General Networking

Question 1

mTLS

Answer 1

• Mutual TLS; zero trust security model–no network traffic is trusted by default
• Both sending/receiving entities verify each other’s identity when communicating
• analogy: alice sends message in an ssl envelope and places personal seal on it. bob replies in his ssl envelope and stamps his personal seal on it. Both parties know what each other’s seals look like
• not extremely common due to extra overhead in managing certificates and TLS handshake process; maybe about 1/3 of applications

Question 2

Top materials that can affect wifi signal strength

Answer 2

• Concrete
• Metal
• Water
• Brick walls
• Drywall
• Some coatings on mirrors/glass

Question 3

OSPF

Answer 3

Open shortest path first (oh, so pretty fast)–layer 3 routing protocol that uses LSAs to learn about neighboring OSPF routers.

• Primarily used when routing within an autonomous system /interior
  -Used in enterprise networks
• fast convergence
• finds best route based on total cost of the path (bandwidth)

Question 4

BGP

Answer 4

Border Gateway Protocol (big global player)–L3 routing path vector protocol that facilitates routing across different autonomous systems (internet routing)

• requires more granular control compared to OSPF
• BGP typically won’t be used for internal routing unless its within the same AS (iBGP)
• provides redundancy across carriers/ISPs
• Best routing path criteria can be unique to different vendors

Question 5

Difference between Wifi 6 and Wifi 6e

Answer 5

-6e is an extension on 6
-up to 8 160mhz channels
-6e is not backwards compatible with wifi5 and below

Question 6

SNMP Manager

Answer 6

Piece of software that runs on Network Management Stations (NMS) that can retrieve or push config to SNMP capable terminals.

The SNMP manager would provide a topology of all the connected devices and inform the network admin of any potential issues with specific devices such as bandwidth/CPU issues or any other hardware faults that need to be addressed.

SNMP Managers send commands via GET/SET

Question 7

SNMP Agent

Answer 7

A software component on the managed device that relays information to the snmp manager or sets configuration sent from the manager.

E.g., GET VLAN info for 1/0/1 or SET VLAN 50 for 1/0/1

Question 8

Management Information Base (MIB)

Answer 8

Database or collection of information or components that can be viewed or configured via SNMP.

Each component within the MIB is known as an Object Identifier (OID) that the SNMP manager can reference.

Question 9

SNMP Trap / SNMP Inform

Answer 9

A trigger configured on an SNMP agent that alerts the SNMP manager when a certain condition is met.

An SNMP Inform is the same as the trap but requires ACK from the manager. Agent will resend INFORM if no ACK is received

Question 10

SNMP Community String

Answer 10

The password in order to carry out SNMP operations in SNMPv2c. Plain text string

Question 11

SNMPv3

Answer 11

Provides security and modularity over SNMPv2c. Allows administrator to control what “view” an authorized user is allowed to read/write.

Question 12

SNMP “View”

Answer 12

A set of OID structures that the set of users can perform actions on.

Question 13

SNMP Group

Answer 13

The group is a container that has a set of permissions (view) and the set of users that can r/rw

Question 14

Core layer

Answer 14

Backbone of the network and connects to other network “blocks” (if there are enough blocks to justify the use of a core switch). Core switches are high capacity/performance and connect to other switches or devices/services such as:

-Core routers
-Aggregation Switches
-WAN optimizers/accelerator
-Data centers/servers
-Can collapse into distribution layer

Question 15

Distribution layer

Answer 15

Runs between access layer and core layer. Layer 3 capable devices that provides routing, policy-based connectivity, or WAN access. Can connect to:

-Internet
-Firewalls/IPS/IDS
-Can also collapse into access layer
-WAN router
-VPN concentrators

Question 16

FHRPs

Answer 16

First hop redundancy protocol assists with routing end devices outside of their subnet when the primary default gateway goes down.

This is through the use of the SVIs at layer 3 and the creation of a virtual IP between redundant L3 switches. The redundant L3 switches negotiate who is the ‘active’ switch that uses the virtual IP.

Question 17

VRRP

Answer 17

Virtual router redundancy protocol that utilizes a pair of routers/L3 devices in a master/backup architecture.

In VRRP, the master router can use their own IP address as the virtual IP. Priority values between the two routers are no longer considered. This setup saves IP address space.

