Thursday, February 5, 2009

Internet Technologies and Tools - Internet Infrastructure

2. Internet Infrastructure

2. a) Explain Satellite technology for communication across large distances. [8]
Satellite Microwave
• Satellite is relay station
• Satellite receives on one frequency, amplifies or repeats signal and transmits on another frequency
• Requires geo-stationary orbit
o Height of 35,784km
• Television
• Long distance telephone
• Private business networks
b) State the advantages and disadvantages of satellite microwave and optical fiber transmission. [10]
Microwave Advantages and Disadvantages
• No cables needed
• Multiple channels available
• Wide bandwidth
• Coverage over a large geographical area
• Can be cheaper over long distances
• Line-of-sight will be disrupted if any obstacle, such as new buildings, are in the way
• Signal absorption by the atmosphere. Microwaves suffer from attenuation due to atmospheric conditions. Noise and interference
• Towers are expensive to build. Huge initial cost
• Propagation delay
1.What are optical fibers? Write at least four advantages of fibers over conventional metal wires [4]

Compared to conventional metal wire (copper wire), optical fibers are:
• Less cost - Several miles of optical cable can be made cheaper than equivalent lengths of copper wire. This saves your provider (cable TV, Internet) and you money.
• Smaller-Thinner - Optical fibers can be drawn to smaller diameters than copper wire.
• Higher carrying capacity - Because optical fibers are thinner than copper wires, more fibers can be bundled into a given-diameter cable than copper wires. This allows more phone lines to go over the same cable or more channels to come through the cable into your cable TV box.
• Less signal degradation - The loss of signal in optical fiber is less than in copper wire.
• Light signals - Unlike electrical signals in copper wires, light signals from one fiber do not interfere with those of other fibers in the same cable. This means clearer phone conversations or TV reception.
• Low power Requirement - Because signals in optical fibers degrade less, lower-power transmitters can be used instead of the highvoltage electrical transmitters needed for copper wires. Again, this saves your provider and you money.
Digital signals - Optical fibers are ideally suited for carrying digital information, which is especially useful in computer networks.
• Non-flammable - Because no electricity is passed through optical fibers, there is no fire hazard.
• Lightweight - An optical cable weighs less than a comparable copper wire cable. Fiber-optic cables take up less space in the ground.
Flexible - Because fiber optics are so flexible and can transmit and receive light, they are used in many flexible digital cameras for the following purposes: Mechanical imaging –imaging - in bronchoscopes, endoscopes, laparoscopes inspecting mechanical welds in pipes and engines (in airplanes, rockets, space Plumbing - to inspect sewer lines Because of these shuttles, cars)

July-2005 [4]
f) What media can be used for noise resistance? Briefly state its other advantages. [4]

January-2006 [6]
b) Discuss the following techniques to ensure the data against accidental damage:
i) parity bits
A parity bit is a bit that is added to ensure that the number of bits with value of one in a given set of bits is always even or odd. Parity bits are used as the simplest error detecting code.
As for binary digits, there are two variants of parity bits: even parity bit and odd parity bit. An even parity bit is set to 1 if the number of ones in a given set of bits is odd (making the total number of ones, including the parity bit, even). An odd parity bit is set to 1 if the number of ones in a given set of bits is even (making the total number of ones, including the parity bit, odd). Even parity is actually a special case of a cyclic redundancy check (CRC), where the 1-bit CRC is generated by the polynomial x+1.
If the parity bit is present but not used, it may be referred to as mark parity, where the parity bit is always 1, or as space parity, where the bit is always 0. Therefore, parity bit is an error detecting code, but is not an error correcting code as there is no way to determine which particular bit is corrupted. The data must be discarded entirely, and re-transmitted from scratch.
There is a limitation to parity schemes. A parity bit is only guaranteed to detect an odd number of bit errors. If an even number of bits have errors, the parity bit records the correct number of ones, even though the data is corrupt.

