2025-09-18
Introduction
Netplan is a utility for declarative network configuration in Linux (Ubuntu, Debian, and derivatives).
It is usually used for simple cases like Ethernet or Wi-Fi, but it can do much more:
- tunnel interfaces (IPIP, GRE, VXLAN, WireGuard),
- VLAN,
- bridges,
- bonding (interface aggregation).
These features allow building complex network topologies — from home VPNs to data centers and cloud environments.
Tunnel interfaces
Tunnels encapsulate packets of one protocol into another. They are used for VPNs, inter-server connections, or network isolation.
2025-09-17
Introduction
Imagine: ping works, DNS responds, ports are open, mtr shows no loss, but curl returns errors like connection reset by peer or SSL handshake failed. There’s clearly a problem, but standard tools are powerless.
At such moments, the only option is to look at the actual traffic — in other words, “listen to the wires.” This process is called packet sniffing or packet analysis. In this article, we’ll go through how to use three key tools: tcpdump, sngrep, and Wireshark.
2025-09-16
Introduction
Up to this point, we’ve used simple utilities for specific tasks:
ping checked connectivity,traceroute showed the path,ipconfig and arp helped with the local network,telnet and nc tested ports.
That’s like having a separate hammer, screwdriver, and wrench. But sometimes you need a multi-purpose tool. Today we’ll look at three such “all-in-one” tools:
mtr — ping + traceroute on steroids,nmap — universal network scanner,curl — a command-line browser.
mtr — Real-Time Traceroute 🚀
What does it do?
Combines the features of ping and traceroute. In real time, it shows latency and packet loss percentage for each hop along the path.
2025-09-15
Introduction
A server’s IP address is like the postal address of an apartment building. But to reach the right apartment, you need the door number. In networking, these doors are ports.
- HTTP runs on port 80.
- HTTPS — on port 443.
- Mail, databases, and other services listen on their own ports.
If a port is closed or nothing is listening on it, the site won’t open — even if the server is “alive.”
2025-09-14
Introduction
You’ve gone through all the checks from the previous articles:
- The computer has the correct IP address (
ipconfig). - The router responds (
ping 192.168.1.1). - Ping to a public address (
ping 8.8.8.8) works.
Looks like the internet is fine! But the browser won’t open google.com. 🤔
Welcome to the most common cause of such issues — DNS failures.
What is DNS? 📖
The internet runs on IP addresses (e.g., 142.250.184.110), but people prefer names (google.com).
2025-09-13
Introduction
In the previous article, we learned how to reach out to remote servers using ping and trace the path of packets with traceroute. But what if ping google.com doesn’t work, and traceroute stops right at the first step?
That’s a clear sign that the problem is nearby: on your computer, in the network cable, or in your home router. Before calling tech support, let’s check our own local network.
2025-09-12
Introduction
Modern users expect web applications to work as fast and responsive as native software. Chats, stock quotes, collaborative document editing — all these scenarios require instant data exchange. In this article, we’ll break down how Long Polling works, why it was replaced by WebSockets, and how to properly configure these technologies on popular web servers.
The Real-Time Problem and the First Solution: Long Polling
HTTP was originally designed for the request-response model: the client contacts the server, the server replies, and the connection closes. For dynamic applications, this is inconvenient.
2025-09-06
Introduction
Choosing a web server and reverse proxy today depends on tasks and infrastructure.
Caddy, Traefik, HAProxy, Nginx, and Apache are five popular solutions, each with its strengths and weaknesses.
In this article, we’ll compare them by key criteria: philosophy, installation, SSL, CI/CD, and complexity.
Comparison by Key Criteria
| Criterion | Caddy | Traefik | HAProxy | Nginx | Apache |
|---|
| Philosophy | Simplicity, automatic SSL | Dynamic routing and Service Discovery | High-performance load balancer | Universal web server and proxy | Classic web server, static approach |
| Installation | Single binary | Container, requires setup | Single binary, manual configuration | OS package, easy installation | OS package, easy installation |
| SSL Automation | Built-in, main advantage | Built-in, part of ecosystem | No (requires external integration, e.g., certbot) | Partial (via certbot or modules) | Partial (via certbot or modules) |
| CI/CD | Very easy integration | Ideal for microservices | Used for high-load balancing | Requires manual steps, integration possible | Requires manual steps, integration possible |
| Complexity | Low, beginner-friendly | Medium/high, requires orchestrator knowledge | Medium, more complex configs | Medium, rich ecosystem | Medium, often bloated configs |
| Performance | Good, but not top-tier | Good | Excellent, optimized for load balancing | Excellent | Average |
| Best Use Case | Local development, quick MVPs | Docker/Kubernetes, microservices | High-load systems, load balancing | Universal choice for web and proxy | Static site hosting, legacy systems |
Who Is It For?
🔹 Caddy
Ideal for:
2025-09-05
Introduction
Unlike Caddy, which focuses on simplicity, Traefik (pronounced Traffic) was built to solve one specific task: routing traffic in dynamic environments.
It is a reverse proxy and load balancer designed specifically for Docker, Kubernetes, and other orchestrators.
The main difference from Nginx is not static configuration, but the ability to automatically discover and serve services.
Key Concepts: Dynamic Configuration
The philosophy of Traefik is built on the principle of Service Discovery.
2025-09-05
Introduction
Logrotate is a powerful tool for log management in Linux, but its interaction with Docker has its own specifics.
This guide explains how to properly use logrotate with Docker containers and when it’s better to rely on Docker’s built-in log management tools.
Docker Containers and Logs
Docker collects logs from the standard output streams (stdout and stderr) of containers and, by default, stores them as JSON files:
/var/lib/docker/containers/\<container\_id>/\<container\_id>-json.log
If a container generates a lot of logs, these files can take up gigabytes and quickly consume all available disk space.
