Exam Telematics - Solutions PDF 2023/24

Summary

This is a past paper from Freie Universität Berlin, covering topics in networking, including DNS, congestion control, flow control, and routing. The exam took place in February 2024.

Full Transcript

Freie Universität Berlin
Computer Science
Computer Systems & Telematics
Prof. Dr.-Ing. Jochen H. Schiller

Exam Telematics - Solutions
Winter Term 2023/24, February 12th, 2024
The solutions given here are examples, not at all complete, but sufficient to get
full points! The correct keywords plus clear, coherent argumentation is required.
Not acceptable is a larger choice of right and wrong answers, inconsistent
arguments etc. Sure, there may be more correct answers…

Question 1: DNS (16 points)
a) [3 Points] How and where can DNS be attacked? (Give 3 different answers)
[1 point per answer] cache poisoning, spoofing of DNS servers on different levels, forging
requests or responses, redirection
b) [2 Points] Why is DNS that vulnerable?
unencrypted requests/responses, non-verified answers, non-authorized servers, unprotected
caches – all is based on the simple assumption: “don’t lie about others” and trust among the
involved systems
c) [4 Points] What can happen, if DNS gives wrong answers? What can be done against this
(name two solutions)?
[2 points] redirection of mapping name to IP address, “trusting” wrong servers, redirection of
web requests, cutting of part of the name space
[2 points] chose DNS server directly (e.g., 8.8.8.8), use DNSSEC
d) [3 Points] How does DNS ensure the uniqueness of names? Who owns the names in DNS?
[1.5 points] uniqueness of top level, within each top-level uniqueness of second level, within
each second level uniqueness of third level etc.
[1.5 points] on each level NIC/admin of level manages/distributes names to owners
owner is registered in data base
e) [4 Points] What is the difference between recursive and iterative name resolution?
[2 points] recursive: request will be answered by the requested node, this may include
further requests to subsequent nodes without involvement of the requestor
[2 points] iterative: node will return a pointer to the requestor for further requests

Question 2: Congestion and Flow Control (20 Points)
a) [4 Points] What is the focus of congestion and flow control, respectively? Why are they
needed?
[2 points] congestion control: focus on network, try to avoid congestion in the network,
needed to keep network stable

Page 1 of 4
 [2 points] flow control: focus on end-system, try to avoid overloading of the receiver
both are needed to avoid packet loss due to buffer overflow (n routers of end-systems,
respectively)
b) [4 Points] What does a duplicated ACK in TCP tell the sender? What is the idea of fast
recovery?
[2 points] at least some packets go through the network, no severe congestion of complete
link failure
[2 points] fast recovery avoids slow-start (congestion window starts at 1 MSS), but starts right
away with ½ old congestion window
c) [6 Points] What determines the flow of data in TCP? Name three issues and describe!
[1 point + 1 point for each issue + description]
RTT: determines the time for each round to e.g. increase the congestion window
error rate: determines the amount of retransmission, but also slow start
receiver window: shows the capabilities of the receiver, has to be taken into account by
receiver, can be even 0 to choke transmission
link layer data rate: will indirectly determine the flow by determining the buffer fill state in
e.g. router and thus determining the delay contributing to RTT
congestion window: tries to limit flow to avoid overload in the network
TCP version: with or without SACK, fast retransmit etc.
d) [6 Points] How can TCP detect a congestion? Describe briefly! What are the pros and cons of
the two solutions?
[1 point] explicit: using ECN bits in IP header set by routers experiencing congestion (buffers
filling up), can be echoed to sender using ECE bit in TCP header
[1 point] pro: only routers can see if congestion causes delays or drops, thus more precise,
can distinguish between drop due to congestion and drop due to transmission error
[1 point] con: mix of layers, TCP relies on IP, not available on all systems
[1 point] implicit: sender experiences time-out, ACKs to late, missing ACKs and concludes
from late/missing ACKs congestion in network
[1 point] pro: no new mechanism needed, already build-in TCP
[1 point] con: cannot distinguish between drop due to congestion and drop due to error thus
leading to wrong decisions on TCP layer

