The following blog posts takes you through important networking related concepts you should be familiar with in order to be a good devops/cloud professional. The main focus is to prepare you for the networking interview questions.
For extensive list of Devops Interview questions and answers, click here
Explain The 7 layers of OSI Model
| Layer Name | Definition, Important points |
|---|---|
| APPLICATION | Manages communications between applications. At this layer, data still resembles something that people can read |
| PRESENTATION | This layer is where data is first converted into a form that can be sent over a network. Data is compressed and decompressed and encrypted or decrypted Sometimes referred to as translation layer |
| SESSION | Controls the dialog during communications It establishes, manages and terminates the connections between the local and remote application. |
| TRANSPORT | Provides transfer of data between end users Responsible for resending any packets that do not receive an acknowledgement from the destination This layer can guarantee that packets are received |
| NETWORK | Responsible for routing the data packet based on its logical IP address Fragments and reassembles the packets Instructs data on how to find its ultimate destination |
| DATA LINK | Responsible for sending data to the physical layer Data packets are encoded and decoded into bits Handles flow control and frame synchronization Divided into 2 sub layers, MAC layer and LLC layer |
| PHYSICAL | Defines the network standards and physical characteristics of a network. such as connectors, media types, cables, voltages, etc. Defines the topology of the network |
List down some common protocols in each OSI layer
List down Important Protocol Port combination
| Protocol | Port |
|---|---|
| HTTP | 80 |
| HTTPS | 443 |
| SMTP | 25 |
| FTP | 20,21 |
| Telnet | 23 |
| DNS | 53 |
| DHCP | 67,68 |
| POP | 110 |
| IMAP | 143 |
| RDP | 3389 |
Networking Topologies
Layout of how a network communicates with different devices is called a Topology.
Types of Topologies:
1. Star Topology
All computers are connected to a central point, such as hub or switch. All data passes throught this central point.
Advantage: If a cable or a system in this goes bad, then it wont break the network.
Disadvantage: If central hub or switch fails, then all the computers connected to it, will be effected.
2. Bus Topology:
In this topology, all devices are connected using single cable, known as backbone.
Devices are connected using T Connector.
3. Ring Topology
Each and every device is connected in a closed loop or ring.
4. Mesh Topology
Every system is connected to every other system.
Handles failure very well.
5. Point to Point Topology
Two hosts connected to each other.
6. Client Server Topology
Clients connect to servers to access resources.
7. Peer to Peer
Every host/system talks to every other client/host with each other.
Firewall
-> can be either software or hardware.
-> Designed to prevent unauthorized access from entering a private network.
->Filters the information that comis in from the internat.
->Blocks unwanted traffic and permits wanted traffic.
-> inspects the data packet and look at their access rules, to allow them to enter the network
-> firewall controls the traffic through it’s ACL
ACL are list of rules for what can access the network. Either allows or deny.
Firewalls comes with the rule known as implicit deny. Thus, it will only allow the traffic which the ACL says to allow.
Host based firewall – software firewall.
Installed on a computer and it protects that computer only.
Network based firewall
combination of hardware and software
operates at network layer
placed between a private network and internet
protects an entire network
Stateful vs Stateless firewall
Firewall inspects traffic in couple of different ways.
Stateful: monitors all the connections and the data streams that are passing through. And keeps a record of it.
It uses the connection information that comes from the application and previous sessions and factors that in allowing a denying the traffic.
It does a thorough job of protecting the network dynamically.
Stateless: uses an ACL to allow or deny traffic.
Does not look at the data packet. Only looks at the header portion of it.
Does not keep a record of previous data packet.
Signature Identification:
Used to detect viruses that have a well known behavior pattern.
Firewalls that use signature identification are programmed to spot these behavior.
IDS/IPS Intrusion Detection/Prevention System
hardware tool that is typically placed between firewall and the internet.
Its job is to alert and prevent a network from outside attack.
such as viruses, malwares and hackers
It monitors traffic flowing through a network looking for suspicious patterns.If it finds any, it alerts the network administrator of the danger.
Network Components
DOCSIS modem: Data over cable service interface specification.
