BSc CSIT (TU) Science Computer Networks (BSc CSIT, CSC258) Question Paper 2078 Nepal

Medium Access Control (MAC) Sub-layer

The MAC sub-layer is the lower part of the Data Link Layer (the upper part being the LLC sub-layer). When a channel (medium) is shared among many stations (as in a LAN), more than one station may try to transmit at the same time, causing a collision. The MAC sub-layer's job is to decide which station gets to use the shared medium and when, so as to maximize utilization while minimizing collisions. It also handles framing and physical (MAC) addressing.

Multiple-access protocols are broadly: (i) Random access (ALOHA, CSMA, CSMA/CD, CSMA/CA), (ii) Controlled access (polling, token passing, reservation), and (iii) Channelization (FDMA, TDMA, CDMA).

CSMA (Carrier Sense Multiple Access): Before transmitting, a station senses the medium ("listen before talk"). It transmits only if the channel is idle, reducing the chance of collision.

CSMA/CD (Collision Detection) — used in wired Ethernet

Used where a station can transmit and listen simultaneously (it can detect a collision on the wire).

Working principle:

1. A station that wants to send senses the carrier. If the channel is busy, it waits (defers).
2. If idle, it begins transmitting while continuing to listen to the medium.
3. If it detects a collision (the signal on the line differs from what it sent), it immediately stops and sends a short jam signal so all stations know a collision occurred.
4. The station then waits a random time chosen by the binary exponential back-off algorithm: after the $n$-th collision it waits a random multiple of the slot time in the range $[0, 2^n - 1]$ (capped at 1023), then retries.

This reduces wasted bandwidth because transmission is aborted as soon as a collision is sensed.

CSMA/CA (Collision Avoidance) — used in wireless 802.11 (Wi-Fi)

In wireless networks a station cannot reliably detect collisions while transmitting (hidden-terminal problem, can't listen and send at once), so collisions are avoided rather than detected.

Working principle:

1. Station senses the channel. If idle, it waits for a DIFS (interframe space) interval to be sure it stays idle.
2. It then performs a random back-off (contention window) and counts down only while the channel is idle, freezing the counter when busy.
3. When the counter reaches zero, it transmits the frame.
4. Because the sender can't detect collisions, the receiver returns an ACK after a SIFS gap to confirm success; no ACK ⇒ assume collision/loss ⇒ retransmit with a larger contention window.
5. Optionally uses RTS/CTS handshaking (Request-to-Send / Clear-to-Send) to reserve the channel and solve the hidden-terminal problem.

Summary of Difference

IPv4 Datagram Header Format

An IPv4 packet has a header (20–60 bytes) followed by data. The header is described in 32-bit (4-byte) words:

The minimum header is 20 bytes (no options); with options it can extend to 60 bytes.

IPv4 vs IPv6 Addressing

Conclusion: IPv6 was designed to solve IPv4 address exhaustion and to simplify the header, improve auto-configuration, and integrate security.

Congestion Control

Congestion occurs when the load offered to the network (number of packets) exceeds its capacity, causing queues at routers to overflow, packets to be dropped, throughput to fall, and delay to rise. Congestion control is the set of techniques to keep the load within the network's capacity.

Approaches:

• Open-loop (prevention): policies applied before congestion occurs — admission control, traffic shaping, retransmission/discarding policy.
• Closed-loop (removal): detect congestion and react — feedback signals (choke packets, ECN), and end-to-end window adjustment.

At the transport layer, TCP implements congestion control using a congestion window with slow start (exponential growth), congestion avoidance (additive increase / multiplicative decrease — AIMD), fast retransmit, and fast recovery. The sender treats packet loss as a sign of congestion and shrinks its window.

Traffic Shaping

Traffic shaping regulates the average rate and burstiness of data sent into the network so that traffic becomes smooth and predictable.

Leaky Bucket Algorithm

Think of a bucket with a small hole at the bottom. Water (packets) may arrive at any (bursty) rate, but leaks out at a constant rate, regardless of input rate. If the bucket overflows, excess packets are discarded.

• Output rate is fixed/constant (e.g. one packet per tick or $\rho$ bytes/sec).
• Smooths bursty traffic into a steady stream.
• A bursty input becomes a constant-rate output; bursts are not preserved.

arrival (bursty) --> [ bucket (queue, size = b) ] --> constant output rate
                          overflow -> dropped

Token Bucket Algorithm

Tokens are generated at a constant rate $r$ and stored in a bucket of capacity $C$. To send a packet, a station must remove a token. If tokens are available, packets may be sent (allowing bursts up to the number of accumulated tokens); if no token is available, the packet waits.

