1. What do you mean by RFC? Explain its significance.

The standards for TCP/IP are published in a series of documents called Requests for Comments (RFCs). RFCs describe the internal workings of the Internet. TCP/IP standards are always published as RFCs, although not all RFCs specify standards . Some RFCs provide informational, experimental, or historical information only. An RFC begins as an Internet draft, which is typically developed by one or more authors in an IETF working group. An IETF working group is a group of individua ls that has a specific charter for an area of technology in the TCP/IP protocol suite.

2. Clearly differentiate between PVC and SVC. PVC and SVC are different types of virtual circuits. PVC stands for Permanent Virtu al Circuit and SVC stands for Switched Virtual Circuit. Both PVC and SVC play the mai n role in networks like Frame Relay and X.25. They are also used in ATM machines . To understand their differences, let us first understand what Frame Relay and X.25 networks are. Frame Relay Networks Frame Relay network is a protocol for a data link network. These networks are sp ecially designed for transferring data on WANs or wide area networks. Frame Rela y works on ISDN lines or fiber optics; they offer low latency and corrects error s thus reducing the overhead. The protocol provides cost-effective telecommunica tion which has been adopted by companies to transfer long-distance data. In rece nt times, the popularity of relay networks is diminishing due to the gradual mig ration towards IP or Internet Protocol based solutions. X.25 X.25 network is also a WAN or wide area network protocol. It was adopted by the telecommunication companies and is a standard protocol of CCITT or Consultative Committee for International Telegraph and Telephone. This protocol allows comput ers to communicate via intermediate computer networks even when the computers ar e on various different public networks. PVC (Permanent Virtual Circuit) PVC is a virtual circuit which is available permanently. It is a type of virtual circuit where the end points do not signal the circuit. The virtual circuit val ues are manual. The route through the network, link-by-link is also manual. If t he equipment happens to fail, the PVC also fails, and the physical network has t o re-route. The permanent virtual circuit is an efficient circuit for hosts whic h have to communicate frequently like ATMs. SVC (Switched Virtual Circuit) SVC has to re-establish the connection every time the data has to be sent. It is a circuit established by UNI. It is basically a demand connection; the connecti on is initiated by the user. When the switch fails, the SVC fails, and the conne ction needs to be re-established. 3. Discuss various OPTIONS used by IP. Ans: An IP implementation is not required to be capable of generating options in a datagram. However, all IP implementations are required to be able to process datagrams containing options. The Options field is variable in length (there can be zero or more options). There are two option formats. The format for each is dependent on the value of the option number found in the first octet: A type octet, a length octet, and one or more option data octets, as illustrated in below figure. IP: A type byte, length byte, and one or more option data bytes

The type byte has the same structure in both cases, as illustrated in below Fig Where: fc (Flag copy): This field indicates whether (1) or not (0) the option field is copied when the datagram is fragmented. class: The option class is a 2-bit unsigned integer: 0: Control 1: Reserved 2: Debugging and measurement 3: Reserved option number: The option number is a 5-bit unsigned integer: 0: End of option list. It has a class of 0, the fc bit is set to zero, and it ha s no length byte or data. That is, the option list is terminated by a X'00' byte . It is only required if the IP header length (which is a multiple of 4 bytes) d oes not match the actual length of the options. 1: No operation. It has a class of 0, the fc bit is not set, and there is no len gth byte or data. It can be used to align fields in the datagram. 2: Security. It has a class of 0, the fc bit is set, and there is a length byte with a value of 11 and 8 bytes of data). It is used for security information nee ded by U.S. 3: Loose source routing. It has a class of 0, the fc bit is set, and there is a variable length data field. 4: Internet time stamp. It has a class of 2, the fc bit is not set, and there is a variable length data field. The total length can be up to 40 bytes. We discus s this option in more detail later. 7: Record route. It has a class of 0, the fc bit is not set, and there is a vari able length data field. 8: Stream ID. It has a class of 0, the fc bit is set, and there is a length byte with a value of 4 and one data byte. It is used with the SATNET system. 9: Strict source routing. It has a class of 0, the fc bit is set, and there is a variable length data field. We discuss this option in more detail later. 4. Differentiate between well known and ephemeral ports. Ans: Well-known ports belong to standard servers, for example, Telnet uses port 23. Well-known port numbers range between 1 and 1023 (prior to 1992, the range between 256 and 1023 was used for UNIX-specific servers). Well-known port numbers are typically odd, because early systems using the port concept required an odd/even pair of ports for duplex op erations. Most servers require only a single port. Exceptions are the BOOTP serv er, which uses two: 67 and 68 and the FTP server, which uses two: 20 and 21. The well-known ports are controlled and assigned by the Internet Assigned Number Au thority (IANA) and on most systems can only be used by system processes or by programs executed by privileged users. Well-known ports allow clients to find servers without configuration information. The well-known port numbers are defi ned in STD 2 Assigned Internet Numbers. Some clients do not need well-known port numbers because they initiate c ommunication with servers, and the port number they are using is contained in th e UDP/TCP datagrams sent to the server. Each client process is allocated a port number, for as long as it needs, by the host on which it is running. Ephemeral port numbers have values greater than 1023, normally in the range of 1024 to 65535. Ephemeral ports are not contr olled by IANA and can be used by ordinary user-developed programs on most system s. Confusion, due to two different applications trying to use the same port numb ers on one host, is avoided by writing those applications to request an availabl e port from TCP/IP. Because this port number is dynamically assigned, it can dif fer from one invocation of an application to the next. UDP, TCP and ISO TP-4 all use the same port principle. To the best possible extent, the same port numbers are used for the same services on top of UDP, TCP and ISO TP-4.

5. Explain the DNS message format. Ans: All messages in the Domain Name System protocol use a single format. This f ormat is shown in Fig. 5.5. This frame is sent by the resolver to the name serve r. Only the header and the question section are used to form the query. Replies and forwarding of the query use the same frame, but with more sections filled in (the answer/authority/additional sections). Header Format: The header section is always present and has a fixed length of 12 bytes. The other sections are of variable length. ID: A 16-bit identifier assig ned by the program. This identifier is copied in the corresponding reply from th e name server and can be used for differentiation of responses when multiple que ries are outstanding at the same time.

Where: QR Flag identifying a query (0) or a response(1). Op code 4-bit field specifying the kind of query: 0 Standard query (QUERY) 1 Inverse query (IQUERY) 2 Server status request (STATUS) Other values are reserved for future use: AA: Authoritative answer flag. If set in a response, this flag specifies that th e responding name server is an authority for the domain name sent in the query. TC: Truncation flag. Set if message was longer than permitted on the physical ch annel. RD: Recursion desired flag. This bit signals to the name server that recursive r esolution is asked for. The bit is copied to the response. RA: Recursion available flag. Indicates whether the name server supports recursi ve resolution. Zero: 3 bits reserved for future use. Must be zero. Rcode: 4-bit response code. Possible values are: 0 No error. 1 Format error. The server was unable to interpret the message. 2 Server failure. The message was not processed because of a problem with the se rver. 3 Name error. The domain name in the query does not exist. This is only valid if the AA bit is set in the response. 4 Not implemented. The requested type of query is not implemented by name server . 5 Refused. The server refuses to respond for policy reasons. Other values are re served for future use. QDcount: An unsigned 16-bit integer specifying the number of entries in the ques tion section. ANcount: An unsigned 16-bit integer specifying the number of RRs in the answer s ection. NScount: An unsigned 16-bit integer specifying the number of name server RRs in the authority section. ARcount: An unsigned 16-bit integer specifying the number of RRs in the addition al records section. 6. Explain the principle of operation of REXEC protocol. Ans: REXECD is a server (or daemon). It handles commands issued by foreign hosts and transfers orders to subordinate virtual machines for job execution. The dae mon performs automatic login and user authentication when a user ID and password are entered. The REXEC command is used to define the user ID, password, host ad dress, and the process to be started on the remote host. However, RSH does not r equire you to send a user name and password; it uses a host access file instead. Both server and client are linked over the TCP/IP network. REXEC uses TCP port

512 and RSH uses TCP port 514.

