• Human Infrastructure
  • Posts
  • Human Infrastructure 406: De-Hyping AI, Design Like Bandwidth Is Scarce, and More

Human Infrastructure 406: De-Hyping AI, Design Like Bandwidth Is Scarce, and More

AuthorAuthor

Ethan Banks & Drew Conry-Murray
June 19, 2025

THIS WEEK’S MUST-READ BLOGS 🤓

TL;DR. Yes.

My addendum. FOR THE LOVE OF ALL THAT’S HOLY…YES! PLEASE DEVS, STOP DESIGNING YOUR APPS AS IF EVERYONE IS ON YOUR GIGABIT LAN!

Sorry about that. As you were, everyone. I’ve been fighting this issue since the 90’s, but not much seems to change. So let’s keep cramming those huge web payloads down latent, jittery, tiny pipes. It’ll be fine. Your users can wait. They need to learn patience anyway. And honestly, I love it when my phone browser crashes because of all the crap being shoved into it. Reminds me to put the binky down and get a life. - Ethan

One of my favorite “de-hype” articles about AI & agents I’ve read. Delicious sarcasm.

“I've recognized the potential LLMs bring with a productive mindset. Think: "Aha, so what new things could I now automate?" instead of "Let's cut half of the workforce due to this paradigm shift in civilization and go all-in on the company which writes 'AI' the most on their front page". The former is pragmatic and is ironically enough more likely to cause a paradigm shift in civilization. The latter a subjective hype-fest based on sci-fi novels and tech-bros smoking weed on podcasts.” - Ethan

Valid certs are essential for VPNs. Katherine McNamara walks through how to use Cisco’s Online Certificate Status Protocol (OCSP) to help you check certificate validation on Cisco routers. A handy blog! - Drew

Zabbix provides monitoring software for networks, clouds, containers, and other use cases. In this post, Markku walks through four scenarios for working with Zabbix proxies and Docker containers. - Drew 

Tom Hollingsworth offers a sort of eulogy for tech social media as a way to organize people and bring them together both online and then in person at tentpole events such as Cisco Live.  Those days are gone, as evidenced by a muted meetup at an unsociable “Social Lounge” at CLUS 2025. Tom writes “Things have shifted. It’s not that social isn’t a component of things. It’s that social was practically absent and no one noticed.” But he also believes that community will still find a way because “People matter. They always will. And the people are greater than everything.” - Drew

Bryan writes “if your ISP has assigned a Static IP Address, you’ll need to know how to set that on the SSR using the console port before it will be able to phone-home to the Mist cloud.” He walks through the configurations needed to make that happen. - Drew  

MORE BLOGS

TAKE YOUR PACKET PUSHERS SWAG ON VACATION!
The Packet Pushers Merch Store has tees, sweatshirts, hats, hoodies, mugs, and more. Like Eric Chou, host of Network Automation Nerds, you can bring your favorite show on the road this summer!
https://store.packetpushers.net/

TECH NEWS 📣

This piece is primarily a summary of the key pieces of the initial UEC specification, which weighs in at over 500 pages. A couple of key points should you find yourself involved with an AI data center build that’s going to leverage UEC …

  1. UEC relies on NICs primarily. You can use the switches you have, assuming they support modern explicit congestion notification (ECN). That is, you don’t have to buy Ultra Ethernet switches.

  2. UEC’s congestion control mechanism, arguably the point of all this, is UEC-CC. You use UEC-CC by itself. UEC-CC replaces data center flow control mechanisms you might be familiar with. “The widely used older methods RoCE and DCQCN will degrade UEC-CC performance because, unlike UEC-CC, they do not directly update flow control to match the actual location of a flow problem. PFC (Priority Flow Control) is unnecessary and must be disabled between switches, where it can block valid flows. It is also deprecated where NICs connect to switches, as it lacks UEC-CC’s precision and may over-reduce flows. Credit Based Flow Control is similarly deprecated due to interference with UEC-CC.”

There’s plenty more to consider on the click, including a comparison of UEC with competing technologies like Ultra-Accelerator Link (UALink) and Broadcom’s Scale-Up Ethernet (SUE). - Ethan

Patrick Kennedy reports, “Broadcom is launching its next-generation of switch ASICs with the Broadcom Tomahawk 6 series. This is a new 102.4Tbps switch that can handle up to 64 ports of 1.6TbE. Yes, we are now replacing the “Gigabit” with the “Terabit” Ethernet port era. The two new ASICs, the Broadcom BCM78910 and BCM78914 offer two different configurations for different applications.”

