Description
You also need to complete reading Chapter 4.
1. (10 points) Given the token bucket size, b bytes; token rate, r bytes/sec; and maximum output
rate M bytes/sec, what is the maximum burst time T?
2. (50 points) Study the AWS Direct Connect service and answer the following questions:
a. (business) You own a company with a data center in Sapporo, Japan. Which company
would you choose to connect this location to the Amazon service? Can you find out
about pricing and QoS guarantees? (This may require some research. If you are unable
to find the exact answers, describe what you have done to find them and what remains
to be done.)
b. (technical) As you have noticed, the AWS Direct Connect service description refers to
the IEEE standard 802.1q. Use the Internet resources to find out about this standard
(which you should be able to find at the Stevens Library) and explain how a dedicated
connection can be partitioned into multiple virtual interfaces so as to allow you to “use
the same connection to access public resources such as objects stored in Amazon S3
using public IP address space, and private resources such as Amazon EC2 instances
running within an Amazon Virtual Private Cloud (VPC) using private IP space.” Quote the
resources (web pages or papers) that you have used.
3. (10 points) Describe how the AWS Direct Connect service can be used with the Amazon Virtual
Private Cloud (VPC).
4. (10 points) Note that Amazon VPC provides NAT.
a. Explain why you would want to use NAT for a virtual private subnet with the Amazon
Direct Connect service. Do you see any cases where you would not want to use it?
b. What is the maximum number of connections a single NAT box can maintain? (You need
to check the specifications of the three existing transport-layer protocols on the
Internet: TCP, UDP, and SCTP, and also keep in mind that the first 4,096 ports have been
reserved.)
5. (10 points) Read RFC 1930 (http://www.ietf.org/rfc/rfc1930.txt ) and also a Washington Post
article, https://www.washingtonpost.com/sf/business/2015/05/31/net-of-insecurity-part-2/.
and answer the following questions:
a. To use AWS Direct Connect with Amazon VPC, the Border Gateway Protocol is required.
Why?
b. Can you use your own ASN to connect to VPC?
c. Which RIR would you go to when you need to establish an ASN for your data center in
Sapporo, Japan?
d. What security problems you will have to deal with using BGP, and what how are you
going to address them?
6. (10 points) St. Bernard dogs (a breed originated in a Swiss monastery to save the travelers
stranded in snow) have been trained to run on their missions in snow-covered mountains with
flasks of brandy attached to their necks. (See the picture below.)
Now, you retrain your company’s two St. Bernards, named Alpha and Beta , to carry data in
DVD ROM disks. (The disks, in bundles of three, are attached to a dog’s necks where the flask
used to be, so one dog can carry three disks.)
Each disk stores 7 Gb of data. Both Alpha and Beta run at a constant speed of 18 km/h. (1 Gb =
1,000 megabytes = 1,000,000 bytes.)
Your company has two data centers, which need to be interconnected with two 150-Mbps data
pipes—one in each direction. The distance between the data centers is 5.5 km. (Mbps =
megabits per second.)
Your task is to ensure that the data centers be interconnected. You can achieve that by
1) Building a physical network (very expensive, given the terrain);
2) Renting pipes from service providers (pretty expensive); or
3) Writing the data on DVDs, and then running Alpha and Beta between the data
centers (in opposite directions), with CDs attached. This is free, and the dogs need
to exercise anyway.
Can the dogs provide this service? (Assume that the pipes need to operate for only a couple of
hours a day, so the dogs don’t get tired. Ignore the overhead of writing and reading DVDs—it is
smaller than the data communications overhead anyway.)
