cloudflare 面试题答案

cloudflare 面试题


1) What is the lowest TCP port number?


2) The TCP frame has an URG pointer field, when is it used?


3) Can the RST packet have a payload?


4) When is the “flow” field in IPv6 used?

flow label 为实时流提供有别于尽力而为流的服务。

5) What does the IP_FREEBIND socket option do?


6) What does the PSH flag actually do?



7) The TCP timestamp is implicated in SYN cookies. How?

体现在 SYN-ACK 数据包中的一个序号中

8) Can a “UDP” packet have a checksum field set to zero?


9) How does TCP simultaneous open work? Does it actually work?


例如:应用程序 a 在主机 A 上绑定了 7777 端口,并要连接主机 B 上的 8888 端口;同时,应用程序 b 在主机 B 上绑定了端口 8888,并去连接主机 A 的 7777 端口,这个过程就被叫做 TCP simultaneous open.



10) What is a stupid window syndrome?

11) What are the CWE and ECE flags in TCP header?


12) What is the IP ID field and what does it have to do with DF bit? Why do some packets have a non-zero IP ID and a DF set?

Identifier 字段和 Flags / Fragment Offest 字段联合使用,对较大的上层数据包进行分段(fragment)操作。路由器将一个包拆分后,所有拆分开的小包被标记相同的值,以便目的端设备能够区分哪个包属于被拆分开的包的一部分。

DF 位设为1时表明路由器不能对该上层数据包分段。如果一个上层数据包无法在不分段的情况下进行转发,则路由器会丢弃该上层数据包并返回一个错误信息。


13) Can a SYN packet have a payload? (hint: new RFC proposals)

可以,TCP fast open

14) Can a SYN+ACK packet have a payload?

可以,TCP fast open

15) ICMP packet-too-big messages are returned by routers and contain a part of the original packet in the payload. What is the minimal length of this payload that is accepted by Linux?

The minimal required MTU for all IPv6 hosts is 1232, for IPv4 the value is 512 bytes.

16) When an ICMP packet-too-big message is returned by an intermediate router it will have the source IP of that router. In practice though, we often see a source IP of the ICMP message to be identical to the destination IP of the original packet. Why could that happen?


17) Linux has a “tcp_no_metrics_save” sysctl setting. What does it save and for how long?

 /* Save metrics learned by this TCP session. This function is called
  * only, when TCP finishes successfully i.e. when it enters TIME-WAIT
  * or goes from LAST-ACK to CLOSE.

 一个tcp连接关闭后,把这个连接曾经有的参数比如慢启动门限 snd_sthresh,拥塞窗口 snd_cwnd 还有 srtt 等信息保存到 dst_entry 中, 只要 dst_entry 没有失效,下次新建立相同连接的时候就可以使用保存的参数来初始化这个连接。

18) Linux uses two queues to handle incoming TCP connections: the SYN queue and the accept queue. What is the length of the SYN queue?

nr_table_entries = min_t(u32, nr_table_entries, sysctl_max_syn_backlog);
nr_table_entries = max_t(u32, nr_table_entries,8);
nr_table_entries = roundup_pow_of_two(nr_table_entries +1);

19) What happens if the SYN queue grows too large and overflows?


20) What are BGP bogons, and why are they less of a problem now?

Bogon prefixes are for example unassigned prefixes, or RFC1918 networks and there are also other reserved ranges.The ISP can then announce this IPv4 prefix in the BGP table on the Internet.All these IANA to RIR assignments are public information, you can find it at, they have regular updateicmps.The problem exists when networks listed as RESERVED or UNALLOCATED in this list are being announced and produces internet traffic.

BGP bogons filtering

21) TCP has an extension which adds MD5 checksums to packets. When is it useful?

Protection of BGP Sessions via the TCP MD5 Signature Option

22) What are the differences in checksumming algorithms in IPv4 and IPv6? 5.3.1

Leave a Reply

Your email address will not be published. Required fields are marked *