Commonly asked Network Engineer Interview Questions

General Networking:
IP Routing:
1. Process Switching
2. Fast Switching
3. IP CEF
Link:
https://www.networkurge.com/2020/04/process-switching-vs-fast-switching-
vs.html#:~:text=Process%20switching%20refers%20to%20the,the%20running%20of
%20the%20process.
Internet Protocol
https://en.wikipedia.org › wiki › Internet_Protocol

The Internet Protocol (IP) is the network layer communications protocol in the Internet protocol suite
for relaying datagrams across network boundaries. Its routing function enables internetworking, and
essentially establishes the Internet.

Function
The Internet Protocol is responsible for addressing host interfaces, encapsulating data into
datagrams (including fragmentation and reassembly) and routing datagrams from a source host
interface to a destination host interface across one or more IP networks. [2] For these purposes, the
Internet Protocol defines the format of packets and
provides an addressing system.
Each datagram has two components: a header and
a payload. The IP header includes source IP address,
destination IP address, and other metadata needed to
route and deliver the datagram. The payload is the data
that is transported. This method of nesting the data
payload in a packet with a header is called
encapsulation.
Types:
There are 126 types but three and main
1- TCP
2- UDP
3- ICMP
TCP (Transmission Control Protocol)

The Transmission Control Protocol (TCP) is one of the main protocols of the Internet
protocol suite. It originated in the initial network implementation in which it
complemented the Internet Protocol (IP). Therefore, the entire suite is commonly
referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a
stream of octets (bytes) between applications running on hosts communicating via an IP
network. Major internet applications such as the World Wide Web, email, remote
administration, and file transfer rely on TCP, which is part of the Transport Layer of the
TCP/IP suite. SSL/TLS often runs on top of TCP.

Network function
The Transmission Control Protocol provides a communication service at an
intermediate level between an application program and the Internet Protocol. It provides
host-to-host connectivity at the transport layer of the Internet model. An application does
not need to know the particular mechanisms for sending data via a link to another host,
such as the required IP fragmentation to accommodate the maximum transmission unit
of the transmission medium. At the transport layer, TCP handles all handshaking and
transmission details and presents an abstraction of the network connection to the
application typically through a network socket interface.

At the lower levels of the protocol stack, due to network congestion, traffic load
balancing, or unpredictable network behavior, IP packets may be lost, duplicated, or
delivered out of order. TCP detects these problems, requests re-transmission of lost
data, rearranges out-of-order data and even helps minimize network congestion to
reduce the occurrence of the other problems. If the data still remains undelivered, the
source is notified of this failure. Once the TCP receiver has reassembled the sequence
of octets originally transmitted, it passes them to the receiving application. Thus, TCP
abstracts the application's communication from the underlying networking details.

UDP (User Datagram Protocol)

In computer networking, the User Datagram Protocol (UDP) is one of the core
communication protocols of the Internet protocol suite used to send messages
(transported as datagrams in packets) to other hosts on an Internet Protocol (IP)
network. Within an IP network, UDP does not require prior communication to set up
communication channels or data paths.

UDP uses a simple connectionless communication model with a minimum of protocol

mechanisms. UDP provides checksums for data integrity, and port numbers for
addressing different functions at the source and destination of the datagram. It has no
handshaking dialogues, and thus exposes the user's program to any unreliability of the
underlying network; there is no guarantee of delivery, ordering, or duplicate protection. If
error-correction facilities are needed at the network interface level, an application may
instead use Transmission Control Protocol (TCP) or Stream Control Transmission
Protocol (SCTP) which are designed for this purpose.

ICMP (Internet Control Message Protocol)

ICMP messages are typically used for diagnostic or control purposes or generated in
response to errors in IP operations (as specified in RFC 1122). ICMP errors are directed
to the source IP address of the originating packet.

For example, every device (such as an intermediate router) forwarding an IP datagram

first decrements the time to live (TTL) field in the IP header by one. If the resulting TTL
is 0, the packet is discarded and an ICMP time exceeded in transit message is sent to
the datagram's source address.
Many commonly used network utilities are based on ICMP messages. The traceroute
command can be implemented by transmitting IP datagrams with specially set IP TTL
header fields, and looking for ICMP time exceeded in transit and Destination
unreachable messages generated in response. The related ping utility is implemented
using the ICMP echo request and echo reply messages.

Datagram:

A datagram is a basic transfer unit associated with a packet-switched network.

Datagrams are typically structured in header and payload sections. Datagrams provide
a connectionless communication service across a packet-switched network. The
delivery, arrival time, and order of arrival of datagrams need not be guaranteed by the
network.

Time to live:

Time to live (TTL) or hop limit is a mechanism which limits the lifespan or lifetime of data
in a computer or network. TTL may be implemented as a counter or timestamp attached
to or embedded in the data.
The Time to Live is an indication of an upper bound on the lifetime of an internet
datagram. It is set by the sender of the datagram and reduced at the points along the
route where it is processed. If the time to live reaches zero before the internet datagram
reaches its destination, the internet datagram is destroyed. The time to live can be
thought of as a self destruct time limit.

Routing Table:
Default Distance Value Table

Route Source Default Distance Values

Connected interface 0

Static route 1

EIGRP summary route 5

External Border Gateway Protocol (eBGP) 20

Internal EIGRP 90

IGRP 100

OSPF 110

Intermediate System-to-Intermediate System (IS-IS) 115

Routing Information Protocol (RIP) 120

Exterior Gateway Protocol (EGP) 140

External EIGRP 170

Internal BGP 200

Routing Information Protocol (RIP)

RIP is one of the oldest distance vector routing protocols. It is usually used on small
networks because it is very simple to configure and maintain, but lacks some advanced
features of routing protocols like OSPF or EIGRP. Two versions of the protocol exists:
v1 and v2. Both versions use hop count as a metric and have the administrative
distance of 120. RIP version 2 is capable of advertising subnet masks and uses
multicast to send routing updates, while version 1 doesn’t advertise subnet masks and
uses broadcast for updates. V2 is backwards compatible with V1.

RIPv2 sends the entire routing table every 30 seconds, which can consume a lot of
bandwidth. RIPv2 uses multicast address of 224.0.0.9 to send routing updates, supports
authentication and triggered updates (updates that are sent when a change in the
network occurs).

switch(config)# router rip

switch(config-router-rip) network 10.168.1.1/24
switch(config-router-rip)# timers 60 90 150
EIGRP:
https://en.wikipedia.org/wiki/Enhanced_Interior_Gateway_Routing_Protocol

Three Routing tables

1- Neighbor Table (Neighbor Routers information)
2- Topology table (All Area routers information)
3- Routing table
 Dual Algorithm to find the best path (Primary and backup)
o Topology table keep primary and backup path information But routing
table keep only primary path information
 Less convergence time/Better timers
 Trigger Update (use hello packet to check the neighbor router) and change the
updates only
 Very flexible in Summarization
 Unequal cost load balancing
EIGRP Metric Calculation (Vector Metric – Communicated in Routing Update)
1. Bandwidth (
2. Delay
3. Reliability
4. Load
5. MTU
6. Hope Count
Composite Metric:
First 4 participate in Composite Metric
BW= 10^7 /Slowest Bandwidth in the path
Delay = Delay in Milisecond
EIGRP Tables
1- Neighbor Table (Neighbor details like IP Address + RTT)
2- Topology Table (Neighbor Table + Feasible successor)
3- Routing Table (Primary route information)
Features
 Support for Classless Inter-Domain Routing (CIDR) and variable length subnet masking.
Routes are not summarized at the classful network boundary unless auto summary is
enabled.
 Support for load balancing on parallel links between sites.
 The ability to use different authentication passwords at different times.
 MD5 and SHA-2 authentication between two routers.
 Sends topology changes, rather than sending the entire routing table when a route is
changed.
 Periodically checks if a route is available, and propagates routing changes to
neighboring routers if any changes have occurred.
 Runs separate routing processes for Internet Protocol (IP), IPv6, IPX and AppleTalk,
through the use of protocol-dependent modules (PDMs).
 Backwards compatibility with the IGRP routing protocols.

Router# configure terminal

Router(config)# router eigrp 1
Router (config-router)# network 10.201.96.0 0.0.15.255
Router (config-router)# no auto-summary
Router (config-router)# exit
OSPF:
https://en.wikipedia.org/wiki/Open_Shortest_Path_First
OSPF
Link State Protocol
Three Routing tables
1. Neighbor Table (Neighbor Routers information)
2. Topology table (All Area routers information)
3. Routing table
It use shortest path first algorithm and it do trigger update(after every 30 sec - when
changes happened then only will send the updates)
All Areas has to connected with Area 0(Backbone) area.
OSPF Cost 110
OSPF Router Types:
Four Types of OSPF Routers
The four types of OSPF routers are described in general in the sections below.
1. Backbone Routers
Backbone route all interface will be in the backbone area if it’s any interface is in
another area then it called ABR.
OR
A backbone router has an interface to the backbone area. Backbone routers may also
be area routers, but do not have to be.
2. Routers for internal use: Internal routers
Internal routers are routers that belong to the same OSPF region as their directly
connected networks. Because they belong to only one area, these routers have a single
link-state database.
Or
An internal router has all its interfaces belonging to the same area.
3. Area Borders Routers
 Because ABRs are linked to various OSPF areas, a network can have several ABRs.
Between an OSPF autonomous system and a non-OSPF network is a router. Routing
information is redistributed between networks using this protocol.
Must locate in a non-stub location. Also, when OSPF reroutes traffic from other routing
protocols, such as static routes, a router becomes an ASBR, and it can exist in a pure
OSPF network.
Or
An area border router is a router that connects one or more areas to the main backbone
network. It is considered a member of all areas it is connected to. An ABR keeps
multiple instances of the link-state database in memory, one for each area to which that
router is connected
4. Autonomous Systems Boundary Routers
An ASBR is a router that attaches to more than one routing protocol and exchanges
routing information between them.
OR
ASBRs are connected to many ASs and communicate with routers in other ASs to
exchange routing information. The transferred external routing information is advertised
by ASBRs throughout their AS. Every router in an AS understands how to reach each
ASBR using its AS. OSPF and other routing protocols, such as RIP or BGP, are both
used by ASBRs. ASBRs must be located in an OSPF area that is not stubbed.
The redistribution command is frequently used on Cisco routers to connect two routing
protocols. BGP can also be used to connect several autonomous systems. External
routes are dealt with by ASBRs. The redistribute static or redistribute connected
commands within the OSPF routing process is one approach to configure or activate an
ASBR in OSPF.
LSA Types
 LSA Type 1: OSPF Router LSA
 LSA Type 2: OSPF Network LSA
 LSA Type 3: OSPF Summary LSA
 LSA Type 4: OSPF ASBR Summary LSA
 LSA Type 5: OSPF ASBR External LSA
 LSA Type 6: OSPF Group Membership LSA
 LSA Type 7: OSPF Not So Stubby Area (NSSA) External LSA
 LSA Type 8: OSPF External Attributes LSA (OSPFv2) / Link Local LSA (OSPFv3)
 LSA Type 9: OSPF Link Scope Opaque (OSPFv2) / Intra Area Prefix LSA (OSPFv3)
 LSA Type 10: OSPF Area Scope Opaque LSA
 LSA Type 11:OSPF AS (Autonomous System) Scope Opaque LSA
The LSA payload varies in size according to the LSA type and the information it includes. The diagram
below clearly shows how LSAs are contained within LSUs:

As mentioned, OSPF currently supports 11 types of LSAs. Each LSA is used within specific boundaries of
an OSPF network.

LSA TYPE 1 – OSPF ROUTER LSA

LSA Type 1 (Router LSA) packets are sent between routers within the same area of origin and do not
leave the area. An OSPF router uses LSA Type 1 packets to describe its own interfaces but also carries
information about its neighbors to adjacent routers in the same area.

Figure 2. LSA Type 1 Packets exchanged between OSPF routers within the same area

LSA TYPE 2 – OSPF NETWORK LSA

LSA Type 2 (Network LSA) packets are generated by the Designated Router (DR) to describe all
routers connected to its segment directly. LSA Type 2 packets are flooded between neighbors in the
same area of origin and remain within that area.
 Figure 3. LSA Type 2 Packets exchanged between OSPF DR and neighbor routers

LSA TYPE 3 – OSPF SUMMARY LSA

LSA Type 3 (Summary LSA) packets are generated by Area Border Routers (ABR) to summarize its
directly connected area, and advertise inter-area router information to other areas the ABR is connected
to, with the use of a summary prefix (e.g 192.168.0.0/22). LSA Type 3 packets are flooded to multiple
areas throughout the network and help with OSPF’s scalability with the use of summary prefixes.

Figure 4. LSA Type 3 - An OSPF ABR router advertises the summarized route 192.168.2.0/24 to Area 0

Looking at the diagram above, ABR router R2 creates a Type 3 Summary LSA and floods it into Area 0.
In a similar way, ABR router R3 creates a Type 3 Summary LSA and floods it into Area 2. Type 3
Summary LSAs appear as O IA entries in the router routing table.

LSA TYPE 4 – OSPF ASBR SUMMARY LSA

LSA Type 4 (ASBR Summary LSA) packets are the LSAs that advertise the presence of
an Autonomous System Border Router (ASBR) to other areas. In the example below when R2 (ABR)
receives the LSA Type 1 packet from R1 it will create a LSA Type 4 (Summary ASBR LSA) packet,
which advertises the ASBR route received from Area 1, and inject it into Area 0.
 Figure 5. LSA Type 4 packets injected into Area 0 & 2 by the R2 ABR and R3 ABR

While LSA Type 4 packets are used by ABRs to advertise the ASBR route through their areas, it will not
be used by the ASBR itself within its local area (Area 1); ASBR uses LSA Type 1 to inform its neighbors
(R2 in this case) within its networks.

LSA TYPE 5 – OSPF ASBR EXTERNAL LSA

LSA Type 5 (ASBR External LSA) packets are generated by the ASBR to advertise external
redistributed routes into the OSPF’s AS. A typical example of an LSA Type 5 would be an external
prefix e.g 192.168.10.0/24 or default route (internet) as shown below:

Figure 6. LSA Type 5 packets advertise the default route to all OSPF routers

This external route/prefix is redistributed in to the OSPF network by the ASBR (R1) and seen as O
E1 or E2 entries in other OSPF routers routing tables.

LSA TYPE 6 – OSPF GROUP MEMBERSHIP LSA

LSA Type 6 (Group Membership LSA) packets were designed for Multicast OSPF (MOSPF), a protocol
that supports multicast routing through OSPF. MOSPF is not supported by Cisco and is not widely used
and is expected to be retired soon.

LSA TYPE 7 – OSPF NOT SO STUBBY AREA (NSSA)

EXTERNAL LSA
LSA Type 7 (NSSA External LSA) packets are used for some special area types that do not allow
external distributed routes to go through and thus block LSA Type 5 packets from flooding through
them, LSA Type 7 packets act as a mask for LSA Type 5 packets to allow them to move through these
special areas and reach the ABR that is able to translate LSA Type 7 packets back to LSA Type
5 packets.

Figure 7. LSA Type 7 packets passing through an NSSA and being transformed into LSA Type 5 by the
ABR

In the above example, ABR R2 translates LSA Type 7 into a LSA Type 5 and floods it into the OSPF
network.

LSA TYPE 8 - OSPF EXTERNAL ATTRIBUTES LSA (OSPFV2) /

LINK LOCAL LSA (OSPFV3)
LSA Type 8 packets (External Attributes LSA -OSPFv2-/ Link Local LSA -OSPFv3-) in OSPFv2 (IPv4)
are called External Attribute LSAs, and are used to transit BGP attributes through an OSPF network
while BGP destinations are conveyed via LSA Type 5 packets, however, this feature isn’t supported by
most routers. With OSPFv3 IPv6), LSA Type 8 is redefined to carry IPv6 information through OSPF
network.

LSA TYPE 9, 10 & 11

Generally Opaque LSAs (LSA Type 9, 10 & 11) are used to extend the capabilities of OSPF allowing the
protocol to carry information OSPF doesn’t necessarily care about. Practical application of Opaque
LSAs is in MPLS traffic engineering where they are used to communicate interface parameters such as
maximum bandwidth, unreserved bandwidth, etc. Following is a short analysis of each of the three
Opaque LSAs.

LSA TYPE 9 – OSPF LINK SCOPE OPAQUE (OSPFV2) / INTRA

AREA PREFIX LSA (OSPFV3)
LSA Type 9 in OSPFv2 (IPv4) is defined as a Link Scope Opaque LSA for carrying OSPF information.
For OSPFv3 it’s redefined to handle a communication prefix for a special area type called Stub Area.
LSA TYPE 10 – OSPF AREA SCOPE OPAQUE LSA
LSA Type 10 packets are used to flood OSPF information through other area routers even if these
routers do not process this information in order to extend OSPF functionality, this LSA is used for traffic
engineering to advertise MPLS and other protocols.

LSA TYPE 11 – OSPF AS SCOPE OPAQUE LSA

LSA Type 11 packets serve the same purpose as LSA Type 10 packets but are not flooded into special
area types (Stub areas).

OSPF Area Type

Backbone area,
The backbone area (also known as area 0 or area 0.0.0.0) forms the core of an OSPF
network. All other areas are connected to it, either directly or through other routers.
OSPF requires this to prevent routing loops.[17] Inter-area routing happens via routers
connected to the backbone area and to their own associated areas. It is the logical and
physical structure for the 'OSPF domain' and is attached to all nonzero areas in the
OSPF domain. In OSPF the term autonomous system boundary router (ASBR) is
historic, in the sense that many OSPF domains can coexist in the same Internet-visible
autonomous system, RFC 1996.[18][19]
All OSPF areas must connect to the backbone area. This connection, however, can be
through a virtual link. For example, assume area 0.0.0.1 has a physical connection to
area 0.0.0.0. Further assume that area 0.0.0.2 has no direct connection to the
backbone, but this area does have a connection to area 0.0.0.1. Area 0.0.0.2 can use a
virtual link through the transit area 0.0.0.1 to reach the backbone. To be a transit area,
an area has to have the transit attribute, so it cannot be stubby in any way.
This also means that all other areas must be connected to area 0. This area supports 1,
2, 3, 4, and 5 LSAs.

