search for ccna answer

Showing posts with label UTAR. Show all posts
Showing posts with label UTAR. Show all posts

Thursday, May 17, 2012

UCEN 3133 Advanced Computer Networks - Tutorial 4 - Year 2012

Tutorial 4 – QOS and RSVP

1. List and briefly describe the activities that a router or switch is likely to engage in to provide a certain QOS guarantee in a network.

     (i)            Policing: verifying that incoming traffic conforms to its agreed specification
   (ii)            Admission control: checking to see if there are enough resources to meet a request for QoS
 (iii)            Classification: recognizing those packets that need particular levels of QoS 
 (iv)            Queuing and scheduling: making decisions about when packets are transmitted and which packets are dropped that are consistent with the QoS guarantees


2. What is the primary difference between IntServ and DiffServ approaches to allocating resources for QOS purposes ? Which approach scales better for a large IP network and why ?

IntServ enables end-to-end QoS guarantees for a single flow (microflow) from one sender to one or more receivers through a signalling protocol like RSVP
DiffServ a coarse-grained model groups traffic of many different flows into several small classes and provides QOS guarantees on a per-class basis

DiffServ scales better. In a large IP network, the number of microflows is very large and to keep QOS and state information about each one provides a heavy burden on the routers in the network, making it difficult to scale. Grouping flows into classes allows easier management of QOS information.

3. In what way does the deficit round robin (DRR) approach provide for a more fairer QOS allocation of transmission resources on a router as compared to the weighted round robin approach ? Briefly explain how it works.

It computes weights allocated to different flows in terms of total bytes rather than number of packets. This is fairer QOS allocation because IP packets vary in size
DRR allocates a number of bytes to each flow. When a flow is selected, DRR transmits as many packets as possible without exceeding the allotted number of bytes.
The remainder (i.e. the difference between the number of bytes that was allocated and the size of the packets actually sent) becomes a deficit which is added to the amount that will be sent in the next round


4. Explain briefly how RSVP works with reference to the PATH and RESV messages.

     (i)            PATH messages travel from a sender to one or more receivers (explicitly designed to support multicast)  and include TSpecs and classification information provided by the sender.
   (ii)            When a receiver gets a PATH message, it can send a RESV message back toward the sender. The RESV message identifies the session for which the reservation is to be made and indicates the level of QoS required by this receiver.
 (iii)            Messages are intercepted by every router along the path, so that resource allocation can take place at all the necessary hops.
 (iv)            Each router must agree to reserve the resources the request specifies. Reservation is unidirectional for a single flow direction


5. Three clients are receiving shared multicast video traffic flow across a MPLS network from a media server. The routes from these different client converge on a router that the server is directly connected to. All 3 clients make a QOS reservation requests for a delay latency of 30ms, 15 ms and 10 ms respectively to this router.

     (i)            How would RSVP handle these requests in the router ?
   (ii)            How does RSVP ensure that these reservation requests are propagated correctly across the MPLS network to this router at the transmitting end ?


i) These requests are merged into a single reservation request for the common flow, to which the router will select the smallest latency of 10ms

ii) When a path message in RSVP is sent to a client, each router at each hop inserts its own IP address as the message’s last hop. Each router can look at the last hop field to learn where the flow came from. Should it later receive a reservation request for this flow, this last hop information tells it where to send the reservation request next.


6. Explain briefly what the term soft state means within the context of RSVP. Consider an ongoing video conference involving 2 clients receiving multicast traffic  from a central server. A new client wishes to join this multicast group. Outline the series of steps that it will undergo to achieve this, and show how soft state helps in this registration process.

Soft state means that PATH and RESV messages in RSVP must be sent periodically to refresh a reservation. If they are not sent for some interval (the time-out period), then the reservation is automatically torn down

  1. The client sends an IGMP group membership report message to join this multicast group.
  2. The local router receives this message and to update the rest of the network, the router builds an OSPF link state advertisement and floods it through the network.   Once all routers are updated, multicast traffic begins to flow to the new client.
  3. Path messages for the flow can reach it as well, and soft state assures that a periodic path message from the sender will eventually reach the new client.
  4. With this path message in hand, the client can identify the flow and place its own reservations.

