Network Engineer Interview Prep Guide

Walk through SYN, SYN-ACK, ACK with sequence numbers. At each layer: Application (HTTP request), Transport (TCP segment with port numbers), Network (IP packet with source/destination IP), Data Link (Ethernet frame with MAC addresses), Physical (electrical/optical signals). Discuss TCP window sizing, MSS negotiation, and how TLS adds to the handshake process. Mention TCP Fast Open as an optimization.

Cover WAN connectivity (MPLS or SD-WAN for inter-site), internet breakout at each site, AWS connectivity (Direct Connect primary, VPN backup), VPC design with public/private subnets, Transit Gateway for VPC interconnection, DNS resolution (split-horizon or Route 53), and network security (next-gen firewalls, IDS/IPS). Discuss redundancy at every layer, bandwidth sizing, and QoS for voice/video traffic.

BGP is a path-vector protocol that routes between autonomous systems using TCP port 179. Path selection attributes in order: highest weight (Cisco-specific), highest local preference, locally originated, shortest AS path, lowest origin type (IGP < EGP < incomplete), lowest MED, eBGP over iBGP, lowest IGP metric to next hop, oldest route, lowest router ID. Discuss BGP communities, route filtering, and how BGP prevents loops with the AS path attribute.

Systematic troubleshooting: verify inter-VLAN routing is configured (router-on-a-stick or L3 switch SVI), check that both VLANs exist on trunk ports, verify SVI/subinterface is up with correct IP, check ACLs that might block traffic, verify default gateway on client machines, and trace the path with ping and traceroute. Check ARP tables and routing tables at each hop. The issue is likely a missing VLAN on a trunk, incorrect SVI configuration, or an ACL blocking traffic.

Use Netmiko for SSH connections, concurrent.futures for parallel device access, and regex for pattern matching insecure configurations. Check for: default community strings (public/private for SNMP), plaintext passwords (enable password vs enable secret), Telnet enabled, HTTP server enabled, and insecure protocol versions (SSHv1, SNMPv1/v2c). Store results in a structured report. Discuss error handling for unreachable devices and credential management.

MPLS: guaranteed QoS, predictable latency, expensive, single provider dependency, slow provisioning. SD-WAN: uses multiple transport types (broadband, LTE, MPLS), application-aware routing, centralized management, cheaper, but relies on internet quality. Recommend MPLS for latency-sensitive applications (trading, real-time voice) and SD-WAN for general enterprise connectivity with cost optimization. Many enterprises use hybrid: MPLS for critical traffic, SD-WAN for general and cloud traffic.

Describe a specific outage: spanning tree loop, BGP misconfiguration, DNS failure, or hardware failure. Walk through the timeline: detection, diagnosis, mitigation, and resolution. Include the tools you used (packet captures, SNMP traps, syslog), how you communicated with stakeholders, and the post-incident changes (configuration standards, monitoring improvements, redundancy additions). Quantify the impact and resolution time.

Walk through the full resolution: stub resolver, recursive resolver, root servers, TLD servers, authoritative servers, and caching at each level. For HA architecture: use GeoDNS or anycast for directing users to the nearest resolver, redundant authoritative servers across regions, DNSSEC for integrity, low TTLs for failover speed (with tradeoff against cache effectiveness), and health-check-based DNS failover. Discuss DNS-based load balancing and its limitations.