MODULE 01

1(a) Describe significant of all layers in TCP/IP protocol suite along with the
encapsulation and decapsulation processes with necessary figures. (16M)
Solution:
LAYERS IN THE TCP/IP PROTOCOL SUITE
As shown in the figure1.14, the duty of the application, transport, and network layers is end-
to-end. However, the duty of the data-link and physical layers is hop-to-hop. A hop is a host or
router. The domain of duty of the top three layers is the internet. The domain of duty of the two
lower layers is the link. In top 3 layers, the data unit should not be changed by any router or
link-layer switch.

Fig.1.14 Logical connections between layers of the TCP/IP protocol suite

In bottom 2 layers, the data unit is changed only by the routers, not by the link-layer switches.
Identical objects exist between two hops. Because router may fragment the packet at the
network layer and send more packets than received (Figure 1.15). The link between two hops
does not change the object.

Fig.1.15 Identical objects in the TCP/IP protocol suite

Description of Each Layer
Physical Layer: The physical layer receives bits from the data-link layer and sends through
the transmission media. The physical layer is responsible for movements of individual bits
from one node to another node. Transmission media is another hidden layer under the physical
layer. Two devices are connected by a transmission medium (cable or air). The transmission
medium does not carry bits; it carries electrical or optical signals.
Data Link Layer: Data-link-layer (DLL) is responsible for moving frames from one node to
another node over a link. The link can be wired LAN/WAN or wireless LAN/WAN. The data-
link layer
• Gets the datagram from network layer
• Encapsulates the datagram in a packet called a frame.
• Sends the frame to physical layer.
TCP/IP model does not define any specific protocol. DLL supports all the standard and
proprietary protocols. Each protocol may provide a different service. Some protocols provide
complete error detection and correction; some protocols provide only error correction.

Network Layer
The network layer is responsible for source-to-destination transmission of data. The network
layer is also responsible for routing the packet. The routers choose the best route for each
packet. Why we need the separate network layer?
• The separation of different tasks between different layers - The routers do not need the
application and transport layers.
• TCP/IP model defines 4 protocols. They are; (i) IP (Internetworking Protocol) (ii) ARP
(Address Resolution Protocol)( iii) ICMP (Internet Control Message Protocol) (iv)
IGMP (Internet Group Message Protocol)

(i) IP (Internetworking Protocol)

➢ IP is the main protocol of the network layer. IP defines the format and the structure of
addresses.
➢ IP is also responsible for routing a packet from its source to its destination. - It is a
connection-less & unreliable protocol. Connection-less means there is no connection
setup b/w the sender and the receiver.
➢ Unreliable protocol means that IP does not make any guarantee about delivery of the
data and packets may get dropped during transmission.
➢ It provides a best-effort delivery service. Best effort means IP does its best to get the
packet to its destination, but with no guarantees.
➢ IP does not provide flow control, error control and congestion control services.
➢ If an application requires above services, the application should rely only on the
transport- layer protocol.

(ii) ARP( ADDRESS RESOLUTION PROTOCOL)

➢ ARP is used to find the physical-address of the node when its Internet-address is known.
➢ Physical address is the 48-bit address that is imprinted on the NIC or LAN card.
 ➢ Internet address (IP address) is used to uniquely & universally identify a device in the
internet.
(iii) ICMP
➢ ICMP is used to inform the sender about datagram-problems that occur during transit.
(iv) IGMP
➢ IGMP is used to send the same message to a group of recipients.

Transport Layer
Transport Layer protocols are responsible for delivery of a message from a process to another
process. The transport layer gets the message from the application layer and encapsulates the
message in a packet called a segment then sends the segment to network layer.
TCP/IP model defines 3 protocols for transport layer; (i). TCP (Transmission Control Protocol)
(ii). UDP (User Datagram Protocol) (iii). SCTP (Stream Control Transmission Protocol)

i) TCP
➢ TCP is a reliable connection-oriented protocol. A connection is established b/w the
sender and receiver before the data can be transmitted.
➢ TCP provides flow control, error control and congestion control services.

ii) UDP
➢ UDP is the simplest of the 3 transport protocols. It is an unreliable, connectionless
protocol.
➢ It does not provide flow, error, or congestion control.
➢ Each datagram is transported separately & independently.
➢ It is suitable for application program that needs to send short messages and cannot
afford the retransmission.

iii) SCTP
➢ SCTP provides support for newer applications such as voice over the Internet.
➢ It combines the best features of UDP and TCP.

Application Layer
The two application layers exchange messages between each other. Communication at the
application layer is between two processes (two programs running at this layer). To
communicate, a process sends a request to the other process and receives a response. Process-
to-process communication is the duty of the application layer. TCP/IP model defines following
protocols;
i. FTP (File Transfer Protocol): FTP is used for transferring files from one host to
another.
ii. SMTP (Simple Mail Transfer Protocol): SMTP is used to transport email between
a source and destination.
iii. DNS (DomainName System): DNS is used to find the IP address of a computer
 iv. HTTP (Hyper Text Transfer Protocol): HTTP is used for accessing the World Wide
Web (WWW)
v. SNMP (Simple Network Management Protocol): SNMP is used to manage the
Internet at global and local levels
vi. TELNET (Terminal Network): TELNET is used for accessing a site remotely.