7.  How does label distribution in MPLS assist in the creation of a RSVP reserved flows ? Describe briefly the steps involved in this process which lead to the creation of a label switched path (LSP).

Labels are bound between flows that have RSVP reservations (through the use of a FEC) and then distributed through the MPLS network.

When an LSR wants to send a RESV message for a new RSVP flow:
     (i)            It allocates a label from its pool of free labels
   (ii)            Creates an entry in its LFIB with the incoming label set to the allocated label
 (iii)            Sends out the RESV message containing this label to the upstream LSR.
 (iv)            Upon receipt of a RESV that contains this label, an LSR populates its LFIB with this label as the outgoing label
   (v)            It then allocates a new label to use as the incoming label and inserts that in the RESV message before sending it upstream.
 (vi)            As RESV messages propagate upstream, an LSP is established along the path.


8. What is meant by Per Hop Behaviour (PHB) in the context of the DiffServ approach to QOS allocation and how is it indicated ? Briefly describe the 3 main types of PHBs

DiffServ allows each node along the path to define the service that a given class will receive and this can vary from node to node along a given path, therefore DiffServ does not provide QOS end-to-end guarantees. Each of the standard PHBs is indicated by a recommended DSCP value, and each router has a table that maps the DSCP found in a packet to the PHB that will determine how that packet is treated

Default - No special treatment, equivalent to best effort.
Expedited forwarding (EF) - Packets marked EF should be forwarded with minimal delay and experience low loss.
Assured forwarding (AF) - Packets go into different priority queues where they have different drop preferences if congestion occurs

9. Briefly describe the standard approach towards congestion avoidance in TCP and state two disadvantages with this approach.   Explain how Explicit Congestion Notification (ECN) overcomes these disadvantages.

Congestion avoidance in TCP assumes that packet losses in the network are an indication of congestion, and reduce their sending rates when they experience packet loss.
Disadvantages:
     (i)            For real time applications, the lost packet will need to be transmitted and its late arrival will cause degradation
   (ii)            A lost packet consumes resources up to the point it is lost, it would be preferable not to send the packet at all if it is just going to be thrown away

Router sets “congestion experienced” (CE) bit in packet header when it detects congestion, and then forward the packets rather than dropping it. The router must have some form of queue management to actively monitor congestion. When a packet with the CE bit arrives at its destination, the receiver must send a signal back to the sender that will cause the sender to reduce its sending rate.


10. A multimedia network that provides QOS guarantees uses a leaky bucket policer in one of its routers to ensure that the incoming packet traffic does not exceed the TSpec specification agreed upon during an initial session of Integrated Services (IntServ). The following are the features of this policer:

·         The token buffer can hold at most three (3) tokens, and is initially filled with two (2) tokens at time slot t = 0.

·         New tokens arrive into the bucket at a rate of two (2) tokens per time slot. Packets arrive at the beginning of a time slot and enter the packet queue, where they are processed and transferred to the output link in a First In First Out (FIFO) manner.

·         The size of the packet queue is four  (i.e. it can queue a maximum of 4 packets at any given time slot); any extra arriving packets are dropped.

·         Packets that obtain available tokens in a given time slot go together on the same time slot in the output link.             





Time slot
Incoming Packets
0
A B C D
1
E F
2
G
3
-
4
-
5
H I J K
6
L M N O
7
P Q
8
-
9
R S T


The table shows incoming packets from the network into the router with the policer, from time slot t = 0 to time slot t = 9. Based on this information, construct a new table with columns showing the packets in queue, tokens in bucket and packets on output link from time slot t = 0 to t = 9.                                            



Time slot
Packets in queue
Tokens in bucket
Packets at output
0
A B C D
2
A B
1
C D E F
2
C D
2
E F G
2
E F
3
G
2
G
4
-
3
-
5
H I J K
3
H I J
6
K L M N
2
K L
7
M N P Q
2
M N
8
P Q
2
P Q
9
R S T
2
R S
Posted by at No comments:
Labels: , , , , , , , , , ,

Tuesday, May 15, 2012

UCEN 3133 Advanced Computer Networks - Tutorial 3 - Year 2012

Tutorial 3 – MPLS Operation

1. A smaller autonomous system (AS) is defined inside the boundaries of a larger AS, and both of them employ MPLS to forward packets. A label switched path (LSP) has already been established from end-to-end between edge Label Switched Routers (LSRs) from the larger AS. This LSP tunnels through the smaller AS. In this scenario, what mechanism does MPLS provide in order to minimize routing information maintenance in the internal LSRs of the smaller AS ? Describe in detail how this mechanism works as a labelled packet is forwarded through the smaller AS.

