Register Now


Lost Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

Network Engineer L1 Interview Question and Answers

1. What is a network?

Ans: A network is a group of nodes or devices which are connected to each other interms of some media.

Here media refers to network cable, wifi etc.

Two computers connected with one cable refers to network.

Group of devices connected to wifi refers to network.

2. What are different types of network?

There are many types of networks, here we will discuss about some of the most important networks:

Here is the list: LAN, WAN, WLAN, PAN, VPN and VLAN

LAN: LAN refers to local area network whose range is limited to small area, could be room, building etc

Example: Your office network which have multiple desktop machines connected to same switch

WAN: WAN refers to wide area network, it covers large geographical area connecting multiple countries.

Example: For example i am in india, i will contact DNS server which is “” could be hosted in some where in USA. I need to reach another country to get the DNS resolution. This network refers to wide area network where communication actually happening over the wide geographical area.

WLAN: WLAN refers to wireless local area network. It is group of networking devices connected through wireless connection.

Example: In your home multiple devices will be connecting to wifi, this is simple example of wireless LAN network.

PAN: PAN refers to personal area network. It means network is made by single person which can cover less distance.

Example: Network coming from mobile hotspot refers to personal area network.

VPN: VPN refers to virtual private network. Lets say there are branches for one company

One branch network is “”

Other branch network is “”

If the communication between both branches should happen securely using private IP address then we need to configure VPN between two branches.

We can call VPN as, connection two private networks over internet securely.

Example: IPSEC VPN connection between cisco and fortigate firewall

VLAN: VLAN refers to virtual LAN network. It means virtually segregating one LAN to multiple LAN’s.

For example consider there is a switch which is holding “”, you would like to segregate that switch to multiple parts for security purpose. You can add some ports to one VLAN and configure one network to that ports and you can configure rest of the ports to another VLAN and configure different subnet.

So that PCs connected to one VLAN cannot contact other PC connected to another VLAN.

3. What is network cabling?

Network cables means cord that made up of different type of conductors which are used to connect multiple networking devices to pass the data.

In order to chose networking cable, you have to consider some aspects:

Distance between networking devices

Maximum speed that cable supports

Type of coating of the cable

Type of braiding, shielding, and/or sheath

4.What are different types of cables used in networking?

These are the types of cables used in networking:

Coaxial cable: This cable contains a conductor, insulator, braiding and sheath. The sheath covers braiding, the braiding covers insulation and insulation covers conductor.

Sheath means the outer layer of the coaxial cable. It will protect cable from physical damage.

Braided shield protects cables from external interference and noise. This shield will be built from the same metal as core.

Insulation protects the core. It acts as barrier and seperates core from the braided shield. Both core and braided shield will use same component, so there should be this material to seperate both.

Conductor carries electro magnetic waves. Based on the type of conductor, it categorized into two types:
Single core coaxial cable

Multi core coaxial cable

Single core coaxial cable uses a single central metal conductor, while multi coaxial cable uses multiple thin strands of metal wires.

Twisted Pair Cables:

This cable is also known as Ethernet cable.  Almost every networking device will use this type of cable.

This cable consists of insulated copper wires. Two wires twisted around each other to form pairs. Ideally there will be four pairs of cables.

In unshielded twisted pair cable all four pairs are wrapped in single plastic sheath.

In shielded twisted pair cable individual pair is wrapped with an additional metal shield, then all pairs wrapped in a single outer shealth.

Fiber Optic Cable:

This cable consists of core, cladding, buffer and jacket. It consists of strands of glass fibers inside an insulating case. They are designed for long distance communication, high performance data networking, telecommunication. Compared to other types of cables it provides higher bandwidth and transmit data over long distance.

It carries data in terms of light pulses as signals for communication.

5.What is subnet?

A subnet is a generic term to identify range of IP address. For example “” is a subnet in class C, “” is subnet in class B etc.

6.What is DNS?

DNS refers to domain name system. Ideally this service runs on UDP port 53, but sometimes if application requires to send more than 512 bytes of data, then DNS will use TCP port 53. For example, when DNS zone replication is being done DNS will use TCP to communicate.

Here is the DNS packet flow, lets say if client machine is giving “” URL in machine, first it will check in client machine whether IP address is present for “” in its DNS cache. If its present, it will use that IP address tor reach google server. In case if its not present, client will try to connect to “primary server” mentioned in the DNS settings for resolution of google domain.

