Friday, July 12, 2013


#Why Are OSPF Neighbors Stuck in Exstart/Exchange State?
The problem occurs most frequently when attempting to run OSPF between a Cisco router and another vendor's router. The problem occurs when the maximum transmission unit (MTU) settings for neighboring router interfaces don't match. If the router with the higher MTU sends a packet larger that the MTU set on the neighboring router, the neighboring router ignores the packet.

#OSPF Neighbor Problems Explained

#What is the difference between a thread and a process?
 A process is an executing instance of an application. What does that mean? Well, for example, when you double-click the Microsoft Word icon, you start a process that runs Word. A thread is a path of execution within a process. Also, a process can contain multiple threads. When you start Word, the operating system creates a process and begins executing the primary thread of that process.
It’s important to note that a thread can do anything a process can do. But since a process can consist of multiple threads, a thread could be considered a ‘lightweight’ process. Thus, the essential difference between a thread and a process is the work that each one is used to accomplish. Threads are used for small tasks, whereas processes are used for more ‘heavyweight’ tasks – basically the execution of applications.
Another difference between a thread and a process is that threads within the same process share the same address space, whereas different processes do not. This allows threads to read from and write to the same data structures and variables, and also facilitates communication between threads. Communication between processes – also known as IPC, or inter-process communication – is quite difficult and resource-intensive.

Threads, of course, allow for multi-threading. A common example of the advantage of multithreading is the fact that you can have a word processor that prints a document using a background thread, but at the same time another thread is running that accepts user input, so that you can type up a new document.
If we were dealing with an application that uses only one thread, then the application would only be able to do one thing at a time – so printing and responding to user input at the same time would not be possible in a single threaded application.
Each process has it’s own address space, but the threads within the same process share that address space. Threads also share any other resources within that process. This means that it’s very easy to share data amongst threads, but it’s also easy for the threads to step on each other, which can lead to bad things.
Multithreaded programs must be carefully programmed to prevent those bad things from happening. Sections of code that modify data structures shared by multiple threads are called critical sections. When a critical section is running in one thread it’s extremely important that no other thread be allowed into that critical section. This is called synchronization, which we won't get into any further over here. But, the point is that multithreading requires careful programming.
Also, context switching between threads is generally less expensive than in processes. And finally, the overhead (the cost of communication) between threads is very low relative to processes.
Here’s a summary of the differences between threads and processes:
1. Threads are easier to create than processes since they don't require a separate address space.
2. Multithreading requires careful programming since threads share data structures that should only be modified by one thread at a time.  Unlike threads, processes don't share the same address space.
3.  Threads are considered lightweight because they use fewer resources than processes.
4.  Processes are independent of each other.  Threads, since they share the same address space are interdependent, so caution must be taken so that different threads don't step on each other. 
This is really another way of stating #2 above.
5.  A process can consist of multiple threads.

#Are MAC addresses only for devices with an ethernet interface?
No, this is a popular misconception. Even iPhones – which have no Ethernet interface – still have (and need) a MAC address.


#What is a virtual memory, how is it implemented, and why do operating systems use it?
Real, or physical, memory exists on RAM chips inside the computer. Virtual memory, as its name suggests, doesn’t physically exist on a memory chip. It is an optimization technique and is implemented by the operating system in order to give an application program the impression that it has more memory than actually exists. Virtual memory is implemented by various operating systems such as Windows, Mac OS X, and Linux.
So how does virtual memory work? Let’s say that an operating system needs 120 MB of memory in order to hold all the running programs, but there’s currently only 50 MB of available physical memory stored on the RAM chips. The operating system will then set up 120 MB of virtual memory, and will use a program called the virtual memory manager (VMM) to manage that 120 MB. The VMM will create a file on the hard disk that is 70 MB (120 – 50) in size to account for the extra memory that’s needed. The O.S. will now proceed to address memory as if there were actually 120 MB of real memory stored on the RAM, even though there’s really only 50 MB. So, to the O.S., it now appears as if the full 120 MB actually exists. It is the responsibility of the VMM to deal with the fact that there is only 50 MB of real memory.