MPLS uses a stack of labels.
  1. When a transit packet arrives with its own label corresponding to an external LSP, the ingress LSR of the smaller AS pushes a new label onto the label stack.
  2. This new label corresponds to an internal LSP within the smaller AS
  3. The internal LSRs of the smaller AS switch the packet through to the egress LSR, working only on the topmost label (the new label)
  4. At the egress LSR of the smaller AS, the new label is popped off the stack restoring original label.
  5. The packet resumes its travel using the original external LSP for the larger AS.


2. What is the motivation behind the use of Penultimate Hop Popping in an MPLS network ? Describe briefly how it works.

It provides a form of optimization to minimize the performance penalty incurred when the egress LSR of a MPLS network has to perform two lookup operations when processing a label stack. When a packet with a stack of two labels arrives at the penultimate LSR (the LSR before the egress LSR), it pops the top stack before forwarding it onwards to the last stack.

3. Distinguish between the independent and ordered control approach to exchanging labels in the Label Distribution Protocol (LDP).

Independent control - Each LSR advertises label mappings at will. In an unsolicited mode, LSRs will generally advertise new labels whenever the IP routing information changes.

Ordered control - In this mode,  all path advertisements originate at the egress router, and the label advertisement messages travel upstream to the ingress router. For advertisement on demand, a request from the ingress router triggers a chain of requests downstream to the egress router

4. Explain, with the aid of a diagram, how the liberal approach to label retention works in the LDP ? What advantage does the liberal approach offer over the conservative approach, and what is its corresponding disadvantage ?

It retains all label mappings even if they don’t correspond to an existing LSP.

  • Advantage: If the next hop path changes for the LSP, the given LSR  may already have a new LSP ready, so it can react to the routing change almost immediately. Whereas in conservative approach, the LSR will need to request label mappings first from alternative downstream LSRs in the neighbourhood.
  • Disadvantage: Larger mapping table space required to keep all the labels, as well as network overhead in label exchange when the number of neighbouring LSRs is very large.


5. Explain two approaches that could be employed to address the potential problem of loops in the label distribution protocol (LDP)

·         The hop count field in the label request message is incremented by all LSRs that the message passes through. If the hop count ever reaches a maximum value,  a loop has occurred and the LSR sends a LDP notification message to the originator of the message.
  • Path vectors - Each router inserts its own LSR ID in the path vector field of the message, and if it ever finds its own ID here in a newly received message, it breaks the loop


6. Name the two situations in which a LSR in the middle of a LSP may need to return an Internet Control Message Protocol (ICMP) error message to a datagram’s source. What is the problem with using ICMP in a Virtual Private Network (VPN) deployed using MPLS, and how is this addressed by the LSR that wishes to create the ICMP message ?

Two situations:
  • The datagrams hop limit may run out
  • The packet may encounter a problem in a link between routers (link broken, or datagram too large to be fragmented and sent over link)

In a VPN, only the egress router at the boundary of the VPN is able to access the source IP address. Other intermediate routers cannot access the source IP address (which is encrypted using IPSec), and hence cannot route the appropriate ICMP message back to the source.
This is addressed by creating a ICMP message and adding the original stack label from the packet that caused the error. This ICMP datagram will follow the route of the original packet to the egress router, who can then successfully route it back to its source.


7. How might a session initialization deadlock occur during the LDP of a MPLS ? Explain how this can be overcome using the LDP hello message.