Typical broadband cable modem.
handles both incoming and outgoing data signals including internet video and voice.
HUB
A device that has multiple ports that accepts ethernet connection from network devices.
considered not to be intelligent
It does not filter any data or does not have sense as to which data is to be sent where.
When a data packet arrives at one port, it is copied to all other ports. So all the devices on that hub sees that data packet.
Two types of HUB:
1. Passive hub
does not require power.
2. Active hub
does require power.
Switch
Device that has multiple ports that accepts ethernet connection from network devices.
intelligent – can actually learn physical addresses of the devices that are connected to it.
It stores these addresses in a table.
Thus, if a data packet reaches a switch, it only sends it to the intended device/port. Thus, reducing any unnecessary traffic on the internet.
Regular switches operates at the layer 2 of the OSI model.
Multilayer switch can operate at layer 2 and layer 3 of the OSI model.
interprets layer 3 data similar to router.
Content Switch: operates at L4 – L7 of the OSI model.
can perform load balancing as well as advanced filtering.
PoE – Power Over Ethernet. some devices get their power from the ethernet, instead of a power plug.
Spanning Tree Protocol:
allows for fault tolerance and prevents unnecessary traffic loops in the network.
Allows the switches to talk to each other to find if loops are happening in the network.
Bridges
Used to divide a network into separate collission domain.
Reduces unnecassary traffic between two segments by filtering the traffic based on their MAC address.
Router
Routes or forwards data from one network to another based on their IP address.
It inspects the data packet to determine the network it is meant for.
Essentially a gateway of the network.
Gateway
A device that joins two networks together.
They interconnect network with incompatible protocols.
It does not change the data, however, it only changes the format of the data.
CSU/DSU – Channel /Data service Unit.
A device which converts data from a LAN to data to a WAN
NIC – network interface card
used to connect a computer to a network.
Each NIC has an associated MAC address.
Wireless Access Point:
Wireless hub that is used by wireless devices. it connects to a wired network and relays data between a wired network and the wireless device for the communication purposes.
Modem: Allows the computer to transmit data over telephone lines. telephone lines carry data in analog, whereas, computer understands digital. Thus, modem converts it.
How to get MAC address in windows computer:
go to CMD
type: ipconfig \all
look for physical address
uniquely identifies each device on a network.
made up of 6 byte hex number
IP Address
A numeric address
identifier for a computer or device on a network
Subnet Mask: it represents how many bits are used for network, in an IP address.
Class A – 1 – 126
Class B – 128 – 191
Class C – 192 – 223
127 is reserved for loopback testing
Private IP:
not publicly registered
can not directly access the internet
Class A – 10.0.0.0 – 10.255.255.255
Class B – 172.16.0.0 – 172.31.255.255
Class C – 192.168.0.0 – 192.168.255.255
Subnetting:
breaking down a large network into smaller networks.
Borrow n number of bits from the host portion.
Formula: 2^n – 2 >= number of subnets you need, where n is the number of bits you need to borrow.
to have 3 subnets, we need to borrow 3 bits from the hosts. as, 2^3 – 2 = 6, and we need 3 subnets only.
hence, the new subnet mask will become: 25.255.224.0
Ip Addresses:
Dynamic IP : it is where a computer gets a dynamic IP from a DHCP server.
DHCP
= dynamic host configuration protocol
DHCP works by leasing IP addresses and IP information to network clients for a period of time. For the lease to happen, following is what occurs:
1. the client when boots up, sends out a broadcast packet called DHCPDISCOVER, along with it’s name and MAC address.
2. DHCP server responds to the broadcast with the DHCPOFFER packet
3. The client accepts the first offer and sends out a broadcast packet, called DHCPREQUEST
4. The DHCP server whose packet was accepted, responds by DHCPACK message, which acknowledges the lease acceptance and contains the IP address.
It can also assign a subnet mask, default gateway and a DNS server.
Static IP : Assigning the IP address manually.
Self-Assigned or APIPA – Automatic Private IP Address Assignment
In the cases where the computer can not reach a DHCP server for whatever reason, it can provide a private IP address to itself. It is a windows feature and happens only in windows 98 or later.
It’s address range is 169.254.0.0.
