InterviewStack.io LogoInterviewStack.io

Networking, VPC, and Connectivity Questions

Deep understanding of AWS VPC architecture including subnets (public and private), route tables, Network Address Translation (NAT), internet gateways, and VPC endpoints. Knowledge of security groups and network ACLs. Understanding of VPN and AWS Direct Connect for hybrid connectivity. DNS and Route 53 routing policies.

HardSystem Design
25 practiced
Create a Route 53 traffic management plan to route users to the nearest healthy region while respecting country-based compliance constraints and the ability to shift traffic during capacity bursts. Explain how you'd combine routing policies (geolocation, latency, weighted, failover), health checks, TTL tuning, and strategies to minimize DNS caching impacts.
MediumTechnical
20 practiced
As a Solutions Architect, recommend an approach for organizing Security Groups at scale: per-application, per-tier, or per-environment. For each approach, explain pros/cons regarding manageability, least privilege, rule explosion, automation, and operational impacts in a large organization.
HardTechnical
22 practiced
You're merging two companies whose AWS estates have overlapping VPC CIDR ranges. Propose a migration strategy to consolidate networks with minimal downtime that addresses IP conflicts, service discovery, cross-account connectivity, and incremental cutover. Discuss translation options (NAT/proxy), TGW routing patterns, automation, and rollback strategies.
HardSystem Design
20 practiced
Design the network and replication architecture for a latency-sensitive distributed database that must support cross-region reads and writes. Compare options such as Aurora Global Database, multi-master solutions, and custom replication over AWS network, and detail network requirements, replication topology, consistency trade-offs, and failure handling strategies.
HardTechnical
21 practiced
Explain Path MTU Discovery (PMTUD) issues that can arise with IPsec VPN tunnels and AWS Direct Connect. Include effects of the DF (Don't Fragment) bit, ICMP blocking by intermediate devices, fragmentation behavior, and mitigation strategies such as adjusting MTU/MSS, TCP MSS clamping, and monitoring indicators of PMTUD failure.

Unlock Full Question Bank

Get access to hundreds of Networking, VPC, and Connectivity interview questions and detailed answers.

Sign in to Continue

Join thousands of developers preparing for their dream job.