#Memory corruption
Memory corruption occurs in a computer program when the contents of a memory location are unintentionally modified due to programming errors; this is termed violating memory safety. When the corrupted memory contents are used later in that program, it leads either to program crash or to strange and bizarre program behavior. Nearly 10% of application crashes on Windows systems are due to heap corruption.[1]

Modern programming languages like C and C++ have powerful features of explicit memory management and pointer arithmetic. These features are designed for developing efficient applications and system software. However, using these features incorrectly may lead to memory corruption errors.
Memory corruption is one of the most intractable class of programming errors, for two reasons:
The source of the memory corruption and its manifestation may be far apart, making it hard to correlate the cause and the effect.
Symptoms appear under unusual conditions, making it hard to consistently reproduce the error.
Memory corruption errors can be broadly classified into four categories:
Using uninitialized memory: Contents of uninitialized memory are treated as garbage values. Using such values can lead to unpredictable program behavior.
Using un-owned memory: It is common to use pointers to access and modify memory. If such a pointer is a null pointer, dangling pointer (pointing to memory that has already been freed), or to a memory location outside of current stack or heap bounds, it is referring to memory that is not then possessed by the program. Using such pointers is a serious programming flaw. Accessing such memory usually causes operating system exceptions, which most commonly lead to a program crash. Strictly-speaking, if the memory access is a READ the issue may not be considered corruption because the memory is not modified.
Using beyond allocated memory (buffer overflow): If an array is used in a loop, with incorrect terminating condition, memory beyond the array bounds may be manipulated. Buffer overflow is one of the most common programming flaws exploited by computer viruses causing serious computer security issues (e.g. return-to-libc attack, stack-smashing protection) in widely used programs. One can also incorrectly access the memory before the beginning of a buffer.
Faulty heap memory management: Memory leaks and freeing non-heap or un-allocated memory are the most frequent errors caused by faulty heap memory management.

#SNMP agent error codes:
The agent reports that no errors occurred during transmission.
The agent could not place the results of the requested SNMP operation in a single SNMP message.
The requested SNMP operation identified an unknown variable.
The requested SNMP operation tried to change a variable but it specified either a syntax or value error.
The requested SNMP operation tried to change a variable that was not allowed to change, according to the community profile of the variable.
The specified SNMP variable is not accessible.
The value specifies a type that is inconsistent with the type required for the variable.
The variable does not exist, and the agent cannot create it.
Assigning the value to the variable requires allocation of resources that are currently unavailable.
An authorization error occurred.
The variable exists but the agent cannot modify it.

#SNMP engine ID
The SNMP engine ID is a unique string used to identify the device for administration purposes. You do not need to specify an engine ID for the device; a default string is generated using Cisco's enterprise number ( and the mac address of the first interface on the device.

#Explain LAG. Why it is not supported on a half duplex port. What is a static LAG.
LACP does not support half-duplex mode. Half-duplex ports in LACP port channels are put in the suspended state.With a static link aggregate, all configuration settings will be setup on both participating LAG components.

#Layer 2 switches and bridges are faster than routers because they don’t take up time looking at the
network layer header information. Instead, they look at the frame’s hardware addresses before deciding to either forward, flood or drop the frame.

#There can be only one spanning-tree instance per bridge, while switches can have many.

#No data will be forwarded until convergence is complete.

#Following the type/length field is the actual data contained in the frame. After physical-layer and
link-layer processing is complete, this data will eventually be sent to an upper-layer protocol. In the
case of Ethernet, the upper-layer protocol is identified in the type field. In the case of IEEE 802.3,
the upper-layer protocol must be defined within the data portion of the frame, if at all. If data in the
frame is insufficient to fill the frame to its minimum 64-byte size, padding bytes are inserted to
ensure at least a 64-byte frame.

