Homework4: TCP (Transmission Control

Protocol) - Solutions
COM-208: Computer Networks

File transfer time calculation

End-host 𝐴 sends end-host 𝐵 a file of size 8 ⋅ 𝑀 𝑆𝑆 bytes.

𝐴 and 𝐵 are directly connected over a channel with transmission rate 𝑅 bytes/sec and
propagation delay 𝑑𝑝𝑟𝑜𝑝 > 4⋅𝑀𝑆𝑆
𝑅 secs.
𝐴 and 𝐵 use a modified version of TCP were:
i Congestion control and flow control are disabled.
ii Sender window size is fixed to 4𝑀 𝑆𝑆 bytes.
iii Retransmission timeout is 𝑇 ≫ 𝑅𝑇 𝑇 secs.
Assume that 𝐵 stores (does not discard) all out-of-order segments.
How long will it take until 𝐵 receives the entire file (i.e., B receives the last byte of the
file) in each of the following scenarios?
Note: Assume that the packet headers (for all layers) have negligible size.

• No segments are lost.

The file transfer consists of three phases:

4⋅𝑀𝑆𝑆
1 𝐴 Transmits 4 segments: 𝑅 secs.
2 𝐴 Waits for the ACK for the 4th segment: 2 ⋅ 𝑑𝑝𝑟𝑜𝑝 secs.
𝑀𝑆𝑆
3 𝐴 Transmits the 8th segment, and it arrives at 𝐵: 𝑅 + 𝑑𝑝𝑟𝑜𝑝
secs.

1
 A B A B
A B

1
1
1

2 2 x
2 x

3
3 3
(a)
4

• The 5𝑡ℎ segment is lost and Fast-Retransmit is disabled. (c)

4
The file transfer consists of four phases:
(b)
𝑀𝑆𝑆
1 𝐴 Transmits the first segment and waits for the ACK: 𝑅 +2⋅
𝑑𝑝𝑟𝑜𝑝 secs.
𝑀𝑆𝑆
2 𝐴 transmits the 5th segment: 𝑅 secs.
3 𝐴 Waits for the 5th segment to timeout: 𝑇 secs.
(Here, we assume that the timer starts after 𝐴 is done transmit-
ting the 5th segment)
𝑀𝑆𝑆
4 𝐴 Transmits the 5th segment, and it arrives at 𝐵: 𝑅 + 𝑑𝑝𝑟𝑜𝑝
secs.
A B A B
A B

1
1
1

2 2 x
2 x

3
3 3
(a)
4

(c)
4

(b)

• The 5𝑡ℎ segment is lost and Fast-Retransmit is enabled.

The file transfer consists of four phases:

4⋅𝑀𝑆𝑆
1. 𝐴 Transmits 4 segments: 𝑅 secs.
2. 𝐴 Waits for the ACK for the 4th segment: 2 ⋅ 𝑑𝑝𝑟𝑜𝑝 secs.

2
 𝑀𝑆𝑆
3. 𝐴 Transmits the 8th segments and waits for the ACK: 𝑅 +
2 ⋅ 𝑑𝑝𝑟𝑜𝑝 secs.
𝑀𝑆𝑆
4. 𝐴 Transmits the 5th segment, and it arrives at 𝐵: 𝑅 + 𝑑𝑝𝑟𝑜𝑝
secs.
A B A B
A B

1
1
1

2 2 x
2 x

3
3 3
(a)
4

(c)
4

(b)

3
File transfer over TCP

Consider the topology shown in Figure 1. Host 𝐴 opens a TCP connection to host 𝐵,
and starts sending a file of size 𝐹 = 10 bytes, in segments of size 𝑀 𝑆𝑆 = 1byte each.
As a result of a faulty link, the 5-th packet (without counting the SYN packet in the
TCP handshake) transmitted by 𝐴 is lost.

Figure 1: Network topology.

For the following questions, make the following assumptions:

i The transmission delay for packets is negligible.
ii The round-trip time between 𝐴 and 𝐵 is 𝑅𝑇 𝑇1 .
iii The retransmission timer of host 𝐴 has a fixed duration equal to 2 ∗ 𝑅𝑇 𝑇 .
iv TCP has Fast Retransmit disabled.
v A TCP receiver sends an ACK for each packet it receives.
vi The first segment that 𝐴 transmits will have a sequence number of 1.
vii B stores (does not discard) all out-of-order packets.

