Networking
What is a Proxy Server and how do they protect the computer network?
For data transmission, IP addresses are required and even DNS uses IP addresses to route to the correct website. It means without the knowledge of correct and actual IP addresses it is not possible to identify the physical location of the network. Proxy Servers prevent external users who are unauthorized to access such IP addresses of the internal network. The Proxy Server makes the computer network virtually invisible to the external users.
What is HTTP and what port does it use?
HTTP is HyperText Transfer Protocol and it is responsible for web content. Many web pages are using HTTP to transmit the web content and allow the display and navigation of HyperText. It is the primary protocol and port used here is TCP port 80.
Troubleshooting Issues with SSH
explain
netsh int ip reset reset.txt
used to re-install tcp/ip stack on computer
What is DNS?
Domain Name Server (DNS), in a non-professional language and we can call it as Internet's phone book. All the public IP addresses and their hostnames are stored in the DNS and later it translates into a corresponding IP address.
What Is A Domain? What Is The Difference Between A Domain And A Workgroup?
Domain is created when we install Active Directory. It's a security boundary which is used to manage computers inside the boundary. Domain can be used to centrally administor computers and we can govern them using common policies called group policies. We can't do the same with workgroup. Domain: Collecton of clients controlled by the server called Domain Work Group : Collection of Client network called Work Group
What is a Firewall?
Firewall is a network security system that is used to protect computer networks from unauthorized access. It prevents malicious access from outside to the computer network. A firewall can also be built to grant limited access to the outside users. The firewall consists of a hardware device, software program or a combined configuration of both. All the messages that route through the Firewall are examined by specific security criteria and the messages which meet the criteria are successfully traversed through the network or else those messages are blocked.
What is Data Encapsulation?
In a computer network, to enable data transmission from one computer to another, the network devices send messages in the form of packets. These packets are then added with the IP header by OSI reference model layer. The Data Link Layer encapsulates each packet in a frame which contains the hardware address of the source and the destination computer. If a destination computer is on the remote network then the frames are routed through a gateway or router to the destination computer.
Server-based networks
In this type of network, a central server is located to store the data, applications etc of the clients. The server computer provides the security and network administration to the network.
Wide Area Network (WAN)
Multiple LAN's and MAN's connected together form a WAN. It covers a wider area like a whole country or world.
What is NIC?
NIC stands for Network Interface Card. It is also known as Network Adapter or Ethernet Card. It is in the form of add-in card and is installed in a computer so that the computer can be connected to a network. Each NIC has a MAC address which helps in identifying the computer on a network.
What is Network Topology?
Network Topology is a physical layout of the computer network and it defines how the computers, devices, cables etc are connected to each other.
Describe the layers of OSI model?
OSI model stands for Open System Interconnection It is a framework which guides the applications how they can communicate in a network.
A User Is Able To Ping Ip Addresses On The Internet , But Unable To Access It Via Domain Names. Should The Dns Server Be Configured On The Gateway Or The Client.
The DNS server can be a public server or the gateway address. If it is the gateway address, the DNS server address should be configured on the gateway. The DNS server should also be configured on the users TCP/IP adapter.
Explain TCP/IP Model
The most widely used and available protocol is TCP/IP i.e. Transmission Control Protocol and Internet Protocol. TCP/IP specifies how data should be packaged, transmitted and routed in their end to end data communication.
Define Round Trip Time?
The time taken for a signal to reach the destination and travel back to the sender with the acknowledgment
What is a Node?
Two or more computers are connected directly by an optical fiber or any other cable. A node is a point where a connection established. It is a network component which is used to send, receive and forward the electronic information.
Explain DNS?
acts as a translator between domain names and IP address. As humans remember names, the computer understands only numbers. Generally, we assign names to websites and computers like gmail.com, Hotmail etc. When we type such names the DNS translates it into numbers and execute our requests.
Given a customer received a 403 response from using your web service, how would you debug the issue?
answer?
Private Ip address
any number or address assigned to a device on a private TCP/IP Local Area Network that is accessible only within the Local Area Network. For a resource inside the Local Area Network to be accessible over the Internet, a device within the Local Area Network must be connected to the Internet with a public IP address, and the networking must be appropriately configured.
Name GCP firewall rules
at least 6 answers
Expand DHCP and describe how it works?
is used to assign IP addresses automatically to the devices over the network. When a new device is added to the network, it broadcasts a message stating that it is new to the network. Then the message is transmitted to all the devices of the network. Only the DHCP server will react to the message and assigns a new IP address to the newly added device of the network.With the help of the DHCP, the IP management became very easy.
