ANSWERS FOR MID 2 QUESTIONS

1. Write short notes on:

a) SNMP b) Electronic mail

SNMP:
o SNMP stands for Simple Network Management Protocol.
o SNMP is a framework used for managing devices on the internet.
o It provides a set of operations for monitoring and managing the internet.

SNMP Concept

o SNMP has two components Manager and agent.

o The manager is a host that controls and monitors a set of agents such as
routers.
o It is an application layer protocol in which a few manager stations can
handle a set of agents.
 o The protocol designed at the application level can monitor the devices
made by different manufacturers and installed on different physical
networks.
o It is used in a heterogeneous network made of different LANs and WANs
connected by routers or gateways.
o

Managers & Agents

o A manager is a host that runs the SNMP client program while the agent is
a router that runs the SNMP server program.
o Management of the internet is achieved through simple interaction between
a manager and agent.
o The agent is used to keep the information in a database while the manager
is used to access the values in the database. For example, a router can store
the appropriate variables such as a number of packets received and
forwarded while the manager can compare these variables to determine
whether the router is congested or not.
o Agents can also contribute to the management process. A server program
on the agent checks the environment, if something goes wrong, the agent
sends a warning message to the manager.

Management Components

o Management is not achieved only through the SNMP protocol but also the
use of other protocols that can cooperate with the SNMP protocol.
Management is achieved through the use of the other two protocols: SMI
(Structure of management information) and MIB(management information
base).
o Management is a combination of SMI, MIB, and SNMP. All these three
protocols such as abstract syntax notation 1 (ASN.1) and basic encoding
rules (BER).
SMI

The SMI (Structure of management information) is a component used in network

management. Its main function is to define the type of data that can be stored in
an object and to show how to encode the data for the transmission over a network.

MIB
o The MIB (Management information base) is a second component for the
network management.
o Each agent has its own MIB, which is a collection of all the objects that the
manager can manage. MIB is categorized into eight groups: system,
interface, address translation, ip, icmp, tcp, udp, and egp. These groups are
under the mib object.
SNMP

SNMP defines five types of messages: GetRequest, GetNextRequest, SetRequest,

GetResponse, and Trap.

GetRequest: The GetRequest message is sent from a manager (client) to the

agent (server) to retrieve the value of a variable.

GetNextRequest: The GetNextRequest message is sent from the manager to

agent to retrieve the value of a variable. This type of message is used to retrieve
the values of the entries in a table. If the manager does not know the indexes of
the entries, then it will not be able to retrieve the values. In such situations,
GetNextRequest message is used to define an object.

GetResponse: The GetResponse message is sent from an agent to the manager

in response to the GetRequest and GetNextRequest message. This message
contains the value of a variable requested by the manager.
SetRequest: The SetRequest message is sent from a manager to the agent to set
a value in a variable.

Trap: The Trap message is sent from an agent to the manager to report an event.
For example, if the agent is rebooted, then it informs the manager as well as sends
the time of rebooting.

EMAIL:
E-mail is defined as the transmission of messages on the Internet. It is one of the
most commonly used features over communications networks that may contain
text, files, images, or other attachments. Generally, it is information that is
stored on a computer sent through a network to a specified individual or group
of individuals.

Email messages are conveyed through email servers; it uses multiple protocols
within the TCP/IP suite. For example, SMTP is a protocol, stands for simple mail
transfer protocol and used to send messages whereas other protocols IMAP or
POP are used to retrieve messages from a mail server. If you want to login to your
mail account, you just need to enter a valid email address, password, and the mail
servers used to send and receive messages.

Although most of the webmail servers automatically configure your mail account,
therefore, you only required to enter your email address and password. However,
you may need to manually configure each account if you use an email client like
Microsoft Outlook or Apple Mail. In addition, to enter the email address and
password, you may also need to enter incoming and outgoing mail servers and
the correct port numbers for each one.

Email messages include three components, which are as follows:

o Message envelope: It depicts the email's electronic format.

o Message header: It contains email subject line and sender/recipient
information.
o Message body: It comprises images, text, and other file attachments.

The email was developed to support rich text with custom formatting, and the
original email standard is only capable of supporting plain text messages. In
modern times, email supports HTML (Hypertext markup language), which
makes it capable of emails to support the same formatting as websites. The
email that supports HTML can contain links, images, CSS layouts, and also can
send files or "email attachments" along with messages. Most of the mail servers
enable users to send several attachments with each message. The attachments
were typically limited to one megabyte in the early days of email. Still,
nowadays, many mail servers are able to support email attachments of 20
megabytes or more in size.

Discuss about the following:

a) TFTP b) WWW c) Firewalls

TFTP:
 TFTP represents the Trivial File Transfer Protocol.
 Some applications do not need the full functionality of TCP, nor can they
afford the complexity.
 TFTP supports an inexpensive structure that does not require complex
interactions between the client and the server.
 TFTP confine operations to simple File Transfer and does not support
authentications.
 The benefit of using TFTP is that it enables bootstrapping code to use the
similar underlying TCP/IP protocols that the operating framework uses
once it starts execution.
 Thus it is the possibility for a device to bootstrap from a server on another
physical network.
 TFTP does not have a dependable stream transport service.
 It runs on the top of UDP of any other unreliable packet delivery system
using timeout and retransmission to ensure that data arrives.
 The sending side transmits a file in fixed-size blocks and awaits each
block's acknowledgement before sending the text.
Features of TFTP

The main features of TFTP are as follows−

TFTP is based on the client-server principle and uses well-known UDP port
number 69 for the TFTP server.
TFTP is an unsecured protocol and does not support authentication.
TFTP incorporates idle − RQ (stop and wait) error recovery mechanism.
 Every TFTP data unit bears a sequence number.
 Each data unit is separately acknowledged. After taking the
acknowledgement, the next data unit is transmitted.
 Error recovery is by retransmission after timeout. TFTP uses
adaptive timeout with an exponential back-off algorithm.

TFTP Message Formats

There are four types of TFTP Messages which are as follows −

In this figure, the first two octets indicate the type of message. Mode fields define
the type of data (ASCII or Binary). The file name and mode fields are delimited
using an all zero's octet.
Type 3 message contains the data blocks of the fixed size of 512 octets. The
session is removed if a data message appears with a data octet less than 512
octets. The last data message can have a data block (with EOF) with less than
512 octets. Type 4 message is used for acknowledgement.

WWW
 World Wide Web, which is also known as a Web, is a collection of
websites or web pages stored in web servers and connected to local
computers through the internet.
 These websites contain text pages, digital images, audios, videos, etc.
Users can access the content of these sites from any part of the world over
the internet using their devices such as computers, laptops, cell phones,
etc.
 The WWW, along with internet, enables the retrieval and display of text
and media to your device.

 Here the browser displays a web page on the client machine when the
user clicks on a line of text that is linked to a page on abd.com, the
browser follows the hyperlink by sending a message to the abd.com
server asking for the page.

Working of WWW:

The World Wide Web is based on several different technologies: Web
browsers, Hypertext Markup Language (HTML) and Hypertext Transfer
Protocol (HTTP).
 A Web browser is used to access web pages.
  Web browsers can be defined as programs which display text, data,
pictures, animation and video on the Internet.
 Hyperlinked resources on the World Wide Web can be accessed using
software interfaces provided by Web browsers.
 Initially, Web browsers were used only for surfing the Web but now
they have become more universal.
 Web browsers can be used for several tasks including conducting
searches, mailing, transferring files, and much more.
 Some of the commonly used browsers are Internet Explorer, Opera
Mini, and Google Chrome.
Features of WWW:
 HyperText Information System
 Cross-Platform
 Distributed
 Open Standards and Open Source
 Uses Web Browsers to provide a single interface for many services
 Dynamic, Interactive and Evolving.

Components of the Web: There are 3 components of the web:

1. Uniform Resource Locator (URL): serves as a system for resources

on the web.
2. HyperText Transfer Protocol (HTTP): specifies communication of
browser and server.
3. Hyper Text Markup Language (HTML): defines the structure,
organisation and content of a webpage.

FIREWALLS(APPLICATION FIREWALLS)
An application firewall is a type of firewall that governs traffic to, from, or
by an application or service.

 Application firewalls, or application layer firewalls, use a series of

configured policies to determine whether to block or allow
communications to or from an app.
 Traditional firewalls control data flow to and from the CPU, examining
each packet as it passes through.
  An application firewall takes it further by controlling the execution of
files or code by specific applications.
 This way, even if an intruder gains entry to a network or server, they
can’t execute malicious code.

Application firewalls can be active or passive.

 Active – Active app firewalls actively inspect all incoming requests—

including the actual message being exchanged—against known
vulnerabilities such as SQL injections, parameter and cookie tampering,
and cross-site scripting.
 Only requests deemed “clean” are passed to the application.
 Passive – Passive app firewalls act in a similar way to an intrusion
detection system (IDS) in that they also inspect all incoming requests
against known vulnerabilities, but they don’t actively reject or deny those
requests if a potential attack is discovered.
 Application firewalls are generally remotely updateable, which allows
them to prevent newly discovered vulnerabilities.
 They’re often more up to date than specific security-focused code
included in applications, due to the longer development and testing cycles
required to include such code within applications.

Explain in detail about QoS (Quality of Service)

 Quality of Service (QOS) determines a network's capability to support

predictable service over various technologies, containing frame relay,
Asynchronous Transfer Mode (ATM), Ethernet, SONET IP-routed networks.
The networks can use any or all of these frameworks.
 The QOS also provides that while supporting priority for one or more flows does
not create other flows fail.
 A flow can be a combination of source and destination addresses, source and
destination socket numbers, session identifier, or packet from a specific
application or an incoming interface.
 The QOS is primarily used to control resources like bandwidth, equipment, wide-
area facilities etc.
 It can get more efficient use of network resources, provide tailored services,
provide coexistence of mission-critical applications, etc.

QOS Concepts
The QOS concepts are explained below−
Congestion Management
The bursty feature of data traffic sometimes bounds to increase traffic more than
a connection speed. QoS allows a router to put packets into different queues.
Servicespecific queues more often depend on priority than buffer traffic in an
individual queue and let the first packet by the first packet out.
Queue Management
The queues in a buffer can fill and overflow. A packet would be dropped if a
queue is complete, and the router cannot prevent it from being dropped if it is a
high priority packet. This is referred to as tail drop.
Link Efficiency
The low-speed links are bottlenecks for lower packets. The serialization delay
caused by the high packets forces the lower packets to wait longer. The
serialization delay is the time created to put a packet on the connection.
Elimination of overhead bits
It can also increase efficiency by removing too many overhead bits.
Traffic shaping and policing
Shaping can prevent the overflow problem in buffers by limiting the full
bandwidth potential of the applications packets. Sometimes, many network
topologies with a highbandwidth link connected with a low-bandwidth link in
remote sites can overflow low bandwidth connections.
Therefore, shaping is used to provide the traffic flow from the high bandwidth
link closer to the low bandwidth link to avoid the low bandwidth link's overflow.
Policing can discard the traffic that exceeds the configured rate, but it is buffered
in the case of shaping.

6. a) Discuss about the network performance issues

b) Describe Datagram Format of UDP

Performance of a Network
Performance of a network pertains to the measure of service quality of a
network as perceived by the user. There are different ways to measure the
performance of a network, depending upon the nature and design of the
network. The characteristics that measure the performance of a network are :
 Bandwidth
 Throughput
 Latency (Delay)
 Bandwidth – Delay Product
 Jitter
 BANDWIDTH
One of the most essential conditions of a website’s performance is the
amount of bandwidth allocated to the network. Bandwidth determines
how rapidly the webserver is able to upload the requested information.
While there are different factors to consider with respect to a site’s
performance, bandwidth is every now and again the restricting element.
 Bandwidth is characterized as the measure of data or information that
can be transmitted in a fixed measure of time. The term can be used in
two different contexts with two distinctive estimating values. In the case
of digital devices, the bandwidth is measured in bits per second(bps) or
bytes per second. In the case of analogue devices, the bandwidth is
measured in cycles per second, or Hertz (Hz).
Bandwidth is only one component of what an individual sees as the
speed of a network. People frequently mistake bandwidth with internet speed
in light of the fact that internet service providers (ISPs) tend to claim that they
have a fast “40Mbps connection” in their advertising campaigns. True internet
speed is actually the amount of data you receive every second and that has a
lot to do with latency too.
“Bandwidth” means “Capacity” and “Speed” means “Transfer rate”.

THROUGHPUT
Throughput is the number of messages successfully transmitted per unit time.
It is controlled by available bandwidth, the available signal-to-noise ratio and
hardware limitations. The maximum throughput of a network may be
consequently higher than the actual throughput achieved in everyday
consumption. The terms ‘throughput’ and ‘bandwidth’ are often thought of as
the same, yet they are different. Bandwidth is the potential measurement of a
link, whereas throughput is an actual measurement of how fast we can send
data.
LATENCY
In a network, during the process of data communication, latency(also known
as delay) is defined as the total time taken for a complete message to arrive at
the destination, starting with the time when the first bit of the message is sent
out from the source and ending with the time when the last bit of the message
is delivered at the destination. The network connections where small delays
occur are called “Low-Latency-Networks” and the network connections which
suffer from long delays are known as “High-Latency-Networks”.
High latency leads to the creation of bottlenecks in any network
communication. It stops the data from taking full advantage of the network
pipe and conclusively decreases the bandwidth of the communicating network.
The effect of the latency on a network’s bandwidth can be temporary or never-
ending depending on the source of the delays. Latency is also known as a ping
rate and is measured in milliseconds(ms).
In simpler terms: latency may be defined as the time required to successfully
send a packet across a network.
JITTER
Jitter is another performance issue related to delay. In technical terms, jitter is
a “packet delay variance”. It can simply mean that jitter is considered as a
problem when different packets of data face different delays in a network and
the data at the receiver application is time-sensitive, i.e. audio or video data.
Jitter is measured in milliseconds(ms). It is defined as an interference in the
normal order of sending data packets. For example: if the delay for the first
packet is 10 ms, for the second is 35 ms, and for the third is 50 ms, then the
real-time destination application that uses the packets experiences jitter.

Simply, jitter is any deviation in, or displacement of, the signal pulses in a
high-frequency digital signal. The deviation can be in connection with the
amplitude, the width of the signal pulse or the phase timing. The major causes
of jitter are electromagnetic interference(EMI) and crosstalk between signals.
Jitter can lead to flickering of a display screen, affects the capability of a
processor in a desktop or server to proceed as expected, introducing clicks or
other undesired impacts in audio signals, and loss of transmitted data between
network devices.
Jitter is negative and causes network congestion and packet loss.

DATAGRAM FORMAT OF UDP:

User Datagram Protocol (UDP) is a Transport Layer protocol. UDP is a part
of the Internet Protocol suite, referred to as UDP/IP suite. Unlike TCP, it is
an unreliable and connectionless protocol. So, there is no need to establish a
connection prior to data transfer. The UDP helps to establish low-latency and
loss-tolerating connections establish over the network.The UDP enables
process to process communication.
Though Transmission Control Protocol (TCP) is the dominant transport layer
protocol used with most of the Internet services; provides assured delivery,
reliability, and much more but all these services cost us additional overhead
and latency. Here, UDP comes into the picture. For real-time services like
computer gaming, voice or video communication, live conferences; we need
UDP. Since high performance is needed, UDP permits packets to be dropped
instead of processing delayed packets. There is no error checking in UDP, so it
also saves bandwidth.
User Datagram Protocol (UDP) is more efficient in terms of both latency and
bandwidth.
UDP Header –
UDP header is an 8-bytes fixed and simple header, while for TCP it may vary
from 20 bytes to 60 bytes. The first 8 Bytes contains all necessary header
information and the remaining part consist of data. UDP port number fields are
each 16 bits long, therefore the range for port numbers is defined from 0 to
65535; port number 0 is reserved. Port numbers help to distinguish different
user requests or processes.
 1. Source Port: Source Port is a 2 Byte long field used to identify
the port number of the source.
2. Destination Port: It is a 2 Byte long field, used to identify the port
of the destined packet.
3. Length: Length is the length of UDP including the header and the
data. It is a 16-bits field.
4. Checksum: Checksum is 2 Bytes long field. It is the 16-bit one’s
complement of the one’s complement sum of the UDP header, the
pseudo-header of information from the IP header, and the data,
padded with zero octets at the end (if necessary) to make a multiple
of two octets.

Applications of UDP:
 Used for simple request-response communication when the size of
data is less and hence there is lesser concern about flow and error
control.
 It is a suitable protocol for multicasting as UDP supports packet
switching.
 UDP is used for some routing update protocols like RIP(Routing
Information Protocol).
 Normally used for real-time applications which can not tolerate
uneven delays between sections of a received message.
  Following implementations uses UDP as a transport layer protocol:
 NTP (Network Time Protocol)
 DNS (Domain Name Service)
 BOOTP, DHCP.
 NNP (Network News Protocol)
 Quote of the day protocol
 TFTP, RTSP, RIP.

Briefing about transport service and elements of transport layer?

TRANSPORT LAYER SERVICES

Services provided by the Transport Layer

The services provided by the transport layer are similar to those of the data link
layer. The data link layer provides the services within a single network while the
transport layer provides the services across an internetwork made up of many
networks. The data link layer controls the physical layer while the transport layer
controls all the lower layers.

The services provided by the transport layer protocols can be divided into
five categories:

o End-to-end delivery
o Addressing
o Reliable delivery
o Flow control
o Multiplexing
End-to-end delivery:

The transport layer transmits the entire message to the destination. Therefore, it
ensures the end-to-end delivery of an entire message from a source to the
destination.

Reliable delivery:

The transport layer provides reliability services by retransmitting the lost and
damaged packets.

The reliable delivery has four aspects:

o Error control
o Sequence control
o Loss control
o Duplication control

Error Control
 o The primary role of reliability is Error Control. In reality, no transmission
will be 100 percent error-free delivery. Therefore, transport layer protocols
are designed to provide error-free transmission.
o The data link layer also provides the error handling mechanism, but it
ensures only node-to-node error-free delivery. However, node-to-node
reliability does not ensure the end-to-end reliability.
o The data link layer checks for the error between each network. If an error
is introduced inside one of the routers, then this error will not be caught by
the data link layer. It only detects those errors that have been introduced
between the beginning and end of the link. Therefore, the transport layer
performs the checking for the errors end-to-end to ensure that the packet
has arrived correctly.

Sequence Control

o The second aspect of the reliability is sequence control which is

implemented at the transport layer.
 o On the sending end, the transport layer is responsible for ensuring that the
packets received from the upper layers can be used by the lower layers. On
the receiving end, it ensures that the various segments of a transmission
can be correctly reassembled.
o Loss Control
o Loss Control is a third aspect of reliability. The transport layer ensures that
all the fragments of a transmission arrive at the destination, not some of
them. On the sending end, all the fragments of transmission are given
sequence numbers by a transport layer. These sequence numbers allow the
receiver?s transport layer to identify the missing segment.
o Duplication Control
o Duplication Control is the fourth aspect of reliability. The transport layer
guarantees that no duplicate data arrive at the destination. Sequence
numbers are used to identify the lost packets; similarly, it allows the
receiver to identify and discard duplicate segments.

Flow Control

Flow control is used to prevent the sender from overwhelming the receiver. If the
receiver is overloaded with too much data, then the receiver discards the packets
and asking for the retransmission of packets. This increases network congestion
and thus, reducing the system performance. The transport layer is responsible for
flow control. It uses the sliding window protocol that makes the data transmission
more efficient as well as it controls the flow of data so that the receiver does not
become overwhelmed. Sliding window protocol is byte oriented rather than frame
oriented.

Multiplexing

The transport layer uses the multiplexing to improve transmission efficiency.

Multiplexing can occur in two ways:

o Upward multiplexing: Upward multiplexing means multiple transport

layer connections use the same network connection. To make more cost-
effective, the transport layer sends several transmissions bound for the
same destination along the same path; this is achieved through upward
multiplexing
o Downward multiplexing: Downward multiplexing means one transport
layer connection uses the multiple network connections. Downward
multiplexing allows the transport layer to split a connection among several
paths to improve the throughput. This type of multiplexing is used when
networks have a low or slow capacity.
Addressing

o According to the layered model, the transport layer interacts with the
functions of the session layer. Many protocols combine session,
presentation, and application layer protocols into a single layer known as
the application layer. In these cases, delivery to the session layer means the
delivery to the application layer. Data generated by an application on one
machine must be transmitted to the correct application on another machine.
In this case, addressing is provided by the transport layer.
o The transport layer provides the user address which is specified as a station
or port. The port variable represents a particular TS user of a specified
station known as a Transport Service access point (TSAP). Each station
has only one transport entity.
o The transport layer protocols need to know which upper-layer protocols
are communicating.
 ELEMENTS OF TRANSPORT LAYER

To establish a reliable service between two machines on a network, transport

protocols are implemented, which somehow resembles the data link protocols
implemented at layer 2. The major difference lies in the fact that the data link
layer uses a physical channel between two routers while the transport layer uses
a subnet.
Following are the issues for implementing transport protocols−

Types of Service

The transport layer also determines the type of service provided to the users from
the session layer. An error-free point-to-point communication to deliver
messages in the order in which they were transmitted is one of the key functions
of the transport layer.

Error Control

Error detection and error recovery are an integral part of reliable service, and
therefore they are necessary to perform error control mechanisms on an end-to-
end basis. To control errors from lost or duplicate segments, the transport layer
enables unique segment sequence numbers to the different packets of the
message, creating virtual circuits, allowing only one virtual circuit per session.
Flow Control

The underlying rule of flow control is to maintain a synergy between a fast

process and a slow process. The transport layer enables a fast process to keep
pace with a slow one. Acknowledgements are sent back to manage end-to-end
flow control. Go back N algorithms are used to request retransmission of packets
starting with packet number N. Selective Repeat is used to request specific
packets to be retransmitted.

Connection Establishment/Release

The transport layer creates and releases the connection across the network. This
includes a naming mechanism so that a process on one machine can indicate with
whom it wishes to communicate. The transport layer enables us to establish and
delete connections across the network to multiplex several message streams onto
one communication channel.

Multiplexing/De multiplexing

The transport layer establishes a separate network connection for each transport
connection required by the session layer. To improve throughput, the transport
layer establishes multiple network connections. When the issue of throughput is
not important, it multiplexes several transport connections onto the same network
connection, thus reducing the cost of establishing and maintaining the network
connections.
When several connections are multiplexed, they call for demultiplexing at the
receiving end. In the case of the transport layer, the communication takes place
only between two processes and not between two machines. Hence,
communication at the transport layer is also known as peer-to-peer or process-
to-process communication.

Fragmentation and re-assembly

When the transport layer receives a large message from the session layer, it
breaks the message into smaller units depending upon the requirement. This
process is called fragmentation. Thereafter, it is passed to the network layer.
Conversely, when the transport layer acts as the receiving process, it reorders the
pieces of a message before reassembling them into a message.

Addressing

Transport Layer deals with addressing or labelling a frame. It also differentiates

between a connection and a transaction. Connection identifiers are ports or
sockets that label each frame, so the receiving device knows which process it has
been sent from. This helps in keeping track of multiple-message conversations.
Ports or sockets address multiple conservations in the same location.

Briefly explains about HTTP and FTP.

HTTP

o HTTP stands for HyperText Transfer Protocol.

o It is a protocol used to access the data on the World Wide Web (www).
o The HTTP protocol can be used to transfer the data in the form of plain
text, hypertext, audio, video, and so on.
o This protocol is known as HyperText Transfer Protocol because of its
efficiency that allows us to use in a hypertext environment where there are
rapid jumps from one document to another document.
o HTTP is similar to the FTP as it also transfers the files from one host to
another host. But, HTTP is simpler than FTP as HTTP uses only one
connection, i.e., no control connection to transfer the files.
o HTTP is used to carry the data in the form of MIME-like format.
o HTTP is similar to SMTP as the data is transferred between client and
server. The HTTP differs from the SMTP in the way the messages are sent
from the client to the server and from server to the client. SMTP messages
are stored and forwarded while HTTP messages are delivered immediately.

Features of HTTP:

o Connectionless protocol: HTTP is a connectionless protocol. HTTP client

initiates a request and waits for a response from the server. When the server
receives the request, the server processes the request and sends back the
response to the HTTP client after which the client disconnects the
connection. The connection between client and server exist only during the
current request and response time only.
o Media independent: HTTP protocol is a media independent as data can
be sent as long as both the client and server know how to handle the data
 content. It is required for both the client and server to specify the content
type in MIME-type header.
o Stateless: HTTP is a stateless protocol as both the client and server know
each other only during the current request. Due to this nature of the
protocol, both the client and server do not retain the information between
various requests of the web pages.

HTTP Transactions

The above figure shows the HTTP transaction between client and server. The
client initiates a transaction by sending a request message to the server. The
server replies to the request message by sending a response message.

Messages

HTTP messages are of two types: request and response. Both the message types
follow the same message format.
 Request Message: The request message is sent by the client that consists
of a request line, headers, and sometimes a body.

Response Message: The response message is sent by the server to the

client that consists of a status line, headers, and sometimes a body.

Uniform Resource Locator (URL)

o A client that wants to access the document in an internet needs an address
and to facilitate the access of documents, the HTTP uses the concept of
Uniform Resource Locator (URL).
o The Uniform Resource Locator (URL) is a standard way of specifying any
kind of information on the internet.
o The URL defines four parts: method, host computer, port, and path.

o Method: The method is the protocol used to retrieve the document

from a server. For example, HTTP.
o Host: The host is the computer where the information is stored, and the
computer is given an alias name. Web pages are mainly stored in the
computers and the computers are given an alias name that begins with the
characters "www". This field is not mandatory.
o Port: The URL can also contain the port number of the server, but it's an
optional field. If the port number is included, then it must come between
the host and path and it should be separated from the host by a colon.
o Path: Path is the pathname of the file where the information is stored. The
path itself contain slashes that separate the directories from the
subdirectories and files.

FTP

o FTP stands for File transfer protocol.

o FTP is a standard internet protocol provided by TCP/IP used for
transmitting the files from one host to another.
 o It is mainly used for transferring the web page files from their creator to
the computer that acts as a server for other computers on the internet.
o It is also used for downloading the files to computer from other servers.

Objectives of FTP

o It provides the sharing of files.

o It is used to encourage the use of remote computers.
o It transfers the data more reliably and efficiently.

Why FTP?

Although transferring files from one system to another is very simple and
straightforward, but sometimes it can cause problems. For example, two systems
may have different file conventions. Two systems may have different ways to
represent text and data. Two systems may have different directory structures. FTP
protocol overcomes these problems by establishing two connections between
hosts. One connection is used for data transfer, and another connection is used
for the control connection.

