Human Infrastructure 391: A Fat Tuesday-Sized Newsletter (On a Thursday)

It's Jeudi-Gras! Laissez les bons temps rouler!

THIS WEEK’S MUST-READ BLOGS 🤓

Eric got his hands on a licensed version of Cisco Modeling Lab. In this post he shares some setup details (and hassles), what he’s using the lab for, some shared resources you can use to get your own lab going, and recommendations for additional learning material. - Drew 

Karim writes “Querying logs using natural language is incredibly powerful and can save a tremendous amount of time. Imagine being able to "chat" with your logs and ask questions like: Who was the last person to connect to my server? What connections originated from a specific source IP? Show me all connections from the past five minutes.” This post shows you how to do that using LangChain, a framework that lets you “chain together” operations to get a result. In this example he shows you how to write a LangChain template, using ChatGPT 4, to help you “talk” to your AWS VPC flow logs. 

Karim’s work here is part of a growing number of tools and projects that blend AI and network data. See, for example, John Capobianco’s Packet Buddy, or Kyler Middleton’s AI Slackbot project (we’ll be releasing a Heavy Networking episode with her about the project soon), or Du’An Lightfoot’s talk from AutoCon2. While it’s good to be wary of AI hype, don’t overcorrect and miss out on developments that may be of actual use. - Drew 

Pat provides a good action plan if your organization is undertaking a zero trust project. He describes the key principles of zero trust, the value proposition, and offers a 7-step plan to roll it out. The post doesn’t get into products because there’s a lot of ways to carve this beast, product-wise. That said, if you’re looking for a solid outline to get you started and to help you keep track of big-picture objectives, you’ll want to bookmark this and share it with your team. - Drew  

Kim Zetter is tracking an ongoing story about whether the US Cyber Command has been ordered to stand down on all planning regarding Russian cyber activities. The story was reported by reputable outlets including the Washington Post and The Guardian. In subsequent days, the US government has denied the reports, though the Post is standing by its story. Kim’s piece looks at what’s been reported and what’s been denied, and is updating the story as new information comes in. If you’re wondering what the big deal is, Jacob Williams has a good post on why, if true, this would be a bad thing for US and global cybersecurity and the collection of threat intelligence. - Drew  

This treatise on troubleshooting is written from a technical perspective, but broadly enough to apply to a variety of disciplines. I found myself nodding in agreement as I went along. Right near the top of the piece was this golden nugget.

“Anyone who’s played guitar for a while knows the visceral feeling of realizing they’re turning the tuner of a different string than the one they’re plucking. No wonder nothing is helping! When trying to fix a system, before setting to work, I do something that’s guaranteed to have an effect.”

So much that when troubleshooting IT stacks and networks specifically. So much that. Lots more gold in that piece. - Ethan

This piece covers modern load balancing architectures with an emphasis on open source approaches. If you’re new to load balancing, or haven’t thought about what architectures might be available since your F5 pair has been running just fine for years, this is worth your time. Easy to understand and augmented with diagrams. - Ethan

TSMC is in a tough spot. It’s squeezed between an authoritarian regime in China that wants to reclaim Taiwan, and a mercurial  US president who flings tariffs the way primates fling feces. At present, TSMC is in the good graces of Trump thanks to TSMC’s recent pledge to invest $100 billion in new chip-manufacturing capabilities in the United States. However, that investment is spurring anxiety in Taiwan.

Why? Simply put, the US and other western countries absolutely rely on TSMC for the manufacture of advanced chips that power their modern economies. That reliance serves as a de facto, though unofficial, guarantee of military support against an invasion from China. But if TSMC transfers advanced technology and manufacturing capabilities to the US mainland, that protection guarantee could vanish, or at least be substantially weakened.

