Homework Assignment #3 Due 11/20 at 5:00pm EE122 Fall 2012

Homework Assignment #3 Due 11/20 at 5:00pm EE122 Fall 2012 Please submit your solutions using BSpace (https://bspace.berkeley.edu/). Log in to BSpace with your CalNet ID, click on the EL ENG 122 Fa12 tab, and click on Assignments under Course Tools. Your assignment should be submitted as hw3.txt, using the format described on the class web page (http://wwwinst.eecs.berkeley.edu/~ee122/fa12/homework/hw3). The answers will be graded automatically, but please show your work so we can check your reasoning. This work can be included in the hw3.txt file, or in a separate hw3work.txt or hw3work.pdf file. Assignments with only answers and no shown work will receive no credit. Improperly formatted assignments will receive no credit. Each question is worth a single point, and the total assignment is worth 30 points. Some questions are similar to previous years mid-terms and/or homeworks, but you should work these out from first principles. The old solutions may not be directly applicable, or could even be wrong! 1

Packet Timings I Consider a network with two links. Node X is trying to send data to node Z. X Y Z The first link (X-Y) has bandwidth B and latency (i.e., propagation delay) L, and the second link (Y-Z) has bandwidth 2B and latency L/2. Consider two cases: The network is circuit-switched: Assume that all path setup has already occurred and that at time t=0 node X begins sending a 1MB file to Z. As soon as the last bit of the file has been put on the wire, X sends a 2MB file to Z. The last bit of the 1MB file arrives at Z at time t=0.8sec, and the last bit of the 2MB file arrives at Z at time t=1.8sec. 1. What is L (in msec)? 200 2. What is B (in Mbps)? 16 The circuit as a whole can offer service with end-to-end bandwidth B (we ll call this throughput T to avoid confusion with bytes), and latency of (L + L/2). 1MB / T + (L + L/2) =.8sec (1) (1MB + 2MB) / T + (L + L/2) = 1.8sec (2) 2MB / T = 1.8sec - 0.8sec = 1sec (3) from (1) + (2) T = 2MB/sec (4) from (3) 1MB / (2MB/sec) + (L + L/2) = 0.8sec (5) from (1) + (4) 0.5sec + (L + L/2) = 0.8sec (6) from (5) L + L/2 = 0.3sec (7) from (6) L = 0.2sec (8) from (7) File 1: Trans XZ 0.5s P XY 0.2 P YZ 0.1 P = propagation time File 2: Transmission XZ 1.0 P XY 0.2 P YZ 0.1 2

The network is packet-switched: Assume that at time t=0 node X begins sending a 1KB packet to Z. As soon as this transmission is completely on the wire X sends a 2KB packet to Z. Assume there is no processing delay at any node. The first packet arrives at Z at time t=1.8msec, and the second packet arrives at Z at time t=3.4msec. 3. What is L (in msec)? 0.56 4. What is B (in Mbps)? 12.5 Note: since the second link is faster, there is no queueing delay. (1KB / T) + L + (1KB / 2T) + L/2 = 1.8ms (1) (1KB / T) + (2KB / T) + L + (2KB / 2T) + L/2 = 3.4ms (2) (5KB / 2T) = 3.4ms 1.8ms = 1.6ms (3) from (1) + (2) T = 5KB / 2 / 1.6ms = 12.5Mbps (4) from (3) 0.64ms + L + 0.32ms + L/2 = 1.8ms (5) from (1) + (4) L + L/2 = 0.84ms (6) from (5) L = 0.56ms (7) from (6) File 1: Trans XY 0.64 P XY 0.56 Tr YZ 0.32 P YZ 0.28 File 2: Transmission XY 1.28 P XY 0.56 Tr YZ 0.64 P YZ 0.28 3

Packet Timings II Now consider a different network with only one link, of bandwidth B and latency L. At time t=0, node V sends two data packets back-to-back to W, which ACKs them. Assume that the data packets are 240 bytes each and the ACK packets are 360 bytes each (this is larger than the data packet! 1 ). The first ACK packet arrives at t=5.6ms, and the second arrives at t=5.96ms. V W 5. What is L (in msec)? 2.5 6. What is B (in Mbps)? 8 Note: the ACK packet is larger than the data packet, hence the difference between when the first and second ACK packets arrives is due to the transmission time of the ACK packet. 5.96ms 5.6ms = 360 bytes / T (1) T = 360 bytes / 0.36ms (2) from (1) T = 1KB / 1ms = 8Mbps (3) from (2) L + 240 bytes / T + L + 360 bytes / T = 5.6ms (4) L + 0.24ms + L + 0.36ms = 5.6ms (5) from (2) + (4) L = 2.5ms (6) from (5) 1 e.g., imagine that the data packet is an HTTP request, and the ACK packet is an HTTP response (with piggedbacked ACK). 4

Plugging in the formula from last year s mid-term solution will get the wrong answer! The following diagram (not to scale) depicts what happened in last year s mid-term (Question 7. iii): TransD1: 0.48 Prop D1: 1.5ms TransA1:.32 Prop A1: 1.5ms TransD2: 0.48 Prop D2: 1.5ms TransA2:.32 Prop A2: 1.5ms In the time it took for data packet 2 to be transmitted, ACK packet 1 was already transmitted. Thus, when data packet 2 was received, it was possible to commence transmitting ACK packet 2 immediately. The following is the result of naïvely plugging-in last year s formula: TransD1:.36 Prop D1: 2.35ms TransA1:.54 Prop A1: 2.35ms TransD2:.36 Prop D1: 2.35ms TransA2:.54 Prop A2: 2.35ms The time (.36 +.36 + 2.35 +.54 + 2.35) == 5.96ms would assume that A2 is being transmitted immediately, even though A1 is still being transmitted. (If we did want to use the formula from the mid-term, we could revise it to be T2 = (max{p,a}/b) + T1.) In our revised question, there is queueing delay, because D2 is received before A1 is fully sent: TransD1:.24 Prop D1: 2.5ms TransA1:.36 Prop A1: 2.5ms TransD2:.24 Prop D1: 2.5ms TransA2:.36 Prop A2: 2.5ms 5

ICMP Consider the following network, which contains a client A, two routers B and C, and a webserver D that listens on port 80 and does not listen on any other port: A B C D The links AB, BC and CD have a maximum transmission unit (MTU) of 9000 bytes, 1500 bytes, and 1480 bytes respectively. For every packet, we are using TCP (with no options) and IPv4 (with the DF flag set on every packet, and no options). The TCP payload contains data that is within the receiver window, and not previously acknowledged. All the checksums are valid, and no data corruption occurs. In the following, the sender gets a response to every packet it sends. In the questions below, list: Which node responds (select one of B, C, D); and, The type of response (select either ICMP or TCP) For example, a response might be B,ICMP or D,TCP. Please explain each answer. 7. The first packet from A to D has a TCP payload length of 1490, a TTL of 149, and a destination port of 1490. B,ICMP The packet is 20 (IP header) + 20 (TCP header) + 1490 (TCP payload) bytes == 1530 bytes. This is large enough to pass from A to B, but not from B to C. Since the DF flag is set, B will send an ICMP Need Fragmentation message to A. N.B. the TTL is large enough to have traversed the link A-B. 8. The second packet from A to D has a TCP payload length of 222, a TTL of 2, and a destination port of 22. C,ICMP When the packet has reached router C, the TTL would be 0. It would send an ICMP TTL Expired message to A. N.B. the payload is small enough, and the TTL large enough, to have traversed links A-B and B- C. The port is only relevant to the webserver D. 6

9. The third packet from A to D has a TCP payload length of 150, a TTL of 150, and a destination port of 150. [This is a trick question; look at the section notes!] D,TCP This is Question 2d) of the section 9 worksheet: On the event of an unreachable port, the return of a TCP RST message already indicates this. We would generally not expect an ICMP Destination Port Unreachable message! N.B. the payload is small enough, and the TTL large enough, to have traversed links A-B, B-C and C-D. 10. The fourth packet from A to D has a TCP payload length of 100, a TTL of 80, and a destination port of 80. D,TCP D would send an ACK. N.B. the payload is small enough, and the TTL large enough, to have traversed links A-B, B-C and C-D, and D has a webserver listening on the destination port. 7

