Homework must be completed individually. You must submit your answers electronically in Canvas (as a PDF attachment). I suggest that you complete Parts A and C before attempting Project 1.
Complete the Introductory Wireshark Lab and answer questions 1-3 on the last page:
For Mac Users, please use this file (screen shots are taken from my MacBook, might be helpful):
00 Wireshark_Intro_v7.0_Mac.pdf
1) Why is voice communication better suited to a circuit-switched network (than to a packet-switched network)?
2) Why is web browsing better suited to a packet-switched network (as compared to a circuit-switched network)?
3) Give two reasons why an Internet packet might not reach its destination.
4) Let's say that I have paid an ISP for 10Mbps (megabit per second) Internet service for my home. My home network is very simple, it's just one desktop computer plugged directly into the (DSL or cable) modem. Let's say I enjoy watching movies through Netflix. The movie "Some Like it Hot" (1959) is 121 minutes long and let's imagine that it has been encoded by Netflix in three different quality levels. The 4K-resolution version is a total of 13 GBytes, the HD-resolution version is 6GBytes and the SD-resolution version is just 2GByte. What's the highest quality version of the movie that I can "stream" with the 10Mbps connection? In other words, which file can be downloaded in less than the time it takes to play the movie?
5) In my office on campus, my computer plugs into a 100Mbps Ethernet jack. Let's say that Northwestern University's entire Evanston campus shares a 10Gbps fiber optic connection to a Tier-1 ISP. If we divide this bandwidth among the 10,000 active computer users on campus, we find that each computer should get a 1Mbps "share" of the total. However, my experience is that the Internet on campus is much, much faster than my home Internet service, which has a dedicated 10Mbps all for myself. How do you explain this paradox?
6) Let's say that I have paid an ISP for 100Mbps (megabit per second) Internet service for my home. This is very fast for a home Internet connection in the USA. However, I find that certain simple websites load slowly.
a) give a possible reason for slowness that would be the fault of my ISP.
b) give a different reason for this slowness that cannot be fixed by my ISP.
7) Find a recent RFC published and briefly explain the problem that it aims to solve (https://www.rfc-editor.org/rfc-index-100d.html).
8) Run the following unix command from a machine on campus (for example, you can run it on moore.wot.eecs.northwestern.edu):
$ ping -c 100 129.105.0.1
This will send a simple message (called an ICMP ping) to a Northwestern router and report back the time it took to get a response. Plot the distribution of 100 observed ping times as a Cumulative Distribution Function (CDF).
Hint: you can generate a CDF in Excel or Google Sheets by sorting the data, adding a second column with the position of this data point in the distribution (an evenly distributed set of values from 0 to 100%) and then creating a scatter plot.
Complete the second Wireshark Lab, and answer all questions (1-19):
Compete the third Wireshark lab, and answer all questions (1-21). Mac users can follow the Unix instructions using Terminal.app:
1) Please review Chapter 14 on the DNS protocol in TCP/IP Illustrated Volume 1. Figure 14.3 shows the structure of a DNS request packet and Figure 14.11 shows an example response.
a) When parsing such a packet, how do we know where the "query name" ends?
b) Let's assume that the following domain exists: madeupdomain340.com. If we ran "nslookup madeupdomain340.com" to query for an A record for that domain, how many bytes long would you expect the DNS response message to be. We assume the response has:
2) The audio packets in Voice-over-IP telephone conversations are often sent with UDP rather than TCP. Why is that?
3) When and why are persistent HTTP connections used?
4) SMTP is a stateful protocol. Briefly, how could the protocol to change to make it stateless?
5) What is the difference between navigating your web browser to "northwestern.edu" versus "www.northwestern.edu". Name two different ways in which the website operator can make both of those addresses lead to the same web content. (HINT: one option involves DNS and the other involves HTTP).
6) Let's say I'm running a very important website, like memegenerator.net. I don't want service to ever be interrupted even for a few seconds, but there are times when I need to replace or reboot the web server(s). How can I use DNS to keep the website running continuously, even during maintenance periods?
7) Similar to the above, how can I use DNS to run a website like google.com that gets way more traffic than any one web server (IP address) can handle on its own?