Term
| What is the basic idea of intrusive monitoring? |
|
Definition
| Send a packet / traffic to a remote host |
|
|
Term
| What three considerations when sending a probe? |
|
Definition
What / how / how much traffic
What host shall you send it to
When / how often to send data |
|
|
Term
| How long should you wait to receive a response from a probe? |
|
Definition
| between a milisecond and a day: a few seconds |
|
|
Term
| Monitoring traffic (3) considerations |
|
Definition
Packets sent will not be associated with network application traffic
Available by default in all hosts
Likely to be ignored/ blocked by intermediate/ remote hosts |
|
|
Term
| Network application traffic (3) considerations |
|
Definition
Packets can be interpreted as network application traffic
Applicable only when probing remote servers
Permitted by intermediate / remote hosts |
|
|
Term
| What three things does PING asses? |
|
Definition
Remote availability
Delay & loss
Possible network problems |
|
|
Term
| What are the common characteristics for ping? |
|
Definition
| Small packets (That are less than 100 bytes long) |
|
|
Term
| What are the variables of ping? |
|
Definition
TTL
TIme to wait for a response |
|
|
Term
|
Definition
|
|
Term
| What is type 3 ICMP message? |
|
Definition
|
|
Term
| What is type 11 ICMP message? |
|
Definition
| TTL expiration (used by traceroute) |
|
|
Term
|
Definition
| request / reply (used by ping) |
|
|
Term
| What value can the TTL be? |
|
Definition
|
|
Term
| What 4 things do you want from ping that aren't provided? |
|
Definition
What are the intermediate routers between the two hosts?
Is packet loss realy 0%?
What is the bandwidth of the path?
What is the throughput of the path? |
|
|
Term
| If you send more traffic to determine whether the packet loss is really 0%, what should you consider? |
|
Definition
How much traffic is too much
? |
|
|
Term
| What is traceroute meant to use and why?? |
|
Definition
| UDP because it's meant to have more chance of getting through the routers |
|
|
Term
| What is the reason for using ICMP instead of UDP for traceroute? |
|
Definition
| Because firewalls, access control lists etc are more likely to let ICMP through than they are UDP |
|
|
Term
|
Definition
| Determine path between local and remote host |
|
|
Term
|
Definition
| A head field decremenetd every time the packet is routed |
|
|
Term
| What must a host do if TTL hits 0? |
|
Definition
|
|
Term
| When does traceroute's not work? |
|
Definition
When an intermediate host does not return error messages
OR
When a error message packet is dropped on the return path |
|
|
Term
| What can traceroute not tell you? |
|
Definition
Differences between forward and return path
Accurate loss / delay statistics |
|
|
Term
| How many MS does London take? |
|
Definition
|
|
Term
| How long does a trans-atlantic connection take? |
|
Definition
|
|
Term
| How long does it take to get to Europe? |
|
Definition
|
|
Term
|
Definition
| One way active measurement protocol |
|
|
Term
| A combination of what does OWAMP use |
|
Definition
|
|
Term
|
Definition
|
|
Term
| What does OWAMP actually do |
|
Definition
| Sends a packet, and then the time on the other end is recorded and sent back with the reply. That way you can time it one way |
|
|
Term
| What two things are required to use OWAMP? |
|
Definition
Both sides to use NTP
OWAMP Software |
|
|
Term
|
Definition
| Means of expressing how much data can be transported accross a communication link |
|
|
Term
|
Definition
| Thea actual speed of data sending that is achieved |
|
|
Term
| In laymans terms, what does iperf do#/ |
|
Definition
| Downloads something and times how longit takes |
|
|
Term
| What does iperf calculate? |
|
Definition
| Throughput / bulk capacity measurement |
|
|
Term
| What does speedtest.net measure? |
|
Definition
|
|
Term
| What two speeds does speedtest.net measure/ |
|
Definition
|
|
Term
| What's the first thing that speedtest.net does? |
|
Definition
| Estimate connection speed in order to chose the file size for download |
|
|
Term
| What is done to the samples downloaded (speedtest.net download0 |
|
Definition
| Aggregated into 20 slices, discard top 10% and slowest 30% |
|
|
Term
| What are the stages of the speedtest.net upload |
|
Definition
estimate conn speed
Run the test
Chunks are sorted by speed
Fastest half is averaged |
|
|
Term
| What are the two ways NOT to measure bandwidth? |
|
Definition
Send a billion packets and see how many get there
Send as many packets as possible, then see how many made it to dest |
|
|
Term
| What's the calculation for bandwidth/ |
|
Definition
| Size of 2nd packet for 2 adjacent packets / Difference between two packets (After going into the bottleneck) |
|
|
Term
|
Definition
OBserve upstread and downstream loss
Use raw sockets to alter / force responses
Use tcp |
|
|
Term
| What three reasons does bandwidth evaluation require the packets to be sent back to back/ |
|
Definition
Reduce uncertainty regarding sending time
Limiting effect of competing flows
Simplify calculations |
|
|