ARP The following diagram shows three subnets (all with netmasks 255.255.0.0), each with a switch (unlabeled squares). These subnets are connected by a router (unlabeled circle, with interfaces A, B, and C). The MAC addresses of these three interfaces are listed below (in shortened form; in the real-world, all MAC addresses are 48-bit), along with their IP addresses. The switches also have MAC addresses on their interfaces, but we can ignore them in this question. Initially, all the interfaces have no ARP table entries. Any ARP replies received by an interface will be cached (i.e., can be used, if relevant, for subsequent questions). 11-11-E5 1.2.3.4 23-76-E5 1.2.3.6 48-DE-AD 1.2.3.15 32-F4-DD 6.7.4.3 B A C 11-11-17 1.9.1.1 91-F0-F9 6.7.4.15 CA-BE-93 1.9.1.7 A 35-67-90 1.2.3.2 B 13-1F-F3 6.7.4.23 C 92-83-B0 1.9.2.7 11. The host 1.2.3.4 wants to send a message to 1.2.3.15. Specify the MAC addresses of all the host and/or router interfaces (if any) that will receive an ARP request packet. 23-76-E5,48-DE-AD,35-67-90 1.2.3.4 and 1.2.3.15 are in the same subnet (1.2.0.0 1.2.255.255). However, 1.2.3.4 does not have the MAC address of 1.2.3.15, so it sends an ARP request packet, which is broadcast on the subnet i.e., the interfaces corresponding to 1.2.3.6, 1.2.3.15 and 1.2.3.2. 8

12. Next, the host 1.2.3.6 wants to send a message to 1.2.3.15. Specify the MAC addresses of all the host and/or router interfaces (if any) that will receive an ARP request packet. 11-11-E5,48-DE-AD,35-67-90 1.2.6 and 1.2.3.15 are in the same subnet. However, 1.2.3.6 did not learn about 1.2.3.15 s MAC address from the previous question, because ARP replies are not broadcast. Thus, 1.2.3.6 must broadcast an ARP request packet on the subnet, which is received by the interfaces corresponding to 1.2.3.6, 1.2.3.15, and 1.2.3.2. 13. Finally, the host 1.2.3.4 wants to send a message to 1.9.1.1. After all the appropriate ARP queries and replies occur, what destination MAC address should the sending adapter on 1.2.3.4 insert into its Ethernet header? 35-67-90 1.2.3.4 realizes that 1.9.1.1 is not on the same subnet, so it must send the packet to the router (interface A, which is on 1.2.3.4 s subnet). 9

BGP Policy I Consider a set of non-transit ASes A, B, C, D, and a set of transit ASes P, R, X, Y, Z. They follow standard selection and export policies, and have the following relationships: A is customer of X. B is customer of X and Y and peer of C. C is customer of Y and peer of B. D is customer of Z. X is customer of P and peer of Y Y is customer of P and R, and peer of Z. Z is customer of R and peer of Y. P and R are peers. Assume that if there are two policy compliant paths, the shorter one is chosen. For each of the following source/destination pairs, list the path that would be chosen, or None if no policy-compliant path exists: Recall from lecture 16 (p. 37): that standard policies for transit networks are: Selection: prefer customer to peer to provider Export: o Let customers use any of your routes o Let anyone route through you to your customer o Don t export route to someone on that route (poison reverse) o Block everything else These policies effectively mean that each AS is willing to carry traffic only if: they are the source or destination; or, they get to charge someone (i.e., a customer) money 10

Hence, for the answers that follow, we can reason with the principle that routing follows the money (lecture 16, p. 27). It s also helpful to draw a diagram: P R X Y Z A B C D 14. from A to B: AXB All parties are happy with the traffic flow (X gets to charge its customers A and B, and B is the destination). There is no shorter policy compliant paths (A and B are not directly connected). 15. from A to C: AXYC All parties are happy with the traffic flow (X gets to charge its customer A, X sends directly to its peer Y, Y gets to charge its customer C, and C is the destination). There is no shorter policy compliant path. 2 Also note that AXBC is not compliant (B would object, because B has to pay X, but B does not gain anything). 2 For brevity, we don t explicitly state this claim in subsequent answers. 11

16. from A to D: AXPRZD With AXPRZD, X charges A, P charges X, P sends directly to its peer R, R charges Z, and Z charges D, which is the destination. Note that AXYZD would not be policy compliant: Y would not get to charge anyone, so it does not tell X about its route to Z or D. 17. from B to C: BC Policy dictates that peers are chosen over providers. 18. from B to D: BYZD Same reasoning as A to C. 19. from C to D: CYZD Same reasoning as A to C (and B to D). 12

For each of the following routing change questions, list your answer in the following form: if you think that the route from A to B is now AXYZZYB (probably not a good answer!) then list A-B,AXYZZYB. 20. Assume that P and R stop peering. What route changes? What is the new route? A-D,None The network topology is now: P R X Y Z A B C D Any route from A to D must go through Y, but Y will not allow it because it cannot charge R or Z (the only plausible next hops). 13