If the DHCP server later becomes available, then that address is taken.
A DHCP server assigned the IP adresses to the computers from it’s scope.
A scope is a group and a range of consecutive IP addresses for computers that gets their IP addresses from a DHCP server.
Setting on Router:
Starting IP address, Ending IP address.
Reservation DHCP
Ensures that a specific computer or device, (identified by its MAC address) will always be given the same IP address when that computer or device accesses the DHCP server.
Reservations are typically given to special devices or computers, such as network printers and servers that require using the same IP address constantly.
Lease DHCP
The DHCP server assigns the IP address as a lease.
A lease is the amount of time an IP address is assigned to a computer.
on the command prompt type: ipconfig \all
look for “Lease Obtained” and “Lease Expired”.
DHCP Relay
If the computer and the DHCP server are on the same subnet, then it is not an issue. It will simply broadcast and DHCP server will assign the IP address.
However, if they are on different subnets, then we have a router in between. It will not allow the broadcast, unless DHCP relay is enabled.
Omce your broadcast reaches the router the DHCP relay will forward it to the DHCP server and the computer will get the IP address.
Important Protocols & Networking concepts
Transmission Control Protocol:
Connection oriented protocol – it must first acknowledge a session between two computers that are communicating. Which it does using a 3 way handshake.
A -> sends SYN to -> B
B -> sends SYN ACK to -> A
A -> ACK RECEIVED to -> B
Guarantees the delivery of data.
If the data packaet does not go by, then TCP will resend it.
UDP – User Datagram Protocol
Connection less
does not establish a session and does not guarantee delivery
Fire and forget protocol
Due to less overhead of not guaranting delivery, UDP is faster than TCP.
FTP – File Transfer Protocol
Standard protocol used by web users for file transfer
Users can download and upload files through the internet
Connection oriented Protocol, uses TCP for file transfer
TFTP – Trivial FTP
Not used over the internet, instead within the same network.
insecure
uses UDP
SFTP – Secure FTP
Adds a layer of security
Data is encrypted using secure shell during transfer
data is not sent in clear text
SMTP – Simple mail transfer protocol
uses TCP
POP3 – Post Office Protocol v3
used for receiving email
Only downloads the email, does not do any syncing
No copy of the email is remained on the server, unless you tell it to keep a copy.
commonly used with MS Outlook
IMAP4 _ Internet Message Access Protocol
used for receiving Email
Copies of the email are remained on the email server
Syncs email and folders between the mail server and your computer
commonly used with MS Outlook
HTTP – HyperTest Transfer Protocol
used for viewing web pages on the internet
All information is sent in clear text
HTTPS
Secure HTTP
Encrypts the data that is being retrieved by HTTP
Telnet – Terminal Emulation Program
Used to access remote server
Not secure – all commands sent in clear text
SSH – Secure Shell
Acts like a secure tunnel and protects the data from potential threat
ARP – Address Resolution Protocol
Used to resolve IP addresses to MAC addresses
Computers use MAC address for communication
Computers search their ARP cache first to find the targetting MAC address.
If not, it will send the broadcast, asking for which computer has the Ip address, once it does, then it will ask for it’s MAC address and the communication will take place.
RARP – Reverse ARP
Just the opposite of ARP
Resolves MAC address to IP addresses
NTP – Network Time Protocol
internet standard for syncing the clocks with the US naval Observatory master clock.
SCP – Secure copy protocol
Uses secure shell to safeguard the data as it’s being transferred.
SNMP – Simple Network Management Protocol
used for network management
collects data from various network devices, such as routers, printers and servers
PORTS
categorized by two protocols: TCP and UDP
A logical connection that is used by programs to exchange information
ports are identified by unique numbers
number ranges from 0 to 65535
DNS – Domain name system
Resolves domain names to IP addresses
works like phone book
NAT – Network Address Translation
Translates a set of IP addresses to another set of IP addresses
e.g. – private to public or public to private
Proxy Server
Caches web pages data accessed, so that next request can be server from there
Benefits: Speed, Bandwidth and security
CSMA/CD – Carrier sense multiple access/ collision detection
used on wired network
if the collision happens then computers will wait a random amount of time before it resends its data.
