[1] Networking

Question 1

What does “IP” cover

Answer 1

• the format for each data unit (“packet”)
• the addressing for hosts on a network
• mechanisms for routing packets between hosts

Question 2

What is the format of an IP address?

Answer 2

IPv4 is 32 bit (consists of four octets)

IPv6 is 128 bit

Question 3

What are some key components of an IP packet?

Answer 3

The header, which includes the Protocol (TCP or UDP), the Time to Live (number of hops left), Source Address and Destination Address

The Data

Question 4

How does IP prevent infinite loops?

Answer 4

Each packet has a TTL which counts down with each hop

When the TTL reaches 0, the packet is discarded

Question 5

What are the two ways of specifying a network in IP?

Answer 5

• Classful IP Addressing. Class A has few networks but each has many hosts
• CIDR (Classful Inter-Domain Routing)

Question 6

What IP Class is reserved for multicast adresses

Answer 6

Class D.

Class E exists but is reserved for future use

Question 7

How does CIDR notation work?

Answer 7

The number after the slash is the size of the subnet mask e.g. for 198.51.100.14/24, the first 24 bits specify the subnet

Question 8

What is VLSM?

Answer 8

Variable Length Subnet Masking (VLSM) allows multiple different subnet masks to be implemented in order to further break up a subnet

Question 9

What is ARP?

Answer 9

Address Resolution Protocol (ARP) is used to find the MAC address of a device from its IP

Question 10

What is the process for ARP?

Answer 10

• A host broadcasts an ARP Request on 255.255.255.255 to all devices on that network
• Any matching devices then unicast their MAC address

Question 11

What is proxy ARP?

Answer 11

When one device responds to ARP requests on behalf of another that isn’t on that network

For example, the router might respond that it has a route to a neighbouring subnet

Question 12

Is ARP cached?

Answer 12

Yes. The ARP cache is a table of entries that stores the previous IP, MAC address and Network Interface (e.g. “eth0”) of previous ARP requests

Question 13

What are the key parts of an ARP packet?

Answer 13

• Hardware type (e.g. ethernet)
• Protocol type e.g. IPv4
• IP & MAC addresses of the source and target

Question 14

What is NAT?

Answer 14

Network Address Translation maps one IP address to another by modifying the IP header of network packets

Question 15

What is the primary purpose of NAT?

Answer 15

It maps a single public (routable) IP address to one or more private (unroutable) IP addresses

Question 16

What are the types of NAT?

Answer 16

• Static NAT
• Dynamic NAT
• Port Address Translation

Question 17

How does Static NAT work?

Answer 17

It is a 1-to-1 mapping e.g. the same host is always mapped to the same IP

Question 18

How does Dynamic NAT work?

Answer 18

The NAT device is assigned a pool of IP addresses which are shared between the hosts

Question 19

How does Port Address Translation Work?

Answer 19

The NAT uses one public IP address but allows connections on multiple ports. Each port is mapped to a different host

The source address packet is modified so the target knows how to respond

Question 20

How is NAT different based on connection source?

Answer 20

• Source NAT is used for hosts on private networks that want to initiate outbound connections; the source address is modified
• Destination NAT allows devices outside the private network to connect in; it modifies the destination address

Question 21

What are the layers of the OSI model?

Answer 21

[7] Application
[6] Presentation
[5] Session
[4] Transport
[3] Network
[2] Data Link
[1] Physical

Question 22

What is Layer 7 of the OSI model?

Answer 22

Application e.g. SMTP / FTP / HTTP

It is the interface permitting the user to send and receive data through clients and applications

Question 23

What is Layer 6 of the OSI model?

Answer 23

Presentation e.g. compression and encryption

It converts the requests to a form that the application can use

Question 24

What is Layer 5 of the OSI model?

Answer 24

Session

It open, closes and manages session between the process and response

Question 25

What is Layer 4 of the OSI model?

Answer 25

Transport i.e. how data is broken down into packets

e.g. TCP / UDP

Defines how data will be sent (i.e. as packets) between the process and the response. It provides data validation and security

Question 26

What is Layer 3 of the OSI model?