In case if “primary server” mentioned in settings is down, client will try to communicate with secondary DNS server to resolve the concerned google domain IP address.

7. Difference between forward lookup and reverse lookup in DNS?

DNS lookup can be performed in two ways forward lookup and reverse lookup.

DNS forward lookup means user will try to get the ip address of webserver by entering hostname whereas in DNS reverse lookup user will try to get the domain name by entering IP address.

8. What is network topology?

Network topology means logical way of representing how the network is connected. There are multiple type of network topologies, now in this answer we will understand some of them:

Bus Topology:

In this type of topology, there will be a large cable called as main cable acting as bus. All the workstation devices connect to that cable. In case if there is any damage happens in the cable, some devices will not be able to communicate with rest of the devices. But the advantage of it is, each station can communicate with other station directly.

Star Topology:

Star topology means hub device will be in the middle and all client devices will connect to hub device. So therefore if any client device want to communicate with other device it must pass through hub. The advantage of this type of topology is management, where we can control all devices using hub. The disadvantage of this topology is if hub device becomes faulty, entire communication will get dropped.

Ring Topology:

In this type of topology all work station devices are connected in a closed loop. It basically lack security, because if some work station want to reach other work station which is connected in closed loop 4 hops away, all the data must transfer through the middle hops. It is lacking security.

Mesh Topology:

Mesh topology refers to topology where each device in a network will connect with all other devices in a network. This topology is very secure, since all devices are connected to other device using P2P links, but  the disadvantage of this topology is number of cables. The more the number of devices the more number of links we should connect. It will become big troublesome in large network.

9.What is frame relay in networking?

Frame relay is a packet switching technology service designed to transmit data from LAN to WAN networks. It basically operates in two layers of OSI model: Physical layer and Data link layer.

Frame relay uses virtual circuit to connect single router to multiple remote sites. In most of the cases, permanent virtual circuits are used i.e,. a fixed network assigned circuit so that users will get uninterrupted line. In some cases switched virtual circuits are also used.

It is basically a fast packet technology based on X.25 protocol. Data is transmitted by encapsulating them in multiple sized frames. Ideally this protocol does not attempt to correct errors, so it is fast. Error correction will be handled by the end points which are responsible for retransmission of dropped frames.

Features of frame relay:
1. Frame relay is a connectionless service.

2. It is a type of service which can provide various speeds for data transfer ranges from 56kbps to 45 Mbps.

3. The frame size can go upto 4096 bytes.

4. It operates on physical data link layer, so it can be easily used over the internet.

5. Frame relay can only detect errors, but there is no flow control mechanism since it operate in data link layer.

6. Frame relay offers reduction of physical loops, because frame uses virtual network for each connection.

7. Frame relay makes use of physical circuit by statistically multiplexing multiple PVC’s over a single physical circuit.

Disadvantages of Frame relay:

1.45 Mbps data transfer speed is not enough for protocol with higher data rates.

2. Allows variable length frames.

3. Not suitable for sending delay sensitive data, for example voice or conferencing.

Frame Relay working:

Frame relay is used to multiplex traffic from multiple connections over a shared physical link. It uses hardware components that includes router frames, bridges and switches to pack data into individual frame relay messages. Each connection uses 10-bit data link identifier for unique channel addressing.

Basically there are two types of connections:

Permanent virtual circuit: This circuit is for persistent connections intended to be maintained for long periods even if data is not actively transferred.

Switched virtual circuit: This is for temporary connections which lasts only one session.

10.What is MAC address:

MAC address is also known as hardware address of the LAN card which is a unique 48 bit identifier for every device LAN card in the world.

Enter this command in your command prompt in windows OS machine “ipconfig/all” which will list your device MAC address.

Each MAC address has six pairs of numbers. The first three pairs help to identify manufacturer and next three number specific to that manufacturer.

For example, lets say this is your MAC address: “38-87-D5-CA-2D-BC”

You can use this link “” and search with firs three pairs “38-87-D5” which gives information about the respective vendor.

You will have many MAC address, you can list by entering this command “ipconfig/all” which represents the number of hardwares that machine has to connect to network.

11. What is IP address?

IP refers to internet protocol. IP address refers to numeric unique address of a device in network. IP is a data gram oriented connection less protocol, for every packet being sent it must have source and destination ip address to transfer data successfully to destination.

