Technical Interview Questions – Networking (Part-2)

Part 1
Part 3

1. What are User Classes and Vendor Classes in DHCP?

Ans: Default Class: This DHCP class is by default configured as soon as the DHCP server role is installed on the network operating systems. After the successful installation of DHCP server roles, administrators must create DHCP scopes where they must specify a range of IP addresses along with the addresses of the DNS servers and the default gateways. Since all DHCP client computers by default belong to default DHCP class, they receive the set of addresses from the default class only.

User Class: This DHCP class must be created manually by the administrators. User class is created in the environments where a computer or a group of computers is to be redirected to the different network or a specific computer by assigning addresses of different DNS server and/or the default gateway. An example can be of accounts department in an organization, computers of which need to access highly sensitive information from file servers that are kept isolated from the rest of the organization’s network. Since such file servers may have different IP addresses that may belong to different network addresses or different address classes altogether, creating User classes and specifying addresses of DNS servers and default gateways that redirect the queries to the sensitive and isolated file servers make the network setup quite efficient and highly secured.

Vendor Class: This DHCP class works in the same manner as User class does, i.e. it also provides a different set of address of DNS servers and default gateways to the DHCP client computers. However, Vendor classes are created when a network setup has multi-platform environment and the administrators want the DHCP client computers running non-Microsoft operating systems to obtain a different set of DNS and default gateway addresses. For example, in an organization some computers have Microsoft Windows 7 installed on them and receive 192.168.11.1 as their DNS and default gateways. On the other hand, other computers have Linux OS installed on them. A Vendor class for Linux can be created so that all Linux clients can be assigned with different DNS and default gateway addresses, e.g. 192.168.24.2.

2. How do I configure a client machine to use a specific User Class?

Ans: The command to configure a client machine to use a specific user class is
ipconfig /setclassid “<Name of your Network card>” <Name of the class you created on DHCP and you want to join (Name is case sensitive)>
Eg: ipconfig /setclassid ” Local Area Network” Accounting

3. What is the BOOTP protocol used for, where might you find it in Windows network infrastructure?

Ans: BootP (RFC951) provides
* a unique IP address to the requester (using port 67) similar to the DHCP request on port 68 AND
* can provide (where supported) the ability to boot a system without a hard drive (ie: a diskless client)
Apple OS X 10.* Server supports BootP (albeit) renamed as NetBoot. The facility allows the Admin to maintain a selected set of configurations as boot images and then assign sets of client systems to share(or boot from) that image. For example Accounting, Management, and Engineering departments have elements in common, but which can be unique from other departments. Performing upgrades and maintenance on three images is far more productive that working on all client systems individually. Startup is obviously network intensive, and beyond 40-50 clients, the Admin needs to carefully subnet the infrastructure, use gigabit switches, and host the images local to the clients to avoid saturating the network. This will expand the number of BootP servers and multiply the number of images, but the productivity of 1 BootP server per 50 clients is undeniable :) Sunmicro, Linux, and AIX RS/600 all support BootP. To date, Windows does not support booting “diskless clients”.

4. DNS zones – describe the differences between the DNS types.

Ans: The DNS Server service provides for three types of zones:

• Primary zone
• Secondary zone
• Stub zone

The following sections describe each of these zone types.

Primary zone

When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, and it stores the master copy of zone data in a local file or in AD DS. When the zone is stored in a file, by default the primary zone file is named zone_name.dns and it is located in the %windir%\System32\Dns folder on the server.

Secondary zone

When a zone that this DNS server hosts is a secondary zone, this DNS server is a secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone. Because a secondary zone is merely a copy of a primary zone that is hosted on another server, it cannot be stored in AD DS.

Stub zone

When a zone that this DNS server hosts is a stub zone, this DNS server is a source only for information about the authoritative name servers for this zone. The zone at this server must be obtained from another DNS server that hosts the zone. This DNS server must have network access to the remote DNS server to copy the authoritative name server information about the zone.

You can use stub zones to:

• Keep delegated zone information current. By updating a stub zone for one of its child zones regularly, the DNS server that hosts both the parent zone and the stub zone will maintain a current list of authoritative DNS servers for the child zone.
• Improve name resolution. Stub zones enable a DNS server to perform recursion using the stub zone's list of name servers, without having to query the Internet or an internal root server for the DNS namespace.
• Simplify DNS administration. By using stub zones throughout your DNS infrastructure, you can distribute a list of the authoritative DNS servers for a zone without using secondary zones. However, stub zones do not serve the same purpose as secondary zones, and they are not an alternative for enhancing redundancy and load sharing.

