All Basic to Advance Interview Questions for TAC Engineer Networking| Top Interview Questions

byJk study weekly -
0

Top interview questions for TAC engineer Networking.



This Article gives you complete information about All Basic to Advance Interview Questions for TAC Engineer Networking. So, if you are appearing for interview at your dream company. Then this article is for you.

 

 What is ARP?

Ans: ARP stands for Address Resolution Protocol and is used to resolve MAC address for the know IP address. ARP is a two-step process -request and response process.

  1. The device needs to send data to a destination device on the network but only knows the destination's IP address.
  2. The sending device checks its ARP cache to see if it already has the physical (MAC) address of the destination device.
  3. If the MAC address is not in the ARP cache, the sending device sends an ARP broadcast message on the network requesting the MAC address for the destination device's IP address.
  4. All the nodes on the network receive this broadcast message, but only the node with the similar IP address responds to the request with its physical address.
  5. The sending device receives the response from the destination device and updates its ARP cache with the MAC address of the destination device.
  6. The sending device can now use the MAC address to send data directly to the destination device on the same network.

This process is repeated for each new destination device that the sending device wants to communicate with on the network. The ARP cache is updated periodically to remove stale entries and ensure that the device has the most up-to-date mapping of IP addresses to MAC addresses.

2)   In an ARP request, what is the value of the Target MAC address in Arp header?

Ans:  It can be empty or filled with “00:00:00:00:00:00”.

         However at L2, the destination address is broadcast.

 


3)   In a Gratuitous ARP, what is the value of the Target MAC address in the Arp header?

Ans:  Gratuitous ARP is broadcast at both ARP and at L2. So value is FF:FF:FF:FF:FF:FF.


4)  How does the Traceroute protocol work?

Traceroute is a command-line tool that allows you to trace the path that data packets take from your computer to a specific destination, such as a website or server. Traceroute works by sending out a series of Internet Control Message Protocol (ICMP) packets, each with a different Time-To-Live (TTL) value.

When a packet is sent out with a TTL value of 1, it is sent to the first router on the path to the destination. This router decrements the TTL value by 1 and sends the packet to the next router. The process continues until the packet reaches its destination or until the TTL value reaches 0. When the TTL value reaches 0, the router discards the packet and sends an ICMP Time Exceeded message back to the sender.

Traceroute displays the IP addresses of each router in the path and the time it takes for each router to respond. This allows you to see the path that your data takes to reach the destination, as well as any delays or network congestion along the way.

Traceroute can be useful for diagnosing network connectivity issues and identifying the location of any network problems. However, it is important to note that not all routers on the path may respond to ICMP packets, and some networks may block ICMP traffic altogether, which can affect the accuracy of the traceroute results.


Top selling book on CCNA

5) How does the Ping work ?

Ans: Ping is a commonly used networking utility that allows you to test the connectivity between two devices on a network. The ping command sends a small packet of data to a destination IP address and waits for a response. The response time and other information can help you determine whether the destination device is reachable, and can provide insight into the health and performance of the network.

The ping works as follow:

  1. The ping command sends an ICMP (Internet Control Message Protocol) echo request packet to the destination IP address.
  2. The destination device receives the packet and checks its IP address to see if it matches its own.
  3. If the destination device's IP address matches the destination IP address in the packet, it sends an ICMP echo reply packet back to the source device.
  4. The source device receives the echo reply packet and measures the round-trip time (RTT) from when the echo request was sent to when the echo reply was received.
  5. The source device displays the results of the ping command, including the number of packets sent and received, the RTT, and other statistics.

The ping command can be used to test the connectivity between any two devices on a network, including between a computer and a server, or between two routers. It is a useful tool for troubleshooting network problems and verifying network performance.

 

6) How is the SSL certificate verified by Browser ?

Ans: When a web browser connects to a website that has an SSL/TLS certificate, the following steps are taken to verify the SSL/TLS certificate:

  1. The browser checks whether the SSL/TLS certificate has expired or not. If it has expired, the browser will display a warning message.
  2. The browser checks whether the SSL/TLS certificate has been issued by a trusted certificate authority (CA). If the SSL/TLS certificate is not trusted, the browser will display a warning message.
  3. The browser checks whether the domain name in the SSL/TLS certificate matches the domain name of the website that is being visited. If the domain names do not match, the browser will display a warning message.
  4. The browser checks whether the SSL/TLS certificate has been revoked. If the SSL/TLS certificate has been revoked, the browser will display a warning message.

If all the above checks pass, the browser will establish a secure connection with the website using SSL/TLS. The SSL/TLS connection ensures that all data transmitted between the browser and the website is encrypted and secure.

We also have OCSP protocol to verify CRL.

OCSP (Online Certificate Status Protocol) is a protocol used to verify the revocation status of an SSL/TLS certificate. When a browser connects to a website with an SSL/TLS certificate, the browser may perform an OCSP check to determine whether the certificate has been revoked.

An OCSP check involves the following steps:

  1. The browser sends a request to the certificate authority (CA) server to check the revocation status of the certificate.
  2. The CA server responds to the request with a status message indicating whether the certificate is valid, revoked, or unknown.
  3. The browser receives the response and checks the status of the certificate. If the certificate is revoked, the browser will display a warning message to the user.

OCSP checks can improve the security of SSL/TLS connections because they ensure that certificates that have been compromised or revoked are not accepted by the browser. However, OCSP checks can also slow down the connection process, especially if the CA server is slow to respond or the network connection is slow. Therefore, some browsers may use a technique called OCSP stapling to speed up the OCSP check process by caching the response from the CA server.

7) Explain the DORA process?

Ans:  The DHCP DORA process is a series of steps that a device goes through to obtain an IP address from a DHCP server.

The DORA process involves following steps:

  1. Discovery:

       The device (let's say it's a computer) boots up and sends a broadcast message on the network asking for any DHCP servers to respond. This message is called a DHCPDISCOVER message.

       The DHCPDISCOVER message contains the MAC address of the computer, which is a unique identifier for the device.

 

  1. Offer:

       When a DHCP server receives a Discover packet, it responds with a DHCP Offer packet. This packet contains an available IP address that the DHCP server can assign to the device, as well as other network configuration parameters such as the subnet mask, default gateway, and DNS server addresses. If there are multiple DHCP servers on the network, the device will receive multiple DHCP Offer packets from each server.

  1. Request:

       The computer receives one or more DHCPOFFER messages from different DHCP servers (if there are multiple servers on the network).

       The computer chooses an IP address from one of the DHCPOFFER messages and sends a DHCPREQUEST message to the DHCP server that made the offer. This message requests that specific IP address.

       The DHCPREQUEST message also contains the MAC address of the computer and the IP address that it's requesting.

  1. Acknowledgment:

       After the DHCP request message, the DHCP server sends an ACK message.

       If the IP address is available, the DHCP server sends a DHCPACK message to the computer. This message acknowledges that the computer can use the requested IP address and also provides information about other network settings, like the subnet mask and default gateway.

       The DHCPACK message also contains the lease time, which tells the computer how long it can use the IP address before it needs to renew the lease.


8) What are other DHCP messages?

Ans: 1)  DHCP Nack: A DHCP Nack (Negative Acknowledgment) message is a message sent by a DHCP server to a DHCP client to indicate that the client's DHCPREQUEST message has been denied and that the client must begin the DHCP DORA process again from the beginning.

The DHCP Nack message is used to inform the client that the requested IP address is no longer available or that the request itself is invalid for some reason. The client must then start the DHCP DORA process again to obtain a new IP address.

Here are a few common reasons why a DHCP server might send a DHCP Nack message:

       The requested IP address is already in use by another device on the network

       The requested IP address is outside the DHCP server's configured range of available addresses

       The client's DHCPREQUEST message contains invalid or incomplete information

When a DHCP client receives a DHCP Nack message, it should discard the IP address it was attempting to obtain and restart the DHCP DORA process by sending a new DHCPDISCOVER message.

 

2) DHCP DECLINE: A DHCP DECLINE message is a message sent by a DHCP client to a DHCP server to indicate that the IP address offered by the server is already in use or invalid for some other reason.

When a client receives a DHCPOFFER message from a DHCP server, it checks whether the offered IP address is already in use on the network. If it is, the client sends a DHCP DECLINE message to the server to reject the offer.

Here's how the DHCP DECLINE message works:

  1. Offer:

       The DHCP server sends a DHCPOFFER message to the client, offering an IP address.

  1. Decline:

       The client receives the DHCPOFFER message and checks whether the offered IP address is already in use on the network.

       If the offered IP address is already in use, the client sends a DHCP DECLINE message to the server to reject the offer.

       The DHCP DECLINE message includes the MAC address of the device and the IP address that was offered, indicating that the address is already in use or invalid for some other reason.

  1. Offer again:

       If the server receives a DHCP DECLINE message, it can choose to offer a different IP address to the client or take some other action, such as logging the event.

The DHCP DECLINE message helps to prevent IP address conflicts on the network by ensuring that a client does not attempt to use an IP address that is already in use.

