UGreen NASync DXP2800 Review and First Impressions
TL;DR - For anyone who doesn’t want to go through the full post, here’s the short version. I bought the UGreen NASync DXP2800 (2 bay) from Amazon for £249 and paired it with two Seagate Ironwolf 8TB HDDs, around £180 each.
The unit comes with an Intel N100 CPU, 8GB of RAM (upgradeable to 16GB, but there’s only one RAM slot), and a 2.5Gb/s LAN port. It has a solid build, was easy to set up, and I actually like the UI. Sure, it lacks a lot of features compared to Synology or QNAP, but since I’m mainly using it for file storage, I’m happy with the purchase.
Setting up Proxmox Backup Server
In this post, we’ll go through the process of setting up Proxmox Backup Server and backing up all the VMs from my Proxmox server to this backup server. So, let’s get to it.
Suresh Vina
But Why UGreen NAS?
The short answer is, this is the best bang for the buck. For £249, I’m getting a 2-bay NAS with an N100 CPU, 8GB of RAM, a 2.5Gb/s LAN port, and two NVMe slots.
I’ve been wanting to buy a NAS for over Continue reading
Hedge 270: Password Psychology
Password hygiene drives IT professionals crazy–people forget their passwords, will not change them often enough, and choose weak ones. But are IT folks immune to these problems? What is the psychology behind passwords, and how do we do better? Karl Buhl joins Tom and Russ to talk about passwords.
download
HN784: Accelerate Your Network Automation With Gluware Labs and New Ansible Collection (Sponsored)
Network automation is today’s topic with sponsor Gluware. Gluware provides a network automation platform that targets both network engineers and automation builders. On today’s Heavy Networking, we discuss how Gluware supports these two constituencies. We also talk about a recent product announcement, Gluware Labs. Gluware Labs includes a free Community Edition of Gluware software you... Read more »Finding End-to-End Paths: Topology and Endpoints
We know there are three main ways to move packets across a network. However, before we can start forwarding packets, someone has to populate the forwarding tables in the intermediate devices or build the sequence of nodes to traverse in source routing.
Usually, whoever is responsible for the contents of the forwarding tables must first discover the network topology. Let’s start there, using the following network diagram to illustrate the discussion.
Juniper vJunos-router in Containerlab
If you follow me or read my blog, you probably know I'm a big advocate of Containerlab. I've been using it for over two years now and I absolutely love it. Why? Because it's open source, it has an amazing community behind it (thank you again, Roman), and labs are defined using simple YAML files that are easy to share and reuse.
So far, I've used Cisco IOL, Arista EOS, and Palo Alto VM in Containerlab. And finally, the time came to try Juniper. I decided to test the Juniper vJunos-router, which is a virtualized MX router. It's a single-VM version of vMX that doesn't require any feature licenses and is meant for lab or testing purposes. You can even download the image directly from Juniper's website without needing an account. Thank you, Juniper and Cisco, please take note. In this post, I'll show you how to run Juniper vJunos-router in Containerlab.
Prerequisites
This post assumes you're somewhat familiar with Containerlab and already have it installed. If you're new, feel free to check out my introductory blog below. Containerlab also has great documentation on how to use vJunos-router, so be sure to check that out as well.
Containerlab - Creating Continue reading
TL015: Continuous Reinvention With Brad Maltz
“Reinvent or die” is an apt adage for the ever-churning technology industry. Brad Maltz joins us to share his insights on what he calls “continuous reinvention” and how that relates to his own career and why others might want to adopt this mindset. Brad is a Senior Director of AI Solutions at Dell and has... Read more »N4N029: Four Goals of Network Design
Let’s explore four goals of network design: stability, speed, scalability, and security. These goals are based on Ethan’s experience designing, building, and operating networks. Network architects and design experts might have other objectives, and that’s fine, but these four goals are the basis of today’s episode. Ethan and Holly discuss why these four goals are... Read more »Picking uncontested private IP subnets with usage data
Picking uncontested private IP subnets with usage data
If the device you are reading this on has an IPv4 address, it is very likely not a publicly routeable one. This is because the wide scale dep
Weird: Ports on Linux Bridge Are Stuck
Just when you thought you got used to the weirdnesses in the networking implementations, you get a curveball like this one. Life is never dull if you test network devices.
Before releasing netlab release 2.0, I ran the full suite of integration tests for all devices for which I have the images. Interestingly, most VXLAN tests failed for Cumulus Linux 4.x even though we haven’t touched that code for ages.
Next step: trying to figure out what changed. The configuration changes were minimal. Even worse, the failure was non-deterministic. Somehow, we managed to transform a Cumulus Linux 4.x VM into a Heisenberg switch.
D2DO274: Firefly’s State of IaC Report for 2025, aka ClickOps Is a Disgrace (Sponsored)
Firefly is a cloud infrastructure automation platform that helps cloud teams, DevOps, SRE, platform engineering, DevSecOps, and other groups manage their entire cloud as code. Firefly helps to manage cloud complexity and produce consistent and efficient cloud platforms with code. To help Firefly better understand their customers and industry trends around Infrastructure as Code (IaC),... Read more »NAN093: Network Automation – There Must Be a Better Way!
