Test

__NOINDEX__

= Preparation Points =


 * DNS Flow (Detailed)
 * DIG/Nslookup
 * What are glue records
 * hosts file in Linux
 * TCP/IP
 * Traceroute
 * MTR
 * BGP basics
 * VPN
 * HTTP status codes basic


 * Linux
 * What is inode number
 * Sort links vs hard link
 * Boot process
 * Proc filesystem
 * How to check cpu memory and hd capacity in Linux
 * Iptables
 * Tcpdump
 * How to check ip and dns related inform in Linux
 * How do you add vlan in Linux ?
 * What are file permission ?
 * https://scoutapm.com/blog/slow_server_flow_chart


 * Linux top 100 Commands linoxide.com
 * Scripts - Case Alert, VS Top 10 list Study
 * VoIP Repro, WanEm Lab Study, Juniper NSM Repro Study

= Linux Booting =

0 – halt 1 – Single user mode 2 – Multiuser, without NFS 3 – Full multiuser mode 4 – unused 5 – X11 6 – reboot
 * BIOS
 * MBR
 * GRUB
 * Kernel
 * Init
 * Runlevel programs

= Linux file system layout =

/ – The Root Directory /bin – Essential command binaries /boot – Boot loader files /dev – Device Files /etc – Configuration Files /home – Home Directory /lib – Essential Libraries /lost+found – Recovering Files /media – Removable Media Devices /mnt – Temporarily mounted filesystems /opt – Optional software packages /proc – Kernel & Process Information /root – Root Home Directory /sbin – System binaries /selinux – Security-Enhanced Linux /srv – Service Data /sys – virtual filesystem /tmp – Temporary files /usr – binaries, documentation, source code, libraries /var – Variable Files

= Commands =
 * ProcFS


 * Nslookup


 * DIG


 * MTR

= ARP vs MAC Table =

= Fragmentation =


 * Before fragmentation:


 * After fragmentation:

= Headers =

Hardware type Protocol type Hardware address length Protocol address length Operation Source MAC Source IP Dest MAC Dest IP
 * ARP Header

Code Checksum Rest of Header
 * ICMP Header

= TCP =

MSS WSF SACK Permitted
 * Parameters determined during Handshake:


 * MTU vs MSS



- Sender starts with cwnd = 1 MSS, Size increases 1 MSS each time one Ack arrives, Increases the rate exponentially(1,2,4,8....) until a threshold is reached
 * Congestion Control
 * Slow Start - Exponential Increase


 * Congestion Avoidance - Additive Increase

- Increases the cwnd Additively, When a “window” is Ack cwnd is increased by 1, Window = No of segments transmitted during RTT - The increase is based on RTT, not on the number of arrived ACKs, Congestion window increases additively until congestion is detected


 * Congestion Detection - Multiplicative Decrease

- If congestion occurs, Window size must be decreased, Sender knows about congestion via RTO or 3 Dup Acks received, Size of Threshold is dropped to half

- If RTO occured, TCP Reacts Strongly - Reduces cwnd back to 1 Segment, starts the slow start phase again
 * Tahoe

- If 3 Duplicate ACKs are received, TCP has a Weaker Reaction - Starts the Congestion Avoidance phase - This is called fast transmission and fast recovery
 * Reno


 * Silly Window Syndrome: Sender creates data slowly or Receiver consumes slowly or both.

Syndrome due to Sender: - Nagle’s Algorithm: Send data initially, accumulate data in output buffer, Wait for Ack or till 1 MSS Data in Buffer

Syndrome due to Receiver: - Clark’s Solution: Announce window size 0 till 1) enough space for 1 MSS in Buffer or Half Receive buffer is empty - Delayed Acknowledgment: Segment not acknowledged immediately, Sender TCP does not slide its window, reduces traffic, sender may unnecessarily retransmit, Not delay more than 500 ms.

- If RTO has a larger value - If sender receives four acknowledgments with same value (three duplicates) - Segment expected by all of these Ack is resent immediately
 * Fast Retransmission


 * Persistence Timer

- Issue of Deadlock created by Lost Ack, used to reset Window size 0 advertized earlier, is resolved by this timer - Sending TCP sends a special segment(1 byte of new data) called Probe, causes the receiving TCP to resend Ack - If no reply, another probe is sent and value of persistence timer is doubled and reset - Sender continues sending probes, doubling, resetting value of persistence timer until it reaches a threshold(generally 60s) - After that the sender sends one probe segment every 60s until the window is reopened

= OSPF = Down Attempt Init 2-Way ExStart (Master/Slave; highest Router ID is master) Exchange (DBD exchanged) Loading (LSR, LSU, LSAck sent) Full
 * States

Type 1 - Router LSAs Type 2 - Network LSAs Type 3 - Network Summary LSA Type 4 - ASBR summary LSA Type 5 - AS external LSA Type 7 - NSSA External LSA Type 1 - Hello Type 2 - Database Description (DBD) Type 3 - Link-State request (LSR) Type 4 - LSU Type 5 - LSAck Same area Same authentication config Same subnet Same hello/dead interval Matching stub flags
 * LSA Type
 * Packet Types
 * Neighbor Requirements:




 * OSPF path selection: O > O*IA > O*E1 > O*E2.
 * “area range” summarize type 3 LSA’.
 * “summary-address” summarize type 5 & 7 LSA’s.
 * Auto-cost reference BW (Default = 100mb), formula = 100000000/Int-Bw.

= BGP =


 * Route Selection Criteria

Idle Active        Attempting to connect Connect       TCP session established OpenSent      Open message sent OpenConfirm   Response received Established   Adjacency established
 * BGP States

Open Update Keepalive      Sent every 60 seconds Notification   Always indicate something is wrong
 * BGP Messages