Mechanism of FTP

The above figure shows the basic model of the FTP. The FTP client has three
components: the user interface, control process, and data transfer process. The
server has two components: the server control process and the server data
transfer process.
 o Control Connection: The control connection uses very simple rules
for communication. Through control connection, we can transfer a line of
command or line of response at a time. The control connection is made
between the control processes. The control connection remains connected
during the entire interactive FTP session.
o Data Connection: The Data Connection uses very complex rules as data
types may vary. The data connection is made between data transfer
processes. The data connection opens when a command comes for
transferring the files and closes when the file is transferred.

FTP Clients

o FTP client is a program that implements a file transfer protocol which

allows you to transfer files between two hosts on the internet.
o It allows a user to connect to a remote host and upload or download the
files.
o It has a set of commands that we can use to connect to a host, transfer the
files between you and your host and close the connection.
o The FTP program is also available as a built-in component in a Web
browser. This GUI based FTP client makes the file transfer very easy and
also does not require to remember the FTP commands.
Advantages of FTP:
o Speed: One of the biggest advantages of FTP is speed. The FTP is one of
the fastest way to transfer the files from one computer to another computer.
o Efficient: It is more efficient as we do not need to complete all the
operations to get the entire file.
o Security: To access the FTP server, we need to login with the username
and password. Therefore, we can say that FTP is more secure.
o Back & forth movement: FTP allows us to transfer the files back and
forth. Suppose you are a manager of the company, you send some
information to all the employees, and they all send information back on the
same server.

Disadvantages of FTP:
o The standard requirement of the industry is that all the FTP transmissions
should be encrypted. However, not all the FTP providers are equal and not
all the providers offer encryption. So, we will have to look out for the FTP
providers that provides encryption.
o FTP serves two operations, i.e., to send and receive large files on a network.
However, the size limit of the file is 2GB that can be sent. It also doesn't
allow you to run simultaneous transfers to multiple receivers.
o Passwords and file contents are sent in clear text that allows unwanted
eavesdropping. So, it is quite possible that attackers can carry out the brute
force attack by trying to guess the FTP password.
o It is not compatible with every system.

EXPLAIN TCP IN DETAIL

The transmission Control Protocol (TCP) is one of the most important protocols
of Internet Protocols suite. It is most widely used protocol for data transmission
in communication network such as internet.

Features

 TCP is reliable protocol. That is, the receiver always sends either
positive or negative acknowledgement about the data packet to the
sender, so that the sender always has bright clue about whether the
data packet is reached the destination or it needs to resend it.
 TCP ensures that the data reaches intended destination in the same
order it was sent.
  TCP is connection oriented. TCP requires that connection between
two remote points be established before sending actual data.
 TCP provides error-checking and recovery mechanism.
 TCP provides end-to-end communication.
 TCP provides flow control and quality of service.
 TCP operates in Client/Server point-to-point mode.TCP provides
full duplex server, i.e. it can perform roles of both receiver and
sender.

Header

The length of TCP header is minimum 20 bytes long and maximum 60 bytes.

 Source Port (16-bits) - It identifies source port of the application

process on the sending device.
 Destination Port (16-bits) - It identifies destination port of the
application process on the receiving device.
 Sequence Number (32-bits) - Sequence number of data bytes of a
segment in a session.
 Acknowledgement Number (32-bits) - When ACK flag is set, this
number contains the next sequence number of the data byte expected
and works as acknowledgement of the previous data received.
 Data Offset (4-bits) - This field implies both, the size of TCP header
(32-bit words) and the offset of data in current packet in the whole
TCP segment.
 Reserved (3-bits) - Reserved for future use and all are set zero by
default.
 Flags (1-bit each)
 NS - Nonce Sum bit is used by Explicit Congestion Notification signaling
process.
  CWR - When a host receives packet with ECE bit set, it sets Congestion
Windows Reduced to acknowledge that ECE received.
 ECE -It has two meanings:
o If SYN bit is clear to 0, then ECE means that the IP packet has its
CE (congestion experience) bit set.
o If SYN bit is set to 1, ECE means that the device is ECT capable.
 URG - It indicates that Urgent Pointer field has significant data and should
be processed.
 ACK - It indicates that Acknowledgement field has significance. If ACK
is cleared to 0, it indicates that packet does not contain any
acknowledgement.
 PSH - When set, it is a request to the receiving station to PUSH data (as
soon as it comes) to the receiving application without buffering it.
 RST - Reset flag has the following features:
o It is used to refuse an incoming connection.
o It is used to reject a segment.
o It is used to restart a connection.
 SYN - This flag is used to set up a connection between hosts.
 FIN - This flag is used to release a connection and no more data is
exchanged thereafter. Because packets with SYN and FIN flags have
sequence numbers, they are processed in correct order.
 Windows Size - This field is used for flow control between two stations
and indicates the amount of buffer (in bytes) the receiver has allocated for
a segment, i.e. how much data is the receiver expecting.
 Checksum - This field contains the checksum of Header, Data and Pseudo
Headers.
 Urgent Pointer - It points to the urgent data byte if URG flag is set to 1.
 Options - It facilitates additional options which are not covered by the
regular header. Option field is always described in 32-bit words. If this
field contains data less than 32-bit, padding is used to cover the remaining
bits to reach 32-bit boundary.

Addressing

TCP communication between two remote hosts is done by means of port numbers
(TSAPs). Ports numbers can range from 0 – 65535 which are divided as:
 System Ports (0 – 1023)
 User Ports ( 1024 – 49151)
 Private/Dynamic Ports (49152 – 65535)

Connection Management
TCP communication works in Server/Client model. The client initiates the
connection and the server either accepts or rejects it. Three-way handshaking is
used for connection management.

Establishment
Client initiates the connection and sends the segment with a Sequence number.
Server acknowledges it back with its own Sequence number and ACK of client’s
segment which is one more than client’s Sequence number. Client after receiving
ACK of its segment sends an acknowledgement of Server’s response.
Release
Either of server and client can send TCP segment with FIN flag set to 1. When
the receiving end responds it back by ACKnowledging FIN, that direction of TCP
communication is closed and connection is released.

Bandwidth Management

TCP uses the concept of window size to accommodate the need of Bandwidth
management. Window size tells the sender at the remote end, the number of data
byte segments the receiver at this end can receive. TCP uses slow start phase by
using window size 1 and increases the window size exponentially after each
successful communication.
For example, the client uses windows size 2 and sends 2 bytes of data. When the
acknowledgement of this segment received the windows size is doubled to 4 and
next sent the segment sent will be 4 data bytes long. When the acknowledgement
of 4-byte data segment is received, the client sets windows size to 8 and so on.
If an acknowledgement is missed, i.e. data lost in transit network or it received
NACK, then the window size is reduced to half and slow start phase starts again.

Error Control &and Flow Control

TCP uses port numbers to know what application process it needs to handover
the data segment. Along with that, it uses sequence numbers to synchronize itself
with the remote host. All data segments are sent and received with sequence
numbers. The Sender knows which last data segment was received by the
Receiver when it gets ACK. The Receiver knows about the last segment sent by
the Sender by referring to the sequence number of recently received packet.
If the sequence number of a segment recently received does not match with the
sequence number the receiver was expecting, then it is discarded and NACK is
sent back. If two segments arrive with the same sequence number, the TCP
timestamp value is compared to make a decision.

Multiplexing

The technique to combine two or more data streams in one session is called
Multiplexing. When a TCP client initializes a connection with Server, it always
refers to a well-defined port number which indicates the application process. The
client itself uses a randomly generated port number from private port number
pools.
Using TCP Multiplexing, a client can communicate with a number of different
application process in a single session. For example, a client requests a web page
which in turn contains different types of data (HTTP, SMTP, FTP etc.) the TCP
session timeout is increased and the session is kept open for longer time so that
the three-way handshake overhead can be avoided.
This enables the client system to receive multiple connection over single virtual
connection. These virtual connections are not good for Servers if the timeout is
too long.

Congestion Control

When large amount of data is fed to system which is not capable of handling it,
congestion occurs. TCP controls congestion by means of Window mechanism.
TCP sets a window size telling the other end how much data segment to send.
TCP may use three algorithms for congestion control:
 Additive increase, Multiplicative Decrease
 Slow Start
 Timeout React
Timer Management

TCP uses different types of timer to control and management various tasks:
Keep-alive timer:
 This timer is used to check the integrity and validity of a connection.
 When keep-alive time expires, the host sends a probe to check if the
connection still exists.
Retransmission timer:
 This timer maintains stateful session of data sent.
 If the acknowledgement of sent data does not receive within the
Retransmission time, the data segment is sent again.

Crash Recovery

TCP is very reliable protocol. It provides sequence number to each of byte sent
in segment. It provides the feedback mechanism i.e. when a host receives a
packet, it is bound to ACK that packet having the next sequence number expected
(if it is not the last segment).
When a TCP Server crashes mid-way communication and re-starts its process it
sends TPDU broadcast to all its hosts. The hosts can then send the last data
segment which was never unacknowledged and carry onwards.

Discuss about sub netting with an example? Mention Pros and Cons of sub
netting.

Subnetting is a process of separating a single physical network into several

logical subnetworks (subnets).
 A network segment and a host segment make up an IP address
subnets formed by extracting bits from an IP address's host
component and establishing several smaller sub-networks within a
more extensive network.
 Subnetting enables a business to expand its network without securing
a new network number from its Internet Service Provider (ISP).
Subnetting reduces network traffic while also hiding network
complexity.
 Subnetting is required when a single network number must be
distributed across multiple parts of a local area network.
  Subnets were created to alleviate the scarcity of IP addresses on the
Internet.
 A subnet mask is part of every IP address. The subnet mask known
as the default subnet mask is included in all class types. The subnet
mask specifies the kind and amount of IP addresses required for a
specific local network. The default gateway is the firewall or router.
The following is the default subnet mask −
 255.0.0.0 is the class A address.
 255.255.0.0 is the class B address.
 255.255.255.0 is the class C address.

A network administrator can subnet a single Class A, Class B, or

Class C network number into smaller portions via subnetting.
Subnets can be subnetted again to create sub-subnets.

Advantages of Subnetting

Some of the benefits of partitioning a network into subnets are as follows −

 It reduces network traffic by lowering the number of broadcasts sent
out.
 It helps overcome limitations in a local area network (LAN), such as
the maximum number of allowed hosts.
 It allows people to connect to a work network from their homes
without having to open the entire network.
 It protects one network from the intrusion of another. For example,
the Developer department's code must not be accessible by any other
department in an organization.
 Some subnets may require higher network priority than others. A
sales department, for example, may need to host webcasts or video
conferences.
 Maintenance is simple in the case of small networks.

Disadvantages of Subnetting

Subnetting has certain drawbacks in addition to its benefits −

 To reach a Process in a single network, there are only three steps −
o Source Host to Destination Network,
o Destination Network to Destination Host, and then
o Destination Host to Process.
 Subnetting, on the other hand, necessitates four phases for Inter
Network Communication. The steps are −
 o Source Host to Destination Network,
o Destination Network to appropriate Subnet,
o Subnet to Host, and finally,
o Host to Process.

What is DNS? Recognize the services provided by DNS and explain how it
works.

An application layer protocol defines how the application processes running on

different systems, pass the messages to each other.

o DNS stands for Domain Name System.

o DNS is a directory service that provides a mapping between the name of a
host on the network and its numerical address.
o DNS is required for the functioning of the internet.
o Each node in a tree has a domain name, and a full domain name is a
sequence of symbols specified by dots.
o DNS is a service that translates the domain name into IP addresses. This
allows the users of networks to utilize user-friendly names when looking
for other hosts instead of remembering the IP addresses.
o For example, suppose the FTP site at EduSoft had an IP address of
132.147.165.50, most people would reach this site by specifying
ftp.EduSoft.com. Therefore, the domain name is more reliable than IP
address.

DNS is a TCP/IP protocol used on different platforms. The domain name space
is divided into three different sections: generic domains, country domains, and
inverse domain.
 Generic Domains

o It defines the registered hosts according to their generic behavior.

o Each node in a tree defines the domain name, which is an index to the DNS
database.
o It uses three-character labels, and these labels describe the organization
type.
Country Domain

The format of country domain is same as a generic domain, but it uses two-
character country abbreviations (e.g., us for the United States) in place of three
character organizational abbreviations.

Inverse Domain

The inverse domain is used for mapping an address to a name. When the server
has received a request from the client, and the server contains the files of only
authorized clients. To determine whether the client is on the authorized list or not,
it sends a query to the DNS server and ask for mapping an address to the name.

Working of DNS

o DNS is a client/server network communication protocol. DNS clients send

requests to the. server while DNS servers send responses to the client.
 o Client requests contain a name which is converted into an IP address
known as a forward DNS lookups while requests containing an IP address
which is converted into a name known as reverse DNS lookups.
o DNS implements a distributed database to store the name of all the hosts
available on the internet.
o If a client like a web browser sends a request containing a hostname, then
a piece of software such as DNS resolver sends a request to the DNS
server to obtain the IP address of a hostname. If DNS server does not
contain the IP address associated with a hostname, then it forwards the
request to another DNS server. If IP address has arrived at the resolver,
which in turn completes the request over the internet protocol.

a) Explain Internet Protocol with the neat block diagram of IPv4 header
format
b) Explain IP addressing method

Explain Internet Protocol with the neat block diagram of IPv4 header
format

Internet Protocol Version 4-

 IPv4
short for Internet Protocol Version 4 is the fourth version of
the Internet Protocol (IP).
 IP is responsible to deliver data packets from the source host to the
destination host.
 This delivery is solely based on the IP Addresses in the packet headers.
 IPv4 is the first major version of IP.
 IPv4 is a connectionless protocol for use on packet-switched networks.
IPv4 Header-
The following diagram represents the IPv4 header-

Version-

 Version is a 4 bit field that indicates the IP version used.

 The most popularly used IP versions are version-4 (IPv4) and version-6
(IPv6).
 Only IPv4 uses the above header.
 So, this field always contains the decimal value 4.

Header Length-

 Header length is a 4 bit field that contains the length of the IP header.
 It helps in knowing from where the actual data begins.
  The initial 5 rows of the IP header are always used.
 So, minimum length of IP header = 5 x 4 bytes = 20 bytes.
 The size of the 6th row representing the Options field vary.
 The size of Options field can go up to 40 bytes.
 So, maximum length of IP header = 20 bytes + 40 bytes = 60 bytes.

Type Of Service-

 Typeof service is a 8 bit field that is used for Quality of Service (QoS).
 The datagram is marked for giving a certain treatment using this field.
Total Length-

 Totallength is a 16 bit field that contains the total length of the datagram
(in bytes).
Identification-

 Identification is a 16 bit field.

 It is used for the identification of the fragments of an original IP
datagram.

When an IP datagram is fragmented,

 Each fragmented datagram is assigned the same identification number.
 This number is useful during the re assembly of fragmented datagrams.
 It helps to identify to which IP datagram, the fragmented datagram
belongs to.

DF Bit-

 DF bit stands for Do Not Fragment bit.

 Its value may be 0 or 1.

MF Bit-

 MF bit stands for More Fragments bit.

 Its value may be 0 or 1.
When MF bit is set to 0,
 It indicates to the receiver that the current datagram is either the last
fragment in the set or that it is the only fragment.

When MF bit is set to 1,

 It
indicates to the receiver that the current datagram is a fragment of some
larger datagram.
 More fragments are following.
 MF bit is set to 1 on all the fragments except the last one.

Fragment Offset-

 Fragment Offset is a 13 bit field.

 It indicates the position of a fragmented datagram in the original
unfragmented IP datagram.
 The first fragmented datagram has a fragment offset of zero.

Time To Live-

 Time to live (TTL) is a 8 bit field.

 It indicates the maximum number of hops a datagram can take to reach
the destination.
 The main purpose of TTL is to prevent the IP datagrams from looping
around forever in a routing loop.
The value of TTL is decremented by 1 when-
 Datagram takes a hop to any intermediate device having network layer.
 Datagram takes a hop to the destination.
 If the value of TTL becomes zero before reaching the destination, then
datagram is discarded.


Protocol-

 Protocolis a 8 bit field.

 It tells the network layer at the destination host to which protocol the IP
datagram belongs to.
 In other words, it tells the next level protocol to the network layer at the
destination side.
 Protocol number of ICMP is 1, IGMP is 2, TCP is 6 and UDP is 17.
Header Checksum-

 Header checksum is a 16 bit field.

 It contains the checksum value of the entire header.
 The checksum value is used for error checking of the header.

At each hop,
 The header checksum is compared with the value contained in this field.
 If header checksum is found to be mismatched, then the datagram is
discarded.
 Router updates the checksum field whenever it modifies the datagram
header.

The fields that may be modified are-

1. TTL
2. Options
3. Datagram Length
4. Header Length
5. Fragment Offset
Source IP Address-
  Source IP Address is a 32 bit field.
 It contains the logical address of the sender of the datagram.

Destination IP Address-

 Destination IP Address is a 32 bit field.

 It contains the logical address of the receiver of the datagram
Options-

 Options is a field whose size vary from 0 bytes to 40 bytes.

 This field is used for several purposes such as-
1. Record route
2. Source routing
3. Padding

Explain briefly about ARP and ICMP protocols.

Address Resolution Protocol (ARP) is a network-specific standard protocol. The

Address Resolution Protocol is important for changing the higher-level protocol
address (IP addresses) to physical network addresses
 ARP relates an IP address with the physical address. On a typical physical
network such as LAN, each device on a link is identified by a physical address,
usually printed on the network interface card (NIC). A physical address can be
changed easily when NIC on a particular machine fails.
The IP Address cannot be changed. ARP can find the physical address of the
node when its internet address is known. ARP provides a dynamic mapping from
an IP address to the corresponding hardware address.
When one host wants to communicate with another host on the network, it needs
to resolve the IP address of each host to the host's hardware address.
This process is as follows−
 When a host tries to interact with another host, an ARP request is
initiated. If the IP address is for the local network, the source host
checks its ARP cache to find out the hardware address of the
destination computer.
 If the correspondence hardware address is not found, ARP
broadcasts the request to all the local hosts.
 All hosts receive the broadcast and check their own IP address. If
no match is discovered, the request is ignored.
 The destination host that finds the matching IP address sends an
ARP reply to the source host along with its hardware address, thus
establishing the communication. The ARP cache is then updated
with the hardware address of the destination host.
ICMP
The ICMP stands for Internet Control Message Protocol. It is a network layer
protocol. It is used for error handling in the network layer, and it is primarily used
on network devices such as routers. As different types of errors can exist in the
network layer, so ICMP can be used to report these errors and to debug those
errors.

For example, some sender wants to send the message to some destination, but the
router couldn't send the message to the destination. In this case, the router sends
the message to the sender that I could not send the message to that destination.

The IP protocol does not have any error-reporting or error-correcting

mechanism, so it uses a message to convey the information. For example, if
someone sends the message to the destination, the message is somehow stolen
between the sender and the destination. If no one reports the error, then the
sender might think that the message has reached the

destination. If someone in-between reports the error, then the sender will resend
the message very quickly.

Messages

The ICMP messages are usually divided into two categories:

 o Error-reporting messages

The error-reporting message means that the router encounters a problem when it
processes an IP packet then it reports a message.

o Query messages

The query messages are those messages that help the host to get the specific
information of another host. For example, suppose there are a client and a server,
and the client wants to know whether the server is live or not, then it sends the
ICMP message to the server.

ICMP Message Format

The message format has two things; one is a category that tells us which type of
message it is. If the message is of error type, the error message contains the type
and the code. The type defines the type of message while the code defines the
subtype of the message.
 o Type: It is an 8-bit field. It defines the ICMP message type. The values
range from 0 to 127 are defined for ICMPv6, and the values from 128 to
255 are the informational messages.
o Code: It is an 8-bit field that defines the subtype of the ICMP message
o Checksum: It is a 16-bit field to detect whether the error exists in the
message or not.