There are two IP versions, IPV4 and IPV6


IPV4 refers to four 8 bit binary numbers. Four eight bit numbers seperated by dot. For example consider this IPV4 address “”

Lets split to binary:”11000000.10101000.00001010.00000001″

Basically the IPv4 range is from “” to “” means “00000000.00000000.00000000.00000000” to “11111111.11111111.11111111.11111111”

There are two type of IP address, public IP and Private IP address:

Private IP: Private IP address refers to IP which cannot be routed in the internet, it means if any packet goes to the internet with destination as private IP address, ISP will drop the packet since it cannot route the packet over the internet.

Public IP: Public IP address refers to IP which can be routed in the internet, it means ISP will have that routing information to route the packet.

This range is splitted to classes to use it efficiently:

Class A:

Public IP range:

First octet value is from 1-127

Private IP range in class A:

Class B:

Public IP range:

First octet value is from 128-191

Private IP range in class B:

Class C:

Public IP range:

First octet value is: 192 to 223

Private IP range in class C:

Class D :

Class D IP address are not allocated to hosts and are used for multicasting. Multicasting refers to standard where single host connect to thousands of hosts across the internet at the same time. It is often used for audio and video streaming, such as IP based cable TV networks or for casting mobile screen to TV.


First octet value range: 224-239

Class E:

Class E ip addresses are not allocated to hosts and are not available for general use. These are reserved for research purpose.

First octet value range: 240-255

Special IP range:

IP range: to are network testing address. These are virtual IP address and cannot be assigned to any device. More specifically IP used for troubleshooting network adapter issues.

12. How to find the IP address of website?

In order to find IP address of any website, there are multiple ways, for example if you want to find ip address of “”


Execute this command in windows command prompt: “ping”, in this first line you will get to know the IP address of “” as shown below:


Pinging [] with 32 bytes of data:
Reply from bytes=32 time=239ms TTL=46
Reply from bytes=32 time=251ms TTL=46
Reply from bytes=32 time=252ms TTL=46
Reply from bytes=32 time=253ms TTL=46

Ping statistics for
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 239ms, Maximum = 253ms, Average = 248ms

If you could see in the first line, we can see website ip address “”


Type this command in windows command prompt “nslookup“, in the result you will get to know the IP address of website as shown below:


Non-authoritative answer:
Addresses: 2a02:4780:1:455:0:3b7a:e054:1

From the output, we can understand PC is using global DNS server “” to get the IP address of website which is “


In case if your internal firewall is not allowing DNS packets, then you can login to this website ““, here you can enter “” which will give IP address of “

13. What is difference between bandwidth and speed?

The term bandwidth refers to the maximum data that can be transmitted over a line.

Speed refers to the speed of the data that can be transmitted over a line.

Consider there is a high way with more cars that can accommodate three cars at same time that refers to bandwidth. The speed of car refers to data speed. Ideally bandwidth is the important parameter which needs to be considered when checking speed issues.

Lets say if your ISP download speed is 100 Mbps, you are trying to download 5 GB file. Ideally in google chrome when you download file, it will show in MB format.

So 100 Mbps approximately equals to 12 MBps

If only one person is using that whole internet connection, he will download 12 MBps, in case if more users are using same internet connection bandwidth will be shared.

Lets say if the same file is getting downloaded from 6 other users, so ideally each user will be getting 2MBPS, which is exepcted.

14. What is firewall?

Firewall is a network security device, deployed at the network perimeter to secure the network. Using this device, we can create firewall policies to allow or deny the traffic. Broadly there are three types of firewalls:

Stateless firewall

Statefull firewall

Next generation firewall

Stateless Firewall:

Stateless firewall means device which controls traffic based on the tuples values, for example source ip, destination ip, source port, destination port and protocol. It will not create any sessions in the device, so whenever any packet enters the firewall, it will check these five tuple values and select action corresponding to firewall policy.

To access “” from internal network, it requires two firewall policies to allow the traffic. One is from internal to external and another is from external to internal since firewall will not store session information.

Stateful Firewall:

Stateful firewall will store session information and it will apply action according to the matching firewall policy. For example if internal network need to access “” we should have only one firewall policy to allow the traffic that is from internal to external policy.

Because when the traffic destined to “” is entering the firewall, it will create session information in the firewall. So when the reply packet coming from the “” firewall will check the session information and it does not require any firewall policy for reply packet.

Next Generation Firewall:

Currently companies are using next generation firewalls, which will do application layer analysis and block the packet if any malicious traffic is found.

