- Human Infrastructure
- Posts
- Human Infrastructure 391: A Fat Tuesday-Sized Newsletter (On a Thursday)
Human Infrastructure 391: A Fat Tuesday-Sized Newsletter (On a Thursday)
It's Jeudi-Gras! Laissez les bons temps rouler!
THIS WEEK’S MUST-READ BLOGS 🤓
Cisco Modeling Labs - Eric Stewart
https://runningoffatthemouth.com/?p=1801
Eric got his hands on a licensed version of Cisco Modeling Lab. In this post he shares some setup details (and hassles), what he’s using the lab for, some shared resources you can use to get your own lab going, and recommendations for additional learning material. - Drew
Using LangChain to Chat with AWS VPC Flow Logs - HashNode
https://jamali.hashnode.dev/using-langchain-to-chat-with-aws-vpc-flow-logs
Karim writes “Querying logs using natural language is incredibly powerful and can save a tremendous amount of time. Imagine being able to "chat" with your logs and ask questions like: Who was the last person to connect to my server? What connections originated from a specific source IP? Show me all connections from the past five minutes.” This post shows you how to do that using LangChain, a framework that lets you “chain together” operations to get a result. In this example he shows you how to write a LangChain template, using ChatGPT 4, to help you “talk” to your AWS VPC flow logs.
Karim’s work here is part of a growing number of tools and projects that blend AI and network data. See, for example, John Capobianco’s Packet Buddy, or Kyler Middleton’s AI Slackbot project (we’ll be releasing a Heavy Networking episode with her about the project soon), or Du’An Lightfoot’s talk from AutoCon2. While it’s good to be wary of AI hype, don’t overcorrect and miss out on developments that may be of actual use. - Drew
Implementing Zero Trust Security in Modern Networks: A Comprehensive Guide - Layer 8 Packet
https://www.layer8packet.io/home/implementing-zero-trust-security-in-modern-networks-a-comprehensive-guide
Pat provides a good action plan if your organization is undertaking a zero trust project. He describes the key principles of zero trust, the value proposition, and offers a 7-step plan to roll it out. The post doesn’t get into products because there’s a lot of ways to carve this beast, product-wise. That said, if you’re looking for a solid outline to get you started and to help you keep track of big-picture objectives, you’ll want to bookmark this and share it with your team. - Drew
Did Trump Admin Order U.S. Cyber Command and CISA to Stand Down on Russia? - Kim Zetter
https://www.zetter-zeroday.com/did-trump-admin-order-u-s-cyber-command-and-cisa-to-stand-down-on-russia/
Kim Zetter is tracking an ongoing story about whether the US Cyber Command has been ordered to stand down on all planning regarding Russian cyber activities. The story was reported by reputable outlets including the Washington Post and The Guardian. In subsequent days, the US government has denied the reports, though the Post is standing by its story. Kim’s piece looks at what’s been reported and what’s been denied, and is updating the story as new information comes in. If you’re wondering what the big deal is, Jacob Williams has a good post on why, if true, this would be a bad thing for US and global cybersecurity and the collection of threat intelligence. - Drew
On Troubleshooting - The Autodidacts
https://www.autodidacts.io/troubleshooting/
This treatise on troubleshooting is written from a technical perspective, but broadly enough to apply to a variety of disciplines. I found myself nodding in agreement as I went along. Right near the top of the piece was this golden nugget.
“Anyone who’s played guitar for a while knows the visceral feeling of realizing they’re turning the tuner of a different string than the one they’re plucking. No wonder nothing is helping! When trying to fix a system, before setting to work, I do something that’s guaranteed to have an effect.”
So much that when troubleshooting IT stacks and networks specifically. So much that. Lots more gold in that piece. - Ethan
Discussion on Load Balancing - 2coffee.dev
https://2coffee.dev/en/articles/discussion-on-load-balancing
This piece covers modern load balancing architectures with an emphasis on open source approaches. If you’re new to load balancing, or haven’t thought about what architectures might be available since your F5 pair has been running just fine for years, this is worth your time. Easy to understand and augmented with diagrams. - Ethan
Deep Dive: Is TSMC's $100b Investment Signalling A US Chip Revival? - Tech Soda
https://techsoda.substack.com/p/deep-dive-is-tsmcs-100b-investment
TSMC is in a tough spot. It’s squeezed between an authoritarian regime in China that wants to reclaim Taiwan, and a mercurial US president who flings tariffs the way primates fling feces. At present, TSMC is in the good graces of Trump thanks to TSMC’s recent pledge to invest $100 billion in new chip-manufacturing capabilities in the United States. However, that investment is spurring anxiety in Taiwan.
