Navigation

DevOps interview 6 min read

Networking Interview Questions

Networking questions show up in almost every DevOps interview because servers are useless if they cannot talk to each other. Interviewers want to see that you understand how a request travels from a browser to your server, and that you can debug it when something breaks. This page walks through the most common questions with clear answers, the why behind each one, and the exact Ubuntu commands you would run. Practice saying these answers out loud — speaking them is harder than reading them.

DNS and name resolution

1. What is DNS and what problem does it solve?

DNS (Domain Name System) is the internet’s phone book. It translates human-friendly names like devcraftly.com into IP addresses (numeric addresses like 93.184.216.34 that computers actually use to find each other). We use it because people remember names but routers route on numbers. Without DNS you would have to memorize an IP for every site.

When you type a name, your computer asks a resolver (a server that does the lookup for you), which walks down from the root servers, to the .com servers, to the server that knows the answer for your domain.

2. What are the common DNS record types?

Record	Meaning	When to use
`A`	Maps a name to an IPv4 address	Point a domain at a server
`AAAA`	Maps a name to an IPv6 address	Same, but for IPv6
`CNAME`	Alias from one name to another name	Point `www` at the root domain
`MX`	Mail server for the domain	Receiving email
`TXT`	Free-form text	Domain verification, SPF/DKIM
`NS`	Which servers are authoritative	Delegating a zone

3. How do you look up a DNS record from the command line?

On Ubuntu, install the tools first, then query.

sudo apt update && sudo apt install -y dnsutils
dig +short devcraftly.com A

Output:

93.184.216.34

dig (Domain Information Groper) is the standard tool. Use +short for just the answer. To see which DNS server answered and the full path, drop +short and read the ANSWER SECTION.

Note: nslookup still works but is considered legacy. Prefer dig for scripting because its output is easier to parse.

4. What is TTL on a DNS record?

TTL (Time To Live) is how many seconds resolvers are allowed to cache the answer. A low TTL (e.g. 300 seconds) means changes propagate fast but creates more lookups. A high TTL (e.g. 86400) is efficient but slow to change. When to use low TTL: right before a planned migration so the cutover is quick.

TCP, UDP and ports

5. What is the difference between TCP and UDP?

Feature	TCP	UDP
Connection	Yes (handshake first)	No (just sends)
Reliability	Guaranteed, ordered, re-sent if lost	Best effort, may drop
Speed	Slower (overhead)	Faster (no overhead)
Use cases	HTTP, SSH, databases	DNS, video streaming, gaming

TCP (Transmission Control Protocol) is like a phone call — both sides confirm they are connected. UDP (User Datagram Protocol) is like dropping a postcard — fast, but no guarantee it arrives. When to use UDP: when speed matters more than perfection and your app can tolerate loss.

6. Explain the TCP three-way handshake.

Before any data flows, TCP sets up the connection in three steps: the client sends SYN, the server replies SYN-ACK, and the client sends ACK. After that the connection is established. This matters in interviews because it explains why a blocked firewall shows up as a “connection timed out” — the SYN never gets a reply.

7. What are well-known ports you should know?

A port is a numbered door on a server so one machine can run many services. Common ones:

Port	Service
”22”	SSH
”53”	DNS
”80”	HTTP
”443”	HTTPS
”5432”	PostgreSQL
”3306”	MySQL
”6379”	Redis

8. How do you see which ports are listening on a server?

sudo ss -tulpn

Output:

Netid State  Local Address:Port  Process
tcp   LISTEN 0.0.0.0:22          users:(("sshd",pid=812,fd=3))
tcp   LISTEN 0.0.0.0:80          users:(("nginx",pid=1340,fd=6))

ss (socket statistics) replaced the old netstat. The flags mean: -t TCP, -u UDP, -l listening, -p show process, -n numeric.

HTTP and HTTPS

9. What is the difference between HTTP and HTTPS?

HTTP (HyperText Transfer Protocol) sends data as plain text, so anyone in the middle can read it. HTTPS is HTTP wrapped in TLS (Transport Layer Security), which encrypts the traffic and proves the server’s identity with a certificate. When to use HTTPS: always in production. There is no good reason to serve a public site over plain HTTP in 2026.

Security gotcha: a valid certificate proves you are talking to the right server, but it does not make a vulnerable app safe. HTTPS protects data in transit, not bugs in your code.

10. What status codes should you know?

200 OK, 301 permanent redirect, 404 not found, 500 internal server error, 502 bad gateway (your proxy could not reach the app), 503 service unavailable. 502 and 503 come up constantly in DevOps because they usually mean your backend (the app behind Nginx) is down or overloaded.

Subnets and IP addressing

11. What is a subnet and what does CIDR notation mean?

A subnet is a slice of a larger network. CIDR (Classless Inter-Domain Routing) notation like 10.0.1.0/24 describes it: the /24 means the first 24 bits are the network part, leaving 8 bits (256 addresses) for hosts. When to use subnets: to isolate tiers — put your database in a private subnet with no internet access, and your web servers in a public one.

12. What is the difference between a public and a private IP?

Private IP ranges (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) are only routable inside your own network. Public IPs are unique on the internet. Machines with private IPs reach the internet through NAT (Network Address Translation), which rewrites the source address at a gateway.

Troubleshooting commands

13. How do you check if a host is reachable?

ping -c 4 devcraftly.com

Output:

4 packets transmitted, 4 received, 0% packet loss
rtt min/avg/max = 11.2/12.8/14.1 ms

If ping fails but DNS resolves, the issue is routing or a firewall, not name resolution.

14. How do you test if a specific port is open?

nc -zv devcraftly.com 443

Output:

Connection to devcraftly.com 443 port [tcp/https] succeeded!

nc (netcat) with -z scans without sending data and -v is verbose. This is the fastest way to prove a firewall or security group is blocking you.

15. How do you check and open the firewall on Ubuntu?

Ubuntu ships with ufw (Uncomplicated Firewall).

sudo ufw status verbose
sudo ufw allow 443/tcp

Output:

Status: active
Rule added

Always confirm SSH (port 22) is allowed before enabling ufw, or you can lock yourself out of a remote server.

Best Practices

Always allow SSH in ufw before running sudo ufw enable on a remote box.
Use dig +short in scripts and dig (full output) when debugging the resolution path.
Lower DNS TTL a day before a planned migration, then raise it again after.
Prefer ss over netstat and nc over telnet — they are the current standard on Ubuntu.
Serve everything over HTTPS and redirect HTTP with a 301 to avoid mixed content.
Put databases in private subnets and only expose what truly needs a public IP.

Networking Interview Questions

DNS and name resolution

1. What is DNS and what problem does it solve?

2. What are the common DNS record types?

3. How do you look up a DNS record from the command line?

4. What is TTL on a DNS record?

TCP, UDP and ports

5. What is the difference between TCP and UDP?

6. Explain the TCP three-way handshake.

7. What are well-known ports you should know?

8. How do you see which ports are listening on a server?

HTTP and HTTPS

9. What is the difference between HTTP and HTTPS?

10. What status codes should you know?

Subnets and IP addressing

11. What is a subnet and what does CIDR notation mean?

12. What is the difference between a public and a private IP?

Troubleshooting commands

13. How do you check if a host is reachable?

14. How do you test if a specific port is open?

15. How do you check and open the firewall on Ubuntu?

Best Practices

Related Topics