Q) What is Run Level?
Run level is one of the modes that the UNIX-based operating system will run in. Each run level has a certain no. of services stopped or started, giving the user control over the behavior of machines.
There are total seven run levels present numbered from 0 to 6.
i. Run level 0: Halt the system
ii. Run level 1: Single user mode (for administrative tasks)
iii. Run level 2: Multi-User Mode, without NFS (Network file system)
iv. Run level 3: Multi-User Mode with networking and command line interface.
v. Run level 4: Not used
vi. Run level 5: Multi-User Mode with networking and X Window (GUI)
vii. Run level 6: Reboot the system
Q) What is the difference between SSH and Telnet?
SSH which is known as Secure Shell is a networking protocol used to securely log in to the remote system. It is a most common way to access remote Linux or UNIX type system over the internet.
SSH run on port no 22 by default; however, it can be easily changed.
SSH is very secure protocol because it shares and sends the information in an encrypted format which provides confidentiality and security of data over an unsecured network such as the internet.
Once the data for communication is encrypted using SSH, it is very difficult to decrypt and read that data, so our password also become secure to travel on the public network.
SSH uses public-key for the authentication of users accessing the servers and it is a great practice providing us extreme security.
Telnet is the joint abbreviation of Telecommunication and network and it is the networking protocol best known for UNIX platform.
Telnet uses the port 23 and it was designed specifically for local area network.
Telnet is not a secure communication protocol because it does not use any security mechanism and transfers the data over the network/internet in plain text format including the password and so anyone can sniff the packet to get that important information.
There are no authentication policies and data encryption techniques used in telnet causing huge security threat that is why telnet is no longer used for accessing network devices and servers over the public network.
Q) Boot Process.
1. Power On/Restart:
When you power on or restart your computer the power is supplied to your computer SMPS.
One of the main components of the computer is SMPS (Switch Mode Power Supply). The primary objective of SMPS is to supply perfect required voltage level to the devices attached to the machine such as a motherboard, HDD’s, Keyboard, Mouse, CD-DVD ROM etc.
The most intelligent device in the computer is Processor (CPU) when supplied with the power start running sequence of operations stored in its memory. The first instruction it will run is to pass control to BIOS.
2. BIOS
BIOS stands for Basic Input-Output System. The most important use of BIOS is to do POST (Power on Self-Test) during the boot process. POST is the series of test conducted by BIOS to check the proper functioning of all the hardware components attached to the computers.
Once the POST is completed successfully, BIOS will check CMOS setting to know what the boot order is.
Boot order is nothing but a user defined order which tells where to look for the operating system. BIOS will select first boot device for booting, the devices can be Hard Drive, CD Rom, Floppy Drive, Network Interface or other removable media such as USB drive.
BIOS is programmed to look at the first sector of your Hard Drive which is known as Boot sector. This location is also known as MBR, which contains the program that will help our computer to load the operating system. As soon as BIOS finds a valid MBR, it will load entire content of MBR into the RAM and further execution is done by the content of MBR.
3. MBR
MBR stands for Master Boot Recorder which is located at the first sector of your hard disk. It is just a 512 Bytes in size. MBR is not located inside any partition.
MBR has following three components.
a. Primary boot loader code (size: 446Bytes)
b. Partition table information (size: 64 Bytes)
c. Magic number (size: 2 Byte)
a. Primary boot loader code: This code provides boot loader information and location details of actual bootloader code on the hard disk.
b. Partition table: MBR contains 64 bytes of data which stores Partition table information such as what is the start and end of each partition, the size of the partition, type of partition (Whether it's a primary or extended etc.). We can create maximum 4 primary partitions each of 16 Bytes only.
c. Magic Number: The magic number service as validation check for MBR. If MBR gets corrupted this magic number is used to retrieve it.
MBR cannot directly load kernel as it is unaware of file system concept and requires bootloader with file system driver with each supported file system. To overcome this situation GRUB is used with the details of the file system in /boot/grub/grub.conf and file system drivers.
4. GRUB
GRUB (Grand Unified Boot Loader) loads the kernel in 3 stages.
GRUB stage 1:
Its primary function is to load either stage 1.5 or stage 2 boot loader.
GRUB stage 1.5:
Stage 1 can load stage 2 directly but it is normally setup to load stage 1.5.
This can happen when the /boot partition is situated beyond 1024 cylindrical head of the hard disk.
GRUB Stage 1.5 is located in the first 30KB of hard disk immediately after MBR and before the first partition. This space is utilized to store file system drivers and modules.
This enabled stage 1.5 to load stage 2 to load from any known location on the file system i.e. /boot/grub
GRUB stage 2:
This is responsible for loading kernel from /boot/grub/grub.conf and any other module needed.
GRUB loads the user-selected (or default) kernel into memory and passes control on to the kernel. If the user does not select the OS after a defined timeout GRUB will load the default kernel in the memory for starting it.
4. Kernel
The kernel can be considered as the heart of the operating system responsible for handling all system processes. Kernel acts as a mediator of hardware and software.
The kernel is a compressed image file, it is basically an executable bzImage file.
