Raju Ginni

wordpress tutorials seo hosting etc

You are here: Home / Linux sysadmin tutorials linux system administrator / Linux Networking Interview Questions and Answers

Linux Networking Interview Questions and Answers

Table of Contents

🔹 Basic Questions

1. What is a network in Linux?

A network in Linux refers to the interconnection of multiple computers that communicate using TCP/IP protocols. Linux provides various commands and tools to configure, monitor, and troubleshoot networks.

2. How do you check your IP address in Linux?

You can use:

bash
ip a

or

bash
ifconfig # Older method

3. How do you check the default gateway in Linux?

bash
ip route show

or

bash
route -n

4. How do you check the DNS server configured on your system?

bash
cat /etc/resolv.conf

This file contains the DNS servers used by the system.

5. How do you test network connectivity?

bash
ping google.com

or

bash
ping -c 4 8.8.8.8

This sends 4 ICMP packets to Google’s public DNS.

🔹 Intermediate Questions

6. How do you list active network interfaces?

bash
ip link show

or

bash
ifconfig -a

7. How do you configure a static IP address in Linux?

Edit the network configuration file, e.g., /etc/network/interfaces (Debian-based systems) or /etc/sysconfig/network-scripts/ifcfg-eth0 (RHEL-based). Example:

ini
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1

Then restart the network:

bash
systemctl restart networking

8. How do you restart the network service?

On Debian/Ubuntu:

bash
systemctl restart networking

On RHEL/CentOS:

bash
systemctl restart NetworkManager

9. How do you check if a port is open on a remote server?

bash
nc -zv example.com 80

or

bash
telnet example.com 80

10. How do you list open ports on your system?

bash
netstat -tulnp

or

bash
ss -tulnp

🔹 Advanced Questions

11. How do you enable IP forwarding in Linux?

Enable it temporarily:

bash
echo 1 > /proc/sys/net/ipv4/ip_forward

To enable it permanently, add this line in /etc/sysctl.conf:

ini
net.ipv4.ip_forward = 1

Then apply changes:

sysctl -p

12. How do you troubleshoot network issues in Linux?

  1. Check connectivity: ping

  2. Check routes: ip route

  3. Check DNS: nslookup or dig

  4. Check active connections: netstat or ss

  5. Check firewall rules: iptables -L or firewalld

13. How do you block a specific IP address using iptables?

bash
iptables -A INPUT -s 192.168.1.10 -j DROP

To make it persistent:

bash
iptables-save > /etc/iptables.rules

14. What is the difference between TCP and UDP?

  • TCP (Transmission Control Protocol) is connection-oriented and reliable.

  • UDP (User Datagram Protocol) is connectionless and faster but unreliable.

15. How do you monitor real-time network traffic?

tcpdump -i eth0

or

iftop -i eth0

🔹 Basic Questions

1. What are the different types of network configurations in Linux?

  • Static IP: Manually assigned IP address.

  • Dynamic IP: Assigned by DHCP (Dynamic Host Configuration Protocol).

  • Loopback Interface: 127.0.0.1, used for local communication.

  • Bridged Network: Used in virtualization for external communication.

2. How do you find your system’s hostname?

bash
hostname

or

bash
hostnamectl

3. How do you list all network interfaces?

bash
ip link show

or

bash
ifconfig -a # (Older method)

4. How do you find the MAC address of your network card?

bash
ip link show eth0 | grep link/ether

or

bash
ifconfig eth0 | grep ether

5. How do you check open ports on your system?

bash
netstat -tulnp

or

bash
ss -tulnp

🔹 Intermediate Questions

6. How do you flush the DNS cache in Linux?

For systemd-resolved:

bash
systemctl restart systemd-resolved

For NSCD (Name Service Cache Daemon):

systemctl restart nscd

7. How do you assign a static IP address in Linux?

For Debian/Ubuntu, edit /etc/network/interfaces:

ini
iface eth0 inet static
address 192.168.1.100
netmask 255.255.255.0
gateway 192.168.1.1

Then restart networking:

bash
systemctl restart networking

8. How do you check active network connections?

bash
netstat -antp

or

bash
ss -antp

9. How do you configure a Linux system as a router?

Enable IP forwarding:

bash
echo 1 > /proc/sys/net/ipv4/ip_forward
sysctl -w net.ipv4.ip_forward=1

Make it permanent in /etc/sysctl.conf:

ini
net.ipv4.ip_forward = 1

10. How do you test network speed in Linux?

Using iperf3:

bash
iperf3 -s # Start server
iperf3 -c <server-ip> # Run test from client

or

bash
speedtest-cli

🔹 Advanced Questions

11. What is the difference between TCP and UDP?

Feature TCP (Transmission Control Protocol) UDP (User Datagram Protocol)
Connection Connection-oriented Connectionless
Reliability Reliable, ensures data delivery Unreliable, no delivery guarantee
Speed Slower due to error-checking Faster but may lose packets
Use Cases Web browsing (HTTP/HTTPS), email (SMTP/IMAP) Streaming, gaming, VoIP

12. How do you configure firewall rules using iptables?

Allow SSH (port 22):

bash
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Block an IP address:

bash
iptables -A INPUT -s 192.168.1.100 -j DROP

Save rules permanently:

bash
iptables-save > /etc/iptables.rules

13. How do you set up a simple NAT (Network Address Translation) using iptables?

bash
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Enable IP forwarding:

bash
echo 1 > /proc/sys/net/ipv4/ip_forward

14. How do you check ARP table entries?

bash
arp -a

or

bash
ip neigh show

15. How do you create a network bridge in Linux?

bash
ip link add name br0 type bridge
ip link set eth0 master br0
ip link set eth1 master br0

16. How do you check bandwidth usage per process?

Using nethogs:

bash
nethogs eth0

17. How do you trace the route packets take to a destination?

bash
traceroute google.com

or

bash
mtr google.com

18. How do you monitor live network traffic?

Using tcpdump:

bash
tcpdump -i eth0

19. How do you find which process is using a specific port?

bash
lsof -i :80

or

bash
netstat -tulpn | grep :80

20. How do you restart the networking service in Linux?

For Debian/Ubuntu:

bash
systemctl restart networking

For RHEL/CentOS:

bash
systemctl restart NetworkManager

21. How do you check the maximum number of open connections?

bash
sysctl net.core.somaxconn

22. How do you increase the number of allowed file descriptors?

Temporary change:

bash
ulimit -n 65535

Permanent change: Edit /etc/security/limits.conf:

ini
* soft nofile 65535
* hard nofile 65535

23. How do you set up a simple DHCP server in Linux?

Install isc-dhcp-server:

bash
sudo apt install isc-dhcp-server

Edit /etc/dhcp/dhcpd.conf:

ini
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.200;
option routers 192.168.1.1;
option domain-name-servers 8.8.8.8;
}

Restart service:

bash
systemctl restart isc-dhcp-server

24. How do you limit bandwidth usage for a specific IP using tc?

bash
tc qdisc add dev eth0 root tbf rate 1mbit burst 32kbit latency 400ms

25. How do you detect a rogue DHCP server on the network?

bash
dhcping -s <suspected_ip>

Linux Networking Hands-on Exercises

These exercises will help you build practical experience with networking commands, troubleshooting, and configurations.

📝 Beginner Exercises

1️⃣ Check Your Network Configuration

Task: Find your system’s network details.
🔹 Commands to use:

bash
ip a
ip route
cat /etc/resolv.conf

🔹 Questions to answer:

  • What is your IP address?

  • What is your default gateway?

  • What is your DNS server?

2️⃣ Test Network Connectivity

Task: Verify if you can reach external servers.
🔹 Commands to use:

bash
ping -c 4 8.8.8.8
ping -c 4 google.com

🔹 Questions to answer:

  • Do you get a response?

  • If not, what could be wrong?

3️⃣ Identify Active Network Connections

Task: Find which services are using the network.
🔹 Commands to use:

bash
netstat -tulnp
ss -tulnp

🔹 Questions to answer:

  • What services are listening on open ports?

  • Are there any unexpected connections?