Why? Simply put, the US and other western countries absolutely rely on TSMC for the manufacture of advanced chips that power their modern economies. That reliance serves as a de facto, though unofficial, guarantee of military support against an invasion from China. But if TSMC transfers advanced technology and manufacturing capabilities to the US mainland, that protection guarantee could vanish, or at least be substantially weakened.
The post linked above examines this dilemma in more detail, and also provides good background on what TSMC has pledged to build in the US, and well as what this could mean for Intel (not much good). It’s an excellent post and well worth your time. - Drew
AI Networking Companies Are Set For Capex Primetime - Pragmatic Optimist
https://amritaroy.substack.com/p/ai-networking-companies-are-set-for
The TL;DR here is that traditional vendors of Ethernet ASICs and switches will reap significant benefits from the AI infrastructure boom (something we’ve been talking about on Network Break). While Nvidia is scooping up most of the money through GPU sales, the need for backend and frontend networks to connect GPU clusters is also steering money to Broadcom, Marvell, Arista, and whitebox makers such as Celestica. The post has lots of diagrams and links to market research if you want a deeper look. - Drew
Why Techdirt Is Now A Democracy Blog (Whether We Like It Or Not) - TechDirt
https://www.techdirt.com/2025/03/04/why-techdirt-is-now-a-democracy-blog-whether-we-like-it-or-not/
If you think tech and politics aren’t supposed to mix, read this post and then think about it some more. - Drew
MORE BLOGS
Trying to Justify SNMP - Robopenguins
Yoke is really cool (IaC via Go or Rust, WASM & K8s manifests, oh my!) - Xe Iaso
There Isn't Much Point to HTTP/2 Past The Load Balancer - byroot’s blog
Things you should never do: Use Expect to autotype SSH passwords in scripts - Andrew Quinn’s TILs
Most IT companies fail to serve security.txt for RFC 9116 in 2025 - Hartwork Blog
Tailscale is pretty useful - Fatih’s Personal Blog
![]() |
Meet the Packet Pushers at DCD Connect!
Join Ethan Banks and Drew Conry-Murray at DCD Connect in NYC this March! DCD Connect brings together more than 3,500 senior leaders working on some of the largest data center projects in North America. Register here and use the code PACKET and we’ll see you in New York! Ethan and Drew will be on site March 24th. Come say hello and collect your free virtual donut!
TECH NEWS 📣
‘Shadow fleets’ and subaquatic sabotage: are Europe’s undersea internet cables under attack? - The Guardian
https://www.theguardian.com/world/ng-interactive/2025/mar/05/shadow-fleets-subaquatic-sabotage-europe-undersea-internet-cables-under-attack
On the Network Break podcast, Johna Johnson and I have been covering suspicious damage to subsea cables by “fishing vessels” in the Baltic. This visual guide from the Guardian recounts the damage, tracks vessel paths, and maps out the cables and the countries they connect. And for more on subsea fiber optic cables, the Packet Pushers recorded a Heavy Networking episode with Telstra a few years back to talk about how these cables are laid, monitored, and repaired. BTW, thanks to Chad from the Packet Pushers Slack for the heads up on this article. - Drew
Silk Typhoon hackers now target IT supply chains to breach networks - Bleeping Computer
https://www.bleepingcomputer.com/news/security/silk-typhoon-hackers-now-target-it-supply-chains-to-breach-networks/
Microsoft is warning that Chinese cyber actors are going after stolen API keys and compromised credentials of IT providers, as well as vendors of identity management, privileged access management, and remote monitoring and management products. The goal, of course, is to get access to these organizations’ customers. The attackers are rifling through GitHub and other publicly accessible repositories to pilfer credentials and keys. - Drew
