CSCI-E 131b Final Review

Update 1/2/10
The Final didn't seem as difficult as I thought it would be -- I did study a whole lot and attend every section though! If you're taking this course in the future, I recommend having a good grasp on ALL concepts. Easier said than done right? But guess what, your brain will have a lot of extra room if you don't memorize the structure of specific packets and other things of that detail.


Note: I formed this while I was studying for the course’s final and I cannot vouch that it is correct in any way. Much of it comes from our course’s textbook, Wikipedia, lecture notes, and my own random knowledge.


These are only the terms that I think are important.

802.3: The IEEE Ethernet standard used today.

802.11: The Wireless networking standard used today.

ACK: An abbreviation for acknowledgment. ACKs are usually sent to tell the sender the data or packet transfer was successful.

AES: Advanced Encryption Standard. A Shared-Key cipher that supersedes DES.

ARP: Address Resolution Protocol. Used to translate IP addresses into MAC addresses.

Bandwidth: The amount of data per time that can be transmitted over connection.

Broadcast: A way of sending packets to every host on a network.

CA: Certificate Authority. This is an entity that verifies and signs certificates to ensure the validity of a public key and name (domain).

Certificate: A digitally signed (hashed) document used to distribute public keys.

Checksum: A computation over some data that can take place before and after transmission. If the checksum matches, the before and after, then the data was transmitted in whole. Used for error detection.

CIDR: Classless Inter-Domain Routing. Used for sub-netting, allowing many more sizes of networks compared to typical Class A, B, C subnets.

Congestion: The occurrence packets are discarded when too many contend for a single resource.

Congestion Control: The avoidance of congestion in a network. We’ve discussed the Slow Start algorithm of TCP in class.

Connection-Oriented: A protocol where some initialization must occur between the sender and receiver before data may be transferred.

Connectionless: A protocol where data can be sent without any prior connection. Also known as a Datagram service.

CRC: A strong checksum that exists in many packet headers.

CSMA/CD: Carrier Sense Multiple Access with Collision Detection. This is a feature of Ethernet. It can tell when data being sent over the network as multiple nodes can be attached to it. In addition it is aware when more than one entity transmits data at a time.

Datagram: Analogous to connectionless. This is a transmission unit that contains the necessary information to deliver to its destination.

Demultiplexing: The counterpart to multiplexing, where many different “things” can share another “thing.” As in the case of protocols, IP uses the Protocol Number field to determine whether it is using TCP or UDP. And TCP/UDP uses the Port Number to allow many Layer-5 protocols to use it.

DES: Data Encryption Standard. This is a Shared-Key algorithm that uses a 64-bit shared key.

DHCP: Dynamic Host Configuration Protocol. A protocol used by a host to determine it’s own IP on a network.

DNS: Domain Name System. The naming system used by the Internet to resolve hostnames, implemented through a hierarchy of name-servers. Common DNS records include:

• A -specifies 32 bit IPv4 address

• AAAA –IPv6 address record

• MX -mail exchange record

• NS -specifies authoritative name server for a domain

• CNAME -canonical name, provides alias functionality

• HINFO -specifies limited host information

• SRV –identifies a specific service


Encapsulation: The process of taking a higher level protocol and placing it within the payload of a lower level protocol.

Ethernet: A data layer protocol that uses CSMA/CD. The original Ethernet had various hosts that used vampire clamps to connect to a large wire, “the ether.”

Firewall: A router that follows some security policy to filter packets.

Flow Control: Used to prevent a sender from overloading a receiver. We most commonly see Sliding Window as a mechanism in HLDC and TCP.

Forwarding: Routers operate on the store-and-forward principal. Packets are first stored in a buffer and then sent to its destination.

Forwarding Table: Maintained by routers to help decide where to forward packets.

Fragmentation/Assembly: Packets may be split into small sizes by a router if they are too large for a network.

Frame: A (link-layer) name for a packet sent between two links.

FTP: File Transfer Protocol. A standard TCP based protocol used for transferring files.

H.323: A protocol used for Internet telephony. Assumes that the end devices are “simple” and provides more control and configuration over SIP.

ICMP: Internet Control Message Protocol. Allows reporting based on the IP datagram, as IP is connectionless and occasionally some response can be helpful to certain applications/protocols.

IMAP: Internet Message Access Protocol. Allows a user to access their mail without downloading it to their machine first.

IPSEC: IP Security. This is an architecture used to provide authentication and security to the IP layer of the Internet. Transport (encrypt only the data) and Tunnel (encrypt all, assigning a new header) modes are provided.

Jitter: Timing variations in network latency.

MAC: Media Access Control. We see this as a way to share single device with a common network.

MD5: Message Digest version 5. This is a Digital Signature/Hashing algorithm.

MIME: Multipurpose Internet Mail Extensions. Email was original text-based and MIME provides a way to convert and specify binary data to text.

MTU: Maximum Transmission Unit. The largest sized packet that can be sent on a given network.

Multicast: A special form of a broadcast to send data to a specified group of nodes.

Multiplexing: A way to share a single resource. Both UDP and TCP use the IP protocol to send data over the net. Examples:

FDM – Frequency Division Multiplexing – A different frequency for each user.

TDM – Time Division Multiplexing – Time intervals for each user or Statistical by a queue.

NAT: Network Address Translation. Typically implemented by routers to assign outgoing traffic from a local address some known public address so it may access the Internet. NAT may use port numbers where multiple local hosts share a single public address.

NFS: Network File System. A protocol to make file access over a network appear transparent.

OSPF: Open Shortest Path First. Used by routers to construct a network topology and be aware of changes noticed by other routers.

Packet Switching: Is the term used to describe how data is sent through the network. It uses store-and-forward and implies statistical multiplexing.

Proxy: An intermediate machine between a sender and receiver which can intercept messages and provide some service.

Public Key Encryption: An encryption algorithm where users have a private and public key used to encrypt and decrypt messages, versus some shared key. The private key can encrypt a message that only the public key can decrypt.

QoS: Quality of Service. An implementation of QoS can allow a network to make guarantees on packet delivery. Certain packets may be marked for expedited delivery.

RIP: Routing Information Protocol. Each router only aware of its networks and forwards this information to other connected routers.

RSA: A public-key encryption algorithm.

RTCP: Real-Time Transport Control Protocol. RTCP provides out-of-band statistics and control information for an RTP flow.

RTP: Real-Time Transport Protocol. RTP is an end-to-end protocol used to send data with real-time constraints. This is unreliable but sequenced.

RTT: Round-Trip Time. This is simply the latency to reach the destination and back.

SDP: Session Description Protocol. This is a format for describing streaming media initialization parameters in an ASCII string. SDP is intended for describing multimedia communication sessions for the purposes of session announcement, session invitation, and parameter negotiation. SDP does not deliver media itself but is used for negotiation between end points of media type, format, and all associated properties. SDP is designed to be extensible to support new media types and formats.

SIP: Session Initiation Protocol. This is an application layer protocol used in multimedia applications. It determines the correct device with which to communicate to reach a user, determines is the user is willing or able to partake in communication, determines the choice of media and coding scheme to use, and establishes the session.

Sliding Window: Sliding Window Protocols are a feature of packet-based data transmission protocols. They are used in the data link layer as well as in TCP. They are used to keep a record of the frame sequences sent, and their respective acknowledgements received, by both the users. Their additional feature over a simpler protocol is that can allow multiple packets to be "in transmission" simultaneously, rather than waiting for each packet to be acknowledged before sending the next.

Slow Start: Slow-start is part of the congestion control strategy used by TCP, the data transmission protocol used by many Internet applications. Slow-start is used in conjunction with other algorithms to avoid sending more data than the network is capable of transmitting, that is, network congestion.

SMTP: Simple Mail Transfer Protocol. This is an Internet standard for electronic mail transmission across networks. For receiving messages, client applications usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) to access their mail accounts on a mail server.