• Allows bursts (up to bucket capacity) while limiting the long-term average rate to $r$.
• If the host is idle, it saves up tokens and may later send a burst — more flexible than leaky bucket.
• Maximum burst length $S$ satisfies $C + r\,S = M\,S$, where $M$ is the maximum output rate, giving $S = \dfrac{C}{M - r}$.

Comparison

HTTP (HyperText Transfer Protocol)

HTTP is the application-layer protocol used by the World Wide Web to transfer web resources (HTML pages, images, etc.) between a web client (browser) and a web server. It runs over TCP, typically on port 80 (HTTPS uses TLS on port 443).

Working (request–response model):

1. The browser establishes a TCP connection to the server (three-way handshake).
2. The client sends an HTTP request message consisting of a request line (method, URL, version), headers, and an optional body. Common methods: GET (retrieve), POST (submit data), PUT, DELETE, HEAD.
3. The server processes the request and returns an HTTP response message: a status line (e.g. 200 OK, 404 Not Found, 301 Moved, 500 Internal Server Error), headers (Content-Type, Content-Length, etc.), and the body (the requested resource).
4. The browser renders the resource.

Key features:

• Stateless: each request is independent; the server keeps no memory of previous requests. State is maintained externally using cookies/sessions.
• Persistent connections (HTTP/1.1): one TCP connection can carry multiple request/response pairs (keep-alive), unlike non-persistent HTTP/1.0 which opened a new connection per object.

NAT (Network Address Translation)

NAT is a technique that maps private (internal) IP addresses to one or more public IP addresses (and vice versa) at the boundary router/gateway. It lets many hosts on a private network share a small number of public addresses, conserving the limited IPv4 address space and hiding the internal network structure.

Types of NAT

1. Static NAT: A fixed one-to-one mapping between a single private IP and a single public IP. Used when an internal server must be reachable from outside.
2. Dynamic NAT: Private IPs are mapped to public IPs drawn from a pool, on a first-come basis. Mapping is temporary and changes per session.
3. PAT (Port Address Translation) / NAT Overload: Many private IPs share one public IP, distinguished by different port numbers. This is the most common form (e.g. home routers).

Uses / Advantages

• Conserves public IPv4 addresses by letting many hosts share one.
• Provides a measure of security/privacy by hiding internal addresses from the Internet.
• Allows an organization to change its internal addressing without affecting the outside.

Limitation: breaks end-to-end connectivity and complicates protocols that embed IP addresses (e.g. FTP, VoIP).

FTP (File Transfer Protocol)

FTP is an application-layer, TCP-based protocol used to transfer files between a client and a server over a network. It is unique in that it uses two separate TCP connections:

• Control connection (port 21): stays open for the whole session; carries commands (USER, PASS, LIST, RETR, STOR, QUIT) and responses/status codes.
• Data connection (port 20): opened separately for the actual file data and closed after each transfer.

Working

1. The client opens a control connection to the server on port 21 and logs in with a username and password (anonymous FTP allows guest access).
2. Commands such as LIST, RETR <file> (download) or STOR <file> (upload) are sent over the control connection.
3. For each transfer a data connection is established (active or passive mode) and the file content is transferred.
4. The data connection closes after the transfer; the control connection persists until QUIT.

Modes

• Active mode: the server opens the data connection back to the client.
• Passive mode: the client opens the data connection to the server (works better through firewalls/NAT).

Note: Standard FTP sends data and credentials in plaintext (insecure); FTPS/SFTP add encryption.

ICMP (Internet Control Message Protocol)

Purpose: IP provides an unreliable, connectionless, best-effort delivery service and has no built-in mechanism to report errors or send control information. ICMP fills this gap: it is a companion protocol to IP (carried inside IP datagrams, protocol number 1) used to report errors in datagram processing and to send network diagnostic/query messages. ICMP does not correct errors — it only reports them back to the source.

Common ICMP message types

ICMP messages fall into two categories — error-reporting and query messages.