ii) Checksum

A checksum is a form of redundancy check, a simple way to protect the integrity of data by detecting errors in data that are sent through space (telecommunications) or stored for some time. It works by adding up the basic components of a message, typically the assorted bits, and storing the resulting value. Anyone can later perform the same operation on the data, compare the result to the authentic checksum, and (assuming that the sums match) conclude that the message was most likely not corrupted.
An example of a simple checksum:
• Given 4 bytes of data (can be done with any number of bytes): 0x25, 0x62, 0x3F, 0x52
• Step 1: Adding all bytes together gives 0x118.
• Step 2: Drop the carry nibble to give you 0x18.
• Step 3: Get the two's complement of the 0x18 to get 0xE8. This is the checksum byte.
• Step 4: To test the checksum byte simply add it to the original group of bytes. This should give you 0x100.
• Step 5: Drop the carry nibble again giving 0x00. Since it is 0x00, this means no error was detected (although an undetectable error could have occurred). The simplest form of checksum, which simply adds up the asserted bits in the data, cannot detect a number of types of errors. Such a checksum, for example, is not changed by:
• Reordering of the bytes in the message.
• Inserting or deleting zero-valued bytes.
• Multiple errors which sum to zero.
These types of redundancy check are useful in detecting accidental modification such as corruption to stored data or errors in a communication channel.

iii) Cyclic redundancy Checks [6]
cyclic redundancy check (CRC) is a type of function that takes as input a data stream of any length, and produces as output a value of a certain space, commonly a 32-bit integer. A CRC can be used as a checksum to detect accidental alteration of data during transmission or storage. CRCs are popular because they are simple to implement in binary hardware, are easy to analyze mathematically.
A CRC is an error-detecting code. Its computation resembles a long division operation in which the quotient is discarded and the remainder becomes the result, with the important distinction that the arithmetic used is the carry-less arithmetic of a finite field. The length of the remainder is always less than or equal to the length of the divisor, which therefore determines how long the result can be. The definition of a particular CRC specifies the divisor to be used, among other things.
An important reason for the popularity of CRCs for detecting the accidental alteration of data is their efficiency guarantee. Typically, an n-bit CRC, applied to a data block of arbitrary length, will detect any single error burst not longer than n bits (in other words, any single alteration that spans no more than n bits of the data), and will detect a fraction 1-2-n of all longer error bursts. Errors in both data transmission channels and magnetic storage media tend to be distributed non-randomly (i.e. are "bursty"), making CRCs' properties more useful t han alternative schemes such as multiple parity checks.
To compute an n-bit binary CRC, line the bits representing the input in a row, and position the (n+1)-bit pattern representing the CRC's divisor (called a "polynomial") underneath the left-hand end of the row. Here is the first calculation for computing a 3-bit CRC:
11010011101100 <--- Input
1011 <--- divisor (4 Bits)
01100011101100 <--- result
If the input bit above the leftmost divisor bit is 0, do nothing and move the divisor to the right by one bit. If the input bit above the leftmost divisor bit is 1, the divisor is exclusive-ORed into the input (in other words, the input bit above each 1-bit in the divisor is toggled). The divisor is then shifted one bit to the right, and the process is repeated until the divisor reaches the right-hand end of the input row. Here is the last calculation:
00000000001110 <--- result of multiplication calculation
1011 <--- divisor
00000000000101 <--- remainder (3 bits)
Since the leftmost divisor bit zeroed every input bit it touched, when this process ends the only bits in the input row that can be nonzero are the n bits at the right-hand end of the row. These n bits are the remainder of the division step, and will also be the value of the CRC function (unless the chosen CRC specification calls for some postprocessing).

a) What are the types of wireless networks? [6]

Types of Wireless Networks and Usage
There are three primary usage scenarios for wireless connectivity.
• Wireless Personal Area Networking (WPAN)
• Wireless Local Area Networking (WLAN)
Wireless Wide Area Networking (WWAN)
WPAN describes an application of wireless technology that is intended to address usage scenarios that are inherently personal in nature. The emphasis is on instant connectivity between devices that manage personal data or which facilitate data sharing between small groups of individuals. An example might be synchronizing data between a PDA and a desktop computer. Or another example might be spontaneous sharing of a document between two or more individuals. The nature of these types of data sharing scenarios is that they are ad hoc and often spontaneous. Wireless communication adds value for these types of usage models by reducing complexity (i.e. eliminates the need for cables).
WLAN on the other is more focused on organizational connectivity not unlike wire based LAN connections. The intent of WLAN technologies is to provide members of workgroups access to corporate network resources be it shared data, shared applications or e-mail but do so in way that does not inhibit a user’s mobility. The emphasis is on a permanence of the wireless connection within a defined region like an office building or campus. This implies that there are wireless access points that define a finite region of coverage.
Whereas WLAN addresses connectivity within a defined region, WWAN addresses the need to stay connected while traveling outside this boundary. Today, cellular technologies enable wireless computer connectivity either via a cable to a cellular telephone or through PC Card cellular modems. The need being addressed by WWAN is the need to stay in touch with business critical communications while traveling.

