Technical Interview Questions – Networking (Part-1)

1. What is an IP address?

Ans: An Internet Protocol address (IP address) is a numerical label assigned to each device (e.g., computer, printer) participating in a computer network that uses the Internet Protocol for communication. An IP address serves two principal functions: Host or Network interface identification and location addressing.

2. What is a subnet mask?

Ans: An IP address has two components, the network address and the host address. A subnet mask separates the IP address into the network and host addresses (<network><host>). Subnetting further divides the host part of an IP address into a subnet and host address (<network><subnet><host>) if additional subnetwork is needed.

3. What is ARP?

Ans: The address resolution protocol (arp) is a protocol used by the Internet Protocol (IP) [RFC826], specifically IPv4, to map IP network addresses to the hardware addresses used by a data link protocol. The protocol operates below the network layer as a part of the interface between the OSI network and OSI link layer.

4. What is ARP Cache Poisoning?

Ans: In computer networking, ARP spoofing, ARP cache poisoning, or ARP poison routing, is a technique by which an attacker sends (spoofed) Address Resolution Protocol(ARP) messages onto a local area network.

5. What is the ANDing process?

Ans: When a source host attempts to communicate with a destination host, the source host uses its subnet mask to determine whether the destination host is on the local network or a remote network. This is known as theANDing process.

6. What is a default gateway? What happens if I don’t have one?

Ans: A gateway is a routing device that knows how to pass traffic between different subnets and networks. A computer will know some routes (a route is the address of each node a packet must go through on the Internet to reach a specific destination). If you don’t have a gateway your network communication have no problem. But you cannot communicate with other networks.

7. Can a workstation computer be configured to browse the Internet and yet NOT have a default gateway?

Ans: If we are using public ip address, we can browse the internet. If it is having an intranet address a gateway is needed as a router or firewall to communicate with internet.

8. What is a subnet?

Ans: A portion of a network which shares a network address in which each component is identified by a subnet number. A subnet is a logical organization of network address ranges used to separate hosts and network devices from each other to serve a design purpose. In many cases, subnets are created to serve as physical or geographical separations similar to those found between rooms, floors, buildings, or cities.

9. What is APIPA?

Ans: Short for Automatic Private IP Addressing, a feature of later Windows operating systems. With APIPA, DHCP clients can automatically self-configure an IP address and subnet mask when a DHCP server isn’t available. When a DHCP client boots up, it first looks for a DHCP server in order to obtain an IP address and subnet mask. If the client is unable to find the information, it uses APIPA to automatically configure itself with an IP address from a range that has been reserved especially for Microsoft. The IP address range is 169.254.0.1 through 169.254.255.254. The client also configures itself with a default class B subnet mask of 255.255.0.0. A client uses the self- configured IP address until a DHCP server becomes available.

The APIPA service also checks regularly for the presence of a DHCP server (every five minutes, according to Microsoft). If it detects a DHCP server on the network, APIPA stops, and the DHCP server replaces the APIPA networking addresses with dynamically assigned addresses. APIPA is meant for non routed small business environments, usually less than 25 clients.

10.  What is an RFC? Name a few if possible (not necessarily the numbers, just the ideas behind them)

Ans: Short for Request for Comments, a series of notes about the Internet, started in 1969 (when the Internet was the ARPANET). An Internet Document can be submitted to the IETF by anyone, but the IETF decides if the document becomes an RFC. Eventually, if it gains enough interest, it may evolve into an Internet standard.
Each RFC is designated by an RFC number. Once published, an RFC never changes. Modifications to an original RFC are assigned a new RFC number.

11. What is RFC 1918?

Ans: RFC 1918 is Address Allocation for Private Internets The Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of the IP address space for private internets: 10.0.0.0 – 10.255.255.255 (10/8 prefix) 172.16.0.0 – 172.31.255.255
(172.16/12 prefix) 192.168.0.0 – 192.168.255.255 (192.168/16 prefix) We will refer to the first block as “24-bit block”, the second as “20-bit block”, and to the third as “16-bit” block. Note that (in pre-CIDR notation) the first block is nothing but a single class A network number, while the second block is a set of 16 contiguous class B network numbers, and third block is a set of 256 contiguous class C network numbers.

12. What is CIDR?

Ans: CIDR (Classless Inter-Domain Routing, sometimes known as supernetting) is a way to allocate and specify the Internet addresses used in inter-domain routing more flexibly than with the original system of Internet Protocol (IP) address classes. As a result, the number of available Internet addresses has been greatly increased.

13. You have the following Network ID: 192.115.103.64/27. What is the IP range for your network?

Ans: It ranges from 192.115.103.64 – 192.115.103.96

But the usable address are from 192.115.103.64 –192.115.103.94
192.115.103.95 – it is the broadcast address
192.115.103.96 – will be the ip address of next range
we can use 30 hosts in this network.

14. You have the following Network ID: 131.112.0.0. You need at least 500 hosts per network. How many networks can you create? What subnet mask will you use?