There are two lists of DNS servers involved in the loading and maintenance of a stub zone:

• The list of master servers from which the DNS server loads and updates a stub zone. A master server may be a primary or secondary DNS server for the zone. In both cases, it will have a complete list of the DNS servers for the zone.
• The list of the authoritative DNS servers for a zone. This list is contained in the stub zone using name server (NS) resource records.

When a DNS server loads a stub zone, such as widgets.tailspintoys.com, it queries the master servers, which can be in different locations, for the necessary resource records of the authoritative servers for the zone widgets.tailspintoys.com. The list of master servers may contain a single server or multiple servers, and it can be changed anytime.

5. DNS record types – describe the most important ones.

Ans: DNS Syntax Types Explained

An “A” record, which stands for “address” is the most basic type of syntax used in DNS records, indicating the actual IP address of the domain. The “AAAA” record is an IPV6 address record that maps a hostname to a 128-bit Ipv6 address.  Regular DNS addresses are mapped for 32-bit IPv4 addresses.

The “CNAME” record stands for “canonical name” and serves to make one domain an alias of another domain. CNAME is often used to associate new subdomains with an existing domain's DNS records.

The “MX” record stands for “mail exchange” and is basically a list of mail exchange servers that are to be used for the domain.

The “PTR” record stands for “pointer record” and maps an Ipv4 address to the CNAME on the host.

The “NS” record stands for “name server” and indicates which Name Server is authoritative for the domain.

An “SOA” record stands for “State of Authority” and is easily one of the most essential DSN records because it stores important information like when the domain was last updated and much more.

An “SRV” record stands for “service” and is used to define a TCP service on which the domain operates.

A “TXT” record lets the administrator insert any text they'd like into the DNS record, and it is often used for denoting facts about the domain.

6. Describe the process of working with an external domain name.

Ans: Serving Sites with External Domain Name Servers, If you host Web sites on this server and have a standalone DNS server acting as a primary (master) name server for your sites, you may want to set up your control panel’s DNS server to function as a secondary (slave) name server:
To make the control panel’s DNS server act as a secondary name server:

1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch DNS Service Mode.
3. Specify the IP address of the primary (master) DNS server.
4. Click Add.
5. Repeat steps from 1 to 5 for each Web site that needs to have a secondary name server on this machine.
To make the control panel’s DNS server act as a primary for a zone:

1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch DNS Service Mode. The original resource records for the zone will be restored.

If you host Web sites on this server and rely entirely on other machines to perform the Domain Name Service for your sites (there are two external name servers – a primary and a secondary), switch off the control panel’s DNS service for each site served by external name servers.

To switch off the control panel’s DNS service for a site served by an external name server:
1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch Off the DNS Service in the Tools group. Turning the DNS service off for the zone will refresh the screen, so that only a list of name servers remains.

Note: The listed name server records have no effect on the system. They are only presented on the screen as clickable links to give you a chance to validate the configuration of the zone maintained on the external authoritative name servers. 

1. Repeat the steps from 1 to 3 to switch off the local domain name service for each site served by external name servers. If you wish to validate the configuration of a zone maintained on authoritative name servers:

1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Add to the list the entries pointing to the appropriate name servers that are authoritative for the zone: click Add, specify a name server, and click OK. Repeat this for each name server you would like to test. The records will appear in the list.

1. Click the records that you have just created. Parallels Plesk Panel will retrieve the zone file from a remote name server and check the resource records to make sure that domain’s resources are properly resolved. The results will be interpreted and displayed on the screen.

7. Describe the importance of DNS to AD.

Ans: When you install Active Directory on a server, you promote the server to the role of a domain controller for a specified domain. When completing this process, you are prompted to specify a DNS domain name for the Active Directory domain for which you are joining and promoting the server. If during this process, a DNS server authoritative for the domain that you specified either cannot be located on the network or does not support the DNS dynamic update protocol, you are prompted with the option to install a DNS server. This option is provided because a DNS server is required to locate this server or other domain controllers for members of an Active Directory domain 

8. Describe a few methods of finding an MX record for a remote domain on the Internet.

Ans: In order to find MX Records for SMTP domains you can use Command-line tools such as NSLOOKUP or DIG. You can also use online web services that allow you to perform quick searches and display the information in a convenient manner.

9. What does “Disable Recursion” in DNS mean?

Ans: In the Windows 2000/2003 DNS console (dnsmgmt.msc), under a server’s Properties -> Forwarders tab is the setting Do not use recursion for this domain. On the Advanced tab you will find the confusingly similar option Disable recursion (also disables forwarders). Recursion refers to the action of a DNS server querying additional DNS servers (e.g. local ISP DNS or the root DNS servers) to resolve queries that it cannot resolve from its own database.

