BE Computer Engineering (Pokhara University) Computer Networks (PU, CMP 344) Question Paper 2078 Nepal

(a) The Seven Layers of the OSI Reference Model (8)

The OSI (Open Systems Interconnection) model is a 7-layer reference architecture standardized by ISO. Data flows down from layer 7 to layer 1 at the sender and up at the receiver.

(b) OSI vs TCP/IP Model (6)

Layer mapping diagram:

        OSI (7 layers)              TCP/IP (4 layers)
  +----------------------+      +----------------------+
  | 7 Application        |      |                      |
  | 6 Presentation       | ---> |  Application         |
  | 5 Session            |      |                      |
  +----------------------+      +----------------------+
  | 4 Transport          | ---> |  Transport (TCP/UDP) |
  +----------------------+      +----------------------+
  | 3 Network            | ---> |  Internet (IP)       |
  +----------------------+      +----------------------+
  | 2 Data Link          | ---> |  Network Access      |
  | 1 Physical           |      |  (Link)              |
  +----------------------+      +----------------------+

Comparison:

Why TCP/IP became the de facto Internet standard:

• It was implemented and deployed first in working systems (ARPANET, BSD UNIX) while OSI remained largely a paper specification.
• It is simpler, leaner and flexible, with protocols proven in real networks.
• It was freely available and vendor-neutral, bundled with UNIX, encouraging rapid adoption.
• The Internet grew on TCP/IP, creating an installed base too large to displace.

(a) VLSM Subnetting of 192.168.40.0/24 (10)

Allocate subnets largest-first (descending host requirement). Required usable hosts: 60, 28, 12, 5.

Determine prefix per requirement (usable hosts $= 2^h - 2$):

• 60 hosts -> need $2^6-2 = 62 \ge 60$ -> 6 host bits -> /26 (mask 255.255.255.192)
• 28 hosts -> need $2^5-2 = 30 \ge 28$ -> 5 host bits -> /27 (mask 255.255.255.224)
• 12 hosts -> need $2^4-2 = 14 \ge 12$ -> 4 host bits -> /28 (mask 255.255.255.240)
• 5 hosts -> need $2^3-2 = 6 \ge 5$ -> 3 host bits -> /29 (mask 255.255.255.248)

Allocation table:

Remaining address space 192.168.40.120 – 192.168.40.255 stays free for future growth. Each block fits exactly without overlap.

(b) Classful vs Classless (CIDR) Addressing (4)

Classful addressing divides the IPv4 space into fixed classes by leading bits:

• Class A: /8 (16M hosts), Class B: /16 (65K hosts), Class C: /24 (254 hosts). The boundary between network and host portions is fixed by class, so an organization needing, say, 2000 hosts had to take a whole Class B, wasting tens of thousands of addresses.

Classless (CIDR) addressing uses a variable-length prefix written as a.b.c.d/n, where n is the number of network bits. The network/host boundary can fall anywhere, allowing address blocks of any power-of-two size.

Why CIDR was introduced:

• To stop rapid exhaustion of IPv4 addresses caused by rigid class boundaries.
• To allow efficient, right-sized allocation (no wasted addresses).
• To enable route aggregation (supernetting), reducing the size of Internet routing tables.

(a) Distance-Vector vs Link-State Routing (6)

(b) Dijkstra's Algorithm from Source A (6)

Link costs: A-B=2, B-C=3, A-D=1, B-E=4, C-F=2, D-E=1, E-F=5.

Initialize distances: A=0, all others = ∞. At each step pick the unvisited node with smallest tentative distance, mark it permanent, and relax its neighbours.

Note: when C becomes permanent (cost 5), F via C = 5+2 = 7, equal to existing 7 via E, so cost stays 7.

Shortest paths and total costs from A:

(a) TCP Three-Way Handshake and Connection Termination (6)

Connection establishment (three-way handshake):

  Client                                Server
    |  ---- SYN, seq=x ------------------>  |   (1)
    |  <--- SYN+ACK, seq=y, ack=x+1 -----   |   (2)
    |  ---- ACK, ack=y+1 --------------->   |   (3)
    |        Connection ESTABLISHED         |

1. Client sends SYN with initial sequence number x.
2. Server replies SYN+ACK: its own ISN y plus acknowledgement x+1.
3. Client sends ACK = y+1. Both sides now have synchronized sequence numbers; data transfer begins.

