Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

Sponsored · SiteGround - Reliable hosting with speed, security, and support you can count on.
Avatar for Rico Chen Rico Chen
September 24, 2020
Programming
62
0

SRE Book Club - Linux - ch38 - tcpdump & Wireshark

tcpdump & Wireshark usage

Avatar for Rico Chen

Rico Chen

September 24, 2020

More Decks by Rico Chen

See All by Rico Chen
How to monitor Cosmos validator by Prometheus
Avatar for Rico Chen ricotoothless
0
640
how-to-choose-cicd-tools.pdf
Avatar for Rico Chen ricotoothless
0
120
SRE Book Club - Linux - ch45 - Where's socket buffer
Avatar for Rico Chen ricotoothless
0
170
COSCUP - Dynamic Jenkins Agent on Kubernetes
Avatar for Rico Chen ricotoothless
0
62
Taiwan CDK Meetup - Rookie operator's CDK journey
Avatar for Rico Chen ricotoothless
0
250
DevOps Taiwan 2020 Workshop - Jenkins CICD
Avatar for Rico Chen ricotoothless
0
96
SRE Book Club - Kubernetes - ch32-35 - Network
Avatar for Rico Chen ricotoothless
0
60
SRE Book Club - Kubernetes - ch22 - Job & CronJob
Avatar for Rico Chen ricotoothless
0
42

Other Decks in Programming

See All in Programming
Cache-moi si tu peux : patterns et pièges du cache en production - Devoxx France 2026 - Conférence
Avatar for Sébastien LECACHEUR slecache
0
290
PHPer、Cloudflare に引っ越す
Avatar for Suguru Oki / スー suguruooki
1
100
VueエンジニアがReactを触って感じた_設計の違い
Avatar for kouki.miura koukimiura
0
180
「Linuxサーバー構築標準教科書」を読んでみた #ツナギメオフライン.7
Avatar for akase244 akase244
0
1.4k
「話せることがない」を乗り越える 〜日常業務から登壇テーマをつくる思考法〜
Avatar for ShoheiMitani shoheimitani
4
850
Agentic Elixir
Avatar for Andrea Leopardi whatyouhide
0
400
UIの境界線をデザインする | React Tokyo #15 メイントーク
Avatar for SASAPIYO sasagar
2
380
瑠璃の宝石に学ぶ技術の声の聴き方 / 【劇場版】アニメから得た学びを発表会2026 #エンジニアニメ
Avatar for mazrean mazrean
0
290
Spec Driven Development | AI Summit Vilnius
Avatar for Daniel Sogl danielsogl
PRO
1
110
SREに優しいTerraform構成 modulesとstateの組み方
Avatar for hiyanger hiyanger
2
150
ドメインイベントでビジネスロジックを解きほぐす #phpcon_odawara
Avatar for Takuma Kajikawa kajitack
3
800
PCOVから学ぶコードカバレッジ #phpcon_odawara
Avatar for hideki kinjyo o0h
PRO
0
280

Featured

See All Featured
Prompt Engineering for Job Search
Avatar for Mfonobong Umondia mfonobong
0
280
Amusing Abliteration
Avatar for ianozsvald ianozsvald
1
160
A brief & incomplete history of 
UX Design for the World Wide Web: 1989–2019
Avatar for Jason CranfordTeague jct
1
360
Context Engineering - Making Every Token Count
Avatar for Addy Osmani addyosmani
9
840
Conquering PDFs: document understanding beyond plain text
Avatar for Ines Montani inesmontani
PRO
4
2.6k
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
Avatar for Tech SEO Connect techseoconnect
PRO
0
110
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.9k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
330
40k
The innovator’s Mindset - 
Leading Through an Era of Exponential Change - McGill University 2025
Avatar for Jean-Marc De Jonghe jdejongh
PRO
1
160
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
287
14k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.9k
Dominate Local Search Results - an insider guide to GBP, reviews, and Local SEO
Avatar for Greg Gifford greggifford
PRO
0
150

Transcript

  1. CH38 怎麼使用 tcpdump 與 Wireshark 分析網路流量

  2. Agenda • CH38 overview • tcpdump • Wireshark • How

    to analyze network traffic? • Lab • Reference

  3. CH38 overview

  4. • Network analysis tool like tcpdump & Wireshark are common

    chose to troubleshoot network issue. • tcpdump only supports command line. On the other hand, Wireshark GUI can handle complex network environment.

  5. • PTR (pointer record) provides the IP address associated with

    a domain name. • PTR common uses for reverse DNS include: ◦ Anti-spam ◦ Troubleshooting email delivery issues ◦ Logging • Email service: Gsuite, AWS SES, SendGrid, MailGun

  6. tcpdump

  7. • A powerful command-line packet analyzer • tcpdump group github

    • tcpdump relate project • How about other command-line? • Wireshark CLI tools & scripting youtube

  8. Wireshark

  9. • A powerful GUI network protocol analyzer • Over 251000

    fields in 3000 protocols can filters • Open source with rich community support • SharkFest'20 at 10/12 ~ 10/16 • Many of tutorial resources

  10. How to analyze network traffic?

  11. • Start with client-side • Capture server and client traffic

    • Focus on time • The different environment with different filter • Keep your eye on the ball • (resource)

  12. Lab

  13. NLB EKS control plane traefik kube-op s-view

  14. NLB EKS control plane traefik kube-op s-view 115.43.40.158 10.1.8.23 10.1.11.24

    10.1.13.131 10.1.6.103 10.1.48.138 10.1.43.161

  15. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces

  16. NLB EKS control plane traefik kube-op s-view k-proxy

  17. • Application Load Balancer target type

  18. ALB EKS control plane traefik kube-op s-view k-proxy

  19. Reference

  20. • What is a DNS PTR record? • 鳥哥 DNS

    正反解 • tcpdump relate project • Wireshark CLI tools & scripting • tcpdump group github • Top 10 Wireshark Filters • Wireshark Display Filter Reference • Wireshark distribution command line

  21. • what is 169.254.169.254 • Dynamic Configuration of IPv4 Link-Local

    Addresses • EKS architectural overview • Elastic network interfaces • Network Load Balancer Support in Kubernetes 1.9 • Application Load Balancer target type