Standard area / Regular area

A regular area is just a non-backbone (nonzero) area

without specific feature, generating and receiving
summary and external LSAs. The backbone area is a
special type of such area.
This area supports 1, 2, 3, 4, and 5 LSAs.

Stub area, also called stub area, the so-called stub area, means that the area does not
accept any external routes of non-OSPF network, if it wants to reach those external
routes, only Need to send it through the default route. This area supports 1, 2, and 3
LSAs.
Totally stubby area, it means that the area does not accept external routes and does
not accept the link information of other areas outside of their own area. If it wants to
reach the target network outside the area, it will send out the message through the
default route just like the stub area. It should be noted here that since the default route
is sent using Type 3 LSAs, the completely stub area does not allow ordinary Type 3
LSA packets, but it supports this type of LSA with default routes. This area supports
Type 1, Type 2 LSAs, and Type 3 LSAs with default routes.
No so stubby area, is usually referred to as the NSSA, this NSSA is actually derived
from the stub area, it means that in the case of a stub area, it also has to send external
routes to other areas ability. This area supports 1, 2, 3, and 7 LSAs. Note here that
there is another mode in the Totally stubby area zone, which is the NSSA of the
completely stub area mode. In fact, this mode allows the introduction of external routes
in a completely stub area environment. This area mode supports Class 1, Type 2 LSAs,
and Class 3 LSAs with default routes.

OSPFv2 vs OSPFv3: Detailed Comparison

https://ipwithease.com/ospfv2-vs-ospfv3/#:~:text=Differences%20between%20OSPFv1%20%26%20OSPFv2,routed
%20protocol%20version%20i.e.%20IPv6.&text=OSPF%20Instances%3A%20OSPFv2%20doesn't,multiples
%20OSPF%20instances%20per%20interface.

IP version: As discussed earlier, OSPFv2 supports IPv4 routed protocol whereas OSPFv3
supports the latest routed protocol version i.e. IPv6.

Multicast Address: OSPFv2 supports multicast addresses 224.0.0.5 and 224.0.0.6. On the
other hand, OSPFv3 supports multicast address FF02::5 and FF02::6

OSPF Instances: OSPFv2 doesn’t support multiples OSPF instances per interface,
whereas, OSPFv3 supports multiples OSPF instances per interface.

Authentication: OSPFv2 supports plain text and MD5 authentication. On the other hand,
OSPF v3 supports IPv6 authentication.

Subnets/Links: OSPFv2 runs on the network/subnets, whereas OSPFv3 runs on the links.
So, the adjacency is established over link local addresses in OSPFv3 and there is no
requirement of a network mask.
IP Unicast Routing: IPv4 unicast routing is enabled by default in OSPFv2. However, in
OSPFv3, The IPv6 Unicast routing has to be enabled using “IP Unicast-routing” global
configuration command, as it is not enable by default.

Flooding Scope: There is no flooding scope in OSPFv2. But flooding scope is present in
OSPFv3. The two bits of LSA called “S- bits” indicate flooding scope.

Header Size: The header size of OSPFv2 is 24 bytes. and that of OSPFv3 is 16 Bytes.

LSA Types: In addition to basic 7 LSA types present in OSPFv2, OSPFv3 has two more
LSA types. There is a variation in the name of LSA types 3 and 4 (shown in table below).
The two new LSA types are called “Link LSA” and “Intra-Area Prefix LSA”. The role of
“Link LSA” is to notify link-local addresses, as it is in link-local scope, so it is never
flooded. The role of “Intra-Area

Prefix” LSA is to advertise IPv6 prefixes.

Comparison Table: OSPFV2 vs OSPFV3

Following table lists the main differences between OSPFv2 and OSPFv3:
BGP:
What is SNMP?
SNMP (Simple Network Management Protocol) is the most widely used protocol for network
monitoring. SNMP was designed to collect and exchange information about network devices. It
does this by monitoring various parameters such as memory, CPU usage, storage usage, and
temperature. SNMP is often used because of its advanced capability of collecting bandwidth
and network traffic usage.
What is NetFlow?
NetFlow was originally designed by Cisco as a proprietary network protocol for collecting IP
information and monitoring network traffic. The main objectives of NetFlow are to:
• Monitor traffic and bandwidth usage
• Analyze applications and their impact on networks
• Detect and troubleshoot poor network performance
• Detect unauthorized LAN and WLAN traffic
• Protect networks from cyber attacks

NetFlow allows devices to analyze IP traffic and how it affects network availability and
performance. It uses QoS (Quality of Service) functions to optimize resource usage and
minimize latency and packet loss. NetFlow can also be used to control network resources by
giving higher priority to specific types of data and protocols used by your network.
https://network-king.net/netflow-vs-snmp-for-network-monitoring/

Switching
1 - Switch port configuration
2 - Vlan and Trunk
3 - VTP and VTP pruning

VTP
VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you
configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the
domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-
proprietary protocol that is available on most of the Cisco Catalyst series products.

