Nicolas Thierry-Mieg wrote:
> Markus Falb wrote:
>> On 15.1.2013 22:18, Nicolas Thierry-Mieg wrote:
>>> Markus Falb wrote:
>>
>>>> dns round robin is not very helpful for me doing firewall rules.
>>>> How would you solve this yum and firewall thing?
>>>
>>> pick a mirror that's close to you and trustworthy (ie stays up to date),
>>> and use that as your baseurl.
>>
>> you mean per ip
>>
>> mirror.centos.org has address 91.215.65.226
>> baseurl=http://91.215.65.226/centos/$releasever/cr/$basearch/
>>
>> avoiding dns. yes, it would be possible, but how reliable it is?
>
> no, I meant choose a good one from the list:
> http://www.centos.org/modules/tinycontent/index.php?id=31
>
> for example myself I could pick http://mirrors.ircam.fr/pub/CentOS/
>
> then put that name (not IP) in your baseurl:
> baseurl=http://mirrors.ircam.fr/pub/Centos/$releasever/cr/$basearch/
>
> and comment out mirrorlist= since you don't use it anymore.
>
> Similar to what you're saying but no need to avoid DNS, and the choice
> of mirror is important.
>
> It's reliable if the mirror you use is reliable. Not as much as
> mirrorlist, but some mirrors are quite solid. I've used this approach
> for some machines for many years without having to change my mirror.
> Just make sure you pick a good one.
I agree you will need to run a cron job to check that the IP of your
mirror hasn't changed, and if it did update the firewall rule, although
that won't happen often.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
