Are you looking for job as a network engineer/network administrator? Or are you thinking about leaving your current position for a new job as a network engineer/administrator with a new company in a LAN Switching environment?
If you answered yes to either of those questions, then this article is for you! Any of the described technologies and questions included here may be asked of you during an interview.
Network Engineer/Administrator (Data-LAN) is a higher-level position, often with a “junior” or “senior” prefix. The major responsibility of a Network Engineer is to design and implement both the hardware and software technologies needed for a LAN while a Network Administrator is responsible for managing existing networks rather than designing networks from scratch.
Both play a very challenging role in a LAN environment, including customization of the network as per the organization’s needs, such as adding software and hardware, performance monitoring, troubleshooting, logging errors, backing up and restoring data, assigning permissions to users, and helping users with LAN issues.
Before facing any Interview for a LAN Switching position, make sure that you have enough knowledge on the technologies below:
General Network Concepts:
- Data communication and transmission techniques
- Fundamentals of OSI and TCP/IP model
- Basic operations of a switch (startup, NVRAM, flash/IOS backup & recovery)
IP Addressing & Summarization:
- IP address classes
- Classful and classless IP addresses
- IP subnetting
- Understating wild card masks
- CIDR, FLSM, and VLSM
- IPv6 fundamentals
Basics of Routing
- Basic requirements of VLANs
- VLAN Database
- Normal/Extended VLAN, voice VLAN
- Inter-VLAN routing
- Switch Virtual Interface (SVI)
Implement and Troubleshoot Trunking
- Trunk encapsulations
- DTP (Dynamic Trunking Protocol)
- Native VLAN
- Manual VLAN pruning
VLAN Trunking Protocol
- Requirement and functionalities of VTP
- VTP modes/versions
- VTP revision number
- VTP pruning
- VTP authentication
Spanning Tree Protocol
- Needs of STP
- Switch priority, port priority, path cost, STP timers
- PVST and PVST+
- RSTP and RPVST
- Multi-Spanning Tree (MST)
- Spanning Tree Enhancements (PortFast, UplinkFast, BackboneFast, etc.)
Implement and Troubleshoot Ether-channel
- LACP, PAgP, manual
- Layer 2, layer 3
- Ether-channel Load-balancing
- Ether-channel misconfiguration guard
First Hop Redundancy
- Hot Standby Routing Protocol (HSRP)
- Virtual Routing Redundancy Protocol (VRRP)
- Gateway Load Balancing Protocol (GLBP)
- QoS Models and Tools
- Layer 2 queues
Layer 2 Network Security
- DHCP Snooping
- Dynamic ARP Inspection (DAI)
- BPDU Guard, BPDU Filter, Root Guard, Loop Guard, UDLD
- AAA server
- VLAN Access-Maps
- Private VLANs
- Storm Control
- IP Source Guard
- System Management (VTY, Telnet, HTTP, SSH, FTP, TFTP)
- SNMP, Syslog
- DHCP client, IOS DHCP server, DHCP relay
Top Interview Questions for a Network Engineer/Network Administrator (Data – LAN) Position
All of the questions below are very common and must be prepared for before facing any interview for the data-LAN environment.
Q: What is Ethernet? Define the different types of Ethernet.
A: Ethernet is a physical and data link layer LAN technology for connecting a number of computer systems with network protocols.
The Ethernet system called 10BASE-T provides transmission speeds of up to 10 Mbps. Devices are connected to the cable and compete for access using a Carrier Sense Multiple Access with Collision Detection (CSMA/CD) protocol.
Fast Ethernet or 100BASE-T provides transmission speeds of up to 100 megabits per second and is typically used for LAN backbone systems. Gigabit Ethernet provides an even higher level of backbone support at 1,000 megabits per second (1 gigabits per second).
Q: What do broadcast and collision domains mean?
A: A broadcast domain is a logical boundary of a computer network, in which all nodes can reach each other by broadcast in a LAN environment.
