Que 1 What is application layer?

Discuss any four protocols with its role that are used for
exchange of information.
Ans: In the Internet model, the application layer is an abstraction layer reserved for
communications protocols and methods designed for process-to-process communications
across an Internet Protocol (IP) computer network. Application layer protocols use the
underlying transport layer protocols to establish process-to-process connections via ports.
In the OSI model, the definition of its application layer is narrower in scope. The OSI model
defines the application layer as being the user interface. The OSI application layer is
responsible for displaying data and images to the user in a human-recognizable format and to
interface with the presentation layer below it.
It separates functionality above the transport layer at two additional levels, the session layer
and the presentation layer. OSI specifies strict modular separation of functionality at these
layers and provides protocol implementations for each layer. The interface responsible for
displaying the information received to the user.
Four layers are:
HTTP: The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed,
collaborative, hypermedia information systems. HTTP is the foundation of data
communication for the World Wide Web.
Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text.
HTTP is the protocol to exchange or transfer hypertext.
HTTP functions as a request-response protocol in the client-server computing model. A web
browser, for example, may be the client and an application running on a computer hosting a
web site may be the server. The client submits an HTTP request message to the server. The
server, which provides resources such as HTML files and other content, or performs other
functions on behalf of the client, returns a response message to the client. The response
contains completion status information about the request and may also contain requested
content in its message body.
FTP: File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one
host to another host over a TCP-based network, such as the Internet.
FTP is built on a client-server architecture and uses separate control and data connections
between the client and the server. FTP users may authenticate themselves using a clear-text
sign-in protocol, normally in the form of a username and password, but can connect
anonymously if the server is configured to allow it. For secure transmission that hides
(encrypts) the username and password, and encrypts the content, FTP is often secured with
SSL/TLS ("FTPS").
FTP may run in active or passive mode, which determines how the data connection is
established. In active mode, the client creates a TCP control connection. In situations where
the client is behind a firewall and unable to accept incoming TCP connections, passive mode
may be used. In this mode, the client uses the control connection to send a PASV command to
the server and then receives a server IP address and server port number from the server,
which the client then uses to open a data connection from an arbitrary client port to the
server IP address and server port number received.
Syntax: ftp://[<user>[:<password>]@]<host>[:<port>]/<url-path>
SMTP: Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail)
transmission across Internet Protocol (IP) networks. It is an Application Layer protocol in the
OSI reference model.
SMTP uses TCP port 25. The protocol for new submissions is effectively the same as SMTP, but
it uses port 587 instead. SMTP connections secured by SSL are known by the shorthand
SMTPS on TCP port 465, though SMTPS is not a protocol in its own right.

RIP: The Routing Information Protocol (RIP) is one of the oldest distance-vector routing
protocols, which employs the hop count as a routing metric. RIP prevents routing loops by
implementing a limit on the number of hops allowed in a path from the source to a
destination. The maximum number of hops allowed for RIP is 15. This hop limit, however, also
limits the size of networks that RIP can support. A hop count of 16 is considered an infinite
distance, in other words the route is considered unreachable.
RIP implements the split horizon, route poisoning and holddown mechanisms to prevent
incorrect routing information from being propagated. These are some of the stability features
of RIP. It is also possible to use the Routing Information Protocol with Metric-Based Topology
algorithm to cope with the count-to-infinity problem. With RMTI, it is possible to detect every
possible loop with a very small computation effort.

Que 2 Brief the following : a. SLIP b. PPP

Ans:
a. SLIP: The Serial Line Internet Protocol (also Serial Line Interface Protocol; SLIP) is an
encapsulation of the Internet Protocol designed to work over serial ports and modem
connections. It is documented in RFC 1055. On personal computers, SLIP has been largely
replaced by the Point-to-Point Protocol (PPP), which is better engineered, has more features
and does not require its IP address configuration to be set before it is established. On
microcontrollers, however, SLIP is still the preferred way of encapsulating IP packets due to its
very small overhead.
SLIP modifies a standard TCP/IP datagram by appending a special "SLIP END" character to it,
which distinguishes datagram boundaries in the byte stream. SLIP requires a serial port
configuration of 8 data bits, no parity, and either EIA hardware flow control, or CLOCAL mode
(3-wire null-modem) UART operation settings.
SLIP does not provide error detection, being reliant on upper layer protocols for this. Therefore
SLIP on its own is not satisfactory over an error-prone dial-up connection. It is however still
useful for testing operating systems' response capabilities under load (by looking at floodping statistics).
SLIP is also currently used in the BlueCore Serial Protocol for communication between
Bluetooth modules and host computers.
b. PPP: The Point-to-Point Protocol (PPP) is a data link protocol commonly used in establishing
a direct connection between two networking nodes. It can provide connection authentication,
transmission encryption and compression.
PPP is used over many types of physical networks including serial cable, phone line, trunk
line, cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also
used over Internet access connections (now marketed as "broadband"). Internet service
providers (ISPs) have used PPP for customer dial-up access to the Internet, since IP packets
cannot be transmitted over a modem line on their own, without some data link protocol. Two
derivatives of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol
over ATM (PPPoA), are used most commonly by Internet Service Providers (ISPs) to establish a
Digital Subscriber Line (DSL) Internet service connection with customers.
PPP is commonly used as a data link layer protocol for connection over synchronous and
asynchronous circuits, where it has largely superseded the older Serial Line Internet Protocol
(SLIP) and telephone company mandated standards. PPP was designed to work with
numerous network layer protocols, including Internet Protocol (IP), TRILL, Novell's
Internetwork Packet Exchange (IPX), NBF and AppleTalk.