“There must be a better way!” is guest Bart Dorlandt’s motto, which he applies to network automation, among other things. In today’s episode, Bart shares what he’s learned about network automation, explains why he focuses on process over tools, and reflects on the importance of mentorship. Bart and Eric also discuss why even if listeners... Read more »Is It Time to Migrate? A Practical Look at Kubernetes Ingress vs. Gateway API
If you’ve managed traffic in Kubernetes, you’ve likely navigated the world of Ingress controllers. For years, Ingress has been the standard way of getting HTTP/S services exposed. But let’s be honest, it often felt like a compromise. We wrestled with controller-specific annotations to unlock critical features, blurred the lines between infrastructure and application concerns, this complexity didn’t just make portability more difficult, it sometimes led to security vulnerabilities and other complications.
As part of Calico Open Source v3.30, we have released a free and open source Calico Ingress Gateway that implements a custom built Envoy proxy with the Kubernetes Gateway API standard to help you navigate Ingress complexities with style. This blog post is designed to get you up to speed on why such a change might be the missing link in your environment.
The Situation: The Ingress Rut
The challenge with traditional Ingress wasn’t a lack of effort, since the landscape is full of innovative solutions. However, the problem was the lack of a unified, expressive, and role-aware standard. Existing ingress controllers were capable, implemented advanced features, however at the same time tied you to a specific project/vendor.
This meant:
- Vendor Lock-In: Migrating from one ingress controller Continue reading
Where Are the NETCONF/YANG Tools?
Jo attempted to follow the vendor Kool-Aid recommendations and use NETCONF/YANG to configure network devices. Here’s what he found (slightly edited):
IMHO, the whole NETCONF ecosystem primarily suffers from a tooling problem. Or I haven’t found the right tools yet.
ncclient is (as you mentioned somewhere else) an underdocumented mess. And that undocumented part is not even up to date. The commit hash at the bottom of the docs page is from 2020… I am amazed how so many people got it working well enough to depend on it in their applications.
A Day in the Life of BGP
I want to look at just one day of the operation of the Internet’s BGP network by looking at the behaviour of a single BGP session. Nothing special or extraordinary happened on that day. There were no large-scale power blackouts, no major faults in the world’s submarine cable network, nor in the terrestrial trunk cable systems. No headlining-grabbing cyber attack took place on that day, as far as I’m aware. It was just an ordinary Thursday on the Internet, just like any other day, and I selected this day due to its very ordinariness! WhAt can this day tell us about BGP and the way we use it?My Experience at AutoCon3
This is my second time attending the AutoCon event. The first one I went to was last year in Amsterdam (AutoCon1), and it was absolutely amazing. I decided to attend again this year, and AutoCon3 took place from the 26th to the 30th of May. The first two days were dedicated to workshops, and the conference itself ran from the 28th to the 30th. I only attended the conference. I heard there were around 650 attendees at this event, which is great to see.
Network Automation Forum (NAF)
In case you’ve never heard of AutoCon, it’s a community-driven conference focused on network automation, organized by the Network Automation Forum (NAF). NAF brings together people from across the industry to share ideas, tools, and best practices around automation, orchestration, and observability in networking.
They typically hold two conferences each year, one in Europe and one in the USA, or at least that’s how it’s been so far. The European event is usually around the end of May, and the US one takes place around November. Tickets are released in tiers, with early bird pricing being cheaper. I grabbed the early bird ticket for 299 euros as soon as it was announced.
Continue reading
PP065: A Microsegmentation Overview
Microsegmentation divides a network into boundaries or segments to provide fine-grained access control to resources within those segments. On today’s Packet Protector we talk about network and security reasons for employing microsegmentation, different methods (agents, overlays, network controls, and so on), how microsegmentation fits into a zero trust strategy, and the product landscape. Episode Links:... Read more »HS105: How to Train Your Unicorn: Thoughts on Ops Architects
You need someone to design your operations processes–or perhaps redesign them. That’s an Ops Architect. Should you take an ops person and train them up in architecture? Or an architect and train them up in operations? Do you even have that ops/engineer/architect organizational structure – and should you? Johna and John dive into this discussion... Read more »
Building an AI Agent that puts humans in the loop with Knock and Cloudflare’s Agents SDK
This is a guest post by Chris Bell, CTO of Knock
There’s a lot of talk right now about building AI agents, but not a lot out there about what it takes to make those agents truly useful.
An Agent is an autonomous system designed to make decisions and perform actions to achieve a specific goal or set of goals, without human input.
No matter how good your agent is at making decisions, you will need a person to provide guidance or input on the agent’s path towards its goal. After all, an agent that cannot interact or respond to the outside world and the systems that govern it will be limited in the problems it can solve.
That’s where the “human-in-the-loop” interaction pattern comes in. You're bringing a human into the agent's loop and requiring an input from that human before the agent can continue on its task.
In this blog post, we'll use Knock and the Cloudflare Agents SDK to build an AI Agent for a virtual card issuing workflow that requires human approval when a new card is requested.
You can find the complete code for this example in the repository.
Knock is messaging Continue reading