CS 6250 Complete Quiz Bundle (1–12) | 2026/2027 Latest Upd...
$68.45
$189.40Save 64%
Add To Cart
Bundle
CS 6250 Complete Quiz Bundle (1–12) | 2026/2027 Latest Update | Verified Questions and Answers | Georgia Institute of Technology Study Guide
12 Items
CS 6250 Quiz 7 Exam guide (All Quizzes) | Georgia Institute of Technology | Latest 2026/2027
CS 6250 Quiz 7 Exam guide (All Quizzes) | Georgia Institute of Technology | Latest 2026/2027 Verified Questions and Answers 2026/2027 | GRADED A+ | 1 ... Show More 00 out of 100 Question: A few of the main reasons that SDN arose are: a diversity of different network equipment (eg routers, switches, firewalls, etc.) using different protocols that made managing the network difficult, and second a lack of a central platform to control network equipment. Answer true Question: The main idea behind SDNs is to divide tasks into smaller functions so the code is more modular and easy to manage. Answer true Question: With SDNs the control plane and data plane have independent evolution and development. Answer true Question: In the SDN approach, the SDN controller is physically located at each router that is present in a network. Answer false Question: By separating the control plane and the data plane, controlling the router's behavior became easier using higher order programs. For example, it is easier to update the router's state or control the path selection. Answer true Question: In the SDN approach, ISPs or other third parties can take up the responsibility for computing and distributing the router's forwarding tables. Answer true Question: Having the software implementations for SDNs controllers increasingly open and publicly available makes it hard to control, since any person could modify the software easily. Answer false Question: In SDN networks, the SDN controller is responsible for the forwarding of traffic. Answer false Question: The network-control applications are programs that manage the underlying network with the help of the SDN controller. Answer true Question: In SDN networks forwarding rules of traffic still have to be based on IP destination and cannot be based on other metrics, packet header info etc. Answer false Question: SDN-controlled switches operate on the: Answer Data plane Question: In an SDN Architecture, the northbound interface keeps track of information about the state of the hosts, links, switches and other controlled elements in the network, as well as copies of the flow tables of the switches. Answer false Question: In SDN networks, the southbound interface is responsible for the communication between SDN controller and the controlled devices. Answer true In SDN networks, the controller needs to be implemented over a centralized server. Question: What spurred the development of Software Defined Networking (SDN)? Answer SDN was developed in order to make computer networks more programmable. With so many different technologies and vendors for network devices, SDN helps redesign networks to make them more manageable. Question: 3 phases in the history of SDN Answer 1. Active Networks 2. Control and Data Plane Separation 3. OpenFlow API and network operating systems Question: 1. Active Networks Answer 1990s-2000s Active networking envisioned a programming interface that exposed network nodes and supported customization of functionalities for subsets of packets passing through the network nodes. Question: Two types of programming models in active networking Answer 1. Capsule Model - code to execute was carried in-band in data packets 2. Programmable router/switch model - code to execute was established by out-of-band mechanisms. Question: Pushes that encouraged active networking Answer 1. Reduction in computation cost 2. Advancement in programming languages and VM technology to protect active code. 3. Advancement in code compilation Question: 3 Major Contributions of Active Networking towards SDN Answer 1. Programmable functions in the network to lower the barrier to innovation. 2. Network virtualization 3. The vision of a unified architecture for middlebox orchestration Question: Biggest Downfall of Active Networking Answer Too Ambitious Since active networking was more involved in redesigning the architecture of networks, not as much emphasis was given to performance and security - which users were more concerned about Question: 2. Control and Data Plane Separation Answer 2001 to 2007 Packet forwarding was implemented directly in the hardware. This era tailored to administrators being able to control / manage routing decisions. Emphasized programmability in the control domain rather than the data domain. 3. OpenFlow API and network operating systems Answer 2007 to 2010 The vision of fully programmable networks for research is realized, and then actually used by businesses / ISPs. Abstracted away the specifics of vendor software / proprietary products and allowed the entire network to be treated as one programmable entity. Lead to the rise of network operating systems and distributed state management. How does an OpenFlow switch work? Answer Each switch contains a table of packet-handling rules. Each rule has a pattern, list of actions, set of counters and a priority. When an OpenFlow switch receives a packet, it determines the highest priority matching rule, performs the action associated with it and increments the counter. Function of the control pane and data plane Answer The control plane contains the logic that implements the forwarding behavior of routers such as routing protocols and network middlebox configurations. The data plane performs the actual forwarding as dictated by the control plane Why separate the control from the data plane? Answer Independent evolution and development - prior to their separation, any changes to the control plane had to be met with upgrades to the hardware. Control from high-level software programs - software computes the forwarding tables in SDN, allowing us to use high order or more abstract programming languages to implement routing algorithms. This also makes debugging and checking the behavior of the network easier. 4 areas of opportunities with control data plane separation 1. Data centers. Consider large data centers with thousands of servers and VMs. Management of such large network is not easy. SDN helps to make network management easier. 2. Routing. With SDN, it is easier to update the router's state, and SDN can provide more control over path selection. 3. Enterprise networks. SDN can improve the security applications for enterprise networks (such as for DDOS) 4. Research networks. SDN allows research networks to coexist with production networks. Forwarding the router inspects the packet coming in from a port, consults the routing table, and sends the packet to the output port dictated by the forwarding table. Forwarding is a function of the data plane. Routing routers use routing algorithms to generate the forwarding table, implementing policies and using these algorithms to determine the best path for traffic. Routing is a function of the control plane. What is the difference between a traditional and SDN approach in terms of coupling of control and data plane? In the traditional approach, the control and data planes are closely coupled. The router runs routing algorithms and generates the forwarding table. In the SDN approach, the remote controller computers and distributes forwarding tables. The controller is physically separated from the router. 3 Main Components of SDN Network 1. SND-controlled network elements - infrastructure layer, responsible for forwarding traffic using rules computed by the SDN control plane. 2. SDN controller - logically centralized entity that behaves as an interface between the network elements and the network-control applications. 3. Network-control applications - programs that manage the underlying network by collecting information about the network elements with the help of the SDN controller 4 defining features in an SDN network 1. Flow-base forwarding - rules for packets can be computed based on any number of header field values in various layers (transport, network, link). 2. Separation of data and control planes 3. Network control functions - controller maintains up-to-date network state information and provides it to the network-control applications. This enables network-control applications to monitor and control network devices. 4. Programmable network - enables the implementation of sophisticated routing applications to include network management, traffic engineering, security, automation, analytics, etc. 3 layers of SDN controller 1. Communication layer - comms between the controller and the network elements 2. Network-wide state-management layer - stores information about the network state 3. Interface to the network-control application layer - communication between controller and network-control applications false What spurred the development of Software Defined Networking (SDN)? Software Defined Networking (SDN) arose as part of the process to make computer networks more programmable. Computer networks are very complex and especially difficult to manage for two main reasons: - Diversity of equipment on the network - Proprietary technologies for the equipment What are the three phases in the history of SDN? 1. Active networks 2. Control and data plane separation 3. OpenFlow API and network operating systems Summarize each phase in the history of SDN. Active networking envisioned a programming interface (a network API) that exposed resources/network nodes and supported customization of functionalities for subsets of packets passing through the network nodes. Control and data plane separation - This phase lasted from around 2001 to 2007. During this time, there was a steady increase in traffic volumes and thus network reliability, predictability and performance became more important. Network operators were looking for better network-management functions such as control over paths to deliver traffic (traffic engineering). Researchers started exploring short-term approaches that were deployable using existing protocols. They identified the challenge in network management lay in the way existing routers and switches tightly integrated the control and data planes. OpenFlow API and network operating systems - OpenFlow was born out of the interest in the idea of network experimentation at a scale (by researchers and funding agencies). It was able to balance the vision of fully programmable networks and the practicality of ensuring real world deployment. OpenFlow built on the existing hardware and enabled more functions than earlier route controllers. Although this dependency on hardware limited its flexibility, it enabled immediate deployment. What is the function of the control and data planes? The control plane contains the logic that controls the forwarding behavior of routers such as routing protocols and network middlebox configurations. The data plane performs the actual forwarding as dictated by the control plane. For example, IP forwarding and Layer 2 switching are functions of the data plane. Why separate the control from the data plane? 1. Independent evolution and development. In the traditional approach, routers are responsible for both routing and forwarding functionalities. This meant that a change to either of the functions would require an upgrade of hardware. In this new approach, routers only focus on forwarding. Thus, innovation in this design can proceed independently of other routing considerations. Similarly, improvement in routing algorithms can take place without affecting any of the existing routers. By limiting the interplay between these two functions, we can develop them more easily. 2. Control from high-level software program. In SDN, we use software to compute the forwarding tables. Thus, we can easily use higher-order programs to control the routers' behavior. The decoupling of functions makes debugging and checking the behavior of the network easier. Why did the SDN lead to opportunities in various areas, such as data centers, routing, enterprise networks, and research networks? 1. Data centers. Consider large data centers with thousands of servers and VMs. Management of such large networks is not easy. SDN helps to make network management easier. 2. Routing. The interdomain routing protocol used today, BGP, constrains routes. There are limited controls over inbound and outbound traffic. There is a set procedure that needs to be followed for route selection. Additionally, it is hard to make routing decisions using multiple criteria. With SDN, it is easier to update the router's state, and SDN can provide more control over path selection. 3. Enterprise networks. SDN can improve the security applications for enterprise networks. For example, using SDN it is easier to protect a network from volumetric attacks such as DDoS, if we drop the attack traffic at strategic locations of the network. 4. Research networks. SDN allows research networks to coexist with production networks. What is the relationship between forwarding and routing? Routing involves determining the path from the sender to the receiver across the network. It constructs the forwarding table for routers, which consult the table in making forwarding decisions (which output link to send a packet through). What is the difference between a traditional and SDN approach in terms of coupling of control and data plane? In the traditional approach, the routing algorithms (control plane) and forwarding function (data plane) are closely coupled. The router runs and participates in the routing algorithms. From there it is able to construct the forwarding table which consults it for the forwarding function. In the SDN approach, on the other hand, there is a remote controller that computes and distributes the forwarding tables to be used by every router. This controller is physically separate from the router. It could be located in some remote data center, managed by the ISP or some other third party. What are the main components of an SDN network and their responsibilities? - Network-control applications (control plane) - The network-control applications are programs that manage the underlying network by collecting information about the network elements with the help of the SDN controller. ...Northbound API ... SDN controller (control plane) - The SDN controller is a logically centralized entity that acts as an interface between the network elements and the network-control applications. ...Southbound API... SDN-controlled network elements (data plane) - The SDN-controlled network elements, sometimes called the infrastructure layer, is responsible for the forwarding of traffic in a network based on the rules computed by the SDN control plane. What are the four defining features of an SDN architecture? 1) Flow-based forwarding: The rules for forwarding packets in the SDN-controlled switches can be computed based on any number of header field values in various layers such as the transport-layer, network-layer and link-layer. This differs from the traditional approach where only the destination IP address determines the forwarding of a packet. For example, OpenFlow allows up to 11 header field values to be considered. 2) Separation of data plane and control plane: The SDN-controlled switches operate on the data plane and they only execute the rules in the flow tables. Those rules are computed, installed, and managed by software that runs on separate servers. 3) Network control functions: The SDN control plane, (running on multiple servers for increased performance and availability) consists of two components: the controller and the network applications. The controller maintains up-to date network state information about the network devices and elements (for example, hosts, switches, links) and provides it to the network-control applications. This information, in turn, is used by the applications to monitor and control the network devices. 4) A programmable network: The network-control applications act as the "brain" of the SDN control plane by managing the network. Example applications can include network management, traffic engineering, security, automation, analytics, etc. For example, we can have an application that determines the end-to-end path between sources and destinations in the network using Dijkstra's algorithm. What are the three layers of SDN controllers? Communication layer: communicating between the controller and the network elements Network-wide state-management layer: stores information of network-state Interface to the network-control application layer: communicating between controller and applications Show Less
- Exam
- $14.95
- 0
- 27
CS 6250 Quiz 6 Exam Prep (All Quizzes) Latest 2026/2027 Update | 100% Verified Questions & Answers
CS 6250 Quiz 6 Exam Prep (All Quizzes) Latest 2026/2027 Update | 100% Verified Questions & Answers | Georgia Institute of Technology 2026/2027 | GRAD ... Show More ED A+ | 100 out of 100 Question: What are the basic components of a router? Answer Main job of a router is to implement the "forwarding plane" and "control plane" functions. Forwarding plane + control pane Input/Output ports Switching fabric moves packets from input to output ports. 3 types of fabric: memory, bus, and crossbar. Question: Explain the forwarding (or switching) function of a router. Answer Forwarding (or switching) function: Transfer a packet from input link to appropriate output link. Very short timescales (nanoseconds), Question: The switching fabric moves the packets from input to output ports. What are the functionalities performed by the input and output ports? Answer Input ports: Physically terminates incoming links, decapsulates packets (data processing unit) and performs lookup function. Output ports receive and queue the packets to send to outgoing link. Question: What is the purpose of the router's control plane? Answer Implements routing protocols, maintains routing tables, computes forwarding table. Implemented by software in the routing processor (or SDN), but could also be done by remote controller. Question: What tasks occur in a router? Answer Lookup: Router looks up destination IP and determines output link using forwarding table. Forwarding Information Base (FIB) provides mapping between destination prefixes and output links Switching: Transfer from input to output link. Queueing: queues packets if link is congested Header validation + checksum: Checks packet version number, decrements TTL, recalculates header checksum Route processing: Builds forwarding table using protocol like RIP, OSPF, and BGP. Protocol processing: Routers need to implement the following protocol to implement their functions: SNMP (simple network management protocol) for counters for remote inspection, TCP and UDP for remote comms, and ICMP (internet control message protocol) for sending messages when TTL is exceeded Question: List and briefly describe each type of switching. Which, if any, can send multiple packets across the fabric in parallel? Answer Switching via memory: Input/Output ports operate as I/O devices in an OS, controlled by the router. Input port sends an interrupt to routing processor, and packet is copied into memory. Processor uses forwarding table and copies into output port. Switching via bus:Routing processor does NOT intervene like with memory.Input port puts an internal header onto the packet that designates output port, and sends to shared bus. All output ports receive it, but only the designated one keeps it and removes the header. Only one packet can cross the bus at a time, so the speed of the bus is the bottleneck. Switching via interconnected network (crossbar). Basically 2d bus? Question: What are two fundamental problems involving routers, and what causes these problems? Answer Bandwidth and Internet population scaling: These scaling issues are caused by: An increasing number of devices that connect to the Internet, Increasing volumes of network traffic due to new applications, and New technologies such as optical links that can accommodate higher volumes of traffic. Services at high speeds: New applications require services such as protection against delays in the presence of congestion and protection during attacks or failures. But offering these services at very high speeds is a challenge for routers. Question: What are the bottlenecks that routers face, and why do they occur? Answer Longest prefix matching: Routers need to look up a packet's destination address to forward it. Increasing number of Internet hosts and networks has made it impossible for routers to have explicit entries for all possible destinations. So instead, routers group destinations into prefixes. But then, routers run into the problem of more complex algorithms for efficient longest prefix matching. Service differentiation: Routers can also offer service differentiation which means different quality-of-service (or security guarantees) to different packets. In turn, this requires the routers to classify packets based on more complex criteria beyond destination. For example, they can include source or applications/services associated with the packet. Switching limitations: As we have seen, a fundamental operation of routers is to switch packets from input ports to output ports. A way to deal with high-speed traffic is to use parallelism by crossbar switching. But at high speeds, this comes with its problems and limitations (e.g., head of line blocking). Bottlenecks about services: Providing performance guarantees (quality of service) at high speeds is nontrivial, as is providing support for new services such as measurements or security guarantees. Question: What is CIDR, and why was it introduced? Answer Classless internet Domain Routing. It assigns IP addresses with arbitrary length prefixes. It helped decrease router table size as Ip addresses were being exhausted, but it also introduced the "longest matching prefix lookup" problem. Question: Name 4 takeaway observations around network traffic characteristics. Explain their consequences. Answer Measurement studies on network traffic had shown a large number (in the order of hundreds of thousands - 250,000 according to a measurement study in the earlier days of the Internet) of concurrent flows of short duration. This already large number has only been increasing, and as a consequence, caching solutions will not work efficiently. The important element of any lookup operation is how fast it is done (lookup speed). A large part of the cost of computation for lookup is accessing memory. An unstable routing protocol may adversely impact the update time in the table: add, delete or replace a prefix. Inefficient routing protocols increase this value up to additional milliseconds. A vital trade-off is memory usage. We can use expensive fast memory (cache in software, SRAM in hardware) or cheaper but slower memory (e.g., DRAM, SDRAM). Question: Why do we need multibit tries? Answer Unibit tries most significant problem is the number of memory accesses required to perform a lookup. For 32 bit addresses, we can see that looking up the address in a unibit trie might require 32 memory accesses, in the worst case. Assuming a 60 nsec latency, the worst-case search time is 1.92 microseconds. This could be very inefficient in high speed links. Instead, we can implement lookups using a stride. The stride is the number of bits that we check at each step. So an alternative to unibit tries are the multibit tries. A multibit trie is a trie where each node has 2k children, where k is the stride. Next, we will see that we can have two flavors of multibit tries: fixed-length stride tries and variable length stride tries. Question: What is prefix expansion, and why is it needed? Answer If we have a prefix of length 3 (101) and stride in 2 bits at a time, we'll miss prefixes like 101. So we do prefix expansion (ensure the expanded prefix is a multiple of the stride length), and remove all that are not multiples of stride length. Question: How would you perform a prefix lookup given a list of pointers for unibit tries, fixed-length multibit ties, and variable length multibit tries. Answer Just keep traversing the tree with the bits until you either hit the end, have no where to go, or hit an empty (if you hit an empty, go back until the last non-empty you found) Question: How woudl you perform a prefix expansion? How many prefix lengths do old prefixes have? What about new prefixes? Answer Just create all possibilities of the existing prefix that is a multiple of the stride length. I.e if stride is 3 and you have 01*, you'd do 010 011, and then throw out any collisions. Question: What are the benefits of variable-stride versus fixed-stride multibit tries? Answer Variable length can make our prefix database smaller and optimize for memory Question: Why is packet classification needed? Answer Networks need quality of service + security as the internet gets bigger. Packet forwarding based on longest prefix match is insufficient, so we need to handle packets based on other things like TCP flags, source addresses, etc. Question: What are three established variants of packet classification? Answer Firewalls: routers have entry/exit points that filter out unwanted traffic and enforce some custom policies Resource Reservation Protocols: Things like DiffServ are used to reserve bandwidth between source and destination Routing based on traffic type: Routing based on the traffic type helps avoid delays for time-sensitive applications Question: What are the simple solutions to the packet classification problem? Answer Linear Search: Things like firewalls just do a linear search through all the rules to see which rule matches best, but this can be slow. Caching: Cache results from a search so it's faster in the future. Even with a 90% hit rate in the cache, it's still too slow to search the rule space linearly from there. Passing Labels: MPLS (Multiprotocol Label Switching) and Diffserv use label passing. When leaving the source, a traffic label goes into a special MPLS header. Then intermediate routers just re-use this label without needing to redo classification. Question: How does fast searching using set-pruning tries work? Answer Create a tree (or trie) using destination prefixes. At the leaves of the tree, put the source tries. Problems: Big memory, as some leaves can have multiple source tries (some source prefixes can appear in multiple destination tries). Question: What is the difference between the pruning approach and the backtracking approach for packet classification with a trie? Answer Pruning approach uses lots of memory and hangs the source tries at destination leaves. Backtracking approach goes through the destination trie to find the longest destination prefix match. Then it goes back up the destination trie and searches each source trie (associated with each destination) until it finds the longest source match. Backtracking pays more time in exchange for saving on memory. Question: What's the benefit of a grid of tries approach? Answer Avoids backtracking using a 'switch pointer' precomputed. When you finish traversing the destination trie and it fails, you follow switch pointers until you reach a match for the source trie. Question: Describe the "Take the Ticket" algorithm. Answer In an NxN grid, each input line requests a ticket from an output line. Then the tickets are just served in order. Question: What is the head-of-line problem? Answer When the first input line in "take a ticket" is waiting, all other lines are also waiting because the head of the line has yet to be served, even though there are empty output lines. Question: How is the head-of-line problem avoided using the knockout scheme? Answer (avoid queueing) Break up packets into fixed sizes (called cells). Assume the switching fabric is running N times faster than the input links. Also assume that the same output rarely gets N cells at once, and it's usually k < N. If this is the case, then we can run the fabric at k times faster instead of N. If this is violated i.e k = 1 and N = 2, randomly pick the output (in this case, the switching element is called the 'concentrator'). Drawback is that it's hard to implement. Question: How is the head-of-line problem avoided using parallel iterative matching? Answer Still allows queueing. Assume N inputs. In round 1, each input sends a request to N outputs. If an output gets more than 1 request, it chooses someone at random. If an input gets multiple acceptances, it chooses an output at random. In round 2, they send N-1 requests and so on until only 1 request is sent. Question: Describe FIFO with tail drop. Answer The switching system places packets at appropriate output ports. The ports have a FIFO queue. Once the buffer is full, all other incoming packets up to the tail of the queue are dropped. Fast but potential packet loss. Question: What are the reasons for making scheduling decisions more complex than FIFO? Answer Router support for congestion: congestion is pretty common, routers need to be able to handle it. Fair sharing of links among competing flows: If packets flood the buffers at an output link, then with FIFO + tail drop, tons of packets are dropped and other flows get blocked. This is bad. Providing QoS guarantees to flow: Need to give guarantees on the flow rate of packets. Otherwise things like video streaming would be awful. Question: Describe Bit-by-bit Round Robin scheduling. Answer Send a bit from each active flow one at a time in a round-robin manner (very fair). The bit-by-bit part is just a conceptual idea, since you can't actually break up a packet into bits, so you use bit-by-bit to instead compute the "finish time" of a packet and send it all at once when the 'finish time' of a packet == the current time of the scheduler. Basically the "most-starved stream" each round goes next. Question: Bit-by-bit Round Robin provides fairness; what's the problem with this method? Answer Requires a priority queue to keep track of finish time at which the head of the packet of each queue would have departed. Priority queues have logarithmic time complexity. If a new queue becomes active, then all other timestamps need to change, which has linear complexity. Question: Describe Deficit Round Robin (DRR). Answer Each queue has packets with sizes. Each queue also has its own "Deficit counter', initialized to 0. We also have a quantum size Q. Each round, we add Q in a round robin fashion to each queue's deficit counter. If the deficit counter of a queue Di is >= the size of the next packet in that queue, send the packet and decrease Di by the size sent. Question: What is a token bucket shaping? Answer You might want to limit a type of traffic without putting it into a separate queue. Token bucket shaping can limit the burstiness of a flow by limiting the average rate or the max burst size. Bucket fills up with tokens at a rate of R. If bucket overflows, excess tokens are discarded. When a packet arrives, if num tokens B > size of packet, send the packet and consume tokens from the bucket. Problem is: one queue per flow, and one flow may have a full bucket while others may be empty and waiting unnecessarily. In traffic scheduling, what is the difference between policing and shaping? Answer Token bucket policing says that if a packet arrives and there are no tokens in the bucket, it gets dropped. Shaping means just wait for the bucket to be full enough to send. Policing = when traffic reaches the max rate, excess traffic is dropped. Graph looks like a sawtooth with flattened peaks (cut off) Shaping = Retains excess packets in a queue/buffer, waits till bucket is full enough to send. Graph looks smooth. Can use shaping and policing together. How is a leaky bucket used for traffic policing and shaping? Answer Hole in the bucket makes it so that traffic enters the network at a constant rate regardless of how fast the bucket is filled up. If the bucket is not full and a packet arrives, the packet is 'conforming' and added to the bucket. If a packet arrives and the bucket is full, it's 'nonconforming' and dropped (policing). Constant output rate (shaping). T/F: Using packet classification techniques, we can perform packet forwarding based on multiple criteria and not just based on destination IP address. Answer True T/F: The backtracking approach has a higher cost in terms of time, whereas the set pruning technique approach has higher cost in terms of memory? Answer True T/F: The grid of tries offers a "middle ground" approach, merging the backtracking and the set pruning techniques. Answer True T/F: The head of line blocking refers to the problem where an entire queue remains blocked because the head of the queue is blocked. True T/F: One technique to avoid head of line blocking is with parallel iterative matching. True T/F · With parallel iterative matching the input links are "matched" with output links in a fixed manner that stays the same as the rounds are progressing. False T/F · With the token bucket traffic approach, we can still have bursts of traffic entering the network, but these bursts are capped. True T/F · With the leaky bucket approach, we only allow the traffic to enter the network in a configured rate. True T/F · Traffic policers target to limit traffic bursts to a configured max, whereas traffic shapers target to smooth out the overall rate. True T/F · With the leaky bucket we can still have discarded packets. True Show Less
- Exam
- $16.95
- 0
- 30
CS 6250 Quiz 5 Exam Prep (All Quizzes) Latest 2026/2027 Update | 100% Verified Questions & Answers
CS 6250 Quiz 5 Exam Prep (All Quizzes) Latest 2026/2027 Update | 100% Verified Questions & Answers | Georgia Institute of Technology 2026/2027 | GRAD ... Show More ED A+ | 100 out of 100 Question: What are the basic components of a router? Answer the input/output ports, the switching fabric, the routing processor. Question: Explain the forwarding (or switching) function of a router Answer This is the router's action to transfer a packet from an input link interface to the appropriate output link interface. Forwarding takes place at very short timescales (typically a few nanoseconds), and is typically implemented in hardware. Question: What are the functionalities of the input ports? Answer i. Physically terminate the incoming links to the router ii. The data link processing unit decapsulates the packets iii. Perform the lookup function. At this point the input ports consult the forwarding table to ensure that each packet is forwarded to the appropriate output port through the switching fabric. Question: What are the functionalities of the output ports? Answer receive and queue the packets which come from the switching fabric and then send them over to the outgoing link Question: What is the purpose of the routers control plane? Answer implementing the routing protocols, maintaining the routing tables, computing the forwarding table. All these functions are implemented in software in the routing processor, or by a remote controller. Question: What tasks occur in a router? Answer 1. Lookup 2. Switching 3. Queueing 4. Header validation and checksum 5. Route processing 6. Protocol Processing. Question: Explain the lookup task of a router Answer Time Sensitive, when a packet arrives at the destination IP and determines the output link by looking at the forwarding table or forwarding information base (FIB). The Question: Explain the switching task of a router Answer Time Sensitive, after lookup, the switching system takes over to transfer the packet from the input link to the output link. Modern fast routers use crossbar for this task. Scheduling can be difficult because multiple inputs may want to send to the same output. Question: Explain the Queuing task of the router Answer Time Sensitive, After the switch has been switched to a specific output, it will need to be queued (if the link is congested). Queue may be FIFO or other. Question: Explain the Header validation and checksum task of the router Answer Time insensitive, the router checks the packets version number, it decrements the time to live field and recalculates the header checksum. Data Plane Question: Explain the route processing task of the router Answer Time insensitive, the router builds their forwarding table using routing protocols such as RIP, OSPF and BGP. These protocols are implemented in routing processors. Control Plane Question: Explain the protocol processing task of the router Answer Time insensitive, the routers, in order to implement their functions, need to implement the following protocols (Control Plane): i. SNMP - Remote inspection ii. TCP and UPD - remote communication with the router iii. ICMP - for sending error messages when time to live time is exceeded. Question: Explain switching via memory Answer a. Input/Output ports operate as I/O devices in an operating system, and they are controlled by the routing processor. When an input port receives a packet, it sends an interrupt to the routing processor and the packet is copied to the processor's memory. Then the processor extracts the destination address and looks into the forward table to find the output port, and finally the packet is copied into that output's port buffer. Question: Explain switching via bus Answer a. the routing processor does not intervene as we saw the switching via memory. When an input port receives a new packet, it puts an internal header that designates the output port, and it sends the packet to the shared bus. Then all the output ports will receive the packet, but only the designated one will keep it. When the packet arrives at the designated output port, then the internal header is removed from the packet. Only one packet can cross the bus at a given time, and so the speed of the bus limits the speed of the router. Question: Explain switching via interconnection network (Crossbar) Answer Connects N input ports to N output ports using 2N buses. Horizontal buses meet the vertical buses at crosspoints which are controlled by the switching fabric. For example, let's suppose that a packet arrives at port A that will need to be forwarded to output port Y, the switching fabric closes the crosspoint where the two buses intersect, so that port A can send the packets onto the bus and then the packet can only be picked up by output port Y. Can carry multiple packets at the same time, as long as they are using different input and output ports. For example, packets can go from A-to-Y and B-to-X at the same time. Question: Explain Bandwidth and internet population scaling (1 of 2 fundamental problems of routers) Answer These scaling issues are caused by: a) An increasing number of devices that connect to the Internet, 2) Increasing volumes of network traffic due to new applications, and 3) New technologies such as optical links that can accommodate higher volumes of traffic. Question: Explain services at high speeds (1 of 2 fundamental problems of routers) Answer New applications require services such as protection against delays in presence of congestion, and protection during attacks or failures. But offering these services at very high speeds is a challenge for routers. Question: Explain longest prefix matching (Bottleneck of routers) Answer The increasing number of the Internet hosts and networks, has made it impossible for routers to have explicit entries for all possible destinations. Instead, routers group destinations into prefixes. But then, routers run into the problem of more complex algorithms for efficient longest prefix matching. Question: Explain Service Differentiation (Bottleneck of routers) Answer Routers are also able to offer service differentiation which means different quality of service (or security guarantees) to different packets.a. In turn, this requires the routers to classify packets based on more complex criteria that go beyond destination and they can include source or applications/services that the packet is associated with. Question: Explain Switching Limitations (Bottleneck of routers) Answer A way to deal with high-speed traffic, is to use parallelism by using crossbar switching. But in high speeds, this comes with its own problems and limitations (e.g., head of line blocking). Question: Explain bottlenecks about services (Bottleneck of routers) Answer Providing the best possible service at the highest possible speed. Question: What is Classless Internet Domain Routing (CIDR) and why was it introduced? Answer essentially assigns IP addresses using arbitrary-length prefixes. Has helped to decrease the router table size but at the same time it introduced us to a new problem: longest-matching-prefix lookup. Question: Convert between different prefix notations (dot-decimal, slash, and masking). Answer Dot decimal: e.g. of 16-bit prefix: 132.234 Slash notation: Standard notation: A/L (where A=Address, L=Length) e.g.: 132.238.0.0/16 Masking: We can use a mask instead of the prefix length. e.g.: The Prefix 123.234.0.0/16 is written as 123.234.0.0 with a mask 255.255.0.0 Question: Name 4 takeaway observations around network traffic characteristics. Explain their consequences. Answer These challenges revolve around lookup speed, memory, and update time: a caching solution would not work efficiently. The important element while performing any lookup operation is how fast it is done (lookup speed). A large part of the cost of computation for lookup is accessing memory. An unstable routing protocol may adversely impact the update time in the table: add, delete or replace a prefix. Inefficient routing protocols increase this value up to additional milliseconds. An important trade-off is memory usage. We have the option to use expensive fast memory (cache in software, SRAM in hardware) or cheaper but slower memory (e.g., DRAM, SDRAM). Question: Why we we need multibit tries Answer Unibit trie requires a large number of memory accesses for lookup Question: What is prefix expansion and why is it needed? Answer We expand a given prefix to more prefixes. We ensure that the expanded prefix is a multiple of the chosen stride length. At the same time we remove all lengths that are not multiples of the chosen stride length. We end up with a new database of prefixes, which may be larger (in terms of actual number of prefixes) but with fewer lengths. So, the expansion gives us more speed with an increased cost of the database size. Question: When a prefix is expanded, can a collision occur (overlap of prefixes)? what happens? Answer when an expanded prefix collides with an existing prefix. In that case the expanded prefix gets dropped. What is a multibit trie? Answer Purpose is to examine several bits of a prefix at a time, called a stride/stride length in order to improve performance. What are the benefits of variable stride versus fixed multibit tries? Answer i. Every node can have a different number of bits to be explored. ii. The optimizations to the stride length for each node are all done in pursuit of saving trie memory and the least memory access. iii. An optimum variable stride is selected by using dynamic programming. The data plane functions of a traditional router are implemented in Answer hardware The control plane functions of a traditional router are implemented in Answer software What plane operates on a shorter timescale Answer dataplane multibit tri is ___ than a unibit tri representing the same prefix database and requires ___ memory accesses to perform a lookup shorter, fewer Answer Multibit tries (can/cannot) support an arbitrary number of prefix lenghts? cannot The forwarding plane operations take place in a (shorter/longer) timescale than the control planes? shorter In a router, there is no interplay between the control plane and ___ plane to compute the forwarding table forwarding plane in traditional routers, traffic forwarding is performed based on destination IP address only. What are basic components of router? Input ports (receive packets lookup FIB) Switching fabric (moves packets input to output) Output ports (queue and transmit) Routing processor (control plane functions) Explain forwarding/switching function of router Transfer packet from input link to appropriate output link. Occurs in nanoseconds implemented in hardware consults forwarding table for output port determination. What functionalities do input/output ports perform? Input: 1) Physical termination 2) Data link processing (decapsulation) 3) Lookup function (consult FIB). Output: receive and queue packets from fabric transmit over outgoing link buffer management. What is purpose of router control plane? Implements routing protocols (OSPF BGP RIP) maintains routing tables computes forwarding table. Software-based in routing processor or remote SDN controller. What tasks occur in router? Time-sensitive: lookup switching queuing. Less time-sensitive: header validation (TTL checksum) route processing protocol processing (SNMP TCP/UDP ICMP) List and describe types of switching Memory: CPU copies packets via memory (limited by bandwidth). Bus: shared bus with headers (one packet at a time). Crossbar: N×N with controllable crosspoints (parallel transfers). Only crossbar supports parallel packets. What are 2 fundamental router problems? 1) Bandwidth and population scaling (more devices traffic optical speeds) 2) Services at high speeds (QoS security low latency). Caused by Internet growth exceeding technology improvement. What bottlenecks do routers face? Longest prefix matching (complex algorithms) Service differentiation (packet classification) Switching limitations (head-of-line blocking) Service bottlenecks (QoS at high speeds) Convert between prefix notations Dot decimal: 132.234. Slash: 132.238.0.0/16. Masking: 123.234.0.0 mask 255.255.0.0. /24 = 255.255.255.0 /16 = 255.255.0.0 /8 = 255.0.0.0 What is CIDR and why introduced? Classless Inter-Domain Routing: arbitrary-length prefixes introduced 1993. Replaced fixed classes (A B C) to address IP exhaustion reduce routing tables but introduced longest prefix matching complexity. Name 4 network traffic characteristics 1) Many concurrent flows (hundreds of thousands short duration) → caching ineffective 2) Memory access cost major component → minimize accesses 3) Update time impact from routing → efficient mechanisms critical 4) Memory tradeoff fast expensive vs slow cheap → balance cost/performance Why do we need multibit tries? Unibit tries require too many memory accesses (up to 32 for 32-bit address = 1.92 microseconds). Multibit checks multiple bits per step (stride k → 2^k children) reducing memory accesses. What is prefix expansion and why needed? Fixed-stride tries require prefixes at multiples of stride length. Expand shorter prefixes to next multiple generate all bit combinations for additional bits remove collisions. Trade increased memory for reduced lookup time. Perform prefix lookup process Unibit: follow path bit by bit remember last match return longest prefix found. Multibit: check preset bits per level remember last match faster but requires expansion. How many prefix lengths before/after expansion? Example: Original 5 different lengths (1 3 4 5 6 bits) After expansion: more prefixes but fewer distinct lengths (3 6 bits only) Benefits of variable-stride vs fixed-stride? Variable: different stride lengths per node memory optimization using dynamic programming better memory usage while maintaining speed. Fixed: same stride per level simpler but may waste memory. What are the basic components of a router? Forwarding/switching Input ports Switch fabric Outport ports Switching fabric Moves packets from input to output ports, makes connections between input and output Control plane f(x) Implements routing protocols , maintains routing tables, and computes forwarding table Lookup When a packet arrives at input link, look at the destination IP address and determine output link by looking at forwarding table/FIB Switching Transfers the packet from the input to output link Route processing Building forwarding tables, using routing protocols such as RIP, OSPF, and BGP Different types of switching Via memory, bus, and interconnection network Switching via memory Input/output ports operate on system controlled by a routing processor Switching via bus Routing processor doesn't intervene when input receives new packet, it instead adds internal header that designates output port and sends packet to shared bus Switching via interconnection network crossbar switch is an interconnection network that connects N input ports to N output ports via 2N bus Fundamental problems that a router faces Bandwidth/internet population scaling and services at high speeds Service differentiation Routers can offer service differentiation which means different quality of service and service guarantees to different packets Prefix match lookup Way to help with scalability is to group multiple IPs by same prefix Controlled prefix expansion Where we expand a given prefix to more prefixes Multibit tries Fixed stride Multibit tries with variable # of strides We encode stride using a pointer node and the root stays as is Classless internet domain routing Assigns IP addresses using arbitrary-length prefixes. Decreased router table size but introduced longest prefix matching lookup Show Less
- Others
- $15.95
- 0
- 29
CS 6250 Quiz 4 Exam Prep (All Quizzes) Latest 2026/2027 Update | 100% Verified Questions & Answers
CS 6250 Quiz 4 Exam Prep (All Quizzes) Latest 2026/2027 Update | 100% Verified Questions & Answers | Georgia Institute of Technology 2026/2027 | GRAD ... Show More ED A+ | 100 out of 100 Question: Describe the relationships between ISPs, IXPs, and CDNs. Answer ISPs are organizations that provide a myriad of services related to accessing, using, managing, or participating in the Internet. IXPs are interconnection infrastructures that provide the physical infrastructure where multiple networks (e.g., ISPs and CDNs) can interconnect and exchange traffic locally. CDNs are networks that content providers create with the goal of having greater control of how the content is delivered to the end-users while reducing connectivity costs. Question: What is an AS? Answer An AS is a group of routers (including the links among them) that operate under the same administrative authority. An ISP, for example, may operate as a single AS, or it may operate through multiple ASes. Each AS implements its own policies, makes its own traffic engineering decisions and interconnection strategies, and determines how the traffic leaves and enters its network. Question: What kind of relationship does AS have with other parties? Answer 1. Provider-Customer relationship (or transit): This relationship is based on a financial settlement that determines how much the customer will pay the provider. The provider forwards the customer's traffic to destinations found in the provider's routing table (including the opposite direction of the traffic). 2. Peering relationship: In a peering relationship, two ASes share access to a subset of each other's routing tables. The routes shared between two peers are often restricted to the respective customers of each one. The agreement holds as long as the traffic exchanged between the two peers is not highly asymmetric. Question: What is BGP? Answer A protocol that the border routers of the ASes use to exchange routing information with each other. Question: How does an AS determine what rules to import/export? Answer AS business relationships drive an AS's routing policies and influence which routes an AS needs to import or export. Exporting - Advertising a route for a destination, to a neighboring AS, means that this route may be selected by that AS, and traffic will start to flow through. An AS X will advertise routes learned from customers, and routes learned from providers (but only to X's customers) because those are the only cases where X will likely make money because more traffic will likely flow through X. Importing - When an AS receives multiple route advertisements towards the same destination from multiple ASes, it needs to rank the routes before selecting which one to import. In order of preferred source: Question: Customer > Peer > Provider. Why? Answer 1. An AS wants to ensure that routes toward its customers do not traverse other ASes, unnecessarily generating costs. 2. An AS uses routes learned from peers since these are usually "free" (under the peering agreement). 3. An AS resorts to importing routes learned from providers only when necessary for connectivity since these will add to costs. Question: What were the original design goals of BGP? What was considered later? Answer Original goals: - Scalability: As the size of the Internet grows, the same is true for the number of ASes, the number of prefixes in the routing tables, the network churn, and the BGP traffic exchanged between routers. One of the design goals of BGP is to manage the complications of this growth while achieving convergence in reasonable timescales and providing loop free paths. - Express routing policies: BGP has defined route attributes that allow ASes to implement policies (which routes to import and export) through route filtering and route ranking. Each ASes routing decisions can be kept confidential, and each AS can implement them independently. - Allow cooperation among ASes: Each AS can still make local decisions (which routes to import and export) while keeping these decisions confidential from other ASes. Later consideration: - Security: due to the increase in size and complexity of the Internet, security measures are increasingly desirable. Question: What are the basics of BGP? Answer A pair of routers, known as BGP peers, exchange routing information over a semi-permanent TCP port connection called a BGP session. In order to begin a BGP session, a router will send an OPEN message to another router. Then the sending and receiving routers will send each other announcements from their routing tables. BGP messages can be 1) UPDATES (advertising new routes or updates to existing routes, or indications that previous routes are no longer valid) or 2) KEEPALIVE messages to preserve a session. Question: What is the difference between iBGP and eBGP? Answer iBGP - involves a pair of routers that belong to the same AS eBGP - invovles a pair of routers in two different ASes Once a router hears about a route via eBGP, it disseminates that route to other internal (same AS) routers via iBGP. Question: What is the difference between iBGP and IGP-like protocols (RIP or OSPF)? Answer IGP-like protocols are used to establish paths between the internal routers of an AS based on specific costs within the AS. In contrast, iBGP is only used to disseminate external routes within the AS. Question: How does a router use the BGP decision process to choose which routes to import? Answer In the simplest scenario, where there is no policy in place (meaning it does not matter which route will be imported), the router uses the attribute of the path length to select the route with the fewest number of hops. This simple scenario rarely occurs in practice. A router compares a pair of routes by going through the list of attributes, as shown in the figure below. For each attribute, it selects the route with the attribute value that will help apply the policy. If for a specific attribute, the values are the same, then it goes to the next attribute. Example attribute: LocalPref attribute is used to prefer routes learned through a specific AS over other ASes, for outbound traffic. Assigned by the local AS; higher = more preferred. Example attribute: MED attribute is used by ASes connected by multiple links to designate which links are preferred for inbound traffic. Assigned by the neighbor AS; lower = more preferred. Question: What are the 2 main challenges with BGP? Why? Answer 1. Scalability. A large number of updates, overly specific prefixes, etc. can overload router processor/memory capacity. 2. Misconfigurations. Related to the above, misconfigurations can result in excessive route updates, which can lead to stability and scalability issues. Question: What is an IXP? Answer IXPs are physical infrastructures that provide the means for ASes to interconnect and directly exchange traffic with one another. Question: What are four reasons for IXP's increased popularity? Answer 1. IXPs are interconnection hubs handling large traffic volumes 2. An important role in mitigating DDoS attacks 3. "Real-world" infrastructures with a plethora of research opportunities 4. IXPs are active marketplaces and technology innovation hubs Question: Which services do IXPs provide? Answer 1. Public peering 2. Private peering 3. Route servers and Service level agreements 4. Remote peering through resellers 5. Mobile peering 6. DDoS blackholing 7. Free value-added services, like Internet Routing Registry, consumer broadband speed tests, DNS root name servers Question: How does a route server work? Answer An RS is an IXP entity that makes peering more manageable in the face of a rising number of BGP sessions. An RS - It collects and shares routing information from its peers or participants of the IXP that connect to the RS. - It executes its own BGP decision process and re-advertises the resulting information (e.g., best route selection) to all RS's peer routers. Question: The Internet topology has been evolving to an increasingly prominent hierarchical structure. True False Answer False Increasingly flat, with the rise of IXPs and CDNs Question: An Autonomous System operates across multiple administrative domains. True False Answer False For two ASes to form a peering agreement, they need to find common ground regarding the internal policies and traffic engineering approaches that each AS implements. True False Answer False A Content Distribution Network (CDN) or an ISP can operate over multiple Autonomous Systems. True False Answer True ISP X has the incentive to advertise a route for a customer to a peer AS True False Answer True ISPs want to advertise customer routes to as many neighbors as possible so that more traffic flows through the ISP to the customer An ISP X has the incentive to advertise the route for its provider's customers to X's peers True False Answer False X has no incentive to carry traffic for its provider's routes ISP X learns multiple routes for the same external destination W. These are advertised from customer C3, peer Y, and provider P. How would X rank these routes before deciding which one to import? A. C3 > Y > P B. Y > C3 > P C. P > Y > C3 Answer A. How does a border router advertise an external route to other routers in the same AS? A. Using iBGP B. Using eBGP C. Using IGP A. How does a border router advertise an internal (within the same AS) route to other routers in the same AS? A. Using iBGP B. Using eBGP C. Using IGP C. How does a border router advertise an external route to another router in a different AS? A. Using iBGP B. Using eBGP C. Using IGP B. Since the BGP path selection process is fixed, an AS has no control over which routes are selected. True False False e.g. through LocalPref or MED values An AS can show preference to an external route advertised by one AS over another by assigning a higher LocalPrefer value to the preferred route. True False True An AS can show preference for one router for inbound traffic (from neighbors) by assigning that router a lower MED value. True False True An AS can use LocalPref to control which routers are used as exit points (for the outgoing traffic), and it can use the MED attribute to control which routers are used as entry points (for the incoming traffic). True False True One of the services provided by IXPs is additional security protections such as mitigation of DDoS (Distributed Denial of Service) attacks. True False True There are no costs involved for an AS to participate at an IXP. True False False Since local traffic stays local at IXPs, the IXP infrastructures deal with limited volumes of traffic. True False False When a large provider or Content Delivery Network joins an IXP, this can act as an incentive for other networks to join as well. True False True At an IXP, the members have the choice to peer privately or publicly. True False True IXPs leading incentive to establish route servers was to charge the participants for using it. True False False The main incentive for establishing an RS is to make peering more manageable in light of a rising number of BGP sessions An IXP route server does not need to run the BGP protocol to facilitate the establishment of multi-lateral peering sessions. True False False BGP is core to these peering relationships For multi-lateral BGP peering sessions at an IXP, the participants have the choice to advertise routes, either directly to other participants, or to the route server. True False False I think the idea is that _all_ advertisements pass through the RS server, which applies both import and export filters to the advertisements. The Internet topology has been evolving to an increasingly prominent hierarchical structure. F An Autonomous System operates across multiple administrative domains. F For two ASes to form a peering agreement, they need to find common ground regarding the internal policies and traffic engineering approaches that each AS implements. F A Content Distribution Network (CDN) or an ISP can operate over multiple Autonomous Systems. T Consider the figure below that denotes ASes and their relationships. Note: C1, C2, C3 are customers of ISP-X. ISP-P is a provider of ISP-X. ISP-X has the incentive to advertise routes for C3 to Y. T ISP-X has the incentive to advertise the routes for P's customers to Y and Z. F Assume that AS-X learns multiple routes for the same external destination W. These multiple routes are advertised from C3, from Y and from P. How would AS-X rank these routes before deciding which one to import? - 1) route learned from C3, 2) route learned from Y, 3) route learned from P. - 1) route learned from Y, 2) route learned from C3, 3) route learned from P. - 1) route learned from P, 2) route learned from Y, 3) route learned from C3. 1) route learned from C3, 2) route learned from Y, 3) route learned from P. Consider the topology below and the types of BGP sessions the routers form. Select the true statements. R-A1 <-> R-A3 : iBGP R-B1 <-> R-A3 : eBGP R-B3 <-> R-D2 : iBGP R-D3 <-> R-D2 : eBGP R-A1 <-> R-A3 : iBGP R-B1 <-> R-A3 : eBGP Assume that router R-D2 learns about a route to a destination in AS-A. How would router R-D2 disseminate this route to R-D3 and R-D1? Using iBGP. Using eBGP. Using IGP. Using iBGP. Assume that router R-D2 learns about a route to an internal destination in AS-D. How would router R-D2 disseminate this route to R-D3 and R-D1? Using iBGP. Using eBGP. Using IGP. Using IGP. Assume that router R-B1 learns about a route to AS-C. How would router R-B1 disseminate this route to R-A3? Using iBGP. Using eBGP. Using IGP. Using eBGP. Since the BGP path selection process is fixed, an AS has no control over which routes are selected. True False False Assume that AS-B learns about an external destination both from AS-C and from AS-A. AS-B can show preference to use the route heard from AS-C by assigning higher LocalPref value to that route. T Assume that AS-B advertises the routes to its internal destination to AS-A using the routers R-B1 and R-B4. AS-B can communicate to AS-A that it prefers R-B1 as an entry point to the network, by assigning lower MED values to these routes. T An AS can use LocalPref to control which routers are used as exit points (for the outgoing traffic), and it can use the MED attribute to control which routers are used as entry points (for the incoming traffic). T One of the services provided by IXPs is additional security protections such as mitigation of DDoS (Distributed Denial of Service) attacks. T There are no costs involved for an AS to participate at an IXP. T Since local traffic stays local at IXPs, the IXP infrastructures deal with limited volumes of traffic. F When a large provider or Content Delivery Network joins an IXP, this can act as an incentive for other networks to join as well. T At an IXP, the members have the choice to peer privately or publicly. T IXPs leading incentive to establish route servers was to charge the participants for using it. F An IXP route server does not need to run the BGP protocol to facilitate the establishment of multi-lateral peering sessions. F For multi-lateral BGP peering sessions at an IXP, the participants have the choice to advertise routes, either directly to other participants, or to the route server. F IXP Interconnection infrastructures which provide physical infrastructure where multiple networks interconnect and exchange traffic locally CDNs Networks created by content providers with the goal of greater control of how it's delivered to end users, reducing connectivity costs POPs 1+ routers in a provider network which customer networks can use to connect to provider Autonomous system Group of routers including link that operates with same administrative authority Peering relationship 2 autonomous systems share access to subset of each other's routing tables What are the design goals of border routing protocol (BGP)? Scalability, express routing policies, allow cooperation among AS, and security Express routing policies BGP has defined route attributes that allow ASes to implement policies such as export/import through route filtering/ranking BGP Peers Exchange routing information over a semi-permanent TCP port called BGP session 2 types of BGP messages Update and keep alive BGP update Contains info about routes that have changed since previous update BGP announcement Msgs that advertise new routes, updates existing routes BGP withdrawal Msgs that that inform about a previously announced route that is no longer available BGP Keepalive Keeps the session going 2 types of BGP Updates Withdrawal and announcement BGP Prefix Reachability Destinations are represented by IP prefixes eBGP Sessions b/w border routers of neighboring ASes iBGP Sessions between internal routers of the same AS LocalPref Attributed used to prefer routes learned through a specific AS over other ASes MED (multi-exit discirminator) Used by ASes connected by multiple links to designate which links are preferred for inbound traffic BGP protocol's 2 limitations are: Misconfiguration and faults Peering IXPs ASes can either peer with one another directly or peer at IXPs which are infrastructures that facilitate peering and provide more services Why are IXPs important? They are interconnection hubs handling high traffic volumes Important role in DDoS attacks Real world infrastructures with a plethora of research ops Active market/tech for innovation hubs Public peering 2 networks use IXP network infrastructure to establish a connection to exchange traffic based on bilateral relations and traffic requirements Private peering Allow direct traffic exchange between 2 parties, doesn't use IXP public peering infrastructure Route servers/service level agreement Many IXPs use service level agreements and free use of IXPs route servers for participants Remote peering through resellers Sell IXP ports when they have infrastructure connected to the IXP DDoS Blackholing Alleviate effects of DDoS attacks Multilateral BGP peering session Route server that facilitates/manages how multiple ASes can talk on control planes simultaneously Route servers have 2 important route filters: Import and export filters Import filters Ensure that each member of AS only advertises routes that it should advertise Export filters Triggered by IXP members themselves to restrict the other set of IXP member ASes that receive their routes Provider customer/transit relationship Financial settlement that determines how much a customer will pay provider ASPath Attribute for utonomous system number, as an announcement passes through various ASes, identifiers are included in ASPath Next Hop Attribute for router's IP address with interface along the path towards a destination Flap damping AS can limit the # of routing changes by explicitly limiting the propagation of unstable routes Show Less
- Exam
- $16.45
- 0
- 34
CS 6250 Quiz 3 (All Quizzes) Latest Update | Verified Questions and Correct Answers | Complete
CS 6250 Quiz 3 (All Quizzes) Latest Update | Verified Questions and Correct Answers | Complete Study Guide – Georgia Institute of Technology 2026/202 ... Show More 7 | GRADED A+ | 100 out of 100 Question: What is the drawback to using the traditional approach of having a single, publicly accessible web server? Answer: Geographical distance to all users Wasteful for a single data center to send the same data over and over Single point of failure Question: What is a CDN? Answer: Multiple geographically distributed data centers with copies of content that direct users to server to best serve their request. Question: What are the six major challenges that Internet applications face? Answer: Peering point congestion Inefficient routing protocols Unreliable networks Inefficient communication protocols Scalability Application limitations Question: What are the major shifts that have impacted the evolution of the Internet ecosystem? Answer: Increased demand for online content, especially videos "Topological Flattening" Question: Compare the "enter deep" and "bring home" approach of CDN server placement. Answer: Enter Deep: Deploy many small networks around the world. Goal is to make distance between user and closest server as small as possible Bring Home: Deploy fewer, larger servers in critical areas. Fewer clusters to maintain, but users will experience higher delay and slower throughput Question: What is the role of DNS in the way CDN operates? Answer: DNS intercepts requests so that CDNs can choose where to direct users based on location/other conditions Question: What are the two main steps in CDN server selection? Answer: Map a client to a cluster Select a server from the cluster Question: What is the simplest approach to select a cluster? What are the limitations of this approach? Answer: "As the crow flies": Pick the closest geographic cluster Limitations: actually picking the location closest to the Local Domain Name Server, not the user. The closest geographical server may also not be the best in end-to-end performance Question: What metrics could be considered when using measurements to select a cluster? Answer: Network-layer metrics: delay, bandwidth Application-layer metrics: re-buffering ratio, average bitrate Question: How are the metrics for cluster selection obtained? Answer: Active measurements: LDNS can probe multiple clusters. Most cannot do this though and it would create a lot of traffic Passive measurements: server in CDN can track performance metrics based on current traffic conditions. This would require a real-time controller with real-time view at all cluster-client pairs Question: Explain the distributed system that uses a 2-layered system. What are the challenges of this system? Answer: Coarse-grained global layer: Operates at large time scales. Has global view of client quality metrics. Builds prediction model of video quality Fine-grained per-client layer: Operates at millisecond timescale. Makes decisions upon client request Challenges: Hard to design a centralized system with scale of today's networks. Needs data for different subnet pairs, so some clients need to be routed to sub-optimal clusters Question: What are the strategies for server selection? What are the limitations of these strategies? Answer: Assign server randomly: might end up assigning server with high workload while lower workload was available Load-Balancing to route to least-loaded server: not all servers have same content so they'd need to fetch all content for every server Question: What is consistent hashing? How does it work? Answer: Tends to balance load by assigning roughly the same number of content IDs, and little movement is needed as nodes join and leave the system. (uniform circle example) Question: Why would a centralized design with a single DNS server not work? Answer: Single point of failure Difficult to handle all volume of querying traffic Cannot be close to all clients Updating a huge db for every host on Internet Question: What are the main steps that a host takes to use DNS? Answer: User host runs client side of DNS application Browser extracts hostname and passes it to client side of DNS application DNS client sends a query containing the hostname of DNS DNS client receives a reply including IP address for the hostname Host can initiate TCP connection to HTTP server at that port IP Question: What are the services offered by DNS, apart from hostname resolution? Answer: Mail server/Host aliasing Load distribution Question: What is the structure of DNS hierarchy? Answer: Root DNS servers Top level domain (TLD) servers Authoritative servers Local DNS servers Question: Why does DNS use a hierarchical scheme? Answer: Hierarchy scheme solves the scaling issue Question: What is the difference between iterative and recursive DNS queries? Answer: Iterative: querying host is referred to a different DNS server in the chain until it can fully resolve the request Recursive: querying host and each DNS server in chain queries next server and delegates query to it Question: What is DNS caching? Answer: Once a server receives the DNS reply of mapping any host to IP address, it stores that info in the Cache memory before sending it to the client Question: What is a DNS resource record? Answer: Mapping between hostnames and IP addresses Question: What are the most common types of resource records? Answer: TYPE=A: domain name - IP address TYPE=NS: domain name - DNS server that can get IP addresses for hosts in that domain TYPE=CNAME: alias hostname - canonical name TYPE=MX: alias hostname of mail server - canonical name of email server Question: Describe the DNS message format. Answer: ID: So client can match queries with responses Flags: Specifications about DNS message, query, etc Question: Info about the query like the hostname Answer: Resource record for hostname that was queried Authority: Resource records for more authoritative servers Additional Info Question: What is IP Anycast? Answer: Route a client to the "closest" server as determined by BGP. Question: What is HTTP Redirection? Answer: If a client sends a GET request to a server A, it can redirect the client to another server B by sending a HTTP response with code 3xx and name of new server. Can slow things down but useful for load balancing. Does not require any central coordination What is the difference between forwarding and routing? Answer: Forwarding refers to transferring a packet from an incoming link to an outgoing link within a single router. Routing refers to how routers work together using routing protocols to determine the good paths (or good routes as we call them) over which the packets travel from the source to the destination node What is the main idea behind a link-state routing algorithm? Answer: Link state routing protocols are underpinned by Dijkstra's algorithm. The link costs and network topology are known to all nodes. Key equation D(v) = min(D(v), D(w) + c(w, v)) What is an example of a link-state routing algorithm? Answer: OSPF - Open Shortest Path First protocol Walk through an example of the link-state routing algorithm. Answer: Lecture slides. What is the computational complexity of the link-state routing algorithm? Answer: O(N^2) This is derived from the fact that each iteration, we need to search through the nodes not in N' for the node with smallest D. This group starts off as size N and decreases by 1 each iteration N + (N - 1) + .. + 1 = O(N^2) What is the main idea behind the distance vector routing algorithm? Answer: The distance vector routing algorithm is underpinned by the Bellman Ford algorithm. Unlike link state, DV is a distributed algorithm. Nodes exchange information to update their view of the network. Key equation: For node x, Dx(y) = minv{c(x,v) + Dv(y)} for each destination node y in the network where minv in the equation is taken over all of x's neighbors v Walk through an example of the distance vector algorithm. Lecture slides. When does the count-to-infinity problem occur in the distance vector algorithm? A count-to-infinity problem occurs when we have a routing loop e.g. in order to get to x, y routes through z, and z routes through y. We saw in the lecture where this happened with a large increase in link cost, that took a long time to propagate among nodes in the network. How does poison reverse solve the count-to-infinity problem? The idea of poison reverse is to lie about a node z's ability to reach a particular other node x, so that other nodes y don't try to reach x via z. In this manner, we prevent a routing loop. This technique will solve the problem with 2 nodes, however poison reverse will not solve a general count to infinity problem involving 3 or more nodes that are not directly connected. What is the Routing Information Protocol (RIP)? RIP is a distance vector routing protocol. It uses hop count as a metric (link cost = 1), and messages exchanged are known as RIP advertisements. RIP uses UDP to send request and response messages, and is actually implemented as an application-level process. Some of the challenges with RIP include updating routes, reducing convergence time, and avoiding loops/count-to infinity problems. What is the Open Shortest Path First (OSPF) protocol? OPSF is a link-state routing protocol. OSPF was introduced as an advancement of the RIP Protocol, operating in upper-tier ISPs. It is a link-state protocol that uses flooding of link-state information and a Dijkstra least-cost path algorithm. OPSF involves configuring an AS into areas. One area in an AS is the backbone area. Routing topologies are communicated between routers in an area with link state advertisements (LSAs). How does a router process advertisements? In the context of OSPF: Updating the link-state database, calculating the shortest path using the shortest path first SPF algorithm., feeding information to the Forwarding Information Base... What is hot potato routing? A technique/practice of choosing a path within the network, by choosing the closest egress point based on intradomain path cost (Interior Gateway Protocol/IGP cost). This is useful when packets are intended for destinations outside the current network, and we want to get the traffic out ASAP. Hot potato routing simplifies computations for the routers as they are already aware of the IGP path costs. It makes sure that the path remains consistent, since the next router in the path will also choose to send the packet to the same egress point. "Routing" and "forwarding" are interchangeable terms. True False False Consider a source and destination host. Before packets leave the source host, the host needs to define the path over which the packets will travel to reach the destination host. True False False Intradomain routing refers to routing that takes place among routers that belong to the same administrative domain. In contrast when routers belong to different administrative domains, we refer to routing as interdomain routing. True False True Consider the link-state routing protocol. The link costs are known to all nodes. True False True As is the network topology Consider the link-state routing protocol. The network topology is known to all nodes. True False True As are all link costs. Consider the link-state routing protocol and a node u as our source node. The goal of the algorithm is to compute the least-cost paths from the source node u to every other node in the network. True False True Consider the link-state routing protocol with a node u as our source node. Consider the initialization of the algorithm. We initialize the least-cost path from node u to directly attached neighbors to be the cost of the direct links, and for non-directly attached neighbors we initialize the least-cost path to be infinity. True False True The distance vector (DV) routing algorithm continues iterating as long as neighbors send new updates to each other. True False True The distance vector (DV) routing algorithm is an example of a ______________ algorithm. A. decentralized B. centralized A. The distance vector (DV) routing algorithm requires synchronization between routers. True False False In the distance vector (DV) routing algorithm, each node maintains and updates its own view of the network. True False True Consider the distance (DV) routing algorithm. Which is used by each node to update the node's distance vector? A. Dijkstra's algorithm B. None of the above C. The spanning tree protocol D. The Bellman Ford equation D. The count-to-infinity problem states that good news (e.g., a decrease in a link cost) propagates slowly among nodes in the network. True False False Bad news (increased link cost) propagates slowly. The poison reverse technique solves the count-to-infinity problem for all network topologies. True False False Not a general solution. The Routing Information Protocol (RIP) is based on the Distance Vector protocol. True False True Open Shortest Path First (OSPF) is based on the link state routing algorithm. True False True The number of egress points that a network has is upper bounded, e.g., two or three egress points per network. True False False Consider a network with multiple egress points. Further consider that these egress points offer different paths to the same external destinations. Then these paths must have different costs. True False False According to the hot potato routing technique, it is in a network's best interest to route the traffic so that it exits the network at the router geographically closest to the one from which it entered the network. True False False The one with the best IGP cost Assume a source and a destination host. As packets travel over a path from the source host to the destination host the packets are handled by multiple routers over that path. If these routers belong to different administrative domains, they need to run the same intradomain routing algorithm, since they are on the same path for that pair of hosts. True False False What is the difference between forwarding and routing. We refer to forwarding as the action of transferring a packet from an incoming link to an outgoing link within a single router. By routing we refer to how routers work together using routing protocols to determine the good paths over which the packets travel from the source to the destination node. Dijkstra's algorithm is an example of what? A Global, Link State Algorithm What is the main idea behind link state algorithm The link state routing algorithm looks to determine the shortest paths (determined by the link costs) between a source node and all other nodes in the network. The link costs and the network topology are known to all nodes In the initialization step, we initialize the least cost path to all directly attached neighbors and set all others to infinity. What is the computational complexity of the link state routing algorithm? The complexity of the algorithm is in the order of n squared O(n^2). The algorithm searches through n (n+1) / 2 nodes. What is the main idea behind distance vector routing algorithm? Each node maintains its own distance vector, with the costs to reach every other node in the network. The neighboring nodes exchange their distance vectors to update their own view of the network. Algorithm is Iterative, Asynchronous, distributed, and based on BFA. When does the count-to-infinity problem occur in the distance vector algorithm? ___ occurs in the distance vector algorithm when the cost of a link increases and two nodes think they can get to a third node through each other based on their previous outdated costs. This link cost change took a long time to propagate among the nodes of the network How does poison reverse solve the count-to-infinity problem? The way it works is that a node a, that uses node b to get a node c, will tell node b that the cost for its path to node c is infinity (Da(c)=infinity). Node b assumes that node a has no path to node c except through node b, so it will never send packets to node c via node a. Poison reverse helps prevent the count-to-infinity problem only for 2 nodes, it does not solve a general count to infinity involving 3 or more nodes that are not directly connected. What is the Routing Information Protocol (RIP)? is based on the Distance Vector protocol. The metric for choosing a path could be shortest distance, lowest cost or a load-balanced path. Routing updates between neighbors are done periodically, using ___ advertisements which contain information about sender's distances to destination subnets. Each router maintains a routing table, which contains its own distance vector as well as the router's forwarding table. Routers send request and response messages over UDP, using port number 520, which is layered on top of network layer IP protocol. Some of the challenges with RIP include updating routes, reducing convergence time, and avoiding loops/count-to infinity problems. What is Open Shortest Path First (OSPF)? is a routing protocol which uses a link state routing algorithm to find the best path between the source and the destination router. intradomain. How does a router process advertisements? Process begins when an LS update is received. a. Every Link State Advertisements (LSA) is unpacked, the OSPF protocol checks whether it is a new or a duplicate LSA, compared to the link-state (LS) DB. i.If it is a duplicate, it sends an LS ACK packet back immediately. ii.If it is new, it updates the LS DB, schedules a Shortest Path First (SPF) algorithm calculation and it determines which interface the LSA needs to be flooded out of. Once the LS update packet has been processed, it prepares new LSAs updates into a new LS update packet and sends it to the next router. After this, the SPF calculations are computed. And finally the Forwarding Information Base (FIB) is updated. The information in the FIB is used to decide which outgoing interface card is the incoming packet forwarded to. What is hot potato routing? is a technique/practice of choosing a path within the network, by choosing the closest egress point based on intra domain path cost (Interior Gateway Protocol/IGP cost). effectively reduces the network's resource consumption by getting the traffic out as soon as possible. simplifies computations for the routers as they are already aware of the IGP path costs. It makes sure that the path remains consistent, since the next router in the path will also choose to send the packet to the same egress point. What could weights on the graph edges be represented by when we are seeking the least cost path between two nodes? Cable Length, Time Delay, Monetary Cost, Link Capacity, Current load on the link. Forwarded A packet is ___ when it is moved from the routers input link to the appropriate output link. What is true about the link state algorith? The number of immediate neighbors a node has will have no impact on the number of iterations required to complete the algorithm. Routing loops Can cause the count to infinity problem. The Routing Information Protocol (RIP) is an example of a DV algorithm and intradomain algorithm. what is Interior gateway protocol (IGP) a type of protocol used for exchanging routing information between gateways (commonly routers) within an autonomous system. ___ can be divided into two categories: distance-vector routing protocols and link-state routing protocols. Additional details of the Distance Vector Algorithm Each node maintains and updates its own view of the network (doesn't have the complete picture). Keeps iterating as long as neighbors send new updates Show Less
- Exam
- $16.95
- 0
- 36
CS 6250 Quiz 2 (All Quizzes) Latest Update | Verified Questions and Correct Answers | Complete
CS 6250 Quiz 2 (All Quizzes) Latest Update | Verified Questions and Correct Answers | Complete Study Guide – Georgia Institute of Technology 2026/202 ... Show More 7 | GRADED A+ | 100 out of 100 Questions: What are 2 reasons computer networks are complex and difficult to manage that led to the development of SDN? Answer 1. Diversity of network equipment 2. Proprietary technology required for equipment Questions: Why would equipment diversity cause complexity when managing a network? Answer Different software must be used for different protocols (7) Questions: Why do proprietary technologies cause complexity when managing networks? Answer Some equipment (router, switch, etc.) run on closed/proprietary software Configuration interfaces vary as a result. This causes issues for managing devices centrally. (7) Questions: What is the simple idea of SDN that helps make networks more manageable? Answer Separate tasks into control plane and data plane. (7) Questions: What are the 3 phases of history of SDN? Answer 1. Active networks 2. control plane and data plane separation 3. OpenFlow API and network operating systems (7) Questions: What led to the growth of active networks, and what is their goal? Answer 1. the tediousness of standardizing new protocols 2. goal is to open up network control with an API that exposes resources and supports customization of functionalities for subsets of packets passing through network nodes (7) Questions: Why do active networks conflict with idea of E2E? Answer They require customization at network nodes (not simplicity at network core) (7) Questions: What were the two types of programming models in active networking? How are thy different? Answer 1. Capsule model - carries in band data packets - most used in relation to active networking - code distribution ACROSS networks - data plane 2. Programmable router/switch model - out of band mechanisms - decision-making a job for the NETWORK OPERATOR - Difference is where the code to execute at the nodes was carried (7) Questions: What are 4 tech developments that encouraged active networking? Answer 1. reduction in computation cost (more processing can take place in the network) 2. advancement in programming languages 3. advancement in rapid code compilation and formal methods 4. funding agencies promoted interoperability among projects - necessary because there were no short-term use cases (7) Questions: What are 4 problems that encouraged active networking? Answer 1. developing network services took a long time 2. third party interests to dynamically meeting needs of app and network conditions 3. researches needed a network for large-scale experiments 4. disadvantage of diverse models and vendors meant a desire for unified control over middleboxes (7) Questions: What are 3 contributions of SDN? Answer 1. programmable functions in network = lower barrier to innovation 2. network virtualization and ability to demultiplex based on packet headers 3. vision of unified architecture for middlebox orchestration (7) Questions: Which plane are active networks associated with? Answer Data plane (7) Questions: What plane do programmable functions in active networks focus on increasing programmability, and why? Answer - Data plane - isolate experimental traffic from normal traffic (7) Questions: What were some downfalls of active networking? Answer - it was too ambitions - didn't emphasize performance and security - it didn't solve any short term problems - end users need to be ale to write in java (7) Questions: Did active network do anything for performance? Security? Answer No (7) Questions: What challenge did control and data plane separation tackle? Answer Challenging how existing routers and switches tightly integrated the data and control plane (7) Questions: What were 4 tech developments that paved the way for control and data plane separation? Answer 1. packet forwarding (data plane) was implemented in hardware (separate from control plane) 2. ISPs couldn't meet increasing demands for greater reliability and new services b/c of increasing scope and size 3. servers have much more memory and processing resources - routing decisions could be done on one server for one ISP network 4. open-source routing lowers barrier to creating prototypes of centralized routing controllers (7) Questions: How did higher link speeds in backbone networks encourage control and data plane separation? Answer packet forwarding implemented in hardware, separate from control plane (7) Questions: What 2 innovations led to the control and data plane separation? Answer 1. open interface between control and data plane 2. logically centralized control of network(7) Was the network centrally controlled logically, physically, or both under control and data plane separation? Answer LOGICALLY centrally controlled(7) What are 3 ways control plane and data plane separation differed form active networks? Answer 1. Spurred innovation for network ADMINS instead of users 2. emphasized programmability in CONTROL domain instead of data domain 3. worked towards NETWORK-WIDE visibility and control rather than device level configurations(7) Was visibility and control at network level or device level for active networks? Control/data plane separation? Device level Network level (7) Was programmability in control domain or data domain for active networks? Control/data plane separation? Data domain control domain (7) Was innovation for network admins or users for active networks? Control/data plane separation? Users Admins (7) What are 5 use cases for control plane/data plane? 1. path selection based on network traffic load 2. minimized disruptions during planned routing changes 3. redirecting or dropping suspected attack traffic 4. allow customer networks more control over network flow 5. offer value added services for virtual private network customers (7) Were control plane and data plane separation efforts focused on managing routing WITHIN ONE ISP? No some wanted to enable flexible route control across many ASes (7) What 2 concepts resulted from control and data plane separation? 1. LOGICALLY centralized control w/ open interface to data plane 2. DISTRiBUTED state management (7) Was control plane/data plane separation logically distributed? No logically CENTRALIZED (7) Was control plane/data plane state management distributed or centralized? Distributed (7) Why was OpenFlow built on existing hardware? What was the weakness of this? Enabled immediate deployment Less flexibility (7) How does an openflow switch work? Switch has TABLE OF PACKET HANDLING RULES each rule has a pattern, list of actions, set of counters, and priority when packet is received, the switch: - determines highest priority matching rule - performs action - increments counter (7) What happens when an openflow switch receives a packet? - determines highest priority matching rule - performs action - increments counter (7) Which SDN tech was adopted in the industry: active networks, control/data plane separation, Openflow? Openflow (7) What are 3 tech developments that encouraged openflow? 1. programmers could control some forwarding behavior (b/c of switch chipset vendors) 2. companies could build switches without designing their own DATA PLANE 3. early versions of openflow were built on tech that switches ALREADY SUPPORTED - just a firm upgrade (7) Were early versions of openflow built from the ground up? No, built on tech that switches already supported (7) Was it difficult to integrate openflow? Why? No, built on already supported tech (7) What were 3 use cases for openflow? 1. large scale experiments on network 2. managing traffic at large scales in data-center networks 3. investing in programmers to write control programs, and less in proprietary switches that couldn't support new features (7) Did openflow prevent small players from being competitve? Why No, became more competitive b/c they could just focus on writing control programs instead of proprietary switches (7) What are 3 key effects of openflow? 1. GENERALIZATION of network devices and functions 2. Vision of NETWORK OPERATING SYSTEM 3. DISTRIBUTE STATE MANAGEMENT techniques (7) What does the control plane do? Logic that controls forwarding behavior of routers such as ROUTING PROTOCOLS and NETWORK MIDDLEBOX configurations DICTATES forwarding behavior (7) What does the data plane do? PERFORMS actual forwarding as dictated by control plane IP FORWARDING and LAYER 2 SWITCHING (7) What are 2 reasons to separate control and data plane? 1. independent evolution and development of both planes - ex. routing algorithms can improve WITHOUT AFFECTING EXISTING ROUTERS 2. Control from HIGH LEVEL software program - SDN uses software to COMPUTE forwarding tables - software to CONTROL router's behavior - DEBUGGING IS EASIER (7) What are 4 areas the separation of control/data plane helps? 1. Data centers - network management is easier 2. routing - SDN makes it easier to update state - more control over path selection 3. enterprise networks - SDN improves security applications - drop traffic at strategic locations 4. research networks - research can coexist w/ production networks (7) what are 2 important functions of network layer? 1. forwarding - determine which output link a packet should be sent to using forwarding table - LOCAL function implemented in HARDWARE - data plane - nanoseconds 2. determines path from sender to receiver across the network (usually with routing algorithms) Show Less
- Exam
- $16.95
- 0
- 28
CS 6250 Quiz 1 (All Quizzes) Latest Update | Verified Questions and Correct Answers | Complete
CS 6250 Quiz 1 (All Quizzes) Latest Update | Verified Questions and Correct Answers | Complete Study Guide – Georgia Institute of Technology 2026/202 ... Show More 7 | GRADED A+ | 100 out of 100 Question: How did LIcklider and his team in the early 1960s experiment with a precursor to the Internet? Answer Connecting two computers over a dial-up telephone line Question: What is the DNS designed to do primarily Answer Translate domain names into IP addresses Question: What is the architecture design of the internet protol stack based on? Answer Layers Question: Both the data link and transport layer provide error correction Answer True Question: What allows for communication between the application layer and transport layer Answer Socket Question: Whis protocol belongs to application layer? Answer DNS(Domain Name Service) Question: Which two protocols belong to the transport layer? Answer TCP, UDP Question: When an application sends a packet of information across the network, this packt travels down the IP stack and undergoes what process? Answer Encapsulation Question: According to the e2e principle, where should most of the Internet's functionality/Intelligence be implemented Answer At the edges of a network Question: The difference between hubs, bridges, and routers? Answer Hubs: physical layer; bridge: data-link layer; routers:network layer Question: What are advantages and disadvantages of a layered architecture? Answer Each protocol layer offers different services. Some advantages are scalability, flexibility, and ease of adding / removing components making it easier for cost-effective implementations. Disadvantages include: some layers functionality depends on the information from the other layer and violates the goal of layer separation; one layer may duplicate lower layer functionalities; overhead both in computation and in message headers caused by abstraction barriers between layers. Question: What are the differences and similarities of the OSI model and five-layered Internet model? Answer The OSI model and the 5-layered Internet Model have many of the same layers, with the difference being three of the layers are combined in the 5-layered model. Specifically the five-layer model combines the application, presentation, and session layers from the OSI model into a single application layer. Question: What are sockets? Answer A network socket is a software structure within a network node of a computer network that serves as an endpoint for sending and receiving data across the network. The structure and properties of a socket are defined by an application programming interface (API) for the networking architecture. Sockets are created only during the lifetime of a process of an application running in the node.https://en.wikipedia.org/wiki/Network_socket."A process sends messages into, and receives messages from, the network through a software interface called a socket. Let's consider an analogy to help us understand processes and sockets. A process is analogous to a house and its socket is analogous to its door....a socket is the interface between the application layer and the transport layer within a host." - Kurose and Ross, 2.1 Question: Describe each layer of the OSI model. Answer Application layer: Service, Interface, Protocol. Ex: Turn on your smartphone and look at the list of apps. (HTTP, SMTP, FTP, DNS) Presentation layer: Plays intermediate role of formatting the information received from the layer below and delivering it to the application layer. Ex: converting big endian to little endian. Session layer: Responsible for the mechanism that manages the different transport streams that belong to the same session between end-user and application process. Ex: teleconference app, it is responsible for tying together audio and video streaming. Transport layer: Responsible for the end-to-end communication between end hosts. 2 transport protocols, TCP and UDP. TCP includes a connection-oriented service to the applications that are running on the layer above, guaranteed delivery of the application-layer messages, flow control, and congestion control mechanism. UDP provides a connectionless, best-effort service to the applications that are running in the layer above without reliability, flow, or congestion control. In this layer the packet is called a segment. Network layer: This layer is responsible for moving the packet of information, called a datagram, from one host to another. The network layer is responsible for delivering the datagram to the Transport layer on the destination host. In this layer there are the IP Protocol and the routing tables. Data Link layer: Packets are referred to as frames. Examples include: ethernet, ppp, wifi. Responsible for moving the frames from one node (host or router) to the next node. Services offered by the data link layer protocol include reliable delivery (transmission of the data from one transmitting node, across one link, to the receiving node. Physical layer: This layer is the actual hardware responsible to transfer bits within a frame between two nodes connected through a physical link. Ex: Ethernet (twisted-pair copper, coax, fiber-optics). Question: Provide examples of popular protocols at each layer of the five-layered Internet model. Answer Application: NFS, DNS, SNMP, ftp, rcp, telnet, HTTP Transport: TCP, UDP Internet: IP, ARP, ICMP Data Link: PPP, IEEE 802.2, Ethernet Physical Network: Token Ring, RS-232 Question: What is encapsulation, and how is it used in a layered model? Answer Encapsulation is when data (called a header) is appended to the packet through each layer to signify its on the correct path to the destination host. Question: What is the end-to-end (e2e) principle? Answer A design choice that shaped the current internet architecture. It states the network core should be simple and minimal, while the end systems should carry the intelligence. Network functions should be simple and essential commonly used functions so any host can utilize the service and higher form functions should be built into the application itself. Lower level layers should be independent and free to perform only their designed function and the higher-level layers deal with the more intricate functions that deal with the specific application. Question: What are the examples of a violation of e2e principle? Answer Violations include firewalls and traffic filters. Firewalls violate because they are intermediate devices that are operated between two end hosts and they can drop the end host communications. Network Address Translation (NAT) boxes are also a violation because it uses the single public IP address and distributes a new IP scheme to the hosts connected to it to route data through re-writing the header info to route to the correct destination host. NAT boxes are a violation because they are not globally addressable or routable. Question: What is the EvoArch model? An hourglass shaped model of the Internet where the outer bands are more frequently modified or replaced and the further in you go the harder it is for that layer to be altered or modified. Question: Explain a round in the EvoArch model. EvoArch is a discrete-time model that is executed over rounds. At each round, we perform the following steps: A) We introduce new nodes, and we place them randomly at layers. B) We examine all layers, from the top to the bottom, and we perform the following tasks: 1) We connect the new nodes that we may have just introduced to that layer, by choosing substrates based on the generality probabilities of the layer below s(l−1), and by choosing products for them based on the generality probability of the current layer s(l). 2) We update the value of each node at each layer l, given that we may have new nodes added to the same layer l. 3) We examine all nodes, in order of decreasing value in that layer, and remove the nodes that should die. C) Finally, we stop the execution of the model when the network reaches a given number of nodes. Question: What are the ramifications of the hourglass shape of the internet? A. Many technologies that were not originally designed for the internet have been modified so that they have versions that can communicate over the internet (such as Radio over IP). B. It has been a difficult and slow process to transition to IPv6, despite the shortage of public IPv4 addresses. Question: Repeaters, hubs, bridges, routers operate on which layers? Repeaters and Hubs work over L1 (Physical Layer) Bridges and Layer 2-Switches work over L2 (Data link layer) Routers and Layer 3-Switches work over L3 (Network layer) Question: What is a bridge, and how does it "learn"? A bridge is a device with multiple inputs/outputs. A bridge transfers frames from an input to one (or multiple) outputs. Though it doesn't need to forward all the frames it receives. A learning bridge learns, populates and maintains a forwarding table. The bridge consults that table so that it only forwards frames on specific ports, rather than over all ports. So how does the bridge learn? When the bridge receives any frame this is a "learning opportunity" to know which hosts are reachable through which ports. This is because the bridge can view the port over which a frame arrives and the source host. Question: What is a distributed algorithm? A distributed algorithm is an algorithm designed to run on computer hardware constructed from interconnected processors. Distributed algorithms are used in many varied application areas of distributed computing, such as telecommunications, scientific computing, distributed information processing, and real-time proces Show Less
- Exam
- $15.95
- 0
- 25
CS 6250 Quiz 10 (All Quizzes) 2026/2027 Latest Update | Verified Questions and Correct Answers |
CS 6250 Quiz 10 (All Quizzes) 2026/2027 Latest Update | Verified Questions and Correct Answers | Complete Study Guide – Georgia Institute of Technology ... Show More 2026/2027 | GRADED A+ | 100 out of 100 Question: What is DNS censorship? Answer Large scale network traffic filtering strategy to suppress material which they deem as objectionable. Question: What are the properties of GFW (Great Firewall of China)? Answer 1) Locality of GFW nodes - majority view is that GFW censorship nodes are present at the edge. 2) Centralized management - blocklists obtained from two distinct GFW locations show a high possibility of a central GFW management entity that orchestrates blocklists. 3) Load balancing - GFW load balances between processes based on source and destination IP address. Question: Censorship Technique 1: DNS injection Answer For DNS requests that are blocked by the GFW, the GFW will respond with a fake DNS record to prevent the client from reaching the requested content. Question: 3 steps of DNS injection Answer 1) DNS probe is sent to a DNS resolver 2) The probe is checked against the blocklist 3) A fake DNS A record response is sent back if the request matches the blocklist. The direct domain can be blocked, or specific domain keywords can be blocked. Question: How many DNS Censorship Techniques are there? Answer 5 Question: 1. Packet dropping Answer all network traffic going to a set of specific IP addresses is discarded Question: Pros: (easy to implement, low cost) Answer Cons: (maintain a long blocklist, overblocking) Question: 2. DNS Poisoning Answer When a DNS receives a query for resolving hostname to IP address - if there is no answer returned or an incorrect answer is sent to redirect or mislead the user request Question: Pros: (No overblocking) Answer Cons: (Blocks the entire domain) Question: 3. Content inspection Answer all traffic traverses a proxy and is inspected for objectionable content, if matches -> dropped Question: Pros: (precise censorship, flexible) Answer Cons: (not scalable) Question: 4. Blocking with reset Answer sends a TCP (RST) to block individual connections that contain requests with objectionable content. Question: 5. Immediate reset Answer suspends traffic coming from a source immediately, for a short period of time Question: What is overblocking? Answer If two websites share the same IP address and the intention is to only block one of them, there's a risk of blocking both Question: Our understanding of censorship around the world is relatively limited. Why is it the case? What are the challenges? Answer 1) Diverse measurements 2) Need for scale 3) Identifying the intent to restrict content access 4) Ethics and minimizing risks Question: What are the limitations of main censorship detection systems? Answer They either no longer exist or rely upon volunteers performing measurements, which can cause them to get in trouble with their local governments. Question: Augur Answer This system focuses on IP-based disruptions, not DNS-based manipulations. Question: IRIS Answer Machine learning model for identifying DNS manipulation Question: How does Iris counter the issue of lack of diversity while studying DNS manipulation? What are the steps associated with the proposed process? Answer Iris uses open DNS resolvers located all over the globe. Question: The two main steps are: Answer 1) Scanning the Internet's IPv4 space for open DNS resolvers 2) Identifying infrastructure DNS resolvers Question: What are the steps involved in the global measurement process using DNS resolvers? Answer 1) Perform global DNS queries 2) Annotating DNS responses with auxiliary information 3) Additional PTR and TLS scanning Question: What metrics does Iris use to identify DNS manipulation once data annotation is complete? Describe the metrics. Under what condition, do we declare the response as being manipulated? Answer 1) Consistency metrics 2) Independent verifiability metrics If neither of these metrics are satisfied, the response is said to be manipulated Question: How is it possible to achieve connectivity disruption using routing disruption approach? Answer Withdrawing previously advertised prefixes or re-advertising them with different properties using BGP Question: How is it possible to achieve connectivity disruption using packet filtering approach? Answer Block packets meeting a certain criteria disrupting the normal forwarding action. Question: IP ID Answer Assigned a unique 16-bit IP identifier ("IP ID"), which the destination host can use to reassemble a fragmented packet. This IP ID should be different for the packets that are generated by the same host. Question: 2 mechanisms used by Augur Answer 1) Probing: a mechanism to monitor the IP ID of a host over time. 2) Perturbation: mechanism which forces a host to increment its IP ID counter by sending traffic from different sources such that the host generates a response packet. Question: Explain a scenario of connectivity disruption detection in case when no filtering occurs. Answer When no filtering occurs, the measurement machine will see an increase of 2 in the IP ID - this means the two hosts communicated Question: Explain a scenario of connectivity disruption detection in case of the inbound blocking. Answer Traffic from the reflector to the site containing objectionable data is blocked. Thus, the IP ID only increases by 1 because the SYN-ACK from the site never reaches the reflector. Question: Explain a scenario of connectivity disruption detection in case of the outbound blocking. Answer Outbound reset packets from the reflector do not reach the site. The site will continue to send SYN-ACK packets until it receives an ACK, causing the reflector's IP ID to increase by 2 each time. Question: DNS censorship Answer A large scale network traffic filtering strategy opted by a network to enforce control and censorship over Internet infrastructure to suppress material which they deem as objectionable. Question: Great Fire Wall properties Answer Locality of GFW nodes Centralized management Load balancing Question: DNS Injection Answer Using a ruleset to determine when to inject DNS replies to censor network traffic. Question: DNS Injection Steps Answer 1. DNS probe is sent to the open DNS resolvers 2. The probe is checked against the blocklist of domains and keywords Fe. or domain level blocking, a fake DNS A record response is sent back. Question: Packet dropping strengths Answer Easy to implement, low cost Question: Packet dropping weaknesses Answer Maintenance of blocking, overblocking Question: DNS poisoning Answer When a DNS receives a query for resolving hostname to IP address, an incorrect answer is sent to redirect or mislead Question: DNS poisoning strength and weakness Answer Strength: No overblocking Weakness: Blocks entire domain Content inspection Answer It allows for all network traffic to pass through a proxy where the traffic is examined for content, and the proxy rejects requests that serve objectionable content. Content inspection strength Answer Precise censorship and flexible Content inspection weakness Answer Not scalable Blocking with resets Send a TCP reset (RST) to block individual connections that contain requests with objectionable content. Immediate reset of connections Blocking rules in addition to inspecting content, to suspend traffic coming from a source immediately, for a short period of time. Why is DNS Manipulation difficult to manage? Diverse Measurements Need for Scale Identifying the intent to restrict content access Ethics and Minimizing Risks Steps to use DNS Resolvers Scanning the Internet's IPv4 space for open DNS resolvers Identifying Infrastructure DNS Resolvers DNS Resolver Measurement Process Performing global DNS queries Annotating DNS responses with auxiliary information Additional PTR and TLS scanning 2 metrics to identify DNS manipulation Consistency metrics and independent verifiability metrics Packet filtering It can be used to block packets matching a certain criteria disrupting the normal forwarding action. This approach can be harder to detect and might require active probing of the forwarding path or monitoring traffic of the impacted network. IP ID Any packet that is sent by a host is assigned a unique 16-bit IP identifier ("IP ID"), which the destination host can use to reassemble a fragmented packet. The global counter is incremented for each packet that is generated and helps in keeping track of the total number of packets generated by that host. Probing A mechanism to monitor the IP ID of a host over time. We use the measurement machine to observe the IP ID generated by the reflector. Pertubation Forces a host to increment its IP ID counter by sending traffic from different sources such that the host generates a response packet. Inbound blocking Filtering occurs on the path from the site to the reflector is termed as inbound blocking. Outbound blocking Filtering imposed on the outgoing path from the reflector. What kind of disruptions does Augur focus on? IP How does Iris counter the lack of diversity while studying DNS manipulation? She uses DNS resolvers Routing disruption The routers share which destinations it can reach and continuously update its forwarding tables to select the best path for an incoming packet. If this communication is disrupted or disabled on critical routers, it could result in unreachability of the large parts of a network. Show Less
- Exam
- $14.45
- 0
- 32
CS 6250 Quiz 9 Exam (All Quizzes) | Georgia Institute of Technology | Latest 2026/2027 Verified Q
CS 6250 Quiz 9 Exam (All Quizzes) | Georgia Institute of Technology | Latest 2026/2027 Verified Questions and Answers 2026/2027 | GRADED A+ | 100 out ... Show More of 100 Question: Client PCs typically obtain their subnet mask information from _____. Answer DHCP Question: Subnetting is _____. Answer a way of breaking down large blocks of IP addresses into smaller address blocks Question: An organization with a class B network address uses 8 bits for the subnet ID. Each subnet in this organization can have _____ hosts. Answer 254 Question: An organization with a class B network address has 200 subnets. Each subnet in this organization can have at most _____ hosts. Answer 254 Question: Subnetting is most useful for _____. Answer network administration Question: The number of subnets in the organization is best determined by _____. Answer the structure of the organization Question: Subnetting offers all of the following benefits except _____. Answer it helps DNS operation Question: If an organization has a subnet mask of 255.255.252.0, each subnet in the organization can have at most _____ hosts. Answer 1,022 Question: When the subnet mask 255.255.254.0 is applied to the IP address 192.168.151.45, the result is _____. Answer 192.168.150.0 Question: What are the properties of secure communication? Answer 1. Confidentiality 2. Integrity 3. Authentication 4. Availability Question: How does Round Robin DNS (RRDNS) work? Answer This method is used by large websites to distribute the load of incoming requests to several servers at a single physical location. It responds to a DNS request with a list of DNS A records, which it then cycles through in a round-robin manner. The DNS client can then choose a record using different strategies - choose the first record each time, use the closest record in terms of network proximity, etc. Question: How does DNS-based content delivery work? Answer Content Distribution Networks (CDNs) also use DNS-based techniques to distribute content but use more complex strategies. For example, CDNs distribute the load amongst multiple servers at a single location but also distribute these servers across the world. When accessing the name of the service using DNS, the CDN computes the 'nearest edge server' and returns its IP address to the DNS client. It uses sophisticated techniques based on network topology and current link characteristics to determine the nearest server. This results in the content being moved 'closer' to the DNS client, which increases responsiveness and availability. Question: How do Fast-Flux Service Networks work? Answer Fast-Flux Service Networks (FFSN) are an extension of the ideas behind RRDNS and CDN. As its name suggests, it is based on a 'rapid' change in DNS answers, with a TTL lower than that of RRDNS and CDN. One key difference between FFSN and the other methods is that after the TTL expires, it returns a different set of A records from a larger set of compromised machines. These compromised machines act as proxies between the incoming request and control node/mothership, forming a resilient, robust, one-hop overlay network. Question: What are the main data sources used by FIRE (FInding Rogue nEtworks) to identify hosts that likely belong to rogue networks? Answer 1. Botnet command and control providers 2. Drive-by-download hosting providers 3. Phish hosting providers Question: The design of ASwatch is based on monitoring global BGP routing activity to learn the control plane behavior of a network. Describe 2 phases of this system. Answer 1. Training phase - The system learns control-plane behavior typical of both types of ASes. The system is given a list of known malicious and legitimate ASes. It then tracks the behavior of these ASes over time to track their business relationships with other ASes and their BGP update and withdrawal patterns. ASwatch then computes the statistical features of each AS 2. Operational phase - Given an unknown AS, it then calculates the features for this AS. It then uses the model to assign a reputation score to the AS. If the system assigns the AS a low reputation score for several days in a row (indicating consistent suspicious behavior), it identifies it as malicious. Question: What are three classes of features used to determine the likelihood of a security breach within an organization? Answer 1. Mismanagement symptoms 2. Malicious activities 3. Security incident reports Question: (BGP hijacking) What is the classification by affected prefix? Answer In this class of hijacking attacks, we are primarily concerned with the IP prefixes that are advertised by BGP. There are different ways the prefix can be targeted, such as: - Exact prefix hijacking - Sub-prefix hijacking - Squatting Question: (BGP hijacking) What is the classification by AS-Path announcement? Answer In this class of attacks, an illegitimate AS announces the AS-path for a prefix for which it doesn't have ownership rights. There are different ways this can be achieved: - Type-0 - This is simply an AS announcing a prefix not owned by itself. - Type-N - This is an attack where the counterfeit AS announces an illegitimate path for a prefix that it does not own to create a fake link (path) between different ASes. - Type-U - In this attack the hijacking AS does not modify the AS-PATH but may change the prefix. Question: (BGP hijacking) What is the classification by data plane traffic manipulation? Answer In this class of attacks, the intention of the attacker is to hijack the network traffic and manipulate the redirected network traffic on its way to the receiving AS. There are three ways the attack can be realized under this classification, i.e. traffic intercepted by the hijacker can be - Dropped - Eavesdropped or manipulated - Impersonated Question: What are the causes or motivations behind BGP attacks? Answer 1. Human error 2. Targeted attack 3. High impact attack Question: Explain the scenario of prefix hijacking. Answer Malicious autonomous system router advertises a prefix that it doesn't own, taking advantage of its shorter distance to have peer / customer routers change their path for the prefix to the malicious autonomous system. Question: Explain the scenario of hijacking a path. Answer Malicious autonomous system receives a path and alters it, placing itself as the best path to reach a specific autonomous system / prefix. This path will likely be shorter than the original, causing other ASes to use the new hijacked path. Question: What are the key ideas behind ARTEMIS? Answer 1. A configuration file: where all the prefixes owned by the network are listed here for reference. This configuration file is populated by the network operator. 2. A mechanism for receiving BGP updates: this allows receiving updates from local routers and monitoring services. This is built into the system. Question: What are the two automated techniques used by ARTEMIS to protect against BGP hijacking? Answer 1. Prefix deaggregation - announcing more specific prefixes than the targeted one(s) 2. Mitigation with Multiple Origin AS - third party providers announce the hijacked prefixes, and then tunnels the attracted traffic to the legitimate AS What are two findings from ARTEMIS? Answer 1. Outsource the task of BGP announcement to third parties: To combat against BGP hijacking attacks, having even just one single external organization to mitigate BGP attacks is highly effective against BGP attacks. 2. Comparison of outsourcing BGP announcements vs. prefix filtering: When compared to prefix filtering, which is the current standard defense mechanism, BGP announcements are more optimal according to the research Explain the structure of a DDoS attack. Answer A Distributed Denial of Service (DDoS) attack is an attempt to compromise a server or network resources with a flood of traffic. To achieve this, the attacker first compromises and deploys flooding servers (slaves). Later, when initiating an attack, the attacker instructs these flooding servers to send a high volume of traffic to the victim. This results in the victim host either becoming unreachable or in exhaustion of its bandwidth. What is spoofing, and how is it related to a DDoS attack? IP spoofing is the act of setting a false IP address in the source field of a packet with the purpose of impersonating a legitimate server. In DDoS attacks, this can happen in two forms. In the first form, the source IP address is spoofed, resulting in the response of the server sent to some other client instead of the attacker's machine. This results in wastage of network resources and the client resources while also causing denial of service to legitimate users. In the second type of attack, the attacker sets the same IP address in both the source and destination IP fields. This results in the server sending the replies to itself, causing it to crash. Describe a Reflection and Amplification attack. In a reflection attack, the attackers use a set of reflectors to initiate an attack on the victim. A reflector is any server that sends a response to a request. Here, the master directs the slaves to send spoofed requests to a very large number of reflectors, usually in the range of 1 million. The slaves set the source address of the packets to the victim's IP address, thereby redirecting the response of the reflectors to the victim. If the requests are chosen in such a way that the reflectors send large responses to the victim, it is a reflection and amplification attack. What are the defenses against DDoS attacks? - Traffic scrubbing services - ACL filters - BGP Flowspec Explain provider-based blackholing. With this mechanism, all the attack traffic to a targeted DDoS destination is dropped to a null location. The premise of this approach is that the traffic is stopped closer to the source of the attack and before it reaches the targeted victim. With this technique, the victim AS uses BGP to communicate the attacked destination prefix to its upstream AS, which then drops the attack traffic towards this prefix. Then either the provider (or the IXP) will advertise a more specific prefix and modify the next-hop address that will divert the attack traffic to a null interface. The blackhole messages are tagged with a specific BGP blackhole community attribute, usually publicly available, to differentiate it from the regular routing updates. Explain IXP blackholing. Similar to the provider method, only the attacked AS sends the blackholing messages to the IXP route server when a member connects to the route server. The route server then announces the message to all the connected IXP member ASes, which then drops the traffic towards the blackholed prefix. The null interface to which the traffic should be sent is specified by the IXP. What is one of the major drawbacks of BGP blackholing? One of the major drawbacks of BGP blackholing is that the destination under attack becomes unreachable since all the traffic including the legitimate traffic is dropped. What are the properties of secure communication? Confidentiality Integrity Authentication Availability Round Robin DNS Each time the DNS server is queried, it sends the IP address to which it most recently responded with to the back of the queue, operating on a loop. Used by large websites to distribute the load of incoming requests (larger TTL) DNS-based content delivery When accessing the name of the service using DNS, the CDN computes the 'nearest edge server' and returns its IP address to the DNS client. It determines the nearest server, which results in the content being moved 'closer' to the DNS client which increases responsiveness and availability. (lower TTL) Fast-Flux Service Networks Based on a rapid change in DNS answers, in order to prevent spammers for injecting bad IP addresses into the DNS resolution lifecycle (lowest TTL) What are the main data sources to identify hosts that likely belong to rogue networks, used by FIRE (FInding Rogue nEtworks system)? 1. Botnet command and control providers: 2. Drive-by-download hosting providers: is a method of malware installation user interaction. Occurs when the victim visits a web page that contains an exploit for the browser 3. Phish housing providers: This data source contains URLs of servers that host phishing pages Key difference between rogue and legitimate networks Legitimate networks are usually able to remove the malicious content within a few days whereas rogue networks may let the content be up for weeks to more than a year! ASWatch uses information exclusively from the control plane (ie. routing behavior) to identify malicious networks. Based on monitoring global BGP routing activity to learn the control plane behavior of a network. Phase 1 of ASWatch: Training phase ASwatch learns the control-plane behavior of a normal AS and a malicious one and learns to differentiate between them Phase 2 of ASWatch: Operational Phase ASwatch takes an unknown AS and calculates the features for it, assigning it a reputation score. What are 3 classes of features used to determine the likelihood of a security breach within an organization? 1) Rewiring activity - changes in the AS connecting activity, multiple changes in providers / customers looks suspicious 2) IP Space Fragmentation and Churn - inspects advertised prefixes of an autonomous system. Malicious ASes are likely to use small BGP prefixes to partition their IP address space and only exposes a small section of them 3) BGP Routing Dynamics - tracks announcements and withdrawals, which usually follow different patterns for malicious ASes How to infer network reputation (Random Forest) 1. Mismanagement Symptoms - 2. Malicious Activities 3. Security Incident Reports 3 groups of BGP Hijacking Attacks 1. Classification by Affected Prefix 2. Classification by AS-Path announcement 3. Classification by Data-Plane traffic manipulation 1. Classification by Affected Prefix we are primarily concerned with the IP prefixes that are advertised by BGP 1A. Exact prefix hijacking When two different ASes (one is genuine and the other one is counterfeit) announce a path for the same prefix. This disrupts routing in such a way that traffic is routed towards the hijacker wherever the AS-path route is shortest, thereby disrupting traffic. 1B. Sub-prefix hijacking the hijacking AS works with a sub-prefix of the genuine prefix of the real AS. This exploits the characteristic of BGP to favor more specific prefixes, and as a result route large/entire amount of traffic to the hijacking AS. 1C. Squatting In this type of attack, the hijacking AS announces a prefix that has not yet been announced by the owner AS. 2. Classification by AS-Path announcement An illegitimate autonomous system announces the AS path for a prefix for which it doesn't have ownership rights. 2A. Type-0 hijacking This is simply an AS announcing a prefix not owned by itself. 2B. Type-N hijacking: counterfeit AS announces an illegitimate path for a prefix that it does not own to create a fake link (path) between different ASes. 2C. Type-U hijacking In this attack the hijacking AS does not modify the AS-PATH but may change the prefix. 3. Classification by Data-Plane traffic manipulation In this classification of attacks, the attacker attempts to hijack the network traffic and manipulate the redirected network traffic on its way to the receiving AS 3A. Dropped (blackholing) The traffic intercepted by the hijacker can be Dropped, so that it never reaches the intended destination 3B. Man-in-the-middle The traffic intercepted by the hijacker can be Eavesdropped or manipulated before it reaches the receiving AS 3C. Impersonation The traffic intercepted by the hijacker can be Impersonated, e.g. In this case the network traffic of the victim AS is impersonated and the response to this network traffic is sent back to the sender. What are the causes or motivations behind BGP attacks? 1) Human error - misconfiguration / accidents 2) Targeted attack - intentional interception of network traffic (man-in-the-middle) (stealthy) 3) High impact attack - obvious attempt to cause widespread disruption Explain the scenario of prefix hijacking Malicious autonomous system router advertises a prefix that it doesn't own, taking advantage of its shorter distance to have peer / customer routers change their path for the prefix to the malicious autonomous system. Explain the scenario of hijacking a path. Malicious autonomous system receives a path and alters it, placing itself as the best path to reach a specific autonomous system / prefix. This path will likely be shorter than the original, causing other ASes to use the new hijacked path. ARTEMIS a system that is run locally by network operators to safeguard its own prefixes against malicious BGP hijacking attempts. 2 key ideas behind Artemis A configuration file where all prefixes owned by the network are listed for reference. A mechanism for receiving BGP updates, allows the system to receive updates from local routers and monitoring services What are the two automated techniques used by ARTEMIS to protect against BGP hijacking? 1) Prefix deaggregation - announcing more specific prefixes in order to mitigate prefix hijacking 2) Mitigation with multiple origin AS (MOAS) - third party organizations and service providers do BGP announcements for a given network What are two findings from ARTEMIS? 1. Outsource the task of BGP announcements to third parties 2. Filtering of prefixes is less optimal when compared against BGP announcements Explain the structure of a DDoS attack. An attempt to compromise a server or network resources with a flood of traffic Attack compromises and deploys flooding servers that send high volumes of traffic to a victim What is spoofing, and how is related to DDoS attack? Impersonating a legitimate server with a spoofed IP address. One method causes a server to flood a target with unsolicited responses to spoofed requests. The other uses the spoofed IP address in the both the source and destination IP, causing the server to send responses / requests to itself. Describe a Reflection and Amplification attack. A reflective attack is sending a bunch of spoofed requests to a server which will then DDoS the target on behalf of the attacker. What are the defenses against DDoS attacks? 1) Traffic Scrubbing Services - diverts the incoming traffic to a specialized server, where the traffic is "scrubbed" 2) Access Control List filters - filter out unwanted traffic 3) BGP Flowspec - mitigate DDoS attacks by supporting the deployment of fine-grained filters across AS domain borders Explain provider-based blackholing. A customer autonomous system announces a blackholing message to the provider with the host name of the DDoS victim. This usually contains a special community field - the provider will then stop advertising the prefix of the affected host. Explain IXP blackholing. Same as the above, but on an autonomous system scale. The IXP will handling the blackholing and advertise the NULL address to the other ASes peered in the IXP. What is one of the major drawbacks of BGP blackholing? The destination under attack becomes unreachable. The mitigation technique is also ineffective if peer autonomous systems neglect / don't respect BGP Blackholing request. Learn More You can also click on terms or definitions to blur or reveal them Determine which property of secure communication is primarily violated in the event that a third party pretends to be another entity on the network. Confidentiality Integrity Authentication Availability Authentication Determine which property of secure communication is primarily violated in the event that Trudy is able to access (but not modify) the contents of a message between Alice and Bob. Confidentiality Integrity Authentication Availability Confidentiality Round Robin DNS (RRDNS) is one of the "tools" that malicious parties can use to extend the time their content is accessible/hosted on the Internet. True or false? False Fast-Flux Service Networks (FFSNs) can be leveraged by malicious actors to extend the availability of a scam. True or false? True Which statement best describes the primary qualitative difference between rogue and legitimate networks based on the evidence of abuse and the findings of the FIRE system? Rogue networks actively seek out and support malicious activities, while legitimate networks unintentionally host malicious content due to security lapses. Rogue networks primarily exist for hosting and distributing pirated software, while legitimate networks focus on genuine content distribution. The longevity of malicious behavior on rogue networks is significantly longer, often lasting weeks to over a year, whereas legitimate networks usually remove malicious content within a few days. The primary distinction is based on the geographical location of the network servers, with rogue networks predominantly located in regions with lax cyber regulations. The longevity of malicious behavior on rogue networks is significantly longer, often lasting weeks to over a year, whereas legitimate networks usually remove malicious content within a few days. The FIRE system takes primarily a reactive approach to infer network reputation, relying on monitoring IP blacklists. True ASwatch takes primarily a proactive approach to infer network reputation by monitoring the routing behavior of networks. True How can a rogue network remain undetected by ASwatch (stay under the radar)? By switching frequently to a different upstream provider. By lowering the ratio of malicious IP addresses to the total owned IP addresses. By maintaining a stable control plane behavior. By maintaining a stable control plane behavior. Determine which system monitors routing behavior to determine the legitimacy of a network. FIRE ASwatch ARTEMIS Stellar ASwatch Determine which system uses routing behavior to detect BGP hijacking attacks. FIRE ASwatch ARTEMIS Stellar ARTEMIS BGP Blackholing is a defense against prefix hijacking. True False False The BGP blackholing technique can only be applied for traffic related to specific applications. True False False Consider the reflection and amplification attack as shown in the figure below. (figure of master controlling traffic via directing slaves at victim and using reflectors) Which of the following statements is true? The slaves send packet requests to the reflectors, spoofing the source IP address of the victim and, therefore, making it seem as if the requests are sent from the victim. The reflectors spoof the IP address of the slaves when responding to the victim. The attacker, using the master and the slaves' servers, directly floods the victim with packets using their own IP address. The reflectors send their responses back to the slaves. The slaves send packet requests to the reflectors, spoofing the source IP address of the victim and, therefore, making it seem as if the requests are sent from the victim. When designing a system to identify DNS reflection and amplification attacks, which network operation plane(s) is essential to monitor for effective detection? Control Plane Data Plane Management Plane Control Plane and Data Plane Data Plane To effectively identify BGP hijacking incidents, specifically targeting BGP path and prefix manipulations, which network operation plane(s) should you primarily monitor? Control Plane Data Plane Management Plane Control Plane and Data Plane Control Plane Which of the following techniques can help an attacker to attract more traffic when attempting to hijack a prefix? Select all that apply. Advertise a more specific prefix than the original owner AS Advertise a shorter path to the prefix. Advertise the same path as the original owner AS but change the origin AS. Advertise a more specific prefix than the original owner AS Advertise a shorter path to the prefix. Show Less
- Exam
- $15.45
- 0
- 31
CS 6250 Quiz 8 Exam guide (All Quizzes) | Georgia Institute of Technology | Latest 2026/2027
CS 6250 Quiz 8 Exam guide (All Quizzes) | Georgia Institute of Technology | Latest 2026/2027 Verified Questions and Answers 2026/2027 | GRADED A+ | 1 ... Show More 00 out of 100 Question: Determine which plane executes a network policy. Data Plane Control Plane Management Plane All planes Answer Data Plane Question: Determine which type of network can implement load balancing. Conventional Networks Software-Defined Networks Neither conventional nor software-defined networks Both conventional and software defined networks Answer Both conventional and software defined networks Question: Determine which type of network decouples the control and data planes. Conventional Networks Software-Defined Networks Neither conventional nor software-defined networks Both conventional and software defined networks Answer Software-Defined Networks Question: Middleboxes can only be used in conventional networks. True False Answer False Question: Determine which of the following can be implemented as a network application in software-defined networking. Routing Security enforcement Quality of Service (QoS) enforcement All of the above Answer All of the above Question: The networking operating system (NOS) is a part of the data plane. True False Answer False Question: The physical devices in an SDN network have embedded intelligence and control required to perform forwarding tasks. True False Answer False Question: When a packet arrives in an OpenFlow device and it does not match any of the rules in one of the tables, that packet is always dropped. True False Answer False Question: The Southbound interfaces are the separating medium between the Network-control Applications and the Control plane functionality. True False Answer False Question: OpenFlow enables the communication between the control plane and data plane through event-based messages, flow statistics and packet messages that are sent from forwarding devices to controller. True False Answer True Question: One of the disadvantages of an SDN centralized controller architecture is that it can introduce a single point of failure and also scaling issues. True False Answer True Question: A distributed controller can be a centralized cluster of nodes or a physically distributed set of elements. True False Answer True Question: A distributed controller can only be used in large networks. True False Answer False Question: ONOS is an example of a centralized controller platform. True False Answer False Question: In order to make forwarding and policy decisions in ONOS, applications get information from the view and then update these decisions back to the view. True False Answer True Question: In order to achieve fault tolerance, whenever there is a failure of an ONOS instance, a master is chosen randomly for each of the switches that were controller by the failed instance. True False Answer False The purpose of the creation of the P4 language was to offer programmability on the control plane. True False Answer False P4 acts as an interface between the switches and the controller, and its main goal is to allow the controller to define how the switches operate. True False Answer True The P4 model allows the design of a common language to write packet processing programs that are independent of the underlying devices. True False Answer True In an SDX architecture, each AS can define forwarding policies as if it is the only participant at the SDX, as well as having its own SDN applications for dropping, modifying or forwarding their traffic. True False Answer True As IP networks grew into adoption, what were some of the challenges? Answer 1. Handling the growing complexity/dynamic nature of networks 2. Tightly coupled architecture Software defined networking (SDN) Control vs data plane. Network switches perform task of forwarding and the logic is implemented in a centralized controller Computer networks have 3 planes of functionality Data plane, control plane, and management plane Data plane These are functions and processes that forward data in the form of packets or frames. Control plane These refer to functions and processes that determine which path to use by using protocols to populate forwarding tables of data plane elements. Management plane These are services that are used to monitor and configure the control functionality Advantage of SDN vs traditional approach 1. Shared abstraction 2. Consistency of same network info 3. Locality of functional placement 4. Simpler integration Southbound interfaces Interfaces that are connecting bridges between control and forwarding elements, they separate control and data plane functionality. Network OS Provides abstractions, essentials services, and common APIs to developers. It helps ease network management and solve networking problems. It is a centralized controller. Northbound interface Mostly a software ecosystem. It is one of the core abstractions of an SDN ecosystem (along with Southbound) Language based virtualization Expressing modularity and allowing different levels of abstraction. Network applications Functionalities that implement the control plane logic and translate the commands in the data plane. Difference b/w networks in the SDN infrastructure vs traditional approach They are built on top of open/standard interfaces that ensure configuration and communication compatibility and interoperability among control/data plane devices. 3 information sources for OpenFlow 1. Event based messages that are sent by forwarding devices to controller when there's a link or port change 2. Flow statistics generated by forwarding devices and collected by the controller 3. Packet messages sent by forwarding devices to controller Controller A controller is a critical element in an SDN architecture as it is the key supporting piece for control logic (applications) to generate network configuration based on the policies defined by the network operator. Centralized controller Single entity manages all forwarding devices in the network which is a single point of failure and may have scaling issues. Cannot really scale in practice. Distributed controller Can be scaled to meet requirements of environment. IT can be a centralized cluster of nodes or physically distributed set of elements. The properties include weak consistency semantics and fault tolerance. Open Networking OS Distributed SDN control platform that aims to provide a global view of the network to applications, scale out performance/fault tolerance. P4 (Programming Protocol-Independent Packet Processors) A high-level programming language to configure switches which works in conjunction with SDN control protocols. Configures the switch programmatically and acts as a general interface b/w the switches and the controller. It wants to allow the controller to define how switches operate. Goals of P4 Reconfigurability, protocol independence, and target independence Reconfigurability How parsing and processing of packets takes place in the switches. It believes that this should be modifiable by the controller. Protocol Independence Controller defines a packet parser and a set of tables mapping matches and their actions. Packet parser extracts the header fields and then are passed to the match + action tables. Target Independence The packet processing programs should be programmed independent of the underlying target devices. P4 vs Openflow P4 switches use a programmable parser and a set of match+action tables to forward packets. The tables are accessed in multiple stages in a series/parallel. In Openflow, there are only fixed parsers based on predetermined header fields and only a series combo of match+action tables. 2 main operations of P4 forwarding model Configure and populate Configure Sets of operations used to program the parser. They specify the header fields to be processed in each match+action stage and also define the order of these stages. Populate Altering the entries in the match+action tables specified during configured. Also allows for addition/deletions of entries in the tables. Traffic engineering Optimizes traffic flow to minimize power consumption, judiciously use network resources, perform load balancing, etc. Mobility and wireless Offers a variety of features including on-demand virtual access points, usage of spectrum dynamically, sharing wireless infrastructure, etc. Security and dependability Improving security of networks. SDN can impose security policies on the entry point of the network or use programmable devices to enforce security policies. Data center networking Using SDN, dcn can offer services such as live migration of networks, trouble shooting, real-time monitoring, etc. 2 limitations of BGP 1. Routing only on destination IP prefix 2. Networks have little control over end-to-end paths IXP Internet Exchange Point, a physical location that facilitates interconnection between networks so that they can exchange traffic and BGP routes. In the context of the IXPs, researchers have proposed an SDN based architecture, called SDX SDX implements multiple applications App specific peering, traffic engineering, traffic load balancing, and traffic redirection through middleboxes Application specific peering ISPs use dedicated ASes to handle high volume of traffic. It identifies the traffic using packet classifiers and directing the traffic in a path. Must configure additional and appropriate rules. Inbound traffic engineering An AS (autonomous system) can control how traffic enters the network by using an SDN enabled switch installed with forwarding rules based on source IP address. Wide-area server load balancing A single anycast IP can be assigned to a service and the destination IP addresses of packets can be modified at the exchange point to the desired backend server. Redirection through middleboxes SDX can identify and redirect the desired traffic through a sequence of middleboxes. Pipeline of flow tables in OpenFlow Each entry of a flow table has three parts. 1. Matching rule 2. Actions to be executed on matching packets 3. Counters that keep statistics of matching packets Properties of distributed controllers Weak consistency semantics and fault tolerance Core SDN Controller functions Topology, statistics, notifications, device management, along with shortest path forwarding and security mechanisms What do apps in ONOS do? They consume info from the view and update decisions back to view in order to make forwarding and policy decisions What do OpenFlow managers in ONOS do? They receive the changes the applications make to the view, and the appropriate switches are programmed. What do Titan and Cassandra do in ONOS? Titan, a graph database and a distributed key value store Cassandra is used to implement the view. The applications interact with the network view using the Blueprints graph API. How does ONOS achieve fault tolerance? ONOS redistributes the work of a failed instance to other remaining instances. Each switch in the network connects to multiple ONOS instances with only one instance acting as its master. Each ONOS instance acts as a master for a subset of switches. Upon failure of an ONOS instance, an election is held on a consensus basis to choose a master for each of the switches that were controlled by the failed instance. For each switch, a master is selected among the remaining instances with which the switch had established connection. At the end of election for all switches, each switch would have at most one new master instance. What are the applications of SDN? Traffic engineering, mobility and wireless, measurement and monitoring, security and dependability, data center networking SDX architecture Each AS has the illusion of its own virtual SDN switch that connects its border router to every other participant AS. For example, AS A has a virtual switch connecting to the virtual switches of ASes B and C. SDX applications in wide area traffic delivery Application specific peering, traffic engineering, wide area server load balancing, and traffic redirection through middleboxes 3 perspectives of SDN Landscape 1. A plane-oriented view (management, control, data) 2. The SDN layers 3. A system design perspective How many layers in the SDN Layers 8 1. Infrastructure SDN infrastructure consists of networking equipment (routers, switches and other middlebox hardware). All they do is forward, and all logic to operate them is done with SDN controller. ex) Switch Light (OpenFlow switch) 2. Southbound interfaces These are interfaces that act as connecting bridges between control and forwarding elements. Separate control and data plane. ex) OpenFlow 3. Network Virtualization the transformation of a network that was once hardware-dependent into a network that is software-based 4. Network Operating Systems SDNs goal is to ease network management by using a logically centralized controller: the network operating system (NOS). NOS provides abstractions, essential services and common APIs to developers 5. Northbound Interfaces Northbound interfaces are supposed to be a mostly software based, as opposed to the Southbound interfaces. 6. Language-based virtualization Use programming languages that support virtualization such as Pyretic 7. Network programming languages Network programmability can be achieved using low-level or high-level programming languages. Using low-level languages, it is difficult to write modular code, reuse it and it generally leads to more error-prone development. High level programming languages in SDNs make development more modular, code more reusable in control plane, and allow faster development. 8. Network applications: These are the functionalities that implement the control plane logic and translate to commands in the data plane. Apps such as routing, load balancing, security enforcement, OpenFlow Flow Tables It is based on a pipeline of flow tables where each entry of a flow table has three parts: a) a matching rule b) actions to be executed on matching packets c) counters that keep statistics of matching packets. When a packet arrives, the lookup process starts in the first table and ends with either a match in one of the tables of the pipeline or with a miss What's the main purpose of southbound interfaces? The Southbound interfaces or APIs are the separating medium between the control plane and data plane functionality. What are three information sources provided by OpenFlow protocol? 1. Event-based messages that are sent by forwarding devices to the controller when there is a link or port change. 2. Flow statistics are generated by forwarding devices and collected by the controller. 3. Packet messages are sent by forwarding devices to controller when they do not know what to do with a new incoming flow. SDN Core Controller Functions Functions such as topology, statistics, notifications, device management, along with shortest path forwarding and security mechanisms are essentials network control functionalities Centralized Controller a single entity that manages all forwarding devices in the network. Con: Single point of failure and scaling issues. Unable to handle large number of data plane elements. Distributed Controller a centralized cluster of nodes or a physically distributed set of elements. Pro: Fault Tolerance, Con: Weak Consistency Semantics ONOS controller ONOS is a cluster-based distributed control-plane operating system. Several ONOS instances run within one cluster, with one being a master, and they all acquire a global network view using the statistics generated by the OpenFlow manager. The ONOS clusters generate a global view and send updates based upon the set policy to the OpenFlow managers - which then act upon the new instructions. Due to its clustered, distributed nature, ONOS is able to achieve fault tolerance and scale-out performance. How does ONOS achieve fault tolerance? A master node is elected for each cluster. Upon the failure of a master node, a new master for the cluster is elected. The work of a failed instance is redistributed to other ONOS nodes in the cluster. What is P4? A high-level programming language to configure switches which works in conjunction with SDN control protocols. What are the primary goals of P4? Reconfigurability - switch packet processing should be modifiable by the controller Protocol independence - To enable the switches to be independent of any particular protocol, the controller defines a packet parser and a set of tables mapping matches and their actions Target independence - packet processing programs should be programmed independent of the underlying target device, programs written in P4 should be converted into target-dependent programs by a compiler What are the two main operations of P4 forwarding model? Configure - programming of the parser, specify header fields to be processed in each stage of packet processing Populate - allows addition / deletion of the entries in the tables, decides the policies to be applied to matching packets What are the applications of SDN? Provide examples of each application. Traffic engineering - optimize traffic flow to minimize power consumption Mobility and wireless - provides an abstraction layer, decoupling wireless protocols from the management of the data plane entities Measurement and monitoring - enables systems to respond to changes in network conditions Security and dependability - impose security policies on entry points into the network Data center networking - live network migration, troubleshooting, real-time monitoring Which BGP limitations can be addressed by using SDN? Routing using only destination IP prefix Networks have little control over end-to-end paths What's the purpose of SDX? (Proposed for IXPs) Application-specific peering Traffic engineering Traffic load balancing Traffic redirection through middleboxes Describe the SDX architecture. SDX virtualized the BGP route server architecture used in traditional internet exchange points. Each autonomous system has the illusion that it has its own virtual SDN switch connecting its border router to every other participant autonomous system What are the applications of SDX in the domain of wide area traffic delivery? Application specific peering Inbound traffic engineering Wide-area server load balancing Redirection through middle boxes IP networks challenges 1. Growing complexity and dynamic nature of networks 2. Tightly coupled architecture Planes of computer networks - Data plane - Control plane - Management plane Management plane Services that are used to monitor and configure the control functionality, e.g. SNMP-based tools In a software defined networking, every device (switch, router, middlebox, etc.) must be able to make decisions in the forwarding process. (T/F) False The transition to IPv6 would be faster with a software defined networking paradigm compared to a conventional networking paradigm. (T/F) True An OpenFlow switch may also be used for routing. (T/F) True The management plane ___________ a network policy. Defines The control plane ___________ a network policy. Enforces The data plane ___________ a network policy. Executes Advantages of controlling middleboxes via SDN controller - Shared abstractions - Consistency of same network information - Placement in network topology not as important - Simpler integration of networking applications Load balancing is only possible with software defined networking. (T/F) False In software defined networking, which network application would take precedence when managing incoming traffic? Load balancing In conventional networking, which device can implement an intrusion detection system (IDS)? Middleboxes Layers of SDN architecture Data plane: 1. Infrastructure 2. Southbound interfaces Control plane: 3. Network virtualization 4. Network operating systems 5. Northbound interfaces Management plane 6. Language-based virtualization 7. Network programming languages 8. Network applications Northbound interfaces separate the... Management plane and control plane Southbound interfaces separate the... Data plane and control plane OpenFlow is used in the ______________ plane, and it is an example of a ______________ interface. data, southbound What action does an OpenFlow device take when an incoming flow does NOT match any rules in any of the flow tables in the pipeline? Sends a message to the controller Which type of message sent by an OpenFlow device to the network OS allows for quality of service (QoS) policies to be implemented? Flow statistics Which type of message would be sent by an OpenFlow device to the network OS when it receives new routing information? An event-based message Properties of distributed controllers 1. Weak consistency semantics 2. Fault tolerance Open Networking Operating System (ONOS) Distributed SDN control platform A network controller prioritizes the rules generated by various services. (T/F) True Which architecture provides the best throughput? A distributed controller with a centralized cluster of nodes Which architecture provides the best fault tolerance? A distributed controller with physically distributed elements Which architecture has the strongest consistency semantics? A centralized controller How does ONOS handle faults? If an ONOS instance fails, the other instances elect a new master for each of the switches that were previously controlled by the failed instance. Primary goals of P4 - Reconfigurability - Protocol independence - Target independence The P4 programming language can also be used with a conventional network paradigm. (T/F) False The P4 language is being developed as a replacement for OpenFlow. (T/F) False The P4 language allows programmers to use multiple header fields to parse, match, and perform actions on packets. (T/F) True The P4 language is used to program the _______________ plane. data The forwarding model used by P4 is a pipeline. (T/F) True The match+action tables in P4 are more flexible than those in current version of OpenFlow. (T/F) True What are the two operations in the P4 forwarding model? Configure, populate Describe the three perspectives of the SDN landscape. 