Chapters: All Final Review

1
Chapters AllFinal Review

• Professor Rick Han
• University of Colorado at Boulder
• rhan_at_cs.colorado.edu

2
Announcements

• All lectures, midterm solutions, HW 6 solutions
  online
• Ch. 8 samples, todays review online tonight
• Final is Tuesday May 6, 1030-1 pm
• Office Hours Monday 4-6 pm
• Next, final review

3
Format of Final

• 2 ½ hours
• Comprehensive
• In class
• Closed book
• Calculator OK
• 5 multi-part questions
• About 30 minutes for each multi-part question

4
Format of Final (2)

• 1 Question each on
• TCP
• security
• network layer/IP
• application layer
• 1 mystery question from midterm topics

5
Potential Topics for Final

• List is not all-inclusive some topics may appear
  on final not listed here
• How does ___ work? Why is it used?
• Sections in textbook relevant to final
• Chapter 1 1.1-1.3
• Chapter 2 2.1-2.8
• Chapter 3 3.1-3.2
• Chapter 4 4.1-4.4
• Chapter 5 5.1-5.2
• Chapter 6 6.2-6.4
• Chapter 7 none
• Chapter 8 8.1-8.4
• Chapter 9 9.1-9.2

6
Potential Topics for Final (2)

• All topics in lecture notes are relevant to final
• Relevant topics in lecture notes but not in the
  textbook
• SACK TCP
• TCP extensions window scale time stamp
• Wireless TCP snoop
• Web caching proxies
• Load balancing via DNS, HTTP Redirect,
• NATs for address translation, firewalling, load
  balancing
• SMB/Samba
• Stream ciphers and WEP

7
Potential Topics for Final (3)

• All topics listed in the Midterm Review, plus the
  following
• UDP
• Unreliable datagram delivery
• Header, Checksum
• Multiplexing/demultiplexing
• Under what conditions is UDP useful?
• TCP
• Reliable Stream Delivery
• Header, Checksum
• Why was it necessary to invent TCP?

8
Potential Topics for Final (4)

• TCP (cont.)
• Connection setup
• How does a 3-way handshake work and why does it
  work?
• SYN, SYN/ACK
• How does FIN and FIN/ACK exchange differ from SYN
  and SYN/ACK exchange? (half-closed)
• State machine
• What states are traversed during connection
  setup?
• In a normal termination, how does TIME_WAIT state
  differ from CLOSE_WAIT?

9
Potential Topics for Final (5)

• TCP
• Sliding window
• Sequence s and segments
• Window-based flow control
• Cumulative ACKs
• Receiver window advertisements
• Sender-side vs. receiver-side sliding window flow
  control
• What is TCP Persist and why is it useful?
• TCP Extensions
• Timestamp address wrap-around with seq. s
• Window scaling keeps pipe full over LFNs

10
Potential Topics for Final (6)

• TCP
• Adaptive Retransmission
• Under what conditions does TCP retransmit?
• Timeout
• 3 duplicate ACKs
• How is the RTT originally estimated?
• New RTT estimate a (old RTT estimate) (1 - a)
  (new RTT)
• How is the timeout originally computed from RTT?
• RTO b RTT, where b 2
• What were Karn/Partridges refinements to
  original approach?
• Recompute RTT only for unambiguous ACKs
• Backoff the timeout exponentially

11
Potential Topics for Final (7)

• TCP
• Adaptive Retransmission
• What were Jacobsen/Karels refinements to timeout
  algorithm?
• Make the timeout a function of both the average
  and deviation but why?
• RTO Smoothed Ave 4 Smoothed Dev

12
Potential Topics for Final (8)

• TCP
• Congestion Control
• W min (CW, FW) why?
• send no more packets than the network can handle
  without loss
• Sawtooth behavior of CW whats the basic
  principle?
• Probe network by expanding CW until loss, then
  reduce CW, then grow CW again, etc.
• Slow Start is actually exponential increase
• How does a sender detect that CW is too large?
• A timeout occurs

