Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Rico Chen Rico Chen
September 24, 2020
Programming
0
57

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

tcpdump & Wireshark usage

Avatar for Rico Chen

Rico Chen

September 24, 2020
Tweet

More Decks by Rico Chen

See All by Rico Chen
How to monitor Cosmos validator by Prometheus
Avatar for Rico Chen ricotoothless
0
630
how-to-choose-cicd-tools.pdf
Avatar for Rico Chen ricotoothless
0
120
SRE Book Club - Linux - ch45 - Where's socket buffer
Avatar for Rico Chen ricotoothless
0
160
COSCUP - Dynamic Jenkins Agent on Kubernetes
Avatar for Rico Chen ricotoothless
0
60
Taiwan CDK Meetup - Rookie operator's CDK journey
Avatar for Rico Chen ricotoothless
0
240
DevOps Taiwan 2020 Workshop - Jenkins CICD
Avatar for Rico Chen ricotoothless
0
93
SRE Book Club - Kubernetes - ch32-35 - Network
Avatar for Rico Chen ricotoothless
0
56
SRE Book Club - Kubernetes - ch22 - Job & CronJob
Avatar for Rico Chen ricotoothless
0
41

Other Decks in Programming

See All in Programming
Apache Iceberg V3 and migration to V3
Avatar for Tomohiro Tanaka tomtanaka
0
170
AI時代の認知負荷との向き合い方
Avatar for OptFit Corp. optfit
0
160
AIフル活用時代だからこそ学んでおきたい働き方の心得
Avatar for shinoyu shinoyu
0
140
Gemini for developers
Avatar for Mete Atamel meteatamel
0
100
AIと一緒にレガシーに向き合ってみた
Avatar for nyafunta9858 nyafunta9858
0
250
AIによる開発の民主化を支える コンテキスト管理のこれまでとこれから
Avatar for Mulyu mulyu
3
470
今から始めるClaude Code超入門
Avatar for 448jp | OKI Yoshiya 448jp
8
9.1k
Fluid Templating in TYPO3 14
Avatar for Simon Praetorius s2b
0
130
要求定義・仕様記述・設計・検証の手引き - 理論から学ぶ明確で統一された成果物定義
Avatar for Kuniwak orgachem
PRO
1
220
開発者から情シスまで - 多様なユーザー層に届けるAPI提供戦略 / Postman API Night Okinawa 2026 Winter
Avatar for tasshi tasshi
0
210
2026年 エンジニアリング自己学習法
Avatar for yumechi(Motoki Hirao) yumechi
0
140
CSC307 Lecture 02
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
1
780

Featured

See All Featured
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
3k
Deep Space Network (abreviated)
Avatar for Tony Rice tonyrice
0
64
sira's awesome portfolio website redesign presentation
Avatar for ElsiraPls elsirapls
0
150
30 Presentation Tips
Avatar for Ian Lurie portentint
PRO
1
220
SEO Brein meetup: CTRL+C is not how to scale international SEO
Avatar for Linda Hogenes lindahogenes
0
2.4k
Applied NLP in the Age of Generative AI
Avatar for Ines Montani inesmontani
PRO
4
2.1k
Making the Leap to Tech Lead
Avatar for Ryan Cromwell cromwellryan
135
9.7k
How GitHub (no longer) Works
Avatar for Zach Holman holman
316
140k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
Avatar for Tech SEO Connect techseoconnect
PRO
0
65
SERP Conf. Vienna - Web Accessibility: Optimizing for Inclusivity and SEO
Avatar for Sara Fernández Carmona sarafernandez
1
1.3k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
Avatar for Addy Osmani addyosmani
10
1.1k
My Coaching Mixtape
Avatar for mlcsv mlcsv
0
49

Transcript

  1. CH38 怎麼使用 tcpdump 與 Wireshark 分析網路流量

  2. Agenda • CH38 overview • tcpdump • Wireshark • How

    to analyze network traffic? • Lab • Reference

  3. CH38 overview

  4. • Network analysis tool like tcpdump & Wireshark are common

    chose to troubleshoot network issue. • tcpdump only supports command line. On the other hand, Wireshark GUI can handle complex network environment.

  5. • PTR (pointer record) provides the IP address associated with

    a domain name. • PTR common uses for reverse DNS include: ◦ Anti-spam ◦ Troubleshooting email delivery issues ◦ Logging • Email service: Gsuite, AWS SES, SendGrid, MailGun

  6. tcpdump

  7. • A powerful command-line packet analyzer • tcpdump group github

    • tcpdump relate project • How about other command-line? • Wireshark CLI tools & scripting youtube

  8. Wireshark

  9. • A powerful GUI network protocol analyzer • Over 251000

    fields in 3000 protocols can filters • Open source with rich community support • SharkFest'20 at 10/12 ~ 10/16 • Many of tutorial resources

  10. How to analyze network traffic?

  11. • Start with client-side • Capture server and client traffic

    • Focus on time • The different environment with different filter • Keep your eye on the ball • (resource)

  12. Lab

  13. NLB EKS control plane traefik kube-op s-view

  14. NLB EKS control plane traefik kube-op s-view 115.43.40.158 10.1.8.23 10.1.11.24

    10.1.13.131 10.1.6.103 10.1.48.138 10.1.43.161

  15. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces

  16. NLB EKS control plane traefik kube-op s-view k-proxy

  17. • Application Load Balancer target type

  18. ALB EKS control plane traefik kube-op s-view k-proxy

  19. Reference

  20. • What is a DNS PTR record? • 鳥哥 DNS

    正反解 • tcpdump relate project • Wireshark CLI tools & scripting • tcpdump group github • Top 10 Wireshark Filters • Wireshark Display Filter Reference • Wireshark distribution command line

  21. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces • Network Load Balancer Support in Kubernetes 1.9 • Application Load Balancer target type