Question 3: Routing (18 Points)
a) [2 Points] Why can’t we build large networks with many nodes based on switches only?
[1 point for each argument] flat address space, no address aggregation would require storing
all addresses individually in switches
logical tree structure to avoid loops not feasible in large/world-wide networks, no TTL
requires this
b) [2 Points] How is routing scalability in the Internet handled?
[1 point for each argument] hierarchies, routing concerns only limited regions, IGP/EGP, AS
with IGP used inside, EGP to connect, AS black box from outside, no complete view of
topology needed, routing inside AS independent from outside, only EGP must be compatible
worldwide
c) [3 Points] What are differences between routing and forwarding? Name two!
[1.5 points each] routing not that time-critical, forwarding extremely time critical; routing can
result in different paths with different priorities to choose from, forwarding gives one
Page 2 of 4
 mapping from address to port; routing often SW, forwarding with HW support; routing table
much larger, forwarding table is the final product of the routing process; routing is a
distributed process, forwarding local only
d) [3 Points] Give 3 examples for routing metrics!
[1 point each] delay, hop, data rate, cost, drop rate, interference, …
e) [3 Points] Besides scalability, what is missing in standard link-state and distance vector
routing protocols? How does BGP handle these issues?
[1.5 points] policies, paths to prefixes, can handle asymmetric routing
[1.5 points] paths exchanged, different policies can be applied, paths dropped or accepted
based on policies, advertisement of paths also based on policies
f) [2 Points] Why is it so easy to announce “false” paths?
BGP based on trust between peering partners, original version does not allow for verification
of routing data, false announcements cannot be verified, AS can claim to be owner of prefix,
path announcements can be manipulated
g) [3 Points] Why can RPKI also help in the web ecosystem – isn’t it enough to encrypt web
pages?
TLS can encrypt content, but can do nothing against e.g. forged certificates or blackholing;
attacker can manipulate routing; thus, traffic may never reach web server or may be
redirected, web server not wares of attack, DoS made easy

Question 4: Ossification / New Protocols (18 Points)
a) [4 Points] What does “ossification” of the transport layer mean? What causes this
“ossification” (give 2 examples)?
[2 points] TCP and UDP exist for many years, and thus, their headers are often the only
accepted ones for layer 4; these protocols are “hard wired” in many systems, not only end-
systems, but also middle boxes
[2 points] especially middle boxes cause the ossification as updating/changing the OS on end-
systems will not be enough to use different layer 4 protocols; middleboxes such as firewalls,
load balancers, NAT have to be changes as well to accept new protocols and their headers
b) [4 Points] Why does simply sending different data packets of a single TCP connection over
different paths not work?
middle boxes, such as NAT, keep state and, thus, “follow” the states of a TCP connection, may
even ACK bytes acting as proxies; incoming packets from an unknown TCP connection (known
only via another path) are typically not accepted and, thus, dropped
c) [2 Points] How does MPTCP circumvent the “ossification”?
use of several TCP connections; for the network these TCP-connections belonging to a single
MPTCP connection look like “normal” TCP connections with individual states; MPTCP
mux/demux the data stream on top of the regular, build-in TCP of the OS
d) [4 Points] Why may TCP slow down HTTP and thus the rendering of web pages?
even HTTP/2 that allows the mux of several http requests and the out-of-order delivery of
responses suffers from head-of-line blocking TCP may cause when a segment is lost; TCP
segmentation is independent of the semantics of requests/responses; a lost segment may
block the delivery of correct received segments/data to the browser and thus nothing is
displayed unless the lost data has been retransmitted; user experience suffers
Page 3 of 4
e) [4 Points] How does QUIC solve this issue and how does it circumvent the “ossification” of
the transport layer?
QUIC offers several independent streams e.g. for different objects on web pages; data loss in
one stream does not influence other streams; using UDP all received data is immediately
forwarded to the next higher layer(QUIC); using UDP circumvents the ossification as UDP is
well-accepted; QUIC is handled in end-systems only, the network only sees partially
encrypted UDP packets

Question 5: Bits & Signals (18 Points)
a) [4 Points] Can we directly transmit data? What is always required?
No, data is something abstract, we always need a physical representation; we need a
mapping of data elements to physical signal elements; modulation of physical signals based
on data
b) [2 Points] What are the effects of bandwidth limitation of a physical medium?
the effective bandwidth of a physical medium limits the max. available data rate; Shannon’s
law: data rate = bandwidth * log_2 (1 + S/N); limitation of the symbol rate
c) [2 Points] What is the problem of using more and more discrete signal levels for
quantization?
the levels come “closer” and, thus, interference will be relatively stronger until it starts
flipping bits, causing errors; the signal level cannot any longer be easily detected is
interference overlays the original signal; interference may even lead to mapping one
codeword onto another one
d) [4 Points] How to achieve bit synchronization between sender and receiver? Give two
examples!
[2 points each] provide falling/rising edge always in the middle of a bit (Manchester); ensure
that no long sequences of 0s (or) 1s exist – then use (differential) NRZ (4B5B etc.); separate
clock line if distance is short
e) [4 Points] Why do we need framing at all? How can it be achieved?
[2 points] PHY delivers continuous bitstream, separation into frames required to apply, e.g.,
checksumming
[2 points] start-of-frame bit pattern plus bit stuffing avoiding this pattern; code-violation
from PHY; byte counting plus length field
f) [2 Points] Why is it impossible to detect all possible errors?
a really mean error could map a valid codeword onto another valid one – this is impossible to
detect; receiver does not know what the sender has send, thus all legal codewords are fine;
CRC does not detect e.g. multiples of the generator polynomial added to transmitted data

Page 4 of 4