2025-09-16
Introduction
Up to this point, we’ve used simple utilities for specific tasks:
ping checked connectivity,traceroute showed the path,ipconfig and arp helped with the local network,telnet and nc tested ports.
That’s like having a separate hammer, screwdriver, and wrench. But sometimes you need a multi-purpose tool. Today we’ll look at three such “all-in-one” tools:
mtr — ping + traceroute on steroids,nmap — universal network scanner,curl — a command-line browser.
mtr — Real-Time Traceroute 🚀
What does it do?
Combines the features of ping and traceroute. In real time, it shows latency and packet loss percentage for each hop along the path.
2025-09-15
Introduction
A server’s IP address is like the postal address of an apartment building. But to reach the right apartment, you need the door number. In networking, these doors are ports.
- HTTP runs on port 80.
- HTTPS — on port 443.
- Mail, databases, and other services listen on their own ports.
If a port is closed or nothing is listening on it, the site won’t open — even if the server is “alive.”
2025-09-14
Introduction
You’ve gone through all the checks from the previous articles:
- The computer has the correct IP address (
ipconfig). - The router responds (
ping 192.168.1.1). - Ping to a public address (
ping 8.8.8.8) works.
Looks like the internet is fine! But the browser won’t open google.com. 🤔
Welcome to the most common cause of such issues — DNS failures.
What is DNS? 📖
The internet runs on IP addresses (e.g., 142.250.184.110), but people prefer names (google.com).
2025-09-13
Introduction
In the previous article, we learned how to reach out to remote servers using ping and trace the path of packets with traceroute. But what if ping google.com doesn’t work, and traceroute stops right at the first step?
That’s a clear sign that the problem is nearby: on your computer, in the network cable, or in your home router. Before calling tech support, let’s check our own local network.
2025-08-25
OpenVPN: A Time-Tested Standard
Introduction
In a world where the speed and simplicity of WireGuard have become the new standard, OpenVPN remains one of the most reliable and flexible VPN protocols. It works both on traditional computers and on networking equipment, providing cross-platform compatibility and a high level of security. However, to understand how to use it, it is important to distinguish between the protocol itself and its client applications.
2025-08-23
When Control Matters Most
Services like Tailscale and NetBird are convenient, but they rely on a third-party control server responsible for authentication, key distribution, and route exchange. For those who, for security or privacy reasons, don’t want to entrust this function to anyone, there are two paths: Headscale and “pure” WireGuard.
Headscale: Your Own Tailscale
Headscale is a fully open-source implementation of Tailscale’s control server. It allows you to deploy your own Tailscale alternative on a VPS or server while still using the official Tailscale clients.
2025-08-22
When Zero-config VPN Means More Than Just Tailscale
Although Tailscale has become the benchmark for simplicity, it’s not the only player in the Zero-config VPN field. ZeroTier and NetBird offer similar functionality but with important architectural and ideological differences.
ZeroTier: A Virtual Ethernet Switch
ZeroTier is one of the first and most well-known services implementing the mesh network concept. It works on the principle of a virtual local network. Instead of relying on the WireGuard protocol, ZeroTier uses its own protocol and creates a virtual L2 switch (Layer 2) that unites all devices into a single local network. Each device gets an IP address from a virtual subnet and can “see” other devices as if they were connected to the same physical switch.
2025-08-21
What is Tailscale?
Tailscale is a VPN service that positions itself as a Zero-config VPN. It uses the WireGuard protocol to create a secure mesh network between all your devices. The key difference from other solutions is its simplicity. Instead of manually configuring tunnels and managing keys, Tailscale does all the work for you. All you need to do is install the app on each device and sign in.
How does it work under the hood?
When you sign in, the Tailscale client connects to the Control Plane server. This server essentially acts as the “brain” of the network:
2025-08-20
Evolution of Remote Access
Traditional VPN services, which most of us are familiar with, work on the “hub-and-spoke” principle (star topology). This means that all traffic from the client to the protected network passes through a central server. This approach has drawbacks:
- Configuration complexity: Manual setup, port forwarding, and key management are required.
- Performance: All traffic, even between two remote clients, must go through the central server, which increases latency.
- Single point of failure: If the central server goes down, the entire network stops working.
A new concept — Zero-config VPN — solves these problems by using a mesh network architecture.
2025-08-19
Dynamic Routing on Keenetic: BGP and OSPF
When Static Routing Isn’t Enough
In most home networks, routing is simple: all traffic is sent through a single ISP. In such cases, static routing is sufficient. But what if you have a complex network with multiple routers, redundant connections, or you want to experiment with advanced networking? This is where dynamic routing protocols come into play.
KeeneticOS includes built-in support for these protocols, allowing it to automatically exchange routing information with other routers, adapt to network changes, and ensure failover capabilities.
