LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

September 2008

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS September 2008

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Please use mirrors if possible
From:	John Summerfield <[log in to unmask]>
Reply To:	John Summerfield <[log in to unmask]>
Date:	Fri, 5 Sep 2008 13:44:54 +0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (85 lines)

Troy Dawson wrote:
> Hello,
> We've been getting reports from several people about yum updates falling 
> due to  a file not being available.
> 
> Please know that ftp.scientificlinux.org get's alot of traffic.  
> Especially after a new release, it get's an immense amount for about a 
> month or two.  This is why we moved rsync.scientificlinux.org to be a 
> different machine, hoping that it would help out.
> 
> What kind of load and traffic are we talking about.  The current load is 
> 44, on a 2 cpu machine.  The current number of connections (http and 
> ftp) varies between 550 and 600 at any particular time this morning.
> 
> The machine can handle it.  Our network can handle it.  That isn't 
> what's bothering me.
> 
> There are some labs and universities that have their own mirror's, right 
> at the lab and/or university.  These same labs and universities also 
> have very large clusters (100's to 1000's of machines per cluster).  
> These same labs and universities are pointing their large clusters of 
> machines at ftp.scientificlinux.org instead of their own mirrors.
> This is causing the quality of service to go down for all the other users.
> 
> If you have a mirror.  Please use it, especially for your clusters.
> 
> Fastestmirror is also good.
> 
> We have the yum plugin fastestmirror in the repository, and we have 
> plenty of plublic mirrors around the world.  Please use them.
> 
>   yum install yum-fastestmirror
> 
> In the directory /etc/yum.repos.d/ edit the files sl.repo and 
> sl-security.repo, or sl-errata.repo.  Comment out the "baseurl=" 
> line(s), and uncomment the "mirrorlist=" line.
> 
> I don't want to have to do anything drastic like force people to use 
> mirrors, or force people to use fastestmirror.  I want mirrors to be an 
> option people choose, not something that is forced on them.
> 
> So please, if you have a large cluster of machines, please use a mirror.

Troy, why not choose a number, and write a firewall rule that prevents 
anyone from getting that many connexions per hour/day, whichever seems 
good to you?

I do this to limit ssh connexions, so the ungodly have less chance to 
guess my passwords. My number is 2 and my interval is an hour, and I log 
both accepted and rejected connexions. I find I drop 90% of requests 
from outside my preferred area.

I figure that if I found myself needing to get in from outside my 
preferred area, that I should be able to get my password right half the 
time:-)

In your case, your number might be a little higher, and maybe when sites 
exceed that number you throttle them.

Depending on the numbers you choose, most people probably wouldn't 
notice anything.

Sites coming at you from public IP addresses might need some more 
thought, in my experience Linux _seems- to be counting for each 
individual IP address where you might want to control /24 or even /16 
addresses.





-- 

Cheers
John

-- spambait
[log in to unmask]  [log in to unmask]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV