Acn Imp Q&a

UNIT 1 - Network Layers of Protocols
Q. Describe different classes of IPv4 addresses.

Ans: IP (or IPv4) has 5 classes namely; Class A, Class B, Class C, Class D, Class E.
These classes are identified with the following range:
Class Address Range Start address End address
IP Class A 1 to 126 1.0.0.0 126.255.255.255
IP Class B 128 to 191 128.0.0.0 191.255.255.255
IP Class C 192 to 223 192.0.0.0 223.255.255.255
IP Class D 224 to 239 224.0.0.0 239.255.255.255
IP Class E 240 to 254 240.0.0.0 255.255.255.255
Q. Explain classful addressing mechanism of IPv4.

Ans: Classful addressing was the initial addressing scheme used in IPv4, dividing IP addresses
into five main classes: Class A, Class B, Class C, Class D, and Class E. Each class had a
predefined range of network and host bits, determining the maximum number of networks and
hosts within each class.
Class Address Range Start address End address
IP Class A 1 to 126 1.0.0.0 126.255.255.255
IP Class B 128 to 191 128.0.0.0 191.255.255.255
IP Class C 192 to 223 192.0.0.0 223.255.255.255
IP Class D 224 to 239 224.0.0.0 239.255.255.255
IP Class E 240 to 254 240.0.0.0 255.255.255.255
Q. Explain Network address translation.

Ans:
● Network Address Translation (NAT) is a crucial networking technique that allows
multiple devices in a private network to share a single public IP address when
communicating with external networks like the Internet.
● In IPv4, where public IP addresses are limited, NAT serves as a vital solution.
● It operates by translating private IP addresses to a common public IP address, typically
performed by a router or firewall.
● NAT addresses two key challenges.

● Firstly, it conserves public IP addresses by enabling multiple devices to use a single
public address. This is essential in the face of the growing demand for IP addresses.
● Secondly, NAT enhances security by concealing the internal network structure. Only the
public IP address is visible externally, providing a layer of protection against potential
threats.
● Different NAT types, such as Static NAT, Dynamic NAT, and PAT, offer versatility in
implementation, making NAT a fundamental component in modern networking.
Q. Draw and labeled sketch of IPv4 Packet Format.

Ans:
Q. Find out the error, if any in the following IPv4 addresses:

a.111.56.054.78
b. 222.34.7.8.20
c. 75.45.301.14
d. 11100101.23.14.67
Ans:
a. 111.56.054.78
- The leading zero in "054" is not allowed in an IPv4 address. It should be "111.56.54.78".
b. 222.34.7.8.20
- There is an extra octet. An IPv4 address should consist of four octets.
c. 75.45.301.14
- The third octet "301" is not a valid octet in the range of 0 to 255. It should be "75.45.255.14"
or corrected based on the intended value.
d. 11100101.23.14.67
- The first octet is binary representation ("11100101") rather than decimal. It should be
"229.23.14.67" in decimal.
Q. State the concept of fragmentation in IPv4.

Ans: Fragmentation is the division of an IP datagram into smaller units.After fragmentation,
each fragment will have its own header with few fields changed and few fields remaining the
same.
OR
Fragmentation: When the maximum size of datagram is greater than maximum size of data that
can be held a frame then the network layer divides the datagram received from x-port layer into
fragments.
Q. Draw and label sketch of ICMPv4 packet format.

Ans:
Q. Explain ICMP protocol. Describe the header format of ICMP.

Ans: The Internet Control Message Protocol (ICMP) supports the unreliable and connectionless
Internet Protocol (IP).
● ICMP messages are encapsulated in IP datagrams. There are two categories of ICMP
messages: error-reporting and query messages. The error-reporting messages report
problems that a router or a host (destination) may encounter when it processes an IP
packet. The query messages, which occur in pairs, help a host or a network manager get
specific information from a router or another host.
● The checksum for ICMP is calculated using both the header and the data fields of the
ICMP message.
● There are several tools that can be used on the Internet for debugging. We can find if a
host or router is alive and running. Two of these tools are ping and traceroute.
An ICMP message has an 8-byte header and a variable-size data section. Although the general
format of the header is different for each message type, the first 4 bytes are common to all. As
Figure shows,
● The first field, ICMP type, defines the type of the message.
● The code field specifies the reason for the particular message type.
● The last common field is the checksum field for checking errors.
● The rest of the header is specific for each message type.
● The data section in error messages carries information for finding the original packet that
had the error. In query messages, the data section carries extra information based on the
type of the query.
Q. List types of ICMPv4 messages.

Ans:
i) Destination unreachable
ii) Source quench
iii) Time exceeded
iv) Parameter problem
v) Redirection
vi) Echo request or reply
vii) Timestamp request or reply
Q. What is Mobile IP ? List and explain components of Mobile IP.

Ans: Mobile IP is an open standard, defined by the Internet Engineering Task Force (IETF) RFC
2002, that allows users to keep the same IP address, stay connected, and maintain ongoing
applications while roaming between IP networks. Mobile IP is scalable for the Internet because it
is based on IP-any media that can support IP can support Mobile IP.
Components of Mobile IP:
i) Mobile Node
ii) Home Agent
iii) Foreign Agent
iv) Home Network
v) Foreign network
vi) Care-of-Address
vii) Correspondent Node
i) Mobile Node (MN): The mobile device that can change its point of attachment to the network
while maintaining communication.
ii) Home Agent (HA): A router on the home network that keeps track of the Mobile Node's
current location (Care-of-Address) and forwards data to it when needed.
iii) Foreign Agent (FA): A router on the visited network that assists in the registration process
and forwards data between the Home Agent and the Mobile Node.
iv) Home Network: The network where the Mobile Node has a permanent IP address (Home
Address) assigned.
v) Foreign Network: The network the Mobile Node is currently connected to, which is not its
home network.
vi) Care-of-Address (CoA): The temporary IP address assigned to the Mobile Node on the
visited network while away from its home network.
vii) Correspondent Node: Any device with which the Mobile Node communicates; it can be on
the home or foreign network.
Q. For the IP addresses given below:

(1) Identify the classes to which the following IP Address belongs to
(2) Identify the Network Address Section.
(3) Identify the Host Address Section.
(4) Calculate Number of Hosts that can be assigned with each network
(i) 122.34.45.133
(ii) 12.12.12.12
(iii) 192.0.233.26
(iv) 126.123.16.87
Ans:
(i) 122.34.45.133 belongs to Class A
(ii) 12.12.12.12 belongs to Class A
(iii) 192.0.233.26 belongs to Class C
(iv) 126.123.16.87 belongs to Class A
For Class A, the network address section is the first octet.

For Class C, the network address section is the first three octets.
Using this information:
(i) In 122.34.45.133, the network address section is 122
(ii) In 12.12.12.12, the network address section is 14
(iii) In 192.0.233.26, the network address section is 192.0.233
(iv) In 126.123.16.87, the network address section is 126
The host address section is the remaining bits after the network address section.
(i) The host address section in 122.34.45.133 is 34.45.133
(ii) The host address section in 12.12.12.12 is 12.12.12
(iii) The host address section in 192.0.233.26 is 26
(iv) The host address section in 126.123.16.87 is 123.16.87
Number of host that can be assigned:

(i) 122.34.45.133:
=> 232-n - 2
=> 232-8 - 2
=> 224 - 2
=> 16777216 - 2
=> 16777214
(ii) 12.12.12.12:
=> 232-n - 2
=> 232-8 - 2
=> 224 - 2
=> 16777216 - 2
=> 16777214
(iii) 192.0.233.26:
=> 232-n - 2
=> 232-24 - 2
=> 28 - 2
=> 256 - 2
=> 254
(iv) 126.123.16.87:
=> 232-n - 2
=> 232-8 - 2
=> 224 - 2
=> 16777216 - 2
=> 16777214
Q. For the IP address given below :

(i) 132.34.45.133
(ii) 14.142.20.20
(iii) 191.0.200.45
(iv) 129.16.123.85
(A) Identify the classes to which the following IP numbers belong to ?
(B) Identify the network address section.
(C) Identify the host address section.
Ans:
(i) 132.34.45.133 belongs to Class B
(ii) 14.142.20.20 belongs to Class A
(iii) 191.0.200.45 belongs to Class B
(iv) 129.16.123.85 belongs to Class B
For Class A, the network address section is the first octet.

For Class B, the network address section is the first two octets.
(i) In 132.34.45.133, the network address section is 132.34
(ii) In 14.142.20.20, the network address section is 14
(iii) In 191.0.200.45, the network address section is 191.0
(iv) In 129.16.123.85, the network address section is 129.16
The host address section is the remaining bits after the network address section.
(i) The host address section in 132.34.45.133 is 45.133.
(ii) The host address section in 14.142.20.20 is 142.20.20.
(iii) The host address section in 191.0.200.45 is 0.45.
(iv) The host address section in 129.16.123.85 is 123.85.
Q. Describe the sub-network address if the destination address is 200.45.34.56 and the
subnet mask is 255.255.240.0.
Ans:
Given,
Destination Address = 200.45.34.56
Subnet Mask = 255.255.240.0
To find subnet address, convert Destination Address and Subnet Mask into binary form and then
perform AND operation:
Destination Address = 200.45.34.56

= 11001000.00101101.00100010.00111000
Subnet Mask = 255.255.240.0

= 11111111.11111111.11110000.00000000
11001000.00101101.00100010.00111000
11111111 .11111111 .11110000.00000000
--------------------------------------------------
11001000.00101101.00100000.00000000
Convert the result into decimal,

11001000.00101101.00100000.00000000 => 200.45.32.0
Therefore, subnet address is 200.45.32.0
Q. For the IPV4 addresses given below, calculate subnet mask, broadcast address and number of
hosts possible.
(i) 10.0.199.237/22
(ii) 192.168.14.87/26
Ans:
(i) 10.0.199.237/22:
● Subnet mask: convert the prefix length /22 to binary = 11111111.11111111.11111100.00000000
Convert the binary prefix to decimal = 255.255.252.0
● Network address: obtain the binary network portion of the IP address by setting the host bits to 0
= 00001010.00000000.11000100.00000000
Convert the binary network address to decimal = 10.0.196.0
● Broadcast address: obtain the binary host portion of the IP address by setting the host bits to 1 =
00001010.00000000.11000111.11111111
Convert the binary broadcast address to decimal = 10.0.199.255
● Number of hosts possible: calculate the number of available host addresses by subtracting the
network and broadcast addresses from the total number of possible addresses. In this case, there
are 2(32-22) - 2 = 1022 available host addresses.
(ii) 192.168.14.87/26:
● Subnet mask: convert the prefix length /26 to binary = 11111111.11111111.11111111.11000000
Convert the binary prefix to decimal = 255.255.255.192
● Network address: obtain the binary network portion of the IP address by setting the host bits to 0
= 11000000.10101000.00001110.01000000
Convert the binary network address to decimal = 192.168.14.64
● Broadcast address: obtain the binary host portion of the IP address by setting the host bits to 1 =
11000000.10101000.00001110.01111111
Convert the binary broadcast address to decimal = 192.168.14.127
● Number of hosts possible: calculate the number of available host addresses by subtracting the
network and broadcast addresses from the total number of possible addresses. In this case, there
are 2(32-26) - 2 = 62 available host addresses.
Q. For the IP address given below, find the range of addresses in the following blocks:
(a) 123.56.77.32/29
(b) 200.17.21.128/27
(c) 17.34.16.0/23
(d) 180.34.64.64/30
Ans:
a) (123.56.77.32/29):
=> Subnet Mask: (255.255.255.248)
=> Number of Addresses in Subnet: (232-29 = 8)
=> Starting Address: (123.56.77.32)
=> Ending Address: (123.56.77.39)
=> Total Range: (123.56.77.32 - 123.56.77.39)
=> Usable Range: (123.56.77.33 - 123.56.77.38)
b) (200.17.21.128/27):
=> Subnet Mask: (255.255.255.224)
=> Ending Address: (200.17.21.159)
=> Total Range: (200.17.21.128 - 200.17.21.159)
=> Usable Range: (200.17.21.129 - 200.17.21.158)
c) (17.34.16.0/23):
=> Subnet Mask: (255.255.254.0)
=> Ending Address: (17.34.17.255)
=> Total Range: (17.34.16.0 - 17.34.17.255)
=> Usable Range: (17.34.16.1 - 17.34.17.254)
d) (180.34.64.64/30):
=> Subnet Mask: (255.255.255.252)
=> Ending Address: (180.34.64.67)
=> Total Range: (180.34.64.64 - 180.34.64.67)
=> Usable Range: (180.34.64.65 - 180.34.64.66)
Q. Given an IP address (70.12.100.132) and network mask (255.255.255.192), determine
other information about the IP address such as:
(i) Network address
(ii) Network broadcast address
(iii) Total number of host bits
(iv) Number of hosts
Ans:
i) Network Address:
Step 1: Convert the IP address and subnet mask to binary format.

IP address: 01000110.00001100.01100100.10000100
Subnet mask: 11111111.11111111.11111111.11000000
Step 2: Calculate the network address.

Perform a bitwise "AND" operation on the IP address and subnet mask:
01000110.00001100.01100100.10000100 (IP address)
11111111.11111111.11111111.11000000 (Subnet mask)
--------------------------------------------------
01000110.00001100.01100100.10000000 (Network address)
The network address is 70.12.100.128.
ii) Network Broadcast Address:
Step 3: Calculate the network broadcast address.

Invert the host bits of the subnet mask:
00000000.00000000.00000000.00111111 (Inverted host bits)
Perform a bitwise "OR" operation on the network address and inverted host bits:
01000110.00001100.01100100.10000000 (Network address)
00000000.00000000.00000000.00111111 (Inverted host bits)
-------------------------------------------------
01000110.00001100.01100100.10111111 (Network broadcast address)
The network broadcast address is 70.12.100.191.
iii) Total Number of Host Bits:
Step 4: Calculate the total number of host bits.

Count the number of zeros in the inverted host bits of the subnet mask.
Here, there are six zeros: 00111111
iv) Number of Hosts:
Step 5: Calculate the number of hosts.

The number of hosts can be calculated using the formula: 2(number of host bits) - 2.
In this case, the number of host bits is 6, so the number of hosts is:
=> 26 - 2
=> 64 - 2
=> 62
Therefore, the information about the given IP address and network mask is as follows:
(i) Network address: 70.12.100.128
(ii) Network broadcast address: 70.12.100.191
(iii) Total number of host bits: 6
(iv) Number of hosts: 62
Q. Define home agent and foreign agent with respect to Mobile IP.
Ans: Home Agent: The Home Agent is a router located in the home network that acts as the anchor point
for communication with the mobile node. It facilitates the tunneling of packets from a device on the
Internet, known as a correspondent node, to the roaming mobile node.
Foreign Agent: The Foreign Agent is a router that can serve as the point of attachment for the mobile
node when it moves to a foreign network. It is responsible for delivering packets from the home agent to
the mobile node.
UNIT 2 - Next Generation IP
Q. Draw and label sketch of IPv6 packet format.

Ans:
Q. Draw and explain IPv6 protocol format.
Ans:
● Version (4 bit): It represents the version of Internet Protocol, i.e. 0110
● Traffic Class (8-bits): These 8 bit are divided into two parts. The most significant 6 bits are used
for Type of Service to let the Router Know what services should be provided to this packet. The
least significant 2 bits are used for Explicit Congestion Notification ECN).
● Flow label (20-bits): This label is used to maintain the sequential flow of the packets belonging
to a communication. The source labels the sequence to help the router identify that a particular
packet belongs to a specific flow of information. This field helps avoid reordering of data packets.
It is designed for streaming/real -time media.
● Payload Length (16-bits): This field is used to tell the routers how much information a particular
packet contains in its payload. Payload is composed of Extension Headers and Upper Layer data.
With 16 bits, up to 65535 bytes can be indicated, but if the Extension Headers contain
Hop-by-Hop Extension Header, then the payload may exceed 65535 bytes and this field is set to
0.
● Next Header (8-bits): This field is used to indicate either the type of Extension Header,or if the
Extension Header is not present then it indicates the Upper Layer PDU. The values for the type of
Upper Layer.
● Hop Limit (8-bits): This field is used to stop packets from looping in the network infinitely.This
is the same as TTL in IPV4. The value of Hop Limit field is decremented by 1 as it passes a link
(router/hop). When the field reaches the packet is discarded.
● Source Address (128-bits): This field indicates the address of the originator of the packet.
● Destination Address (128-bits): This field provides the address of intended recipient of the
packet.
Q. List the notation used in IPv6.

Ans:
i) Dotted Decimal
ii) Hexadecimal Notation
iii) Mixed Representation
iv) CIDR Notation
Q. State significance of following related to IPV6.

● Auto configuration
● Renumbering
Ans:
Auto Configuration:
● Auto configuration in IPv6 is significant for simplifying the process of assigning IP
addresses to devices on a network.
● With IPv6, devices can automatically configure their IP addresses without the need for
manual intervention or DHCP (Dynamic Host Configuration Protocol).
● This is achieved through Stateless Address Autoconfiguration (SLAAC), where devices
use information from the router advertisements to generate their unique IPv6 addresses.
● This feature streamlines network setup, reduces administrative overhead, and enhances
the scalability of IPv6 networks.
Renumbering:
● Renumbering in IPv6 refers to the ability to change the global prefix of an IPv6 network
without individually reconfiguring each device.
● This is particularly important in situations where a network addressing scheme needs to
be updated or modified.
● IPv6 simplifies the renumbering process by allowing routers to advertise the new prefix,
and devices can then update their addresses accordingly.
● This flexibility is crucial for adapting to changes in network topology, addressing plans,
or service provider relationships without causing significant disruptions to ongoing
network operations.
Q. Explain the process of transition from IPv4 to IPv6 for a network.

Ans: Three Transition from IPv4 to IPv6 strategies:
1. Dual Stack
2. Tunneling
3. Header Translation
1. Dual Stack:
● In this kind of strategy a station has a dual stack of protocols run IPv4 and IPv6
simultaneously.
● To determine which version to use when sending a packet to a destination, the source host
queries the DNS.
● If the DNS returns an IPv4 address, the source host sends an IPv4 packet.
● If the DNS returns an IPv6 address, the source host sends an IPv6 packet.
2. Tunneling:
● Tunneling is a strategy used when two computers using IPv6 want to communicate with
each other and the packet must pass through a region that uses IPv4.
● To pass through this region, the packet must have an IPv4 address.
● So the IPv6 packet is encapsulated in an IPv4 packet when it enters the region.
● To make it clear that the IPv4 packet is carrying an IPv6 packet as data the protocol value
is set to 41.
3. Header Translation:
● In this case, the header format must be totally changed through header translation.
● The header of the IPv6 packet is converted to an IPv4 header see figure.
Q. State the importance of IPV6 over IPV4.

Ans:
Here is the importance of IPv6 over IPv4:
1. Larger Address Space: IPv6 offers a much larger pool of unique addresses compared to
the limited supply in IPv4 (128-bit vs. 32-bit).
2. Addressing Efficiency: IPv6 eliminates the need for NAT, providing globally unique
addresses for devices and improving end-to-end communication.
3. Security and Privacy: IPv6 incorporates built-in security features, including mandatory
IPsec support, enhancing network security.
4. Auto-Configuration: IPv6 enables devices to automatically configure their own

addresses and network settings without manual intervention.
5. Quality of Service (QoS): IPv6 includes QoS features, improving prioritization and
traffic management for real-time applications.
6. Future-Proofing: IPv6's design accommodates the expanding internet landscape,
supporting new technologies and devices.
7. Global Connectivity: Increasing adoption of IPv6 ensures seamless global connectivity

as the internet evolves.
8. Easier Multicasting: IPv6 natively supports multicast, simplifying efficient data

distribution to multiple devices.
Q. List extension headers of IPv6 protocol.

Ans:
i) Hop-by-Hop
ii) Destination
iii) Source Routing
iv) Fragmentation
v) Authentication
vi) Encapsulating Security Payload (ESP)
Q. State the four advantages of IPv6.

Ans:
Advantages of IPv6:
● Larger address space.
● Better header format.
● New options for additional functionalities.
● Allowance for extension.
● Support for more security.
● More efficient routing
● More efficient packet processing
● Directed data flows
● Simplified Network configuration
● Support for new services
● Support for Security
● Auto configuration
Q. Compare between IPv4 and IPv6.

Ans:
IPv4 IPv6
i) It is a 32 Bit address. i) It is a 128 Bit address.

ii) Header length is 20 Bytes. ii) Header length is 40 Bytes.
iii) Checksum is available in the header. iii) No checksum in header.
iv) Classfull IP address scheme - A, B, iv) Classless address scheme.

C, D, E
v) No packet flow identification. v) Packet flow identification is available.
vi) Smaller address space. vi) Larger address space.
Q. State the need of IPv6.

Ans:
1. Increased address space
2. Improved packet handling
3. Simplified header format
4. Enhanced security
5. Improved Quality of Service (QoS) support
6. Seamless mobility and auto-configuration
7. End-to-end connectivity
8. Support for new technologies and devices
Q. State the need for

(1) Sequence Control
(2) Error Control
(3) Flow Control in networking.
Ans:
1. Sequence Control:
● Ensures Order: Sequence control ensures that data is transmitted and received in the correct
order, preventing confusion and maintaining the intended meaning of the information.
● Data Integrity: By maintaining the proper sequence, it enhances the reliability of data transfer,
reducing the chances of misinterpretation and errors caused by out-of-order delivery.
2. Error Control:
● Detects Errors: Error control mechanisms identify errors in transmitted data, enabling the
detection of corrupted information and ensuring the accuracy of received data.
● Corrects Errors: In addition to detection, some error control methods provide mechanisms for
correcting errors, enhancing the overall integrity and reliability of the communication.
3. Flow Control:
● Prevents Congestion: Flow control manages the rate of data transmission, preventing network
congestion and ensuring that the network operates efficiently without overwhelming devices or
causing bottlenecks.
● Optimizes Performance: By regulating the flow of data, flow control optimizes network
performance, prevents packet loss, and ensures a smoother and more reliable communication
process.
Q. Assume a host with Ethernet address (F5-A9-23-11-9B-E2)16 has joined the network.
Build its global unicast address if the global unicast prefix of the organization is
3A21:1216:2165 and the subnet identifier is A245:1232.
Ans:
To build the global unicast address for the host with the Ethernet address (F5-A9-23-11-9B-E2),
we need to convert the Ethernet address to an IPv6 interface identifier and combine it with the
global unicast prefix and subnet identifier.
Step 1: Convert the Ethernet address to an IPv6 interface identifier

The IPv6 interface identifier is derived from the Ethernet address by inserting "FFFE" in the
middle of the address and flipping the seventh bit (universal/local bit) of the first byte. In this
case, the Ethernet address is F5-A9-23-11-9B-E2.
First, insert "FFFE" in the middle: F5-A9-23-FF-FE-11-9B-E2
Next, flip the seventh bit (universal/local bit) of the first byte (F5): F7-A9-23-FF-FE-11-9B-E2
Step 2: Combine the global unicast prefix and subnet identifier

The global unicast prefix is 3A21:1216:2165, and the subnet identifier is A245:1232.
The complete global unicast address for the host with the given Ethernet address would be:
3A21:1216:2165:A245:1232:F7A9:23FF:FE11:9BE2
UNIT 3 - Unicast and Multicast Routing Protocols
Q. Difference between Static and Dynamic Routing on the basis of configuration, security,
routing protocols and cost.
Ans:
Parameter Static Routing Protocol Dynamic Routing Protocol
Configuration Manually configured by Configured by dynamic

network administrator routers
Security More secure Less secure
Routing Protocols are defined by Utilizes various protocols such

Protocols the administrator as OSPF, BGP, RIPv2
Cost Low High
Q. List different routing algorithms.

Ans:
i) Distance Vector Routing Algorithm.
ii) Bellman - Ford Algorithm.
iii) Link State Routing Algorithm.
iv) Path Vector Routing Algorithm.
Q. Difference between Distance Vector Routing and Link State Routing.

Ans:
Distance Vector Routing Link State Routing
i) Slow convergence. i) Fast convergence.
ii) Easier to configure. ii) Harder to configure.
iii) Count to infinity problem. iii) No count to infinity problem.
iv) It uses the Bellman Ford Algorithm. iv) It uses the Dijkstra Algorithm.
v) CPU and memory utilization is low. v) CPU and memory utilization is high.
vi) It requires less bandwidth. vi) It requires more bandwidth.
vii) Summarization is automatic. vii) Summarization is manual.
viii) It updates the full routing table. viii) It updates only link states.
ix) It doesn't have hierarchical structure. ix) It works best for hierarchical routing
design.
x) Ex: RIP, IGRP. x) Ex: OSPF, IS-IS.

Q. Define inter-domain routing protocol. List them.
Ans: Inter-domain routing protocols: are network protocols that are used to exchange routing
information between different Autonomous Systems (AS) on the Internet. An Autonomous System is a
collection of networks under a common administrative domain.
1. Border Gateway Protocol version 4 (BGP-4)
Q. Explain intra domain routing protocols.

Ans:
i) Distance Vector Routing:
● Require only local state (less overhead smaller footprint)
● Harder to debug
● Can suffer from loops
● Current best known cost to reach a destination
● Idea: exchange vectors among neighbors to learn about lowest cost paths.
● Distance vector protocols advertise their routing table to all directly connected
neighbors at regular frequent intervals using a lot of bandwidth and are slow to converge.
● When a route becomes unavailable, all router tables must be updated with that new
information.
● The problem is with each router having to advertise that new information to its neighbors,
it takes a long time for all routers to have a current accurate view of the network.
● Distance vector protocols use fixed length subnet masks which aren't scalable.
○ periodically (on the order of several seconds to minutes)
○ whenever table changes (called triggered update)
● Each update is a list of pairs:
○ (Destination , Cost )
● Update local table if receive a “better” route
○ smaller cost
○ from newly connected/available neighbor
● Refresh existing routes; delete if they time out
○ i.e. RIP-Routing Information Protocol
ii) Link State Routing:

● Have a global view of the network
● Simpler to debug
● Require global state
Link State Strategy

● Each router shares the information/knowledge of its neighborhood with every other
router in the internetwork.
● Send to all nodes (not just neighbors)
● Send only information about directly connected links not entire routing table)
Link State Packet (LSP)

● ID of the node that created the LSP
● Cost of link to each directly connected neighbor
● Sequence number (SEQNO)
● Time-to-live (TTL) for this packet
○ i.e. OSPF-Open Shortest Path First
iii) Routing Information Protocol version 2(RIPv2):

● Runs over UDP port 520
● Limits networks to 15 hops (16 = 1)
● Depends on count to infinity for loops
● Supports split horizon, poison reverse
● RFC 1812 specifies what options routers should or must have.
iv) MOSPF (Multicast Open Shortest Path First):

● This protocol is an extension of the OSPF protocol that uses multicast link state routing
to create source-based trees.
● The protocol requires a new link state update packet to associate the unicast address of a
host with the group address or addresses the host is sponsoring. This packet is called the
group membership LSA. In this way, we can include in the tree only the hosts (using their
unicast addresses) that belong to a particular group.
● Thus a tree that contains all the hosts belonging to a group, but we use the unicast address
of the host in the calculation.
● For efficiency, the router calculates the shortest path trees on demand (when it receives
the first multicast packet).
● In addition, the tree can be saved in cache memory for future use by the same
source/group pair.
● MOSPF is a data-driven protocol; the first time an MOSPF router sees a datagram with a
given source and group address, the router constructs the Dijkstra shortest path tree.
v) Multicast Distance Vector Routing (DVMRP):

● The Distance Vector Multicast Routing Protocol (DVMRP) is an implementation of
multicast distance vector routing. It is a source-based routing protocol, based on RIP.
● Unicast distance vector routing is very simple; extending it to support multicast routing is
complicated.
● Multicast routing does not allow a router to send its routing table to its neighbors.
● The idea is to create a table from scratch using the information from the unicast distance
vector tables.
● Multicast distance vector routing uses source-based trees, but the router never actually
makes a routing table.
● When a router receives a multicast packet, it forwards the packet as though it is
consulting a routing table.
● After its use (after a packet is forwarded) the table is destroyed.
● To accomplish this, the multicast distance vector algorithm uses a process based on four
decision-making strategies.
vi) PIM-DM (Protocol Independent Multicast, Dense Mode):

● PIM-DM is used when there is a possibility that each router is involved in multicasting
(dense mode).
● In this environment, the use of a protocol that broadcasts the packet is justified because
almost all routers are involved in the process.
● PIM-DM is a source-based tree routing protocol that uses RPF and pruning/grafting
strategies for multicasting.
● Its operation is like DVMRP; however, unlike DVMRP, it does not depend on a specific
unicasting protocol.
● It assumes that the autonomous system is using a unicast protocol and each router has a
table that can find the outgoing interface that has an optimal path to a destination.
● This unicast protocol can be a distance vector protocol (RIP) or link state protocol
(OSPF).
Q. Explain Distance Vector Routing with suitable example.

Ans:
● Distance Vector Routing is a routing algorithm where each router maintains a table
indicating the distance (or cost) to every destination in the network.
● Routers share this information with their neighbors, and they, in turn, update their tables
based on the received information.
● The process continues iteratively until a stable state is reached, where routers have
consistent routing tables.
● While Distance Vector Routing algorithms are straightforward, they can suffer from slow
convergence and are vulnerable to routing loops.
● Modern networks often use link-state or hybrid routing protocols for improved efficiency
and reliability.
Example: In the network shown below, there are three routers, A, B, and C, with the
following weights: AB = 2, BC = 3 and CA = 5.
Step 1: In this DVR network, each router shares its routing table with every neighbor. For
example, A will share its routing table with neighbors B and C and neighbors B and C will share
their routing table with A.
From A A B C
A 0 2 3
From B A B C
B 2 0 1
From C A B C
C 3 1 0
Step 2: If the path via a neighbor has a lower cost, then the router updates its local table to
forward packets to the neighbor. In this table, the router updates the lower cost for A and C by
updating the new weight from 4 to 3 in router A and from 4 to 3 in router C.
Step 3: The final updated routing table with lower cost distance vector routing protocol for all
routers A, B, and C is given below:
Router 1:
From A A B C
A 0 2 3
B 2 0 1
C 3 1 0
Router 2:
From B A B C
A 0 2 3
B 2 0 1
C 3 1 0
Router 3:
From C A B C
A 0 2 3
B 2 0 1
C 3 1 0
Q. State importance of Routing table.

Ans:
● The routing table is a critical component of network communication as it contains
information that allows network devices to determine the best path for transmitting data
packets between different networks.
● Without a routing table, network devices would not know how to send packets to their
intended destination, resulting in communication failures and network downtime.
● Routing tables store information about the available paths that data can take to reach its
destination, including the addresses of routers, subnets, and other network segments.
● Each entry in the routing table describes a specific route that data can take, and includes
information such as the network address, the subnet mask, and the IP address of the next
hop router.
Q. Describe modern computer use dynamic routing. Explain with example how distance
vector routing is used to route the packet & why count-to-infinity problem arises and how
does it get solved?
Ans: Dynamic routing uses a dynamic routing protocol to automatically select the best route to
put into the routing table. So instead of manually entering static routes in the routing table,
dynamic routing automatically receives routing updates, and dynamically decides which routes
are best to go into the routing table. This intelligent and hands-off approach that makes dynamic
routing so useful in the modern era.
Dynamic routing protocols vary in many ways and this is reflected in the various administrative
distances assigned to routes learned from dynamic routing. These variations take into account
differences in reliability, speed of convergence, and other similar factors.
Distance vector routing:

1. Distance Vector Routing is one of the dynamic routing algorithms.
2. It is suitable for packet switched networks.
3. In distance vector routing, each router maintains a routing table.
4. It contains one entry for each router in the subnet.
5. This entry has two parts:
a. The first part shows the preferred outgoing line to be used to reach the
destination.
b. Second part gives an estimate of the time or distance to the destination.
In distance vector routing, a node tells its neighbor about its distance to every other node
in the network.
Count to infinity problem:

1. One of the important issues in Distance Vector Routing is the Count to Infinity Problem.
2. Count to infinity is just another name for a routing loop.
3. In distance vector routing, routing loops usually occur when an interface goes down.
4. It can also occur when two routers send updates to each other at the same time.
Count to infinity problem can be solved by following methods:

1. Defining Infinity
2. Split Horizon
3. Split Horizon and Poison Reverse
Example:
A B C D
A 0, - 1, A 2, B 3, C
B 1, B 0, - 2, C 3, D
C 2, B 1, C 0, - 1, C
D 3, B 2, C 1, D 0, -
Imagine a network with a graph as shown above in figure 4.8.

● As you see in this graph, there is only one link between A and the other parts of the
network.
● Now imagine that the link between A and B is cut.
● At this time, B corrects its table.
● After a specific amount of time, routers exchange their tables, and so B receives C's
routing table.
● Since C doesn't know what has happened to the link between A and B, it says that it has a
link to A with the weight of 2 (1 for C to B, and 1 for B to A -- it doesn't know B has no
link to A).
● B receives this table and thinks there is a separate link between C and A, so it corrects its
table and changes infinity to 3 (1 for B to C, and 2 for C to A, as C said).
● Once again, routers exchange their tables.
● When C receives B's routing table, it sees that B has changed the weight of its link to A
from 1 to 3, so C updates its table and changes the weight of the link to A to 4 (1 for C to
B, and 3 for B to A, as B said).
● This process loops until all nodes find out that the weight of link to A is infinity.
● This situation is shown in the table below
● In this way, Distance Vector Algorithms have a slow convergence rate.
● One way to solve this problem is for routers to send information only to the neighbors
that are not exclusive links to the destination.
B C D
Sum of weight to A after link cut ∞, A 2, B 3, C

Sum of Weight to A after 1st updating 3, C 2, B 3, C
Sum of Weight to A after 2nd updating 3, C 4, B 3, C
Sum of Weight to A after 3rd updating 5, C 4, B 5, C
Sum of Weight to A after 4th updating 5, C 6, B 5, C
Sum of Weight to A after 5th updating 7, C 6, B 7, C
Sum of Weight to A after nth updating ….. ….. …..
∞ ∞ ∞ ∞
Q. Difference between RIP and OSPF.

Ans:
RIP OSPF
i) It is the Distance Vector Routing Protocol. i) It is Link State Routing Protocol.
ii) It is based on the Bellman Ford Algorithm. ii) It is based on Dijkstra's Algorithm.
iii) It has slower convergence. iii) It has faster convergence.
iv) It is simpler than OSPF. iv) It is more complex than RIP.
v) It doesn't support VLSM. v) It supports VLSM.
vi) It is suited for smaller networks. vi) It is suited for larger networks.
vii) It is less secure. vii) It is more secure.
viii) It uses less bandwidth. viii) It uses more bandwidth.
Q. Describe the RIP message format.

Ans:
RIP (Routing Information Protocol) message format:
● RIP is a routing protocol based on the Distance Vector Routing algorithm which is an
intradomain (interior) routing protocol used inside an autonomous system.
● The metric used by RIP is the distance which is defined as the number of links (networks)
that have to be used to reach the destination. For this reason, the metric in RIP is called a
hop count.
● Infinity is defined as 16, which means that any route in an autonomous system using RIP
cannot have more than 15 hops.
● The next node column defines the address of the router to which the packet is to be sent
to reach its destination
● Command: 8-bit
○ The type of message: request (1) or response (2)
● Version: 8-bit
○ Defines the RIP version
● All 0s
○ This field is not actually used by RFC 1058 RIP; it was added solely to provide
backward compatibility with pre-standard varieties of RIP. Its name comes from
its defaulted value, zero.
● Family:
○ The 16-bit field defines the family of the protocol used. For TCP/IP, value is 2.
● IP Address Network Address:

○ 14 bytes n Defines the address of the destination network and 14 bytes for this
field to be applicable to any protocol. However, IP currently uses only 4 bytes, the
rest are all 0s.
● Distance:
○ 32-bit field defines the hop count from the advertising router to the destination
network.
Q. Enlist and explain timers in RIP.

Ans:
Periodic Timers
● The periodic timer controls the advertising of regular update messages. Although the
protocol specifies that this timer must be set to 30 s, the working model uses a random
number between 25 and 35 s.
● This is to prevent any possible synchronization and therefore overload on an internet if
routers update simultaneously.
● Each router has one periodic timer that is randomly set to a number between 25 and 35. It
count down; when zero is reached, the update message is sent, and the timer is randomly
set once again.
Expiration Timer:
● The expiration timer governs the validity of a route.
● When a router receives update information for a route, the expiration timer is set to 180 s
for that particular route.
● Every time a new update for the route is received, the timer is reset.
● In normal situations this occurs every 30 s.
● However, if there is a problem on an Internet and no update is received within the allotted
180s, the route is considered expired and the hop count of the route is set to 16, which
means the destination is unreachable.
● Every route has its own expiration timer.
Garbage Collection Timer:

● When the information about a route becomes invalid, the router does not immediately
purge that route from its table.
● Instead, it continues to advertise the route with a metric value of 16.
● At the same time, a timer called the garbage collection timer is set to 120 s for that route.
● When the count reaches zero, the route is purged from the table and this timer allows
neighbors to become aware of the invalidity of a route prior to purging.
Q. Describe the BGP4 in detail.

Ans:
● BGP is an exterior gateway protocol for communication between routers in different
autonomous systems. BGP is based on a routing method called path vector routing.
● Border Gateway Protocol (BGP) is an inter-domain routing protocol using path vector
routing. The current version of BGP is version 4 (BGP4).
● The BGP4 is an external gateway protocol. It allows two routers in different routing
domains, known as Autonomous Systems, to exchange routing information to facilitate
the forwarding of data across the borders of the routing domains.
i) Marker:
- The Marker field is 32 Bits in length and is used for synchronization and authentication
purposes during the BGP session establishment. It is typically set to a well-known fixed value.
The Marker field, along with the Length field, precedes the actual BGP message in the BGP
header.
ii) Length:
- The Length field indicates the total length of the BGP message, including the Marker, Length,
Type, and Data fields. It is a 16 bits field, allowing BGP to support variable-length messages.
iii) Type:
- The Type field specifies the type of BGP message, indicating whether it is an Open message,
Update message, Keepalive message, or Notification message. It is a 8 bits field.
Q. Enlist types of BGP Messages.

Ans:
i) Open
ii) Update
iii) Keepalive
iv) Notification
Q. Give use of OSPF with its reason.

Ans:
Use of OSPF:
1. Enterprise Networks:
- Reason: OSPF is commonly used in large enterprise networks where dynamic routing and
efficient intra-domain routing are crucial. Its ability to scale, adapt to changes, and provide fast
convergence makes it suitable for complex enterprise environments.
2. Internet Service Provider (ISP) Networks:

- Reason: OSPF is often used by ISPs to manage their core networks. Its scalability and
support for hierarchical design help ISPs efficiently handle large-scale routing within their
networks.
3. Campus Networks:
- Reason: OSPF is employed in campus networks, especially in educational institutions or
large corporate campuses. It simplifies routing within the campus, adapting to changes and
optimizing routing based on the network's topology.
4. Data Center Networks:

- Reason: OSPF can be used in data center networks where dynamic routing is required to
handle changing traffic patterns and optimize the use of available resources. It provides a robust
solution for efficient intra-data center routing.
5. Telecommunication Networks:
- Reason: Telecommunication networks, which often involve a complex infrastructure and
dynamic changes, benefit from OSPF. Its support for fast convergence and scalability makes it
suitable for managing routing in telecommunications.
6. Multi-Vendor Environments:
- Reason: OSPF's standardized nature allows it to be used in multi-vendor environments where
different routers from various manufacturers are present. Its adherence to industry standards
ensures interoperability.
7. Networks Requiring Fast Convergence:

- Reason: OSPF is chosen in scenarios where rapid convergence is critical, such as networks
providing real-time applications or services. Its ability to quickly adapt to changes minimizes
downtime.
8. Networks with Frequent Topology Changes:

- Reason: OSPF is well-suited for networks with dynamic topologies, where routers are
frequently added or removed. Its link-state database and dynamic routing capabilities make it
adaptable to such changes.
Q. Distinguish between Unicast, Multicast, Broadcast.
Ans:
Unicast Multicast Broadcast
i) Point - to - Point delivery. i) Simultaneous delivery to i) Simultaneous delivery to all

multiple recipients. recipients.
ii) Low Network Impact. ii) Moderate Network Impact. ii) High Network Impact.
iii) Not Scalable for larger iii) Scalable for moderate - iii) Scalable for large groups.
groups. sized groups.
iv) Individual routing path. iv) Common routing path to iv) No routing, sent to all
multiple recipients. devices directly.
v) Requires individual v) No individual v) No individual

acknowledgement. acknowledgement. acknowledgement.
vi) Target is a single specific vi) Target is multiple vi) Target are all devices on
recipient. pre-selected recipients. the network.
Q. Explain functioning of Multicast Link State routing protocol.

Ans:
● Multicast Open Shortest Path First (MOSPF) is a routing protocol that enables efficient
multicasting within a network using the Open Shortest Path First (OSPF) protocol as its
foundation.
● Unlike traditional OSPF, which focuses on unicast routing, MOSPF is designed to handle
multicast traffic distribution.
● It achieves this by building a multicast distribution tree that connects all the routers
interested in a particular multicast group.
● When a router receives a multicast packet, it checks its MOSPF multicast routing table to
determine the outgoing interfaces and paths to forward the packet.
● The multicast routing table is constructed based on OSPF's link state database, which
contains information about network topology and connectivity.
● MOSPF constructs a shared multicast tree that allows routers to share information about
multicast group memberships.
● This tree is rooted at the source and extends to all routers interested in the multicast
group.
● MOSPF operates by extending OSPF's link state advertisements to include information
about multicast group memberships and the associated multicast distribution trees.
● When routers exchange link state advertisements, they also exchange information about
multicast group memberships and the paths to reach the root of the multicast distribution
tree.
● This enables routers to efficiently forward multicast traffic along the shortest paths,
minimizing duplication and reducing network traffic.
UNIT 4 - Transport Layer Protocols
Q. List Transport Layer Protocols.

Ans:
i) User Datagram Protocol (UDP)
ii) Transmission Control Protocol (TCP)
iii) Stream Control Transmission Protocol (SCTP)
Q. List UDP services and UDP applications.

Ans:
Services of UDP:
i) Process to Process
ii) Connectionless Services
iii) Flow Control
iv) Error Control
v) Congestion Control
vi) Encapsulation and Decapsulation
vii) Queuing
viii) Multiplexing and Demultiplexing
Applications of UDP:
1. VoIP (Voice over Internet Protocol)

2. RIP (Routing Information Protocol)
3. Video Streaming
4. Online Gaming
5. DNS (Domain Name System)
6. DHCP (Dynamic Host Configuration Protocol)
7. SNMP (Simple Network Management Protocol)
8. TFTP (Trivial File Transfer Protocol)
9. NTP (Network Time Protocol)
10. Wake-on-LAN (WoL)
Q. What is UDP ? Which services are provided by UDP ?

Ans: UDP stands for User Datagram Protocol. It is a transport layer protocol that is used to send
data over a network without establishing a dedicated connection between the sender and receiver.
UDP is a simple, lightweight protocol that provides low overhead and fast communication.
Services provided by the UDP:
i) Process to Process:
● UDP allows communication between processes running on different devices using port
numbers to identify the processes.
● It provides a way for applications to send and receive data without the need for a formal
connection setup.
ii) Connectionless Services:

● UDP is connectionless, meaning it does not establish a dedicated connection before
transmitting data.
● Each UDP datagram is treated independently, and there is no ongoing session tracking.
iii) Flow Control:

● UDP does not provide built-in flow control mechanisms.
● It's the responsibility of the application to manage the rate at which data is sent and
received to prevent overwhelming the receiving side.
iv) Error Control:

● Unlike TCP, UDP does not provide automatic error detection or correction.
● It doesn't acknowledge received data packets or request retransmission of lost packets.
● Any error detection and handling must be implemented by the application layer.
v) Congestion Control:
● UDP does not include mechanisms for managing network congestion.
● Applications using UDP must manage congestion at the application level to avoid
overloading the network.
vi) Encapsulation and Decapsulation:

● UDP encapsulates application data into UDP datagrams, which are then encapsulated
within IP packets for transmission.
● At the receiving end, the process is reversed: the IP layer extracts the UDP datagram, and
the UDP layer delivers the encapsulated data to the application.
vii) Queuing:
● UDP packets are placed in queues briefly before being transmitted, just like any other
data on a network.
● However, the handling of these queues and the priority given to UDP packets can vary
based on the network configuration and the specific application's requirements.
viii) Multiplexing and Demultiplexing:

● UDP uses port numbers for multiplexing and demultiplexing.
● Multiple applications can send and receive UDP datagrams using the same IP address by
specifying different port numbers.
● The combination of IP address and port number allows the receiving device to correctly
route the datagrams to the appropriate application.
Q. State different applications of UDP.
Ans:
Applications of UDP:
1. VoIP (Voice over Internet Protocol) : UDP provides low latency and fast transmission for real-time
voice communication over the internet.
2. Video Streaming: UDP allows for efficient transmission of large amounts of data with minimal delay,
making it ideal for streaming video content.
3. Online Gaming: UDP's low overhead and fast delivery make it useful in online games where speed and
responsiveness are critical.
4. DNS (Domain Name System): UDP is used to query domain name servers for IP addresses, providing
a quick response time for resolving domain names to their associated IPs.
5. SNMP (Simple Network Management Protocol): UDP is used by network devices to send and receive
management information between devices and management systems.
6. DHCP (Dynamic Host Configuration Protocol): UDP is used for client-server communication in the
process of assigning IP addresses to network devices automatically.
7. TFTP (Trivial File Transfer Protocol): A simple file transfer protocol that uses UDP for data transfer,
often used for transferring firmware to network devices.
8. NTP (Network Time Protocol): UDP is used to synchronize the time between network devices using
the Network Time Protocol.
9. Wake-on-LAN (WoL): UDP is used to send magic packets to wake up network devices remotely from
sleep or hibernation mode.
10. RIP (Routing Information Protocol): A routing protocol that uses UDP for routing updates between
routers on a network.
Q. The dump of a UDP header in hexadecimal format is as follows:
BC82000D002B001D
Obtain the following from it:
(i) Source port number
(ii) Destination port number
(iii) Total length
(iv) Length of the data
Ans:
The UDP header has four parts, each of two bytes.
That means we get the following interpretation of the header.
i) Source port number = BC8216 = 48258
Convert BC82 into decimal:
BC82 => (11 × 163) + (12 × 162) + (8 × 161) + (2 × 160)
=> 45056 + 3072 + 128 + 2
=> 48258
ii) Destination port number = 000D16= 13

Convert 000D into decimal:
000D => (0 × 163) + (0 × 162) + (0 × 161) + (13 × 160)
=> 0 + 0 + 0 + 13
=> 13
iii) Total length = 002B16 = 43 bytes

Convert 002B into decimal:
002B => (0 × 163) + (0 × 162) + (2 × 161) + (11 × 160)
=> 0 + 0 + 32 + 11
=> 43
iv) Since the header is 8 bytes the data length is 43 - 8 = 35 bytes.
Q. List two advantages of using UDP over TCP.

Ans:
Advantages of using UDP over TCP:
● UDP is a connectionless and unreliable transport layer protocol. i.e. It does not require
maintaining a connection.
● UDP is transaction oriented and suitable for simple query response protocols.
● UDP is faster since it does not require acknowledgement.
● Useful when time sensitivity is more important
Q. List two protocols of each for Connection-oriented service and Connection-less service.
Ans:
Connection-oriented service protocols:
1. TCP (Transmission Control Protocol)
2. X.25
Connection-less service protocols:

1. UDP (User Datagram Protocol)
2. IP (Internet Protocol)
3. ICMP (Internet Control Message Protocol)
Q. Draw and explain TCP segment structure.

Ans:
i) Source Port: (16 - Bits)

● Identifies the source application or process sending the TCP segment.
● It helps the receiving end to know where to deliver the data.
ii) Destination Port: (16 - Bits)

● Specifies the port at the destination where the segment is intended.
● This helps the receiving system deliver the data to the appropriate application or process.
iii) Sequence Number: (32 - Bits)

● Indicates the sequence number of the first data byte in this segment.
● It is used for ordering and reassembly of segments at the receiving end.
iv) Acknowledgement Number: (32 - Bits)

● If the ACK flag is set, this field contains the value of the next sequence number that the
sender of the segment is expecting to receive, acknowledging receipt of previous
segments.
v) Header Length: (4 - Bits)

● Specifies the length of the TCP header in 32-bit words.
● This field is crucial for locating the start of the data in the TCP segment.
vi) Reserved: (6 - Bits)

● Reserved for future use. It should be set to zero.
vii) Window Size: (16 - Bits)

● Indicates the size of the sender's receive window.
● It helps in flow control, allowing the sender to know how much data it can transmit
before receiving an acknowledgment.
viii) Checksum: (16 - Bits)

● Provides error-checking for the header and data.
● It ensures the integrity of the TCP segment during transmission.
ix) Urgent Pointer: (16 - Bits)

● If the URG flag is set, this field points to the sequence number of the last urgent data
byte.
● It is used when the Urgent flag is set to indicate the end of urgent data.
x) Options and Padding: (Variable)

● May include various TCP options (e.g., Maximum Segment Size) and padding to ensure
that the header length is a multiple of 32 bits.
● Options provide additional information or functionality beyond the basic header fields.
Q. List and explain services provided by TCP (Transmission Control Protocol).

Ans:
1. Process to Process Communication:
● TCP provides process to process communication, i.e. the transfer of data takes place
between individual processes executing on end systems. This is done using port numbers
or port addresses.
● Port numbers are 16 bit long that help identify which process is sending or receiving data
on a host.
2. Stream Oriented Service:

● TCP is a stream oriented protocol that means that the data is sent and received as a stream
of bytes, (unlike UDP or IP that divides the bits into datagrams or packets).
● However, the network layer that provides service for the TCP, sends packets of
information not streams of bytes.
● Hence,TCP groups a number of bytes together into a segment and adds a header to each
of these segments and then delivers these segments to the network layer.
● At the network layer, each of these segments are encapsulated in an IP packet for
transmission. The TCP header has information that is required for control purposes.
● It may not be possible for the sending and receiving process to produce and obtain data at
same speed, therefore, TCP needs buffers for storage at sending and receiving ends.
3. Full Duplex Communication Service:

● This means that the communication can take place in both directions at the same time.
4. Connection Oriented Service:

● Unlike UDP, TCP provides connection oriented service. It defines following three
different phases:
○ Connection establishment.
○ Data transfer.
○ Connection termination.
(Note: This is a logical connection, not physical)
5. Reliability Service:
● TCP is reliable as it uses checksum for error detection, attempts to recover lost or
corrupted packets by re-transmission, acknowledgement policy and timers.
● It uses features like byte number and sequence number and acknowledgement number so
as to ensure reliability. Also, it uses congestion control mechanisms.
6. Multiplexing and Demultiplexing Service:

● TCP does multiplexing and demultiplexing at the sender and receiver ends respectively as
a number of logical connections can be established between port numbers over a physical
connection.
Q. State any four features of TCP.
Ans:
1. Connection-oriented: TCP is a connection-oriented protocol, which means that it establishes a reliable
connection between two endpoints before data transfer begins.
2. Reliable: TCP offers reliable delivery of data by providing error detection and correction mechanisms,
acknowledgment of received data, and retransmission of lost or corrupted packets.
3. Flow control: TCP uses flow control to manage the rate at which data is transmitted between
endpoints. This ensures that the receiver can handle the amount of data being sent.
4. Congestion control: TCP employs congestion control to prevent network congestion by slowing down
the rate of data transmission when the network becomes congested.
5. Full-duplex operation: TCP supports full-duplex operation, which means that data can be transmitted
in both directions simultaneously.
6. Windowing: TCP uses windowing to optimize data transmission by allowing multiple packets to be
sent without waiting for an acknowledgment for each packet.
7. Segmentation: TCP breaks up data into segments that can be transmitted across the network more
efficiently.
8. Three-way handshake: TCP uses a three-way handshake to establish a connection between two
endpoints. This involves a SYN message from the initiating endpoint, a SYN-ACK message from the
receiving endpoint, and an ACK message from the initiating endpoint.
9. Port numbers: TCP uses port numbers to identify the application that is sending or receiving data.
10. Multiplexing: TCP supports multiplexing, which allows multiple applications to use the same TCP
connection by using different port numbers.
Q. Explain the TCP connection establishment using a three way handshake mechanism.
Ans:
Connection Establishment:
● TCP uses a Three way handshaking mechanism to establish a connection between client
and server machines.
● The three steps in the three way handshaking mechanism are as follows.
○ SYN:
■ The client sends the first segment, a SYN segment, in which only the SYN
flag is set. This segment is for synchronization of sequence numbers.
○ SYN + ACK
■ The server sends the second segment, a SYN +ACK segment, with 2 flag
bits set.
○ ACK
■ The client sends the third segment. This is just an ACK segment. It
guarantees the completion of three way handshaking.
Q. Explain how TCP connections are established using the 3 way handshake. What
happens when 2 hosts simultaneously try to establish a connection?
Ans:
Connection Establishment:
● TCP uses a Three way handshaking mechanism to establish a connection between client
and server machines.
● The three steps in the three way handshaking mechanism are as follows.
○ SYN:
■ The client sends the first segment, a SYN segment, in which only the SYN
flag is set. This segment is for synchronization of sequence numbers.
○ SYN + ACK
■ The server sends the second segment, a SYN +ACK segment, with 2 flag
bits set.
○ ACK
■ The client sends the third segment. This is just an ACK segment. It
guarantees the completion of three way handshaking.
Simultaneous Close:
● It's permitted in TCP for both sides to do "active close", which is called "Simultaneous
Close". During "Simultaneous Close", 4 packets are exchanged, the same as in normal
situations.
● In this situation, both ends issue an active close.
● Both TCPs go to the FIN-WAIT-1 state and send FIN segments that are in transit
simultaneously.
● After receiving the FIN segment, each end goes to the CLOSING state and sends an ACK
segment.
● The CLOSING state takes the place of FIN-WAIT-2 or CLOSE-WAIT in a common
scenario.
Q. Draw and explain TCP State transition diagram.

Ans:
To keep track of all the different events happening during connection establishment, connection
termination, and data transfer, TCP is specified as the Finite State Machine – FSM
TCP State Machine:

● TCP uses a three way handshake to close connection
● Singled by the FIN bit in the packet header
The figure shows the two FSMs used by the TCP client and server combined in one diagram:
● Oval/Rectangle represent states.
● Transition from one state to another is shown using directed lines.
● Each line has two strings separated by a slash.
● The first string is the input, which TCP receives.
● The second is the output, which TCP sends.
● The dotted black lines in the figure represent the transition that a server normally goes through;
● The solid black lines show the transitions that a client normally goes through.
● Sometimes in some situations, a server transitions through a solid line or a client transitions
through a dotted line.
State Description
CLOSED No connection exists
LISTEN Passive open received; waiting for SYN
SYN-SENT SYN sent; waiting for ACK

SYN-RCVD SYN+ACK sent; waiting for ACK
ESTABLISHED Connection established; data transfer in progress
FIN-WAIT-1 First FIN sent; waiting for ACK
FIN-WAIT-2 ACK to rst FIN received; waiting for second FIN
CLOSE-WAIT First FIN received, ACK sent; waiting for application to close
TIME-WAIT Second FIN received, ACK sent; waiting for 2MSL time-out.
LAST-ACK Second FIN sent; waiting for ACK
CLOSING Both sides decided to close simultaneously
Q. Explain TCP connection management with the help of TCP connection management
finite state machine.
Ans:
To keep track of all the different events happening during connection establishment, connection
termination, and data transfer, TCP is specified as the Finite State Machine – FSM
TCP State Machine:

● TCP uses a three way handshake to close connection
● Singled by the FIN bit in the packet header
The figure shows the two FSMs used by the TCP client and server combined in one diagram:
● Oval/Rectangle represent states.
● Transition from one state to another is shown using directed lines.
● Each line has two strings separated by a slash.
● The first string is the input, which TCP receives.
● The second is the output, which TCP sends.
● The dotted black lines in the figure represent the transition that a server normally goes through;
● The solid black lines show the transitions that a client normally goes through.
● Sometimes in some situations, a server transitions through a solid line or a client transitions
through a dotted line.
State Description
CLOSED No connection exists
LISTEN Passive open received; waiting for SYN
SYN-SENT SYN sent; waiting for ACK
SYN-RCVD SYN+ACK sent; waiting for ACK
ESTABLISHED Connection established; data transfer in progress
FIN-WAIT-1 First FIN sent; waiting for ACK
FIN-WAIT-2 ACK to rst FIN received; waiting for second FIN
CLOSE-WAIT First FIN received, ACK sent; waiting for application to close
TIME-WAIT Second FIN received, ACK sent; waiting for 2MSL time-out.
LAST-ACK Second FIN sent; waiting for ACK
CLOSING Both sides decided to close simultaneously
Q. Explain TCP with respect to flow control and error control.

Ans:
Flow Control in TCP:
● Flow control basically means that TCP will ensure that a sender is not overwhelming a
receiver by sending packets faster than it can consume.
● The idea is that a node receiving data will send some kind of feedback to the node
sending the data to let it know about its current condition.
● When we need to send data over a network, the sender application writes data to a socket,
the transport layer (in our case,TCP) will wrap this data in a segment and hand it to the
network layer(e.g. IP), that will somehow route this packet to the receiving node,
● On the other side of this.communication, the network layer will deliver this piece of data
to TCP, thal will make it available to the receiver application as an exact copy of the data
sent, meaning it will not deliver packets out of order, and will wait for a retransmission in
case it notices a gap in the byte stream.
● TCP stores the data it needs to send in the send buffer, and the data it receives in the
receive buffer. When the application is ready, it will then read data from the receive
buffer.
● Flow control is all about making sure we don't send more packets when the receive buffer
is already full, as the receiver wouldn't be able to handle them and would need to drop
these packets.
Error Control in TCP:

● TCP protocol has methods for finding corrupted segments, missing segments,
out-of-order segments and duplicated segments. Error control in TCP is mainly done
through use of three simple techniques:
1. Checksum: Every segment contains a checksum field which is used to find corrupted
segment.If the segment is corrupted, then that segment is discarded by the destination
TCP and is considered as lost.
2. Acknowledgement:
● TCP has another mechanism called acknowledgement to affirm that the data
segments have been delivered.
● Control segments that contain no data but have sequence numbers will be
acknowledged as well but ACK segments are not acknowledged.
3. Retransmission:
● When a segment is missing, delayed to deliver to the receiver, corrupted when it
is checked by the receiver then that segment is retransmitted again.
● Segments are retransmitted only during two events (when the sender receives
three duplicate acknowledgements (ACK) or when a retransmission timer
expires).
Q. Difference between TCP and UDP.

Ans:
Characteristics TCP UDP
Connection Connection Oriented Protocol Connectionless Protocol
Header Size 20 Bytes 8 Bytes
Acknowledgement TCP acknowledges the data UDP has no acknowledgment

reception. section.
Data Transmission It guarantees that the order of the No guarantee of the data
Order data at the receiving end is the transmission order.
same as the sending end.
Reliability It provides reliable delivery of It provides unreliable delivery of

messages. messages.
Flow Controlling It has flow control. It doesn't have flow control.
Error Handling It checks for errors and reporting. It does error checking but no
reporting.
Speed High Very High
Overhead Low Very Low
Application FTP, Telnet, SMTP, DNS, BOOTP, DHCP,

DNS, HTTP, POP TFTP, RIP
Q. State the use of 6 flags in TCP header.

Ans: There are 6, 1-bit control bits that control connection establishment, termination, abortion,
flow control etc..
URG ACK PSH RST SYN FIN
1) URG: Urgent pointer

● If this bit field is set the receiving TCP should interpret the urgent pointer field.
2) ACK: Acknowledgement
● If this bit field is set the ACK field described earlier is valid.
3) PSH: Push function

● Request for push
4) RST: Reset the connection

● If this bit is present it signals the receiver that sender is aborting the connection i.e. Reset
the connection.
5) SYN: Synchronize
● When this bit field in present then the sender is attempting to 'synchronize' sequence
numbers
6) FIN: No more data from sender

● If this bit is set then it terminates the connection.
Q. List and explain different timers used in TCP.

Ans:
i) Retransmission Timeout Timers
ii) Persistent Timers
iii) Keepalive Timers
iv) Time-wait Timers
Here are different timers used in TCP:
1. Retransmission Timeout (RTO):

● RTO determines the time interval between the transmission of a data segment and the
expected acknowledgment.
● If an acknowledgment is not received within this time, the sender assumes that the
segment was lost or corrupted and retransmits it.
2. Persistent Timer:
● Used in the context of flow control, this timer is associated with the sending of window
probes to check if a receiver's window is open.
● If the sender doesn't receive an acknowledgment within the persistent timer duration, it
assumes the receiver's window is closed and sends a probe.
3. Keepalive Timer:
● Keepalive timers are used to periodically check if a connection is still active, particularly
in idle connections.
● If no data or acknowledgment is received within the keepalive timer interval, the
connection may be considered as timed out and closed.
4. Time-Wait Timer:
● This timer is associated with the TIME_WAIT state of a connection. After a connection is
closed, the Time-Wait timer ensures that any delayed segments lingering in the network
are discarded before the connection is fully closed.
● It prevents new connections from using the same connection identifiers.
Q. Describe the packet format of SCTP with a neat sketch.

Ans:
Source Port (16-bit): This field represents the port number of the sender. It is a 16-bit field that
identifies the source of the SCTP packet.
Destination Port (16-bit): This field indicates the port number of the intended recipient. Like
the source port, it's a 16-bit field used to identify the destination for the SCTP packet.
Verification Tag (32-bit): The verification tag is a 32-bit field used for endpoint verification
during the initiation of an SCTP association. It helps ensure that the received packet belongs to a
specific association.
Checksum (32-bit): This 32-bit field is used for error-checking purposes. It contains a checksum
value calculated over the entire SCTP packet, including the SCTP header and any included data.
It helps ensure the integrity of the packet during transmission.
Type: This field specifies the type of control chunk being used. Control chunks are used for
various purposes in SCTP, such as association setup, teardown, and error handling. The type field
indicates which specific control function is being performed.
Flags: Flags in the control chunk header provide additional control information. The meaning of
these flags can vary depending on the specific type of control chunk.
Length: The length field indicates the size of the control chunk, including both the header and
the data portion. It is typically a 16-bit field that helps the receiver correctly parse the chunk.
Control Data: This field contains data specific to the control chunk type. The content and
structure of the control data depend on the purpose of the control chunk. For example, during
association setup, it might contain parameters needed to establish the association.
Q. Describe the fields of SCTP packet format. Explain SCTP association established.
Ans:
Source Port (16-bit): This field represents the port number of the sender. It is a 16-bit field that
identifies the source of the SCTP packet.
Destination Port (16-bit): This field indicates the port number of the intended recipient. Like
the source port, it's a 16-bit field used to identify the destination for the SCTP packet.
Verification Tag (32-bit): The verification tag is a 32-bit field used for endpoint verification
during the initiation of an SCTP association. It helps ensure that the received packet belongs to a
specific association.
Checksum (32-bit): This 32-bit field is used for error-checking purposes. It contains a checksum
value calculated over the entire SCTP packet, including the SCTP header and any included data.
It helps ensure the integrity of the packet during transmission.
SCTP Association Establishment:
The steps, in a normal situation are as follows:
1. The client sends the first packet, which contains an INIT chunk.
2. The server sends the second packet, which contains an INIT ACK chunk.
3. The client sends the third packet, which includes a COOKIE ECHO chunk. This is a very
simple chunk that echoes, without change, the cookie sent by the server. SCTP allows the
inclusion of data chunks in this packet.
4. The server sends the fourth packet, which includes the COOKIE ACK chunk that
acknowledges the receipt of the COOKIE ECHO chunk. SCTP allows the inclusion of
data chunks with this packet.
Q. Describe flow control under SCTP.

Ans:
Receiver Site:
● The receiver has one buffer (queue) and three variables.

