Advanced Computer Networks

Syllabus for Interview Questions

ACN Syllabus

Static Routing Table

• It is created, maintained and updated by a network admin manually.
• A static route to every network must be configured on every router for full connectivity → this provides a granular level of control over routing and is completely manageable on smaller networks.
• It also allows for simple routing and network segmentation tasks like inter-VLAN routing.
• This allows network segmentation to isolate certain broadcast domains, while still allowing connectivity between those subnets.
• SR can be used for a default gateway or “router of last resort” to tell packets without routing information that “that router will give you directions on how to get where you want to go”.
• But SR is not fault tolerant, that is, any change to the routing infrastructure (link going down, new network added) required manual intervention → routers operating in pure static environment cannot seamlessly choose a better route if a link becomes unavailable.
• Simply stating, SR is great for networks that do not change.

Dynamic Routing Table

• Allows routers on the network to make intelligent decisions on which path is best to get data to a subnet/destination.
• It is created, maintained and updated by a routing protocol running on the router → this allows routers to dynamically choose a different / better path when there is a change in routing infrastructure.

Routing Information Protocol

• RIP defines a way for routers (which connect networks using the Internet Protocol or IP) to share information about how to route traffic among networks.
• RIP is classified by IETF or Internet Engineering Task Force as in IGP or Interior Gateway Protocol → one of several protocols for routers moving traffic around within a large autonomous system.
• Example: A single enterprise’s network that may be comprised of many separate local area networks or LANs linked through routers.
• Each RIP router maintains a routing table → which is a list of all the destinations (networks) it knows how to reach, along with the distance to that destination.
• RIP uses a Distance Vector Algorithm to decide which paths to put a packet on to get to its destination.
• It stores the distance for each network it knows how to reach in its routing table, along with the address of the “next-hop” router — another router that is one on the same network — through which a packet has to travel to get to that destination.
• If it receives an update on the route and the new path is shorter, it will update its table entry with the length and the next-hop address of the shorter path. If the new path is longer, it will wait through a “hold-down” period to see if later updates reflect higher value as well, and only update the table entry if the new, longer path is stable.
• Using RIP, each router sends its entire routing table to its closest neighbours every 30 seconds.
• The neighbours in turn will pass the information on to their nearest neighbours and so on, until all RIP hosts within a network have the same knowledge of routing paths, a state known as convergence.

Timers in RIP

Three timers used in RIP:

• Route Update Timers: The interval of time (~30 seconds) between periodic routing updates in which the router sends a complete copy of its routing table out to all neighbours.
• Expiration Timers: Determines the length of time that must elapse (~180 seconds) before a router checks if a route has become invalid. It comes to this conclusion if it hasn’t heard any updates about a particular route in that period. When this happens, the router sends updates to all its neighbours to let them know that the route is invalid.
• Garbage Timers: The amount of time (~180 seconds) during which the routing information is suppressed. Routes enter the hold-down state when an update packet is received indicating that the route is unreachable. This continues until an update packet is received with a better metric or until hold-down timer expires.

IGRP

• Interior Gateway Routing Protocol
• It is a proprietary protocol
• It was created to overcome the limitations of RIP → max hop count of only 15 and only a single routing metric → when used within larger networks.
• IGRP supports multiple metrics for each route → bandwidth, delay, load, reliability
• To compare two routes, these metrics are combined into a single metric using a formula (which can be adjusted through the use of pre-set constants).
• By default, the IGRP metric is a sum of the segment delays and the lowest segment bandwidth.
• IGRP uses protocol number 9 for communication.
• The maximum configurable hop-count for IGRP-routed packets is 255 (default 100).
• Routing updates are broadcasted every 90 seconds (by default).
• IGRP is a class-full routing protocol. Because the protocol has no field for a subnet mask, the router assumes that all sub-network addresses within the same Class A, Class B or Class C network have the same subnet mask as the subnet mask configured for the interfaces in question.
• This contrasts with classless routing protocols that can use variable length subnet masks.
• Class-full routing protocols are not preferred because they are wasteful of IP address space.

EIGRP

• Enhanced Interior Gateway Routing Protocol
• An advanced distance vector routing protocol that is used on a computer network (intra domain routing) to help automate routing decisions and configuration.
• The protocol was designed by Cisco Systems as a proprietary protocol, only available on Cisco routers.
• Partial functionality of EIGRP was converted to an open standard in 2013 as an IETF draft.
• EIGRP is used on a router to share routes with other routers within the same autonomous system (intra domain routing).
• Unlike other popular routing protocols like RIP, EIGRP only sends incremental updates, reducing the workload on the router and the amount of data that needs to be transmitted.
• In addition to the routing table, EIGRP uses the following extra tables to store information:
• Neighbour Table: It keeps a record of the IP addresses of routers that have a direct physical connection with this router. Routers that are connected to this router indirectly are not recorded in this table as they are not considered neighbours.
• Topology Table: It stores the routes that it has learned from neighbour routing tables. Unlike a routing table, the topology table does not store all the routes, but only the routes that are determined by EIGRP. Routes in the topology table are marked as “active” or “passive”. Passive indicates tht EIGRP has determined the path for the specific route and has finished processing. Active indicates that EIGRP is still trying to calculate the best path for the specific route.

IGMP

• Internet Group Management Protocol
• IGMP is a communication protocol that is used by hosts and adjacent routers on IPv4 networks to establish multicast group memberships and exchange membership status information.
• IGMP is an integral part of IP multicast.
• IGMP can be used for one-to-many networking applications like online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications.
• IGMP is used to exchange membership status information between the IP routers that support multicasting and members of multicast groups.
• Host membership in a multicast group is reported by individual member hosts, and membership status is periodically polled by multicast routers.
• Uses bare IP encapsulation
• IGMP messages are encapsulated and sent within IP datagrams.

IGMP Sent In IP Datagram

→ IGMP Message Type — — — — — — — — — — — — Type Description

• Host Membership Report — — — — — Sent by a host when a host joins a multicast group to declare membership in a specific host group. It is also sent in response to an IGMP membership query sent by a router.
• Host Membership Query — — — — — Used by a multicast router to periodically poll a network for group members.
• Leave Group— — — — — — — — — — Sent by a host when they leave a host group or they are the last member of that group on the network segment.

MLD

• Multicast Listener Delivery
• MLD is a communication protocol that is used by hosts and adjacent routers on IPv6 networks to establish multicast group memberships and exchange membership status information (for hosts and routers that support multicasting on a network segment).
• Host membership in a multicast group is reported by individual member hosts, and membership status is periodically polled by multicast routers.
• Uses ICMPv6 messaging

→ MLD Message Type — — — — — — — — — — — — Type Description

• Multicast Listener Query — — — — — Sent by a multicast router to poll a network segment for group members. Queries can be general (requesting group membership for all groups) or specific (requesting group membership for a specific group).
• Multicast Listener Report — — — — — Sent by a host when it joins a multicast group, or in response to an MLD Query sent by a router.
• Multicast Listener Done — — — — — — Sent by a host when it leaves a host group and might be the last member of that group on the network segment.

DVMRP

• It is an interior gateway protocol
• It is suitable for use within an autonomous system, but not between different autonomous systems.
• It is not currently developed for use in routing non-multicast datagrams, so a router that routes both multicast and unicast datagrams must run on two different routing processes.
• It is designed to be easily extensible and could be extended to route unicast datagrams.
• RIP was used as a starting point for the development of DVMRP because an implementation was available and distance vector algorithms are simple as compared to link-state algorithms.
• To allow experiments to traverse networks that do not support multicasting, a mechanism called “tunneling” was developed.
• The multicast forwarding algorithm requires trees based on routing information.
• This tree building needs more state information than RIP is designed to provide → so DVMRP is much more complicated in some places than RIP.
• DVMRP differs from RIP in one important way → RIP thinks in terms of routing and forwarding datagrams to a particular destination. The purpose of DVMRP is to keep track of the return paths to the source of multicast datagrams.
• To make explanation of DVMRP more consistent with RIP, the word “destination” is used instead of more proper “source” → but the reader must remember that datagrams are not forwarded to these destinations, but originate from them.

