[WBEL-devel] Re: [WBEL-users] Security updates

Thomas Swan tswan@idigx.com
Fri, 21 May 2004 15:03:52 -0500 

Sean McAdam wrote:

> John Morris wrote:
>
>>On Thu, 20 May 2004, Milan [iso-8859-2] Ker¹lįger wrote:
>>
>>  
>>
>>>as there are troubles with WBEL mirrors and with release delays, I
>>>suggest to update all needed components by hand. This mean download from
>>>http://whiteboxlinux.org/pub/3.0/en/updates already released updates:
>>>    
>>>
>>
>>The problem was too many people trying to download direct.  Which is why I
>>have killed http access to the whole /pub tree as of this afternoon.  And
>>why the rsync appears to have finished between here and NCSU.  Really
>>didn't want to have to do that, but it was the only way.  After I get the 
>>latest batch of errata posted I'll switch it back on.
>>
>>Longer term I'm really wondering how to get new versions out.  
>>
>
> Would some sort of multi-tiered mirroring be appropriate?  Perhaps you
> can provide the official site, with a few high bandwidth primary
> mirrors. From there the secondary mirrors can rsync the updates. 
> (that is what I do now for my own mirror server. It handles updates
> for about 40 boxes)
>
> Then setup and distribute the default up2date and yum configuration
> files to point to a round robin DNS entry such as:
> update.us.mirror.whiteboxlinux.org. (replace "us" where appropriate)
>
> I would not mind hosting such a secondary mirror.  I have a total of 3
> Mbits that does not do too much at night, and I can spare 1 Mbit
> during the day.  If we can get several people to host secondary
> mirrors for updates that would remove your overworked T1 from getting
> pounded from default installs updating.

I was thinking of suggesting this myself.   You could do
mirrors.whiteboxlinux.org be a set of CNAME entries for all the other
mirrors.   If you had yum and up2date pointing to that one entry you
could easily divert the updates to other sites and keep the yum/up2date
site entry down to one by default.  The hardest part is making sure the
mirrors have the same directory structure from the root of the mirror
name.   If you can do that, the round robin idea should be easy to
implement.