📖 The OSI Model:

The OSI (Open Systems Interconnection) model is a 7-layer framework that standardizes network functions:

• Layer 7 – Application: User interface (HTTP, DNS, SMTP).
• Layer 6 – Presentation: Data formatting/encryption (SSL/TLS).
• Layer 5 – Session: Connection management (NetBIOS, SIP).
• Layer 4 – Transport: End-to-end reliability (TCP, UDP).
• Layer 3 – Network: Path determination (IP, Routing).
• Layer 2 – Data Link: MAC addressing, switching (Ethernet, VLAN).
• Layer 1 – Physical: Cables, signals, bits.

💡 Interview Tip (UAE Context):

For banks in Abu Dhabi or DIFC, focus on Layer 4 (Transport) regarding high-availability load balancing, and Layer 2 (Data Link) regarding security segmentation.

📊 TCP (Transmission Control Protocol):

Connection-oriented, reliable, and ordered. Uses a three-way handshake (SYN, SYN-ACK, ACK). Slower due to error checking. Used for Web (HTTP), Email (SMTP), FTP.

📊 UDP (User Datagram Protocol):

Connectionless, unreliable, and fast. No handshake. “Fire and forget.” Used for Video streaming, VoIP, DNS, and Gaming.

📐 Explanation:

Subnetting is the process of dividing a single network into smaller, more manageable networks (subnets). It improves performance and security.

Key Concept: Borrowing bits from the Host portion to create the Network portion.

💡 UAE Interview Scenario:

“You have a /24 network provided by a UAE ISP for your office, but you need 5 separate VLANs. Explain how you would do this.”

Answer: “I would use Variable Length Subnet Masking (VLSM). I would borrow 3 bits from the host portion (2^3 = 8 subnets). This creates a /27 mask (255.255.255.224) for each VLAN.”

• Unicast: One-to-one communication. Sent to a specific device.
• Broadcast: One-to-all. Sent to everyone in the network (255.255.255.255).
• Multicast: One-to-many. Sent to a specific group (e.g., 224.0.0.10). Used for video conferencing.

🏢 Public IP:

Routable on the internet. Globally unique. Used by servers and home routers provided by ISPs. (e.g., Google.com has a public IP).

🏠 Private IP:

Not routable on the internet. Used for internal LANs. Defined by RFC 1918 (10.x.x.x, 172.16-31.x.x, 192.168.x.x). Needs NAT to access the internet.

🔄 Definition:

NAT allows multiple devices on a local network to share a single Public IP address to access the internet. It conserves IPv4 addresses.

📋 Types:

• Static NAT: 1-to-1 mapping (Public IP to Private IP). Used for servers.
• Dynamic NAT: Maps a pool of private IPs to public IPs.
• PAT (Port Address Translation) / NAPT: Maps many private IPs to ONE public IP using ports (Source Port). Most common in home/business.

💻 Explanation:

A Media Access Control (MAC) address is a unique identifier assigned to a network interface card (NIC). It works at Layer 2 (Data Link). It is 48 bits (Hexadecimal).

Format: XX:XX:XX:XX:XX:XX. The first half identifies the vendor (OUI), the second half is unique to the device.

🔗 Function:

ARP maps a known IP address to an unknown MAC address.

Process: Device A sends a broadcast “Who has IP 192.168.1.5?”. Device B replies “I have it, here is my MAC (00:11:22:33:44:55)”.

• Class A: 1.0.0.0 – 126.255.255.255. Default mask /8. Used for huge networks.
• Class B: 128.0.0.0 – 191.255.255.255. Default mask /16. Used for medium networks.
• Class C: 192.0.0.0 – 223.255.255.255. Default mask /24. Used for small networks (LANs).

Note: Classful addressing is mostly replaced by CIDR (Classless Inter-Domain Routing).

📌 Static Routing:

Admin manually adds routes. No routing protocol used. Good for small networks, high security, but hard to scale. If link fails, no automatic backup.

🔄 Dynamic Routing:

Uses protocols (OSPF, EIGRP, RIP) to learn routes automatically. Routers exchange information. Supports load balancing and fast convergence (failover).