The post linked above examines this dilemma in more detail, and also provides good background on what TSMC has pledged to build in the US, and well as what this could mean for Intel (not much good). It’s an excellent post and well worth your time.  - Drew

The TL;DR here is that traditional vendors of Ethernet ASICs and switches will reap significant benefits from the AI infrastructure boom (something we’ve been talking about on Network Break). While Nvidia is scooping up most of the money through GPU sales, the need for backend and frontend networks to connect GPU clusters is also steering money to Broadcom, Marvell, Arista, and whitebox makers such as Celestica. The post has lots of diagrams and links to market research if you want a deeper look. - Drew

If you think tech and politics aren’t supposed to mix, read this post and then think about it some more. - Drew

MORE BLOGS

Meet the Packet Pushers at DCD Connect!
Join Ethan Banks and Drew Conry-Murray at DCD Connect in NYC this March! DCD Connect brings together more than 3,500 senior leaders working on some of the largest data center projects in North America. Register here and use the code PACKET and we’ll see you in New York! Ethan and Drew will be on site March 24th. Come say hello and collect your free virtual donut!

TECH NEWS 📣

On the Network Break podcast, Johna Johnson and I have been covering suspicious damage to subsea cables by “fishing vessels” in the Baltic. This visual guide from the Guardian recounts the damage, tracks vessel paths, and maps out the cables and the countries they connect. And for more on subsea fiber optic cables, the Packet Pushers recorded a Heavy Networking episode with Telstra a few years back to talk about how these cables are laid, monitored, and repaired. BTW, thanks to Chad from the Packet Pushers Slack for the heads up on this article. - Drew  

Microsoft is warning that Chinese cyber actors are going after stolen API keys and compromised credentials of IT providers, as well as vendors of identity management, privileged access management, and remote monitoring and management products. The goal, of course, is to get access to these organizations’ customers. The attackers are rifling through GitHub and other publicly accessible repositories to pilfer credentials and keys. - Drew

I’ve been seeing the term vibe coding pop up in Hacker News headlines in the last couple of weeks. No, it’s not a chilled approach to programming where you’re in your pajamas with lofi gently thrumming in the background. I mean, that’s just coding, am I right? 😅😬

Vibe coding is about letting AI generate code in response to your prompts, you accepting whatever it gives you without even looking at diffs, and rolling on with the project. There are negatives to this approach, of course. Chief among them, at least from my perspective? You don’t understand how the code works, and it’s gonna break. Then what? Vibe debugging? Humph. It seems our new robot overlords require much caretaking. - Ethan

If I were more entrepreneurial, I would start a printer company that didn’t run the ink side of its business like the Mafia. You buy the printer, use whatever ink you want, and it just works. And you can still print in black even when you’re low on cyan. It might not make me rich, but it would make me beloved. - Drew 

MORE HEADLINES

FOR THE LULZ 🤣

RESEARCH & RESOURCES 📒

Hawzen has fun making his own transport layer called HDP. Not quite as nuts as it might sound, as lots of IP protocols out there are neither TCP or UDP, but their own thing. ICMP, for instance. OSPF. But Hawzen wants to know what happens when injecting something the Internet doesn’t know about, in that it’s not a known, standards-based protocol.

From the README. “What if I sent a packet using a transport protocol that didn’t exist? Not TCP, not UDP, not even ICMP—something completely made up. Would the OS let it through? Would it get stopped before it even left my machine? Would routers ignore it, or would some middlebox kill it on sight? Could it actually move faster by slipping past common firewall rules? No idea. So I had to try. First, I sent the packets to myself, just to see how my own machine handled the poison I made up. Then, I sent them across continents to a remote Linux machine to see if they’d actually make it.”

He goes into this project in more detail than “did it get there”. The answer? It depends both on cloud provider and on whether or not he used v4 vs. v6. Interesting results. - Ethan

Yaak 2.0 - Mountain Loop Labs
https://yaak.app

Yaak self-describes as, “The API client for modern developers. Yaak is an offline and Git friendly app for HTTP, GraphQL, WebSockets, SSE, and gRPC.” Yaak 2.0 was announced on 19-Feb-2025. 2.0 now supports Git, WebSockets and OAuth. There are also performance improvements and a Vim mode, as well as a long list of other tweaks and fixes.