ENCAPSULATION AND DECAPSULATION:

Protocol layering includes encapsulation and decapsulation. Figure (a) shows encapsulation
and decapsulation,

Figure (a): Encapsulation/Decapsulation

Encapsulation at the source host:

1) At the application layer, the data to be exchanged is a message. A message does not contain
header or trailer, but if it does, we refer to the whole as the message. The message is passed
to the transport layer.
2) The transport layer takes the message and it adds transport layer header which contains the
identifier of the source and destination application program that wants to communicate plus
some more information that is needed for the end-to end delivery of the message, such as
information needed for flow, error control, or congestion control. The result is the transport
layer packet, which is called the segment (in TCP) and the user datagram (in UDP). The
transport layer then passes the packet to the network layer.
3) The network layer takes segment (user datagram) as data or payload and adds its own
header to the payload. The header contains the addresses of the source and destination hosts
and some more information used for error checking of the header, fragmentation
information, and so on. The result is the network-layer packet, called a datagram. The
network layer then passes the packet to the data-link layer.
4) The data-link layer takes the datagram as data or payload and adds its own header, which
contains the link-layer addresses of the host or the next hop (the router). The result is the
link-layer packet, which is called a frame. The frame is passed to the physical layer for
transmission.
Decapsulation at the destination:

At the destination host, each layer only decapsulates the packet received, removes the payload,
and delivers the payload to the next-higher layer protocol until the message reaches the
application layer. During decapsulation error checking is done.

1(b) List different performance criteria of a network. (04 Marks)

Solution:
NETWORK CRITERIA
A network must be able to meet a certain number of criteria. The most important of these are
performance, reliability, and security.
Performance- Performance can be measured in many ways, including transit time and
response time. Transit time is the amount of time required for a message to travel from one
device to another. Response time is the elapsed time between an inquiry and a response. The
performance of a network depends on a number of factors, including the number of users, the
type of transmission medium, the capabilities of the connected hardware, and the efficiency of
the software
Performance is often evaluated by two networking metrics: throughput and delay.
Reliability- network reliability is measured by the frequency of failure, the time it takes a link
to recover from a failure, and the network’s robustness in a catastrophe.
Security- security issues include protecting data from unauthorized access, protecting data
from damage and development, and implementing policies and procedures for recovery from
breaches and data losses.
OR
2(a) Explain different physical structures and networks topologies with the help of
diagrams. (16Marks)
Solution:
Physical Structures

Network attributes - Type of Connection and physical topology

Type of Connection

A network is two or more devices connected through links. A link is a communications

pathway
that transfers data from one device to another.

There are two possible types of connections:

Point-to-Point -A point-to-point connection provides a dedicated link between two devices.
The entire capacity of the link is reserved for transmission between those two devices. Most
point-to point connections use an actual length of wire or cable to connect the two ends, but
other options, such as microwave or satellite links, are also possible (see Figure1.3 a).
Example-When we change television channels by infrared remote control, we are establishing
a
point-to-point connection between the remote control and the television’s control system.
Multipoint: A multipoint (also called multidrop) connection is one in which more than two
specific devices share a single link (see Figure1.3 b).

fig: Type of connection

A multipoint environment, the capacity of the channel is shared, either spatially or
temporally.
If several devices can use the link simultaneously, it is a spatially shared connection. If users
must take turns, it is a timeshared connection.

PHYSICAL TOPOLOGY

The term physical topology refers to the way in which a network is laid out physically. The
topology of a network is the geometric representation of the relationship of all the links and
nodes to another. There are five types of topologies. They are,
(i) Mesh topology
(ii) Star topology
(iii) Bus topology
(iv) Ring topology
(v) Hybrid topology

Mesh topology: In a mesh topology, every device has a dedicated point-to-point link to every
other device. The term dedicated means that the link carries traffic only between the two
devices it connects. A fully connected mesh network has n (n-1) physical channels to link n
devices. To accommodate the links every device on the network must have (n-1) I/O ports.
 Advantages: a) Mesh topology is robust. b) better privacy
and security. c) Failure of one link will not disturb other
links. d) Helps the network manager to find the precise
location of the fault and solution.
Disadvantages: a) Large amount of cabling and I/O ports
are required. b) Installation and reconnection are difficult.

Star Topology: In a star topology, each device has a dedicated point-to-point link to a central
controller (HUB) only. If one link fails, that link is affected. All other links remain active.
Advantages: a) Less expensive. b) Star topology is
robust. c) Fault identification and fault isolation are
easy. d) Modification of star network is easy.
Disadvantages: a) If the central hub fails, the whole
network will not work. b) Communication is possible
only through the hub.