DVMRP Frame Format

SMTP

• It is a connection oriented, text based protocol in which a mail sender communicates with a mail receiver by issuing command strings and supplying necessary data over a reliable ordered data stream channel (typically a TCP connection).
• An SMTP connection consists of commands originated by a SMTP client (initiating agent, sender or transmitter) and corresponding responses from the SMTP server (the listening agent or receiver) so that the session is opened and session parameters are exchanged.
• A session may include zero or more SMTP transactions.
• An SMTP transaction consists of three command / reply sequences. They are:
• MAIL command → to establish the return address (return path, reverse path, bounce address, or envelope sender)
• RCPT command → to establish a recipient of this message. This command can be issued multiple times → one for each recipient. These addresses are also part of the envelope.
• DATA command → It is to signal the beginning of the message text → the content of the message, as opposed to its envelope. It consists of the message header and a message body separated by an empty line. DATA is actually a group of commands and the server replies twice: once to the DATA command proper (to acknowledge that it is ready to receive the text) and the second time after the end-of-data sequence (to either accept or reject the entire message).
• Besides the intermediate reply for DATA, each server’s reply can either be positive (2xx reply codes) or negative (permanent 5xx codes or transient 4xx codes).
• A reject is a permanent failure by an SMTP server.

SMTP Visual Representation

• The initiating host (the SMTP client) can either be an end-user’s email client (functionally identified as a MUA or mail user agent) or a relay server’s mail transfer agent or MTA, that is an SMTP server acting as an SMTP client, in the relevant situation, in order to relay mail.
• Fully capable SMTP servers maintain queues of messages for retrying message transmission that resulted in transient failures.
• A MUA knows the outgoing mail SMTP server from its configuration. An SMTP server acting as client, ie. relaying, typically determines which SMTP server to connect to by looking up to MX (Mail eXchange) DNS resource record for each recipient’s domain name.
• Conformant MTAs (not all) fall back to a simple A record in case no MX record can be found. Relaying servers can also be configured to use a smart host.
• An SMTP server acting as client initiates a TCP connection to the server on the “well-known port” designated for SMTP: port 25.
• MUAs should use port 587 to connect to an MSA.
• The main difference between an MTA and an MSA is that SMTP Authentication is mandatory for MSA only.

Optical Networking

• It is a means of communication that uses signals encoded onto light to transmit information among various nodes of a telecommunications network.
• They operate from the limited range of a LAN or WAN, which can cross metropolitan and regional areas all the way to national, international or transoceanic distances.
• It is a form of optical communication that relies on optical amplifiers, lasers or LEDs and wave division multiplexing (WDM) to transmit large quantities of data, generally across fibre-optic cables.
• Because it is capable of achieving extremely high bandwidth, it is an enabling technology for today’s internet and the communication of networks that transmit the vast majority of all human and machine-to-machine information.
• Components of an optical networking system include:
• Fibre: multi-mode or single-mode.
• Laser or LED light source.
• Multiplexer / Demultiplexer, also called mux / demux, filter or prism. These can include optical add / drop multiplexer (OADM) and reconfigurable optical add / drop multiplexer (ROADM).
• Optical Switch, to direct light between ports without an optical-electrical-optical conversation.
• Optical splitter, to send a signal down different fibre paths.
• Circulator, to tie in other components, such as an OADM.
• Optical amplifier.
• The capacity of fibre optic networks has increased in part due to improvements in components such as optical amplifiers and optical filters that can separate light waves into frequencies with less than 50 GHz difference, fitting more channels into a fibre.
• Using optical amplifiers, the capacity of fibres to carry more information was significantly increased with the introduction of WDM or wavelength division multiplexing → in the early 1990s.
• AT&T Bell Labs developed a WDM process in which a prism split a beam of light into different wavelengths, which could travel through a fibre simultaneously.
• The peak wavelength of each beam is spaced far enough apart that beams are distinguishable from each other → creating multiple channels within a single fibre.
• During signal regeneration, slight discrepancies in various frequencies introduce an intolerable level of noise in the information-bearing wavelength, making WDM impractical for long-distance fibre communications.

DiffServ

• Differentiated Services.
• It is a computer networking architecture that specifies simple, scalable and course grained mechanism for classifying and managing network traffic and providing QoS on modern IP networks.
• Example: DiffServ can be used to provide low-latency to critical network traffic such as streaming media while providing simple best effort service to non-critical services such as web traffic or file transfers.
• DiffServ specifies course-grained QoS system.
• It uses 6.bit DSCP (differentiated services code point) in the DS (differentiated services) field in the IP header for packet classification purposes.
• The DS field and ECN field replace the outdated IPv4 TOS field.
• It operates on the principle of traffic classification where each data packet is placed into a limited number of traffic classes rather than differentiating network traffic based on the requirements of an individual flow.

IntServ

• Integrated Services.
• It is an architecture that specifies the elements to guarantee quality of service or QoS on networks.
• Example: IntServ can be used to allow video and sound to reach the receiver without interruption.
• IntServ specifies a fine-grained QoS system.
• The idea of IntServ is that every router in the system implements IntServ → and every application that requires some kind of guarantee has to make an individual reservation.
• Flow specs describe what reservation is for, while RSVP is the underlying mechanism to signal it across the network.

TCP Tahoe

• TCP Tahoe is the simplest one out of the four variants (Tahoe, Reno, NewReno & SACK).
• It doesn’t have fast recovery.
• At congestion avoidance phase, it treats the triple duplicate ACKs same as timeout.
• When timeout or triple duplicate ACKs is received, it will perform fast retransmit, reduce congestion window (CWND) to 1, and enters slow-start phase.
• In TCP Tahoe → when a loss occurs, fast retransmit is sent → half of the current CWND is saved as slow start threshold (SSThresh) and slow start begins again from its initial CWND.
• Once the CWND reaches the SSThresh, TCP changes to congestion avoidance algorithm where → each new ACK increases the CWND by SS + SS/CWND → This results in a linear increase of CWND.

TCP Reno

• TCP Reno differs from TCP Tahoe at congestion avoidance.
• When triple duplicate ACKs are received, it will halve the congestion window, perform a fast retransmit, and enters fast recovery.
• If a timeout event occurs, it will enter slow-start, same as TCP Tahoe.
• TCP Reno is effective to recover from a single packet loss, but it still suffers from performance problems when multiple packets are dropped from a window of data.
• TCP Reno implements an algorithm called Fast Recovery → A fast retransmit is sent → half of the current CWND is saved as SSThresh and as new CWND → thus skipping slow start and going directly to Congestion Avoidance Algorithm.

TELNET

• It is an application layer protocol
• It is used on the internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection.
• User data is interspersed ‘in-band’ with Telnet control information in an 8-bit byte-oriented data connection over the TCP.
• It is a client-server protocol based on a reliable connection-oriented transport.
• Typically, this protocol is used to establish a connection to TCP port number 23 → where a Telnet server application or ‘telnetd’ is listening.
• Most implementations of Telnet have no authentication that would ensure communication is carried out between the two desired hosts and not intercepted in the middle.
• Several vulnerabilities have been discovered over the years in commonly used Telnet daemons.

telnetd

visual representation of telnet

World Wide Web Consortium

• The mission of W3C is to lead the web to its full potential by developing relevant protocols and guidelines.
• This is achieved primarily by creating and publishing Web standards.
• By adopting the web standards by W3C, hardware manufacturers and software developers can ensure their equipment and programs work with latest Web technologies.
• Example: most web browsers incorporate several W3C standards → which allows them to interpret the latest versions of HTML and CSS code.
• In addition, when browsers conform to W3C standards, it also helps web pages appear consistent across different browsers.
• Besides HTML & CSS standards, W3C also provides standards for images (PNG), audios and videos. The organisation also develops standards for Web applications, Web scripting and dynamic content.
• The W3C was founded in 1994 and has played a major role in the development of the Web since then.
• As web technologies continue to evolve, W3C continues to publish new standards.