VTP Pruning
VTP Pruning is the key element of VTP (VLAN Turning Protocol). It help improves
network performance and network bandwidth by decreasing unnecessary flooded
traffic i.e. broadcast, multicast, unknown and flooded unicast packets. In normal
operation, a switch needs to flood broadcast frames, multicast frames, or unicast
frames where the destination MAC address is unknown to all its ports. If the
neighboring switch doesn’t have any active ports in the source VLAN, this broadcast is
needless and excessive undesirable traffic may create problems on the network.
Related- VTP Interview Questions
This is disabled by default in Cisco switches. VTP pruning Cisco helps to send broadcasts
only to those trunk links that actually needs the information i.e. with VTP pruning
enabled, when the destination MAC address is unknown, frames are forwarded over a
trunk link only if the switch on the receiving end of the trunk link has ports in the
source VLAN pruning. It should only be enabled on VTP servers, all the clients in the
VTP domain will automatically enable VTP pruning. VLAN 1 can’t be pruned because it’s
an administrative VLAN

4 - Aggregating links
5 - STP
6 - RSTP and MST
7 - Inter Vlan Routing
8 - Cisco Express Forwarding
9- Campus Network Design
10 – HSRP
11 - VVRP
12- GLBP
13 - Cisco 6500 Supervisor Redundancy
14 - Campus services IP Telephony
15 - Campus Wireless Network
16 - Layer 2 Security Port security, 802.1X , DHCP Snooping
17 - IP Source Guard, DAI, ARP Inspection
18 - Switch security
19 - VACL
20 - Private Vlan

21- Cisco Stack-Wise, VSS, and VPC

1)VSS:
VSS can be done with 4500 or 6500 series. It supports only two chassis and it uses 10GE
interfaces and can be geographically separated.
2)Stackwise:
This is the Proprietary cabling mechanism and is limited to distance. The advantage of
Stackwise over VSS is that you can add/stack around 9 devices at one go. Were as you can’t
do the same with VSS. Another advantage is that if stacking device does not require any
configuration only that the device needs to be supported.
3)VPC: -
It is Nexus specific technology and you cant configure this with other catalyst switches.

Comparison between Catalyst and nexus switches:

