1. What is hot standby?
Answer: Based on the hot standby of two servers in a high availability system.
2. What are the basic functions of the router? What is the role of vlan (Virtual Local Area Network)?
Answer: Data packet forwarding function. isolated broadcast domain
3. The meaning of C/S and B/S
Answer: C/S means client/server mode; B/S means browser/server mode.
4. In network troubleshooting, what operation commands and functions do you often use?
Answer: ping; tracert; ipconfig; netstat; route; arp; nslookup; sfc/scannow
ping : test network connection
tracert routing trace
ipconfig View local ip address
netstat: view the status information of the network system
route: view routing information
arp: view arp cache
nslookup: test DNS resolution
sfc/scannow: check system integrity
5. How many layers does the TCP/IP model have, and what are their functions?
How many layers does the OSI model have and what are their functions?
(1) The TCP/IP protocol is divided into 4 layers, (from bottom to top) followed by the network interface layer, network layer, transport layer and application layer.
Network interface layer: responsible for receiving IP datagrams and sending them to the specified network.
Network layer: ip address selection and routing selection
Transport layer: establishes, manages and maintains end-to-end connections
Application Layer: Provides services for applications
(2) OSI model: "Internet of Things Communication and Response": physical layer, data link layer, network layer, transport layer, session layer, presentation layer, application layer
Physical layer: specifies the physical medium, network cable, optical fiber, current, voltage, and the level of voltage represents 0 and 1.
Data link layer: Provide media access and link management
Network layer: IP address selection and routing
Transport layer: Establish, manage and maintain end-to-end connections Session
layer: Establish, manage and maintain sessions
Presentation layer: Data format conversion, data Encryption
Application Layer: Serving Applications
6. Point out the default port numbers for the following services.
FTP (Text Transfer Protocol) : 21 (FTP uses two ports; one is port 21 for control connections, the other is port 20 for transferring data, and the default port number of FTP is 21)
TELENT (Remote Terminal Protocol) : 23
SMTP (Simple Mail Transfer Protocol) : 25
DNS (Domain Name System): 53
HTTP server: 80
POP3 (Post Office Protocol Version 3) : 110
SNMP (Simple Network Management Protocol): 161 (SNMP Service)/162 (SNMP Trap)
HTTPS:443
RIP ( Routing Information Protocol ): 520
Windows Terminal Services: 3389
PCAnyWhere (remote control software) : 5631
7. Can the firewall be anti-virus?
cannot
8.1TB=_____B
Answer: 2^40
1B (byte) = 8b (bit)
1 KB = 1024 B
1 MB = 1024 KB
1 GB = 1024 MB
1TB = 1024GB
9. PING uses the ______ protocol
ICMP in the TCP/IP protocol
10. The command to view the server’s current connection IP list is ________
netstat-a
11.In Linux /,/bin,/home,/root,/etc,/usr,/dev,/var uses
/--Root directory
/bin - store binary
/home - the root directory where all user files are stored
/root - the home directory of the root account
/etc—contains all system-level configuration files, and also contains a series of shell scripts. These shell scripts will open each system service every time the system starts
/usr - stores system applications
/dev - special directory containing device nodes
/var - files that store data that needs to be changed during runtime
12. What are the three states of the circuit?
short circuit open circuit
13. How does the network resist interference?
Answer: (1) Use the network cable of the screen, that is, the shielded network cable
(2) Use a shielded crystal head at the interface
(3) Try to run the network cable alone, and the distance should not be too far, and it is best to control it within 70 meters
14. We can access the customer website normally, but the customer cannot. It is confirmed that there is no problem with the server and the firewall has not blocked the customer's IP address. How should we explain and judge the problem to the customer.
(1) Whether it is a domain name resolution problem of the customer's local ISP - if yes, inform the customer that the local ISP needs to wait patiently and negotiate to resolve it (
2) Whether it is a problem with the customer's computer HOST file (including system problems) - notify the customer that a fee will be charged for on-site service, and inform It may not be able to solve
(3) There is a problem with the network where the customer is located. Inform the customer: whoever installs broadband for you, you can find someone, he will block you
15. Troubleshooting method for LAN unable to access the Internet:
(1) Network connection
(2) Then check the status of "local connection". If the icon of the local connection is two small computers flashing, indicating "connected", it means that the line from the switch HUB to the computer is normal, and the network card can basically work normally. The reason for not being able to access the Internet is due to improper operating system settings or software limitations. and other reasons. Use the Ping command to ping the remote host to see if the ping is successful. If the ping is successful, it means that the network connection is normal. Then check the firewall settings and proxy server settings in the computer.