Que 3 What are congestion? Mention two algorithms to overcome congestion.

Ans: Network congestion occurs when a link or node is carrying so much data that its quality
of service deteriorates. Typical effects include queueing delay, packet loss or the blocking of
new connections. A consequence of these latter two is that incremental increases in offered
load lead either only to small increases in network throughput, or to an actual reduction in
network throughput.
Network protocols which use aggressive retransmissions to compensate for packet loss tend
to keep systems in a state of network congestion even after the initial load has been reduced
to a level which would not normally have induced network congestion. Thus, networks using
these protocols can exhibit two stable states under the same level of load. The stable state
with low throughput is known as congestive collapse.
For example:

A wireless LAN is easily filled by a single personal computer

Even on fast computer networks (e.g. Gigabit Ethernet), the backbone can easily be
congested by a few servers and client PCs

The aggregate transmission from P2P networks have no problem filling an uplink or
some other network bottleneck

Denial-of-service attacks by botnets are capable of filling even the largest Internet
backbone network links, generating large-scale network congestion

In telephony networks (particularly mobile phones), a mass call event can overwhelm
digital telephone circuits
Slow Start: Old implementations of TCP start a connection with the sender injecting multiple
segments into the network, up to the window size advertised by the receiver. Although this is
OK when the two hosts are on the same LAN, if there are routers and slower links between the
sender and the receiver, problems can arise. Some intermediate routers cannot handle it,
packets get dropped, and retransmission results and performance is degraded. The algorithm
to avoid this is called slow start. It operates by observing that the rate at which new packets
should be injected into the network is the rate at which the acknowledgments are returned by
the other end. Slow start adds another window to the sender's TCP: the congestion window,
called cwnd. When a new connection is established with a host on another network, the
congestion window is initialized to one segment.
Congestion Avoidance: The assumption of the algorithm is that packet loss caused by
damage is very small (much less than 1%). Therefore, the loss of a packet signals congestion
somewhere in the network between the source and destination. There are two indications of
packet loss:

A timeout occurs.

Duplicate ACKs are received.

Congestion avoidance and slow start are independent algorithms with different objectives.
But when congestion occurs, TCP must slow down its transmission rate of packets into the
network and invoke slow start to get things going again. In practice, they are implemented
together.
Congestion avoidance and slow start require that two variables be maintained for each
connection:

A congestion window, cwnd

A slow start threshold size, ssthresh

The combined algorithm operates as follows:

1. Initialization for a given connection sets cwnd to one segment and ssthresh to 65535
bytes.
2. The TCP output routine never sends more than the lower value of cwnd or the
receiver's advertised window.
3. When congestion occurs (timeout or duplicate ACK), one-half of the current window size
is saved in ssthresh. Additionally, if the congestion is indicated by a timeout, cwnd is
set to one segment.
4.
When new data is acknowledged by the other end, increase cwnd, but the way it
increases depends on whether TCP is performing slow start or congestion avoidance. If cwnd
is less than or equal to ssthresh, TCP is in slow start; otherwise, TCP is performing congestion
avoidance.

Que 4 What do you mean by OPTION NEGOTIATION? Explain with an example.

Ans: All of the DO/DONT/WILL/WONT stuff above only serves to enable or disable an option.
Some options are only either off or on, in which case the negotiation above is sufficient.
An example would be the binary transmission option, TRANSMIT-BINARY. Others require that
after they are enabled, the client and server exchange parameters to control how the option
works.
For example, the TERMINAL-TYPE option requires some way for the client to send the server
the name of the terminal. Telnet allows the client and server to send an arbitrary amount of
data related to the option using a process called option sub-negotiation.
A device begins this process by sending a special sequence of Telnet protocol commands and
data.
First the command SB is sent, followed by the option number and parameters as defined by
the particular option; the end of the sub-negotiation data is marked by the protocol command
SE. Of course, both SB and SE must be preceded by the Interpret As Command (IAC)
command byte.
Working
The starting base of negotiation is the NVT capability: each host to be connected must
agree to this minimum.
Every option can be negotiated by the use of the four command codes WILL, WON'T, DO,
DON'T described above.
In addition, some options have sub-options: if both parties agree to the option, they use the
SB and SE commands to manage the sub-negotiation.
To use an option, the client and server must negotiate and agree to use it. The tools for
negotiation are the commands we've already talked about. One side - usually, but not always,
the client - sends a "WILL X" packet (WILL is decimal value 251), where X is the option it
wants to use (numeric values for X are given on p. 373). The other side will respond with a DO
X or a DON'T X, depending on whether it is willing to support the option.
Alternatively, the first side could send a "DO X" packet, in which case the response is either
"WILL X" or "WON'T X".
TELNET is one of the programs that requires the TCP Urgent Data function, because buffers
may fill up (for example, if a program being executed is in an infinite loop), and the server's
program will stop reading data - including the "IP" command the user sent after he realized
what was happening. The packet with the "Terminate" command can be sent as "urgent data"
at the TCP level; that will bypass the standard TCP flow controls and enable an out-of-control
process to be stopped.

Que 5 What is domain name resolution? Discuss the domain name resolution process.
Ans: The Domain Name System (DNS) is a hierarchical naming system built on a distributed
database for computers, services, or any resource connected to the Internet or a private
network. Most importantly, it translates domain names meaningful to humans into the
numerical identifiers associated with networking equipment for the purpose of locating and
addressing these devices worldwide. An often-used analogy to explain the Domain Name
System is that it serves as the phone book for the Internet by translating human-friendly
computer hostnames into IP addresses. For example, the domain name www.example.com
translates to the addresses 192.0.32.10 (IPv4) and 2620:0:2d0:200::10 (IPv6). The Domain
Name System makes it possible to assign domain names to groups of Internet resources and
users in a meaningful way, independent of each entity's physical location. Because of this,
World Wide Web (WWW) hyperlinks and Internet contact information can remain consistent
and constant even if the current Internet routing arrangements change or the participant uses
a mobile device. Internet domain names are easier to remember than IP addresses such as
208.77.188.166 (IPv4) or2001:db8:1f70::999:de8:7648:6e8 (IPv6). Users take advantage of
this when they recite meaningful Uniform Resource Locators (URLs) and e-mail addresses
without having to know how the computer actually locates them. The Domain Name System
distributes the responsibility of assigning domain names and mapping those names to IP
addresses by designating authoritative name servers for each domain. Authoritative name
servers are assigned to be responsible for their particular domains, and in turn can assign
other authoritative name servers for their sub-domains. This mechanism has made the DNS
distributed and fault tolerant and has helped avoid the need for a single central register to be
continually consulted and updated. In general, the Domain Name System also stores other
types of information, such as the list of mail servers that accept email for a given Internet
domain. By providing a worldwide, distributed keyword-based redirection service, the Domain
Name System is an essential component of the functionality of the Internet.
The domain name resolution process entails:
1. When a DNS name resolution request is forwarded to a DNS server, the DNS server
examines its local DNS cache for the IP address.
2. If the IP address is not in the DNS server's cache, it checks its HOSTS file. (Since the
HOSTS file is a static text file, it is not commonly used)
3. If the DNS server is not authoritative and configured for forwarding, the DNS server
forwards the request to a higher-level DNS server.
4. If the DNS server cannot forward the request, or if forwarding fails, the DNS server uses
its Root Hints file (also known as Cache DNS). The Root Hint file lists the 13 root DNS
servers.
5. The root DNS server responds with the address of a com, edu, net or other DNS server
type (depending on the request)
6.
The DNS server forwards the request to the high-level DNS server, which can respond
with a variety of IP addresses.

Que 6 Discuss the importance of SIP technology. List and brief any four primary functions of
session initiation protocol.
Ans: The Session Initiation Protocol (SIP) is a standard used in Voice over IP. It is standardized
by the Internet Engineering Task Force (IETF). SIP is a signaling protocol, which means that it
is not actually responsible for transmitting the voice data, rather its purpose is to initiate
(hence the name), coordinate and tear down a communication session between two
endpoints - peers. Compared to a traditional telephone, the ringing of a phone, the busy tone
and the ending of a call are all functions the SIP protocol is responsible for.

When considering the importance of SIP it is worth to mention that SIP is used extensively in
the IP Multimedia Subsystem (IMS) that provides multimedia services in third generation (3G)
mobile phones (IP Multimedia Subsystem, 2007). This automatically gives it some wide
industry support and ensures that it will be a relevant protocol for at least the next 10 years.

SIP has four key functions provided by that facilitates various interaction capabilities. Think of
SIP as a building being built with different capabilities as it is being built.
Four primary functions of session initiation protocol

Name mapping and redirection: This involves the translation of participants (clients)
descriptive naming information to SIP location information. This function is one of two
which occurs during the sessions setup.

Capabilities negotiation: This incorporates the second function occurring during session
setup. The various media capabilities of the participants are determined by the SIP in
order to assure appropriate usage of media facilities during the session.

Participant management: This SIP function enables participant management by

allowing participants to control the incorporation of new arrivals into a session or the
termination of existing participants during a session. An example of this would be
establishing a conference session and adding additional users to the session so that
they too can participate in full multimedia session.

Capabilities management: SIP is able to monitor the media capabilities during a session
and thus make the appropriate adjustments when necessary. This dynamic capability
will adjust the clients interaction with other clients by adjusting the session
dynamically to reflect a compounded matrix of capabilities.