Technical - Networking

Question 1

TCP vs UDP (Provide examples)

Answer 1

TCP (Transmission Control Protocol):
Purpose: Connection-oriented, reliable, ordered, error-checked delivery
How: 3-way handshake(SYN, SYN-ACK, ACK), sequencing, ACKs/timeouts, error checking/checksums.
Examples: HTTP, FTP

UDP (User Datagram Protocol):
Purpose: Fast, connectionless, no delivery guarantees
No Handshake: Fire-and-forget
Examples: DNS, Streaming

Question 2

HTTP/HTTPS

Answer 2

HTTP (Hypertext Transfer Protocol):
Purpose: Transfer web content
Port: 80
Transport: TCP, plain text

HTTPS (HTTP Secure):
Purpose: Secure web content with encryption
Port: 443
Encryption: TLS/SSL (Asymmetric for key exchange, Symmetric for data)

Question 3

TLS vs SSL

Answer 3

SSL (Secure Sockets Layer):
Purpose: Outdated encryption protocol, vulnerable

TLS (Transport Layer Security):
Purpose: Modern, secure encryption
Key Exchange: Asymmetric (RSA/ECDHE), Data Encryption (Symmetric AES)

Question 4

VPN

Answer 4

VPN (Virtual Private Network):
Purpose: Secure, encrypted private network over the internet
Encryption: Encrypts entire packet (payload + headers)
Protocols: IPsec, OpenVPN

Question 5

DNS

Answer 5

DNS (Domain Name System):
Purpose: Translate domain names to IP addresses
Resolution:
Process: Resolver > Root DNS > TLD DNS > Authoritative DNS
Record Types: A (IPv4), AAAA (IPv6), CNAME, MX
Port: 53 (UDP/TCP)

Question 6

DHCP

Answer 6

DHCP (Dynamic Host Configuration Protocol):
Purpose: Automatically assigns IP addresses and network configurations
Process: Discover > Offer > Request > ACK

Question 7

ARP

Answer 7

ARP (Address Resolution Protocol):
Purpose: Resolve IP addresses to MAC addresses
Process: ARP Request > ARP Reply
Cache: Stores IP-MAC mappings

Question 8

Trace egress request from local machine to the internet (Local Machine > OSI > Router/Modem > ISP)

Answer 8

1. Local Machine: Application generates data.
2. OSI Layers: Translated into TCP/UDP segments, packets, and eventually transmitted as frames.
3. Router:
   - NAT: Translates source IP/Port (Ephemeral)
   - Forwards based on routing table
4. Modem: Converts and sends packet to ISP.
5. ISP: Routes packet through its network to destination.

Question 9

Trace ingress response from internet to local machine (ISP > Modem > Router > OSI > Local Machine)

Answer 9

1. ISP: Receives and routes packet to public IP.
2. Modem: Converts and sends packet to router.
3. Router:
   - Reverse NAT: Translates destination IP/Port (Ephemeral)
   - Forwards to machine private IP
4. OSI Layers: Translated from frames into packets and eventually TCP/UDP segments.
5. Local Machine: Application processes received data.

Question 10

OSI vs TCP/IP (Explain layers)

Answer 10

OSI (Open Systems Interconnection):
Purpose: Conceptual model for network protocols
7 Layers: Physical, Data Link, Network, Transport, Session, Presentation, Application

TCP/IP (Transmission Control Protocol/Internet Protocol):
Purpose: Practical framework for network communication
4 Layers: Link(Frame), Internet(Packet), Transport(Packet), Application(Data)

Question 11

CIDR vs Subnet Mask (Explain /24 and 255.255.255.0)

Answer 11

CIDR (Classless Inter-Domain Routing):
Purpose: Represent range of IP address
/24: First 24 bits (3 octets) reserved

Subnet Mask:
Purpose: Represent range of IP address
255.255.255.0: First 24 bits (3 octets) reserved

Question 12

Default Gateway

Answer 12

Default route for traffic from a local network to destinations outside of the network

Question 13

What happens when I type https://google.com in browser and hit enter?

Answer 13

1. Enter key stroke handled
   
   • Enter key bottoms out
   • Keyboard hardware/firmware sends data to OS driver
   • Browser retrieves keystroke and handles event
2. DNS resolution
   
   • Browser uses regex to identify input as url (not search query)
   • Browser checks local cache and system cache
   • Browser send DNS query (resolver > root > tld > authoritative)
3. TLS session established
   
   • Server sends server certificate (pub key, ca)
   • Browser checks cert against trusted CAs (verify exp, domain, sig)
   • Session key established
4. Browser receives and renders page
   
   • Server responds to GET request with encrypted blob of HTML/CSS/JS
   • Browser decrypts, executes client side code, renders page

Question 14

BGP

Answer 14

BGP (Border Gateway Protocol)
Purpose: Exchange routing information between different autonomous systems.
Process: Establishes peering sessions > Exchanging routing updates > Route selection based on policies.
Key Features: Uses path vector mechanism, supports policy-based routing, handles large-scale networks, and prevents routing loops.
Port: 179 (TCP)