Connection termination (four-way handshake):

  Client                                Server
    |  ---- FIN, seq=u --------------->    |   (1)
    |  <--- ACK, ack=u+1 -------------     |   (2)
    |  <--- FIN, seq=v ---------------     |   (3)
    |  ---- ACK, ack=v+1 ------------->    |   (4)
    |   (TIME_WAIT, then CLOSED)            |

Each side closes its half of the connection independently with a FIN, acknowledged by the other side. The active closer enters TIME_WAIT before fully closing.

(b) Reliable Data Transfer and Congestion Control (6)

Reliable data transfer is achieved through:

• Sequence numbers on every byte and cumulative ACKs so lost/out-of-order data is detected.
• Retransmission on timeout (RTO) or on 3 duplicate ACKs (fast retransmit).
• Checksums to detect corruption; flow control via the receiver's advertised window (rwnd) to avoid overrunning the receiver.

Congestion control limits the sending rate using a congestion window (cwnd); the sender may transmit up to min(cwnd, rwnd) unacknowledged bytes.

• Slow Start: cwnd starts at ~1 MSS and doubles every RTT (exponential growth) until it reaches the slow-start threshold ssthresh or a loss occurs.
• Congestion Avoidance: once cwnd ≥ ssthresh, cwnd grows linearly (about +1 MSS per RTT) to probe bandwidth cautiously (additive increase).
• On loss: if a timeout occurs, ssthresh = cwnd/2 and cwnd resets to 1 MSS (back to slow start). On 3 duplicate ACKs, TCP performs fast retransmit + fast recovery (cwnd halved, not reset). This gives the characteristic AIMD (Additive Increase, Multiplicative Decrease) sawtooth behaviour.

TCP vs UDP

Applications best suited to TCP (need reliability/ordering):

1. Web browsing (HTTP/HTTPS) – every byte of a page must arrive intact and in order.
2. Email (SMTP) / File transfer (FTP) – data corruption or loss is unacceptable.

Applications best suited to UDP (need speed, tolerate loss):

1. Live video/voice (VoIP, video conferencing) – low latency matters more than the odd lost packet; retransmitting late audio is useless.
2. DNS lookups / online gaming – short, single-request transactions where TCP setup overhead would add unnecessary delay.

(a) Working of the Domain Name System (DNS) (5)

DNS is a hierarchical, distributed database that translates human-readable domain names (e.g. www.example.com) into IP addresses. It uses UDP/TCP port 53.

Server roles (hierarchy):

• Root name servers: top of the hierarchy; they do not know the final answer but direct queries to the correct TLD server based on the suffix (.com, .org, .np).
• Top-Level-Domain (TLD) servers: manage a TLD (e.g. .com) and point to the authoritative server for the specific domain.
• Authoritative name servers: hold the actual DNS records (A, AAAA, MX, CNAME) for a domain and give the final, definitive answer.

A local/recursive resolver also caches results to speed up future lookups.

Recursive vs Iterative queries:

• Recursive query: the client asks the resolver for the final answer; the resolver does all the work and returns either the IP or an error. (Client ↔ resolver.)
• Iterative query: the queried server returns the best referral it has (e.g. "ask this TLD server") rather than the final answer; the resolver then follows the referrals itself. (Resolver ↔ root/TLD/authoritative.)

Typically the host makes a recursive request to its resolver, and the resolver makes iterative requests to root, TLD, then authoritative servers.

(b) HTTP vs HTTPS (2)

Hub vs Switch vs Router

Key points:

• A hub simply repeats incoming bits to every other port, so all devices share one collision domain and bandwidth, causing many collisions.
• A switch learns MAC addresses and forwards frames only to the destination port, breaking the LAN into separate collision domains (microsegmentation) but still passing broadcasts.
• A router works with IP addresses, forwards packets between different networks/subnets, and stops broadcasts, so it separates both collision and broadcast domains.

(a) CSMA/CA in IEEE 802.11 and Why CSMA/CD Is Unsuitable for Wireless (4)

CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance): since wireless stations cannot reliably detect collisions while transmitting, 802.11 tries to avoid collisions instead of detecting them:

1. Carrier sense: a station listens to the medium; if busy it defers.
2. DIFS + random backoff: if the channel is idle for a DIFS interval, the station picks a random backoff counter from the contention window and counts down only while the medium is idle; it transmits when the counter reaches zero. This randomization avoids two waiting stations transmitting simultaneously.
3. Positive acknowledgement: because the sender cannot hear collisions, the receiver returns an ACK after a SIFS interval. No ACK ⇒ assume collision/loss ⇒ retransmit with a doubled contention window.

