2025-10-16
The EoIP (Ethernet over IP) protocol from MikroTik is used to create an L2 tunnel over an IP network, allowing you to combine two remote local networks into a single broadcast domain.
If your EoIP tunnel does not establish (no “R” — Running flag), follow this step-by-step checklist.
Before starting, make sure the routers see each other at the IP level.
Ping the remote side:
2025-09-16
Up to this point, we’ve used simple utilities for specific tasks:
ping checked connectivity,traceroute showed the path,ipconfig and arp helped with the local network,telnet and nc tested ports.That’s like having a separate hammer, screwdriver, and wrench. But sometimes you need a multi-purpose tool. Today we’ll look at three such “all-in-one” tools:
mtr — ping + traceroute on steroids,nmap — universal network scanner,curl — a command-line browser.mtr — Real-Time Traceroute 🚀Combines the features of ping and traceroute. In real time, it shows latency and packet loss percentage for each hop along the path.
2025-09-15
A server’s IP address is like the postal address of an apartment building. But to reach the right apartment, you need the door number. In networking, these doors are ports.
If a port is closed or nothing is listening on it, the site won’t open — even if the server is “alive.”
2025-09-14
You’ve gone through all the checks from the previous articles:
ipconfig).ping 192.168.1.1).ping 8.8.8.8) works.Looks like the internet is fine! But the browser won’t open google.com. 🤔
Welcome to the most common cause of such issues — DNS failures.
The internet runs on IP addresses (e.g., 142.250.184.110), but people prefer names (google.com).
2025-09-13
In the previous article, we learned how to reach out to remote servers using ping and trace the path of packets with traceroute. But what if ping google.com doesn’t work, and traceroute stops right at the first step?
That’s a clear sign that the problem is nearby: on your computer, in the network cable, or in your home router. Before calling tech support, let’s check our own local network.
2025-08-27
In previous articles, we discussed that OpenVPN uses certificates for authentication. This method is reliable but has significant drawbacks:
The solution to this problem is using a centralized identity provider such as Keycloak.
2025-08-26
For many users, a VPN is simply an “On” button. However, when it comes to building your own secure tunnel, it’s important to understand its architecture. OpenVPN is based on two key ideas: the client-server model and Public Key Infrastructure (PKI).
The concept is simple:
Once the server and client “agree,” a secure tunnel is created between them, and all traffic passes through it.
2025-08-25
In a world where the speed and simplicity of WireGuard have become the new standard, OpenVPN remains one of the most reliable and flexible VPN protocols. It works both on traditional computers and on networking equipment, providing cross-platform compatibility and a high level of security. However, to understand how to use it, it is important to distinguish between the protocol itself and its client applications.
2025-08-23
Services like Tailscale and NetBird are convenient, but they rely on a third-party control server responsible for authentication, key distribution, and route exchange. For those who, for security or privacy reasons, don’t want to entrust this function to anyone, there are two paths: Headscale and “pure” WireGuard.
Headscale is a fully open-source implementation of Tailscale’s control server. It allows you to deploy your own Tailscale alternative on a VPS or server while still using the official Tailscale clients.
2025-08-22
Although Tailscale has become the benchmark for simplicity, it’s not the only player in the Zero-config VPN field. ZeroTier and NetBird offer similar functionality but with important architectural and ideological differences.
ZeroTier is one of the first and most well-known services implementing the mesh network concept. It works on the principle of a virtual local network. Instead of relying on the WireGuard protocol, ZeroTier uses its own protocol and creates a virtual L2 switch (Layer 2) that unites all devices into a single local network. Each device gets an IP address from a virtual subnet and can “see” other devices as if they were connected to the same physical switch.