Will the future of software development run on vibes? - Ars Technica
https://arstechnica.com/ai/2025/03/is-vibe-coding-with-ai-gnarly-or-reckless-maybe-some-of-both/
I’ve been seeing the term vibe coding pop up in Hacker News headlines in the last couple of weeks. No, it’s not a chilled approach to programming where you’re in your pajamas with lofi gently thrumming in the background. I mean, that’s just coding, am I right? 😅😬
Vibe coding is about letting AI generate code in response to your prompts, you accepting whatever it gives you without even looking at diffs, and rolling on with the project. There are negatives to this approach, of course. Chief among them, at least from my perspective? You don’t understand how the code works, and it’s gonna break. Then what? Vibe debugging? Humph. It seems our new robot overlords require much caretaking. - Ethan
Brother accused of locking down third-party printer ink cartridges via forced firmware updates, removing older firmware versions from support portals - Tom’s Hardware
https://www.tomshardware.com/peripherals/printers/brother-accused-of-locking-down-third-party-printer-ink-cartridges-via-firmware-updates-removing-older-firmware-versions-from-support-portals
If I were more entrepreneurial, I would start a printer company that didn’t run the ink side of its business like the Mafia. You buy the printer, use whatever ink you want, and it just works. And you can still print in black even when you’re low on cyan. It might not make me rich, but it would make me beloved. - Drew
MORE HEADLINES
1 Million Third-Party Android Devices Have a Secret Backdoor for Scammers - Wired
What happened at the Homebrew Computer Club 50 years ago: Apple was born, and a revolution began - ZDNet
Going 800Gbps at up to 1000km with the Marvell COLORZ 800 - ServeTheHome
Microsoft cancels 200MW of AI data center leases—report - Data Center Dynamics
US congressional panel urges Americans to ditch China-made routers - Reuters
Find my hacker: How Apple's network can be a potential tracking tool - College Of Engineering And Computing George Mason University
Regional Internet Registries work to prevent one of their own going rogue - The Register
FOR THE LULZ 🤣

RESEARCH & RESOURCES 📒
What would happen if we didn't use TCP or UDP? (hdp project) - Hawzen via GitHub
https://github.com/Hawzen/hdp
Hawzen has fun making his own transport layer called HDP. Not quite as nuts as it might sound, as lots of IP protocols out there are neither TCP or UDP, but their own thing. ICMP, for instance. OSPF. But Hawzen wants to know what happens when injecting something the Internet doesn’t know about, in that it’s not a known, standards-based protocol.
From the README. “What if I sent a packet using a transport protocol that didn’t exist? Not TCP, not UDP, not even ICMP—something completely made up. Would the OS let it through? Would it get stopped before it even left my machine? Would routers ignore it, or would some middlebox kill it on sight? Could it actually move faster by slipping past common firewall rules? No idea. So I had to try. First, I sent the packets to myself, just to see how my own machine handled the poison I made up. Then, I sent them across continents to a remote Linux machine to see if they’d actually make it.”
He goes into this project in more detail than “did it get there”. The answer? It depends both on cloud provider and on whether or not he used v4 vs. v6. Interesting results. - Ethan
Yaak 2.0 - Mountain Loop Labs
https://yaak.app
Yaak self-describes as, “The API client for modern developers. Yaak is an offline and Git friendly app for HTTP, GraphQL, WebSockets, SSE, and gRPC.” Yaak 2.0 was announced on 19-Feb-2025. 2.0 now supports Git, WebSockets and OAuth. There are also performance improvements and a Vim mode, as well as a long list of other tweaks and fixes.
There’s also a yaak2postman CLI community project that converts Yaak exports to Postman collections.
