Questions for Network Engineer / Network Administrator (Security)

Top Interview Questions for Network Engineer / Network Administrator (Security)

Are you looking for job as a Network Security Engineer? Or are you thinking of leaving your current position and considering a new job as Network Engineer/Administrator with a new company in LAN/WAN Network Security environment?

If yes, then this article is for you and any of described technologies and questions may be asked during the interview!

Network Engineer/Administrator (security) is a higher-level position, often with “jr.” and “sr.” prefixes. The major responsibility of a network engineer (security) is to determine “how to implement network security” in routed LAN/WAN environments. They design and implement both the hardware and software necessary technologies to secure computer network. They have high-level technical skills in LAN/WAN security. The major responsibility of a network admin (security) includes adding security software and hardware, performance monitoring, troubleshooting, logging errors, backing up and restoring data, and assigning permissions to users.

Before facing any interview for a network engineer/administrator (security) position, make sure that you have enough knowledge of firewalls (software & hardware), VPNs (IPsec, SSL, and Get VPN etc.) with general network technologies as described below:

Network concepts:

· * Data communication and transmission techniques

· * Fundamentals of OSI & TCP/IP model

· * Router’s basic operations (startup, nvram, flash/IOS backup & recovery)

· * IP Addressing and Summarization

· * IP Routing : Basics of RIP , EIGRP , OSPF & BGP

Firewall

· * NAT (object based)

· * ACL (object based)

· * Contexts

· * Failover (Active-Standby & Active-Active)

· * Transparent

· * MPF (Modular Policy Framework)

VPN

· * Site to Site

· * SSL

· * Get VPN

· * Easy VPN

· * DMVPN

· Flex

Route-Filtering

· * Access-lists

· * Route-Maps

· * Prefix-Lists

· * Distribute-Lists

· * Filter-lists

· * Class-maps & Policy-maps

Network security

· * AAA Server

· * Dot 1x Authentication

· * Ip SLA

Questions for an Interview of Network Security Engineer/Administrator:

All listed questions are very common and important and you must be prepared with all of the following answers before facing any interview for a Network Security position.

Q. What is a firewall?

A: A firewall is used to provide security to the private networks connected to the internet. They can be implemented as hardware or software, or a combination of both. All incoming and outgoing network traffic are examined and accepted/rejected by the firewall as per defined rules.

Q. What is the difference between network gateway and a firewall?

A: A network gateway joins two networks together and a network firewall protects a computer network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs.

Q. What is the difference between IPS and a firewall?

A: The primary function of a firewall is to prevent/control traffic flow from an untrusted network (outside). A firewall is not able to detect an attack in which the data is deviating from its regular pattern, whereas an IPS can detect and reset that connection as it has inbuilt anomaly detection.

Q. What is a transparent firewall?

A: A transparent firewall is considered as Layer 2. Deploying a new firewall into a network can be a complicated process due to various issues (e.g. IP address reconfiguration, network topology changes, current firewall etc.) because the firewall is not a routed hop and you can easily introduce a transparent firewall into an existing network.

Q. What is packet filtering?

A: Packet filtering is the process of permitting or blocking ip packets based on source and destination addresses, ports, or protocols. The packet filter examines the header of each packet based on a specific set of rules, and on that basis, decides to prevent it from passing or allow. Packet filtering is also part of a firewall program for protecting a local network from unwanted access.

Q. Define stateful inspection?

A: Stateful inspection is known as dynamic packet filtering and is a firewall technology that monitors the state of active connections and uses this information to determine which network packets are allowed through the firewall. Stateful inspection analyses packets down to the application layer.

Q. What is the Public Key Encryption?

A: Public key encryption uses public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know the recipient’s public key.

Q. Define Digital Signatures

A: Digital signature is an attachment to an electronic message used for security purposes. It is used to verify the authenticity of the sender.

Q. What is Authorization?

A: Authorization is a security mechanism used to determine user/client privileges or access levels related to network resources, including firewalls, routers, switches and application features. Authorization is normally preceded by authentication and during authorization. It’s system that verifies an authenticated user’s access rules and either grants or refuses resource access.

Q. What is stateful failover?

A: Every time a session is created for a flow of traffic on the primary node, it is synced to the secondary node. When the primary node fails, sessions continue to pass traffic through the secondary node without having to re-establish.

Q. What is VPN and describe IPsec VPN

A: Virtual Private Network (VPN) creates a secure network connection over a public network such as the internet.

IPsec VPN means VPN over IP Security allows two or more users to communicate in a secure manner by authenticating and encrypting each IP packet of a communication session.

Q. What is Site to Site and remote access VPN?

A: A site-to-site VPN allows offices in multiple locations to establish secure connections with each other over a public network such as the Internet. Site-to-site VPN is different from remote-access VPN as it eliminates the need for each computer to run VPN client software as if it were on a remote-access VPN.

Q. How do you check the status of the tunnel’s phase 1 & 2 ?

A: Use following commands to check the status of tunnel phases:

Phase 1 : show crypto isakmp and State : MM_ACTIVE

Phase 2 : show crypto ipsec sa

Note: if you have lot of tunnels and the output is confusing use a ‘show crypto ipsec sa peer 12.12.12.12′ command instead.

Q. What is SSL VPN? How it is different from IPsec VPN?

A: SSL VPN provides remote access connectivity from almost any internet enabled location without any special client software at a remote site. You only need a standard web browser and its native SSL encryption.

IPsec is a dedicated point-to-point fixed VPN connection where SSL VPNs provides anywhere connectivity without any configuration or special software at remote site.

Q. What is GRE and why is it required?

A: Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP networks.

GRE enables a wrapper to be placed around a packet during transmission of the data. A receiving GRE removes the wrapper, enabling the original packet to be processed by the receiving stack.

Advantages of GRE tunnels include the following:

· * GRE tunnels connect discontinuous sub-networks.

· * GRE tunnels allow VPNs across wide area networks (WANs).

· * GRE tunnels encase multiple protocols over a single-protocol backbone.

· * GRE tunnels provide workarounds for networks with limited hops.

Q. Firewalls work at what layer? Define firewall generations and their roles.

A: Firewalls work at layer 3, 4 & 7. First generation firewalls provide packet filtering and they generally operate at layer 3 (Network Layer). Second generation firewalls operate up to the Transport layer (layer 4) and records all connections passing through it and determines whether a packet is the start of a new connection, a part of an existing connection, or not part of any connection. Second generation firewall is mainly used for Stateful Inspection.

Third generation firewalls operate at layer 7. The key benefit of application layer filtering is that it can “understand” certain applications and protocols (such as File Transfer Protocol (FTP), Domain Name System (DNS), or Hypertext Transfer Protocol (HTTP)).

Q. What is DoS attack? How can it be prevented?

A: DoS (Denial of Service) attack can be generated by sending a flood of data or requests to a target system resulting in a consume/crash of the target system’s resources. The attacker often uses ip spoofing to conceal his identity when launching a DoS attack.

Q. What is IP Spoofing?

A: An IP spoofing attack enables an attacker to replace its identity as trusted for attacking host. For example, if an attacker convinces a host that he is a trusted client, he might gain privileged access to a host.

Q. What are the security-levels in cisco ASA?

A: ASA uses security levels to determine the parameters of trust given to a network attached to the respective interface. The security level can be configured between 0 to 100 where higher number are more trusted than lower. By default, the ASA allows packets from a higher (trusted) security interface to a lower (untrusted) security interface without the need for an ACL explicitly allowing the packets.

Q. What is AAA?

A: AAA stands for authentication, authorization and accounting, used to control user’s rights to access network resources and to keep track of the activity of users over a network. The current standard by which devices or applications communicate with an AAA server is the Remote Authentication Dial-In User Service (RADIUS).

Q. What is IPS? How does it work?

A: An Intrusion Prevention System (IPS) is a network security/threat prevention technology that examines network traffic flows to detect and prevent vulnerability exploits. An Intrusion Prevention System can play a good role to protect against various network security attacks such as brute force attacks, Denial of Service (DoS) attacks, and vulnerability detection. Moreover, an IPS also ensures prevention against protocol exploits.

Intrusion Prevention System uses four types of approaches to secure the network from intrusions which include:

· * Signature-Based

· * Anomaly-Based

· * Policy-Based

· * Protocol-Analysis-Based

The above described questions are very tricky and important in aspect to clear any interview for Network Security Engineer/Administrator position and it is not possible for anyone to explain all kind of questions so you can download more questions from the download link posted here and if you find any difficulty getting the answer to any question then you can write me @ Comment section.

Top Interview Questions that Network Design Engineer Candidates Need to Know

Are you looking for job as a network design engineer? Or are you thinking to leave your current position for a new job as a network designer with a new company?

If you answered yes to either of those questions, then this article is for you and any of the described technologies and questions may be asked during the interview!

Network design engineer is a higher-level position; the major responsibility of a network design engineer is to design both the hardware and software technologies needed for a company’s network setup. A network designer examines vendor-agnostic network design principles and is often responsible for designing all of the network infrastructure, including routing, switching, security, LAN, WAN, VoIP, wireless, optimization, load balancing, etc. If you are more interested in network design and architecture, then don’t walk away from the equipment, open up your brain to new approaches building networks.

The scope of network designing is enormous (going through almost all networking specialization).

A network design engineer must have the knowledge of the following technologies:

· * Layer 2 control plane

· * Layer 3 control plane

· * VoIP, security, wireless network architecture

· * Network virtualization

· * Design considerations

· * Analyze design requirements

· * Develop and Implement network designs

· * Validate and optimize network design

I have read somewhere “there are those who design networks…. very large networks who may not do one ounce of actual installation or implementation of the network.”

Yes, it is possible that a person who has never worked on network technologies or seen even a router or switch can be a network designer. Equally, there are people who lay cables and configure routers and switches all day. In the middle ground are the amateur designers who will throw a solution together based on nothing but experience and reality, so it depends where you want to be as a network engineer.

The network designer in general focuses on the “Why“, where the network engineer (implementation) focuses on “How.” Designing track gives you concepts and processes that will enable you to better plan and lay out a network. It also gives you concepts such as the design lifecycle, network lifecycle, etc. It attempts to teach you different methodologies to sort through design problems and how to tackle them.

Also, the network designer has very broad technical knowledge where he/she needs strong logical and technological points of view because he/she needs to design with wireless, voice, and security in mind and not just routing and switching.

My Best Questions for an Interview of Network Design Engineer

All of the questions below are very common and must be prepared for before facing any interview for the network designing environment.

Q: What is your experience as a network design engineer?

A: You can answer with your wealth of network experience and job responsibilities and don’t forget to share your achievements as a network design engineer. You can also mention your involvement in complex LAN, WLAN, and IPT infrastructure solutions and large-scale projects in unique environments with collaboratively working within a team.

Basically, a network design engineer works with project teams, takes information and/or project specifications from customers and turns it into a completed design definition which meets the agreed specification, with due consideration to factors such as security and operational support including routing, switching, security, LAN, WAN, VoIP, wireless, optimization, load balancing, etc.

Q: What decisions/suggestions you have made as network design engineer?

A: Here you can provide the information on major suggestions/decisions taken by you on network/device migration and up-grading from your previous experience. You can also share your involvement in project review meetings and regular representation of the network services with your team, and how it helped your team to achieve organizational goals of network services.

Answer the question with all of positive decisions/suggestion taken by you and don’t try to explore decisions that were wrong in term of technical or any misfit technology but this doesn’t mean that you will not share your creativity and solution development skills.

Q: Describe the set of required skills for a network design engineer?

A: Answer this question with the description of required key skills for a network engineer as listed below;

• Layer 2 control plane
• Layer 3 control plane
• VoIP, security, wireless network architecture
• Network virtualization
• Design considerations
• Analyze design requirements
• Develop and implement network designs
• Validate and optimize network design

Q: Describe techniques you used as a network design engineer?

A: This question is asked very often during the interview for network designing position.

You must prepare the answer before facing the interview. You can start your answer with a list of technologies used by you. You might have to face cross-questioning for the described list of technologies.

You will be expected to share challenging timescales and demonstrate flexibility and sound design principles that allow your employer to meet the requirements of network project. You can also share your best-practice design methods that helped you to update and improve your way of working.

Q. How do traceroute and ping work?

A: Traceroute is a network debugging utility that attempts to trace the path a packet takes through the network. when you execute a traceroute command, your machine sends out 3 UDP packets with a TTL (time-to-live) of 1.

Traceroute works by increasing the “time-to-live” value of each successive batch of packets sent. This keeps going until you reach the destination.

Ping: It sends an ICMP (Internet control message protocol) echo request to a specified interface on the network and, in response, it expects to receive an ICMP echo reply. By doing this, the program can test connectivity, gauge response time, etc.

Q: How many channels are in E1 and T1 link and what is the operational bandwidth of each channel in each link?

A: E1 link contains 32 channels while T1 link contains 24 digital channels and each channel of both T1/E1 gives you 64 kbps bandwidth.

An E1 link consists of 30B channels and 1D channel and each channel has 64k Bw.

So for E1 – you get 30*64 = 1920kbps

A T1 link consists of 23B channels and a D channel and each channel has 64k Bw. So for T1 – you get 23*64 = 1472kbps

Q. What are the main contents of a routing table?

A: A routing table contains the information necessary to forward a packet along the best path toward its destination.

A basic routing table includes the following information:

· * Destination network-id

· * Next hop

· * Exit Interface (outgoing network interface)

· * Administrative distance:

· * Metric: Assigns a cost to each available route so that the most cost-effective path can be chosen

Q: What is a route flap?

A: Route flapping occurs very often in computer networking when a router alternately advertises a destination network via one route then another in quick sequence; also if an interface on a router has a hardware failure, it will cause the router to announce it alternately as “up” and “down”.

Q: What basic set-up equipment is needed for VoIP?

A: For general VoIP set up we require the following things;

· * Broadband connection

· * VoIP phone*

· * Nexton soft-switches

· * Router

· * Audiocodec

· * Astric server

Q: Why do we use BGP?

A: Border gateway protocol is an exterior gateway protocol (EGP) used for routing between autonomous systems. TCP port 179 is used to establish session

We can use BGP in the following conditions:

· * Customer is connected to multiple Internet service providers (ISPs).

· * Service provider networks (Transit autonomous system).

· * In very large enterprise networks, where we can use BGP at core layer as a redundant routing protocol.

Q: Describe what a VPN is and how it works.

A: Virtual Private Network (VPN) creates a secure network connection over a public network such as the Internet. IPsec VPN means VPN over IP Security allows two or more users to communicate in a secure manner by authenticating and encrypting each IP packet of a communication session.

Q: What are delay, jitter and packet loss and how can we overcome these issues?

A: Network traffic often suffers from one or more of the following issues:

Delay: Excessive time required for a packet to traverse the network

Jitter: The uneven arrival of packets, considered as delay variation

Packet loss: Dropped packets are not retransmitted

QoS can be used to overcome these issues, especially for unified communication network traffic. A commonly used IntServ QoS tool is RSVP (resource reservation protocol), which provides QoS by guaranteeing treatment to a particular traffic flow.

And DiffServ QoS tool classifies different types of traffic and provides different levels

of service based on those distinctions.

Q: Describe high-level and low-level network design.

A: A HLD is referred to as software architecture; it provides an overview of solution, platform, system, product, or process. High-level design involves decomposing system into modules and representing the interfaces and invocation relationships among modules. A high-level design document will usually include a high-level architecture diagram depicting the components, interfaces, and networks that need to be further specified or developed.

LLD, also known as detailed design, is used to design internals of the individual modules identified during HLD. LLD describes each and every module in an elaborate manner so that the engineer can directly implement the network based on this.

Top Interview Questions for Network Engineer-Administrators (Data-WAN)

Are you looking for job as a network engineer/network administrator? Or are you thinking to leave your current position for a new job as a network engineer/administrator with a new company in a routed LAN/WAN environment?

If you answered yes to either of those questions, then this article is for you and any of described technologies and questions may be asked of you during the interview!

Network Engineer is a higher-level position, often with a “junior” or “senior” prefix. The major responsibility of a network engineer is to determine “how to implement technologies” in a routed LAN/WAN environment. They design and implement both the hardware and software technologies needed for a computer network. They have high-level technical skills in local area networks (LANs) or wide area networks (WANs).

Network Administrator is responsible for the smooth, efficient, and secure operation of computer networks. In general, they configure and administer existing networks rather than designing networks from the beginning. They play a very challenging role in a routed LAN/WAN environment, including customization of the network as per the organization’s needs, such as adding software and hardware, performance monitoring, troubleshooting, logging errors, backing up and restoring data, assigning permissions to users, and helping users with network issues.

Before facing any Interview for network engineer/administrator position, make sure that you have enough knowledge on below technologies.

General network concepts:

· * Data communication and transmission techniques

· * Fundamentals of OSI and TCP/IP model

· * Router’s basic operations (startup, NVRAM, flash/IOS backup and recovery)

IP addressing and summarization:

· * IP address classes

· * Classful and classless IP addresses

· * IP subnetting

· * Understating wild card masks

· * CIDR,FLSM,VLSM

· * IPv6 fundamentals

Routing:

RIP

· * Difference between RIPv1,RIPv2 and RIPng

· * Passive Interface

· * RIP Timers

· * RIP AD and Multicast Address

· * Split Horizon and Route Poisoning

EIGRP

· * Auto and Manual Summarization

· * Neighborship Conditions

· * Passive Interface

· * Split Horizon

· * Authentication

· * EIGRP Stub Routing and Stuck in Active

· * Equal and Unequal Load Balancing

· * EIGRP ADs and Multicast Address

OSPF

· * OSPF Area Types

· * OSPF Neighborship Conditions

· * Concepts of ABR and ASBR Router

· * DR/BDR Fundamentals and Election

· * OSPF Times and Authentications

· * OSPF Summarizations (Inter-Area, External, and Default Info Originate)

· * OSPF AD and Multicast Addresses

· * OSPF Network and LSA Types

BGP

· * BGP Fundamentals – Why and When to Use BGP?

· * BGP States and Message Types

· * BGP Neighborship Conditions

· * iBGP and eBGP

· * BGP Summarization

· * Use of Update Source, eBGP-Multi-Hop, Next-Hop-Self Commands

· * BGP Path Attributes

· * BGP Synchronization and Split-Horizon Rule

· * BGP Address Families

· * BGP Communities

MPLS

· * MPLS Fundamentals – IP CEF, LIB, LFIB

· * LDP and TDP

· * P, PE and CE Routers

· * PUSH,POP,SWAP Functions

· * PHP – Penultimate Hop Popping

· * BGP – VPN

· * MPLS over ATM /Frame Relay

QoS

· * QoS Models and Tools

· * Difference between L2 and L3 Queues

· * Characteristics of CoS, ToS, IPP, DSCP AF and EF

· * Class Maps and Policy Maps

Route Filtering

· * Access-List Fundamentals

· * Route-Maps

· * Prefix-Lists

· * Distribute-Lists

· * Filter-Lists

IP Services and Network Securities

· * First-Hop Redundancy Protocols (HSRP,VRRP,GLBP)

· * Network Address Translation (Static, Dynamic, PAT)

· * Network Time Protocols, Syslog Server, SNMP

· * Basics of VPNs (IPsec, Site to Site , DMVPN, Remote VPN)

· * IP Multicast Routing (IGMP,PIM SM/DM, MSDP)

· * Policy-Based Routing

· * IP SLA

My Best Questions for an Interview of Network Engineer/Network Administrator: All of the questions below are very common and must be prepared for before facing any interview for the data-WAN environment.

1. What is a router? Or define the basic requirements of a router?

Answer: A router is a layer 3 network device used to establish communication between different networks. Basic roles performed by a router are:

· * Inter-network communication

· * Best path selection

· * Packet forwarding

· * Packet filtering

2. What is the use of routing? or Why we use routing?

Answer: By default, a router provides inter-network communication only for directly connected networks. To establish communication between indirectly connected networks, we require ROUTING. We can use static or dynamic (IGP or EGP) routing, according to topology requirement.

3. Define the criteria for best path selection of a router?

Answer: A router’s routing table contains only best route. To select a route as best, a router considers the following parameters;

· * Longest prefix match

· * Minimum AD (administrative distance)

· * Lowest metric value

If all listed parameters are the same, then it would perform equal cost load balancing.

4. Define “stuck in active.”

Answer: If a successor route (best route) fails, then the router sends a query message to its neighbor demanding a feasible successor (back-up route) and a query received by the router may be forwarded to other neighbors that could lead to a loop, as well. The wait for the response of query message is called “stuck in active” (SIA).

5. Can we use OSPF without backbone area?

Answer: Yes, but it will be limited to intra-area (same area) communication. By default, Inter-area communication is not possible without backbone area.

6. What do you mean by OSPF transit area ?

Answer: A transit area is the area that has a virtual link connecting two or more ABRs attached to this area.

7. What is the difference between an OPPF neighbor and an adjacent neighbor?

Answer: Neighbors are the routers that are in the same area and exchange hello packets, but not LSA information. Adjacent routers are routers that have fully exchanged their LSA information and are stable.

If OSPF state is in 2WAY/DROTHER, it means a neighbor relationship and, if the state is FULL/DR or FULL/BDR, it means that the adjacency is formed.

8. BGP neighborship is not coming up. Please define the various steps to troubleshoot it.

Answer: To troubleshoot BGP, first we need to check neighbor state using “show ip bgp summary.” If the state is Idle, it means that the peer address or AS is not defined properly; if the state is Active, it means that TCP port 179 is not open, the peer is not reachable, network congestion, or BGP misconfiguration.

Common neighbor stability problems of BGP

· * Misconfigured neighbor’s IP address and AS number

· * Reachability issues when interfaces other than directly connected interfaces are used while peering (update-source issue).

· * Authentication must be properly implemented (if configured)

· * Router-ID must be unique

You can get more information from my BGP Tshoot article.

9. What is route reflector and why it is required?

Answer: Route reflector is a solution for BGP split horizon. The rule says “prefix learned from an iBGP neighbor will not be advertised to another iBGP neighbor.”
To overcome this situation, we have multiple options:

1. Make your network a full mesh

2. Route confederation

3. Confederation

Route reflector is something like a central point acting as a route reflector server: Rather than peering with every iBGP router in a full mesh, it makes IBGP neighbors as route reflector clients to overcome the split horizon issue.

10. What is the difference between standard and extended ACL?

Answer: Standard ACLs are source-based, whereas extended ACLs are source- and destination-based. Standard ACLs can only filter layer 3 network traffic, while extended ACLs can be used to filter layer 3 and layer 4, as well.

11. What is the use of distribute-list?

Answer: To filter a routing database, we use distribute-list, which can be applied over most routing protocols. This means that, If you don’t want any specific network in your routing table, then you can use distribute-list.

12. MPLS works on which layer?

Answer: MPLS operates between layer 2 and layer 3, so it is sometimes called layer 2.5.

13. What is penultimate hop popping (PHP) and what is its use?

Answer: PHP is the technique for removing the (POP) MPLS label before the egress router. The MPLS label on a switched packet is popped by either the egress router or the penultimate router, depending on your configuration. If you decide to use penultimate hop popping, you essentially terminate the LSP one hop earlier. The MPLS labels are popped by the routers that connect to the egress router, rather than all of them being popped by the same egress router.

14. What is the difference between layer 2 and layer 3 QoS?

Answer: L2-QoS is at the MAC layer and can be applied by using CoS (class of service) filed in the VLAN header. This will be used to prioritize traffic. Later, a QOS scheduler can use the COS filed to qualify the traffic into different QOS queues.

L3 QOS is required for IP level classification; it can be achieved through ToS (type of service) priority values—IPP (3-bit), DSCP (6-bit), which can be set in the TOS field of the IP header. This TOS will later be used by scheduling process to achieve QOS.

L2 queues are hardware-based, while L3 queues are software-based. That’s why we can modify L3 queues to meet our requirements.

General Network Concepts:

· * Data communication and transmission techniques

· * Fundamentals of OSI and TCP/IP model

· * Basic operations of a switch (startup, NVRAM, flash/IOS backup & recovery)

IP Addressing & Summarization:

· * IP address classes

· * Classful and classless IP addresses

· * IP subnetting

· * Understating wild card masks

· * CIDR, FLSM, and VLSM

· * IPv6 fundamentals

Basics of Routing

· * RIP

· * EIGRP

· * OSPF

LAN Switching:

VLAN

· * Basic requirements of VLANs

· * VLAN Database

· * Normal/Extended VLAN, voice VLAN

· * Inter-VLAN routing

· * Switch Virtual Interface (SVI)

Implement and Troubleshoot Trunking

· * Trunk encapsulations

· * DTP (Dynamic Trunking Protocol)

· * Native VLAN

· * Manual VLAN pruning

VLAN Trunking Protocol

· * Requirement and functionalities of VTP

· * VTP modes/versions

· * VTP revision number

· * VTP pruning

· * VTP authentication

Spanning Tree Protocol

· * Needs of STP

· * Switch priority, port priority, path cost, STP timers

· * PVST and PVST+

· * RSTP and RPVST

· * Multi-Spanning Tree (MST)

· * Spanning Tree Enhancements (PortFast, UplinkFast, BackboneFast, etc.)

Implement and Troubleshoot Ether-channel

· * LACP, PAgP, manual

· * Layer 2, layer 3

· * Ether-channel Load-balancing

· * Ether-channel misconfiguration guard

First Hop Redundancy

· * Hot Standby Routing Protocol (HSRP)

· * Virtual Routing Redundancy Protocol (VRRP)

· * Gateway Load Balancing Protocol (GLBP)

L2- QoS

· * QoS Models and Tools

· * Layer 2 queues

Layer 2 Network Security

· * DHCP Snooping

· * Dynamic ARP Inspection (DAI)

· * BPDU Guard, BPDU Filter, Root Guard, Loop Guard, UDLD

· * AAA server

· * VLAN Access-Maps

· * Private VLANs

· * Storm Control

· * Port-Security

· * IP Source Guard

Network Services

· * System Management (VTY, Telnet, HTTP, SSH, FTP, TFTP)

· * SNMP, Syslog

· * DHCP client, IOS DHCP server, DHCP relay

Top Interview Questions for a Network Engineer/Network Administrator (Data – LAN) Position

All of the questions below are very common and must be prepared for before facing any interview for the data-LAN environment.

Q: What is Ethernet? Define the different types of Ethernet.

A: Ethernet is a physical and data link layer LAN technology for connecting a number of computer systems with network protocols.
The Ethernet system called 10BASE-T provides transmission speeds of up to 10 Mbps. Devices are connected to the cable and compete for access using a Carrier Sense Multiple Access with Collision Detection (CSMA/CD) protocol.

Fast Ethernet or 100BASE-T provides transmission speeds of up to 100 megabits per second and is typically used for LAN backbone systems. Gigabit Ethernet provides an even higher level of backbone support at 1,000 megabits per second (1 gigabits per second).

Q: What do broadcast and collision domains mean?

A: A broadcast domain is a logical boundary of a computer network, in which all nodes can reach each other by broadcast in a LAN environment.

A collision domain is a section of a network where data packets can collide with one another when being sent on a shared medium.
Only one device in the collision domain may transmit at one time, and the other devices in the domain listen to the network in order to avoid data collisions.

Q: What are the basic differences between a hub and a switch?

A: Both hubs and switches are centralised devices that connect multiple network devices over LAN but their functionalities are different. Hubs operate at layer 1 whereas switches operate at layer 2. Hubs support half duplex transmission while switches support full duplex. There is one broadcast and collision domain in a hub, but a switch has one broadcast plus as many collision domains as the number of switch ports.

A hub operates at Ethernet but switches operate at Fast-Ethernet/Gig-Ethernet.

Q: What is a switch? What is the difference between manageable and unmanageable switches?

A: A switch is a multi-port network bridge used to connect multiple network devices over the same geographical location. It processes and forwards data at the data link layer (layer 2) of the OSI model.

Unmanaged switches have no configuration interface or options. They are typically used in small offices or home environments.

A managed network switch is configurable and provides the control to manage Spanning Tree Protocol, Port Speed, VLANS, etc. They provide a serial console and command-line access via telnet and SSH, as well as management via SNMP.

Q: What is VLAN and why is it used?

A: A VLAN (Virtual LAN) is a logical broadcast domain which allows a network administrator to create groups of logically networked devices based on functions, departments, or projects. The basic reason for splitting a network into VLANs is to reduce congestion on a large LAN.

The primary benefits of using VLANs are:

· * Security

· * Cost reduction

· * High performance

· * Broadcast storm mitigation

· * Improved IT staff efficiency

· * Simple project or application management

Q: What is a native VLAN?

A: A native VLAN is an untagged VLAN on an 802.1q trunked switch port. If a switch receives untagged frames on a trunk port, they are assumed to be part of the VLAN that are designated on the same switch port as the native VLAN. Frames that pass through a switch port on the native VLAN are not tagged.

Q: What is VLAN pruning?

A: By default, a trunk port allows all VLANs through the trunk; all switches in the network receive all broadcasts, even in situations in which few users are connected to that VLAN. Pruning is a method to prevent flooding across the network from unnecessary traffic.

Q: Define the role of access and trunk ports.

A: A Switch port plays two common roles as access and trunk.

Access Port: Carries single VLAN traffic. Mostly used to connect end devices (routers, IP phones, printers, desktops, etc.)

Trunk Port: Transports multi-VLAN traffic. Mostly used between switches configured with multiple VLANs.

Q: Why do we use VTP and what is the transparent mode in VTP?

A: VTP is a Cisco proprietary switching technology, used for VLAN database replication in a switching environment. VTP has four modes: server, client, transparent and off. VLANs created on a VTP server synchronises with VTP clients automatically.
The VTP configuration has a revision number which will increase when you make a change on a VLAN database.

VTP Transparent switches forwards VTP advertisements (server to client, client to client) but will not synchronize itself. It manages its own VLAN database, which will not be shared with any other switch.

Q: What is Spanning Tree Protocol and root bridge election?

A: Spanning Tree Protocol (STP) is one of the most important switching technologies to eliminate layer 2 switching loops. The root bridge serves as an administrative point for all spanning-tree calculations to determine which redundant links to block.

All switches send BPDUs (Bridge Protocol Data Unit) every 2 seconds from its ports which contain bridge-id, bridge-mac, cost, port-priority, etc.

For root bridge selection, STP prefers lowest bridge-priority if there is a tie in priority, then the lowest MAC address will determine which bridge becomes the root. Lower priority is preferred compared to a higher. The default bridge priority is 32768 and you can set it in multiples of 4096.

Q: What is the difference between PVST, PVST+ and RPVST?

A: Per VLAN Spanning Tree (PVST) is a Cisco proprietary technology used to configure a separate spanning tree instance for each VLAN. It supports ISL trunking encapsulation whereas PVST+ supports Dot1Q trunking encapsulation.

Rapid PVST (RPVST) works the same as PVST, but their main difference is fast convergence. RPVST skips the listening state during the transition.

Q: Give a reason for selecting MST rather than PVST.

A: The main reason for selecting MST rather than PVST/STP is the number of different VLANs involved. With 30 to 40 VLANs you can use PVST without any concerns.

However, if there are 40 VLANs in a switch, it has to maintain 40 spanning tree databases (a separate database for each VLAN) and if you decide to use MST, you need to provision some instances (logical grouping of VLANs).

Let’s say you configure two instances, each with 20 VLANs. The switch has to maintain only two spanning tree databases (a separate database for each instance) then.

Q: What is EtherChannel and is it possible to achieve load balancing using EtherChannels?

A: EtherChannel is a LAN port aggregation technology which allows grouping of several physical Ethernet links to create one logical Ethernet link for the purpose of providing fault-tolerance and high-speed links between switches, routers and servers.

Yes, EtherChannel supports load balancing on the basis of predefined hash algorithms but you cannot control the port that a particular flow uses.
The hash algorithm cannot be configured or changed to load balance the traffic among the ports in an EtherChannel.

Main hash algorithms are src_ip_addr | dest_ip_addr | src_mac_addr | dest_mac_addr | src_port | dest_port} [dest_ip_addr | dest_mac_addr | dest_port.

Q: What is DHCP, DHCP relay, and DHCP snooping?

A: Dynamic Host Configuration Protocol (DHCP) is a network protocol that automatically assigns IP addresses to hosts with other related configuration information such as the subnet mask and default gateway.

DHCP Relay is just a proxy that is able to receive a DHCP request and resend it to the real DHCP server. It means a DHCP server is installed at a remote location and your LAN gateway is acting as a DHCP relay agent (proving the information of DHCP server using “ip helper address” command).

DHCP snooping is a security mechanism which enables you to configure a switch port connected to a DHCP server as a trusted port. The trusted port is responsible for the reply DHCP requests. DHCP snooping is the best solution to prevent man-in-the-middle DHCP attacks.

Q: What are the basic differences between HSRP and VRRP?

A: Both HSRP and VRRP are high availability protocols that provide first hop redundancy.

HSRP

· * Cisco proprietary

· * 1 Active + 1 standby router and 1 or more listening routers

· * Uses separate virtual IP addresses as gateway

· * Hello timer is 3 seconds and hold-down timer is 10 seconds

· * Preempt is disabled by default

· * Multicast at 224.0.0.2 (ver1), multicast at 224.0.0.102 (ver2). Both versions use UDP port 1985

· * HSRP (v2) supports IPv6

VRRP

· * Open standard (IETF)

· * 1 master and 1 or more backup routers

· * Physical IP address can be used for Virtual IP

· * Hello timer is 1 second and hold-down timer is 3 seconds

· * Preempt is enabled by default

· * Multicast at 224.0.0.18 – IP 112

· * VRRP does not support IPv6

Network concepts:

· * Data communication and transmission techniques

· * Fundamentals of OSI & TCP/IP model

· * Router’s basic operations (startup, nvram, flash/IOS backup & recovery)

· * IP Addressing and Summarization

· * IP Routing : Basics of RIP , EIGRP , OSPF & BGP

Firewall

· * NAT (object based)

· * ACL (object based)

· * Contexts

· * Failover (Active-Standby & Active-Active)

· * Transparent

· * MPF (Modular Policy Framework)

VPN

· * Site to Site

· * SSL

· * Get VPN

· * Easy VPN

· * DMVPN

· Flex

Route-Filtering

· * Access-lists

· * Route-Maps

· * Prefix-Lists

· * Distribute-Lists

· * Filter-lists

· * Class-maps & Policy-maps

Network security

· * AAA Server

· * Dot 1x Authentication

· * Ip SLA

Questions for an Interview of Network Security Engineer/Administrator: All listed questions are very common and important and you must be prepared with all of the following answers before facing any interview for a Network Security position.

Q. What is a firewall?

Q. What is the difference between network gateway and a firewall?

Q. What is the difference between IPS and a firewall?

Q. What is a transparent firewall?

Q. What is packet filtering?

Q. Define stateful inspection?

Q. What is the Public Key Encryption?

Q. Define Digital Signatures

A: Digital signature is an attachment to an electronic message used for security purposes. It is used to verify the authenticity of the sender.

Q. What is Authorization?

Q. What is stateful failover?

Q. What is VPN and describe IPsec VPN

A: Virtual Private Network (VPN) creates a secure network connection over a public network such as the internet.

IPsec VPN means VPN over IP Security allows two or more users to communicate in a secure manner by authenticating and encrypting each IP packet of a communication session.

Q. What is Site to Site and remote access VPN?

Q. How do you check the status of the tunnel’s phase 1 & 2 ?

A: Use following commands to check the status of tunnel phases:

Phase 1 : show crypto isakmp and State : MM_ACTIVE

Phase 2 : show crypto ipsec sa

Note: if you have lot of tunnels and the output is confusing use a ‘show crypto ipsec sa peer 12.12.12.12′ command instead.

Q. What is SSL VPN? How it is different from IPsec VPN?

IPsec is a dedicated point-to-point fixed VPN connection where SSL VPNs provides anywhere connectivity without any configuration or special software at remote site.

Q. What is GRE and why is it required?

A: Generic Routing Encapsulation (GRE) is a protocol that encapsulates packets in order to route other protocols over IP networks.

GRE enables a wrapper to be placed around a packet during transmission of the data. A receiving GRE removes the wrapper, enabling the original packet to be processed by the receiving stack.

Advantages of GRE tunnels include the following:

· * GRE tunnels connect discontinuous sub-networks.

· * GRE tunnels allow VPNs across wide area networks (WANs).

· * GRE tunnels encase multiple protocols over a single-protocol backbone.

· * GRE tunnels provide workarounds for networks with limited hops.

Q. Firewalls work at what layer? Define firewall generations and their roles.

Q. What is DoS attack? How can it be prevented?

Q. What is IP Spoofing?

Q. What are the security-levels in cisco ASA?

Q. What is AAA?

Q. What is IPS? How does it work?

Intrusion Prevention System uses four types of approaches to secure the network from intrusions which include:

· * Signature-Based

· * Anomaly-Based

· * Policy-Based

· * Protocol-Analysis-Based

Top Interview Questions for VoIP Engineer/Administrators

NOTE: Click here to download additional potential interview questions.

Are you looking for job as a VoIP engineer/administrator? Or are you thinking of leaving your current position for a new job as a VoIP engineer/administrator with a new company in a Unified communication networking?

If you answered yes to either of those questions, this article is for you.

A Network Engineer/Administrator (VoIP) position is a higher-level position, often with a “junior” or “senior” prefix. The major responsibility of a VoIP engineer is to design and implement both the hardware and software technologies needed for a VoIP setup. They have to customize VoIP networks as per the organization’s needs, such as adding software and hardware, performance monitoring, troubleshooting, logging errors, backing up and restoring data, assigning permissions to users, and helping users for VoIP network issues.

Before facing any interview for a VoIP engineer position, make sure that you have enough knowledge on the below technologies:

General Network concepts

· * Fundamentals of OSI & TCP/IP model

· * IP Addressing & Summarization

· * Basics of routers and routing (EIGRP,OSPF,BGP)

· * Basics of LAN Switching (VLANs, Inter-VLAN routing, STP)

· * Network Services (Telnet, SSH, NTP, DHCP, Syslog)

VoIP Topics

· * IP phone boot process

· * Phone registration through CME (IOS based)

· * CME features- call park, call pick-up, paging, intercom

· * Understanding of clusters, ISDN configuration

· * VoIP dial peers and POTS

· * Cisco ip phone registration through CUCM (Manual/Auto/BAT)

· * Understanding and Implementation of voice gateways MGCP,H.323,SIP

· * Signaling and Flow of voice gateways

· * Call routing elements : route group, route list, SLRG

· * Partition & CSS

· * Media Recourses

· * Integration of CUCM with CUC via SCCP & SIP

· * Mobility : device/extension mobility, MUA, Single Number reach (SNR)

· * Survivable Remote Site Telephony (SRST)

· * Call manager fall back

· * Resource Reservation Protocol (RSVP)

· * Automated Alternate Routing (AAR)

My Best Questions for an Interview for VoIP Engineer/Administrators:
All of the questions below are very common and must be prepared for before facing any interview for the unified communication environment.

Q. What is VoIP?

A: Voice over Internet Protocol (VoIP) is the technology to send your voice (analog data) over the internet (digital data) to an end user. It enables users to use the Internet as the transmission medium for voice calls at a very low cost.

Q. How does VoIP (voice over Internet protocol) work? What makes it different from traditional phone service?

A: In VoIP, phone conversations are converted to packets that flit all over the Internet or private networks, just like e-mails or Web pages, though voice packets get priority status. The packets get reassembled and converted to sound on the other end of the call but in traditional phone service, a phone conversation is converted into electronic signals that traverse an elaborate network of switches, in a dedicated circuit that lasts the duration of a call.

Q. What are some disadvantages of using VoIP?

A: VoIP is far better than traditional telephony but it has some drawbacks as listed below:

· * Some VoIP services don’t work during power outages and the service provider may not offer backup power.

· * Not all VoIP services connect directly to emergency services through 9-1-1.

· * VoIP providers may or may not offer directory assistance/white page listings.

Q. What basic set-up equipment is needed for VoIP?

A: For general VoIP set up we require the following things:

· * Broadband connection

· * VoIP phone

· * Nexton soft-switches

· * Router

· * Audiocodec

· * Astric server

Q. What is PVDM and what is the use of it?

A: PVDM stands for Packet Voice DSP (digital signal processor) Module and it enables Cisco Integrated Services Routers to provide high-density voice connectivity, conferencing, and transcoding capabilities in Cisco IP Communications solutions.

Q. What is VoIP gateway and explain the basic features of it?

A: A VoIP gateway works as a bridge between an IP network and the PSTN. It converts analog telephony signals to digital.

VoIP gateways include the following features:

· * Call routing, packet processing and control signalling managementVoice and fax compression/decompressionExternal controller interfaces, for example to a soft switch, billing system or network management system

Q. What is the difference between MGCP & H.323 Voice gateways?

MGCP

· * Uses clear text for call controlUses a client-server modelIdeally positioned for service providers (centrally located call agents)Centralized management and control (Dial plan, etc.)Enhanced call survivabilityBetter feature interaction with capabilities like Caller-IDSupport of QSIG supplementary services with CCM

H.323

· * Uses Abstract Syntax Notation 1 for call control messagesUses a peer-to-peer modelScales well in an enterpriseFractional PRI supportCaller-ID support on analog FXOMany more TDM interface types and signallingGateway-resident applications like TCL and VXMLCAC network design with H.323 GatekeepersNo release dependencies between GWs and CCMCall preservation for SRST on PRIsNFAS support

Q. What is the difference between Transaction, Dialog and Session?

A: Transaction: A Transaction refers to a fundamental unit of message exchange, between the SIP user agents.; It basically includes a request-response cycle.

Dialog: A peer-to-peer relationship between two use agents. It is usually created through generations of SUCCESSFUL final response.

Session: A Session refers to the exchange of media between two or more endpoints.

Q. What you will do if you get a crackling sound on VoIP line while talking?

A: Often we get this kind of issue with analog phones which create a crackling sound when you talk, but is not common for VoIP provider or internet connection as digital systems don’t generate sounds like this. It’s only possible that it could be from the person on the other end who is also on an analog telephone line but if this happens with different people then it’s likely your phone. Try to replace the phone.

Q. What is SLRG & why do we use it?

A: SLRG (Standard Local Route Groups) eliminates the pairing between the gateway and the Route Pattern, thus creating a more flexible method of selecting a PSTN gateway.

Because it reduces the number of route patterns that need to be created per country, a huge amount of administrative overhead can be saved, especially for organizations with a large number of sites.

Q. What is the basic difference between VoIP and POTS (Plain old telephone systems) dial-peers?

A: VoIP dial peers route calls to other VoIP systems via IP protocol where POTS dial peers route calls to legacy PBX systems via local ports which can be analog (like FXS, FXO) or digital (like E1/T).

Q. What is sip trunk and what are the basic benefits of using SIP trunk?

A: SIP Trunk is a voice call connection placed over your Internet connection. This VoIP “trunk” (or phone line) connects to a provider who routes your calls through their gateway and usually has very reasonably lower rates on long distance calls, international calls and in-bound toll free calls.

Additionally, SIP trunks can carry instant messages, multimedia conferences, user presence information, and Enhanced 9-1-1 (E9-1-1) emergency calls.

· * Eliminate BRI and PRI subscription fees because SIP trunk connected directly to an Internet telephony service provider

· * Eliminate IP-PSTN gateways (or even your entire PBX)

· * Low cost long distance calls, international calls, etc.

· * Expansion of lines is dependent on bandwidth, which can easily be increased if needed. It means that with SIP trunking you don’t need to buy lines in blocks of 24 or 32. Instead, you can buy the bandwidth you need in smaller increments.

Q. What is the difference between E1 and T1 Link? In which country are we using t E1 and T1 for digital transmission?

A: The main difference between E1 and T1 is the data rate. T1 has a data rate of 1.544 mbps and E1 has a data rate of 2.048 mbps.

Other differences between T1 and E1 lies in the number of channels (E1-32 Channel and T1-24 channels) but speed (64 kbps) remains the same for both links: may be for inter – connection between the E1 and T1 lines. This is interconnected because it is used for international connectivity purposes.

T1 is used mainly in the United States, Canada, Hong Kong and Japan. E1 is mostly used in Europe.

Q. How many channels are in E1 and T1 link? What is the operational bandwidth of each channel in each link?

A: E1 link contains 32 channels where T1 link contains 24 digital channels and each channel of both T1/E1 gives you 64 kbps bandwidth.

An E1 link consists of 30B channels and 1D channel and each channel has 64k Bw.

So for E1 – you get 30*64 = 1920kbps

A T1 link consists of 23B channels and a D channel and each channel has 64k Bw. So for T1 – you get 23*64 = 1472kbps

Q. What is the signalling and what is the difference between CAS and CSS?

A: Signalling is a way of information exchange to establishment and control of a telecommunication circuit and the management of the network.

Common channel signalling (CAS) uses a dedicated channel for the signalling where Channel Associated Signalling (CAS) conveys signalling information relating to multiple bearer channels. These bearer channels therefore have their signalling channel in common.

CCS with E1 =30 B channels and 1 D channel

CCS with T1 = 23 B channels and 1 D channel

CAS with E1 = 31 B Channels

CAS with T1 = 24 B Channels

B=Bearer channels responsible for carrying voice signal

D=Data channel responsible for signalling control

Q. What are the basic differences between G711 and G729 codec?

A: G729 is a compressed audio codec with better tolerance for packet loss and jitter than G711. G729 uses 33 Kbps of bandwidth whereas G711 uses 87 Kbps. G729 is compressed but still sounds very good in poor network but G711 sounds better only with good network conditions.

Q. Can we configure trunking between Cisco and Avaya PBX?

A: QSIG PRI trunking configuration can be used to establish trunking between Cisco and Avaya PBX.
Q signalling (QSIG), a protocol for Integrated Services Digital Network (ISDN) communications based on the Q.931 standard, is used for signalling between digital PBXs.

The questions above are very tricky and important from the standpoint of clearing any interview for a VoIP network engineer/administrator position. It is not possible for anyone to explain all kinds of questions, but you can get more frequently asked interview questions for VoIP Network Engineering Jobs from the download link posted here. If you find any difficulty in answering any questions, then you can write me @ Comment section.

Collision Domain

A term collision is described as an event that usually happens on an Ethernet network when we use a "Shared Media" to connect the devices in an Ethenrnet network. A "Shared Media" is a type of connecting media which is used to connect different network devices, where every device share the same media. Example: 1) Ethernet Hubs, 2) Bus Topology

In a "Shared Media" there are no separate channels for sending and recieving the data signals, but only one channel to send and recieve the data signals.

We call the media as shared media when the devices are connected together using Bus topology, or by using an Ethernet Hub. Both are half-duplex, means that the devices can Send OR Recieve data signals at same time. Sending and recieving data signals at same time is not supported.

Collisions will happen in an Ethernet Network when two devices simultaneously try to send data on the Shared Media, since Shared Media is half-duplex and sending and recieving is not supported at same time. Please refer CSMA/CD to learn how Ethernet avoid Collision.

Collisions are a normal part of life in an Ethernet network when Ethernet operates in Half-duplex and under most circumstances should not be considered as a problem.

A CollisionDomain is any network segment in which collisions can happen (usually in Ethernet networks). In other words, a Collision Domain consists of all the devices connected using a Shared Media (Bus Topolgy or using Ethernet Hubs) where a Collision can happen between any device at any time.

For Example, if "Computer A" send a data signal to "Computer X" and "Computer B" send a data signal to "Computer Y", at same instance, a Collision will happen.

As the number of devices in a collision domain increases, chances of collisions are also more. If there is more traffic in a collision domain, the chances of collisions are also more. More collisions will normally happen with a large number of network devices in a Collision domain.

Increased collisions will result in low quality network where hosts spending more and more time for packet retransmission and packet processing. Usually switches are used to segment (divide) a big Collision domain to many small collision domains. Each port of an Ethernet Switch is operating in a separate Collision domain.

In other words, Collision cannot happen between two devices which are connected to different ports of a Switch.

No need to worry much about collision and related network problems now because we are not using Network Hubs to connect our devices. Ethernet Network Hubs are replaced with Ethernet Network Switches long way back.

Broadcast Domain

Broadcast is a type of communication, where the sending device send a single copy of data and that copy of data will be delivered to every device in the network segment. Brodcast is a required type of communication and we cannot avoid Broadcasts, because many protocols (Example: ARP and DHCP) and applications are dependent on Broadcast to function.

A BroadcastDomain consists of all the devices that will receive any broadcast packet originating from any device within the network segment.

In above picture, "Computer A" is sending a broadcast and switch will forward it to every ports and all the switchs will get a copy of broadcast packet. Every switch will flood the broadcast packet to all the ports. Router also will get a copy of broadcast packet, but the Router will not forward the packet to the next network segment.

As the number of devices in the Broadcast Domain increases, number of Broadcasts also increases and the quality of the network will come down because of the following reasons.

1) Decrease in available Bandwidth: Large number of Broadcasts will reduce the available bandwidth of network links for normal traffic because the broadcast traffic is forwarded to all the ports in a switch.

2) Decrease in processing power of computers:Since the computers need to process all the broadcast packets it recieve, a portion of the computer CPU power is spent on processing the broadcast packets. Normally a Broadcast packet is relevent to a particular computer and for other computers that broadcast packet is irrelevant (For example, DHCPDISCOVERmessage is relevent only for a DHCP Server. For other computers DHCPDISCOVER is irrelevant and they will drop the packet after processing). This will reduce the processing power of computers in a Broadcast domain.

By design, Routers will not allow broadcasts from one of its connected network segment to cross the router and reach another network segment. The primary function of a Router is to segment (divide) a big broadcast domain in to multiple smaller broadcast domains.

Difference between Static and Dynamic IP.

Static IP is also called as permanent address assigned to each device in a network, whereas Dynamic IP, a temporary address assigned to the device via DHCP software. IP address assigned to your service by your cable or DSL Internet provider is typically dynamic IP. In routers and operating systems, the default configuration for clients is dynamic IP

What is the difference between public and private IP?

A public IP address allows equipment accessible to everyone on the internet. A private IP address is for private use within the network and allows many more PCs to be connected. If you are using a private IP and wants VOIP, you need to change to a public IP address.

What is Network Address Translation?

Network Address Translation acts as an agent between the Internet and a local network. It is a dynamic method which is used to minimize Internet connectivity needs. Network address translation describes the rewriting of the Internet Protocol (IP) addresses of data packets so that multiple transmissions require only one IP address.

Define IP multicast.

IP multicast technology reduces traffic by sending stream of information to many recipients at one go. Video conferencing, stock quotas are the examples based on IP multicast.

What is subneting?

Subnet adds one level to the way IP address is represented. It logically organizes the network. For instance, it can logically group computers belongs to the finance department.

Define Address Resolution Protocol.

Address Resolution Protocol ARP, is responsible for mapping an IP address to its corresponding physical network address. It is mostly seen on Ethernet network.

Explain Maximum Transfer Unit, MTU.

MTU specifies the largest amount of data that can be transferred across a network.

What is Routing Protocol?

Routing protocol is the way to send routing information between any routers in an autonomous system.

When a source sends a packet to a destination, this packet has a specific path or route it follows. Different routing protocols are used to find the shortest path to the destination. The protocols maintain routing tables. Routing tables consist of a set of rules used to determine where these packets will travel. When a packet is received, a network device examines the packet and matches it to the routing table entry providing the best match for its destination. The packet keeps hopping until it reaches its destination

Explain the structure and use of internet addresses.

Each IP address is 32 bit long. In human language the IP addresses are written in dotted decimal notation. These are then converted to binary by the computer. Each IP address has two parts: Network identifier or a network ID and host ID. The current internet protocol standard is IPV4. The IP addresses are divided into three classes: a class A network, a class B network, and a class C network. Class A being the largest. The four digit numbers in an IPV4 address, each network of class A will have different first number, and then its network will be addressed by the rest of the three numbers, or three bytes. The IP addresses identify a machine to deliver packets and load web pages.

Explain how names are translated (resolved) into IP address.

Domain Name server or DNS is used to resolve names into IP addresses. When a web address is entered into the browser, the DNS client sends a request to the DNS server to find the corresponding IP address for the name. The DNS server receives this request and searches for the corresponding IP address in the database. If at this point the resolution fails, this server sends this request to the parent server. The request keeps going up the hierarchy to the parent servers or the closest authoritative of the DNS server to resolve the address. If the request times out an error is retuned to the client. If the server is able to resolve the name requested, it passes the information back to the client. The next request sent by the client is to request for a web page for the IP address.

Describe the basics of internet routing.

Define broadcast domain.

It is a logical area in a computer network where any computer connected to the network can directly transmit to any other computer in the domain without having to go through a routing device.

Bridge vs switch

A bridge connects two different LAN networks. A switch is something like you can connect many computers to a switch and then one computer can connect to another through the switch. Switch is a unicast one to one connection.

What is a Router?

A router is a device or sometimes a software in a computer which decides the next network point to which a packet should be forwarded to reach its destination on Internet. It is usually included as part of the network switch and is located at a gateway, including each point-of-presence on the Internet. The router is connected to at least two networks and determines which way to send each information packet based on its understanding of the state of the networks it is connected to.

Define gateway

A gateway is a network point that provides entrance into another network. On the Internet, a node or stopping point can be either a gateway node or a host (end-point) node. Both the computers of Internet users and the computers that serve pages to users are host nodes. The computers that control traffic within your company's network or at your local Internet service provider (ISP) are gateway nodes.

What is firewall?

A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators’ rules to pass through it.

What are the types of firewalls?

Packet Filtering Firewall:
This type of Firewall detects packets and block unnecessary packets and makes network traffic release.

Screening Router Firewalls:
It's a software base firewall available in Router provides only light filtering.

Computer-based Firewall:
It's a firewall stored in server with an existing Operating System like Windows and UNIX.

Hardware base Firewall:
Its device like box allows strong security from public network. Mostly used by big networks.

Proxy Server:
Proxy server allows all clients to access Internet with different access limits. Proxy server has its own firewall which filters the all packet from web server.

What is Data encryption?

Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.

What is the Public Key Encryption?

Public key encryption use public and private key for encryption and decryption. In this mechanism, public key is used to encrypt messages and only the corresponding private key can be used to decrypt them. To encrypt a message, a sender has to know recipient’s public key.

Define Digital Signatures.

Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.

What is Ethernet technology?

Ethernet technology is a high speed broadcast bus technology. In this type, all the station shares a single ether channel and receives every single transmitted signal.

What is CSMA and CD concept?

In CSDA (carrier sense multiple access), presence of any digital signal in a network is checked before transmission. Data transmission occurs only when no signal is sensed.

CD, Collision detection is responsible for monitoring carrier in order to avoid signal jam.

What is NetBIOS protocol?

NetBIOS (Network Basic Input/Output System) Protocol allows applications on separate computers to communicate over a LAN. It runs over TCP/IP giving each computer in the network a NetBIOS name and IP address. E.g. It can be used for computers running Windows 2000 (or before) to join a computer network running Windows 2000 (or later).

What is IGMP protocol?

Internet Group Management Protocol, allows internet hosts to multicast. i.e. to send messages to a group of computers. There may be a group of internet hosts interested to multicast. IGMP allows router to determine which host groups have members on a given network segment. It helps to establish group memberships. It is commonly used for streamlining videos and gaming. The protocol can be implemented both as a host side and router side. The host side is responsible to notify its membership in a group. The notification is made to a local router. This local router (router side) in turn sends out queries.

What is TCP / IP protocol?

Transmission Control Protocol / Internet Protocol: - It is a family of protocols used for communication and connection between hosts on the internet. It is the most widely used standard for transmitting data over the internet. The four layers in the protocol are (from bottom to top):- Physical layer, Data link layer, Network layer, transport layer and application layer, also called as the OSI model. In TCP/IP , IP is responsible for forwarding packets while TCP ensures the correct delivery of data from client to server. TCP detects loss of data as well.

What is HTTP (Hypertext Transfer Protocol)?

HTTP or Hyper Text Transfer Protocol is provides a set of rules to transfer files, videos, images over the world wide web. When the web browser is opened, a HTTP request call is made. A web server contains a HTTP daemon. This daemon is used to wait for HTTP requests and handle them when they arrive. The web browser from where HTTP requests are made is called as a client. These requests are sent to the server. It uses a reserved port no 80.

What is NNTP (Network News Transfer Protocol)?

NNTP or Network News Transfer Protocol is used to manage the notes posted on Unset newsgroup (a collection of posted notes on a subject posted by different users). NNTP servers are responsible for managing Usenet newsgroup collected globally. A NTTP client is a part of the web browser also called as a news reader. It uses a reserver port no 119.

What is POP3 (Post Office Protocol 3)?

POP3 or Post Office Box 3 is used fro receiving emails. It is a client server protocol which holds the email. Once the email is downloaded from the server, POP3 deletes it from the server. Ordinal numbers are used to identify specific messages.

What is SNMP (Simple Network Management Protocol)?

SNMP or Simple Network Management Protocol is typically used for managing the network. Managing the network includes managing the nodes present in the network. These nodes may be server, routers, bridges and hubs. SNMP agents are used to achieve this. Managing the network is essential because it helps to monitor network performance, detect network faults or failures, audit network usage etc. the SNMP messages like TRAP, GET or SET may be invoked by network elements or network management system.

What is Routing Protocols?

Routing protocols are used to assist in achieving the basic purpose of routing. They specify the routers the method to communicate with each other. They help the routers select the best possible path between nodes. There are different types of protocols such as link-state routing protocols, path vector protocols and distance vector routing protocols. These protocols prevent routing loops to form or break if formed already. They help to decide preferred routes from a sequence of hop costs..

What is Distance Vector Routing Protocols?

The main goal of Distance Vector Routing Protocols Is to find out the best path for he data packet to reach the destination. Distance here could be the hops. The three different types of Distance Vector routing protocols include:- Routing Information Protocol (RIP v1 and v2) and Interior Gateway Routing Protocol. The protocol is easy to manage however not well scalable.

The Distance Vector protocol initially prepares a Routing table which is shared with other routers. This routing table is shared between routers present in the same network. A new routing table is prepared when some new information is received from some other router. Now, the bad routing paths are removed keeping only the smallest hop paths. This new table is then communicated to other routers.