The kernel verifies hardware configurations (floppy drive, hard drive, network adapter etc.) and configures drivers for the system.
Now the kernel uncompresses Initrd image. Initrd stands for initial ramdisk used by the kernel as temporary root file system until the kernel is booted and real root filesystem is mounted.
It also contains necessary drivers compile inside which helps it to access the hard drive partition and other hardware.
Once all modules are loaded which are present in Initrd image, it umount initrd image and mounts the root partition as specified in grub.conf file as read only.
5. INIT
Once the kernel starts its operation the first thing it does is executing INIT process.
The init process is the root/parent process of all the processes running under Linux.
As soon as init process is executed it will look at /etc/inittab file to know what the default run level is.
Based on the appropriate run-level, scripts are executed to start/stop various processes to run the system and make it functional.
Scripts for run levels 0 to 6 are located in subdirectories /etc/rc.d/rc0.d through /etc/rc.d/rc6.d respectively. There are also symbolic links available for these directory under /etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.
/etc/rc0.d/ –Contain Start/Kill scripts which should be run in Runlevel 0
/etc/rc1.d/ –Contain Start/Kill scripts which should be run in Runlevel 1
/etc/rc2.d/ –Contain Start/Kill scripts which should be run in Runlevel 2
/etc/rc3.d/ –Contain Start/Kill scripts which should be run in Runlevel 3
/etc/rc4.d/ –Contain Start/Kill scripts which should be run in Runlevel 4
/etc/rc5.d/ –Contain Start/Kill scripts which should be run in Runlevel 5
/etc/rc6.d/ –Contain Start/Kill scripts which should be run in Runlevel 6
At last, INIT runs one file which is /etc/rc.local
Q) What is Soft Link/Symlink?
Soft Link or Symlink is the actual link to an original file. Soft link is a file which contains a reference to another file or directory in the form of absolute or relative path.
In short, you can create a shortcut of the file or directory to the other path.
1. These links will have different inode values.
2. Soft link points to original file so if the original file is deleted then the soft link fails. If you delete soft link nothing will happen to file.
3. Soft link can link to directory also.
4. Soft link can cross the file system.
5. Soft link contains the path for original file/directory, not the actual content.
Q) What is Hard link?
Hard link is the mirror copy of the original file. Hard links point directly to the physical file on disk, and not on the path name.
1. These links share same inode value.
2. Changes made to the original file or hard linked file will reflect other. When you delete original file or hard linked file nothing will happen to other.
3. Hard link can link to files only not to the directory.
4. Hard link can’t cross file system.
5. Removing any link, just reduces the link count but doesn't affect the other links.
Q) What is UMASK?
UMASK stands for User File Creation Mask. It is a default set of permission given when new file/directory is created on Linux machine.
Default UMASK value for Normal user: 002
Default UMASK value for root user: 022
Base permission for directories are: 0777
Base permissions for files are: 0666
Q) What is ulimit?
The ulimit command provides the control over the resources available to the shell and/or to processes started by it.
You can limit the user to a specific range by editing /etc/security/limits.conf at the same time system wide settings can be updated in /etc/sysctl.conf.
Q) What is DNS?
DNS (Domain Name System) is service which translates between Internet name and Internet address i.e. it is used to resolve human-readable hostname like google.com into machine-readable IP address 216.58.203.142.
Q) What are DNS records and Types of DNS records?
DNS records are held in zone file used for mapping URL to IP address. DNS records are basically mapping file that tells DNS server which IP address each domain name is associated with, and how to handle requests sent to each domain. These records are typically the connection of your website with outside world.
Request for your website are forwarded to your DNS server and then get pointed to web server that serves the website or to the Email server that handles the incoming mail.
1. A Record:
A records are one of the key record types within the DNS. The A record is used to associate the domain name to IP address.
2. AAAA Record:
AAAA records are similar to A record. The only difference is that the AAAA records points to ipv6 address instead of ipv4 addresses.
3. CNAME Record:
CNAME stands for Canonical name. A CNAME record points one of your subdomains to a different domain name. i.e. CNAME record is used to define one domain an alias of other domain.
4. MX Record:
MX record stands for Mail Exchange Record. These records are used to identify the servers that handle the email address for your domain name.
5. NS Record:
NS or Nameserver record maps the domain name to a list of DNS servers authoritative for that domain. NS records indicate authoritative nameserver for the domain.
6. PTR Record:
PTR record type is used to perform the exact opposite functionality of DNS A record type. PTR record is used to translate an IP address to the domain name.
7. SOA Record:
SOA record stands for Start of Authority record. This record is used to inform resolver that the server which contains this record is the authoritative server for the requested domain name. That means it provides authoritative information about the domain.
Q) Types of the File system.
1. Ext2:
> Second extended file system.
> Introduced in 1993, developed by Remy Card.
> Ext2 does not have journaling Feature.
> Max Individual file size: 16 GB to 2 TB
> Overall file system size: 2 TB to 32 TB
2. Ext3:
> Third extended file system.
> Introduced in 2001, developed by Stephen Tweedie
> Ext3 have journaling feature enabled.
