Networking Fundamentals

These questions test your understanding of the basic building blocks of networking.

• What is a computer network?

o Define the OSI and TCP/IP models and explain the function of each layer (especially
the first four).

• What is the difference between a Hub, a Switch, and a Router?

• Explain the difference between a Collision Domain and a Broadcast Domain.

• What is a MAC Address and what is an IP Address?

o Where does each address operate in the OSI model?

• What is a Subnet Mask and why is Subnetting important?

• Explain the difference between IPv4 and IPv6.

• What are the different types of network topologies (e.g., Star, Mesh, Bus)?

• What is the difference between LAN, MAN, and WAN?

🗠 Protocols and Services (TCP/IP)

These focus on the rules and services that make the internet work.

• What is the difference between TCP and UDP?

o Give examples of protocols that use each.

• Explain the TCP Three-Way Handshake.

• What is the function of the ARP (Address Resolution Protocol)?

• What is DHCP and how does it work?

• What is DNS and what is its role in network communication?

• What is NAT (Network Address Translation) and why is it used?

• Explain what a Port Number is.

o Name the default port numbers for common protocols like HTTP, HTTPS, FTP, and
SSH.

• What is a Default Gateway?

Routing, Switching, and Security Basics

These look at how you manage traffic and protect the network.

• What is the purpose of a VLAN (Virtual Local Area Network)?

 o How is traffic from multiple VLANs sent over a single link (Trunking/802.1Q)?

• Differentiate between Static and Dynamic Routing.

o Name a common Interior Gateway Protocol (IGP) and Exterior Gateway Protocol
(EGP).

• What is the role of the Spanning Tree Protocol (STP)?

• What is a Firewall and how does it protect a network?

• What is an ACL (Access Control List)?

• What is a VPN (Virtual Private Network)?

Practical & Troubleshooting

Interviewers want to see that you can apply your knowledge.

• Describe the steps you would take to troubleshoot a user who suddenly can't access the
internet.

• What is the purpose of the ping and traceroute (or tracert) commands?

• A user can access a website using its IP address but not its domain name. What is the likely
problem?

• What are the basic modes of operation on a Cisco device (User EXEC, Privileged EXEC,
Global Configuration)? (Often asked if the company uses Cisco equipment).

• What command would you use to check the IP address configuration on a Windows/Linux
machine? (ipconfig or ifconfig/ip a)

Tip for Success

For fresher interviews, it's not enough to just give a definition. You should aim to explain the why.

Instead of just saying: "A router works at Layer 3," say: "A router works at Layer 3 (Network Layer)
because its primary function is to use IP addresses to forward packets between different,
segmented networks, making it the 'brain' that directs traffic across the internet."

Do you want me to generate sample answers for any of these questions, or would you like to focus
on questions for a specific technology like Cisco or Linux networking?
1

A computer network is a system where multiple computing devices are interconnected to share
resources and exchange data.1 These devices (like computers, servers, printers, and phones) are
linked using communication channels (cables or wireless media) and use a set of rules, or protocols,
to communicate with each other.2

Networking Models

The structure and functions of a network are typically described using layered models.3 The two
most prominent models are the OSI Model and the TCP/IP Model.

1. The OSI Model

The Open Systems Interconnection (OSI) model is a conceptual framework used to describe the
function of a networking system.4 It is a seven-layer model that standardizes how different hardware
and software products should interact.5

Focus for Network

Layer Name Function Engineer Freshers (Layers
1-4)

Provides the interface between the applications

Layer
Application users interact with and the network (e.g., web N/A
7
browsers, email clients).

Handles data formatting, encryption, decryption,

Layer
Presentation and compression to ensure data is readable by the N/A
6
receiving application.

Layer Establishes, manages, and terminates connections

Session N/A
5 (sessions) between local and remote applications.

End-to-End Communication. Manages data Critical: Focuses on

Layer segmentation, reassembly, flow control, and error reliability (TCP 3-way
Transport
4 correction. Protocols are TCP (reliable) and UDP handshake) and port
(unreliable). PDU: Segment. numbering.

Logical Addressing & Routing. Responsible for Critical: Focuses on IP

Layer moving packets between different networks using addressing (IPv4/IPv6),
Network
3 IP addresses. Determines the best path for data. routing, and devices like
PDU: Packet. Routers.

