General Network Engineer Interview Questions General Knowledge Questions
Describe the OSI model. At one time, most vendors agreed to support OSI in one form or another, but OSI was too loosely defined and proprietary standards were too entrenched. Except for the OSI-compliant X.400 and X.500 e-mail and directory standards, which are widely used, what was once thought to become the universal communications standard now serves as the teaching model for all other protocols. Most of the functionality in the OSI model exists in all communications systems, although two or three OSI layers may be incorporated into one. OSI is also referred to as the OSI Reference Model or just the OSI Model. Application Presentation Session Network Data Link Physical Application Layers Usage Example : 7. Application Layer NNTP · SIP · SSI · DNS · FTP · Gopher · HTTP · NFS · NTP · SMPP · SMTP · SNMP · Telnet (more) 6. Presentation Layer : MIME · XDR · 5. Session Layer : Named Pipes · NetBIOS · SAP 4. Transport Layer : TCP · UDP · PPTP · SCTP · SSL · TLS 3. Network Layer : IP · ICMP · IPsec · IGMP · IPX · AppleTalk 2. Data Link Layer ARP : · CSLIP · SLIP · Ethernet · Frame relay · ITU-T G.hn DLL · L2TP · PPP 1. Physical Layer : RS-232 · V.35 · V.34 · I.430 · I.431 · T1 · E1 · POTS · SONET/SDH · OTN · DSL · 802.11a/b/g/n PHY · ITU-T G.hn PHY What is the difference between a repeater, bridge, router? Relate this to the OSI model Bridges: (sometimes called “Transparent bridges” ) work at OSI model Layer 2. This means they don’t know anything about protocols, but just forward data depending on the destination address in the data packet. This address is not the IP address, but the MAC (Media Access Control) address that is unique to each network adapter card. Bridges are very useful for joining networks made of different media types together into larger networks, and keeping network segments free of data that doesn’t belong in a particular segment.
Switches are the same thing as Bridges, but usually have multiple ports with the same “flavor” connection (Example: 10/100/10000BaseT). Switches can be used in heavily loaded networks to isolate data flow and improve performance. In a switch, data between two lightly used computers will be isolated from data intended for a heavily used server, for example. Or in the opposite case, in “auto sensing” switches that allow mixing of 10 and 100Mbps connections, the slower 10Mbps transfer won’t slow down the faster 100Mbps flow. Repeater: Routers v Describe an Ethernet switch and where it fits into the OSI model. A switch is a hardware device that works at Layer 2 of the OSI model – data link. The data link layer is where the Ethernet protocol works. A switch switches Ethernet frames by keeping a table of what MAC addresses have been seen on what switch port. The switch uses this table to determine where to send all future frames that it receives. In Cisco terminology, this table is called the CAM table (content addressable memory). In general, the proper term for this table is the bridge forwarding table. If a switch receives a frame with a destination MAC address that it does not have in its table, it floods that frame to all switch ports. When it receives a response, it puts that MAC address in the table so that it won’t have to flood next time. A switch is a high-speed multiport bridge. This is why bridges are no longer needed or manufactured. Switches do what bridges did faster and cheaper. Most routers can also function as bridges. You might be asking how a hub fits into this mix of devices. A hub is a multiport repeater. In other words, anything that comes in one port of a hub is duplicated and sent out all other ports of the hub that have devices attached. There is no intelligence to how a hub functions. A switch is a vast improvement over a hub in terms of intelligence, for many reasons. The most important of those reasons is how the bridge forwarding table works. Intelligent (smart) switches have made hubs obsolete because they can do more at the same cost of a dumb hub. For this reason, hubs are rarely used or sold any longer.