(3) If the Ping fails, it may be a network protocol configuration problem. Check the computer IP address, gateway, DNS and other configurations.
(4) If the local area connection icon in the "Network Connection" window is gray, it means that the local area connection (network card) is disabled, and you only need to double-click the local area connection icon to re-enable it.
16.4 tablets A and 4 tablets B, one A and one B must be taken every day; what should I do now that AB is mixed together?
Answer: In essence, it is still a question of equal division. Each tablet is divided into 4 parts, and each part is combined into a tablet, which is exactly one piece of A and one piece of B. Or directly grind all the tablets into powder and mix well. Just take a quarter of it each time.
17. There are 8 balls, one of which is slightly heavier than the others. How many times do you have to weigh at least to find the ball without using weights?
Answer: Weigh at least twice. Divide all the balls into three groups, two groups of 3 balls each, and the other group of 2 balls; first, weigh the two groups of 3 balls, and if one group is heavier, any Pick two, weigh them again, and if they're not equal, the heavier ball is what you're looking for. If the weight and weight are equal, the remaining ball is the one you are looking for. If the first set of balls weighed the same, then weigh the remaining two sets of balls to get the answer
1. IP address query
Open cmd and enter ipconfig to query the local address
2. The same vlan is connected to different switches, how to communicate?
The switch interface connected to the user is classified as an access port, and the connection between the two switches is classified as a trunk port
3. How does arp work? The principle of arp deception?
(1) Each host will create an ARP list in its own ARP buffer to indicate the correspondence between IP addresses and MAC addresses. When the source host needs to send a data packet to the destination host, it first checks whether the MAC address corresponding to the IP address exists in its own ARP list. If there is, the data packet will be directly sent to this MAC address; if not, an ARP request broadcast packet will be sent to the local network segment to query the MAC address corresponding to the destination host. The ARP request packet includes the IP address of the source host, the hardware address, and the IP address of the destination host. After receiving this ARP request, all hosts in the network will check whether the destination IP in the data packet is consistent with their own IP address. If they are not the same, this data packet is ignored; if they are the same, the host first adds the MAC address and IP address of the sending end to its own ARP list. If the information of the IP already exists in the ARP table, it will be overwritten, and then an ARP response packet will be sent to the source host, telling the other party that it is the MAC address it needs to find. After the source host receives the ARP response data packet, it adds the obtained IP address and MAC address of the destination host to its own ARP list, and uses this information to start data transmission. If the source host has not received the ARP response packet, it means that the ARP query fails.
(2) After the host receives a response packet, it will not verify whether it has sent the corresponding arp request packet, nor will it verify whether the arp request packet is credible, but directly use the IP address and mac address in the response packet The corresponding relationship replaces the original corresponding relationship in the arp cache table.
4. The process of ping
The source host compares its own IP with the IP of the destination host before initiating communication.
If the two are located on the same network segment, the source host sends an arp request broadcast message to request the MAC address of the destination host, and obtains the MAC address of the other party after receiving the ARP response from the destination host, and then uses the MAC address of the other party as the destination MAC of the message. Message sent. This is the case when hosts in the same VLAN (network segment) visit each other, and the switches used for interconnection perform Layer 2 switching and forwarding;
When the source host judges that the destination host is in a different network segment than itself, it will submit the message through the gateway (Gateway), that is, send an ARP request to obtain the MAC corresponding to the gateway IP address, and use the gateway MAC address after receiving the gateway's ARP response. Send the message as the destination MAC of the message
5. There are several kinds of nat, the difference between static and dynamic?
Three types, namely static conversion, dynamic conversion and port multiplexing (napt).
Static nat: one-to-one, as many public network addresses as there are private network addresses.
