Topic
Networking
Everything between your laptop and the box you wish you'd remembered to label. WireGuard, Tailscale, Headscale, Cloudflare Tunnels, split-horizon DNS, IPv6 that isn't just a TODO, and the firewall rules you'll wish past-you had written down. If you've ever solved a problem by reaching for ping and then a packet capture, this is the section.
83 articles in this topic.
Featured posts
-
Mikrotik RouterOS for Home Lab
Mikrotik routers cost $50, run a real OS, and humiliate prosumer gear. RouterOS basics, VLANs, firewalling, and why your homelab probably needs one of these.
16 min read -
pfSense vs OPNsense in 2026
Two FreeBSD firewall distros, one bitter fork. pfSense vs OPNsense in 2026 — which one to pick for your home lab, and why the licensing drama still matters.
10 min read -
Zeek for Home Lab Forensics
Zeek (formerly Bro) turns network traffic into structured logs you can actually query. The IDS that doesn't shout — it documents. Setup and use in a home lab.
11 min read -
mtr vs traceroute: Packet Loss
traceroute lies. mtr tells the truth. Here's how to read packet-loss reports like an oncall engineer and stop blaming your ISP for the wrong hop.
11 min read -
iperf3 + nload: Network Diagnosis
Your gigabit link drops to 200 Mbps and you don't know why. iperf3 measures throughput honestly, nload visualizes traffic — together they find the bottleneck fast.
13 min read -
Access Docker socket via TCP
Expose Docker's Unix socket over TCP so remote tools and dashboards can connect — daemon.json config for Linux and Windows.
· Updated:5 min read
All Networking articles
- Mikrotik RouterOS for Home Lab
- pfSense vs OPNsense in 2026
- Zeek for Home Lab Forensics
- mtr vs traceroute: Packet Loss
- iperf3 + nload: Network Diagnosis
- Access Docker socket via TCP
- Advanced UFW Techniques: Enhancing Firewall Security
- Docker Network Aliases: The Feature Nobody Uses
- Docker Networking: Connecting to the Host from a Container
- Docker Strategies for Load Balancing and Failover
- Linux Home Lab Security: Planning for the Unexpected
- OpenConnect vs AnyConnect
- Proxy Chains and Anonymization: What Actually Works and What's Just Theater
- Self-Hosted Email Is Probably a Bad Idea
- Socat: The Swiss Army Knife of Networking
- ss Is the New netstat (And It's Better)
- stunnel vs spiped
- Suricata vs Snort: Intrusion Detection for the Paranoid Home Lab Owner
- The Role of Antivirus and Endpoint Detection and Response Systems
- The Zero-Trust Home Lab
- Understanding PostgreSQL Connection URIs
- WireGuard Is Fast, But You're Leaving Performance on the Table
- Wireguard VPN Server in Docker
- Unbound vs Technitium vs BIND
- ntopng vs darkstat
- FRR vs BIRD
- HAProxy vs Envoy
- LibreNMS for SNMP-Heavy Home Networks
- SmokePing for Internet Connection Sanity
- Authentik vs Authelia: SSO for Your Self-Hosted Stack
- ZFS Send/Receive Over WireGuard for Off-Site Replication
- Headscale: Self-Host Your Own Tailscale Control Plane
- OpenCanary: Honeypots for Your Home Lab
- Pi-hole vs AdGuard Home: Block Ads for Your Whole Network
- nftables: Modern Linux Firewalling
- Suricata vs Snort: Network Intrusion Detection That Actually Works
- Sysctl Tuning: The Linux Kernel Settings Nobody Told You About
- Cloudflare Tunnels: The Zero-Port-Forward Guide to Exposing Your Services
- Fail2ban vs CrowdSec: Blocking the Bots Actually Smartly
- Tailscale Deep Dive: Mesh Networking That Actually Works
- WireGuard vs OpenVPN 2026: It's Not Even Close
- Docker Networking Demystified
- Proxmox NAT Bridge: One IP, Many VMs
- TLS 1.3: Modern Encryption Without the Existential Dread
- IPFS: Peer-to-Peer File Storage for People Who've Seen Too Many 404s
- HAProxy: Load Balancing Done Right
- Cloudflare WAF: Free Tier Firewall Rules
- Cloudflare DNS: Beyond Pointing Records
- Traefik: Docker Routing with Labels
- Nginx Proxy Manager for Normal Humans
- VLAN Basics for Home Labs: Segment Your Network Before It Segments You
- Port Knocking: Simple Obscurity for SSH Access
- The Reverse Proxy Timeout That Kills Long Uploads
- Time Is a Lie and Chrony Is Here to Fix It: NTP for Home Labs
- Why Your VPN Isn't Routing What You Think
- The Header Your Reverse Proxy Keeps Dropping
- IPv6 on Your Home Lab: You Should Care (Here's Why)
- DNS Over HTTPS and TLS: Encrypt Your DNS Before Your ISP Sells It
- tcpdump Basics: Capture Traffic Without Wireshark
- TCP Keepalives: Why Connections Die and How to Fix It
- Caddy Advanced: Automatic HTTPS, Plugins, and Config That Doesn't Make You Cry
- The MTU Problem Nobody Diagnoses Correctly
- VPN Kill Switch and DNS Leak Prevention: Paranoia, Justified
- BGP in Your Home Lab: Dynamic Routing for People Who've Run Out of Static Routes
- DNS Troubleshooting from the Command Line
- Tailscale Deep Dive: Mesh VPN That Just Works (and Why That's Suspicious)
- nmap for Your Own Network: What You Should Be Scanning
- curl Flags Every Developer Should Know
- UFW Advanced: Rate Limiting, Logging, and Rules That Actually Make Sense
- DDoS Mitigation: Teaching Your Server to Say No Politely (Then Impolitely)
- Traefik vs Nginx Proxy Manager: Reverse Proxies for Humans
- Why Your TLS Certificate Isn't Trusted
- The Firewall Rule Order That's Breaking Your Setup
- Is fail2ban Actually Working? Here's How to Check
- SSHFS: Ditch SCP & Access Remote Files
- Why Your SSH Connection Keeps Dropping
- lsof: The Tool That Shows You Everything
- Finding the PID of a Process Using a Specific Port in Linux
- Certificate Pinning: A Secure Connection Guide
- Docker Networking Essential Guide for All Skill Levels
- WordPress, Docker, NGINX, and MySQL via Ansible
- How to securely deploy Cloudflare Tunnels
- SSH Tunneling: A Secure Conduit for Your Data