* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download ans - EECS: www-inst.eecs.berkeley.edu
Survey
Document related concepts
Distributed firewall wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Airborne Networking wikipedia , lookup
Computer network wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
Net neutrality law wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Network tap wikipedia , lookup
Spanning Tree Protocol wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Deep packet inspection wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Transcript
University of California at Berkeley Department of Electrical Engineering and Computer Sciences CS168, Homework 2 Due at Noon on Thursday, October 16, 2014 INSTRUCTIONS—READ THEM NOW! - - - - Submit this homework using Pandagrader/GradeScope (https://www.gradescope.com/courses/214). To submit, print out this document, write your answers on it, then scan it and upload to Pandagrader. Scanning services are available from the Berkeley Library System (http://www.lib.berkeley.edu/using-the-libraries/print-scan). Be sure to double-check your submission to ensure that Pandagrader has scanned in your solution correctly. You may want to consider using a PDF markup program to insert your answers into this document in the provided boxes. Use your @berkeley.edu email address to sign in to Pandagrader. If you don’t have a Pandagrader account, click ”Login” and then ”Forgot Password” on the Pandagrader website and follow the instructions. If you have any problems with the submission process, it is your responsibility to come to office hours prior to the homework’s due date. If you need more space for work, or you write code to calculate a result, attach these materials at the end of the homework when you submit. In general, if something is unclear, write down your assumptions as part of your answer. If your assumptions are reasonable, we will endeavor to grade the question based on them. If you have questions, ask on Piazza or come to office hours. Please write your SID on each page! a. nonymous Name – Please Print! 1 2 3 4 5 SID 6 (Signature) 7 8 Friday 1:90-2:90 Discussion Section (Day/Time) Q1. Miscellaneous Short Questions [26 points] 1a) [2 points] Consider the following network containing two regional and two national ISPs, each of which is an autonomous system. AS B provides national service to regional AS A. AS C provides national service to regional AS D. B and C peer with each other in two places using BGP. Consider traffic going from A to D. B would prefer to hand that traffic over to C on the West Coast (so that C w ould going have from to absorb the ost of prefer carrying the tthat raffic cross-‐country), while other in two places using BGP. Consider traffic A to D. B cwould to hand traffic over would get thave he traffic via its oast peering oint w ith B (so that while B would have to C on the WestC Coast (soprefer that Cto would to absorb theEast costCof carrying the p traffic cross-country), C would prefer to get thethe traffic via aits Eastthe Coast peeringW point B echanism (so that B m would carried theB would hand carried traffic cross country). hat Bwith GP m ight Chave use, so that traffic across the over country). What BGP mechanism might C use, so that B would hand over A-to-D traffic at A-‐to-‐D traffic at its East Coast peering point? its East Coast peering point? To answer this question, you will need to dig into the BGP specification. (P42) In Figure 1, suppose that stub network V is a customer of ISP A. Suppose that B and C have a peering relationship, and A is a customer of both B and C. Suppose that A would like to have the traffic destined to W to come from B only, and the traffic destined to V from either B or C. How should A advertise its routes MED / Multi Descriminator to B and C? What AS routes doesExit C receive? 