 

3) DHCP Release: A DHCP release message is sent by a DHCP client to inform the DHCP server that it no longer needs the IP address and other configuration parameters that were assigned to it. There are several reasons why a client might send a DHCP release message, including:

  1. The client no longer needs the assigned IP address: This is the most common reason why a client sends a DHCP release message. For example, if a laptop is being shut down, it no longer needs the IP address it was assigned by the DHCP server.
  2. The client is moving to a different network: If a client is moving to a different network, it will need to obtain a new IP address that is valid for the new network. In this case, the client would send a DHCP release message to release the IP address it obtained from the previous network.
  3. The lease duration has expired: When a DHCP server assigns an IP address to a client, it does so for a specific duration of time (known as the lease duration). If the lease duration expires and the client hasn't renewed it, the client will send a DHCP release message to release the IP address.
  4. The client is experiencing network connectivity issues: In some cases, a client may experience network connectivity issues that prevent it from using the assigned IP address. In this case, the client may send a DHCP release message to release the IP address and try to obtain a new one.

4) DHCP inform: A DHCP inform message is a type of DHCP message that is used by a DHCP client to request additional configuration parameters from a DHCP server. Unlike a DHCP request message, which is used to request an IP address assignment, a DHCP inform message is used to request additional configuration parameters such as DNS server addresses, time servers, and other network settings.

Here's an example of a DHCP inform message:

Source IP address: 0.0.0.0 (this indicates that the message is being sent by the client)

Destination IP address: 255.255.255.255 (this indicates that the message is being sent to all DHCP servers on the network)

DHCP message type: Inform

Transaction ID: 0x4D4F4152

Client MAC address: 00:11:22:33:44:55 (the MAC address of the client's network interface)

Options:

       DHCP Message Type: Inform

       Parameter Request List: DNS servers, Time servers, NetBIOS name servers, etc..

 

9) Explain DHCP states?

Ans: The DHCP client might progress through the following states in order to obtain an IP address :

  1. Init: The DHCP client boots up and initializes its network interface. It sends a broadcast message to discover any available DHCP servers on the network.
  2. Selecting: The DHCP client receives multiple offers from DHCP servers on the network. It chooses one of the offers based on the options provided, such as the length of the lease and the available network settings.
  3. Requesting: The DHCP client sends a request message to the selected DHCP server, requesting the offered IP address assignment.
  4. Bound: The DHCP server sends an acknowledgment message to the DHCP client, assigning it the offered IP address and any additional network settings.
  5. Renewing: As the DHCP lease period approaches its expiration time, the DHCP client sends a request message to the DHCP server, requesting to renew its IP address lease.
  6. Rebinding: If the DHCP client is unable to renew its lease with the original DHCP server, it enters the rebinding state and sends a request message to any available DHCP server on the network, requesting to renew its IP address lease.

After the rebinding state, the DHCP client returns to the Init state and begins the process again in order to obtain a new IP address lease.

 

10) DHCP process in different Networks (Relay agent)?

Ans: In a network environment where there are multiple subnets or VLANs, DHCP relay agents are often used to forward DHCP messages between DHCP clients and DHCP servers that are not on the same subnet or VLAN. Here's how DHCP works in a relay agent environment:

  1. A DHCP client broadcasts a DHCP request message to obtain an IP address assignment.
  2. The DHCP relay agent, which is typically a router, intercepts the broadcast message and forwards it to the DHCP server. The relay agent also adds its own IP address to the message as the source IP address.
  3. The DHCP server receives the request message from the relay agent and assigns an IP address to the client.
  4. The DHCP server sends a DHCP reply message to the relay agent, which includes the assigned IP address and any additional network configuration information.
  5. The DHCP relay agent receives the reply message from the DHCP server and forwards it to the DHCP client.
  6. The DHCP client receives the reply message and configures its network interface with the assigned IP address and any other network configuration information.

In a DHCP relay agent environment, there are some additional considerations to keep in mind. For example, the DHCP relay agent must be configured with the IP address of at least one DHCP server on the network. Additionally, the DHCP relay agent may be configured to filter certain types of DHCP messages or to add certain options to DHCP messages that it forwards to the DHCP server. These options can include information such as the relay agent's IP address, the subnet ID of the client, or other network configuration information.

11) What will happen when we type www.irenicpoint.com?

Ans: The user types  www.irenicpoint.com" in their browser's address bar and presses Enter.

