Basic Networking Interview questions and answers
Crack the Interview by reading the basic networking interview questions and answers
A network has to be designed for an organization. The organization has 5 departments each of which has different network addresses, which require communication with each other. What strategy and technology can be used for achieving the same?
The organization can use a VLAN based network, where different VLANs can be created and mapped with specific IP network addresses of the departments. Inter routing can be configured for communication between the networks. When inter vlan routing is used, just a single interface on the router is required, When VLAN is not used, 5 physical interfaces on the router are required.
How does a router forward an IP packet to appropriate destination?
When a router receives an IP packet, it looks into the destination IP address in it. The router then checks its routing table to look for corresponding routing entries for the network address of the destination IP address. For ex:, if the destination IP address is 192.168.2.1, the router checks in the routing table if a matching route entry is available for the network 192.168.2.0/24.
The router forwards the packet to the appropriate interface on which the network is connected or aware of the destination. If not available, the packet is dropped.
What does a switch do, when it is unaware of the destination mac-address in a frame?
The switch would flood the frame to all ports, apart from the port on which the frame was received. Once the response is received, the switch would add the source mac-address in the response frame to its mac-address table relevant to the port which sent the response.
A switch has built its mac-address table dynamically. The switch is powered off and re-booted after some time. Would the info in the mac-address table be available after re-boot?
The info in the mac-address table would not be available since it would be cleared on a re-boot.
What is the fundamental difference between classful and classless routing protocols?
In classful routing, there is no concept of subnets. The routing protocol supports only classful addressing like class A, class B, class C etc. In classless routing, subnet mask information is carried inside the routing protocol packets as opposed to classful routing where this information is not available.
How does a hub differentiate between a unicast and broadcast frame?
A hub works on layer 1 of the OSI model. It does not understand frames. So a hub cannot make any differentiation between a unicast and broadcast frame as it understands only signals. Irrespective of the type of frame, the signal would be sent to all ports.
What command can be used on a Cisco router to disallow RIP packet updates on a specific interface?
Passive-interface can be used on an interface for disallowing RIP packets on the interface.
Does spanning tree protocol require IP address to be configured between switches?
Spanning tree is a layer 2 protocol. It does not require IP addresses to be configured on the switches.
Two browser windows are opened on a PC and the webpage www.tcpipguru.com is accessed simultaneously. What would be the sequence number of the TCP connection for the TCP SYN segment for the first browser window?
Sequence numbers are generated by the operating system of the PC . A random number generated by the operating systems TCP/IP implementation would be the sequence number which would be used.
How does a DHCP client contact a DHCP server on the network to receive a dynamic IP address?
DHCP clients are unaware of DHCP servers on the network as there is no information configured on the DHCP clients which provide information about DHCP servers on the network. A DHCP client initiates a DHCP Discover packet which is a broadcast packet, which is targeted on UDP port 67, for DHCP servers on the network. The DHCP servers on the network would receive and respond to the request from the clients appropriately.
A computer is connected to the internet via an ADSL router. The ADSL router is configured with appropriate DNS server IP address. Is it required to configure the DNS server IP address on the computer as well for internet access?
It is required for the DNS server IP address to be configured on the computer. Take an example where the user wishes to browse a website. When the user opens the browser and types the URL name of the website, a DNS resolution has to take place, for which the URL name has to be sent to a DNS server. The PC has to initiate the DNS request for which the DNS server IP address has to be configured on the PC. If not configured, the DNS request would fail as the PC would be unaware of DNS server IP address and internet access would fail.
An administrator of an organization is unable to telnet to a router which is 10 hops away from the admin PC. What tool can be used to identify the location where the connection is dropped?
The admin can use trace-route command line tool to the router and check the location where the packets are being dropped.
Telnet uses TCP port 23. Does this imply that the telnet connection initiated by a user connecting to the router from a computer uses TCP port 23?
