bytes. If host A sends an IP datagram of size D bytes to host B, no fragmentation
occurs if P ≥ D.
a) If P < D, what is the minimum number of IP fragments as a result of IP fragmentation, in
terms of P and D?
The minimum number of fragments = (D – 20)/(P – 20). The amount of data to be
fragmented into multiple IP packets is given by D – the IP header’s size = D – 20. Similarly,
each fragment can accommodate at most P – the IP header’s size = P – 20.
b) However, the actual number of fragments for this datagram can be larger than the minimum
obtained from (a). Give an example to illustrate this claim.
Consider that the packet reaches a network of MTU = P’ and then another network of MTU =
P, such that D > P’ > P. In this case, the path MTU is given by P. But the packet will be
fragmented by the network with MTU = P’. The fragments will then be fragmented again by
the network with MTU = P.
c) Give one example that the actual number of fragmentation is equal to the minimum obtained
from (a).
There are several possible cases:
i. The first-hop network’s MTU = the path MTU. Therefore, fragmentation occurs only
when the host sends out the packet.
ii. The first-hop network’s MTU ≥ D but the second-hop network’s MTU = the path MTU. In
this case, fragmentation occurs also once.
iii. You may continue the same reasoning in (ii) to find out other examples.
4