Routing & Switching Interview Questions - Computer Networks

Routing and switching are functions of computer networks that determine how data travels from source to destination. Switching operates within a network to forward frames based on MAC addresses, while routing selects optimal paths across networks using IP addresses and routing protocols.

1. Differentiate between store-and-forward switching and cut-through switching. How does each impact network latency and error handling?

Store-and-Forward Switching:

• The switch buffers the entire frame, verifies it with CRC (Cyclic Redundancy Check), and only then forwards it.
• Impact: Higher latency (due to full frame storage) but better error handling, since corrupted frames are dropped early.
• Use case: Reliable networks where error detection is critical (e.g., enterprise LANs).

Cut-Through Switching:

• The switch reads only the destination MAC address (first 6 bytes) and starts forwarding before the frame is completely received.
• Impact: Very low latency, but corrupted frames may be propagated across the network.
• Use case: High-speed, low-latency environments (e.g., trading systems).

2. Explain how routing loops occur and discuss mechanisms to prevent them in distance-vector protocols.

Cause: Routing loops occur when routers have inconsistent or outdated routing information, causing packets to circulate endlessly.

Prevention in Distance-Vector Protocols (e.g., RIP):

• Split Horizon: Prevents sending a route back on the same interface it was learned.
• Route Poisoning: Marks failed routes with an infinite metric (e.g., RIP metric = 16).
• Hold-Down Timers: Temporarily suppress updates for a route once it’s declared unreachable, avoiding flapping routes.

Benefit: These mechanisms reduce count-to-infinity problems and improve network stability.

3. In what scenario would you choose static routing over dynamic routing despite network growth? Justify your answer.

Scenarios:

• Small, stable networks: Topology rarely changes.
• Security-sensitive environments: Static routes prevent malicious or accidental protocol updates.
• Backup paths: Used as failover routes when dynamic routes fail.
• Resource-limited devices: Routers with low CPU/memory may not handle dynamic protocols efficiently.

Example: A branch office with one uplink to HQ can use static routing since topology changes are rare and security/simplicity are prioritize

4. How does VLAN tagging work in switches, and what problem does the 802.1Q standard solve?

VLAN Tagging:

• A 4-byte tag (including VLAN ID) is inserted into the Ethernet frame header.
• This ensures traffic is logically separated, even over shared links.

802.1Q Standard:

• Defines a vendor-neutral tagging method for VLANs.
• Solves the problem of inter-switch VLAN communication, allowing multiple VLANs to traverse a single trunk link without mixing traffic.
• Ensures compatibility across different vendors’ switches.

5. Compare and contrast link-state and distance-vector routing protocols with examples. Which converges faster and why?

Distance-Vector (e.g., RIP, EIGRP in hybrid mode):

• Routers exchange only distance metrics (hop counts).
• Simple, but prone to routing loops and slower convergence.
• Uses periodic updates.

Link-State (e.g., OSPF, IS-IS):

• Routers exchange topology information with all neighbors.
• Each router runs Dijkstra’s SPF algorithm to compute shortest paths.
• Converges much faster due to immediate flooding of changes.

Convergence Speed:

• Link-State > Distance-Vector
• Reason: Link-state protocols instantly flood topology changes, while distance-vector relies on hop-by-hop propagation and periodic updates.

6. Explain the role of ARP in a switched network and how ARP spoofing can be mitigated.

Role of ARP:

• ARP (Address Resolution Protocol) maps IP addresses to MAC addresses, enabling devices to communicate in a LAN.
• Switches rely on MAC addresses to forward frames correctly. Without ARP, IP packets couldn’t be delivered across an Ethernet network.

ARP Spoofing Attack:

• A malicious host sends fake ARP replies, associating its MAC address with the IP address of another device (e.g., the default gateway).
• This diverts traffic through the attacker, enabling Man-in-the-Middle (MITM) attacks or denial-of-service (DoS).

Mitigation Techniques:

• Static ARP entries: Hardcode mappings for critical devices (e.g., gateway, servers).
• Dynamic ARP Inspection (DAI): Switch feature that validates ARP packets against trusted DHCP snooping bindings.
• Port security: Restrict the number of MAC addresses per port.
• DHCP snooping: Prevents rogue DHCP servers that could feed false ARP info.

7. How do routers perform path selection when multiple routes to the same destination exist? Explain with administrative distance and metric.

