Computer Networks | Communication Networks

Introduction to Communication Networks
Smoke signals Bird messengers Horse messengers Postal communications
Telephones Wireless
communication Communication Networks
Ref. Book: Data Networks by Dimitri Bertsekas and Robert Gallager

Basic Communication Network
• Network with one central processor and a separate communication link to each device.
RJEs: Remote job entry points
 Separate communication link for each peripheral device
 Increase in the #peripheral devices and users
 Leads to more #communication links, higher space, power and cost
 Problem statement: Design the basic communication network with minimal #links, lower space, power and cost

Basic Communication Network
• Network with one central processor but with shared communication links to devices.
 Multiplexers: To collect the traffic from a set of peripheral devices or users in the same area and to send it on a
single link to the control processor/computer

Advantages of the Multiplexing and Traffic Grooming
 Better capacity utilization
 Lower #communication links
 Lower space, power and cost per bit
 Traffic Grooming: It is a process where small telecommunication services are groomed
in to the larger units and processed as a single entity. (e.g. 10x10 GbE LAN ->
1x100GbE LAN service)

Computer network with subnets
• General network with a subnet of communication links and nodes. External devices are connected to the subnet via links to the
subnet nodes.
Account/HR
subnet
Marketing
subnet
Engineering
subnet

Network of Networks
 Gateway/Edge routers
 Allow users of one network to send the data to the users of the other networks.
 Network of Networks
 Problem statement: Design LAN, MAN and WAN forming subnets & gateways
Account/HR
subnet
Marketing
subnet
Engineering
subnet

Commercial application of Communication Networks
 Data-centres:
 Central storage and remote access: Google drive
 Banking and financial services:
 Remote services
 E-mails
 Cloud computing and automation

Open System Inter connection (OSI) model

Physical Layer
 Defines rules by which bits are passed from one system to another on the Physical
communication channel/medium
 Provides physical interface for the transmission
 To provide a virtual link for transmitting the
sequence of bits between any pair of nodes joined by
the physical communication channel
 Such virtual links are also known as bit pipes
 Physical interface to map the incoming bits
from Data link layer into appropriate signals for
the transmission over the physical
channel/medium
 At the receiving maps the signal back in to bits

Data Link Layer
 Provides reliable and error free communication over the physical layer interface
 Breaks the outgoing data into frames and resembles the receiving frames
 Place overhead control bits called header at the beginning and trailer at the end of each packet
 Over Head bits determine errors in the transmission frames
 Handles the errors by implementing an acknowledgement and retransmission

The MAC sub-layer
 Medium Access Control (MAC): Requirement of an
intermediate layer to manage the multi-access link so that frames
can be sent by each node without constant interference from the
other nodes.
 Usually considered as the lower sub-layer of layer 2 (Data Link
Layer)
 The function of the MAC sub-layer is to allocate the multi-access
channel so that each node can successfully transmit its frames
without undue interference from the other nodes

Network Layer
 Routing, flow and congestion control
 When a frame enters a node or site from a communication
link, the bits in that frame pass through the physical layer to
the DL layer.
 The DL layer determines where the frame begins and ends,
and if the frame is accepted as correct, the DLC strips off the
DLC header and trailer from the frame and passes the
resulting packet up to the network layer.
 A packet consists of two parts, a packet header followed by
the packet body
 The network layer module uses the packet header of an
incoming packet, along with stored information (Source and
Destination addresses) to accomplish its routing, flow and
control functions.

Routing exercise
 Problem statement: Design the routing table for each router and identify the route for the
transmission

Internet sub-layer
 Standards for the routing and flow control protocols
 Despite of all standardization, different networks use different algorithm for routing and flow
control at the network layer
 Can’t connect different sub-networks together
 Solution:
 Create a new sub-layer called Internet sub-layer
 Several subnets can be combined by creating special nodes called Gateways between
them.
 A gateway connecting two subnets will interface with each Subnet through a network
layer module appropriate for that subnet.
 When a packet arrives at a gateway from one subnet, the corresponding network layer
module passes the packet body and subsidiary information about the packet to the
internet sub-layer
 Internet sub-layer plays a role in routing and flow control

Transport Layer
 Pair of peer process
 Break the messages in to packets of the transmitting end
 Reassemble the packets into the messages at Rx
 Buffering improves the sequential delivery of the packets
 Limited or shared buffer space between many virtual links can cause the buffer
overflow and results in the packet loss (Problem statement: Estimate the
optimal buffer size)
 Multiplexing/De-multiplexing:
 Multiplex several low-rate sessions/services which are originated from the
same source and going towards the same destination
 Also splits the high rate sessions in to multiple small sessions in case if the
network layer is not capable of handling that much of high data rate.
 End to end reliability:
 To handle the failures
 End to end flow control

Session Layer
 Session layer provides the mechanism for controlling the dialogue between two end systems
 Session layer creates, maintains, and terminates communication between devices on a network.
 Establishing the connection
 Maintaining the session
 Terminate the connection
 Dialog control
 Dialog separation
 Session is a logical communication channel that is created and maintained between two network
devices in order to transfer data.
 Access rights/Authorization check/Log-in-ID/Password
 Check points/Failure checks and Retransmission from the last check point
 E.g. Restore the web services
Ref. Book: Data Networks by Dimitri Bertsekas and Robert Gallager and online sources

Presentation Layer
 Presentation layer ensures
 Common format
 Data compression and decompression for better bandwidth
and storage utilization
 Translation and code conversation
 Data encryption/decryption and cryptography for security
 Application: Confidentiality in military communications
 Prevent messages from getting to the wrong recipients
 Prevent malfunctions
 Systematic information exchange between two sides

Application Layer
 Application layer interacts with application programs and is the highest level of OSI
model.
 Application layer contains management functions to support distributed applications.
 Examples of application layer are applications such as file transfer, electronic mail,
remote login etc.

Summary
Physical Layer
Physical Medium for the transmission
Data link Layer
Error free transmission, Medium Access Control (MAC) sub-L.
Network Layer
Routing, flow and congestion control, Internet sub-layer (L)
Transport Layer
Buffering, Multiplexing/De-multiplexing, E2E connections
Session Layer
Establish, Maintain, Terminate the connection, Access rights
Presentation Layer
Format, Compression/Decompression, Encryption/Decryption
Application Layer
functions to support applications

Circuit Switching and Packet Switching

Overview
 Networks interconnect multiple devices.
 We studied the Local Area Networks.
 Now, let’s go through wide area networks
 Circuit Switching: Communication via circuit switching implies that there is a dedicated communication
path between two stations
 Telephones: Circuit switching has been the dominant technique for the voice communications.
 Packet Switching: Data transmission in which a message is broken into small entities called packets
which are sent independently
 Since 1970, packet switching has evolved significantly for digital data communications. It was
designed to achieve the more efficiency than circuit switching for burst data traffic.
 Two types of packet switching:
 Connectionless Packet Switching/Datagram approach (such as today’s Internet)
 Connection-Oriented Packet Switching/Virtual circuit approach (such as Frame Relay, ATM)
Ref. Book: Data and Computer Communication by William Stallings

Switched Communications Networks
 Long distance transmission between
stations is typically achieved over a network
through switching nodes.
 Switching nodes do not concern with
content of data. Their purpose is to provide
a switching facility that will move the data
from node to node until they reach their
destination.
 A collection of nodes and connections
forms a communications network.
 In a switched communications network,
data entering the network from a station are
routed to the destination by being switched
from node to node.
Ref
Switching Nodes

Central offices with switching nodes
RJEs: Remote job entry points Ref

Circuit Switching
• Circuit switching:
– There is a dedicated communication path between two stations (end-to-end)
– The path is a connected sequence of links between network nodes. On each
physical link, a logical channel is dedicated to the connection.
• Communication via circuit switching has three phases:
– Circuit establishment (link by link)
• Routing & resource allocation (FDM or TDM)
– Data transfer
– Circuit disconnect
• Decommission the dedicated resources
• The switches must know how to find the route to the destination and
how to allocate bandwidth (channel) to establish a connection.

Circuit Switching Properties
• Inefficiency
– Channel capacity is dedicated for the whole duration of a connection
– If no data, capacity is wasted
• Delay
– Long initial delay: circuit establishment takes time
– Low data delay: after the circuit establishment, information is
transmitted at a fixed data rate with no delay other than the
propagation delay. The delay at each node is negligible.
• Developed for voice traffic (public telephone network) but
can also applied to data traffic.
– For voice connections, the resulting circuit will enjoy a high
percentage of utilization because most of the time one party or the
other is talking.
– But how about data connections?

Packet Switching Principles
• Problem of circuit switching
– designed for voice service
– Resources dedicated to a particular call
– For data transmission, much of the time the
connection is idle (say, web browsing)
– Data rate is fixed
• Both ends must operate at the same rate during the
entire period of connection
• Packet switching is designed to address these
problems.

Basic Operation
• Data are transmitted in short packets
– Typically at the order of 1000 bytes
– Longer messages are split into series of packets
– Each packet contains a portion of user data plus some
control info
• Control info contains at least
– Routing (addressing) info, so as to be routed to the intended
destination
• Store and forward
– On each switching node, packets are received, stored
(buffered) and passed on to the next node.
Buffering

Advantages of Packet Switching
• Line efficiency
– Single node-to-node link can be dynamically shared by
many packets over time
– Packets are queued up and transmitted as fast as possible
• Data rate conversion
– Each station connects to the local node at its own speed
• In circuit-switching, a connection could be blocked if
there lacks free resources. On a packet-switching
network, even with heavy traffic, packets are still
accepted, by delivery delay increases (Buffering).
• Priorities can be used
– On each node, packets with higher priority can be
forwarded first. They will experience less delay than
lower-priority packets.

Packet Switching Technique
• A station breaks long message into packets
• Packets are sent out to the network sequentially, one at a
time
• How will the network handle this stream of packets as it
attempts to route them through the network and deliver
them to the intended destination?
– Two approaches
• Connectionless Packet Switching/Datagram approach
• Connection-Oriented Packet Switching/Virtual circuit approach

Connectionless Packet Switching/Datagram approach
• Each packet is treated independently, with no
reference to packets that have gone before.
– Each node chooses the next node on a packet’s
path.
• Packets can take any possible route.
– Also, depends on the available link capacity.
• Packets may arrive at the receiver out of order.
• Packets may go missing.
• It is up to the receiver to re-order packets and
recover from missing packets.
• Example: Internet

Connection-Oriented Packet Switching/Virtual Circuit approach
• In virtual circuit, a preplanned route is
established before any packets are sent, then
all packets follow the same route.
• Each packet contains a virtual circuit
identifier instead of destination address, and
each node on the preestablished route knows
where to forward such packets.
– The node need not make a routing decision for
each packet.
• Example: X.25, Frame Relay, ATM

Virtual Circuit
• A route between stations is set
up prior to data transfer.
• All the data packets then follow
the same route.
• But there is no dedicated
resources reserved for the
virtual circuit! Packets need to
be stored-and-forwarded.

Virtual Circuits v Datagram
• Virtual circuits
– Network can provide sequencing (packets arrive at the
same order) and error control (retransmission between
two nodes).
– Packets are forwarded more quickly
• Based on the virtual circuit identifier
• No routing decisions to make
– Less reliable
• If a node fails, all virtual circuits that pass through that node fail.
• Datagram
– No call setup phase
• Good for bursty data, such as Web applications
– More flexible
• If a node fails, packets may find an alternate route
• Routing can be used to avoid congested parts of the network

Event Timing for Circuit Switching and Packet Switching

Comparison of communication switching techniques

Role of Data Link Layer in Error Detection
 Data link control (DLC) module knows where frames begin and end. The problem then is to
determine which of those frames contain errors
 Provide error-free packets to the next layer
 Extra bits must be appended to a packet to detect errors
 Note that the receiver cannot tell which bit is in error, nor how many errors occurred; it simply
knows that errors occurred because of the odd number of 1's
 Characters are mapped into strings of seven bits and then a parity check is appended as an
eighth bit

Single Parity Checks
 Total number of 1's in an encoded string (i.e., the original bit string plus the appended parity
check) is always even.
 If an encoded string is transmitted and a single error occurs in transmission, then, whether 1
is changed to 0 or 0 to 1, the resulting number of 1's in the string is odd and the error can be
detected at the receiver.
 Disadvantage:
 Limited to single error detection
 What if, two errors occurred?
 In general, any odd number of errors are detected and any even number are undetected.
 Single parity check is ineffective

Horizontal and Vertical Parity Checks
RJEs: Remote job entry points Ref. Book: Data Networks by Dimitri Bertsekas and Robert Gallager
Error detection
Error detection
Error detection

Parity Check Codes and Cyclic Redundancy Checks (CRC)

Parity Check Code
 The transformation from the string of data bits to the string of data bits and parity checks is
called a parity check code or linear code.
 A parity check code is defined by the particular collection of subsets used to generate parity
checks. Note that the word code refers to the transformation itself; we refer to an encoded bit
string (data plus parity checks) as a code word.

CRC encoder and decoder
RJEs: Remote job entry points Ref. Book: Data Communication and Networking by Forouzan

Parity Check Code
 K- length of the data string for a given parity check code
 L-the number of parity checks
 K +L is the frame length
 Objective: Detect the errors
 In the error-detection system, the frame is transmitted and
the receiving DLC module determines if each of the parity
checks is still the modulo 2 sum of the corresponding
subset of data bits. If so, the frame is regarded by the
receiver as error-free, and if not, the presence of errors is
detected.
 If errors on the link convert one code word into another,
the frame is regarded by the receiver as error-free, and
undetectable errors are said to have occurred in the
frame.

Parity Check Code
 Predict the probability of undetectable errors in a frame. Unfortunately, this is very difficult.
 As a result of these difficulties, the effectiveness of a code for error detection is usually
measured by three parameters:
1) the minimum distance of the code
2) the burst-detecting capability
3) the probability that a completely random string will be accepted as error-free
 The minimum distance of a code is defined as the smallest number of errors that can
convert one code word into another.
 As we have seen, the minimum distance of a code using a single parity check is 2, and the
minimum distance of a code with horizontal and vertical parity checks is 4.

Parity Check Code
 The length of a burst of errors in a frame is the number of bits from the first error to the last,
inclusive. The burst-detecting capability of a code is defined as the largest integer B such that
a code can detect all bursts of length B or less.
 The burst-detecting capability of the single parity check code is 1, whereas the burst-detecting
capability of a code with horizontal and vertical parity checks is 1 plus the length of a row.

Parity Check Code
Predict the probability of undetectable errors in a frame
 Random string of length K + L is meant that each such string is received with probability
 code words, the probability of an undetected error is the probability that the random string
is one of the code words; this occurs with probability of .

Cyclic Redundancy Checks
 The parity check codes used for error detection in most DLCs today are cyclic redundancy
check (CRC) codes. The parity check bits are called the CRC.
 L - the length of the CRC (number of check bits)
 K - the length of the string of data bits
 Indeterminate D can be thought of as keeping track of the bits; high-order terms are viewed as
being transmitted first.
 The CRC is represented as
 Transmitted frame:

Parity Check Code
 The CRC polynomial c(D) is a function of the information polynomial s(D), defined in terms of a
generator polynomial g(D); this is a polynomial of degree L with binary coefficients that specifies
the particular CRC code to be used.
 For a given g(D), the mapping from the information polynomial to the CRC polynomial c(D) is
given by
 The polynomial division above is just ordinary long
division of one polynomial by another, except that
the coefficients are restricted to be binary and the
arithmetic on coefficients is performed modulo 2.
Thus, for example, (1 + 1) modulo 2 = 0 and (0 - 1)
modulo 2 = 1. Note that subtraction using modulo 2
arithmetic is the same as addition.

Parity Check Code
 This long division can be implemented easily in hardware by the feedback shift register circuit

Division in CRC encoder

Division in the CRC decoder for two cases

Parity Check Code
 Let z(D) be the quotient resulting from dividing s(D)DL by g(D). Then, c(D) can be represented as
 Subtracting c(D) (modulo 2) from both sides of this equation and recognizing that modulo 2
subtraction and addition are the same, we obtain
 x(D) is transmitted and that the received sequence is represented by a polynomial y(D), where
x(D) and y(D) differ because of the errors on the communication link.
 Error sequence is represented as a polynomial e(D)
y(D) = x(D) + e(D)
 Where, as throughout this section, + means modulo 2 addition;
 Each error in the frame corresponds to a non zero coefficient in e(D) [i.e., a coefficient in which
y(D) and x(D) differ].
 At the receiver, remainder can be calculated as shown below

Parity Check Code
 This long division can be implemented easily in hardware by the feedback shift register circuit
 If no errors occur, then e(D) = 0 and the remainder above will be 0.
 The rule followed by the receiver is to decide that the frame is error-free if this remainder is 0 and to
decide that there are errors otherwise.
 When errors occur
 The receiver fails to detect the errors only if this remainder is 0; this occurs only if e(D), is itself some
code word. In other words, is undetectable if and only if

Parity Check Code
 If a double error occurs, say in positions i and j,
 From the argument above, Dj is not divisible by g(D) or by any factor of
g(D); thus, e(D) fails to be detected only if is divisible by g(D).
 For any binary polynomial
 g(D) of degree L, there is some smallest n for which is divisible
by g(D). It
 is known from the theory of finite fields that this smallest n can be no
larger than
 moreover, for all L > 0, there are special L-degree polynomials, called
primitive
 polynomials, such that this smallest n is equal to 2L - 1.

Parity Check Code
 Thus, if g(D) is chosen to be such a primitive polynomial of degree L, and if the frame length is restricted
to be at most , then cannot be divisible by g(D); thus, all double errors are detected.