b) What are EAP, LEAP, PEAP and EAP-TLS & EAP-TTLS? [6]

EAP-TLS (Extensible Authentication Protocol - Transport Layer Security) was created by Microsoft and accepted by the IETF as RFC 2716: PPP EAP TLS Authentication Protocol.. EAP-TLS is the de facto standard for authentication in 802.11i wireless LANs.
Protected Extensible Authentication Protocol, Protected EAP, or simply PEAP (pronounced "peep"), is a method to securely transmit authentication information, including passwords, over wired or wireless networks. It was jointly developed by Cisco Systems, Microsoft, and RSA Security. Note that PEAP is not an encryption protocol; as with other EAP types it only authenticates a client into a network.
PEAP uses server-side public key certificates to authenticate the server. It then creates an encrypted SSL/TLS tunnel between the client and the authentication server. The ensuing exchange of authentication information to authenticate the client is then encrypted and user credentials are safe from eavesdropping.
PEAP is a joint proposal by Cisco Systems, Microsoft and RSA Security as an open standard. It is already widely available in products, and provides very good security. It is similar in design to EAP-TTLS, requiring only a server-side PKI certificate to create a secure TLS tunnel to protect user authentication.
Tunneled Transport Layer Security (EAP-TTLS) is a proprietary protocol which was developed by Funk Software and Certicom, and is supported by Agere Systems, Proxim, and Avaya .
EAP-TTLS is being considered by the IETF as a new standard. The addition of EAP-TTLS to a wireless LAN protocol standard would enable wireless LANs to communicate securely without the use of encryption certificates.
PEAP and EAP-TTLS make it possible to authenticate wireless LAN clients without requiring them to have certificates.
PEAP and EAP-TTLS both utilize Transport Layer Security (TLS) to set up an end-to-end tunnel to transfer the user's credentials without having to use a certificate on the client
Extensible Authentication Protocol, or EAP, is a universal authentication framework frequently used in wireless networks and Point-to-Point connections Although the EAP protocol is not limited to wireless LANs and can be used for wired LAN authentication, it is most often used in wireless LANs. Recently, the WPA and WPA2 standard has officially adopted five EAP types as its official authentication mechanisms.
EAP is an authentication framework, not a specific authentication mechanism. EAP is not a wire protocol; instead it only defines message formats. Each protocol that uses EAP defines a way to encapsulate EAP messages within that protocol's messages. In the case of 802.1X, this encapsulation is called EAPOL, "EAP over LANs".
The Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server). LEAP allows for clients to reauthenticate frequently; upon each successful authentication, the clients acquire a new WEP key (with the hope that the WEP keys don't live long enough to be cracked).
Some 3rd party vendors also support LEAP through the Cisco Compatible Extensions Program

5.a) How does a router differ from a bridge? [6]

. Bridge connects two pieces of land together offering a path from one to another. Networks also can have bridges - they connect two networks making each accessable to the other. Bridges can be used to connect two different types of networks but are usually used to separate one large network into two smaller networks for performance purposes. A bridge knows all of the addresses on each side of the bridge and can send information accordingly.

Router is an intelligent bridge for large networks. A router can listen to the traffic on the entire network and determine the least congested route to its destination. Gateway gateway is used to connect different types or the same types of networks together. They can translate the different formats