🌳 Overview:

OSPF is a Link-State protocol based on Dijkstra’s algorithm.

• Cost: Uses cost (inverse of bandwidth). Lower cost is preferred.
• Areas: Divides network into Area 0 (Backbone) and Non-Backbone areas to reduce routing table size.
• DR/BDR: Designated Router (DR) handles LSAs to reduce multicast traffic.
• Protocol: Uses IP protocol 89.

⚡ Features:

A Cisco proprietary “Hybrid” protocol (has features of both Distance Vector and Link State).

• Metrics: Bandwidth, Delay, Reliability, Load (K-values).
• DUAL: Diffusing Update Algorithm. Provides loop-free paths instantly.
• Feasible Successor: The backup path that is pre-calculated.
• Autonomous System Number (ASN): Must match for neighbors.

📏 Definition:

A value (0-255) representing the trustworthiness of a routing source. Lower AD is preferred.

• Connected Interface: 0
• Static Route: 1
• EIGRP Summary: 5
• EIGRP Internal: 90
• OSPF: 110
• RIP: 120

If a router learns a route via OSPF (AD 110) and Static (AD 1), it puts Static in the routing table.

🌍 Internet Protocol:

BGP is the protocol used between Autonomous Systems (ISPs) on the internet.

• Type: Path Vector (makes routing decisions based on paths, policies, and rules).
• Attributes: AS-PATH, MED, Local Preference, Next-Hop.
• TCP Port: 179.
• iBGP vs eBGP: iBGP is internal (within ISP), eBGP is external (between ISPs).

🔒 Definition:

VLAN segments a physical switch into multiple logical broadcast domains. VLAN 10 and VLAN 20 cannot talk to each other without a Router.

Benefits: Security, Broadcast control, Flexibility.

Types: Data, Voice (Native), Native, Default.

🔄 Process:

The process of allowing traffic between different VLANs.

• Legacy Router-on-a-stick: Router connected to switch via trunk. Slow.
• Layer 3 Switch (SVI): Switch Virtual Interface. Assigns an IP to a VLAN. Fast.
• Router with Subinterfaces: One physical interface, divided into .10 and .20 subinterfaces.

🚫 Loop Prevention:

STP prevents switching loops (broadcast storms) by blocking redundant ports.

Process: Elects a Root Bridge. All non-root switches block one port to ensure loop-free topology.

Port States: Blocking -> Listening -> Learning -> Forwarding.

RSTP (Rapid Spanning Tree): Same as STP but converges fast (in seconds).

📜 Cisco Protocol:

Proprietary protocol used to sync VLANs between switches.

• VTP Server: Adds/deletes VLANs.
• VTP Client: Receives updates.
• Modes: Server, Client, Transparent.

Note: Often disabled in modern networks due to risk of accidentally deleting VLANs.

🚇 Definition:

A port that carries traffic for multiple VLANs. Usually used to connect a Switch to a Router or Switch to Switch.

Protocol: Uses 802.1Q (dot1Q) tagging.

📏 Standard ACL:

Filters based on Source IP only. Range 1-99. placed closest to destination.

📏 Extended ACL:

Filters based on Source IP, Destination IP, and Protocol (TCP/UDP). Range 100-199. Placed closest to source.

Already answered in Q7.

Analogy: Symmetric is like a safe with one key (shared). Asymmetric is like a mailbox (anyone can put mail in, only owner has key to open).

🔒 Secure Tunnel:

VPNs create encrypted “tunnels” over the public internet to connect remote sites or users privately.

Types: Site-to-Site (Branch to Branch), Remote Access (User to Office).

• Authentication: Who are you? (Username/Password, RSA Token).
• Authorization: What can you do? (Allow/Deny commands).
• Accounting: What did you do? (Logs for billing/auditing).

Uses TACACS+ (Cisco) or RADIUS (Standard).

🛡️ Barrier:

A device or software that monitors and filters incoming and outgoing network traffic based on predetermined security rules.

Types: Stateful (tracks connections), Stateless (packet by packet), Next-Gen (IPS, Application awareness).