Parity Check Code
• https://www.geeksforgeeks.org/modulo-2-binary-division/
• http://www.ritsumei.ac.jp/~piumarta/networks/notes/crc.pdf
• http://computing.dcu.ie/~humphrys/Notes/Networks/data.polynomial.html
• http://ecomputernotes.com/computernetworkingnotes/communication-networks/cyclic-redundancy-check

Parity Check Code
Some CRC polynomials that are actually used
•CRC-8: x8+x2+x+1
• Used in: 802.16 (along with error correction).
•CRC-CCITT:
•x16+x12+x5+1
• Used in: HDLC, SDLC, PPP Default
•IBM-CRC-16 (ANSI):
•x16+x15+x2+1
•802.3:
x32+x26+x23+x22 +x16+x12+x11+x10 +x8+x7+x5+x4+x2+x+1
• Append 32 bits to the message.
• Detects all bursts of length 32 or less.

Automatic Repeat Request (ARQ)
Objective: Detect frames with errors
and request the transmitting DLC
module to retransmit erroneous
frames.
Correctness: Does the protocol
succeed in releasing each packet,
once and only once, without errors,
from the receiving DLC?
Efficiency: How much of the bit-
transmitting capability of the bit pipe
is wasted by unnecessary waiting
and by sending unnecessary
retransmissions?

Stop-and-Wait ARQ
 Ensure that each packet has been received correctly before initiating transmission of the next packet.
 In transmitting packets from point A to B, the first packet is transmitted in the first frame, and then the
sender A waits for the acknowledgment (Ack).
 Thus, If the frame is error-free, B sends an Ack back to A; if the frame is an error frame, B sends a
negative acknowledgment (called a Nak) back to A.
 If an error-free frame is received at B, and the corresponding Ack frame to A is error-free, then A can
start to send the next packet in a new frame.
 Alternatively, detected errors can occur either in the transmission of the frame or the return Ack or
Nak, and in either case A resends the old packet in a new frame. Finally, if either the frame or the
return ack or nak is lost, A must eventually time-out and resend the old packet.

Stop-and-Wait ARQ
 Potential malfunction: Delay
 Case: Node A to time-out and resend a packet when the first transmission and/or the corresponding
Ack is abnormally delayed. If B receives both transmissions of the given packet correctly, B has no
way of knowing whether the second transmission is a new packet or a repetition of the old packet.
 B should simply compare the packets to
resolve this issue, but as far as the DLC layer
is concerned, packets are arbitrary bit strings
and the first and second packets could be
identical; it would be a violation of the principle
of layering for the DLC layer to rely on higher
layers to ensure that successive packets are
different.
 Solution: Use the sequence numbers

Stop-and-Wait ARQ
Solution: The simplest solution to this problem is for the sending DLC module (at A) to use
a sequence number in the frame header to identify successive packets.
Problem with the unnumbered
Acks: If Acks can get lost on the
return channel, and thus when B
gets the same packet correctly
twice in a row, it has to send a
new Ack for the second reception
(see Fig. 2.19). After transmitting
the packet twice but receiving
only one Ack, node A could
transmit the next packet in
sequence, and then on receiving
the second Ack could interpret
that as an Ack for the new
packet, leading to a potential
failure of the system.

Request numbers and Piggyback
 To avoid the problem with the unnumbered Acks, use request numbers and overcome the
ambiguities about which frame is being Acked
 Node B can request next awaited packet upon the receipt of each packet
 Piggyback: In many applications, there is another stream of data from B to A, and in this case,
the frames from B to A carrying requests for new A to B packets must be interspersed with
data frames carrying data from B to A. It is also possible to "piggyback" these requests for
new packets into the headers of the data frames from B to A (see Fig. 2.20).

Delay to avoid the retransmission

Algorithm: Pseudo code
 The algorithm at node A for A-to-B transmission:
1. Set the integer variable SN to 0.
2. Accept a packet from the next higher layer at A; if no packet is available, wait
until it is; assign number SN to the new packet.
3. Transmit the SNth packet in a frame containing SN in the sequence number field.
4. If an error-free frame is received from B containing a request number RN greater
than SN, increase SN to RN and go to step 2. If no such frame is received within
some finite delay, go to step 3.
1. Set the integer variable RN to 0 and then repeat steps 2 and 3 forever.
2. Whenever an error-free frame is received from A containing a sequence number
SN equal to RN, release the received packet to the higher layer and increment
RN.
3. At arbitrary times, but within bounded delay after receiving any error-free data
frame from A, transmit a frame to A containing RN in the request number field.
 The algorithm at node B for A-to-B transmission:

Correctness of stop and wait
 An algorithm is safe if it never produces an incorrect result, which in this
case means never releasing a packet out of the correct order to the higher
layer at B.
 An algorithm is live if it can continue forever to produce results (i.e., if it can
never enter a deadlock condition from which no further progress is
possible).

Correctness of stop and wait

State transition diagram

Go Back n-ARQ/sliding window ARQ protocol
Advantage: In contrast to stop-and-wait ARQ, several successive packets can be sent
without waiting for the next packet to be requested.
 It accepts packets only in the correct order and sends request numbers RN back to A;
the effect of a given request RN is to acknowledge all packets prior to RN and to
request transmission of packet RN.
 The go back number n >= 1 in a go back n protocol is a parameter that determines how
many successive packets can be sent in the absence of a request for a new packet.
 Specifically, node A is not allowed to send packet i +n before i has been acknowledged
(i.e., before i + 1 has been requested). Thus, if i is the most recently received request
from node B, there is a "window" of n packets, from i to i +n - 1, that the transmitter is
allowed to send.
 As successively higher-numbered requests are received from B, this window slides
upward; thus go back n protocols are often called sliding window ARQ protocols.

Operation of go back 7 ARQ with piggybacking

Sources of delay
 Even in the absence of transmission errors, there are several sources of delay between
the time that a packet is first assembled into a frame at A and the time when A receives
an acknowledgment of the packet.
Sources of delay:
 Transmission time of the frame
 Propagation delay
 Wait until the frame in transmission at Rx side is completed
 Transmission time of the frame carrying the acknowledgment
 Propagation delay in the reverse direction (B-to-A)

Effect of a transmission error on go back 4
 The second frame from A,
carrying packet 1, is received
in error at node B. Node B
continues to look for packet 1
and to transmit RN = 1 in
frames from B to A. Packets
2, 3, and 4 from A all arrive at
B in error-free frames but are
not accepted since node B is
looking only for packet 1.
 It would be more efficient for
node B to buffer packets 2, 3,
and 4, thus avoiding the
necessity for A to retransmit
them after packet 1 is finally
retransmitted. Such a
buffering strategy is called
selective repeat ARQ

Effect of transmission errors in the reverse direction for go back 4

Effect of delayed feedback for go back 4
 Impact of short frames in one direction and long frames in the other

 The transmitter uses two integer variables, SNmin and SNmax to keep track of its operations. SNmin
denotes the smallest-numbered packet that has not yet been acknowledged (i.e., the lower end of the
window).
 SNmax denotes the number of the next packet to be accepted from the higher layer. Thus the DLC layer
is attempting to transmit packets SNmin to SNmax - 1.
The go back n algorithm at node A for A-to-B transmission:
1. Set the integer variables SNmin and SNmax to 0.
2. Do steps 3, 4, and 5 repeatedly in any order. There can be an arbitrary but bounded delay between the
time when the conditions for a step are satisfied and when the step is executed.
3. If SNmax < SNmin + n, and if a packet is available from the higher layer, accept a new packet into the
DLC, assign number SNmax to it, and increment SNmax.
4. If an error-free frame is received from B containing a request number RN greater than SNmax , increase
SNmin to RN.
5. If SNmin < SNmax, and no frame is currently in transmission, choose some number SN, SNmin < SNmax;
transmit the SNth packet in a frame containing SN in the sequence number field. At most a bounded delay
is allowed between successive transmissions of packet SNmin over intervals when SNmin does not change.

The go back n algorithm at node B for A-to-B transmission:
1. Set the integer variable RN to 0 and repeat steps 2 and 3 forever.
2. Whenever an error-free frame is received from A containing a sequence number
SN equal to RN. release the received packet to the higher layer and increment
RN.
3. At arbitrary times, but within bounded delay after receiving any error-free data
frame from A, transmit a frame to A containing RN in the request number field.

Exercise
Problem statement: Considering the stop and wait protocol, for the given
communication link the link capacity is 100 kbps, the latency or propagation
delay is 40 ms, frame processing delay is 1 µs, frame transmission delay is
10 ms, frame size is 1 kbits.
What is the minimum wait duration?
What is the throughput or the maximum link capacity utilization of the
system?
In order to improve the throughput or link capacity utilization, we would
like to employ Go Back and N-ARQ protocol. What is the optimal
window size to achieve the maximum link capacity utilization? Assume
there are no errors or fame losses.

Exercises on sliding window protocols
http://home.deib.polimi.it/capone/fcn/E3-Error-and-flow-control.pdf

Correctness of go back n
 The safety property of the go back n algorithm is exactly the same as for
stop and wait. (Release/Deliver the packets in the correct order)
 To verify the liveness property, assume That i is the value of SNmin at
node A at a given time t1 (see Fig. 2.28). Let t2 be the time at which
packet i is received error-free and released to the higher layer at node B;
let t2 = Infinite) if this event never occurs.
 Similarly, let t3 be the time at which SNmin is increased beyond i and let t3
=Infinite, if this never occurs. We will show that t3 is finite and that t1 < t3
and t2 < t3.
 Hence the protocol is a live.

 Let RN(t) be the value of the variable RN at node B as a function of time t and let SNmin (t) be the
corresponding value of SNmin at node A.
 It is seen directly from the algorithm statement that SNmin(t) and RN(t) are non-decreasing in t.
Also, since SNmin(t) is the largest request number (if any) received from B up to time t, SNmin(t) =<
RN(t).
 By definition of t2 and t3, RN(t) is incremented to i + 1 at t2 and SNmin(t) is increased beyond i at
t3. Using the fact that SNmin(t) =< RN(t), it follows that t2 < t3. Note that it is possible that t2 < t1,
since packet i might have been received error-free and released at B before time t1 and even
before SN, in became equal to i.
 From the algorithm statement, node A transmits packet i repeatedly, with finite delay between
successive transmissions, from t1 until t3. If t1 < t2, then RN(t) = i for t1=< t=<t2, so the first
error-free reception of packet i after t1 will be accepted and released to the higher layer at B.
 Since t2 < t3, node A will retransmit packet i until this happens. Since there is a probability q > 0
that each retransmission is received correctly, and retransmissions occur within finite intervals,
the time from t1 to t2 is finite.
 B (whether t1 < t2 , or vice versa) transmits frames carrying RN>= i + 1 from time t2 until some
such frame is received error-free at A at time t3. Since node A is also transmitting frames in this
interval, the delay between subsequent transmissions from B is finite, and, since q > 0, the
interval from t2 to t3 is finite. Thus the interval from t1 to t3 is finite and the algorithm is live.

Go back n with modulus m > n
 It will now be shown that
if the sequence number
SN and the request
number RN are sent
modulo m, for some m
strictly greater than the
go back number n, the
correctness of go back n
is maintained as long as
we re-impose the
condition that frames do
not get out of order on
the links. To demonstrate
this correctness, we first
look more carefully at the
ordering of events when
ordinary integers are
used for SN sand RN.

Go back n with modulus m > n.
 Consider the transmission of an
arbitrary frame from node A to B.
Suppose that the frame is generated at
time t1 and received at t2 (see Fig.
2.29). The sequence number SN of the
frame must lie in node A's window at
time t1, so
 SN and RN(t2) are both contained in
the interval from SNmin(t1) to SNmin (t1)
+n, and thus must satisfy (eq. 2.26)

 Now suppose that when packet number SN is sent, the accompanying
sequence number is sent modulo m, and let sn denote SN mod m.
 Step 3 of the algorithm at node B must then be modified to: If an error-
free frame is received from A containing a sequence number sn equal
to RN mod m, release the received packet to the higher layer and
increment RN.
 Since m > n by assumption, we see from Eq. (2.26) that sn = RN mod
m will be satisfied if and only if the packet number SN is equal to RN;
thus, the algorithm still works correctly.

 Now suppose that RN is sent modulo m, and let
rn = RN mod m. Step 4 of the algorithm at node
A must then be modified to: If an
error-free frame is received from B containing
SNmin mod m, then increment SNmin until rn =
SNmin mod m.
 Because of the range of RN in Eq. (2.27), we
see that this new rule is equivalent to the old
rule, and it is sufficient to send request numbers
modulo m.
 At this point, however, we see that it is
unnecessary for SNmin, SNmax, and RN to be
saved at nodes A and B as ordinary integers;
everything can be numbered modulo m, and the
algorithm has been demonstrated to work
correctly for m>n.

The go back n algorithm at node A for modulo m operation, m>n:
1. Set the modulo m variables SNmin and SNmax to 0.
2. Do steps 3, 4, and 5 repeatedly in any order. There can be an arbitrary but bounded delay
between the time when the conditions for a step are satisfied and when the step is executed.
3. If (SNmax - SNmin ) mod m < n, and if a packet is available from the higher layer, accept a
new packet into the DLC, assign number SNmax to it, and increment SNmax to (SNmax + 1) mod
m.
4. If an error-free frame is received from B containing a request number RN, and (RN - SNmin)
mod m ≤ (SNmax - SNmin) mod m, set SNmin to equal RN.
5. If and no frame is currently in transmission, choose some number SN
such that (SN - SNmin ) mod m < (SNmax - SNmin ) mod m transmit packet SN in a frame
containing SN in the sequence number field.

The go back n algorithm at node B for modulo m operation, m>n
1. Set the modulo m variable RN to 0.
2. Whenever an error-free frame is received from A containing a sequence
number SN equal to RN, release the received packet to the higher layer and
increment RN to (RN + 1) mod m.
3. At arbitrary times, but within bounded delay after receiving any error-free
data frame from A, transmit a frame to A containing RN in the request
number field.

Selective Repeat ARQ
Even if unnecessary retransmissions are avoided, go back n protocols must retransmit at least one
round-trip-delay worth of frames when a single error occurs in an awaited
Selective repeat ARQ can be used to increase efficiency
The basic idea of selective repeat ARQ for data on a link from A to B is to accept out-of-order packets
and to request retransmissions from A only for those packets that are not correctly received.
If p is the probability of frame error, the expected number η of packets delivered to B per frame from
A to B is bounded by
(1 – p) is also called the throughput
The throughput of this ideal is shown in Problem 2.26 to be where β is the expected number of
frames in a round-trip delay interval. This indicates that the increase in throughput available with
selective repeat is significant only when pβ is appreciable relative to 1.

Selective Repeat ARQ

Protocol Functions
 Encapsulation
 Fragmentation and reassembly
 Connection control
 Ordered delivery
 Flow control
 Error control
 Addressing
 Multiplexing
 Transmission services

Encapsulation
 Data usually transferred in blocks
 Protocol data units (PDUs)
 Each PDU contains data and control information
 Some PDUs only control
 Three categories of control
 Address
 Of sender and/or receiver
 Error-detecting code
 E.g. frame check sequence
 Protocol control
 Additional information to implement protocol functions
 Addition of control information to data is encapsulation
 Data accepted or generated by entity and encapsulated into PDU
 Containing data plus control information
 e.g. TFTP, HDLC, frame relay, ATM, AAL5 (Figure 11.15), LLC, IEEE 802.3, IEEE
802.11

Fragmentation and Reassembly
 Exchange data between two entities
 Characterized as sequence of PDUs of some bounded size
 Application level message
 Lower-level protocols may need to break data up into smaller blocks
 Communications network may only accept blocks of up to a certain size
 ATM 53 octets
 Ethernet 1526 octets
 More efficient error control
 Lesser retransmission
 Equitable access to shared transmission
 Prevent station monopolizing medium
 Smaller buffers
 Provision of checkpoint and restart/recovery operations

Disadvantages of Fragmentation
 Make PDUs as large as possible because
 PDU contains some control information
 Smaller block, larger overhead
 PDU arrival generates interrupt
 Smaller blocks, more interrupts
 More time processing smaller, more
numerous PDUs

Reassembly
 Segmented data must be reassembled into messages
 More complex if PDUs out of order

PDUS and Fragmentation
RJEs: Remote job entry points Ref. Book: Data and Computer Communication by William Stallings

Connection Control
 Connectionless data transfer
 Each PDU treated independently
 E.g. datagram
 Connection-oriented data transfer
 E.g. virtual circuit
 Connection-oriented preferred (even required) for lengthy exchange of data
 Or if protocol details must be worked out dynamically
 Logical association, or connection, established between entities
 Three phases occur
 Connection establishment
 Data transfer
 Connection termination
 May be interrupt and recovery phases to handle errors

Sequencing
 Many connection-oriented protocols use sequencing
 e.g. HDLC, IEEE 802.11
 PDUs numbered sequentially
 Each side keeps track of outgoing and incoming
numbers
 Supports three main functions
 Ordered delivery
 Flow control
 Error control
 Not found in all connection-oriented protocols
 E.g.frame relay and ATM
 All connection-oriented protocols include some way of
identifying connection
 Unique connection identifier
 Combination of source and destination addresses

Ordered Delivery
 PDUs may arrive out of order
 Different paths through network
 PDU order must be maintained
 Number PDUs sequentially
 Easy to reorder received PDUs
 Finite sequence number field
 Use modulo maximum numbering
 Maximum sequence number greater than maximum number
of PDUs that could be outstanding
 In fact, maximum number may need to be twice of the
maximum number of PDUs that could be outstanding
 e.g. selective-repeat ARQ

Flow Control
 Control the data-rate
 Stop-and-wait
 Each PDU must be acknowledged before next sent
 Credit
 Amount of data that can be sent without acknowledgment
 E.g. sliding-window
 Must be implemented in several protocols
 Network traffic control
 Buffer space
 Application overflow
 E.g. waiting for disk access

Error Control
 Guard against loss or damage
 Error detection and retransmission
 Sender inserts error-detecting code in PDU
 E.g. CRC
 Receiver checks code on incoming PDU
 If error, discard and request for the retransmission
 If transmitter doesn’t get acknowledgment in reasonable time, retransmit
 Error-correction code
 E.g. Forward Error Correction (FEC)
 Enables receiver to detect and possibly correct errors
 Error control is performed at various layers of protocol
 Between station and network
 Inside network

Addressing
 Addressing level
 Addressing scope
 Connection identifiers
 Addressing mode

Addressing Level
 Addressing level refers to the level in the communications architecture at
which an entity is named
 Unique address for each end system
 e.g. workstation or server
 And each intermediate system
 e.g., router
 Network-level address
 IP address or internet address
 OSI - network service access point (NSAP)
 Used to route PDU through network
 At destination data must routed to some process
 Each process assigned an identifier
 TCP/IP port
 Service access point (SAP) in OSI

Addressing Scope
 Global address
 Global non-ambiguity
 Identifies unique system
 Synonyms permitted
 System may have more than one global address
 Global applicability
 Possible at any global address to identify any other global address, in any system, by
means of global address of other system
 Enables internet to route data between any two systems
 Need unique address for each device interface on network
 MAC address on IEEE 802 network and ATM host address
 Enables network to route data units through network and deliver to intended system
 Network attachment point address
 Addressing scope only relevant for network-level addresses
 Port or SAP above network level is unique within system
 Need not be globally unique
 E.g port 80 web server listening port in TCP/IP

Connection Identifiers
 Entity 1 on system A requests connection to entity 2 on system B,
using global address B.2.
 B.2 accepts connection
 Connection identifier used by both entities for future transmissions
 Reduced overhead
 Generally shorter than global identifiers
 Routing
 Fixed route may be defined
 Connection identifier identifies route to intermediate systems
 Multiplexing
 Entity may wish more than one connection simultaneously
 PDUs must be identified by connection identifier
 Use of state information
 Once connection established, end systems can maintain state
information about connection
 Flow and error control using sequence numbers

Addressing Mode
 Usually address refers to single system or port
 Individual or unicast address
 Address can refer to more than one entity or port
 Multiple simultaneous recipients for data
 Broadcast for all entities within domain
 Multicast for specific subset of entities

Mulitplexing
• Network with one central processor but with shared communication links to devices.
 Multiplexers: To collect the traffic from a set of peripheral devices or users in the same area and to send it on a
single link to the control processor/computer

Transmission Services
 Protocol may provide additional services to entities
 Priority
 Connection basis
 On message basis
 E.g. terminate-connection request
 Quality of service (QOS)
 E.g. minimum throughput or maximum delay threshold
 Security
 Security mechanisms, restricting access
 These services depend on underlying transmission
system and lower-level entities

Internetworking Terms (1)
 Communications Network
 Facility that provides data transfer service
 An internet
 Collection of communications networks interconnected by
bridges and/or routers
 The Internet
 The global collection of thousands of individual machines
and networks
 Intranet
 Corporate internet operating within the organization
 Uses Internet (TCP/IP and http) technology to deliver
documents and resources

Internetworking Terms (2)
 End System (ES)
 Device attached to one of the networks of an internet
 Supports end-user applications or services
 Intermediate System (IS)
 Device used to connect two networks
 Permits communication between end systems attached to different
networks
 Bridge
 IS used to connect two LANs using similar LAN protocols
 Address filter passing on packets to the required network only
 OSI layer 2 (Data Link)
 Router
 Connects two (possibly dissimilar) networks
 Uses internet protocol present in each router and end system
 OSI Layer 3 (Network)

Internet Protocol (IP)
• IP provides connectionless (datagram) service
• Each packet treated separately
• Network layer protocol common to all routers
– which is the Internet Protocol (IP)

Connectionless Internetworking
• Advantages
– Flexible and robust
• e.g. in case of congestion or node failure, packets find their way easier
than connection-oriented services
– No unnecessary overhead for connection setup
– Can work with different network types
• does not demand too much services from the actual network
• Disadvantage: Unreliable
– Best effort: Not guaranteed delivery (no throughput guarantee, no
delay guarantee,…)
– Not guaranteed order of delivery
• Packets can take different routes
– Unreliable: Reliability is responsibility of next layer up (e.g. TCP)

Internet Protocols
Application
TCP
IP
Data Link
Application
TCP
IP
Network
Access
Application protocol
TCP protocol
IP protocol IP protocol
Data
Link
Data
Link
IP
Data
Link
Data
Link
IP
Data
Link
Data
Link
Data
Link
IP protocol
Router
Router Host
Host

IP Operation
Link Access Procedure for Frame Relay (or LAPF), Logical Link Control (LLC)

Network Design Issues
• Routing
• Datagram lifetime
• Fragmentation and re-assembly
• Error control
• Flow control
• Addressing

Routing
• End systems and routers maintain routing tables
– Indicate next router to which datagram should be sent
– Static
• Tables do not change but may contain alternative routes
– Dynamic
• If needed, the tables are dynamically updated
• Flexible response to congestion and errors
• status reports issued by neighbors about down routers
• Source routing
– Source specifies route as sequential list of routers to be
followed
– useful, for example, if the data is top secret and should
follow a set of trusted routers.
• Route recording
– routers add their address to datagrams
– good for tracing and debugging purposes

Datagram Lifetime
• Datagrams could loop indefinitely
– Not good
• Unnecessary resource consumption
• Transport protocol needs upper bound on datagram life
• Datagram marked with lifetime
– Time To Live (TTL) field in IP
– Once lifetime expires, datagram discarded (not forwarded)
– Hop count
• Decrement time to live on passing through each router
– Time count
• Need to know how long since last router
• global clock is needed

Fragmentation and Re-assembly
• Different maximum packet sizes for different
networks
– routers may need to split the datagrams into
smaller fragments
• When to re-assemble
– At destination
– Intermediate reassembly
• Need large buffers at routers
• All fragments must go through same router
– Inhibits dynamic routing

IP Fragmentation
• In IP, reassembly is at destination only
• Uses fields in header
– Data Unit Identifier – In order to uniquely
identify datagram
– Source and destination addresses
1. Upper protocol layer (e.g. TCP)
2. Identification supplied by that layer
– Data length
• Length of user data in octets (if fragment,
length of fragment data)
• Actually header contains total length incl.
header but data length can be calculated
– Offset
• Position of fragment of user data in original
datagram (position of the first byte of the
fragment)
• In multiples of 64 bits (8 octets)
– More flag
• Indicates that this is not the last fragment (if
this flag is 1)

Dealing with Failure
• Re-assembly may fail if some fragments get
lost
• Need to detect failure
• Re-assembly time out
– Assigned to first fragment to arrive
– If timeout expires before all fragments arrive,
discard partial data
• Use packet lifetime (time to live in IP)
– If time to live runs out, kill partial data

Error Control
• In IP, delivery is not guaranteed
• Router may attempt to inform source if packet discarded, if
possible
– specify the reason of drop, e.g. for time to live expiration,
congestion, bad checksum (error detected)
• Datagram identification needed
• When source receives failure notification, it
– may modify transmission strategy
– may inform high layer protocol
• Note that such a failure notification is not guaranteed

Flow Control (in IP layer)
• Allows routers and/or stations to limit rate of
incoming data
• Limited in connectionless systems
• Send flow control packets
– Requesting reduced flow
• e.g. ICMP

Internet Protocol (IP) Version 4
• Part of TCP/IP
– Used by the Internet
• Specifies interface with higher layer
– e.g. TCP
• Specifies protocol format and mechanisms
• RFC 791
– www.rfc-editor.org
• Replaced or will be replaced by IPv6 (see later)

Internet Protocol (IP) Version 4

IP Services
• Information and commands exchanged across
adjacent layers (e.g. between IP and TCP)
• Primitives (functions to be performed)
– Send
• Request transmission of data unit
– Deliver
• Notify user of arrival of data unit
• Parameters
– Used to pass data and control info

Parameters (1)
• Source IP address
• Destination IP address
• Protocol
– Recipient e.g. TCP
• Type of Service Indicators
– Specify treatment of data unit during
transmission through networks
• Identification
– Uniquely identifies PDU together with source,
destination IP addresses and user protocol
– Needed for re-assembly and error reporting

Parameters (2)
• Don’t fragment indicator
– Can IP fragment data?
– If not, may not be possible to deliver
• Time to live (initial TTL value)
• Data length
• Options
• Data from/to upper layer

Options
• Security
– security label - mostly for military applications
• Source routing
• Route recording
• Stream identification
– identifies reserved resources for stream traffic
(like video)
• Time-stamping
– added by source and routers

Type of Service Indicators
• Requests for service quality
– now different QoS (Quality of Service) mechanisms are used,
but this is out of scope of this course
• Precedence
– 8 levels
• Reliability
– Normal or high
• Delay
– Normal or low
• Throughput
– Normal or high

IPv4 Header
Internet Header Length (IHL), Differentiated Services (DS), Explicit congestion notification (ECN)

Header Fields (1)
• Version
– Currently 4 (IP v4)
• Internet header length
– In 32 bit words
– Including options
• Type of service
• Total length
– Of datagram, in octets

Header Fields (2)
• Identification
– Sequence number
– Used with addresses and user protocol to identify
datagram uniquely
• Flags
– More bit
– Don’t fragment
• Fragmentation offset
• Time to live
• Protocol
– Next higher layer to receive data field at destination

Header Fields (3)
• Header checksum
– Reverified and recomputed at each router
– 16 bit ones complement sum of all 16 bit words in
header
– Set to zero during calculation
• Source address
• Destination address
• Options
• Padding
– To fill to multiple of 32 bits long

Data Field
• Carries user data from next layer up
• Integer multiple of 8 bits long (octet)
• Max length of datagram (header plus data)
65,535 octets

IPv4 Address Formats
• 32 bit global Internet
address
• Network part and host part
• All-zero host part
identifies the network
• All-one host part means
broadcast (limited to
current network)
Class A: Few networks, each with many hosts
Class B: Medium number of networks, each with a medium number of hosts
Class C: Many networks, each with a few hosts

IP Addresses - Class A
• 32 bit global internet address
• Network part and host part
• All zero
– Special meaning (means “this
computer”)
• 01111111 (127) (network part )
reserved for loopback
– Generally 127.0.0.1 is used
• Range 1.x.x.x to 126.x.x.x
– 10.x.x.x is for private networks
• Few networks - many hosts
• All networks have been allocated

IP Addresses - Class B
• Starts with binary 10
– Second octet is also part of the
network id.
• 14-bit network, 16-bit host
number
– 214 = 16,384 class B addresses
– 216 = 65,536 hosts per network
• Actually minus 2 due to network and
broadcast addresses
• All networks have been allocated

IP Addresses - Class C
• Start binary 110
• Second and third octets are also
part of network address
• 221 = 2,097,152 addresses
(networks)
• 256 – 2 = 254 hosts per network
• Nearly all allocated

IPv4 Address Formats
E.g.10.250.1.1
E.g.150.10.15.0
E.g. 192.14.2.0
Exercise: Identify
the class address
http://172.20.0.20
2/nitw_prm/index.
aspx

Special IP address forms
Prefix
(network)
Suffix (host) Type & Meaning
all zeros all zeros this computer
(used during
bootstrap)
network address all zeros identifies network
network address all ones broadcast on the
specified network
all ones all ones broadcast on local
network
127 any loopback (for
testing purposes)

Subnets and Subnet Masks
• Allow arbitrary complexity of internetworked LANs within organization
– By not having one network class for each LAN within the organization
– Each such LAN is called a subnet
• Such a network with several subnets looks like a single network from the
point of view of the rest of internet
• Each subnet is assigned a subnet number
• Host portion of address partitioned into subnet number and host number
• Local routers route within subnetted network
• Subnet mask indicates which bits are network/subnet number and which
are host number. Applying a subnet mask to an IP address separates
network address from host address.
– Subnet mask must be in the form of several 1's followed by several 0's (total 32 bits)
- 111..111000…0
– number of 0's is used to determine the number of hosts in that subnet (see next
example)

Subnet Mask Calculation (Exercise)

Routing Using Subnets
 Subnet Mask:
255.255.255.224
 Addresses start with
192, so class C
addresses. Last octet is
for Subnet number and
Host number
 224 -> 11100000 in
binary last 5 bits are
for Host number,
previous 3 bits are for
Subnet number
 Don't forget! All zero
host number identifies
the subnet and all ones
is used for broadcast

Custom subnet mask (Exercise)
Problem statement: Take a single network, which has an IP 193.100.10.0 and distribute it into 16
smaller networks. The external world still sees the network as 193.100.10.0, but the internal
computers and routers see 16 Independent smaller subnets.
IP Address: 193 . 100 . 10 . 0
Custom Subnet Mask: 255.255.255.240
Network Subnet Host
IP Address: 1 1 0 0 0 0 0 1. 0 1 1 0 0 1 0 0. 0 0 0 0 1 0 1 0. 0 0 1 0 1 0 1 0 (193 . 100 . 10 . 42)
Custom Subnet Mask: 1 1 1 1 1 1 1 1. 1 1 1 1 1 1 1 1 .1 1 1 1 1 1 1 1. 1 1 1 1 0 0 0 0 (255.255.255.240)
AND operation: 1 1 0 0 0 0 0 1. 0 1 1 0 0 1 0 0. 0 0 0 0 1 0 1 0. 0 0 1 0 0 0 0 0 (193 . 100 . 10 . 32)
Network Subnet Host
IP Address: 1 1 0 0 0 0 0 1. 0 1 1 0 0 1 0 0. 0 0 0 0 1 0 1 0. 0 0 0 0 0 0 0 0 (193 . 100 . 10 . 0)
Custom Subnet Mask: 1 1 1 1 1 1 1 1. 1 1 1 1 1 1 1 1 .1 1 1 1 1 1 1 1. 1 1 1 1 0 0 0 0 (255. 255. 255. 240)
AND operation: 1 1 0 0 0 0 0 1. 0 1 1 0 0 1 0 0. 0 0 0 0 1 0 1 0. 0 0 0 0 0 0 0 0 (193 . 100 . 10 . 0)
 Applying a subnet mask to an IP address separates network address from host address. The network
bits are represented by the 1's in the mask, and the host bits are represented by 0's. Performing a
bitwise logical AND operation on the IP address with the subnet mask produces the network address.
Belongs to which subnet, tells the subnet ID

Custom subnet mask (Exercise)
Problem statement: Take a single network has an IP 193.100.10.0 and distribute it into 16 smaller
networks. The external world still sees the network as 193.100.10.0, but the internal computers and
routers see 16 Independent smaller subnets.
IP Address: 193 . 100 . 10 . 0
Custom Subnet Mask: 255.255.255.240
Address Ranges:
SubNet-1: 193.10.10.0 to 193.100.10.15 (Customer-1)
193 . 100 . 10 . 42
SubNet-1 (Customer-1),
Useful range of addresses:
193.10.10.1 to 193.100.10.14
Q. Why?

