IK2218 Protocols and Principles of the Internet

EP2120 Internetworking
Homework 4

Solutions due: 17:00, October 17, 2022

Review due: 17:00, October 19, 2022

i
1. Email (25 p)
Internet email consists of several components that have different functions. Consider
the case when Alice wants to send an email to Bob. The email will be transferred in
two steps, via two different mail servers, before Bob gets the mail.
(a) What are the two mail servers? Describe their main functions. (5 p)
(b) For each of the two transfers, explain what protocols are used, both at the appli- (5 p)
cation layer and at the transport layer.
(c) For each of the two transfers, explain what party is client and what party is server, (15 p)
and how the client gets the location (the domain name) of the server. Be specific
when you describe how the domain names are obtained.

Solution:
(a) Alice’s outgoing mail server and Bob’s incoming mail server.
(b) Both transfers use SMTP over TCP.
(c) The first transfer is from Alice’s mail program (client) to Alice’s outgoing mail
server (server). Alice’s mail program is configured with the domain name for
the outgoing mail server. The second transfer is from Alice’s outgoing mail
server (client) to Bob’s incoming mail server (server). Alice’s outgoing mail
server gets the domain name of Bob’s incoming mail server by doing a DNS
lookup for the MX record for the domain part of Bob’s email address (the part
after the “@” sign).

2. Firewalls (25 p)
Firewalls can be placed in a number of different places, providing different protection.
Give at least three examples of places where deploying firewalls is motivated, and explain
the motivation for placing them there.

Solution:

1. On the host itself, i.e., a personal firewall. Common in operating systems.

Placed there to protect the host itself, and to regulate access to and from the
host. Because you may still want to be able to access, e.g., shared filesystems
etc, on the LAN, this firewall is often more permissive than other firewalls.
2. Between the host and the rest of the Internet. This is the classic firewall,
protecting the LAN from outside threats and especially access to services
used on the LAN which are not meant to be accessed from the outside, such
as printers, file servers etc. It may also serve to limit access from the LAN to
the outside (e.g., corporate firewalls limiting access for the employees, national
firewalls preventing access to pages belonging to political dissenters).

3. Between departments and LANs inside a company. Sometimes done because

some departments are more sensitive (payroll), but it is also a good practice in
general to compartmentalize access, since this means that even if an attacker
gets into a corporate LAN, they do not have unlimited access.

3. NAT (25 p)
Consider the figure below. Assume that host 10.1.1.4 on a private network (10.1.1.0/24)
sends an HTTP request through its NAT box to a web server on address 130.237.20.12
and that this web server answers with an HTTP response back to the host. Fill in
source address, source port, destination address, and destination port in the IP packets
1-4 in the figure. Also, fill in the NAT table as it will look when the four packets have
been exchanged.

Page 1 of 3
 Solution:

4. Software-Defined Networking (25 p)

(a) Describe the traditional model of a router, partitioned into a control plane and (10 p)
data plane. Your answer should cover properties of control plane and data plane
and examples of functions in the control plane and data plane respectively.
(b) Explain the idea of generalized forwarding and software-defined networking (SDN). (15 p)
What does it mean that the SDN control plane is logically centralized? In what
way is SDN forwarding more general than traditional IP forwarding? What is the
OpenFlow protocol?

Solution:
(a) The control plane is typically general-purpose hardware and software, consist-
ing of CPU and memory. The control plane holds functions like routing and
management. The routing executes on another time-scale than the data plane
and builds up a routing information-base using routing protocols like BGP
and/or OSPF. The data plane is typically fast and special purpose hardware.
It operates on a per-packet basis and handles packet forwarding in real-time.
The data plane is where IP forwarding logic resides. This is also where the

Page 2 of 3
 forwarding table (or forwarding information base) is located, as well as the
network interface cards.

(b) In SDN, the control plane is logically centralized and can be physically sepa-
rated from the data plane. SDN forwarding is based on flow tables, which are
computed by the centralized control plane and distributed to remote forward-
ing functions (like switches, routers, firewalls and NATs). A flow is defined
by header fields at different layers (link, network, and transport layers) and a
flow table table entry has different actions like forward, drop, modify, etc. In
this way, SDN forwarding is much more flexible than traditional IP forward-
ing based on destination address and longest prefix match. The OpenFlow
protocol is for communication between the logically centralized control plane
and remote data plane elements, like switches. The OpenFlow protocol is, for
instance, used to communicate forwarding table entries from the centralized
controller to switches in the network.

Page 3 of 3