Bus topology: One long cable acts as a backbone to link all the devices in the network. Nodes
are connected to the back bone by taps and drop lines. Drop line is establishing the connection
between the devices and the cable. The taps are used as connectors. To keep the energy level
of the signal the taps are placed in the limited distance.
Advantages: a) Easy installation. b) Less
cabling and less number of I/O port is
required. c) Less cost.
Disadvantages: a) Network traffic is high. b)
Fault isolation and reconnection is difficult. c)
Adding new device is difficult. d) A break in
the bus cable stops all transmissions.

Ring topology: In a ring topology, each device has a dedicated point-to-point link with other
devices. Each device is linked only to its immediate neighbors. A signal is travel along the ring
in only one direction from device to device until it reaches its destination. The repeater is used
to regenerate the signals during the transmission.
 Advantages: a) Easy to install and
reconfigure. b) Link failure can be easily
found.
Disadvantages: a) Maximum ring length
and number of devices is limited. b)
Failure of one node on the ring affects the
entire network. c) Addition of nodes or
removal of nodes disrupts the network. d)
Signal traffic is unidirectional.

2(b) Distinguish TCP/IP model with OSI model. (04 Marks)

OSI versus TCP/IP

When we compare the two models, we find that two layers, session and presentation, are
missing from the TCP/IP protocol suite. These two layers were not added to the TCP/IP
protocol suite after the publication of the OSI model. The application layer in the suite is
usually considered to be the combination of three layers in the OSI model, as shown in Figure
2.12. Two reasons were mentioned for this decision. First, TCP/IP has more than one transport-
layer protocol. Some of the functionalities of the session layer are available in some of the
transport layer protocols.
Second, the application layer is not only one piece of software. Many applications can be
developed at this layer. If some of the functionalities mentioned in the session and presentation
layers are needed for a particular application, they can be included in the development of that
piece of software.

Figure 2.12 TCP/IP and OSI model

 MODULE 2
3(a) Describe various fields in the format of an ARP packet and explain how ARP sends
request and response messages. (12 Marks)
3(b) Write short notes on implementation of standard Ethernet topologies.(08 Marks)
Solution:
ETHERNET (IEEE 802.3)
A LAN can be used as an isolated network to connect computers in an organization for sharing
resources. Most of the LANs today are linked to a wide area network (WAN) or the Internet.
The LAN market has seen several technologies such as,
i. Ethernet ii.
ii. Token Ring
iii. Token Bus
iv. FDDI
v. ATM LAN.

The IEEE Standard Project 802 is designed to regulate the manufacturing and interconnectivity
between different LANs.
IEEE STANDARDS
The IEEE 802 standard was adopted by the American National Standards Institute (ANSI). In
1987, the International Organization for Standardization (ISO) also approved it as an
international standard. The relationship of the 802 Standard to the traditional OSI model is
shown in figure 2.44. The IEEE has subdivided the data link layer into two sub layers:
i. Logical link control (LLC)
ii. ii. Media access control (MAC).

The data link layer in the IEEE standard is divided into two sublayer.
They are,
i. Logical Link Control (LLC)
ii. Media Access Control (MAC)
 Logical Link Control (LLC)
In IEEE Project 802, flow control, error control, and part of the framing duties are collected
into a sublayer called the logical link control.
Media Access Control
(MAC) IEEE Project 802 has created a sublayer called media access control that defines
the specific access method for each LAN.
MAC Sublayer
In standard Ethernet, the MAC sublayer governs the operation of the access method. It also
frames the data received from the upper layer and passes them to the physical layer.
OR
4(a) Describe the concept of bit stuffing and byte stuffing. (10 Marks)
Solution:
Character oriented protocols are used for transmission of text. The flag is chosen as a character
that is not used for text encoding. When other types of information such as graphs, audio, and
video are used, any character used for the flag could also be part of the information. If this
happens, the receiver, when it encounters this pattern in the middle of the data, thinks it has
reached the end of the frame.
To fix this problem, a byte-stuffing strategy is used. In byte stuffing (or character stuffing), a
special byte is added to the data section of the frame when there is a character with the same
pattern as the flag. The data section is stuffed with an extra byte called the escape character
(ESC).
Whenever the receiver encounters the ESC character, it removes it from the data section and
treats the next character as data, not as a delimiting flag. The figure shows byte stuffing and
unstuffing mechanism.
 Figure (). Byte stuffing and unstuffing

Byte stuffing is the process of adding one extra byte whenever there is a flag or escape character
in the text or data.
Bit-Oriented Framing:
In bit-oriented framing, data is transmitted as a sequence of bits. The flag consists of 8 bits
which contains six 1s. Most protocol uses 8-bit pattern 01111110 as flag as shown in below
figure,

Figure (). Frame in a bit-oriented protocol

Bit stuffing is the process of adding one extra 0 whenever five consecutive 1s follow a 0 in the
data, so that the receiver does not mistake the pattern 0111110 for flag as shown in below
figure.