So much bandwidth that it’s genuinely difficult to get one’s head around. Lots more detail on the Broadcom announcement on the click. As I understand it from chatting with folks at Juniper and elsewhere, it will be a couple more years before we see 1.6Tbps Ethernet on the market, so you have some time to get your nuclear power plant online first. - Ethan

One problem with a US president making policy via executive orders is that they aren’t as durable as laws passed by Congress. A new president can amend or dismiss any and all executive orders issued by previous administrations just by issuing a new executive order. 

As a case in point, Ars Technica walks through changes to cybersecurity EOs issued under the Biden administration that are now being amended by Trump. Like the Reverse card in a game of UNO, Trump is dropping or relaxing requirements around some sensible security measures. This includes a mandate that federal agencies and contractors adopt quantum-safe encryption products, and removing a requirement that the Commerce Department work with NIST to publish guidance for government networks and service providers that work with government networks to implement RPKI, a standard to limit the risk of route leaks and BGP hijacking.

We know US government networks are being successfully targeted by nation-state actors, among others, so it seems odd to want to walk back these kinds of orders intended to strengthen them. - Drew

In contrast to the federal government (see above) AWS claims it reached a significant security milestone: that root users of every account across AWS is now using Multi-Factor Authentication (MFA). MFA is a reasonable security practice and can help limit the damage from problems such as stolen credentials. AWS also reinforced its commitment to Secure By Design, a program championed by the US Cybersecurity and Infrastructure Security Agency (CISA). Secure by Design is a set of principles that “prioritize the security of customers as a core business requirement” and organizations can voluntarily pledge to implement those principles.  - Drew

MORE TECH NEWS

FOR THE LULZ 🤣

RESEARCH & RESOURCES 📒

I first heard about Temporal at the AutoCon3 network automation conference, where Naveen Achyuta presented on it. My summary of that talk is on LinkedIn here.

In short, Temporal is a workflow engine that takes on state tracking, interruptions, and so on for you so that you don’t have to handle all of those exceptions in your code. Ergo, a “durable execution platform”. There are both paid and open source flavors.

Lots of network automation use cases for Temporal. - Ethan

One of those projects that’s been around forever, but I don’t think I’d run into it before. From the README.

“Get things from one computer to another, safely.

This package provides a library and a command-line tool named wormhole, which makes it possible to get arbitrary-sized files and directories (or short pieces of text) from one computer to another. The two endpoints are identified by using identical "wormhole codes": in general, the sending machine generates and displays the code, which must then be typed into the receiving machine.

The codes are short and human-pronounceable, using a phonetically-distinct wordlist. The receiving side offers tab-completion on the codewords, so usually only a few characters must be typed. Wormhole codes are single-use and do not need to be memorized.”

Docs here. - Ethan

MORE RESOURCES

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Announced at the somewhat underwhelming 2025 WWDC, Apple has released containerization tooling for macOS. You can download the tool from GitHub.

From the README. “Container is a tool that you can use to create and run Linux containers as lightweight virtual machines on your Mac. It's written in Swift, and optimized for Apple silicon.

The tool consumes and produces OCI-compliant container images, so you can pull and run images from any standard container registry. You can push images that you build to those registries as well, and run the images in any other OCI-compliant application.” - Ethan

Sandfly Security offers agentless Endpoint Detection and Response (EDR) for Linux operating systems. It can also be used for forensics investigation, asset visibility, and other use cases for your Linux fleet. The company has partnered with Digital Ocean to be available as a Security Droplet within Digital Ocean’s infrastructure, making it easier for Digital Ocean customers to access the Sandfly product. - Drew 

Apparently Q1 of 2025 was a good time to be a network security vendor. The Dell’Oro Group says global revenues for network security hit $6.2 billion in the quarter, up 12% over this time last year. By market segment, ADCs and WAFs saw big growth (21%), while hardware firewall revenue was up 5 % and virtual firewall revenue jumped 27%. - Drew  

Alcatel-Lucent Enterprise is extending its partnership with SASE vendor Versa to, according to the press release “offer enhanced Zero Trust security at every network edge. This expansion of strategic collaboration brings more of Versa’s solutions and capabilities to ALE’s customers, including Secure SD-WAN and Zero Trust Network Access (ZTNA), complementing ALE's recognized LAN and WLAN network access control capabilities to address a broader range of secure connectivity use cases.” - Drew  

MORE INDUSTRY NOISES

DYSTOPIA IRL 🐙

TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳

LAST LAUGH 😆

Shared on the Packet Pushers Community Slack by Kaj.