What kind of networking questions do you ask an candidate in an interview?

Iristheangel

I'm in an interesting issue. My manager has been having me interview new potential network engineer candidates and I've been using what I think are easy questions to screen their technical skills. Without fail, people with 10-15 years of "senior network engineer" experience can't answer 9/10 of my questions.

I ask some pretty basic EASY stuff:
"How do you configure an SVI on a multilayer switch?" (Best response - "You create a subinterface...")
"How do you enable routing on a multilayer switch?"
"You are viewing the ingress traffic on a multilayer switch by means of a SPAN port. Just looking at the packets going in, how can you tell whether the packets are going to L2 or L3 switched?"
"Oh, I see you have experience with (whatever routing protocol listed on their resume). How would you configure that on a router?"
"How do you configure rapid spanning tree?"
"Give me the general idea of STP?"
"What is a VLAN and how do you create one?"
"How do you configure VTP?"

Without fail, people with years and years of experience get 9/10 questions wrong and when I mean "wrong," I mean not even REMOTELY right.

What is the experience of other engineers out there? What kind of questions do you ask?
Am I being too mean or just running into a lot of slow people?

Xyro

I'm not interviewing for this level of knowledge (yet); however, I need to interview for lower levels & yes... it's always the same story - people with years & years of (supposed) technical experience cannot respond correctly.

I only see 2 options here:
Somehow improve pool of respondents
or
"Dumb-down" the questions

I will be watching this thread carefully to check for other options as I may not be seeing something which will offer me a more efficient solution.

Iristheangel

I feel like a mid-level engineer should understand the basic theory and/or basic terminology. Hell, I expect them to know MORE than me. I shouldn't be able to stump them 9/10 times with basic theory questions. I know that our jobs aren't spent configuring most of the time so I try my hardest to steer clear of straight config questions or I dont' judge them if they get a command or two wrong, but not even knowing what STP or VTP is ridiculous

nerdydad

You are running into slow people, that being said, I have never seen SPAN in a live network, not saying it doesn't happen.

I usually throw in some stuff about reverse path forwarding, I ask about penultimate hop popping just because I like to say penultimate hop popping, we run EIGRP so we'll throw in a SIA question, how do you set up gateway redundancy, maybe some OSPF LSA types, and a few wireless and firewall questions just to see if they have done it.

We were looking for an IE last year and had a few IE written applicants that couldn't even answer basic CCNA questions, as if we needed more proof that **** don't pay. If the candidate is really strong we don't usually get into the tedious quiz show questions, but if they are weak from the start we usually just continue to ask questions because it's fun on a twisted level.

NotHackingYou

A sysadmin I used to work with would ask candidates to briefly explain dot1q, seemed to work well. We also would use variations of the quesitons you have asked.

nerdydad

removed unnecessary quoted reply

I am shocked by the number of CCNA's that don't realize that native traffic is not tagged on a dot1q trunk, they understand if non-tagged traffic comes in it will be put in the native, but they believe that the traffic is tagged before it is forwarded out.

Iristheangel

LoL. I actually have several SPAN ports right now running in our core for a traffic analyzer.

That being said, I don't expect them to know how to configure a SPAN port and if they ask what it is, I'll explain. I just want to usually see if they understand how they're able to look at the packet and tell if it's going to be routed or not (Destination MAC obviously). I want to know that they understand the core principles. In my opinion, this is associate level stuff. I expect people with years of experience to know more than me in terms of networking.

sratakhin

"Network engineers" can't answer these questions? Omg...
I have no idea what SVI and SPAN are, but other questions would probably be more appropriate for someone who just passed CCENT and doesn't have 10-15 of experience. Oh well...

shodown

We run into this all the time. The mid levels at a consulting firm will clean the floor with most Sr's in some enterprises. But it all the depends on the job you are doing. If you are a sr engineer at a shop who sends everything to a partner you have no idea on the world that you are missing. Also if you don't know when to engage your partner you are allowing too much work to fall on your hands.

