Unit3 - Subjective Questions

Network-Assisted Congestion Control involves the network layer components (like routers) actively providing feedback to the sender regarding the congestion state of the network.

• Mechanism: Routers monitor their queue lengths and link utilization. When congestion is detected or imminent, routers send explicit feedback to the sender (e.g., using Choke packets) or mark data packets (e.g., Explicit Congestion Notification - ECN) to inform the receiver, which then informs the sender.
• End-to-End Congestion Control: In contrast, end-to-end congestion control (like standard TCP) relies entirely on the end systems (sender and receiver) to infer congestion from network behavior (e.g., packet loss, high delay) without any explicit feedback from the network routers.
• Advantages: Network-assisted methods can react faster and more accurately to congestion before packet drops occur.

TCP uses a sliding window protocol combined with specific algorithms to control the amount of data injected into the network.

1. Slow Start: The TCP sender starts with a small Congestion Window (cwnd), typically 1 Maximum Segment Size (MSS). For every ACK received, cwnd is increased by 1 MSS. This results in an exponential growth of cwnd ( after RTTs). It continues until cwnd reaches the ssthresh (slow start threshold) or a loss occurs.
2. Congestion Avoidance: Once cwnd ssthresh, TCP enters this phase. The window grows linearly to probe for more bandwidth without causing sudden congestion. cwnd increases by 1 MSS per Round Trip Time (RTT). This is also known as Additive Increase.
3. Fast Recovery: When a packet loss is detected via 3 duplicate ACKs (indicating light congestion, not a full timeout), TCP halves ssthresh, sets cwnd to the new ssthresh + 3 MSS, and retransmits the missing packet. It then grows cwnd linearly for subsequent duplicate ACKs and exits to Congestion Avoidance when a new ACK arrives. This is part of the Additive Increase Multiplicative Decrease (AIMD) paradigm.

Classful IP Addressing:

• Introduced early in the Internet's history, it divides the IP address space into strict classes: A, B, C, D (multicast), and E (experimental).
• The network prefix length is fixed for each class (Class A: /8, Class B: /16, Class C: /24).
• Drawback: Leads to massive address wastage. A company needing 300 addresses would need a Class B block (65,534 addresses), wasting over 65,000 addresses.

Classless IP Addressing (CIDR):

• Classless Inter-Domain Routing (CIDR) removes the fixed network prefix boundaries.
• An IP address is accompanied by a prefix length (e.g., 192.168.1.0/22), indicating exactly how many bits represent the network portion.
• Advantage: Allows for highly efficient allocation of IP addresses, matching the exact needs of organizations. It also enables route summarization (supernetting) to reduce routing table sizes.

Subnetting is the process of logically dividing a single large network into multiple smaller, manageable networks (subnets).

Necessity of Subnetting:

1. Improved Performance: Large broadcast domains cause high broadcast traffic, degrading performance. Subnetting restricts broadcast traffic to smaller segments.
2. Enhanced Security: Subnets allow administrators to apply security policies and firewalls between different departments (e.g., HR, Engineering, Guest).
3. Address Conservation: By using Variable Length Subnet Masking (VLSM), administrators can allocate IP blocks that perfectly fit the number of hosts needed, minimizing wasted addresses.
4. Simplified Administration: Smaller networks are easier to troubleshoot, manage, and monitor than one massive, flat network structure.

Supernetting (or Route Summarization) is the process of combining several smaller contiguous networks into a single, larger network route to reduce the size of routing tables in routers.

Example:
Suppose an ISP has assigned four Class C networks to a customer:

• 192.168.0.0/24 (Binary: ... 0000 0000)
• 192.168.1.0/24 (Binary: ... 0000 0001)
• 192.168.2.0/24 (Binary: ... 0000 0010)
• 192.168.3.0/24 (Binary: ... 0000 0011)

Instead of advertising four distinct /24 routes, the router looks for common bits. The first 22 bits of all four addresses are identical (192.168.000000xx.x).
By borrowing 2 bits back into the host portion, we create a supernet mask of /22.
The summarized route is 192.168.0.0/22. This single entry replaces four entries in upstream routing tables, saving memory and processing power.

Step 1: Determine bits to borrow for subnets
We need 6 subnets. Using the formula , where is the number of borrowed bits.
. So, borrow 3 bits.

Step 2: Verify host capacity
The original block is /24 (8 host bits). We borrowed 3, leaving host bits.
Hosts per subnet = hosts. This satisfies the requirement of "at least 25 hosts".

Step 3: Calculate the new subnet mask
Original mask: /24 (255.255.255.0)
New mask: /27 (24 + 3). In binary: 11111111.11111111.11111111.11100000
Decimal subnet mask: 255.255.255.224

Step 4: List the network addresses
The block size (magic number) is .

• Subnet 1: 192.168.10.0/27
• Subnet 2: 192.168.10.32/27
• Subnet 3: 192.168.10.64/27

The Network Layer provides essential services to allow end-to-end communication across multiple networks. Key services include:

1. Logical Addressing: Providing a universal addressing scheme (like IP addresses) so every device on the internet can be uniquely identified, independent of its physical hardware address (MAC address).
2. Routing: Determining the optimal path for a packet to travel from the source to the destination across interconnected networks, utilizing routing protocols (e.g., OSPF, BGP).
3. Forwarding: The actual process of a router taking a packet arriving on an input port and moving it to the correct output port based on its forwarding table.
4. Encapsulation/Decapsulation: Taking segments from the Transport Layer, wrapping them in network layer headers (creating packets/datagrams) at the source, and stripping the headers at the destination.
5. Fragmentation and Reassembly: Breaking down large packets into smaller fragments if they exceed the Maximum Transmission Unit (MTU) of the underlying data link layer, and reassembling them at the destination.

Network layer performance is evaluated based on several quantitative metrics that determine the quality of service (QoS) provided to upper layers:

1. Delay (Latency): The total time taken for a packet to travel from source to destination. It comprises:
   • Processing delay: Time taken by routers to examine the header and determine routing.
   • Queuing delay: Time a packet waits in router queues before transmission.
   • Transmission delay: Time to push all packet bits onto the link (, where L=length, R=rate).
   • Propagation delay: Time for a signal to travel across the physical medium.
2. Throughput: The rate at which data is successfully transferred from source to destination, usually measured in bits per second (bps). It is limited by the bottleneck link in the path.
3. Packet Loss: The percentage of packets that fail to reach their destination, typically caused by router buffer overflows during network congestion.
4. Jitter: The variation in packet delay. High jitter is detrimental to real-time applications like VoIP and video streaming.

Explicit Congestion Notification (ECN) is a network-assisted congestion control mechanism used in conjunction with TCP/IP to signal congestion without dropping packets.

• How it works: Active Queue Management (AQM) algorithms in routers monitor queue lengths. When a router detects that its queue is growing too large (incipient congestion), instead of dropping the packet, it sets two specific bits in the IP header of the packet to indicate "Congestion Experienced" (CE).
• Feedback Loop: When the destination receives an IP packet marked with CE, it sets the ECN-Echo (ECE) flag in its TCP ACK back to the sender.
• Sender Reaction: The sender, upon receiving the ECE flag, reacts exactly as if a packet loss occurred (e.g., halving the congestion window) and sets the Congestion Window Reduced (CWR) flag to acknowledge it has reduced its sending rate.
• Benefit: It prevents packet loss, reduces retransmissions, and decreases latency for latency-sensitive applications.

Classful IP addressing divides the 32-bit IPv4 address space into specific classes based on the leading bits.

• Class A:
  • Leading Bits: 0
  • Structure: 8 bits for Network ID, 24 bits for Host ID (N.H.H.H).
  • Range: 1.0.0.0 to 126.255.255.255.
  • Capacity: Supports 126 networks, each with over 16 million hosts (). Designed for extremely large organizations.
• Class B:
  • Leading Bits: 10
  • Structure: 16 bits for Network ID, 16 bits for Host ID (N.N.H.H).
  • Range: 128.0.0.0 to 191.255.255.255.
  • Capacity: Supports 16,384 networks, each with 65,534 hosts (). Designed for medium-to-large organizations.
• Class C:
  • Leading Bits: 110
  • Structure: 24 bits for Network ID, 8 bits for Host ID (N.N.N.H).
  • Range: 192.0.0.0 to 223.255.255.255.
  • Capacity: Supports over 2 million networks, each with only 254 hosts (). Designed for small organizations.

