Skip to main content
HashnodeNetworking-for-DevOps

Command Palette

Search for a command to run...

🌐 Networking for DevOps – Interview Scenario Q&A (In-Depth)

Published
β€’4 min read
A
Ajay Vitthal Guhade

https://edrawcloudpublicus.s3.amazonaws.com/work/1905656/2022-4-24/1650795911/main.png

https://www.researchgate.net/profile/Richard-Ocaya/publication/236731034/figure/fig4/AS%3A299331002355718%401448377480726/Client-and-server-flowcharts-showing-the-progression-from-request-to-authenticated.png

https://images.wondershare.com/edrawmax/templates/network-diagram-for-load-balancing.png

1️⃣ Scenario: Website is Not Reachable From Browser

Question:
Your application is running on a server, but users cannot access it from the browser. How will you troubleshoot?

βœ… Step-by-Step Answer (Interviewer Loves This)

  1. Check DNS Resolution
nslookup example.com
dig example.com
  • If DNS fails β†’ Domain not mapped correctly
  1. Check Network Connectivity
ping example.com
traceroute example.com
  • Identifies where the packet is dropping
  1. Check Port Accessibility
telnet example.com 80
nc -zv example.com 443
  1. Check Firewall / Security Groups
  • Linux firewall:
sudo iptables -L
sudo ufw status
  • Cloud SG/NACL rules
  1. Check Application Binding
ss -tulnp | grep 80
  • App must bind to 0.0.0.0, not 127.0.0.1
  1. Check Load Balancer (if any)

  • Health checks

  • Target group status

πŸ‘‰ Conclusion:
Networking issue could be DNS, firewall, port binding, or load balancer misconfiguration.

2️⃣ Scenario: Application Works Locally but Fails in Production

Question:
Your app works on localhost but fails after deployment. Why?

βœ… Possible Reasons

CauseExplanation
Binding issueApp listens on localhost instead of public IP
FirewallProduction blocks inbound traffic
Wrong portApp exposed on 8080 but LB expects 80
NAT issuePrivate subnet has no internet gateway
Proxy issueCorporate proxy blocks outbound traffic

πŸ” Debug Commands

curl localhost:8080
curl server-ip:8080

3️⃣ Scenario: Kubernetes Pod Cannot Reach External Internet

Question:
A pod inside Kubernetes cannot access external APIs. What could be wrong?

βœ… Root Causes

  1. No NAT Gateway

    • Pods in private subnet need NAT for outbound internet

  2. Network Policies Blocking Traffic

kubectl get networkpolicy
  1. DNS Issue
kubectl exec pod -- nslookup google.com
  1. CoreDNS Not Working
kubectl get pods -n kube-system
  1. Security Group Rules
  • Node SG must allow outbound traffic

πŸ‘‰ DevOps Insight:
Kubernetes networking depends heavily on cloud VPC + CNI plugin.

4️⃣ Scenario: High Latency in Application

Question:
Users complain about slow response times. How do you troubleshoot networking?

βœ… Investigation Flow

  1. Check Latency
ping server
  1. Check Packet Loss
mtr example.com
  1. Check Load Balancer
  • Uneven traffic distribution
  1. Check MTU Mismatch
  • Common in VPN / container networking
  1. Check TLS Handshake Time
curl -w "@curl-format.txt" -o /dev/null -s https://example.com

5️⃣ Scenario: SSH Connection Refused

Question:
You cannot SSH into a server. What will you check?

βœ… Checklist

  1. Correct Port
ssh user@ip -p 22
  1. Firewall Rules
iptables -L
  1. SSH Service Status
systemctl status sshd
  1. Security Group
  • Port 22 allowed from your IP?
  1. Fail2ban Blocking IP
sudo fail2ban-client status

6️⃣ Scenario: Load Balancer Shows Targets as Unhealthy

Question:
ALB/NLB shows unhealthy instances but app is running.

βœ… Common Reasons

  • Health check path incorrect (/health)

  • App returns 403 or 500

  • Wrong port mapping

  • Firewall blocks LB IP range

πŸ‘‰ Fix

curl http://instance-ip:port/health

7️⃣ Scenario: CI/CD Pipeline Cannot Access Server

Question:
Your GitHub Actions/Jenkins cannot deploy to server.

βœ… Debug Steps

  • Whitelist CI IP range

  • Check outbound rules

  • VPN or Bastion Host required?

  • SSH key mismatch

8️⃣ Scenario: Microservices Cannot Talk to Each Other

Question:
Service A cannot reach Service B.

βœ… Possible Causes

  • Wrong service name (DNS)

  • Network policy blocking

  • Wrong port exposure

  • mTLS misconfiguration

curl http://service-b.namespace.svc.cluster.local

9️⃣ Scenario: Public IP Changed After Restart

Question:
Your server IP changes after restart. Why?

βœ… Explanation

  • Using dynamic public IP

  • Fix by:

    • Elastic IP (cloud)

    • Load balancer

    • DNS instead of IP

πŸ”Ÿ Scenario: Zero-Downtime Deployment Networking Role

Question:
How networking helps zero-downtime deployment?

βœ… Concepts Used

  • Load balancer health checks

  • Blue-Green deployment

  • Canary routing

  • DNS TTL control

πŸ”₯ MUST-KNOW COMMANDS (Interview Rapid Fire)

ip a
ip route
ss -tulnp
netstat -rn
tcpdump -i eth0
curl -I
traceroute
nslookup
dig

🧠 Interviewer Bonus Tip

When answering:

❌ β€œIt’s a networking issue”
βœ… β€œI’ll verify DNS β†’ connectivity β†’ port β†’ firewall β†’ application binding”

This structured thinking is what interviewers want from DevOps engineers.

#devops#trainwithshubham#continuous-learning#90daysofdevops#networking-for-devops#interview-questions#interview-tips

Comments

Join the discussion

No comments yet. Be the first to comment.