1b) [2 points] Indicate whether the following statements are True or False by circling the appropriate answer: Figure 1: Problem 5 topology (P51) In Section 4.5.1, weTrue studiedFalse Dijkstra’s algorithm unicast paths that link-state The routing TTL field in IPv4 for is ncomputing ot used in the practice are individually the least-cost paths from the source to all destinations. The union of these paths might be True False pathIPv6 do not unicast fragment thought of as forming a least-unicast-cost treerouters (or a shortest pathpackets tree, if all link costs are identical). By constructing a counterexample, show that the least-cost path tree is not always the same as a CIDR enables more efficient use of the IP address space minimum spanning tree. True False True False Poison-‐Reverse eliminates the counting-‐to-‐infinity problem 2 1c) [2 points] Routing protocols such as RIP (distance-‐vector) and OSPF (link-‐state) are typically implemented at: (Circle one) a. The control processor of each router in a domain b. The control processor at only the border routers of a domain c. The line-‐cards of each router in a domain d. None of the above 1d) [2 points] Which of the following are true? The aggregation of multiple IP addresses into a single prefix: (Circle all that are true) a. Reduces the number of routing entries but complicates the route lookup process b. Reduces the number of routing entries and simplifies the route lookup process c. Is rendered unnecessary by multi-‐homing d. Leads to non-‐optimal routing paths 1e) [6 points] Consider the following network, with nodes A through J. The numbers indicate the link weights or costs (so shortest paths are paths with the lowest cumulative cost). In the following questions, use the alphabetical ordering to break ties when there are several shortest paths (i.e., you pick the path with the next hop that is earliest in the alphabet). If the path loops, just list two repetitions of the loop and put “...” afterwards to indicate that it continues. A 6 2 B 3 2 4 2 D 4 C E 3 H 2 3 2 1 F 3 I G 1 5 J 1e1) Assuming the network operator uses link state routing, after everything has converged, what path would a packet from C to H take? CBGIH 1e2) Using the same network as above, imagine that the cost of the link G-‐I has changed to 15. G announces this change, and all nodes except F get this update (i.e., F still thinks G-‐I is cost 1). C now sends a packet to H. What path would the packet take? CBGFGF… 1f) [6 points] Consider the BGP topology below. Suppose that stub networks V and W are customers of ISP A. Suppose that B and C have a peering relationship, and A is a customer of both B and C. Suppose that A would like to mostly use the Gao-‐Rexford rules, but would like to have the traffic destined to W come only from B. 1f1) What routes should A advertise to B? W: A W V: A V A: A? 1f2) What routes should A advertise to C? V: A V A: A? 1f3) What AS routes does C receive? W: B A W V: B A V V: A V A: A? B: B? A: B A? 1g) [6 points] Consider sending an IPv4 packet over a link with an MTU of 500 bytes. The packet has an identification number of 291 and has a payload of 1,600 bytes (not including the 20 byte IP header). 1g1) What is the minimum number of fragments that will be generated? 4 1g2) Split the packet into the minimum number of fragments. Keep all fragments the same size except possibly the last one. For each fragment, what are the values of the IP header fields related to fragments (total_length, ID, fragment_offset, and the MF bit)? total_length: 500 ID: 291 fragment_offset: 0 MF: true / 1 total_length: 500 ID: 291 fragment_offset: 480 / 60 MF: true / 1 total_length: 500 ID: 291 fragment_offset: 960 / 120 MF: true / 1 total_length: 180 ID: 291 fragment_offset: 1440 / 180 MF: false / 0 Q2. IP Addressing and Forwarding Aggregation [7 points] 2a) Convert the following address to dot-‐quad: 11000000 00000111 00011101 00001011 192.7.29.11 2b) Convert the following address to binary: 19.17.34.41 00010011 00010001 00100010 00101001 2c) In the following address and netmask, what is the binary representation of the network address? Address: 11000000 00000111 00011101 00001011 Netmask: 255.248.0.0 11000000 00000000 00000000 00000000 2d) What is the equivalent of the above netmask in