Explain Transmission Control Protocol, TCP

TCP ensures reliable and end to end delivery of segments of information. Segments are acknowledged to the source when received by the destination. Data is broken up into segments and sequenced properly before transmission. This arrangement of segments allows destination to trace lost data in transmission.

What is TCP protocol?

Transmission control Protocol is used to establish communication between nodes or networks and exchange data packets. It guarantees delivery of data packets in the order they were sent. Hence it is most commonly used in all applications that require guaranteed delivery of data. It can handle both timeouts (if packets were delayed) and retransmission (if packets were lost). The stream of data is transmitted in segments. The segment header is 32 bit. it is a connectionless communication protocol at the third level (network) of the OSI model.

TCP vs. UDP.

TCP guarantees the delivery of data. UDP on the other hand, does not guarantee delivery of data. TCP delivers messages in the order they were sent. UDP has no ordering mechanisms. In TCP data is sent as a stream while UDP sends data as individual packets. UDP is faster than TCP. TCP is a connection oriented protocol while UDP is connectionless.

Explain User Datagram Protocol, UDP.

The UDP is a connectionless, unreliable service. UDP messages can be lost and duplicated.

What is UDP protocol?

User Data Protocol is a communication protocol. It is normally used as an alternative for TCP/IP. However there are a number of differences between them. UDP does not divide data into packets. Also, UDP does not send data packets in sequence. Hence, the application program must ensure the sequencing. UDP uses port numbers to distinguish user requests. It also has a checksum capability to verify the data.

TCP vs. UDP.

What is TCP windowing concept?

TCP windowing concept is primarily used to avoid congestion in the traffic. It controls the amount of unacknowledged data a sender can send before it gets an acknowledgement back from the receiver that it has received it.

What is Trusted and Untrusted Networks?

Trusted networks: Such Networks allow data to be transferred transparently. The machines using a trusted network are usually administered by an Administrator to ensure that private and secured data is not leaked. Access to this network is limited. Computers using trusted networks are more secured and confidential because of strong firewalls.

Untrusted networks: Such networks are usually administered by the owners. They can allow improper access to sensitive or personal data. These machines are usually separate. Such machines could me more prone to attacks.

What are the different types of VPN?

Remote Access VPN:- Also called as Virtual Private dial-up network (VPDN) is mainly used in scenarios where remote access to a network becomes essential. Remote access VPN allows data to be accessed between a company’s private network and remote users through a third party service provider; Enterprise service provider. E.g Sales team is usually present over the globe. Using Remote access VPN, the sales updates can be made.

Site to Site VPN – Intranet based: This type of VPN can be used when multiple Remote locations are present and can be made to join to a single network. Machines present on these remote locations work as if they are working on a single network.

Site to Site VPN – Extranet based: This type of VPN can be used when several different companies need to work in a shared environment. E.g. Distributors and service companies. This network is more manageable and reliable.

What are the different authentication methods used in VPNs?

The authentication method uses an authentication protocol. The methods are:

EAP authentication method: Extensible authentication protocol authenticates remote access connection. The authentication mechanism is decided between the remote VPN client and authenticator (ISA). The mechanism is typical in which authenticator requests for authentication information and the responses are given by the remote VPN client.

MS Chap Authentication method: Microsoft Challenge Handshake Authentication Protocol (MS-CHAP) starts with the authenticator (Remote access server) challenge. The challenge to the remote access client sends a session identifier and challenge string. The client in response sends the nonreversible encryption of the string, the identifier and password. Authenticator checks the credentials and grants access on a successful authentication.

Unencrypted passwords (PAP):- Uses plain text passwords. Does not involve encryption. Used for less secure clients.

Shiva Password Authentication Protocol (SPAP):- It is a password authentication protocol. It is less secure as the same user password is always sent in the same reversibly encrypted form

What is Tunneling?

Tunneling is a mechanism provided to transfer data securely between two networks. The data is split into smaller packets and passed through the tunnel. The data passing through the tunnel has 3 layers of encryption. The data is encapsulated. Tunneling can be approached by Point to Point tunneling protocol.

What are voluntary and compulsory tunnels?

Voluntary Tunneling
Users computer is an end point of the tunnel and acts as tunnel client. Here the client or user issues a request to configure and create a voluntary tunnel. They require a dial up or LAN connection. Example of dial up connection is internet at home where a call is made to the ISP and connection is obtained.

Compulsory tunneling
In compulsory tunneling, instead of the user a vpn remote access server configures and creates a tunnel. Hence, the end point is the Remote sever not the user.

Explain static and dynamic tunnels.

Tunnels that are created manually are static tunnels. Tunnels that are auto discovered are dynamic tunnels. In dynamic tunneling, tcp connections can be checked dynamically. If no connections exist that are routed through the tunnel, a check for more suitable gateway can be done. Static tunneling may at times require dedicated equipments.

Explain the importance of increasing and decreasing subnet bits.

Adding 1’s as a bit means increasing the subnets and decreasing the hosts. Removing or decreasing 1’s means decreasing subnets and increasing hosts. Hence by increasing or decreasing the subnet architecture can be decided as per needs.

Why do we need a subnet mask?

A subnet mask allows identification of host part and network part of an IP address. Subnet mask can be used to find if an IP address is present on a subnet or not.

What is RTP?

Real-Time Transfer Protocol lays a standard or a way to transfer or manage real time data over a network. It does not guarantee the delivery of data or provide any quality of service. However it helps to manage the data. Which means that RTP can be used deliver the necessary data to the application to make sure it can put the received packets in the correct order Real time data examples could be audio and video.

What is RTP Multiplexing?

RTP multiplexing allows multiple media flows within a single RTP data payload between two points. This means that it can be used to carry multiple streams of data in one RTP packet. RTP multiplexing will reduce the bandwidth used. RTP multiplexing will also increase scalability.

Explain the use of RTP and RTCP protocols.

Use of RTP and RTCP:-

1. RTP can be used to transfer Real time data like voice packets.
2. RTP can be used with RTCP which makes it possible to monitor data.
3. Packet loss can be detected by RTP using Sequence number

RTCP provides Qos feedback :- Packets lost, round trip time.

Describe the format of RTP and RTCP packets.

The 32 bits of RTP packet format is as follows:- (L to R)

Bit 0-1:- Indicates version, currently 2
Bit 2:- P- indicates padding bytes
Bit 3:- X- Indicates presence of extension header
Bit 4-7:- CC- Contains number of CSRC identifiers that follows the header
Bit 8:- M- Current data has some special relevance (if set)
Bit 9-15:- PT- Indicates format of payload
Bit 16-31:- Sequence number
Timestamp: - 32bits – time stamp of packet
SSRC- Synchronization source identifier uniquely identifies the source of a stream.
CSRC -Contributing source IDs enumerate contributing sources to a stream which has been generated from multiple sources
Extension header: - first 32 bit word contains profile specific identifier and length specifier

The 32 bits of RTCP header format is as follows:- (L to R)
Bit 0-1:- Indicates version, currently 2
Bit 2:- P- indicates padding bytes
Bit 3 to 7:- Count of number of reception report blocks
Bit 8 to 15:- Type: - Determined RTCP packet type. Type can take values from 0 to 255
16 to 31:- Length- Length of RTCP packet - 1
SR: - Sender Report for transmission and reception from active senders
RR: - Receiver report for reception from in active senders
SDES: - Source description items
BYE- indicates end of participation
APP: - Application specific functions

Describe how the multicast protocol works.

Multicast protocol or Internet protocol delivers a singles message to multiple machines. One packet from the source is replicated and sent to the destination. Every multicast message requires a multi case group. The group defines the addresses which will receive the message. The group is defined by the class D address. Different routing protocols are used to find the multicast groups and build routes for them. Distance Vector Multicast protocol is one of them. The receiver, to whom the multicast packet is sent to, needs to ‘join’ the group. Joining the group is enabled and managed by IGMP. Multicast routers are used to transmit the messages from one network to another.

Describe how to control the scope of multicast transmissions.

Controlling the scope of multicast transmission restricts the range of group members. TTL (Time To Live) is one of the mechanisms to limit the scope. If the TTL value is small, packets would only be multicast to smaller distance destinations. More the value of TTL, more would be the scope of transmission to a larger number of machines. Administrative scoping is another mechanism. In this, transmission is restricted to a specific address space of an organization or a site.

Explain why use Multicasting.

When the same message or packet needs to be sent to multiple destinations, multicasting is used.
Within campus and offices, using multicasting file distribution can be done.
System messages, news and videos can be sent at the same time.
More commonly used for audio and video streaming.

What is a socket?

What are Sockets? How do Sockets Work?

A socket is used to connect an application to a network protocol. A socket enables communication between a client and a server. The communication is started when the client is assigned a local port number, and binds a socket to it. The client writes on the socket and gets information from server by reading it. The Socket class is used to communicate. It provides rich set of methods for both asynchronous and synchronous data transfer. ConnectAsynch is used to start an asynchronous connection. SendAsynch and ReceiveAsynch are used to send and receive data. Shutdown and close methods are used to shutdown and close the sockets.

Datagram vs. stream.

Stream can be considered as a pipe that allows full duplex connection. A datagram or a packet on the other hand, has a source and a destination. There is no connection. Stream is like a communication channel while datagram is completely self contained. Streams provide a reliable and sequenced communication. Datagram’s on the other hand are unreliable and no sequence maintained.

What is a stream socket?

A stream socket provides two way communications between a client and server. This communication is reliable and sequenced. Stream sockets are above TCP to run across any networks. They provide unduplicated flow of data and have well established mechanism for creating and destroying connections and for detecting errors.

What is SSL?

SSL is Secured Socket Layer. SSL is used to establish a secured and an encrypted connection between a server and the browser. SSL is most commonly seen in payment and banking web sites. To create a SSL connection, a SSL certificate needs to be created. If the website has a SSL certificate installed, a small icon is displayed in the tool bar to make customers confident that the site is secured.

What are the two important TCP Socket classes? Explain them

The two most important socket Classes are:

Socket Class: The Socket class provides enriched methods and properties for network communications. It allows both synchronous and asynchronous data transfer. Shutdown method should be used to end the Socket once the data transfer is complete. Using SetSocketOption the socket can be configured.
Declaration:

Public Class Socket _
Implements IDisposable

Server Socket Class: The server Socket class is used to implement server sockets. Server sockets are used to respond to requests received over the network.

What are the advantages and disadvantages of Java Sockets?

Advantages:

Flexible and powerful.
Cause low network traffic if efficiently used.
Only updated information can be sent.

Disadvantages:

The Java applets can establish communication only with the machine requested and not with any other machine on the network.
Sockets allow only raw data to be sent. This means that both client and server need to have mechanisms to interpret the data.

What is meant by Symmentric Multiprocessing (SMP)?

Symmetric Multiprocessing allows any processor to do work of another processor. SMP allows multiple processors to process programs that are a part of common OS and memory. Most common example of SMP is OLTP where many users access the same database in a relatively simple set of transactions. SMP efficiently balances the workload of the processors.

What are TP-Lite and TP-Heavy Monitors?

TP – Lite is an integration of TP Monitor functions in a database engine. TP-Heavy Monitor allows the machine to initiate some complex multi server transactions. TP Heavy monitors support client server architecture.

What is Distance Vector Routing Protocols?

What is POP3 (Post Office Protocol 3)?

What is NNTP (Network News Transfer Protocol)?

What is HTTP (Hypertext Transfer Protocol)?

What is IGMP protocol?

Define gateway

Explain how names are translated (resolved) into IP address.

Explain the structure and use of internet addresses.

Define IP multicast.

IP multicast technology reduces traffic by sending stream of information to many recipients at one go. Video conferencing, stock quotas are the examples based on IP multicast.

What is Network Address Translation?

What is the difference between public and private IP?

How would you define IP address?

IP address or Internet Protocol address is the address of a device attached to an IP network (TCP/IP network). It is a must for every client, server and network device to have a unique IP address for each network connection (network interface). Every IP packet contains a source IP address and a destination IP address. As a device moves from one network to another, its IP address changes.

Computers using the TCP/IP for communication are uniquely identified by a 32 bit address called as an IP address. The routers use the IP address information to forward the packet to the destination computer.

IP addresses are categorized as:

Private address: these IP addresses are used exclusively within a private network and not for public to see.

Public Address: these are registered IP addresses used for public.

Each IP address has a network address and a host address. IP addresses are expressed in four sets of three numbers, separated with dots. Each set is called as an octet because when converted to binary; it denotes eight binary.

MAC vs. IP Addressing

Whereas MAC addressing works at the data link layer, IP addressing functions at the network layer (layer 3). It's a slight oversimplification, but one can think of IP addressing as supporting the software implementation and MAC addresses as supporting the hardware implementation of the network stack. The MAC address generally remains fixed and follows the network device, but the IP address changes as the network device moves from one network to another.

Define Telnet

Telnet is the main Internet protocol for creating a connection to a remote server.

Define DNS

The DNS translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites. DNS implements a distributed database to store this name and address information for all public hosts on the Internet.

What is Application layer?

The application layer is located at the top of the TCP/IP protocol layers. This one contains the network applications which make it possible to communicate using the lower layers. The software in this layer therefore communicates using one of the two protocols of the layer below (the transport layer), i.e. TCP or UDP. In computer networking, an application layer firewall is a firewall operating at the application layer of a protocol stack.[1] Generally it is a host using various forms of proxy servers to proxy traffic instead of routing it. As it works on the application layer, it may inspect the contents of the traffic, blocking what the firewall administrator views as inappropriate content, such as certain websites, viruses, and attempts to exploit known logical flaws in client software, and so forth. An application layer firewall does not route traffic on the network layer. All traffic stops at the firewall which may initiate its own connections if the traffic satisfies the rules.

Explain the core naming mechanism, Domain Name System (DNS).

A Domain Name system is used to convert the names of the website on the internet to IP addresses. The domain names for each IP addresses are stored in a database that is distributed across different servers. A domain name space consists of a tree of domain names. The tree has zones. Zones consist of a collection of connected nodes. These nodes are served by a name server. A domain name is usually in the form of mydomain.com. Here, .com is the top level domain. Where as mydomain is the sub domain or subdivision. A host name is a domain name that has one or more IP addresses associated with it.

Explain the functionality of PING.

Ping Is particularly used to check if the system is in network or not. It also gives packet lost information. In windows ping command is written as ping ip_address. The output returns the data packets information. The number of packets sent, received and lost is returned by PING

What is multicasting?

Multicasting allows a single message to be sent to a group of recipients. Emailing, teleconferencing, are examples of multicasting. It uses the network infrastructure and standards to send messages.

Explain IP, TCP and UDP.

