1 |
On Sun, Mar 21, 2010 at 05:31:30PM -0400, Mark Loeser wrote: |
2 |
> Please make sure that you have mirrorstats.gentoo.org in your whitelists |
3 |
> for your mirrors. It is a CNAME that points to the machine we have |
4 |
> monitoring all of the mirrors, so please only check that |
5 |
> mirrorstats.gentoo.org resolves to who is connecting. If the IP is blocked |
6 |
> by your mirror, it makes our monitoring much more difficult. |
7 |
I should have clarified when I asked Mark to pursue the whitelisting. |
8 |
|
9 |
I do not want a DNS lookup involved in day-to-day ACLs. In our case, we |
10 |
resolve DNS entries to IPs in firewall rules when the rule is loaded (or |
11 |
reloaded), not at any other point. |
12 |
|
13 |
Neither forward nor reverse DNS are sufficiently reliable or fast enough |
14 |
for continuous lookups. |
15 |
|
16 |
mirrorstats.gentoo.org is presently a CNAME record to the actual machine |
17 |
A record, magpie.gentoo.org, which is at 209.177.148.226. |
18 |
|
19 |
We moved it there from the older mirrorstats box, warbler, which was at |
20 |
140.211.166.162. |
21 |
|
22 |
Mirrorstats may move again in a few months, as part of some services |
23 |
shuffling (consolidation of services along different axes that |
24 |
previously). |
25 |
|
26 |
-- |
27 |
Robin Hugh Johnson |
28 |
Gentoo Linux: Developer, Trustee & Infrastructure Lead |
29 |
E-Mail : robbat2@g.o |
30 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |