Re: cr repo and firewalling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]




Nicolas Thierry-Mieg wrote:
> Markus Falb wrote:
>> On 15.1.2013 22:18, Nicolas Thierry-Mieg wrote:
>>> Markus Falb wrote:
>>
>>>> dns round robin is not very helpful for me doing firewall rules.
>>>> How would you solve this yum and firewall thing?
>>>
>>> pick a mirror that's close to you and trustworthy (ie stays up to date),
>>> and use that as your baseurl.
>>
>> you mean per ip
>>
>> mirror.centos.org has address 91.215.65.226
>> baseurl=http://91.215.65.226/centos/$releasever/cr/$basearch/
>>
>> avoiding dns. yes, it would be possible, but how reliable it is?
>
> no, I meant choose a good one from the list:
> http://www.centos.org/modules/tinycontent/index.php?id=31
>
> for example myself I could pick http://mirrors.ircam.fr/pub/CentOS/
>
> then put that name (not IP) in your baseurl:
> baseurl=http://mirrors.ircam.fr/pub/Centos/$releasever/cr/$basearch/
>
> and comment out mirrorlist= since you don't use it anymore.
>
> Similar to what you're saying but no need to avoid DNS, and the choice
> of mirror is important.
>
> It's reliable if the mirror you use is reliable. Not as much as
> mirrorlist, but some mirrors are quite solid. I've used this approach
> for some machines for many years without having to change my mirror.
> Just make sure you pick a good one.

I agree you will need to run a cron job to check that the IP of your 
mirror hasn't changed, and if it did update the firewall rule, although 
that won't happen often.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux