A candidate recently completed this test and here are his answers...what do you think
1) When a user sitting at a workstation enters a URL into their web browser, what is happening behind the scenes, from a network perspective? Describe in as much detail as you feel is relevant to this position.
- •1. Ex (www.google.ca) , a query is made to the dns server configured on the workstation to determine the ip address of the site. (udp connection, arp request if the dns server is on the same server , packet sent to the gateway if its on another subnet)
- •2. Once the ip address has been received, an attempt to reach the ip address is made. The first packet is sent to the local gateway which route the packet onto the internet and then to the website. In this whole process, nat translation occurs (from private ip to public and the other way around as well ). The most predominant routing protocol on the internet is BGP
- •3. Once the connection to the web server has been made , the web server confirms that the port requested is opened and send an acknowledgement back to the originating ip. The destination port depends on the url, 80 for http , 443 for https and so on. The originating port is a dynamic port from 49152 to 65535
- •4. Once the tcp connection has been established transfer of the page begin, tcp has many features to ensure that the page has been transferred (acknowledgments , windowing, it’s a connection oriented protocol)
- •5. Once the page has been transferred the connection closes and the user can see the page.
2) Imagine that you are given the task of setting up a network from scratch, for a small branch office, where there will be 30 users. Some are developers, some are accounting staff, a couple of them are HR. There are no network administrators at this location. What would be a good design for the network at this office? What servers would you require? How many switches, and of what type? How much bandwidth would you suggest giving them? Justify your answers. Also, please provide a small sketch of the network topology that you would recommend.
- •1. The ideal network will be composed of :
- •- two 48 ports gigabits switches , that will be enough for the 30 users . Both switches will be interconnected via a trunk. Each switch will have vlan configured ( vlan 3110 for developers , vlan 3120 for accounting, vlan 3130 for hr) . The switches will be running stp and hsrp for redundancy
- •- a dhcp and dns server configured with the vlans and ip pools users in a specific vlan should have a different set of ip
- •- additional servers should be connected with etherchannel to both switches to offer increased bandwitch and redundancy
- •- 2 firewalls set up with failover will provide acces to the internet as well as management for the access lists ..who can access what and where.
2. Schema
- •à represent Ethernet connections
ISP Modem/ Fiber Optic •à Firewall 1 ( Firewall2 as a standby)
Firewall 1 and 2 •à switch 1 and switch 2
Switch1 •à switch2 (with an etherchannel, trunk, hrsp , switch 1 being active and switch 2 standby)
PC •à switch 1
Server •à swich 1 and Same server •à switch 2 ( depending on the device this may work or not) rstp and etherchannel running
The pc will not automatic get connected to the network as they have only one physical connection , in case of failure of switch1 move the cables in switch 2
The server should remain connected if well configured as they already have a connection to switch 2
3) Please list five command-line utilities that you consider absolutely essential for managing a network of Linux or UNIX servers (from a network perspective, i.e.: for troubleshooting network issues, etc). Please explain why you choose each command.
1. Ping : crucial in any network environment to verify connectivity ,
2. ifconfig : to configure the interfaces with the proper ip address , netmask and gateway
3. traceroute : to troubleshoot routing issues , in case of unreachable networks this is essential in determining where the issue is on the network level
4. service : to stop /start/view status of any . Linux has an embedded firewall , iptables might be causing isses because the connection is not allowed
5. telnet : to verify connectivity on the port level… valid for tcp , not valid for udp connections
4) Describe the last project you worked on. What were some obstacles, and how did you overcome them? What, if anything, would you do differently the next time you have to do the same thing?
- •1. The last project I worked on is migrating as/400 from a sprint mpls cloud to a verizon mpls cloud. I completed the configuration of the router which included having the router in the proper vrf for sprint , established an gre tunnel (ipsec and isakmp stages) and running bgp on the router as well. There That was a very technical project, I had network engineers assistance from sprint and us customs , even though it was highly technical, there were no majors obstacles, I knew the tools used in establishing the connection and I had the assistance of competent engineers.
- •2. The most single thing that I am proud of is establishing my very 1st vpn tunnel from a branch in Champlain, NY to our head office… at that time I barely knew what was a router and how the addressing work. I single handle the connection of the branch to the isp , configured the pix. Failed multiple times at creating the proper access-list , the nat process , the keys , the ipsec and isakmp policies Phase I and II of the vpn tunnel , basically everything I could have done wrong I did it , and after 3 days of searching and reading I finally established the tunnel and traffic was going through. From that day I have the confidence that with dedication and hard work anything is achievable.
5) On a UNIX system, how would you find all commands that are exactly two characters in length?
- •1. I do not know the answer on a technical level
- •2. on a practical level, assuming the unix system has internet connectivity I will google it, as I tested it there are multiple pages that already have the full list of unix commands. I will then copy all the commands in a text file, and delete any line that has more than two characters. If the list is too long I will write a vbscript that goes through the text file and delete any line with more than 2 characters.
6) What's the difference between programming and scripting? What scripting languages, if any, are you familiar with? What is your favorite? Why?
- •1. Programming is mostly done with visual studio with languages such as java and c++. There is the use of classes, functions and very often have gui associated with them… ex word is program that has millions lines of c++ code in it.
- •2. Scripting often is used to accomplish certain task , ex set the proxy on a windows machine , start certain services at startup , clean up files , move files .
- •3. I have coded in java and c++, I understand the code, variables , functions , classes and so on. I have also used scripting with bash but on a vary rare basis.
- •4. My favorite one so far is Visual basic , even though not as robust and manageable as c++ I find it more user friendly. As for scripting , I have not used extensively enough to make a sound comment about it
7) Imagine that you have a large office network, with roughly 500 users, dozens of switches, and multiple VLANs, spread throughout a large building. What should you do with the spanning-tree protocol, if anything? Should you change default values on any of the switches? Under what circumstances would you do so, or avoid doing so, and why?
- change spanning tree to rapid spanning tree and try as much as possible to have all the switches running rstp
- manually elect the root bridge. The election on stp is based on the mac address which very ofter is a bad choice when looking at the network topoly. The engineer should elect the root bridge by setting the bridge priority
- the default times for stp are usually well set already, very rarely there is a need to change the timers
- look for disabled ports to identify loops and correct them