ARQ

• Automatic Repeat Request or Automatic Repeat Queue
• It is an error-control method for data transmission that uses acknowledgements (messages sent by the receiver indicating that it has correctly received a data frame or packet) and timeouts (specified periods of time allowed to elapse before an acknowledgement is to be received) to achieve reliable data transmission over an unreliable service.
• If the sender does not receive an acknowledgement before the timeout, it usually retransmits the frame / packet until the sender receives an acknowledgement or exceeds a predefined number of retransmissions.
• Types of ARQ protocols:
• stop-and-wait ARQ
• go-back-n ARQ
• selective repeat / selective reject ARQ
• All three protocols are some form of sliding window protocol to tell the transmitter to determine which (if any) packets need to be retransmitted.
• These protocols reside in the Data Link or Transport Layer of the OSI model.

Connectionless Protocol

• It is similar to postal services → it carries the full address where the message (or letter) is to be carried out. Each message is routed independently from source to destination → The order of message sending can be different from the order received.
• The data is transferred in one direction from source to destination without checking that destination is there or not, or if it prepared to accept the message → authentication is not needed in this.
• Example: UDP
• It is message based.

Connection-Oriented Protocol

• There is a sequence of operations to be followed by the users of connection oriented service → connection is established, information is sent, connection is released.
• We have to establish a connection before starting the communication → When the connection is established, we send the message or the information and then we release the connection → authentication is needed here.
• It is more reliable than connectionless service → We can resend the message in connection-oriented service if there is an error at the receiver’s end.
• Example: TCP
• It is stream based.

FTP

• file transfer protocol
• It is a standard network protocol used to transfer computer files between a client and server on a computer network.
• It is built on a client-server model architecture and uses separate control and data connections between the client and the server.
• The FTP server can be configured to require or not require authentication (user id and password will be required or the user may login anonymously).
• In case of required authentication (id and password), FTP secures the user data using SSL/TLS (known as FTPS).
• SFTP (SSH File Transfer Protocol) is sometimes also used instead, but the underlying implementation is different.
• FTP may run in active or passive modes which determines how the data connection is established. In both cases, the client creates a TCP control connection from a random port N to the FTP server port 21.
• In active mode, the client starts listening for incoming data connections from the server on port M. By default, M=N. The server then initiates a data channel to the client from its port 20 (the FTP data port).
• In passive mode, the client is behind a firewall and unable to accept incoming TCP connections. The client uses the TCP control connection to send PASV command to the server to receive a server IP address and port number, which it will now use to open a data connection from an arbitrary client port to the server IP address and port number.

Big Data

• Big data is a term used for data sets that are so large or complex that traditional data processing applications are inadequate.
• Challenges include analysis, capture, data curation, search, sharing, storage, transfer, visualisation, querying and information privacy.
• It refers to using predictive analytics or certain other advanced methods to extract value from data.
• Accuracy in big data may lead to more confident decision making → and better decisions result in greater operational efficiency, cost reduction and reduced risk.
• Big data helps in analysis of large data sets used by scientists, business executives, practitioners of medicine, advertising and governments.
• The definition of BIG DATA can be given in the form of 3 V’s:
• Volume → Technologies like Hadoop help to ease the burden of storing large volumes of data gathered from business transactions, social media, information from sensors, or machine-to-machine data.
• Velocity → Torrents or streams of data must be dealt in near-real time, that is, at an unprecedented speed.
• Variety → All types of data must be handled as data comes in all formats → structured (numeric data in traditional databases) or unstructured (text documents, emails, videos, audios, etc).
• Two additional dimensions add to the definition of BIG DATA nowadays:
• Variability → Trending topics in social media can drive periodic peaks in the data. Daily, seasonal and event-triggered peak data loads can be challenging to manage. Unstructured data only adds to the challenge.
• Complexity → Multiple sources of data makes it difficult to link, match, cleanse and transform data across systems.

ARP

• address resolution protocol
• translates IP address to hardware / MAC address.

RARP

• reverse address resolution protocol
• translates hardware / MAC address to IP address.

NFS

• network file system
• It is a distributed file system protocol → originally developed by Sun Microsystems in 1984 → allowing a user on a client computer to access files over a computer network much like local storage is accessed.
• NFS builds on the ONC RPC or open network computing remote procedure call → allowing anyone to implement the protocol.
• Three versions of NFS:
• NFSv2 → old and widely supported; less robust error handling;
• NFSv3 → supports safe asynchronous writes; more robust error handling;
• NFSv4 → works through firewalls and on the internet; does not require RPC bind service; supports ACLs; utilises stateful operations;
• All versions of NFS can use TCP running over an IP network (with NFSv4 compulsively requiring it).
• NFSv2 & NFSv3 can use UDP running over an IP network to provide a stateless network connection between the client and the server.

BGP

• border gateway protocol
• It is a standardised exterior gateway protocol designed to exchange routing and reachability information among autonomous systems AS over the internet.
• It is a path vector protocol (but in exceptional cases it can be DVR protocol).
• It makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator.
• When BGP is used between peers of the same autonomous system, it is called Interior BGP or iBGP.
• When used between peers of different autonomous systems (or over the Internet), it is called Exterior BGP or eBGP.
• BGP neighbours are called peers.
• Routers on the boundary of one AS exchanging information with another AS are called border or edge routers or simply eBGP peers.
• Filtering the routes which are learned from peers, their transformation before redistribution to peers, or before plumbing them into the routing table is typically controlled via route-maps mechanism → these are rules which allow the application of certain actions to routes matching certain criteria on either on either ingress or egress path.
• It is usually the responsibility of the AS admin to provide the desired route-map configuration on a router supporting BGP.

SONET

• synchronous optical networking
• It is a standardised digital communication protocol used to transmit large volume of data using a fibre optic medium.
• With SONET, multiple digital data streams are transferred at the same time over optical fibre using LEDs and laser beams.
• It supports multiple data streams at the same time.
• In packet-oriented networks, a single packet consists of two parts: the data header and the payload. During transmission, the data header is transmitted first and then the payload is transmitted.
• But with SONET, the header is termed as overhead and is not transmitted before the payload. Instead, it is interwoven with the payload during the process of transmission. The transmission alternates between overhead and payload until the completion of the transmission process.

SONET Architecture (layered)

SONET’s layered architecture includes four functional layers: physical (optical) layer, section layer, a line layer, and a path layer.

These correspond to both physical and data link layers.

SONET architecture (layered)

• Path layer → (data link layer) It is responsible for the movement of a signal from an optical source to its optical destination. At optical source, the signal is changed from electronic to optical, and at optical destination, vice versa happens.
• Line layer → (data link layer) Responsible for movement of a signal across a physical line.
• Section layer → (data link layer) Responsible for movement of a signal across a physical section. It handles framing, scrambling and error control.
• SONET regenerator → (data link layer) It is the repeater that takes a received optical signal and regenerates it.
• Photonic layer → (physical layer) It includes physical specifications for the optical fibre channel, the sensitivity of the receiver, multiplexing functions, etc.

Role of ICMP

• internet control message protocol
• It is one of the main protocols of the internet protocol suite → it is used by network devices (like routers) to send error messages indicating, for example, that a requested service is not available, or that a host or router could not be reached.
• ICMP can also be used to relay query messages.
• It is assigned protocol number 1.
• ICMP differs from TCP & UDP in that it is not typically used to exchange data between systems, nor is it regularly employed by end user network applications.