Classless Inter Domain Routing (CIDR)
RJEs: Remote job entry points Ref. Book: Data and Computer Communication by William Stallings and online sources
 Classless Inter Domain Routing (CIDR) was invented to keep the Internet from running out of IP Addresses.
 The IPv4, a 32-bit, addresses have a limit of 4,294,967,296 (232) unique IP addresses. The classful address
scheme (Class A, B and C) of allocating IP addresses in 8-bit increments can be very wasteful. With classful
addressing scheme, a minimum number of IP addresses allocated to an organization is 256 (Class C).
Giving 256 IP addresses to an organization only requiring 15 IP addresses is wasteful.
 Also, an organization requiring more than 256 IP addresses (let's say 1,000 IP addresses) is assigned a
Class B, which allocates 65,536 IP addresses. Similarly, an organization requiring more than 65,636 (65,634
usable IPs) is assigned a Class A network, which allocates 16,777,216 (16.7 Million) IP addresses. This type
of address allocation is very wasteful.
 With CIDR, a network of IP addresses is allocated in 1-bit increments as opposed to 8-bits in classful
network. The use of a CIDR notated address can easily represent classful addresses (Class A = /8, Class B
= /16, and Class C = /24). The number next to the slash (i.e. /8) represents the number of bits assigned to
the network address. The example shown above can be illustrated with CIDR as follows:
Network Subnet Host
IP Address: 1 1 0 0 0 0 0 1. 0 1 1 0 0 1 0 0. 0 0 0 0 1 0 1 0. 0 0 0 0 0 0 0 0 (193 . 100 . 10 . 0/28)
Custom Subnet Mask: 1 1 1 1 1 1 1 1. 1 1 1 1 1 1 1 1 .1 1 1 1 1 1 1 1. 1 1 1 1 0 0 0 0 (255.255.255.240)
AND operation: 1 0 1 0 1 1 0 0. 0 1 1 0 0 1 0 0. 0 0 0 0 1 0 1 0. 0 0 0 0 0 0 0 0 (193 . 100 . 10 . 0/28)

Hostel Work
18.15 What is the difference between the subnet mask for a Class A address with 16 bits for the
subnet ID and a class B address with 8 bits for the subnet ID?
18.17 Given a network address of 192.168.100.0 and a subnet mask of 255.255.255.192,
a. How many subnets are created?
b. How many hosts are there per subnet?
18.19 In contemporary routing and addressing, the notation commonly used is called classless
interdomain routing or CIDR. With CIDR, the number of bits in the mask is indicated in the following
fashion: 192.168.100.0/24. This corresponds to a mask of 255.255.255.0. If this example would
provide for 256 host addresses on the network, how many addresses are provided with the following?
a. 192.168.100.0/23
b. 192.168.100.0/25
18.21 Using your IP address and your mask, what is your network address? This is determined by
converting the IP address and the mask to binary and then proceeding with a bitwise logical AND
operation. For example, given the address 172.16.45.0 and the mask 255.255.224.0, we would
discover that the network address would be 172.16.32.0.
Practice exercises on IP: http://www.ece.virginia.edu/mv/edu/7457/lectures/IP/IP-exer.pdf

IP v6 - Version Number
• IP v 1-3 defined and replaced
• IP v4 – last version
• IP v5 - stream protocol
– Connection oriented internet layer protocol
• IP v6 - replacement for IP v4
– During the initial development it was called IPng
(Next Generation)

Driving Motivation to change IP
• Address space exhaustion
– Two level addressing (network and host) wastes space
– Network addresses used even if not connected to Internet
– Growth of networks and the Internet
– Extended use of TCP/IP
• e.g. for POS terminals
• Wireless nodes
• Vehicles
• Current trend: Internet of Things
– Single address per host
• Requirements for new types of service

IPv6 Enhancements (1)
• Expanded address space
– 128 bit
• Improved option mechanism
– Separate optional headers between IPv6 header
and transport layer header
– Most are not examined by intermediate routes
• Improved speed and simplified router processing
• Easier to extend options
• Address auto configuration
– Dynamic assignment of addresses

IPv6 Enhancements (2)
• Increased addressing flexibility
– Anycast - delivered to one of a set of nodes
– Improved scalability of multicast addresses
• Support for resource allocation
– Replaces type of service
– Labeling of packets to particular traffic flow
– Allows special handling
– e.g. real time video

IPv6 PDU (Packet) Structure
IPv6 header + optional
extension headers

Extension Headers
• Hop-by-Hop Options
– special options that require hop-by-hop
processing
• Routing
– Similar to source routing
• Fragment
– fragmentation and reassembly information
• Authentication
– Integrity and Authentication
• Encapsulating security payload
– Privacy and Confidentiality (plus optional
authentication)
• Destination options
– Optional info to be processed at destination
node

IPv6 Header

IPv6 Header Fields (1)
• Version
– 6 (in binary: 0110)
• DS/ECN
– Previously, Traffic Class (Types of
Service)
• Classes or priorities of packet
– Now interpretation is different
as discussed in v4
• Flow Label
– Identifies a sequence of packets
(a flow) that has special
handling requirements
• Payload length
– Length of all extension headers
plus user data
Differentiated Services (DS), Explicit congestion notification (ECN)

IPv6 Header Fields (2)
• Next Header
– Identifies type of the following header
• Extension or next layer up
• Hop Limit
– Remaining number of hops
– As in TTL of IPv4, decremented by one
at each router
– Packet discarded if reaches zero
• Source Address
• Destination address
• Longer header but less number of
fields
– simplified processing

Flow Label
• Flow
– Sequence of packets from particular source to particular destination
– Source desires special handling by routers
– Uniquely identified by source address, destination address, and 20-bit
flow label
• Router's view
– Sequence of packets that share some attributes affecting how packets
handled
• Path, resource allocation, discard needs, security, etc.
– Handling must somehow be arranged a priority
• Negotiate handling ahead of time using a control protocol

IPv6 Addresses
• 128 bits long
• Assigned to interface
– An interface may have multiple addresses
• network/host id parts
– arbitrary boundary
– like CIDR addresses in v4
• Multilevel hierarchy
– ISP - Organization - Site - …
– Helps faster routing due to aggregation of IP addresses
• Smaller routing tables and faster lookup
• IPv4 addresses are mapped into v6 addresses
• Three types of address

Differences Between v4 and v6 Headers
• No header length (IHL) in v6
– main header is of fixed length in v6
• No Protocol info in v6
– next header field will eventually point to
the transport layer PDU
• No fragmentation related fields in v6
base header
– fragmentation is an extension header
• No checksum in v6
– rely on reliable transmission medium and
checksums of upper and lower layers
• Flow label is part of base header in v6
– it was in the options part in v4
Internet Header Length (IHL), Differentiated Services (DS), Explicit congestion notification (ECN)

Differences Between v4 and v6 Headers

IPv6 Extension Headers

Hop-by-Hop Options
• Next header
• Header extension length
• Options
– Type (8 bits), length (8 bits) , option data (variable size)
• type also says what should router do if it does not recognize the option
– Pad1 / Pad N
• Insert one/N byte(s) of padding into Options area of header
• Ensure header is multiple of 8 bytes
– Jumbo payload (Jumbogram)
• Option data field (32 bits) gives the actual length of packet in octets
– excluding the base IPv6 header
• For packets over 216 -1 = 65,535 octets, we use this option
– up to 232 octets
– for large video packets
– Router alert
• Tells the router that the content of packet is of interest to the router
• Provides support for Resource Reservation Protocol (RSVP)

Fragmentation Header
• Fragmentation only allowed at source
• No fragmentation at intermediate routers
• Node must perform path discovery to find
smallest MTU of intermediate networks
• Source fragments to match MTU
• Otherwise limit to 1280 octets
Maximum Transmission Unit (MTU)

Fragmentation Header Fields
• Next Header
• Reserved
• Fragmentation offset
• Reserved
• More flag
• Identification

Routing Header
• List of one or more intermediate nodes to be
visited
• Next Header
• Header extension length
• Routing type
• Segments left
– i.e. number of nodes still to be visited

Destination Options
• Same format as Hop-by-Hop options header
• RFC 2460 defines Pad 1/Pad N as in hop-by-
hop options header

Migration to IPv6
• Not an overnight operation
– lots of investments in v4 networking equipment and software
– currently equipment and software are IPv6 compatible
– however, turning the key on synchronously all around the
world is not easy
• isolated v6 islands
– communicating via tunnels
• eventually those islands will get larger and merge
• Specialized networks of small devices with IPv6 addresses
– e.g. a network of sensors that covers a large area for security
protection

Internet control protocols
• Internet control protocols
– Internet Control Message Protocol (ICMP)
– Dynamic Host Configuration Protocol (DHCP)
– Address Resolution Protocol (ARP)
Ref. Online sources

Internet Control Message Protocol (ICMP)
• Internet Control Message Protocol - RFC 792
– Sister protocol of IP
– All IP implementations should also implement ICMP
• ICMP is an error-reporting protocol network devices like routers use
to generate error messages to the source IP address when network
problems prevent delivery of IP packets.
• Feedback about problems
– e.g. datagram discarded, router’s buffer full
• Some simple applications can be implemented using ICMP
– e.g. ping
• ICMP Source Quench packet to slow down the transmission rate.

ICMP Message Formats

Address Resolution Protocol (ARP)

How to Bootstrap an End Host?
RJEs: Remote job entry points Ref. Online sources
• Bootstrapping: Self-starting process that is supposed to
proceed without external input
• What IP address the host should use?
• What local Domain Name System (DNS) server to use?
– DNS is responsible for translating domain names into IP addresses
• How to send packets to remote destinations?
• How to ensure incoming packets arrive?
host host DNS
...
host host DNS
...
router router
1.2.3.0/24
1.2.3.7 1.2.3.156
???
1.2.3.19
router

Avoiding Manual Configuration
host host DNS
...
host host DNS
...
router router
1.2.3.0/24
1.2.3.7 1.2.3.156
???
1.2.3.19
router
• Dynamic Host Configuration Protocol (DHCP)
– End host learns how to send packets
– Learn IP address, DNS servers, and gateway
• Address Resolution Protocol (ARP)
– Others learn how to send packets to the end host
– Learn mapping between IP address and MAC
address

Key Ideas in Both Protocols
• Broadcasting: when in doubt, shout!
– Broadcast query to all hosts in the local-area-network when you
don’t know how to identify the right one
• Caching: remember the past for a while
– Store the information you learn to reduce overhead
– Remember your own address & other host’s addresses
• Soft state: eventually forget the past
– Associate a time-to-live field with the information and either
refresh or discard the information
– Key for robustness in the face of unpredictable change
Ref. Online sources

Need Another Kind of Identity
• LANs are designed for arbitrary network protocols
– Not just for IP and the Internet
• Using IP address would require reconfiguration
– Every time the adapter is rebooted or powered up
• Broadcasting all data to all adapters is expensive
– Requires every host on the LAN to inspect each packet
Motivates separate Medium Access Control (MAC) addresses
Ref. Online sources

MAC/Physical Address vs. IP Address
• MAC/Physical addresses
– Hard-coded in read-only memory when adaptor is built
– Like a social security number
– 48 bits contains six groups of two hexadecimal digits
(e.g., 00-0E-9B-6E-49-76)
– Portable, and can stay the same as the host moves
– Used to get packet between interfaces on same network
• IP addresses
– Configured, or learned dynamically
– Like a postal mailing address
– Hierarchical name space of 32 bits (e.g., 12.178.66.9)
– Not portable, and depends on where the host is attached
– Used to get a packet to destination IP subnet
Ref. Online sources

MAC Addresses on a LAN
1A-2F-BB-76-09-AD
58-23-D7-FA-20-B0
0C-C4-11-6F-E3-98
71-65-F7-2B-08-53
LAN
Ref. Online sources

Change adapter settings

Bootstrapping Problem
host host host
...
DHCP server
• Bootstrapping: Self-starting process that is supposed to proceed
without external input
• Host doesn’t have an IP address yet
– So, host doesn’t know what source address to use
• Host doesn’t know who to ask for an IP address
– So, host doesn’t know what destination address to use
• Solution: shout to discover a server who can help
– Broadcast a server-discovery message
– Server sends a reply offering an address
Ref. Online sources

Broadcasting
• Broadcasting: sending to everyone
– Special destination address: FF-FF-FF-FF-FF-FF
– All adapters on the LAN receive the packet
• Delivering a broadcast packet
– Easy on a “shared media”
– Like shouting in a room – everyone can hear you
– E.g., Ethernet, wireless, and satellite links
Ref. Online sources

Response from the DHCP Server
• DHCP “offer message” from the server
– Configuration parameters (proposed IP address, mask, gateway router,
DNS server, ...)
– Lease time (the time during that the information remains valid)
• Multiple servers may respond
– Multiple servers on the same broadcast media
– Each may respond with an offer
– The client can decide which offer to accept
• Accepting one of the offers
– Client sends a DHCP request echoing the parameters
– The DHCP server responds with an ACK to confirm
– The other servers see they were not chosen
Ref. Online sources

Dynamic Host Configuration Protocol
arriving
client DHCP server
233.1.2.5
Ref. Online sources

Network Connection Details

Deciding What IP Address to Offer
• Server as centralized configuration: static database
– All parameters are statically configured in the server
– E.g., a dedicated IP address for each MAC address
– Avoids complexity of configuring hosts directly
– … while still having a permanent IP address per host
• Or, dynamic assignment of IP addresses
– Server maintains a pool of available addresses
– … and assigns them to hosts on demand
– Leads to less configuration complexity
– … and more efficient use of the pool of addresses
– Though, it is harder to track the same host over time
Ref. Online sources

Soft State: Refresh or Forget
• Why is a lease time necessary?
– Rrelease the IP address (DHCP RELEASE)
• E.g., “ipconfig /release” at the DOS prompt
• E.g., clean shutdown of the computer
– But, the host might not release the address
• E.g., the host crashes (blue screen of death!)
• E.g., buggy client software
– And you don’t want the address to be allocated forever
• Performance trade-offs
– Short lease time: returns inactive addresses quickly
– Long lease time: avoids overhead of frequent renewals
Ref. Online sources

Now the Host Knows Things
• IP address
• Mask
• Gateway router
• DNS server
• And can send packets to
other IP addresses
– But, how to learn the MAC
address of the destination?
Ref. Online sources

Sending Packets Over a Link
• Adaptors only understand MAC addresses
– Translate the destination IP address to MAC address
– Encapsulate the IP packet inside a link-level frame
host host host
...
1.2.3.156
router
1.2.3.53
1.2.3.53
1.2.3.156
IP packet
Ref. Online sources

Address Resolution Protocol (ARP) Table
• Every node maintains an ARP table
– (IP address, MAC address) pair
• Consult the table when sending a packet
– Map destination IP address to destination MAC address
– Encapsulate and transmit the data packet
• But, what if the IP address is not in the table?
– Sender broadcasts: “Who has IP address 1.2.3.156?”
– Receiver responds: “MAC address 58-23-D7-FA-20-B0”
– Sender caches the result in its ARP table
• No need for network administrator to get involved
host host host
...
1.2.3.156
router
1.2.3.53
Ref. Online sources

Example: A Sending a Packet to B
How does host A send an IP packet to host B?
A sends packet to R, and R sends packet to B.
A
R
B
Ref. Online sources

Host A Decides to Send Through R
• Host A constructs an IP packet to send to B
– Source 111.111.111.111, destination 222.222.222.222
• Host A has a gateway router R
– Used to reach destinations outside of 111.111.111.0/24
– Address 111.111.111.110 for R learned via DHCP
A
R
B
Ref. Online sources

Host A Sends Packet Through R
• Host A learns the MAC address of R’s interface
– ARP request: broadcast request for 111.111.111.110
– ARP response: R responds with E6-E9-00-17-BB-4B
• Host A encapsulates the packet and sends to R
A
R
B
Ref. Online sources

R Decides how to Forward Packet
• Router R’s adaptor receives the packet
– R extracts the IP packet from the Ethernet frame
– R sees the IP packet is destined to 222.222.222.222
• Router R consults its forwarding table
– Packet matches 222.222.222.0/24 via other adaptor
A
R
B
Ref. Online sources

R Sends Packet to B
• Router R’s learns the MAC address of host B
– ARP request: broadcast request for 222.222.222.222
– ARP response: B responds with 49-BD-D2-C7-56-2A
• Router R encapsulates the packet and sends to B
A
R
B
Ref. Online sources

Internet control protocols: Summary
• Important control functions
– Bootstrapping
– Error reporting and monitoring
• Internet control protocols
– Internet Control Message Protocol (ICMP)
– Dynamic Host Configuration Protocol (DHCP)
– Address Resolution Protocol (ARP)
Ref. Online sources

Routing algorithms
 Shortest path routing
 Distance vector routing
 Link state routing
 Routing Information Protocol (RIP)
 Open Shortest Path First (OSPF)
 Inter-domain routing

Routing algorithms
 The two main functions performed by a routing algorithm are:
 The selection of routes for various origin-destination pairs
 Delivery of messages to their correct destination
 Quality of Service (QoS):
 Throughput
 Latency or Delay

Delay-Throughput operating curves
 Delay depends on
 The routes chosen by the routing
algorithm
 Buffering and Congestion
 Processing time
 Optimal balance between throughput and
delay (i.e., Rejecting offered load when delay
starts getting excessive).
 As the routing algorithm is more successful in
keeping delay low, the flow control algorithm
allows more traffic into the network.

Impact of the route selection on Delay

Impact of the route selection on Throughput

Efficient Routing algorithm (Objectives)
https://www.google.com/search?biw=1366&bih=662&tbm=isch&sa=1&ei=tCKIW_a1ENGoyAOpk72wDg&q=delay+vs+traffic+load&oq=delay+vs+traffic+load&gs_l=img.3...106339.107441.0.108937.5.5.0.0.0.0.212.799.0j4j1.5.0....0...1c.1.64.img..0.0.0....0.7VrGCy8ydzI#imgrc=rlht
VdEspcS25M:
 Design objectives of the Routing algorithm:
 Increase throughput or maintain the same value of average delay
per packet under high offered load conditions.
 Decrease average delay per packet under low and moderate offered
load conditions.

Minimum Weighted Spanning Tree construction

Bellman-Ford algorithm
 Node 1 is the “destination” node
and consider the problem of
finding a shortest path from
every node to node 1.
 Same algorithm can be applied
to find the shortest path
between each source and
destination pair
 dij =∞ if (i, j) is not an arc of the
graph.

Bellman-Ford algorithm

Bellman-Ford algorithm (Cont..)

Order of computation complexity

Dijkstra's Algorithm
Arc lengths are nonnegative
worst-case computational requirements are considerably less than those of
the Bellman-Ford algorithm
Objective: find the shortest paths in order of increasing path length

Dijkstra's Algorithm

Order of computation complexity

Bellman-Ford vs. Dijkstra
RJEs: Remote job entry points Ref.
Bellman-Ford:
Order of computation complexity:
O(N3)
Suitable when the topology has lees
number of arcs
Can take the negative weighted
arcs and identify the negative cycles
Dijkstra:
Order of computation complexity:
O(N2)
Suitable when the topology has
many arcs
Can not take negative weights

Floyd-Warshall algorithm
RJEs: Remote job entry points Ref.
Finds the shortest paths between all pairs of nodes together.
Arc distances can be positive or negative
No negative-length Cycles
The Bellman-Ford algorithm iterates on the number of arcs in a path, the Dijkstra algorithm
iterates on the length of the path, the Floyd-Warshall algorithm iterates on the set of nodes that
are allowed as intermediate nodes on the paths.
The Floyd-Warshall algorithm starts like both other algorithms with single arc distances (i.e., no
intermediate nodes) as starting estimates of shortest path lengths
It then calculates shortest paths under the constraint that only node 1 can be used as an
intermediate node, and then with the constraint that only nodes 1 and 2 can be used, and so forth.

