Networking Qualifying Exam Question 1 Georgia Tech April 4, 2008

Networking Qualifying Exam
Georgia Tech
April 4, 2008
Answer 6 of the following 9 questions.
Question 1
We consider a packet scheduling scenario in which there are 3 flows (denoted as 1, 2, and 3) with equal
weights. The jth packet of flow i is denoted pi,j . Its arrival time and length (in bits) are denoted as ai,j and
li,j respectively. Let a1,1 = a2,1 = a3,1 = 0. Let a1,2 = a2,2 = a3,2 = 6 and a3,3 = 8. Let l1,1 = 14, l1,2 = 2,
l2,1 = 10, l2,2 = 8, l3,1 = 6, l3,2 = 2, and l3,3 = 12. Suppose the service rate of the link is 1 bit per second.
1. What is the GPS finish time of all these packets?
2. What is the service order of these packets under W F Q?
3. What is the service order of these packets under W F 2 Q
4. What is the service order of these packets under DRR when the quantum size is 8 bits?
5. What is the service order of these packets under Virtual Clock?
Question 2
The following problem arises in estimating traffic matrices from SNMP link counts. We know that three
independent random variables X, Y , and Z are distributed as N (a, 1), N (b, 1), and N (c, 4) respectively,
where a, b, c are the parameters we would like to estimate and N (m, v) standards for Gaussian distribution
with mean m and variance v. Now we observe a set of realizations of X, Y , and Z as x = 3, y = 5, and
z = 7. We also know that
• a+b=9
• b + c = 14.5
Then what is the Maximum Likelihood Estimate of a, b, c after we have had the above observations of X,
Y , and Z?
Hint: consult Wikipedia for definitions/techniques like “Gaussian distributions”, “Lagrange multipliers”,
and “Maximum Likelihood Estimators”
Question 3
1. Suppose that a router’s IP lookup trie that has a branching factor of 224 at its first level, and a branching
factor of as much as 28 at its second level.
• Let pi be the number of prefixes in the routing table whose prefix length is i, for i = [1, 32].
Express the total number of entries in the trie in terms of pi .
• Suppose that each prefix in the routing table is looked up exactly once. Express the average
number of memory lookups as a function of pi .
• In practice, some prefixes will be looked up more often than others. (a) Explain why. (b) Explain
what mechanism(s) routers use to speed up lookups for IP addresses that are looked up more
• Explain the advantages and disadvantages of content-addressable memory for performing IP
prefix lookups.
2. Suppose that you wanted to design a router that could have forwarding table entries for ranges of
arbitrary sizes (not just powers of two). Design a space-efficient mechanism for doing range-based
IP address lookups.
Question 4
1. Labovitz showed that, in theory, when a BGP withdrawal occurs path exploration could cause as much
as O(n!) iterations before converging to a stable state.
• Explain why path exploration occurs. In other words, explain why, when a router hears a withdrawal for path ABC, that it cannot assume that all paths containing BC are invalid/withdrawn.
• Give an example where this could result in O(n!) iterations before convergence, where n is the
length of the path.
2. Propose an extension to BGP that could mitigate path exploration. (Hint: Think about individual link
failures, the different causes of withdrawals other than failures, etc.)
Question 5
Describe as many TCP variants as you can and explain:
• The main differences between them in operation and performance
• Describe the motivation behind the development of each variant
Sketch a technique that one can deploy to determine which variant of TCP is implemented at a remote node
(client or server).
Question 6
1. Explain the rationale for ”layering” in network architectures.
2. Do you think the Internet protocols adhere to strict layering principles? Give one example where
they do and another where they don’t or argue (again through examples) that the Internet consistently
violates or consistently adheres to layering.
3. Discuss (using specific examples) whether layering is effective in multi-hop wireless networks?
Question 7
Suppose that you have collected a sample X of m jitter measurements, and you now want to estimate the
mean jitter with a desirable confidence interval (say the 90% confidence interval). Your sample is small,
however, the jitter variance is high, and so you do not want to use asymptotic results such as the central limit
theorem. Design a statistical procedure that will allow you to estimate the previous confidence interval more
accurately than simply relying on the sample mean and sample variance of X. Hint: think about sampling
repeatedly from X.
Question 8
You are asked to formulate an optimization problem for an instance of BGP traffic engineering. You do not
need to solve this problem; just formulate it mathematically. If you need to make any assumptions, please
write and justify them.
Suppose that you are the operator of an Autonomous System (AS) X. Your network has a number of border
links to other ASes. You are given a set S of traffic flows that will need to be routed through X. Each flow
corresponds to a unique destination prefix. A flow should be routed from its (unique) ingress link to a unique
egress link. The IGP protocol in X routes a flow through the minimum cost path from its ingress link to the
selected egress link.
For each flow in S you know the following:
1. the ingress link that brings that flow into network X,
2. the rate of the flow (Mbps),
3. a set of possible egress links for that flow (note that you do not know the actual egress link for each
flow; this is what you need to determine).
You are also given the following:
1. the capacity of each egress link (Mbps),
2. the IGP cost to route a flow from an ingress link i to an egress link j.
Your goal is to minimize the total cost of routing the flows in S. The cost of routing a flow from ingress i to
egress j is equal to the product of the flow rate and the IGP distance from i to j. Do not forget to consider,
first, the capacity constraints at the egress links, and second, that each flow should be routed through the
minimum cost path.
Question 9
In his classic paper on exposing the security weaknesses of the TCP/IP protocol stack, Bellovin describes
an attack whereby an attacker could hijack a TCP connection by guessing the sequence number in the TCP
1. Explain Bellovin’s “connection hijacking” attack and explain the types of attacks that can and cannot
be mounted with a connection hijack.
2. One attack that is difficult to mount with Bellovin’s attack is one where an attacker spoofs an IP
address of the sender. Explain why it is difficult to mount such an attack without an additional attack
on the routing system.
3. Devise a mechanism that prevents all IP spoofing. Feel free to alter the structure of IP addresses (e.g.,
you can use IPv6 CGA, HIP, etc.).