PIM

• protocol independent multicasting
• It is a family of multicast routing protocols for IP networks that provide one-to-many distribution of data over a LAN, WAN or the Internet.
• It is “protocol independent” because PIM does not include its own topology discovery mechanism, but instead uses routing information supplied by other routing protocols.
• Four variants of PIM:
• PIM Sparse Matrix (PIM SM) →
• PIM Dense Matrix (PIM DM) →
• Bidirectional PIM (B PIM) →
• PIM Source-Specific Multicast (PIM SSM) →

Error Messages In ICMP

• Destination Unreachable
• Packet Too Big
• Time Exceeded
• Parameter Problem

WHOIS

• It is a query and response protocol that is widely used for querying database that stores the registered users or assignees of an Internet resource such as a domain name, an IP address block, or an autonomous system, but is also used for a wider range of other information.
• The protocol stores and delivers database content in a human-readable format.
• It is implemented on the NCP or the network control program → but found its major use when the TCP/IP suite was standardised across the ARPANET and later, the Internet.
• It uses command line to send query → a singe command line ending with <CRLF> → The information is received in response to the command line, and the server closes connections as soon as the output is finished.

XaaS

• It is a term used to describe a new type of cloud service — the one that makes used of IaaS, PaaS and SaaS, all neatly delivered into one single package.
• Such packages are intended to fully displace the delivery of commodity IT service.
• Example: DaaS (desktop as a service)
• XaaS is one of the products that can completely displace a commodity service that is delivered by corporate IT today.

Finger

• It is a networking tool and one of the earliest computer network programs that enabled a user to view another user’s basic information when that user used the same computer system or was logged on in the same network.
• The program could determine user identity through an email address and determine whether that user is currently logged in, as well as the status of their log sessions.
• It was created by Les Earnest in 1971 and later became a standard part of BSD UNIX, and was commonly used by Windows users.
• This was later interfaced by David Zimmerman in 1977 with the name program to become the Name / Finger Protocol.
• To be able to finger another Web user, the program must be installed in the user’s computer or access a finger gateway and type of user’s email address. The server at the other end must be able to handle finger requests too.

TCP

• Acronym for → Transmission Control Protocol
• Connection → Connection-oriented protocol
• Function → The message makes its way across the internet from one computer to another (connection-based protocol).
• Usage → Suitable for applications that require high reliability and transmission time is relatively less critical.
• Use by other protocols → HTTP, HTTPs, FTP, SMTP, Telnet
• Ordering of data → It rearranges data packets in the order specified.
• Speed of transfer → Slower than UDP.
• Reliability → There is absolute guarantee that the data transferred remains intact and arrives in the order in which it was sent.
• Header size → 20 bytes header size

UDP

• Acronym for → User / Universal Datagram Protocol
• Connection → Connection-less protocol
• Function → It is also a protocol used in message transport or transfer, but it is not connection based → one program can send a load of packets to another and that will be the end of that relationship.
• Usage → Suitable for applications that need fast, efficient transmission (ex. games). UDP is stateless in nature, so it is also useful for servers that answer small queries for a huge number of clients.
• Use by other protocols → DNS, DHCP, TFTP, SNMP, RIP, VoIP
• Ordering of data → It has no inherent order as all packets are independent of each other. If order is required → it has to be managed separately by the application layer.
• Speed of transfer → Faster than TCP because there is no error checking for packets.
• Reliability → There is no guarantee that the message or packets sent would reach at all.
• Header size → 8 bytes header size

Two Types Of Routing

• Inter-domain Routing: (between domains) A routing protocol that has been setup between two or more different networks.
• These are usually called AS or Autonomous Systems.
• Examples: BGP
• Intra-domain Routing: (within a single domain) Any routing on your own network.
• Examples: OSPF, RIP, EIGRP

OSPF For IPv4 & IPv6

→ SIMILARITIES

• both are link-state IGPs or Interior Gateway Routing Protocols.
• both use a 2-level hierarchy with area 0.0.0.0 at the core.
• both use area border routers or ABRs and autonomous system boundary routers or ASBRs.
• both use shortest path first or SPF calculation within each area using Edsger Dijkstra’s SPF algorithm.
• they both have same LSA flooding and ageing timers.
• 5 common protocol packet names: Hello, DBD (database description), LSR (link-state request), LSU (link-state update), LSA (link-state acknowledge).
• both use similar interface types: Broadcast, P2P, P2MP, NBMA, Virtual-links.

→ DIFFERENCES

• OSPFv2 for IPv4 only → OSPFv3 for IPv6 or both IPv4 & IPv6
• OSPFv3 introduces new LSA types, uses different flooding scope bits (U/S2/S1), runs per-link rather than per-subnet, supports multiple instances on a single link, uses multicast addresses
• OSPFv3 Neighbour Authentication is done with IPSec
• OSPFv2 Router Id (RID) must be manually configured (a 32-bit number).

Port

• It is a number used by a particular software to identify its data coming from the internet.
• Each software like skype, chrome, youtube has their own port number, and thats how they know which internet data is for themselves.
• Ports provide means of internal addressing to a machine. The primary purpose is to allow multiple processes to send and receive data over the network without interfering with other processes (their data).
• All sockets are provided with a port number.

Socket

• An application consists of a pair of processes (client-server) which communicate over the network. These processes send and receive messages → into and from the network through a software interface called socket.
• IP address and port together is called a socket.
• It is used by another computer’s particular software to send data to one particular computer’s particular software.
• IP address is used to identify the computer and port number is used to identify the software.

DVR

• distance vector routing
• examples: RIP, IGRP, BGP
• Entire routing table sent as an update.
• Sends periodic updates (every 30 or 90 seconds).
• Updates are broadcasted.
• Updates sent only to directly connected neighbours.
• Routers don’t have end-to-end visibility of entire network.
• It is prone to routing loops.
• Loop avoiding mechanisms used: max hop count, split horizon, route poisoning, hold down timer.
• It has slow convergence (due to periodic updates).

LSR

• link state routing
• examples: OSPF, IS-IS
• Updates are incremental → entire routing table NOT sent as an update.
• Updates are triggered → not periodic.
• Updates are multicasted.
• Updates are sent to directly connected neighbours as well as entire network.
• Routers have end-to-end visibility of entire network.
• No routing loops.
• Fast convergence because of triggered updates.

Fragmentation

• It is the process of dividing larger chunks of data into smaller chunks.
• It is usually performed at the hardware level. When data is chopped into fragments, it is referred to as a frame.
• Fragmentation occurs so that data can be transmitted across a connection without overwhelming the memory buffers on either side of the connection.
• It allows for the coordination of data transmission amongst devices connected to a common transmission medium.

Assembly

• It is the reverse of segmentation → protocol data units (PDUs) are put back together in the correct order to reassemble a stram of data in its original form.

Supernetting

• It is the process of combining smaller ranges of addresses into larger space.
• It was devised to make the routing process more convenient.
• It also reduces the size of routing table information so that it could consume less space in the router’s memory.
• Well-defined method of super-netting is CIDR.

basic → combines small networks into a large network

procedure → number of host bits are increased

mask bits are moved towards → left of the default mask

implementation → CIDR

purpose → to simplify and fasten the routing process

Subnetting

• It is the process of partitioning a large network into smaller networks.
• Well-defined methods of subnetting are FLSM and VLSM.

basic → dividing a network into smaller networks

procedure → number of bits of network addresses are increased

mask bits are moved towards → right of the default mask

implementation → VLSM

purpose → used to reduce the address depletion

Class-full vs Classless Addressing

• Classless addressing: Allows us to use Variable Length Subnet Masks (VLSM).
• Different subnet masks are used in the same network.
• In this, there is no boundary on the host id as well as network id.
• Classless addressing is also called CIDR.
• There is no default subnet mask in classless routing.
• Class-full addressing: IP address is divided into the network ID as well as the host ID.
• The same subnet mask is used in complete network.

