[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CDN Mirrors for GNU Guix

From: Chris Marusich
Subject: Re: CDN Mirrors for GNU Guix
Date: Wed, 08 Feb 2017 03:36:41 -0800
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

address@hidden (Ludovic Courtès) writes:

> Hello Tom,
> Tom Li <address@hidden> skribis:
>> Currently, GNU Guix is still in the early stage of development, and there is 
>> a great
>> lack of mirrors worldwide. For example. in my region, using GNU Guix is 
>> incredibly
>> slow, the speed is around 4 KiB/s and rendering it almost unusable.
> Woow, that sounds really extreme!  Do you always have such a bandwidth,
> or did you just happen to be unlucky somehow at that time?
> Regardless, I agree that we should have more mirrors and a wider
> distribution.
>> Therefore, I created two CDN mirrors of, by 
>> using
>> CloudFlare and Amazon CloudFront's service. I know some have the concerns 
>> about
>> such type of centralized corporation-controlled service. Personally, I have 
>> done my
>> best to minimized the security risks (HTTPS only, untouched signatures) and 
>> set ip
>> up faithfully. Please use it according to your own judgement.
>> they are available at:
>> *
>> *
>> Since they are identical mirrors of Hydra, you just need to use 
>> `--substitute-urls=`
>> in order to use it.

I'm curious to know what the cache hit rate of your CloudFront
distribution is.  I have one, too, at, and the hit rate is surprisingly low
(less than 5%, last I checked).  It's probably because I'm the only one
using it, though :-)

> Nice!  (Though I should say that I hate CloudFare for essentially
> preventing Tor users from accessing what they host.)
> I think it may be time to arrange so that (or some
> other host name?) can somehow redirect users to external mirrors.  I’m
> not sure how to achieve this, so if anyone has experience in this area,
> help is welcome!

One option is to use DNS round robin.  The main problems with
traditional DNS round robin is that you don't always get a "nearby"
(according to some metric such as latency or geographic location)
address, and if one of the addresses is "unhealthy" (according to some
metric such as external network connectivity), some clients might still
get (and cache) the unhealthy address.  Some DNS services (e.g., Amazon
Route 53) provide "smarter" features that will return nearby records or
healthy records, but I do not know how easy it is to use those features
when you are trying to route requests to another domain or address
outside of your own control.  Beyond DNS, I suppose you could implement
some kind of application layer logic, perhaps involving HTTP redirects,
but it would not be as simple as DNS round robin.


Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]