• Class A, networks 1 -126, /8 prefix

• Class B, networks 128 -191, /16 prefix

• Class C, networks 192 -223, /24 prefix

Private IP Addresses

• 10/8 to

• 172.16/12 to

• 169.254/16 to

• 192.168/16 to

TCP: Transmission Control Protocol. This is a connection-oriented and sequenced protocol that ensures the delivery of data. Some well known TCP port numbers include:

20,21 FTP

22 SSH

23 Telnet



110 POP3

1720 H.323

5060 SIP

UDP: User Datagram Protocol. This is a connection-less and un-sequenced protocol.

Virtual Circuit: Provided by connection-oriented networks where a connection is initialized, a virtual circuit is formed, and then data is sent.

VPN: Virtual Private Network. Provide some network tunneling between nodes and forms a virtual circuit. It has two modes, Transport and Tunnel. Transport – only the data/payload is encrypted. Tunnel – the whole IP packet (data and header) is encrypted, into a new IP packet with a new header.


SP3 is a framework for describing Protocols that we use solely in class. In this sections, I’ll cover some of the Protocols I think are important using SP3.

SP3: Guidelines

Service – What service is provided by this technology? For example: is data reliable, sequenced, or unreliable (connectionless), and what combinations of these features exist?

Purpose – What does this technology attempt to solve? For example: addressing, multiplexing, sequencing, error detection/correction, flow control, security, fragmentation and assembly.

Packets – Describe the (header) fields of the packet.

Procedures – What are the procedures to use this technology? For example: connection establishment, capability agreement, and data transfer.

PPP: Point to Point Protocol

Much of this is from lecture notes:

Service – PPP provides a connection-oriented service and, like HDLC, gives the physical layer the appearance of being an error-free link.

Purpose – To deliver the promised level of service, PPP is capable of encapsulating multiple-protocol datagrams, using a link-control-protocol for establishing, configuring, and testing the data-link connections, and using a family of Network Control Protocols (NCPs) for establishing and configuring different network-layer protocols. This provides framing, encapsulation, authentication, among others.

Packet – PPP frames look similar to the ISO HDLC standard. The fields contained are: flag, address, control, protocol, information, FCS, and flag. Each frame begins and ends with a flag field set to 0x7E. The address field is always set to 0xFF and the control byte begins at 0x03. The protocol field declares the type of data/payload is in the information field. The FCS is the frame check sequence used to detect errors in the frame.

Procedures – PPP, a reliable link layer protocol implements the following procedures: link initialization, link data transfer, link termination, and error handling.


Service – HLDC provides a reliable Data Link layer service and as such, it gives the physical layer the appearance of being an error-free link.

Purpose – To deliver the promised level of service, a reliable Data Link level protocol such as HDLC must handle the following problems: Synchronization and framing, data transparency, data transfer, addressing, flow control, error detection, and error correction.


Procedures – HDLC, a reliable link layer protocol implements the following procedures: link initialization, link data transfer, link disconnect, and link error handling.


Much of this is from lecture notes:

Service - 802.3 is an unreliable data link layer local protocol, where each device on a network may transmit data at it’s own discretion. 802.3 uses a logical bus configuration, and is well suited to a network with a light to medium load.

Purpose – 802.3 provides an unreliable level service to the Network layer with no acknowledgements or traffic prioritization. Error detection but not correction is provided with a checksum mechanism.

Packet – Preamble (7), Start of Frame Delimiter (1), Destination Address (6), Source Address (6), Length Field (2), Data (0-1500), Pad (0-46), Checksum/CRC (4)

Procedures – When a node wants to transmit data in 802.3, it listens to the physical cable. If the cable is busy, it waits until it is available and then tries transmitting again. If there is a collision during transmission, both nodes which were sending data immediately stop transmitting and wait a random amount of time before attempting to retransmit.


The Ethernet is very similar to its successor, 802.3, but differs in the packet definition. The Protocol Type of Ethernet was replaced with the Length Field. The Protocol Type can still exist in 802.3 as it is commonly the first bytes in the body.

