A Note On Links

by Drew Conry-Murray

We’ve gotten feedback from a few readers about getting blocked when they try to click on the articles linked in this newsletter. We suspect it’s because of the way this newsletter platform tracks click-throughs, which can make the links look spammy. That sucks and we apologize. To get around this, we’re including the actual URLs for the articles we reference here so you can copy and paste them into a fresh browser window.

If you continue to have issues, please let us know at: https://packetpushers.net/fu/

THIS WEEK’S MUST-READ BLOGS 🤓

Network CI and Open Source - JulioPDX 
This is an information-rich post on building a Continuous Integration (CI) pipeline to automate network tasks. It incorporates a variety of open-source tools you can mix and match to build your own CI.  - Drew https://juliopdx.com/2023/11/25/network-ci-and-open-source/ 

Squeeze the hell out of the system you have - Evidence-oriented SRE 
ADan Slimmon argues that it’s best to keep a system as simple as possible by engineering inefficiency out. The alternative is to implement a more complex system that accommodates the inefficiency, but at the cost of having to work with the more complex system forever. He cites an example of pushing a database as hard as they could, and needing to move to sharding or microservices to allow for additional scale. They didn’t do either, instead digging deeply to discover their high-cost transactions, and then rewriting code to dramatically reduce those costs. - Ethan https://blog.danslimmon.com/2023/08/11/squeeze-the-hell-out-of-the-system-you-have/

Building a Access Point from scratch - Dennis Schmalacker 
Dennis goes on a vision quest to construct a wireless AP out of a AsiaRF AW7916-NPD miniPCIe card, Mikrotik RBM11G board, and OpenWRT. It wasn’t easy, but he got there in the end. He shares the details of getting OpenWRT on the system, enabling serial comms, and more. - Ethan https://dennis.schmalacker.cloud/posts/openwrt-mikrotik-rbm11g-setup/ 

DHCPv6 Relay - Majornetwork 
Markku Leiniö takes a detailed look at a DHCPv6 negotiation, using a client running Debian 11 Linux, Window Server 2022 DHCP server, and a Cisco CSR1000v acting as the relay in the middle. You’ll find packet captures, log entries, and explanations down to the packet level here. - Ethan https://majornetwork.net/2023/12/dhcpv6-relay/ 

6GHz Wireless Series - mrn-cciew 
Rasika Nayanajith has posted a 5 part series on 6GHz access point discovery, as well as other posts on the latest spectrum Wi-Fi has access to. If you want more detail than “6GHz is higher than 5Ghz”, Rasika’s posts are for you. Lots of diagrams, packet captures, and details for your education. - Ethan https://mrncciew.com/category/6ghz/

Effective Obsfuscation - Molly White 
Molly White is a sharp-eyed independent reporter who covers the foibles of the crypto and Web3 spaces in her blog Web3 is Going Just Great. She’s also got a newsletter, Citation Needed, which covers crypto and the broader Silicon Valley milieu. In a recent newsletter she takes on the Silicon Valley notions of effective altruism and effective accelerationism. These concepts bubbled into the mainstream during the trial of Sam Bankman-Fried and the defenestration (and subsequent refenestration) of OpenAI’s Sam Altman. The gist behind both ideas is to find the most rational ways to maximize the benefits of donating to charity and to maximize technology development for “the good of humanity.”

On the surface that sounds fine. The problem, argues Molly, is you can rationalize your way to an ideology “that allows a person to justify almost any course of action in the supposed pursuit of maximizing their effectiveness.” In other words, when you dig a little deeper into effective altruism and effective accelerationism, you find “a twisted morass of Silicon Valley techno-utopianism, inflated egos, and greed.”

It’s a good post and worth a read because we are the people upon whom technology is being accelerated. Whenever anyone says there should be no barriers or impediments to a technology because it will “make the world a better place,” we need to ask “For who?” - Drew https://newsletter.mollywhite.net/p/effective-obfuscation

Vampire Tap - Wikipedia 
Ethernet networking used to be…this. - Ethan https://en.wikipedia.org/wiki/Vampire_tap

SASE Converge 2023 was held November 15 - 16, 2023

Reimagine security and networking with a unified, cloud-first SASE architecture. Learn about SASE Converge 2023, the industry’s premier SASE conference. Experts from across the globe shared insights on how advanced AI/ML is powering SASE to drive better outcomes. Watch on Demand

TECH NEWS 📣

Ayar Labs TeraPHY is Terrifyingly Quick with Fiber Directly Plugging into Chips - ServeTheHome
Once it was thought that silicon photonics would replace pluggable modules, but the failure rates were too high for the transmission and the industry has moved to co-packaged optics. This article looks at the use of package/ component photonic connectivity with lots of nice pictures so you don’t have to attend a conference to see them. For some reason vendors don’t post this information on their websites but they will set up an expensive stand at some random conference so that just a handful of people can see it. Good reading if you like peering in the future. - Greg https://www.servethehome.com/ayar-labs-teraphy-is-terrifyingly-quick-with-fiber-directly-plugging-into-chips/

Meet Strange Metals: Where Electricity May Flow Without Electrons - Quanta Magazine 
If you simplify technology deeply enough you end up with electrons moving through a conductor or not moving through an insulator. One’s and zero’s is a high level abstraction by comparison.  - Greg https://www.servethehome.com/ayar-labs-teraphy-is-terrifyingly-quick-with-fiber-directly-plugging-into-chips/

Have you ever wanted to just talk to your IP router or data center switch to find out what’s going on? Now you can!

