HW2

 

1.                a.     E’net(DMAC, SMAC, E’type);  Indeterminate because this frame does not specify a higher layer protocol. Because each higher protocol has a specific kind of header we can go no further here)

 

c.        E’net(DMAC = FF-FF-FF-FF-FF-FF, SMAC, 0x806 – points to ARP/RARP);  ARP (SMAC, Source IP, Target MAC = 00-00-00-00-00-00, Target IP); Because ARP is a request for a MAC address, it must be sent to all local hosts.  Therefore, it must be destined to the MAC B’cast address.

 

d.        E’net(DMAC, SMAC, 0x800 – points to IP);  No further headers appear after this point for this branch because no higher layer protocols are specified and further headers vary depending on the next layer protocol.

 

e.        E’net(DMAC, SMAC, 0x800 – points to IP);  IP(Source IP, Destination IP, protocol 0x01 – points to ICMP); ICMP(type, code)

 

f.         E’net(DMAC, SMAC, 0x800 – points to IP);  IP(Source IP, Destination IP, protocol 0x06 – points to TCP); TCP(Source Port, Destination port);   The ports cannot be specified at this point because this packet does not point to a specific higher layer protocol, however, every TCP segment must have a TCP header.  However, every TCP segment does have a TCP header.

 

g.        E’net(DMAC, SMAC, 0x800 – points to IP);  IP(Source IP, Destination IP, protocol 0x06 – points to TCP);  TCP(Source Port, Destination port = 23/0x17 – points to the standard telnet);  A telnet session must access the server at port 23.

 

 

h.        E’net(DMAC, SMAC, 0x800 – points to IP);   IP(Source IP, Destination IP, protocol 0x06 – points to TCP); TCP(Source port, Destination port = 21/0x15 – points to the standard FTP service);  An FTP session must access the server at port 21.

 

i.         E’net(DMAC, SMAC, 0x800 – points to IP);   IP(Source IP, Destination IP, protocol 0x06 – points to TCP); TCP(Source port, Destination port = 80/0x50 – points to the standard HTTP service);  An HTTP session request must access the web server via port 80.

 

 

j.         E’net(DMAC, SMAC, 0x800 – points to IP);   IP(Source IP, Destination IP, protocol 0x11 – points to UDP); UDP(Source port, Destination port); The ports cannot be specified at this point because this packet does not point to a specific higher layer protocol, however, every UDP segment must have a UDP header.  However, every UDP segment does have a UDP header.

 

k.        E’net(DMAC, SMAC, 0x800 – points to IP);   IP(Source IP, Destination IP, protocol 0x11 – points to UDP); UDP(Source port, Destination port = 69/0x45 – points to the standard TFTP service port);  A TFTP server must be accessed via port 69.

 

 

l.         E’net(DMAC, SMAC, 0x800 – points to IP);   IP(Source IP, Destination IP, protocol 0x11 – points to UDP); UDP(Source port, Destination port = 161/0xA1 – points to the standard SNMP service port);  An SNMP service session must access the server at port 161.

 

m.      E’net(DMAC, SMAC, 0x800 – points to IP);   IP(Source IP, Destination IP, protocol 0x11 – points to UDP);  UDP(Source port, Destination port = 53/0x35 – points to the standard DNS service port);  A DNS service session must access the server at port 161.

 

These answers suppose that the frame is a client query.  Note in each of the sessions the source port is established by the client and is unknown until the session starts.  Also the ports listed for the various services are standard ports.  They can usually be modified via the registry, say in MS Windows.  However, only those clients who have been told about the port change will be able to find the service access port.  This may be desirable at first inspection for security reasons.  However, most hacking tools can identify the new port which has been opened and the service that is available from it.  Therefore, changing standard ports is not recommended except for very experienced network engineers.

 

2.             We must be able to select 8 class C network address spaces at a time because the administrator who assigned us our address space said we get 8 contiguous class C-equivalent address spaces to work with.  Because numbering starts at Class C space 0.0 the class B address space will be broken up as follows:

 

a.        172.18.0.0                       b      172.18.8.0                           c.     172.18.16.0                         d.     172.18.24.0         . . . . . .     af.    172.18.248.0

172.18.1.0                               172.18.9.0                                   172.18.17.0                                 172.18.25.0                                 172.18.249.0

172.18.2.0                               172.18.10.0                                 172.18.18.0                                 172.18.26.0                                 172.18.250.0

172.18.3.0                               172.18.11.0                                 172.18.19.0                                 172.18.27.0                                 172.18.251.0

172.18.4.0                               172.18.12.0                                 172.18.20.0                                 172.18.28.0                                 172.18.252.0

172.18.5.0                               172.18.13.0                                 172.18.21.0                                 172.18.29.0                                 172.18.253.0

172.18.6.0                               172.18.14.0                                 172.18.22.0                                 172.18.30.0                                 172.18.254.0

172.18.7.0                               172.18.15.0                                 172.18.23.0                                 172.18.31.0                                 172.18.255.0

b.         

