|
People ask loving spanning-tree questions in Engineering interviews? That's like asking a mechanic if he understands what wheels do.
|
# ? Mar 16, 2011 09:49 |
|
|
# ? Apr 24, 2024 10:10 |
|
It's a pretty good way of getting rid of idiots who picked up a copy of Network+ over the weekend and had a quick look. A lot of places won't actually give a thought to the STP topology anyway when Bob the CFO needs to fit out a new office and gosh drat it there isn't time to look at poo poo like this, just make it work.
|
# ? Mar 16, 2011 10:34 |
|
If you had asked me what STP did when I was a system admin just touching network stuff compared to now I'd just give you a blank stare so yea I guess it's not that bad of a question.
|
# ? Mar 16, 2011 13:20 |
|
jwh posted:It's funny you mention that, because the best question I've learned to ask to really gauge someone's level of competency is: Funny, my personal "they probably know their poo poo" question is: "How does traceroute work?" with bonus points if they mention the ICMP/UDP difference between Windows and Cisco/Unix. Amazing how many people don't understand the basics of the tools they use (and what it means when they fail).
|
# ? Mar 16, 2011 13:21 |
|
Another good thing to do is draw up a fake network and then ask what the default routes should be for certain clients (at different sites for example) Or have a laptop sitting there plugged into an old Cisco and just have them do something simple like login and change an ip address and setup and activate a DHCP pool. This way you can see if a guy can even configure a router without having his CCNA for dummies book or Google at his side.
|
# ? Mar 16, 2011 13:53 |
|
I guess my point was more the fact that asking about spanning-tree when interviewing for an engineer position seems to be picking the low fruit - I would've thought (this is all opinion, ofcourse) that something along the lines of "explain the importance of iBGP in the campus" or "list some examples where you might use MPLS VPN's to solve a problem". Obviously this is dependent entirely on the position and I'm only basing this on what I perceive based on my limited experience to be an "engineer" position.
|
# ? Mar 16, 2011 14:06 |
|
abigserve posted:I guess my point was more the fact that asking about spanning-tree when interviewing for an engineer position seems to be picking the low fruit - I would've thought (this is all opinion, ofcourse) that something along the lines of "explain the importance of iBGP in the campus" or "list some examples where you might use MPLS VPN's to solve a problem". Yeah, but if we are talking about an entry level network engineer position, a dude with a CCNA may have an idea of where BGP is used, but not how its implemented. I guess if the employer understands its his first job, then those questions would be kinda over his head, as they should be. At least, that's what I hope... cuz you know my interview is in 3 hours. EDIT: Also, I realize you may be talking about a standard network engineering positions. So, as you say "results may vary"
|
# ? Mar 16, 2011 14:46 |
|
Bardlebee posted:Yeah, but if we are talking about an entry level network engineer position, a dude with a CCNA may have an idea of where BGP is used, but not how its implemented. I guess if the employer understands its his first job, then those questions would be kinda over his head, as they should be. This is always a fun thing to do. Hand someone this: pre:int gi 0/0 ip address 10.0.0.1 255.255.255.252 ip access-group 101 in int gi 0/1 ip address 10.0.1.1 255.255.255.252 router bgp 65000 no synchronization bgp log-neighbor-changes neighbor 10.0.0.2 remote-as 65001 no auto-summary access-list 101 remark Permit access to webservers and protect other ports access-list 101 permit tcp any any eq 80 access-list 101 permit tcp any any eq 443 access-list 101 deny tcp any any access-list 101 remark Permit ICMP monitoring of the webservers access-list 101 permit icmp any any access-list 101 remark Permit all other traffic, routing, etc access-list 101 permit ip any any
|
# ? Mar 16, 2011 15:54 |
|
workape posted:This is always a fun thing to do. Hand someone this: So if tcp 179 & a random port above 1023 are being denied because of the deny tcp any any is the right answer, I get job?
|
# ? Mar 16, 2011 16:19 |
|
Harry Totterbottom posted:So if tcp 179 & a random port above 1023 are being denied because of the deny tcp any any is the right answer, I get job? Oh no! Then I start beating you up about QoS, traffic shaping and policing. Or my all time favorite, "How do you respond to the yelling of 'THE NETWORK IS SLOW'? Feel free to use drawings to describe the apparatus you will use to beat the whiners into submission." Honestly the 60% who got it wrong argued with me that the loving permit ip any any at the end of the ACL would allow the traffic through. Having to explain top down processing to people makes me a sad panda.
|
# ? Mar 16, 2011 18:43 |
|
workape posted:"How do you respond to the yelling of 'THE NETWORK IS SLOW'? 1.Ignore them because they are probably a bozo that has no idea what they are talking about. 2.Even if they are not a bozo and somehow do know what they are talking about; "slow" isn't the kind of measurement data any action can be taken on. 3.Even if there is some kind of legitimate slowness somewhere, if I haven't noticed it already due to my screwing off on the internet being disrupted, it probably isn't a big deal on a macro level. 4.Maybe I'll look at some performance metrics in some NMS if any exist.