1 Bit = Binary Digit
8 Bits = 1 Byte
1024 Bytes = 1 Kilobyte
1024 Kilobytes = 1 Megabyte
1024 Megabytes = 1 Gigabyte
1024 Gigabytes = 1 Terabyte
1024 Terabytes = 1 Petabyte
1024 Petabytes = 1 Exabyte
1024 Exabytes = 1 Zettabyte
1024 Zettabytes = 1 Yottabyte
1024Yottabytes = 1 Brontobyte
1024 Brontobytes = 1 Geopbyte
1024 Geopbyte=1 Saganbyte
1024 Saganbyte=1 Pijabyte
Alphabyte = 1024 Pijabyte
Kryatbyte = 1024 Alphabyte
Amosbyte = 1024 Kryatbyte
Pectrolbyte = 1024 Amosbyte
Bolgerbyte = 1024 Pectrolbyte
Sambobyte = 1024 Bolgerbyte
Quesabyte = 1024 Sambobyte
Kinsabyte = 1024 Quesabyte
Rutherbyte = 1024 Kinsabyte
Dubnibyte = 1024 Rutherbyte
Seaborgbyte = 1024 Dubnibyte
Bohrbyte = 1024 Seaborgbyte
Hassiubyte = 1024 Bohrbyte
Meitnerbyte = 1024 Hassiubyte
Darmstadbyte = 1024 Meitnerbyte
Roentbyte = 1024 Darmstadbyte
Coperbyte = 1024 Roentbyte...

#What if I configure the administrative distance to be the same for two routing protocols? Will the router install routes from each routing protocol and allow me to load balance traffic?

#What are the benefits of subnetting?
Subnetting helps reduce network traffic and the size of the routing tables. It’s also a way to add security to network traffic by isolating it from the rest of the network.

Q. What does the EIGRP stuck in active message mean?
A. When EIGRP returns a stuck in active (SIA) message
The route reported by the SIA has gone away.
An EIGRP neighbor (or neighbors) have not replied to the query for that route.
When the SIA occurs, the router clears the neighbor that did not reply to the query

#ospf area test and convergence

#adjacency issue in ospf

#decision rules of route map

#network layer convergence

#convergence of stp and rstp

#convergence of HSRP,VRRP,GLBP

#RIP convergence

#OSPF convergence

#EIGRP convergence

#BGP multiple paths

Wednesday, July 10, 2013

IP Fragmentation Q&A

#What is meant by IP fragmentation?
The breaking up of a single IP datagram into two or more IP datagrams of smaller size is called IP fragmentation.

#Why is an IP datagram fragmented?
Every transmission medium has a limit on the maximum size of a frame (MTU) it can transmit. As IP datagrams are encapsulated in frames, the size of IP datagram is also restricted. If the size of An IP datagram is greater than this limit, then it must be fragmented.

#Which RFCs discuss IP fragmentation?
RFC 791 & RFC 815 discusses about IP datagrams, fragmentation and reassembly.

#Is it possible to select an IP datagram size to always avoid fragmentation?
It is not possible to select a particular IP datagram size to always avoid fragmentation, as the MTU for different transmission It is possible, though, for a given path to choose a size that will not lead to fragmentation. This is called Path MTU Discovery and is discussed in the RFC 1191. The TCP transport protocol tries to avoid fragmentation using the Maximum Segment Size (MSS) option.

#Where an IP datagram may get fragmented?
An IP datagram may get fragmented either at the sending host or at one of the intermediate routers.

#Where are the IP datagram fragments reassembled?
The IP fragments are reassembled only at the destination host.

#How to prevent an IP datagram from being fragmented?
A IP datagram can be prevented from fragmentation, by setting the "don't fragment" flag in the IP header.

#What happens when a datagram must be fragmented to traverse a network, but the "don't fragment" flag in the datagram is set?
The datagram whose "don't fragment" flag is set is discarded, if it must be fragmented to traverse a network. Also, an ICMP error message is sent back to the sender of the datagram.

