Portal | Level: L1: Foundations | Topics: TCP/IP, DNS, VLANs, Routing | Domain: Networking

Networking Fundamentals - Skill Check

Mental model (bottom-up)

Networking is layers: bits -> frames -> packets -> streams -> HTTP. Most outages are: DNS, routing, firewalls, MTU, or TLS.

Visual stack (OSI-ish)

[L7: HTTP           ]  requests, headers, status codes
|
[L4: TCP/UDP        ]  ports, streams vs datagrams
|
[L3: IP             ]  routing across networks
|
[L2: Ethernet/WiFi  ]  frames inside a LAN (MAC addresses)
|
[L1: Physical       ]  signal on wire/air

Glossary

• CIDR - prefix length like /24 defining a subnet block
• ARP - IPv4 neighbor lookup: IP -> MAC on local LAN
• MTU - max packet size before fragmentation; mismatches cause hangs
• NAT - address translation (private<->public)
• stateful firewall - tracks connections; allows return traffic automatically
• TLS - encryption/authentication on top of TCP (HTTPS)

Visual guides

TCP connect:
client SYN -> server SYN/ACK -> client ACK

Quick triage split:
- DNS?   dig/getent hosts
- Route? ip r / traceroute
- Port?  ss / nc / curl -v
- Wire?  tcpdump

Roadmap core (10, easy -> hard)

• What's the difference: IP vs TCP?
• IP routes packets; TCP provides reliable ordered streams on top of IP.
• What's a subnet (CIDR) in one line?
• A block of IPs defined by prefix length like /24.
• What does /24 mean?
• 24 network bits; 256 addresses total (typically 254 usable in classic IPv4).
• What's the difference: private vs public IP?
• Private is non-routable on the public internet; public is internet-routable.
• What's a default gateway?
• The router your host uses for non-local destinations.
• DNS: A vs CNAME vs TXT?
• A maps name->IPv4; CNAME aliases name->name; TXT stores arbitrary text.
• What's NAT and why does it exist?
• Translates addresses (many private -> one public) to conserve IPv4 / simplify.
• TCP 3-way handshake?
• SYN -> SYN/ACK -> ACK to establish a connection.
• How do you troubleshoot "can't reach host" quickly?
• ip a, ip r, ping, traceroute, dig, ss -tulpn.
• Explain MTU and a common failure mode.
• Max frame size; mismatch can cause PMTU blackholes / hangs.

Subnetting & routing (easy -> hard)

• What's ARP (IPv4) used for?
• Map IP -> MAC on a local network.
• Why "same subnet" matters?
• Same L2 domain; traffic doesn't need a router.
• What is a route table?
• Rules mapping destination prefixes to next hops/interfaces.
• Longest prefix match means?
• Most-specific route wins (e.g., /32 beats /24).
• What is asymmetric routing?
• Forward path differs from return path; can break stateful firewalls/LBs.
• What's policy-based routing?
• Routes based on source/marks, not just destination.

DNS in practice (easy -> hard)

• What is TTL?
• Cache lifetime; lower TTL speeds changes, increases query load.
• dig vs getent hosts?
• dig queries DNS; getent uses system NSS (DNS + hosts + LDAP, etc).
• Common "DNS works for me" cause?
• Different resolvers/search domains/caches between hosts/containers.
• What's split-horizon DNS?
• Same name resolves differently inside vs outside (private zones).
• What's negative caching?
• NXDOMAIN cached; can delay newly created records.

Firewalls, NAT, load balancing (easy -> hard)

• Stateful vs stateless firewall?
• Stateful tracks connections; stateless filters each packet.
• SNAT vs DNAT?
• SNAT changes source; DNAT changes destination.
• What is a 4-tuple?
• srcIP:srcPort -> dstIP:dstPort identifies a flow.
• L4 vs L7 load balancing?
• L4 routes TCP/UDP; L7 routes HTTP based on host/path/headers.
• What's a health check?
• Probe determining backend availability; drives routing decisions.
• TLS termination vs passthrough?
• Termination decrypts at LB; passthrough keeps TLS end-to-end.

Troubleshooting toolkit (easy -> hard)

• Why curl -v is your friend?
• Shows DNS, connect, TLS, headers, redirects.
• ss vs netstat?
• ss is modern and faster; both show sockets.
• When to use tcpdump?
• Prove packet flow, resets, retransmits, DNS answers, MTU issues.
• How to spot MTU blackhole?
• Small pings succeed; large fails; tracepath/DF tests reveal.
• What's "SYN sent" stuck mean?
• Outbound SYN leaves, no SYN/ACK returns: firewall/routing/ACL/LB.

Sources

• IETF RFCs, Linux iproute2 docs, vendor docs for your environment.
• https://www.rfc-editor.org/rfc/rfc793
• https://www.rfc-editor.org/rfc/rfc791

---

Wiki Navigation

Related Content

• Networking Deep Dive (Topic Pack, L1) — DNS, Routing, TCP/IP
• Case Study: Multicast Not Crossing Router (Case Study, L2) — Routing, VLANs
• DHCP & IP Address Management (Topic Pack, L1) — DNS, TCP/IP
• Networking Drills (Drill, L1) — DNS, TCP/IP
• AWS Networking (Topic Pack, L1) — TCP/IP
• AWS Route 53 (Topic Pack, L2) — DNS
• Adversarial Interview Gauntlet (30 sequences) (Scenario, L2) — TCP/IP
• Case Study: Asymmetric Routing One Direction (Case Study, L2) — Routing
• Case Study: BGP Peer Flapping (Case Study, L2) — Routing
• Case Study: Backup Job Failing — iSCSI Target Unreachable, VLAN Misconfigured (Case Study, L2) — VLANs

Pages that link here

• Asymmetric Routing / One-Direction Failure
• BGP Peer Flapping
• DHCP & IP Address Management
• DHCP & IP Address Management - Primer
• Foundations
• Level 1: Foundations
• Master Curriculum: 40 Weeks
• Multicast Traffic Not Crossing Router
• Network Experiencing Broadcast Storm and High CPU on Switches
• Networking Domain
• Networking Drills
• Primer
• Scenario: VLAN Trunk Mismatch — Server Cannot Reach Its Gateway
• Symptoms: Backup Job Failing, iSCSI Target Unreachable, Fix Is VLAN Config
• VLAN Trunk Mistag