Name some Firewall Rule component
numerical priority, direction of traffic, action on match, target, source, protocol, enforcement status
What are TCP and UDP?
the most widely used protocols that are built on the top of IP protocol. Both are used to send bits of data over the internet, which is also known as 'packets'.
What is decryption?
the process of converting back the encrypted data to its normal form. An algorithm called cipher is used in this conversion process.
What is the use of encryption
the process of converting the transmission data into another form that is not read by any other device other than the intended receiver.
How VPN is used in the corporate world?
the remote users can securely connect to the organization's network. Corporate companies, educational institutions, government offices etc use this VPN.
What is a Network?
A network is a set of devices connected to each other using a physical transmission medium.
How Would You Troubleshoot Dhcp Server Related Issues.?
Check the IP connectivity with the DHCP server from a system configured on the network. Test if the DHCP client and server service is started on the DHCP server and the client. Test if the DHCP server service is reachable using nmap.
What Would You Use To Connect Two Computers Without Using Switches?
Cross cable.
Full Duplex
Data transferring happens in both directions that too simultaneously. Eg: Two lane road where traffic flows in both the directions, communication through telephone etc.
Simplex
Data transferring which takes place only in one direction is called Simplex. In Simplex mode, the data gets transferred either from sender to receiver or from receiver to sender. Eg: Radio signal, the print signal given from computer to printer etc.
Performance Testing:
To test performance on your interconnect attachments, use a VM on your VPC network. Add the performance tools that you require on the VM. Do not use link local IP address to test for latency such as ICMP ping or path MTU. Using cloud Router can give you unpredictable results
Reverse lookup
Translating the IP address to names
Forward lookup
Translating the names into numbers or IP address
What Is Apipa Ip Address? Or What Ip Address Is Assigned To The Computer When The Dhcp Server Is Not Available?
When DHCP server is not available the Windows client computer assignes an automatic IP address to itself so that it can communicate with the network cmputers. This ip address is called APIPA. ITs in the range of 169.254.0.0 to 169.254.255.255 APIPA stands for Automatic private IP addressing.
show ip interface brief
a command used to verify that the IPv4 interfaces are up and up
What is the difference between Firewall and Antivirus?
acts as a gatekeeper which prevents unauthorized users to access the private networks as intranets. A firewall examines each message and blocks the same which are unsecured.
Name the different types of network topologies and brief its advantages?
bus, star, ring and mesh
Local Area Network (LAN)
A network with a minimum of two computers to a maximum of thousands of computers within an office or a building is termed as LAN.Generally, it works for a single site where people can share resources like printers, data storage etc.
What are IP classes and how can you identify the IP class of given a IP address?
An IP address has 4 sets (octets) of numbers each with a value up to 255. Class A type has a range up to 127.x.x.x (except 127.0.0.1). If it starts with bits 10 then it belongs to Class B. Class B having a range from 128.x to 191.x. IP class belongs to Class C if octet starts with bits 110. Class C has a range from 192.x to 223.x.
IP config/release or ip config /renew
If you are connected to a network that uses DHCP and you need to terminate your windows workstation DHCP lease, which command would you use?
GCP firewalls always allowed traffic
* DHCP * DNS * NTP * Instance Metdata
What is antivirus?
Antivirus is a software program that protects a computer from any malicious software, any virus, spyware, adware etc.
Name Three Steps Which You Would Use To Troubleshoot Internet Related Problems.?
Check the connectivity with the default gateway. Check if the DNS server is configured on the PC. Check if the appropriate port number is active using nmap on the DNS server.
What is OSI reference model?
Open System Interconnection, the name itself suggest that it is a reference model which defines how applications can communicate with each other over a networking system.