🔌 Locking the Port:

Port Security restricts input to a port based on MAC address.

Violation Modes: Protect (Drop), Restrict (Drop + Notify), Shutdown.

Usage: Preventing unauthorized devices from connecting to a corporate LAN.

👮 DHCP Reliability:

Prevents Rogue DHCP servers (man in the middle) from handing out bad IPs. Validates DHCP messages against a trusted database.

🏢 Segmentation:

Allows devices in the same subnet to be isolated as if they were on different subnets. Used in hotels and data centers for security and scalability.

🔄 Failover:

First-hop redundancy protocol. Two routers share a virtual IP (VIP). One is Active, one is Standby. If Active fails, Standby takes over in seconds.

Similar to VRRP (Virtual Router Redundancy Protocol) which is standard.

🤖 The Concept:

Replacing manual CLI configuration with scripts and tools to achieve speed and consistency.

Tools: Ansible, Python (Netmiko), Terraform.

Why in 2026? Networks are too complex for humans to manage manually.

🐍 Why Python?

Simple syntax, massive library support (Netmiko, Paramiko, Requests), and easy integration with APIs.

📦 Library:

A Python library for managing devices via SSH (Telnet/Serial). Multi-vendor (Cisco, Juniper, Arista).

Use case: Backing up configs, pushing VLANs, updating passwords.

📜 Playbooks:

Configuration management tool. Agentless (uses SSH). Uses YAML playbooks to describe configuration. Idempotent (safe to run multiple times).

🔌 Interface:

A set of rules that allows two applications to talk to each other. In networking, we use REST APIs to talk to SDN Controllers or Cloud (AWS/Azure).

Methods: GET (Read), POST (Create), PUT/PATCH (Update), DELETE (Remove).

📝 Data Serialization:

Human-readable data format. Used in Ansible playbooks and Python configs.

Key-Value pairs: Good for configuration, bad for big data.

🔄 Separation:

SDN separates the Control Plane (Brain) from the Data Plane (Body).

Components: Controller (Central brain), Agents (Switches/Routers), Northbound/Southbound APIs.

Benefit: Centralized control, programmable, agile.

🛠️ Management Protocol:

XML-based protocol used to install, manipulate, and delete configuration on network devices. More powerful than SNMP.

📊 Push Model:

Streaming device data (CPU, Interface stats) in real-time to a collector, rather than waiting for a poll (SNMP).

✨ Plug and Play:

When a new switch is plugged in, it connects to a DHCP/TFTP server, downloads a config file automatically, and starts working. No human CLI needed.

🔀 Layer 3 Device:

A device that connects different networks. Determines best path for packets using routing tables.

🔌 Layer 2 Device:

A device that connects devices within the same network. Uses MAC addresses to forward frames. Creates collision domains.

• UTP: Unshielded Twisted Pair. (Cat5e, Cat6). Most common LAN cable.
• Fiber: Uses light (glass/plastic). Long distance, high speed, immune to EMI.
• Coax: Copper cable. Older (Cable TV), mostly for internet uplinks.

🏓 Ping:

Uses ICMP Echo Request. Tests reachability. Reply = Echo Reply. Ping 8.8.8.8

👣 Traceroute:

Shows the path packets take to reach a destination. Uses TTL (Time To Live) and ICMP Time Exceeded messages. Tracert google.com

📖 Domain Name System:

Translates human-readable names (google.com) to machine-readable IPs (142.250.180.46).

Records: A Record (IP), CNAME (Alias), MX (Mail), NS (Nameserver).

🔄 Dynamic Host Configuration Protocol:

Automatically assigns IP addresses, Subnet Masks, Gateways, and DNS to clients.

DORA Process: Discover, Offer, Request, Acknowledge.

🌐 REST (Representational State Transfer):

An architectural style using HTTP methods (GET, POST, PUT, DELETE) to perform operations on resources.

Used to talk to Cisco DNA Center or AWS APIs.

📋 JavaScript Object Notation:

Lightweight data interchange format. Easy for humans to read and machines to parse. Used by APIs to send data.

{ "key": "value", "ip": "192.168.1.1" }