CIDR slash-‐notation? /13 or 192.0.0.0/13 2e) Consider the following routing table: 171.1.216.0/24 Port 1 171.1.217.0/24 Port 1 171.1.218.0/24 Port 2 171.1.219.0/24 Port 4 171.1.220.0/24 Port 4 171.1.221.0/24 Port 4 171.1.222.0/24 Port 3 171.1.223.0/24 Port 4 Default Port 4 Express this using LPM, using three non-‐default entries: 171.1.216.0/23 Port 1 171.1.218.0/24 Port 2 171.1.222.0/24 Port 3 Default Port 4 Q3. Intra-‐domain and Inter-‐domain routing protocols [10 points] 3a) [4 points] Consider the network shown below. Suppose AS3 and AS2 are running OSPF for their intra-‐AS routing protocol. Suppose AS1 and AS4 are running RIP for their intra-‐AS routing protocol. Suppose BGP (eBGP + iBGP) is the inter-‐AS routing protocol. Initially suppose there is no physical link between AS2 and AS4. 3a1) Router 3c learns about prefix x from which routing protocol? (Circle one) wo places using BGP. Consider A to OSPF traffic going RIP from eBGP D. iB BGP would prefer to hand th e West Coast (so that C would have to absorb the cost of carrying the traffic cross-c 3a2) Router 3a learns about prefix x from which routing protocol? (Circle one) refer to get the traffic via its East Coast peering point with B (so that B would ha OSPF mechanism RIP might eBGP iBGP B would hand over Ass the country). What BGP C use, so that oast peering point? To answer this question, you will need to dig into the BGP spec 3a3) Router 1c learns about prefix x from which routing protocol? (Circle one) OSPF RIP eBGP iBGP 3a4) Router 1d learns about prefix x from which routing protocol? (Circle one) OSPF RIP eBGP iBGP 3b) [6 points] Referring to the previous problem, once router 1d learns about x it will put an entry in its forwarding table. (You can assume that any path that router 1d hears advertised is a policy-‐compliant one and that AS1 is a customer of both AS2 and AS3. Assume MED is not used in any router advertisements, and that a “typical” selection policy is used.) 3b1) Will 1d use 1a as the next hop for x, or will it use 1b? (i.e., will it send the packet over interface I1 or over interface I2?) Explain why in one sentence. 1a. Has the smaller intradomain cost 3b2) Now suppose that there is a physical link between AS2 and AS4, shown by the dotted line. Suppose router 1d learns that x is accessible via AS2 as well as via AS3. Will 1d be set to send packets to 1a or 1b? Explain why in one sentence. 1b. Hot potato 3b3) Now suppose there is another AS, called AS5, which lies on the path between AS2 and AS4 (not shown in diagram). Suppose router 1d learns that x is accessible via AS2 AS5 AS4 as well as via AS3 AS4. Will 1d be set to send packets to 1a or 1b? Explain why in one sentence. 1a. Prefer shorter AS path Q4. BGP [7 points] Consider a set of domains with the following customer-‐provider-‐peer relationships: H I peer provider E A F B peer customer G C D 4a) Assume that all these domains use “standard” Gao-‐Rexford policies based on these relationships. 4a1) What route does A take to C? AEHFC 4a2) What route does A take to D? AEHIGD 4a3) Now assume that E and F become peers, and F and G become peers. Do any of the two routes calculated above change, and if so how? The first changes to A E F C The second stays the same 4b) For the next set of questions, we no longer use the preceding picture but just consider a set of domains M, N, O, X and Y and assume that domains do not necessarily follow the Gao-‐ Rexford policies (i.e., you can ignore considerations about whether a domain is a peer/provider/customer of another domain). After running BGP, we see that: • • • Domain M uses the path MXN to reach domain N Domain N uses the path NYO to reach domain O Domain X uses the path XNY to reach domain Y Can we conclude that: (Circle Yes or No for each of the below) 4b1) M reaches O through the path MXNYO? Yes No 4b2) M reaches X through the path MX? Yes No 4b3) N reaches Y through the path NY? Yes No 4b4) X reaches N through the path XN? Yes No Q5. ACKs [8 points] Consider a flaky link where the initial transmission of a data packet is dropped if