DHCP / BOOTP

• DHCP/Bootp is used to download configuration data from a DHCP or Bootp server respectively to the Hub.
• Bootp — A bootp server requires some configuration → it allows devices to obtain its configuration information (like IP address, Subnet Mask), in one message, reducing the demand on the network.
• The Bootp protocol is designed for a network in which each host has a permanent network connection.
• Bootp Operation — When a bootp server receives a request, it searches its bootp database for a record entry that matches the MAC address in the bootp request from the hub. If the match is found, the configuration data in the associated DB record is returned to the hub.
• In contrast to DHCP, bootp configurations are always the same for each receiving device.
• DHCP — The dynamic host configuration protocol manages the allocation of TCP/IP configuration information by automatically assigning IP addresses.
• With DHCP, you can configure the hub to automatically retrieve the IP address with no configuration required on either the hub or the DHCP server. In dynamic mode, the address is used by the device for a specific period of time.
• DHCP operation — IP address assignment from a DHCP server is automatic, requiring no configuration of the DHCP server (even though due to this, the address is temporarily leased).
• Periodically, the hub may be required to renew its lease of the IP configuration.

Silly Window Syndrome & Its Solutions

• SWS is a problem that can arise in poor implementation of TCP when the receiver is only able to accept a few bytes at a time or when the sender transmits data in small segments repeatedly.
• The resulting number of small packets or ‘tiny-grams’ on the network can lead to a significant reduction in network performance and can indicate an overloaded server or sending application that is limiting throughput.
• On the sender’s side, SWS can be caused by an application that only generates very small amounts of data to send at a time. Even if the receiver advertises a large window, the default behaviour for TCP would be to send each individual small segment instead of buffering the data as it comes in and sending it in one larger segment.
• Nagle’s Algorithm is used to deal with SWS, but the algorithm is still largely misunderstood and requires some tuning and optimisation to make it work correctly in most environments.
• Here’s what happens in TCP transaction when you have Nagle’s algorithm turned on:
• → the first segment is sent regardless of size
• → if the receiving window and the data to send are at least the maximum segment size or MSS, a full MSS segment is sent.
• → else, if the sender is still waiting on the receiver to acknowledge previously sent data, the sender buffers its data until it receives an acknowledgement and then sends another segment.
• → if there is no unacknowledged data, any available data is sent immediately.
• While Nagle’s Algorithm increases bandwidth efficiency (advantage), it impacts latency by introducing a delay (disadvantage) → since only one segment is sent per round trip time.
• Applications that require data to be sent immediately, usually require Nagle’s Algorithm to be turned off (disadvantage).

Elements Of A Social Network

• A social network is a social structure made up of a set of social actors (ex. individuals/organisations), sets of dyadic ties, & other social interactions b/w actors.
• The essential elements to keep in mind when building a social network —
• Registration Form: Keep the registration form as simple as possible and the registration process as seamless as possible.
• Profile and Feed: Ideally, this will be the most viewed page o your website. *explain its importance*
• Easy Interaction Between Users: The success of a social network application is based on the conversations between its users.
• UI: *explain importance of user interface*
• Ability To Import Users From Other Sites: → leads to viral growth, or the network effect occurs.
• Search: The application should have the functionality to search through users, communities, etc. Ideally, the user could be suggested the networks they might be interested in.

Unicast

• one-to-one
• traffic is sent from one host to another → a replica of each packet in the data stream goes to every host that requests it.

Multicast

• one-to-several
• It lets server’s direct single copies of data streams that are then simulated and routed to hosts that request it.

Broadcast

• one-to-all
• Here, traffic streams from a single point to all possible endpoints within the reach of the network, which is generally LAN. This is the easiest technique to ensure traffic reaches to its destination.

Leaky Bucket Algorithm For Congestion Control

• It is used to convert unregulated flow of network traffic into regulated flow of incoming packets.
• It is a method of temporarily storing a variable number of requests and organising them into a set / constant rate output of packets in an asynchronous transfer mode (or ATM) network.
• It is used to implement traffic policing and traffic shaping in Ethernet and cellular data networks.
• The algorithm can also be used to control metered bandwidth internet connections to prevent going over the allotted bandwidth for a month, thereby avoiding extra charge.
• *explain the diagram*

Leaky Bucket with water and packets

Queue Analysis

• Queueing theory is a mathematical study of waiting lines or queues.
• In queueing theory, a model is constructed so that queue lengths and waiting time can be predicted.
• It is generally considered a branch of operations research because the results are often used when making business decisions about the resources needed to provide a service.

On-Demand/Cloud Computing

• Cloud computing is shared pools of configurable computer system resources and higher-level services that can be rapidly provisioned with minimal management effort, often over the Internet.
• Cloud computing relies on sharing of resources to achieve coherence and economies of scale, similar to a public utility.
• Third-party clouds enable organisations to focus on their core businesses instead of expending resources on computer infrastructure and maintenance.
• Advocates note that cloud computing allows companies to avoid or minimise up-front IT infrastructure costs.
• Proponents also claim that cloud computing allows enterprises to get their applications up and running faster, with improved manageability and less maintenance, and that it enables IT teams to more rapidly adjust resources to meet fluctuating and unpredictable demand.
• Cloud providers typically use a “pay-as-you-go” model, which can lead to unexpected operating expenses if administrators are not familiarised with cloud-pricing models.

Query Reporting In ICMP

• These are messages used to let devices exchange information, implement certain IP-related features, and perform testing.
• They do not indicate errors and are typically not sent in response to a regular datagram transmission.
• They are generated either when directed by an application, or on a regular basis to provide information to other devices.
• An informational ICMP message may also be sent in reply to another informational ICMP message.

ARPANET

• advanced research project agency network
• It was the network that became the basis for the internet.
• It was based on a concept first published in 1967 → ARPANET was developed under the direction of US ARPA.
• In 1969, the idea became a reality with the interconnection of four university computers.

Limitations Of IPv4

• Security of IPv4 addresses → IPv4 addressing system uses 32-bit address space → it is further classified to usable A, B, C classes → allows for 4,294,967,296 IPv4 addresses, but previous and current address allocation practices limits the number of available public IPv4 addresses.
• Security related issues → IPSec or internet protocol security enables network security by protecting the data being sent from being viewed or modified. For IPv4, IPSec is not built in, and is optional.
• Address configuration related issues → Networks and Internet is expanding and many new devices are using IP. The configuration of IP addresses (static or dynamic) should be simple.
• QoS → Quality of Service is available in IPv4 that relies on only the 8-bits of the IPv4 Type of Service (TOS) field and the identification of the payload.

Types Of Addresses IPv6 Allows

• IPv6 has three types of addresses:
• unicast addresses → a packet is delivered to one interface.
• multicast addresses → a packet is delivered to multiple interfaces.
• any cast addresses → a packet is delivered to the nearest of multiple interfaces (in terms of routing distance).
• IPv6 does not use broadcast messages. Unicast and any cast addresses must have the following scopes (for multicast addresses, scope is built in):
• link-local → the scope is the local link (nodes on the same subnet).
• site-local → the scope is the organisation (private site addressing).
• global → the scope is global (IPv6 internet addresses).

OSPF Packet Format & Salient Features

• open source shortest path first
• It is one of the two link-state routing protocols.
• One of the most widely used interior gateway protocol in a large enterprise.
• Supports IPv4, IPv6 networks, CIDR and VLSM addressing models.
• OSPF detects topology changes like converges and link features on the new loop-free routing structure in a fraction of a second.

OSPF Packet Format

• type → specifies OSPF packet type.
• packet length → total length of an OSPF packet.
• area ID → 32 bit area ID assigned to an interface sending an OSPF packet.
• authentication type → it is the authentication type.
• checksum → it is the standard IP checksum of the OSPF packet, excluding authentication field.
• router ID → it is the router ID of an advertising router.
• To provide scalability, OSPF supports two important concepts: autonomous systems and areas.
• OSPF uses cost as a metric, which is the inverse of the bandwidth of a link.