Physical Addressing & Frame Handling. Handles

error-free transfer of frames from one node to the Critical: Focuses on MAC
Layer
Data Link next. Uses MAC addresses for local delivery. addresses, switches,
2
Divided into two sublayers: LLC and MAC. PDU: VLANs, and ARP.
Frame.
 Focus for Network
Layer Name Function Engineer Freshers (Layers
1-4)

Media, Signaling, and Encoding. Transmits raw

Important: Focuses on
Layer data bits over a physical medium (cable, fiber, air).
Physical cables, hubs, and signal
1 Defines physical specifications (voltage levels,
characteristics.
cable types). PDU: Bit.

2. The TCP/IP Model

The Transmission Control Protocol/Internet Protocol (TCP/IP) model is a more practical, four-layer
model widely used in current networking, as it directly maps to the protocols used on the Internet.6

OSI Layer Equivalent TCP/IP Layer Function

Application, Combines the top three OSI layers. Handles applications and
Application
Presentation, Session high-level protocols (HTTP, DNS, SMTP).

Same as OSI L4. Provides communication services (TCP for

Transport Transport
reliable connection, UDP for speedy connectionless transfer).

Same as OSI L3. Responsible for logical addressing (IP) and

Network Internet
routing packets across the network.

Combines the bottom two OSI layers. Handles hardware

Network
Data Link, Physical details, physical transmission, and Layer 2 addressing (MAC
Access
addresses).

Function of the First Four OSI Layers

As a network engineer fresher, you must master the details of the lower four layers:

Layer 1: Physical Layer

• Function: Deals with the physical transmission and reception of unstructured raw bits over a
physical communication medium.

• Key Concepts: Cables (Ethernet, Fiber), electrical signals, radio frequencies, hubs, repeaters.

Layer 2: Data Link Layer

• Function: Provides the means to transfer data between network entities and detects and
possibly corrects errors that may occur at the Physical Layer.

• Key Concepts: MAC Addresses (48-bit physical address), Switches (which use the MAC
address table), Frames, VLANs, and protocols like ARP.
Layer 3: Network Layer

• Function: Responsible for routing and logical addressing. It determines the best path for
data (packets) across multiple networks.

• Key Concepts: IP Addresses (IPv4/IPv6), Routers, and routing protocols (e.g., OSPF, EIGRP).

Layer 4: Transport Layer

• Function: Provides a reliable and ordered data delivery service (TCP) or a fast, connectionless
service (UDP) to applications. It also handles port numbers (e.g., Port 80 for HTTP) to
manage multiple application sessions.

• Key Concepts: TCP (Three-Way Handshake, flow control) and UDP (faster, no
acknowledgment).

Networking Devices: Hub, Switch, and Router

These devices operate at different layers of the OSI model and have distinct functions:1

Feature Hub Switch Router

OSI Layer Physical Layer (Layer 1) Data Link Layer (Layer 2) Network Layer (Layer 3)

Repeats signal to all Filters and forwards frames Forwards packets between
Function connected devices based on MAC Addresses different networks based
(broadcasting). (unicasting). on IP Addresses.

"Smart" device; learns MAC Highly "Smart" device; uses

"Dumb" device; doesn't
Intelligence addresses and builds a routing tables to find the
read addresses.
forwarding table. best path.

Each port is a separate Each interface creates a

Creates a single Collision
Domain Collision Domain. Creates a separate Collision Domain
Domain and a single
Impact single Broadcast Domain and a separate Broadcast
Broadcast Domain.
(typically). Domain.

Rarely used today; Connects devices within a Connects different

Use obsolete due to single Local Area Network networks (e.g., your home
inefficiency. (LAN). network to the Internet).

Collision Domain vs. Broadcast Domain

• Collision Domain: A network segment where data packets from multiple devices can collide
if they attempt to transmit simultaneously.2 If a collision occurs, all devices in that domain
must stop and retransmit.3

o Hubs create one large collision domain.

o Switches and Routers create separate collision domains for each port, significantly
reducing collisions.4
 • Broadcast Domain: A logical division of a computer network where all nodes can reach each
other by sending a broadcast message. A broadcast message is sent to all devices within that
domain.

o Switches extend a broadcast domain.

o Routers stop broadcasts. They form the boundary between broadcast domains.

MAC Address and IP Address

Feature MAC Address (Media Access Control) IP Address (Internet Protocol)

Role Physical Address (Hardware address). Logical Address (Software address).

Universally unique, burned into the Network Unique within its network, assigned
Uniqueness
Interface Card (NIC) by the manufacturer. by a network administrator or DHCP.

