• Human Infrastructure
  • Posts
  • Human Infrastructure 451: Git for Networkers, Should We Spend $1 Billion to Refactor, and More

Human Infrastructure 451: Git for Networkers, Should We Spend $1 Billion to Refactor, and More

AuthorAuthor

Drew Conry-Murray & Ethan Banks
June 04, 2026

THIS WEEK’S MUST-READ BLOGS 🤓

If you thought ‘git’ was a British insult and wondered why it was in such heavy use lately, this blog post is for you. While git is widely used by software developers, it’s made its way into network operations as more shops write scripts, automate tasks, and develop workflows that benefit from a version control system. Tony’s post covers the “Why netops needs a version control system,” walks through the installation steps, and helps you set up your first repository. As you can see from the title, there are more posts to come. (If your office is full of the other kind of gits, that’s a different issue entirely.) - Drew 

Brad Tarno, a principal network architect at Disney, writes about where and why he thinks SRv6 or MPLS. For Tarno, it’s all about boundaries. If you control the entire end-to-end stack, SRv6 is his choice. But when you don’t, such as across service provider networks or in multi-tenant situations, he prefers MPLS. Tarno writes “I still believe a solid demarcation layer is worth having and worth keeping. The boundary between "my network" and "your network" is not overhead. It is a control point, a security posture, and an operational contract. SR-MPLS gives me that clean demarc, and for the multi-tenant case it still earns its place.” 

He also has a few words for vendors such as Cisco, which only supports SRv6 in its Silicon One ASIC. “I would rather the protocol win on its merits, on the networks where it actually fits, than have the transition forced through the silicon.” - Drew 

Jen Easterly, CEO of the RSA Conference and former Director of the US Cybersecurity and Infrastructure Security Agency (CISA), is proposing a $1 billion “Great Refactor Fund” to refactor open source software written in C and C++ to Rust. 

The rationale is that Rust is a memory-safe language, so by re-factoring widely-used open source software, we could eliminate entire classes of vulnerabilities that rely on exploit techniques such as buffer overflows and heap overflows. Jenn’s idea drafts on an earlier proposal, called The Great Refactor, that called for the US government to fund a $100 million project to use AI to help rewrite 100 million lines of open-source code. 

Jen is proposing a much bigger fund that would include significant contributions from frontier AI model builders to help cover the costs. 

It’s a bold idea. There are also a hundred things that could go wrong. But maybe boldness is required. Open source software underpins the global tech ecosystem, and much of the work to support it is done on the breaking backs of a handful of maintainers. Such a project could bring needed relief and support to open source, might turn down the speed on the patch management treadmill, and could help shift the commercial industry toward the production of more secure software. 

I’d love to hear what our readers think. - Drew

Johannes says one problem with Fortinet enabling NAT for IPv6 by default on its firewalls is that, given the lack of understanding around IPv6, many administrators might assume that this is normal for v6 and get used to it. But the whole point of v6 is that it doesn’t need NAT because you don’t have to worry about address exhaustion. Johannes describes several options for changing this default setting (including screenshots of the relevant portions of the GUI), and requests that Fortinet customers reach out to ask for this default setting to be done away with. - Drew  

Ali has built a Web-based tool to validate multiple data sources related to wireless surveys, including outputs from testing tools, CSV files, and PDFs. It aligns those data sources with a checklist that can be used to explain to customers and clients where the wireless design does and doesn’t meet their requirements. The link above also includes Ali’s WLPC presentation about the tool, including how it works and why he developed it. - Drew 

MORE BLOGS

VMware bill looking like a CVS receipt? Migrate to Summit's Hyper-V Private Cloud for free.
Broadcom's pricing has turned VMware renewals into an annual exercise in disbelief. We'll move your environment to our Hyper-V Private Cloud at no cost.

Why Summit?

  • Dedicated infrastructure in our global data centers

  • Predictable pricing that fits on one line

  • A team that answers the phone when you call 24/7/365

Romanoff Renovations made the move and cut infrastructure costs by 30%. Your environment could be next.

Migrate for free

TECH NEWS 📣

Like 80s arcade machines, AI is hungry for tokens. And like careless players, AI users can blow their token budgets before they get to the good games. The Register reports on an open source project by Netflix engineer Tejas Chopra, called Project Headroom, that cuts down on token burn by compressing verbose JSON, chopping unnecessary server logs, trimming repeated metadata, and other techniques. The article has more details, or you can go right to the GitHub repo. - Drew 

Microsoft is backing down from legal threats it levied against a security researcher who released a working exploit of a BitLocker vulnerability. The researcher claimed to have tried to report the vulnerability multiple times, but was rebuffed. After Microsoft threatened legal action, many in the security community cried foul. More details about the dust-up are available here. - Drew 