A collision domain is a section of a network where data packets can collide with one another when being sent on a shared medium.
Only one device in the collision domain may transmit at one time, and the other devices in the domain listen to the network in order to avoid data collisions.
Q: What are the basic differences between a hub and a switch?
A: Both hubs and switches are centralised devices that connect multiple network devices over LAN but their functionalities are different. Hubs operate at layer 1 whereas switches operate at layer 2. Hubs support half duplex transmission while switches support full duplex. There is one broadcast and collision domain in a hub, but a switch has one broadcast plus as many collision domains as the number of switch ports.
A hub operates at Ethernet but switches operate at Fast-Ethernet/Gig-Ethernet.
Q: What is a switch? What is the difference between manageable and unmanageable switches?
A: A switch is a multi-port network bridge used to connect multiple network devices over the same geographical location. It processes and forwards data at the data link layer (layer 2) of the OSI model.
Unmanaged switches have no configuration interface or options. They are typically used in small offices or home environments.
A managed network switch is configurable and provides the control to manage Spanning Tree Protocol, Port Speed, VLANS, etc. They provide a serial console and command-line access via telnet and SSH, as well as management via SNMP.
Q: What is VLAN and why is it used?
A: A VLAN (Virtual LAN) is a logical broadcast domain which allows a network administrator to create groups of logically networked devices based on functions, departments, or projects. The basic reason for splitting a network into VLANs is to reduce congestion on a large LAN.
The primary benefits of using VLANs are:
- Cost reduction
- High performance
- Broadcast storm mitigation
- Improved IT staff efficiency
- Simple project or application management
Q: What is a native VLAN?
A: A native VLAN is an untagged VLAN on an 802.1q trunked switch port. If a switch receives untagged frames on a trunk port, they are assumed to be part of the VLAN that are designated on the same switch port as the native VLAN. Frames that pass through a switch port on the native VLAN are not tagged.
Q: What is VLAN pruning?
A: By default, a trunk port allows all VLANs through the trunk; all switches in the network receive all broadcasts, even in situations in which few users are connected to that VLAN. Pruning is a method to prevent flooding across the network from unnecessary traffic.
Q: Define the role of access and trunk ports.
A: A Switch port plays two common roles as access and trunk.
Access Port: Carries single VLAN traffic. Mostly used to connect end devices (routers, IP phones, printers, desktops, etc.)
Trunk Port: Transports multi-VLAN traffic. Mostly used between switches configured with multiple VLANs.
Q: Why do we use VTP and what is the transparent mode in VTP?
A: VTP is a Cisco proprietary switching technology, used for VLAN database replication in a switching environment. VTP has four modes: server, client, transparent and off. VLANs created on a VTP server synchronises with VTP clients automatically.
The VTP configuration has a revision number which will increase when you make a change on a VLAN database.
VTP Transparent switches forwards VTP advertisements (server to client, client to client) but will not synchronize itself. It manages its own VLAN database, which will not be shared with any other switch.
Q: What is Spanning Tree Protocol and root bridge election?
A: Spanning Tree Protocol (STP) is one of the most important switching technologies to eliminate layer 2 switching loops. The root bridge serves as an administrative point for all spanning-tree calculations to determine which redundant links to block.
All switches send BPDUs (Bridge Protocol Data Unit) every 2 seconds from its ports which contain bridge-id, bridge-mac, cost, port-priority, etc.
For root bridge selection, STP prefers lowest bridge-priority if there is a tie in priority, then the lowest MAC address will determine which bridge becomes the root. Lower priority is preferred compared to a higher. The default bridge priority is 32768 and you can set it in multiples of 4096.
Q: What is the difference between PVST, PVST+ and RPVST?
A: Per VLAN Spanning Tree (PVST) is a Cisco proprietary technology used to configure a separate spanning tree instance for each VLAN. It supports ISL trunking encapsulation whereas PVST+ supports Dot1Q trunking encapsulation.