I haven’t tried Yaak, but I’m intrigued. Yaak is open source, and appears to be a Postman alternative that emphasizes ease-of-use. As Greg the lead dev puts it, “I was done building API clients after moving on from Insomnia in 2020, but the market shifted to mandatory accounts and other lock-in tactics. So I started from scratch and built the tool I'm proud to put my name behind.” - Ethan
Getting Started with AWS Cloud and Terraform - Wahl Network via YouTube
https://www.youtube.com/watch?v=PASG0NTKUQA
Chris Wahl is launching free courses for IT pros. His first effort covers AWS Cloud and Terraform. Chris writes: “I'm currently conducting an experiment where I'm creating free "essentials" type courses specifically designed to be beginner-friendly and accessible. These courses are hosted on YouTube with decks posted to SlideShare for anyone to share and enjoy.” I’ve seen the SlideShare deck for the above course, and it’s packed with information. Check it out! - Drew
MORE RESOURCES
Pangolin (Tunneled Mesh Reverse Proxy Server with Access Control aka self-hosted zero trust tunnel) - fosrl via GitHub
Implementing a virtual rail architecture (AI network cluster design) - IBM Developer
The Victorian Internet: The Remarkable Story of the Telegraph and the Nineteenth Century's On-Line Pioneers (book, 1998) - Wikipedia
human-regex (TypeScript library, build a regex using English-like syntax) - rajibola via GitHub
INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬
Announcing torero 1.3: private registry support & services import - Itential Blog
https://www.itential.com/blog/torero/announcing-torero-1-3-private-registry-support-services-import/
Torero is a free-forever tool from Itential that provides an execution environment for network automation artifacts, such as Python scripts and Ansible playbooks. The 1.3 release highlights include private registry support for Ansible & PyPi and import services from a Git repo. Read the blog for more detail. - Ethan
PacketLight and Fujitsu Optical Components Achieve 800G Transport - PacketLight Networks Press Releases
https://www.packetlight.com/about/press-releases/packetlight-fujitsu-achieve-800g-transport
More news from the world of 800G optical networking, this time from PacketLight with an interoperability story. “PacketLight and Fujitsu Optical Components have succeeded in the transport of a mix of 100GbE and 400GbE data services over 800G wavelength, using PacketLight’s PL-8000M 2 x 800G Muxponder with Fujitsu Optical Components’ 800G CFP2-DCO pluggable module.” The PL-8000M Muxponder is the first in the 800G family of products from PacketLight.
We’re gonna be reading about terabit transport options before we know it. Wow and so on. - Ethan
Telehouse, HGC and AMS-IX partner to launch a new transmission infrastructure to strengthen Asia-Europe cross-continental connectivity - Telehouse News
https://www.telehouse.net/news/telehouse-hgc-and-ams-ix-partner-to-launch-a-new-transmission-infrastructure-to-strengthen-asia-europe-cross-continental-connectivity/
TL;DR. “The newly established transmission infrastructure by HGC will bridge the capacity gap between continents by leveraging Telehouse Bangkok and Telehouse London. This initiative will enable uninterrupted cross-border content access and add to peering across AMS-IX Bangkok and AMS-IX Amsterdam. Additionally, customers within both locations will benefit from direct, virtual circuits without the need to activate any individual transmission layers.” - Ethan
Broadcom Extends PCIe Industry Leadership with End-to-End Gen 6 Portfolio for AI Infrastructure - Broadcom
https://investors.broadcom.com/news-releases/news-release-details/broadcom-extends-pcie-industry-leadership-end-end-gen-6
Broadcom has announced the availability of its PCIe Gen6 portfolio. As hyperscalers and other organizations look to wring every bit of capacity and efficiency out of AI infrastructure, Broadcom is positioning Gen6 as an essential element of that effort. From the press release: “The design features include extended reach, lower power dissipation, and simplified interop and end-to-end management.” - Drew
MORE INDUSTRY NOISES
IBM Completes Acquisition of HashiCorp, Creates Comprehensive, End-to-End Hybrid Cloud Platform - IBM Newsroom
DeepSeek's LLM: Disrupting the AI Landscape with Low Inference Costs - Marvin Labs
Kubernetes Troubleshooting: A Step-by-Step Guide (3 specific scenarios) - Devtron
Adventures in migrating microservices (EKS IPv4 exhaustion) - Wealthsimple Engineering Blog
DYSTOPIA IRL 🐙
I'm Tired of Pretending Tech is Making the World Better - westenberg.
How Skynet won and destroyed Humanity (fiction, but almost not) - Damien MATHIEU
TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳
Is it Lunacy to Put a Data Center on the Moon? - IEEE Spectrum
Is It Time to Redefine Time? (new atomic clocks) - Scientific American
When I lost my intuition (fantastic essay) - Aeon
NYC Mesh Map - NYC Mesh
RAG Enabled WordPress in Core Could Transform WordPress from CMS to AIMS - Mark Maunder
retrogram~plutosdr (ASCII wideband spectrum analyzer) - r4d10n via GitHub
The early days of Linux (2023) - LWN.net
Windows NT for GameCube/Wii - Wack0 via GitHub
LAST LAUGH 😆

Shared by Frank Seesink on the Packet Pushers Slack