Re: job screening question

[Dennis <daodennis () gmail com>]

On Thu, Jul 5, 2012 at 10:02 AM, William Herrin <bill () herrin us> wrote:

> Hi folks,
>
> I gave my HR folks a screening question to ask candidates for an IP
> expert position. I've gotten some "unexpected" answers, so I want to
> do a sanity check and make sure I'm not asking something unreasonable.
> And by "unexpected" I don't mean naively incorrect answers, I mean
> oh-my-God-how-did-you-get-that-cisco-certification answers.
>
> The question was:
>
> You implement a firewall on which you block all ICMP packets. What
> part of the TCP protocol (not IP in general, TCP specifically)
> malfunctions as a result?
>
>
> My questions for you are:
>
> 1. As an expert who follows NANOG, do you know the answer? Or is this
> question too hard?

I perused the thread but lots of people have mentioned mtu discovery but
not what happens on TCP and an issue with mss but not what happens - if
there is a smaller mtu along the path the receive window fills up on the
host initiating the connection and then the connection just times out.



> 2. Is the question too vague? Is there a clearer way to word it?

It is way to confusing and may be better in a two part question and work up
to it.  Instead of asking if all ICMP is blocked put into to Type/Code with
out giving away that it's the
Maybe for HR ask more text book stuff like name the tcp flags or describe
the tcp connection closing or what field determines if a packet can be
fragmented and then compare that to how it works in IPv6.  How big is the
TCP or IP headers?  How many with options? etc...


> 3. Is there a better screening question I could pass to HR to ask and
> check the candidate's response against the supplied answer?
>
> Thanks,
> Bill Herrin
>
>
> --
> William D. Herrin ................ herrin () dirtside com  bill () herrin us
> 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
> Falls Church, VA 22042-3004