> Max Individual file size: 16 GB to 2 TB
> Overall file system size: 2 TB to 32 TB
3. Ext4:
> Fourth extended file system.
> Introduced in 2008.
> It has the option to turn off journaling feature, other features like delayed allocation, multi-block allocation, fast fsck etc.
> Max Individual file size: 16 GB to 16 TB
> Overall file system size: 1 EB (1EB = 1024PB = 1024 TB)
Q) What is Journaling?
Journaling file systems provide new level of safety to the Linux kernel. Instead of writing data directly to the storage device and then updating inode table, journaling filesystem writes file changes into a temporary file (called as journal) first. After data is successfully written to the storage device and the inode table, the journal entry is deleted.
When the system crashes, the possibility of file system corruption is less because of journaling.
If the system crash or suffer a power outage before the data can be written to the storage device, the journaling file system just reads through the journal file and processes any uncommitted data left over.
Q) TCP and UDP Difference.
TCP:
1. TCP stands for Transmission Control Protocol.
2. It is connection oriented protocol.
3. TCP header size is 20 bytes
4. TCP is reliable but slower in transferring.
5. TCP guarantee delivery of data.
6. The order of data at receiving end is same as on sending end.
7. TCP does error checking and error recovery.
UDP:
1. UDP stands for User Datagram Protocol.
2. It is connectionless protocol.
3. UDP Header size is 8 bytes.
4. UDP is not reliable, but faster in transferring.
5. UDP doesn’t provide guaranteed delivery of data.
6. UDP doesn’t provide any ordering of data.
7. UDP makes error checking but no reporting.
Q) Raid Levels?
RAID stands for Redundant Array of Independent (or Inexpensive) Disk. RAID is the way of combining several independent and relatively small disks into a single storage of large size. The disks included in the array are called as an array member. The disk can be combined into the array in different ways known as RAID levels.
1. RAID 0 (Striping)
In Raid 0, Data are splits up into blocks and then get written across all the drives in the array. Raid 0 provides high performance such as high read and write speed.
Utilizes all the storage capacity.
Raid 0 does not provide fault-tolerance, if one of the disks fails, all the data in Raid 0 array are lost.
We need at least minimum 2 disks to create a RAID 0 (Striping).
2. RAID 1 (Mirroring)
Data are stored twice by writing them to both the data drive and mirror drive. If a drive fails, the controller uses either the data drive or the mirror drive to recover data and continues operations.
The effective storage capacity is only half of the total drive capacity because all data get written twice.
In case a drive fails, data do not have to be rebuilt, they just have to be copied to the replacement drive.
We need at least minimum 2 disks to create a RAID 1 (Mirroring).
3. RAID 5 (Distributed parity)
Raid 5 is the most common secure raid level. Data blocks are striped across the drives and on one drive a parity checksum of all the block data is written. The parity data are not written to fixed drive, they are spread across all drives.
Raid 5 array can withstand a single drive failure.
If one of the drives fails, parity info will be used to rebuild the data.
We need minimum 3 disks to create a RAID 5 (Distributed parity).
4. RAID 6 (Striping with double parity)
RAID 6 is like RAID 5 only, but the parity data are written to two drives.
RAID 6 can withstand 2 drive failure simultaneously.
If two drives fail, you still have access to all data, even while the failed drives are being replaced. So RAID 6 is more secure than RAID 5.
We need minimum 4 Drives to create RAID 6
Q) Recursive query in DNS?
The recursive query is a kind of query in which DNS server who receives your query will do all the job of fetching the answer and giving back to you.
During this process, the DNS server might also query other DNS servers on the internet for your answer.
Step by step understanding
1. Suppose that you want to browse www.example.com and your resolver.conf has got an entry of ISP DNS server.
2. DNS server on receiving the query will look into its table (cache) to find IP address ie A record for example.com.
3. If DNS server does not have the answer for the query in its cache, then it will send this query to “root” DNS server for the answer.
4. The root DNS server will reply with the list of server’s (referral) that are responsible for handling “.com” TLD server.
5. Our DNS server will select one of the .com TLD servers from the list given by root server to query the answer for example.com.
6. Similar to root servers, the TLD servers are also iterative in nature, so it replies back to our DNS server with the list of IP address of DNS servers responsible for the domain (authoritative nameserver) example.com.
7. This time also our DNS server will select one of the IP from given list of authoritative nameserver and queries A record for example.com.
8. Now our DNS server will reply us back with IP domain pair. Now browser will send the request to the web server for the content using IP address that it has learned.
9. Our DNS server now stores this record in its table (cache), so next time when it receives the same query then it will serve it from its cache.
Q) Iterative query in DNS?
In an Iterative query, the DNS server will not go and fetch the complete answer for your query but will give back referral to other DNS server which might have the answer.
If the DNS server is not recursive (i.e iterative) in nature then, it will give the answer if it has in its record. Otherwise, will give us the referral to root servers, that means it will not query root server and other DNS servers.
Now its job of our resolver to query root servers, TLD servers, and authoritative name servers.
Reference link: DNS query explained