TCP – Transmission control Protocol is used to establish communication between nodes or networks and exchange data packets. It guarantees delivery of data packets in the order they were sent. Hence it is most commonly used in all applications that require guaranteed delivery of data. It can handle both timeouts (if packets were delayed) and retransmission (if packets were lost). The stream of data is transmitted in segments. The segment header is 32 bit. it is a connectionless communication protocol at the third level (network) of the OSI model.

IP – Internet protocol is used for transmission of data over the internet. IP uses IP addresses to identity each machine uniquely. Message is sent using small packets. The packet contains both the sender and receivers address. IP does not guarantee the delivery in the same order as sent. This is because the packets are sent via different routes. It is a connectionless communication protocol at the third level (network) of the OSI model.

UDP – User Data Protocol is a communication protocol. It is normally used as an alternative for TCP/IP. However there are a number of differences between them. UDP does not divide data into packets. Also, UDP does not send data packets in sequence. Hence, the application program must ensure the sequencing. UDP uses port numbers to distinguish user requests. It also has a checksum capability to verify the data.

What are network topologies? Explain Ring, Bus and Star topology.

A network topology describes the layout of a network. It describes how different nodes and elements are connected to each other. Different types of topology:

a. Ring:-

All nodes connected with another in a loop.
Each device is connected to one or more another device on either side.

b. Bus

All nodes connected to a central and a common cable called as a back bone.
In bus topology, the server is at one end and the clients are connected at different positions across the network.
Easy to manage and install.
If the backbone fails, the entire communication fails.

c. Star

All nodes connected to a central hub.
The communication between the nodes is through the hub.
Relative requires more cables as compared to BUS. However if any node fails, it wont affect the entire LAN.

What is a network? What are the different kinds of network? Explain them

A network is a group of computers or nodes connected together. They are connected with each other by communication paths.

Types of Networks:

LAN – Local Area Network connects a group of nodes covering a small physical area. LAN’s are most commonly seen in offices, building etc. LAN’s enable higher transfer rate of data, smaller coverage of area and hence less wiring.

WAN – Wide Area Network connects a group of nodes covering a wide area. WAN typically connects and allow communication between regions or national boundaries. The most common example of WAN is internet.

VPN – Virtual Private Network connects or links nodes in some larger area by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. It is used for secure communication through the public internet. VPN alone may not support explicit security features, such as authentication or content encryption.

Intranet – It is a set of networks under the control of a single administrative person. It can be considered as an internal network of an organization. If it is large, web servers are used to provide information to the users.

Extranet – It is a network that restricts itself within a single organization. It can be categorized as WAN, MAN etc. however; it cannot have a single LAN. It must have a connection (at least one) with external network.

Explain the 7 Layers of OSI.

Layer 1: Physical layer
It represents all the electrical and physical specifications for devices.

Layer 2: Data link layer
It provides the functional and procedural means to transfer data between network entities and to detect and possibly correct errors that may occur in the Physical layer.

Layer 3: Network layer
The Network layer provides the functional and procedural means of transferring variable length data sequences from a source to a destination via one or more networks.

Layer 4: Transport layer
It provides transparent transfer of data between end users.

Layer 5: Session layer
It controls the sessions between computers. It connects, manages and terminates the connections between the local and remote application.

Layer 6: Presentation layer
It transforms data to provide a standard interface for the Application layer.

Layer 7: Application layer
It provides a means for the user to access information on the network through an application.

Define File Transfer Protocol.

File Transfer Protocol (FTP), a standard Internet protocol, is the simplest way to exchange files between computers on the Internet. Like the Hypertext Transfer Protocol (HTTP), which transfers displayable Web pages and related files, and the Simple Mail Transfer Protocol (SMTP), which transfers e-mail, FTP is an application protocol that uses the Internet's TCP/IP protocols. FTP is commonly used to transfer Web page files from their creator to the computer that acts as their server for everyone on the Internet. It's also commonly used to download programs and other files to your computer from other servers.

What is FTP (File Transfer Protocol)?

FTP is File Transfer Protocol. It used to exchange files on the internet. To enable the data transfer FTP uses TCP/IP, FTP is most commonly used to upload and download files from the internet. FTP can be invoked from the command prompt or some graphical user interface. FTP also allows to update (delete, rename, move, and copy) files at a server. It uses a reserved port no 21

Define the term Protocol.

Protocol is a standard way of communicating across a network. A protocol is the "language" of the network. It is a method by which two dissimilar systems can communicate. TCP is a protocol which runs over a network.

What's the difference Between an Intranet and the Internet?

There's one major distinction between an intranet and the Internet: The Internet is an open, public space, while an intranet is designed to be a private space. An intranet may be accessible from the Internet, but as a rule it's protected by a password and accessible only to employees or other authorized users.

From within a company, an intranet server may respond much more quickly than a typical Web site. This is because the public Internet is at the mercy of traffic spikes, server breakdowns and other problems that may slow the network. Within a company, however, users have much more bandwidth and network hardware may be more reliable. This makes it easier to serve high-bandwidth content, such as audio and video, over an intranet.

What is LAN?

LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected to other LANs over any distance via telephone lines and radio waves. A system of LANs connected in this way is called a wide-area network (WAN). Most LANs connect workstations and personal computers. Each node (individual computer) in a LAN has its own CPU with which it executes programs, but it also is able to access data and devices anywhere on the LAN. This means that many users can share expensive devices, such as laser printers, as well as data. Users can also use the LAN to communicate with each other, by sending e-mail or engaging in chat sessions.

Explain the concepts and capabilities of IP Datagram.

Data transmitted over an internet using IP is carried in messages called IP datagrams.
Like all network protocol messages, IP uses a specific format for its datagrams.

The IPv4 consists of the following fields:

Version: the version of IP used to generate the datagram. For IPv4, this is of course the number 4
Internet Header Length: Specifies the length of the IP header, in 32-bit words.
Type of service: information to provide quality of service features
Total Length
Identification: it can be used if the datagram must be fragmented by a router during delivery and then for reassembling.
Flags: (Don’t Fragment, More Fragment)
Fragment Offset: When fragmentation of a message occurs, this field specifies the offset, or position.
Time to Live: specifies how long the datagram is allowed to “live”
Protocol: ICMP, TCP, UDP, etc
Header Checksum: to provide basic protection against corruption in transmission.
Source Address
Destination Address
Options
Padding: if number of bits used for options is not a multiple of 32, then paddin is added
Data

What is Data Fragmentaion? Explain how Data Fragmentaion works

Fragmentation occurs when storage space is used inefficiently due to which storage capacity and performance is reduced.

Data fragmentation occurs when a large object is inserted into storage that has already suffered external fragmentation due to which the data object is broken up into many pieces that are not close together.

When free storage becomes divided into many small pieces over time, its called External fragmentation.

What is VLSM, Variable length subnet masking?

VLSM is a means of allocating IP addressing resources to subnets according to their individual need rather than some general network-wide rule.

What is Superneting? Explain the concept of custom Subneting.

Supernetting or Classless Inter-Domain Routing (CIDR)

It is a way to aggregate multiple Internet addresses of the same class.
The adjacent network address (eg:192.168.2.0/24 and an address 192.168.3.0/24) can be merged (into 192.168.2.0/23) using supernetting.
Supernetting is the basis for most routing protocols currently used on the Internet.
It is mostly used to combine Class C network addresses.

Describe the concept of Subneting.

Subneting is a process of breaking the network into smaller units. These units care called as subnets. Here a subnet could be several machines in a single LAN. Networks using IP can create sub networks of logical addresses. With every IP address there some of the bits in the machine can be used to identify a specific subnet. The IP address then contains three parts: the network number, the subnet number, and the machine number.

What is custom Subneting?

Subnets that can be customized; i.e. modifying the dividing point between subnet ID and host ID to suit the needs of our network. The subnet mask that we use when creating a customized subnet is, called a custom subnet mask. This custom subnet mask is used to find the customization..

What is Subneting? Explain the advantages of using Subneting.

Subneting is dividing a network into several subnets.
This is usually done for the following purposes:

Reducing network traffic by decreasing the number of broadcasts
Exceeding the limitations in a local area network
Enabling people to connect to the network remotely without opening the entire network

Explain the advantages of using Subneting.

Advantages of using Subneting:-

Easier network management and trouble shooting
Routing table’s size is reduced which means faster network transfers
Solves network congestion problems:- Since the complete network is divided into smaller networks
Network addresses can be decentralized e.g. the administrator of the network can monitor the subnet.

Explain the classes of IP addresses. Why do we need them?

Class A:
Range: from 0.0.0.0 to 127.255.255.255.
Leftmost bit: 0.
First 8 bits: netid.
Remaining 24 bits: hostid.

Class B:
Range: from 128.0.0.0 to 191.255.255.255.
Leftmost 2 bits: 10
First 16 bits: netid
Last 16 bits: the hostid

Class C:
Range: from 192.0.0.0 to 223.255.255.255.
Class C networks use the first 24 bits to determine the netid.
Leftmost 3 bits: 110
The next 21 bits define network.
8 bits define the hostid.

Class D:
First 4 bits: 1110
The remaining 28 bits define multicast addresses.
No netid or hostid in a class D address.
Addresses is used for multicasting.

Class E:
First 4 bits: 1111
Addresses reserved for special use on the Internet.
There is no netid or hostid in a class E address.

What is IP Multicasting?

It is an IP address that identifies a particular group of hosts in network.
This group of hosts is called a multicast group.

Explain the concept and capabilities of Unicast IP Addresses

It is an IP address that uniquely identifies a host in a network.
The datagram with a unicast IP address is received and processed by only a single host.

Explain different layers in the OSI model.

Application Layer:

Closest to the end user
Interact directly with the software application.

Presentation Layer:

Translates application to network format, and vice versa
Works to transform data into the form that the application layer can accept
Formats and encrypts data to be sent across a network

Session Layer

Controls the connections between computers
Establishes, manages and terminates the connections between the local and remote application.
Provides full-duplex, half-duplex, or simplex operation
Establishes checkpointing, adjournment, termination, and restart procedures

Transport Layer:

Provides transparent transfer of data between end users
Providing reliable data transfer services to the upper layers
Controls the reliability of a given link through flow control, segmentation / desegmentation, and error control.

Network Layer

Provides the functional and procedural means of transferring variable length data sequences from a source to a destination via one or more networks
Performs networkrouting functions
Performs fragmentation and reassembly, and report delivery errors.

Data Link Layer

Provides the functional and procedural means to transfer data between network entities
Detects and corrects errors that occur in the Physical Layer.

Physical Layer:

Defines the electrical and physical specifications for devices.

What is Router? Explain components of Routers.

The way switches connect multiple computers, a router connects multiple networks. Routers comprise of data consisting of large tables of networks and addresses. Routers use algorithms to determine the shortest route to an address in a network.

What are the basic components of routers?

Answer

Components of Router

Internal components:

ROM:- Used to store the routers bootstrap details, operating system software.
Flash memory: - holds the operating systems images. The content is retained when the router is restarted.
RAM: - Used to store the Routing tables, configuration files, caching and buffering details. Content is lost when lost router is switched off or restarted.
NVRAM:- Stores the routers startup config files. Data is non volatile.
Network interfaces to connect router to network.

External components:

Virtual terminals: For accessing routers
Network management stations.

What are switches? Explain the concepts of Layer-3 switches.

It is a device that connects multiple network segments.
A switch analyzes the MAC address and then determines where to send the data.
So a file addressed to a computer reaches only that computer through the use of a switch.
The term ‘switch’ commonly refers to a Network bridge that processes and routes data at the Data link layer (layer 2) of the OSI model.

Switches that additionally process data at the Network Layer are often referred to as Layer 3 switches or Multilayer switches.

What is 'Gateway Of Last Resort'?

A Gateway of Last Resort or Default gateway is a route used by the router when no other known route exists to transmit the IP packet. Known routes are present in the routing table. Hence, any route not known by the routing table is forwarded to the default route. Each router which receives this packet will treat the packet the same way, if the route is known, packet will be forwarded to the known route.

Explain Circuit Level Gateway.

A circuit level gateway is used to find if a session in TCP handshaking is legitimate or not. It can be considered as a layer between application layer and transport layer. They protect the information of the private network they protect. Circuit level gateways do not filter packets.

What is an application gateway?

An application gateway is an application program that runs on a firewall between two networks. An application gateway is used for establishing connection between client program and destination service. The client negotiates with the gateway to communicate with the service of destination. Here, gateway can be called as a proxy. Hence, two connections are made. One between client and proxy; other, between proxy and destination service. Connections take place behind the firewall

Explain IP datagram, Fragmentation and MTU.

IP datagram can be used to describe a portion of IP data. Each IP datagram has set of fields arranged in an order. The order is specific which helps to decode and read the stream easily. IP datagram has fields like Version, header length, Type of service, Total length, checksum, flag, protocol, Time to live, Identification, source and destination ip address, padding, options and payload.

MTU:- Maximum Transmission Unit is the size of the largest packet that a communication protocol can pass. The size can be fixed by some standard or decided at the time of connection

Fragmentation is a process of breaking the IP packets into smaller pieces. Fragmentation is needed when the datagram is larger than the MTU. Each fragment becomes a datagram in itself and transmitted independently from source. When received by destination they are reassembled.

What is IP Spoofing and how can it be prevented?

IP spoofing is a mechanism used by attackers to gain unauthorized access to a system. Here, the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. This is done by forging the header so it contains a different address and make it appear that the packet was sent by a different machine.

Prevention:-
Packet filtering: - to allow packets with recognized formats to enter the network
Using special routers and firewalls.
Encrypting the session

What is PPP protocol? Explain PPP packet format.

Point to Point protocol helps communication between 2 computers over a serial cable, phone line or other fiber optic lines. E.g. Connection between an Internet Service Provider and a host. PPP also provides authentication. PPP operates by sending Request packets and waiting for Acknowledge packets that accept, reject or try to change the request. The protocol is also used to negotiate on network address or compression options between the nodes.

Packet format:-

Flag field: 1 byte: - Indicates frames beginning or end
Address field: 1 byte: - Used for broadcast address (destination address)
Control field: 1 byte: - Used as a control byte
Protocol field: - 1 or 2 bytes: - Setting of protocol in information field (of datagram)
Information: - 0 or more bytes: - Datagram (whether it contains data or control information)
Padding: - 0 or more bytes: - optional padding
FCS: - 2 or more bytes: - error check sum

Explain how NAT works.

Network Address Translation translates and IP address used in a network to another IP address known within another network. A NAT table is maintained for global to local and local to mapping of IP’s. NAT can be statically defined or dynamically translate from a pool of addresses. The NAT router is responsible for translating traffic coming and leaving the network. NAT prevents malicious activity initiated by outside hosts from reaching local hosts by being dependent on a machine on the local network to initiate any connection to hosts on the other side of the router.

What are the differences between a domain and a workgroup?