Answer 26

Network e.g. IP

Looks for the best path to reach the destination

Question 27

What is Layer 2 of the OSI model?

Answer 27

Data Link e.g. MAC addresses

This layer is used for directly connected devices

Communication between adjacent nodes

Question 28

What is Layer 1 of the OSI model?

Answer 28

Physical

Handles bit level communication between nodes

Question 29

At which OSI layer is HTTP?

Answer 29

Layer 7: Application

Question 30

At which OSI layer is compression?

Answer 30

Layer 6: Presentation

Question 31

At which OSI layer is encryption?

Answer 31

Layer 6: Presentation

Question 32

At which OSI layer is TCP?

Answer 32

Layer 4: Transport

Question 33

At which OSI layer is UDP?

Answer 33

Layer 4: Transport

Question 34

At which OSI layer is IP?

Answer 34

Layer 3: Network

Question 35

At which OSI layer is packets?

Answer 35

Layer 3: Network

Question 36

At which OSI layer are MAC addresses?

Answer 36

Layer 2: Data Link

Question 37

What are the layers of TCP/IP Model?

Answer 37

[4] Application
[3] Transport
[2] Internet
[1] Network Access / Link

Question 38

At which TCP/IP layer does routing occur?

Answer 38

Layer 2: Internet

Question 39

At which TCP/IP layer is TCP/UDP?

Answer 39

Layer 3: Transport

Question 40

What are the types of network transmissions?

Answer 40

Unicast, Broadcast and Multicasts

Question 41

What type of transmission is TCP used for?

Answer 41

Unicast

Question 42

What type of transmission is UDP used for?

Answer 42

Multicast

Question 43

How do network devices handle broadcast messages?

Answer 43

Switches are designed to forward them while routers drop them

Question 44

What address is used for broadcasts?

Answer 44

255.255.255.255

Question 45

Does IPv6 support broadcast?

Answer 45

No.

It has an ARP alternative that uses multicast

Question 46

How do network devices handle multicast messages?

Answer 46

Data can be replicated both by routers and switches i.e. the data can leave a network

Question 47

What controls which devices receive multicast messages?

Answer 47

Membership in multicast groups

Question 48

What is the default route?

Answer 48

0.0.0.0 is the default route that is used if no other route is available for the intended destination

Question 49

What are stub routes?

Answer 49

A network which is unaware of other networks and which all non-local traffic is routed through a single default path

Basically, it’s a home network!

Question 50

What are the basic ways of configuring routing?

Answer 50

Static Routing & Dynamic Routing

Question 51

What is static routing?

Answer 51

The routes are manually configured. This is used in small networks. It lacks fault tolerance but improves performance & security

Question 52

What is dynamic routing?

Answer 52

Routes are configured automatically to find the best route for traffic

Question 53

What are the basic types of dynamic routing? What are they used for?

Answer 53

Interior Gateway Protocol (IGP) is used within a network

Exterior Gateway Protocol (EGP) is used for routing between networks

Question 54

How does IGP work?

Answer 54

Either:

• Distance-Vector Routing Protocols optimise for a distance metric e.g. hops or latency
• Link-State Routing Protocols involve each router storing the entire network topology

Question 55

What is the main type of EGP?

Answer 55

Border Gateway Protocol (BGP), which is a type of Path-Vector Routing Protocol i.e. the routing table caches the destination network, next router, and path to reach that destination

Question 56

How does BGP work?

Answer 56

• Uses TCP on Port 179
• Routes are stored on the Routing Information Base (RIB)
• Routes are manually configured between peers
• Optimises for number of hops

Question 57

In Linux, where are routing tables stored?

Answer 57

/etc/iproute2/rt_tables

Question 58

What is a key route in the routing table?

Answer 58

The loopback route which is used by localhost

Question 59

What is the route selection criteria used when interpreting routing tables?

Answer 59

The following criteria (including tie breakers)
[#1] Prefix Length - use the most specific match
[#2] Administrative Distance - arbitrary weights are assigned to routing protocols
[#3] Metric Value - optimises for hops etc. based on the routing protocol

Question 60

What Linux command shows the current IP?