Here are the key features of next generation firewall:

  1. Web filter: This profile can be used to block unwanted websites and allow only some websites.
  2. Application control: This profile can be used to unwanted applications like proxy, VPN and allows only specific applications which will be useful for company.
  3. Anti virus: Anti virus profile will be used in firewall to block virus related traffic, for example if user is downloading virus file from the malicious website, this profile will detect the virus pattern using this profile and block the packet.
  4. IPS profile: IPS stands for intrusion prevention system. It will be useful to block if there is any attack happening from either to internal to external network or from external to internal network. This IPS feature will work based on the signatures, if the traffic passing through firewall match signature in IPS consider as an attack and corresponding signature action will be applied to the packet.
  5. DNS filter: DNS filter will be used to block DNS requests to resolve malicious websites IP address.
  6. Sand box: Sand box is a feature to prevent zero day attacks. For example if any unknown file passing through firewall, it will be sent to virtual cloud environment for analysis. Based on the result, action will be taken whether to block or allow.

15.What is difference between static IP addressing and dynamic IP addressing?

Static IP addressing means defining IP address manually in the machine.

Dynamic IP address means getting IP address dynamically from server, for example DHCP.

In DHCP process client will request DHCP Server to give the IP address. Client will use that IP address for further communication to the internet or LAN network.

16. What are different transmission modes in networking?

There are three types of transmission modes in networking:

In simplex transmission mode, the communication will always happens in single direction. Sender can only send data and receiver can only receive data. Reverse communication will not happen in this transmission mode.

Half Duplex:

In half duplex transmission mode, communication will happen in both directions. But at a time, it can only happen in one direction.

Lets say two nodes, node A and node B are directly connected to each other. When Node A is sending data to Node B, Node B has to wait till Node A completes data transfer. Only then Node B will initiate data transfer to Node A.

Full Duplex:

In this mode, Both nodes can transfer data at same time. If two nodes, lets say node A and node B connected to P2P link, both can transfer data to each other at same time.

17. What is router?

Router is basically layer3 device which will be used when packet needs to travel from one network to another network.

For example, here is the simple topology:

Client A(—————–(—————-

——Client B (

If there are two machines deployed in two different networks, if they want to communicate with each other there must be layer3 device to forward packets from one network to other network.

When client A wants to ping to client B, first client A should reach its default gateway ( which is routers lan interface. Then router will forward packets to the client B.

In the similar way, if client B wants to ping to client A, first client B will reach the default gateway and from then router will forward packets to client A.

18. What is criteria for best path selection in router?

When any packet destined to some IP address, router will check for longest prefix, if there is a match it will go for that route. If there is no match then it will go for distance value, lower distance will be preferred route. Then it will go for priority, lower priority will be preferred route. Finally it will chose metric value, lower metric value will be preferred.

So the order will be:

Longest prefix list (It means is chosed than, when the traffic is destined to

Lower AD value

Lower priority

Lower Metric

19. What is source route?

Source routing is a specific routing process where senders can specify the path packet should take to reach destination. It is alternative to traditional routing where packet will be forwarded based on the destination address.

Source routing also known as path addressing. Basically there are two types of source routing: loose and strict.

In loose source routing, the packet has to pass through specific listed hops.

In strict source routing, the sender specifies every step on a hop by hop basis.

20. What is the difference between standard and extended ACL?

Access list is set of rules to control traffic based on the tuple values. We can set action either as deny or accept the traffic based on the tuple values.

Standard access list used when we need to control traffic based on source IP address. Then cannot distinguish traffic based on the protocol. These ACL’s numbered with 1-99, so if we use this number in access list router will understand as standard access list and the specified address as source ip address.

Extended access list is extensively used as it can control traffic based on more parameters like source ip,destination ip, source port, destination port and protocol.This type of access list gives more granular method to control traffic and relevant action will be applied. The numbering for this access list is from 100-199 or 2000-2699.

21. What is data encapsulation?

Encapsulation is the process of adding extra information to the data. For example in OSI model, when data passing from top layers to bottom layers, data will be encapsulated with bottom layer headers. In the destination end headers will be decapsulated from actual data.

Data —–application layer

L4 header + Data —-Transport layer

L3 header + L4 header + Data—-Network layer

This process is called encapsulation.

22. What is RAS?

RAS refers to remote access services.

It is a type of server which will host services for users who are connected to network remotely. It operates as remote gateway that connects remote users with LAN network.