⚙️ Intermediate Exercises

4️⃣ Configure a Static IP Address

Task: Set a static IP on your Linux system.
🔹 Steps:

  1. Edit the network configuration file:

    • Debian/Ubuntu: /etc/network/interfaces

    • RHEL/CentOS: /etc/sysconfig/network-scripts/ifcfg-eth0

  2. Set a static IP, for example:

    ini
    iface eth0 inet static
    address 192.168.1.100
    netmask 255.255.255.0
    gateway 192.168.1.1

  3. Restart the network service:

    bash
    systemctl restart networking

🔹 Questions to answer:

  • Can you ping your gateway after configuring the IP?

  • Does your configuration persist after a reboot?

5️⃣ Find and Kill a Process Using a Port

Task: Find and stop a process using port 8080.
🔹 Commands to use:

bash
lsof -i :8080
netstat -tulpn | grep :8080
kill -9 <PID>

🔹 Questions to answer:

  • What process was using port 8080?

  • Did stopping it free the port?

6️⃣ Monitor Network Traffic in Real-time

Task: Capture network traffic using tcpdump.
🔹 Commands to use:

bash
tcpdump -i eth0
tcpdump -i eth0 port 22

🔹 Questions to answer:

  • What kind of traffic do you see?

  • Can you filter packets only for SSH (port 22)?

🚀 Advanced Exercises

7️⃣ Set Up a Simple Firewall Using iptables

Task: Block incoming traffic on port 80 (HTTP).
🔹 Commands to use:

bash
iptables -A INPUT -p tcp --dport 80 -j DROP
iptables -L -n -v

🔹 Questions to answer:

  • Can you still access websites from the server?

  • How do you remove the rule?

    bash
    iptables -D INPUT -p tcp --dport 80 -j DROP

8️⃣ Enable and Test IP Forwarding (Linux as a Router)

Task: Enable IP forwarding and configure NAT.
🔹 Commands to use:

bash
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sysctl -w net.ipv4.ip_forward=1

🔹 Questions to answer:

  • Can connected devices route traffic through your machine?

  • What does NAT (Network Address Translation) do?

9️⃣ Simulate Network Latency Using tc (Traffic Control)

Task: Introduce a 100ms delay to all outgoing packets.
🔹 Commands to use:

bash
tc qdisc add dev eth0 root netem delay 100ms
ping -c 4 google.com
tc qdisc del dev eth0 root netem

🔹 Questions to answer:

  • How does latency change your ping results?

  • What happens if you add packet loss?

    bash
    tc qdisc add dev eth0 root netem loss 10%

🔟 Scan Your Network for Active Devices

Task: List all devices on your LAN.
🔹 Commands to use:

nmap -sn 192.168.1.0/24

🔹 Questions to answer:

  • How many devices are online?

  • Can you find your router’s IP?

🏆 Bonus Challenge: Set Up a Simple Web Server

Task: Start a web server and access it from another device.
🔹 Commands to use:

bash
python3 -m http.server 8080

🔹 Questions to answer:

  • Can you access the server from another machine?

  • What happens if you block port 8080 using iptables?

Advanced Linux Networking Challenges

These exercises simulate real-world network troubleshooting, security, and administration tasks.

🛠️ CHALLENGE 1: Diagnose and Fix a Network Issue

Scenario:

You have a Linux server that cannot access the internet, but you can ping the local network.

Tasks:

1️⃣ Check the IP configuration using ip a.
2️⃣ Check the default gateway using ip route.
3️⃣ Test DNS resolution using nslookup google.com.
4️⃣ Test if the firewall is blocking traffic using iptables -L.
5️⃣ Fix the issue and restore internet connectivity.

Hints:

  • Maybe the gateway is misconfigured?

  • Maybe the DNS server is down?

  • Is iptables blocking outgoing traffic?

🔗 CHALLENGE 2: Set Up Port Forwarding

Scenario:

You want to forward incoming SSH connections from port 2222 to port 22 on your server.

Tasks:

1️⃣ Use iptables to forward incoming traffic:

bash
iptables -t nat -A PREROUTING -p tcp --dport 2222 -j REDIRECT --to-port 22

2️⃣ Test SSH access using:

bash
ssh -p 2222 user@server-ip

3️⃣ Make the rule persistent after reboot.

Questions:

  • Can you still connect via SSH on port 2222?

  • How would you remove the rule if needed?