• Complete the sequence diagram in Figure 3 with all packets exchanged between 𝐴
and 𝐵 (we have completed part of the diagram to help you get started.).

4
 State of the Sequence number diagram
cwndA ssthreshA
congestion
[bytes] [bytes]
control algorithm Sequence Acknowledgement
for host A number number
A B
1 ∞ — SYN, SEQ 0

SYN, ACK 1 RTT1

1 ∞ Slow start SEQ 1

RTT1
ACK 2

2 ∞ Slow start SEQ 2

SEQ 3

RTT1
ACK 3
ACK 4

3 ∞ Slow start SEQ 4

4 SEQ 5
SEQ 6
SEQ 7 X ACK 5
timeout
for pkt 5 ACK 5
ACK 5
5 ∞ Slow start SEQ 8 2 x RTT1
SEQ 9

ACK 5
ACK 5

1 2 Slow start SEQ 5

RTT1
ACK 10

Congestion
2 2 SEQ 10
avoidance
RTT1 / 2
ACK 11

Figure 3: Sequence diagram of packets exchanged.

5
 • Calculate how much time it takes for 𝐵 to finish receiving the file.
(Note: The one-way propagation delay from 𝐴 to 𝐵 is 𝑅𝑇2𝑇1 )

You can view the time duration marked down on the sequence dia-
gram in Figure 3. With the connection setup time included, it takes
6.5 × 𝑅𝑇 𝑇1 time to complete the file transfer, from start to finish.

Now, assume 𝐴 uses node 𝑃 , which runs an application-layer proxy to transmit the file
to 𝐵, as shown in Figure 4.
When 𝑃 receives a connection request from 𝐴, it connects a TCP socket with 𝐵. After
that, the proxy application receives data from the TCP socket connected to 𝐴 (the input
socket), and writes data out to the TCP socket connected to 𝐵 (the output socket). 𝑃
forwards these packets to the output socket, the moment it can read them from the input
socket. The proxy’s operations do not incur any processing delay.
𝑃 is located exactly in the middle of the path between 𝐴 and 𝐵, such that the round-trip
times between 𝐴 and 𝑃 , and between 𝑃 and 𝐵 are both equal to 𝑅𝑇 𝑇2 = 𝑅𝑇2𝑇1 .
The faulty link described previously is now located on the part of the path between 𝑃
and 𝐵 (the second half of the path). As a result, the 5-th packet transmitted on that
part of the path is lost. No packet loss occurs on the part of the path between 𝐴 and
𝑃.

Figure 4: Network topology after adding a proxy.

• Calculate the time it takes for the file transfer to be completed in this new setting.
(Note: Do not forget to adjust the timeout interval for the two TCP flows;
from 𝐴 to 𝑃 , and from 𝑃 to 𝐵. The timeout interval for the two flows is equal to
2 × 𝑅𝑇 𝑇2 = 𝑅𝑇 𝑇1 )

In this new setting, the transfer time can be computed as follow:

First 𝐴 will connect to 𝑃 and send a TCP SYN. This will take
𝑅𝑇 𝑇2
2 . As soon as 𝑃 receives this SYN from 𝐴, it will initiate the
handshake with 𝐵. The rest of the communication between 𝐴 and
𝑃 will be carried out in parallel with the communication between 𝑃
and 𝐵. Hence, for the first half of the path, we only need to consider

6
 the time it will take to propagate the first (connection) packet from
𝐴 to 𝑃 .
Now for the communication between 𝑃 and 𝐵, the sequence diagram
will be an exact replica of the one we created in figure 3. The only
difference now is that the round-trip time between 𝑃 and 𝐵 is half
the round-trip time between 𝐴 and 𝐵. Hence, it will take 6.5×𝑅𝑇 𝑇2 .
Thus, the total file transfer delay will be:

𝑅𝑇 𝑇2 7 ⋅ 𝑅𝑇 𝑇1
6.5 × 𝑅𝑇 𝑇2 + = 7 × 𝑅𝑇 𝑇2 =
2 2

• Does the introduction of the application-layer proxy in the previous part improve
or worsen the file transfer? Which features of TCP are responsible for this?