|
# ? Mar 16, 2011 18:58 |
|
workape posted:Or my all time favorite, "How do you respond to the yelling of 'THE NETWORK IS SLOW'? I nullroute their traffic and then ask them "is it still slow or is it down?" When they complain that it's down, I'll dump the route and tell them, "is this better?"
|
# ? Mar 16, 2011 19:12 |
|
Alright, got back from my interview and I am not sure if this is a good idea, I kinda want to get your guys opinion of "If I had to do it over again" sort of deal. Obviously you weren't there so it's hard, but here is the gist of it: Small company, 20 people and 100 clients. The clients can range from 400 to 1200 ports and go as small as 100 ports. Pros: -Work in a team with other network engineers -Small business so there isn't as much pressure -The people were nice -The networks they handle seem like something I can handle -They do have some VoIP networks that they setup -They do work with ASA Firewalls Cons: -They are going to low ball me hard on the salary -The networks they do utilize RIP-2 mostly and maybe one or two instances of EIGRP, giving limited exposure to higher level stuff. -They do little BGP -They want me to wear many hats, like Microsoft server stuff, which is fine in a small company... but I wanted full on Cisco exposure. -The networks for the most part are one gateway networks. -No medical plan except for allotting 200 a month towards a personal medical insurance bill. Now, I realize I only have a year and a half of Cisco setups that don't go beyond high level routing like RIP-2. But, I am looking for a position that is going to teach me higher level stuff. I guess I feel like even though I feel I can handle most of the stuff they do, I feel like I won't go beyond setting up really basic EIGRP. Another good/bad side is I would have to learn a lot of Exchange and Server, which is nice but I was hoping for a focus. I dunno, with this limited information what do you guys think? To give you an idea, Junior network engineers in my area don't go below 45K a year. Most of them are 50K a year. I am thinking they are going to offer 40K and I won't get exposure to high level integrated routing protocols and other neat stuff.... Am I being to picky? Having all this said, I have another company who wants to interview me for an Intro level network engineer position. It's contract to hire and pays 50-54k. They are a very large consulting company and I assume I will get a lot of exposure. In the end, I just want experience, but I don't want to low-ball my skills and get paid less then 45K. I have 4-5 years of IT and of those 5, 1 and a half years are of Cisco networks on a CCNA level, setting up VPN's as well. To give you an idea of my skill set. Sorry for all the EDIT: It's a family owned business, not sure if that's a pro or con, but they have been around for 20+ years... Bardlebee fucked around with this message at 19:49 on Mar 16, 2011 |
# ? Mar 16, 2011 19:43 |
|
Could someone give me an idea on BE and BC when it comes to setting policy maps? Example: Let's say I have a customer requesting 300mb connection. code:
Zuhzuhzombie!! fucked around with this message at 20:15 on Mar 16, 2011 |
# ? Mar 16, 2011 19:59 |
|
Bardlebee posted:-The networks they do utilize RIP-2 mostly and maybe one or two instances of EIGRP, giving limited exposure to higher level stuff. I was going to say, when a place like that wants a 'network engineer' they aren't going to make you do anything fancy.
|
# ? Mar 16, 2011 20:02 |
|
Let me try to explain this with a picture:code:
|
# ? Mar 16, 2011 20:03 |
|
Bob Morales posted:I was going to say, when a place like that wants a 'network engineer' they aren't going to make you do anything fancy. Yeah, that's my main concern is that I will be stuck doing router-on-a-stick and while I have never done it in a production network, the poo poo ain't hard and I don't want that to be my "network engineer experience" five years down the line when I am lining up for a 5+ year network engineering experience that is a 60+K job and lots of exposure. With this place it will be more like "Yeah we did EIGRP.. but not to in depth". Then again they do VoIP and ASA stuff too so I am kinda like
|
# ? Mar 16, 2011 20:12 |
|
Bob Morales posted:This is in-use setup that I came across. Wouldn't you normally not make that third network (10.254.0.0) and just route straight over the interface instead of the ip? "Can do" and should do are pretty different goals. Having that /30 in place gives you a lot more tools at your disposal for troubleshooting, upgrade paths, etc.
|
# ? Mar 16, 2011 20:16 |
|
Bardlebee posted:I need some advise, fellow Network Engineers. I just got a job offer to work for a small business of roughly 25 people. In it, 5 of them are network engineers. The job will basically be a setup and design position for school districts and hospitals. Being a small business I doubt they will be able to pay me at the same rate as a large corporate network. The thing is they offer to teach me as I got, on the job training and what not. I'm in a similar situation. Kind of. I'm in a large ISP that gets to deal with BGP, EIGRP, fiber, T1, vwic, voip and voice vlans, etc. But I get paid about 20K less a year than I should be. But I learn a ton. Should be getting CCNA within the next four or five months. Here, though, it's kind of the exact opposite. I find 80K a year + jobs all the time, bjut they want you to be super Cisco admin + Windows support + everything else, and I don't want to really do that.