DC Switches Intro Nexus 7000 Chassis
and Supervisors

1. Difference between ARP and RARP

2. DNS , DHCP, DNS SEC Kingkong
3. What is RFC 1918?
4. What is DHCP relay Agent?
5. What is Proxy ARP?
6. What is ICMP?
7. What is anonymous FTP and why would you use it?
8. What is a pseudo tty?
9. What is REX?
10. What does the Mount protocol do ?
11. What is External Data Representation?
12. What is the Network Time Protocol?
13. What is a DNS resource record?
14. What protocol is used by DNS name servers?
15. If your network card got an IP address automatically in the range of
169.254.0.0 to 169.254.255.255then what does this means?
16. What is Kerberos?
17. What is a Multi-homed Host?
18. What is virtual channel?
19. What is logical link control?
20. Why should you care about the OSI Reference Model?
21. What is MAU?
22. What is the difference between TFTP and FTP application layer
protocols?
23. What is Bandwidth?
24. Difference between bit rate and baud rate?
25. What is attenuation?
26. What is cladding?
27. What is RAID?
28. What is NETBIOS and NETBEUI?
29. What is redirector?
30. What is fragmentation of a packet ?
31. What is MTU of a link ?
32. Name any field of IP header that can prevent a packet to loop
infinitely?
33. Under what situations a packet can go into infinite loop in a network ?
34. Describe a 3-way TCP/IP Handshake.
35. What is the difference between layer 2 and layer 3 in the OSI model?
36. What are the data units at different layers of the TCP / IP protocol
suite?
37. What is the difference between TCP and UDP?
38. How do you distinguish a DNS problem from a network problem?
39. What are a runt, Giant, and collision?
40. What is a VPN?
WWW.URDUITACADEMY.COM
41. Describe a TCP connection sequence
42. Describe the steps between client and DHCP server when it ask for ip
address from it.
43. What is Mail Gateway?
44. What is wide-mouth frog?
45. What are Digrams and Trigrams?
46. What is silly window syndrome?
47. What is region?
48. What is NVT (Network Virtual Terminal)?
49. What is the range of addresses in the classes of internet addresses?
50. What is the minimum and maximum length of the header in the TCP
segment and IP datagram?
51. What is Project 802?
52. What is Bandwidth?
53. What is traffic shaping?
54. What is packet filter?
55. What is MAU?
56. Difference between bit rate and baud rate?
57. Name any field of IP header that can prevent a packet to loop infinitely
?
58. Under what situations a packet can go into infinite loop in a network ?
59. What is the meaning of FTP and TFTP application layer protocols?
Subnetting Questions:
1. Subnetting ( Examples )
2. What is Supernetting
3. What is wild card mask
Cisco Hardware Related Questions:
1. Cisco Boot process?
2. Cisco 3750 Switch is not showing routing table?
3. What is config register and what you do with it in router?
Routing Protocols Questions:
1. What is the Administrative distance of OSPF, RIP and other routing
protocols?
2. What is a default route?
3. Split horizon in RIP?
4. How OSPF calculate cost?
5. What algorithm is used by OSPF if equal cost routes exist
6. If the hello timers of EIGRP are different between two routers then will
it form a neighbor adjacency?
7. Difference between OSPF LSA type 4 and 5 ?
8. What is BGP synchronization Rule?
9. IP SLA , where it is needed ?
10.Difference between Confederation and Route Reflector ?
WWW.URDUITACADEMY.COM
11.If the hello timers of EIGRP are different between two routers then will
it form a neighbor adjacency?
12.Difference between OSPF LSA type 4 and 5 ?
13.What is BGP synchronization Rule?
14.Does iBGP change routes attribute?
15.What is the HELLO protocol used for?
16.What is RIP (Routing Information Protocol)?
17.What is SLIP (Serial Line Interface Protocol)?
18.What is OSPF?
19.What is BGP (Border Gateway Protocol)?
20.What is autonomous system?
21.What is EGP (Exterior Gateway Protocol)?
22.What is IGP (Interior Gateway Protocol)?
23.What is multicast routing?
24.In EIGRP, what is a Stuck in Active route?
25.What are the advantages and disadvantages of the three types of
routing tables?
26.What is source route?
27.What is the difference between NAT and PAT
28.Know about IPV6 and how it is written and how many bits
29.What is HSRP, GLBP And VRRP and what are there advantages and
disadvantages?
30.What is SLIP (Serial Line Interface Protocol)?
31.What is the difference between routable and non- routable protocols?
Access List Questions:
1. What is ACL, ACE, What are numbers for Standard and extended
ACL?
2. Types of ACL and difference between ACL and prefix list?
Switching and Local Area Network ( LAN ) Questions:
1. What is a broadcast storm?
2. Spanning tree loops and avoidance?
3. Know about MAC address
4. What is Ether channel and what are the protocols used in them?
5. what is port security on Cisco Switch and why we use it?
6. What is Vlan ?
7. What purpose of private Vlan ?
8. What is ROOT guard and BPDU guard in STP ?
9. What is the difference between layer 2 and layer 3 in the OSI model?
10.What is the difference between a hub, switch, and router?
11.What is a VLAN?
12.Know about MAC address
13.Explain 802.1W
14.What are 10Base2, 10Base5 and 10BaseT Ethernet LANs?
15.What is difference between circuit Switching And Packet Switching ?
16.What is the different between 802.1q and ISL?
17.Explain what is an Ether-Channel?
WWW.URDUITACADEMY.COM
18.What do you need to do to setup a VTP domain?
19.What is a root bridge and why do you need one?
Wide Area Network Questions ( WAN ):
1. How does Frame Relay Work
2. What is ATM technology
3. How does the DSL work
4. Do you know about MPLS
5. How does MPLS work
6. What is VRF
7. What is MPLS VPN
8. What is difference between Route Distinguisher and Route Target.
9. What is VPLS
Network Monitoring Questions:
1. SMTP, SNMP
2. What is SNMP and what is the difference between SNMP v2 and V 3 ?
3. What is Net flow and EEM?
4. What is a Management Information Base (MIB)
Troubleshooting Network Issues:
1. What steps do you take when troubleshooting a networking issue?
2. What are the first things you check when a user is experiencing
problems accessing the network
3. What is Service Level Agreement?
4. Which three commands can be used to check LAN connectivity
problems on a router?
5. You are unsuccessful in telnetting into a remote device. What could the
problem be?
6. What questions would you ask to help isolate a user’s problem?
7. Which are the tools you carry usually for troubleshooting?
8. Which are the tools you carry usually for troubleshooting?
9. How do you distinguish a DNS problem from a network problem?
Network Security And Design Questions:
1. Tell us something about Cisco PPDIOO Lifecycle approach?
2. What are typical virus sources and how do you prevent virus attacks?
3. What are some of the guidelines you would recommend for
implementing security at the user level?
4. What is the difference between these three: encryption, encoding and
hashing?
5. What are typical virus sources and how do you prevent virus attacks?
6. Describe what a stateful firewall is?
WWW.URDUITACADEMY.COM
Questions about yourself:
1. How would you say you are able to handle stress?
2. What do you see yourself doing two or three years from now?
3. How do you learn new technologies?
4. How do you prioritize tasks and manage your time?
5. What are some ways you’ve improved network performance in the
past?
6. Can you explain about the biggest error that you have made as a
network administrator?
7. How much experience do you have working with the development
team as well as the networking team?
8. Describe how you’ve met the challenges associated with IPv6
9. Can you give me a list of priorities concerning network support?
Regards
Urdu IT Academy Team