● The queue holds the received data chunks that have not yet been read by the process.
● The first variable holds the last TSN received, cumTSN.
● The second variable holds the available buffer size; winsize.
● The third variable holds the last accumulative acknowledgment, lastACK.
● The following figure shows the queue and variables at the receiver site.
1. When the site receives a data chunk, it stores it at the end of the buffer (queue) and
subtracts the size of the chunk from winSize. The TSN number of the chunk is stored in
the cumTSN variable.
2. When the process reads a chunk, it removes it from the queue and adds the size of the
removed chunk to winSize (recycling).
3. When the receiver decides to send a SACK, it checks the value of lastAck; if it is less
than cumTSN, it sends a SACK with a cumulative TSN number equal to the cumTSN. It
also includes the value of winSize as the advertised window size.
Sender Site:
The sender has one buffer (queue) and three variables: curTSN, rwnd, and inTransit, as shown in
the following figure. We assume each chunk is 100 bytes long.
● The buffer holds the chunks produced by the process that either have been sent or are
ready to be sent.
● The first variable, curTSN, refers to the next chunk to be sent.
● All chunks in the queue with a TSN less than this value have been sent, but not
acknowledged; they are outstanding.
● The second variable, rwnd, holds the last value advertised by the receiver (in bytes).
● The third variable, inTransit, holds the number of bytes in transit, bytes sent but not yet
acknowledged.
● The following is the procedure used by the sender.
1. A chunk pointed to by curTSN can be sent if the size of the data is less than or equal to
the quantity rwnd - inTransit. After sending the chunk, the value of curTSN is
incremented by 1 and now points to the next chunk to be sent. The value of inTransit is
incremented by the size of the data in the transmitted chunk.
2. When a SACK is received, the chunks with a TSN less than or equal to the cumulative
TSN in the SACK are removed from the queue and discarded. The sender does not have
to worry about them anymore. The value of inTransit is reduced by the total size of the
discarded chunks. The value of rwnd is updated with the value of the advertised window
in the SACK.
Q. Differentiate between TCP, UDP and SCTP on the basis of reliability, connection
management, transmission of message, flow control, security and data delivery.
Ans:
Parameter TCP UDP SCTP
Reliability Reliable Unreliable Reliable
Connection Connection Oriented Connectionless Connection Oriented

Management
Transmission Stream Oriented Datagram Oriented Message Oriented

of Message
Flow Control Supported Not supported Supported
Security Encryption & No Encryption & Encryption &

Authentication are Authentication Authentication are
available available
Data Delivery Guaranteed Delivery No guaranteed delivery Partially Reliable
UNIT 5 - Application Layer Protocols
Q. Explain working of WWW.

Ans:
● The WWW today is a distributed client-server service, in which a client using a browser
can access a service using a server.
● However, the service provided is distributed over many locations called sites.
● Each site holds one or more documents, referred to as Web pages.
● Each Web page, however, can contain some links to other Web pages in the same or other
sites.
● In other words, a Web page can be simple or composite.
● A simple Web page has no link to other Web pages; a composite Web page has one or
more links to other Web pages.
● Each Web page is a file with a name and address.
Q. Explain static and dynamic web documents in details.

Ans:
Static Web Document:
● A static web page is a web page that is delivered to the user exactly as stored.
● Static documents are fixed-content documents that are created and stored in a server.
● The client can get a copy of the document only.
● User cannot do any modification or interact with the information on static web page.
● Static documents are. prepared using one of the several languages such as HyperText
Markup Language (HTML), Extensible Markup Language (XML), Extensible Style
Language (XSL), and Extended Hypertext Markup Language (XHTML).
Dynamic Web Document:
● A dynamic web page is a web page with web content that varies based on parameters
provided by a user or a computer program.
● A dynamic document is created by a web server whenever a browser requests the
document.
● When a request arrives, the Web server runs an application program or a script that
creates the dynamic document.
● The server returns the output of the program or script as a response to the browser that
requested the document.
● In dynamic web pages, possible to change a portion / content of a web page without
loading the entire web page.
Q. Construct a diagram to show the application of cookies in a scenario in which the server
uses cookies for advertisement.
Ans:
Use of Cookies for advertisements:
● A cookie is also used by advertising agencies.
● An advertising agency can place banner ads on some main website that is often visited by users.
● The advertising agency supplies only a URL that gives the banner address instead of the banner
itself.
● When a user visits the main website and clicks on the icon of an advertised corporation, a request
is sent to the advertising agency.
● The advertising agency sends the banner, a GIF file, for example, but it also includes a cookie
with the ill of the user.
● Any future use of the banners adds to the database that profiles the Web behavior of the user.
● The advertising agency has compiled the interests of the user and can sell this information to
other parties.
● This use of cookies has made them very controversial.
● Hopefully, some new regulations will be devised to preserve the privacy of users.
Q. Distinguish between SMTP and POP3 protocol

Ans:
SMPT POP3
Stands for Simple Mail Transfer Stands for Post Office Protocol
Protocol version 3
Used to send outgoing mail from an Used to retrieve incoming mail from
email client to the mail server the mail server to an email client
Operates on port 25 Operates on port 110
Supports only one-way communication Supports two-way communication
Does not allow users to manage their Allows users to manage their inbox
inbox by creating folders or labels by creating folders or labels
Q. Explain about standard and non standard protocols at the application layer.
Ans:
HTTP:
● The Hypertext Transfer Protocol (HTTP) is a Application layer protocol used mainly to
access data on the World Wide Web.
● HTTP uses the services of TCP on well-known port 80.
FTP:
● FTP (File Transfer Protocol) is standard TCP/IP protocol to transfer files.
● It uses the services of TCP. It needs two TCP connections.
● The well-known port 21 is used for the control connection and the well-known port 20
for the data connection.
SMTP:
● It stands for Simple Mail Transfer Protocol. It is a part of the TCP/IP standard protocol.
● Using a process called “store and forward”, SMTP moves your email on and across
networks.
● It works closely with something called the Mail Transfer Agent (MTA) to send your
communication to the right computer and email inbox.
● Port number for SMTP is 25.
TELNET:
● TELNET is an abbreviation for TErminaLNETwork. It is the standard TCP/IP protocol
for virtual terminal service.
● TELNET enables the establishment of a connection to a remote system in such a way that
the local terminal appears to be a terminal at the remote system.
● There are two parties involved: TELNET Client and TELNET server.
DNS:
● It stands for Domain Name Service. Every time you use a domain name, therefore, a
DNS service must translate the name into the corresponding IP address.
● Ex: the domain name www.abc.com might translate to 198.105.232.4.
● Port number for DNS is 53.
DHCP:
● It stands for Dynamic Host Configuration Protocol (DHCP). It gives IP addresses to
hosts.
● There is a lot of information a DHCP server can provide to a host when the host is
registering for an IP address with the DHCP server.
● Port number for DHCP is 67, 68.
POP3:
● Post Office Protocol, version 3 (POP3) is simple and limited in functionality.
● POP works as a Message Access Agent.
● The client POP3 software is installed on the recipient computer; the server POP3
software is installed on the mail server.
● Mail access starts with the client when the user needs to download email from the
mailbox on the mail server.
Q. Describe the HTTP response message format.

Ans:
Status Line
Headers
A Blank Line
Body (present only in some

messages)
RESPONSE MESSAGE
Status Line:
● Status line shows status for the response it indicates response status using a code as well
as a status phrase.
● The status-Line begins with a protocol version, then status code and status phrase.
● Ex: HTTP/1.1 200 OK
Headers:
● Three types of headers are present HTTP Response message which are as follows.
● General Header
○ The general header gives general information about the message and can be
present in both a request and a response.
○ Ex: Date: Mon, 27 Jul 2009 12:28:53 GMT
● Response Header
○ The response header can be present only in a response message. It specifies the
server's configuration and special information about the request.
○ Ex: Server: Apache/2.2.14 (Win32)
● Entity Header
○ The entity header gives information about the body of the document.
○ Ex: Content-Length: 88
○ Ex: Content-Type: text/html
Blank Line:
● An empty line (i.e., a line with nothing preceding the CRLF) indicating the end of the
header fields.
Body:
● It contains actual content. This part is optional.
Q. State the transmission modes of FTP.

Ans:
Transmission modes of FTP:
1. Stream mode
2. Block mode
3. Compressed mode
Q. Difference between FTP and TFTP protocols.

Ans:
Parameter FTP TFTP
Default ports Port 21 Port 69
Connection Connection Oriented Connectionless
Authentication Supports authentication Doesn't support

Authentication
Protocol Uses TCP Uses UDP
Encryption Supports Encryption Doesn't Support Encryption
Transfer Speed Slower Faster
Complexity More Complex Less Complex
File Size Limit No limitation Upto 32 MB
Q. Describe E-mail security over a non-secure channel.

Ans:
● Email security describes different techniques for keeping sensitive information in email
communication and accounts secure against unauthorized access, loss or compromise.
● Email is often used to spread malware, spam and phishing attacks. Attackers use
deceptive messages to entice recipients to part with sensitive information, open
attachments or click on hyperlinks that install malware on the victim's device.
● Email encryption involves encrypting, or disguising, the content of email messages to

protect potentially sensitive information from being read by anyone other than intended
recipients. Email encryption often includes authentication.
● Email allows attackers to use it as a way to cause problems in an attempt to profit.

Whether through spam campaigns, malware and phishing attacks, sophisticated targeted
attacks, or business email compromise (BEC), attackers try to take advantage of the lack
of security of email to carry out their actions.
● Since most organizations rely on email to do business, attackers exploit email in an

attempt to steal sensitive information.
● Because email is an open format, it can be viewed by anyone who can intercept it. It can
be easily read and the contents of an email by intercepting it.
● Email Security Policies can be established by viewing the contents of emails flowing
through their email servers. It's important to understand what is in the entire email in
order to act appropriately. After these baseline policies are put into effect, an organization
can enact various security policies on those emails.
● These email security policies can be as simple as removing all executable content from
emails to more in-depth actions, like sending suspicious content to a sandboxing tool for
detailed analysis.
● If security incidents are detected by these policies, the organization needs to have
actionable intelligence about the scope of the attack.
● Enforce email encryption policies to prevent sensitive email information from falling into
the wrong hands.
● An email gateway scans and processes all incoming and outgoing email and makes sure
that threats are not allowed in. Because attacks are increasingly sophisticated, standard
security measures, such as blocking known bad file attachments, are no longer effective.
● Deploy a secure email gateway that uses a multi-layered approach.
● It's also important to deploy an automated email encryption solution as a best practice.
This solution should be able to analyze all outbound email traffic to determine whether
the material is sensitive.
● If the content is sensitive, it needs to be encrypted before it is emailed to the intended

recipient. This will prevent attackers from viewing emails, even if they were to intercept
them.
● The Pretty Good Privacy (PGP) provides e-mail with privacy, integrity, and
authentication that can be used over non secure channels such as the internet. It is used
for signing, encrypting and decrypting texts, e-mails, files, directories and whole disk
partitions and to increase the security of e-mail communications.
● Another security service designed for electronic mail is Secure/Multipurpose Internet

Mail Extension (S/MIME). The protocol is an enhancement of the Multipurpose Internet
Mail Extension (MIME) protocol. This allows user to digitally sign the email to enhance
privacy and data security.
Q. Describe the Architecture of E-mail system using four scenarios.

