Linux & Networking Fundamentals
Networking Fundamentals: TCP/IP and DNS
4 min read
Networking questions appear in 100% of DevOps/SRE interviews. Master these concepts and you'll handle anything they throw at you.
TCP/IP Fundamentals
The TCP Three-Way Handshake
Client Server
| |
|-------- SYN ------------>|
| |
|<------- SYN-ACK ---------|
| |
|-------- ACK ------------>|
| |
| Connection Established |
Interview question: "What happens if the final ACK is lost?"
Answer: The server retransmits SYN-ACK until it receives ACK or times out. The connection will eventually be established or fail after retries.
TCP vs UDP
| Feature | TCP | UDP |
|---|---|---|
| Connection | Connection-oriented | Connectionless |
| Reliability | Guaranteed delivery | Best effort |
| Ordering | Ordered | No ordering |
| Speed | Slower (overhead) | Faster |
| Use cases | HTTP, SSH, databases | DNS, video, gaming |
Key TCP States
# View TCP connections and states
netstat -an | grep tcp
ss -tan
# Common states:
# LISTEN - Waiting for connections
# ESTABLISHED - Active connection
# TIME_WAIT - Waiting after close (2x MSL)
# CLOSE_WAIT - Received FIN, waiting for app
# FIN_WAIT_1/2 - Sent FIN, waiting for ACK/FIN
Interview question: "You see thousands of TIME_WAIT connections. Is this a problem?"
Answer: TIME_WAIT is normal—it prevents old packets from being confused with new connections. However, too many can exhaust ephemeral ports. Solutions:
- Enable
tcp_tw_reusefor outbound connections- Increase ephemeral port range:
net.ipv4.ip_local_port_range- Use connection pooling
DNS Deep Dive
DNS Resolution Process
1. Browser checks cache
2. OS checks /etc/hosts, then nsswitch.conf
3. Query local resolver (from /etc/resolv.conf)
4. Resolver checks cache
5. If not cached, resolver queries:
Root servers → TLD servers → Authoritative servers
6. Answer cached and returned
DNS Record Types
| Record | Purpose | Example |
|---|---|---|
| A | IPv4 address | example.com → 93.184.216.34 |
| AAAA | IPv6 address | example.com → 2606:2800:... |
| CNAME | Alias | www → example.com |
| MX | Mail server | @ → mail.example.com |
| TXT | Text data | SPF, DKIM, verification |
| NS | Name server | @ → ns1.example.com |
| PTR | Reverse lookup | IP → hostname |
| SRV | Service location | _http._tcp → ... |
DNS Troubleshooting
# Basic lookup
dig example.com
# Query specific record type
dig example.com MX
# Query specific DNS server
dig @8.8.8.8 example.com
# Trace the full resolution path
dig +trace example.com
# Check TTL
dig example.com | grep -E "^example.com"
# Reverse lookup
dig -x 93.184.216.34
Load Balancing Concepts
Layer 4 vs Layer 7
| Aspect | Layer 4 (TCP/UDP) | Layer 7 (HTTP) |
|---|---|---|
| Speed | Faster | Slower |
| Intelligence | IP/Port only | Content-aware |
| SSL termination | No | Yes |
| Sticky sessions | Source IP hash | Cookies |
| Use case | High throughput | Web apps |
Load Balancing Algorithms
| Algorithm | Behavior | Best For |
|---|---|---|
| Round Robin | Rotate through servers | Equal capacity servers |
| Least Connections | Send to least busy | Varying request times |
| IP Hash | Same client → same server | Session persistence |
| Weighted | Prefer higher capacity | Mixed server specs |
| Random | Random selection | Simple, even distribution |
Essential Network Commands
# Check connectivity
ping -c 4 host
traceroute host # or tracepath
# DNS lookup
nslookup host
host domain
dig domain
# Port scanning and connectivity
nc -zv host port
telnet host port
# Network statistics
netstat -tulpn # listening ports
ss -tulpn # faster alternative
# Packet capture
tcpdump -i eth0 port 80
tcpdump -i any host 10.0.0.1
# Network interfaces
ip addr
ip route
Interview Practice
Q: "A service can't connect to the database. How do you troubleshoot?"
# 1. Check if DNS resolves
dig db.internal
# 2. Check if host is reachable
ping db.internal
# 3. Check if port is open
nc -zv db.internal 5432
# 4. Check local firewall
iptables -L -n
# or firewalld
firewall-cmd --list-all
# 5. Check if service is listening on target
ssh db.internal "ss -tlnp | grep 5432"
# 6. Check for network path issues
traceroute db.internal
mtr db.internal
Next, we'll put it all together with real troubleshooting scenarios. :::