Network Questions

1. network questions

2. more network questions

TCP/IP Programming

  • very nice series of TCP/IP programming in C

example source code from "TCP/IP Sockets in C: Practical Guide for Programmers" by Michael J. Donahoo and Kenneth L. Calvert.

  • about select()

good questions

data structure

    /* Map host name to IP address, allowing for dotted decimal */
    struct hostent      *phe;     
    if(phe = gethostbyname(host))   //passes in name could be a name or dotted decimal address.
    {    memcpy(&sin.sin_addr, phe->h_addr, phe->h_length);
         printf("The IP Address is: %s\n", inet_ntoa(*((struct in_addr *)phe->h_addr)));  //
    else if ((sin.sin_addr.s_addr = inet_addr(host)) == INADDR_NONE)  //s_addr = struct in_addr
        errexit("can't get \"%s\" host entry\n", host);


    struct sockaddr {
        u_char  sa_len;
        u_short sa_family;     // address family, AF_xxx
        char    sa_data[14];   // 14 bytes of protocol address


    struct sockaddr_in {
        u_char  sin_len;
        u_short sin_family;        // Address family
        u_short sin_port;          // Port number
        struct  in_addr sin_addr;  // Internet or IP address
        char    sin_zero[8];       // Same size as struct sockaddr

struct in_addr {
        uint_32_t s_addr;

struct hostent * gethostbyname(const char *name)  =  struct hostent * gethostbyaddr(const char *addr, int length, int format)

struct hostent {
   char  *h_name;
   char  **h_aliases;
   int   h_addrtype;
   int   h_length;
   char  **h_addr_list;


#define h_addr h_addr_list[0]    //it is actually a binary data uint_32;

unsigned long int inet_addr(const char *name)  = int inet_aton(const char *name, struct in_addr *addr)
   This function converts the Internet host address from the standard numbers-and-dots notation into binary data


RAID Level 0 requires a minimum of 2 drives to implement, no fault tolerance. without parity
Striping. Data is spread across multiple disks. No redundancy.

RAID Level 1 perform two concurrent separate Reads per mirrored pair or two duplicate Writes per mirrored pair. without parity
RAID Level 2 — Error-Correcting Coding: Not a typical implementation and rarely used, Level 2 stripes data at the bit level rather than the block level.
RAID Level 3/4 with dedicated parity.
RAID Level 5 with distributed parity.
RAID Level 6 with dual distributed parity.

  1. Level 0 — Striped Disk Array without Fault Tolerance: Provides data striping (spreading out blocks of each file across multiple disk drives) but no redundancy. This improves performance but does not deliver fault tolerance. If one drive fails then all data in the array is lost.
  2. Level 1 — Mirroring and Duplexing: Provides disk mirroring. Level 1 provides twice the read transaction rate of single disks and the same write transaction rate as single disks.
  3. Level 2 — Error-Correcting Coding: Not a typical implementation and rarely used, Level 2 stripes data at the bit level rather than the block level.
  4. Level 3 — Bit-Interleaved Parity: Provides byte-level striping with a dedicated parity disk. Level 3, which cannot service simultaneous multiple requests, also is rarely used.
  5. Level 4 — Dedicated Parity Drive: A commonly used implementation of RAID, Level 4 provides block-level striping (like Level 0) with a parity disk. If a data disk fails, the parity data is used to create a replacement disk. A disadvantage to Level 4 is that the parity disk can create write bottlenecks.
  6. Level 5 — Block Interleaved Distributed Parity: Provides data striping at the byte level and also stripe error correction information. This results in excellent performance and good fault tolerance. Level 5 is one of the most popular implementations of RAID.
  7. Level 6 — Independent Data Disks with Double Parity: Provides block-level striping with parity data distributed across all disks.
  8. Level 0+1 – A Mirror of Stripes: Not one of the original RAID levels, two RAID 0 stripes are created, and a RAID 1 mirror is created over them. Used for both replicating and sharing data among disks.
  9. Level 10 – A Stripe of Mirrors: Not one of the original RAID levels, multiple RAID 1 mirrors are created, and a RAID 0 stripe is created over these.
  10. Level 7: A trademark of Storage Computer Corporation that adds caching to Levels 3 or 4.
  11. RAID S: EMC Corporation's proprietary striped parity RAID system used in its Symmetrix storage systems.

socket vs port

Socket is a file descriptor identifying a network end point to your application.
Port is a protocol end point. You will talk about the protocol port as in HTTP,DNS….
A socket can be bound to a protocol and a port.

well known port :

tcp vs UDP

Difference between TCP and UDP
There are two types of internet protocol (IP) traffic, and both have very different uses.

1. TCP(Transmission Control Protocol). TCP is a connection-oriented protocol, a connection can be made from client to server, and from then on any data can be sent along that connection.
* Reliable - when you send a message along a TCP socket, you know it will get there unless the connection fails completely. If it gets lost along the way, the server will re-request the lost part. This means complete integrity, things don't get corrupted.
* Ordered - if you send two messages along a connection, one after the other, you know the first message will get there first. You don't have to worry about data arriving in the wrong order.
* Heavyweight - when the low level parts of the TCP "stream" arrive in the wrong order, resend requests have to be sent, and all the out of sequence parts have to be put back together, so requires a bit of work to piece together.