Rapid PVST (RPVST) works the same as PVST, but their main difference is fast convergence. RPVST skips the listening state during the transition.
Q: Give a reason for selecting MST rather than PVST.
A: The main reason for selecting MST rather than PVST/STP is the number of different VLANs involved. With 30 to 40 VLANs you can use PVST without any concerns.
However, if there are 40 VLANs in a switch, it has to maintain 40 spanning tree databases (a separate database for each VLAN) and if you decide to use MST, you need to provision some instances (logical grouping of VLANs).
Let’s say you configure two instances, each with 20 VLANs. The switch has to maintain only two spanning tree databases (a separate database for each instance) then.
Q: What is EtherChannel and is it possible to achieve load balancing using EtherChannels?
A: EtherChannel is a LAN port aggregation technology which allows grouping of several physical Ethernet links to create one logical Ethernet link for the purpose of providing fault-tolerance and high-speed links between switches, routers and servers.
Yes, EtherChannel supports load balancing on the basis of predefined hash algorithms but you cannot control the port that a particular flow uses.
The hash algorithm cannot be configured or changed to load balance the traffic among the ports in an EtherChannel.
Main hash algorithms are src_ip_addr | dest_ip_addr | src_mac_addr | dest_mac_addr | src_port | dest_port} [dest_ip_addr | dest_mac_addr | dest_port.
Q: What is DHCP, DHCP relay, and DHCP snooping?
A: Dynamic Host Configuration Protocol (DHCP) is a network protocol that automatically assigns IP addresses to hosts with other related configuration information such as the subnet mask and default gateway.
DHCP Relay is just a proxy that is able to receive a DHCP request and resend it to the real DHCP server. It means a DHCP server is installed at a remote location and your LAN gateway is acting as a DHCP relay agent (proving the information of DHCP server using “ip helper address” command).
DHCP snooping is a security mechanism which enables you to configure a switch port connected to a DHCP server as a trusted port. The trusted port is responsible for the reply DHCP requests. DHCP snooping is the best solution to prevent man-in-the-middle DHCP attacks.
Q: What are the basic differences between HSRP and VRRP?
A: Both HSRP and VRRP are high availability protocols that provide first hop redundancy.
- Cisco proprietary
- 1 Active + 1 standby router and 1 or more listening routers
- Uses separate virtual IP addresses as gateway
- Hello timer is 3 seconds and hold-down timer is 10 seconds
- Preempt is disabled by default
- Multicast at 220.127.116.11 (ver1), multicast at 18.104.22.168 (ver2). Both versions use UDP port 1985
- HSRP (v2) supports IPv6
- Open standard (IETF)
- 1 master and 1 or more backup routers
- Physical IP address can be used for Virtual IP
- Hello timer is 1 second and hold-down timer is 3 seconds
- Preempt is enabled by default
- Multicast at 22.214.171.124 – IP 112
- VRRP does not support IPv6
The questions above are very tricky and important from the standpoint of clearing any interview for a network engineer/administrator LAN Switching position. It is not possible for anyone to list every possible question, but you can get more frequently asked interview questions for LAN Switching Jobs from the download link posted here. If you find any difficulty in answering any questions, then you can write me @ the Comments section.
Tips for Preparing for an Interview
- Study: Before an interview, do a quick recap of relevant technologies.
- Update resume: Read your resume through; don’t copy and paste anything in it. You must be aware of your strengths and weaknesses.
- Prepare professional certifications: One of the best ways to prove the technical skills mentioned in your resume is through certifications. This gives a new employer an easy way to understand your knowledge level.
- Update LinkedIn profile: Update your LinkedIn profile regularly; make sure that your work experience, qualifications, and project details match your resume.
This article is the output of my extensive research and work experience. With this article, I hope to help candidates in preparing for an interview for a network engineer/network administrator position in a LAN Switching environment.
Don’t forget to post your queries and feedback in the comments section. You can also join our Facebook group, http://www.facebook.com/intenseschool, to get updates on new posts and technologies.