[154552] in North American Network Operators' Group
Re: job screening question
daemon@ATHENA.MIT.EDU (Jon Lewis)
Thu Jul 5 20:15:45 2012
Date: Thu, 5 Jul 2012 20:14:59 -0400 (EDT)
From: Jon Lewis <jlewis@lewis.org>
To: Mike Hale <eyeronic.design@gmail.com>
In-Reply-To: <CAN3um4zyMomyy3AHVqOenN0c68dbfYpcvhvb+hbE6KMm=cvcZw@mail.gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
He'll have to come up with another weedout question, like "what's a /27?"
I'm constantly amazed/disappointed when we interview candidates for a
senior Linux admin job and they just don't know modern networking at all.
Even better question, with multiple right answers, "how many IPs are in a
/32?" You could probably have some fun with most applicants[1] when they
answer 1, and then you ask "would you like to expand on that answer?"
The small (sub /24) subnets are dealt with so frequently in an ISP/hosting
provider environment, that IMO, anyone claiming to have experience in such
an environment should just flat out know how many IPs and the subnet masks
for /32 - /24 in IPv4, or be sufficiently comfortable with subnetting that
they can figure these things out quickly enough to avoid awkward pauses
during the interview if asked about them.
1) At least the few who get it right.
On Thu, 5 Jul 2012, Mike Hale wrote:
> Something tells me you're suddenly going to find yourself with an
> influx of correct answers...
>
> On Thu, Jul 5, 2012 at 3:18 PM, William Herrin <bill@herrin.us> wrote:
>> On Thu, Jul 5, 2012 at 5:05 PM, Derek Andrew <Derek.Andrew@usask.ca> wrote:
>>>>> You implement a firewall on which you block all ICMP packets. What
>>>>> part of the TCP protocol (not IP in general, TCP specifically)
>>>>> malfunctions as a result?
>>>
>>> Isn't MTU discovery on IP and not TCP?
>>
>> If you want to overthink the question, the failure in the TCP protocol
>> is that it doesn't adjust the MSS to match the path MTU. It continues
>> to rely on the incorrect path MTU estimate, sending too-large packets
>> which will never arrive. This happens because TCP doesn't receive a
>> notification that the path MTU estimate has changed from the default
>> because the lower layer PMTUD algorithm never receives the expected
>> ICMP packet.
>>
>> This is, incidentally, is a detail I'd love for one of the candidates
>> to offer in response to that question. Bonus points if you discuss MSS
>> clamping and RFC 4821.
>>
>> The less precise answer, path MTU discovery breaks, is just fine.
>>
>> Regards,
>> Bill Herrin
>>
>>
>>
>>
>> --
>> William D. Herrin ................ herrin@dirtside.com bill@herrin.us
>> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
>> Falls Church, VA 22042-3004
>>
>
>
>
> --
> 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
>
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