2. UDP(User Datagram Protocol). A simpler message-based connectionless protocol. With UDP you send messages(packets) across the network in chunks.
* Unreliable - When you send a message, you don't know if it'll get there, it could get lost on the way.
* Not ordered - If you send two messages out, you don't know what order they'll arrive in.
* Lightweight - No ordering of messages, no tracking connections, etc. It's just fire and forget! This means it's a lot quicker, and the network card / OS have to do very little work to translate the data back from the packets.

How do I convert a string into an internet address?

If you are reading a host's address from the command line, you may not know if you have an aaa.bbb.ccc.ddd style address, or a style address. What I do with these, is first try to use it as a aaa.bbb.ccc.ddd type address, and if that fails, then do a name lookup on it. Here is an example:

 /* Converts ascii text to in_addr struct.
  /*   NULL is returned if the
 address can not be found. */
struct in_addr *atoaddr(char *address) {
         struct hostent *host;
         static struct in_addr saddr;

 /* First try it as aaa.bbb.ccc.ddd. */
         saddr.s_addr = inet_addr(address);
         if (saddr.s_addr != -1) {
           return &saddr;
         host = gethostbyname(address);
         if (host != NULL) {
return (struct in_addr *) *host->h_addr_list;
         return NULL;

routing protocol

internal protocol: RIP and OSPF
extern protocol: BGP4

RIP is distance vector protocol;
OSFP is link state protocol

split horizon with poison reverse.


good book:

interview questions

traffic management

what is the difference between layer 2 and layer 3 qos


It is clear that L2 is at MAC layer. In case of MAC level
forwarding such as Bridge connction and a quality of
service need to be assured, The following methods can be

1) MAC filtering (avoiding unnecessary traffic coming from
known MAC sources)
2) VLAN & COS: VLAN will ensure that the traffic is
classified based on various parameters like MAC address,
incoming port, etc… COS: Class Of Service is a filed in
VLAN header. This will be used to prioritize traffic. Later
a QOS scheduler can use the COS filed to qualify the
traffic in to different QOS queues.

L3 - QOS

L3 QOS is required for IP level classification.
Classification can be achieved by Diffserv implementations
that takes many IP parameters in to consideration in
prioritizing traffic. This priority can be set in TOS field
of IP header. This TOS will later be used by Scheduling
process to achieve QOS.

Early work used the "IntServ" philosophy of reserving network resources. In this model, applications used the Resource reservation protocol (RSVP) to request and reserve resources through a network. While IntServ mechanisms do work, it was realized that in a broadband network typical of a larger service provider, Core routers would be required to accept, maintain, and tear down thousands or possibly tens of thousands of reservations. It was believed that this approach would not scale with the growth of the Internet, and in any event was antithetical to the notion of designing networks so that Core routers do little more than simply switch packets at the highest possible rates.

The second and currently accepted approach is "DiffServ" or differentiated services. In the DiffServ model, packets are marked according to the type of service they need. In response to these markings, routers and switches use various queuing strategies to tailor performance to requirements. (At the IP layer, differentiated services code point (DSCP) markings use the 6 bits in the IP packet header. At the MAC layer, VLAN IEEE 802.1Q and IEEE 802.1D can be used to carry essentially the same information)

Routers supporting DiffServ use multiple queues for packets awaiting transmission from bandwidth constrained (e.g., wide area) interfaces. Router vendors provide different capabilities for configuring this behavior, to include the number of queues supported, the relative priorities of queues, and bandwidth reserved for each queue.



policing : the actions to be formed on a specific traffic types

Policers monitor traffic flows and identify and response to traffic violations.
token for CIR(committed information rate) PIR(Peak information rate), Bc(committed Burst)

  • Single-Rate Two-Color Marker/Policer: un-used tokens are discarded
  • Dual-Rate
    • Single-Rate Three-Color Marker/Policer RFC 2697: un-used tokens are transferred to 2nd bucket for burst traffic
    • Two-Rate Three-Color Marker/Policer RFC 2698: two separate buckets keeps growing, and un-used tokens are discarded

shaping merely delays traffic while policing re-marks/drops traffic. it also uses token bucket algorithms

As shaping involves buffering. various queuing techniques are activated when the shaping buffer has been filled to capacity.


queuing only happens when there is a congestion and need to buffer incoming packets, then it is deactivated after congestion clears.

CBWFQ: class based weight fair queuing
LLQ: low latency queueing


queuing algorithm manages the front of a queue(that is , how a packet exists a queue). whereas congestion avoidance mechanism manages the tail of a queue(that is, how a packet enters a queue). dropping tools , sometimes called congestion avoidance mechanism, are designed to optimize TCP-based traffic

dropping is complementary to (and dependent on) queuing tool.

default policy is tail drop.

Random early detection (RED): randomly drops packets before the queue fill to its capacity. RED doesn't make sense for UDP as no retry logic.

WRED: weighted RED
- DSCP based WRED

TD: tail drop

congestion notification:

2 ECN bits :
- ECN : ECN capable transport Bit
- CE: Congestion experienced bit

difference between 301, 302, 303

normal behavior 303, then 302, 302..


L2: STP, EtherChannel, Cisco Virtual Switching System, MC-RC
L3: HSRP, VRRP, GLBP and IP Event dampening

routing protocols

routing protocols


distributed hashtable,1

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License