One more thing before I go all over the place. A sr engineer at a 1 site shop is not going to have the experience of a sr engineer with a 100 site network. Its just a whole world of networking that you are missing.


As for your basic questions they should be able to answer them you just ran into the wrong folks, but I would check the salary requirements. If the money is right you should be finding the right folks.

jamthat

I hope this thread keeps going, seems like it could contain some very helpful info!

Unrelated question: Would any of you more experienced networking people out there that do/have done some hiring be willing to do a 'mock interview' for an entry level networking position? Could be mutually beneficial..I help you get experience with interviewing, you help me prepare for real interviews

Iristheangel

@Sratakhin - SPAN is basically a mirrored port. You can mirror another port or mirror a VLAN.
SVI = Switch Virtual Interface. Basically, instead of creating a routed port or various subinterfaces, you can create a SVI. After you create the vlan, type in "Interface VLAN 10" and then assign an ip address to it. Usually you just set the SVI as the default gateway for hosts on the VLAN. If it's a multilayer switch, you have to enable routing using the "ip routing" global command and you can route between various SVIs. It makes it a lot more manageable to have a bunch of SVIs that are being routed on a multilayer switch than to have a router on a stick where you have a single piece of copper as a single point of failure or a bunch of messy subinterfaces. Not to mention that multilayer switches tend to switch packets faster than a router in most cases

shodown wrote: »

As for your basic questions they should be able to answer them you just ran into the wrong folks, but I would check the salary requirements. If the money is right you should be finding the right folks.

We pay very very very well. Above six figures

sratakhin

2 Iristheangel - thanks for the good explanation. Knew the concepts but not the terms
Do the applicants have any certifications?

nerdydad

"How do you configure an SVI on a multilayer switch?" interface VLANxx (VLAN must be active on switch)

"How do you enable routing on a multilayer switch?" ip routing, or ipv6 routing depending on the platform you may need to change the sdm to allow ipv6

"You are viewing the ingress traffic on a multilayer switch by means of a SPAN port. Just looking at the packets going in, how can you tell whether the packets are going to L2 or L3 switched?" Youanswered above, I don't want to ****.

"Oh, I see you have experience with (whatever routing protocol listed on their resume). How would you configure that on a router?" Yes we run EIGRP, you enable EIGRP with a Autonomous system number ex router eigrp 100, and put in a network statement for the interfaces you want to run eigrp over

"How do you configure rapid spanning tree?" spanning-tree mode rapid-pvst

"Give me the general idea of STP?" by having a root bridge and blocking, root and designated ports you create a loop-free environment

"What is a VLAN and how do you create one?" in config mode or vlan database mode?

"How do you configure VTP?" in global config, vtp mode xxxxx, vtp domain xxxxxx, vtp password xxxxx

When do I start?

Iristheangel

You want to come to California? Sure! I'll hook you up!

NetworkVeteran

Iris, 6 out of 8 of these questions relate to Cisco switch configuration. I know many solid network engineers who wouldn't pass this, if not told in advance that was important. Are these questions aligned with your job posting?

> How do you configure rapid spanning tree?
> Give me the general idea of STP?

The last time I was grilled for a position that made heavy use of switching, they asked me to explain the differences between STP, RSTP, and MSTP in detail.. show the differences in operation on a four-switch topology.. explain how I would troubleshoot a L2 outage.. etc. I did great on those. I don't actually remember the command to enable RSTP on Catalyst IOS..

(Note: I will know the answer extremely well in about ten minutes! The answer is, of course, obvious to me just now for three other operating systems that I've worked with recently, but I'm blanking on Catalyst IOS. It's likely close to "spanning-tree mode rapid-pvst". Ahh well. At least I would get most of these correct in an interview. )

> "You are viewing the ingress traffic on a multilayer switch by means of a SPAN port. Just looking at the packets going in, how can you tell whether the packets are going to L2 or L3 switched?"

This could be translated from a Cisco question to a generic question like so--"You are capturing ingress traffic on a multilayer switch. Just by looking at the packets going in, how can you tell whether the packet are going to be L2 or L3 switched?"