Why CSMA/CD is unsuitable for wireless:

• A wireless transceiver generally cannot transmit and listen at the same time, so it cannot detect a collision on its own signal as wired Ethernet does.
• Signal strength falls off rapidly with distance and the hidden terminal problem means a sender may not even hear a colliding station. Hence collision detection is impractical; collision avoidance is used.

(b) Hidden Terminal Problem and RTS/CTS (3)

Hidden terminal problem: two stations A and C are both in range of access point/station B but out of range of each other. A and C cannot sense one another's transmissions, so they may transmit to B simultaneously, causing a collision at B that neither sender detects.

RTS/CTS mitigation:

• Before sending data, a station sends a short RTS (Request To Send) to the receiver.
• The receiver replies with a CTS (Clear To Send), which is heard by all stations in the receiver's range (including the hidden ones).
• The RTS/CTS carry a duration field that sets the NAV (Network Allocation Vector), so hidden stations defer for the announced time, reserving the channel and preventing the collision.

Operation of DHCP and the DORA Process

DHCP (Dynamic Host Configuration Protocol) automatically assigns IP configuration (IP address, subnet mask, default gateway, DNS servers, lease time) to hosts, removing the need for manual configuration. It uses UDP ports 67 (server) and 68 (client) and works through a four-message exchange known as DORA:

  Client                               Server
    | -- DHCP DISCOVER (broadcast) -->  |   (D)
    | <-- DHCP OFFER -----------------  |   (O)
    | -- DHCP REQUEST (broadcast) --->  |   (R)
    | <-- DHCP ACK -------------------  |   (A)

1. DISCOVER: the client, having no IP, broadcasts a DHCPDISCOVER (source 0.0.0.0, destination 255.255.255.255) to locate any available DHCP server.
2. OFFER: each server replies with a DHCPOFFER proposing an available IP address along with mask, gateway, DNS and lease duration.
3. REQUEST: the client broadcasts a DHCPREQUEST formally accepting one offer (identifying the chosen server), so other servers know their offers were declined.
4. ACK: the chosen server sends a DHCPACK confirming the lease and finalizing the configuration. The client may run an ARP check, then begins using the address. (If the address is no longer available, the server sends a DHCPNAK and the process restarts.)

(a) Role and Components of SNMP (4)

SNMP (Simple Network Management Protocol) is an application-layer protocol (UDP ports 161/162) used to monitor and manage network devices — routers, switches, servers, printers — from a central station. It allows reading device status, changing configuration, and receiving alerts.

Components of an SNMP-managed network:

• Manager (NMS – Network Management Station): the central software that polls agents (GET/GET-NEXT/GET-BULK), sets values (SET), and receives unsolicited traps. It presents data to administrators.
• Agent: software running on each managed device that collects local information and responds to the manager's requests; it sends traps/notifications when significant events occur.
• MIB (Management Information Base): a hierarchical, standardized database of managed objects (each identified by an OID – Object Identifier) describing the parameters that can be read or written on a device.

(b) Two Faults Detected by Network Management + Corrective Actions (2)

1. Link/interface failure (device down): detected via missing responses or down-traps → corrective action: reroute traffic via a backup path and restart/replace the failed interface or device.
2. Network congestion / high utilization: detected via high interface utilization or packet-loss counters → corrective action: apply traffic shaping/QoS or upgrade link bandwidth to relieve the bottleneck.

(Answering any two of the three as required.)

(a) Network Address Translation (NAT)

NAT lets multiple hosts on a private network share one or a few public IP addresses. A NAT-enabled router rewrites the source IP (and port, in PAT/overload) of outgoing packets to its public address and keeps a translation table to map replies back to the correct internal host.

• Benefits: conserves scarce public IPv4 addresses and hides internal addressing (adds a layer of security).
• Types: Static NAT (1-to-1), Dynamic NAT (pool), and PAT/NAT Overload (many private hosts to one public IP, distinguished by port number) — the most common form in home/office routers.

(c) ARP and Its Working

ARP (Address Resolution Protocol) maps a known IPv4 address to a MAC (hardware) address on a local network, because frames on a LAN are delivered by MAC address.

• When a host wants to send to an IP on its subnet and lacks the MAC, it broadcasts an ARP Request ("Who has IP X? Tell me your MAC").
• The host owning IP X replies with a unicast ARP Reply containing its MAC.
• The sender caches the mapping in its ARP table for future use, avoiding repeated broadcasts.

(b) IPv4 vs IPv6 (alternative)