The main reason why the file transfer will take shorter to complete
is the reduction of the end-to-end RTT for each flow. This reduction
in RTT will have the following effects on TCP:
– The congestion window will converge faster to an ideal value
(assuming that link capacity is limited). In our example, where
the capacity is unlimited, slow start will benefit even more.
– This will make TCP more responsive in detecting and correcting
channel error (e.g., the 5-th packet which was lost). This is be-
cause the timeout interval adjusts to the RTT estimate; a smaller
RTT means that a packet is retransmitted faster. We would ob-
serve the same behavior in the case where fast-retransmit was
also activated.

7
Now with routing

Consider the topology shown in Figure 5. End-host 𝐴 sends end-host 𝐵 a large file.
This is the only active flow in the network and all the traffic traverses links 𝐿1 , 𝐿2 , 𝐿3
and 𝐿4 . 𝐴 sends application data into its TCP socket at a rate of 80 Mbps. 𝐵 can read
data from its TCP socket at a rate of 30 Mbps.

L2(40Mbps) L3(45Mbps)

L1(50Mbps) L4(50Mbps)

A B
L5(40Mbps) L6(45Mbps)

Figure 5: Network Topology with Links’ Bandwidth Capacity.

• What is the max transfer rate for the TCP flow in the following scenarios? Which
aspect of TCP limits it?
– The TCP receive buffer at 𝐵 can hold only a small portion of the file.

Flow control will limit the transfer rate to 30 Mbps, because

buffer space is limited. 𝐴 will not send data faster than the
rate at which 𝐵’s application layer frees up TCP buffer space by
reading the data.

– The TCP receive buffer at 𝐵 can hold the entire file.

Congestion control will limit the transfer rate to 40 Mbps, be-

cause 𝐵 has sufficiently large buffer space, which makes flow con-
trol irrelevant. The transfer rate is, thus, determined by link with
the least capacity (𝐿2 , in this case).

Now, Assume that the TCP receive buffer at 𝐵 can hold only a small portion of the
file. During the file transfer Link 𝐿2 fails and the traffic between 𝐴 and 𝐵 is rerouted
via links 𝐿1 , 𝐿5 , 𝐿6 and 𝐿4 . The RTT between 𝐴 and 𝐵 increases from 𝑅𝑇 𝑇𝑜𝑟𝑖𝑔 to
𝑅𝑇 𝑇𝑛𝑒𝑤 = 5 ⋅ 𝑅𝑇 𝑇𝑜𝑟𝑖𝑔 .

• Do 𝐴 and 𝐵 need to establish a new TCP connection? If yes, describe the message
exchange.

8
 There will be no handshake involved; the connection will be pre-
served. Routing will take care of the path change and nothing but
the increased RTT will be visible at the transport layer. This is be-
cause it is only the end-hosts that maintain TCP connection state.

• Will the path change affect the TCP flow control?

Flow control, again, only involves 𝐴 and 𝐵. Thus, flow control will
not be affected by the path change.

• What effect will the path change have on the TCP traffic between 𝐴 and 𝐵?

Initially, the retransmission timeout at 𝐴 will be too small, given

that the RTT has increased. This may cause premature timeouts
and, as a result, unnecessary retransmissions. Nevertheless, 𝐴 will
continue collecting RTT samples for ACKed packets and, thus, it
will readjust the retransmission timeout to a suitable value.

9
TCP fairness

Consider the topology shown in Figure 6. Links 𝐴-𝑅, 𝐵-𝑅 and 𝐶-𝑅 have identical
characteristics, and have a higher transmission rate than link 𝑅-𝐷. Transmitting hosts
𝐴, 𝐵 and 𝐶 all have to share the same link to send data to host 𝐷.
(Note: Assume that TCP is fair, in the sense that all TCP connections sharing the same
bottleneck link will equally share the link’s bandwidth.)

A B C

Figure 6: Network Topology

Calculate the share of the link capacity of 𝑅-𝐷 that each host gets (a long time after
the connections have been established) in each of the following cases.
You should justify your answers.

