Human Infrastructure 326: Model-Based Thinking, AI Risks & More

Author

Drew Conry-Murray
October 12, 2023

THIS WEEK’S MUST-READ BLOGS 🤓

Model-Based Thinking For Network Engineers - Russ White on Packet Pushers
Russ White is writing a series about alternatives to the OSI model that can help network engineers get a different view into network protocols and troubleshooting. In the latest post, he discusses, with examples, about how to engage in model-based thinking. Why? He writes “Thinking in models like this is a mental habit you will need to learn over time—but as you get better at it, you will be able to understand networks and protocols much more thoroughly and quickly.” - Drew

AI Risks - Schneier on Security
This post from Nathan Sanders, published on Bruce Schneier's site, covers a lot of angles on AI hysteria that would be useful to most people. It outlines the cases of naysayers and their very real concerns about unfinished or biased AI datasets, about displacement of existing skills, and so on. Personally I am more worried about evil humans with AI than AI turning evil - but that is what most AI critics are highlighting. Consider using AI in military drones or what terrorists might be able to do. There are no clear answers, but it’s worth understanding what are the good questions. - Greg

Automating Blogging Worflow - Part Three - Daniel Teycheney
This is an interesting series about how Daniel is applying automation principles and tools to manage his blog site. His overall premise is that running a personal site and writing blogs are workflows, and workflows can be automated. In part three, he shares how he’s using a tool called Vale to run spelling and style checks, plus how he’s automating other site management tasks. Here are the links to parts one and two. - Drew

How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack - Google Cloud Blog
The largest layer 7 DDOS attack to date (398 million requests per second) used the HTTP/2 Rapid Reset technique. Google unpacks the details and I found it a valuable learning opportunity for HTTP/2, something I haven’t spent a lot of time doing packet captures with. I suspect that using Wireshark on HTTP/2 would be tough to get right due to parallelism. Cloudflare also wrote up the same topic. They also endured a record-breaking attack and announced together with AWS and Google. - Greg

Productize Your Scripts & Scale Network Automation with Itential

Itential’s automation products were built with your network in mind. We believe scaling network automation starts with a solution that isn’t fragile and that everyone in your organization can rally around and use. A solution that integrates with the systems you already have. That doesn’t make you get rid of your investment in scripts and playbooks, but helps you bring them under control. With Itential:

Ready to scale your automation scripts?

Visit www.itential.com/packetpushers to access a free test drive of the Itential Automation Platform in the cloud.

TECH NEWS 📣

Oops—It looks like the Ariane 6 rocket may not offer Europe any launch savings - Ars Technica
The two big takeaways from this article are that building rockets is expensive and difficult, and that SpaceX will continue to dominate the commercial rocket business for the foreseeable future. It’s also a good reminder about why we often compare doing hard things to rocket science. - Drew

FOR THE LULZ 🤣

RESEARCH & RESOURCES 📒

Comparing Solutions for Boosting Data Center Redundancy - NVIDIA Technical Blog
Like most networking vendors with data center products in 2024, Nvidia has implemented proprietary extensions to various protocols to offer their version of a network fabric. - Greg

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Default outbound access for VMs in Azure will be retired— transition to a new method of internet access - Microsoft Azure 
Azure is making a significant change to its networking… - Greg

New FortiSwitch Solutions Are Game Changers for Today’s Evolving Campus - Fortinet Blog 
Fortinet has announced new FortiSwitch units for campus networking. The FortiSwitch 600 series delivers up to 5GE access and 25GE uplinks, and the FortiSwitch 2000 series supports larger environments as a backbone/aggregation switch. In 2023, campus switches are part of the IT security ecosystem using overlay networks for most vendors so more and more customers are buying their campus switches from their firewall vendor to get a unified security fabric. The announcement makes unnecessary use of ‘game changer’ because it isn’t, it’s just a switch. - Greg

Run Your Private Data Center as Easy as Cloud with Expanded Juniper Apstra Automation - Official Juniper Networks Blogs
A roundup on new features released for Juniper’s Apstra data center networking. Nothing stands out to me in particular, but it’s a continuation of persistent releases I’ve noticed lately. - Greg

Arista 7130 Series Leads the Way to 25G Ultra-Low Latency Networking - Arista Networks
Arista is announcing a new series of switches that target financial institutions, brokerages, and high-frequency traders. Nanoseconds matter in these environments, so customers rely on specialized Layer 1 switches whose primary requirement is to get frames into and out of the switch at inhuman speeds. Arista acquired Metamako, which built L1 switches on an FPGA, back in 2018. It has been offering a 10G switch ever since. This is the first 25G L1 switch on the market.

What’s most interesting to me about these switches (aside from the use of FPGAs) is that Arista says it’s done away with phy-layer Forward Error Correction (FEC) because FEC introduces as much as 250 nanoseconds of latency. Instead, they say they have optimized the optical transceivers to minimize errors. Arista calls them “Enhanced Peformance” optics. I’m guessing the price is also enhanced. - Drew

LAST LAUGH 😆