v What is a VLAN? What is an ELAN? What is the difference? Short for virtual LAN, a network of computers that behave as if they are connected to the same wire even though they may actually be physically located on different segments of a LAN. VLANs are configured through software rather than hardware, which makes them extremely flexible. One of the biggest advantages of VLANs is that when a computer is physically moved to another location, it can stay on the same VLAN without any hardware reconfiguration. A VLAN is a logical local area network (or LAN) that extends beyond a
single traditional LAN to a group of LAN segments, given specific
configurations. Because a VLAN is a logical entity, its creation and
configuration is done completely in software. ELAN — Emulated Local Area Network Difference between these two are as follows:- A VLAN (Virtual LAN) is a grouping of ports on switches which is considered as one broadcast domain. All the ports on a VLAN act as if they were all on the same wire. Therefore, broadcasts are propagated across a VLAN ,and anything communication outside that VLAN must be routed or bridged. The ELAN is a mechanism used to link VLANs across a wide area network. ATM is a good candidate for ELANs. With ELANs, you could have 2 VLANs at different sites which are linked together via an ELAN. The ELAN links the two VLANs Together, forming one big broadcast domain. The advantage of ELANs over straight bridging is that membership into ELANs is dynamic, and that multiple ELANs can be handled by one single WAN link. v Describe Ethernet packet contents: min./max. size, header. Min amount of bytes is 72. Ethernet frame minimal size is 64 = 72 bytes of frame – 7 bytes of preamble – 1 byte of SOF. The ethernet frame size upper limit of 1500 bytes goes up to the history of DIX Ethernet – physical limit of memory size used in NICs because of it’s cost. Actually there is no strict requirements by used algorythms or standarts. Lower limit of frame size has the following reasons: 2. The most important reason: If frame size is less than 64 bytes
(512 bits), host may finish transmission before receiving noise signal
and can think that frame transmitted successfully, while another host
sent collision notification.
v Describe TCP/IP and its protocols. IP – Internet Protocol. Except for ARP and RARP all protocols’ data packets will be packaged into an IP data packet. IP provides the mechanism to use software to address and manage data packets being sent to computers. TCP/IP is a two-layer program. The higher layer, Transmission Control Protocol, manages the assembling of a message or file into smaller packets that are transmitted over the Internet and received by a TCP layer that reassembles the packets into the original message. The lower layer, Internet Protocol, handles the address part of each packet so that it gets to the right destination. Each gateway computer on the network checks this address to see where to forward the message. Even though some packets from the same message are routed differently than others, they’ll be reassembled at the destination.
Many Internet users are familiar with the even higher layer application protocols that use TCP/IP to get to the Internet. These include the World Wide Web’s Hypertext Transfer Protocol (HTTP), the File Transfer Protocol (FTP), Telnet (Telnet) which lets you logon to remote computers, and the Simple Mail Transfer Protocol (SMTP). These and other protocols are often packaged together with TCP/IP as a “suite.” v Describe ATM and what are its current advantages and disadvantages. ATM (asynchronous transfer mode) is a dedicated-connection switching technology that organizes digital data into 53-byte cell units and transmits them over a physical medium using digital signal technology. Individually, a cell is processed asynchronously relative to other related cells and is queued before being multiplexed over the transmission path. Because ATM is designed to be easily implemented by hardware (rather than software), faster processing and switch speeds are possible. The prespecified bit rates are either 155.520 Mbps or 622.080 Mbps. Speeds on ATM networks can reach 10 Gbps. Along with Synchronous Optical Network (SONET) and several other technologies, ATM is a key component of broadband ISDN (BISDN). ATM also stands for automated teller machine, a machine that bank customers use to make transactions without a human teller. Advantages and Disadvantages of ATM
ATM disadvantages
v What are the maximum distances for CAT5 cabling?