23. Mention different network protocols that are supported by windows RRAS services.

These are the protocols used by the windows RRAS services:




24. How can you secure computer network?

  1. Install next generation firewall at the perimeter of network to block unwanted access.
  2. Install endpoint protection in each computer to protect endpoints.
  3. Segregate all divisions of your networks to multiple division and seperate them with firewall policies. So if one network compromise, it wont spread to other systems.
  4. If you have webserver in your network, run firewall as proxy for webserver. So that connection will get terminated at the firewall and start new connection from firewall to webserver. By this way web application will be secured.
  5. Ensure user authentication.
  6. Update passwords regularly.
  7. If one branch want to communicate to other branch, chose VPN so that traffic will be encrypted.
  8. People working from home need to use VPN to access internal servers instead of doing port forwarding. So that traffic cannot be decrypted.

25. What is proxy server?

Proxy server means a device will act as intermediary between client and real server. Client will try to access real web page, connection will be terminated by proxy and proxy will reinitiate connection to the real server. Real server will send web page back to the proxy and proxy will return web page to the client.

All inspection will be done at the proxy so that invalid requests and malicious requests will be blocked.  Also using proxy server original IP address will be hidden.

26.Explain TCP/IP model

TCPIP model explains the way the data will be transmitted from one node to another node in heterogenous network.

This model consists of five layers:

Application layer

Transport layer

Network layer

Data link layer

Physical layer

Functions of TCP IP layers:

Application Layer:

This layer is top most layer in TCP IP model. This layer will be close to very close to user and the protocols used in this layer are HTTP, SMTP etc. It is responsible for handling higher level protocols. The protocols used in this layer allows user to interact with application, for example HTTP used in this application layer used to access the website.

There is small confusion about application layer, every application cannot be placed inside the application layer. Only the applications which will communicate with network will be placed in the application layer.

For example text editor cant be placed in application layer whereas web browser can be placed. Because web browser will be interacted with network to get the HTML pages.

Main protocols used in application layer:

HTTP: HTTP stands for hyper text transfer protocol. This protocol allows us to access HTML pages all over the world.

SNMP: SNMP stands for Simple network management protocol. Using this protocol, SNMP manager query the networking device to fetch the important device information using OID values.

SMTP: SMTP stands for simple mail transfer protocol. This protocol used to send email to destination server.

DNS: DNS stands for domain name system. This protocol used to resolve domain name to IP address by sending request to DNS server.

Telnet: This protocol helps us to connect to remote server on specific port. By this protocol we can understand if specific service on remote server is listening.

FTP: FTP stands for file transfer protocol.  This protocol used to send files from one server to destination server.

Transport Layer:

Transport layer is fourth layer of third layer of TCP IP model. This layer provides communication services directly to the application process running on different hosts. Transport layer provides a logical communication between application process running on different hosts.Although application process on different hosts are not physically connected, application process use logical channel established by transport layer.

Transport layer established between endpoints not between the perimeter devices like routers. This layer provides reliable data transfer, bandwidth guarantee and delay guarantee. Mainly two protocols used in transport layer, UDP and TCP.

UDP: It refers to stateless protocol or connection less protocol, because sender will send data and it will not expect any acknowledgement from the receiver end. It is fast because there is no error control mechanism. This protocol mainly used when communication need fast transmission.

Example: Zoom call, Teams call, VOIP communication

TCP:  It refers to state full protocol or connection oriented protocol. Because for every packet sent from sender it expects acknowledgement from receiver. By this way error control happens between sender and receiver.

It essentially provides these mechanisms:

Error Control:

The primary role of reliability is error control mechanism. Data link layer provides error handling mechanism but its between node to node. But transport layer ensures end to end reliability.

Sequence Control:

Second aspect of transport layer is sequence control. On the sending end, the transport layer is responsible ensuring that the packets received from the upper layers can be used by the lower layers. On the receiving end it ensures that the various segments of transmission can be correctly reassembled.

Loss Control:

Loss control is third aspect of reliability. The transport layer ensures that all fragments of a transmission arrive at destination, not some of them. On the sending end, all the fragments of transmission are given sequence numbers by a transport layer. These sequence numbers allows receiver to identify the missing fragment.

Duplication Control:

Duplicate control is the fourth aspect of reliability. The transport layer guarantees that no duplicate data arrives at the destination. Sequence numbers are used to identify lost packets, similarly it allows the receiver to identify and discard duplicate segments.

Flow Control:

Flow control is used to prevent the sender from overwhelming the receiver. If the receiver is overloaded too much, then the receiver might discard packets and ask for retransmission of packets. This increases network congestion, thereby reducing system performance. Thus transport layer is responsible for flow control.