Figure (). Bit stuffing and unstuffing

4(b) Explain CSMA/CD working with the help of flow chart. (06 Marks)
CARRIER SENSE MULTIPLE ACCESS WITH COLLISION DETECTION
(CSMA/CD)
CSMA/CD augments the algorithm to handle the collision. In this method, a station monitors
the medium after it sends a frame to see if the transmission was successful. If so, the station is
finished. If, however, there is a collision, the frame is sent again.
Procedure
We need to sense the channel before we start sending the frame by using one of the persistence
processes. Transmission and collision detection is a continuous process. We do not send the
entire frame (bit by bit). By sending a short jamming signal, we can enforce the collision in
case other stations have not yet sensed the collision.

Collision of the first bits in CSMA/CD

At time t1, station A has executed its persistence procedure and starts sending the bits
of its frame. At time t2, station C has not yet sensed the first bit sent by A. Station C executes
its persistence procedure and starts sending the bits in its frame, which propagate both to the
left and to the right. The collision occurs sometime after time t2. Station C detects a collision
at time t3 when it receives the first bit of A’s frame. Station C immediately (or after a short
time, but we assume immediately) aborts transmission. Station A detects collision at time t4
when it receives the first bit of C’s frame; it also immediately aborts transmission. Looking at
the figure, we see that A transmits for the duration t4 − t1; C transmits for the duration t3 − t2.
 Flow diagram for the CSMA/CD

4(c) List the characteristics of wireless LANs (04 Marks)

Solution:
Characteristics
There are several characteristics of wireless LANs that either do not apply to wired LANs or
the existence of which is negligible and can be ignored.
Attenuation: The strength of electromagnetic signals decreases rapidly because the signal
disperses in all directions; only a small portion of it reaches the receiver. The situation becomes
worse with mobile senders that operate on batteries and normally have small power supplies.
Interference: Another issue is that a receiver may receive signals not only from the intended
sender, but also from other senders if they are using the same frequency band.
Multipath Propagation: A receiver may receive more than one signal from the same sender
because electromagnetic waves can be reflected back from obstacles such as walls, the ground,
or objects. The result is that the receiver receives some signals at different phases (because they
travel different paths). This makes the signal less recognizable.
Error: With the above characteristics of a wireless network, we can expect that errors and error
detection are more serious issues in a wireless network than in a wired network. If we think
about the error level as the measurement of signal-to-noise ratio (SNR), we can better
understand why error detection and error correction and retransmission are more important in
a wireless network. We discussed SNR in more detail in Chapter 3, but it is enough to say that
it measures the ratio of good stuff to bad stuff (signal to noise). If SNR is high, it means that
the signal is stronger than the noise (unwanted signal), so we may be able to convert the signal
to actual data. On the other hand, when SNR is low, it means that the signal is corrupted by the
noise and the data cannot be recovered.
 MODULE 03
5(a) Explain the working of DHCP (Dynamic Host Configuration Protocol). (08 Marks)
Solution:
DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP)
The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used
on Internet Protocol (IP) networks for automatically assigning IP addresses and other
communication parameters to devices connected to the network using a client–
server architecture.

DHCP provides a temporary IP address for a limited period of time DHCP has two databases.
First one has static bindings for physical addresses (MAC) with IP addresses. Second one has
a list of available IP addresses that may be assigned for a period of time. Client request to
DHCP server causes server to see if MAC is in static database. If so assign the static IP entry
to client. If not, choose from available pool. Assigned addresses are temporary (leased). When
client’s lease expires, must renew or stop using.
DHCP Message Format
The general format of the DHCP message in Figure 18.25.

Figure 18.25 DHCP message format

Operation Code: One byte field defines type of DHCP packet: Request = 1, Reply = 2
Hardware Type: One byte field defining physical network: Ethernet = 1
Hardware Length: One byte field specifying length of physical address: Ethernet = 6
Hop Count: One byte field maximum hops packet can go. Client sets this to 0
Transaction ID: Four Byte field used by client to make sure server is talking to this client and
not another simultaneous request’s response
Number of seconds: two-byte field number of seconds since client became alive
Flag: One bit flag allows client to force server to broadcast reply instead of sending reply to a
specific IP address. If client does not know its IP address yet, it wants a broadcast reply from
server.
Client IP address: Four byte field of client’s IP address. If unknown is zero.
Your IP address: Four byte field server fills in to tell client the clients IP address
Server IP address: four byte field. Server responding fills in it’s own IP
Gateway IP Address: Four byte field containing IP address of router (filled in by server)
Client Hardware Address: In our case 6 byte Ethernet MAC of client sending. Can get this
from Ethernet frame source MAC but this makes life easy for lazy server.
Server Name: Optional 64-byte field filled in by server contains the domain name of the server
Boot File Name: Optional 128-byte field filled in by server containing full pathname for boot
file when legacy BOOTP protocol is being used instead of DHCP. DHCP is backward
compatible with BOOTP (Aside: Bootstrap Protocol provides IP address, subnet mask, IP
address of a router, IP address of a name server to a diskless computer).
Option: Optional 64-byte field. Options consist of three fields: One byte Tag field, One byte
length field for just this particular option, a variable length value field.

DHCP OPERATION:
1) Client broadcasts on 255.255.255.255 a DHCPDISCOVER message using destination
server port 67.
2) Server(s) respond with DHCPOFFER message. Contains IP address, duration of lease
which by default is one hour.If client does not receive a DHCPOFFER, attempts again
up to 4 more attempts in two second intervals, then waits 5 minutes to try again.
3) Client chooses one of the offers and sends DHCPREQUEST to the selected server.
4) Server responds with DHCPACK and creates a binding between MAC address and the
IP address offered. Client has rights to that IP address until lease expires.
5) At the 50% of lease period expiration time, client sends a DHCPREQUEST to request
renewal.
6) If server responds with DHCPACK, client is good to go and resets client timer. If server
denies request with DHCPNACK, client must immediately stop using that IP address
and try to find another server.
7) If no server responds with anything in step 6, client sends another DHCPREQUEST at
87.5% time of the original lease.
 8) If no server response, client uses IP until lease time expires and then starts from scratch.
Client sends DHCPRELEASE message to the mean server.
Aside: Server cannot initiate early lease termination unless client sends a DHCPREQUEST
DHCP TRANSITION DIAGRAM

5(b) Inspect the following MAC addresses and categories them as unicast, multicast and
broadcast.
a) 4A:30:10:21:10:1A
b) 47:20:1B:2E:08:EE
c) EF:FF:10:01:11:00
d) FF:FF:FF:FF:FF:FF
Solution
To find the type of the address, we need to look at the second hexadecimal digit from the left.
If it is even, the address is unicast. If it is odd, the address is multicast. If all digits are Fs, the
address is broadcast. Therefore, we have the following:
a) This is a unicast address because A in binary is 1010 (even).
b) This is a multicast address because 7 in binary is 0111 (odd).
c) This is a multicast address because F in binary is 1111 (odd).
d) This is a broadcast address because all digits are Fs in hexadecimal.
5(c) Explain IPV4 datagram format with a neat diagram.
IPV4 DATAGRAM FORMAT
The Internet Protocol version 4 (IPv4) is the delivery mechanism used by the TCP/IP
protocols. Packets used by the IP are called datagrams. A datagram is a variable-length
packet consisting of two parts: header and payload (data). The header is 20 to 60 bytes in
length and contains information essential to routing and delivery.

Fig 4.2: IPv4 Datagram

The operation of IPv4 header fields are

➢ Version Number(VER): The 4-bit version number (VER) field defines the version
of the IPv4 protocol, which has the value of 4.
➢ Header Length (HLEN): This 4-bit field defines the total length of the datagram
header in 4-byte words. This field is needed because the length of the header is
variable (between 20 and 60 bytes).
➢ Service Type: This field was referred to as type of service (TOS), which defined
how the datagram should be handled. The first 3 bits tell the precedence, and the
next 4 bits tell the type of service, and the last bits are not used. The 4 bits of services
define the delay, throughput, reliability, cost.

TOS MEANING
D: Minimize Delay T: Maximize Throughput
CODE
R: Maximize Reliability C: Minimize Cost
Minimum Delay(D)
1000
Maximum throughput(T)
0100
Maximum Reliability(R)
0010

0001 Minimum monetary cost(C)

Normal Service
0000
Invalid
1100
➢ Total Length: The total length field defines the total length of the datagram including
the header. This 16-bit field defines the total length (header plus data) of the IP
datagram in bytes. A 16-bit number can define a total length of up to 65,535 (when all
bits are 1s). However, the size of the datagram is normally much less than this. This
field helps the receiving device to know when the packet has completely arrived.
➢ Identification, Flags, and Fragmentation Offset: These three fields are related to
the fragmentation of the IP datagram when the size of the datagram is larger.
➢ Time-to-live: Due to some malfunctioning of routing protocols a datagram may be
circulating in the Internet, visiting some networks over and over without reaching
the destination. This may create extra traffic in the Internet. The time-to-live (TTL)
field is used to control the maximum number of hops (routers) visited by the
datagram. When a source host sends the datagram, it stores a number in this field.
This value is approximately two times the maximum number of routers between
any two hosts. Each router that processes the datagram decrements this number by
one. If this value, after being decremented, is zero, the router discards the datagram.
➢ Protocol:. When the payload is encapsulated in a datagram at the source IP, the
corresponding protocol number is inserted in this field; when the datagram arrives
at the destination, the value of this field helps to define to which protocol the
payload should be delivered. In other words, this field provides multiplexing at the
source and demultiplexing at the destination.