• 𝐴, 𝐵 and 𝐶 are transmitting data. Each host uses a single TCP flow.

After the TCP flows stabilize, they use the entire available transmis-
sion rate on the path from source to destination.
The common link R-D is the bottleneck for each flow (its transmission
rate is smaller than the transmission rate of any other link on the
path). So all three TCP flows share the same bottleneck.
Since TCP flows are fair to each other, and the paths they traverse
have the same characteristics, this means that all flows will have
equal throughput: 𝑇𝐴 = 𝑇𝐵 = 𝑇𝐶 = rate3𝑅−𝐷 .

• Only 𝐴 and 𝐵 are transmitting data. 𝐴 uses only one TCP flow, and 𝐵 uses two
parallel TCP flows.

10
 Given that TCP fairness works on a per-flow basis (and not on a per-
host basis), this question is similar to the previous one. After the
TCP flows stabilize they use up the entire available capacity on the
bottleneck link, and share the capacity equally among them. Since
there are three flows, the throughput of each flow becomes rate3𝑅−𝐷 .
Finally, given that 𝐵 uses two flows, the throughput for each host
becomes 𝑇𝐴 = rate3𝑅−𝐷 and 𝑇𝐵 = 2×rate 3
𝑅−𝐷
. This means that 𝑇𝐵 =
2𝑇𝐴 .

• 𝐴, 𝐵 and 𝐶 are transmitting data. 𝐴 and 𝐵 each use one TCP flow. 𝐶 uses
a UDP-based application which transmits data at a constant rate of 40% of the
transmission rate of link 𝑅-𝐷.

UDP does not adjust its transmission rate, even if there exists any
other source of traffic in the network. Thus the throughput of host
C is 𝑇𝐶 = 0.4 × rate𝑅−𝐷 .
Similar to the previous questions, the TCP flows are fair to one
another, and each will get an equal portion of the remaining (60%)
capacity of the bottleneck link. Thus, 𝑇𝐴 = 𝑇𝐵 = 0.3 × rate𝑅−𝐷 .
Therefore, we have that 𝑇𝐴 = 𝑇𝐵 = 34 𝑇𝐶 .

11
Multiple TCP flows

Two flows, 𝑓𝑙𝑜𝑤1 (from 𝐴 to 𝐶) and 𝑓𝑙𝑜𝑤2 (from 𝐵 to 𝐶) traverse the same bottleneck
link, 𝑅-𝐶, as shown in Figure 7. The end-hosts use a variant of TCP where the congestion
window is fixed to 60 packets (i.e., the window does not adapt to network conditions).
You know that the capacity of link 𝑅-𝐶 is 3100 packets/sec.

A dprop = 5ms

dprop = 5ms
dprop = 10ms

R C
B

Figure 7: Network Topology.

• Suppose that the transmission delay is negligible. Compute the throughput that
𝑓𝑙𝑜𝑤1 (𝑇 𝑝𝑢𝑡1 ) and 𝑓𝑙𝑜𝑤2 (𝑇 𝑝𝑢𝑡2 ) would achieve if only one flow is active at a time,
and no packet is ever dropped. Compute ratio 𝑇𝑇 𝑝𝑢𝑡𝑝𝑢𝑡1
.
2

Since the window size is fixed, each sender will transmit 60 packets
per RTT seconds (where RTT is the two-way propagation delay) and,
thus, 𝑡ℎ𝑟𝑜𝑢𝑔ℎ𝑝𝑢𝑡 = 2×𝑑60 . According to this scheme we have that
𝑝𝑟𝑜𝑝
60 60
𝑇 𝑝𝑢𝑡1 = 0.020 = 3000 pkts/sec and 𝑇 𝑝𝑢𝑡2 = 0.030 = 2000 pkts/sec.
Both throughput values are smaller than the bottleneck link capacity
and, thus, they are feasible. The ratio of the throughput values is
𝑇 𝑝𝑢𝑡1
𝑇 𝑝𝑢𝑡 = 1.5.
2

• You run an ns-2 simulation where both flows are active at the same time, and you
get that 𝑇𝑇 𝑝𝑢𝑡
𝑝𝑢𝑡1
= 1.28. In your simulation, you have set the buffer size of router 𝑅
2
to 1000 packets, so that no packet is ever dropped.
Explain why the ratio between the throughput of the two flows is different from
what you computed in the previous sub-question.