Answer 60

ip addr shows the IP for each attached network interface. This replaces ifconfig

Question 61

Which Linux command shows the ARP table?

Answer 61

ip neigh. Replaces the arp command

Question 62

Which Linux command shows the routing table?

Answer 62

ip route

Question 63

Which Linux command shows the path that packets take when travelling to a specific destination?

Answer 63

traceroute

Question 64

What port does ping use?

Answer 64

None - it is ICMP which is at a lower level

Question 65

What is ICMP?

Answer 65

Internet Control Message Protocol (ICMP) is an error-reporting protocol that is used to send control messages to the source of a data packet when there are delivery issues

Question 66

What protocol does ping use?

Answer 66

It is part of ICMP, specifically it is an ICMP echo request!

Question 67

What protocol/layer is BGP?

Answer 67

It is a Layer 4 protocol that uses TCP

Question 68

How does BGP work?

Answer 68

It doesn’t perform discovery - peers must be manually configured.

Networks are identified based on their ASN (Autonomous System Number) identifier

Question 69

What command is used to view the ARP table?

Answer 69

ip n (short for “neighbour”)

Question 70

What OSI Level is ARP?

Answer 70

Level 2

Question 71

How does ARP work if the destination is outside the local network?

Answer 71

ARP proxy means that the router will respond with its MAC address if it knows a route to that location

Question 72

What OSI Level is DNS?

Answer 72

Level 7

Question 73

What command is used to lookup DNS records?

Answer 73

dig e.g. dig -4 amazon.com to look up the A record (IPv4) for amazon.com

Question 74

What is a FQDN?

Answer 74

A fully-qualified domain i.e. the complete domain name for a specific host on a network

Question 75

What is the DNS resolution process

Answer 75

It works in reverse order:
[1] the implied ‘.’ is resolved by the root servers
[2] the TLD is resolved by the TLD servers
[3] the query is then forwarded to the name servers of the domain
[4] the name servers answer the request or forward to additional authoritative DNS hosts managing the zones within the domain

Question 76

What protocol does DNS resolution use?

Answer 76

UDP

Question 77

What layer is TCP?

Answer 77

Later 4: Transport

Question 78

What are the data units for TCP?

Answer 78

Segments; each has a checksum for verification

Question 79

What happens if a TCP checksum doesn’t match the content?

Answer 79

The receiver simply discards it and waits for the segment to be resent

Question 80

What are the TCP handshake steps?

Answer 80

[1] Host A unicasts a SYN request to Host B
[2] Host B returns a SYNACK message
[3] Host A sends [ACK, DATA] to Host B

Question 81

What command is used to view active network connections?

Answer 81

netstat

Question 82

What are the key firewalls used in Linux?

Answer 82

iptables and firewalld, both of which implement the netfilter API within the Linux kernel

Question 83

What port does DNS use?

Answer 83

Port 53, hence why it’s called “Route53”

Question 84

How can connection to a port of a remote host be verified?

Answer 84

[1] on the sender, use telnet [ip] [port] to send packets to the remote host
[2] on the remote host, use netcat to listen to that port and see if the connection is made

Question 85

What is port forwarding?

Answer 85

Based on which port you use to connect to a public IP, you are forwarded to a particular private host

Question 86

What is a proxy server? What is it used for?

Answer 86

It makes network requests on behalf of the the host connected to it

It’s used to access private resources, to implement caching, and for web filtering

Question 87

What is the purpose of load balancing?

Answer 87

• redundancy / high availability
• horizontal scaling
• hybrid cloud

Question 88

What are the modes of load balancing?

Answer 88

• Round Robin - nodes take turns
• Least Connections - send to node with least active connections
• IP Hash - sticky connections for stateful applications

Question 89

What is a common load balancer?

Answer 89

NGINX can function as a caching webserver and load balancer

Question 90

What is IDS/IPS?

Answer 90

• IPS = Intrusion Prevention System

* IDS = Intrusion Detection System

Question 91

What is the high-level purpose of the TLS handshake?

Answer 91

To establish a shared secret so traffic can be encrypted