Error-reporting messages:

• Destination Unreachable (Type 3) — packet cannot be delivered (network/host/port unreachable).
• Time Exceeded (Type 11) — TTL reached 0, or fragment reassembly timed out. (Used by traceroute.)
• Source Quench (Type 4) — congestion notification (deprecated).
• Parameter Problem (Type 12) — bad header field.
• Redirect (Type 5) — better route available.

Query messages:

• Echo Request / Echo Reply (Types 8 and 0) — used by the ping utility to test reachability.
• Timestamp Request / Reply (Types 13 and 14).

Examples of use: ping (Echo Request/Reply) and traceroute (Time Exceeded) are the two most common diagnostic tools built on ICMP.

Symmetric vs Asymmetric Key Cryptography

Symmetric-key cryptography uses a single shared secret key for both encryption and decryption. Asymmetric-key (public-key) cryptography uses a pair of keys — a public key (to encrypt / verify) and a mathematically related private key (to decrypt / sign).

Note: In practice both are combined (hybrid systems, e.g. TLS): asymmetric crypto securely exchanges a symmetric session key, which is then used for fast bulk encryption.

Port Numbers and Socket Addresses

Port number: A 16-bit number ($0$–$65535$) used by the transport layer (TCP/UDP) to identify a specific process/application running on a host. While an IP address identifies the machine, a port number identifies the service within that machine, enabling multiplexing/demultiplexing of many connections.

Port ranges:

• Well-known ports (0–1023): standard services, e.g. HTTP=80, HTTPS=443, FTP=21, SSH=22, DNS=53, SMTP=25.
• Registered ports (1024–49151): assigned to specific applications.
• Dynamic / ephemeral ports (49152–65535): temporarily assigned to client connections.

Socket address: The combination of an IP address and a port number, written as IP:Port (e.g. 192.168.1.5:80). It uniquely identifies one endpoint of a network connection.

A full connection is identified by a socket pair — the four-tuple:

This four-tuple lets the transport layer distinguish every individual connection, even when multiple connections share the same server port.

Multiplexing

Multiplexing is the technique of combining multiple signals/data streams from different sources so they can share a single transmission medium (channel), improving link utilization. At the receiving end, demultiplexing separates the combined signal back into the original streams. The device that combines is a multiplexer (MUX) and the one that separates is a demultiplexer (DEMUX).

FDM (Frequency Division Multiplexing)

• The bandwidth of the channel is divided into several non-overlapping frequency bands, one per signal.
• Each source is modulated onto a different carrier frequency; guard bands separate channels to prevent interference.
• All signals are transmitted simultaneously but on different frequencies.
• Analog technique. Example: radio/TV broadcasting, cable TV.

Freq |  ch1 | guard | ch2 | guard | ch3   (all at the same time)

TDM (Time Division Multiplexing)

• The channel's time is divided into time slots; each source is given a slot in turn (round-robin).
• Signals share the same frequency but transmit at different times.
• Digital technique. Two kinds: Synchronous TDM (fixed slot per source even if idle) and Statistical/Asynchronous TDM (slots allocated only to active sources, more efficient).
• Example: T1/E1 carrier lines, GSM.

Time | s1 | s2 | s3 | s1 | s2 | s3 ...   (same frequency, different times)

Difference

Guided vs Unguided Transmission Media

Guided (wired/bounded) media carry signals along a solid physical path (a cable). The signal is confined within the conductor. Unguided (wireless/unbounded) media transmit signals through free space (air, vacuum, water) as electromagnetic waves, without a physical conductor.

Summary: Guided media offer higher reliability, security and bandwidth but require physical cabling; unguided media offer mobility and easy deployment at the cost of security and susceptibility to interference.

LAN vs MAN vs WAN

Networks are classified by geographical area they cover.

• LAN (Local Area Network): Covers a small area — a room, building, or campus (up to ~a few km). Privately owned, high data rate, low latency, low error rate. Examples: office/college network, home Wi-Fi. Technologies: Ethernet, Wi-Fi.
• MAN (Metropolitan Area Network): Covers a city or metropolitan area (up to ~50 km). Often interconnects several LANs. Owned by an organization or a service provider. Examples: city-wide cable TV network, a campus spread across a city. Technology: e.g. Metro Ethernet.
• WAN (Wide Area Network): Covers a large geographical area — country, continent, or the whole world. Built from many interconnected LANs/MANs using leased lines, fiber backbones and routers. Usually owned/operated by multiple organizations. Lower data rate per hop and higher latency than LAN. The Internet is the largest WAN.