Network Configuration

Question 1

Private
#MACVlan

Answer 1

MACVlan instances cannot talk to each other, only external communication.

Question 2

VEPA (Virtual Ethernet Port Aggregator)
#MACVlan

Answer 2

Instances can talk to each other through external hardware.

Question 3

Bridge
#MACVlan

Answer 3

Instances are allowed internal and external communication.

Question 4

Passthru
#MACVlan

Answer 4

Instances are directly connected to the interface.

Question 5

Source
#MACVlan

Answer 5

Employs MAC filtering.

Question 6

what is the udev?

Answer 6

The udev (user device facility) is used to manage network hardware interfaces for the Linux kernel. Sometimes changes are needed to rename interfaces or change configurations to match hardware MAC addresses.

It is common to use the local administration directory for adding new rules. When rules are processed, all the files in the rules directories are combined and sorted in a lexical order.

/etc/udev/rules.d/70-persistent-net.rules

Question 7

what’s the command to change the maximum transmission unit MTU?

Answer 7

example: ifconfig eth0 mtu 1492
example: ip link set mtu 1492 dev eth0

Question 8

how to change the link speed

Answer 8

ethtool -s eht0 speed 1000 duplex full

Question 9

how do you check the link status

Answer 9

ip -s link

ip -s link show dev eth0

Question 10

how do you manually set a network layer 3 address

Answer 10

ip addr add [ip address]/[subnet mask] dev [eth?]
or
ipconfig peth0? [ip address] netmask [subnet mask]

Question 11

/etc/resolv.conf
#DHCP

Answer 11

This is the traditional static file used to configure the resolver.

Question 12

dnsmasq
#DHCP

Answer 12

Sets up in mini caching DNS server and may alter the resolver configuration to look at dnsmasq instead of the items listed in /etc/resolv.conf.

Question 13

systemd.resolved

Answer 13

As of systemd version 233, the systemd-resolved is available. It provides a DNS stub listener on IP address 127.0.0.53 on the loopback adapter, and takes input from several files, including: /etc/systemd/resolved.conf, /etc/systemd/network/*.network and any DNS information made available by other services, like dnsmasq.

Question 14

Symmetric Encryption

Answer 14

Symmetric encryption uses a single secret shared key, which both parties must have to communicate.

Question 15

Asymmetric Encryption

Answer 15

Asymmetric encryption uses mathematically-related public and private keys to communicate.

Plain text encrypted with an asymmetric public key can only be decrypted by using the corresponding private key. You cannot decrypt the cipher text using the same key which was used for encryption.

Question 16

Key Exchange

Answer 16

By using a combination of symmetric and asymmetric encryption, you can overcome the problems associated with both. The presented picture gives you an example of how to do it.

• Party One creates a session key using a symmetric algorithm.
• Party One then encrypts the session key, using the public key of Party Two, and sends the encrypted session key to Party Two.
• Party Two uses their private key to decrypt the session key.
• Both parties now communicate using the symmetric session key for encryption.