v Describe UDP and TCP and the differences between the two. TCP – A reliable connection oriented protocol used to control the management of application level services between computers. It is used for transport by some applications. UDP – An unreliable connection less protocol used to control the management of application level services between computers. It is used for transport by some applications which must provide their own reliability. v Describe what a broadcast storm is. A state in which a message that has been broadcast across a network results in even more responses, and each response results in still more responses in a snowball effect. A severe broadcast storm can block all other network traffic, resulting in a network meltdown. Broadcast storms can usually be prevented by carefully configuring a network to block illegal broadcast messages. v Describe what a runt, a giant, and a late collision are and what causes each of them. A runt is a packet that fails to meet the minimum size standard. Ussually below 64 bytes. Occurs as a result of a collision. A giant is a packet that exceeds the size standard for the medium ussually grater then 1518 bytes . Caused by malfunctioning equipment on your network. Late collisions are packet collisions that occur after the window v How do you distinguish a DNS problem from a network problem? If you’re able to ping 157.166.224.26 but you are NOT able to ping cnn.com , Then you’re having a DNS problem. [If you are NOT able to ping EITHER, then there are network problems and you have NO problems if you CAN ping BOTH] You can then use nslookup to locate an alternate internal or external
dns server that correctly resolves ‘cnn.com’ to it’s ip address and
configure your workstation’s NIC for this static dns server until the
problems with the DHCP assigned DNS server are fixed. When u are able to ping the default gateway and the website address there is no problem in the network and DNS When u are able to ping the the gateway and the WEBsite IP, but not the WEBsite address then it is a problem with the DNS When u are not able to ping anything its network problem v Describe the principle of multi-layer switching. Multilayer switching is usually implemented through a fast hardware such as a higher-density ASICs (Application-Specific Integrated Circuits), which allow real-time switching and forwarding with wirespeed performance, and at lower cost than traditional software-based routers built around general-purpose CPUs. The following are some basic architecture approaches for the multiplayer switches: Generic Cut-Through Routing: ATM-Based Cut-Through Routing: Layer 3 Learning Bridging CIn this architecture, routing is not provided. Instead, it uses IP “snooping” techniques to learn the MAC/IP address relationships of endstations from true routers that must exist elsewhere in the network. Then it redirects traffic away from the routers and switches it based on its Layer 2 addresses. Wirespeed Routing:
v Explain how traceroute, ping, and tcpdump work and what they are used for? Traceroute works by increasing the “time-to-live” value of each successive batch of packets sent. The first three packets sent have a time-to-live (TTL) value of one (implying that they are not forwarded by the next router and make only a single hop). The next three packets have a TTL value of 2, and so on. When a packet passes through a host, normally the host decrements the TTL value by one, and forwards the packet to the next host. When a packet with a TTL of one reaches a host, the host discards the packet and sends an ICMP time exceeded (type 11) packet to the sender. The traceroute utility uses these returning packets to produce a list of hosts that the packets have traversed en route to the destination. The three timestamp values returned for each host along the path are the delay (aka latency) values typically in milliseconds (ms) for each packet in the batch. If a packet does not return within the expected timeout window, a star (asterisk) is traditionally printed. Traceroute may not list the real hosts. It indicates that the first host is at one hop, the second host at two hops, etc. IP does not guarantee that all the packets take the same route. Also note that if the host at hop number N does not reply, the hop will be skipped in the output. Ping: It works by sending ICMP “echo request” packets to the target host
and listening for ICMP “echo response” replies. Ping estimates the
round-trip time, generally in milliseconds, and records any packet loss,
and prints a statistical summary when finished. traceroute and ping work on the ICMP protocol and are used for network connectivity testing. but TCPDUMP is different its a NETWORK PACKET ANALYZER. tcpdump uses libpacp / winpcap to capture data and uses it extensive protocol definitions build inside to analyze the captured packets. Its mainly used to debug the protocol of the captured packet which in turn reveals the network traffic charachterstics. v What is a metric? Metrics is a property of a route in computer networking, consisting of any value used by routing algorithms to determine whether one route should perform better than another (the route with the lowest metric is the preferred route). The routing table stores only the best possible routes, while link-state or topological databases may store all other information as well. For example, Routing Information Protocol uses hopcount (number of hops) to determine the best possible route. A Metric can include:
v What is a network management system? A Network Management System (NMS) is a combination of hardware and software used to monitor and administer a network Effective planning for a network management system requires that a number of network management tasks be folded in a single software solution. The network management system should automate the processes of expense management auditing, asset lifecycle management, inventory deployment tracking, cost allocation and invoice processing. v Describe how SNMP works. The simple network management protocol (SNMP) use for monitoring of network-attached devices for any conditions that warrant administrative attention. It is use to manage IP network devices such as servers, routers, switches etc. Administrator can find or manage network performance, solve problem or even optimize it further. It works at TCP/IP Application layer 5 (L5).