21. Ignoring Q20 (i.e., assume P and R are peering), assume instead that Z becomes a customer of Y (rather than a peer). What route changes? What is the new route? A-D,AXYZD P R X Y Z A B C D With this new route, everyone s a winner: A is able to send data to D (indirectly) X is able to charge its customer A X sends directly to its peer Y Y is able to charge its customer Z Z is able to charge its customer D (presumably more than Z got charged by Y!) D is able to receive data from A 14

BGP Policy II Consider domains A, B, C, D, E, F connected as shown below. A B C F E D Assume that all domains have the policy that given a choice of paths, they prefer the one starting with the earliest letter in the alphabet. That is, A-*-* is preferred over B-*-*. 15

22. Assume that all nodes export all selected routes to all peers (except when those routes would create loops). List all routes from A to D that are possible policy-compliant routes (i.e. that could be steady-states of a BGP convergence process), comma-separated. For example, if you think ABBCD and ACED are possible routes, write ABBCD,ACED. Consider all the (non-looping) routes from A-D individually: ABCD: This is possible the following diagram shows the path taken by traffic from any node to D. It is a steady-state because all the route advertisements about D will not cause any changes. (B would rather route through A, but A will not tell B about its route [it would create a loop]; similarly, C would prefer to route through B, but B will not tell C about its route. All other nodes are already doing as they best can with regards to choosing the node with the earliest letter in the alphabet.) Furthermore, it is a reachable state, under the scenario: 1. D exports its routes, and all neighbors receive and process the messages. 2. then C exports it routes, and all neighbors receive and process the messages. 3. then B exports its routes, and all neighbors receive and process the messages. 4. then A exports its routes, and all neighbors receive and process the messages. A B C F E D 16

ABED: Ok A B C F E D It is a steady-state because: B would prefer to go through A, but A will not give B a route; similarly, E would prefer to route to B, but B will not give its route to E. It is a reachable state, under the scenario: 1. D exports its routes, but only E receives and processes the message. (i.e., the message to C is lost; since BGP runs over TCP, it will eventually be resent) 2. E exports its routes, and all neighbors receive and process the messages. 3. B exports its routes, and all neighbors receive and process the messages. 4. C receives the message from D (it is ignored because C already has a better route) 5. A exports its routes, and all neighbors receive and process the messages. AFED: Ok A B C F E D 17

It is a steady-state because: A would prefer to go through B, but B will not give A a route; similarly, E would also like to route through B, but that would result in a loop, so E cannot use that route. It is a reachable state, under the scenario: 1. D exports its routes, but only E receives and processes the message. 2. E exports its routes, but only F receives and processes the message. 3. F exports its routes, and all neighbors receive and process the message. 4. A exports its routes, and all neighbors receive and process the message. 5. B exports its routes, and all neighbors receive and process the message. 6. The lost messages (i.e., D to C, and E to B) are received, but ignored because the recipients already have better routes. AFEBCD: Not possible A B C F E D B routes through C, so it would happily tell A about its route. A would then choose to route through B (rather than F), and F would then choose to route through A i.e., this state is not stable, and would turn into the ABCD case. 18

23. Keeping the same selection policies, but changing the export policies, now assume that all nodes only export routes to letters that follow them in the alphabet (e.g., B does not tell A about its routes, but it tells C and E). List all routes from D to A (this is not the same as the previous question) that are possible policy-compliant routes (i.e. that could be steady-states of a BGP convergence process). The export policies effectively mean nodes can only direct traffic to nodes that are earlier in the alphabet. DCBA: Ok A B C F E D DEBA: Not possible E does not tell D about E s routes DEFA: Not possible e.g., E does not tell D about E s routes DCBEFA: Not possible e.g., E does not tell B about E s routes 19