1. Plane-oriented view 2. The SDN layers - Consists of networking equipment (routers, switches, other middlebox) 3. A system design perspective Data plane Functions and processes that forward data in the form of packets or frames. This is the job of the physical networking equipment. The data plane EXECUTES the network policy Control plane Functions or processes that determine which path to use by using protocols to populate forwarding tables of data plane elements. I.e. any logic that operates the physical networking equipment (data plane) is in the centralized control system. The control plane ENFORCES the network policy. Control plane data: IP prefixes, AS-paths. So, to stop an AS-path announcement attack, we need access to control plane data. Management plane The services used to monitor/configure the control functionality, e.g. SNMP-based tools. The management plane DEFINES the network policy. SDN Layers [Visually from bottom to top] 8. Network Applications 7. Network Programming Languages 6. Language-Based Virtualization 5. Northbound Interfaces 4. Network Operating Systems (SDN Controllers) 3. Network Virtualization (Network Hypervisors) 2. Southbound interfaces 1. Infrastructure (data plane - forwarding devices) Simple Network Management Protocol (SNMP) A TCP/IP protocol that exchanges management information between networked devices. It allows network administrators to remotely monitor, manage, and configure devices on the network. Describe a pipeline of flow tables in OpenFlow. - Reminder: OpenFlow = standard southbound interface API allowing SDN controller in control plane to communicate with data plane. In an OpenFlow device, when a packet arrives, the lookup process starts in the first table and ends either with a match in one of the tables of the pipeline or with a miss (when no rule is found for that packet). Some possible actions for the packet include: - Forward the packet to outgoing port (OpenFlow switch can function as a router) - Encapsulate the packet and forward it to controller - Drop the packet - Send the packet to normal processing pipeline - Send the packet to next flow table - If incoming flow into OpenFlow devices doesn't match any of the rules in any of the flow tables in the pipeline, the device drops the packets SDN Layer 1: Infrastructure Layer - Networking (physical) equipment (routers, switches, appliance hardware) that perform simple forwarding tasks - The physical devices do not have embedded intelligence or control, as the network intelligence is now delegated to a logically centralized control system - the Network Operating System (NOS) - An important difference in these networks is that they are built on top of open and standard interfaces that ensure configuration and communication compatibility and interoperability among different control plane and data plane devices. As opposed to traditional networks that use proprietary and closed interfaces, these networks are able to dynamically program heterogeneous network devices as forwarding devices. SDN Layer 2: What's the main purpose of southbound interfaces? - Southbound interfaces = separating medium and connecting bridge between control plane and data plane functionality. Recall: this is the communication between the SDN controller (part of the control plane) and the SDN controlled switches (data plane). - APIs tightly coupled w/ forwarding elements of underlying physical/virtual infrastructure. - OpenFlow = widely accepted southbound API for SDNs. SDN controller (control plane) controls data plane elements via this API. - Other proposed APIs: ForCES, OVSDB, POF, OpFlex, OpenStack SDN Layer 3: Network Virtualization (Hypervisors) - Network infrastructure provides support for arbitrary network topologies and addressing schemes to promote complete network virtualization SDN Layer 4: Network Operating Systems NOS (network operating system) is a logically centralized controller that provides abstractions, important services, common APIs for developers. Popular NOSs: OpenDayLight, OpenContrail, Onix, Beacon, HP VAN SDN. SDN Layer 5: Northbound Interfaces - Notifies control applications (other part of control plane besides SDN controller) of changes in network state. I.e. communication protocol between network applications and SDN controller. E.g. sends data between the controller and apps in an SDN network. - Sends data between the controller and apps and services in an SDN network. Separates the controller and the management plane. SDN Layer 6: Language-Based Virtualization An important characteristic of virtualization is the ability to express modularity and allow different levels of abstraction. For example, using virtualization, we can view a single physical device in different ways. This takes the complexity away from application developers without compromising on security, which is inherently guaranteed. Some popular examples of programming languages that support virtualization are Pyretic, libNetVirt, AutoSlice, RadioVisor, OpenVirteX, etc. SDN Layer 7: Network Programming Languages Network programmability can be achieved using low-level or high-level programming languages. Using low-level languages makes it difficult to write modular code and reuse it, and it generally leads to more error-prone development. High-level programming languages in SDNs provide abstractions, make development more modular, make code more reusable in the control plane, do away with device-specific and low-level configurations, and generally allow faster development. Some examples of network programming languages in SDNs are Pyretic, Frenetic, Merlin, Nettle, Procera, FML, etc. SDN Layer 8: Network Applications These are the functionalities that implement the control plane logic and translate to commands in the data plane. i.e. Programs that manage underlying network. Part of the control plane. SDNs can be deployed on traditional networks and can find themselves in home area networks, data centers, IXPs etc. Example network apps: - routing - load balancing - security enforcement - end-to-end QoS enforcement - power consumption reduction, network virtualization, mobility management, etc. Some well-known solutions are Hedera, Aster*x, OSP, OpenQoS, Pronto, Plug-N-Serve, SIMPLE, FAMS, FlowSense, OpenTCP, NetGraph, FortNOX, FlowNAC, VAVE, etc. What are three information sources provided by the OpenFlow protocol? 1) Event-based messages: Sent by forwarding device to controller when there is a link or port change 2) Flow statistics: Generated by forwarding devices, collected by controller 3) Packet messages: Sent by forwarding devices to controller when they don't know what to do with a new incoming flow What are the core functions of an SDN controller? - Topology, statistics, notifications, device management, shortest path forwarding, security mechanisms - Security mechanisms: provide basic isolation/security enforcements b/t services and applications. E.g. high priority services' rules should be enforced to take precedence over rules created by apps that have lower priority What are the differences between centralized and distributed architectures of SDN controllers? Centralized architecture: - Single controller that manages all forwarding devices in network - Cons: A single controller means that there is a single point of failure. Cannot scale. Additionally, a single controller might not be sufficient to handle all the data plane elements - Some enterprise class networks/data centers (Maestro, Beacon, NOX-MT) use multi-threaded designs Distributed architecture: - Distributed controllers can be scaled to meet the requirements of networks both large and small - Distribution happens via either: 1) Centralized cluster of nodes 2) Physically-distributed set of elements - Distributed controllers have these properties: 1) Weak consistency semantics: System allows for temporary inconsistencies in the data across all replicas, meaning that nodes across the system might not all have the same values at a specific point in time 2) Fault tolerance: System can continue to function even of some of its components fail When would a distributed controller be preferred to a centralized controller Architecture that provides best throughput? Architecture that provides highest level of fault tolerance? Architecture with strongest consistency semantics? Distributed controllers are more advantageous for scaling and distribution. - Distributed controller with a centralized cluster of nodes. Centralized cluster enables tight coordination, efficient data plane processing. Distributed controller ensures scalability. Together - they allow fast decision making and thus high throughput. - Distributed controller with physically distributed set of elements. Ensures survivability even if regions fail. - Centralized controller. All decisions are made by one entity, meaning that all data is consistent. Describe the purpose of each component of ONOS (Open Networking Operating System) a distributed SDN control platform. - ONOS = distributed SDN control platform that aims to provide global view of network to apps, scale-out performance and fault tolerance - Components include: 1) Network view: The management and sharing of the network state across these instances is achieved by maintaining a global network view. This view is built by using the network topology and state information (port, link and host information, etc) that is discovered by each instance 2) OpenFlow managers: receive the changes the applications make to the view, and the appropriate switches are programmed How does ONOS achieve fault tolerance? - ONOS redistributes work of a failed instance to other remaining instances. - Each switch connects to multiple ONOS instances with only one instance acting as its master. i.e., each ONOS instance acts as master to subset of switches - When a single ONOS instance fails, an election is held to determine a master for each of the switches controlled by the failed ONOS instance. Each switch then has at most one new master instance What is P4? - Language developed to offer programmability on the data plane. Acts as interface between switches and controller. Aims to allow controller the define how the switches operate. - Works in conjunction with SDN control protocols. Cannot be used with a conventional network paradigm. What are the primary goals of P4? 1. Reconfigurability: Controller should be able to modify the way parsing/processing of packets takes place in the switches 2. Protocol independence: We want to enable switches to be independent of any particular protocol. Controller should define packet parse + set of tables mapping matches to actions. 3. Target independence: The packet processing programs should be programmed independent of the underlying target devices. These generalized programs written in P4 should be converted into target-dependent programs by a compiler which are then used to configure the switch. This goal/property is what allows multiport switch and SmartNIC, two different devices, to be programmed using P4. What are the two main operations of P4 forwarding model? Switches using P4 use programmable parser and set of match/action tables to forward packets. This is different from OpenFlow, which supports only fixed parsers based on predetermined header fields. Forwarding model is a pipeline. 1. Configure: These sets of operations are used to program the parser. Specify header fields to be processed in each match/action stage + define the order of these stages. Allows programmers to specify MULTIPLE header fields. 2. Populate: Entries in match/action tables specified during configuration may be altered using populate operations What are the applications of SDN? Provide examples of each application. 1. Traffic Engineering (Power Optimization) ElasticTree: Shuts down links/devices based on traffic load. Plug-n-Serve / Aster*x: Load balancing using wildcard rules for large request groups. ALTO VPN: Enables scalable VPN provisioning in cloud infrastructure. - Load balancing 2. Mobility & Wireless SDN simplifies WLAN/cellular network deployment & management. Features: Virtual Access Points (VAPs), dynamic spectrum use, infrastructure sharing. OpenRadio: Decouples wireless protocols from hardware. LVAPs: One-to-one client mapping; enables seamless mobility. Odin Framework: Uses LVAPs for mobility management and channel selection. - Interface management 3. Measurement & Monitoring BISmark: Reacts to broadband network changes. Reduces control plane load using sampling/estimation techniques. OpenSketch: Flexible southbound measurement API. OpenSample / PayLess: Efficient monitoring frameworks. - Traffic matrix estimation tool 4. Security & Dependability SDN-based DDoS detection and traffic anomaly detection. OF-RHM: Randomizes host IPs to confuse attackers. CloudWatcher: Monitors cloud infrastructure. - DDoS attack mitigation 5. Data Center Networking - enabling storage, processing, transmission of data within data center Enables live network migration, real-time monitoring, and troubleshooting. Detects anomalies via behavior models and signature deviations. LIME: Supports live virtual network migration. FlowDiff: Detects data center anomalies. - Optimize network utilization Which BGP limitations can be addressed by using SDN? - BGP handles routing of packets across internets - has limitations which makes internet routing unreliable/difficult to manage. Limitations include: 1) Routing only based on destination IP 2) Networks have little control over end-toe-end paths; can only select paths advertised by direct neighbors Using SDN: - SDN can match traffic over various header fields, not just by the destination prefix - SDX = SDN-based architecture What's the purpose of SDX? SDX = SDN-based architecture similar to IXPs (physical locations that facilitate interconnection b/t networks to exchange traffic and BGP routes) Proposed to implement: - Application-specific peering: Custom peering rules - Traffic engineering - Traffic load-balancing - Traffic redirection through middleboxes Describe the SDX architecture. - Traditional IXP: ASes connect their BGP-speaking border router to a shared layer-two network and a BGP route server. The layer-2 network is used for forwarding packets (data plane) and the BGP route server is used for exchanging routing information (control plane). - SDX architecture: Each AS has illustration of own virtual SDN switch that connects its border router to every other participant AS - Each AS can define forwarding policies as if it is the only participant at the SDX, without influencing how other participants forward packets on their own virtual switches - Each AS can have its own SDN applications for dropping/modifying/forwarding traffic - Main benefit: Provides an AS with more flexibility for managing traffic What are the applications of SDX in the domain of wide-area traffic delivery? 1. Application specific peering 2. Inbound traffic engineering - an SDN-enabled switch can be installed w/ forwarding rules based on source IP and packet source port, enabling AS to control how traffic enters network 3. Wide-area server load balancing - DNS caching can lead to slower responses in case of a failure 4. Redirection through middle boxes - SDX can be used to address the challenges in existing approaches to using middleboxes (firewalls, load balancers, etc). - SDX can identify and redirect only the desired traffic through a sequence of middleboxes Computer Networks' 3 Planes of Functionality 1) Data Plane - functions/processes that forward data in the form of packets or frames. Data plane EXECUTES the policy. 2) Control Plane - functions/processes determining PATH to use by using protocols to populate forwarding tables. Control plane ENFORCES the policy (I guess because forwarding tables help determine the path - and thus are a means of enforcement). 3) Management Plane - services used to monitor and configure control plane. Network policy is DEFINED in the management plane SDN Advantages - SDN decouples control plane from data plane and isolates itself as an external entity (SDN controller) - Middlebox services can be viewed as an SDN controller application (middlebox = network intermediary devices - go beyond basic packet forwarding) 1) Shared abstractions: Middlebox services can be programmed easily since abstractions provided by control platform + network programming languages can be shared 2) Consistency of same network info: all network apps have same global network information view 3) Locality of functionality placement - middlebox applications can take actions from anywhere in the network (previously, location of middleboxes was a strategic decision + significant constraint) 4) Simpler integration - integrations of networking applications are smoother Middlebox Network device that sits between the endpoints of a communication flow. Functions include: - NAT (network address translation) - Firewalling - Traffic shaping - Intrusion detection Describe a scenario where routing would take precedence over load-balancing, and vice versa. Routing takes precedence over load-balancing: - In a network with high traffic volume + complex routing requirement Vice versa: - High availability requirements (want stuff to be available more frequently, therefore must prioritize load-balancing) What are three information sources provided by the OpenFlow protocol? - Event-based messages that are sent by forwarding devices to the controller when there is a link or port change - Flow statistics are generated by forwarding devices and collected by the controller. This type of message allows for QoS policies to be implemented. - Packet messages are sent by forwarding devices to the controller when they do not know what to do with a new incoming flow ^ These provide flow-level info to the NOS Show Less
- Exam
- $17.45
- 0
- 31
CS 6250 Quiz 12 (All Quizzes) 2026/2027 Latest Update | Verified Questions and Correct Answers |
CS 6250 Quiz 12 (All Quizzes) 2026/2027 Latest Update | Verified Questions and Correct Answers | Complete Study Guide – Georgia Institute of Technology ... Show More 2026/2027 | GRADED A+ | 100 out of 100 Question: When streaming stored multimedia applications, the user must download first the entire content before it can start playing. (T/F) Answer False Question: With streaming stored multimedia applications, the user can pause, fast forward, skip ahead the audio/video. (T/F) Answer False Question: Which of the following applications is the least sensitive to network delays? Streaming video VoIP Interactive games File Transfer Answer File Transfer Question: Which of the following applications is the least tolerant to packet losses? Streaming video VoIP Interactive games File Transfer Answer File Transfer Question: What are the consequences of using TCP instead of UDP for VoIP applications? Select all that apply. Less packet loss More packet loss Less end-to-end delay. More end-to-end delay Answer Less packet loss More end-to-end delay Question: Which of the following are QoS metrics for VoIP applications? Select all that apply. End-to-end delay Jitter Packet loss Available bandwidth Answer End-to-end delay Jitter Packet loss Question: In VoIP applications, increased packet jitter results in increased end-to-end delay. (T/F) Answer True Question: Which of the following has an impact on packet jitter? Encoding delay Decoding delay The type of multimedia application Network conditions such as buffer sizes, queueing delays, network congestion levels Answer Network conditions such as buffer sizes, queueing delays, network congestion levels Question: In VoIP applications, we have a harsher definition for packet loss, as we consider a packet to be lost if it never arrives or if it arrives after its scheduled playout. (T/F) Answer True Question: With Forward Error Concealment we also transmit redundant data that can be used for reconstructing the stream at the receiver's side. This approach to error recovery can lead to more bandwidth consumption. (T/F) Answer True Question: With interleaving we mix chunks of audio together so we avoid scenarios where consecutive chunks are lost. This approach can lead to increased latency. Answer True Question: Which transport-level protocol is preferred for video content delivery? Answer TCP Question: What are the characteristics of good quality of experience from the user's perspective? Select that apply. Low or zero re-buffering High video quality Low video quality variations Low start up latency Low or zero re-buffering Answer High video quality Low video quality variations Low start up latency Question: With throughout-based rate adaption, our goal is to have a buffer-filling rate that is greater than the buffer-depletion rate. Answer True Question: With rate-based adaption, when the bandwidth changes rapidly, the player takes some time to converge to the right estimate of the bandwidth, which can lead to overestimation of the future bandwidth. (T/F) Answer True Question: Having a single server for providing Internet content has the following disadvantages: Single point of failure. Bandwidth waste in high demand for the same content. Scalability issues. Potentially big geographic distance between Internet hosts/users and the server. Answer Bandwidth waste in high demand for the same content. Scalability issues. Potentially big geographic distance between Internet hosts/users and the server. Question: One of the advantages of using CDNs is that the routing protocols they use take important aspects into consideration, such as congestion, latency, etc., in order to best deliver the content to the Internet users. (T/F) Answer False Question: There are several factors that can make a CDN network unreliable, such as misconfigured routers, power outages, malicious attacks or natural disasters. (T/F) Answer True As the Internet evolves, the topology of the ISPs has become flatter, and the number of IXPs increases as the time progresses due to the services they offer and the lower costs for the ISPS. (T/F) Answer True The major drawback of the "Enter Deep" approach is that, if one server is lost, that geographic area will experience a higher delay and lower throughput. (T/F) Answer False When using CDN servers for content delivery, there is more overhead than when using the traditional approach. (T/F) Answer True For a CDN to deliver content to an Internet user, a cluster is mapped to a client first and then a server within that cluster is selected. (T/F) Answer True Picking the geographically closest cluster location for a user is always the best choice in terms of performance for content delivery. (T/F) Answer False By using consistent hashing for server selection, in the case of a server failure, the objects that the server was responsible for can be taken care of by a random server within the same ID space. (T/F) Answer False When using DNS caching, what would happen if a host A makes a request for a domain that was just previously queried by another host? Answer The local DNS server will send the request to the appropriate DNS server to fetch the IP address. The local DNS server will immediately answer the host with the IP address. The request will be forward to the root servers first. None of the above. The local DNS server will immediately answer the host with the IP address. What is the type of the following resource record: (amazon.com, dns.amazon.com, ?, TTL)? A NS CNAME MX NS IP Anycast assigns the same IP address to multiple servers in order to deliver content from CDNs by using the closest server to a client based on BGP path length. (T/F) True HTTP redirection can only be used in order to share the load of content requests among servers. (T/F) False Having a single server for providing Internet content has the following disadvantages: SELECT ALL THAT APPLY Single point of failure Bandwidth waste in high demand for the same content Scalability issues Potentially big geographic distance between Internet hosts/users and the server Single point of failure Bandwidth waste in high demand for the same content Scalability issues Potentially big geographic distance between Internet hosts/users and the server There are several factors that can make a CDN network unreliable, such as misconfigured routers, power outages, malicious attacks or natural disasters. True False True The network topology of ISPs has become flatter over time, and the number of Internet Exchange Points (IXPs) has increased. True False True The major drawback of the "Enter Deep" approach is that if one server is lost, that geographic area will experience a higher delay and lower throughput. True False False When using CDN servers for content delivery, there is more overhead than when using the traditional approach. True False True For a CDN to deliver content to an Internet user, a cluster is mapped to a client first and then a server within that cluster is selected. True False True Picking the geographically closest cluster location for a user is always the best choice in terms of performance for content delivery. True False False When utilizing consistent hashing for server selection, in the event of a server failure, the responsibility for managing the objects originally handled by the failed server is transferred to a randomly chosen server within the same ID space. True False False When using DNS caching, what would happen if a host A makes a request for a domain that was just previously queried by another host? The local DNS server will send the request to the appropriate DNS server to fetch the IP address. The local DNS server will immediately answer the host with the IP address. The request will be forward to the root servers first. None of the above. The local DNS server will immediately answer the host with the IP address. What is the purpose of an NS record in DNS? To translate domain names in IP addresses To specify the mail server responsible for accepting email messages on behalf of the domain To redirect one domain to another domain To denote the authoritative name server for a domain To denote the authoritative name server for a domain IP Anycast assigns the same IP address to multiple servers in order to deliver content from CDNs by using the closest server to a client based on BGP path length. True False True HTTP redirection can only be used in order to share the load of content requests among servers. True False False 3 drawbacks to the traditional approach of providing content on the internet 1. Users are located everywhere 2. Can be popular resulting in a spike in demand and requests for same thing 3. Can be single point of failure Content distribution network Networks of multiple, geographically distributed servers and/or data centers, with copies of content (videos, but also many other types of Web content), that direct users to a server or server cluster that can best serve the user's request. Internet application challenges 1. Peering point congestion 2. Inefficient routing protocols 3. Unreliable networks. 