The capacity of the bottleneck link (3100) is much smaller than

𝑇 𝑝𝑢𝑡1 + 𝑇 𝑝𝑢𝑡2 = 5000 pkts. Thus, (given that the router drops
no packets) all packets forwarded will experience queueing delay.
We can argue that both flows will experience equal queueing de-
lay since both flows use the same window size. In effect the RTT

12
of each flow will increase by 𝑄 (the queueing delay), which means
60
that 𝑡ℎ𝑟𝑜𝑢𝑔ℎ𝑝𝑢𝑡 = 𝑄+2×𝑑 . For a large enough value of 𝑄, link
𝑝𝑟𝑜𝑝
𝑇 𝑝𝑢𝑡1
propagation delay becomes insignificant, and 𝑇 𝑝𝑢𝑡2 goes closer to 1.

13
Thinking creatively about TCP

Suppose that each router in the network has infinite buffer space which can hold all
packets the router has to forward, so that no packet is ever dropped. Given this setting:

• What happens when a network link becomes congested.

Since no packet will ever get dropped, congestion will manifest in

the form of queuing delays, which will increase the RTT between
communicating hosts.

• Describe how individual TCP flows will behave.

There are two mechanisms in TCP which are relevant here; conges-
tion control and RTT estimation. The outcome will depend on how
these two interact with each other. In the worst case, the sender’s
estimate of RTT will keep up with the increasing queuing delay and
no timeout will occur (transmission timeout depends on RTT). This
will cause the congestion window size (and queuing delay) to grow
indefinitely.

At first glance, this will not affect TCP throughput that much.
However, new TCP flows will take longer to establish (the time
duration of the TCP handshake is proportional to RTT), and will
not be able to catch up with pre-existing flows, since nobody will
back off (this will affect fairness). Finally, network congestion will
affect latency-sensitive applications (e.g. video calls, DNS lookups)
and will render the network pretty much unusable.

• Propose a modification for TCP, which will improve its behavior.

The sender should base its congestion control algorithm on packet

delay, as opposed to packet loss. This is something similar to what
TCP Vegas (an existing flavor of TCP) does. Note that this mod-
ification might have some unwanted interference with the way that
TCP estimates the RTT for a connection.

A variant of TCP

Consider a variant of TCP were flow control is disabled. Is the congestion control in
this case sufficient to control the transmission rate of a sender if it is overwhelming a

14
receiver (i.e., when the receiver has no more buffer space)?
Justify your answers.

Congestion control will throttle the sender when the receiver becomes
overwhelmed; the receiver will start dropping packets, which the sender
will perceive as a congestion event. In particular, the sender will
experience a transmission timeout and remain in the Slow Start state
for as long as the receiver has no buffer space left.

Although congestion control can deal with the issue of an over-

whelmed receiver to some degree, it will not be as efficient as flow control
for the following reasons:
1. This will waste network bandwidth; packets traverse the entire net-
work path before an overwhelmed receiver is able to drop them.
2. It will take some time for the sender’s congestion window (and, possi-
bly, their RTT estimate) to re-adapt to the network conditions. The
congestion window will have to grow back to a size which reflects
the true capacity of the network (as opposed to the capacity of the
receiver). This can reduce performance if a receiver only processes
requests in bursts.
To sum up, TCP will still work if we disabled flow control. However,
this deprives the sender of one source of information which it can use to
optimize its sending strategy. This makes receiver-related events (flow
control) pollute the state that the sender maintains about network ca-
pacity (congestion control). As a result, the sender will overreact when
a flow-control-related event occurs.

15
Reading congestion window plot

Consider the graph shown in Figure 8, which plots the window size of a TCP sender as
a function of time.

50
Window Size (number of packets)

40

30

20

10

0
0 1 2 3 4 5 6 7 8 9
Time (seconds)

Figure 8: Congestion window size over time.

• Identify what happens to the congestion window at the following times:

(i) t = 0.5 secs, (ii) t = 3 secs, (iii) t = 3.5 secs, and (iv) t = 8 secs.
For each case, you should: 1. describe the state transition (previous state and next
state), 2. identify the event that caused it, and 3. explain how we can conclude
that from the graph.
Example: at t = 2 secs the sender transitions from state 𝑢 to state 𝑣 because event
𝑥 occurred. We can see that event 𝑥 has occurred there, because the window size
changes from 𝑦 to 𝑧.

(i) at t = 0.5 secs, the sender transitions from Slow Start to

Fast Recovery. We can see that Triple duplicate ACKs has oc-
curred, because the sender reduces the congestion window to
half its original size. We can already tell that the previous state
was Slow Start because of the exponential increase.
(ii) at t = 3 secs, the sender transitions from Congestion Avoidance
to Slow Start. We can see that Packet Timeout because the
congestion window decreases to 1, and a slow start state follows

16
 this event. We know that the previous state was Congestion
Avoidance because the window size was increasing linearly (+1
packet per RTT)
(iii) at t = 3.5 secs, the sender transitions from
Slow start to Congestion Avoidance. This is because
the congestion window becomes larger than ssthresh. We
can see this transition from the difference in the curves. (Slow
Start and Congestion Avoidance, as explained before)
(iv) at t = 8 secs, the sender transitions from Congestion avoidance
to Fast recovery. We can see that Triple duplicate ACKs has
occurred, and not a timeout, because the window size decreases
to half, and a Congestion Avoidance state follows.

• Calculate the number of packets that the TCP sender transmits between t = 6 secs
and t = 8 secs.

The sender is in the Congestion Avoidance state between t = 6 secs

and t = 8 secs. We know that when a sender is in the Congestion
Avoidance state, the congestion window of the sender increases by 1
with each transmission round.

The window size is 20 at t = 6 secs and 40 at t = 8 secs.

Thus, (if we include last transmission at exactly t = 8 secs, when
the sender transmits 40 packets), there are 21 transmission rounds
(from 20 packets to 40 packets). Therefore, the total number of
packets transmitted is:
40
20 + 40
∑𝑖= ⋅ 21 = 630
𝑖=20
2

• Calculate the RTT of the TCP flow.

We know that the window size changes by 1 packet per RTT. Fol-
lowing up on the analysis done in the previous question, the window
size changes 20 times from t = 6 secs till t = 8 secs (from 20 packets
8−6
to 40 packets). Thus, 𝑅𝑇 𝑇 = 40−20 = 0.1 secs.

17
Finding a security loophole

In Figure 9, Alice is sending a large file to Bob using TCP. Denis tries to disrupt their
communication by sending traffic to Céline. No other hosts send any traffic.

L4 L5
Alice Bob
L2
R1 R2
L1 L3

Denis Céline

Figure 9: Network topology.

• Describe the simplest attack strategy that achieves Denis’s goal. What condition
needs to hold for the transfer rates of the links such that this strategy works?

Denis prevent Alice and Bob from communicating with each other
by flooding link 𝐿2 . To do so, Denis could send a constant stream of
high-volume UDP traffic to Céline.
This attack will succeed if and only iff the capacity of 𝐿1 is greater
or equal to the capacity of 𝐿2 .
If the capacity of 𝐿1 is greater or equal to the capacity of 𝐿2 , Denis
can send traffic at a rate equal to the capacity of 𝐿2 . Since 𝐿1 can
carry Denis’ attack traffic, all of it will reach 𝐿2 at the desired rate.
Thus, Denis’ attack will succeed.
Otherwise, if the capacity of 𝐿1 is lower than the capacity of 𝐿2 , the
attack will fail. This is because, even if Denis sends attack traffic
at a higher rate, 𝐿1 cannot carry traffic at a higher rate than the
capacity of 𝐿1 . Since the capacity of 𝐿1 is lower than the capacity of
𝐿2 , 𝐿2 will have some spare capacity to accommodate Alice’s traffic.
Thus, we have proven that the condition we described is both neces-
sary and sufficient.

• How will the TCP connection between Alice and Bob be affected by this attack?
Draw a simple diagram that shows how Alice’s congestion window, 𝑐𝑤𝑛𝑑, evolves
over time during the attack. You do not need to provide specific time values on
the 𝑥-axis, just show the trend (e.g., does 𝑐𝑤𝑛𝑑 increase monotonically?)

18
 We can see an example diagram at Figure 10. You can see that
after the attack has commenced (sometime between 6 seconds and 8
seconds), Alice is no longer able to reliably reach Bob.
Thus, Alice’s transmissions will almost always timeout.
(In the figure it is not shown how the timeout estimation algorithm
of TCP will make Alice’s timeout achieve increasingly bigger values,
as Alice tries to determine the 𝑅𝑇 𝑇 between her and Bob.)

10

9
Congestion window size [MSS]

0
0 2 4 6 8 10 12 14 16
Time after T0 [seconds]

Figure 10: Congestion window of Alice over time

• Describe the attack strategy that achieves Denis’s goal while minimizing the
amount of traffic that Denis sends to Céline.
Hint: Denis does not need to send traffic at a constant rate.

The TCP algorithm makes the sender transmits its messages in

bursts. As long as there is no serious congestion issues on the chan-
nel, segments will flow from the sender to the receiver in a relatively
steady rate. In that state, the congestion window oscillates between
𝑤
2 and 𝑤, where 𝑤 is the maximum achievable value for the conges-
tion window.
However, when a channel becomes heavily congested (e.g., due to an
ongoing attack), the sender will be experiencing constant timeouts.
Thus, all traffic transmitted by the sender will be done in bursts.
Moreover, these bursts will transmitted at the precise moment when
the sender’s timeout event triggers.
Thus, it is possible for Denis to attack the TCP flow by targeting

19
those retransmission events. Every time that Denis expects Alice to
retransmit her packets, he sends a burst of traffic to saturate the
buffers of 𝑅1 . Thus, when Alice’s retransmitted packet arrives at
the congested router, 𝑅1 will drop the segment of Alice, and Alice
will have to wait for her timeout again. Naturally, Denis can stop
transmitting flood traffic for as long as Alice is not about to transmit
a new segment.
An added benefit of targeting timeout retransmissions is that such
failed retransmissions cause TCP to exponentially increase its time-
out interval. Thus, Alice will be sending progressively less frequently.
This means that Denis will have to send even less traffic as time goes
on.
What we have described so far is an attack strategy that works. In
order to argue that this strategy is optimal, we need to examine
whether an attack where we transmit a fewer number of messages is
possible.
Note that the goal of Alice is to be able to send traffic to Bob at some
predictable rate, even if this rate is significantly lower than before
Denis’ intervention. The goal of Denis is to make it so that Alice
has no guarantee about how long it will take for Alice’s segment to
reach Bob.
Denis only transmits attack messages while Alice is retransmitting
timed-out packets. If Denis fails to transmit enough messages to
flood 𝐿2 , the segment of Alice will not get dropped, and Alice will be
able to transmit a new piece of information to Bob. This will make
Denis’ attack ineffective. Thus, for Denis’ strategy to be effective,
Denis should always transmit at least as many messages are necessary
to block Alice’s retransmissions. Since Denis is not transmitting any
attack traffic at any other point in time, it is impossible that there
exists a strategy more optimal than the one we described.

20
A recap of everything

Alice has opened a persistent TCP connection to Bob. At time 𝑇0 , Alice starts sending
to Bob, over this connection, a file of size 12 bytes in segments of 𝑀 𝑆𝑆 = 1 byte.
Figure 11 shows how the congestion window of Alice, 𝑐𝑤𝑛𝑑, changes over time after 𝑇0
and until the file transfer completes. Each of the 𝑓𝑖𝑣𝑒 points in the graph shows the
time a change in 𝑐𝑤𝑛𝑑 took place and 𝑐𝑤𝑛𝑑’s value after the change.
Make the following assumptions:
- Transmission delay is negligible.
- Bob sends an ACK for each segment it receives.
- The first segment that Alice transmits after 𝑇0 has sequence number 10.
- Fast-retransmit is disabled.
- Only one segment gets lost after 𝑇0 , and it is a segment sent by Alice.
- B stores (does not discard) all out-of-order packets.

7
Congestion window size [bytes]

0
0 0.5 1 1.5 2 2.5 3 3.5 4 4.5 5
Time after T0 [seconds]

Figure 11: Congestion window of Alice over time

• What is the RTT between Alice and Bob?