#Will all the fragments of a datagram reach the destination using the same path?
The different fragments of the same IP datagram can travel in either in the same path or in different paths to the destination.

#Will all the fragments of a datagram arrive at the destination system in the correct order?
The different fragments of a single IP datagram can arrive in any order to the destination system.

#What happens to the original IP datagram when one or more fragments are lost?
When one or more fragments of an IP datagram are lost, then the entire IP datagram is discarded after a timeout period.

#What is the minimum size of an IP fragment?
The minimum size of an IP fragment is the minimum size of an IP header plus eight data bytes. Most firewall-type devices will drop an initial IP fragment (offset 0) that does not contain enough data to hold the transport headers. In other words, the IP fragment normally need 20 octets of data in addition to the IP header in order to get through a firewall if the offset is 0.

#What are the limitations on the size of a fragment?
The size of an IP datagram fragment is limited by
The amount of remaining data in the original IP datagram
The MTU of the network and
Must be a multiple of 8, except for the final fragment.

#How is an IP datagram fragment differentiated from a non-fragmented IP datagram?
A complete IP datagram is differentiated from an IP fragment using the offset field and the "more fragments" flags. For a non-fragmented IP datagram, the fragment offset will be zero and the "more fragments" flag will be set to zero.

#How are the fragments of a single IP datagram identified?
The "identification" field in the IP header is used to identify the fragments of a single IP datagram. The value of this field is set by the originating system. It is unique for that source-destination pair and protocol for the duration in which the datagram will be active.

#How is the last fragment of an IP datagram identified?
The last fragment of an IP datagram is identified using the "more fragments" flag. The "more fragment" flag is set to zero for the last fragment.

#How is the length of a complete IP datagram calculated from the received IP fragments?
Using the fragment offset field and the length of the last fragment, the length of a complete IP datagram is calculated.

#How is an IP datagram fragmented?
In the following example, an IP datagram is fragmented into two. This same algorithm can be used to fragment the datagram into 'n' fragments.
The IP layer creates two new IP datagrams, whose length satisfies the requirements of the network in which the original datagram is going to be sent.
The IP header from the original IP datagram is copied to the two new datagrams.
The data in the original IP datagram is divided into two on an 8 byte boundary. The number of 8 byte blocks in the first portion is called Number of Fragment Blocks (NFB).
The first portion of the data is placed in the first new IP datagram.
The length field in the first new IP datagram is set to the length of the first datagram.
The fragment offset field in the first IP datagram is set to the value of that field in the original datagram.
The "more fragments" field in the first IP datagram is set to one.
The second portion of the data is placed in the second new IP datagram.
The length field in the second new IP datagram is set to the length of the second datagram.
The "more fragments" field in the second IP datagram is set to the same value as the original IP datagram.
The fragment offset field in the second IP datagram is set to the value of that field in the original datagram plus NFB.

#How a destination system reassembles the fragments of an IP datagram?
When a host receives an IP fragment, it stores the fragment in a reassembly buffer based on its fragment offset field.
Once all the fragments of the original IP datagram are received, the datagram is processed.
Upon receiving the first fragment, a reassembly timer is started.
If the reassembly timer expires before all the fragments are received, the datagram is discarded.

#What fields are changed in an IP header due to fragmentation?
The following IP header fields are changed due to IP fragmentation:
Total Length
Header Length
More Fragments Flag
Fragment Offset
Header Checksum

#What happens to the IP options field when an IP datagram is fragmented?
Depending on the option, either it is copied to all the fragments or to only the first fragment.

#Which IP options are copied to all the fragments of an IP datagram?
If the most significant bit in the option type is set (i.e. value one), then that option is copied to all the fragments. If it is not set (i.e. value zero), it is copied only to the first fragment.

Monday, July 8, 2013

Mono vs Micro kernel