There’s also a yaak2postman CLI community project that converts Yaak exports to Postman collections.

I haven’t tried Yaak, but I’m intrigued. Yaak is open source, and appears to be a Postman alternative that emphasizes ease-of-use. As Greg the lead dev puts it, “I was done building API clients after moving on from Insomnia in 2020, but the market shifted to mandatory accounts and other lock-in tactics. So I started from scratch and built the tool I'm proud to put my name behind.” - Ethan

Chris Wahl is launching free courses for IT pros. His first effort covers AWS Cloud and Terraform. Chris writes: “I'm currently conducting an experiment where I'm creating free "essentials" type courses specifically designed to be beginner-friendly and accessible. These courses are hosted on YouTube with decks posted to SlideShare for anyone to share and enjoy.” I’ve seen the SlideShare deck for the above course, and it’s packed with information. Check it out! - Drew

MORE RESOURCES

  1. Pangolin (Tunneled Mesh Reverse Proxy Server with Access Control aka self-hosted zero trust tunnel) - fosrl via GitHub

  2. Implementing a virtual rail architecture (AI network cluster design) - IBM Developer

  3. The Victorian Internet: The Remarkable Story of the Telegraph and the Nineteenth Century's On-Line Pioneers (book, 1998) - Wikipedia

  4. human-regex (TypeScript library, build a regex using English-like syntax) - rajibola via GitHub

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Torero is a free-forever tool from Itential that provides an execution environment for network automation artifacts, such as Python scripts and Ansible playbooks. The 1.3 release highlights include private registry support for Ansible & PyPi and import services from a Git repo. Read the blog for more detail. - Ethan

More news from the world of 800G optical networking, this time from PacketLight with an interoperability story. “PacketLight and Fujitsu Optical Components have succeeded in the transport of a mix of 100GbE and 400GbE data services over 800G wavelength, using PacketLight’s PL-8000M 2 x 800G Muxponder with Fujitsu Optical Components’ 800G CFP2-DCO pluggable module.” The PL-8000M Muxponder is the first in the 800G family of products from PacketLight.

We’re gonna be reading about terabit transport options before we know it. Wow and so on. - Ethan

TL;DR. “The newly established transmission infrastructure by HGC will bridge the capacity gap between continents by leveraging Telehouse Bangkok and Telehouse London. This initiative will enable uninterrupted cross-border content access and add to peering across AMS-IX Bangkok and AMS-IX Amsterdam. Additionally, customers within both locations will benefit from direct, virtual circuits without the need to activate any individual transmission layers.” - Ethan

Broadcom has announced the availability of its PCIe Gen6 portfolio. As hyperscalers and other organizations look to wring every bit of capacity and efficiency out of AI infrastructure, Broadcom is positioning Gen6 as an essential element of that effort. From the press release: “The design features include extended reach, lower power dissipation, and simplified interop and end-to-end management.” - Drew 

MORE INDUSTRY NOISES

DYSTOPIA IRL 🐙

TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳

  1. Is it Lunacy to Put a Data Center on the Moon? - IEEE Spectrum

  2. Is It Time to Redefine Time? (new atomic clocks) - Scientific American

  3. When I lost my intuition (fantastic essay) - Aeon

  4. NYC Mesh Map - NYC Mesh

  5. RAG Enabled WordPress in Core Could Transform WordPress from CMS to AIMS - Mark Maunder

  6. retrogram~plutosdr (ASCII wideband spectrum analyzer) - r4d10n via GitHub

  7. The early days of Linux (2023) - LWN.net

  8. Windows NT for GameCube/Wii - Wack0 via GitHub

LAST LAUGH 😆

Shared by Frank Seesink on the Packet Pushers Slack