Telecommunications software and multimedia laboratory Computer networks

Model answer to assignment 5, 1998

Question 1:
Explain why fragmentation is needed, how it is related to routing and how it works. (When does fragmenting occur, how and where? Where are the fragments reassembled and how? How is fragmentation announced in a network frame?)

Fragments are needed, because some segments of the network might support frame size, which is smaller than maximum size of the sended IP datagram (64 k).

There are two models of fragmenting; intranet and internet models. In intranet model every intermediate router (gateway) reassemblies the packet and possibly fragments it again. In internet model the datagram is fragmented if the network after it has smaller MTU (maximum transfer unit). The fragments are reassembled only at the destination.

Internet model reduces load of the routers and helps with the problem of lost packets. Destination IP decides when it's time to stop waiting the lost fragment (time exceeded).

Three IP header fields are used in fragmenting: identification, flags and fragment offset. Identification identifies the connection and the packet. Flags indicates if there is more fragments to come (more fragment bit). Fragment offset indicates the location of the fragment in packet. Offset is measured in units of 8 octets starting at the beginning of the packet.

Question 2:
What do "record route option" and "source route option" mean and how do they work?

In record route option every intermediate machine adds its address to the list in the frame structure.

To add itself to the list, a machine first compares the pointer and length fields. If the list is not full, the machine inserts its IP address at the position specified by pointer and increments the pointer by four.

Source routing option is a way to tell, how packets traverse internet. Source routing specifies the order of intermediate routers.

Strict source routing spesifies the exact route (no single hop between two consequtive addresses). An error results if a router cannot follow a route. In loose source routing multiple hops between successive addresses on the list are allowed.

The datagram will have a list of addresses it has visited (like record route option).

Question 3:
Explain the IP routing algorithm. How does it work?

Comer page 116, figure 8.3

First extract destination IP address from datagram and compute IP address of destination network.

If network address matches any directly connected network address, send datagram to destination over that network.

If the table contains a host-specific route to destination, send datagram to next-hop specified in the table.

If the table contains a route for network, send datagram to next-hop specified in the table.

If the table contains a default route, send datagram to the default router specified in table.

Else declare a routing error.

Question 4:
Explain why there is no ICMP error message with which a receiving host could tell the sender that its messages are arriving corrupted due to transmission errors. In what type of situation(s) would such an ICMP error message be useful?

All reasonably stated arguments were accepted:

There isn't such an error message because it would rather definitely be useless. What is expected to happen is that also the error message will corrupt. Finally it only increases load and nothing useful is gained.

It would be useful, if it traversed without corruption and told, why and where packets corrupted. If the sender finds out where packets corrupt, it can't be sure, is it question of long-term or temporary error. It also doesn't know where or why packets corrupt. Only reaction is to stop sending which usually isn't reasonable thing to do. Usually error correction is handled in upper protocol level or even detected by users themselves. Students didn't have much to say about usefulness, so assistant left it on less attention.

Question 5:
Explain why any network using proxy ARP is vulnerable to "spoofing" (i.e., a rogue host can impersonate a legal network host).

Hosts which are using proxy ARP are not concious about the fact that they have been subnetted. Response from any machine is as valid as response from server which handles routing.

Whole idea of proxy ARP is spoofing. (Comer: figure 10.2 page 142): "In essence, R lies about IP-to-physical address bindings."

Proxy ARP is based on trust - every request and reply is considered legitimate.

It is also impossible to implement warning which alerts when two IP addresses map to the same physical address.

**********************************
This page is maintained by the assistants of verkot, E-mail: verkot@tcm.hut.fi.
The page has last been updated 5.3.
URL: http://www.tcm.hut.fi/Opinnot/Tik-110.350/English/1998/assign_05_model.html