Packet – Preamble (7), Start of Frame Delimiter (1), Destination Address (6), Source Address (6), Protocol Type (2), Data (0-1500), Pad (0-46), Checksum/CRC (4)

Frame Relay protocol

The following is from lecture notes:

Service - Frame Relay is a simple data link level protocol that provides a method to transfer data (frames) very quickly from one network point to another network point(s). It provides an unreliable service and it is used in networks where the physical layer communications lines are reliable and fast.

Purpose - The Frame Relay protocol is unreliable: it provides error detection but not error correction. It has minimal overhead, provides the address functionality that is required to deliver a frame via the use of a circuit ID called a DLCI, and it provides no flow control. There is very limited congestion control. When problems arise because such techniques are not implemented, frames that cannot be delivered are discarded. As a result of this lack of reliability, upper layer protocols must provide any necessary reliability.

Packet- A Frame Relay packet begins and ends with a flag character (7E hex). After the Beginning Flag character, the next bytes contain Addressing information used to transfer the packet across the link. Specifically, these bytes indicate which virtual circuit (DLCI) to use to route the packet and if the packet is eligible for being discarded (DE bit).

There are also bits to indicate whether or not the network is becoming congested (the Forward Explicit Congestion Notification bit - FECN, and the Backward Explicit Congestion Notification bit –BECN.) The congestion bits are provided for the benefit of the application (i.e., so it may take actions to prevent congestion problems from occurring.) The last two bytes of the packet (prior to the Ending Flag character) contain a Cyclic Redundancy Check (CRC). The remainder of the packet consists of the payload data.

Procedures - There are very few procedural aspects to the Frame Relay protocol. Packets are simply routed in the network via the use of DLCIs (Data Link Connection Identifiers), with each DLCI being configured to reference a specific destination system. Procedures are defined for congestion notification via the use of BECN and FECN bits. Any packet delivery problems have to be dealt with by upper layer protocols or user applications (which are implemented in the Customer Premises Equipment - CPE.)

Internet Protocol

Service – IP is a connectionless, unreliable Network/Internet layer protocol.

Purpose – IP provides an unreliable service to the Transport layer with no acknowledgements or guarantee of delivery. It does so by using the connectionless datagram service. It relies on the Transport layer (UDP/TCP) to define the reliability of the data traffic, sequencing, and any error correction. IP may loose packets and deliver them out of order. Thus, it does not perform sequencing, flow control, and has little use of the IP header checksum field. IP does however have options, addressing, and the capability for fragmentation and reassembly.

Packet – Version, IHL, TOS/IP Precedence, Total Length, Identification, Fragment Offset, Time to Live, Protocol, Header Checksum, Source Address, Destination Address, Options.

Procedures – IP can fragment packets that are too large for the underlying network.


Authenticates and encrypts each IP packet of the data stream. Protects data flow between a pair of hosts.

Packet – The AH Operates on top of IP using IP protocol number 51. Next Header, Payload Length, RESERVED, Security Parameters Index, Sequence Number, Authentication Data (necessary data to authenticate the packet). ESP is also a member. Security Parameters Index, Sequence Number, Payload Data, Padding, Authentication Data.

Procedures -

Internet Key Exchange (IKE) – sets up a security association by handling negotiation of protocols and algorithms and generates the encryption and authentication keys to be used

Authentication Header (AH) – Provides connectionless integrity and data origin authentication for IP datagrams to provide protection against replay attacks

Encapsulating Security Payloud (ESP) – provide confidentiality, data origin authentication, connectionless integrity

ARP: Address Resolution Protocol

Service – ARP provides automatic mapping from IP address to MAC address.

Purpose – Due to routing, it becomes necessary to find the physical interface address when given an IP address. This is because physical addresses only have relevance within local networks and an IP allows packets to be sent across networks. ARP is simply a means of asking for ownership of an IP address.

Packet – The ARP packet has the following fields: Ethernet destination address, Ethernet source address, frame type, hardware type, protocol type, hardware size, protocol size, operation type, sender Ethernet address, sender IP address, target Ethernet address, and target IP address. Notably, the operation type describes whether the packet is an ARP request, ARP reply, RARP request, or RARP reply. The Ethernet destination address, in an ARP request, is the broadcast address.