CDNs, proxies, and all that... Web content is often replicated at multiple locations to minimize the time it takes a user to download a webpage. This problem explores two basic approaches for replicating web content: HTTP forward proxies and CDNs. CDN-based approaches rely on a content distribution network to serve content from multiple locations; there are (at least) three ways to implement the CDN distribution model. Thus, we have four different options at our disposal: a) HTTP Caching with a Forward Proxy: A local network routes all HTTP requests through a HTTP forward proxy. The forward proxy first checks if the requested page is already cached, in which case the proxy returns the cached page to the user. If the page is not cached, the proxy requests the page from the site, caches the result, and returns it to the user. b) CDN using DNS: When the authoritative server for the site receives a DNS request, it returns one of many IP addresses, each of which corresponds to a CDN server hosting the web content. c) CDN using IP Anycast: DNS requests for the site always return the same, single IP address. Multiple CDN servers (at various different locations) that host the web content advertise this same IP address. d) CDN based on rewriting media URLs: All requests for the base page of a site are served from a single server hosted by that site. The site s server re-writes the URLs for media content (e.g., images) to be URLs corresponding to CDN servers, so that media content is served from the CDN. Your new web startup has gone viral, and you want to purchase services from a CDN in order to minimize the load on your servers. List one of the options, or None if appropriate. 24. Which approach allows the finest-grained control over which users are directed to which servers? In particular, which approach allows a site to dictate exactly how many users are sent to each server, and to instantaneously re-balance load between servers? D a) Not applicable (not a CDN!) b) Once a user has received an IP address from the DNS server, they will continue using it for a long time (if cached, or if the user decides to browse using the IP address!). c) Anycast would direct users to the nearest server, even if that server is overloaded. d) With option D (CDN based on rewriting media URLs), the centralized server can look at the incoming traffic and send a different URL. 20

25. You delegated this decision to your business partner, who chooses one of the CDN-based approaches. After purchasing services from the CDN, traffic to your servers decreases substantially, but you continue to see requests for the content on your website (including both base pages and media) for a few hours. After a full day, traffic to your server dies out completely. Which approach did your business partner choose? B or C or None There are three possible answers (this is where you reasoning section counts a lot!): o b): DNS records are cached, so users will continue visiting the old IP address for some time o c): We didn t state that the CDN servers take over the startup s old IP address. If the CDN uses a new IP address for anycast, and the old IP address is linked to the startup s servers), since users will have cached the old IP address, the same reasoning as option b) applies. o None: A CDN performs document caching, so ultimately it must request some pages from your webserver, and it must make requests periodically 3 to keep the cache up to date. Thus, none of the CDN options would entirely eliminate requests to the website. o None: It is also possible to argue that the DNS records may be cached in excess of a day, so neither b) or c) would apply. For completeness: o a) is not applicable (not a CDN). Furthermore, proxies still need to contact the original server (with conditional GET requests). o d) is not correct, because requests for base pages would still be served from the original server. 26. Which approach can guarantee that customers will be served from the CDN server closest to the customer? C See Q24. 27. Which approach leads to additional load on your local DNS server? If your refers to users of the startup: D. Options b) and c) give them an IP address, almost as if there was no CDN involved. With option d), the media content URLs may point to many different CDN servers, and each of those URLs will need to be resolved. If your refers to the startup owner: None. The owner s local DNS server is irrelevant. 4 Note that local DNS server is distinct from the authoritative DNS servers. 3 It s likely push because the web startup is frequently accessed, but the same reasoning applies to a pull approach. 4 Unless they browse their own web site! 21

Now we consider network conditions at Berkeley. List one of the options, or None if appropriate. 28. UC Berkeley is suffering major budget cuts, and turns to you for help in lowering the cost of providing Internet for students. UC Berkeley pays its Internet provider based on the amount of bandwidth it uses, which is dominated by students downloading external web content. Which option, if any, can help UC Berkeley reduce the amount it pays its provider? A The forward proxy is within UC Berkeley s local network, so if students download previously viewed content, Berkeley does not need to send the requests to its ISP. 29. AirBears wireless is terrible, and periodically drops connections, which is frustrating when you are trying to stream the Giants game during EE122 lecture (we know who you are!). Which option, if any, can help ensure that you don t miss any of the game due to AirBear flakiness? None The proxy and CDN options will speed up getting traffic from the Internet to the nearest AirBears router, but they can t magically fix the connection between the AirBears router to your laptop. (Put another way: suppose your laptop is connected to Berkeley s network via Ethernet, and someone pulls out your Ethernet cable.) Note (if we wanted a super-tricky question): our best option, assuming we can t change AirBears, probably is a CDN, if it performs transcoding. If the bitrate is low, and AirBears only drops out for short periods, the buffer in the video player should hide the losses. 30. You do a DNS lookup for www.google.com from your laptop connected to AirBears, and compare the results with your friend. Your friend did the same DNS lookup from India, and got a different IP address. Which option, if any, could Google have been using? B o a) only affects HTTP requests, not DNS requests (besides, the forward proxy is at Berkeley s discretion i.e., not something that Google chooses!) o b) gives one of many IP addresses o c) would give everyone the same, single IP address o d) would also give everyone the same IP address ( servers [ ] advertise this same IP address ) 22