CSMA/CA – Carrier Sense Multiple Access/Collission Avoidence
Used on wireless networks
computers send small packet before transmitting larger ones.
Broadcast: Single transmitter of data, received by multiple receivers
e.g. wireless router
Unicast: data packets are sent to single destination
Multicast: Sent to multiple destinations at the same time.
Loopback Interface:
A fake or virtual interface that is created on a router
Assigned an IP address of your choice
used for testing and administration purposes
Routing Table
a file that contains set of rules that shows information on what path a data packet takes to its destination.
The router looks at its routing table to find out where to forward the data packet along the best path to it destination
Routing table consists of:
A network destination: the IP address of the final destination
Subnet mask: Determines which part of the IP address is the host and network portion
Gateway: tells the router which IP address the data packet should be forwarded to.
Interface: the outgoing IP address of the device that’s sending the data.
Next Hop: The IP address to which the IP address is forwarded to.
Metric: Determines the best route among multiple destinations.
Routing Protocol
collect information about the current network status and map out the best path for data packets to take to their specific destination.
1. Distance Vector : Hops, Distance RIP – Routing information Protocol
Routers that use RIP, broadcast their routing information to other routers every 30 seconds regardless if the routing information has changed or not.
Thus, unnecessary traffic
RIPv2 was created to solve the problem of excess traffic caused by RIP.
BGP – Border Gateway Protocol
standard routing protocol
determines routing directions that are based on paths and policies
Link State Protocol
a routing protocol that is used by routers to share information and independently map out the best path on a network.
e.g. OSPF(Open Shortest path First) – creates a toplogy map of the network
IS-IS – Routers are organized into domain or groups
Hybrid Protocol
EIGRP – Enhanced Interior Gateway Routing Protocol
SIP – Session Initiation Protocol
Establishes communication sessions over internet
e.g. VoIP, Instant Messaging and Conferencing services.
Operates at Application layer of OSI model.
Packet Switching vs Circuit Switching:
PS: the data transferred takes different route for transmission, whereas, in CS, same route is taken.
DSL – Digital subscriber line. Carries voice and data on the same line.
ADSL – download speed is different from upload speed
LAN
Group of computers or servers which are situated in same building or in close proximity to each other.
WAN – Wide Area Netwrok
Network that spans across wide geographical area.
PPTP – Point to Pint Tunneling Protocol
Used for creating VPNs
Ensures data transfer is secure by creating a secure tunnel
VPN – Virtual Private Network
A private communications network that uses a public network to establish a remote connection.
Encrypts data when sending and decrypts data when receiving
provides a dedicated link between two points over the internet.
VPN Concentrator: device used to create VPN connection
VPN – Site to Site: two offices in different Geo region and want to share data over internet
VPN – Host to Site : you are at home and need to connect the office
VPN – Host to Host: connect two devices over internet – no special device needed,SW should do.
Kerberos Authentication:
Authenticates using tickets
A client first authenticates itself by the kerberos server. after which it is given a ticket, which it uses to access network resources.
Cloud Computing:
refers to data and applications being stored and run on a remote servers rather than being on your local computer.
IAAS
infrastructure as a service
3rd party manages the hardware for your business, such as servers, networking and storage
you will have control over the software, such as applications, OS, data
PAAS
Platform as a service
Not only manages the hardware, but also the OS
You are only responsible for the application and the data
SAAS
Software as a service
All the applicationre hosted by 3rd party
no application or data to manage
NAS:
When you want all your data to be stored on a central device connected by a network and can be accessed by other devices on your network.
Will have multiple hard drives in RAID configuration for redundancy
SAN
Storage Area Network
A special, high speed network that stores and provides access to large amounts of data
servers access this data as a local attached hard drive
Not limited or owned by a single server.
Easily expandable and very redundant. All data is shared among several disk arrays.
High speed network
VLAN:
Logically creates several virtual networks to separate network broadcast traffic.
Intranet
private network that belongs to an organization.
QoS
this is a term that is used to provide a guarantee of data delivery within a certain period of time.
Port Blocking
Done on the firewall and as a network administrator, you can control which ports to block.
