[mirror-admin] MM & dynamic DNS behind NAT?

[Matt Domsch]

On Mon, Jun 29, 2009 at 01:13:21PM -0400, Douglas Wade Needham wrote:
> Trying to remember who I had this conversation with off-list right as
> I was trying to get onto the list.  It may not be doable right now,
> but one scheme I could see would be to do the following:
> 
> 1) Save the IP address of the last server reporting for the record in
>    the record for a given server.  So for example, if your ISP has
>    given you a mapping of say 74.75.76.77 for your public IP address,
>    that would be recorded in your server record along with the last
>    time reported.
> 
> 2) Add code which looks for a site-local netblock of something like
> 
> 	0.0.0.0/32
> 
>    or even 
> 
> 	0.0.0.0/29
> 
>    And then substitute the last reporting IP in the data which is used
>    to map to the list of mirrors.

I'm about to push out a new copy of MM which lets you use a DNS name
in your netblock lists.  As long as you can keep that DNS name
pointing at the right address, you'll be in pretty good shape.

I have _no_ way of addressing Dax's other concern, that of the lag
between when an IP address might change, and the top-of-the-hour
refresh of the MM caches.  For now I'm going to believe that IP
address changes for NATs are infrequent enough that the this 1 hour
cache delay is not a problem.  What I am not willing to do is remove
the caching (it's the only thing that keeps MM from falling over
constantly), nor can I do DNS lookups through the netblock lists on
each client connection.

While I could also add code to report_mirror to let you change the
netblock lists "on the fly", it won't solve the above caching
challenge; it would only reduce the latency that Dynamic DNS updates
could take (say, 5 seconds), down to the time it takes to run
report_mirror (which, right now is > 5 seconds).  So no huge win here.


-- 
Matt Domsch
Technology Strategist, Dell Office of the CTO
linux.dell.com & www.dell.com/linux

--