On 15.1.2013 22:18, Nicolas Thierry-Mieg wrote: > Markus Falb wrote: >> dns round robin is not very helpful for me doing firewall rules. >> How would you solve this yum and firewall thing? > > pick a mirror that's close to you and trustworthy (ie stays up to date), > and use that as your baseurl. you mean per ip mirror.centos.org has address 91.215.65.226 baseurl=http://91.215.65.226/centos/$releasever/cr/$basearch/ avoiding dns. yes, it would be possible, but how reliable it is? I realise that the name based mirrorlist has the same problem with ip adresses going stale eventually. The problem is that firewall is acting on ip adresses but mirrorlist is spitting out names. So what I did recently is periodically resolve the ips and update the firewall rules with the new ip list hoping that not all of them are stale until the next reload of firewall. Hmm. -- Kind Regards, Markus Falb
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