Ans:
First Scenario: When the sender and the receiver of an e-mail are on the same system, we need
only two user agents.
Second Scenario: When the sender and the receiver of an e-mail are on different systems, we
need two UAs and a pair of MTAs (client and server).
Third Scenario: When the sender is connected to the mail server via a LAN or a WAN, we need
two UAs and two pairs of MTAs (client and server).
Fourth Scenario: When both sender and receiver are connected to the mail server via a LAN or
a WAN, we need two UAs, two pairs of MTAs and a pair of MAAs.
Q. Describe SMTP with a suitable diagram.
Ans: SMTP:
● It stands for Simple Mail Transfer Protocol. It is a part of the TCP/IP standard protocol.
● Using a process called “store and forward”, SMTP moves your email on and across networks.
● It works closely with something called the Mail Transfer Agent (MTA) to send your
communication to the right computer and email inbox.
● Port number for SMTP is 25.
Q. State the need for a domain name system.

Ans: Need of domain name system:
● Since IP addresses are difficult to remember and names are easier to remember Domain
Name System is used and DNS servers are used for converting these names into IP
addresses.
● Large numbers of hosts and servers connected to the internet can be classified using the
Domain name system so that a hierarchical naming system is implemented.
● To identify an entity, TCP/IP protocols use the IP address. An IP uniquely identifies the
connection of a host to the internet. Use for mapping can map a name to an address or an
address to a name.
Q. Explain the process of resolving the given host name into IP address using DNS.
Ans: Recursive Resolution:
● The client (resolver) can ask for a recursive answer from a name server.
● This means that the resolver expects the server to supply the final answer.
● If the server is the authority for the domain name, it checks its database and responds.
● If the server is not the authority, it sends the request to another server (the parent usually)
and waits for the response.
● If the parent is the authority, it responds; otherwise, it sends the query to yet another
server.
● When the query is finally resolved, the response travels back until it finally reaches the
requesting client.
Iterative Resolution:
● If the client does not ask for a recursive answer, the mapping can be done iteratively.
● If the server is an authority for the name, it sends the answer.
● If it is not, it returns (to the client) the IP address of the server that it thinks can resolve
the query.
● The client is responsible for repeating the query to this second server.
● If the newly addressed server can resolve the problem, it answers the query with the IP
address; otherwise, it returns the IP address of a new server to the client.
● Now the client must repeat the query to the third server.
● This process is called iterative because the client repeats the same query to multiple
servers.
● In Figure the client queries five servers before it gets an answer from the mcgraw.com
server.
Q. Define & List different types of MIME

Ans: MIME stands for Multipurpose Internet Mail Extensions, and it is a standard for identifying
files on the internet with a two-part identifier. Here are some common MIME types and their
definitions:
Type Subtype Description
Text Plain Unformatted
HTML HTML format
Image JPEG Image is in JPEG format
GIF Image is in GIF format
Video MPEG Video is in MPEG format
Audio Basic Single Channel encoding of voice at 8 kHz
Applicatio PostScript Adobe PostScript

n
Octet-Stream General binary data (8-bit bytes)

Message RFC822 Body is an encapsulated message
Partial Body is a fragment of a bigger message
External - Body Body is a reference to another message
Q. Describe DHCP with its operation & static and dynamic allocation.
Ans:
● Dynamic Host Configuration Protocol (DHCP) is a network protocol used to
automatically assign IP addresses and other network configuration parameters to devices
within a network.
● Its primary goal is to simplify the process of network configuration by centrally
managing and distributing IP addresses, subnet masks, default gateways, DNS servers,
and other related settings.
Here's how the process works:
1. DHCP Discover: When a device joins a network and needs an IP address, it sends out a
DHCP Discover packet as a broadcast request. This packet essentially says, "Is there a
DHCP server here that can provide me with an IP address?"
2. DHCP Offer: Upon receiving the DHCP Discover packet, one or more DHCP servers on
the network respond with a DHCP Offer. This offer includes an available IP address
along with other configuration information. The DHCP server reserves the offered IP
address for the requesting device for a certain period of time.
3. DHCP Request: The client, having received one or more DHCP Offers, selects one and
sends a DHCP Request packet to the chosen DHCP server. This packet indicates the
client's acceptance of the offered IP address and configuration settings.
4. DHCP Acknowledgment: The DHCP server responds with a DHCP Acknowledgment
packet, confirming the IP address assignment and providing the client with the
agreed-upon configuration settings. The client then configures its network settings
according to the received information.
Static allocation and dynamic allocation are two methods of IP address assignment within the
DHCP framework:
Static Allocation: The DHCP server allocates an IP address based on a table with MAC address /
IP address pairs, which are manually filled Only requesting clients with a MAC address listed in
this table will be allocated an IP address
Dynamic Allocation: A network administrator assigns a range of IP addresses to DHCP, and

each client computer on the LAN is configured to request an IP address from the DHCP server
during network initialization.
Q. State the use of Telnet.

Ans: Some common uses of Telnet include:
● Remote administration: Telnet can be used by system administrators to remotely manage

servers, routers, switches, and other network devices. By establishing a Telnet session to
a remote device, an administrator can configure settings, monitor performance, and
troubleshoot issues without having to physically be at the device's location.
● Command-line interface: Telnet provides a command-line interface that allows users to

execute commands on a remote computer or device. This makes it possible for users to
run applications and interact with the operating system of a remote device as if they were
using it directly.
● Network troubleshooting: Telnet can be used to troubleshoot network connectivity issues

by testing the ability to connect to a remote host or port. By establishing a Telnet session
to a specific IP address and port number, users can determine whether or not a service or
device is available on the network.
● Remote access: Telnet can provide remote access to various types of systems and
services such as email, file transfer, and database management systems.
Q. Explain the working of TELNET.

Ans: TELNET: TELNET is an abbreviation for TErminaLNETwork. It is the standard TCP/IP
protocol for virtual terminal service.
TELNET Working:
Fig. Working of TELNET
● TELNET is a client-server application that allows a user to log on to a remote machine,

giving the user access to the remote system.
● The user sends the keystrokes to the terminal driver, where the local operating system
accepts the characters but does not interpret them.
● A terminal driver correctly interprets the keystrokes on the local terminal or terminal
emulator.
● The characters are sent to the TELNET client, which transforms the characters to a
universal character set called network virtual terminal (NVT) characters and delivers
them to the local TCP/IP protocol stack.
● The commands or text, in NVT form, travel through the Internet and arrive at the TCP/IP
stack at the remote machine.
● Here the characters are delivered to the operating system and passed to the TELNET
server, which changes the characters to the corresponding characters understandable by
the remote computer.
● However, the characters cannot be passed directly to the operating system because the
remote operating system is not designed to receive characters from a TELNET server: It
is designed to receive characters from a terminal driver.
● A piece of software called a pseudo terminal driver is added which pretends that the
characters are coming from a terminal.
● The operating system then passes the characters to the appropriate application program.
Q. Describe the frame format of SSH (Secure Socket Shell).

Ans:
● Length: This 4 byte field defines the length of the packet including the type, the data, and the
CRC field, but not the padding and the length field.
● Padding: 1 to 8 bytes of padding is added to the packet to make the attack on the security
provision more difficult.
● Type: This 1 byte field defines the type of the packet used by SSH protocols.
● Data: This field is of variable length. The length of the data can be found by deducting the five
bytes from the value of the length field.
● CRC: The cyclic redundancy check filed is used for error detection.
Q. Explain the working of SSH.

Ans:
Working of SSH (Secure Shell):
SSH uses client-server architecture in its implementation. An SSH server can be deployed and allow
several SSH clients to connect to it.
The architecture of SSH is shown in Fig. and the SSH process is as follows:
● The SSH client on the left provides authentication to the SSH server on the right. In the initial
connection, the client receives a host key of the server.
● Therefore, in all subsequent connections, the client will know it is connecting to the same SSH
server.
● This places less emphasis on the IP address of the SSH server, which can be easily spoofed, and
more emphasis on the host key of the server, which cannot be spoofed very easily.
● The SSH server determines if the client is authorized to connect to the SSH service by verifying
the username / password or public key that the client has presented for authentication.
● This process is completely encrypted.
● If the SSH server authenticates the client and the client is authorized, the SSH session begins
between the two entities.
● All communication is completely encrypted.
THE END

Acn Imp Q&a

Uploaded by

Copyright:

Available Formats

Acn Imp Q&a

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Acn Imp Q&a

Uploaded by

Copyright:

Available Formats

UNIT 1 - Network Layers of Protocols

Q. Describe different classes of IPv4 addresses.

Class Address Range Start address End address

IP Class A 1 to 126 1.0.0.0 126.255.255.255

IP Class B 128 to 191 128.0.0.0 191.255.255.255

IP Class C 192 to 223 192.0.0.0 223.255.255.255

IP Class D 224 to 239 224.0.0.0 239.255.255.255

IP Class E 240 to 254 240.0.0.0 255.255.255.255

Q. Explain classful addressing mechanism of IPv4.

Class Address Range Start address End address

IP Class A 1 to 126 1.0.0.0 126.255.255.255

IP Class B 128 to 191 128.0.0.0 191.255.255.255

IP Class C 192 to 223 192.0.0.0 223.255.255.255

IP Class D 224 to 239 224.0.0.0 239.255.255.255

IP Class E 240 to 254 240.0.0.0 255.255.255.255

Q. Explain Network address translation.

● NAT addresses two key challenges.

Q. Draw and labeled sketch of IPv4 Packet Format.

Q. Find out the error, if any in the following IPv4 addresses:

Q. State the concept of fragmentation in IPv4.

Q. Draw and label sketch of ICMPv4 packet format.

Q. Explain ICMP protocol. Describe the header format of ICMP.

Q. List types of ICMPv4 messages.

Q. What is Mobile IP ? List and explain components of Mobile IP.

Q. For the IP addresses given below:

(ii) 12.12.12.12 belongs to Class A

(iii) 192.0.233.26 belongs to Class C

(iv) 126.123.16.87 belongs to Class A

For Class A, the network address section is the first octet.

Using this information:

(i) In 122.34.45.133, the network address section is 122

(ii) In 12.12.12.12, the network address section is 14

(iii) In 192.0.233.26, the network address section is 192.0.233

(iv) In 126.123.16.87, the network address section is 126

Using this information:

(i) The host address section in 122.34.45.133 is 34.45.133

(ii) The host address section in 12.12.12.12 is 12.12.12

(iii) The host address section in 192.0.233.26 is 26

(iv) The host address section in 126.123.16.87 is 123.16.87

Number of host that can be assigned:

Q. For the IP address given below :

(ii) 14.142.20.20 belongs to Class A

(iii) 191.0.200.45 belongs to Class B

(iv) 129.16.123.85 belongs to Class B

For Class A, the network address section is the first octet.

Using this information:

(i) In 132.34.45.133, the network address section is 132.34

(ii) In 14.142.20.20, the network address section is 14

(iii) In 191.0.200.45, the network address section is 191.0

(iv) In 129.16.123.85, the network address section is 129.16

Using this information:

(i) The host address section in 132.34.45.133 is 45.133.

(ii) The host address section in 14.142.20.20 is 142.20.20.

(iii) The host address section in 191.0.200.45 is 0.45.

(iv) The host address section in 129.16.123.85 is 123.85.

Destination Address = 200.45.34.56

Subnet Mask = 255.255.240.0

Convert the result into decimal,

Therefore, subnet address is 200.45.32.0