10. What could cause the Forwarders and Root Hints to be grayed out?

Ans: Win2K configured your DNS server as a private root server.

11. What is a “Single Label domain name” and what sort of issues can it cause?

Ans: Single-label names consist of a single word like “contoso”.
• Single-label DNS names cannot be registered by using an Internet registrar.
• Client computers and domain controllers that joined to single-label domains require additional configuration to dynamically register DNS records in single-label DNS zones. • Client computers and domain controllers may require additional configuration to resolve DNS queries in single-label DNS zones.
• By default, Windows Server 2003-based domain members, Windows XP-based domain members, and Windows 2000-based domain members do not perform dynamic updates to single-label DNS zones.
• Some server-based applications are incompatible with single-label domain names. Application support may not exist in the initial release of an application, or support may be dropped in a future release. For example, Microsoft Exchange Server 2007 is not supported in environments in which single-label DNS is used.
• Some server-based applications are incompatible with the domain rename feature that is supported in Windows Server 2003 domain controllers and in Windows Server 2008 domain controllers. These incompatibilities either block or complicate the use of the domain rename feature when you try to rename a single-label DNS name to a fully qualified domain name.

12. What is the “in-addr.arpa” zone used for?

Ans: When creating DNS records for your hosts, A records make sense. After all, how can the world find your mail server unless the IP address of that server is associated with its hostname within a DNS database? However, PTR records aren’t as easily understood. If you already have a zone file, why does there have to be a separate in-addr.arpa zone containing PTR records matching your A records? And who should be making those PTR records–you or your provider? Let’s start by defining in-addr.arpa. .arpa is actually a TLD like .com or .org. The name of the TLD comes from Address and Routing Parameter Area and it has been designated by the IANA to be used exclusively for Internet infrastructure purposes. In other words, it is an important zone and an integral part of the inner workings of DNS. The RFC for DNS (RFC 1035) has an entire section on the in-addr.arpa domain. The first two paragraphs in that section state the purpose of the domain: “The Internet uses a special domain to support gateway location and Internet address to host mapping. Other classes may employ a similar strategy in other domains. The intent of this domain is to provide a guaranteed method to perform host address to host name mapping, and to facilitate queries to locate all gateways on a particular network in the Internet. Note that both of these services are similar to functions that could be performed by inverse queries; the difference is that this part of the domain name space is structured according to address, and hence can guarantee that the appropriate data can be located without an exhaustive search of the domain space.” In other words, this zone provides a database of all allocated networks and the DNS reachable hosts within those networks. If your assigned network does not appear in this zone, it appears to be unallocated. And if your hosts don’t have a PTR record in this database, they appear to be unreachable through DNS. Assuming an A record exists for a host, a missing PTR record may or may not impact on the DNS reachability of that host, depending upon the applications running on that host. For example, a mail server will definitely be impacted as PTR records are used in mail header checks and by most anti-SPAM mechanisms. Depending upon your web server configuration, it may also depend upon an existing PTR record. This is why the DNS RFCs recommend that every A record has an associated PTR record. But who should make and host those PTR records? Twenty years ago when you could buy a full Class C network address (i.e. 254 host addresses) the answer was easy: you. Remember, the in-addr.arpa zone is concerned with delegated network addresses. In other words, the owner of the network address is authoritative (i.e. responsible) for the host PTR records associated with that network address space. If you only own one or two host addresses within a network address space, the provider you purchased those addresses from needs to host your PTR records as the provider is the owner of (i.e. authoritative for) the network address. Things are a bit more interesting if you have been delegated a CIDR block of addresses. The in-addr.arpa zone assumes a classful addressing scheme where a Class A address is one octet (or /8), a Class B is 2 octets (or /16) and a Class C is 3 octets (or /24). CIDR allows for delegating address space outside of these boundaries–say a /19 or a /28. RFC 2317 provides a best current practice for maintaining in-addr.arpa with these types of network allocations. Here is a summary regarding PTR records: • Don’t wait until users complain about DNS unreachability–be proactive and ensure there is an associated PTR record for every A record. • If your provider hosts your A records, they should also host your PTR records. • If you only have one or two assigned IP addresses, your provider should host your PTR records as they are authoritative for the network those hosts belong to. • If you own an entire network address (e.g. a Class C address ending in 0), you are responsible for hosting your PTR records. • If you are configuring an internal DNS server within the private address ranges (e.g. 10.0.0.0 or 192.168.0.0), you are responsible for your own internal PTR records. • Remember: the key to PTR hosting is knowing who is authoritative for the network address for your domain. When in doubt, it probably is not you. 