Ans: If you need 500 users then 2^9th would give you 512 (remember the first and last are network and broadcast), 510 usable. So of your 32 bits you would turn the last 9 off for host and that would give you give you a 255.255.254.0 subnet mask (11111111.11111111.11111110.00000000).
Now that we know that
we can see that you have the first 7 of your third octet turned on so to figure out how many subnets you have us the formula
2^7th= 128. So you can have 128 subnets with 500 people on them.

15. You need to view at network traffic. What will you use? Name a few tools

Ans: WireShark or TCP Dump , or Ethereal.

16. How do I know the path that a packet takes to the destination?

Ans: use “tracert” command-line

17. What does the ping 192.168.0.1 -l 1000 -n 100 command do?

Ans: The ping command will send roundtrip packets to a destination (other PC, router, printer, etc.) and see how long it takes. The 192.168.0.1 is the destination (which, by the way is a typical default IP address of a router. ) The -l 1000 is how big the packet should be in bytes. The default is 32, if the -l parameter is not used. And the -n 100 is saying to send it 100 times. The default is 4, when this parameter is not used.

18. What is DHCP? What are the benefits and drawbacks of using it?

Ans: Benefits:
1. DHCP minimizes configuration errors caused by manual IP address configuration.
2. Reduced network administration.
Disadvantage: Your machine name does not change when you get a new IP address. The DNS (Domain Name System) name is associated with your IP address and therefore does change. This only presents a problem if other clients try to access your machine by its DNS name.

19. Describe the steps taken by the client and DHCP server in order to obtain an IP address.

Ans: *  At least one DHCP server must exist on a network.
Once the DHCP server software is installed, you create a DHCP scope, which is a pool of IP addresses that the server manages. When clients log on, they request an IP address from the server, and the server provides an IP address from its pool of available addresses.
* DHCP was originally defined in RFC 1531 (Dynamic Host Configuration Protocol, October 1993) but the most recent update is RFC 2131 (Dynamic Host Configuration Protocol, March 1997). The IETF Dynamic Host Configuration (dhc) Working Group is chartered to produce a protocol for automated allocation, configuration, and management of IP addresses and TCP/IP protocol stack parameters.

20. What is the DHCPNACK and when do I get one? Name 2 scenarios.

Ans: Recently I saw a lot of queries regarding when the Microsoft DHCP server issues a NAK to DHCP clients.For simplification purposes, I am listing down the possible scenarios in which the server should NOT issue a NAK. This should give you a good understanding of DHCP NAK behavior.When a DHCP server receives a DHCPRequest with a previously assigned address specified, it first checks to see if it came from the local segment by checking the GIADDR field. If it originated from the local segment, the DHCP server compares the requested address to the IP address and subnet mask belonging to the local interface that received the request.
DHCP server will issue a NAK to the client ONLY IF it is sure that the client, “on the local subnet”, is asking for an address that doesn’t exist on that subnet.The server will send a NAK EXCEPT in the following scenarios:-

1. Requested address from possibly the same subnet but not in the address pool of the server:-
This can be the failover scenario in which 2 DHCP servers are serving the same subnet so that when one goes down, the other should not NAK to clients which got an IP from the first server.
2. Requested address on a different subnet:-
If the Address is from the same superscope to which the subnet belongs, DHCP server will ACK the REQUEST.

21. What ports are used by DHCP and the DHCP clients?

Ans: Requests are on UDP port 68, Server replies on UDP 67

22. Describe the process of installing a DHCP server in an AD infrastructure.

Ans: Use Add/Remove program wizard . . .

23. What is DHCPINFORM?

Ans: DHCPInform is a new DHCP message type, defined in RFC 2131, used by computers on the network to request and obtain information from a DHCP server for use in their local configuration. When this message type is used, the sender is already externally configured for its IP address on the network, which may or may not have been obtained using DHCP. This message type is not currently supported by the DHCP service provided in earlier versions of Windows NT Server and may not be recognized by third-party implementations of DHCP software.

24. Describe the integration between DHCP and DNS.

Ans: Traditionally, DNS and DHCP servers have been configured and managed one at a time. Similarly, changing authorization rights for a particular user on a group of devices has meant visiting each one and making configuration changes. DHCP integration with DNS allows the aggregation of these tasks across devices, enabling a company’s network services to scale in step with the growth of network users, devices, and policies, while reducing administrative operations and costs.
This integration provides practical operational efficiencies that lower total cost of ownership. Creating a DHCP network automatically creates an associated DNS zone, for example, reducing the number of tasks required of network administrators. And integration of DNS and DHCP in the same database instance provides unmatched consistency between service and management views of IP address-centric network services data.

25. What options in DHCP do you regularly use for an MS network?

Ans: Automatic providing IP address
Subnet mask
DNS server
Domain name

Default getaway or router

Courtesy: 

1) Syed Jahanzaib

2) DanielPetri