Network Layer:

It is responsible for transmission of data over the internet. It can be compared to the network layer of OSI model.

The main functions of the internet layer are −

It transmits data packets to the link layer.

It routes each of the data packets independently from the source to the destination, using the optimal route.

It reassembles the out-of-order packets when they reach the destination.

It handles the error in transmission of data packets and fragmentation of data packets.

The protocols used in this layer are −

Internet Protocol, IP − It is a connectionless and unreliable protocol that provides a best effort delivery service. It transports data packets called datagrams that travel over different routes across multiple nodes.

Address Resolution Protocol, ARP −This protocol maps the logical address or the Internet address of a host to its physical address, as printed in the network interface card.

Reverse Address Resolution Protocol, RARP − This is to find the Internet address of a host when its physical address is known.

Internet Control Message Protocol, ICMP − It monitors sending the queries as well as the error messages.

Network access layer:

Network layer is the lowest layer in TCPIP model. It is combination of data link layer and physical layer in OSI reference model. It defines how the data should be physically sent over the network. This layer mainly responsible to send data between two devices over the same network using the MAC address. The main function of this layer is encapsulating data into frames transmitted by the network and mapping IP address into physical devices.

Main protocols used in this layer are ethernet, token ring, FDDI etc

27. What is encryption in networking?

Encryption is way of converting readable format using public key. Using private key we will be able to decrypt the data. So only encryption is bidirectional.

It is not only useful for communications, but also in any case where you want to protect sensitive information. Also it is possible to encrypt the information contained in disks, folders or even individual files to prevent unauthorized access.

28.What is client server model?

Client server architecture is a distributed application framework dividing tasks between servers and clients. The client relies on sending a request to another program in order to access a service made available by server. The server runs one or more programs that share resources with and distribute among clients.

The client server relationship communicates in request response messaging pattern and must adhere to common communication protocol which formally defines the rules, language and dialog pattern to be used. Client server communication adhere to TCP IP protocol suite.

TCP protocol maintains a connection until the client and server have completed the message exchange. TCP protocol determines the best way to distribute application data into packets that networks can deliver, transfers packets to and receives packets from the network, and manages flow control and retransmission of dropped or garbled packets. IP is a connectionless protocol in which each packet traveling through the Internet is an independent unit of data unrelated to any other data units.

Client requests are organized and prioritized in a scheduling system, which helps servers cope in the instance of receiving requests from many distinct clients in a short space of time. The client-server approach enables any general-purpose computer to expand its capabilities by utilizing the shared resources of other hosts. Popular client-server applications include email, the World Wide Web, and network printing.

29. What is Telnet?

Telnet is client service protocol on the network, allowing user to log on to a remote device and have access to it. Telnet uses TCP protocol to connect to remote device. This protocol will also be used to check concerned service is running in remote device.

Lets say if website is running on some IP address “” on port 443. We can run this command in windows command prompt to check whether the server is listening on port 443.

>telnet 443

30. What is RIP?

RIP is one of dynamic routing protocol uses a distance vector algorithm to decide which path to put a packet on to get to its destination. Each RIP router maintains routing table, which is list of all the destinations the router knows how to reach.Each router broadcasts its entire routing table to its closest neighbors every 30 seconds. In this context, neighbors are the other routers to which a router is connected directly — that is, the other routers on the same network segments as the selected router. The neighbors, in turn, pass the information on to their nearest neighbors, and so on, until all RIP hosts within the network have the same knowledge of routing paths. This shared knowledge is known as convergence.

If a router receives an update on a route, and the new path is shorter, it will update its table entry with the length and next-hop address of the shorter path. If the new path is longer, it will wait through a “hold-down” period to see if later updates reflect the higher value as well. It will only update the table entry if the new, longer path has been determined to be stable.

If a router crashes or a network connection is severed, the network discovers this because that router stops sending updates to its neighbors, or stops sending and receiving updates along the severed connection. If a given route in the routing table isn’t updated across six successive update cycles (that is, for 180 seconds) a RIP router will drop that route and let the rest of the network know about the problem through its own periodic updates.

31. What is netstat?

Netstat is command line utility that displays network connections for transmission control protocol both for incoming and outgoing connections. This utility is used to find problems in the network as performance measurement.