IPv4: 32-bit dotted-decimal (e.g.,

Format 48-bit hexadecimal (e.g., 00:1A:2B:3C:4D:5E). [Link]). IPv6: 128-bit
hexadecimal.

OSI Layer Data Link Layer (Layer 2) Network Layer (Layer 3)

The MAC address is used for local communication within a single network segment, while the IP
address is used for end-to-end communication across different networks (routing).

Subnet Mask and Subnetting

What is a Subnet Mask?

A Subnet Mask is a 32-bit number (for IPv4) that is used to divide an IP address into two parts: the
Network Address and the Host Address. It essentially tells a device which part of an IP address
identifies the network and which part identifies the specific host on that network.5

• In binary, the bits that are '1' in the subnet mask represent the Network Address portion.6

• The bits that are '0' represent the Host Address portion.7

For example, with the common mask [Link] (or /24), the first three octets identify the
network, and the last octet identifies the host.

Why is Subnetting Important?

Subnetting is the process of dividing a large network into smaller, more efficient subnetworks
(subnets).8 It's important for several reasons:

1. Reduced Broadcast Traffic: Smaller networks mean smaller broadcast domains.9 This reduces
the amount of unnecessary traffic a host receives, improving network performance.10

2. Efficient IP Address Usage: It allows for more efficient allocation of a limited number of IPv4
addresses by reserving the right number of hosts for each sub-network.11
 3. Security and Management: Subnets can logically segment groups (like departments, floors,
or different device types), which enhances security by restricting access and simplifies
network management and troubleshooting.12

IPv4 vs. IPv6

IPv4 (Internet Protocol version 4) and IPv6 (Internet Protocol version 6) are the two versions of the
Internet Protocol used to identify devices and route traffic on the internet.

Feature IPv4 IPv6

Address
32 bits 128 bits
Length

$4.3 \times 10^9$ (approx.

Address $3.4 \times 10^{38}$ unique addresses (virtually
4.3 billion) unique
Space limitless).
addresses.

Decimal numbers
Hexadecimal numbers separated by colons (e.g.,
Format separated by periods (e.g.,
2001:0db8:85a3:0000:0000:8a2e:0370:7334).
[Link]).

Security (IPsec) is optional

Security (IPsec) is built-in and mandatory for the
Security and implemented
protocol suite.
externally.

Uses DHCP for address Supports Stateless Address Autoconfiguration (SLAAC)

Configuration
assignment. in addition to DHCP.

It is being rapidly
depleted, which is the
Necessity Solves the address depletion problem.13
main reason for the
transition to IPv6.

Network Topologies

A network topology is the arrangement of the various elements (links, nodes, etc.) of a computer
network.

Topology Description Advantage Disadvantage

Failure of one
Failure of the central device
Every device connects to a device/cable only affects
Star (hub/switch) brings down the
central hub or switch. that device. Easy to
whole network.
install.
Topology Description Advantage Disadvantage

A break in the main cable

Simple, cost-effective,
All devices are connected to a takes down the entire
Bus and uses the least
single main cable (backbone). network. Difficult to
amount of cable.
troubleshoot.

Every device is connected to

Extremely robust (fault- Very expensive and complex
every other device (Full Mesh)
Mesh tolerant) and provides due to the large amount of
or at least two others (Partial
high redundancy. cabling required.
Mesh).

Devices are connected in a Manages heavy network Failure of one link can break
Ring circular fashion, with data loads well since all nodes the entire ring (unless using a
traveling in one direction. get equal access. dual-ring setup).

A combination of Star and Bus

Easy to extend and If the backbone cable fails,
topologies. Groups of star
Tree manage, offering central the entire network
networks are connected to a
monitoring. connected to it is affected.
central bus.

LAN, MAN, and WAN

These acronyms categorize networks based on their geographical area of coverage:

Network Geographic Typical

Full Name Ownership Example
Type Scope Speed/Latency

Small area: a Home Wi-Fi

Local Area home, office Very high speed, Private (owned by network or an
LAN
Network building, or very low latency. the organization). office Ethernet
campus. network.

A large area: a
city or a large High speed, Shared (often A city-wide
Metropolitan
MAN campus that moderate owned by a public Wi-Fi
Area Network
connects latency. service provider). system.
multiple LANs.

The Internet
A large
Shared (often itself, or a large
geographic area:
Wide Area Slower speed, relies on public corporation
WAN across states,
Network higher latency. telecom connecting its
countries, or
infrastructure). branches
continents.
globally.
 Transport Layer Protocols: TCP vs. UDP

Feature TCP (Transmission Control Protocol) UDP (User Datagram Protocol)

Reliability Reliable (Guaranteed delivery). Unreliable (Best-effort delivery).