TCP Tahoe and TCP Reno are two classic variants of TCP congestion control algorithms.

• TCP Tahoe:
  • In Tahoe, whether a packet loss is detected by a timeout OR by 3 duplicate ACKs, the reaction is the same.
  • It sets the ssthresh to half of the current cwnd.
  • It then completely drops cwnd down to 1 MSS and restarts the Slow Start phase.
  • Drawback: Severe performance drop due to always resetting the window to 1, leading to under-utilization of bandwidth.
• TCP Reno:
  • Reno distinguishes between a Timeout and 3 Duplicate ACKs.
  • Timeout: Treated as severe congestion. Behaves like Tahoe (cwnd = 1, enters Slow Start).
  • 3 Duplicate ACKs: Treated as mild congestion (the network is still delivering some packets). Reno halves ssthresh, sets cwnd to the new ssthresh, and enters Fast Recovery (skipping Slow Start) before moving to Congestion Avoidance. This provides significantly better throughput.

Step 1: Identify Subnet Mask and Interesting Octet
Prefix /18 implies a subnet mask of 255.255.192.0.
The interesting octet (where the subnetting occurs) is the 3rd octet (45).

Step 2: Calculate Block Size (Magic Number)
Block size = .

Step 3: Determine Network Address
Find the multiples of 64 that enclose the 3rd octet (45): 0, 64, 128...
The value 45 falls between 0 and 64.
Therefore, the Network Address is 172.16.0.0.

Step 4: Determine Broadcast Address
The next network starts at 172.16.64.0. The broadcast address is exactly one less than the next network address.
Therefore, the Broadcast Address is 172.16.63.255.

Step 5: Determine Valid Host Range
The valid hosts fall between the Network Address and Broadcast Address.
Valid Host Range: 172.16.0.1 through 172.16.63.254.

Network Congestion occurs when the amount of data injected into the network exceeds its processing or transmission capabilities, leading to performance degradation.

Primary Causes:

1. High Traffic Volume: When multiple sources simultaneously send large streams of data to a specific destination or through a specific bottleneck link, overwhelming the link capacity.
2. Insufficient Router Buffer Space: Routers have finite memory (buffers/queues) to hold packets while they wait to be processed or transmitted. If bursts of traffic exceed buffer capacity, packets are dropped.
3. Slow Processors: If a router's CPU is too slow to perform routing lookups and forward packets at line rate, queues build up even if the output link has available bandwidth.
4. Bad Network Design/Routing: Suboptimal routing protocols might force too much traffic over low-bandwidth links while higher-bandwidth links remain idle.

AIMD (Additive Increase Multiplicative Decrease) is the core feedback control algorithm used in TCP to maintain stability and share bandwidth fairly among multiple flows.

• Additive Increase (Probing for bandwidth): During the Congestion Avoidance phase, if the sender successfully receives ACKs (indicating no congestion), it increases its Congestion Window (cwnd) linearly. Typically, it adds 1 MSS to the cwnd for every full Round Trip Time (RTT). This gentle probing ensures the sender doesn't overwhelm the network abruptly.
• Multiplicative Decrease (Reacting to congestion): When packet loss is detected (a strong indicator of congestion), TCP reacts aggressively to clear the network queues. It cuts the ssthresh (and effectively the sending rate) in half (multiplying by 0.5).
• Why AIMD?: Mathematical models prove that AIMD converges to a stable and fair allocation of bandwidth among competing TCP flows sharing a bottleneck link, whereas other models like Multiplicative Increase Multiplicative Decrease (MIMD) do not.

While often used interchangeably by laymen, Routing and Forwarding represent two distinct functions of the Network Layer.

• Routing (Control Plane):
  • It is a network-wide process that determines the end-to-end paths that packets take from source to destination.
  • Routing involves algorithms and protocols (like OSPF, BGP, RIP) running among routers to exchange topology information and calculate the best paths.
  • The output of routing is the creation of a Routing Table.
• Forwarding (Data Plane):
  • It is a local, router-specific action.
  • It involves receiving a packet on an incoming interface, looking up the destination IP address in the router's Forwarding Information Base (FIB) or forwarding table, and switching the packet to the appropriate outgoing interface.
  • Forwarding happens at a very high speed (often in hardware), while routing calculations take place in the background (software).

