Cloud & Infrastructure Topics
Cloud platform services, infrastructure architecture, Infrastructure as Code, environment provisioning, and infrastructure operations. Covers cloud service selection, infrastructure provisioning patterns, container orchestration (Kubernetes), multi-cloud and hybrid architectures, infrastructure cost optimization, and cloud platform operations. For CI/CD pipeline and deployment automation, see DevOps & Release Engineering. For cloud security implementation, see Security Engineering & Operations. For data infrastructure design, see Data Engineering & Analytics Infrastructure.
Networking, VPC, and Connectivity
Deep understanding of AWS VPC architecture including subnets (public and private), route tables, Network Address Translation (NAT), internet gateways, and VPC endpoints. Knowledge of security groups and network ACLs. Understanding of VPN and AWS Direct Connect for hybrid connectivity. DNS and Route 53 routing policies.
Container Networking Fundamentals
Networking concepts specific to containerized environments and orchestration platforms. Topics include container network models such as bridge, host, and overlay networks, port mapping and network address translation for containers, and container network interface plugins and how they enable different connectivity models. Coverage includes service discovery and in cluster Domain Name System behavior, how networking differs between local single host containers and orchestrated clusters, load distribution mechanisms such as kube proxy and ingress concepts, network policies for traffic control and isolation, and common troubleshooting approaches for container networking issues. Practical skills include diagnosing container interface and route issues, interpreting container network namespaces, packet capture in container contexts, and understanding performance and security trade offs when designing container networking for production.
Your SRE Background and Experience
Articulate your hands-on experience with systems administration, monitoring tools, automation scripts, and any incident response involvement. Be specific about technologies (e.g., Prometheus, Grafana, Kubernetes, Docker, Terraform) and concrete examples of what you've built or fixed.
Network Virtualization and Overlay Networks
Focuses on design, implementation, and operational management of virtual networks and overlay architectures used to support multitenancy and flexible topology. Candidates should be able to explain encapsulation based overlay designs such as virtual extensible local area networks and how overlays interact with the physical underlay, tunnel termination points and identifier mapping, overlay control plane options for reachability, addressing and tenant isolation strategies, integration with container networking and virtual machine networking, and the relationship with network function virtualization and virtual appliances. Interviewers will probe understanding of operational concerns including encapsulation overhead and maximum transmission unit impacts, approaches to troubleshooting visibility and packet capture in overlay environments, scaling patterns and control plane sizing, and security and segmentation techniques appropriate for multi tenant environments.
Interior Routing Protocols OSPF and IS-IS
In depth knowledge of link state interior gateway protocols such as Open Shortest Path First and Intermediate System to Intermediate System. Topics include adjacency formation and neighbor discovery, link state advertisement exchange, the link state database and shortest path first computation, area and level design, types of area boundaries, route summarization and redistributing routes, fast convergence techniques, traffic engineering implications, and troubleshooting approaches for adjacency and area related failures. The description also covers scaling considerations, metrics and cost tuning, and tradeoffs when choosing between protocol designs for large networks.
Advanced Routing and Traffic Engineering
Advanced routing protocols, algorithms, and real world deployment practices for large scale and multi domain networks. Topics include deep Border Gateway Protocol knowledge such as path selection, attribute handling including weight, local preference, AS path manipulation, multi exit discriminators, communities, route filtering, route aggregation, and mitigation of route hijacking. Also covers advanced aspects of interior protocols such as Open Shortest Path First and IS IS including area design, adjacency and LSA or link state behavior, convergence optimization, and comparison of link state versus other approaches. Traffic engineering topics include load balancing, multi path routing, MPLS fundamentals and label switching, segment routing principles, and using routing and BGP for traffic engineering across internet exchanges and multi carrier environments. Practical skills include designing redundancy, scaling routing control planes, route policy design, and troubleshooting complex inter domain routing behaviors.
VLAN Configuration and Network Segmentation
Create VLANs on switches (assign VLAN IDs, name VLANs). Assign ports to VLANs (access ports for end devices, trunk ports for switch-to-switch connections). Configure 802.1Q tagging for trunk ports. Configure inter-VLAN routing on L3 switch or router: create SVI (Switch Virtual Interface) for each VLAN, enable routing between SVIs. Test connectivity: ensure devices in same VLAN can communicate, devices in different VLANs can communicate through router, unauthorized traffic is blocked. Understand VLAN concepts: broadcasts are isolated to VLAN, unicast traffic must be routed between VLANs.
Observability and Monitoring Architecture
Designing and architecting end to end observability and monitoring systems that scale, remain reliable under load, and do not become single points of failure. Topics include deciding which telemetry to collect and why including metrics logs traces and events, instrumentation strategies, collection models such as push versus pull, high throughput telemetry ingestion and pipeline design, time series storage and compression, aggregation and partitioning strategies, metric cardinality and retention tradeoffs, distributed tracing propagation and sampling strategies, log aggregation and secure storage, selection of storage backends and time series databases, storage tiering and cost optimization, query and dashboard performance considerations, access control and multi tenancy, integration with deployment pipelines and tooling, and design patterns for self healing telemetry pipelines. Senior level assessments include designing scalable ingestion and aggregation architectures, storage tiering and query performance optimization, cost and operational tradeoffs, and organizational impacts of observability data.
Wide Area Network Design and Optimization
Focuses on designing and tuning intersite connectivity for multi site architectures. Candidates should cover connectivity options and tradeoffs including internet based virtual private networks, dedicated circuits and multiprotocol label switching, software defined wide area networking overlays, and direct cloud connectivity. Expect discussion of route distribution and interaction with interior and exterior routing, path selection, traffic engineering, quality of service end to end across the wide area, latency and jitter mitigation, bandwidth and capacity planning, failover and site reachability strategies, and techniques for accelerating or caching traffic. Candidates should explain operational concerns such as monitoring, health checks, failover testing, and cost versus performance tradeoffs when choosing designs.