13. What are the requirements from DNS to support AD?

Ans:  When you install Active Directory on a member server, the member server is promoted to a domain controller. Active Directory uses DNS as the location mechanism for domain controllers, enabling computers on the network to obtain IP addresses of domain controllers. During the installation of Active Directory, the service (SRV) and address (A) resource records are dynamically registered in DNS, which are necessary for the successful functionality of the domain controller locator (Locator) mechanism. To find domain controllers in a domain or forest, a client queries DNS for the SRV and A DNS resource records of the domain controller, which provide the client with the names and IP addresses of the domain controllers. In this context, the SRV and A resource records are referred to as Locator DNS resource records. When adding a domain controller to a forest, you are updating a DNS zone hosted on a DNS server with the Locator DNS resource records and identifying the domain controller. For this reason, the DNS zone must allow dynamic updates (RFC 2136) and the DNS server hosting that zone must support the SRV resource records (RFC 2782) to advertise the Active Directory directory service. For more information about RFCs, see DNS RFCs. If the DNS server hosting the authoritative DNS zone is not a server running Windows 2000 or Windows Server 2003, contact your DNS administrator to determine if the DNS server supports the required standards. If the server does not support the required standards, or the authoritative DNS zone cannot be configured to allow dynamic updates, then modification is required to your existing DNS infrastructure.

14. How do you manually create SRV records in DNS?

Ans: This is on windows server
go to run —> dnsmgmt.msc
rightclick on the zone you want to add srv record to and choose “other new record” and choose service location(srv)…..

15. Name 3 benefits of using AD-integrated zones.

Ans: 1. you can give easy name resolution to your clients.
2. By creating AD- integrated zone you can also trace hacker and spammer by creating reverse zone.
3. AD integrated zoned all for incremental zone transfers which on transfer changes and not the entire zone. This reduces zone transfer traffic.

4. AD Integrated zones support both secure and dynamic updates.

5. AD integrated zones are stored as part of the active directory and support domain-wide or forest-wide replication through application partitions in AD.

16. What are the benefits of using Windows 2003 DNS when using AD-integrated zones?

Ans: DNS supports Dynamic registration of SRV records registered by a Active Directory server or a domain controller during promotion. With the help of SRV records client machines can find domain controllers in the network.
1. DNS supports Secure Dynamic updates. Unauthorized access is denied.
2. Exchange server needs internal DNS or AD DNS to locate Global Catalog servers.
3. Active Directory Integrated Zone. If you have more than one domain controller (recommended) you need not worry about zone replication. Active Directory replication will take care of DNS zone replication also.
4. If your network uses DHCP with Active Directory then no other DHCP will be able to service client requests coming from different network. It is because DHCP server is authorized in AD and will be the only server to participate on network to provide IP Address information to client machines.
5. Moreover, you can use NT4 DNS with Service Pack 4 or later. It supports both SRV record registration and Dynamic Updates.
Using Microsoft DNS gives the following benefits:
If you implement networks that require secure updates.
If you want to take benefit of Active Directory replication.
If you want to integrate DHCP with DNS for Low-level clients to register their Host records in Zone database.

17. You installed a new AD domain and the new (and first) DC has not registered its SRV records in DNS. Name a few possible causes.

Ans: The machine cannot be configured with DNS client her own
The DNS service cannot be run

18. What are the benefits and scenarios of using Stub zones?

Ans: One of the new features introduced in the Windows Server 2003-based implementation of DNS are stub zones. Its main purpose is to provide name resolution in domains, for which a local DNS server is not authoritative. The stub zone contains only a few records:

– Start of Authority (SOA) record pointing to a remote DNS server that is considered to be the best source of information about the target DNS domain, – one or more Name Server (NS) records (including the entry associated with the SOA record), which are authoritative for the DNS domain represented by the stub zone, – corresponding A records for each of the NS entries (providing IP addresses of the servers). While you can also provide name resolution for a remote domain by either creating a secondary zone (which was a common approach in Windows Server 2000 DNS implementation) or delegation (when dealing with a contiguous namespace), such approach forces periodic zone transfers, which are not needed when stub zones are used. Necessity to traverse network in order to obtain individual records hosted on the remote Name Servers is mitigated to some extent by caching process, which keeps them on the local server for the duration of their Time-to-Live (TTL) parameter. In addition, records residing in a stub zone are periodically validated and refreshed in order to avoid lame delegations

 

19. What are the benefits and scenarios of using Conditional Forwarding?

Ans: Rather than having a DNS server forward all queries it cannot resolve to forwarders, the DNS server can forward queries for different domain names to different DNS servers according to the specific domain names that are contained in the queries. Forwarding according to these domain-name conditions improves conventional forwarding by adding a second condition to the forwarding process.