Exercise
Problem statement:
a. Construct the network topology considering the
D(0)
b. Find the shortest paths using Floyd-Warshall algorithm
Allowing maximum two intermediate nodes
c. Find the shortest paths using Floyd-Warshall algorithm
Allowing maximum five intermediate nodes

Floyd-Warshall algorithm

Autonomous Systems (AS)
• is a group of routers and networks managed by single
organization
• which exchange information via a common routing protocol
• form a connected network
– at least one path between any pair of nodes
– except in times of failure

Interior Routing Protocol & Exterior Routing Protocol
• interior routing protocol (IRP)
– passes routing information between routers within AS
– can be tailored to specific applications
– needs detailed model of network to function
• may have more than one AS in internet
– routing algorithms & tables may differ between them
• If. routers need info on networks outside own AS
• use an exterior router protocol (ERP) for this
– supports summary information on AS reachability

Application of IRP and ERP

IRP: Distance Vector Routing
• each node (router or host) exchange
information with neighboring nodes
• first generation routing algorithm for
ARPANET
– eg. used by Routing Information
Protocol (RIP)
• each node maintains vector of link costs
for each directly attached network and
distance and next-hop vectors for each
destination
• requires transmission of much info by
routers
– distance vector & estimated path
costs
• changes take long time to propagate

IRP: Link State Routing
• designed to overcome drawbacks of distance-vector
• each router determines link cost on each interface
• advertises set of link costs to all other routers in topology
• if link costs change, router advertises new values
• each router constructs topology of entire configuration
– can calculate shortest path to each dest
– use to construct routing table with first hop to each dest
• Derived from the Dijkstra's algorithm
• Open Shortest Path First (OSPF) is a link-state protocol

Distance Vector vs. Link State Routing
• With distance vector routing, each node has information only
about the next hop:
• Node A: to reach F go to B
• Node B: to reach F go to D
• Node D: to reach F go to E
• Node E: go directly to F
• Distance vector routing makes
poor routing decisions if
directions are not completely
correct
(e.g., because a node is down).
• If parts of the directions incorrect, the routing may be incorrect until the routing algorithms has re-
converged.
A B C
D E F

Distance Vector vs. Link State Routing
• In link state routing, each node has a complete map of the
topology
• If a node fails, each
node can calculate
the new route
• Difficulty: All nodes need to
have a consistent view of the
network
A B C
D E F
A B C
D E F
A B C
D E F
A B C
D E F
A B C
D E F
A B C
D E F
A B C
D E F

Link State Routing: Basic princples
1. Each router establishes a relationship (“adjacency”) with its
neighbors
2.Each router generates link state advertisements (LSAs) which are
distributed to all routers
LSA = (link id, state of the link, cost, neighbors of the link)
3. Each router maintains a database of all received LSAs (topological
database or link state database), which describes the network has a
graph with weighted edges
4. Each router uses its link state database to run a shortest path
algorithm (Dijikstra’s algorithm) to produce the shortest path to each
network

Link State Routing: Properties and Operation flow
• Each node requires complete topology information
• Link state information must be flooded to all nodes
• Guaranteed to converge
Received
LSAs
IP Routing
Table
Dijkstra’s
Algorithm
Link State
Database
LSAs are flooded
to other interfaces

Directed Graph of AS
Distance
vector
Link
State
Path
vector

RIP - Routing Information Protocol
• A simple interior routing protocol
• Straightforward implementation of Distance Vector
Routing
• Each router advertises its distance vector every 30
seconds (or whenever its routing table changes) to
all of its neighbors
• Maximum hop count is 15, with “16” equal to “”
• Routes are timeout (set to 16) after 3 minutes (180
seconds) if they are not updated

Example of a domain using RIP

RIP Problems
• RIP takes a long time to stabilize
– Even for a small network, it takes several minutes
until the routing tables have settled after a change
• RIP has all the problems of distance vector
algorithms, e.g., count-to-Infinity
» RIP uses split horizon to avoid count-to-infinity
• The maximum path in RIP is 15 hops

Count to infinity problem:
•One of the important issue in Distance
Vector Routing is Count of Infinity Problem.
•Counting to infinity is just another name for
a routing loop.
•In distance vector routing, routing loops
usually occur when an interface goes
down.
•It can also occur when two routers send
updates to each other at the same time.

Count to Infinity
• A discovers that link to E is lost.
• If before A’s message (saying that
link cost to E is ∞) is received, if B or
C advertise that they can reach E in
two hops, then A can be confused.
• Another possibility, B gets A’s update
followed by C’s update which says
that E is reachable in 2 hops.
• So B tells A this, and A thinks it can
now reach E via B in 3 hops.
• This information reaches C who now
thinks that it can reach E in 4 hops
via A.
D
G
A
F
E
B
C
• The process
continues and
thus, the system
does not stabilize.
• This is the count
to infinity problem.

Count to Infinity
A B C
1 1

Split Horizon
• One solution would be to approximate ∞ to say 16
hops.
• With Split Horizon, when a node sends a routing table
update to its neighbors, it “does not” send those
routes it learned from “a particular” neighbor, back to
that neighbor.
• With split horizon with poison reverse, this update is
reported but the link weight is set to ∞.
– For example B sends (E, ∞) to A.

RIP Timers
• Periodic timer
– It controls the advertising of regular update message (25 ~
30 sec)
• Expiration timer
– It governs the validity of a route (180 sec)
– The route is considered expired and the hop count of the
route is set to 16
• Garbage collection timer
– A invalid route is not purged from the routing table
until this timer expires (120 sec)

RIPv2 vs. RIPv1
• Classless Addressing
• Authentication
• Multicasting
– RIPv1 uses broadcasting to send RIP messages to every
neighbors. Routers as well as hosts receive the packets
– RIPv2 uses the all-router multicast address to send the
RIP messages only to RIP routers in the network

RIP message format

Open Shortest Path First (RFC2328)
• Interior Gateway Protocol of Internet
• Replaced Routing Information Protocol (RIP)
• Uses Link State Routing Algorithm
– each router keeps list of state of local links to network
– transmits update state info
• Uses least cost based on user cost metric
– delay, data rate, dollar cost, or other factors
• Topology stored as directed graph
– vertices or nodes (router, transit or stub network)
– edges (between routers or router to network)

Example OSPF AS
Two routers joined by a point-to-point link are represented
in the graph as being directly connected by a pair of edges,
one in each direction (e.g., routers 6 and 10).
• When multiple routers are attached to a network (such as
a LAN or packet switching network), the directed graph
shows all routers bidirectional connected to the network
vertex (e.g., routers 1, 2, 3, and 4 all connect to network
3).
• If a single router is attached to a network, the network
will appear in the graph as a stub connection (e.g.,
network 7).
• An end system, called a host, can be directly connected
to a router, in which case it is depicted in the
corresponding graph (e.g., host 1).
• If a router is connected to other autonomous systems,
then the path cost to each network in the other system
must be obtained by some exterior router protocol (ERP).
Each such network is represented on the graph by a stub
and an edge to the router with the known path cost (e.g.,
networks 12 through 15).

Directed Graph of AS

SPF Tree for Router 6

Exterior Router Protocol – Path-vector
• Alternative path-vector routing protocol
– provides info about which networks can be reached by a
given router and ASs crossed to get there
– does not include distance or cost estimate
– hence dispenses with concept of routing metrics
• Have list of all ASs visited on a route
• Enables router to perform policy routing
– E.g. avoid path to avoid transiting particular AS
– E.g. link speed, capacity, tendency to become congested,
and overall quality of operation, security
– E.g. minimizing number of transit ASs

Border Gateway Protocol (BGP)
• Developed for use with TCP/IP internets
• Is preferred EGP of the Internet
• Uses messages sent over TCP connection
• Current version is BGP-4 (RFC1771)
• Functional procedures
– neighbor acquisition - If the two routers are in different autonomous
systems, they may wish to exchange routing information. For this purpose, it
is necessary first to perform neighbor acquisition-overburdened router may
refuse the acquisition
– neighbor reachability - to maintain relationship
– network reachability - to update database of routes

BGP Messages
• Open
– To perform neighbor acquisition, two routers
send Open messages to each other after a TCP
connection is established
• Keep alive
– If each router accepts the request, it returns a
Keep alive message in response to assure
neighbor reachability and engagement
• Update
– Data base updates
– Stores the route information
– When change is made, update message is
broadcasted
• Notification-Send when an error condition is detected

BGP Routing Information Exchange
• within AS a router builds topology picture
using IGP
• router issues Update message to other routers
outside AS using BGP
• these routers exchange info with other routers
in other AS
– AS_Path field used to prevent loops
• routers must then decide best routes

BGP Example Figure 19.5

Resource Reservation: RSVP
• RFC 2205
• Unicast applications can reserve resources in routers
to meet QoS (e.g. Video applications)
– if router can not meet request, application informed
• Multicast more demanding, but may be reduced
– some members of group may not require delivery from
particular source over given time
– some group members may only be able to handle a
portion of the transmission
– reservation means routers can decide in advance if can
meet requirements

Soft State
• RSVP is different than connection-oriented
networks
– Changes dynamically change
• Use concept of Soft State
– set of state info in router that expires unless
refreshed
• applications must periodically renew requests
during transmission

RSVP Characteristics
• unicast and multicast
• receiver initiated reservation
• maintain soft state in the internet
• provide different reservation styles
• transparent operation through non-RSVP
routers
• support for IPv4 and IPv6

NAT: Network Address Translation
• Whatever connects directly into Internet must have public
(globally unique) IP address
• There is a shortage of public IPv4 address
• So Private IP addresses can be used within a private
network
• Three address ranges are reserved for private usage
• 10.0.0.0/8
• 172.16.0.0/16 to 172.31.0.0/16
• 192.168.0.0/24 to 192.168.255.0/24
• A private IP is mapped to a Public IP, when the machine has
to access the Internet and vice versa
• Private vs Public IP Addresses
Ref. Online sources

NAT
• NAT (Network Address Translation) Maps Private IPs to
Public IPs
• It is required because of shortage of IPv4 Address
H1
Router/NAT
H2
10.0.1.3
10.0.1.1
10.0.1.2
H3
Router/NAT
H4
10.0.1.3
10.0.1.2
Private network 2
Internet
H5
10.0.1.1
Private network 1
128.195.4.119 128.143.71.21
213.168.112.3
Ref. Online sources

NAT
• Static NAT : Maps unique Private IP to unique Public IP
• Dynamic NAT : Maps Multiple Private IP to a Pool of Public
IPs (Port Address Translation : Maps a Public IP and Port
Number to a service in Private IP)
H1
Private address: 10.0.1.2
Private network
Source = 10.0.1.2
Source port = 2001
Source = 128.143.71.21
Source port = 3200
NAT
H2
Private address: 10.0.1.3
Source = 10.0.1.3
Source port = 1090
Internet
Source = 128.143.71.21
Destination = 4444
128.143.71.21
Ref. Online sources

VPN
• VPN is a private connection between two systems or
networks over a shared or public network (typically
Internet).
• VPN technology lets an organization securely extend its
network services over the Internet to remote users, branch
offices, and partner companies.
• In other words, VPN turns the Internet into a simulated
private WAN.
• VPN is very appealing since the Internet has a global
presence, and its use is now standard practice for most
users and organizations.
Ref. Online sources

VPN

VPN
• To use the Internet as a private Wide Area Network,
organizations may have to address two issues :
• First, networks often communicate using a variety of
protocols, such as IPX and NetBEUI, but the Internet can
only handle TCP/IP traffic. So VPN may need to provide a
way to pass non-TCP/IP protocols from one network to
another.
• Second data packets traveling the Internet are
transported in clear text. Therefore, anyone who can see
Internet traffic can also read the data contained in the
packets. This is a problem if companies want to use the
Internet to pass important, confidential business
information.
Ref. Online sources

VPN
• VPN overcome these obstacles by using a strategy called
Tunneling. Instead of packets crossing the Internet out in
the open, data packets are fist encrypted for security, and
then encapsulated in an IP packet by the VPN and tunneled
through the Internet.
• The VPN tunnel initiator on the source network
communicates with a VPN tunnel terminator on the
destination network. The two agree upon an encryption
scheme, and the tunnel initiator encrypts the packet for
security.
Ref. Online sources

VPN
• VPN technology provides many benefits. Perhaps the
biggest selling point for VPN is cost savings. One can avoid
having to purchase expensive leased lines to branch offices
or partner companies. On another cost-related note, you
can evade having to invest in additional WAN equipment
and instead leverage your existing Internet installation.
• Another benefit of VPN is that it is an ideal way to handle
mobile users.
Ref. Online sources

Delay models in Data Networks

Queuing theory
Queuing theory is the primary methodological framework for analyzing network delay
Sources of Delay:
1. The processing delay between the time the packet is correctly received at the head node of the
link and the time the packet is assigned to an outgoing link queue for transmission. (In some systems,
we must add to this delay some additional processing time at the DLC and physical layers.)
2. The queuing delay between the time the packet is assigned to a queue for transmission and the
time it starts being transmitted. During this time, the packet waits while other packets in the
transmission queue are transmitted.
3. The transmission delay between the times that the first and last bits of the packet are transmitted.
4. The propagation delay between the time the last bit is transmitted at the head node of the link and
the time the last bit is received at the tail node. This is proportional to the physical distance between
transmitter and receiver; it can be relatively substantial, particularly for a satellite link or a very high
speed link.

Statistical Multiplexing
• Statistical Multiplexing, the packets of all traffic streams are merged into a single queue and
transmitted on a first-come first-serve basis.
Queuing/Buffering
Shared Buffering Pledged Buffering

QUEUEING MODELS - LITTLE’S THEOREM
• Customers arrive at random times to obtain service
• Customers represent packets assigned to a
communication link for transmission
• Service time corresponds to the packet transmission
time and is equal to
𝐿
𝐶
, where ‘L’ is the packet length in
bits and ‘C’ is the link transmission capacity in bits/sec.
• Problem Statement: Estimate the following
1. The average number of customers in the system (i.e.,
the “typical” number of customers either waiting in queue
or undergoing service)
2. The average delay per customer (i.e., the “typical” time
a customer spends waiting in queue plus the service
time).

QUEUEING MODELS - LITTLE’S THEOREM
• Problem Statement: Estimate the following
1. The average number of customers in the system (i.e., the
“typical” number of customers either waiting in queue or
undergoing service)
2. The average delay per customer (i.e., the “typical” time a
customer spends waiting in queue plus the service time).
• These quantities will be estimated in terms of:
1. The customer arrival rate (i.e., the "typical" number of
customers entering the system per unit time)
2. The customer service rate (i.e., the "typical" number of
customers the system serves per unit time when it is constantly
busy)

LITTLE’S THEOREM

Little’s Theorem
• N: average number of customers in system
• : mean arrival rate
• T: mean time, a customer spends in system
T
 𝑵 = λ ∗ 𝑻

Little’s Theorem

Examples of Little’s Theorem
• λ is the arrival rate in a transmission line
• NQ is the average number of packets waiting in queue (but not under
transmission).
• W is the average time spent by a packet waiting in queue (not including the
transmission time)
• Little's Theorem gives
• if 𝑋 is the average transmission time, then Little's Theorem gives
line's utilization factor
• At most one packet can be under transmission, ρ is also the line's utilization factor.
(i.e. the proportion of time that the line is busy transmitting a packet)

Examples Little’s Theorem

Hostel Work: Examples Little’s Theorem

Estimating Throughput in a Time-Sharing System
• Used to provide bounds on the attainable system
throughput
• Time-sharing computer system with N terminals
• Initial reflection period of average length R
• Submits a job that requires an average processing
time P at the computer
• Estimates of the throughput (in jobs per unit time)
• Assume that there is always a user ready to take the
place of a departing user, so the number of users in
the system is always N
• Applying Little's Theorem to the portion of the system
between the entry to the terminals and the exit of the
system
• where T is the average time a user spends in the system.

Little’s Theorem
• Number of terminals N increases, the
throughput approaches the maximum 1 / P
• Average user delay rises essentially in
direct proportion with N
• The number of terminals becomes a
throughput bottleneck when N < 1 + R I P

THE M/M/1 QUEUEING SYSTEM
• The M/M/1 queuing system consists of a single queuing station with a single server (in a
communication context, a single transmission line).
• Customers arrive according to a Poisson process with rate λ, and the probability
distribution of the service time is exponential with mean 1/µ sec.
• The first letter indicates the nature of the arrival process
• First, M stands for memory less, which here means a Poisson process (i.e.,
exponentially distributed inter arrival times), G stands for a general distribution of inter-
arrival times, D stands for deterministic inter-arrival times. E.g. M/M/1, G/M/1, D/M/1
• The second letter indicates the nature of the probability distribution of the service times
(e.g., M, G, and D stand for exponential, general, and deterministic distributions,
respectively).
• The last number indicates the number of servers.