21
 The RTT between Alice and Bob is 0.5 seconds.
We can extract this piece of information from what happens at time
1 seconds after 𝑇0 and 1.5 seconds after 𝑇0 . TCP is in Congestion
avoidance phase during that time, and the size of the congestion
window increases by 1 MSS (=1 byte) per RTT during that phase.
Since the congestion window increases from 4 to 5, between 1 secs
and 1.5 secs, RTT is equal to:
1.5−1
5−4 = 0.5 secs

• What is the retransmission timeout used by Alice?

The transmission timeout of Alice is equal to 2 seconds.

According to the information we are given, there is only one packet
loss (and possible cause for a timeout). This timeout, obviously,
happens at time 3.5 secs, since the window drops to size 1 MSS.
According to the sequence diagram we have drawn, the segment that
was lost was transmitted at time 1.5. Thus, the timeout is equal to
3.5 − 1.5 = 2 secs.

• What was the size of Alice’s congestion window, 𝑐𝑤𝑛𝑑, the last time a packet was
lost before 𝑇0 ?

The size of 𝑐𝑤𝑛𝑑 the last time a packet was lost before 𝑇0 was 8 (or
9) bytes.
The value of ssthresh updated if and only if there is a packet loss,
and it is set to 𝑐𝑤𝑛𝑑
2 . Since, in our sequence diagram, the current
value of ssthresh is 4, the last there was a packet loss (and ssthresh’s
value was updated), 𝑐𝑤𝑛𝑑 was 2 ⋅ 4 = 8 bytes.
If we assume that ssthresh has any non-integral values rounded down,
another possible value could have been 9, since 9 divided by 2 also
yields 4.

• Complete the diagram in Figure 13 that shows what happens after 𝑇0 and until
the file transfer completes:
- All segments exchanged between Alice and Bob.
- The sequence numbers sent by Alice and the acknowledgment numbers sent
by Bob.

22
- The state of Alice’s congestion-control algorithm.
- The size of Alice’s congestion window, cwnd, in bytes.
- The value of Alice’s slow-start threshold, ssthresh, in bytes.

23
 State of the Sequence number diagram
cwnd ssthresh
congestion
[bytes] [bytes]
control algorithm Sequence Acknowledgement
for Alice number number
Alice Bob
T0
1 4 Slow start SEQ 10

ACK 11

2 4 Slow start SEQ 11

SEQ 12

ACK 12
ACK 13

SEQ 13
4 4 SEQ 14
Congestion Avoidance SEQ 15
SEQ 16
ACK 14

{
ACK 15
ACK 16
ACK 17
SEQ 17
SEQ 18
5 4 Congestion Avoidance SEQ 19
SEQ 20
SEQ 21
X
ACK 17
ACK 17
ACK 17
ACK 17

Timeout:
SEQ 17

1 5/2 = 2 Slow start SEQ 17

ACK 22

2 2 Congestion Avoidance

Figure 13: Sequence diagram.

24
• How long does the file transfer take? Assume that the file transfer completes once
Alice has received the final ACK for file data.

From the sequence diagram, we can see that the complete file transfer
takes:
– 3 × 𝑅𝑇 𝑇 (to receive the ACKs for packets 13 to 16)
– A timeout
– 1 × 𝑅𝑇 𝑇 (to receive the ACK for packet 17, which has been
retransmitted)
Thus, in total we have 4 ⋅ 𝑅𝑇 𝑇 + 𝑡𝑖𝑚𝑒𝑜𝑢𝑡 = 4 ⋅ 0.5 + 2 = 4 seconds.

• Now assume (just for this part) that fast-retransmit is enabled. Does this change
the duration of the file transfer and how/why?

If Fast-Retransmit were enabled, the file transfer would take 2.5 sec-
onds instead.
This is because at time 2 seconds, Alice would have finished receiv-
ing 3 triple duplicate ACKs for SEQ 17. Thus, Alice would have
retransmitted the lost packet at time 2 seconds, as opposed to time
3.5 seconds (which is the case in the sequence diagram).
As a result, this would decrease the file transfer time by 1.5 seconds.
Thus, the total transfer time would be 4 − 1.5 = 2.5 seconds.

25