NetworkVeteran

> "Oh, I see you have experience with (whatever routing protocol listed on their resume). How would you configure that on a router?"

This I really like. A favorite interviewer a year or so ago asked me to name my three strongest areas in networking, and then proceeded to ask me to explain them inside out from configuration to design to troubleshooting on the OS of my choice.

Iristheangel

sratakhin wrote: »

Do the applicants have any certifications?

Out of five applicants - Three had CCNAs and two had CCNPs. We ended up hiring a CCNP who was "studying" for the IE. Master of BGP he was. Or so he claimed. He lasted a week. First three days, he seemed confused about how Putty worked. Fourth day, he had to go onsite to configure some switches and a router. He didn't bring his company issued laptop because he assumed there would be a "KWM switch with keyboard and monitor" to configure the equipment. *facepalm* Proceeded to create the SVIs as I wrote down for him to do and couldn't figure out why he couldn't ping them. Turns out, he didn't create the vlans and only created the SVIs so after two hours of scratching his head, I had to help him out. Then he added the /24 subnet to BGP using the following network statement: "network 10.1.1.0 mask 255.255.255.255." He spent another two hours trying to figure out why the subnet wasn't routing. He never figured it out. I ended up discovering it within 5 minutes the next day. Sigh...

This is how I approach certifications in an interview: If you say you have the certifications, you will be quizzed heavily on relevant material. Of course I won't bust out with Frame Relay or RIP questions because that has no relevance to what they would be doing at my company but they better understand the core concepts. I will never ever hire someone based on just certifications.

shodown

One thing I forgot to add.


Base your questions off what they have on the resume presented. For example. I have my CCNP, got it a few years back. If I was brought in for a CCNP level route/switch job I wouldn't do so well. Now I also have my CCNP V, If I was brought in for a CCIE V level job I would be very, very competive just based on what I have been doing the last 3 years working on Voice technologies. So if you have a guy/girl that has been working as a WAN engineer with a CCNP he may know OSPF/BGP very, very well, but will struggle with EIGRP, RIP(hey its out there) and switching. So I do agree with network veteran some points, but I do think those questions are pretty basic except for the configuration unless they work in that type of job.

Xyro

Still only seeing the 2 options here. Right now I'm taking option 2 because it's the only choice I have since I have 0 power over the respondent pool.

Soon, I'll just be checking for a pulse.

Iristheangel

NetworkVeteran wrote: »

Iris, 6 out of 8 of these questions relate to Cisco switch configuration. I know many solid network engineers who wouldn't pass this, if not told in advance that was important. Are these questions aligned with your job posting?

Great suggestions, NV. I'll definitely take those into account the next interview I have. Your rephrasing of my question I will steal

To answer your question: Yes, our job posting states it's a Cisco-only enterprise and asks specifically for an advanced Cisco engineer with an understanding of L2 and L3 configuration and troubleshooting. I've run into a lot of engineers who have never designed a network on their own and used pre-canned scripts to apply configs they didn't write themselves. That's great and efficient for that company they were at but not what we're looking for and not the set the skills that can be used to troubleshoot.

darkerz

There is no way someone could not answer 100% of those questions.

What job is this? Where is the posting? I've always like Cali.

wes allen

NetworkVeteran wrote: »

Iris, 6 out of 8 of these questions relate to Cisco switch configuration. I know many solid network engineers who wouldn't pass this, if not told in advance that was important. Are these questions aligned with your job posting?

I know they are Cisco jobs, and they should be up on Cisco way of doing things, but you might miss out on a solid network engineer that just doesn't know IOS very well. I also do a lot of cut and paste when using Enterasys gear, so I don't have the commands memorized, just a bunch of config files I use as a base for each new install.

Seems like "What terminal program do you use/like?" "What USB to serial adapter" "Notepad type program" "How do you document your configs" etc would also give you some insight into how much they actually do day to day.

Iristheangel

Shoot me a PM, darkerz. I'll tell you where to send your resume

nerdydad

Iristheangel wrote: »

You want to come to California? Sure! I'll hook you up!

I'll have to check with SWMBO.