Firewall actions
allow or deny ingress or egress traffic
If network to or from the traffic is being dropped
* Check firewall rules, by default all projects come with a default network that allows certain kinds of connections. By default all ingress traffic are denied so you can't even ssh, see above for more * May need to adjust the TCP keep alive settings to workaround the default connection timeout of 10 minutes
BGP session not working:
* Enable multi hop on you router with at least 2 hops * Check that BGP session is active * Check that routes are being advertised and received by router * Set MTU(maximum transmissions unit - determines maximum size of a packet) size to 1440 on your on premise router
Instance doesn't start troubleshooting
* Examine the VN instance serial port output: an instances BIOS, boot loader and kernel print their debug message into a serial port output, providing information about any error or issues * Enable interactive access to serial console so you can log in and debug boot issues from within the instance, without requiring your instance to be fully booted * Verify that your disk has a valid filesystem: if the file system is corrupted or invalid you won't be able to launch your instance * Look up root part of the disk using ls -l /dev/disk then identify which disk is root * Run filesystem check on the root partition sudo fsck /dev/sdb1 * Mount your file system sudo mount /dev/sdb1 /mydisk * Check that the disks has kernel files ls /mydisk/boot/vmlinuz-* * Verify that the disks have valid Master Boot Record MBR * If MBR is valid, It will list information about the filesystem sudo parted /dev/sdb print
GCP firewalls always block
* GRE traffic * Protocols other than TCP, UDP, IPIP, ICMP * Egress traffic TCP port 25(SMTP)
Troubleshoot why the internet is slow
* Ping: While this is a common measure of network reachability. ICMP ping does not give good indication of end user latency. RTT shows latency in ms(millisecond) * Time to first byte (TTFB): A good way to measure the first HTTP response is to issue a curl command to the server and get a response from the web server
what are the pre-populated with firewall rules to allow ingress traffic
* default-allow-internal * default-allow-ssh * default-allow-rdp * default-allow-icmp
What Is A Gateway?
A default gateway is a routing device used to forward all traffic that is not addressed to a destination within the local network or local subnet. If you don't have a default gateway, it is not possible to communicate with the network device/host of different networks.
loopback address
An IP address that indicates your own computer and is used to test TCP/IP configuration on the computer. 127.0.0.1
A User Is Unable To Telnet Into The Router. Explain The Methodology Of Troubleshooting.?
Check the IP connectivity using ping. Check if port 23 is open on the router using nmap.
Half Duplex
Data transferring can happen in both directions but not at the same time. Alternatively, the data is sent and received. Eg: Browsing through the internet, a user sends the request to the server and later the server processes the request and sends back the web page.
Cant connect to other resources in other regions (subnets)
Cloud router only advertises to subnets in it's region. To connect to other regions, set dynamic routing of your VPC records, so the cloud can advertise to other subnets
Describe a DHCP Discover message
DHCP discover DHCP offer DHCP request DHCP acknowledgement
Explain DHCP briefly?
DHCP stands for Dynamic Host Configuration Protocol and it automatically assigns IP addresses to the network devices. It completely removes the process of manual allocation of IP addresses and reduces the errors caused due to this. This entire process is centralized so that TCP/IP configuration can also be completed from a central location. DHCP has "pool of IP addresses" from which it allocates the IP address to the network devices. DHCP cannot recognize if any device is configured manually and assigned with the same IP address from the DHCP pool. In this situation, it throws "IP address conflict" error.
Explain Data Encapsulation?
Encapsulation means adding one thing on top of the other thing. When a message or a packet is passed through the communication network (OSI layers), every layer adds its header information to the actual packet. This process is termed as Data Encapsulation.
What is HTTPs and what port does it use?
HTTPS is a Secure HTTP. HTTPS is used for secure communication over a computer network. HTTPS provides authentication of websites which prevents unwanted attacks. In a bi-directional communication, HTTPS protocol encrypts the communication so that tampering of the data gets avoided. With the help of a SSL certificate, it verifies if the requested server connection is a valid connection or not. HTTPS uses TCP with port 443.
What is the difference between Hub, Switch, and Router?
Hub is least expensive, least intelligent and least complicated of the three.It broadcast all data to every port which may cause serious security and reliability concern Switches work similarly like Hubs but in a more efficient manner. It creates connections dynamically and provides information only to the requesting port The router is smartest and most complicated out of these three. It comes in all shapes and sizes. Routers are similar like little computers dedicated for routing network traffic
What is meant by 127.0.0.1 and local host?
IP address 127.0.0.1, is reserved for loopback or local host connections. These networks are usually reserved for the biggest customers or some of the original members of the Internet. To identify any connection issue, the initial step is to ping the server and check if it is responding. If there is no response from the server then there are various causes like the network is down or the cable needs to be replaced or network card is not in a good condition. 127.0.0.1 is a loopback connection on the Network Interface Card (NIC) and if you are able to ping this server successfully, then it means that the hardware is in a good shape and condition. 127.0.0.1 and local host are the same things in most of the computer network functioning.
what are ipconfig and ifconfig?