Given An IP Address, Extract Net ID & Host ID

• Let’s assume IP address as: 198.7.3.8
• Since the IP address comes under the range of Class C addresses, in Class C addresses, the first 3 octets of 24 bits come in the part of NET ID, and the last octet of 8 bits comes in HOST ID.

Duties Of Transport Layer

• It is the 4th layer in the OSI reference model.
• It responds to service requests from Session Layer and issues service requests to Network Layer.
• It is responsible for delivering messages between hosts.
• In TL, data travels in the form of segments; TL is responsible for creating an end-to-end connection between source IP and destination IP.
• To establish this end-to-end connection, TL uses two major protocols: TCP (connection oriented) and UDP (connectionless) → (others include DCCP datagram congestion control protocol and SCTP stream control transmission protocol).
• duties:
• creating end-to-end connection between hosts in different networks.
• error recovery.
• flow control.
• ensuring complete data transfer in case of TCP.
• congestion avoidance.

Flow Control vs Error Control

• FC and EC are the control mechanisms of Data Link Layer and Transport Layer.
• These two mechanisms help in proper delivery of data sent between sender and receiver.
• Main difference: flow control observes proper flow of data from sender to receiver, while, error control observes that the data delivered to the receiver is error free and reliable.

Domain

• A domain name is an exclusive address of your website through which it is found by your target audience.
• The process of buying a domain name is called Domain Name Registration.
• As a domain registrar, BigRock has millions of domain name registrations to its credit.

Label & Syntax Rules

• Naming in DNS begins by giving each domain or node in the DNS namespace a text label.
• The label identifies the domain within the structure, and must follow the syntax rules:
• Length: Each label can theoretically be from 0 to 63 characters in length. In practice, a length of 1 to 20 characters is most common.
• Symbols: Letters, numbers and dash (-) symbols are allowed. No other punctuation is permitted (including underscore or _).
• Case: Labels are not case sensitive → Robin and robin are both permissible domain name labels (however, they are equivalent).
• Each label must be unique within its parent domain. Example, if we have TLD (top-level domain) as “rocks”, we can only have one subdomain within “rocks” called “robin”.

Domain Name

• The domain name system (DNS) is the way that internet domain names are located and translated into internet protocol (IP) addresses.
• The domain name system maps the name people use to locate a website to the IP address that a computer uses to locate a website.

domain naming system

PQDN

• If a label is not terminated by a null string, it is called a partially qualified domain name (PQDN).
• A PQDN starts from a node, but it does not reach the root.
• It is used when the name to be resolved belongs to the same site as the client.
• Here the resolver can supply the missing part, called suffix, to create an FQDN.

FQDN

• A fully qualified domain name (FQDN) is the complete domain name for a specific computer, or host, on the Internet.
• The FQDN consists of two parts: the hostname and the domain name.
• For example, an FQDN for a hypothetical mail server might bemymail.somecollege.edu → The hostname is my mail, and the host is located within the domainsomecollege.edu.

Virtual Circuit Approach vs Datagram Approach

Virtual Circuits :

1. It is connection-oriented simply meaning that there is a reservation of resources like buffers, CPU, bandwidth, etc. for the time in which the newly setup VC is going to be used by a data transfer session.
2. First packet goes and reserves resources for the subsequent packets which as a result follow the same path for the whole connection time.
3. Since all the packets are going to follow the same path, a global header is required only for the first packet of the connection and other packets generally don’t require global headers.
4. Since data follows a particular dedicated path, packets reach inorder to the destination.
5. From above points, it can be concluded that Virtual Circuits are highly reliable means of transfer.
6. Since each time a new connection has to be setup with reservation of resources and extra information handling at routers, its simply costly to implement Virtual Circuits.

Datagram Networks :

1. It is connectionless service. There is no need of reservation of resources as there is no dedicated path for a connection session.
2. All packets are free to go to any path on any intermediate router which is decided on the go by dynamically changing routing tables on routers.
3. Since every packet is free to choose any path, all packets must be associated with a header with proper information about source and the upper layer data.
4. The connectionless property makes data packets reach destination in any order, means they need not reach in the order in which they were sent.
5. Datagram networks are not reliable as Virtual Circuits.
6. But it is always easy and cost efficient to implement datagram networks as there is no extra headache of reserving resources and making a dedicated each time an application has to communicate.

Applications Of UDP

• Domain Name System or DNS
• Streaming media applications IPTV, i.e. watching TV on a computer system
• Trivial File Transfer Protocol or TFTP
• Voice over IP VoIP, i.e. using the network backbone and TCP/IP for telephone calls.

Fields In User Datagram Format

User Datagram Packet Format

Host ID vs Net ID

• Every IP address (even though it looks to be in four parts) is broken down into two segments…but those segments aren’t equal. Part of the IP address is used for “network ID, and the rest of the address is used for the “host ID.” The host ID would identify your network connection, for example.
• Most IP addresses fall into the following address classes:
• Class A addresses: The first 8 bits of the IP address are used for the network ID. The final 24 bits are used for the host ID.
• Class B addresses: The first 16 bits of the IP address are used for the network ID. The final 16 bits are for the host ID.
• Class C addresses: The first 24 bits of the IP address are used for the network ID. The final 8 bits are for the host ID.
• More bits lead to more combinations. As a math-minded person might guess, the Class A format provides a small number of possible network IDs and a huge number of possible host IDs for each network.

2 Way Handshaking

The TCP 3-way handshake works like this:

Client ------SYN-----> Server
Client <---ACK/SYN---- Server
Client ------ACK-----> Server

The TCP 2-way handshake works like this:

Client ------SYN-----> Server
Client <-----ACK------ Server

3 Way Handshaking

• To establish a connection, the three-way (or 3-step) handshake occurs:

1. SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment’s sequence number to a random value A.
2. SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received sequence number i.e. A+1, and the sequence number that the server chooses for the packet is another random number, B.
3. ACK: Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgement value i.e. A+1, and the acknowledgement number is set to one more than the received sequence number i.e. B+1.

• At this point, both the client and server have received an acknowledgment of the connection. The steps 1, 2 establish the connection parameter (sequence number) for one direction and it is acknowledged. The steps 2, 3 establish the connection parameter (sequence number) for the other direction and it is acknowledged. With these, a full-duplex communication is established.

three way handshake TCP

MOSPF

• multicast open shortest path first
• It is an extension of OSPF protocol that facilitates interoperation between unicast and multicast routers.
• It is becoming popular for propriety network multicasting and may even supersede RIP.
• Multicast information goes out in OSPF LSA or link state advertisements → this information allows a MOSPF router to identify active multicast groups and associated LANs.
• It uses both source and destination to send a datagram, based on information in the OSPF link state database about the autonomous system’s topology.
• MOSPF routers use the IGMP to monitor multicast group members on directly attached subnetworks.

Queue Management Algorithms

• An internet router typically maintains a set of queues (one per interface) that hold packets scheduled to go out on that interface.
• Previously, these queues (RED and SRED) used a drop-tail discipline → a packet is put onto the queue if the queue is shorter than its maximum size (measured in packets or bytes) and dropped otherwise.
• Active queue disciplines drop or mark packets before the queue is full → they operate by maintaining one or more drop / mark probabilities, and probabilistically dropping or marking packets even when the queue is short → (AQM or active queue management).
• Benefits of AQM:
• Drop-tail queues used to penalise bursty flows and cause global synchronisation between flows → By dropping packets probabilistically, AQM avoids both these issues.
• Drawbacks of AQM:
• Early AQM disciplines required careful tuning of their parameters in order to provide good performance → Modern AQM systems are self-tuning and can be run with their default parameters in most cases.

RSVP

• resource reservation protocol
• It is a set of communication rules that allow channels / paths on the Internet reserved for the multicast transmission of video and other high-bandwidth messages.
• It is part of the IIS / internet integrated services model, which ensures best-effort service, real-time service and controlled link-sharing.