Procedures – To translate a Network Layer IP address to a Link Layer MAC address, ARP will first look at it’s ARP cache to determine if a translation already exists. Of course, this only takes place if the destination address belongs to the network of the current device. The ARP cache entries typically have some expiration time and thus if an entry is not found, ARP will broadcast an ARP request. This requests asks “if you have this IP address, please respond.” When the owner of the IP address receives the ARP request, it will respond with an ARP reply. Upon receiving the ARP reply, the data can then be added to the ARP cache and a Link Layer frame can be added with the correct physical destination address.

ICMP: Internet Control Messaging Protocol

Service – ICMP, supports IP at the Network layer. It helps communicate error and informational messages, whereas IP is relatively simple in nature and does not.

Purpose – Since IP is unreliable, connectionless, and un-acknowledged; ICMP was created to provide error reporting, diagnostics, and testing. Though, ICMP packets can be lost and discarded themselves.

Packet – ICMP messages transmitted within IP datagram with the following fields: type, code, checksum, and the contents. Type determines what kind of ICMP message it is and code helps specify the type even further. The checksum is calculated from the ICMP header and data.

Procedures – When a packet is inspected at the Network layer, it is possible that some condition may be acted upon and an ICMP message to be generated. This ICMP packet will be sent back to the sender. In a typical case, when a router receives an IP packet with a Time-to-live at zero, it will drop the packet and send back an ICMP message reporting “Time Exceeded.”

UDP: User Data Protocol

Service – UDP is an unreliable Transport layer protocol based similarly to the connectionless, unreliable IP protocol. It allows applications to access the IP with no bells and whistles.

Purpose – UDP provides a datagram-oriented Transport layer protocol. UDP provides no reliability, like IP. There is no guarantee that the datagrams will reach the destination. Thus, it is connectionless and data can be lost and transmission is unreliable. Also, is no flow control, congestion control, and segmentation. That said, UDP provides the capability for multiplexing and de-multiplexing through the use of port numbers.

Packet – Source port number, destination port number, UDP length, UDP checksum, and data. The port numbers are used for multiplexing and de-multiplexing; allowing many applications (and same applications) to use IP for network communication. For the checksum, a pseudo-header is generated with extra information for the calculation. These miscellaneous fields are source IP address, destination IP address, IP protocol field, and UDP length.

Procedures – Like IP, no prior connection is needed. Packets are just sent out with no need for acknowledgement. Thus no connection is needed to be initiated or disconnected. No error handling is used either.

TCP: Transmission Control Protocol

Service – TCP is a reliable Transport layer protocol and provides transport-layer addressing to allow multiple software applications to simultaneously use a single IP address. It allows a pair of devices to establish a virtual connection and then pass data bi-directionally.

Purpose –TCP provides a reliable, connection-oriented service to the application layer. Like UDP, TCP has multiplexing and de-multiplexing indentified with the use of port numbering. The checksum also provides some means error detection. The sequence number is used to identify each byte, providing data reliability. Flow Control uses the sliding-window algorithm to establish the connection and wait for acknowledgments. There is also congestion control that uses the Slow Start algorithm to prevent a device from overloading the network links.

Packet – Source Port, Destination Port, Sequence Number, Acknowledgement, (Offset/Reserved/ECN/ControlBits), Window, Checksum, Urgent Pointer, Options, Payload.

Procedures – TCP protocol operations may be divided into three phases. Connections must be properly established in a multi-step handshake process (connection establishment) before entering the data transfer phase. After data transmission is completed, the connection termination closes established virtual circuits and releases all allocated resources.

RTP: Real-time Transport Protocol

Service – RTP provides an unreliable but sequenced service to transmit data. It is unreliable for timeliness and sequenced to make sure data arrives in order. Data that is not in order is dropped.

Purpose – UDP and TCP do not meet the demands of Real-Time data. Data needs to arrive in order as fast as possible.