Connection-Oriented (Requires a Connectionless (Sends data without pre-

Connection
setup/teardown phase). establishing a link).

Guarantees packets arrive in the correct No guarantee; packets may arrive out of
Ordering
order. order or be dropped.

Flow/Error Yes, handles retransmissions and No, the application layer must handle
Control windowing. errors.

Header
20-60 bytes (larger). 8 bytes (minimal).
Overhead

Where accuracy is critical (e.g., file Where speed is critical (e.g., streaming,
Use Case
transfer, web browsing). gaming, voice/video).

Examples HTTP, HTTPS, FTP, SSH, SMTP DNS, DHCP, SNMP, VoIP, Gaming

TCP Three-Way Handshake

This is the process TCP uses to establish a reliable connection before data transfer:

1. SYN (Synchronize): The client sends a packet with the SYN flag set to the server, proposing a
connection and a starting Sequence Number.

2. SYN-ACK (Synchronize-Acknowledge): The server receives the SYN, sets its own SYN flag,
and sets the ACK flag. The Acknowledgement Number is set to the client's Sequence
Number $+1$. It also sends its own starting Sequence Number.

3. ACK (Acknowledge): The client receives the SYN-ACK and sends a final ACK packet back to
the server. The Acknowledgement Number is set to the server's Sequence Number $+1$.

After this, the full-duplex, reliable connection is established.

Core Network Services (ARP, DHCP, DNS, NAT)

Address Resolution Protocol (ARP)

• Function: ARP is used to map a Layer 3 IP Address to a Layer 2 MAC Address within the same
Local Area Network (LAN).1

• How it works: A device broadcasts an ARP Request containing the target IP address. The
device with that IP address responds with an ARP Reply containing its MAC address. The
requestor then caches this mapping (ARP table).

Dynamic Host Configuration Protocol (DHCP)

 • Function: DHCP automates the assignment of IP address configuration parameters (IP
address, subnet mask, default gateway, DNS server) to devices on a network.

• How it works (DORA process):

1. Discover: Client broadcasts a request for a DHCP server.

2. Offer: DHCP server sends an IP address offer.

3. Request: Client formally requests the offered IP address.

4. Acknowledge: DHCP server sends a final ACK, confirming the lease and configuration
parameters.

Domain Name System (DNS)

• Role: DNS is the "phone book" of the Internet. Its primary role is to translate human-
readable domain names (e.g., [Link]) into machine-readable IP addresses (e.g.,
[Link]).

• Function in communication: When you type a website name, your computer queries a DNS
server to get the IP address, which is necessary for the Network Layer (IP) to route the traffic.

Network Address Translation (NAT)

• Function: NAT is a method used by routers to modify the IP address information in the
header of IP packets while they are in transit.

• Why it's used:

1. Conserve IPv4 Addresses: It allows multiple devices on a private network (using

private IP addresses like $192.168.x.x$) to share a single public IP address when
accessing the Internet. This is known as Port Address Translation (PAT) or NAT
Overload.

2. Security: It hides the internal network's private IP structure from the outside world.

Ports, Gateways, and Defaults

Port Number

• Function: A port number is a 16-bit number (range 0 to 65535) used to identify a specific
process or service running on a host (server or client). It allows a device to direct incoming
data to the correct application (e.g., web server, mail server, etc.).

• It combines with the IP address (e.g., $[Link]:80$) to form a socket, which uniquely
identifies a single connection endpoint.

Protocol Service Default Port

HTTP HyperText Transfer Protocol 80 (TCP)

HTTPS HTTP Secure (uses TLS/SSL) 443 (TCP)

Protocol Service Default Port

FTP File Transfer Protocol 21 (TCP) - Control

SSH Secure Shell 22 (TCP)

Default Gateway

• Function: The default gateway is the IP address of the device (usually a router) that acts as a
bridge between the local network and all other remote networks (including the Internet).

• When a device needs to send a packet to an IP address outside its own local network, it
forwards the packet to the Default Gateway.

Routing, Switching, and Security Basics

Virtual Local Area Network (VLAN)

• Purpose: A VLAN is a logical grouping of network devices that allows a single physical switch
to be segmented into multiple virtual switches. This is used for:

1. Traffic Segmentation: Separating departments (e.g., HR, IT) to reduce broadcast

traffic.