DVMRP

• distance vector multicast routing protocol
• It is used for multicasting over IP networks without routing protocols to support multicast.
• It is based on RIP protocol but is more complicated than RIP.
• It maintains a link-state database to keep track of the return paths to the source of multicast packages.
• The DVMRP operates as follows:
• The first message for any source-group pair is forwarded to the entire multicast network, with respect to the time-to-live (TTL) of the packet.
• TTL restricts the area to be flooded by the message.
• All the leaf routers that do not have members on directly attached subnetworks send back prune messages to the upstream router.
• The branch that transmitted a prune message is deleted from the delivery tree.
• The delivery tree, which is spanning to all the members in the multicast group, is constructed.

DVMRP

Translation Process / Network Address Translation

• Network address translation (NAT) is a method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
• The technique was originally used as a shortcut to avoid the need to readdress every host when a network was moved. It has become a popular and essential tool in conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP address of a NAT gateway can be used for an entire private network.
• IP masquerading is a technique that hides an entire IP address space, usually consisting of private IP addresses, behind a single IP address in another, usually public address space.
• The address that has to be hidden is changed into a single (public) IP address as “new” source address of the outgoing IP packet so it appears as originating not from the hidden host but from the routing device itself.
• Because of the popularity of this technique to conserve IPv4 address space, the term NAT has become virtually synonymous with IP masquerading.
• As network address translation modifies the IP address information in packets, it has serious consequences on the quality of Internet connectivity and requires careful attention to the details of its implementation.
• NAT implementations vary widely in their specific behaviour in various addressing cases and their effect on network traffic.
• The specifics of NAT behaviour are not commonly documented by vendors of equipment containing NAT implementations.

Network Address Translation

• Static NAT also called inbound mapping, is the process of mapping an unregistered IP address to a registered IP address on a one-to-one basis. The unregistered or mapped IP address is assigned with the same registered IP address each time the request comes through. This process is particularly useful for web servers or hosts that must have a consistent address that is accessible from the Internet.
• Unlike static NAT that provides a permanent mapping between an internal address and a specific public address, dynamic NAT maps private IP addresses to public addresses. Dynamic NAT uses a pool of public addresses and assigns them on a first-come, first-served basis.

Need For Checksum Field In IPv4 / Why Does It Only Cover Header?

• The IPv4 header checksum is a simple checksum used in version 4 of the Internet Protocol (IPv4) to protect the header of IPv4 data packets against data corruption. This checksum is calculated only for the header bytes, is 16 bits long and is a part of the IP packet header.
• It only covers header because the data that generally follows the IP header only (like ICMP, TCP, etc) that have their own checksums.

NGN

• A next generation network is a packet-based network that can be used for both telephony and data and that supports mobility. Initially, the term Next Generation Network was used to refer to the transformation of the core network to IP. Sometimes a NGN is referred to as an all-IP network.
• The NGN is characterised by the following fundamental aspects:
• Packet-based transfer
• Separation of control functions among bearer capabilities, call/session, and application/ service
• Decoupling of service provision from network, and provision of open interfaces
• Support for a wide range of services, applications and mechanisms based on service building blocks (including real time/ streaming/ non-real time services and multi-media)
• Broadband capabilities with end-to-end QoS and transparency
• Interworking with legacy networks via open interfaces
• Generalised mobility
• Unrestricted access by users to different service providers
• A variety of identification schemes which can be resolved to IP addresses for the purposes of routing in IP networks
• Unified service characteristics for the same service as perceived by the user
• Converged services between Fixed/Mobile
• Independence of service-related functions from underlying transport technologies
• Compliant with all Regulatory requirements, for example concerning emergency communications and security/privacy, etc.

Frame Format Of IPv4

IPv4 packet format

Frame Format Of IPv6

IPv6 packet format

SNMP

• Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices and their functions.
• SNMP provides a common language for network devices to relay management information within single- and multivendor environments in a local area network (LAN) or wide area network (WAN).
• The most recent iteration of SNMP, version 3, includes security enhancements that authenticate and encrypt SNMP messages as well as protect packets during transit.
• While SNMP can be used in a network of any size, its greatest value is evident in large networks. Manually and individually logging into hundreds or thousands of nodes would be extremely time-consuming and resource-intensive.
• In comparison, using SNMP with an NMS enables a network administrator to manage and monitor all of those nodes from a single interface, which can typically support batch commands and automatic alerts.
• SNMP is described in the Internet Engineering Task Force (IETF) Request for Comment (RFC) 1157 and in a number of other related RFCs.

Split Horizon & Split Horizon With Poison Reverse

• RIP uses several different methods to avoid routing loops. Described below:-
• Counting to Infinity: If the next hop router to a particular prefix advertises the same route with a suddenly increased metric, It will accept the router and update its own metric. In case if the metric reaches infinity (16), that route will be discarded.
• Split Horizon: A router will refrain from advertising a route back out an interface where the same interface is listed as the routes outgoing interface.
• Split Horizon with Poisoned Reverse: In this case, a router A will advertise a route learned via a particular interface out on that same interface, but with infinite metric (16). This is done to help the neighbouring router B to be aware of the fact that apart from the already known route by B, there is no alternative route via A.

Design Issues Of Transport Layer

• Accepting data from Session layer, split it into segments and send to the network layer.
• Ensure correct delivery of data with efficiency.
• Isolate upper layers from the technological changes.
• Error control and flow control.

How IP Is Best Effort Delivery System

• In the TCP/IP protocol suite, TCP provides guaranteed services while IP provides best-effort delivery.
• TCP performs the equivalent of obtaining a delivery confirmation from the recipient and returning it to the sender.
• Because IP provided basic packet delivery services without guarantees, it is called a best-effort delivery service.
• It does its best to deliver packets to the destination, but takes no steps to recover packets that are lost or misdirected.

TCP Header Format

TCP frame format

VoIP

• Voice over Internet Protocol (VoIP), is a technology that allows you to make voice calls using a broadband Internet connection instead of a regular (or analog) phone line.
• Some VoIP services may only allow you to call other people using the same service, but others may allow you to call anyone who has a telephone number — including local, long distance, mobile, and international numbers.
• Also, while some VoIP services only work over your computer or a special VoIP phone, other services allow you to use a traditional phone connected to a VoIP adapter.
• VoIP services convert your voice into a digital signal that travels over the Internet. If you are calling a regular phone number, the signal is converted to a regular telephone signal before it reaches the destination.
• VoIP can allow you to make a call directly from a computer, a special VoIP phone, or a traditional phone connected to a special adapter. In addition, wireless “hot spots” in locations such as airports, parks, and cafes allow you to connect to the Internet and may enable you to use VoIP service wirelessly.

VoIP

PING Command

• PING (Packet INternet Groper) command is the best way to test connectivity between two nodes. Whether it is Local Area Network (LAN) or Wide Area Network (WAN).
• Ping use ICMP (Internet Control Message Protocol) to communicate to other devices. You can ping host name of ip address using below command.
• Ping uses the ICMP protocol’s mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams (“pings”) have an IP and ICMP header, followed by a struct timeval and then an arbitrary number of “pad” bytes used to fill out the packet.
• The ping command is one of the most often used networking utilities for troubleshooting network problems.
• You can use the ping command to test the availability of a networking device (usually a computer) on a network.
• When you ping a device you send that device a short message, which it then sends back (the echo).
• If you receive a reply then the device is working OK , if you don’t then:
• The device is faulty, disconnected, switched off, incorrectly configured.
• Your network or the device you are working on is not working properly.

Links in OSPF

• If any routing device on the backbone is not physically connected to the backbone, you must establish a virtual connection between that routing device and the backbone to connect the noncontiguous areas.
• To configure an OSPF virtual link through an area, you specify the router ID (IP address) of the routing devices at each end of the virtual link.
• These routing devices must be area border routers (ABRs), with one that is physically connected to the backbone. You cannot configure virtual links through stub areas.
• You must also specify the number of the area through which the virtual link transits (also known as the transit area).
• You apply these settings to the backbone area (defined by the area 0.0.0.0) configuration on the ABRs that are part of the virtual link.