Packet – Version, Padding, Extension, CSRC Count, Marker, Payload Type (Type of Audo/Video and encryption), Sequence Number, Timestamp, SSRC (Synchronization Source), CSRC (Contribution Source).

Procedures – RTP provides end-to-end network transport functions suitable for applications transmitting real-time data, such as audio, video or simulation data, over multicast or unicast network services. RTP does not address resource reservation and does not guarantee quality-of-service for real-time services. The data transport is augmented by a control protocol (RTCP) to allow monitoring of the data delivery in a manner scalable to large multicast networks, and to provide minimal control and identification functionality. RTP and RTCP are designed to be independent of the underlying transport and network layers.

DNS: Domain Name System

Service – A service that uses a hierarchy of Name Servers to determine the IP Address for a human-readable URI.

Purpose – IP addresses are necessary to send data over the Internet. However it is more common for humans to remember readable names. Thus DNS provides a way to convert these names into IP addresses.

Packet – Indentification, QR, Opcode, (Many other single bit fields), Total Questions, Total Answer RRs (Resource Records), Total Authority RRs, Total Additional RRs, Questions, Answer RRs, Authority RRs, Additional RRs.

Procedures – Every machine connected to the Internet should have a local DNS server. Whenever someone attempts to hit some public domain, the request first heads to the local DNS. If the record is not cache, then it goes through a process of questioning the Root Name Servers, to a TLD Name Server, and eventually to the Name Server that contains the record which is being looked up.

QOS: Quality of Service

Service - To provide some guarantee of network performance for some given application.

Purpose – With Real-Time data, it may be necessary to allot some portion of the network to a particular application. Issues that occur in networks relate to: bandwidth, delay, jitter, error rate, etc.

Packet – Using the differentiated services code point (DSCP) markings in IP, DiffServ can indicate:

• Codepoint = 000000 Best effort (Standard Packet)

• Codepoint = 101110 Expedited Forwarding (EF) – strict low latency queue

Procedure – A few things can be done to provide QoS. One method includes increasing bandwidth. However, it is common to mark the packet using some specific criteria (DiffServ). Then each router will examine the packet to determine how to handle it. In this case, all routers in a network with QoS must be using DiffServ for this to work.

SMTP: Simple Mail Transfer Protocol

Service – Provides a text-based way to send electronic mail.

Purpose – SMTP is a relatively simple, text-based protocol, in which a mail sender communicates with a mail receiver by issuing simple command strings and supplying necessary data over a reliable ordered data stream channel, typically a Transmission Control Protocol (TCP) connection.

Packet – SMTP uses a series of commands. HELO, MAIL FROM, RCPT TO, DATA (headers and body), QUIT.

Procedure – After the message sender (SMTP client) establishes a reliable communications channel to the message receiver (SMTP server), the session is opened with a greeting by the server, usually containing its fully qualified domain name, in this case The client initiates its dialog by responding with a HELO command identifying itself in the command's parameter. With the rest of the commands, the sender can construct an e-mail message to store on the recipients mail server.

SIP: Session Initiation Protocol

Service - SIP is primarily used in setting up and tearing down voice or video calls. It has also found applications in messaging applications, such as instant messaging, and event subscription and notification.

Purpose - A motivating goal for SIP was to provide a signaling and call setup protocol for IP-based communications that can support a superset of the call processing functions and features present in the public switched telephone network (PSTN). SIP by itself does not define these features; rather, its focus is call-setup and signaling. However, it was designed to enable the construction of functionalities of network elements designated proxy servers and user agents. These are features that permit familiar telephone-like operations: dialing a number, causing a phone to ring, hearing ringback tones or a busy signal.

Packet - It is a text-based protocol, incorporating many elements of the Hypertext Transfer Protocol (HTTP) and the Simple Mail Transfer Protocol (SMTP), allowing for direct inspection by administrators. Commands include:

• REGISTER: Notify current IP address and the URLs to receive calls.

• INVITE: Used to establish a media session between user agents.

• ACK: Confirms reliable message exchanges.

• CANCEL: Terminates a pending request.