20. What are the differences between Windows Clustering, Network Load Balancing and Round Robin, and scenarios for each use?

Ans: I will make a few assumptions here:

1) By “Windows Clustering Network Load Balancing” you mean Windows Network Load Balancing software included in Windows Server software a.k.a NLB., and
2) By Round Robin, you mean DNS Round Robin meaning the absence of a software or hardware load balancing device, or the concept of the Round Robin algorithm available in just about every load balancing solution.

Microsoft NLB is designed for a small number (4 – 6) of Windows Servers and a low to moderate number of new connections per second, to provide distribution of web server requests to multiple servers in a virtual resource pool. Some would call this a “cluster”, but there are subtle differences between a clustered group of devices and a more loosely configured virtual pool. From the standpoint of scalability and performance, almost all hardware load balancing solutions are superior to this and other less known software load balancing solutions [e.g. Bright Tiger circa 1998].

DNS Round Robin is an inherent load balancing method built into DNS. When you resolve an IP address that has more than one A record, DNS hands out different resolutions to different requesting local DNS servers. Although there are several factors effecting the exact resulting algorithm (e.g. DNS caching, TTL, multiple DNS servers [authoritative or cached]), I stress the term “roughly” when I say it roughly results in an even distribution of resolutions to each of the addresses specified for a particular URL. It does not however, consider availability, performance, or any other metric and is completely static. The basic RR algorithm is available in many software and hardware load balancing solutions and simply hands the next request to the next resource and starts back at the first resource when it hits the last one.

NLB is based on proprietary software, meant for small groups of Windows servers only on private networks, and is dynamic in nature (takes into account availability of a server, and in some cases performance). “Round Robin”, DNS or otherwise, is more generic, static in nature (does not take into account anything but the resource is a member of the resource pool and each member is equal), and ranges from DNS to the default static load balancing method on every hardware device in the market.

21. How do I work with the Host name cache on a client computer?

Ans: Use the command nbtstat.
-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.
-c (cache) Lists NBT's cache of remote [machine] names and their IP addresses
-n (names) Lists local NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination IP addresses
-s (sessions) Lists sessions table converting destination IP addresses to computer NETBIOS names.
-RR (ReleaseRefresh) Sends Name Release packets to WINS and then, starts Refresh

22. How do I clear the DNS cache on the DNS server?

Ans: To clear the server names cache
* Using the Windows interface
* Using a command line
Using the Windows interface
1. Open DNS.
2. In the console tree, click the applicable DNS server.
Where?
* DNS/applicable DNS server
3. On the Action menu, click Clear Cache.
Notes:
* To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
* To open DNS, click Start, click Control Panel, double-click Administrative Tools, and then double-click DNS.
Using a command line
1. Open Command Prompt.
2. Type the following command and then press ENTER:
Dnscmd ServerName /clearcache

23. What is the 224.0.1.24 address used for?

Ans: WINS server group address. Used to support autodiscovery and dynamic configuration of replication for WINS servers.

24. What is WINS and when do we use it?

Ans: In the Windows Server family, the primary means for client computer to locate and communicate with other computers on an Internet Protocol (IP) network is by using Domain Name System (DNS). However, clients that use older versions of Windows, such as Windows NT 4.0, use network basic I/O system (NetBIOS) names for network communication. Some applications that run on Windows Server 2003 may also use NetBIOS names for network communication. Using NetBIOS names requires a method of resolving NetBIOS names to IP . Using a WINS server is essential for any Windows client computer to work with other Windows computers over the Internet. In addition, using a WINS server is essential for any Windows client computer at Indiana University that intends to use Microsoft network resources. To use WINS services, you must insert into your TCP/IP networking configuration the IP address of the WINS servers you wish to use.

25. Can you have a Microsoft-based network without any WINS server on it? What are the “considerations” regarding not using WINS?

Ans: Yes, you can. WINS was designed to speed up information flow about the Windows workstations in a network. It will work without it, and most networks do not utilize WINS servers anymore because it is based on an old protocol (NetBUI) which is no longer in common use.

Part 1
Part 3

Courtesy: 

1) Syed Jahanzaib

2) DanielPetri