2. Security: Isolating sensitive devices or users from the rest of the network.

VLAN Trunking (802.1Q)

• Trunking allows a single physical link (the trunk) between switches (or a switch and a router)
to carry traffic for multiple VLANs.

• 802.1Q is the IEEE standard for trunking. It works by inserting a 4-byte tag into the Ethernet
frame header. This tag contains the VLAN ID (VID), which the receiving switch uses to
determine which VLAN the packet belongs to.

Static vs. Dynamic Routing

• Static Routing: Routes are manually configured by a network administrator.

o Pro: Simple, very secure, low overhead.

o Con: Not scalable, cannot adapt to network changes/failures automatically.

• Dynamic Routing: Routers use Routing Protocols to automatically discover and calculate the
best paths to all networks.

o Pro: Scalable, automatically adapts to topology changes, requires less manual

intervention.

o Con: More complex to configure, uses bandwidth for route updates.

•
Protocol Type Protocol Name

Interior Gateway Protocol (IGP) OSPF (Open Shortest Path First) or EIGRP/RIP

Exterior Gateway Protocol (EGP) BGP (Border Gateway Protocol)

Spanning Tree Protocol (STP)

• Role: STP is a Layer 2 protocol that prevents switching loops in a network with redundant
links.2

• It works by detecting loops and strategically placing certain switch ports into a blocking
state. If the primary active link fails, STP recalculates and unblocks the redundant link to
restore connectivity (a process called convergence).

Firewall and ACL

• Firewall: A security system that monitors and controls incoming and outgoing network traffic
based on predefined security rules. It typically operates at Layer 3/4.

o Role: Acts as a gatekeeper, filtering traffic based on IP addresses, port numbers, and
sometimes application data, protecting the internal network from external threats.

• Access Control List (ACL): A sequential list of permit or deny statements (rules) applied to
network traffic on a router or switch.

o Role: ACLs are the rule sets used to implement packet filtering, often configured on
a router to act as a basic firewall or to control routing updates.

Virtual Private Network (VPN)

• Function: A VPN creates a secure, encrypted tunnel over an insecure network (like the
Internet).

• Role: It allows remote users to securely access a private network as if they were physically
present on the local network.

Practical & Troubleshooting

Troubleshooting Steps (User Can't Access Internet)

1. Check Physical Connection (Layer 1): Is the cable plugged in? Are the link lights on? (If Wi-Fi,
is it connected to the correct network?)

2. Check IP Configuration (Layer 3):

o Run ipconfig (Windows) or ip a (Linux) to check for a valid IP address, Subnet Mask,
and Default Gateway.

o If the IP starts with 169.254.x.x (APIPA), it indicates the device failed to get an
address from the DHCP server.

3. Verify Local Connectivity (Layer 3/2):

 o Ping the Default Gateway. If this fails, the issue is on the local segment (cable, NIC,
or switch/router port).

4. Verify Remote Connectivity (Layer 3):

o Ping a reliable public IP address (e.g., $[Link]$ for Google's DNS). If this fails, the
router or ISP is the likely issue.

5. Verify DNS (Application Layer):

o If $[Link]$ works, but a domain name fails, move to the next step.

Purpose of Ping and Traceroute

• Ping: Uses ICMP (Internet Control Message Protocol) to test connectivity and response time
(latency) between two hosts. It checks if a destination is reachable.

• Traceroute (or tracert on Windows): Uses ICMP and the Time-To-Live (TTL) field to map the
path (the sequence of routers or "hops") a packet takes to reach a destination. It's used to
identify exactly where a connection is failing or where excessive latency begins.3

IP Address Works, Domain Name Fails

• Likely Problem: The DNS server is unavailable or incorrectly configured.4

• The fact that the IP address works confirms the client has a valid IP, Default Gateway, and
Layer 3 connectivity to the target network. The failure of the domain name indicates that the
client cannot successfully translate the domain name into that working IP address.

• Troubleshooting Tool: Use the nslookup or dig command to manually query the configured
DNS server.

Cisco Device Modes of Operation

Mode Prompt Purpose

User EXEC Router> Basic monitoring commands; no configuration changes.

All monitoring commands (show commands), file management,

Privileged EXEC Router#
and diagnostics. Use enable to enter.

Global Used to make configuration changes that affect the entire

Router(config)#
Configuration device. Use configure terminal to enter.

Command to Check IP Address Configuration

• Windows: ipconfig

• Linux/macOS: ip a (preferred and modern) or ifconfig (older