• BYE: Terminates a session between two users in a conference.

• OPTIONS: Requests information about the capabilities of a caller

Procedure - SIP employs design elements similar to HTTP-like request/response transaction model. Each transaction consists of a client request that invokes a particular method or function on the server and at least one response. SIP reuses most of the header fields, encoding rules and status codes of HTTP, providing a readable text-based format.

SIP typically relies on a Proxy server to help establish a connection with a remote user. A proxy server "is an intermediary entity that acts as both a server and a client for the purpose of making requests on behalf of other clients. A proxy server primarily plays the role of routing, which means its job is to ensure that a request is sent to another entity "closer" to the targeted user. Proxies are also useful for enforcing policy (for example, making sure a user is allowed to make a call). A proxy interprets, and, if necessary, rewrites specific parts of a request message before forwarding it." "A registrar is a server that accepts REGISTER requests and places the information it receives in those requests into the location service for the domain it handles." "A redirect server is a user agent server that generates 3xx responses to requests it receives, directing the client to contact an alternate set of URIs. The redirect server allows SIP Proxy Servers to direct SIP session invitations to external domains."

Questions from Review

T/F The IETF runs the Internet and its networks.

This is not quite a T/F question. Yes and No. The IETF produces technical documents that influence how people design, use, and manage the Internet. They do not however run the Internet. Many parties are involved in the distinction of managing the Internet.

Describe the 7-Layer OSI Model:

Layer 1 is the Physical Layer. At this layer, data is physically moved across a network encoded as electronic signals. Here the specifications for the hardware, encoding/decoding, signaling, and transmission/reception are defined.

Layer 2 is the Data Link Layer that is responsible for data that is transmitted between local devices. Error detection and error handling, logical link control (LLC), media access control (MAC), and addressing are important here. LLC allows this layer to abstract the defining physical network below it. MAC provides the capability for multiple machines to share a single resource. Additionally, MAC addresses are assigned as globally unique 48-bit numbers.

Layer 3 is the Network Layer which defines network boundaries and how they can be interconnected. The key protocol at this layer is the Internet Protocol (IP), commonly referred to as the backbone of the Internet. Important services at this layer are IP addressing, fragmentation and reassembly, error handling, and routing. The IP address differs from the MAC address and is independent of hardware. However, it must be unique at the network level and has two important parts: the network id and the host id. Fragmentation and reassembly allows this layer to split up packets that are too large for the link layer. Also, routing, determining where and how to send incoming packets, occurs at this level by inspecting the IP address.

Layer 4 is the Transport Layer. TCP and UDP are the main protocols that operate at this layer. Connection-oriented and connectionless services are offered in addition to keeping track of the connections software programs are using through ports. Like the network layer, data can be fragmented here through the process of segmentation. Moreover, important features include flow control, congestion control, and multiplexing and de-multiplexing.

Layer 5 is the Session Layer. Its purpose is to establish and control sessions between software.

Layer 6 is the Presentation Layer provides the capability to translate, compress, and encrypt software data.

Layer 7, the Application Layer, makes use of all layers below it and provides the capabilities that a user or system need on the network. There are many protocols that exist at this layer (FTP, HTTP, DHCP, NNTP, IRC, etc).

Describe the 5-Layer TCP/IP Model:

Similar to the OSI model, we have the Physical, Link (network interface), Network (Internet), Transport, and Application layers. From the bottom up:

The Physical Layer is responsible for transmitting the data over the network encoded as electronic signals.

The Link Layer handles the communication of data among local networks. Ethernet and the 802 protocols are commonly used at this layer.

At the Network Layer we have the IP protocol as well as ICMP, among others. This layer is responsible for routing and defining network boundaries.

The Transport Layer helps manage data communication across networks. It can do so with the TCP (reliable) and UDP (unreliable) protocols.

The Application Layer includes many application protocols that allow users and systems to use the network as a resource.

Describe how routers manage the water sprinklers at Fenway Park.

Personally, I do not know much about the sprinkler system at the Stadiums around the US. In this day and age though, I could imagine there being some central system that controls many of the day-to-day operations. One such program may be in charge of running the sprinkler system for a set period of time.

