[CentOS-mirror] Chinese IPs - Mirror Stats
mail-lists at karan.org
Sat Jan 23 13:58:26 UTC 2010
On 01/22/2010 02:19 PM, Prof. P. Sriram wrote:
>> an example - adsl2+ brings in approx 16Mbps downstram, thats plenty of
>> connectivity for most offices with<= 50 employes who mostly only do
> Is it 'reasonable' for such an organization to be generating more than 5
> active connections to a single upstream mirror? And that too after
If there are dozens of computers behind that nat ip, then yes - its
quite expected for them to generate more than a few connections per minute.
> receiving a 503 service unavailable message? That is what it will take to
> get on the netblock list for an hour. You may disagree, but I think this
> is a reasonable restriction to keep the server available and protected
> from (ab)users.
on a 503, yum will fall back to the next mirror in the mirrorlist.
However, it wont stop it from attempting a connection - and your machine
will keep them on the blacklist
>> How about turning off 'RANGE' requests in httpd ? is that an option.
> Maybe it was a version thing, but the url rewriting did not work on the
> server in question.
byte range partial gets are a http 1.1 thing arnt they ? If you want to
stick with 1.1, you can still disable them with unset header, and remove
that from the request completely.
iirc, kernel.org and heanet.ie both have partial gets disabled, wonder
if they will share some info on how they are doing this and what their
recommended solution to this sort of heavy hitrate from small number of
More information about the CentOS-mirror