📡 CHALLENGE 3: Capture and Analyze Network Packets

Scenario:

You suspect unusual network activity on your Linux server.

Tasks:

1️⃣ Start capturing packets using:

bash
tcpdump -i eth0 -c 50

2️⃣ Capture packets for a specific port (e.g., SSH):

bash
tcpdump -i eth0 port 22 -c 20

3️⃣ Save the packet capture to a file and analyze it:

bash
tcpdump -i eth0 -w capture.pcap

4️⃣ Open the file in Wireshark for analysis.

Questions:

  • What types of packets are being sent and received?

  • Do you see any suspicious connections?

📶 CHALLENGE 4: Simulate Network Congestion

Scenario:

You need to test how your server performs under high network congestion.

Tasks:

1️⃣ Limit the outgoing bandwidth to 1 Mbps:

bash
tc qdisc add dev eth0 root tbf rate 1mbit burst 32kbit latency 400ms

2️⃣ Test by downloading a large file:

bash
wget http://speedtest.tele2.net/1MB.zip

3️⃣ Remove the limit after testing:

bash
tc qdisc del dev eth0 root

Questions:

  • How does limiting bandwidth affect download speed?

  • What happens if you add 20% packet loss?

    bash
    tc qdisc add dev eth0 root netem loss 20%

🛑 CHALLENGE 5: Block Specific Traffic

Scenario:

You want to block all outgoing traffic to Facebook while allowing other sites.

Tasks:

1️⃣ Find the IP range of Facebook:

bash
nslookup facebook.com

2️⃣ Block the IP range using iptables:

bash
iptables -A OUTPUT -d <facebook-ip> -j DROP

3️⃣ Test by trying to access Facebook:

bash
curl -I https://facebook.com

4️⃣ Verify the rule is applied using:

bash
iptables -L -n -v

Questions:

  • Can you still access other websites?

  • How would you block Facebook using domain names instead of IPs?

🔄 CHALLENGE 6: Set Up a Load Balancer Using HAProxy

Scenario:

You have two web servers and want to set up a load balancer in front of them.

Tasks:

1️⃣ Install HAProxy:

bash
sudo apt install haproxy -y

2️⃣ Edit /etc/haproxy/haproxy.cfg:

ini
frontend http_front
bind *:80
default_backend web_servers

backend web_servers
balance roundrobin
server web1 192.168.1.10:80 check
server web2 192.168.1.11:80 check

3️⃣ Restart HAProxy:

bash
systemctl restart haproxy

4️⃣ Test by accessing the server multiple times:

bash
curl http://your-server-ip

Questions:

  • Do requests alternate between servers?

  • How do you add health checks for the servers?

📡 CHALLENGE 7: Scan Your Network for Open Ports

Scenario:

You suspect a device on your network has an open SSH port.

Tasks:

1️⃣ Install nmap if not installed:

bash
sudo apt install nmap -y

2️⃣ Scan the entire network for devices with SSH open:

bash
nmap -p 22 --open 192.168.1.0/24

3️⃣ Identify any unexpected devices with open SSH.

Questions:

  • Do you see any unknown hosts?

  • How would you block SSH from unknown devices?

⚡ CHALLENGE 8: Simulate a DNS Attack and Secure Against It

Scenario:

A rogue device is trying to act as a fake DNS server. You need to detect and block it.

Tasks:

1️⃣ Scan the network for unauthorized DNS servers:

bash
nmap --script=dns-brute -p 53 192.168.1.0/24

2️⃣ Identify if a rogue DNS server is running.
3️⃣ Block unauthorized DNS responses using iptables:

bash
iptables -A INPUT -p udp --sport 53 -m string --string "malicious.com" --algo bm -j DROP

4️⃣ Test by running a DNS query:

bash
nslookup google.com

Questions:

  • How do you confirm only your trusted DNS servers are used?

  • What happens if you block all UDP traffic on port 53?

🏆 Final Challenge: Build a Secure Linux Network Infrastructure

Combine all the above challenges into a real-world security setup:

  • Set up a firewall to block unwanted traffic.

  • Limit network bandwidth for certain users.

  • Monitor network logs for suspicious activity.

  • Detect and stop rogue devices using nmap.

  • Secure DNS, SSH, and Web Services against attacks.