On Sun, Jul 25, 2010 at 6:19 AM, Carlos E. R. email@example.com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
How about someone making a daemon that shares via some p2p protocol the /var/cache/zypp/packages/* contents amongst all local networked computers, so that what one downloads from outside can be reused by any other opensuse computer in the same network, automatically?
Don't look at me, I have no idea how to do that ;-)
Ignoring lots of back and forth and acknolowging I don't know what sort of loads the official repo servers currently see:
I agree with Carlos because:
Zypper dup / yast2 wagon have made the online upgrade method almost painless, certainly easier than upgrading via DVD.
But I suspect there are a lot of users like myself. At my office I have 15 or 20 opensuse installations. Currently only 2 have been upgraded to 11.3, both without using the DVD.
But in order to cut down on load on the mirrors, as well as my Internet connection this very weekend I'm downloading the 11.3 DVD(s) so I can start upgrading the remaining machines.
If I could have simply (and I mean simply as in via YaST) have designated one of my upgraded machines as a repo forwarder, I could have skipped the DVD download.
I envision it working similar to DNS. You request a package from the designated repo machine. If it doesn't have it, then it requests it from a bigger repo, etc.
If a tiered approach like that could be setup, then even more major download sites could share the load just as DNS load is heavily distributed.
It's not peer to peer as Carlos described, but it is a big step forward and as zypper dup gets more and more popular it seems to be a solution that is needed, as opposed to just a nice to have.
As to staleness or malware issues, I think as Carlos proposed that key metadata such as MD5 should come only from the official repos, but the packages themselves could come from anywhere as long as the md5 matches.
fyi: Their are no known cases of malware being created in such a way as to have the file have a predetermined md5. It is theoretically possible, but no one has done it yet. But if a solution like porposed above is pursued, possibly a more robust signature than md5 should be used. ie. SHA-1 or SHA-256.