➢ Header checksum: IP is not a reliable protocol; it does not check whether the
payload carried by a datagram is corrupted during the transmission. IP puts the
burden of error checking of the payload on the protocol that owns the payload, such
as UDP or TCP. The datagram header, however, is added by IP, and its error-
checking is the responsibility of IP. Errors in the IP header can be a disaster.
• For example, if the destination IP address is corrupted, the packet can be
delivered to the wrong host.
• If the protocol field is corrupted, the payload may be delivered to the wrong
protocol.
• If the fields related to the fragmentation are corrupted, the datagram cannot
be reassembled correctly at the destination, and so on. For these reasons, IP
adds a header checksum field to check the header, but not the payload.
➢ Source and Destination Addresses: These 32-bit source and destination address
fields define the IP address of the source and destination respectively.
➢ Options: A datagram header can have up to 40 bytes of options. Options can be
used for network testing and debugging. Although options are not a required part
of the IP header, option processing is required of the IP software.
➢ Payload: Payload is the packet coming from other protocols that use the service of
IP.
 OR
6(a) Explain a simple implementation of Networks Address Translation (NAT).
Solution:
NETWORK ADDRESS TRANSLATION (NAT)

Network Address Translation (NAT) is a method of mapping the private IP address of a

private network to the public IP address of the global network and vice versa. With this
method, the local host in a private network can access the internet. NAT is used at the routers
as they help the router to identify that to which localhost the message is to be forwarded.
Introduction

The Internet Service Provider (ISP) provides a variable block of IPv4 addresses to the
midsize organization or home users. Now, what if the organization grows and requires a large
block of addresses or the number of devices accessing the internet increased at home? It would
be impossible for the ISP to fulfil the increased demand for addresses. This is because the range
of addresses before the allocated range and the range of addresses after the allocated range may
be assigned to other small organizations.

Now, the question arises how to fulfil this increased demand for addresses?

Here, the role of Network Address Translation (NAT) is introduced. In the situation
discussed above, such midsize organization or home users can have several private
IP addresses for a large set of devices/computer to allows internal communication whereas,
few devices/computers are provided with the public addresses for global communication.

Private IP addresses need to be unique inside the organization. No matter if they are not unique
globally as everyone is aware that there are three blocks of addresses which are reserved for
private networks. The users can use private IP addresses without the permission of Internet
authorities. The private IP addresses are not routable means any router will not forward the
packet having private addresses in its destination address field.

Address Translation

If the computer or a device with private IP address wants to communicate with the outside
world, it would connect to the NAT capable router with the public IP address and here, the
address translation takes place. In the address translation, a private IP address is mapped to the
public IP address and the request is forwarded to the (destination) outside world.

How Does NAT Work?

Consider a small private network of a home having four devices i.e. 1 laptop, 1 desktop, 1 tablet
and one Smartphone, in its network. As all these devices are the local host they are provided
private IP addresses and all these devices are connected to a NAT router with a public IP
address.
Now suppose, if the tablet user at home network wants the information regarding today’s
news. As you can see in the image below, it would send this request to the server in the outside
world with a public IP address, which would have this information. The server would create a
reply packet with the information of today’s new. The reply packet will have source as server
IP address and destination as tablets private IP address and as we know the private IP
address is not routable. The Tablet would never receive the reply as no router will forward this
packet to the table.

Solution

NAT router analyzes the request packet sent from a tablet which has tablets private IP address
in its source field and servers public IP address in destination fields. NAT router put the source
private IP address in private IP address column of translation table the destination (server)
address in public IP address column. NAT router replaces the source private address with
the NAT public IP address as you can see in the image below.
The destination server receives the request packet now, with the NAT routers public IP address
as the source address. So, when the server prepares the reply it puts the NAT routers public
IP address in the destination address field and its own global IP address in
the source address field of the reply packet.

Now, as the reply packet has the public IP address in its destination address field so, it would
route the packet to the destination NAT router. The NAT router analyses the reply packet which
has source address as server’s address. The NAT router then remaps the servers public IP
address to the tablet’s private IP address with the help of translation table using the source
address field of the received packet and send the reply packet to the corresponding private IP
address.

This is how a local host in the private network, communicates with the devices with global
addresses.

6(b) Explain distance vector routing algorithm using bellman ford equation. (10 marks)
Solution:
DISTANCE-VECTOR ROUTING
In distance-vector routing, a router continuously tells all of its neighbours what it knows about
the whole internet. Bellman-Ford Equation In distance-vector routing Bellman-Ford equation
is used to find the least cost (shortest distance) between a source node, x, and a destination
node, y, through some intermediary nodes (a, b, c,   ) when the costs between the source and
the intermediary nodes and the least costs between the intermediary nodes and the destination
are given. The following shows the general case in which Dij is the shortest distance and cij is
the cost between nodes i and j.