Load Shedding Congestion Control Algorithm

• When congestion control mechanisms fail, load shedding is the only remaining possibility — drop packets.
• In order to ameliorate impact, applications can mark certain packets as priority to avoid discard policy (some applications have more stringent requirements than others).

QoS Mechanisms

• Expected network performance is an important criterion for a wide range of network applications.
• Some engineering techniques are available to guarantee Quality of Service (QoS).
• 4 parameters: reliability, delay, jitter, bandwidth.
• Jitter is the variation in packet arrival times: (a) high jitter (b) low jitter
• Techniques for GOOD QoS:
• Over-provisioning — more than adequate buffer, router CPU, and bandwidth (expensive and not scalable … yet).
• Buffering — buffer received flows before delivery — increases delay, but smoothes out jitter, no effect in reliability or bandwidth.
• Traffic Shaping — regulate the average rate of transmission and burstiness of transmission.
• “Buckets” — leaky bucket: finite internal queue (in a buffer), regulates outbound flow as well as inbound flow token bucket: finite internal queue (in buffer), variable to maximum outbound flow.
• Resource Reservation — reserve bandwidth, buffer space, CPU in advance.
• Admission Control — routers can decide based on traffic patterns whether to accept new flows, or reject/reroute them.
• Proportional Routing — different traffic types for same destination split across multiple routes.
• Packet Scheduling — fair queuing, weighted fair queueing.

Various Protocols Of Transport Layer

• UDP
• TCP
• SCTP — SCTP (Stream Control Transmission Protocol) is a protocol for transmitting multiple streams of data at the same time between two end points that have established a connection in a network.
• Sometimes referred to as “next generation TCP” (Transmission Control Protocol) — or TCPng, SCTP is designed to make it easier to support a telephone connection over the Internet (and specifically to support the telephone system’s Signalling System 7 — SS7 — on an Internet connection).

QoS in Optical Networking

• Active web documents are one of the three distinct types of documents that are viewable from within a web browser.
• It’s siblings include static and dynamic documents.
• The primary difference between those siblings and an active web document is that active document can change while you use it, without your assistance.
• New information such as fluctuating numerical values can be sent from the server into the document as you view it.

Why HTTP FTP SMTP POP3 Run On Top Of TCP & Not UDP

• all these are application layer protocols so they can run on both tcp and udp
• *explain abstraction in layers in osi model*
• but tcp is most sought after because of its advantages

Congestion Control

• congestion is an issue that arises in packet switched networks.
• it is a situation in which too many packets are present in a part of the subnet such that because of this, the performance degrades.
• congestion in a network may occur when the load on the network is greater than the capacity of the network.

concept of congestion

Congestion Control Types

Congestion control is the techniques and mechanisms which either prevent or remove congestion in networks.

OPEN LOOP CC → retransmission policy, window policy, acknowledgement policy, discarding policy, admission policy.

• policies are used to prevent congestion before it happens.
• retransmission policy — sender retransmits the packet if it feels that the packet it had send is lost or corrupted (however, this retransmission may increase congestion).
• window policy — selective reject window method is used for cc (which is preferred over go back n window → as in go-back-n, when a packet times out, several packets are resent, although some may have arrived safely at the receiver → this duplication makes congestion worse).
• acknowledgement policy — if the receiver does not acknowledge every packet it receives, it may slow down the sender and help prevent congestion.
• discarding policy — a router may discard less-sensitive packets when congestion is likely to happen.
• admission policy — it is a QoS mechanism which can prevent congestion in virtual circuit networks.

CLOSED LOOP CC → back pressure, choke packet, impact signalling, explicit signalling

• tries to remove congestion after it occurs.
• backpressure —

backpressure

• choke packet — congested router/node sends special packet (choke packet) to the source (and not previous node like in backpressure) to inform it of its congestion.

• implicit signalling —there is no communication between the congested node and the source. The source automatically assumes congestion in path when it does not receive acknowledgement for a long time.
• explicit signalling — the congested node explicitly send a signal to the source or destination to inform about the congestion.

Token Bucket

token bucket

Hierarchical Routing

routing

routing table

• In hierarchical routing, routers are classified in groups known as regions. Each router has only the information about the routers in its own region and has no information about routers in other regions. So routers just save one record in their table for every other region. In this example, we have classified our network into five regions.

routing regions

• If A wants to send packets to any router in region 2 (D, E, F or G), it sends them to B, and so on. As you can see, in this type of routing, the tables can be summarised, so network efficiency improves. The above example shows two-level hierarchical routing. We can also use three- or four-level hierarchical routing.

efficient routing table

SDH

• Synchronous Optical Networking (SONET) and Synchronous Digital Hierarchy (SDH) are standardised multiplexing protocols that transfer multiple digital bit streams over optical fibre using lasers or light-emitting diodes (LEDs). Lower data rates can also be transferred via an electrical interface.
• SONET generic criteria are detailed in Telcordia Technologies Generic Requirements document GR-253-CORE.Generic criteria applicable to SONET and other transmission systems are found in Telcordia GR-499-CORE.
• SONET and SDH, which are essentially the same, were originally designed to transport circuit mode communications from a variety of different sources, but they were primarily designed to support real-time, uncompressed, circuit-switched voice encoded in PCM format.
• The primary difficulty in doing this prior to SONET/SDH was that the synchronization sources of these various circuits were different. This meant that each circuit was actually operating at a slightly different rate and with different phase.
• SONET/SDH allowed for the simultaneous transport of many different circuits of differing origin within a single framing protocol. SONET/SDH is not itself a communications protocol per se, but a transport protocol.

Necessity Of Fragmentation

• Fragmentation is done by the network layer when the maximum size of datagram is greater than maximum size of data that can be held a frame i.e., its Maximum Transmission Unit (MTU). The network layer divides the datagram received from transport layer into fragments so that data flow is not disrupted.
• Since there are 16 bits for total length in IP header so, maximum size of IP datagram = 216–1 = 65, 535 bytes.
• It is done by network layer at the destination side and is usually done at routers.
• Source side does not require fragmentation due to wise (good) segmentation by transport layer i.e. instead of doing segmentation at transport layer and fragmentation at network layer, the transport layer looks at datagram data limit and frame data limit and does segmentation in such a way that resulting data can easily fit in a frame without the need of fragmentation.

Different Address Spacing In Class-full Addressing

Count To Infinity Problem

1. One of the important issue in Distance Vector Routing is County of Infinity Problem.
2. Counting to infinity is just another name for a routing loop.
3. In distance vector routing, routing loops usually occur when an interface goes down.
4. It can also occur when two routers send updates to each other at the same time.

• In the figure:
• Imagine a network with a graph as shown above in figure 4.8. As you see in this graph, there is only one link between A and the other parts of the network.
• Now imagine that the link between A and B is cut. At this time, B corrects its table. After a specific amount of time, routers exchange their tables, and so B receives C’s routing table.
• Since C doesn’t know what has happened to the link between A and B, it says that it has a link to A with the weight of 2 (1 for C to B, and 1 for B to A — it doesn’t know B has no link to A).
• B receives this table and thinks there is a separate link between C and A, so it corrects its table and changes infinity to 3 (1 for B to C, and 2 for C to A, as C said). Once again, routers exchange their tables.
• When C receives B’s routing table, it sees that B has changed the weight of its link to A from 1 to 3, so C updates its table and changes the weight of the link to A to 4 (1 for C to B, and 3 for B to A, as B said).
• This process loops until all nodes find out that the weight of link to A is infinity. This situation is shown in the table below. In this way, Distance Vector Algorithms have a slow convergence rate.
• One way to solve this problem is for routers to send information only to the neighbours that are not exclusive links to the destination. For example, in this case, C shouldn’t send any information to B about A, because B is the only way to A.