cloudflare 面试题答案

cloudflare 面试题

答案如下:

1) What is the lowest TCP port number?

0

2) The TCP frame has an URG pointer field, when is it used?

使用URG标识的数据包可以在同一个TCP连接上使用不同的channel传输数据;同时,在数据的接收方,这部分数据会保存在另外一个buffer中。接受到URG数据包后,应用会收到信号:带有UGR标识的数据包来了。目前使用UGR的应用层协议中,最常见的就是FTP。URG数据包用于FTP服务在忙于传输数据时接收其他的FTP命令使用。

3) Can the RST packet have a payload?

可以,但没有实现(?)

4) When is the “flow” field in IPv6 used?

参考:https://tools.ietf.org/html/rfc6294#section-1.2
flow label 为实时流提供有别于尽力而为流的服务。

5) What does the IP_FREEBIND socket option do?

参考 http://man7.org/linux/man-pages/man7/ip.7.html

6) What does the PSH flag actually do?

TCP发送方的数据不会放在buffer中,而是直接发送出去;同理,接收到数据的对端也不会放在buffer中,而是直接通知应用处理。

实际上只是刷新了buffer。

7) The TCP timestamp is implicated in SYN cookies. How?

体现在 SYN-ACK 数据包中的一个序号中 https://tools.ietf.org/html/rfc4987#appendix-A

8) Can a “UDP” packet have a checksum field set to zero?

对于UDP来说,0x0000的校验和是非法的(TCP/IP是合法的),会被替换为0xFFFF。

9) How does TCP simultaneous open work? Does it actually work?

https://tools.ietf.org/html/rfc793#page-32

两个应用程序同时向对方返送SYN来建立TCP连接时可能的,尽管可能性非常小,因为两方都需要提前知道另一方开放的端口是哪个。

例如:应用程序 a 在主机 A 上绑定了 7777 端口,并要连接主机 B 上的 8888 端口;同时,应用程序 b 在主机 B 上绑定了端口 8888,并去连接主机 A 的 7777 端口,这个过程就被叫做 TCP simultaneous open.

状态转移见下图:

 

10) What is a stupid window syndrome?

https://tools.ietf.org/html/rfc813

11) What are the CWE and ECE flags in TCP header?

CWE指的是什么东西?CWR吧?https://www.ietf.org/rfc/rfc2861.txt
ECE https://tools.ietf.org/html/rfc3168#section-6

12) What is the IP ID field and what does it have to do with DF bit? Why do some packets have a non-zero IP ID and a DF set?

Identifier 字段和 Flags / Fragment Offest 字段联合使用,对较大的上层数据包进行分段(fragment)操作。路由器将一个包拆分后,所有拆分开的小包被标记相同的值,以便目的端设备能够区分哪个包属于被拆分开的包的一部分。

DF 位设为1时表明路由器不能对该上层数据包分段。如果一个上层数据包无法在不分段的情况下进行转发,则路由器会丢弃该上层数据包并返回一个错误信息。

表明不分片。

13) Can a SYN packet have a payload? (hint: new RFC proposals)

可以,TCP fast open

14) Can a SYN+ACK packet have a payload?

可以,TCP fast open

15) ICMP packet-too-big messages are returned by routers and contain a part of the original packet in the payload. What is the minimal length of this payload that is accepted by Linux?

The minimal required MTU for all IPv6 hosts is 1232, for IPv4 the value is 512 bytes.

16) When an ICMP packet-too-big message is returned by an intermediate router it will have the source IP of that router. In practice though, we often see a source IP of the ICMP message to be identical to the destination IP of the original packet. Why could that happen?

NAT

17) Linux has a “tcp_no_metrics_save” sysctl setting. What does it save and for how long?

 /* Save metrics learned by this TCP session. This function is called
  * only, when TCP finishes successfully i.e. when it enters TIME-WAIT
  * or goes from LAST-ACK to CLOSE.
  */

 一个tcp连接关闭后,把这个连接曾经有的参数比如慢启动门限 snd_sthresh,拥塞窗口 snd_cwnd 还有 srtt 等信息保存到 dst_entry 中, 只要 dst_entry 没有失效,下次新建立相同连接的时候就可以使用保存的参数来初始化这个连接。

18) Linux uses two queues to handle incoming TCP connections: the SYN queue and the accept queue. What is the length of the SYN queue?
和内核有关系:

在2.6.20之前,由/proc/sys/net/ipv4/tcp_max_syn_backlog决定;
在2.6.20之后,使用以下方法确定:
nr_table_entries = min_t(u32, nr_table_entries, sysctl_max_syn_backlog);
nr_table_entries = max_t(u32, nr_table_entries,8);
nr_table_entries = roundup_pow_of_two(nr_table_entries +1);

19) What happens if the SYN queue grows too large and overflows?

丢包,拒绝服务

20) What are BGP bogons, and why are they less of a problem now?

Bogon prefixes are for example unassigned prefixes, or RFC1918 networks and there are also other reserved ranges.The ISP can then announce this IPv4 prefix in the BGP table on the Internet.All these IANA to RIR assignments are public information, you can find it at cymru.com, they have regular updateicmps.The problem exists when networks listed as RESERVED or UNALLOCATED in this list are being announced and produces internet traffic.

BGP bogons filtering

21) TCP has an extension which adds MD5 checksums to packets. When is it useful?

Protection of BGP Sessions via the TCP MD5 Signature Option

22) What are the differences in checksumming algorithms in IPv4 and IPv6?

https://www.ietf.org/rfc/rfc2766.txt 5.3.1

Leave a Reply

Your email address will not be published. Required fields are marked *

*