Dynamic nat: the many-to-many mapping relationship is not fixed (does not convert ports)
6. What information does the routing table contain?
destination: destination address mask: netmask
pre: identifies the priority of the route added to the IP routing table
nexthop: next hop IP address interface: output interface
cost: routing cost
7. What is the three-way handshake process of TCP?
( SYN means to establish a connection, FIN means to close the connection, ACK means to respond, PSH means to have DATA data transmission, RST means to reset the connection. )
Three-way handshake: The server creates a new socket, binds the address information and starts listening, and enters the LISTEN state. After the client creates a new socket and binds address information, it calls connect, sends a connection request SYN, and enters the SYN_SENT state, waiting for the server's confirmation. Once the server monitors the connection request, it will put the connection into the kernel waiting queue, and send SYN and confirmation segment ACK to the client, and enter the SYN_RECD state. After receiving the SYN+ACK message, the client sends a confirmation message segment ACK to the server, and enters the ESTABLISHED (established) state to start reading and writing data. Once the server receives the confirmation message from the client, it enters the ESTABLISHED state and can read and write data.
8. How to solve liunx server poisoning?
1) The easiest and most effective way is to reinstall the system
2) If you want to check, find the virus file and delete it. After being poisoned, the CPU and memory usage of the machine will be relatively high, and the machine will send out packets and other abnormal situations. The top command will find the process with the highest CPU usage. Generally, the naming of virus files is messy. You can use ps aux to find the location of the virus file. The rm -f command deletes virus files, checks whether there are other possible files in scheduled tasks, startup items and virus file directories, etc.
3) Even if the virus file is deleted, there may be a latent virus, so it is best to reinstall the machine after backing up the data
9. What is the difference between tcp and udp?
TCP: reliable transmission, connection-oriented: slow, but high accuracy
UDP: unreliable transmission, non-connection-oriented: fast, but poor accuracy
10. What are the private network addresses?
Class A 10.0.0.0~10.255.255.255
Class B 172.16.0.0~172.31.255.255
Class C 192.168.0.0~192.168.255.255
11. What is the maximum rate of the five types of twisted pair?
1000Mbps
12. Three-tier network architecture? effect?
(1) Core layer: the high-speed switching backbone of the network
(2) Aggregation layer: Provide policy-based connections
(3) Access layer: connect workstations to the network
13. What is the principle of each switch and router? At which level is it implemented?
The switch is used in the local area network, and uses the MAC address of the host computer for data transmission, and does not need to care about the IP address in the IP data packet. It works at the data link layer.
The router identifies the network through the network number of the IP address in the IP data packet, so in order to ensure the correctness of the data packet routing, each network must have a unique network number, and the router works at the network layer
14. What is the type of firewall?
(1) Firewalls are divided into software firewalls, hardware firewalls and chip-level firewalls according to the different forms of software and hardware.
(2) According to the different technologies used, it can be divided into network layer firewall, packet filtering firewall, circuit level gateway, rule inspection firewall, application layer firewall and composite firewall.
(3) According to different firewall structures, it can be divided into single host firewall, router integrated firewall and distributed firewall.
(4) Firewalls can be divided into border firewalls, personal firewalls, and hybrid firewalls according to different deployment locations.
(5) According to the performance of the firewall, it can be divided into 100M firewall and Gigabit firewall.
(6) Firewalls can be divided into personal firewalls and network firewalls according to the scope of use of firewalls.
15. What is the line sequence of twisted pair T568B?
Orange White Orange Green White Blue Blue White Green Brown White Brown
1. Packet capture software Wireshark (interface, packet capture information, ttl) ?
(1) Main interface
- Display Filter
It is used to set filter conditions for packet list filtering. Menu path: Analyze --> Display Filters.
- Packet List Pane
Display captured data packets, each data packet contains number, time stamp, source address, destination address, protocol, length, and data packet information. Packets of different protocols are displayed in different colors.
- Packet Details Pane (packet details),
(2) Packet capture information (TCP message, Http message, DNS message)
Reference: WireShark packet capture analysis_hebbely's blog-CSDN blog
(3)TTL(Time to live)
- It is the maximum number of hops that an IP packet can be forwarded in a computer network. The TTL is set by the sending host to prevent packets from continually looping endlessly over the IP internetwork. When forwarding IP packets, routers are required to decrease the TTL by at least 1.
- Function: Limit the existence time of IP data packets in the computer network, avoid the infinite loop and send and receive of IP packets in the network, save network resources, and enable the sender of IP packets to receive alarm messages
- The maximum value for TTL is 255, and a recommended value for TTL is 64.