If you wanted to, you can take a look at your graded exam tomorrow (Wed) in my office; 10-11:30am, and 2-4pm.
CSE 589: mean = 136, median = 147, min = 67, max = 172
CSE 489: mean = 93, median = 96, min = 46, max = 152
If you only wanted to know your final exam’s grade, email all three of us (2 TAs and me). Whoever is online can reply with your grade.
HW4′s grades will be available in a couple of days.
There might be a couple of typos in it. Didn’t have time to proof-read thoroughly, let me know if you found any serious ones.
You can find them here.
The past week was pretty exciting from a … networking point of view. The Hydra’s (i.e. Wikileaks’) diversification of DNS and hosting resources was fascinating technically.
And then, there was the dispute between Comcast and Level 3 which generated lots of media coverage.
It’s the lastest example of how contentious peering and transit relationships can be.
In the beginning (around 1997-1999), 802.11′s security mechanisms include … suppressing the SSID broadcast (called “SSID hiding”), allowing only a white-list of MAC addresses, and WEP. SSID hiding is completely ineffective because the SSID is sent in plaintext anyhow in a variety of messages: BEACONs, PROBE Requests, PROBE Responses, ASSOCIATION Requests, REASSOCIATION Requests. MAC filtering is ineffective for the same reason.
WEP does not fare much better. It is completely broken by August of 2001. First, a couple of papers from Berkeley and from UMD broke the design. Then, the paper by Fluhrer, Mantin and Shamir broke the underlying encryption scheme (RC4 stream cipher). Many open-source softwares are now available for cracking WEP in several minutes: WEPCrack, AirSnort, AirCrack-NG. The following picture is probably familiar:
WEP’s setup is very simple. There’s a shared key (Pre Shared Key — PSK) that you can set up and share between our Access Point and our wireless stations. The PSK could be of length 40-bits (government restriction circa 99), 104-bits, or 232-bits long. RC4 stream cipher is used. RC4 works as follows. We provide the RC4 algorithm with a key. It will generate a stream of “random” bytes. We XOR these bytes with data bytes and send to the other end. As long as the receiver has the same key, then the same algorithm can be used to decode. To generate random bytes per packet, a 24-bit Initialization Vector is concatenated with the PSK (making a 64, 128, or 256 bit long key) to feed the RC4 algorithm. The IV is chosen randomly for each frame, and is sent in the plain so the receiver can recover. This means, after a short time period it will be repeated. WEP uses Shared Key Authenticaion, which is not good. Anyhow, let’s not beat up on the poor WEP. It’s not supposed to be used any more.
WPA came out around 2002, which was supposed to be a temporary fix for WEP: users can download a firmware update to update their wireless network cards to equipe them with WPA. WPA uses TKIP for encryption and authentication. (TKIP actually came out before WPA, and was incorporated into WPA.) TKIP uses the same encryption algorithm as WEP, but constructs the key in a different way: it uses a function to “mix” the master key with the IV instead of merely concatenating them. It also has a better message integrity check (MIC) algorithm named MICHEAL, and it added a frame counter to reduce the possibility of replay attacks. WPA has two modes: PSK and Enterprise. The PSK mode is similar to WEP. The Enterprise mode uses the EAP authentication framework and requires a RADIUS authentication server.
WPA/TKIP is vulnerable, although much less than WEP. There are a few attacks which kind of work: the Beck-Tews attackand its faster variance by Ohigashi-Morii. WPA is battered, but not broken.
The most secured one is WPA2, which uses AES for encryption. WPA2 with AES is our best option at this point. Don’t bet on it being secured for too long.
For simplicity, we use mobile networking to refer to the situation where one wants to maintain, say, TCP connections while moving a large distance. If we move only within the same access network then smart switches can handle this limited mobility. There are basically two options for maintaining connections when (at least) one of the end points is mobile: (1) have the moving end inform the other end, and (2) contact a fixed “home” location to know the current location.
Boeing Connexion Service is an example of option (1). An airplane is assigned with an IP address block. It has antennas which can communicate with (leased) satellite transponders, which communicate with base stations spreading out geographically. The base stations announce new BGP routes as the plane flies. One “cool” by-product of this design is that you can literally track a plane by looking at your BGP routing table updates! Unfortunately, BCS’s business model is flawed and it was closed in 2006. Other in-flight Wifi services popped up: AirCell, Row 44, OnAir, etc. The technologies are slightly different, but the principle remains the same.
The second option is basically what Mobile IP does. Your friend contacts a “home agent” (like your parents who should know where you are at all times) which can route to the “mobile agent” (i.e. you) because the mobile agent updates the home agent about its location. This “triangle routing” strategy is inefficient, especially when you’re far from your home. There’s also another proposal which works much like DNS: ask the home agent for the current IP and then talk to the mobile agent directly. This option is not transparent.
The Internet was not designed with mobility in mind. We might need to redesign it completely to support efficient mobility.
To build large LANs, there are a few hurdles. First, electrical signals get weaker when they travel longer distances. Second, the collision domain of a CSMA/CD type of protocol becomes larger.
Repeaters and hubs operate at the physical layer. They re-broadcast any frame coming from any port to the rest of the ports. In effect, repeaters and hubs make “join” all participating LANs into a large LAN. Hubs can not support multiple LAN types.