Question 15

OSPF

Answer 15

OSPF (Open Shortest Path First)
Purpose: Determine the best path for data within a single autonomous system.
Process: Neighbor discovery > Database synchronization > Shortest path calculation using Dijkstra’s algorithm.
Key Features: Link-state protocol, fast convergence, hierarchical network design with areas, and uses multicast for updates.
Port: 89 (IP Protocol)

Question 16

EIGRP

Answer 16

EIGRP (Enhanced Interior Gateway Routing Protocol)
Purpose: Efficiently manage routing within a single autonomous system.
Process: Neighbor discovery > Route calculation using DUAL (Diffusing Update Algorithm) > Route updates.
Key Features: Combines features of distance vector and link-state protocols, supports variable-length subnet masking (VLSM), and provides rapid convergence.
Port: 88 (UDP)

Question 17

NAT

Answer 17

NAT (Network Address Translation)
Purpose: Remap IP addresses for routing and to enable multiple devices on a local network to share a single public IP address.
Process: Incoming requests > IP address mapping > Outgoing requests with modified headers.
Key Features: Enhances security by hiding internal IP addresses, enables IP address conservation, and supports multiple NAT types (static, dynamic, PAT).
Port: N/A (operates at Layer 3)

Question 18

SNMP

Answer 18

SNMP (Simple Network Management Protocol)
Purpose: Manage and monitor network devices.
Process: SNMP Manager > Sends requests to agents > Agents respond with data or alerts.
Key Features: Uses a hierarchical structure for managing devices, supports traps for alerting, and allows for polling of device status.
Port: 161 (UDP for requests), 162 (UDP for traps)

Question 18

ICMP

Answer 18

ICMP (Internet Control Message Protocol)
Purpose: Send error messages and operational information related to IP processing.
Process: Network device sends ICMP messages (e.g., Echo Request/Reply for ping).
Key Features: Essential for diagnostics (e.g., ping, traceroute), communicates network issues, and aids in troubleshooting.
Port: N/A (operates at Layer 3, no ports)

Question 19

SSH (SCP, SFTP)

Answer 19

SSH (Secure Shell)
Purpose: Provide secure remote access to network devices.
Process: Client initiates a connection > Server authentication > Encrypted session established.
Key Features: Encrypts traffic for secure communication, supports secure file transfers (SCP, SFTP), and enables secure command-line access.
Port: 22 (TCP)

Question 20

SIP

Answer 20

SIP (Session Initiation Protocol)
Purpose: Manage multimedia communication sessions (e.g., voice and video calls).
Process: SIP user agent > Sends requests (INVITE, ACK) > Manages session parameters.
Key Features: Supports voice, video, and messaging, can work with various codecs, and allows for scalability in VoIP services.
Port: 5060 (UDP/TCP), 5061 (TLS)

Question 21

Explain what happens to a PDU as it moves from L7 to L1 of OSI model

Answer 21

L7: (Data) Created
L6: (Data) Translated, encrypted, formatted
L5: (Data) Session control information created
L4: (Segments/Datagrams) Encapsulation - Add transport header (src/dest port, checksum, and seq/ack number(TCP)
L3. (Packets) Encapsulation - Add ip header (src/dest ip, protocol, ttl)
L2. (Frames) Encapsulation - Adds frame header (src/dest mac, ethertype, frame check sequence)
L1. (Bits) Converted to bits, transmitted

Question 22

Common ports:
20/21:
22:
23:
25:
53:
67/68:
80:
115:
179:
443:
2379/2380: E
3000:
3306:
5001:
5432:
6379:
6443:
9092:
9090:
9200:
10250:
10251:
10252:
27012:
30000-32767:

Answer 22

20/21: FTP
22: SSH
23: Telnet
25: SMTP
53: DNS
67/68: DHCP
80: HTTP
115: SFTP
179: BGP
443: HTTPS
2379/2380: Etcd
3000: Nodejs / Grafana
3306: MySQL
5001: Docker registry
5432: PostgreSQL
6379: Redis
6443: K8s Api Server
9092: Kafka
9090: Prometheus
9200: Elasticsearch
10250: Kubelet
10251: Kube-scheduler
10252: Kube-controller-manager
27012: MongoDB
30000-32767: K8s NodePort services

Question 23

OSI (Layer, Importance, Data Unit, Protocols, Devices)

Answer 23

1. Physical, transmits, bits, coax/fiber, hubs
2. Data Link, node-to-node, frames, Ethernet/PPP/Wi-Fi, switch
3. Network, routing/addressing, packets, IP/ICMP/IPsec
4. Transport, full transfer/flow, segments/datagrams, TCP/UDP, none
5. Session, manages session, data, SIP/RPC, none
6. Presentation, translates application to network, data, SSL/TLS, none
7. Application, interface w/users, data, HTTP/FTP/SMTP/DNS/BGP, none
8. Joke: user error!

Question 24

Broadcast vs multicast vs unicast

Question 25

How does a router use subnet mask and default gateway to decide where to send a request?

Question 26

How many useable address does a /x address have?

Question 27

Class a vs class b vs class c addressees