its number is prime (in other words, the initial transmissions of D2, D3, D5, D7, D11, D13 are dropped, but subsequent transmissions are ok). Note that the ACKs are cumulative and numbered according to the next expected packet (hence, A4 indicates the receipt of D1, D2, and D3). Hosts 𝑥 and 𝑦 are using a transport protocol with sliding window flow control with a constant window size of 5 packets and selective repeat. Three duplicate ACKs trigger a retransmission (hint: consider… how many total ACKs makes for three duplicates?). Assume that the latency of the link is significantly longer than the transmission time of 5 packets and that the retransmit timeout is much longer than the RTT. Below, fill in the first 20 packets sent from host 𝑥 (you don’t need to indicate what ACKs are generated, though it may be helpful and we’ve entered the first few entries below). Mark which packets are retransmits due to timeouts and which are retransmits due to duplicate acknowledgements. 1. D1 A2 2. D2 (dropped) - 3. D3 (dropped) - 4. D4 A2 5. D5 (dropped) - 6. D6 A2 7. D2 (timeout) A3 8. D7 (dropped) - 9. D3 (timeout) A5 10. D8 A5 11. D9 A5 12. D5 (timeout) A7 13. D10 A7 14. D11 (dropped) - 15. D7 (timeout) A11 16. D12 A11 17. D13 (dropped) - 18. D14 A11 19. D15 A11 20. D11 (dupack/retransmit) A13 Q6 – Fun with traceroute! (12pt) The traceroute tool is a program that traces the path (a sequence of routers) a packet follows to a destination. We’ll be using it in the questions below. 6a) [2 points] In no more than two sentences, explain how traceroute works. Sends IP packets with incrementing TTLs. Listens to ICMP Time Exceeded responses from routers as packets time out. 6b) [2 points] Use traceroute from a machine on the UCB network to record the path taken to 216.81.59.173. Attach a printout of the traceroute output. If traceroute is not installed, try /usr/sbin/traceroute. Make sure to set the max hops to at least 64 using the –m option. 6c) [2 points] What are the ISPs traversed, and in what order? Hint: Look at the router names and try to visit the corresponding website. The ISPs are often, but not always, identified by the router names. You’ll find it hard to continue once things get “interesting”. Just list as many as you can. berkeley eecs.berkeley? cenic.net / Corporation for Education Network Initiatives in California he.net / hurricane electric beaglenetworks.net? (answers may not be exact) 6d) [2 points] Now try running traceroute to stanford.edu. What are the ASes traversed, and in what order? List as many of the AS numbers along the path as you can. To find an AS number from an IP address, you may find the following command useful: whois –h radb.ra.net [IP address] If you have Mac OS, the –a option on traceroute will list some AS numbers for you, but may report some as 0, which they aren’t. Use the above command to fill those in. AS25 AS2152 AS32 (answers may not be exact) 6e) [2 points] In your trace you may encounter rows with three asterisks ***. What is going on? What might have caused it? (Hint: It is not due to a disturbance in the Force.) The router isn’t sending Time Exceeded messages. (Most likely) Time Exceeded messages are being dropped due to bad network connection (this would more likely result in only one or two *s unless network was very bad!). 6f) [2 points] Why might an ISP want to disable support for traceroute? Exposes internals of their network. This gives customers/competitors information you may not want them to have! Also is a possible security risk with dubious benefit. traceroute -m 64 216.81.59.173 traceroute to 216.81.59.173 (216.81.59.173), 64 hops max, 60 byte packets 1 vlan49-gw.Millennium.Berkeley.EDU (169.229.49.1) 0.341 ms 0.316 ms 0.548 ms 2 edge-10g-mill.EECS.Berkeley.EDU (169.229.59.225) 1.452 ms 1.448 ms 1.432 ms 3 t1-2.inr-202-reccev.Berkeley.EDU (128.32.255.57) 0.424 ms 0.441 ms t1-2.inr-201-sut.Berkeley.EDU (128.32.255.53) 0.270 ms 4 xe-5-1-0.inr-001-sut.Berkeley.EDU (128.32.0.66) 0.277 ms xe-4-1-0.inr-001-sut.Berkeley.EDU (128.32.0.64) 0.227 ms 0.237 ms 5 dc-sfo-agg-1--ucb-10ge.cenic.net (137.164.50.16) 0.792 ms 0.807 ms 0.792 ms 6 oak-agg2--sfo-agg1-10g.cenic.net (137.164.22.25) 1.756 ms 1.575 ms 1.568 ms 7 dc-paix-px1--oak-core1-ge.cenic.net (137.164.47.18) 2.441 ms 2.445 ms dc-paix-px1--oak-core1-ge.cenic.net (137.164.47.174) 2.436 ms 8 hurricane--paix-px1-ge.cenic.net (198.32.251.70) 9.535 ms 9.556 ms 9.598 ms 9 10ge4-4.core3.fmt2.he.net (184.105.222.89) 5.703 ms 5.713 ms 5.754 ms 10 10ge13-1.core1.dal1.he.net (72.52.92.154) 52.915 ms 52.907 ms 52.784 ms 11 10ge5-4.core1.atl1.he.net (184.105.213.114) 68.772 ms 67.275 ms 72.290 ms 12 216.66.0.26 (216.66.0.26) 67.823 ms 67.850 ms 67.850 ms 13 * * * 14 Episode.IV (206.214.251.1) 110.994 ms 110.584 ms 111.633 ms 15 A.NEW.HOPE (206.214.251.6) 102.831 ms 102.303 ms 104.407 ms 16 It.is.a.period.of.civil.war (206.214.251.9) 108.896 ms 110.684 ms 107.936 ms 17 Rebel.spaceships (206.214.251.14) 108.432 ms 107.505 ms 109.568 ms 18 striking.from.a.hidden.base (206.214.251.17) 103.820 ms 102.783 ms 102.651 ms 19 have.won.their.first.victory (206.214.251.22) 107.829 ms 108.514 ms 108.358 ms 20 against.the.evil.Galactic.Empire (206.214.251.25) 107.802 ms 107.353 ms 107.497 ms 21 During.the.battle (206.214.251.30) 108.502 ms 107.985 ms 107.880 ms 22 Rebel.spies.managed (206.214.251.33) 102.999 ms 102.464 ms 102.536 ms 23 to.steal.secret.plans (206.214.251.38) 108.101 ms 113.706 ms 112.924 ms 24 to.the.Empires.ultimate.weapon (206.214.251.41) 107.596 ms 108.055 ms 119.066 ms 25 the.DEATH.STAR (206.214.251.46) 112.168 ms 111.662 ms 111.166 ms 26 an.armored.space.station (206.214.251.49) 105.732 ms 105.494 ms 106.297 ms 27 with.enough.power.to (206.214.251.54) 108.834 ms 109.528 ms 107.736 ms 28 destroy.an.entire.planet (206.214.251.57) 107.870 ms 107.867 ms 110.059 ms 29 Pursued.by.the.Empires (206.214.251.62) 109.832 ms 110.119 ms 112.715 ms 30 sinister.agents (206.214.251.65) 109.352 ms 110.958 ms 110.983 ms 31 Princess.Leia.races.home (206.214.251.70) 111.534 ms 111.016 ms 112.330 ms 32 aboard.her.starship (206.214.251.73) 108.570 ms 128.087 ms 108.076 ms 33 custodian.of.the.stolen.plans (206.214.251.78) 109.297 ms 109.776 ms 110.270 ms 34 that.can.save.her (206.214.251.81) 110.823 ms 109.709 ms 109.209 ms 35 people.and.restore (206.214.251.86) 110.261 ms 109.759 ms 108.125 ms 36 freedom.to.the.galaxy (206.214.251.89) 110.260 ms 111.117 ms 108.716 ms 37 0-----I-------I-----0 (206.214.251.94) 109.062 ms 110.542 ms 110.190 ms 38 0------------------0 (206.214.251.97) 109.723 ms 109.669 ms 112.456 ms 39 0-----------------0 (206.214.251.102) 106.741 ms 105.655 ms 105.650 ms 40 0----------------0 (206.214.251.105) 112.010 ms 109.254 ms 109.740 ms 41 0---------------0 (206.214.251.110) 110.121 ms 110.122 ms 109.994 ms 42 0--------------0 (206.214.251.113) 110.281 ms 110.150 ms 110.738 ms 43 0-------------0 (206.214.251.118) 112.629 ms 112.609 ms 112.608 ms 44 0------------0 (206.214.251.121) 112.339 ms 108.867 ms 109.257 ms 45 0-----------0 (206.214.251.126) 109.552 ms 110.438 ms 109.365 ms 46 0----------0 (206.214.251.129) 111.816 ms 110.646 ms 110.680 ms 47 0---------0 (206.214.251.134) 108.118 ms 106.542 ms 106.614 ms 48 0--------0 (206.214.251.137) 111.741 ms 112.223 ms 110.439 ms 49 0-------0 (206.214.251.142) 110.021 ms 109.803 ms 109.608 ms 50 0------0 (206.214.251.145) 110.122 ms 109.768 ms 110.814 ms 51 0-----0 (206.214.251.150) 112.316 ms 112.453 ms 113.440 ms 52 0----0 (206.214.251.153) 112.838 ms 110.547 ms 110.563 ms 53 0---0 (206.214.251.158) 109.496 ms 110.208 ms 110.158 ms 54 0--0 (206.214.251.161) 110.344 ms 109.762 ms 109.982 ms 55 0-0 (206.214.251.166) 113.431 ms 112.858 ms 112.903 ms 56 00 (206.214.251.169) 112.891 ms 113.369 ms 110.521 ms 57 I (206.214.251.174) 111.020 ms 110.464 ms 111.715 ms 58 By.Ryan.Werber (206.214.251.177) 112.876 ms 110.808 ms 110.818 ms 59 Blizzards.Breed.CCIE.Creativity (206.214.251.182) 109.873 ms 111.868 ms 111.936 ms 60 Please.Try.Again.Tracerote.to.obiwan.scrye.net (206.214.251.185) 111.939 ms 111.985 ms 113.548 ms 61 read.more.at.beaglenetworks.net (206.214.251.190) (Answer may not be exact) 116.719 ms * *