Bridges and switches are more sophisticated devices. They can also be used to join multiple LAN segments into a larger LAN. However, each segment is its own collision domain. And, the segments do not have to run the same LAN technology. In terms of interconnecting LANs, switches and bridges refer to the same thing. Historically, bridges came out first. Then, switches came which implement all the functionalities of bridges in a performance-wise superior way. Switches are also used to refer to a (slightly) larger class of devices. For our purposes, there’s no difference. So we will only talk about switches from now on.
To interconnect multiple Ethernets in a seamless manner, a switch has to major jobs: (1) self-learn which port to forward a frame to or not (transparent bridging operation), and (2) prevents bridging-loop problems by running a Spanning Tree Protocol. For performance purposes, cut-through switching is often implemented.
To facilitate portability, Virtual LAN was proposed. In the old days, LANs were often confined to some physical location (floor, building). Nowadays, we want to group people based on some organizational structure rather than the physical structures of buildings. A VLAN is just a group of hosts that communicate as if they belong to the same broadcast domain. Many LAN technologies support VLAN: ATM, FDDI, various types of Ethernets. The commonly used protocol for VLAN routing is 802.1Q. See this document from Cisco for more information.
Ethernet is one of the most successful pieces of technologies out there. It is inexpensive, and it was able to keep up with the speed race: 10Mbps, 100Mbps, 1Gbps, and 10Gbps, 100Gbps. Metcalfe designed the Ethernet protocol based on his earlier experiences with ALOHA. He founded 3Com, and managed to convince several big players to make Ethernet a standard. The rest is history.
Originally, a bus topology is commonplace. Repeaters are used to connect longer Ethernet segments. Later, a star topology with a hub, bridge, or a switch in the middle becomes more common. Nowadays, it is mostly bridges/switches. Hubs are obsolete.
An Ethernet frame typically has the following format
(there are several other optional fields such as the 802.1Q tag, or the jumbo frame option). The FCS field contains 32 CRC bits. Note that the source/destinations addresses are 48 bits long. Those are MAC addresses.
Traditionally, Ethernets operate under the half-duplex mode using its CSMA/CD protocol. For newer Ethernets, point-to-point links (from a station to a switch, for example) can use the full-duplex mode which doesn’t really require a protocol. Full-duplex operation is restricted to links meeting the following criteria:
Most network cards are able to negotiate the operation mode.
Under CSMA/CS, the minimum frame size must be sufficiently large so that the frame transmission time is at least twice the maximum propagation delay (this value of 
To see the Ethernet’s CSMA/CS algorithm “in action”, you can use this applet.
The MAC-to-IP mapping is maintained by the address resolution protocol (ARP). The protocol is really simple, especially after we’ve learned about DNS. The ARP cache is susceptible to ARP cache poisoning attacks (see also this one); however the effect of the attacks is reduced in modern switched Ethernets. It is still possible on a switched network, however.
On a single broadcast channel (wireless channel, shared link, etc.), two or more simultaneous transmissions lead to interference. We thus need a distributed algorithm coordinating accesses to the channel. This distributed algorithm is realized by a multiple access control (MAC) protocol. Three classes of MAC protocols are: (1) channel partitioning, (2) random access, and (3) round-robin.
Channel partitioning techniques include: TDMA, FDMA, CDMA, among others. We have seen TDMA and FDMA before. CDMA is relatively new. It is used by the GPS system, and many 3G phone services.
Random access protocols require stations sharing the channel to detect collisions and recover from collisions. Early examples are the ALOHA protocols. In Pure ALOHA, a station sends a frame as soon as it has the frame. If there’s collision, retransmit after a random period. It can be shown that the maximum throughput is only about 18%. In Slotted ALOHA, transmissions are synchronized in discrete slots. The maximum throughput is increased to 37%, but still too small.
ALOHA protocols are too aggressive. Stations should “sense” if the channel is available before talking. This idea gives rise to CSMA protocols, in which a node senses if the channel is idel before transmitting its frame. Due to propagation delay, collisions can still occur. In some channel type, collision detection (CD) is possible, giving rise to CSMA/CD protocols. The basic idea of CSMA/CD is as follows: (1) stations listen before transmit, and only transmit if channel is idle, (2) if collision is detected, then abort the transmission, and also sends a jam signal, (3) wait for a random period of time before retransmission. Exponential backoff is also employed to reduce the collision probability in later retransmission rounds. CSMA/CD was widely used in early Ethernet networks.
Round-robin protocols often employ a “token passing” mechanism, where only nodes possessing a “token” can transmit. Tokens are passed around to ensure fairness. Examples include token ring and token bus protocols.
Sorry it took me a while since I couldn’t find a suitable machine. Justin told me (thanks!) about the gcc -m32 option and here it goes.
 | Prateek on Questions about UBTorrent… |
 | NQH on Questions about UBTorrent… |
 | Prateek on Questions about UBTorrent… |
| NQH on Questions about UBTorrent… |
| Prateek on Questions about UBTorrent… |
| NQH on Questions about UBTorrent… |
| Prateek on Questions about UBTorrent… |
| NQH on Questions about UBTorrent… |
 | Nick on Questions about UBTorrent… |
| NQH on Questions about UBTorrent… |