Microsoft is experimenting with wearable computing devices, such as an access badge that comes equipped with a digital camera and is designed to provide “quick access to AI-driven work.” All of the products described in the article sound completely useless, outside of providing another vehicle for employers to track employees. A person on Bluesky described the access badge as a “luxury surveillance pendant,” which is genius phrasing. - Drew 

MORE NEWS

FOR THE LULZ 🤣

Shared by Kaj on the Packet Pushers Community Slack

RESEARCH & RESOURCES 📒

Ivan Pepelnjak calls out a set of CLI tools from Tony Matke. That’s a pretty good recommendation. - Drew 

George Michaelson writes “The IETF Datatracker has received the first draft of the report from the Internet Architecture Board (IAB) workshop on IP Address Geolocation. The workshop at the end of 2025 brought together researchers, protocol and standards experts, operators, and the IP geolocation providers in registry and industry, to discuss the issues. We may want to believe the question of ‘where an IP address is’ has simple answers. The draft lays out the edge cases and complications that have been encountered trying to answer it, showing that simple models are not sufficient.” - Drew 

William Collins (co-host of The Cloud Gambit podcast from the Packet Pushers media empire) and John Capobianco (network automation and AI mad scientist) are conducting a networking-focused workshop on how to incorporate agentic AI into network automation. 

From the description: “Participants will learn how to move from raw MCP tools to structured skills, apply spec-driven development to define and constrain agent behavior, design agentic loops that recover safely when things go wrong, and work with OpenClaw and NetClaw as production-ready frameworks for network automation.” You can get more details from the link above, including pricing. - Drew

MORE RESOURCES

  1. Remove the Ads in Wireshark - Bryan Ward   

UPCOMING LIVE EVENTS 🍕🍻

A curated list of near-future meatspace events of interest to network engineers. Sometimes a Packet Pusher or two will be there (noted below).

Subscribe to events.packetpushers.net in your calendar software.

JUNE 2026

AUTOCON5 | Network Automation Forum
8 - 12 June | Munich, Germany (Packet Pushers attending)

Wi-Co North Carolina
11 June | Jamestown, NC

HPE Discover
14 - 19 June | Las Vegas, NV

JULY 2026

Wi-Co Lyon
2 July | Lyon, France

SharkFest’26 | WireShark User Conference
18 - 23 July | Nashville, Tennessee

IETF 126 | Internet Engineering Task Force
18 - 24 July | Vienna, Austria

INDUSTRY BLOGS & VENDOR ANNOUNCEMENTS 💬 

Cisco unveiled an ambitious AI platform for NetOps at Cisco Live US 2026. Called Cloud Control, this is a unified management interface that gives a view into Cisco products across networking, security, compute, observability, and collaboration. Cisco says telemetry from across its product lines come together in Cloud Control.

It’s intended to be a control center where network engineers and AI agents work together. It uses a couple of purpose-built models, including Cisco’s own Deep Network Model, which is a networking-specific model; and FoundationSec, which is a security model. It can also incorporate frontier models. All of these models will provide the “reasoning layer.” 

There will also be a set of agents that will work with the models, and with human input, to spot trouble, perform root cause analysis, test changes before deploying them, deploy changes, and then re-test to check the user experience. There’s a ton more detail about Cloud Control that needs to be dug into. One place to start is this blog from Cisco, which gets into the complexity of what Cisco is attempting to build. - Drew

Anthropic says it has opened its Mythos Preview model, which is adept at finding software vulnerabilities and developing exploits, to approximately 150 new organizations (following the original 50 earlier this year). Anthropic did not name any of these organizations, and it said in a release that each one “...will need to meet our security requirements before they gain access.” What are those security requirements? Also not disclosed. 

Anthropic does say that these orgs include industries that weren’t covered by its initial release, including utilities such as power and water, healthcare organizations, and hardware makers. The company also noted “...many of the new partners are vendors—companies or nonprofits that maintain codebases that are relied upon by lots of other organizations around the world, including governments.”

Whatever else there is to say about Mythos and Project Glasswing, it is a remarkable, invaluable marketing ploy for a company gearing up for an IPO and reaching for a trillion dollar valuation (a recent funding round valued the company at $965B). - Drew 

 

NetFoundry is the commercial version of the open-source OpenZiti zero trust software. NetFoundry has just announced zero-trust MCP and LLM gateways to bring identity-based enforcement to AI agents. 

From the press release: “With the new AI Gateways and NetFoundry's Identity-First Reachability™, AI agents are given sovereign machine identities, while not given access to any API keys, service accounts or shared secrets. Meanwhile, MCP and LLM gateways are not reachable by unauthorized agents or cyber attackers. There is no reachable surface for agents to misuse or attackers to exploit.” - Drew 

MORE INDUSTRY NOISES

DYSTOPIA IRL 🐙

TOO MANY LINKS WOULD NEVER BE ENOUGH 🐳

LAST LAUGH 😆

A GenX gem updated for today from Wes Miller via Bluesky