On Sunday 26 December 2010 18:19:22 S Mathias wrote: > No port forwarding is needed in p2p (no need for open ports [? fixme]): > http://samy.pl/pwnat/ While I find these ideas of NAT and firewall-piercing quite interesting, there is always a "but" somewhere --- in the pwnat case, it is a "but what if the ICMP is filtered?" (as it actually is for most NAT'd networks I've seen). The only permanent solution to usability of p2p in general is IPv6, where all addresses will be public and thus accessible from outside. And IPv6 would fix other protocols broken by introduction of NAT, not just p2p stuff. But until then, p2p can never be completely reliable/available to everyone, as http is now. > Common sense: if i need to spread lot's of files no matter small or big, to > many-many-many-many pc's, then i would give a 10 Mbit line to the master > server, and the remaining job is done by the people, so that in this way, > they could contribute to the project. Not everyone needs every file to update, so this will not scale as well as you might imagine. Also, with all the mirrors out there, I don't see much benefit in using p2p for updating. > The Fedora installer could contain a question: how would you like to > receive updates? [if e.g.: GNOME is installed, the updates would be > "forced*", because it's likely not a server, just a desktop pc] Forced? Why? I generally do a "yum update" only manually, and even then I inspect what is to be installed before I agree to proceed. And I'm a desktop user. No, you never want to *force* updates on people, it might break some 3rd party software they are maybe using. Think kernel updates and nVidia closed source drivers, as the most common example. > - and the > answers would be: by http or by p2p (or p2p with encryption) Whereas only http is the protocol that can be assumed to be available everywhere and to everyone. The p2p solutions always rely on other ports being open, UDP/ICMP availability, etc. > + if i go to the main website, and click "Get Fedora" > > https://fedoraproject.org/en/get-fedora > > it would need to accentuate the ISO download by torrent, not http, the > servers would be way more "relieved", and ready for any expected, or > unexpected loads (ddos, a version of Fedora is out, growing number of > Fedora users). Oh, my... You surely missed an *insanely* big thread on this list, devoted precisely and exclusively to the *bitching* about removal of bittorent links from the then- newly-designed "get fedora" website... IIRC, Mairin Duffy was nearly crucified for removing the torrent link from the page. In a nutshell, the argument was that (according to statistics) only every fifth Fedora user actually uses torrent to download the .iso. The counterargument was that (again according to statistics) since there are cca 1 million Fedora users out there, 200 thousand people just got screwed. The counter-counterargument was that people who know how to use torrent typically know how to use google to find the .torrent of the .iso, so no need for a link. The ccc-argument was that anyone with a clue what is an operating system could use google to find a Fedora .iso, so no need for a "get Fedora" page in the first place, which defeats the purpose... And so on and on, with a lot of tangent discussions and even more unrelated bitching about list ettiquette etc... Look it up in the archives, if you are interested. The whole thing was eventually resolved when Mairin gave in (based on some sound and friendly advice of other Fedora devs) and created a link for "other download methods, including torrents" and updated the website... My point --- you don't want to open that topic again. ;-) > I'm sure there would be many Fedora or other RPM based distribution users, > who would happily seed the packages. Broadband connections, HDD's are > cheap in 2011. There are mirrors who happily do that right now via http, so I don't see any serious benefit. > *by forcing i meant it should install updates without asking, the primary > security relies on that the packages are up-to-date or not. No, the primary security relies in the brain of the person using the computer. Automatic updates that leave the user out of the loop are known to be a Very Bad Idea (tm). I've seen automatic updates breaking my own and other people's systems more often than I want to remember, and the whole thing can get pretty bad occasionally. Just think of a new kernel update which breaks the closed nVidia drivers (or sometimes open radeon drivers ;-) ), and similar problems that pop up every now and then. Really, you *don't* want enforced updates. The user *must* be given a choice whether to accept or not accept any individual package update, including security updates. HTH, :-) Marko -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
