Exercise 1: 2-choice slows down the growth of the largest slot that must be used, so it scales better than standard hashing. This is because 2-choice explicitly favors the slot that is less occupied between two randomly selected slots. Exact-match routing/forwarding is used at the edge of the network (e.g., within an Ethernet, when forwarding based on Ethernet MAC addresses) when trying to directly reach a particular destination address. Longest-prefix matching is used in the core of the network when multiple addresses are aggregated into a single prefix to reduce the size of forwarding tables. Exercise 2: Different queuing structures include shared-memory, input-queue, and output-queue. Lec12 discusses the pros and cons of each structure. Head-of-Line blocking occurs when head packets on multiple input ports need the same output port. If one of them is picked, the others will have to wait and are less likely to be picked the more traffic occurs. Section 3.2 of lec12 describes this in more detail. Exercise 3: ALOHA is a link-layer protocol that does not use carrier sense, but instead uses absence of ACKs to detect collisions between transmitting nodes. The optimal transmission probability is 1/n and the resulting utilization is (1-1/n)^(n-1) (n=number of users). This results in utilization of 1/e (Euler's constant) as n => inf. Exercise 4: ALOHA is designed for situations where transmitters cannot know of each others existence - no carrier sense (wifi has this). Wifi differs from Ethernet in that in Wifi users cannot transmit and receive at the same time, but in Ethernet they can. Exercise 5: Modulation: overlay a sequence of quantized voltages on top of a base 'carrier signal'. You can modulate frequency (FM) or amplitude (AM) Signal-to-noise ratio: the ratio of powers of useful information (signal) to random information (noise) in the transmission Checksum: an error-detecting hash algorithm similar to algorithms like md5 or a parity bit. Exercise 6: Wireless bit-rate adaptation is the problem of picking a bit rate to transmit at based on the current characteristics of the wireless medium (i.e., signal-to-noise ratio). SampleRate can be summarized as follows: Send data at the highest packing configuration until packets are dropped (determined by unanswered ACK packets). Alter rate until you dont see 4 successive failures. Now, every 10 packets pick a random configuration with a lower average transmission time. If this works, switch to that configuration. Exercise 7: Metrics include: * startup delay (improve by downloading only part of the file when the user starts watching) * preventing stalls during playback (improve by downloading the whole file at once) * video quality (improve by downloading the whole file at once in the beginning) * variance in video quality (improve by downloading the whole file at once in the beginning) Exercise 8: In a client-server network one defined client asks one defined server who has 100% of a file for the whole file. In a peer-to-peer network, peers (each of whom may have only part of the file) all receive the parts of the file they dont have from other peers who do and upload what they have to those who do not. Exercise 9: A topology with 3k/2 switches with k ports in each will have k leaf switches and k/2 spine switches. The leaf switches use k/2 ports to connect to the spine leaving k/2 ports free per switch, so there would be k*k/2 = (k^2)/2 hosts that could be connected. Exercise 10: SDN introduced: * a standardized and coherent interface between the control and data planes (previous implementations had been highly non-standard) * logical centralization of the control plane (runs control plane logic on servers rather than routers) Exercise 11: TLS guarantees authenticity, confidentiality, and integrity, but does not guarantee privacy. Public-key cryptography works by allowing two users to keep their own private keys and only exchange a 'public' key over a network, so an attacker cannot intercept the means to decrypt their message. Symmetric-key cryptography works by the partners exchanging a single secret key, so it is vulnerable to interception---and hence must be exchanged securely using, for instance, public key encryption. Exercise 12: The main difference is that unlike standard security issues, except in rare cases network surveillance and censorship is conducted by national governments, which have accesses to far more resources than the average adversary. Examples of network censorship can include blocking IPs, blocking protocols (such as Tor), or forcing users to communicate over http instead of https (this happened in Iran several years ago). Exercise 13: * ICMP flood - exhausts network bandwidth * SYN flood (TCP) - exhausts limit on the number of half-open TCP connections with too many fake TCP SYN requests * Fork bomb - exhausts memory and/or compute (opens too many processes) Exercise 14: You can use a DNS server for amplification. To do this, the attacker spoofs the source address on the attacker's DNS request so that the response goes to the victim instead of the attacker. It then issues a small DNS request that elicits a large DNS response; this disparity between request and response leads to amplification: the traffic hitting the victim is amplified relative to the traffic generated by the attacker.