• Expanding the Poisson distribution on the number of arrivals in an interval of length δ in a Taylor series
• If two or more independent Poisson processes A1, .... Ak are merged into a single process A = A1 +
A2 + ... + Ak , the latter process is Poisson with a rate equal to the sum of the rates of its components
• If a Poisson process is split into two other processes by independently assigning each arrival to the
first (second) of these processes with probability p (I – p respectively), the two arrival processes thus
obtained are Poisson. (For this it is essential that the assignment of each arrival be independent of
the assignment of other arrivals).
• A Poisson process is considered as a model for the aggregate traffic of a large number of similar and
independent users. In particular, suppose that we merge n independent and identically distributed
packet arrival processes. Each process has arrival rate A/n, so that the aggregate process has arrival
rate A.
• The inter-arrival times T between packets of the same process have a given distribution F(s) = P{τ≤s}
and are independent [F(s) need not be an exponential distribution]. Then under relatively mild
conditions on F e.g., F(0) = 0, dF(0)/ds >0], the aggregate arrival process can be approximated well
by a Poisson process with rate A as n  ∞

• Customer service times have an exponential distribution with parameter µ, that is, if sn is the service
time of the nth customer

Markov chain formulation

Discrete-time Markov chain for the M/M/1 system

Average Number of Customers in the system vs. Utilization Factor

Delay (Waiting in the Queue +Service Time)

Increasing the Arrival and Transmission Rates by the Same Factor

Statistical Multiplexing Compared with Time- and Frequency-Division
Multiplexing

M/M/m: The m-Server Case
• The M / M / m queuing system with m-servers
• A customer at the head of the queue is routed to any server that is available

• Global balance equations for the steady-state probabilities Pn

One vs. Using Multiple Channels in Statistical Multiplexing
Problem statement: Consider a communication link serving m independent Poisson traffic streams with
overall rate λ. Link is divided into m separate channels with one channel assigned to each traffic stream.
The transmission times of packets on each of the channels are exponentially distributed with mean 1/ µ.
Model the system by the Markov chain as the M/M/m queue.
• Let us compare the average delays per packet of this system, and an M/M/1 system with the same
arrival rate λ and service rate m*µ (statistical multiplexing with one channel having m times larger
capacity).
• The average delay per packet is given by the M/M/m
Multiple Channels in Statistical Multiplexing
Multiple Servers

One vs. Using Multiple Channels in Statistical Multiplexing

The m-Server Loss System
• Consider a system, which is identical to the M/M/m system except that if an arrival finds all m
servers busy, it does not enter the system and is lost instead (not reattempted).
• Last m in the M/M/m/m notation indicates the limit on the number of customers in the system
• Model is used widely in telephony (in circuit switched networks)
• In this context, customers in the system correspond to active telephone conversations and
the m servers represent a single transmission line consisting of m circuits.
• The average service time 1/µ is the average duration of a telephone conversation.
• Objective: Find the blocking probability
Vs.

The m-Server Loss System

The Infinite-Server Case

Multidimensional Markov Chains-Applications in Circuit Switching
Single type of customer where the state can be described by the number of customers in the system
There are several classes of customers, each with its own statistical characteristics for arrival and service,
which cannot be lumped into a single class
Consider a transmission line consisting of m independent circuits of equal capacity
Two types of sessions arriving with Poisson rates ) λ1 and λ2, respectively A session is blocked and lost for
the system if all circuits are busy upon arrival, and is otherwise routed to any free circuit. The durations (or
holding times) of the sessions of the two types are exponentially distributed with means 1/µ1 and 1/µ1. Find
the steady-state blocking probability for this system.
µ1=µ2  two session types are indistinguishable for queuing system can be modeled by an M/M/m/m queue
with arrival rate λ1 + λ1
Blocking probability can be found using the Erlang B formula µ1≠µ2 the appropriate Markov chain model
involves the two-dimensional state (n1, n2), where ni is the number of circuits occupied by a session of type
i, for i = 1,2.

Multidimensional Markov Chains-Applications in Circuit Switching

Multidimensional Markov Chains

Markov chain for a K independent M/M/1 queues

General Distribution

THE M/G/1 SYSTEM
• Consider a single-server queuing system where customers arrive according to a Poisson process with
rate λ, but the customer service times have a general distribution (M/G/1)-not necessarily exponential as
in the M/M/1 system.
• Xi is the service time of the ith arrival

THE M/G/1 SYSTEM

Mean residual service time

M/G/1 Queues with Vacations
• At the end of each busy period, the server goes on "vacation" for some random interval of
time. Thus, a new arrival to an idle system, rather than going into service immediately, waits
for the end of the vacation period

M/G/1 Queues with Vacations

Priority Queueing
Reservations and Polling
1. Non-preemptive priority
2. Preemptive resume priority
Reservations and Polling

Multi-Access Communication

• Satellite systems, radio broadcast, multi-
drop telephone lines and multi-tap bus in
the computer systems, for which the
received signal at one node depends on
the transmitted signal at two or more other
nodes such media called multi-access
media
• Additional sublayer, often called the
medium access control (MAC) sublayer.
between the data link control (DLC) layer
and the physical layer.
• Multi-access communication in queueing
terms: Each node has a queue of packets
to be transmitted and the multi-access
channel is a common server

Multi-access Communication
Free-For-All: Nodes normally send new
packets immediately, hoping for no
interference from other nodes.
Perfectly Scheduled: E.g. Round robin
Objective of the scheduling algorithm:
(I) What determines the scheduling order
(static vs. dynamic)
(2) How long can a reserved interval last?
(3) how are nodes informed of their turns?
Carrier Sense Multiple Access (CSMA): a
packet transmission is not allowed to start if
the channel is sensed to be busy

• Carrier Sense Multiple Access (CSMA): a
packet transmission is not allowed to start if the
channel is sensed to be busy
• The value of these strategies is critically
dependent on the ratio of propagation delay to
packet transmission time. a parameter called β
• If β << 1, CSMA can decrease delay and
increase throughput significantly
• Here the interesting feature is dealing with β>>1
• LANs: Small β
• Greater geographical networks: WAN, Core
networks, satellite communication  large β

Common multi-access channels

Slot scheduling

SLOTTED MULTIACCESS AND THE ALOHA SYSTEM
• Problem statement: In any communication media, If two or more
nodes transmit simultaneously, the reception is garbled, and if none
transmit, the channel is unused. Therefore design such scheduling
algorithm to resolve the said problem.
• The problem is somehow to coordinate the use of the channel so
that exactly one node is transmitting for an appreciable fraction of
the time.
• Idealized Slotted Multi-access Model:
• Deals with the contention that occurs when multiple nodes attempt to
use the channel simultaneously

Basic terminologies/assumptions
Slotted system: Assume that all transmitted packets have the same
length and that each packet requires in one time unit (called a slot) for
transmission. All transmitters are synchronized so that the reception of
each packet starts at an integer time and ends before the next integer
time.
Poisson arrivals: Assume that packets arrive for transmission at each
of the ‘m’ transmitting nodes according to independent Poisson
processes. Let ‘λ’ be the overall arrival rate to the system. and let ‘λ’ be
the arrival rate at each transmitting node.
Collision or perfect reception: Assume that if two or more nodes send
a packet in a given time slot, then there is a collision and the receiver. If
just one node sends a packet in a given slot, the packet is correctly
received.

Basic terminologies/assumptions
• (0, 1, e) Immediate feedback: Assume that at the end of each slot, each
node obtains feedback from the receiver specifying whether 0 packets, 1
packet or more than one packet (e for error) were transmitted in that slot.
• Retransmission of collisions: Assume that each packet involved in a
collision must be retransmitted in some later slot, with further such
retransmissions until the packet is successfully received. A node with a
packet that must be retransmitted is said to be backlogged.
• No buffering: If one packet at a node is currently waiting for transmission or
colliding with another packet during transmission, new arrivals at that node
are discarded and never transmitted.
• Infinite set of nodes: The system has an infinite set of nodes and each
newly arriving packet arrives at a new node.

Slotted Aloha
• Each un backlogged node simply transmits a newly arriving packet in the first slot after the
packet arrival, thus risking occasional collisions but achieving very small delay if collisions
are rare
• When a collision occurs in slotted Aloha, each node sending one of the colliding packets
discovers the collision at the end of the slot and becomes backlogged. If each backlogged
node were simply to retransmit in the next slot after being involved in a collision, then
another collision would surely occur. Instead, such nodes wait for some random number of
slots before retransmitting.
• Arrivals transmitted in a slot is a Poisson random variable with parameter λ. If the
retransmissions from backlogged nodes are sufficiently randomized, it is possible to
approximate the total number of retransmissions and new transmissions in a given slot as a
Poisson random variable with some parameter G > λ. With this approximation, the
probability of a successful transmission in a slot is Ge-G. Finally. in equilibrium, the arrival
rate λ, to the system should be the same as the departure rate, Ge-G.

Throughput: Slotted Aloha

Throughput: Slotted Aloha
• We see that the maximum possible departure rate
occurs at G = 1 and is 1/e ~ 0.368.
• Any arrival rate less than 1/e, there are two values of G
for which the arrival rate equals the departure rate.
• Maximum throughput rate of slotted Aloha as 1/e and
also shows that G, the mean number of attempted
transmissions per slot, should be on the order of 1 to
achieve a throughput close to 1/e.
• If G < 1, too many idle slots are generated, and if G >
1, too many collisions are generated.
• To construct a more precise model, assume that each
backlogged node retransmits with some fixed
probability qr in each successive slot until a successful
transmission occurs.
• In other words, the number of slots from a collision until
a given node involved in the collision retransmits is a
geometric random variable having value i>1 with
probability qr(1 - qr)i-1

Slotted Aloha

Markov chain for Slotted Aloha

Slotted Aloha
• To choose the retransmission probability qr, to be moderately large, so as to avoid large
delays after collisions
• If the arrival rate is small and not many packets are involved in collisions, this works well and
retransmissions are normally successful.
• On the other hand, if the system is afflicted with a run of bad luck and the number of
backlogged packets n gets large enough to satisfy qr*n >> 1, then collisions occur in almost
all successive slots and the system remains heavily backlogged for a long time.

Drift and Probability of Successful Transmission

Instability of slotted Aloha
• The departure rate (i.e., Psucc) is at most 1/e
for large m. Second, the departure rate is
almost zero for long periods whenever the
system jumps to the undesirable stable point.
• If we replace the no-buffering assumption
with the infinite-node assumption, the attempt
rate G(n) becomes λ + n*qr and the straight
line representing arrivals in Fig. 4.4 becomes
horizontal. In this case. the undesirable stable
point disappears, and once the state of the
system passes the unstable equilibrium. it
tends to increase without bound.
• From a practical standpoint, if the arrival rate
λ, is very much smaller than 1/e, and if λ is
moderate, then the system could be expected
to remain in the desired stable state for very
long periods.

Pseudo-Bayesian algorithm
• Effective way to stabilize Aloha
• The algorithm differs from slotted Aloha in that new arrivals are regarded as backlogged immediately on
arrival, rather than being transmitted with certainty in the next slot
• they are transmitted with probability qr in the same way as packets involved in previous collisions
• Thus, if there are n backlogged packets (including new arrivals) at the beginning of a slot, the attempt
rate is G(n) = n*qr
• The probability of a successful transmission is n*qr*(1 - qr)n-1
• For unstabilized Aloha, this modification would not make much sense, since qr has to be relatively small
and new arrivals would be unnecessarily delayed. For stabilized Aloha, however, q, can be as large as
1 when the estimated backlog is negligible, so that new arrivals are held up only when the system is
already estimated to be congested.
• This modification increases the probability of success if the backlog estimate is accurate.

Binary exponential back-off
• Selective feedback: In some systems, a node receives feedback only about whether or not its
own packets were successfully transmitted; it receives no feedback about slots in which it does
not transmit.
• Such limited feedback is sufficient for slotted Aloha but is insufficient for the backlog estimation
of the pseudo-Bayesian strategy. Binary exponential backoff is a stabilization strategy used in
Ethernet that employs only this more limited form of feedback
• if a packet has been transmitted unsuccessfully i times, then the probability of transmission in
successive slots is set at qr = 2-i (or is uniformly distributed over the next 2i slots after the ith
failure). When a packet initially arrives in the system, it is transmitted immediately in the next slot
• when a packet first arrives (with this limited feedback), the node knows nothing of the backlog,
so the immediate first transmission is reasonable. With successive collisions, any reasonable
estimate of backlog would increase, motivating the decrease in the local qr
• Unfortunately, in the limit as the number of nodes approaches infinity, this strategy is unstable
for every arrival rate λ, greater than 0

Expected waiting time W

Unslotted / Pure Aloha
• In this strategy, each node, upon
receiving a new packet, transmits it
immediately rather than waiting for a
slot boundary.
• Slots play no role in pure Aloha
• If the transmission times for two
packets overlap at all, the CRCs on
those packets will fail and
retransmission will be required.
• Receiver rebroadcasts the composite
received signal (or that all nodes
receive the composite signal), so that
each node, after a given propagation
delay, can determine whether or not
its transmitted packets were correctly
received

Unslotted / Pure Aloha
• A node is considered backlogged from the time it has determined that its
previously transmitted packet was involved in a collision until the time that it
attempts retransmission.
• Assume that the period until attempted retransmission τ is an exponentially
distributed random variable with probability density x ∗ 𝑒−𝑥τ where x is an
arbitrary parameter interpreted as a node's retransmission attempt rate
• Thus, with an overall Poisson arrival rate of λ, to the system, the initiation
times of attempted transmissions is a time-varying Poisson process of rate
G(n) = λ+n*x in which n is the backlog at a given time.

Throughput: Unslotted / Pure Aloha

Throughput: Unslotted / Pure Aloha
Advantage of pure Aloha is that it can be used with variable length packets. whereas with slotted Aloha,
long packets must be broken up to fit into slots and short packets must be padded out to fill up slots.

Ethernet (CSMA/CD)
• most widely used LAN standard
• developed by
– Xerox - original Ethernet
– IEEE 802.3
• Carrier Sense Multiple Access with Collision
Detection (CSMA/CD)
– random / contention access to media

Carrier Sense Multiple Access (CSMA)
• Propagation time is much less than transmission time
• All stations know that a transmission has started almost immediately
• First listen for clear medium (carrier sense)
• If medium idle, transmit
• If two stations start at the same instant, collision occurs
• Wait reasonable time (round trip plus ACK contention)
• No ACK then retransmit
• Max utilization depends on propagation time (medium length) and
frame length
– Longer frame and shorter propagation gives better utilization
• Types of CSMA
– Non-persistent CSMA
– 1-persistent CSMA
– p-persistent CSMA

Non-persistent CSMA
1. If medium is idle, transmit; otherwise, go to 2
2. If medium is busy, wait amount of time drawn from probability
distribution (retransmission delay) and repeat 1
• Random delays reduces probability of collisions
– Consider two stations become ready to transmit at same time
• While another transmission is in progress
– If both stations delay same time before retrying, both will attempt to
transmit at same time
• Capacity is wasted because medium will remain idle following
end of transmission
– Even if one or more stations waiting
• Non-persistent stations deferential

1-persistent CSMA
• The use of random delays reduces the probability of collisions
• To avoid idle channel time, 1-persistent protocol used
• Station wishing to transmit listens and obeys following:
1. If medium idle, transmit; otherwise, go to step 2
2. If medium busy, listen until idle; then transmit immediately
• 1-persistent stations selfish
• If two or more stations waiting, collision guaranteed
– Gets sorted out after collision

P-persistent CSMA
• Compromise that attempts to reduce collisions
– Like non-persistent
• And reduce idle time
– Like 1-persistent
• Rules:
1. If medium idle, transmit with probability p, and
delay one time unit with probability (1 – p)
– Time unit typically maximum propagation delay
2. If medium busy, listen until idle and repeat step
1
3. If transmission is delayed one time unit, repeat
step 1
• What is an effective value of p?

CSMA Persistence and Backoff

Value of p?
• Avoid instability under heavy load
• n stations waiting to send
• End of transmission, expected number of stations attempting
to transmit is number of stations ready times probability of
transmitting
– np
• If np > 1 on average there will be a collision
• Repeated attempts to transmit almost guaranteeing more
collisions
• Retries compete with new transmissions
• Eventually, all stations trying to send
– Continuous collisions; zero throughput
• So np < 1 for expected peaks of n
• If heavy load expected, p small
• However, as p made smaller, stations wait longer

CSMA/CD Operation
• At time station A begins transmitting a
packet addressed to D. At both B and C
are ready to transmit.
• B senses a transmission and so defers.
• C, however, is still unaware of A’s
transmission (because the leading edge
of A’s transmission has not yet arrived at
C) and begins its own transmission.
• When A’s transmission reaches C, at C
detects the collision and ceases
transmission. The effect of the collision
propagates back to A, where it is
detected some time later, at which time A
ceases transmission.
• With CSMA/CD, the amount of wasted
capacity is reduced to the time it takes to
detect a collision.

Which Persistence Algorithm?
• IEEE 802.3 uses 1-persistent
• both non-persistent and p-
persistent have performance
problems
• 1-persistent seems more
unstable than p-persistent
– because of greed of the
stations
– but wasted time due to
collisions is short
– with random backoff unlikely
to collide on next attempt to
send

Binary Exponential Backoff
• for backoff stability, IEEE 802.3 and Ethernet both use
binary exponential backoff
• stations repeatedly resend when collide
– on first 10 attempts, mean random delay doubled
– value then remains same for 6 further attempts
– after 16 unsuccessful attempts, station gives up and reports
error
• 1-persistent algorithm with binary exponential
backoff efficient over wide range of loads
• but backoff algorithm has last-in, first-out effect

IEEE 802.3 MAC Frame Format

Example Gigabit Ethernet Configuration

Throughput analysis
RJEs: Remote job entry points Ref. Book: Communication Networks by A. Leon Garcia

RTS/CTS dialog
RTS
Defer
Any node hearing this RTS will defer medium access
RTS: Request to Send

RTS/CTS dialog
RTS
Defer
CTS
Defer
Any node hearing this CTS will defer medium access
CTS: Clear to Send

RTS/CTS/DATA/ACK dialog
Data
Defer
ACK
Defer

IEEE 802.11 Distributed Coordination Function (DCF)
• Uses RTS/CTS exchange to avoid hidden terminal problem
– Any node overhearing a CTS cannot transmit for the duration of the
transfer.
– Any node overhearing an RTS cannot transmit for the duration of the
transfer (to avoid collision with ACK)
• Uses ACK to achieve reliability
• CSMA/CA
– Contention-based random access
– Collision detection not possible while transmitting

IEEE 802.11 DCF (cont.)
• Carrier sense in 802.11
– Physical carrier sense
– Virtual carrier sense using Network Allocation Vector
(NAV)
• RTS/CTS specify duration of subsequent DATA/ACK
• NAV is updated based on overheard RTS/CTS
• Collision avoidance
– Nodes stay silent when carrier sensed busy
(physical/virtual)
– Backoff intervals are used to reduce collision probability

Backoff Interval
• When channel is busy, choose a backoff interval in
the range [0, cw].
• Count down the backoff interval when medium
becomes idle.
• Count down is suspended if medium becomes busy
again.
• When backoff interval reaches 0, transmit RTS.
• Binary exponential backoff in 802.11 DCF:
– When a node fails to receive CTS, cw is doubled up (up to
an upper bound).
– When a data transfer completes successfully, cw is reset
to cwmin.
Distributed Coordination Function (DCF)

Basic CSMA/CA operations

IEEE 802.11 Medium Access Control Logic

Transmission without RTS/CTS

Transmission with RTS/CTS

Priority Inter Frame Space (IFS) Values
• SIFS (short IFS)
– for all immediate response actions
– PIFS (point coordination function IFS)
– used by the centralized controller in PCF scheme when
issuing polls
• DIFS (distributed coordination function IFS)
– used as minimum delay for asynchronous frames contending
for access

SIFS Use
• SIFS gives highest priority
– over stations waiting PIFS or DIFS time
• SIFS used in following circumstances:
– Acknowledgment (ACK)
• station responds with ACK after waiting SIFS gap
• for efficient collision detect & multi-frame transmission
– Clear to Send (CTS)
• station ensures data frame gets through by issuing RTS
• and waits for CTS response from destination
– Poll response
• see Point coordination Function (PCF) discussion next
Short Inter Frame Space (IFS)

PIFS and DIFS Use
• PIFS used by centralized controller
– for issuing polls
– has precedence over normal contention traffic
– but not SIFS
• DIFS used for all ordinary asynchronous traffic

IEEE 802.11 MAC Timing Basic Access Method

Appendix-I
IFS: Inter frame Space
DCF: Distributed Coordination Function
RTS: Request to Send
CTS: Clear to Send
PCF: Point Coordination Function
DIFS: Distributed Coordination Function
SIFS: Short Inter Frame Space
PIFS: Point Coordination Function Inter Frame Space
NAV: Network Allocation Vector

https://www.slideshare.net/WayneJonesJnr/ch12-3361657

Exercise

Hostel Work
https://web.njit.edu/~abdallah/sol7.pdf
Submit above two by 11.11.18
https://nptel.ac.in/courses/106105080/pdf/M5L2.pdf
(Self interest)
Project / IEEE assignment paper Submission date:
22.11.2018
Multiple excess (Pure ALOHA, Slotted ALOHA and CSMA)

Transport/Application Layer Protocols

TCP: L4, Connection-oriented, Reliable
End-to-End, Port #
Connection setup/termination
Flow/Error/Congestion Control
Credit-based
Persist Timer
2-way handshake
 3-way
ReTx Timer (RTT)
Exp. RTO Backoff
Karn’s Algorithm
Window
Management

Transport Protocols
• end-to-end data transfer service
• shield upper layers from network details
• reliable, connection oriented
– has greater complexity
– E.g. TCP
• best effort, connectionless
– datagram
– E.g. UDP

Connection Oriented Transport Protocols
• provides establishment, maintenance &
termination of a logical connection
• most common service
• used for a wide variety of applications
• is reliable
• but complex
• first discuss evolution from reliable to
unreliable network services

Reliable Sequencing Network Service
• assume virtually 100% reliable delivery by network
service of arbitrary length messages
– E.g. reliable packet switched network with X.25
– E.g. frame relay with LAPF control protocol
– E.g. IEEE 802.3 with connection oriented LLC service
• transport service is a simple, end to end protocol
between two systems on same network
• issues are: addressing, multiplexing, flow control,
connection establishment and termination

Addressing
• establish identity of other transport entity by:
– user identification (host, port)
• a socket in TCP
– transport entity identification (on host)
• specify transport protocol (TCP, UDP)
– host address of attached network device
• in an internet, a global internet address
– network number
• transport layer passes host to network layer

Finding Addresses
• know address ahead of time
• well known addresses
– eg. common servers like FTP, SMTP etc
• name server
– does directory lookup
• sending request to well known address which
spawns new process to handle it

Multiplexing
• of upper layers (downward multiplexing)
– so multiple users employ same transport protocol
– user identified by port number or service access
point
• may also multiplex with respect to network
services used (upward multiplexing)
– eg. multiplexing a single virtual X.25 circuit to a
number of transport service user

Flow Control
• issues:
– longer transmission delay between transport entities
compared with actual transmission time delays
communication of flow control info
– variable transmission delay so difficult to use timeouts
• want TS flow control because:
– receiving user can not keep up
– receiving transport entity can not keep up
• which can result in buffer overflowing
• managing flow difficult because of gap between
sender and receiver

Coping with Flow Control Requirements
• do nothing
– segments that overflow are discarded
– sender fail to get ACK and will retransmit
• refuse further segments
– triggers network flow control but clumsy
• use fixed sliding window protocol
– works well on reliable network
– does not work well on unreliable network
• use credit scheme

Credit Scheme
• decouples flow control from ACK
• each octet has sequence number
• each transport segment has seq number (SN), ack
number (AN) and window size (W) in header
• sends seq number of first octet in segment
• ACK includes (AN=i, W=j) which means
– all octets through SN=i-1 acknowledged, want i next
– permission to send additional window of W=j octets

Credit Allocation

Credit Allocation
 Figure illustrates the mechanism. For simplicity, we show data flow in one direction only and
assume that 200 octets of data are sent in each segment. Initially, through the connection
establishment process, the sending and receiving sequence numbers are synchronized and A is
granted an initial credit allocation of 1400 octets, beginning with octet number 1001. The first
segment transmitted by A contains data octets numbered 1001 through 1200. After sending 600
octets in three segments, A has shrunk its window to a size of 800 octets (numbers 1601 through
2400). After B receives these three segments, 600 octets out of its original 1400 octets of credit
are accounted for, and 800 octets of credit are outstanding. Now suppose that, at this point, B is
capable of absorbing 1000 octets of incoming data on this connection. Accordingly, B
acknowledges receipt of all octets through 1600 and issues a credit of 1000 octets. This means
that A can send octets 1601 through 2600 (5 segments). However, by the time that B's message
has arrived at A, A has already sent two segments, containing octets 1601 through 2000 (which
was permissible under the initial allocation). Thus, A's remaining credit upon receipt of B's credit
allocation is only 600 octets (3 segments). As the exchange proceeds, A advances the trailing
edge of its window each time that it transmits and advances the leading edge only when it is
granted credit.

Sending and Receiving Perspectives

Sending and Receiving Perspectives
• Figure shows the view of this mechanism from the sending and receiving sides). Typically, both
sides take both views because data may be exchanged in both directions. Note that the receiver is
not required to immediately acknowledge incoming segments but may wait and issue a cumulative
acknowledgment for a number of segments. The receiver needs to adopt some policy concerning
the amount of data it permits the sender to transmit. The conservative approach is to only allow
new segments up to the limit of available buffer space. If this policy were in effect in previous figure,
the first credit message implies that B has 1000 available octets in its buffer, and the second
message that B has 1400 available octets. A conservative flow control scheme may limit the
throughput of the transport connection in long-delay situations. The receiver could potentially
increase throughput by optimistically granting credit for space it does not have. For example, if a
receiver's buffer is full but it anticipates that it can release space for 1000 octets within a round-trip
propagation time, it could immediately send a credit of 1000. If the receiver can keep up with the
sender, this scheme may increase throughput and can do no harm. If the sender is faster than the
receiver, however, some segments may be discarded, necessitating a retransmission. Because
retransmissions are not otherwise necessary with a reliable network service (in the absence of
internet congestion), an optimistic flow control scheme will complicate the protocol.

Establishment and Termination
• need connection establishment and
termination procedures to allow:
– each end to know the other exists
– negotiation of optional parameters
– triggers allocation of transport entity resources

Connection State Diagram

Connection Establishment

Connection Termination
• either or both sides by mutual agreement
• graceful or abrupt termination
• if graceful, initiator must:
– send FIN to other end, requesting termination
– place connection in FIN WAIT state
– when FIN received, inform user and close connection
• other end must:
– when receives FIN must inform TS user and place
connection in CLOSE WAIT state
– when TS user issues CLOSE primitive, send FIN & close
connection

Unreliable Network Service
• more difficult case for transport protocol since
– segments may get lost
– segments may arrive out of order
• examples include
– IP internet, frame relay using LAPF, IEEE 802.3 with
unacknowledge connectionless LLC
• issues:
– ordered delivery, retransmission strategy, duplication
detection, flow control, connection establishment &
termination, crash recovery

Ordered Delivery
• segments may arrive out of order
• hence number segments sequentially
• TCP numbers each octet sequentially
• and segments are numbered by the first octet
number in the segment

Retransmission Strategy
• retransmission of segment needed because
– segment damaged in transit
– segment fails to arrive
• transmitter does not know of failure
• receiver must acknowledge successful receipt
– can use cumulative acknowledgement for efficiency
• sender times out waiting for ACK triggers
re-transmission

Timer Value
• fixed timer
– based on understanding of network behavior
– can not adapt to changing network conditions
– too small leads to unnecessary re-transmissions
– too large and response to lost segments is slow
– should be a bit longer than round trip time
• adaptive scheme
– may not ACK immediately
– can not distinguish between ACK of original segment and
re-transmitted segment
– conditions may change suddenly

Incorrect Duplicate Detection

Two Way Handshake: Obsolete Data Segment
Solution: start each new connection with a
different seq. no. that is far removed from the
last seq. no. of the most recent connection.

Two Way Handshake: Obsolete SYN Segment
Solution: to acknowledge explicitly the other’s
SYN and seq. number
-Three way handshake

Three Way Handshake: Examples

Three Way Handshake: Examples
• Figure illustrates typical three-way handshake operations. In
Figure, transport entity A initiates the connection, with a SYN
including the sending sequence number, i. The value i is
referred to as the initial sequence number (ISN) and is
associated with the SYN; the first data octet to be transmitted
will have sequence number i + 1. The responding SYN
acknowledges the ISN with (AN = i + 1) and includes its ISN. A
acknowledges B's SYN/ACK in its first data segment, which
begins with sequence number i + 1. Figure shows a situation
in which an old SYN i arrives at B after the close of the
relevant connection. B assumes that this is a fresh request
and responds with SYN j, AN = i + 1. When A receives this
message, it realizes that it has not requested a connection
and therefore sends an RST, AN = j. Note that the AN = j
portion of the RST message is essential so that an old
duplicate RST does not abort a legitimate connection
establishment. Figure shows a case in which an old SYN/ACK
arrives in the middle of a new connection establishment.
Because of the use of sequence numbers in the
acknowledgments, this event causes no mischief.

Connection Termination Graceful Close
• also have problems with loss of segments and
obsolete segments
• need graceful close which will:
• send FIN i and receive AN i+1 (close S -> R)
• receive FIN j and send AN j+1 (close S <- R)
• wait twice maximum expected segment
lifetime

Connection Termination
• like connection need 3-way handshake
• misordered segments could cause:
– entity in CLOSE WAIT state sends last data segment,
followed by FIN
– FIN arrives before last data segment
– receiver accepts FIN, closes connection, loses data
• need to associate sequence number with FIN
• receiver waits for all segments before FIN sequence
number

Failure Recovery
• after restart all state info is lost
• may have half open connection
– as side that did not crash still thinks it is connected
• close connection using keepalive timer
– wait for ACK for (time out) * (number of retries)
– when expired, close connection and inform user
• send RST i in response to any i segment arriving
• user must decide whether to reconnect
– have problems with lost or duplicate data

TCP
• Transmission Control Protocol (RFC 793)
• connection oriented, reliable communication
• over reliable and unreliable (inter)networks
• two ways of labeling data:
• data stream push
– user requires transmission of all data up to push flag
– receiver will deliver in same manner
– avoids waiting for full buffers
• urgent data signal
– indicates urgent data is upcoming in stream
– user decides how to handle it

TCP Header

TCP and IP
• not all parameters used by TCP are in its
header
• TCP passes some parameters down to IP
– precedence
– normal delay/low delay
– normal throughput/high throughput
– normal reliability/high reliability
– security
• min overhead for each PDU is 40 octets

TCP Mechanisms Connection Establishment
• three way handshake
– SYN, SYN-ACK, ACK
• connection determined by source and
destination sockets (host, port)
• can only have a single connection between
any unique pairs of ports
• but one port can connect to multiple different
destinations (different ports)

TCP Mechanisms Data Transfer
• data transfer a logical stream of octets
• octets numbered modulo 232
• flow control uses credit allocation of number of
octets
• data buffered at transmitter and receiver
– sent when transport entity ready
– unless PUSH flag used to force send
• can flag data as URGENT, sent immediately
• if receive data not for current connection, RST flag is
set on next segment to reset connection

TCP Mechanisms Connection Termination
• graceful close
– TCP user issues CLOSE primitive
– transport entity sets FIN flag on last segment sent with last
of data
• abrupt termination by ABORT primitive
– entity abandons all attempts to send or receive data
– RST segment transmitted to other end

TCP Implementation Options
• TCP standard precisely specifies protocol
• have some implementation policy options:
– send
– deliver
– accept
– retransmit
– acknowledge
• implementations may choose alternative
options which may impact performance

User Datagram Protocol (UDP)
• connectionless service for application level
procedures specified in RFC 768
– unreliable
– delivery & duplication control not guaranteed
• reduced overhead
• least common denominator service
• uses:
– inward data collection
– outward data dissemination
– request-response
– real time application
• Example- Datagram

UDP Header

Encapsulation and decapsulation

Queues in UDP

Multiplexing and demultiplexing

TCP/IP Protocol Suite 444
Figure 14.7

Protocols
TCP:
• File Transfer Protocol (FTP)
• Secure Shell (SSH)
• Telnet
• Simple Mail Transfer Protocol (SMTP)
• Hypertext Transfer Protocol (HTTP)
• Post Office Protocol (POP) version 3
• Internet Message Access Protocol (IMAP)
• Border Gateway Protocol (BGP)
UDP:
• Domain Name System (DNS)
• Dynamic Host Configuration Protocol (DHCP)
• Trivial File Transfer Protocol (TFTP)
• Network Time Protocol (NTP)
http://www.pearsonitcertification.com/articles/article.aspx?p=1868080

HTTP Protocol
https://www.youtube.com/watch?v=eesqK59rhGA
• Must watch: Online tutorial
• HTTP: Hyper Text Transfer Protocol
• The HTTP is an application layer protocol that allows web-based applications
• To communicate and exchange data.
• The HTTP is the messenger of the Web
• It is a TCP/IP based protocol
• The HTTP is a stateless, connectionless and can deliver any data, such as images,
Videos, audios, documents, etc.
• Underlying protocol of the World Wide Web

Major components of a Web browser

Web browsing using HTTP and TCP/IP

Components of a Web browser
• Controller
• Clients
• Interpreter

Controller
• Controller is the central piece of the browser
• Interprets both mouse clicks and keyboard input and call other components to
perform operations specified by the user
• E.g. when a user enter a URL or clicks on a hypertext reference, the controller calls
a client to fetch the requested document from the remote server on which it resides
and interpreter to display the document for the user

Interpreter
• HTML interpreter handles layout details by translating HTML (Hyper Text Markup
Language) specifications into commands that are appropriate for the user’s display
hardware to display documents
• Input to the HTML interpreter consists of a document that conforms to the HTML
syntax
• Output consists of a formatted version of the document for the user
• Other interpreter can include XML (eXtensible Markup Language) interpreter, etc.

Uniform Resources
• URL
– Uniform Resource Locator
– Refers to an existing protocol
• http:, wais:, ftp:, mailto:, gopher:, news:
– Points to a document on a specific server
• URN
– Uniform Resource Name
– Globally unique, persistent identifier
• Independent of location
• URI
– Uniform Resource Identifier
– Collection of URL’s and URN’s

URL
• <scheme> : //<host> :<port> /<path> ;<parameters> ?<query>
#<fragment>
– scheme
• The protocol you are using
– host
• Host name or ip number
– port
• TCP port number that protocol server is using
– path
• Path and filename reference of object on server
– parameters
• Any specific parameters that object needs
– query
• Query string for a CGI program
– fragment
• Reference to a subset of an object
https://www.youtube.com/watch?v=eesqK59rhGA

HTML – HyperText Markup Language

HTTP and its Port
• The Hypertext Transfer Protocol (HTTP) is a protocol used mainly to
access data on the World Wide Web. HTTP functions as a
combination of FTP and SMTP.
• HTTP uses the services of TCP on well-known port 80.

A selection of common HTML tags.
Some can have additional parameters

Handling of Tags

Beginning and ending tags

Types of Web Documents
• The documents in the WWW can be grouped into three broad
categories:
• Static
• Dynamic
• Active
• The category is based on the time at which the contents of the
document are determined.

Example of Static Web Document

Example of Dynamic Web Document

Dynamic document using server-site script

Active document using Java applet

Overview of Browser Documents
• Static documents use html and xhtml etc.
• Dynamic documents needs a programm running at server side, e.g. request
for current date and time from server. Common Gateway Interface (CGI)
technology is used to handle the dynamic documents.
• Active documents needs program to be run at client side. The server carry a
copy of program in binary and send it to client on request, who will compile it
using Java or some other high level language.

