• Human Infrastructure
  • Posts
  • Human Infrastructure 368: Wireshark Auto-Profiles, MAC Address Moves, RPKI and more

Human Infrastructure 368: Wireshark Auto-Profiles, MAC Address Moves, RPKI and more

Author

Drew Conry-Murray
September 05, 2024

THIS WEEK’S MUST-READ BLOGS 🤓

Liam looks at a Juniper marketing whitepaper that favorably compares its Apstra data center product to Cisco ACI. Liam goes over the major points in the whitepaper where he feels like Juniper doesn’t give ACI a fair shake. More importantly, throughout this post he notes that any data center automation platform is going to require cultural and operational changes because CLI-centric network engineers have to adjust to a more cloud-like operating model. He also notes that what’s most important is to find the platform that’s best for your individual organization, not which vendor had the best marketing approach. And this statement is gold: “no technology manufacturer sells a bag of magic beans. Organizations need to invest in the people and processes that support these next-gen networks, just like they’re forced to do if they adopt any public cloud strategy.” I highly recommend reading the whole post. - Drew

Kathleen McNamara is writing a series of blog posts focused on strengthening the security of your ISE deployment. Topics include adding certs, patching and backing up ISE, using RBAC, and more. Each post is short and straightforward with step-by-step instructions and helpful screenshots. If you run ISE, you might want to bookmark these posts. In fact, you might want to bookmark her entire blog, which covers a ton of other Cisco products. - Drew

Bryan Ward notes that due to supply chain constraints, Juniper had to use a different chip in PoE controllers on some switches. But if you need to update firmware, how do you find out which chip is being used so that you get the correct firmware? Bryan walks through what to look for and provides some commands that can help get you started. - Drew

Laura Chappel walks through the benefits of a new auto-switch profile feature in the latest version of Wireshark. The new feature will automatically change the Wireshark filter based on a certain number of packets matching a display filter in a trace. Laura writes “For example, suppose I am working on a problem dealing with DNS and HTTPS/TLS communications. When I apply a filter for DNS delays, I can configure Wireshark to automatically switch to my DNS troubleshooting profile when one or more packets match my filter.” She also shares the steps to set up an auto-switch profile. - Drew

Markku’s blog asks and answers this question: how do switches learn the MAC address of a VM after a live migration? Markku set up a lab to find out. The answer has to do with ARP, but Markku shows his work with TCP dumps. An interesting exercise. - Drew

TECH NEWS 📣

Zyxel, which makes a variety of networking gear including switches, APs, and firewalls, is raising the alarm about a number of serious vulnerabilities in multiple products. They include a command injection vulnerability with a risk score of 9.8 out of 10 in multiple AP models. The Ars Technica article linked above has the rundown of affected products. Some patches are available, so you know the drill. - Drew

I guess it’s good to see investment going into AI safety. But as with anything spawned in the fetid money swamps of Silicon Valley, you have to ask “Safe for who?” The chance of a Matrix-like takeover by computer intelligence is minuscule compared to the likelihood that a handful of tech entrepreneurs with dubious motivations will blitz-scale their way to dynastic wealth and power and monopolize and/or enshittify things we rely on, such as healthcare, media, privacy, education, and the Internet. I’d almost rather have The Matrix. - Drew

AutoCon2 is coming up fast on November 18-22 in Denver, Colorado and we want to let you know some key dates:

Conference Registration is open NOW!

  • Early bird pricing of only $399 started August 29.

  • Hotel registration is open now - grab a room SOON!

Workshop Registration opened on August 8

  • We're going to have a great slate of workshop options covering a range of topics in network automation and orchestration

  • Note that it's a separate event conveniently preceding AC2

The Full AC2 Conference Agenda will be published by September 9

NAF is a watering hole - a place where we can have harmonious collaboration in network automation: the practice of network automation, orchestration, observability, AI tooling, education, process and standards, and more. Come hear what your peers are doing in their networks (on the stage and in the hallways), what solution providers are bringing to the table, what's happening with open source, and all things network automation.

AutoCon is THE Forum for Network Automation. See you in Denver!

FOR THE LULZ 🤣

RESEARCH & RESOURCES 📒

I suspect many of our readers either use or are interested in Starlink. Whatever you might think of Elon Musk (I’ll keep my own opinions to myself), Starlink ticks a lot of nerd boxes: rocketry, satellites, wireless communication, broadband Internet, and sticking it to legacy ISPs. But does it work? This episode of Russ White’s “The Hedge” podcast looks at Starlink performance with guest Geoff Huston, who brings some performance numbers. - Drew

Tim McConnaughy has created a really useful intro video to essential AWS networking concepts, including the creation of a VPC, assigning subnets, setting up a gateway for external connectivity, and more. This is a great place to start for cloud networking concepts. - Drew

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

It’s possible to unintentionally create a loop using BGP Confederations and AS override. The post describes why you’d want to use these techniques, and how they can interfere with BGP’s loop-prevention mechanisms. It also walks through a safer alternative. - Drew

The NRO (Number Resource Organization) is looking for feedback from network operators about how the various RIRs are implementing RPKI, so they have put out a survey. From the blog: “We want to learn more about the experience of managing resources across multiple RIRs to understand whether differences in RIR RPKI implementations are hindering RPKI adoption, particularly in terms of Route Origin Authorization (ROA) creation. If so, we aim to identify which differences are the most problematic, so we can focus on making those aspects of the RPKI system more consistent.” You can find the survey here. September 12th is the last day to take it. RPKI may be bubbling to the surface more often these days now that the White House’s Office of the National Cyber Director has put out a whitepaper encouraging government and private entities to adopt RPKI to bolster the security of BGP. - Drew

Each year we ask for your feedback. It’s that time! Please take a few minutes to fill out this survey. We’re desperately seeking 500+ responses. Okay, we’re not desperate, but we want statistically significant data. We’re not even 20% of the way there yet. We need your input. Thanks in advance!

LAST LAUGH 😆