13
Potential Topics for Final (9)

• TCP
• Congestion Control
• Additive Increase/Multiplicative Decrease
• After a timeout, divide CW by 2 and store in
  ssthresh
• Slow start up to ssthresh, then add a/CW if CW
  packets in a RTT are safely ACKed
• If 3 duplicate ACKs are received, then infer that
  one segment has been lost
• Retransmit immediately, rather than wait for a
  timeout called Fast Retransmit
• Cancel slow start, and drop CW to half its value
  (approximately) rather than to one called Fast
  Recovery

14
Potential Topics for Final (10)

• TCP
• Congestion Avoidance
• Back off before there are packet losses
• Informed by increasing RTT Source-based
• Informed by routers of congestion DECbit
  (explicit), RED (implicit by dropped packets)
• Queueing Disciplines
• What is a drop-tail policy?
• How do Fair Queueing and Weighted Fair Queueing
  enforce fairness? How are they work-conserving?

15
Potential Topics for Final (11)

• SACK-TCP
• Why is this an improvement over vanilla TCP?
• How are selective ACKs achieved?
• Wireless TCP
• What is the major problem with TCP over wireless?
• Solutions
• End-to-End approaches ECN, ELN
• Split connection
• Link-Layer
• Snoop TCP is a hybrid TCP-aware
• Retransmit locally and suppress duplicate ACKs
  all without having to terminate TCP connection
• Advantages and disadvantages?

16
Potential Topics for Final (12)

• Application Layer
• DNS
• Hierarchical naming
• Hierarchical resolution of names local, root
  authoritative name servers with
  iterative/recursive resolution
• Load distribution DNS round robin
• HTTP
• Stateless Request/Response protocol using text
• Persistent HTTP 1.1
• HTTP Caching Proxies relevant headers?
• HTTP Redirect for load balancing
• SMTP, MIME, and how is email relayed via SMTP
  mail gateways?

17
Potential Topics for Final (13)

• Network Address Translation (NAT)
• How does it work?
• Replace senders IP addr and source TCP port with
  NATs IP addr and source TCP port
• Dynamic NAT serves as firewall
• Static NAT allows inbound traffic on designated
  ports
• Load balancing via NAT
• IPSec and NATs whats the conflict?
• TCP ports are encrypted
• Even if TCP ports were visible, cant modify
  packet without causing tampering to be detected
  via digital signature

18
Potential Topics for Final (14)

• Security
• What are the six major characteristics of concern
  in security?
• Confidentiality
• Integrity
• Authentication
• Non-Repudiation
• Availability
• Authorization
• What are different types of cryptanalysis
  attacks?
• Brute force, ciphertext-only, known-plaintext,
  chosen-plaintext, adaptive chosen-plaintext
• Substitution (S-Box) and Transposition (P-Box)

19
Potential Topics for Final (15)

• Security
• Symmetric Key Cryptography
• Same secret key on both endpoints
• DES uses 16 stages each employs principles of
  confusion and diffusion
• What is a block cipher, how is it vulnerable, and
  how does Cipher-Block-Chaining (CBC) address
  this?
• How do stream ciphers work?
• What are various ways to securely distribute a
  shared secret key to both endpoints?
• Diffie-Helman Key Exchange
• Public key encryption of shared symmetric key
• Key Distribution Center (KDC) Kerberos

20
Potential Topics for Final (16)

• Security
• Public Key Cryptography
• Asymmetric keys a public key and a private key
• Helps provide Confidentiality, Authentication,
  Integrity
• Based on the difficulty of inverting one-way
  functions
• How does RSA work? (see example)

21
Potential Topics for Final (17)

• Security
• Authentication via
• public-key digital signatures
• 3-way handshakes
• Trusted 3rd party
• Public keys (Fig. 8.11)
• How do one-way hashes provide data integrity?
• What are some counterexamples?
• Checksums for IP and WEP

22
Potential Topics for Final (18)

• Security
• Secure distribution of public keys
• Trusted 3rd party Certificate Authorities (CA)
• What is a digital certificate and how does it
  certify the provider of the certificate?
• SSL/TLS how is the secure connection
  established?
• IPSec
• End-to-end encryption at the network layer
• Impact on NATs
• How do the two protocols AH and ESP provide
  confidentiality, integrity, and/or
  authentication?
• How is a VPN created using IPSec?

23
Potential Topics for Final (19)

• Security
• Firewalls
• Packet filters
• Proxies
• What are some sample policies that firewalls
  could implement? How are they flawed?
• Good luck on the Final!