7. Explain various operations performed by the user with FTP. Ans: When using FTP, the user performs some or all of the following operations: Connect to a remote host Navigate and manipulate the directory structure. List files available for transfer . Define the transfer mode, transfer type and data structure. Transfer data to or from the remote host. Disconnect from the remote host. Connecting to a remote host To execute a file transfer, the user begins by logging in to the remote host. Th is is only the primary method of implementing security within the FTP model. Add itional security can be provided using SSL and TLS. Conversely, this authenticat ion can be bypassed using anonymous FTP . There are four commands that are used: Open: Selects the remote host and initiates the login session. User: Identifies the remote user ID. Pass: Authenticates the user. Site: Sends information to the foreign host that is used to provide services spe cific to that host. Navigating the directory structure After a user has been authenticated and logged on to the server, that user can n avigate through the directory structure of the remote host in order to locate th e file desired for retrieval, or locate the directory into which a local file wi ll be transferred. The user can also navigate the directory structure of the clients host. After the correct local and remote directories have been access ed, users can display the contents of the remote directory. The subcommands that perform these functions are as follows: cd: Changes the directory on the remote host: A path name can be specified, but must conform to the directory structure of the remote host. In most implementati ons, cd .. will move one directory up within the directory structure. Lcd: Changes the directory on the local host. Similar to the cd command, a path name can be specified but must conform to the directory structure of the local h ost. Ls: Lists the contents of the remote directory. The list generated by this comma nd is treated as data, and therefore, this command requires the use of a data co nnection. This command is intended to create output readable by human users. Dir: Lists the contents of the remote directory. Similar to the ls command, the list generated by dir is treated as data and requires the use of a data connecti on. This command is intended to create output readable by programs. Controlling the data transfer Transferring data between dissimilar systems often requires transformations of t he data as part of the transfer process. The user has to decide on three aspects of the data handling: The way the bits will be moved from one place to another The different representations of data on the system s architecture The file structure in which the data is to be stored Each of these is controlled by a subcommand: Mode: Specifies whether the file is treated as having a record structure in a by te stream format: B: This specifies block mode is to be used. This indicates that the logical reco rd boundaries of the file are preserved.

