Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

Avatar for Rico Chen Rico Chen
September 24, 2020
Programming
0
57

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

tcpdump & Wireshark usage

Avatar for Rico Chen

Rico Chen

September 24, 2020
Tweet

More Decks by Rico Chen

See All by Rico Chen
How to monitor Cosmos validator by Prometheus
Avatar for Rico Chen ricotoothless
0
620
how-to-choose-cicd-tools.pdf
Avatar for Rico Chen ricotoothless
0
120
SRE Book Club - Linux - ch45 - Where's socket buffer
Avatar for Rico Chen ricotoothless
0
160
COSCUP - Dynamic Jenkins Agent on Kubernetes
Avatar for Rico Chen ricotoothless
0
60
Taiwan CDK Meetup - Rookie operator's CDK journey
Avatar for Rico Chen ricotoothless
0
230
DevOps Taiwan 2020 Workshop - Jenkins CICD
Avatar for Rico Chen ricotoothless
0
92
SRE Book Club - Kubernetes - ch32-35 - Network
Avatar for Rico Chen ricotoothless
0
56
SRE Book Club - Kubernetes - ch22 - Job & CronJob
Avatar for Rico Chen ricotoothless
0
40

Other Decks in Programming

See All in Programming
Context is King? 〜Verifiability時代とコンテキスト設計 / Beyond "Context is King"
Avatar for r-kagaya rkaga
10
1.5k
SwiftUIで本格音ゲー実装してみた
Avatar for 蛋白(たんぱく・TANPACT) hypebeans
0
530
はじめてのカスタムエージェント【GitHub Copilot Agent Mode編】
Avatar for Satoshi Kaneyasu satoshi256kbyte
0
130
複雑なUI設計への銀の弾丸 「オブジェクト指向UIデザイン」
Avatar for teamLab teamlab
PRO
2
110
Developing static sites with Ruby
Avatar for Masafumi Okura okuramasafumi
0
340
Pythonではじめるオープンデータ分析〜書籍の紹介と書籍で紹介しきれなかった事例の紹介〜
Avatar for Ryo YOSHI welliving
3
680
Go コードベースの構成と AI コンテキスト定義
Avatar for ANDPAD inc andpad
0
150
まだ間に合う!Claude Code元年をふりかえる
Avatar for nogu nogu66
5
920
AIの誤りが許されない業務システムにおいて“信頼されるAI” を目指す / building-trusted-ai-systems
Avatar for Yuya Matsumura yuya4
6
4.1k
生成AI時代を勝ち抜くエンジニア組織マネジメント
Avatar for coconala_engineer coconala_engineer
0
35k
Cell-Based Architecture
Avatar for Luram Archanjo larchanjo
0
150
2年のAppleウォレットパス開発の振り返り
Avatar for muno92 muno92
PRO
0
130

Featured

See All Featured
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
180
10k
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
Avatar for Szymon szymonslowik
1
860
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
333
24k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
57
6.7k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
527
40k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
Avatar for Kenny Baas-Schwegler baasie
0
180
Optimizing for Happiness
Avatar for Tom Preston-Werner mojombo
379
70k
Google's AI Overviews - The New Search
Avatar for Barry Adams badams
0
880
Tips & Tricks on How to Get Your First Job In Tech
Avatar for Honza Javorek honzajavorek
0
400
Chasing Engaging Ingredients in Design
Avatar for Sebastian Deterding codingconduct
0
92
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
Avatar for David Carrasco davidcarrasco
0
39
SEO in 2025: How to Prepare for the Future of Search
Avatar for Michael King ipullrank
3
3.3k

Transcript

  1. CH38 怎麼使用 tcpdump 與 Wireshark 分析網路流量

  2. Agenda • CH38 overview • tcpdump • Wireshark • How

    to analyze network traffic? • Lab • Reference

  3. CH38 overview

  4. • Network analysis tool like tcpdump & Wireshark are common

    chose to troubleshoot network issue. • tcpdump only supports command line. On the other hand, Wireshark GUI can handle complex network environment.

  5. • PTR (pointer record) provides the IP address associated with

    a domain name. • PTR common uses for reverse DNS include: ◦ Anti-spam ◦ Troubleshooting email delivery issues ◦ Logging • Email service: Gsuite, AWS SES, SendGrid, MailGun

  6. tcpdump

  7. • A powerful command-line packet analyzer • tcpdump group github

    • tcpdump relate project • How about other command-line? • Wireshark CLI tools & scripting youtube

  8. Wireshark

  9. • A powerful GUI network protocol analyzer • Over 251000

    fields in 3000 protocols can filters • Open source with rich community support • SharkFest'20 at 10/12 ~ 10/16 • Many of tutorial resources

  10. How to analyze network traffic?

  11. • Start with client-side • Capture server and client traffic

    • Focus on time • The different environment with different filter • Keep your eye on the ball • (resource)

  12. Lab

  13. NLB EKS control plane traefik kube-op s-view

  14. NLB EKS control plane traefik kube-op s-view 115.43.40.158 10.1.8.23 10.1.11.24

    10.1.13.131 10.1.6.103 10.1.48.138 10.1.43.161

  15. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces

  16. NLB EKS control plane traefik kube-op s-view k-proxy

  17. • Application Load Balancer target type

  18. ALB EKS control plane traefik kube-op s-view k-proxy

  19. Reference

  20. • What is a DNS PTR record? • 鳥哥 DNS

    正反解 • tcpdump relate project • Wireshark CLI tools & scripting • tcpdump group github • Top 10 Wireshark Filters • Wireshark Display Filter Reference • Wireshark distribution command line

  21. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces • Network Load Balancer Support in Kubernetes 1.9 • Application Load Balancer target type