Nokia has released a new application for its SR Linux NOS that integrates with ChatGPT. The app is accessible right inside the CLI. With the simple prompt of “askai” you can type in natural language queries and get answers in seconds about device and network state, logs, configurations, and troubleshooting. You can also quickly and accurately search through technical documentation right from the CLI–no need to swivel to another window or screen and sift through reams of online content.

Learn more on how you can combine SR Linux and ChatGPT for network AIOps.

FOR THE LULZ 🤣

Shared on Bluesky by nixCraft (@cyberciti.biz)

RESEARCH & RESOURCES 📒

Microsoft Cybersecurity Reference Architectures - Microsoft Learn
This PowerPoint document is a high-level architecture document to help you think appropriately about a variety of security scenarios. I perused much of this doc. Even if you aren’t a consumer of Microsoft products, there’s plenty in there worth considering. I expect there will be at least one thing, and more likely several things, where you’ll react, “Oh. I hadn’t thought about it that way. We should make some changes.” The doc is free to download and ungated. - Ethan https://learn.microsoft.com/en-us/security/cybersecurity-reference-architecture/mcra

Have I Been Squatted?  
This site checks for subtle variations of a domain name you care about. Works slick. I ran one of my domains through it, and it checked many thousands of possibilities in just a few minutes. Came up with several annoying hits, too. On a related note, this is why your marketing department drives you nuts with dozens of domain registrations to redirect your company’s main site. Top tip--train them to do that work themselves. Thanks to Steve Puluka for sharing this site on LinkedIn. - Ethan https://www.haveibeensquatted.com/

Termshark  
Termshark gives you a Wireshark-like UI at the CLI with useful features like coloration and filters. There are several install options if you use a package manager, as well as pre-built binaries for sundry Linux, BSD, Apple, and Windows environments on GitHub. Termshark depends on tshark, the CLI packet capture tool typically installed as part of the Wireshark package. For all the MacOS users like me, I’ll save you a search. Tshark is buried in the contents section of Wireshark.app. So that termshark can find tshark on your Mac, do this:

ln -s /Applications/Wireshark.app/Contents/MacOS/tshark /usr/local/bin/tshark https://termshark.io/

PythonAnywhere  
“Host, run, and code Python in the cloud.” Usable (but limited) free tier. $5/mo and up for more capabilities. - Ethan https://www.pythonanywhere.com/

HowTo Build a 100 Gbit NetFlow Sensor Using nProbe Cento - ntop
Open source project ntop has been around a long time and this blog post dives into building a 100G NetFlow collector using their software. If you have a smallish network and modest packet visibility needs, this project might suit. - Greg https://www.ntop.org/ntop/howto-build-a-100-gbit-netflow-sensor-using-nprobe-cento/

[1hr Talk] Intro to Large Language Models - Andrej Karpathy (YouTube) 
Andrej is a respected DL/ML/AI person with a long history of senior roles for large companies like Tesla and OpenAI. Now that LLMs have stabilized and I can see clear solutions I’m spending time trying to understand them. (I’ve seen too many ‘innovation dead ends’). The presentation is comprehensive and really well done. I learned a lot of details about why LLMs suck. It’s like driving a car: You don’t have to know how the engine works, but you definitely need to protect yourself from other drivers. - Greg https://youtu.be/zjkBMFhNj_g

How Gen Z Deals With Stress - Simon Sinek (YouTube) 
Simon Sinek is a well known speaker on work and corporate life. This video speaks to people who are early in their careers who do not have the ‘support systems’ that old people (like me) had at the outset. Work wasn’t the focus of my life. Social clubs, church groups, sports were all common, but younger generations don’t always have those choices. The clubs and societies died out when society changed to make work the central focus of their lives. What he claims is that ‘empaths’ in the office become agony aunts and uncles for many co-workers and they burn out. Interesting take for those who are forced to work in an office. - Greg https://youtu.be/uUYUQxfUSNo

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

The Role of Governments in IPv6 Deployment - LACNIC Blog 
For me, the most interesting part of this piece aimed at Central and South America was found about two-thirds of the way through. The author provides a list of ways that governments could encourage IPv6 adoption. The key is not to legislate “you must be running IPv6 by this date” but rather to take other steps that create a business need for IPv6. For example, require government-acquired equipment be IPv6 compatible. Or require that government services offer IPv6 to the public. Or require that network operators be able to trace transactions back to a subscriber. All thought-provoking and reminiscent of what the US government (and perhaps others) have done recently. - Ethan https://blog.lacnic.net/en/ipv6/the-role-of-governments-in-ipv6-deployment

An Update on Twitch in South Korea - Twitch
Amazon’s Twitch business unit has announced it will cease operations in South Korea in February 2024 because the local telcos are charging them too much for transporting traffic. The CEO said  “Network fees in Korea are still 10 times more expensive than in most other countries.” The Korean government implemented legislation that permits billing of large content providers to get access to Korean consumers. Telcos have been complaining that CDN companies are directing traffic to infrastructure outside of Korea which results in extra traffic that the telcos cannot bill for. It appears to be hard nosed business and not a negotiation tactic as Twitch previously limited streaming to 720p to reduce costs and is offering to help streamers migrate to other platforms. - Greg https://blog.twitch.tv/en/2023/12/05/an-update-on-twitch-in-korea/

LAST LAUGH 😆

Shared on X by @summer__heidi