v Describe how WEP works and its strengths and weaknesses As you probably already know Wired Equivalent Privacy (WEP) is used by companies to secure their wireless connections from sniffing attacks. You’ve probably also heard that it’s not very secure. In the first part of this 2 part series I’ll explain the inner workings of WEP and follow it up next month with why it’s insecure. Do i need WEP at all? An authentic user, Bob uses his laptop to check his Gmail account everyday. He has a wireless card in his laptop which automatically detects his ISP’s wireless access point (WAP) just across the street. Once he’s connected to the WAP he can go ahead and check his Email. Alice is a sneaky user who doesn’t want to pay the ISP for access to the Internet. She however knows that the ISP across the street has an access point which anyone can connect to and access the Internet. She plugs in her laptop and is soon downloading music from the Internet. WEP was designed to ensure that users authenticate themselves before using resources, to block out Alice, and allow Bob. Let’s see how it does this. How WEP works WEP uses the RC4 algorithm to encrypt the packets of information as they are sent out from the access point or wireless network card. As soon as the access point receives the packets sent by the user’s network card it decrypts them. Each byte of data will be encrypted using a different packet key. This ensures that if a hacker does manage to crack this packet key the only information that is leaked is that which is contained in that packet. The actual encryption logic in RC4 is very simple. The plain text is XOR-ed with an infinitely long keystream. The security of RC4 comes from the secrecy of the packet key that’s derived from the keystream. v Describe what a VPN is and how it works. A VPN connection is the extension of a private network that includes links across shared or public networks, such as the Internet. VPN connections (VPNs) enable organizations to send data between two computers across the Internet in a manner that emulates the properties of a point-to-point private link. Basically, a VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together. Instead of using a dedicated, real-world connection such as leased line, a VPN uses “virtual” connections routed through the Internet from the company’s private network to the remote site or employee.
VoIP Describe how VoIP works. Voice over Internet Protocol (VoIP), is a technology that allows you to make voice calls using a broadband Internet connection instead of a regular (or analog) phone line. Some VoIP services may only allow you to call other people using the same service, but others may allow you to call anyone who has a telephone number – including local, long distance, mobile, and international numbers. Also, while some VoIP services only work over your computer or a special VoIP phone, other services allow you to use a traditional phone connected to a VoIP adapter. Describe methods of QoS. Quality of service is the ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow. QOS is Quality of Service: A set of metrics used to measure the quality of transmission and service available of any given transmission system Are you familiar with IPv6? If so, what are the major differences between IPv4 and IPv6? IPv6 is based on IPv4, it is an evolution of IPv4. So many things that we find with IPv6 are familiar to us. The main differences are: 1.Simplified header format. IPv6 has a fixed length header, which
does not include most of the options an IPv4 header can include. Even
though the IPv6 header contains two 128 bit addresses (source and
destination IP address) the whole header has a fixed length of 40 bytes
only. This allows for faster processing. IPv4 means Internet Protocol version 4, whereas IPv6 means Internet Protocol version 6. IPv4 is 32 bits IP address that we use commonly, it can be 192.168.8.1, 10.3.4.5 or other 32 bits IP addresses. IPv4 can support up to 232 addresses, however the 32 bits IPv4 addresses are finishing to be used in near future, so IPv6 is developed as a replacement. IPv6 is 128 bits, can support up to 2128 addresses to fulfill future needs with better security and network related features. Here are some examples of IPv6 address: 1050:0:0:0:5:600:300c:326b What authentication, authorization ad accounting (AAA) mechanisms are you familiar with? Which ones have you implemented?? RADIUS Server (Remote Access Dialin User Service) MS IAS (Internet Authenticaion Service) |
|
来自: spirit_killer > 《learn》