32.Explain about VPN (Virtual Private Network)

VPN or the Virtual Private Network is a private WAN (Wide Area Network) built on the internet, it is an encrypted connection over the internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted. It creates a secured tunnel (protected network) between different networks using the internet (public network). By using VPN, a client can connect to the organization’s network remotely.

33.What is the use of a router and how is it different from a gateway?

The router is a networking device which is used for connecting two or more network segments. It routes the traffic in the network. It transfers information and data like web pages, emails, images, videos, etc. from source to destination in the form of packets. It operates at the network layer. It allows multiple devices to use the same internet connection. The gateways are also used to route and regulate the network traffic but, they can also send data between two dissimilar networks while a router can only send data to similar networks.

34.What does a router do?

A router connects devices such as your laptop, tablets, smartphones, and smart TV to your home internet network. Without it, your devices would not be able to connect to the internet.

36. What are the different types of routers?

When it comes to routers, there are only two types you’ll need to consider:

Wireless routers:

A wireless router connects directly to a modem by a cable. This allows it to receive information from — and transmit information to — the internet. The router then creates and communicates with your home Wi-Fi network using built- in antennas. This provides all the devices on your home network with internet access

Wired routers:

A wired router connects directly to computers through wired connections. They usually have a port that connects to the modem to  communicate with the internet. Another port — or ports — allows the wired  router to connect to computers and other devices to distribute information.

37. What is Full duplex and Half duplex in networking?


Half Duplex: If two networking which are directly connected negotiate to half duplex, it means only one device can send data at a time to other device. During this transaction other device cannot send data to this device. Normal example in real time is walkie talkies, the person who initiated call tell something in call and say over, only then receiver will respond.

Full Duplex: If two networking parties which are directly connected negotiate to full duplex, it means they can send packets in both directions. Data can be travelled in both directions at same time. Now a almost all devices using full duplex inorder to increase the speed of flow.

38. What is NAT in Networking?

Ans: NAT standards for network address translation

NAT is methodology used in networking devices to map one IP address to the different IP address.

Lets say there is a private IP in your network and you want to access some server in the internet, you cannot access that server which is hosted in the public network using your private IP address.

So we need a NAT device in your network which will convert your private IP address to the public IP address to reach the internet hosted machine.

Now there is a doubt here, you will have many machines in your network, but your ISP will give usually one IP address. In this scenario how NAT works?
In this scenario, what will happen is all your internal machines mapped to the NAT router different ports for each session.


Lets take two machines in your network, one is accessing “” and another machine is accessing “”.

For the first machine packet looks like: (first machine):25445(random port)— ip):443 (before reaching NAT device) IP):23456(random port)—– ip):443 (before reaching NAT device)

So when the return traffic comes from google server to the NATED port (23456) it will forward the connection to the actual internal IP address (

This process is also called PAT. Here in the above example we actually changed the source port, this process is called port address translation.

NAT translates the inside local addresses into inside global addresses; similarly, PAT translates the private unregistered IP addresses into public registered IP addresses. However, unlike NAT, PAT also uses source port numbers, allowing multiple hosts to share a single IP address while using different port numbers.

39. What is NIC card in networking?

NIC stands for network interface card.

This is a component in networking devices which is used to connect to network and to send data over that interface.

Lets say if you want to connect your computer to any networking device, you can connect cable to NIC card of computer and other cable to switch and transfer the data.

40. What is the difference between Firewall and Antivirus?

Firewall is a network security device which is hosted at edge of the network to block any malicious connections from entering the network, also it will block the outgoing connection if its connecting to malicious server IP address. Also using firewall we will be able to restrict websites, applications, DNS queries for malicious domains, stop attacks using IPS engine, stop virus from downloading.

Antivirus comes under end point protection where this antivirus will secure end point from malware attacks and other types of virus. For example in your network you dont have firewall and you have antivirus for all the machines, your computers will still be protected from virus attack. Using antivirus we can block the virus from installing the machines or downloading from the internet. Also we can block the worm (kind of malware) from spreading through the network.

41. What is switch in networking?

Switch is networking device which operates at layer 2 and layer3 of OSI model. A basic operation of layer 2 switch is to connect multiple machines in the same network to different ports of the switch and help in transferring data to each other in the network.

Switch can also act as layer 3 device, by segregating switch to multiple VLAN’s we can configure multiple networks to each VLAN and isolate them from sending data to other networks. Here in this scenario we need routing device to forward traffic from one VLAN to other VLAN.

42.What is the difference between domain and workgroup?