In a domain, one or more computer can be a server to manage the network. On the other hand in a workgroup all computers are peers having no control on each other. In a domain, user doesn’t need an account to logon on a specific computer if an account is available on the domain. In a work group user needs to have an account for every computer.
In a domain, Computers can be on different local networks. In a work group all computers needs to be a part of the same local network.

Explain the concept of DHCP.

Dynamic Host Configuration Protocol is used assigning IP addresses to computers in a network. The IP addresses are assigned dynamically. Certainly, using DHCP, the computer will have a different IP address every time it is connected to the network. In some cases the IP address may change even when the computer is in network. This means that DHCP leases out the IP address to the computer for sometime. Clear advantage of DHCP is that the software can be used to manage IP address rather than the administrator.

Explain RSVP. How does it work?

Resource Reservation protocol is used to reserve resources across a network. It is used for requesting a specific Quality of Service (QoS) from the network. This is done by carrying the request (that needs a reservation of the resource) of the host throughout the network. It visits each node in the network. RSVP used two local modules for reservation of resources. Admission control module confirms if there are sufficient available resources while policy module checks for the permission of making a reservation. RSVP offers scalability. On a successful completion of both checks RSVP uses the packet classifier and packet scheduler for the desired Qos requested.

What are Ping and Tracert?

Ping and tracert are the commands used to send information to some remote computers to receive some information. Information is sent and received by packets. Ping I particularly used to check if the system is in network or not. It also gives packet lost information. In windows ping command is written as ping ip_address Tracert is called as trace route. It is used to track or trace the path the packet takes from the computer where the command is given until the destination. In windows ping command is written as tracert ip_address

What is the use of IGMP protocol?

Internet Group Management Protocol: - It allows internet hosts to participate in multicasting. The IGMP messages are used to learn which hosts is part of which multicast groups. The mechanism also allow a host to inform its local router, that it wants to receive messages.

Explain the use of Internet Control Message Protocol (ICMP).

Internet Control Message Protocol is one of the important protocols in the Internet Protocol suite. It is mainly used in operating system of networked computers, for the purpose of sending error messages, for example, a requested service is unavailable or the host could not be reached. It is not directed by the network applications. ICMPs are utilized by routers, hosts for communicating the updates or error information to other routers.

What is the TTL (Time to Live)? Why is it required?

TTL is a value in data packet of Internet Protocol. It communicates to the network router whether or not the packet should be in the network for too long or discarded. Usually, data packets might not be transmitted to their intended destination within a stipulated period of time. The TTL value is set by a system default value which is an 8-bit binary digit field in the header of the packet. The purpose of TTL is, it would specify certain time limit in seconds, for transmitting the packet header. When the time is exhausted, the packet would be discarded. Each router receives the subtracts count, when the packet is discarded, and when it becomes zero, the router detects the discarded packets and sends a message, Internet Control Message Protocol message back to the originating host.

What is the Domain Name System (DNS)? What are the advantages of it?

A hierarchical naming system for computer systems, services or for that matter any resource participating in the internet. Various information with domain names is assigned to each of the participants. DNS translates the names of domain into meaningful to humans into binary identifiers that are associated with the equipment of network to locate and address these devices.

Advantages:

More Reliable: Delivers messages to the users with zero downtime.

Faster: DNS are connected well at intersections of internet. Any cast technology enables requests are answered to the next closest node in the case of maintenance or downtime.

Smarter: Automatic corrections of typos.

Explain TCP Windowing concept.

TCP Windowing is a concept that is used for avoiding congestion in the network traffic. Unacknowledged amount of data that is sent by the sender before the data gets acknowledgment back from the receiver that it has received it is controlled.

What is the User Datagram Protocol (UDP)?

User datagram protocol allows computer applications to send messages as datagram packets from source to destination on an Internet Protocol, with out using prior communications for setting up special transmission paths. An unreliable service is provided by UDP which makes the datagram packets may arrive irrespective of order. UDP is a better solution for time-sensitive applications due to the reason ‘dropping packets is preferable to use delayed packets’. Its stateless nature makes the server to answer smaller queries to huge number of clients.

Define Subnetting.

A subnet describes a set of networked computers which have common IP address routing prefix.

Breaking the networking into smaller and more efficient subnets is known as subnets. Subnetting prevents Ethernet packet collision which has excessive rates in a large network. Routers are used to manage the traffic and constitute borders among subnets.

What is Network Mask?

A network mask is used for determination of what subnet an IP address belongs to. An IP address has network address and the host address. The first two numbers represents the network address and the second two numbers represents the host of the network.

Define Broadcast, Unicast and Multicast.

Unicast: A term used in communication to describe a piece of information to send from one point to another. There are only sender and receiver. All LANs support unicast transfer mode and most applications that employ TCP transport protocol uses unicast messaging.

Broadcast: A term used for describing communication that is sent a piece of information from one point to all other points. There is one sender and multiple receivers. All LANs support broadcast transmission.

Multicast: A term described in communicating a piece of information sent from one or more points to a set of other points. The senders and receivers are one or more.

Explain the classes of IP address

IP addresses are organized into classes. For convenience of humans, IP addresses are expressed in the decimal format. Every number in each class is represented as binary to computers.

The four numbers in an IP address are known as ‘octets’. Each of them has eight bit positions. The octets are divided into two sections: Net and Host. The first octet represents Net for identifying the network and the Host contains the last octet. There are five IP classes.

Class A: The class A is used for very large networks. There are 1 to 126 are part of this class. That means there are 126 Class A networks. Class A networks accounts for half of the total available IP addresses.

Class B: It is used for medium size networks. The IP address with a first octet from 128 to 191 is part of this class. Class B networks have a first bit value of 1 and a second bit value of 0 in the first octet.

Class C: Class C is used for small to middle size networks. IP address with a first octet starts from 192-223. Class C networks have a first bit value of 1, second bit value of 1 and a third bit value of 0 in the first octet.

Class D: It has first, second and third bit value as 1 and the fourth bit as 0. The other 28 bits are used for identifying the group of computers which is intended for multicast messages.

Class E: Class E is used for identification purpose. The four bits value is 1. The other 28 bits are used for identifying the group of computers which is intended for multicast messages.

Explain the services provided by IP (Internet Protocol) - Addressing, Fragmentation, Packet timeouts and options

1. Addressing: For the purpose of delivering datagram packets, IP needs to know about the address of the destination. By including the host addressing, this task is carried out by IP. As IP operates in an internet, its systems are designed to accept the addressing of devices which are unique.

2. Fragmenting: The datagram packets are sent to the data link layer for the purpose of transmission on the network. The physical network frame size that uses IP may be different. To resolve this, IP fragments the datagram into certain pieces. So that, each piece can be carried on the network. The receiving systems use these pieces and reassemble the whole IP datagram again.

3. Packet timeouts: A timeout packet is the time for waiting next instruction from the command station. If the command is not sent by the station, it shuts down.

The Open System Interconnection Model

The Open System Interconnection (OSI) model specifies how dissimilar computing devices such as Network Interface Cards (NICs), bridges and routers exchange data over a network by offering a networking framework for implementing protocols in seven layers. Beginning at the application layer, control is passed from one layer to the next. The following describes the seven layers as defined by the OSI model, shown in the order they occur whenever a user transmits information.

Layer 7: Application

This layer supports the application and end-user processes. Within this layer, user privacy is considered and communication partners, service and constraints are all identified. File transfers, email, Telnet and FTP applications are all provided within this layer.

Layer 6: Presentation (Syntax)

Within this layer, information is translated back and forth between application and network formats. This translation transforms the information into data the application layer and network recognize regardless of encryption and formatting.

Layer 5: Session

Within this layer, connections between applications are made, managed and terminated as needed to allow for data exchanges between applications at each end of a dialogue.

Layer 4: Transport

Complete data transfer is ensured as information is transferred transparently between systems in this layer. The transport layer also assures appropriate flow control and end-to-end error recovery.

Layer 3: Network

Using switching and routing technologies, this layer is responsible for creating virtual circuits to transmit information from node to node. Other functions include routing, forwarding, addressing, internetworking, error and congestion control, and packet sequencing.

Layer 2: Data Link

Information in data packets are encoded and decoded into bits within this layer. Errors from the physical layer flow control and frame synchronization are corrected here utilizing transmission protocol knowledge and management. This layer consists of two sub layers: the Media Access Control (MAC) layer, which controls the way networked computers gain access to data and transmit it, and the Logical Link Control (LLC) layer, which controls frame synchronization, flow control and error checking.

Layer 1: Physical

This layer enables hardware to send and receive data over a carrier such as cabling, a card or other physical means. It conveys the bitstream through the network at the electrical and mechanical level. Fast Ethernet, RS232, and ATM are all protocols with physical layer components.

This order is then reversed as information is received, so that the physical layer is the first and application layer is the final layer that information passes through.

General Topology Configurations

10BASE-T Ethernet and Fast Ethernet use a star topology where access is controlled by a central computer. Generally a computer is located at one end of the segment, and the other end is terminated in central location with a hub or a switch. Because UTP is often run in conjunction with telephone cabling, this central location can be a telephone closet or other area where it is convenient to connect the UTP segment to a backbone. The primary advantage of this type of network is reliability, for if one of these 'point-to-point' segments has a break; it will only affect the two nodes on that link. Other computer users on the network continue to operate as if that segment were non-existent.

Collisions

Ethernet is a shared medium, so there are rules for sending packets of data to avoid conflicts and to protect data integrity. Nodes determine when the network is available for sending packets. It is possible that two or more nodes at different locations will attempt to send data at the same time. When this happens, a packet collision occurs.

Minimizing collisions is a crucial element in the design and operation of networks. Increased collisions are often the result of too many users on the network. This leads to competition for network bandwidth and can slow the performance of the network from the user's point of view. Segmenting the network is one way of reducing an overcrowded network, i.e., by dividing it into different pieces logically joined together with a bridge or switch.

CSMA/CD

In order to manage collisions Ethernet uses a protocol called Carrier Sense Multiple Access/Collision Detection (CSMA/CD). CSMA/CD is a type of contention protocol that defines how to respond when a collision is detected, or when two devices attempt to transmit packages simultaneously. Ethernet allows each device to send messages at any time without having to wait for network permission; thus, there is a high possibility that devices may try to send messages at the same time.

After detecting a collision, each device that was transmitting a packet delays a random amount of time before re-transmitting the packet. If another collision occurs, the device waits twice as long before trying to re-transmit.

Ethernet Products

The standards and technology just discussed will help define the specific products that network managers use to build Ethernet networks. The following presents the key products needed to build an Ethernet LAN.

Transceivers

Transceivers are also referred to as Medium Access Units (MAUs). They are used to connect nodes to the various Ethernet media. Most computers and network interface cards contain a built-in 10BASE-T or 10BASE2 transceiver which allows them to be connected directly to Ethernet without the need for an external transceiver.

Many Ethernet devices provide an attachment unit interface (AUI) connector to allow the user to connect to any type of medium via an external transceiver. The AUI connector consists of a 15-pin D-shell type connector, female on the computer side, male on the transceiver side.

For Fast Ethernet networks, a new interface called the MII (Media Independent Interface) was developed to offer a flexible way to support 100 Mbps connections. The MII is a popular way to connect 100BASE-FX links to copper-based Fast Ethernet devices.

Network Interface Cards

Network Interface Cards, commonly referred to as NICs, are used to connect a PC to a network. The NIC provides a physical connection between the networking cable and the computer's internal bus. Different computers have different bus architectures. PCI bus slots are most commonly found on 486/Pentium PCs and ISA expansion slots are commonly found on 386 and older PCs. NICs come in three basic varieties: 8-bit, 16-bit, and 32-bit. The larger the number of bits that can be transferred to the NIC, the faster the NIC can transfer data to the network cable. Most NICs are designed for a particular type of network, protocol, and medium, though some can serve multiple networks.

Many NIC adapters comply with plug-and-play specifications. On these systems, NICs are automatically configured without user intervention, while on non-plug-and-play systems, configuration is done manually through a set-up program and/or DIP switches.

Cards are available to support almost all networking standards. Fast Ethernet NICs are often 10/100 capable, and will automatically set to the appropriate speed. Gigabit Ethernet NICs are 10/100/1000 capable with auto negotiation depending on the user’s Ethernet speed. Full duplex networking is another option where a dedicated connection to a switch allows a NIC to operate at twice the speed.

Hubs/Repeaters

Hubs/repeaters are used to connect together two or more Ethernet segments of any type of medium. In larger designs, signal quality begins to deteriorate as segments exceed their maximum length. Hubs provide the signal amplification required to allow a segment to be extended a greater distance. A hub repeats any incoming signal to all ports.

Ethernet hubs are necessary in star topologies such as 10BASE-T. A multi-port twisted pair hub allows several point-to-point segments to be joined into one network. One end of the point-to-point link is attached to the hub and the other is attached to the computer. If the hub is attached to a backbone, then all computers at the end of the twisted pair segments can communicate with all the hosts on the backbone. The number and type of hubs in any one-collision domain is limited by the Ethernet rules. These repeater rules are discussed in more detail later.

A very important fact to note about hubs is that they only allow users to share Ethernet. A network of hubs/repeaters is termed a "shared Ethernet," meaning that all members of the network are contending for transmission of data onto a single network (collision domain). A hub/repeater propagates all electrical signals including the invalid ones. Therefore, if a collision or electrical interference occurs on one segment, repeaters make it appear on all others as well. This means that individual members of a shared network will only get a percentage of the available network bandwidth.

Types of Networks

In describing the basics of networking technology, it will be helpful to explain the different types of networks in use.

Local Area Networks (LANs)

A network is any collection of independent computers that exchange information with each other over a shared communication medium. Local Area Networks or LANs are usually confined to a limited geographic area, such as a single building or a college campus. LANs can be small, linking as few as three computers, but can often link hundreds of computers used by thousands of people. The development of standard networking protocols and media has resulted in worldwide proliferation of LANs throughout business and educational organizations.

Wide Area Networks (WANs)

Often elements of a network are widely separated physically. Wide area networking combines multiple LANs that are geographically separate. This is accomplished by connecting the several LANs with dedicated leased lines such as a T1 or a T3, by dial-up phone lines (both synchronous and asynchronous), by satellite links and by data packet carrier services. WANs can be as simple as a modem and a remote access server for employees to dial into, or it can be as complex as hundreds of branch offices globally linked. Special routing protocols and filters minimize the expense of sending data over vast distances.

Wireless Local Area Networks (WLANs)

Wireless LANs, or WLANs, use radio frequency (RF) technology to transmit and receive data over the air. This minimizes the need for wired connections. WLANs give users mobility as they allow connection to a local area network without having to be physically connected by a cable. This freedom means users can access shared resources without looking for a place to plug in cables, provided that their terminals are mobile and within the designated network coverage area. With mobility, WLANs give flexibility and increased productivity, appealing to both entrepreneurs and to home users. WLANs may also enable network administrators to connect devices that may be physically difficult to reach with a cable.