For these possible groups of Class C-equivalent address spaces, taken 8 at a time, we now see that 172.18.10.5 is in the group b.  Using the hint from the assignment, one can take the value of 2^8 = 256, subtract the aggregation number, 8, and obtain the last octet of the subnet mask of 248:

 

                                                256 – 8  = 248

 

Therefore, the subnet mask will be 255.255.248.0.  We can also verify this by using the bit patterns of the address in group b, and remembering that the subnet mask will screen all bits that are constant for the group of networks:

 

172.18.8.0               -               1010 1100.0001 0010.0000 1000.8 host address bits

172.18.9.0                       -               1010 1100.0001 0010.0000 1000. 8 host address bits

172.18.10.0                    -               1010 1100.0001 0010.0000 1000. 8 host address bits

172.18.11.0                                  1010 1100.0001 0010.0000 1000. 8 host address bits

172.18.12.0                                  1010 1100.0001 0010.0000 1000. 8 host address bits

172.18.13.0                                  1010 1100.0001 0010.0000 1000. 8 host address bits

172.18.14.0                                  1010 1100.0001 0010.0000 1000. 8 host address bits

172.18.15.0                                  1010 1100.0001 0010.0000 1000. 8 host address bits

 

Constant bits:

                                                1010 1100.0001 0010.0000 1           (the last three bits of the third octet/byte are variable as are the 8 host address bits)

 

a.             Therefore, the subnet mask becomes:

                                                                                                1111 1111.1111 1111.1111 1000.0000 0000      (a 1 in every bit where the address remained constant and a zero where the bits change)

 

In dotted decimal notation it is:

255.255.248.0

 

b.             The network address is always the first address available in a subnet.  For the subnet 172.18.8.0, the first available address is 172.18.8.0 so the network address is 172.18.8.0.

 

c.             The broadcast address for a subnetwork is always the last address in the subnetwork address space.  In this case it will be the last address in the 172.18.15.0 range:  172.18.15.255

 

3.             Again, we know that the CIDR address space will be represented by an address and a network mask.  We know that there are 16 class C networks that will be grouped together, so the first task is to determine the network mask.  Subtract 16, the aggregation number, from 256, the total possible number of networks that can be defined from an 8-bit number, and we obtain the last octet/byte.  256-16 = 240.  Therefore, we know the default class C network mask of 255.255.255.0 must be made smaller and the last octet will become 240 , so the network mask that represents the aggregated group of class C networks must be 255.255.240.0.  Because the binary representation of 240 is 1111 0000, this mask can also be represented as 20 bits of masking (8 bits from the first 255 + 8 bits from the second 255 + 4 bits from 240).

 

If we examine the 218.95.0.0 class C address space after it has been aggregated 16 networks at a time we would see that this represents a set of pseudo networks starting at the following addresses:

 

                218.95.0.0

                218.95.16.0

                218.95.32.0

                218.95.48.0

                .

                .

                .

                218.95.240.0

 

Therefore, the networks we have been assigned start on one of the pseudo-network boundaries so our subnet mask will describe all of our assigned networks.  We would, therefore, advertise the following route:

 

                218.95.16.0/255.255.240.0 or 218.95.16.0/20

 

                4.             a.             109.0.0.0                 class A

                                b.             131.109.0.0             class B

                                c.             12.0.0.0                   class A

                                d.             195.209.254.0         class C

                                e.             192.192.208.0         class C

                                f.              191.192.0.0             class B

                                g.             225.239.245.22       class D (M’cast)

 

                5.             a.             Both are class A addresses with only one byte of network address.  Therefore, they both belong to network 109.0.0.0 so no router is needed

b.             Both hosts use a class B-type of network mask.  Therefore, they both belong to network 109.145.0.0 so no router is needed.

c.             As in problem 5, the network mask selects the class C address spaces from 109.145.16.0 to 109.145.31.0 and bundles them into a single network.  Both hosts belong to the network 109.145.16.0 so no router is needed.

d.             Technically, these two devices are on separate networks because they do not have the same subnet masks so they should not communicate without a router.  However, a bit analysis will show that both address spaces will recognize that they are on the 109.145.16.0 subnet so ARP will work and they will probably communicate, probably even reliably, with one another.  However, on the network as a whole this scenario will result in unreliable communications.  This situation can arise using certain low-end (meaning DSL, not cost-wise) access routers because some will be programmed using dotted decimal network masks and others will use masking bit counts.  A simple error due to distraction can cause communication problems that may be difficult to track.  Either answer accepted.

e.             This is the same problem as number c. except one network mask has been expressed in bit count rather than dotted decimal notation.  No router needed.

f.                     In this case a full class C subnet mask is applied which causes the two hosts to have the network addresses 109.145.16.0 and 109.145.17.0.  Because the network are different they need a router to communicate.

g.             This is the same problem as number f. except one network mask has been expressed in bit count rather than dotted decimal notation.  Router needed.

h.             Here one host is on network 109.145.16.0 (up through 109.145.31.0 using a 20-bit network mask) and the other is on the network 109.145.32.0 (up through 109.145.47.0 using a 20-bit network mask)