Markus Falb wrote: > On 15.1.2013 22:18, Nicolas Thierry-Mieg wrote: >> Markus Falb wrote: > >>> dns round robin is not very helpful for me doing firewall rules. >>> How would you solve this yum and firewall thing? >> >> pick a mirror that's close to you and trustworthy (ie stays up to date), >> and use that as your baseurl. > > you mean per ip > > mirror.centos.org has address 126.96.36.199 > baseurl=http://188.8.131.52/centos/$releasever/cr/$basearch/ > > avoiding dns. yes, it would be possible, but how reliable it is? no, I meant choose a good one from the list: http://www.centos.org/modules/tinycontent/index.php?id=31 for example myself I could pick http://mirrors.ircam.fr/pub/CentOS/ then put that name (not IP) in your baseurl: baseurl=http://mirrors.ircam.fr/pub/Centos/$releasever/cr/$basearch/ and comment out mirrorlist= since you don't use it anymore. Similar to what you're saying but no need to avoid DNS, and the choice of mirror is important. It's reliable if the mirror you use is reliable. Not as much as mirrorlist, but some mirrors are quite solid. I've used this approach for some machines for many years without having to change my mirror. Just make sure you pick a good one.