Variable Length Subnet Masking (VLSM) allows a network administrator to divide an IP address space into subnets of different sizes, unlike traditional Fixed Length Subnet Masking (FLSM) where all subnets must have the same number of hosts.

• Mechanism: In VLSM, the network is first subnetted into large blocks. Then, one or more of those subnets are further subnetted into smaller blocks. This requires routing protocols that send the subnet mask along with the route advertisement (classless routing protocols like OSPF, EIGRP).
• Improvement over traditional subnetting: FLSM forces a one-size-fits-all approach, leading to massive IP waste. For example, a point-to-point WAN link only needs 2 IP addresses. With FLSM using a /24 network divided into 4 subnets of 62 hosts, assigning one subnet to a WAN link wastes 60 addresses. VLSM allows assigning a /30 mask (exactly 2 hosts) to the WAN link, conserving the remaining addresses for larger LANs.

The Retransmission Timeout (RTO) timer is a crucial mechanism in TCP for ensuring reliable data delivery and detecting severe network congestion.

• Role: When a sender transmits a segment, it starts an RTO timer. If the sender does not receive an Acknowledgment (ACK) for that segment before the timer expires, TCP assumes the packet (or its ACK) was lost in the network. The sender then retransmits the lost segment.
• Relation to Congestion Control: An RTO expiry is interpreted by TCP as a sign of severe network congestion (meaning the network queues are so full that packets are dropped, and no duplicate ACKs are arriving).
• Reaction: In response to a timeout, TCP reacts drastically: it reduces its cwnd (Congestion Window) to 1 MSS, drops the ssthresh to half the previous unacknowledged window, and enters the Slow Start phase. This drastically reduces the traffic the sender injects into the network, giving the routers time to clear their queues.

The router will forward the packet to Interface B.

Reasoning and Rule:
Routers use the Longest Prefix Match rule when forwarding packets. If a destination IP address matches multiple entries in the routing table, the router selects the entry with the longest subnet mask (the most specific route).

• Match against Entry 1: 192.168.5.150 belongs to 192.168.5.0/24 (Range: .0 to .255). It matches. Prefix length is 24.
• Match against Entry 2: 192.168.5.150 belongs to 192.168.5.128/25 (Range: .128 to .255). It matches. Prefix length is 25.
• Match against Entry 3: Default route matches everything, prefix length is 0.

Since /25 is longer (more specific) than /24, the router chooses the /25 route and forwards the packet out of Interface B.

Limitations of IPv4:

1. Address Exhaustion: The primary issue is that the 32-bit address space provides only about 4.3 billion addresses, which is vastly insufficient for the modern Internet with billions of devices.
2. Large Routing Tables: Due to historical non-hierarchical address allocation, core Internet routing tables grew unmanageably large.
3. Lack of Built-in Security: IPsec (IP Security) was an afterthought in IPv4, making end-to-end security difficult to enforce uniformly.
4. Complex Header: The IPv4 header is variable in length and includes a checksum, increasing processing overhead on routers.

How IPv6 solves them:

1. Massive Address Space: Uses a 128-bit address space, providing an almost limitless number of IPs ().
2. Simplified Header: Fixed 40-byte header with no checksum, allowing faster router processing.
3. Mandatory IPsec: Security is baked into the protocol standard.
4. No Fragmentation at Routers: Only end hosts fragment packets, speeding up network layer forwarding.

Network Address Translation (NAT) is a technology implemented on routers and firewalls that translates private, non-routable IP addresses (from a local network) into a single or a few public, globally routable IP addresses for internet access.

Why it is essential for IPv4:

1. Alleviates IPv4 Exhaustion: NAT is the primary reason the Internet did not completely collapse due to IPv4 address depletion in the 1990s. An entire organization or household with hundreds of devices (using private IPs like 192.168.x.x) can share just one public IP address using NAT with Port Address Translation (PAT).
2. Security/Hiding: NAT acts as a basic firewall. Because external hosts only see the router's public IP, the internal structure and individual IP addresses of end-user devices are hidden from the outside world, making direct inbound attacks more difficult.
3. Provider Independence: Changing Internet Service Providers (ISPs) does not require changing the internal IP addressing scheme of an organization; only the external NAT IP changes.