Validating Candidate Knowledge

I’ve been thinking a lot about the process of knowledge validation. One of the things that frustrates me is the process asking obscure questions that depend on memorization of pointless trivia. This may occur either in the vendor testing or the interview process. On the other hand, I believe that relevant questions should test the appropriate depth of technical knowledge.

The CCNP Route exam covers multi-area OSPF in section 2.0 of the blueprint. If I were concerned that an interviewee had used dumps to pass this exam, I might validate their knowledge myself. One of the cool things about asking technical questions in the interview process is that the interviewer can see how the person being interviewed works their way through the challenge. It also gives the interviewer the opportunity to ask the interviewee to share their level of expertise prior to validating it.

Specific to OSPF, I might offer the following challenge–

Topology

R1toR2

R1 Configuration

R1#show ip int br
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            192.168.1.1     YES manual up                    up
FastEthernet0/1            unassigned      YES unset  administratively down down

R1#show run | sec ospf|route
router ospf 1
 log-adjacency-changes
 network 192.168.1.0 0.0.0.255 area 256

R2 Configuration

R2#show ip int br
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0/0            192.168.1.2     YES manual up                    up
FastEthernet0/1            unassigned      YES unset  administratively down down
Loopback1                  1.1.1.1         YES manual up                    up

R2#show run | sec ospf|route
router ospf 10
 network 192.168.1.2 0.0.0.0 area 0.0.1.0

Based on the above configuration–

  1. Will an adjacency be formed between R1 and R2?
    1. If no, what could be done to allow an adjacency to form?
    2. If yes, what OSPF routes might be found in R1’s routing table?
  2. Typing, show ip ospf on R2 would reveal what as the router ID?

Watching someone work through this can tell a lot about their grasp on concepts and the experience they’ve had with this technology. Let’s first review what the correct answers are.

  1. Will an adjacency be formed between R1 and R2? YES
    1. If no, what could be done to allow an adjacency to form?
    2. If yes, what OSPF routes might be found in R1’s routing table? No OSPF Routes
  2. Typing, show ip ospf on R2 would reveal what as the router ID? The OSPF Router ID should be 1.1.1.1

Explanation

There are a lot of ways that a candidate could go astray with this example. For example, some may get hung up on the fact that there is no area zero. While an area zero is typically required in multi-area OSPF, the lack thereof will not prevent and adjacency from forming. It also will not prevent intra-area routes from being exchanged. Candidates may also mistakenly assume that the OSPF process-id must match. Unlike OSPF, EIGRP uses a concept of autonomous system number and requires it to match between peers.

Another caveat is that everyone knows the area-id must match. At first glance, it seems that there is a mismatch that could prevent an adjacency. R1 has an area-id of 256 and R2 has an area-id of 0.0.1.0. The area-id is a 32 bit number. If we translate R1’s area-id to binary, we see that it is 00000000.00000000.00000001.00000000. If we convert 0.0.1.0 that we see on R2, it is apparent that the area-id is actually consistent between the neighbors.

If the candidate is still with me, I can see if he or she actually catches the fact that the only OSPF enabled interfaces are directly connected with one another. Since the routes are already in the routing table as connected, there will be no OSPF routes.

The final question is fairly straightforward  and simply assesses the understanding of how OSPF does its router-id selection. Those who have a solid understanding know that this ID is selected when the process is started and ID’s are prioritized in the following order: 1) hard-coded router-id, 2) highest IP address of active loopback interface, 3) highest IP address of any active non-loopback interface.

Conclusion

Establishing technical assessment scenarios for use in the interview process can be a time consuming process. However, it is important to validate that candidates are as well qualified as they (and their credentials) say they are. Obviously, scenarios should be well-tailored to the position being filled. It is also important to observe the process in which the candidate determines the answers. If this is a conversational process, it can often make sense to ask how they arrived at the answers.

About Paul Stewart, CCIE 26009 (Security)

Paul is a Network and Security Engineer, Trainer and Blogger who enjoys understanding how things really work. With over 15 years of experience in the technology industry, Paul has helped many organizations build, maintain and secure their networks and systems.
This entry was posted in Other. Bookmark the permalink.

