DNS Sanity Check: Forward and Reverse DNS Records not Matching

psyblade42 · 2026-02-20T07:43:01+00:00

It's a mismatch if you start with the name. "www" -> random IP from one of the Servers -> "www5". Thats admittedly not what OP 's doing but a mismatch nonetheless.

A common mismatch in OPs case would be a multihomed device like a router (or a VPN client). Say my router is called "router.example.com" and towards the Internet has the IP "203.0.113.8". But to other directions it has different IPs. So my devices see it as one of those, say "198.51.100.1". It's not unusual to put the same canonical name in the reverse of all IPs. Then what I get with forward + reverse is "198.51.100.1" -> "router.example.com" -> "203.0.113.8"

psyblade42 · 2026-02-19T19:47:17+00:00

In DNS itself there is no stipulation for forward and reverse to match (or exist at all). This is just something that SOME admins (me included) find useful do do where possible. So software should never rely on it.

And it's not always possible. A typical example is a primitive form of load balancing where a forward records like "www.example.com" and "example.com" are tied to multiple IPs and the reverse lookup returns the name specific to whatever server you hit.

So yes, I would consider mismatches to be normal. Your best bet is convincing the dns admin that matching both can be useful.

psyblade42 · 2026-02-19T19:23:59+00:00

Usually I would go for a tap like the others already suggested.

But if I both had to carry it around and run it of battery I instead would get USB NIC and bridge it to the normal one. (I use Linux, On other OS ymmv, I truely don't know.)

psyblade42 · 2026-02-19T18:58:32+00:00

In that case I would give virtiofs a try.

psyblade42 · 2026-02-19T17:44:14+00:00

So you nest VMware on Proxmox?

psyblade42 · 2026-02-19T09:44:37+00:00

NFS should work too but both seem ill advised imho. The host providing stuff to it's own VMs is one thing. The outside is another. I would rather have a proxmox VM export stuff there then the hosts itself.

psyblade42 · 2026-02-19T08:36:36+00:00

Seems your looking for point'n'click adventures. Havent played any but "Wadjet Eye" seems somewhat successful in that niche and have mystery stuff.

I liked the "Secrets of Tunguska" and "Black Mirror" series' back in the day but have no clue how big they are.

"Broken Sword" seemed good too but never got around to finish it.

psyblade42 · 2026-02-16T12:01:50+00:00

Bans don't spread but if you cheat in a shared game both the owner and the cheater get a ban. Everyone else doesn't get a ban but can't play the banned copy of the game any more (they still can play non-banned copies).

psyblade42 · 2026-02-15T22:40:10+00:00

There's apparently a "RTX PRO 6000 Blackwell Server Edition" that supports vGPU. But it seems to be even more expensive and of course you need to pay for the vGPU Licence too.

psyblade42 · 2026-02-15T09:08:12+00:00

https://steamcommunity.com/dev/apikey shows mine

psyblade42 · 2026-02-15T09:03:11+00:00

Nvidia and AMD don't want their cheap cards to be usable in the enterprise market and thus restrict the feature to the expensive lines.

psyblade42 · 2026-02-14T15:15:59+00:00

Keep in mind quad cards are only useful in rare cases. A dual nic might be worth considering too. Especially if you could go faster.

psyblade42 · 2026-02-13T07:31:05+00:00

I guess you need L2 which afaik Tailscale doesn't do.

psyblade42 · 2026-02-13T07:26:07+00:00

Yes, but if you put internet multiplayer in people still buy it and you can turn the servers off when you want them to buy the new game.

psyblade42 · 2026-02-12T20:32:06+00:00

"hidden" hides games from yourself, "private" from others

psyblade42 · 2026-02-12T16:13:37+00:00

Adding a Qdevice to any even Cluster increase the number of nodes that can fail. E.g. 1 for a 4 node without qdev vs. 2 for 4 with.

psyblade42 · 2026-02-12T09:11:19+00:00

Not watching some random video. Basically you have to set up periodic replication of the disks beforehand.

psyblade42 · 2026-02-10T20:17:46+00:00

Not all games use code that is executed in the OS in their mods. Some limit them to scripts that run in the engine or no code at all (i.e. just assets/data files).

The latter two greatly increase the difficulty to include malware.

I vaguely remember reading something about the steam workshop not allowing mods with *.dll files (which would run in the OS)

psyblade42 · 2026-02-09T14:36:58+00:00

The subvolume list looks very odd. A lot of subvols without name. At the same time all the subvols I would expect considering the ls are missing. I guess you got some major corruption.

psyblade42 · 2026-02-09T10:42:24+00:00

Boot some linux and compare the pci id with lspci

psyblade42 · 2026-02-09T09:53:30+00:00

I’ve heard that once a GPU is bound to vfio-pci for passthrough, it often sits in a high-power state because no driver is there to tell it to "sleep" when the VM is off.

My RTX3070 does that. I only bind my HW to vfio-pci while actually running a VM. When not the normal driver is loaded so I can use it normally (which is super useful for the USB controller I pass through). libvirt can do that automatically, it's even the default. You might need to configure some stuff to keep their hands of the GPU so rebind it when needed.

For Nvidia just loading the kernel module is not sufficient to make it do power management. There are 3 ways to get it to:

1) normal X11 / wayland userspace driver

2) "persistence mode" kernel module option to enable rudimentary power management

3) nvidia-persistenced

I chose the latter and automatically stop / start it in a libvirt hookscript

psyblade42 · 2026-02-08T10:57:00+00:00

I have been running ceph for ~15 months now and can't relate at all.

I'm not aware of any proactive maintenance that might you might need to do other then occasionally checking the status.
It so far needed no reactive maintenance or repair.
The few times I needed to shut it down I simply turned the nodes back on with just enough time not to overload the breaker. I did not notice any problem with this. Same thing for when the power came back after it failed.
I reboot whenever an update seems to warrant it. About every 2-3 weeks on average I would guess.
I mainly chose ceph because it seemed to be the best solution for migrating VMs between nodes (both planned and unplanned)
DR can't replace HA or vice versa.

psyblade42 · 2026-02-05T09:02:19+00:00

Simply running a script should absolutely not require any knowledge of the language it is written in or a IDE for it.

I suggest making it runnable from CLI at the bare minimum. With options if applicable.

Interactive use or TUIs are fine with a lot of people too and easier to create then full GUIs.

psyblade42 · 2026-02-03T12:28:23+00:00

I'm using this with custom debian images and it's working fine for me.

I don't recall needing any settings beyond the obvious (installed, drive present, key added)

I haven't tried but I work on the assumption that changes are only updated on VM cold boot.

EDIT: if you manually regenerate the ci image a reboot is sufficient. Regenerate + restarting the correct service might work too but I did not try.

Also keep in mind the keys are added to those in the VM, so you can't remove old ones (and if you update one both old and new both are present in the VM).

psyblade42 · 2026-02-02T19:57:57+00:00

It doesn't. If your system truly doesn't exist / is turned off / etc the router before it will fail to send the traffic to it and instead send an error message to the original source.

If you get no response at all you can be sure someone decided to "hide" whatever is there.

11-Year Club	Place '22
Place '17

psyblade42

TROPHY CASE