VRRP vMAC: 0000.5300.01xx (xx is the group ID)
VRRP mcast: 224.0.0.18
VRRP v2: IPv4
VRRP v3: IPv6

Question 18

HSRP

Answer 18

Cisco standard called hot standby redundancy protocol. Pair of routers go through an election process determined by priority value or highest IP (if priority is tied). This determines which router is the primary router that controls the virtual IP which would be the default gw for end devices.

Question 19

wifi 6e

Answer 19

-WPA3 required
-adds 6ghz spectrum for use
-wifi6e is only ‘compatible’ with 6ghz bands. 6e can still be configured to work with 2.4g and 5g bands but it will not use the 6g spectrum.

Question 20

Administrative distance (AD)

Answer 20

A value or metric that is used by routers to determine the best (trustworthy) route when multiple paths to the destination are available.

Different routing protocols have a default AD values on a given router. Based on these AD values, the router will use the protocol with the lower AD value to determine the best path.

Question 21

RSTP

Answer 21

802.1W improves on STP by:
-condensing port states to just “discarding” and “learning”; eliminates traditional port states in STP
-uses BPDUs as keep alives whether there are network changes or not
-implemented edge ports or p2p ports which improve convergence calculation times
-backwards compatible with STP

Question 22

Type 1 LSA

Answer 22

Router LSA - generated by every router and contains info about the directly connected links

Think of this as a personal journal. Each person (router) in the library keeps a journal of their own activities (directly connected links).

Question 23

Type 2 LSA

Answer 23

Network LSA - created by the designated router (DR) that has information on the routers that is connected to the network

This is like a community bulletin board. The librarian (Designated Router) posts notices about group activities (all routers connected to the network).

Question 24

Type 3 LSA

Answer 24

Summary LSA - created by the area border router (ABR) that contains information/routes to networks in other OSPF areas

Consider these as newsletters from other branches of the library (areas). They summarize the events happening elsewhere.

Question 25

Area border router

Answer 25

The router that is directed connected to two different OSPF areas.

Question 26

Type 5 LSA

Answer 26

Autonomous system external LSA - generated by autonomous system boundary routers (ASBR) which provides information on external routes (that are not part of the OSPF routes) through redistribution to the OSPF domain.

Imagine a flyer for a book sale (external routes) that’s happening outside the library but is of interest to the members.

Question 27

Type 4 LSA

Answer 27

Summary ASBR LSA - generated by the ABR which contains routes to ASBRs in other areas.

Imagine the library has a travel guide section. This section doesn’t contain the travel guides themselves but rather maps that show you where to find the guides for exotic destinations (ASBRs). These maps (Type 4 LSAs) are essential because they help library members (routers) find the resources (ASBRs) that connect them to worlds outside the library (external networks).

So, the Type 4 LSA is like a map in the library’s travel guide section, pointing you to the shelves where you can find guides to far-off places, symbolizing the routes to networks outside the OSPF area.

Question 28

Mandatory BGP Path Attributes

Answer 28

• When communicating with other BGP routers, routes exchanged MUST include the following:
  + AS-Path
  + Next-hop
  + Origin (where the route was originally learned by that router)

Question 29

Discretionary BGP attributes

Answer 29

When communicating with BGP routers, the router can choose to utilize these attributes when making routing decisions

• Local preference
• Atomic aggregate

Question 30

BGP Neighbors

Answer 30

• Manually configured and does not need to be directly connected to each other
• Neighbors are formed over TCP
• Communications between BGP neighbors involve: open, keep-alive, update and notifications.

Question 31

BGP States

Answer 31

• Idle: BGP neighbors are configured and waiting for the next phase
• Connect: tries to form TCP connection
• Active: tries to form neighbor relationship
• OpenSent: sends BGP configuration (version numbers, RIDs) to the neighbor to match or check for errors
• OpenConfirm: Confirms that the BGP config was sent and accepted
• Established: If prefix number is returned, then BGP neighbor was successfully established

Question 32

Designated Router

Answer 32

Elected routers that are responsible for generating LSAs for the connected networks. Election occurs by the device that runs OSPF first, highest priority or the highest router ID.

Question 33

OSPF Neighbor

Answer 33

An MLS that has established an OSPF connection (after HELLO exchange) and become fully adjacent with another OSPF multilayer

Question 34

OSPF full adjacencies

Answer 34

An MLS/router that agrees to share all its routing information with another adjacent MLS/router

Question 35

OSPF Area

Answer 35

A “region” or group of routers that are logically defined as part of an OSPF area. LSAs are shared by OSPF MLS within the designated area.

Question 36

DRother

Answer 36

A router that is neither a DR or BDR (backup DR)