Human Infrastructure 394: AI Fatigue & My CCIE Was Harder Than Yours

AI FATIGUE đŸ« 

You’re sick of AI, right?

  • Because LLMs aren’t intelligent in the way humans mean that word.

  • Because AI (which is much more than LLMs, of course) is getting baked into every communication from every vendor even when AI has nothing to do with anything.

  • Because we’re at the peak of the hype curve and it seems the industry can’t shut up about AI.

  • Because you’ve played around with some models, maybe found some limited use cases, but AI hasn’t exactly changed your life.

  • Because AI slop has infected the entirety of the Internet.

  • Because AI has been weaponized by bad actors to more efficiently find their way into your network.

  • Because AI companies who are training models have abandoned even the pretense of morality.

  • Because it’s now stupid expensive to build a gaming PC with a decent frame rate, assuming you can even find the GPU you want.

  • Because AI features are getting shoved in your face from vendors you don’t trust promising capabilities you don’t need.

  • Because climate change is a thing, but we’re exhausting massive amounts of data center waste heat just so we can see Dora the Explorer gorging herself on a mountain of fries.

  • Because the C-suite at your company is trying to figure out how to use AI so they can reduce headcount.

  • Because AI is a rapidly evolving pile of jargon and technical concepts you’re supposed to figure out, but you’re still trying to complete the stupid SD-WAN rollout that is dragging on absolutely forever because you can’t get resources.

You’re sick of AI. Yeah. Me, too.

But. I believe that, despite the ridiculous hype, there’s something real with AI that will impact all of us in IT infrastructure eventually.

  1. We’ll be building infrastructure to support AI computing.

  2. We’ll be using AI to surface actionable data buried in our telemetry.

  3. We’ll be securing AI applications our business stakeholders are using.

AI, meant in the hyperbolic sense the industry is using it today, is many (mostly annoying) things. But until the bubble bursts and we move onto the next hype cycle, AI is a part of tech life. I might be sick of AI, too
but I’m trying to find the signal in the slop. When the bubble pops, the valid use cases will still matter. - Ethan

THIS WEEK’S MUST-READ BLOGS đŸ€“

Some CCIE cert holders engage in oneupmanship. “Well back in MY day, the CCIE lab exam was actually hard. We had to manufacture our own routers from nothing but sand and a blast furnace! You kids have it easy these days.”

Reality is that the CCIE program has evolved over time. CCIE v1 wasn’t the same as the Route+Switch v3 program I went through or the modern day CCIE Enterprise. Mason makes that point well with these excerpts from his post.

“The massive overhaul of CCIE R/S to CCIE Enterprise was not just a “rebrand”, but a redesign of scope. While we used to be tested 1000 miles deep on just routing and switching, we are now tested 400 miles deep on R/S, 150 miles deep on Software defined Infrastructure, 100 miles deep on automation and programmability, and 150 miles deep on design.

This may seem like these changes makes the test easier, but in fact, there is hidden complexity in increasing the width of the exam. When the scope increases we also fall victim to the interaction surface between these technologies widening.”

Yup. 100% that. The modern CCIE Enterprise program is emblematic of the problem we have in networking more broadly. The complexity of the stack has gotten out of control. - Ethan

Satellite throughput over your SD-WAN solution got you down? Gian Paolo has some discoveries to share as to why that might be. His solution? Twelve parallel tunnels matching the twelve streams the satellite is capable of for the SD-WAN algorithm to distribute traffic across. Gian shares more details on the click. - Ethan

A former Cisco TAC engineer reminisces about the old “sun spots” excuse to explain why a router crashed due to a parity error. Sounds silly, but there was some legitimacy to it. - Ethan

Birgitta Böckeler shares her experiences using agentic coding assistants. It’s a very balanced post on where they’re effective as assistants (executing tests, researching the Web, trying to fix linting and compiling errors). However, she notes that she often has to steer, correct, or just ignore output from these agents. She provides a set of detailed examples, but the big takeaway is this: “...while the advancements have been impressive, we’re still far away from AI writing code autonomously for non-trivial tasks. They also give ideas of the types of skills that developers will still have to apply for the foreseeable future. Those are the skills we have to preserve and train for.” - Drew

MORE BLOGS

  1. AWS NAT Gateway (economics & alternatives) - Malith R.

  2. Understanding DNS resolution on Linux and Kubernetes (2024) - JĂ©rĂŽme Petazzoni via GitHub.io

  3. Leaking Passwords (and more!) on macOS (CVE-2024-54471 discussion) - Watch This Space

  4. The State of LLM Reasoning Models - Ahead Of AI / Sebastian Raschka, PhD

  5. The Frontend Treadmill (2024, newer isn’t better) - These Yaks Ain’t Gonna Shave Themselves

Get AI-Native Security that moves at the speed of your business

Don’t let network protection slow you or your business down.