|
# ? Mar 16, 2011 20:23 |
|
workape posted:Oh no! Then I start beating you up about QoS, traffic shaping and policing. Or my all time favorite, "How do you respond to the yelling of 'THE NETWORK IS SLOW'? Feel free to use drawings to describe the apparatus you will use to beat the whiners into submission." I cheat and use auto-qos for VOIP traffic. Since we don't run anything other than data and voip the tweaking hasn't been necessary up to this point. I haven't really gotten to deal with traffic shaping or policing as we don't have enough traffic to merit it. I tell them to stop torrenting, then report them to HR to scan their drives and shares for inappropriate material, that if it wasn't there before it is now. Now you pay me lots of moneys?
|
# ? Mar 16, 2011 20:28 |
|
inignot posted:1.Ignore them because they are probably a bozo that has no idea what they are talking about. Too nice, you are implying that there is even the possibility that there could ever be a network issue. CrazyLittle posted:I nullroute their traffic and then ask them "is it still slow or is it down?" When they complain that it's down, I'll dump the route and tell them, "is this better?" Appropriate response, although going the next step down stream and looking into netflow and asking "What traffic? Are you sure you are doing it right?" for bonus points. Harry Totterbottom posted:I cheat and use auto-qos for VOIP traffic. Since we don't run anything other than data and voip the tweaking hasn't been necessary up to this point. I haven't really gotten to deal with traffic shaping or policing as we don't have enough traffic to merit it. I tell them to stop torrenting, then report them to HR to scan their drives and shares for inappropriate material, that if it wasn't there before it is now. Your hired. Appropriate level of assholeness.
|
# ? Mar 16, 2011 20:53 |
|
"Network is slow? Let me just consult my good friend MRTG" *5 minute hold for a coffee break* "Good news, he says the network is fine!" e: I can't wait until a future employer googles my nickname and finds this. I'm totally kidding e2: Or am I? some kinda jackal fucked around with this message at 21:33 on Mar 16, 2011 |
# ? Mar 16, 2011 21:06 |
|
workape posted:Appropriate response, although going the next step down stream and looking into netflow and asking "What traffic? Are you sure you are doing it right?" for bonus points. Actually, start dumping flows for his IP in nmon, and then reply to his email that "goat porn" is not work related, so if he doesn't mind you'll be classifying his traffic as "junk" and THEN report him to HR.
|
# ? Mar 16, 2011 21:29 |
|
CrazyLittle posted:"Can do" and should do are pretty different goals. Having that /30 in place gives you a lot more tools at your disposal for troubleshooting, upgrade paths, etc. Example? and which is the /30?
|
# ? Mar 16, 2011 21:45 |
|
Bob Morales posted:>Having that /30 in place gives you a lot more tools at your disposal for troubleshooting, upgrade paths, etc. The /30 is the 10.254.0.[0-3] subnet. Example: You can monitor the T1 status by pinging .1 from the local site or .2 from the remote site. Pinging the ethernet interface IP doesn't always give you the same result, because that IP will stop replying if the ethernet port is down or disconnected. Example 2: Not every routing method supports raw interfaces. Policy-based routing with "next-hop" needs an IP address, for example.
|
# ? Mar 16, 2011 21:51 |
|
abigserve posted:People ask loving spanning-tree questions in Engineering interviews? That's like asking a mechanic if he understands what wheels do. When you ask the previous 10 Mechanics what the wheels do and they can't tell you, you learn to not make assumptions. Also remember you want a Network Engineer, as in Cisco/Juniper. Anyone who understands those things will understand Spanning Tree. A "Windows Admin" won't.
|
# ? Mar 16, 2011 22:31 |
|
Powercrazy posted:When you ask the previous 10 Mechanics what the wheels do and they can't tell you, you learn to not make assumptions. An interesting thing during my interview. The guys there blatantly stated that they turn spanning-tree off because it ends up bringing down their networks. They explained why to me, and I still didn't get it. They mentioned something about sometimes students will switch out the ports on their switch or something. But, I just don't understand why you WOULDN'T have spanning-tree running. Anyone have an idea what the hell?
|
# ? Mar 16, 2011 22:33 |
|
Bardlebee posted:An interesting thing during my interview. The guys there blatantly stated that they turn spanning-tree off because it ends up bringing down their networks. They explained why to me, and I still didn't get it. Run, because that makes zero sense.
|
# ? Mar 16, 2011 22:51 |
|
Bardlebee posted:An interesting thing during my interview. The guys there blatantly stated that they turn spanning-tree off because it ends up bringing down their networks. They explained why to me, and I still didn't get it. "We haven't learned how to use portfast, or how to correctly block people from installing switches where they're not supposed to by using bpduguard and/or port security. Also rootguard/uplinkfast/backbonefast don't even sound like real features!"
|
# ? Mar 16, 2011 22:53 |
|
jbusbysack posted:Run Yeah, you probably don't want to be working there.
|
# ? Mar 16, 2011 22:59 |
|
CrazyLittle posted:Yeah, you probably don't want to be working there. Okay, I am glad I wasn't crazy. I made sure not to ask the question in the sense of "What the gently caress?" but more in the "Perhaps you guys can enlighten me with your CCNP's?" I seriously just, don't know. I mean I can see how the students can move the cables (which shouldn't be possible in the first place) but really? EDIT: Also, they use RIP-2 for most of the networks they setup, which isn't a crime in a 3-4 router network. But wouldn't they be better serviced with OSPF?
|
# ? Mar 16, 2011 23:21 |
|
Bardlebee posted:EDIT: Also, they use RIP-2 for most of the networks they setup, which isn't a crime in a 3-4 router network. But wouldn't they be better serviced with OSPF? Yes. If you're going to turn on a routing protocol, in a simple topology ospf is no more difficult then rip.
|
# ? Mar 16, 2011 23:32 |
|
RIP feels shameful. It's like setting dinner with paper plates while you have a stack of nice dishes in the cupboard. Sure it gets the job done, but nobody's impressed
|
# ? Mar 16, 2011 23:37 |
|
Martytoof posted:RIP feels shameful. It's like setting dinner with paper plates while you have a stack of nice dishes in the cupboard. Sure it gets the job done, but nobody's impressed Heh, welp I guess I dodged a bullet. And by dodged a bullet, that aside I don't think I would have taken this job anyway. Oh well, lets hope tomorrows phone interview is a little better.
|
# ? Mar 16, 2011 23:41 |
|
Really if you're in a place that doesn't know wha the hell bpduguard/portfast uses are you wouldn't end up learning anything. Sounds like they just go through a cycle of test passers for their network implementation team - unfortunately that kinda stuff will work for small networks even if it's not the best conditions. Are there any MSP's in your area that are hiring? As someone who works at one and deals with a few hundrew different environments, it sure is a hell of a learning experience. Sepist fucked around with this message at 00:02 on Mar 17, 2011 |
# ? Mar 16, 2011 23:59 |
|
Sepist posted:Really if you're in a place that doesn't know wha the hell bpduguard/portfast uses are you wouldn't end up learning anything. Sounds like they just go through a cycle of test passers for their network implementation team - unfortunately that kinda stuff will work for small networks even if it's not the best conditions. Define MSP, I get the SP part maybe, Service Provider? Yeah well they said they used portfast which confused me further. I assume that they just didn't care or they simply didn't bother with bpduguard. I don't know, either way the use of RIP instead of OSPF (I mean, even just for practice?) and not using Spanning-tree? I mean I guess what I am trying to say is when the guy who has all of one and a half years of setting up basic one gateway shops and setting up basic NAT tries to call you out on a spanning-tree basic, haha that's bad. Makes me feel good though that I did call them out, in a polite way of course. Means I might actually know what I am doing. By God, I learned stuff!
|
# ? Mar 17, 2011 00:08 |
|
Bardlebee posted:Define MSP, I get the SP part maybe, Service Provider? managed services provider. http://en.wikipedia.org/wiki/Managed_services I think a good working definition in this context would be, "A more than just internet ISP"
|
# ? Mar 17, 2011 00:12 |
|
Yes MSP's range from just reselling T1's/DSL's to full blown software/hardware support. Generally they have a NOC which handles little issues and escalation points for each discipline (eg: Unix/Windows/Networking/iSeries/Backup's) that handle higher level issues and project work.
|
# ? Mar 17, 2011 00:59 |
|
Sepist posted:Yes MSP's range from just reselling T1's/DSL's to full blown software/hardware support. Generally they have a NOC which handles little issues and escalation points for each discipline (eg: Unix/Windows/Networking/iSeries/Backup's) that handle higher level issues and project work. Thanks for the tip, I will have to look into that.
|
# ? Mar 17, 2011 01:08 |
|
|
# ? Apr 24, 2024 10:10 |
|
CrazyLittle posted:Yeah, you probably don't want to be working there. It probably wouldn't be the worst gig in the world. On one hand, you'd probably get to set a lot of stuff up that you wouldn't at a bigger place. Most of those places basically NEED Microsoft and Cisco certified people to keep their business partner status up. They can't use their logos etc if they don't.
|
# ? Mar 17, 2011 02:28 |