Administrative Distance (AD):

• Represents trustworthiness of the route source. Lower AD = more preferred.
• Examples: Connected (0), Static (1), EIGRP (90), OSPF (110), RIP (120).

Metric:

• If routes from the same protocol (same AD) exist, the metric is used.
• Example: RIP -> hop count; OSPF -> cost (bandwidth-based); EIGRP -> composite metric (bandwidth, delay, load, reliability).

Tie Case: If both AD and metrics match, routers can perform Equal-Cost Load Balancing (ECMP), distributing traffic across multiple paths.

8. What is ECMP (Equal-Cost Multi-Path) routing, and when can it cause packet reordering?

Definition:

• ECMP allows routers to install multiple next-hops for the same destination when paths have equal cost/metric.
• Improves bandwidth utilization and redundancy.

Packet Reordering Issue:

• If per-packet load balancing is used, packets from the same flow may traverse different paths with different delays.
• This leads to packet reordering, which breaks TCP performance (causing retransmissions).

Mitigation: Use per-flow (hash-based) load balancing, ensuring packets of the same flow always follow the same path.

9. Describe the Spanning Tree Protocol (STP) and how Rapid STP improves upon it.

Spanning Tree Protocol (STP):

• Prevents Layer 2 loops in Ethernet by blocking redundant links.
• Elects a Root Bridge; all switches calculate the shortest path tree toward it.
• Some links go into a blocking state to prevent loops, but can activate if a primary link fails.
• Traditional STP convergence takes 30–50 seconds due to listening/learning states.

Rapid Spanning Tree Protocol (RSTP, IEEE 802.1w):

• Converges in a few seconds instead of tens of seconds.
• Simplifies port states (discarding, learning, forwarding).
• Uses edge ports (fast transition, no delay for end devices).
• Uses proposal/acknowledgment handshakes instead of timers.

10. In a multi-router setup, how does route redistribution work, and what problems can it introduce?

Route Redistribution:

• Allows sharing routes between different routing domains/protocols (e.g., redistributing OSPF into EIGRP or vice versa).
• Needed in multi-protocol networks or during migrations.

Problems Introduced:

• Route feedback loops: Routes redistributed back and forth can cause loops.
• Metric translation issues: Different protocols use different metrics (e.g., OSPF cost vs. RIP hop count).
• Inconsistent routing: May lead to suboptimal paths or black holes.

Solutions:

• Apply route filtering/prefix lists to limit redistributed routes.
• Set manual metrics to ensure fairness and consistency.
• Use careful hierarchical design to reduce redistribution needs.

11. How does ECMP (Equal-Cost Multi-Path) routing improve network performance, and what are its limitations?

Improvement:

• ECMP enables a router to use multiple next-hops with equal cost to the same destination.
• Provides load balancing by distributing traffic across paths using hash functions (based on source/destination IP, ports, protocol).
• Enhances redundancy and fault tolerance - if one path fails, traffic is still routed via others.
• Increases aggregate bandwidth utilization without requiring complex link aggregation.

Limitations:

• Uneven traffic distribution: Hashing may imbalance traffic if some flows are much larger than others.
• Packet reordering: With per-packet load balancing, flows can arrive out-of-order, harming TCP performance.
• Topology dependence: Frequent route flaps disrupt hash assignments, causing instability.
• Works only when equal-cost paths exist (not useful for unequal paths unless advanced features like EIGRP variance are used).

12. Why is TTL (Time-to-Live) important in IP packets, and how can it help in detecting routing loops?

• TTL is decremented at every router hop.
• If TTL reaches 0, the packet is discarded, preventing infinite looping.
• Useful in loop detection and troubleshooting (e.g., Traceroute works by sending packets with incrementing TTLs and collecting ICMP Time Exceeded messages).
• Without TTL, routing loops could flood networks indefinitely.

13. How does MPLS (Multiprotocol Label Switching) differ from traditional IP routing, and why is it preferred in large service provider networks?

• Traditional IP routing: Each router looks up the destination IP in its routing table -> slower and less predictable.
• MPLS: Uses short labels for forwarding, enabling fast switching.
• Advantages:

Traffic Engineering (TE) -> optimized path selection.
VPN support (L3VPN, L2VPN).
QoS prioritization.

• Limitation: More complex to configure/maintain.

14. Explain how VLAN trunking works and why tagging is necessary.

VLAN Trunking:

• A trunk link carries traffic for multiple VLANs over a single physical interface between switches.
• Saves cabling and ensures logical VLAN separation across the network.

Tagging (IEEE 802.1Q):

• Inserts a 4-byte VLAN tag into Ethernet frames.
• Identifies which VLAN the frame belongs to.
• Ensures that VLAN boundaries are preserved when traffic traverses trunk links.

Why Necessary:

• Without tags, switches would not differentiate VLAN traffic -> broadcast domains would merge, breaking isolation and causing broadcast storms.
• Tagging ensures inter-switch VLAN communication while maintaining logical segmentation.

15. Why is OSPF considered a hierarchical routing protocol, and what advantages does this hierarchy provide?

• OSPF organizes topology into areas (backbone area 0 and others).
• Advantages:

Scalability: Reduces size of LSDB (Link State Database).
Faster convergence: Changes are contained within an area.
Efficient routing: Summarization at ABRs reduces routing table size.

• Example: A large enterprise may use multiple OSPF areas for campus, data center, and WAN, all connected to Area 0.

16. Why can asymmetric routing cause issues in stateful firewalls, and how is it mitigated?

Asymmetric Routing:

• Happens when packets of the same session (forward and return) traverse different network paths.
• Example: A request goes through Firewall A, but the reply comes back via Firewall B.

Problem in Stateful Firewalls:

• Stateful firewalls track sessions in connection tables.
• If only one direction of traffic is seen (due to asymmetry), the return traffic may be dropped as “unsolicited.”

Mitigation:

• Firewall clustering with state synchronization: Firewalls share session tables.
• Policy-based routing (PBR): Force symmetrical traffic flows.

17. How do L3 switches differ from routers in packet forwarding, and when would you choose one over the other?

Layer 3 Switches:

• Perform routing in hardware (ASICs) -> very high speed, low latency.
• Typically used for intra-network routing, such as inter-VLAN routing in LAN/data centers.
• Limited support for advanced WAN features.

Routers:

• Use software-based forwarding (CPU), though modern ones also use ASIC acceleration.
• Support a wide range of protocols (BGP, MPLS, VPN, QoS, NAT).
• Designed for WAN edge connectivity and inter-domain routing.

Choice:

• L3 Switch: When performance and scalability in LAN/data center is priority.
• Router: When advanced policies, WAN protocols, or Internet connectivity is required.

18. What is route flapping, and how do routing protocols minimize its impact?

Route Flapping:

• A route repeatedly changes state (up/down) in short intervals.
• Causes instability, excessive CPU load, and frequent reconvergence.

Mitigation Techniques:

• BGP Route Dampening: Suppresses unstable routes for a penalty time.
• RIP Hold-Down Timers: Temporarily ignores flapping updates.
• OSPF/IS-IS SPF Throttling: Limits frequency of SPF recalculations.

Trade-off:

• Reduces instability, but may delay propagation of legitimate changes.
• Proper tuning is required to balance stability and responsiveness.

19. Explain the difference between Layer 2 and Layer 3 switching loops and how each is prevented.

Layer 2 Loops:

• Occur due to redundant Ethernet links.
• Cause broadcast storms, multiple frame copies, and MAC table instability.
• Prevention: Spanning Tree Protocol (STP), Rapid STP (RSTP), Multiple STP (MSTP).

Layer 3 Loops:

• Occur due to incorrect or outdated routing information.
• Packets circulate endlessly between routers.
• Prevention:

TTL (Time-to-Live) expiration in IP packets.
Route poisoning & split horizon in distance-vector protocols.
Loop-free algorithms in link-state protocols

20. How does BGP handle routing policy compared to IGPs, and why is it preferred for inter-domain routing?

BGP (Border Gateway Protocol):

• Path-vector protocol designed for inter-domain (ISP-to-ISP) routing.
• Focuses on policy-based decisions rather than just shortest path.
• Uses attributes:

AS-Path (loop prevention, path length)
Local Preference (preferred exit point)
MED (Multi-Exit Discriminator) (preferred entry point)
Communities (policy grouping).

IGPs (OSPF, EIGRP, IS-IS, RIP):

• Used for intra-domain routing.
• Optimize for speed, cost, and convergence.
• Not scalable for global Internet routing.

Why BGP for Inter-Domain:

• Can filter, prefer, or deny routes based on business/security policies.
• Handles large Internet routing tables (900k+ prefixes).
• Prevents an AS from being used as unwanted transit provider.