1. What is the difference between layer 2 and layer 3 in the OSI model?
The layer2 ,datalink layer is responsible for moving frames from one hop(node)to the
next.Whereas in layer3 i,e network layer is responsible for the delivery of individual
packets
from source host to destination host.
Basically a layer 2 switch operates utilizing Mac addresses in it's caching table to quickly
pass information from port to port. A layer 3 switch utilizes IP addresses to do the same.
While the previous explanation is the "What", for folks in networking the following "How"
is far more interesting.
Essentially, A layer 2 switch is essentially a multiport bridge. A layer 2 switch will learn
about MAC addresses connected to each port and passes frames marked for those ports.
It also knows that if a frame is sent out a port but is looking for the MAC address of the
port it is connected to and drop that frame. Whereas a single CPU Bridge runs in serial,
todays hardware based switches run in parallel, translating to extremly fast switching.
Layer 3 switching is a hybrid, as one can imagine, of a router and a switch. There are
different types of layer 3 switching, route caching andtopology-based. In route caching
the switch required both a Route Processor (RP) and a Switch Engine (SE). The RP must
listen to the first packet to determine the destination. At that point the Switch Engine
makes a shortcut entry in the caching table for the rest of the packets to follow. Due to
advancement
in processing power and drastic reductions in the cost of memory, today's higher end
layer 3 switches implement a topology-based switching which builds a lookup table and
and poputlates it with the entire network's topology. The database is held in hardware
and is referenced there to maintain high throughput. It utilizes the longest address
match as the layer 3 destination.
Now when and why would one use a l2 vs l3 vs a router?
Simply put, a router will generally sit at the gateway between a private and a public
network. A router can perform NAT whereas an l3 switch cannot (imagine a switch that
had the topology entries for the ENTIRE Internet!!). In a small very flat network (meaning
only one private network range for the whole site) a L2 switch to connect all the servers
and clients to the internet is probably going to suffice. Larger networks, or those with the
need to contain broadcast traffic or those utilizing VOIP, a multi network approach
utilizing VLANs is appropriate, and when one is utilizing VLANs, L3 switches are a natural
fit. While a router on a stick scenario can work, it can quickly overtax a router if there is
any significant intervlan traffic since the router must make complicated routing decisions
for every packet that it recieves.
2. What is the difference between a hub, switch, and router?
3. What is a VLAN?
4. What is the difference between TCP and UDP?
5. How do you distinguish a DNS problem from a network problem?
6. What is a runt, Giant, and collision?
7. What is a broadcast storm?
8. What is the purpose of VRRP?
9. What is a VPN?
0. What information about a peer would I need to establish a VPN?
1. What is a full-class C in CIDR notation?
2. What is a default route?
3. What is a metric?
4. What is a MAC address?
5. What is ARP/RARP?
6. Describe a TCP connection sequence
7. What is MTU?
8. What other TCP setting can you modify besides MTU to shorten packets?
9. What is a firewall?
0. Describe, genrally, how to manage a firewall
1. What is a Denial of Service attack?
2. What is a “spoofed” packet?
3. What is a SYN Flood?
4. What do you do if you are a victim of a DoS?
5. What is GPG/PGP?
6. What is SSH?
7. What is SSL? How do you create certificates?
8. What would you do if you discovered a UNIX or Network device on your
network has been compromised?
9. What would you do if you discovered a Windows system on your network
has been comrpromised?
0. What is DNS Hijacking?
1. What is a log host?
2. What is IDS or IDP, and can you give me an example of one?
3. Why are proxy servers useful?
4. What is web-caching?