4. Inefficient communication protocols. 5. Scalability 6. Application limitations and slow rate of change adoption. 2 major shifts that have changed the evolution of internet ecosystems 1. Large scale content delivery demand 2. Topological flattening CDN server placement approaches Deploying lots of small clusters to get as close as possible to the users, or deploying fewer but larger clusters to critical areas CDN server selection steps Cluster selection and server selection Limitations to choosing the closest geographically located cluster 1. Users may use remote LDNS 2. May not be the best choice in terms of actual end-to-end network performance. This can happen because of multiple reasons. What metric should be used for cluster selection? Network-layer metrics such as delay, available bandwidth or both. Also, application-layer metrics. Active measurements LDNS could probe multiple clusters, such as by sending a ping request to multiple clusters for monitoring the RTT and then use the "closest" server. Passive measurements The name server system in the CDN could keep a track of the performance metrics based on the current traffic conditions. What is the distributed 2 layer system? 1. coarse-grained global layer operates at larger time scale. This layer has a global view of client quality measurements. It builds a data-driven prediction model of video quality. 2. A fine-grained per-client decision layer that operates at the millisecond timescale. It makes actual decisions upon a client request. This is based on the latest (but possibly stale) pre-computed global model and up-to-date per-client state. Consistent hashing Balances load by assigning roughly the same number of content IDs, and requires relatively little movement of these content IDs when nodes join and leave the system. Servers and the content objects are mapped to the same ID space. 3 network protocols for server selection DNS HTTP redirection IP Anycast Why do we need DNS? The identifiers we have for an Internet host is the IP address and the hostname. The advantage of using hostnames is that they can be easily remembered by humans. The main disadvantage of hostnames is that they are consisting of variable characters and thus it's difficult for routers to process them. Using this system can help us translate hostnames to IP addresses. How does DNS work? 1. It provides a distributed database implemented over a hierarchy of servers. 2. It is an application layer protocol that allows hosts to query this database and provide the translation of hostnames to IP addresses. Main steps that a host takes to use DNS 1. The user host runs the client side of the DNS application 2. The browser extracts the hostname www.someschool.edu (Links to an external site.) and passes it to client side of the DNS application. 3. DNS Client sends a query containing the hostname of DNS 4. DNS Client eventually receives a reply which included IP address for the hostname 5. As soon as the host receives the IP addresses, it can initiate a TCP connection to the HTTP server located at that port at that IP What are some other services offered by DNS? Mail server/host aliasing and load distribution Why would a centralized model for DNS be bad? 1. It introduces a single point of failure. 2. It would be very difficult for a single server to handle all the volume of the querying traffic. 3. This model is based on a centralized database which cannot be close to all querying clients. This model would cause significant delays and slow performance for the clients which are geographically distant 4. Maintaining this centralized database would be a big problem as we would have to update a huge database with updates for every single host in the Internet. DNS hierarchy consists of the following servers Root DNS servers Top level domain (TLD) Servers Authoritative servers Local DNS servers DNS caching Caches the responses. This helps reduce performance delay and make it more efficient. After a server receives the DNS reply of mapping from any host to IP address, it stores this information in the Cache memory before sending it to the client. DNS Records Mappings between hostnames and IP addresses. They are contained in the DNS reply messages 4 DNS Record fields Name, value, Type, and TTL Most common type of DNS Record TYPE=A TYPE=NS TYPE=CNAME TYPE=MX: the name is the alias hostname of a mail server, and the Value is the canonical name of the email server. (abc.com, mail.dnsserver.abc.com, MX) Type A DNS Record The name is a domain name and value is the IP address of the hostname. Type NS DNS Record The name is the domain name, and the value is the appropriate authoritative DNS server that can obtain the IP addresses for hosts in that domain. Type CName DNS Record The name is the alias hostname, and the value is the canonical name Type MX DNS Record The name is the alias hostname of a mail server, and the Value is the canonical name of the email server. IP Anycast Route a client to the "closest" server, as determined by BGP (Border Gateway Protocol), a routing protocol used for inter-AS routing. This is achieved by assigning the same IP address to multiple servers belonging to different clusters. Now, each of these servers will use the standard BGP to advertise this IP address. Thus multiple BGP routes for the same IP address corresponding to different cluster locations will propagate in the public Internet. HTTP Redirection Protocol Essentially, when a client sends a GET request to a server, say A, it can redirect the client to another server, say B, by sending an HTTP response with a code 3xx and the name of the new server. Enter deep CDNs place many smaller server clusters "deep" into the access networks around the world. The goal is to make the distance between a user and the closest server cluster as small as possible, which reduces the delay and increases the available throughput for each user. However, the downside to this highly distributed approach is that it is much more difficult to manage and maintain so many clusters. Bring home CDNs place fewer larger server clusters at key points (typically in IXPs, not in access networks). There's not as many server clusters to manage or maintain, so those tasks are easier, but the downside is that the users will experience higher delay and lower throughput. What role does DNS play in CDNs? Notice the interplay of the DNS request/responses, and what the user's perspective of the whole exchange is. By intercepting the requests with DNS, CDNs have the opportunity to choose where to direct users, based on location and/or current conditions. How are the metrics for cluster selection obtained? Active and passive measurements Why does DNS use a hierarchical scheme? To solve the scalability problem Iterative query process DNS The querying host is referred to a different DNS server in the chain, until it can fully resolve the request. Recursive query process DNS The querying host, and each DNS server in the chain queries the next server and delegates the query to it. Show Less
- Exam
- $13.95
- 0
- 33
CS 6250 Quiz 11 (All Quizzes) 2026/2027 Latest Update | Verified Questions and Correct Answers |
CS 6250 Quiz 11 (All Quizzes) 2026/2027 Latest Update | Verified Questions and Correct Answers | Complete Study Guide – Georgia Institute of Technology ... Show More 2026/2027 | GRADED A+ | 100 out of 100 Question: Compare the bit rate for video, photos, and audio. Answer Video - 2 Mbps Facebook photo gallery browsing (1 photo/s) - 320 kbps Music - 128 kbps Question: What are the characteristics of streaming stored video? Answer - Streamed - video starts playing within a few seconds of receiving data, instead of waiting for the whole file - Interactive - user can pause, fast forward, skip ahead, move back - Continuous playout - should play out the same way it was recorded Question: What are the characteristics of streaming live audio and video? Answer - Many simultaneous users - Delay sensitive Question: What are the characteristics of conversational voice and video over IP? Answer - Delay sensitive - Loss tolerant - the occasional glitch is okay Question: How does the encoding of analog audio work (in simple terms)? Answer Generally speaking, audio is encoded by taking many (as in, thousands) of samples per second, and then rounding each sample's value to a discrete number within a particular range. (This "rounding" to a discrete number is called quantization.) Question: What are the three major categories of VoIP encoding schemes? Answer 1. Narrowband 2. Broadband 3. Multimode Question: What are the functions that signaling protocols are responsible for? Answer 1. User location - the caller locating where the callee is. 2. Session establishment - handling the callee accepting, rejecting, or redirecting a call. 3. Session negotiation - the endpoints synchronizing with each other on a set of properties for the session. 4. Call participation management - handling endpoints joining or leaving an existing session. Question: What are three QoS VoIP metrics? Answer - end-to-end delay - jitter - packet loss Question: What kind of delays are included in "end-to-end delay"? Answer - the time it takes to encode the audio - the time it takes to put it in packets, - all the normal sources of network delay that network traffic encounters such as queueing delays - "playback delay," which comes from the receiver's playback buffer (which is a mitigation technique for delay jitter) - decoding delay, which is the time it takes to reconstruct the signal Question: How does "delay jitter" occur? Answer Between all the different buffer sizes and queueing delays and network congestion levels that a packet might experience, different voice packets can end up with different amounts of delay. One voice packet may be delayed by 100 ms, and another by 300 ms. We call this phenomenon "jitter," "packet jitter," or "delay jitter." Question: What are the mitigation techniques for delay jitter? Answer The main VoIP application mechanism for mitigating jitter is maintaining a buffer, called the "jitter buffer" or the "play-out buffer." This mechanism helps to smooth out and hide the variation in delay between different received packets, by buffering them and playing them out for decoding at a steady rate. There's a tradeoff here, though. A longer jitter buffer reduces the number of packets that are discarded because they were received too late, but that adds to the end-to-end delay. A shorter jitter buffer will not add to the end-to-end delay as much, but that can lead to more dropped packets, which reduces the speech quality. Question: Compare the three major methods for dealing with packet loss in VoIP protocols. Answer - FEC (Forward Error Correction) - transmitting redundant data alongside the main transmission, which allows the receiver to replace lost data with the redundant data - Interleaving - mixing chunks of audio together so that if one set of chunks is lost, the lost chunks aren't consecutive - Error concealment - "guessing" what the lost audio packet might be Question: How does FEC (Forward Error Correction) deal with packet loss in VoIP? What are the tradeoffs of FEC? Answer Lost data is replaced with the redundantly-transmitted data. Tradeoffs: the more redundant data transmitted, the more bandwidth is consumed. Also, some of these FEC techniques require the receiving end to receive more chunks before playing out the audio, and that increases playout delay. Question: How does interleaving deal with the packet loss in VoIP/streaming stored audio? What are the tradeoffs of interleaving? Answer Not having consecutive loss chunks, so as to minimize the impact of a packet loss. Tradeoff: the receiving side has to wait longer to receive consecutive chunks of audio, and that increases latency. Unfortunately, that means this technique is limited in usefulness for VoIP, although it can have good performance for streaming stored audio. Question: How does the error concealment technique deal with packet loss in VoIP? Answer "Guessing" what the lost audio packet might be. This is possible because generally, with really small audio snippets (like between 4 ms and 40 ms), there's some similarity between one audio snippet and the next audio snippet. Could be repeating the previous packet or interpolating using the previous and next packets. Question: What developments lead to the popularity of consuming media content over the Internet? Answer 1. The bandwidth for both the core network and last-mile access links have increased tremendously over the years. 2. Video compression technologies have become more efficient. This enables streaming high-quality video without using a lot of bandwidth. 3. The development of Digital Rights Management culture has encterm-16ouraged content providers to put their content on the Internet. Question: Provide a high-level overview of adaptive video streaming. Answer The video content is first created -- say in a professional studio like this lesson or using a smartphone by a user. The raw recorded content is typically at a high quality. It is then compressed using an encoding algorithm. This encoded content is then secured using DRM and hosted over a server. Typically content providers have their own data centers such as Google or use third-party Content delivery networks to replicate the content over multiple geographically distributed servers. This makes sure that the content can be delivered in a scalable manner. The end-users download the video content over the Internet. The downloaded video is decoded and rendered on the user's screen. Question: Which protocol is preferred for video content delivery - UDP or TCP? Why? Answer TCP, as data loss would make it difficult to reliably decode video data. TCP also provides congestion control, which is required for effective bandwidth sharing. Question: What was the original vision of the application-level protocol for video content delivery, and why was HTTP chosen eventually? Answer The original vision was to have specialized video servers that remembered the state of the clients. These servers would control the sending rate to the client. In the event that the client paused the video, it would send a signal to the server and the server would stop sending video. Thus, all the intelligence would be stored at a centralized point and the clients, which can be quite diverse, would have to do a minimal amount of work. However, all this required content providers to buy specialized hardware. Another option was to use the already existing HTTP protocol. In this case, the server is essentially stateless and the intelligence to download the video will be stored at the client. A major advantage of this is that content providers could use the already existing CDN infrastructure. Moreover, it also made bypassing middleboxes and firewalls easier as they already understood HTTP. Question: Summarize how progressive download works. Answer The client sends byte-range requests for part of the video instead of requesting the entire video. Once the video content has been watched, the client sends a request for more content. Ideally, this should be enough for streaming without stalls. To account for throughput variations, the client pre-fetches some video ahead and stores it in a playout buffer. Question: How to handle network and user device diversity? Answer Content providers encode their video at multiple bitrates chosen from a set of pre-defined bitrates. Specifically, the video is chunked into segments which are usually of equal duration. Each of these segments is then encoded at multiple bitrates and stored at the server. The client request while requesting for a segment also specifies its quality. How does the bitrate adaptation work in DASH? Answer A video in DASH is divided into chunks and each chunk is encoded into multiple bitrates. Each time the video player needs to download a video chunk, it calls the bitrate adaptation function, say f. The function f that takes in some input and outputs the bitrate of the chunk to be downloaded. What are the goals of bitrate adaptation? Answer 1 .Low or zero re-buffering: users typically tend to close the video session if the video stalls a lot 2. High video quality: the better the video quality, better the user QoE. A higher video quality is usually characterized by a high bitrate video chunk. 3. Low video quality variations: a lot of video quality variations are also known to reduce the user QoE. 4. Low startup latency: startup latency is the time it takes to start playing the video since the user first requested to play the video. What are the different signals that can serve as an input to a bitrate adaptation algorithm? Answer - Network Throughput: The first signal that can facilitate the selection of bitrate is the network conditions, or more specifically, the network throughput. - Video Buffer: The amount of video in the buffer can also inform the decision of the video bitrate for the next chunk. Explain buffer-filling rate and buffer-depletion rate calculation. Answer The buffer-filling rate is essentially the network bandwidth divided by the chunk bitrate. The buffer-depletion rate is simply 1 because 1 s of video content gets played in 1 s. What steps does a simple rate-based adaptation algorithm perform? Answer 1. Estimation: The first step involves estimating the future bandwidth. This is done by considering the throughput of the last few downloaded chunks. Typically, a smoothing filter such as moving average, or the harmonic mean is used over these throughputs to estimate the future bandwidth. 2. Quantization: In the second step, the continuous throughput is mapped to a discrete bitrate. Basically, we select the maximum bitrate that is less than the estimate of the throughput, including a factor in this selection. Explain the problem of bandwidth over-estimation with rate-based adaptation. Answer TL;DR Under the case when the bandwidth changes rapidly; the player takes some time to converge to the correct estimate of the bandwidth. As observed in this specific, this can sometimes lead to an overestimation of the future bandwidth. Explain the problem of bandwidth under-estimation with rate-based adaptation. Answer This was terribly explained... Continuous playout Answer It should play out the same way it was recorded without freezing up in the middle. Differences between streamed audio and video Audio is more delay sensitive and has many simultaneous users What is the most delay sensitive? Conversational video and voice over IP Challenge of VoIP It's broadcasted over the internet 3 major categories of encoding schemes narrowband, broadband, and multimode Signaling protocol is responsible for what 4 major functions 1. User location 2. Session establishment 3. Session negotiation 4. Call participation management 3 metrics for quality of service for VoIP end-to-end delay jitter packet loss End-to-end delay sources The time it takes to encode the audio The time it takes to put it in packets Normal sources of network delay that network traffic encounters such as queueing delays "playback delay" decoding delay Why is jitter problematic? It interferes with reconstructing the analog voice stream. With large jitter, we end up with more delayed packets that end up getting discarded, and that can lead to a gap in the audio. Too many dropped sequential packets can make the audio unintelligible How do you mitigate jitter? Maintaining a buffer, called the "jitter buffer" or the "play-out buffer." This mechanism helps to smooth out and hide the variation in delay between different received packets, by buffering them and playing them out for decoding at a steady rate. Tradeoff for jitter buffer A longer jitter buffer reduces the number of packets that are discarded because they were received too late, but that adds to the end-to-end delay. A shorter jitter buffer will not add to the end-to-end delay as much, but that can lead to more dropped packets, which reduces the speech quality. Packet loss for VoIP It either never arrives OR if it arrives after its scheduled playout. 3 protocols for dealing with packet loss in VoIP FEC (forward error correction) Interleaving Error concealment Forward error correction Transmitting redundant data alongside the main transmission, which allows the receiver to replace lost data with the redundant data. Interleaving Doesn't transmit ANY redundant data, and so it doesn't add extra bandwidth requirements or bandwidth overhead. It works by mixing chunks of audio together so that if one set of chunks is lost, the lost chunks aren't consecutive. Tradeoff for interleaving Increases latency Error concealment "Guessing" what the lost audio packet might be What tech/trends have led to live and ondemand streaming? 1. The bandwidth for both the core network and last-mile access links have increased tremendously over the years. 2. The video compression technologies have become more efficient. Two types of content streamed over the internet Live and on demand Adaptive video content streaming steps 1. The video content is first created 2. It is then compressed using an encoding algorithm. 3. This encoded content is then secured using DRM and hosted over a server. 4. Content delivery networks to replicate the content over multiple geographically distributed servers. This makes sure that the content can be delivered in a scalable manner. 5. The end-users download the video content over the Internet. 6. The downloaded video is decoded and rendered on the user's screen. What protocol is chosen for video delivery? Why? TCP bc it provides reliability. An additional benefit of using TCP was that it already provides congestion control which is required for effectively sharing bandwidth over the Internet. What application-layer protocol should be used for video delivery? Why? http because the server is essentially stateless and the intelligence to download the video will be stored at the client. A major advantage of this is that content providers could use the already existing CDN infrastructure. Moreover, it also made bypassing middleboxes and firewalls easier as they already understood HTTP. What are the disadvantages to using HTTP get for video? 1. Users often leave the video mid-way. Thus, downloading the entire file can lead to a waste of network resources. 2.The video content that has been downloaded but not played so far would have to be stored. Thus, we will need a video buffer at the client to store this content in memory Playout buffer Number of seconds of video that can be downloaded in advance or in terms of size in bytes. 2 streaming states Filling state and steady state Filling state This happens when the video buffer is empty and the client tries to fill it as soon as possible. Steady state After the buffer has become full, the client waits for it to become lower than a threshold. After which, the client sends a request for more content. Bitrate adaption Once the available bandwidth reduces due to a background download, you can reduce the video quality and stream the video lower, avoiding any stalls. DASH/Dynamic streaming over http The client dynamically adjusts the video bitrate based on the network conditions and device type. Dynamic streaming signifies the dynamic bitrate adaptation. 4 conditions for good quality of experience for bitrate adaption Low or zero re-buffering High video quality Low video quality variations Low startup latency Network throughput The first signal that can facilitate the selection of bitrate 2 types of input to bitrate algorithms Network throughput and video buffer Rate based adaption steps Estimation and quantization Quantization Estimation Considering the throughput of the last few downloaded chunks Quantization The continuous throughput is mapped to discrete bitrate. Basically, we select the maximum bitrate that is less than the estimate of the throughput, including a factor in this selection. Why do we add a factor during quantization? We want to be a little conservative in our estimate of the future bandwidth to avoid any re-buffering If the chunks are VBR-encoded, their bitrate can exceed the nominal bitrate Finally, there are additional application and transport-layer overheads associated with downloading the chunk and we want to take them into account Bitrate for videos, photos, and audio High for video, audio has lower bit rate, photos are somewhat in the middle Streaming stored video characteristics Can play within a few seconds of getting data, interactive, continuous playout out, on a CDN Streaming live audio and video characteristics Many simultaneous users, delay sensitive Conversational voice and video over IP Highly delay sensitive and loss tolerant How is analog video encoded? By taking many (as in, thousands) of samples per second, and then rounding each sample's value to a discrete number within a particular range. Tradeoffs of FEC The more redundant data transmitted, the more bandwidth is consumed. Also, some of these FEC techniques require the receiving end to receive more chunks before playing out the audio, and that increases playout delay. Progressive download Thus, instead of downloading the content all at once, the client tries to pace it. This can be done by sending byte-range requests for part of the video instead of requesting the entire video. Once the video content has been watched, it sends request for more content. Ideally, this should be enough for streaming without stalls. How to handle network and user device diversity? Bitrate adaption Buffer filling The network bandwidth divided by the chunk bitrate Buffer depletion The output rate is simply 1 Overestimation with bitrate adaption Bandwidth changes rapidly, the player takes some time to converge to the right estimate of the bandwidth. Underestimation with bitrate adaption Note that this problem happens because of the ON-OFF behavior in DASH. Had it been two competing TCP-flows they would have gotten their fair share. While we have seen this problem for DASH and a competing TCP flow, it can also happen in competing DASH players leading to an unfair-allocation of network bandwidth. Show Less
- Exam
- $13.95
- 0
- 34
Purchase the bundle to get the full access instantly
- 3 Million+ Study Documents
- 100% Money Back Guarantee
- Immediate Download Access
Add To Cart
Reviews 0
Bundle Details
$68.45
$189.40 Save 64%
Bundle price (12 items)
Sale Ends In
- Trusted by 1 Million+ Students
- 100% Money Back Guarantee
- Instant Download After Purchase
18
0
Seller Details
Beginner
Reviews received
$68.45
$189.40Save 64%
Google