Domain and work group refers to most familiar terms in computer networking.


If you use a domain, you will have one centralized database that’s on a domain controller. In fact, you might even have more than one domain controller. All user accounts, machines, and even additional hardware like printers etc will be registered with the domain controller. You can have as many devices as you want that are all within the same domain, and they could even be in different locations, enabling remote networking while keeping the same security rules or corporate policies for all assets and employees.

The main purpose of a domain managed by a domain controller is so that an IT admin or service can control the network, including any security issues and permissions all from one centralized location. When a network administrator makes a change to one device, it will be automatically made for all of the other devices that exist within the same domain. It also allows users to collaborate and share equipment and assets with greater ease. If a user has credentials to a specific domain, they will be able to use any machine without necessarily having an account for a specific computer or device. You can immediately see how for a large or complex network, this will save a lot of time, admin and overhead.


A workgroup is a whole different ball game from using a domain. A far simpler one. Within a workgroup, no computers have any control over the behavior, permissions or security of any other computer inside the workgroup. Instead, they share common responsibilities and resources with a peer-to-peer (P2P) model. This means any computer could start a communication session, and could operate as either the client or the server in the communication, and they communicate over a Local Area Network (LAN). Every device or asset inside the workgroup needs to be connected to the same LAN or subnet.

Unlike in a domain, a LAN is usually limited to a smaller physical area, usually an office or facility like a manufacturing plant, a hospital, or a school or university. Within a workgroup, each computer will have user accounts which are accessed using account credentials. Just because an employee works in the same facility and shares resources like printers, files and folders, or security technologies, that doesn’t mean that they can use the shared workgroup to access other devices. Each device will have its own dedicated storage.

There is also a limit to the number of devices that there will be within a workgroup, usually between 10 and 20.

43. What is BGP?

BGP stands for border gateway protocol.

It is one of the most used dynamic routing protocol.

The main purpose of BGP is to to advertise networks learned from one router to another router, so at the end all routers will be familiar about entire network topology.

Unlike other dynamic routing protocols like OSPF we will define neighbors in BGP, so that router will establish three way handshake to the peer neighbor and exchange the routing information.

There are two types of neighborship in BGP:

  1. Internal BGP
  2. External BGP

If BGP neighborship happens with same Autonomous system number neighbor it is internal BGP.

If BGP neighborship happens with different autonomous system number neighbor it is external BGP.

Using BGP we can do path modification as well, by using path attributes we can route the packet to certain path when it have more redundant paths to same destination.

44. What is round trip time in networking?

Round trip time refers to time travelled by the packet to go from source to destination and reverse.

45. What is in networking? refers to loop back IP address in networking. We can ping to that IP address and see network adapter is responding or not. Just in case if there are any issues with NIC card we will not see ping response from that IP address.

46.What is gateway in networking?

Gateway refers to network edge. If a packet wants to reach destination which is in different network then packet first reaches gateway from there router will forward packet to the path which connect destination.

Lets say computer IP address is “” with subnet mask “”, so the range of IP address is “”

In the PC network we can define any IP address as router IP in the PC, that IP you should assign to the router interface. So when PC is trying to reach “” packets will be forwarded to the router first since we define router IP as gateway IP address in the PC. Gateway will forward packets to the internet.

48. Explain 10Base-T 

10Base-T is a type of standard for implementing ethernet networks using unshielded twisted pair cabling.

10Base-T is the most popular form of 10Mbps ethernet.

10BaseT supports a maximum bandwidth of 10 Mbps, but in actual networks, the presence of collisions reduces this to more like 4 to 6 Mbps.

Here the base refers to baseband and not broadband.

49. What is piggy backing?

Network communications happen in full duplex mode. Data transmissions happen in both directions. Ideally each link have forward channel for sending data frames and reverse channel for sending acknowledgements. But by this design traffic load doubles for each data unit that is transmitted. Because half of the transmissions have acknowledgements.

The solution here is to use piggy backing technology. Here we can delay the acknowledgement until the next data frame is available for transmission. The acknowledgement is then hooked onto the outgoing data frame. The size of ack filed is only few bits while ack frame consists of several bytes. Thus a substantial gain is obtained in reducing bandwidth requirement.

50. What are the main functions of network layer?

Network layer mainly responsible for two main functions:

  1. One is breaking up segments into network packets, and reassembling the packets on the receiving end.
  2. The other is routing packets by discovering the best path across a physical network.

The network layer uses IP address to route the packet to end destination.