Understand VLAN Trunk Protocol (VTP)

Background Information

VLAN Trunk Protocol (VTP) reduces administration in a switched network. When you
configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the
domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-
proprietary protocol that is available on most of the Cisco Catalyst series products.

Comparison between VPC, VSS and VLS

Firewalls:
What is a Stateless Firewall?
This is similar to routers, and we need to create a policy for the same traffic in both
directions.
Like:
If one PC/user wants to access google.com, then one policy from the user to google.com
and 2nd policy from google.com to the user.

What is a Stateful Firewall?

This type of firewall maintains the session table. If one user tries to access google.com, traffic
will go from inside to outside. When its reply comes from google.com, the firewall sends the
traffic to that user who had requested earlier because of the session table.

Stateful vs Stateless Firewall –

PARAMETER STATELESS FIREWALL STATEFUL FIREWALL

Philosophy Treats each packet in isolation Stateful firewalls maintain context about
and does not relates to active sessions and use “state information” to
connection state speed packet processing
PARAMETER STATELESS FIREWALL STATEFUL FIREWALL

Filtering decision Based on information in packet Based on flows

headers

Memory and CPU Low High

intensive

Security Low High

Connection Unknown Known

Status

Performance Fast Slower

Related terms Header info, IP address, port no State information, pattern matching etc.
etc.

WAF VS Network Firewall:

 WAF VS NG-Firewall:

HA feature overview
FortiADC appliances can be deployed as standalone units or as high availability (HA) clusters.

A cluster is two or more nodes. A node is an instance of the appliance/system. In a cluster, one node
is the primary node, also called the master node. The other members of the cluster are secondary
nodes, also called slave nodes.

The primary node has a special role. It has a one-to-many relationship with member nodes. Both
configuration updates and software updates are initiated by the primary node and pushed to member
nodes.

The system selects the primary node based on the following criteria:

 Link health (if monitor ports links are down, the node is considered down)
 Remote IP monitor health check results
 Override setting (prefers priority to uptime)
 Most available ports
 Highest uptime value
 Lowest device priority number (1 has greater priority than 2)
 Highest-sorting serial number—Serial numbers are sorted by comparing each character from left to right,
where 9 and z are the greatest values. The system gives preference to higher values over lower values.
HA solutions depend on two types of communication among cluster members:

 Synchronization—During initialization, the primary node pushes its configuration (with noted exceptions) to
member nodes. After initialization has completed, the nodes synchronize their session tables.
 Heartbeats—A cluster node indicates to other nodes in the cluster that it is up and available. The absence of
heartbeat traffic indicates the node is not up and is unavailable.
There are two types of HA clusters:

 Active-passive—Only the primary node is active, so it is the only node that receives traffic from adjacent
routers. Typically, there is one other node that is in standby mode. It assumes active status if the primary node
undergoes maintenance or otherwise becomes unavailable.
 Active-active—All nodes receive traffic. Active-active deployments support load balancing and failover among
up to eight cluster members.
In an active-passive cluster, only the management IP address for the primary node is active. In an
active-passive cluster, you can log into a node only when it has primary node status and its IP
address is active. To access the user interface of an appliance in standby status (the active-passive
slave), you must use a console port connection.

In an active-active cluster, the IP addresses for all interfaces are unique, including the management
interface. When the appliance is in standalone mode, the physical port IP address is active; when it
is in HA mode, the address assigned to it in the HA node IP list address is active. You can log into
any node using the active IP address for its management port.
Tip: You can use the execute ha manage command to log into the console of a member node.
See the CLI reference.

Figure 72 shows an active-passive cluster in a single network path. In an active-passive cluster, the
primary node is the active node that handles all traffic. In the event that the primary node
experiences hardware failure or system maintenance, failover takes place. In failover, the standby
node becomes the primary node and processes the traffic that is forwarded along the network path.
The new primary node sends gratuitous ARP to notify the network to direct traffic for the virtual MAC
addresses (vMAC) to its network interfaces. It takes the IP addresses of the unresponsive node.

Forti Gate

Palo Alto

Fire Power
Cisco ISE