Chapter 20


Review Questions

1. Which packet parameters can be used when traffic filtering on the router:

2. What is the difference between the routing advertisements and the results of filtering user traffic?

Both kinds of filtering result in some kind of restrictions in connectivity between network nodes as some packets sent won't be delivered to destinations. The aim of the routing  advertisments filtering is to make some networks or subnetworks hidden to ather routers and hence the users of other networks can't communicate to these networks/subnetworks nodes at all. When a router filters user packets the aim is a bit different, it is to selectively protect network nodes from receiveing particular kind of packets, e.g. packets that carry ICMP echo requests which can cause normal service disruption.


3. What is the meaning of the word "integrated" in the name of the IntServ technology?

This word reflects the fact that the IntServ technology describes all the elements of QoS support as a tightly integrated system


4. What parameter makes it possible to limit the burst of the input packet flow profiled using the Token Bucket algorithm?

The parameter b that corresponds to the volume of the token bucket

5. Why does the probability of discarding packets in the random early detection (RED) method depend on the averaged queue length rather than on the current queue length?

To make the behaviuor of RED more stable as in this case short-lived fluctuation of the queue length doesn't change instantly the queue processing

6. Why the RED mechanism is not applicable for the UDP traffic?

Because UDP doesn't support congestion avoidance mechanism which RED exploits


7. Explain the main stages of router resource reservation using RSVP.

8. What is the principal limitation of the IntServ technology:


9. Why doesn't the DiffServ technology use a signaling protocol?

A signalling protocol normally is used for dynamic resource resrvation for an individual data flow. DiffServ deals with traffic classes and not with indovidual flows; in this case a reservation can be easily made statically whothout dynamic protocol.

10. What is the difference between EF and AF services?

EF service (more precisely - EF-based service as EF defines per-hop behaviuor and can be used for building different services) is design to support the most delay-sensitive traffic, e.g. VoIp traffic. AF service provides traffic with guaranteed delivery (with different levels of probability) and guaranteed bandwidth which makes AF suitable for drop-sensitive traffic which requires certain share of bandwidth, e.g. multimedia streaming. AF also decreases the probability of packet delays during congestion periods but not to such extent as EF does.


11. What specific features of the DiffServ technology made it popular among communications carriers:


12. What is the main goal of NAT?

13. Which additional packet attributes are used in NAT for mapping the set of internal addresses to a single global address?

TCP or UDP port numbers


14. Fill in the "Designated port" column of the NAT table.

Any unique for the given global IP address number can be used, e.g.:


Private address

Sender port

Global address

Designated port













15. List the main variants of router architecture.

16. What are criteria used for classifying routers?

17. What are the specific features of Layer 3 switches?



1. Compose an access list or lists for a Cisco router connecting the company to the Internet (Fig. 20.13). The access list must ensure the following:

Fig. 20.13. Traffic filtering using a router


access-list 101 permit  IP host any

access-list 101 permit  IP


access-list 102 deny ICMP any eq 8

!the command above is not mandatory as the following two command permit only two kinds of TCP packets, therefore ICMP packets will be discarded as not permitted explicitely. However, the command in question is useful as some other kinds of packets might be permitted in the future and this might implicitely permit ICMP.

access-list 102 permit TCP any 21

access-list 102 permit TCP any 80 


interface s1

access-group 101 out


interface e1

access-group 102 out


2. When describing the NAT technology, we simplified the pattern. In particular, we didn't consider the problems that might arise when ICMP error messages arrive in the internal network. Suggest your own variant of the algorithm that should be used by the NAT protocol when an ICMP message arrives at its external interface. Tip: Before passing the ICMP message, ICMP must introduce corrections not only into the IP header but also into the ICMP data field.