S: This specifies that stream mode is to be used, meaning that the file is treat ed as a byte stream. This is the default and provides more efficient transfer bu t might not produce the desired results when working with a record-based file sy stem. Type: Specifies the character sets used in translating and representing the data : A: Indicates that both hosts are ASCII-based, or that if one is ASCII-based and the other is EBCDIC-based, that ASCII-EBCDIC translation must be performed. On m any implementations, this can be invoked by issuing the ASCII command, which the PI translates into the type A Command. E: Indicates that both hosts use an EBCDIC data representation. On many implemen tations, this can be invoked by issuing the EBCDIC command, which the PI transla tes into the type E command. 8. Discuss the format of SMTP mail header. Ans: SMTP is based on end-to-end delivery: An SMTP client contacts the destinati on host s SMTP server directly, on well-known port 25, to deliver the mail. It k eeps the mail item being transmitted until it has been successfully copied to th e recipient s SMTP. This is different from the store-and-forward principle that is common in many mailing systems, where the mail item can pass t hrough a number of intermediate hosts in the same network on its way to the dest ination and where successful transmission from the sender only indicates that th e mail item has reached the first intermediate hop. In various implementations, it is possible to exchange mail between the TCP/IP SMTP mailing system and the l ocally used mailing systems. These applications are called mail gateways or mail bridges. Sending mail through a mail gateway can alter the end-to-end delivery specification, because SMTP only guarantees delivery to the mail-gateway host, n ot to the real destination host located beyond the TCP/IP network. When a mail g ateway is used, the SMTP end-to-end transmission is host-to-gateway, gateway-toh ost, or gateway-to-gateway; the behavior beyond the gateway is not defined by SM TP. In SMTP, each message has: A header, or envelope, the structure of which is strictly defined by RFC 2822 The mail header is terminated by a null line (that is, a line with nothing preceding the <CRLF> sequence). Contents: Everything after the null (or blank) line is the message body, which is a sequence of lines containing ASCII characters (that is, characters with a valu e less than 128 decimal). As usual, the client SMTP (referred to as the sending SMTP) is the entity that initiates the session, and the server (referred to as t he receiving SMTP) is the one that responds to the session request. Because the client SMTP frequently can also act as a server for a user mailing program, it is oftensimpl er to refer to the client as the sender SMTP and to the server as the receiver S MTP. 9. With aid of a neat block diagram explain the structure of a web browser. Ans: Generally, a browser is referred to as an application that provides access to a Web server. Depending on the implementation, browser capabilities and thus struc tures vary. A Web browser, at a minimum, consists of an Hypertext Markup Languag e (HTML) interpreter and HTTP client that is used to retrieve HTML Web pages. Be sides this basic requirement, many browsers also support FTP, NNTP, e-mail (POP and SMTP clients), among other features, with an easy-to-manage graphical interf ace. Above figure illustrates a basic Web browser structure. As with many other Internet facilities, the Web uses a client/server processing model. The Web brow ser is the client component. Examples of Web browsers include Mozilla Firefox, N etscape Navigator, and Microsoft Internet Explorer Web browsers are responsible f or formatting and displaying information, interacting with the user, and invokin g external functions, such as Telnet, or external viewers for data types that Web browsers

do not directly support. Web browsers have become the universal client for the GUI workstation environment, in much the same way that the ability to emulate popul ar terminals such as the DEC VT100 or IBM 3270 allows connectivity and access to character-based applications on a wide variety of computers. Web browsers are w idely available for all popular GUI workstation platforms and are inexpensive. 10. Differentiate between getNextRequest and getBulkRequest taking an appropriat e example. Ans: The GetBulkRequest is defined in RFC 3416 and is thus part of the protocol operations. A GetBulkRequest is generated and transmitted as a request of an SNM Pv2 application. The purpose of the GetBulkRequest is to request the transfer of a potentially large amount of data, including, but not limited to, the efficient and rapid retrieval of large tables. The GetBulkRe quest is more efficient than the GetNext request in case of retrieval of large M IB object tables. The syntax of the GetBulkRequest is: GetBulkRequest [ non-repeaters = N, max-repetitions = M ] ( RequestedObjectName1, RequestedObjectName2, RequestedObjectName3 ) Where: RequestedObjectName1, 2, 3 MIB object identifier, such as sysUpTime. The objects are in a lexicographically ordered list. Each object identifier has a binding to at least one variable. Fo r example, the object identifier ipNetToMediaPhysAddress has a variable binding for each IP address in the ARP table and the content is the associated MAC address. N Specifies the non-repeaters value, which means that you request only the conte nts of the variable next to the object specified in your request of the first N objects named between the parentheses. This is the same function as provided by the GetNextRequest. M Specifies the max-repetitions value, which means that you request from the rem aining (number of requested objects - N) objects the contents of the M variables next to your object specified in the request. Similar to an iterated GetNextReq uest but transmitted in only one request. With the GetBulkRequest, you can efficiently get the contents of the next variable or the next M variables in only one request Assume the following ARP table in a host t hat runs an SNMPv2 agent: Interface-Number Network-Address Physical-Address Type 1 10.0.0.51 00:00:10:01:23:45 static 1 9.2.3.4 00:00:10:54:32:10 dynamic 2 10.0.0.15 00:00:10:98:76:54 dynamic An SNMPv2 manager sends the following request to retrieve the sysUpTime and the complete ARP table: This response signals the end of the table to the SNMPv2 man ager. Using the getNextRequest, this same result requires four iterations of que ries.