14 Responses to Validating Candidate Knowledge

  1. Dmitry Figol says:

    Answered all questions correctly. Thanks, good warmup before my CCNP ROUTE.

  2. But how can we know this is true? “The OSPF Router ID should be 1.1.1.1”

    • If you notice the output of ‘sh ip int br’ on R2, it is the only loopback interface. The router-id is not specified in the OSPF process. So it should be the IP address of the loopback interface. I say *should* because it is possible that the loopback was created after the OSPF process was instantiated.

  3. Pedro says:

    Not so sure about whether the OSPF adjacency would be formed or not as I cannot say anything about the configured netmask on both interfaces.

    Also a comment about functional OSPF vs technical OSPF would be welcome.

    • Pedro,

      I’d have to give you bonus points for that. Since the mask isn’t shown, there is a possibility that it is misconfigured.

      I also like your idea about commenting on a functional OSPF vs technical OSPF. A good follow-up question to a candidate might be something like, “What value does this particular OSPF add to the network shown?” Of course, the answer is no value since routes aren’t being advertised. Thanks for the comments.

      • fredrikjj says:

        You should configure network type point-to-point on actual point to point ethernet links since it removes an unnecessary type 2 LSA and simplifies the database.

        When the network type is point-to-point the remote side mask is not verified, only that the remote IP address is on the same network based on the local mask. With the IP addresses being .1 and .2 there is no mask that’s configurable that would put the addresses on different networks from OSPF’s perspective. In other words, if OSPF is properly configured, the masks are irrelevant in this example.

      • Great comment. The purpose of the the article was to use some odd configurations that demonstrates proficiency with the protocol. You obviously know OSPF very well.

  4. Bruce Markey says:

    I just read this today and wanted to make 2 points. As someone who is 4 days from taking ROUTE, and has spent the last 3 months studying and labbing quite a lot this really hit home for me. Nothing bothers me more than not understanding a technology which is why I spent so much time going over everything.

    My first point is I would have totally failed your test. Not because I don’t understand how OSPF works but because I had no idea you could use dotted decimal for an area id. I used multiple sources to study from, mainly the Odom book and I had do check when I got home to see if I just missed that. So thanks in a way, now I know that.

    My second point sort of goes along with that, it’s about lack of a good set of materials for these certs. Yes the Odom book is great, so are any number of books that are out there. As I went through my studies, and I’m sure this will be true as I move on to SWITCH, is that I learned more from using sites like hackingcisco.com and gns3vault.com due to the fact that the labs made me think, made my apply my knowledge and put it all together.

    Obviously the guys that use dumps gain very little. I think had I just read some books, watched a few videos I would have been light years ahead of the dump folks I still would have felt that I was lacking. As someone who doesn’t get to use say OSPF daily those labs made a world of difference for me. I’d gladly pay for a workbook of sorts full of real life problems to be worked through etc.

    I didn’t mean to get off on a tangent but your article really made me think about this. That at the end of the day it’s great to be able to regurgitate a ton of facts but in the end it’s abotu really understanding the technology and being able to apply it to the problem at hand.

    Thanks again for a great article.

  5. Victor says:

    I must say that I really enjoy this kind or articles and I would like to thank you for that.

    They make me feel better after learning 6-12 months for a certification instead of taking it in 2 months using dumps.

    I am wondering however if you can write more about “Validating Candidate Knowledge” because it’s a subject that it’s almost in-existent when talking about network engineers.

    Cheers

    • I totally agree with you. I enjoy these quick scenarios that are obscure but highlight how a technology component functions. For me, involved scenarios are a challenge to write, to describe and to comprehend. Moreover the time involved for the learner or reader can sometimes be constraining.

      I’d love to write more of these. My biggest challenge is finding the time and balancing commitments. So yes to your question, when time permits.

  6. Pingback: Who Understands Network Statements? - PacketU

Comments are closed.