Ipconfig stands for Internet Protocol Configuration and this command is used on Microsoft Windows to view and configure the network interface. The command ipconfig is useful for displaying all TCP/IP network summary information currently available on a network. It also helps to modify the DHCP protocol and DNS setting. Ifconfig (Interface Configuration) is a command that is used on Linux, Mac, and UNIX operating system. It is used to configure, control the TCP/IP network interface parameters from CLI i.e. Command Line Interface. It allows you to see the IP addresses of these network interfaces.
What is SNMP?
It is a network protocol used for collecting organizing and exchanging information between network devices. SNMP is widely used in network management for configuring network devices like switches, hubs, routers, printers, servers
Metropolitan Area Network (MAN)
It is larger than LAN and used to connect various LAN's across small regions, a city, campus of colleges or universities etc which in turn forms a bigger network.
What Is A Cross Cable?
Its used to connect same type of devices without using a switch/hub so that they can communicate.
Can't ping cloud router
Make sure that your device has learned the MAC address in the GCP side of the cloud interconnect. You can find the MAC address by running cloud command * gcloud compute interconnects get diagnostics googleSystemID contains the MAC address that should be present in your device's ARP table. If your device has not learned a MAC address, verify that the correct VLAN ID and IP address are configured on the stub interface * Show vlan * Show ip interface If you see the wrong MAC address, verify that you have not bridged Layer two segments of two VLANS. GCP is configured with ip-proxy-arp which replies to all ARP requests and can cause your router to learn the wrong routes Check that you can ping Google's port channel IP address IP address is googleIPAddress value Check that you have the correct VLAN on your premise router's sub interface. When you create an in
What Is Ping Utility?
PING: Packet Internet Gropper. It's a diagnostic utility, which diagnose connectivitybetween computers. It use ICMP: Internet Control Messaging protocol to send echorequests ( usually 4 packets) and receive echo replies (4 packets)
What Is The Difference Between Physical Address And Logical Address?
Physical Address: It's called as MAC Address (48 bit) Logical Address : It's Called as Ip Address (IPv4 -32 bit & IPv6 -128 bit)
How Would You Troubleshoot Dns Problems?
Ping the DNS server and check the response. Check with wireshark if DNS request and response packets are being sent and received.
APIPA
Short for Automatic Private IP Address, this is a private range of addresses automatically assigned by a host that cannot connect to a DHCP server.
What Is Subnet Mask?
Subnet mask is used for identify the Network.
Name Three Steps Which You Would Use To Troubleshoot Ftp Server Related Problems.?
Test basic connectivity with ping, Check with nmap if the ports are open (20 and 21). Check if a firewall is restricting traffic to the server.
Slow Internet Performance
Use speed test websites, conducting tests from geographically remote servers. This can pinpoint areas of congestion on the ISP's network. In the case of cable internet, the local network is shared amongst your neighbors, committing your ISP to a costly bandwidth upgrade when saturation occurs. Report your findings to your ISP so that they can take steps to resolve the issue.
what is a VPN?
VPN is the Virtual Private Network and is built on the Internet as a private wide area network. Internet-based VPNs are less expensive and can be connected from anywhere in the world. VPNs are used to connect offices remotely and are less expensive when compared to WAN connections. VPNs are used for secure transactions and confidential data can be transferred between multiple offices. VPN keeps company information secure against any potential intrusion.
Define Static IP and Dynamic IP?
When a device or computer is assigned a specified IP address then it is named as Static IP. It is assigned by the Internet Service Provider as a permanent address. Dynamic IP is the temporary IP address assigned by the network to a computing device. Dynamic IP is automatically assigned by the server to the network device.
Peer-to-peer networks (P2P)
When two or more computers are connected together to share resources without the use of a central server is termed as a peer-to-peer network. Computers in this type of network act as both server and client. Generally used in small companies as they are not expensive.
if there's no specified egress firewall rule
implied accept egress rule is applied with destination as 0.0.0.0/0
If there's no specified ingress firewall rule
implied deny ingress rule with source as 0.0.0.0/0
What Is Public IP addresses
is any valid address, or number, that can be accessed over the Internet. Internet standards groups, such as the Network Information Center (NIC) or the Internet Assigned Numbers Authority (IANA), are the organizations responsible for registering IP ranges and assigning them to organizations, such as Internet Service Providers (ISPs).