This is not true. When the user initiates a connection to the router, the TCP header in the connection would have a source port and destination port number. The destination port number would be port 23 indicating that the request is being initiated to the telnet server service which is identified by port 23. The source would be a random port number assigned by the TCP/IP on the operating system of the computer.
Which is the protocol which is used by both traceroute and ping?
ICMP is used by both the protocols at the network layer.
Name the two fields in the TCP header which is unavailable in a UDP header and is used for tracking the received and transmitted data.
Sequence and acknowledgement numbers are used for tracking the receipt and transmission of data in the TCP header.
A PC is connected to a switch to which a router is also connected. The management IP address of the switch is 192.168.1.2 and the IP address of the router is 192.168.1.1. What should the default gateway of the PC be, for it to access a remote network?
The default gateway IP address of the PC should be the IP address of the router since routers are used for forwarding packets belonging to a different network.
Name one method by which cam flooding attack can be defended using features on a switch.
In a cam flooding attack, the attacker sends large number of frames with different source mac-addresses to overflow the cam table of the switch. Port-security on a switch can be used to limit the allowed number of mac-addresses on a switch port, which would then thwart the attempt of the attacker to craft the attack.
A router has two directly connected networks on its interfaces. Would an ARP request from one network reach the other network?
ARP request packets are broadcast packets. Routers do not forward broadcast packets to another network.
What would be the type value in an ethernet frame which is encapsulating an IP packet?
The type value would be IP. The type value in an ethernet frame refers to the protocol which is encapsulated by the ethernet frame. In this case since it is an IP packet, it would be IP.
If an ARP entry is available on the local cache of a computer, would an ARP request be triggered?
No. The computer would first check its ARP entry before sending out an ARP request frame.
Does IP fragment reassembly take place at intermediate routers or at the destination?
IP fragmentation reassembly takes place at the destination only.
How does a UDP based application know that a packet has been lost in transit?
UDP based applications uses a time out mechanism. They would wait for a specific time and then trigger a timeout if the response has not been received.
What is the destination mac-address of a frame whose destination IP address is 192.168.1.255?
The destination IP address, 192.168.1.255 is a directed broadcast. This is a broadcast packet and the corresponding destination mac-address in the frame would be FF-FF-FF-FF-FF-FF
Can two organizations have networks belonging to the same private IP address range?
Private IP addresses are used by organizations for devices which reside within their network. It is not used for public communication (Internet). So this is possible.
In a company network, the following types of traffic is initiated from the clients namely FTP, HTTP (browsing), Telnet, ping and Custom applications. All these types of traffic require internet access. What would be the best technique the network administrator can use for achieving the same?
The organization can use Natting, which specifically does port address translation on a router for the purpose.
How do the IPSEC protocols, ESP and AH provide replay protection?
ESP and AH include the sequence number fields in the respective headers. The values are used by the IPSEC peers to track duplicate packets. If a packet with an already received sequence number arrives, it would be rejected, thus providing replay protection.
If ESP provides both encryption and authentication, why is AH required?
ESP does not provide authentication to the outer IP header, which AH does.
What is the security vulnerability in using a shared key authentication with WEP?
In a shared key authentication, the access point sends a challenge text to the client in clear, which would then be encrypted by the client using the shared key with WEP algorithm. The access point would decrypt the same with the shared key and verify. An attacker on the network can passively monitor the communication between the client and the access point and capture the challenge and encrypted text which can then be used to derive the shared key.
In WEP, is the data packet which needs to be protected, encrypted with only the shared key on the client or are any other parameters used along with shared key?
The total key size in WEP is 64 or 128 bit, out of which 40 and 104 bit respectively is used by the shared key and 24 bits used by a value called Initialization Vector. The initialization vector is created randomly and is combined with the actual WEP key for data encryption.
Which two wireless standards are inter-operable with each other and on what is the frequency on which they work?
802.11 b and 802.11 g are inter-operable with each other and they both work on the 2.4 GHz range.