The Institute for Electrical and Electronic Engineers (IEEE) developed the 802.11 specification for wireless LAN technology. 802.11 specifies over-the-air interface between a wireless client and a base station, or between two wireless clients. WLAN 802.11 standards also have security protocols that were developed to provide the same level of security as that of a wired LAN.
The first of these protocols is Wired Equivalent Privacy (WEP). WEP provides security by encrypting data sent over radio waves from end point to end point.

The second WLAN security protocol is Wi-Fi Protected Access (WPA). WPA was developed as an upgrade to the security features of WEP. It works with existing products that are WEP-enabled but provides two key improvements: improved data encryption through the temporal key integrity protocol (TKIP) which scrambles the keys using a hashing algorithm. It has means for integrity-checking to ensure that keys have not been tampered with. WPA also provides user authentication with the extensible authentication protocol (EAP).

Problem Description

I need a list of common Windows commands to help me troubleshoot Websense in my network.

Resolution

The Windows troubleshooting commands discussed in this document fall into three categories:

· Determine which groups a user belongs

· Helpful commands entered from the Start > Run dialog box

· Comman-line tools for troubleshooting network connectivity

Determine which groups a user belongs

To generate a list of groups that a user belongs, open a command prompt and enter the following commands:

   net user <username> /domain

Replace <username> with an actual user name. For example:

   net user jdoe /domain

Helpful commands entered from the Start > Run dialog box

Select Start > Run to execute any of the following commands. mstsc	Opens the Remote Desktop (RDP) tool
winmsd	Opens the System Information dialog box
inetcpl.cpil	Opens the Internet Explorer Properties dialog box
odbccp32.cpl	Opens the ODBC Data Source Administrator
mmc	Opens the Microsoft Management Console (MMC)
services.msc	Opens the Windows Services dialog box
eventvwr.msc	Opens the Windows Event Viewer
dsa.msc	Opens the Active Directory User and Computers management console
dssite.msc	Opens the Active Directory Sites and Services management console
adminpak.msi	Launches the Administration Tools Pack installer
dxdiag	Opens the DirectX Diagnostic Tool
\\< Name or IP>\C$	Opens a UNC to the C: share
cmd	Opens the Windows Command Prompt using the 32-bit cmd shell

Command-line tools for troubleshooting network connectivity

This list contains some common commands for troubleshooting network connectivity. Select Start > Run and then type cmd to access the appropriate command prompt. Activating a command window viaStart > Programs > Accessories does not allow all of the following tools to run correctly.

User-added image

arp -a	Shows gateway MAC address.
gpresult	Starts the Operating System Group Policy Result tool
ipconfig /all	Displays the full TCP/IP configuration for all adapters
ipconfig /flushdns	Flushes the DNS resolver cache. Helpful when troubleshooting DNS name resolution problems
nbtstat -a <MachineName>	Obtains info from WINS or LMHOST (discovers who is logged on)
nbtstst -A <IP>	Gets info from WINS or LMHOST (discovers who is logged on)
nbtstat -R	Purges and reloads the remote cache name table
nbtstat -n	Lists local NetBIOS names.
nbtstat -r	Useful for detecting errors when browsing WINS or NetBIOS
netstat -ab	The b switch links each used port with its application
netstat -an	Shows open ports
netstat -an 1 \| find "15868"	Locates only lines with the number 15868 and redisplays every one second
netstat -an \| find "LISTENING"	Shows open ports with LISTENING status
net use	Retrieves a list of network connections
net use file://1.2.3.4/	Sees if the machine can poll IP 1.2.3.4
net user	Shows user account for the computer
net user /domain	Displays user accounts for the domain
net user /domain <UserName>	Shows account details for specific user
net group /domain	Shows group accounts for the domain
net view	Displays domains in the network
net view /domain	Specifies computers available in a specific domain
net view /domain: <DomainName> \| more	Shows user accounts from specific domain
net view /cache	Shows workstation names
nslookup	Looks up IP/hostnames and displays information helpful in diagnosing DNS issues
ping -a <IP>	Resolves IP to Hostname
ping -t <IP>	Pings host until stopped
set U	Shows which user is logged on
set L	Shows the logon server
telnet <IP> <port>	Confirms whether the port is open

net use %LOGONSERVER%

· Use this command to hit the Domain Controller resulting in DC Agent picking up the user name you logged onto the server with. An example of the command follows:

· net use \\<Domain Controller IP or Hostname>

Notes & Warnings

NOTE

Some commands may output more data then the default command window can show. To view the complete data, use the pipe command ( > or | ) to direct the output to a file. For example, type net user \domain > GroupOutPut.txt to create a text file called GroupOutPut.txt that contains the output data.

ipconfig – Quickly Find Your IP Address

You can find your IP address from the Control Panel, but this takes quite a few clicks. The ipconfig command is a fast way of determining your computer’s IP address and other information, such as the address of its default gateway — useful if you want to know the IP address of your router’s web interface.

To use the command, just type ipconfig into a Command Prompt window. You’ll see a list of all the network connections your computer is using. Look under Wireless LAN adapter if you’re connected to Wi-Fi or Ethernet adapter Local Area Connection if you’re connected to a wired network.

ipconfig /flushdns – Flush Your DNS Resolver Cache

If you change your DNS server, the effects won’t necessarily take place immediately. Windows uses a cache that remembers DNS responses it’s received, saving time when you access the same addresses again in the future.

To ensure Windows is getting addresses from the new DNS servers instead of using old, cached entries, run the ipconfig /flushdns command after changing your DNS server.

ping, tracert – Troubleshoot Network Connection Issues

If you’re experiencing issues connecting to a website or other network connection issues, Windows and other operating systems have some standard tools you can use to identify problems.

First, there’s the ping command. Type ping google.com and Windows will send packets to Google.com. Google will respond and let you know it’s received them. You’ll be able to see if any packets didn’t make it to Google.com — perhaps you’re experiencing packet loss — and how long it took you to hear back — perhaps the network is saturated and packets are taking a while to reach their destinations.

There’s also the tracert command, which traces the route it takes for a packet to reach a destination. For example, run tracert google.com and you’ll see the path your packet takes to reach Google. If you’re having issues connecting to a website, tracert can show you where the problem is occurring.

For more information about using these commands, read our introduction to troubleshooting Internet connection problems.

shutdown – Create Shutdown Shortcuts on Windows 8

The shutdown command is particularly useful on Windows 8. You can use it to create your own shortcuts and place them on your Start screen or desktop, allowing you to more easily shut down Windows without digging through the charms bar or logging out first.

This command can also be used to restart your computer. On Windows 8, you can even use a special switch to restart your computer into the advanced startup options menu.

· Shut Down: shutdown /s /t 0

· Restart: shutdown /r /t 0

· Restart Into Startup Options: shutdown /r /o

recimg – Create Custom Recovery Images

The Refresh Your PC feature on Windows 8 allows you to restore your computer’s system state to its original state — either from a clean Windows install or as the computer came from its manufacturer. You can create your own custom recovery images, but this feature is hidden — you have to do it with the recimg command from a command line. This allows you to removemanufacturer-installed bloatware or add your favorite desktop programs to your recovery image.

For more information about using recimg, read our overview of everything you need to know about creating and using custom recovery images on Windows 8.

http://cdn5.howtogeek.com/wp-content/uploads/2012/04/image310.png

wbadmin start backup – Create System Recovery Images

Windows 8.1 removes the Windows 7 backup interface, which allowed you to create system backup images. These system images contain a complete snapshot of every single file on the system, so they’re different from Windows 8’s recovery images.

While the graphical interface has been removed, system administrators and geeks can still create system image backups by running the wbadmin start backup cmdlet in a PowerShell window. Unlike all the other commands here, this command-line tool must be run from within PowerShell, not the Command Prompt.

http://cdn5.howtogeek.com/wp-content/uploads/2013/07/xcreate-system-backup-image-from-powershell.png.pagespeed.ic.RZkILtAUAh.png

sfc /scannow – Scan System Files for Problems

Windows includes a system file checker tool that scans its system files and looks for problems. If system files are missing or corrupted, the system file checker will repair them. This may fix problems with some Windows systems.

To use this tool, open a Command Prompt window as Administrator and run the sfc /scannowcommand.

telnet – Connect to Telnet Servers

The telnet client isn’t installed by default. You’ll have to install it from the Control Panel. Once installed, you can use the telnet command to connect to telnet servers without installing any third-party software.

You should avoid using telnet if you can help it, but if you’re connected directly to a device and it requires that you use telnet to set something up — well, that’s what you have to do.

cipher – Permanently Delete and Overwrite a Directory

The cipher command is mostly used for managing encryption, but it also has an option that will write garbage data to a drive, clearing its free space and ensuring no deleted file can be recovered. Deleted files normally stick around on disk unless you’re using a solid state drive. The cipher command effectively allows you to “wipe” a drive without installing any third-party tools.

To use the command, specify the drive you want to wipe like so:

ciper /w:C:\

netstat -an – List Network Connections and Ports

The netstat command is particularly useful, displaying all sorts of network statistics when used with its various options. One of the most interesting variants of netstat is netstat -an, which will display a list of all open network connections on their computer, along with the port they’re using and the foreign IP address they’re connected to.

k Connecvity

§ Troubleshooting Network Connectivity Issues

§ Required Ports for Steam

§ Known Issues with Internet Service Providers (ISPs)

Important:

Before proceeding with troubleshooting, please check the Steam Server Status page to ensure the issue which you are encountering is not related to system-wide downtime. (If you encounter any timeout errors when attempting to access Steam sites, it is very likely that there is a system-wide issue and Steam will not be accessible until the issue is resolved)

sues

Please follow the steps below to diagnose network connectivity issues within Steam:

1. Test Your Router trying anything else:

Try bypassing your router by connecting your computer directly to your modem.

If the issue disappears after bypassing your router, please refer to the Using a Router with Steam topic for instructions on configuring your router.

Note: running your router in DMZ mode is not supported by Steam and may result in connection issues.

Additionally, wireless connections are not recommended for online gaming. To ensure reliability, make sure you are using a wired connection to the internet while playing online.

2. Troubleshoot all Firewalls

See the Using a Firewall with Steam topic for instructions to properly configure your firewall for Steam.

Note: If you are installing Steam for the first time or Steam has recently been updated, a firewall may be preventing Steam from connecting to the Steam Network - even if Steam worked correctly before the update was applied.

3. Disable Background Applications

Review the Programs Which May Interfere With Steam and reconfigure, disable or uninstall any programs which may be preventing Steam and Valve games from connecting.

4. Viruses, Trojans, Adware and Spyware

Scan your computer for Spyware, Adware, and Viruses Interfering with Steam.

5. Power Cycle Your Network Hardware

If the issue persists, unplug your modem and router, wait a few seconds, then plug them back in. Sometimes, these devices simply need to be refreshed.

6. Try Launching Steam using TCP

Start Steam with the "-tcp" launch option. Please see the Setting Steam Launch Optionstopic for instructions.

Required Ports for Steam

All required ports to run the Steam application are listed here. It is possible that other games available on Steam will require further ports to be available.

Note:

Many university networks and proxies block required ports for Steam operation - please consult your network administrator to ensure the required ports are open if you are using a university network or a proxy. Ports required for Steam can not be re-mapped to HTTP or reconfigured to a custom port range.

If you notice that your Steam connection only has issues during certain hours of the day (usually in the evenings between 5pm and 11pm), it is probable that your ISP is blocking or "shaping" your connection. Please test your connection at other hours of the day and contact your ISP directly if you believe this is causing the connection issue.

There are several ISPs which block ports required for the proper operation of Steam and Steam games:

§ 012.net (Steam traffic blocked)

§ Bluewin (Firewall blocks Steam from provider side - must be disabled through provider's service portal)

§ Dutch Telecom (Steam traffic blocked)

§ ISPFree (Steam traffic blocked)

§ Micronet Broadband (Steam traffic blocked)

There are connection issues with certain ISPs that can be avoided depending on what type of cable/DSL modem and router you have.

Please follow the guide for Client dropped by ser

Header Ads

Recently post

paloalto

Labels

Categories

Youtube Videos

Contact Form

PaloAlto

Checkpoint

ALL PDF FILES like ccna, ccnp, security, cyber security

adsense

sponsor

About Us

Questions for Network Engineer / Network Administrator (Security)

Collision Domain

Broadcast Domain

Difference between Static and Dynamic IP.

What is the difference between public and private IP?

What is Network Address Translation?

Define IP multicast.

What is subneting?

Define Address Resolution Protocol.

Explain Maximum Transfer Unit, MTU.

What is Routing Protocol?

Explain the structure and use of internet addresses.

Explain how names are translated (resolved) into IP address.

Describe the basics of internet routing.

Define broadcast domain.

Bridge vs switch

What is a Router?

Define gateway

What is firewall?

What are the types of firewalls?

What is Data encryption?

What is the Public Key Encryption?

Define Digital Signatures.

What is Ethernet technology?

What is CSMA and CD concept?

What is NetBIOS protocol?

What is IGMP protocol?

What is TCP / IP protocol?

What is HTTP (Hypertext Transfer Protocol)?

What is NNTP (Network News Transfer Protocol)?

What is POP3 (Post Office Protocol 3)?

What is SNMP (Simple Network Management Protocol)?

What is Routing Protocols?

What is Distance Vector Routing Protocols?

Explain Transmission Control Protocol, TCP

What is TCP protocol?

TCP vs. UDP.

Explain User Datagram Protocol, UDP.

What is UDP protocol?

TCP vs. UDP.

What is TCP windowing concept?

What is Trusted and Untrusted Networks?

What is Tunneling?

What are voluntary and compulsory tunnels?

Explain static and dynamic tunnels.

Explain the importance of increasing and decreasing subnet bits.

Why do we need a subnet mask?

What is RTP?

What is RTP Multiplexing?

Explain the use of RTP and RTCP protocols.

Describe the format of RTP and RTCP packets.

Describe how the multicast protocol works.

Describe how to control the scope of multicast transmissions.

What is a socket?

What are Sockets? How do Sockets Work?

Datagram vs. stream.

What is a stream socket?

What is SSL?

What is meant by Symmentric Multiprocessing (SMP)?

What are TP-Lite and TP-Heavy Monitors?

What is Distance Vector Routing Protocols?

What is POP3 (Post Office Protocol 3)?

What is NNTP (Network News Transfer Protocol)?

What is HTTP (Hypertext Transfer Protocol)?

What is IGMP protocol?

Define gateway

Explain how names are translated (resolved) into IP address.