Juniper’s new SRX4700 Firewall is designed to protect data in motion, bringing security and networking together in a single, streamlined platform. That means you can mitigate risk without interruption. Making sure users aren’t just well protected, but enjoying the very best network experience.

And with the Mist AI Predictive Prevention Feature, it’s never been easier to keep the network safe from potential, initial, and subsequent attacks. That means you, future cybersecurity hero, can detect and stamp out bad actors and sophisticated threats before they wreak havoc on the business.

With Juniper, you’re always one step ahead.

Explore Our Solutions Now

TECH NEWS 📣

The main nasty vulnerability here was a statically coded, undocumented, backdoor admin account. Cisco patched CVE-2024-20439 in September 2024, as well as CVE-2024-20440 that allows unauthenticated users to grab log files. These CVEs are a bit tricky for an attacker to exploit, but even so—if you’re running CLSU, it’s time to get to get it patched. The bad guys have figured out what to do here. - Ethan

Meta’s new “Waterworth” cable will be physically routed to avoid geopolitical problems where possible. Got it. But that wasn’t as interesting as the bit about the fiber cable itself.

Waterworth is a 24-fiber pair cable made up of several segments going tens of thousands of kilometers in total. To go that far, the fiber optic signal has to be repeated periodically. Repeaters (optical amplifiers) have to be powered, as each consumes 50-100W. So now you need to send kilowatts of electricity down the cable to power all the repeaters.

That means Meta’s Waterworth is breaking new ground for an undersea cable. While it’s not their first 24 pair repeated fiber optic undersea cable—the 8,000km Anjana cable will be once it goes live—Waterworth will be beastly long once all the segments are interconnected.

“Waterworth will be using all 24 fiber pairs of that present-day capacity. Which puts it at the forefront of undersea cable tech today—although Waterworth isn’t the first undersea 24-fiber cable Meta has laid down.

“Meta is expected to activate Anjana, the first 24-pair repeatered system, this year,” adds [Lane] Burdette [of TeleGeography]. “Anjana was supplied by NEC.” (Other 24-pair fiber cables with repeaters in them are also under development both by NEC and others, Burdette notes, although Meta now appears to be first in line to actually activate such a system.)

Anjana is less than 8,000 km—connecting Myrtle Beach, S.C., to Santander, Spain. 
 Waterworth’s anticipated 50,000-km span—more than six times that of Anjana—would represent quite a leap forward.” - Ethan

As restaurants crank up mobile apps, SaaS point of sale, and web online ordering, their attack surfaces increase. The bad guys love this stuff, leveraging weaknesses in what might have been a product rushed to market to capture digital sales as quickly as possible. This is what happened to holey donut vendor Krispy Kreme, where “sensitive data, such as payroll records, contracts, tax documents, and customer financial information” is said to have been exfiltrated by the group taking responsibility, Play.

For me, this is as much a security story as it is a reminder to all of us using apps for sake of convenience. The backend of that handy app is a potential clown show. Is that where you want to store your personal data? Or are we at that point where it just doesn’t matter anymore? Where the breaches are so many and so common that the cause of privacy is lost?

Maybe we can flip this in our favor. What about an LLM trained on dark web breach repos so that we can query it to remember our passwords? I can see it on HuggingFace now
the password recovery model. 😂 - Ethan

MORE NEWS

FOR THE LULZ đŸ€Ł

RESEARCH & RESOURCES 📒

Brett’s a Technical Solutions Architect at WWT. He reports, “I recently had to brush up on Juniper Networks' Apstra Intent-based networking software, so I put together a basic lab guide to keep track of my review areas. The guide walks through a simple three-stage deployment, with an option to incorporate DCI. This guide focuses solely on the Apstra configuration, not the supporting infrastructure. This lab can be deployed virtually with Containerlab and vJunosEvolved.”

The doc embedded in his post is 41 pages and includes diagrams, tables, and screenshots. - Ethan

The DevNet team says, “Run your code on live infrastructure with Sandbox. Develop and test Cisco APIs, SDKs, and more for free. Deploy and test your code from anywhere, any time. Access virtualized environments, simulators, and real hardware. Play and test with Sandbox in your Learning Lab journey. Select ready-to-go and pre-packaged Sandboxes.”

Featured Sandboxes include Edge Intelligence - IoT Operations Dashboard and ACI Simulator 6.0. Here’s the entire list of Sandboxes in the Networking category.

  • Catalyst Center Always-On v2.3.3.6

  • Cisco 8000 SONiC Notebook

  • Cisco 8000 XR Notebooks

  • Cisco Catalyst Center

  • Cisco Modeling Labs

  • Cisco Security Cloud Control

  • Cloud-Native SD-WAN

  • IOS XE on Cat8kv

  • IOS XE on Cat8kv AlwaysOn

  • IOS XR Programmabilty AlwaysOn

  • Meraki Small Business and Enterprise

  • NSO AlwaysOn

  • Network Services Orchestrator

  • Open NX-OS Programmability AlwaysOn

  • SD-WAN 20.10

  • SD-WAN 20.10 AlwaysOn

  • XRd Sandbox

Many more Cisco Sandboxes in the Security, IoT, Collaboration, and Data Center categories. Sadly, I can’t report on the user experience. I logged in using Safari on MacOS with my CCO ID, and Sandbox threw a “400 Bad Request Request Header Or Cookie Too Large” error. Maybe a temporary thing or works in Chrome? Dunno. đŸ€·â€â™‚ïž But in principle, Sandbox looks like an outstanding resource. - Ethan

Getting hammered by AI scraper bots? Anubis can help. From the docs


“Anubis weighs the soul of your connection using a sha256 proof-of-work challenge in order to protect upstream resources from scraper bots.

This program is designed to help protect the small internet from the endless storm of requests that flood in from AI companies. Anubis is as lightweight as possible to ensure that everyone can afford to protect the communities closest to them.

Anubis is a bit of a nuclear response. This will result in your website being blocked from smaller scrapers and may inhibit "good bots" like the Internet Archive. You can configure bot policy definitions to explicitly allowlist them and we are working on a curated set of "known good" bots to allow for a compromise between discoverability and uptime.” - Ethan

MORE RESOURCES

  1. VoWiFi with Asterisk (open source IMS client) - Osmocom Project

  2. How to work on the Windows port - ebpf-go Documentation

  3. IronRDP (Microsoft remote desktop protocol in Rust) - Devolutions via GitHub

AutoCon3 Workshops Announced!
Conference registration and workshops are now available for AutoCon3, the premier live event for network automation professionals. The workshops offer deep-dive technical instruction to advance your automation skills. See the full program and join us in Prague, CZ May 26-30.
More details here: https://networkautomation.forum/autocon3

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Watch this 3 minute video for a hint at something Cisco is working on related to their automation product set. I got a briefing under NDA about Project Foresight yesterday. I can’t say much for a couple of months, because NDA. But I will say that Cisco is trying very hard to get this one right. - Ethan

If you’re a VAR, integrator, or MSP, Itential wants to enable an automation practice for you to offer to your customers.

The AUTOMATEx Partner program provides “a structured, tiered approach tailored to each partner’s profile and go-to-market strategy. Through Itential’s market-leading platform, along with technical training, sales enablement, and go-to-market support, partners can develop deep expertise in network automation while unlocking new revenue opportunities. With AUTOMATEx, partners gain the resources and technology needed to expand their market presence and deliver automation solutions that drive real business impact.”

If you’re fighting to create network automation expertise deep enough to be confident offering an automation service, AUTOMATEx might be the easy button. Certainly worth a chat with the Itential folks to see if it’s a fit. - Ethan

Allegro makes self-described Network Multimeters - hardware doing live packet capture and analysis. They’ve released the Allegro 510, an upgrade to the Allegro 500.

“With a 25 % higher average throughput and twice the memory capacity of the Allegro 500, the Allegro 510 enables even faster and more powerful data processing. With support for up to 2.5 G network speeds, the device is ideal for small to medium sized network environments.”

If you’ve got a 500 today, Allegro “is offering a cost-effective upgrade, allowing the device to be upgraded to a 510 model.” - Ethan

MORE INDUSTRY NOISES

  1. Comcast Accelerates Virtualization and AI Technologies Throughout the Nation’s Largest and Fastest Network Using DriveNets Network Cloud - DriveNets

  2. Worldwide Server Market Revenue Increased 91% During the Fourth Quarter of 2024, according to IDC - Nvidia continues dominating the GPU server space - IDC Press Releases

  3. Why we still don't use includeAllNetworks (Apple iOS related) - Mullvad VPN

  4. Introducing Cloudy, Cloudflare’s AI agent for simplifying complex configurations (starting with WAF custom rules) - Cloudflare Blog

  5. JPMorganChase, Quantinuum, Argonne National Laboratory, Oak Ridge National Laboratory and University of Texas at Austin advance the application of quantum computing to potential real-world use cases beyond the capabilities of classical computing (Certified Quantum Randomness) - JPMC News

  6. Gmail's upgraded search results help you find the emails you want, faster. (but I don’t want any of them 😂) - Google’s The Keyword Blog

DYSTOPIA IRL 🐙

TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳

LAST LAUGH 😆