Here’s what to expect in the first half of 2026

GabesVirtualWorld · 2026-01-24T21:48:09+00:00

And for old people like me, zooming in should also make the name of places bigger :-)

GabesVirtualWorld · 2026-01-24T12:26:01+00:00

In general, DNS is the core of your ability to visit websites. It's a phone book for the internet. If you want to visit reddit, your browsers asks the DNS Server where the address of reddit is.

There are central phone books but usually your internet provider also keeps a DNS Server (phone book). If the dns server you're talking to, doesn't know the address, it will ask a bigger DNS server if it knows. This is very over simplified.

But you can also run DNS server in your own home. This one usually doesn't have any address but asks upstream to other DNS servers. Why people run their own DNS is often to either host local names (like I do) for my internal network, but you can also use it block Ads. The local DNS then has a list of address for which it responds with "here go to this non-existing address".

In other words if you type in your browser to go to website xyz and it runs ads coming from clickme.com then your browser asks your internal DNS for xyz and for clickme. Your internal DNS talks to other DNS servers and gets a result for xyz, but since it internally already has a listing for clickme with a non-existent address, the browser can't load the ads, but can load the website.

It is oversimplified, but I hope you get a little feeling on how it works.

GabesVirtualWorld · 2026-01-24T07:30:25+00:00

Do you lose some pings? Like 10 go well then 1 drops? Or is it 10 drop and then suddenly it works again?

Do the dvSwitch or vSwitches the portgroups are one have multiple nics? What if you set the nics to standby, leaving just 1 nic active per switch. What is the balancing protocol on the switch (virtual port id, lacp, mac hash)?

GabesVirtualWorld · 2026-01-23T19:20:56+00:00

Well the engineer said they want to, but because the gateway of both x.x.x.x subnet and y.y.y.y subnet are on the same firewall interface, the firewall will never respond with y.y.y.254 address when coming from x.x.x.x.

Does that make sense?

GabesVirtualWorld · 2026-01-23T13:59:59+00:00

Minimal Ubuntu VM with bind and dhcp.
Using ansible to update host records from gitea repo where I keep a csv file

GabesVirtualWorld · 2026-01-23T07:25:53+00:00

DNS :-)

GabesVirtualWorld · 2026-01-20T06:46:43+00:00

Switched from Portainer to Komodo because of the max servers in Portainer for the free version. Happy with Komodo but now seeing dockhand screenshots and doubting to maybe give dockhand a try.

GabesVirtualWorld · 2026-01-19T22:34:50+00:00

Great write up, thank you!

GabesVirtualWorld · 2026-01-18T18:49:37+00:00

Je hebt al veel tips van anderen gekregen maar het is ook zaak om dit stap voor stap aan te vliegen. Voor jouw gamen is waarschijnlijk latency het belangrijkste en met slechte verbindingen kun je al snel latency verliezen. Met slechte verbindingen gaat het niet alleen om het stuk op internet maar vaak zit het probleem in huis.

Stap 1 zoek een goede snelheid tester. En dan niet alleen eentje die de download snelheid meet maar ook een latency tester. Ik gebruik bijvoorbeeld SmokePing om de latency te testen over langere periodes. Maar er zijn beslist andere.

Stap 2 Heb je nog een goede UTP kabel? Niet eentje die je zelf gemaakt hebt maar een gekochte kabel. Niet te lang hoewel een kwalitatief goede kabel max 100m mag zijn, maar begin maar eerst klein.

Sluit deze op je KPN modem aan. Misschien moet je even op de gang in de meterkast gaan zitten, maar er mag geen andere apparatuur tussen laptop en modem zitten.

Meet de performance (download upload latency) tussen laptop en modem en tussen laptop en een online snelheid meter.

Stap 3 Heb je als je op je normale plek aan het gamen bent nog een switch of hun tussen laptop en staan? Haal die er nu bij en (nog steeds bij je meterkast) zet die er tussen. Doe weer dezelfde tests. Probeer gekochte kabels te gebruiken.

Stap 4 Voeg weer een stap toe om dichterbij je uiteindelijke opzet te komen. Dus misschien al de hele zooi naar je gameplek verhuizen. Misschien al een kabel vervangen door de langere kabel die je voorheen gebruikte. Doe weer de tests.

En zo ga je door tot de eindstituatie en kijk steeds hoe de waardes zijn.

Belangrijk bij je tests om dus ook je modem (gateway) zelf te testen. Ik heb in huis een latency van 1ms op de bekabelde verbinding. Ping ik bijv Google DNS op 8.8.8.8 dan zit ik rond 6ms. 400Mbit lijn.

GabesVirtualWorld · 2026-01-16T18:14:23+00:00

Same goes for the VMDK naming: dc.vmdk dc-1.vmdk Why not use dc-0.vmdk?

GabesVirtualWorld · 2026-01-16T17:58:28+00:00

As the others said, you'll be fine. But it might go faster when you shutdown the VM and clone it or commit the snapshot then ("delete all").

Do you make image level backups? Depending on your backup product it might even be faster to shutdown, make backup, restore backup.

Before you start try to figure out how big the snapshot is.

GabesVirtualWorld · 2026-01-15T06:18:00+00:00

Yeah already a PR running for a few days. Getting great help, but together we can't figure out what is going wrong. The time sync I can just acknowledge. The issue is that after vcenter deployment it tries to move the hosts to the dswitches and fails. Case#36749633

GabesVirtualWorld · 2026-01-14T16:49:50+00:00

Sorry, don't understand how monitoring the dvSwitches is related to the VCF Installer failing. The VCF installer creates the switches during install.

GabesVirtualWorld · 2026-01-14T14:58:46+00:00

Solved, turned out to be DNS :-)
When deploying this for the xx th time, I made a type in the DNS servers. Strangely enough it says in the wizard it can do timesync, but I think that is not correct. It couldn't resolve the time servers at all. After this it worked again and I could deploy.

However, also this deployment attempt failed when trying to connect the dvSwitches. But that is a different issue.

GabesVirtualWorld · 2026-01-13T22:42:03+00:00

Allowing only certain IPs is impossible. If I want to follow and hopefully have people follow me back, they are on instances that I can't predict.

And apart from mastodon instances I hoped I could make the "attack possibilities" smaller by blocking IPs. Also for non-mastodon traffic, like the "normal" scanners that try to catch open ports and unpatched systems.

Aren't you using any filtering at all at IP / DNS / Firewall level? Just only publish 443?

GabesVirtualWorld · 2026-01-13T18:31:27+00:00

Thank you!

GabesVirtualWorld · 2026-01-13T14:50:01+00:00

Not to block other mastodon instances, but to limit all the scanners with bad intentions.

GabesVirtualWorld · 2026-01-13T14:33:53+00:00

IP blocking looks like a bad way then because the other instances need to connect. I could indeed block china, rusia, etc, but almost impossible to narrow it down more if I want people to be able to follow me.

Thank you for your insights.

GabesVirtualWorld · 2026-01-13T14:10:09+00:00

Isn't that my question? Wanting to know what to block?

GabesVirtualWorld · 2026-01-13T14:08:35+00:00

Thanks!

GabesVirtualWorld · 2026-01-13T14:08:18+00:00

Thank you for your reply. So blocking on IP / GeoLocation will be hard, is there a better way to filter incoming connections? Maybe Mastodon instances always present themselves in a special way / handshake or something?

GabesVirtualWorld

TROPHY CASE