Cisco 350-401 How to deal with various network interview questions?
The interview asked "the server is not responding" when the client accesses the server, how to troubleshoot the problem. How should such questions be answered?
Whether interviewing programmers or network engineers, this interview question is universal, there is no standard answer, the only difference is the depth and breadth of the answer.
Junior engineer
As an entry-level engineer, you should ping the domain name of this website. If you can ping, the domain name resolution is successful and the network connectivity to the server is good.
If there is no ping, what is the IP to check the domain name resolution? If the domain name resolution does not work, ping the name server. If the ping fails, you need to ping your own gateway.
The gateway cannot be pinged, and you need to ping your own IP. If Ping 127.0.0.1 fails to connect, the TCP / IP protocol stack is faulty, or the local firewall is not working properly.
If Ping can ping itself, but cannot ping the gateway, then the gateway may be down, or the network cable may be loose, or the gateway may be filtering out your blacklist.
This toss, 80% probability can locate what the problem is.
mid-level engineer
If you cannot locate the problem in the above troubleshooting, you already know how to use packet capture software to troubleshoot, but also learn how to configure filters to filter out the traffic of interest.
See if the three-way handshake can be successfully established, and whether the fields in the TCP Option, especially the size of the MSS, cause a communication failure due to the MSS being too large. Try to modify the MSS as small as 1380 or less to see the effect. If it can be repaired, it is caused by MSS.
If there are only outgoing packets and no returned packets, it means that the packets sent may be filtered by the firewall, or the returned packets may be filtered. Where exactly is filtered out, you can use the IP of the traceroute server to locate it.
Of course, it is also possible that the local IP is blackened by the server. This situation also exists. The server uses an intelligent algorithm to detect that the local IP has attempted to maliciously attack the server, so it is blackened.
Senior engineer
What I want is asymmetric routing, stateful firewall, and the firewall states are not synchronized.
Still wondering whether the IP obtained by DNS domain name resolution is the IP of the real server or is it polluted? Will try to use the scientific method of Internet access, use an international name server to resolve, and try to connect to the server. If the scientific Internet can be connected, then it can be concluded that the domain name resolution may be polluted, or the server may be hacked by a large firewall.
Is there no intersection between the client's TLS version and the server's version?
There are still many possibilities, so I won't list them one by one. The above corresponds to the skills list of three levels of engineers. You can compare and see what knowledge level you are in.
The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps and CCNP Written dumps waiting for you.
Comments
Post a Comment