For the sake of the question, let this system be placed in some control room that’s off limits to most employees. There were concerns that the machine running the software could be tampered with so management wanted it to be locked away safely in some server room.

However, the job of the groundskeeper is to occasionally access this software to ensure that the field is in exceptional playing condition. The network administrator allows him to access the software through a remote and water-proof laptop. This laptop can connect wirelessly to a private wireless connection within the stadium.

To access the program, the groundskeeper can use an Internet Browser to open up the link that displays the controls of the sprinkler system (with the correct credentials of course). Thus, when doing so, the laptop is communicating with some wireless router which then itself communicates to the network in which the server resides.

Describe how video traffic is carried on the Internet.

Like voice traffic, video places an emphasis on timeliness over reliability -- as a reliable service can introduce delay. Real-Time Transport Protocol (RTP), defined at the Application Layer, was introduced to help stream media over networks. Since reliability is not of the upmost important, an UDP/IP datagram is used with RTP. UDP, unlike TCP, is un-reliable and is not subjected to Flow and Congestion Control.

Thus, when video is streamed out to users, we assume the following: that the sender is capturing and compressing the data, and generating the RTP packets. The software will determine how many frames, at which rate, and what the size of the transfer will be. Larger frames will traverse several packets where smaller frames can be squeezed into a single RTP frame.

The client’s application will receive the data in some buffer, with the capability of reordering packets that arrive out of order. Depending on the application, some algorithm may be used to delay playback unless a reliable stream can be viewed. Based on the amount of packet loss and jitter (packets arriving at differing intervals), a steady and clear playback experience may be possible after waiting for enough data to arrive.

How are routers involved with Harvard’s parking meters?

With the new pay-station meters around the Harvard, it is very likely that the meters are connected to the Internet or some private network. I would assume that the meters within close proximity to each other, perhaps all in Cambridge, share a common local network. Let’s assume that they are connected in a very simple manner using Ethernet switches.

Now there are two main reasons I see these meters connected to the Internet. One is for credit card validation and the other is for remote administration and reporting. Let us also assume that the meters run some stripped down Operation System that allows it do to this. Hence, the local network home to the meters must contain some Network Router. The OS running on the meters must also be aware of this router, and the interface, which connects to this network, will be considered the gateway. This router will then be connected to some ISP (Internet Service Provider) through another interface to allow data to travel remotely.

Thus, when a user uses the pay-station to purchase a 2-hour parking receipt, the meter will read the user’s credit card information and validate it with some on-line service. To reach the on-line service, the meter send traffic through it’s local router, to reach the ISP’s router, and through some interworking until it reaches the destination. The service will respond and perhaps ask for some credentials or the credit information. In turn, the meter can send the data over and eventually expect some verification.

Additionally, it would be useful for the county/police station to be able to monitor the meters. Take for instance a case where a reckless driver crashes into a meter. The meter may be able to send out message that travels to the local police station’s command center. Without routing and being able to connect to the Internet, it would take much longer for such an example to be noticed.

What are some differences between H323 and SIP?


The biggest difference that I can tell is that SIP is better suited for the Internet and Internet developers. H.323 is better suited for Telephony Companies where more control is necessary.

  1. gravatar

    # by Andrew - January 6, 2010 at 3:52 PM


    How you doing? I'm taking 131b in Spring 2010. Can you pass me the "Reading Assignments" for Fall 2009 so i can hit the road running?



  2. gravatar

    # by Jiangbo Tang - January 10, 2013 at 3:02 PM

    Hi Donnie,

    I am taking 131B this coming spring term starting on Jan. 28th. If you don't mind I would like to ask you a few questions.

    I am reading the txt book by Larry Peterson and Bruce Davie. I am generally Okish understanding the content, but I have no idea of the implementation code in the book. So my question is, is it necessary to plow through a 600 page C programming book for this course. I need get at least B for this course.

    btw, was Len Evenchik the lecture when you took the course?

    Thanks a lot,