I agree on the asking how to configure questions, and I generally don't ask that type of question. I HATE quiz show interviews, the last technical interview I had they didn't even ask "questions", I have had about 3 hours of interviews, 1.5 hours of technical, and we talked about different technologies they use and ones that I have used, it was the kind of conversation you couldn't bs your way through and has by far been my favorite type of interview. That being said, an experienced Sr. level engineer knows the underlying technology behind STP, VLAN's ect, but I don't care how much I have configured BGP, I would never, let me repeat that never call myself a Master of BGP unless I wrote the RFC, there are just way too many things you can do with BGP.

Iristheangel

@Wes Allen - Those might be good things for someone I just want to configure the same kind of devices over and over again but if said engineer doesn't understand STP or VTP or VLAN concepts, they can't troubleshoot it and therefore they are useless to me as a mid-level engineer. Anyone can hit copy and paste but it takes a lot more skill and knowledge to understand what they are applying and be able to troubleshoot it if/when something goes wrong.

Xyro

darkerz wrote: »

There is no way someone could not answer 100% of those questions.

Believe it.

1 of my recent experiences involved someone who has 7 "degrees" (needless to say only 2 of them were degrees & the other 5 were certs.). & did not even know the difference between RJ-11 & RJ-45.

And yes, the 2 degrees (& 4 of the certs.) were all in IT.

Iristheangel wrote: »

@Wes Allen - Those might be good things for someone I just want to configure the same kind of devices over and over again but if said engineer doesn't understand STP or VTP or VLAN concepts, they can't troubleshoot it and therefore they are useless to me as a mid-level engineer. Anyone can hit copy and paste but it takes a lot more skill and knowledge to understand what they are applying and be able to troubleshoot it if/when something goes wrong.

This is the main problem. Most people (not including those on this forum) just memorize items & do not really understand what they are doing. I refer to these types as "IT Monkeys". I see it time & time again and while I wish it were different, I have come to accept that it is just part of life in this field.

Mrock4

My questions usually focus on the understanding of those technologies, and generally require you to have seen the CLI at least once. For example, instead of "how would you configure a device to be the STP root?" I might ask "you issue the command 'show spanning-tree' and find that all of the ports are in the designated (DESG) port role. What does this indicate?" - or instead of "how would you configure an OSPF router to be the DR for a segment?" I might ask "what is the purpose of an OSPF DR?" <-- I realize this doesn't require CLI knowledge, but it's more about the understanding of the tech.

I should note, these aren't questions requiring a textbook answer, but you can quickly tell if someone has worked with the technology. I should note also, that I'll tailor it to their resume..so this would ALL be included on their own resume. Finally, there'd be enough questions to get a good idea of their overall competency..nobody is perfect, so I understand missing one or two because of nerves, but the overall picture should show that they do know their stuff.

Just my $.02

darkerz

Copy-pasters, config moneys, exam dumpers, glorified technologists, etc...

My .02 – ‘keeping up’ is not nearly as important than understanding fundamental protocols. Software and hardware will be gone tomorrow, but standards-based protocols will endure. This is what separates the good technologists from the mediocre. Enterprise/SP – it doesn't matter. Your questionnaire is perfect to test someone and determine their "good technologist" side, which is refreshing. A mix of config here and there, but it's the concept and protocol that counts.

olaHalo

I can only answer 2 of those

Net+ ftw

Mrock4

olaHalo wrote: »

I can only answer 2 of those

Net+ ftw

At one point or another, we were ALL unable to answer some of these questions..it's those who have years of experience who cannot do any of these.

And I recently worked with a CCIE (as in, 2 weeks ago) who couldn't configure basic OSPF, so it's just one of those things I guess..

Iristheangel

Good posts, Mrock. I definitely will keep those in mind for the next interview I have... Ironically, my boss always tells me to "make them cry" but I don't really give them that hard of questions. I always try to tailor the questions to the resume of course. If someone writes a resume with a bunch of protocols listed, they're usually a)really know their stuff or b)full of it. Either way, I like to focus on those things and see how honest/full of it they are.