a) Briefly discuss major wireless networking standards. [10]
Standard Data Rate Modulation Scheme Security Pros/Cons & More Info
IEEE 802.11
Up to 2Mbps in the 2.4GHz band FHSS or DSSS
This specification has been extended into 802.11b.
IEEE 802.11a
Up to 54Mbps in the 5GHz band OFDM
Products that adhere to this standard are considered "Wi-Fi Certified." Eight available channels. Less potential for RF interference than 802.11b and 802.11g. Better than 802.11b at supporting multimedia voice, video and large-image applications in densely populated user environments. Relatively shorter range than 802.11b. Not interoperable with 802.11b.
IEEE 802.11b
Up to 11Mbps in the 2.4GHz band DSSS with CCK
Products that adhere to this standard are considered "Wi-Fi Certified." Not interoperable with 802.11a. Requires fewer access points than 802.11a for coverage of large areas. Offers high-speed access to data at up to 300 feet from base station. 14 channels available in the 2.4GHz band (only 11 of which can be used in the U.S. due to FCC regulations) with only three non-overlapping channels.
IEEE 802.11g
Up to 54Mbps in the 2.4GHz band OFDM above 20Mbps, DSSS with CCK below 20Mbps WEP & WPA
Products that adhere to this standard are considered "Wi-Fi Certified." May replace 802.11b. Improved security enhancements over 802.11. Compatible with 802.11b. 14 channels available in the 2.4GHz band (only 11 of which can be used in the U.S. due to FCC regulations) with only three non-overlapping channels.
(WiMAX) Specifies WiMAX in the 10 to 66 GHz range OFDM
DES3 and AES Commonly referred to as WiMAX or less commonly as WirelessMAN or the Air Interface Standard, IEEE 802.16 is a specification for fixed broadband wireless metropolitan access networks (MANs)
(WiMAX) Added support for the 2 to 11 GHz range. OFDM
DES3 and AES Commonly referred to as WiMAX or less commonly as WirelessMAN or the Air Interface Standard, IEEE 802.16 is a specification for fixed broadband wireless metropolitan access networks (MANs)
Up to 2Mbps in the 2.45GHz band FHSS
No native support for IP, so it does not support TCP/IP and wireless LAN applications well. Not originally created to support wireless LANs. Best suited for connecting PDAs, cell phones and PCs in short intervals.
Up to 10Mbps in the 2.4GHZ band FHSS
Independent network IP addresses for each network. Data is sent with a 56-bit encryption algorithm.
Note: HomeRF is no longer being supported by any vendors or working groups. Intended for use in homes, not enterprises. Range is only 150 feet from base station. Relatively inexpensive to set up and maintain. Voice quality is always good because it continuously reserves a chunk of bandwidth for voice services. Responds well to interference because of frequency-hopping modulation.
HiperLAN/1 (Europe)
Up to 20Mbps in the 5GHz band CSMA/CA
Per-session encryption and individual authentication. Only in Europe. HiperLAN is totally ad-hoc, requiring no configuration and no central controller. Doesn't provide real isochronous services. Relatively expensive to operate and maintain. No guarantee of bandwidth.
HiperLAN/2 (Europe)
Up to 54Mbps in the 5GHz band OFDM
Strong security features with support for individual authentication and per-session encryption keys. Only in Europe. Designed to carry ATM cells, IP packets, Firewire packets (IEEE 1394) and digital voice (from cellular phones). Better quality of service than HiperLAN/1 and guarantees bandwidth.
OpenAir Pre-802.11 protocol, using Frequency Hopping and 0.8 and 1.6 Mb/s bit rate CSMA/CA with MAC retransmissions OpenAir doesn't implement any encryption at the MAC layer, but generates Network ID based on a password (Security ID) OpenAir is the proprietary protocol from Proxim. All OpenAir products are based on Proxim's module

b) Which switching technique performs error checking on the first 64 bytes of the frame? What are different processing methods used by switches to make switching decisions?[6]

LAN switches are characterized by the forwarding method that they support, such as a store-and-forward switch, cut-through switch, or fragment-free switch. In the store-and-forward switching method, error checking is performed against the frame, and any frame with errors is discarded. With the cut-through switching method, no error checking is performed against the frame, which makes forwarding the frame through the switch faster than store-and-forward switches.
Store-and-Forward Switching
Store-and-forward switching means that the LAN switch copies each complete frame into the switch memory buffers and computes a cyclic redundancy check (CRC) for errors. CRC is an error-checking method that uses a mathematical formula, based on the number of bits (1s) in the frame, to determine whether the received frame is errored. If a CRC error is found, the frame is discarded. If the frame is error free, the switch forwards the frame out the appropriate interface port. An Ethernet frame is discarded if it is smaller than 64 bytes in length, a runt, or if the frame is larger than 1518 bytes in length, a giant.