HTTP Overview
• Transaction oriented client/server protocol
• Usually between Web browser (client) and Web server
• Uses TCP connections
• Stateless
• Each transaction treated independently
• Each new TCP connection for each transaction
• Terminate connection when transaction complete
• As already implied, the most typical use of HTTP is between a
Web browser and a Web server.
• In a typical scenario, a new TCP connection is created between
client and server for each transaction and then terminated as
soon as the transaction completes.
• Note that HTTP does not specify this one-to-one relationship
between transaction and connection lifetimes.

HTTP Operation
Typically there are three examples of HTTP
operation:
• Direct connection
• Intermediate systems
• A cache

HTTP Operation – Direct Connection
• This is the simplest case, in which a user agent or client (e.g., a Web browser) establishes a
direct connection with the origin server (e.g., Web server).
• First, the client opens an end-to-end TCP connection between the client and server.
• Then the client issues a request that consists of a URL and a MIME-like message containing
request parameters, information about the client, and perhaps some additional content
information.
• When the server receives the request, it attempts to complete the request and returns an
HTTP response containing status information, a success/error code, and a MIME-like
message containing information about the server, information about the response itself, and
possible body content.
• The TCP connection is then closed.

HTTP Operation – Intermediate Systems
• In this scenario, there are one or more intermediate systems with TCP connections
between logically adjacent systems.
• Each intermediate system acts as a relay, so that a request that is initiated by the client is
relayed through the intermediate systems to the server, and the response from the server
is relayed back to the client.
• There are three forms of intermediate systems defined in the HTTP specification:
• Proxy
• Gateway
• Tunnel

HTTP Operation – Cache
• A cache is a facility that may store previous requests and responses for handling new requests.
• If a new request arrives that is the same as a stored request, then the cache can supply the stored
response rather than accessing the resource indicated by the URL.
• The cache can operate on a client or server or an intermediate system other than a tunnel.
• Not all transactions can be cached, and a client or server can dictate that a certain transaction may be
cached only for a given time limit

SMTP, POP, IMAP
https://www.youtube.com/watch?v=PJo5yOtu7o8
SMTP: Simple Mail Transfer Protocol
POP and IMAP
https://www.youtube.com/watch?v=SBaARws0hy4

An Introduction to Cryptography

Security Threats / Attacks

Passive Attacks

Active Attacks (1)

Active Attacks (2)

Network Security
Problem
• Computer networks are typically a shared resource used by many
applications representing different interests.
• Consider some threats to secure use of, for example, the World
Wide Web.
– Suppose you are a customer using a credit card to order an
item from a website.
• Hacking your your credit card information.
–Encrypt messages to maintain the confidentiality.

Network Security
Problem
 Even with confidentiality there still remain threats for the
website customer.
 An adversary who can’t read the contents of your encrypted
message might still be able to change a few bits in it, resulting in a
valid order for, say, a completely different item or perhaps 1000
units of the item.
 There are techniques to detect, if not prevent, such tampering.
 A protocol that detects such message tampering provides data
integrity.
 The adversary could alternatively transmit an extra copy of your
message in a replay attack.

Network Security
Problem
• Another threat to the customer is unknowingly being directed to a false
website.
– This can result from a DNS attack, in which false information is
entered in a Domain Name Server or the name service cache of the
customer’s computer.
– This leads to translating a correct URL into an incorrect IP address—
the address of a false website.
– A protocol that ensures that you really are talking to whom you
think you’re talking is said to provide authentication.
– Authentication entails integrity since it is meaningless to say that a
message came from a certain participant if it is no longer the same
message.

Network Security
Problem
• The owner of the website can be attacked as well. Some
websites have been defaced; the files that make up the
website content have been remotely accessed and modified
without authorization.
• That is an issue of access control: enforcing the rules
regarding who is allowed to do what. Websites have also
been subject to Denial of Service (DoS) attacks, during which
would-be customers are unable to access the website
because it is being overwhelmed by bogus requests.
• Ensuring a degree of access is called availability.

Transposition Ciphers

One-Time Pads
The use of a one-time pad for encryption and the
possibility of getting any possible plaintext from
the ciphertext by the use of some other pad.

Quantum Cryptography

Outline
• Cryptographic Building Blocks
• Key Pre Distribution
• Authentication Protocols
• Example Systems
• Firewalls

Cryptographic Building Blocks
• Symmetric Key Ciphers
– In a symmetric-key cipher, both participants in a
communication share the same key. In other
words, if a message is encrypted using a particular
key, the same key is required for decrypting the
message.

Symmetric-key encryption and decryption

• Principles of Ciphers
– Encryption transforms a message in such a way that it
becomes unintelligible to any party that does not have the
secret of how to reverse the transformation.
– The sender applies an encryption function to the original
plaintext message, resulting in a ciphertext message that is
sent over the network.
– The receiver applies a secret decryption function–the inverse of
the encryption function–to recover the original plaintext.

– The ciphertext transmitted across the network is unintelligible
to any eavesdropper, assuming she doesn’t know the
decryption function.
– The transformation represented by an encryption function and
its corresponding decryption function is called a cipher.
– The basic requirement for an encryption algorithm is that it
turn plaintext into ciphertext in such a way that only the
intended recipient—the holder of the decryption key—can
recover the plaintext.

– It is important to realize that when a potential
attacker receives a piece of ciphertext, he may
have more information at his disposal than just the
ciphertext itself.
– Known plaintext attack
– Ciphetext only attack
– Chosen plaintext attack

– Block Ciphers: they are defined to take as input a
plaintext block of a certain fixed size, typically 64 to 128
bits.
– Using a block cipher to encrypt each block
independently—known as electronic codebook (ECB)
mode encryption—has the weakness that a given
plaintext block value will always result in the same
ciphertext block.
– Hence recurring block values in the plaintext are
recognizable as such in the ciphertext, making it much
easier for a cryptanalyst to break the cipher.

• Block Ciphers
–A common mode of operation is cipher block chaining
(CBC), in which each plaintext block is XORed with the
previous block’s ciphertext before being encrypted.
• The result is that each block’s ciphertext depends in part on
the preceding blocks, i.e. on its context. Since the first
plaintext block has no preceding block, it is XORed with a
random number.
– That random number, called an initialization vector (IV), is included
with the series of ciphertext blocks so that the first ciphertext block
can be decrypted.

Cipher block chaining (CBC)
• Cipher block chaining. (a) Encryption. (b) Decryption.
• (IV) Initialization Variable
https://www.youtube.com/watch?v=0D7OwYp6ZEc
https://www.youtube.com/watch?v=NnLLkmgBhCY Advanced Encryption Standard (AES)

Data Encryption Standard
The data encryption standard. (a) General outline.
(b) Detail of one iteration. The circled + means exclusive OR.

AES – The Advanced Encryption Standard
• Rules for AES proposals
1. The algorithm must be a symmetric block cipher.
2. The full design must be public.
3. Key lengths of 128, 192, and 256 bits supported.
4. Both software and hardware implementations required
5. The algorithm must be public or licensed on
nondiscriminatory terms.

Cipher Feedback Mode
• (a) Encryption. (c) Decryption.

Stream Cipher Mode
• A stream cipher. (a) Encryption. (b) Decryption.

Counter Mode
Encryption using counter mode.

Exercise
1. Perform the encryption and decryption operations for the following schemes.
- Cipher block chaining (CBC)
- Cipher Feedback Mode
- Counter Mode
- Design your own logical circuits for encryption and decryption and model the custom
cryptography
Given data and assumptions:
1. Plaintext is 10101010, IV is 11111111 and Key is 11001100
2. Plaintext and IV are XORed for CBC, IV and Key are XNORed for Stream Cipher mode and
Counter Mode
3. Encoding is performing XNOR operation between Intermediate value and Key to derive
Ciphertext
4. Assume two stages of cryptography for all the schemes

Public Key Ciphers

Symmetric-Key Algorithms
• DES – The Data Encryption Standard
• AES – The Advanced Encryption Standard
• Cipher Modes
• Other Ciphers
• Cryptanalysis

Public Key/Asymmetric Key Ciphers
• Public Key/Asymmetric Key Ciphers
– An alternative to symmetric-key ciphers is
asymmetric, or public-key, ciphers.
– Instead of a single key shared by two participants,
a public-key cipher uses a pair of related keys, one
for encryption and a different one for decryption.
– The pair of keys is “owned” by just one participant.
– The owner keeps the decryption key secret so that
only the owner can decrypt messages; that key is
called the private key.

Cryptograhic Building Blocks
• Public Key/Asymmetric Key Ciphers
– The owner makes the encryption key public, so
that anyone can encrypt messages for the owner;
that key is called the public key.
– Obviously, for such a scheme to work it must not
be possible to deduce the private key from the
public key.
– Consequently any participant can get the public
key and send an encrypted message to the owner
of the keys, and only the owner has the private key
necessary to decrypt it.

• Public Key Ciphers
– An important additional property of public-key ciphers is that
the private “decryption” key can be used with the encryption
algorithm to encrypt messages so that they can only be
decrypted using the public “encryption” key.
– This property clearly wouldn’t be useful for confidentiality since
anyone with the public key could decrypt such a message.
– This property is, however, useful for authentication since it tells
the receiver of such a message that it could only have been
created by the owner of the keys.

Authentication using public keys

• Public Key Ciphers
– The concept of public-key ciphers was first published in
1976 by Diffie and Hellman.
– The best-known public-key cipher is RSA, named after its
inventors: Rivest, Shamir, and Adleman.
• RSA relies on the high computational cost of factoring large
numbers.
– Another public-key cipher is ElGamal.
• Like RSA, it relies on a mathematical problem, the discrete
logarithm problem, for which no efficient solution has been
found, and requires keys of at least 1024 bits.

Key Pre Distribution
• To use ciphers and authenticators, the communicating
participants need to know what keys to use.
• In the case of a symmetric-key cipher, how does a pair
of participants obtain the key they share?
• In the case of a public-key cipher, how do participants
know what public key belongs to a certain participant?
• The answer differs depending on whether the keys are
short-lived session keys or longer-lived pre-distributed
keys.

• A session key is a key used to secure a single, relatively
short episode of communication: a session.
– Each distinct session between a pair of participants uses a
new session key, which is always a symmetric-key for speed.
– The participants determine what session key to use by means
of a protocol—a session key establishment protocol.
– A session key establishment protocol needs its own security
(so that, for example, an adversary cannot learn the new
session key); that security is based on the longer-lived pre-
distributed keys.

Diffie-Hellman Key Agreement
• Pre-Distribution of Symmetric Keys
– Diffie-Hellman Key Agreement
• The Diffie-Hellman key agreement protocol establishes a session key without
using any pre-distributed keys.
• The messages exchanged between Alice and Bob can be read by anyone able to
eavesdrop, and yet the eavesdropper won’t know the session key that Alice
and Bob end up with.
• On the other hand, Diffie-Hellman doesn’t authenticate the participants.
• Since it is rarely useful to communicate securely without being sure whom
you’re communicating with, Diffie-Hellman is usually augmented in some way
to provide authentication.
• One of the main uses of Diffie-Hellman is in the Internet Key Exchange (IKE)
protocol, a central part of the IP Security (IPSEC) architecture

Diffie-Hellman Key Agreement
• The Diffie-Hellman protocol has two parameters, p and g, both of
which are public and may be used by all the users in a particular
system.
• Parameter p must be a prime number. The integers mod p (short
for modulo p) are 0 through p − 1, since x mod p is the remainder
after x is divided by p, and form what mathematicians call a group
under multiplication.
• Parameter g (usually called a generator) must be a primitive root of
p: for every number n from 1 through p − 1 there must be some
value k such that n = gk mod p.

Exercise
https://www.youtube.com/watch?v=pa4osob1XOk

• Suppose Alice and Bob want to agree on a shared symmetric key. Alice and
Bob, and everyone else, already know the values of p and g.
• Alice generates a random private value a and Bob generates a random
private value b.
• Both a and b are drawn from the set of integers {1, ..., p−1}.
• Alice and Bob derive their corresponding public values—the values they
will send to each other unencrypted—as follows.
• Alice’s public value is ga mod p
• and Bob’s public value is gb mod p
• They then exchange their public values. Finally, Alice computes
• gab mod p = (gb mod p)a mod p
• and Bob computes
• gba mod p = (ga mod p)b mod p.

A man-in-the-middle attack

Pretty Good Privacy (PGP)
• Pretty Good Privacy (PGP)
– Pretty Good Privacy (PGP) is a widely used approach to providing
security for electronic mail. It provides authentication, confidentiality,
data integrity, and nonrepudiation.
– Originally devised by Phil Zimmerman, it has evolved into an IETF
standard known as OpenPGP
– PGP’s confidentiality and receiver authentication depend on the
receiver of an email message having a public key that is known to the
sender.
– To provide sender authentication and nonrepudiation, the sender must
have a public key that is known by the receiver.
– These public keys are pre-distributed using certificates and a web-of-
trust PKI.
– PGP supports RSA and DSS for public key certificates.

Pretty Good Privacy (PGP)
PGP’s steps to prepare a message for
emailing from Alice to Bob

Secure Shell (SSH)
• Secure Shell (SSH)
– The Secure Shell (SSH) protocol is used to provide a remote login
service, and is intended to replace the less-secure Telnet and rlogin
programs used in the early days of the Internet.
– SSH is most often used to provide strong client/server authentication/
message integrity—where the SSH client runs on the user’s desktop
machine and the SSH server runs on some remote machine that the
user wants to log into—but it also supports confidentiality.
– Telnet and rlogin provide none of these capabilities.
– Note that “SSH” is often used to refer to both the SSH protocol and
applications that use it; you need to figure out which from the context.
https://www.youtube.com/watch?v=z7jVOenqFYk
Video tutorial

Secure Shell (SSH)
Using SSH port forwarding to secure other
TCP-based applications

Transport Layer Security (TLS, SSL, HTTPS)
Handshake protocol to establish TLS session
TLS: Transport Layer Security
SSL: Secure Sockets Layer
HTTPS: Hypertext Transfer Protocol Secure

IP Security (IPSec)
• IP Security (IPSec)
– Support for IPsec, as the architecture is called, is optional in IPv4 but
mandatory in IPv6.
– IPsec is really a framework (as opposed to a single protocol or system)
for providing all the security services discussed throughout this
chapter.
– IPsec provides three degrees of freedom.
• First, it is highly modular, allowing users (or more likely, system administrators) to
select from a variety of cryptographic algorithms and specialized security protocols.
• Second, IPsec allows users to select from a large menu of security properties,
including access control, integrity, authentication, originality, and confidentiality.
• Third, IPsec can be used to protect “narrow” streams (e.g., packets belonging to a
particular TCP connection being sent between a pair of hosts) or “wide” streams
(e.g., all packets flowing between a pair of routers).
https://www.youtube.com/watch?v=MVp2j_6WpeE
Video tutorial

IP Security (IPSec)
– When viewed from a high level, IPsec consists of two parts.
– The first part is a pair of protocols that implement the
available security services.
• They are the Authentication Header (AH), which provides access control,
connectionless message integrity, authentication, and antireplay
protection, and the Encapsulating Security Payload (ESP), which supports
these same services, plus confidentiality.
• AH is rarely used so we focus on ESP here.
– The second part is support for key management, which fits
under an umbrella protocol known as ISAKMP:
• Internet Security Association and Key Management Protocol.

IP Security (IPSec)
– The abstraction that binds these two pieces together is the security
association (SA).
– An SA is a simplex (one-way) connection with one or more of the
available security properties.
– Securing a bidirectional communication between a pair of hosts—
corresponding to a TCP connection, for example—requires two SAs,
one in each direction.
– Although IP is a connectionless protocol, security depends on
connection state information such as keys and sequence numbers.
– When created, an SA is assigned an ID number called a security
parameters index (SPI) by the receiving machine

IP Security (IPSec)
– IPsec supports a tunnel mode as well as the more straightforward
transport mode.
– Each SA operates in one or the other mode.
– In a transport mode SA, ESP’s payload data is simply a message for a
higher layer such as UDP or TCP.
• In this mode, IPsec acts as an intermediate protocol layer, much like SSL/TLS does
between TCP and a higher layer.
• When an ESP message is received, its payload is passed to the higher level protocol.
– In a tunnel mode SA, however, ESP’s payload data is itself an IP packet

IP Security (IPSec)
IPsec’s ESP format

IP Security (IPSec)
An IP packet with a nested IP packet
encapsulated using ESP in tunnel
mode. Note that the inner and outer packets
have different addresses

Firewalls
• A firewall is a system that typically sits at some point of
connectivity between a site it protects and the rest of the
network.
• It is usually implemented as an “appliance” or part of a router,
although a “personal firewall” may be implemented on an end
user machine.
• Firewall-based security depends on the firewall being the only
connectivity to the site from outside; there should be no way
to bypass the firewall via other gateways, wireless
connections, or dial-up connections.

Firewalls
• In effect, a firewall divides a network into a more-trusted zone
internal to the firewall, and a less-trusted zone external to the
firewall.
• This is useful if you do not want external users to access a
particular host or service within your site.
• Firewalls may be used to create multiple zones of trust, such
as a hierarchy of increasingly trusted zones.
• A common arrangement involves three zones of trust: the
internal network; the DMZ (“demilitarized zone”); and the rest
of the Internet.

Firewalls
• Firewalls filter based on IP, TCP, and UDP information, among
other things.
• They are configured with a table of addresses that
characterize the packets they will, and will not, forward.
• By addresses, we mean more than just the destination’s IP
address, although that is one possibility.
• Generally, each entry in the table is a 4-tuple: It gives the IP
address and TCP (or UDP) port number for both the source
and destination.

Firewalls
A firewall filters packets flowing between
a site and the rest of the Internet

Computer Networks | Communication Networks

More Related Content

What's hot (20)

Similar to Computer Networks | Communication Networks (20)

More from Dr. Rahul Pandya (20)

Recently uploaded (20)

Computer Networks | Communication Networks