On 01/15/2013 02:58 PM, Markus Falb wrote: > Hi, > I find myself in a complicated situation and would like to ask the > oracle (choke!) for help. I would like to install the packages from > the continuous release repo and the yum config for this repo says > > baseurl=http://mirror.centos.org/centos/$releasever/cr/$basearch/ > > well, I definitely do not want to allow worldwide outgoing http so I > try to find the IPs > > # host mirror.centos.org > mirror.centos.org has address 93.113.36.66 > > but! wait... > > # host mirror.centos.org > mirror.centos.org has address 88.198.211.197 > > dns round robin is not very helpful for me doing firewall rules. > How would you solve this yum and firewall thing? mirror.centos.org is very dynamic ... not just round robin. We add and remove machines from that name all the time and it picks a location based on GeoIP of the requester. As you can imagine, with millions of machines using that name to get updates it needs to be more than one server ... and normally we have somewhere between 25 and 40 servers that can answer as mirror.centos.org worldwide. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 262 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20130115/dc0badc2/attachment-0004.sig>