  1. The browser checks its own cache to see if it has a recent DNS record for "www.irenicpoint.com". If it doesn't, it sends a DNS query to the local DNS resolver.
  2. The local DNS resolver checks its cache to see if it has a recent DNS record for "www.irenicpoint.com". If it doesn't, it sends a recursive DNS query to the root DNS server.
  3. The root DNS server replies with a referral to the Top Level Domain (TLD) DNS server responsible for the ".com" TLD.
  4. The local DNS resolver sends a recursive DNS query to the ".com" TLD DNS server.
  5. The ".com" TLD DNS server replies with a referral to the DNS server responsible for the "irenicpoint.com" domain.
  6. The local DNS resolver sends a recursive DNS query to the DNS server responsible for the "irenicpoint.com" domain.
  7. The "irenicpoint.com" DNS server looks up the DNS record for "www.irenicpoint.com" and sends the DNS response back to the local DNS resolver.
  8. The local DNS resolver caches the DNS record for "www.irenicpoint.com" and sends it back to the browser.
  9. The browser uses the IP address in the DNS record to establish a TCP connection to the web server hosting the " www.irenicpoint.com" website and requests the webpage.
  10. Once the browser knows the IP address of the server, it establishes a TCP (Transmission Control Protocol) connection to the server using the IP address and the designated port number..
  11. If the connection is successful, the browser sends an HTTP request to the server for the requested webpage. The request includes information such as the method (e.g. GET, POST), headers, and the URL path.
  12. The server receives the request and processes it. It may generate the requested webpage dynamically, or retrieve it from a cache or a database.
  13. The server sends an HTTP response to the browser, including the requested webpage and response headers. The response may also include other types of data, such as images, videos, or scripts.
  14. The browser receives the response and parses the HTML code to render the webpage. It may also download other resources referenced by the HTML code, such as images, style sheets, or scripts.
  15. The browser displays the rendered webpage to the user.

12) Iterative vs. Recursive DNS query.

Ans: In the context of DNS (Domain Name System), iterative and recursive queries refer to the way in which a DNS resolver interacts with DNS servers to resolve a domain name to an IP address.

A recursive DNS query is a query where the DNS resolver sends a query to a DNS server and asks that server to provide the best possible answer to the query. If the server doesn't have the answer, it will then forward the query to another DNS server and so on until the answer is found or an error is returned. The DNS resolver waits for a response from the DNS server before proceeding with the query.

In contrast, an iterative DNS query is a query where the DNS resolver sends a query to a DNS server and asks for the best possible answer that the server can provide based on its own cached data or authoritative information. If the server doesn't have the answer, it will provide a referral to another DNS server that may have more information about the domain name. The DNS resolver then sends a query to the next server and repeats this process until the answer is found or an error is returned. The DNS resolver does not wait for a response from the DNS server before proceeding with the query.

Overall, recursive queries are used when a DNS resolver needs to resolve a domain name it doesn't have cached, while iterative queries are used to optimize the DNS resolution process by minimizing the number of DNS servers contacted and the time taken to resolve a domain name.

13) Explain DNS Zone transfer?

Ans:  DNS zone transfer is a process of replicating a DNS zone file from a primary DNS server to one or more secondary DNS servers. Zone transfer is used to ensure that all DNS servers hosting a zone have an up-to-date copy of the zone's resource records (RRs), which include information about domain names and IP addresses.

The process of zone transfer involves two types of DNS servers - a primary DNS server and one or more secondary DNS servers. The primary DNS server is the authoritative server for the zone and contains the original copy of the zone file. The secondary DNS servers are slave servers that obtain a copy of the zone file from the primary server.

Here is an example of how zone transfer works:

  1. The primary DNS server for a domain name, let's say irenicpoint.com, has a zone file that contains the domain's resource records (RRs).
  2. A secondary DNS server for irenicpoint.com requests a zone transfer from the primary server.
  3. The primary server responds with a list of all the RRs for the irenicpoint.com domain, as well as information about the serial number of the zone file.
  4. The secondary server then compares the serial number of the zone file with the serial number of its own cached copy of the zone file.
  5. If the serial number of the zone file on the primary server is greater than the serial number of the cached zone file on the secondary server, then the secondary server initiates a zone transfer and downloads the updated zone file from the primary server.
  6. The secondary server updates its own zone file with the new RRs and serial number, and begins responding to DNS queries for the domain name.

Zone transfer can be initiated manually or automatically by the secondary DNS server at regular intervals. The DNS protocol uses TCP for zone transfer instead of the more commonly used UDP protocol used for normal DNS queries. This is because zone transfer involves a large amount of data and requires reliable data transfer.

mail us at : irenicpoint@gmail.com

 

Tags:

Post a Comment

Previous Post Next Post