Types of Error Reporting messages

The error reporting messages are broadly classified into the following
categories:

o Destination unreachable

The destination unreachable error occurs when the packet does not reach the
destination. Suppose the sender sends the message, but the message does not
reach the destination, then the intermediate router reports to the sender that the
destination is unreachable.

Type: It defines the type of message. The number 3 specifies that the destination
is unreachable.

Code (0 to 15): It is a 4-bit number which identifies whether the message comes
from some intermediate router or the destination itself.

Sometimes the destination does not want to process the request, so it sends the
destination unreachable message to the source. A router does not detect all the
problems that prevent the delivery of a packet.

o Source quench

There is no flow control or congestion control mechanism in the network layer or

the IP protocol. The sender is concerned with only sending the packets, and the
sender does not think whether the receiver is ready to receive those packets or is
there any congestion occurs in the network layer so that the sender can send a
lesser number of packets, so there is no flow control or congestion control
mechanism. In this case, ICMP provides feedback, i.e., source quench. Suppose
the sender resends the packet at a higher rate, and the router is not able to handle
the high data rate. To overcome such a situation, the router sends a source quench
message to tell the sender to send the packet at a lower rate.
So, the sender must either stop or slow down the sending of datagrams until the
congestion is reduced. The router sends one source-quench message for each
datagram that is discarded due to the congestion in the network layer.

o Time exceeded

Sometimes the situation arises when there are many routers that exist between the
sender and the receiver. When the sender sends the packet, then it moves in a
routing loop. The time exceeded is based on the time-to-live value. When the
packet traverses through the router, then each router decreases the value of TTL
by one. Whenever a router decreases a datagram with a time-to-live value to zero,
then the router discards a datagram and sends the time exceeded message to the
original source.

The above message format shows that the type of time-exceeded is 11, and the
code can be either 0 or 1. The code 0 represents TTL, while code 1 represents
fragmentation. In a time-exceeded message, the code 0 is used by the routers to
show that the time-to-live value is reached to zero.

The code 1 is used by the destination to show that all the fragments do not reach
within a set time.

Parameter problems
The router and the destination host can send a parameter problem message. This
message conveys that some parameters are not properly set.

Redirection

When the packet is sent, then the routing table is gradually augmented and
updated. The tool used to achieve this is the redirection message. For example,
A wants to send the packet to B, and there are two routers exist between A and
B. First, A sends the data to the router 1. The router 1 sends the IP packet to
router 2 and redirection message to A so that A can update its routing table.
ICMP Query Messages

The ICMP Query message is used for error handling or debugging the internet.
This message is commonly used to ping a message.
Echo-request and echo-reply message

A router or a host can send an echo-request message. It is used to ping a

message to another host that "Are you alive". If the other host is alive, then it
sends the echo-reply message. An echo-reply message is sent by the router or
the host that receives an echo-request message.

Timestamp-request and timestamp-reply message

The timestamp-request and timestamp-reply messages are also a type of query

messages. Suppose the computer A wants to know the time on computer B, so it
sends the timestamp-request message to computer B. The computer B responds
with a timestamp-reply message.

Message format of timestamp-request and timestamp-reply

 Explain leaky bucket and token bucket algorithm and describe how to
implement
this algorithm in a real time application.

LEAKY BUCKET
When too many packets are present in the network it causes packet delay and
loss of packet which degrades the performance of the system. This situation is
called congestion.
The network layer and transport layer share the responsibility for handling
congestions. One of the most effective ways to control congestion is trying to
reduce the load that transport layer is placing on the network. To maintain this,
the network and transport layers have to work together.

Leaky Bucket Algorithm mainly controls the total amount and the rate of
the traffic sent to the network.
Step 1 − Let us imagine a bucket with a small hole at the bottom where the rate
at which water is poured into the bucket is not constant and can vary but it leaks
from the bucket at a constant rate.
Step 2 − So (up to water is present in the bucket), the rate at which the water
leaks does not depend on the rate at which the water is input to the bucket.
Step 3 − If the bucket is full, additional water that enters into the bucket that
spills over the sides and is lost.
Step 4 − Thus the same concept applied to packets in the network. Consider that
data is coming from the source at variable speeds. Suppose that a source sends
data at 10 Mbps for 4 seconds. Then there is no data for 3 seconds. The source
again transmits data at a rate of 8 Mbps for 2 seconds. Thus, in a time span of 8
seconds, 68 Mb data has been transmitted.
That’s why if a leaky bucket algorithm is used, the data flow would be 8 Mbps
for 9 seconds. Thus, the constant flow is maintained.

TOKEN BUCKET
The leaky bucket algorithm enforces output patterns at the average rate, no matter
how busy the traffic is. So, to deal with the more traffic, we need a flexible
algorithm so that the data is not lost. One such approach is the token bucket
algorithm.
Let us understand this algorithm step wise as given below −
 Step 1 − In regular intervals tokens are thrown into the bucket f.
 Step 2 − The bucket has a maximum capacity f.
 Step 3 − If the packet is ready, then a token is removed from the
bucket, and the packet is sent.
 Step 4 − Suppose, if there is no token in the bucket, the packet cannot
be sent.
When compared to Leaky bucket the token bucket algorithm is less restrictive
that means it allows more traffic. The limit of busyness is restricted by the
number of tokens available in the bucket at a particular instant of time.
The implementation of the token bucket algorithm is easy − a variable is used to
count the tokens. For every t seconds the counter is incremented and then it is
decremented whenever a packet is sent. When the counter reaches zero, no
further packet is sent out.

Explain distance vector routing algorithm. The major problem with

distance vector algorithm is ‘count to infinity’. How exchange of complete
path from router to destination instead of delay, helps in solving count to
infinity problem

o The Distance vector algorithm is iterative, asynchronous and

distributed.
 o Distributed: It is distributed in that each node receives information
from one or more of its directly attached neighbors, performs
calculation and then distributes the result back to its neighbors.
o Iterative: It is iterative in that its process continues until no more
information is available to be exchanged between neighbors.
o Asynchronous: It does not require that all of its nodes operate in the
lock step with each other.
o The Distance vector algorithm is a dynamic algorithm.
o It is mainly used in ARPANET, and RIP.
o Each router maintains a distance table known as Vector.

Three Keys to understand the working of Distance Vector Routing

Algorithm:
o Knowledge about the whole network: Each router shares its knowledge
through the entire network. The Router sends its collected knowledge about
the network to its neighbors.
o Routing only to neighbors: The router sends its knowledge about the
network to only those routers which have direct links. The router sends
whatever it has about the network through the ports. The information is
received by the router and uses the information to update its own routing
table.
o Information sharing at regular intervals: Within 30 seconds, the router
sends the information to the neighboring routers.
 DEMONSTRATE DISTANCE VECTOR WITH AN EXAMPLE
EXPLAIN COUNT TO INFINITY WITH EXAMPLE -----
EXPLAINED IN CLASS WRITE THAT ONE