On Fri, Jan 16, 2009 at 11:18:14AM -0800, Russ Allbery wrote:
> It's worth bearing in mind that that's a bad assumption, too. We
> use a local security mirror in full knowledge that it's not
> recommended, but we watch it closely and will manually sync if
> need be. We do this because we have systems on IP addresses that
> are not routable to the Internet and need an on-campus source for
> all package updates. Having a local mirror is easier for our
> purposes than using a proxy.
Same here, though with a caching Debian package proxy instead of an
actual mirror. Nonetheless, s.d.o only sees one download of a given
security update even though it's actually being retrieved by
hundreds of machines.
For that matter, we also have a separate network for facility
security systems which is not connected to the Internet, and once a
month we rsync a detachable drive on an Internet-connected machine,
then sneaker-net it back to the system acting as a security update
repository for the other hosts.
--
{ IRL(Jeremy_Stanley); PGP(9E8DFF2E4F5995F8FEADDC5829ABF7441FB84657);
SMTP(fu...@yuggoth.org); IRC(fu...@irc.yuggoth.org#ccl); ICQ(114362511);
AIM(dreadazathoth); YAHOO(crawlingchaoslabs); FINGER(fu...@yuggoth.org);
MUD(fu...@katarsis.mudpy.org:6669); WWW(http://fungi.yuggoth.org/); }
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