𝑫𝒙𝒚 = 𝐦𝐢𝐧⁡{(𝒄𝒙𝒂 + 𝑫𝒂𝒚 ), (𝒄𝒙𝒃 + 𝑫𝒃𝒚 ), (𝒄𝒙𝒄 + 𝑫𝒄𝒚 ), … . . }

In distance-vector routing, we want to update an existing least cost with a least cost through an
intermediary node, such as z, ie, if the intermediate node is shorter. In this case, the equation
can be written as:
 𝑫𝒙𝒚 = 𝐦𝐢𝐧⁡{(𝒄𝒙𝒛 + 𝑫𝒛𝒚 )}

Graphical idea behind Bellman-Ford equation

Fig. Graphical idea behind Bellman-Ford equation

Bellman-Ford equation help us to build a new least-cost path from previously established least-
cost paths.
In the Figure (above), we can think of (a-y),(b-y), and (c-y) as previously established least-cost
paths and (x-y) as the new least-cost path.
We can even think of this equation as the builder of a new least-cost tree from previously
established least-cost trees if we use the equation repeatedly.
Distance Vectors
The concept of a distance vector is the reason for the name distance-vector routing. A least-
cost tree is a combination of least-cost paths from the root of the tree to all destinations.
Figure shows the tree for node A in the internet in Figure and the corresponding distance vector.
A distance vector does not give the path to the destinations as the least-cost tree does; it gives
only the least costs to the destinations.
Note that the name of the distance vector defines the root, the indexes define the destinations,
and the value of each cell defines the least cost from the root to the destination.

The distance vector corresponding to a tree

Each node in an internet, when it starts its function, creates a very basic distance vector with
the minimum information the node can obtain from its neighbourhood. The node sends some
greeting messages out of its interfaces and discovers the identity of the immediate neighbours
and the distance between itself and each neighbour. It then makes a simple distance vector by
inserting the discovered distances in the corresponding cells and leaves the value of other cells
as infinity.

The first distance vector for an internet

Description of above diagram

Consider (For example), Node A thinks that it is not connected to node G because the
corresponding cell shows the least cost of infinity.
To improve these vectors, the nodes in the internet need to help each other by exchanging
information. After each node has created its vector, it sends a copy of the vector to all its
immediate neighbours. After a node receives a distance vector from a neighbor, it updates its
distance vector using the Bellman-Ford equation (second case).
The figure(below) shows two asynchronous events, happening one after another with some
time in between.
In the first event, node A has sent its vector to node B. Node B updates its vector using the cost
cBA= 2. In the second event, node E has sent its vector to node B. Node B updates its vector
using the cost cEA= 4.
After the first event, node B has one improvement in its vector: its least cost to node D has
changed from infinity to 5 (via node A). After the second event, node B has one more
improvement in its vector; its least cost to node F has changed from infinity to 6 (via node E).
By exchanging the vectors, we can stabilize the system and allows all nodes to find the ultimate
least cost between themselves and any other node.
After updating a node, it immediately sends its updated vector to all neighbors.
 Updating distance vectors

7(a) Describe Connectionless and connection-oriented services provided by the transport

layer. (14 Marks)
Solution:
7(b) Describe general services provided by UDP.
8(a) Explain working of Go-Back-N protocol. (10 Marks)
Solution:
8(b) Describe sending and receiving buffers in TCP, and explain how segments are
created form the bytes in buffers.
 MODULE 05
9(a) Explain the architecture and format of electronic mail. (10 Marks)
ELECTRONIC MAIL (EMAIL)
One of the most popular Internet services is electronic mail (E-mail). ➢Email is one of the oldest
network applications. ➢The three main components of an Email are 1. User Agent (UA) 2. Messsage
Transfer Agent (MTA) – SMTP 3. Messsage Access Agent (MAA) - IMAP , POP

Electronic mail (or e-mail) allows users to exchange messages. First, e-mail is considered a
one-way transaction. When Alice sends an email to Bob, she may expect a response, but this
is not a mandate. Bob may or may not respond. If he does respond, it is another one-way
transaction. Second, it is neither feasible nor logical for Bob to run a server program and wait
until someone sends an e-mail to him. Bob may turn off his computer when he is not using it.
This means that the idea of client/server programming should be implemented in another way:
using some intermediate computers (servers).
Architecture
WEB-BASED MAIL
E-mail is such a common application that some websites today provide this service to anyone
who accesses the site. Three common sites are Hotmail, Yahoo, and Google mail. The idea is
very simple. Figure 26.22 shows two cases:
Case I
In the first case, Alice, the sender, uses a traditional mail server; Bob, the receiver, has an
account on a web-based server. Mail transfer from Alice’s browser to her mail server is done
through SMTP. The transfer of the message from the sending mail server to the receiving mail
server is still through SMTP. However, the message from the receiving server (the web server)
to Bob’s browser is done through HTTP. In other words, instead of using POP3 or IMAP4,
HTTP is normally used. When Bob needs to retrieve his e-mails, he sends a request HTTP
message to the website (Hotmail, for example). The website sends a form to be filled in by
Bob, which includes the log-in name and the password. If the log-in name and password match,
the list of e-mails is transferred from the web server to Bob’s browser in HTML format. Now
Bob can browse through his received e-mails and then, using more HTTP transactions, can get
his e-mails one by one.
Case II
In the second case, both Alice and Bob use web servers, but not necessarily the same server.
Alice sends the message to the web server using HTTP transactions. Alice sends an HTTP
request message to her web server using the name and address of Bob’s mailbox as the URL.
The server at the Alice site passes the message to the SMTP client and sends it to the server at
the Bob site using SMTP protocol. Bob receives the message using HTTP transactions.
However, the message from the server at the Alice site to the server at the Bob site still takes
place using SMTP protocol.
 Figure 26.22 Web-based e-mail, cases I and II

9(b) Distinguish local logging and remote logging. (10 Marks)

Solution:
TYPES OF TELNET LOGGING
There are two types of TELNET logging: Local Logging and Remote Logging

Local Logging:

• When a user logs into a local system, it is called local logging.

