Understood. I wasn't too worried about trying to nail connections down to the state level personally, just country. But yes you are correct by proxying the traffic through Cloudflare you would not be able to get a good geolocation on it for state-level awareness. I've come up with a different solution though and have sent a new email with my new mirror information :-) For what it's worth for others that read this thread, I have received positive confirmation from Cloudflare support that as long as you are not caching the content, you *are* permitted to use the proxy service for non-static, non-website content, and it is not a violation of their TOS. Interesting information and good to know for the future! [image: image.png] On Wed, Mar 31, 2021 at 5:05 AM Fabian Arrotin <arrfab at centos.org> wrote: > On 28/03/2021 05:41, Russell Jones wrote: > > Hello admin, > > > > I would like to offer a new US CentOS mirror, but I will need to use > > Cloudflare to proxy the requests. I have a gigabit up/down connection > > that will be stable, however the ATT provided gateway/router/modem combo > > chokes on a large amount of different IP addresses coming in at once. I > > have found that if I route the traffic through Cloudflare, it can handle > > the 200 or so unique IP's Cloudflare uses without an issue. I am > > currently hosting EPEL and Fedora Buffet public mirrors without any > > problems this way. > > > > Any issues with this setup? > > > > > > Thanks! > > > > Hi (sorry for late answer). > We never had any official statement for people putting mirror behind > CDN, as we also use for some services CDNs providers (AWS and CDN77 are > sponsoring the project as one example). > > But as you saw in previous answers, you should probably verify first > that it wouldn't be a problem with your CDN (cloudflare here) provider. > > Second thing : as said too, we redirect traffic ourselves (through > mirrorlist.centos.org) by using GeoIP at the origin IP level, and > compare that with our lists, including for USA at the state level (for > efficiency). > > I don't think you mentioned the State your mirror would be in, but in > fact that means that we'd be hitting cloudflare, so don't even know if > in that case people would still be redirected to correct state, or > instead other PoP in their network. > > What do you think ? > -- > Fabian Arrotin > The CentOS Project | https://www.centos.org > gpg key: 17F3B7A1 | twitter: @arrfab > _______________________________________________ > CentOS-mirror mailing list > CentOS-mirror at centos.org > https://lists.centos.org/mailman/listinfo/centos-mirror > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20210402/ff2499cb/attachment.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 70533 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos-mirror/attachments/20210402/ff2499cb/attachment.png>