As part of LDP, two LSRs may not be able to agree on parameters during session initialization. The propose / reject cycle could then continue indefinitely, causing a deadlock. This can be overcome by having the network administrator intervene and make the passive LSR accept the proposed session. To make the active LSR propose again, the passive LSR increments the configuration sequence number in its hello messages to the active LSR. 
Posted by at No comments:
Labels: , , , , , , ,

Monday, April 16, 2012

UCEN 3133 Advanced Computer Networks - Tutorial 1


1. Explain how connection oriented switching (as exemplified by technologies like ATM or MPLS) provides an advantage of speed over connectionless packet switching technologies (such as TCP/IP) ?

Connection oriented switching uses the label on a packet as an index into an internal table to forward the packets onwards. The process of indexing into a table is faster than searching a table (which is the mechanism used in routing), particularly when the indexing can be implemented in hardware
 
2. Describe briefly 4 underlying reasons why ATM was not adopted on a larger scale. What factor makes MPLS more attractive to a broader adoption in comparison to ATM ?

  1. Expense: ATM switches and NIC much more expensive than Ethernet: existing Ethernet equipment in IP networks could not be reused
  2. Connection set up latency: Since ATM is connection oriented, the packet request to set up a PVC has to pass through many switches before acknowledgment
  3. Cell overhead: the large ATM cell header provides a big overhead
  4. Specification of QOS requirements difficult: not all applications know beforehand the QOS that they require during a session.

MPLS was designed to build on top of the existing IP infrastructure (particularly layer 2 – Ethernet), rather than replace it completely – which makes it easier for companies with legacy IP infrastructure to migrate.

3. Explain how a Switched Virtual Circuit (SVC) established in an ATM network ?

  1. The host requiring a connection sends a  connection request to first ATM switch
  2. This ATM switch then finds path to destination and forwards request to all switches along path
  3. Each pair communicates with the next in sequence on path to choose matching VPI/VCI and store in respective tables.
  4. Only if all switches agree to establishing the SVC, is successful acknowledgement provided, otherwise request denied.
  5. The request setup SVC is done through signalling control and request messages, sent across reserved connections for control traffic


4. Briefly describe 3 advantages offered by switching across an IP infrastructure

  1. Faster forwarding because of indexing in place of routing table lookup
  2. Aggregated route information.  IP routing table look up once when packet arrives at edge router in ISP, and packet is assigned a label for further forwarding.
  3. Manage aggregate flows through a Service Level Agreement (SLA) easier with labels. Each label is equivalent to the Forward Equivalence Class (FEC)

5. Consider 2 hosts, X and Y,  in an ATM network with 3 intermediating ATM switches, A, B and C between them. The order of connection in a newly formed PVC is X -> A -> B-> C-> Y. Given below are the switching tables for all 3 switches:

Switch C

Old
VPI/VCI
Interface
New
VPI/VCI
0
0
5
1
0
3
2
1
2
3
1
4
4
2
1
5
0
0

Switch B

Old
VPI/VCI
Interface
New
VPI/VCI
0
1
0
1
0
5
2
0
4
3
0
1
4
2
2
5
0
3

Switch A

Old
VPI/VCI
Interface
New
VPI/VCI
0
0
5
1
0
1
2
1
3
3
2
2
4
0
4
5
1
0

Given that the VPI/VCI leading into Y has the value of 4, what is the value of the VPI/VCI at the initial end of X ?

Answer:

From Switch C table, the old VPI/VCI resulting in 4 going into Y is 3
From Switch B table, the old VPI/VCI resulting in 3 going into Switch C is 5
From Switch A table, the original VPI/VCI resulting in 5 going into Switch B is 0
Therefore, initial end of X has VPI/VCI of 0
Posted by at No comments:
Labels: , , , , , ,

Wednesday, July 22, 2009

UTAR Hack: Labs Password

Hi, UTARIAN..

Here is the password for UTAR labs passowrd.

Download The picture from
1)http://cid-7f18eef7e224740a.skydrive.live.com/self.aspx/onlycn/%e6%9c%aa%e6%a0%87%e9%a2%982-1.jpg

2)Get the download link of the password file from the picture

3)the password for viewing the password file hint is: thefilename.

Enjoy!
Posted by at 2 comments:
Labels: ,

Monday, April 7, 2008

Access Command Prompt from UTAR

There are many method to unlock the command prompt in UTAR
Below are those method that found out by the people :

Method 1:
Create a batch file. First open the notepad. After that..
---------------(copy after this line)
command
---------------(copy end)
Save the word above into xxx.bat and run it then it will pop up a shell which is cmd.


Method 2:
Using gpedit.msc. gpedit.msc can be found in the %systemroot% normally is 'winnt' or 'windows' folder. When you click on it, choose the User Configuration -> Administrative Template -> System.



Then you will find 'Prevent access to the command prompt', click it.

Choose 'Disabled'
After that, you can start your command prompt in your program accessories.


Method 3:
Modify the registry key of the command prompt in the regedit.

If any of UTARIAN found any method, you are welcome to share your experince and method with us to bncteam4u@gmail.com

Regards,

Bluefiz
Posted by at No comments:
Labels: ,

Sunday, March 23, 2008

EH Episode 1 : 192.168.71.11

Ethical Hacking Episode 1

Target : UTAR Print Server
Time : 21/03/2008
Mission : Print Free
Status : Fail !


Friday, it was a beautiful Friday! I din attend CSA class as I know if go there also wasting time.
It has 1 test and 1 assessment on that day!
Actually that day quite nervous for me...

Where can I go if not attend the class, seriously that is only 1 place can go, it is internet lab. I always spent my free time there. As a result, my internet lab time from 3000 left only 148 mins.(=.=)

In the lab, I did not use my student Id to log in but I prefer to use administrator to log in on the computer instead of log in to the UTAR domain. Why? It is simple , I expect the administrator of UTAR domain wont check out my identity while I am using administrator not student Id. :)

I decide to print out some documents at that time. Well, it is different if you using administrator privilege, you will not get the UTAR printer shortcut on your desktop. So, I need to find the printer myself...

I start to located the printer server, get it \\koa-server
second, ask my partner Calvin to help to get the ip of \\koa-server
Well, it is easy. Just using the ping in the command prompt.

After that, I try to start the Ip
--->In command Prompt
--->Start \\192.168.71.11
It pop up 1 authentication window which ask you to input username and password ?
Opps, What is this all about ?
I was decided to give up that time, but unfortunately I get the username and password on my second guess! Haha.. how lucky was I :P
It is awesome!

--->nbtstat -a 192.168.71.11
Wow, that is great ! The pc had netbios opened!
As a result, I can easily get its C drive.
--->net use z: \\192.168.71.11\c$
Ok. I had get the pc C drive on my computer. I quickly run through all the folder inside the c drive, that is 2 user which is administrator and koaserver. Then got many printer link inside, I test to open the printer task link, it is the printer that I looking for to print my documents.

While open the printer task list, I had found out something interesting, that is with the administrator privileges I can cancel the printer job which assign by other student! Wow, I am now be the GOD, I show to Calvin, but he said he can do too. Well, as a result, he cant managed to do as me.

Next step, I going to inject 2 type of Trojan to the pc. One is winvnc, another is red dragonfly server. Both Trojan provide remote control while the red dragonfly server provide file transfer.
--->at \\192.168.71.11 09:11 \interactive cmd \c "%systemroot%\ko3.exe"
--->Access Denied.
WTF? OMG...cant access ? Well.. finally I know what had happened.
--->sc \\192.168.71.11 config schedule start =auto
I start the Task Scheduler on that computer.
After that, I thought can be AT...
--->at \\192.168.71.11 09:14 \interactive cmd \c "%systemroot%\ko3.exe"
--->Added a new job with job ID = 1
Then wait for 1 minutes. 1 minutes pass, while I try to connect to the computer with the VNC client. WTF? connection lost ? It can be ..
--->at \\192.168.71.11
--->There are no entries in the list.
Haiz.. really cant get why it will fail.
Anyway, I had access the registry key on the computer to start the both Trojan when the computer start.

I still haven't check it out. Hopefully it will be sucess!
I want print free !!!
lol

By Bluefiz
The Going Be Hacker Punya Hacker
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)