• As a user types at a terminal or at a workstation running a terminal emulator, the
keystrokes are accepted by the terminal driver.
• The terminal driver passes the characters to the operating system.
• The operating system, in turn, interprets the combination of characters and invokes the
desired application program or utility.
Remote Logging
 • When a user wants to access an application program or utility located on a remote
machine, they perform remote logging.
• Remote Logging uses TELNET client and TELENT server programs.
• The user sends the keystrokes to the terminal driver where the local operating
system accepts the characters but does not interpret them.
• The characters are sent to the TELNET client, which transforms the characters into
a universal character set called Network Virtual Terminal (NVT) characters and
delivers them to the local TCP/IP stack.
• The commands or text, in NVT form, travel through the Internet and arrive at the
TCP/IP stack at the remote machine.
• The characters are delivered to the operating system and passed to the TELNET
server, which changes the characters to the corresponding characters
understandable by the remote computer.
• The characters cannot be passed directly to the operating system because the remote
operating system is not designed to receive characters from a TELNET server; it is
designed to receive characters from a terminal driver.
• A piece of software called pseudo terminal driver, is added to this, which pretends
that the characters are coming from a terminal.
• The operating system then passes the characters to the appropriate application
program.
OR
10(a) Explain persistent and non-persistent connections in HTTP. (10 Marks)
HTTP CONNECTIONS
• HTTP Clients and Servers exchange multiple messages over the same TCP connection.
• If some of the objects are located on the same server, we have two choices: to retrieve
each object using a new TCP connection or to make a TCP connection and retrieve
them all.
• The first method is referred to as a non-persistent connection, the second as a persistent
connection.
• HTTP 1.0 uses non-persistent connections and HTTP 1.1 uses persistent connections .
NON-PERSISTENT CONNECTIONS

• In a non-persistent connection, one TCP

connection is made for each request/response.
• Only one object can be sent over a single TCP
connection
• The client opens a TCP connection and sends a
request.
• The server sends the response and closes the
connection.
• The client reads the data until it encounters an
end-of-file marker.
• It then closes the connection.

PERSISTENT CONNECTIONS

• HTTP version 1.1 specifies a persistent

connection by default.
• Multiple objects can be sent over a single TCP
connection.
• In a persistent connection, the server leaves the
connection open for more requests after sending a
response.
• The server can close the connection at the request
of a client or if a time-out has been reached.
• Time and resources are saved using persistent
connections. Only one set of buffers and variables
needs to be set for the connection at each site.
• The round trip time for connection establishment
and connection termination is saved.

10(b) Write a short note on DNS recursive and iterative resolutions. (10 Marks)
Solution:
DNS RESOLUTION
➢ Mapping a name to an address or an address to a name is called name address
resolution.
 ➢ DNS is designed as a client server application.
➢ A host that needs to map an address to a name or a name to an address calls a DNS
client named a Resolver.
➢ The Resolver accesses the closest DNS server with a mapping request.
➢ If the server has the information, it satisfies the resolver; otherwise, it either refers the
resolver to other servers or asks other servers to provide the information.
➢ After the resolver receives the mapping, it interprets the response to see if it is a real
resolution or an error and finally delivers the result to the process that requested it.
➢ A resolution can be either recursive or iterative.
Recursive Resolution

Recursive Resolution

• The application program on the source host calls the DNS resolver (client) to find the
IP address of the destination host. The resolver, which does not know this address, sends
the query to the local DNS server of the source (Event 1)
• The local server sends the query to a root DNS server (Event 2)
• The Root server sends the query to the top-level-DNS server(Event 3)
• The top-level DNS server knows only the IP address of the local DNS server at the
destination. So it forwards the query to the local server, which knows the IP address of
the destination host (Event 4)
• The IP address of the destination host is now sent back to the top-level DNS
server(Event 5) then back to the root server (Event 6), then back to the source DNS
server, which may cache it for the future queries (Event 7), and finally back to the
source host (Event 8).
Iterative Resolution
 Iterative resolution

• In iterative resolution, each server that does not know the mapping, sends the IP address
of the next server back to the one that requested it.
• The iterative resolution takes place between two local servers.
• The original resolver gets the final answer from the destination local server.
• The messages shown by Events 2, 4, and 6 contain the same query.
• However, the message shown by Event 3 contains the IP address of the top-level
domain server.
• The message shown by Event 5 contains the IP address of the destination local DNS
server
• The message shown by Event 7 contains the IP address of the destination.
• When the Source local DNS server receives the IP address of the destination, it sends
it to the resolver (Event 8).