High Availability
term used to guarantee a period of uptime of continual operation
Server clustering
when a group of servers work together for load balancing and fault tolerance
IPSec:
Internet Protocol security
set of protocol for security which operate at network layer.
encrypts the data when communication is happening between two computers
both sender and receiver must share a public key, which is used to lock and unlock the data as it travels. It prevents data tampering
Transport Mode: Only the message portion is encrypted
Tunnel Mode: entire packet is encrypted
L2TP : Layer 2 Tunneling Protocol
Authenticates both the computer and the user, using a certificate.
prevents man in the middle attack.
SSL – Secure Socket layer
uses public key encryption to secure data
Authenticates the server, the client and it encrypts the data
TLS – transport layer security
Successor to SSL
Made up of 2 layers:
TLS Record protocol:
provides connection security by making sure the connection is private and reliable
TLS handshake protocol:
Allows the server and client to authenticate each other and negotiate an encryption algorithm and cryptographic keys before data is sent.
802.1x
used for wired and wireless networks
controls network access by ports
port based authentication
Router Security:
WEP : Wired Equivalent Privacy
provides security for wireless networks
uses 40 bit encryption keys
WPA – Wifi Protected Access
better than WEP
uses stronger encryption method by using TKIP – Temporal Key Integrity Protocol.- dynamically changes keys as it is being used.Thus, ensures data integrity.
Uses EAP – Extensible Authentication Protocol – which verifies authorized network users
WPA2
stronger than WPA
uses CCMP for encryption
DMZ – Demilitarized zone:
Allows a designated computer to be fully exposed to the internet.
does this by router forwarding all ports to this computer, at the same time.
It is outside the firewall
Typically used for testing purpose
Must(should) be assigned a static IP address
Port Forwarding
forward the request to specific IP address based on the port
Network Utility
Ping: Network connectivity between two devices
can also be used to test name resolution issue. e.g. ping yahoo.com
pathping: shows the details of the path a data packets takes between two devices
combines the functionality of ping and tracert
ARP PING
if you want to check the device connectivity, but are blocked by firewall, then uses ARP Ping.
It only used in LAN and are not blocked by firewalls
Tracert: traceroute
find the exact path the data packet is taking to its destination
tracert <ip address>
ARP – Address Resolution Protocol
resolves IP to MAC addresses.
arp -a -> check arp cache
Netstat utility
displays the current network connections to your computer
netstat -a
also displays which ports are opened and listening for connection
nslookup -> windows, dig->unix
used to lookup dns information
nslookup yahoo.com
Public vs Private IP Address:
A public IP address is the address that can be accessed over the internet. It is a globally unique ip address assigned to a computing device.
Private ip address on the other hand is used to assign computers within your private space without letting them directly expose to the internet.
Internet Assigned Numbers Authority is the organization responsible for registering IP address ranges to organizations and Internet Service Providers (ISPs).
The following IP blocks are reserved for private use:
A – 10.0.0.0 – 10.255.255.255
B – 172.16.0.0 – 172.16.255.255
C – 192.168.0.0 – 192.168.255.255
The devices residing outside of your LAN cannot directly communicate via the private IP addresses, but uses your router’s public IP address to communicate. To allow direct access to a local device which is assigned a private ip address, a NAT should be used.
Broadcast Domain:
Broadcast means we send something that everyone receives
Switches will forward the broadcast traffic on all their interfaces except for the one on which they received it.
ARP uses broadcast. it’s destination address is 255.255.255.255
Routers unlike switches do not forward broadcast traffic
MTU – Maximum transmission unit – maximum size of single data unit that can be transmissted over a network.
My internet connection speed is slow. How do i troubleshoot?
1. Check your router settings , esp the MTU
2. Avoid wireless signal interference – reposition your router
3. Malware could be the issue as well
4. Stop background program that hog bandwidth
5. Make sure your router and other networking equipment is working
6. call your isp
7. check your speed and your plan
8. run a speedtest on speedtest.net
9. reset your modem and router
Pointer records are used to map a network interface (IP) to a host name. These are primarily used for reverse DNS.
Good Reference: CompTIA Network+ course on youtube
