Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Rico Chen Rico Chen
September 24, 2020
Programming
0
61

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

tcpdump & Wireshark usage

Avatar for Rico Chen

Rico Chen

September 24, 2020
Tweet

More Decks by Rico Chen

See All by Rico Chen
How to monitor Cosmos validator by Prometheus
Avatar for Rico Chen ricotoothless
0
630
how-to-choose-cicd-tools.pdf
Avatar for Rico Chen ricotoothless
0
120
SRE Book Club - Linux - ch45 - Where's socket buffer
Avatar for Rico Chen ricotoothless
0
170
COSCUP - Dynamic Jenkins Agent on Kubernetes
Avatar for Rico Chen ricotoothless
0
61
Taiwan CDK Meetup - Rookie operator's CDK journey
Avatar for Rico Chen ricotoothless
0
250
DevOps Taiwan 2020 Workshop - Jenkins CICD
Avatar for Rico Chen ricotoothless
0
96
SRE Book Club - Kubernetes - ch32-35 - Network
Avatar for Rico Chen ricotoothless
0
57
SRE Book Club - Kubernetes - ch22 - Job & CronJob
Avatar for Rico Chen ricotoothless
0
42

Other Decks in Programming

See All in Programming
OTP を自動で入力する裏技
Avatar for Megabits_mzq megabitsenmzq
0
130
Rで始めるML・LLM活用入門
Avatar for wakama1994 wakamatsu_takumu
0
200
Geminiをパートナーに神社DXシステムを個人開発した話(いなめぐDX 開発振り返り)
Avatar for T. Fujiba fujiba
0
100
「接続」—パフォーマンスチューニングの最後の一手 〜点と点を結ぶ、その一瞬のために〜
Avatar for 武田 憲太郎 kentaroutakeda
3
1.9k
テレメトリーシグナルが導くパフォーマンス最適化 / Performance Optimization Driven by Telemetry Signals
Avatar for shiro seike seike460
PRO
2
160
CS教育のDX AIによる育成の効率化
Avatar for ニフティ株式会社 niftycorp
PRO
0
160
Feature Toggle は捨てやすく使おう
Avatar for gennei gennei
0
340
Migration to Signals, Signal Forms, Resource API, and NgRx Signal Store @Angular Days 03/2026 Munich
Avatar for Manfred Steyer manfredsteyer
PRO
0
150
脱 雰囲気実装! AgentCoreを良い感じに WEBアプリケーションに組み込むために
Avatar for Takuya Yonezawa takuyay0ne
3
390
GC言語のWasm化とComponent Modelサポートの実践と課題 - Scalaの場合
Avatar for Rikito Taniguchi tanishiking
0
130
存在論的プログラミング: 時間と存在を記述する
Avatar for Akihito Koriyama koriym
4
480
The free-lunch guide to idea circularity
Avatar for Holly Cummins hollycummins
0
350

Featured

See All Featured
BBQ
Avatar for Matthew Crist matthewcrist
89
10k
The agentic SEO stack - context over prompts
Avatar for schlessera schlessera
0
710
Efficient Content Optimization with Google Search Console & Apps Script
Avatar for Katarina Dahlin katarinadahlin
PRO
1
430
How To Speak Unicorn (iThemes Webinar)
Avatar for Michelle Schulp Hunt marktimemedia
1
410
Getting science done with accelerated Python computing platforms
Avatar for Jacob Tomlinson jacobtomlinson
2
150
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
187
22k
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
378
71k
Why Your Marketing Sucks and What You Can Do About It - Sophie Logan
Avatar for Sophie Logan marketingsoph
0
120
The Illustrated Guide to Node.js - THAT Conference 2024
Avatar for David Neal reverentgeek
1
320
Side Projects
Avatar for Sacha Greif sachag
455
43k
From π to Pie charts
Avatar for Rasagy Sharma rasagy
0
160
Joys of Absence: A Defence of Solitary Play
Avatar for Sebastian Deterding codingconduct
1
320

Transcript

  1. CH38 怎麼使用 tcpdump 與 Wireshark 分析網路流量

  2. Agenda • CH38 overview • tcpdump • Wireshark • How

    to analyze network traffic? • Lab • Reference

  3. CH38 overview

  4. • Network analysis tool like tcpdump & Wireshark are common

    chose to troubleshoot network issue. • tcpdump only supports command line. On the other hand, Wireshark GUI can handle complex network environment.

  5. • PTR (pointer record) provides the IP address associated with

    a domain name. • PTR common uses for reverse DNS include: ◦ Anti-spam ◦ Troubleshooting email delivery issues ◦ Logging • Email service: Gsuite, AWS SES, SendGrid, MailGun

  6. tcpdump

  7. • A powerful command-line packet analyzer • tcpdump group github

    • tcpdump relate project • How about other command-line? • Wireshark CLI tools & scripting youtube

  8. Wireshark

  9. • A powerful GUI network protocol analyzer • Over 251000

    fields in 3000 protocols can filters • Open source with rich community support • SharkFest'20 at 10/12 ~ 10/16 • Many of tutorial resources

  10. How to analyze network traffic?

  11. • Start with client-side • Capture server and client traffic

    • Focus on time • The different environment with different filter • Keep your eye on the ball • (resource)

  12. Lab

  13. NLB EKS control plane traefik kube-op s-view

  14. NLB EKS control plane traefik kube-op s-view 115.43.40.158 10.1.8.23 10.1.11.24

    10.1.13.131 10.1.6.103 10.1.48.138 10.1.43.161

  15. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces

  16. NLB EKS control plane traefik kube-op s-view k-proxy

  17. • Application Load Balancer target type

  18. ALB EKS control plane traefik kube-op s-view k-proxy

  19. Reference

  20. • What is a DNS PTR record? • 鳥哥 DNS

    正反解 • tcpdump relate project • Wireshark CLI tools & scripting • tcpdump group github • Top 10 Wireshark Filters • Wireshark Display Filter Reference • Wireshark distribution command line

  21. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces • Network Load Balancer Support in Kubernetes 1.9 • Application Load Balancer target type