ne t wo rkingne ws.inf o http://netwo rkingnews.

info /technical-interview-questio ns/

Network engineer job interview technical questions..

by pp2

I thought to make a list of technical interview questions…questions based on networking and security area
- routing & switching, f irewalls, load-balancers, T CP/IP, DNS and troubleshooting steps. I will add more
questions on f irewalls, load-balancers etc when I get time to gather all my notes, hopef ully very soon.

Routing/Switching questions:

Make yourself aware on below routing protocols:

EIGRP
OSPF
BGP
MPLS

What is Feasible successor:

To be considered a f easible successor, the Administrative distance must be less than the Feasible
distance of the successor. (AD < FD)

What does the EIGRP stuck in active message mean?

When EIGRP returns a stuck in active (SIA) message, it means that it has not received a reply to a
query. An EIGRP neighbour (or neighbours) have not replied to the query f or that route.

When the SIA occurs, the router clears the neighbour that did not reply to the query.

Why do you not see OSPF neighbours as FULL/DR or FULL/BDR on serial link?

T his is normal. On point-to-point and point-to-multipoint networks, there are no designated routers
(DRs) or backup designated routers (BDRs).

What is multicast address for EIGRP and OSPF hello packets:

EIGRP – 224.0.0.10
OSPF – f or all the routers – 224.0.0.5
OSPF – initial multicast – only f or DR and BDR – 224.0.0.6

What is type-1 and type-2 LSAs in OSPF?

Type-1 LSAs are router LSAs and are generated by each router f or the area to which the router
belongs.
Type-2 LSAs are network LSAs and are generated by the DR and BDR.

OSPF network types:

Broadcast, multi-access networks: Ehternet, token ring. Single mode operation.

Point-to-point : T 1 CAS, ISDN BRI/PRI, single operation mode, no DR/BDR.
Non-broadcast multi-access(NBMA) networks: Frame realy, AT M, MPLS. Five modes of operation.

Which port is being used by BGP protocol?

 port T CP 179.

What is the Path/link cost for below links?

10 Mbps – 100
100 Mbps – 19
1 BGPS – 4

Administrative distance of various routing protocols:

Connected – 0
Static – 1
eBGP/ BGP – 20
EIGRP – 90
OSPF – 110
IS-IS- 115
RIP – 120
iBGP – 200
Unknown – 255

Port numbers:

Telnet – 23
DNS – 53
SSH – 22
FT P – 21 (FT P data- 20, FT P control – 21)
SMT P – 25
Whois – 43
SFT P – 115
SNMP – 161
BGP – 179
LDAP – 389
DHCP client- 546
DHCP Server – 547
POP3 – 110

TACACS and TACACS+ port:

UDP/T CP 49

What is ST P? (Spanning tree protocol)

It is loop prevention mechanism. It main purpose is to dynamically maintain a loop-f ree network. It
does this by sending out BPDUs, discovering any loops in the topology, and blocking one or more
redundant links.

Some basic questions:

Explain T CP/IP 3-way handshake. (Easy but important question)

Syn, Syn-ACK, ACK

(more explaination, check at here)

What is BID?

It is 8-byte f ield that is composed of the bridge’s 6-byte MAC address and a 2-byte bridge priority.

What are the spanning tree states?

Below f our are spanning-tree states: 1. Blocking 2.Listening 3.Learning 4. Forwarding.

How many /24 subnets in /27 subnets?

2^3 = 8. .. 8 Subnets.

What is mac address:

It is a 48 bit address burned into a network interf ace card.

First 3 octets – 24 bits – known as OUI(org unique identif ier) - Manuf acture/vendor identif ication

What is ehternet normal MT U size ? And what about MPLS MT U size?

1500 bytes is the MT U f or an Ethernet f rame. MPLS MT U is 1520.

What is the demarcation point?

T he demark is the point where the CPE ends and the local loop begins. It is the meeting point of
service providers’ responsibility and client’s responsibility.

What is the difference between SVCs and PVCs ?

SVCs(switched virtual circuits)are dynamically established when data needs to be transf erred and
that are terminated when data transmission is complete.
SVCs states: 1. Call setup 2.data transf er 3.Idle and 4. Call termination.
PVCs(permanent virtual circuits)are permanently setup virtual circuits that operates in two states:
Idle and data transf er.

What is split horizon?

T he rule of split horizon is that is it never usef ul to send inf ormation about a route back in the
direction f rom which the original update came.

What is convergence?

Convergence is when all routers have consistent knowledge and correct routing tables.

What is route poisoning?

With route poisoning, when a distance vector routing protocol notices that a route is no longer valid,
the route is advertised with an inf inite matric, signif ying that the route is bad.

What is DLCI ?

A DLCI is a number that identif ies the logical circuit between the router and the f rame relay switch. It
 is the f rame realy layer 2 address. Local signif icance only.

What is the committed information rate(CIR) ?

T he CIR is the committed inf ormation rate by the service providers, in bits per second, at which data
will be transf erred. T he service provider sends any data in excess of this rate if it’s network has
capacity at that time.

More to come…

Here are some more questions:

What is ST P? (Spanning tree protocol)

It is loop prevention mechanism. It main purpose is to dynamically maintain a loop-f ree network. It does this
by sending out BPDUs, discovering any loops in the topology, and blocking one or more redundant links.

What is Root guard and BPDU guard and where are those being used?

Root guard:It is the mechanism to stop intruders to make their switch(compromised or their own) as
a root in ST P by enabling root guard on root bridge switch ports. As soon as it received superior
bpdu on root guard enabled ports it simply disable that port and put into inconsistent mode until
other switch stops sending superior bpdus.
BPDU guard:It stops portf ast enabled ports to send bpdu. As an example if any of the port on
switch is connected to user PC then it port-f ast might have been enabled on that port. It does mean
switch knows that the port-f ast port won’t be connected to other switch it is not expecting bpdu to
be coming f rom that port. If PC(or application or user’s own switch) starts sending bpdu on that port,
switch simple disable/shutdown that port.
Commands to enable BPDU guard:

Spanning tree bpdu guard enable

Spanning tree portf ast bpdu guard def ault

What is DHCP snooping?

DHCP snooping allows responses to only come f rom specif ic trusted ports. It saves network f rom
man-in-middle attack.
DHCP rate limiting prevents pool exhaustion.
Command to enable dhcp snooping:

# ip dhcp snooping (stop accepting dhcp reply f rom all the ports)

# int f a0/0

# ip dhcp snooping trust (to make sure it accepts dhcp reply f rom specif ic port where dhcp server reply is
connected)

Just an example,

You need to conf igure dhcp snooping trust ports on all three switches to let switch 1 use dhcp server.

SW1 >> SW2 >> SW3 >> DHCP server

Questions on VPN, firewalls and on F5 load-balancers will be updated soon….

T hanks, P