1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
|
<?xml version="1.0" encoding="big5"?>
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
"../../../share/xml/freebsd45.dtd">
<!-- $FreeBSD$ -->
<!-- The FreeBSD Documentation Project -->
<!-- Mirroring FreeBSD -->
<!-- Translate into Chinese by chinsan.tw@gmail.com -->
<!-- English Version: 1.62 -->
<article lang='zh_tw'>
<articleinfo>
<title>Mirroring FreeBSD</title>
<authorgroup>
<author>
<firstname>Jun</firstname>
<surname>Kuriyama</surname>
<affiliation>
<address><email>kuriyama@FreeBSD.org</email></address>
</affiliation>
</author>
<author>
<firstname>Valentino</firstname>
<surname>Vaschetto</surname>
<affiliation>
<address><email>logo@FreeBSD.org</email></address>
</affiliation>
</author>
<author>
<firstname>Daniel</firstname>
<surname>Lang</surname>
<affiliation>
<address><email>dl@leo.org</email></address>
</affiliation>
</author>
<author>
<firstname>Ken</firstname>
<surname>Smith</surname>
<affiliation>
<address><email>kensmith@FreeBSD.org</email></address>
</affiliation>
</author>
</authorgroup>
<legalnotice id="trademarks" role="trademarks">
&tm-attrib.freebsd;
&tm-attrib.cvsup;
&tm-attrib.general;
</legalnotice>
<pubdate>$FreeBSD$</pubdate>
<releaseinfo>$FreeBSD$</releaseinfo>
<abstract>
<para>³o¬O¥÷ÁÙ¦b¯ó½Z¤¤ªº¤å³¹¡A¥Dn¬O(¤×¨ä¬Oµ¹¦U°Ïºô¤¤¤ßºÞ²zªÌªº°Ñ¦Ò)¤¶²Ð¦p¦ó mirror FreeBSD¡C</para>
</abstract>
</articleinfo>
<sect1 id="mirror-contact">
<title>Ápô¤è¦¡</title>
<para>Yn§ä¾ãÓ Mirror ¾÷¨îªº¨ó½ÕªÌ¡A¥i¥H email ¨ì <email>mirror-admin@FreeBSD.org</email>¡C¦¹¥~¡A³o¸Ì¤]¦³¥÷
&a.hubs;¡C</para>
</sect1>
<sect1 id="mirror-requirements">
<title>¦¨¬° FreeBSD mirrors ªº¥²³Æ±ø¥ó</title>
<sect2 id="mirror-diskspace">
<title>µwºÐªÅ¶¡</title>
<para>
µwºÐªÅ¶¡¬O³Ì«nªº¥²³Æ±ø¥ó¤§¤@¡C
Depending on the set of releases, architectures,
and degree of completeness you want to mirror, a huge
amount of disk space may be consumed. Also keep in mind
that <emphasis>official</emphasis> mirrors are probably required to be
complete. The CVS repository and the web pages should
always be mirrored completely. Also note that the
numbers stated here are reflecting the current
state (at &rel2.current;-RELEASE/&rel.current;-RELEASE). Further development and
releases will only increase the required amount.
Also make sure to keep some (ca. 10-20%) extra space
around just to be sure.
Here are some approximate figures:
</para>
<itemizedlist>
<listitem><para>§¹¾ã FTP Distribution: 126 GB</para></listitem>
<listitem><para>CVS repository: 2.7 GB</para></listitem>
<listitem><para>CTM deltas: 1.8 GB</para></listitem>
<listitem><para>Web pages: 300 MB</para></listitem>
</itemizedlist>
</sect2>
<sect2 id="mirror-bandwidth">
<title>ºô¸ôÀW¼e</title>
<para>
·íµM¡A§A¤@©wn¯à³s¤W Internet¡C
ÀW¼e»Ý¨D¦h¤Ö¡A³on¬Ý§A©Ò·Qnªº mirror µ{«×¦Ó©w¡C
Y¥u·Qn mirror ¤@³¡¥÷ªº FreeBSD ÀÉ®×¥H§@¬°ºô¯¸©Î intranet ªº§½³¡¥Î³~¡A
¨º»òÀW¼e»Ý¨D·|©úÅã¤ñ¦¨¬°¤½¦@ªA°È¥Î³~ªº¤p¤@¨Ç¡C
Y·Q¦¨¬° official mirror ¤§¤@ªº¸Ü¡A¨º»òÀW¼e´N¶Õ¥²±o¼W¥[¤~°÷¥Î¡C¥H¤U¡A§Ú̶ȦC¥X¤@¨Ç¦ôpÈ¥H°µ¬°°Ñ¦Ò¡G
</para>
<itemizedlist>
<listitem><para>Local site, no public access: basically no minimum,
but < 2 Mbps could make syncing too slow.</para></listitem>
<listitem><para>Unofficial public site: 34 Mbps is probably a good start.</para></listitem>
<listitem><para>Official site: > 100 Mbps is recommended, and your host
should be connected as close as possible to your border router.</para></listitem>
</itemizedlist>
</sect2>
<sect2 id="mirror-system">
<title>¨t²Î»Ý¨D¡BCPU¡BRAM</title>
<para>
One thing this depends on the expected number of clients,
which is determined by the server's policy. It is
also affected by the types of services you want to offer.
Plain FTP or HTTP services may not require a huge
amount of resources. Watch out if you provide
CVSup, rsync or even AnonCVS. This can have a huge
impact on CPU and memory requirements. Especially
rsync is considered a memory hog, and CVSup does
indeed consume some CPU. For AnonCVS it might
be a nice idea to set up a memory resident file system (MFS) of at least
300 MB, so you need to take this into account
for your memory requirements. The following
are just examples to give you a very rough hint.
</para>
<para>
For a moderately visited site that offers
<application>Rsync</application>, you might
consider a current CPU with around 800MHz - 1 GHz,
and at least 512MB RAM. This is probably the
minimum you want for an <emphasis>official</emphasis>
site.
</para>
<para>
For a frequently used site you definitely need
more RAM (consider 2GB as a good start)
and possibly more CPU, which could also mean
that you need to go for a SMP system.
</para>
<para>
You also want to consider a fast disk subsystem.
Operations on the CVS repository require a fast
disk subsystem (RAID is highly advised). A SCSI
controller that has a cache of its own can also
speed up things since most of these services incur a
large number of small modifications to the disk.
</para>
</sect2>
<sect2 id="mirror-services">
<title>Services to offer</title>
<para>
Every mirror site is required to have a set of core services
available. In addition to these required services, there are
a number of optional services that
server administrators may choose to offer. This section explains
which services you can provide and how to go about implementing them.
</para>
<sect3 id="mirror-serv-ftp">
<title>FTP (required for FTP fileset)</title>
<para>
This is one of the most basic services, and
it is required for each mirror offering public
FTP distributions. FTP access must be
anonymous, and no upload/download ratios
are allowed (a ridiculous thing anyway).
Upload capability is not required (and <emphasis>must</emphasis>
never be allowed for the FreeBSD file space).
Also the FreeBSD archive should be available under
the path <filename>/pub/FreeBSD</filename>.
</para>
<para>
There is a lot of software available which
can be set up to allow anonymous FTP
(in alphabetical order).
<itemizedlist>
<listitem><para><command>/usr/libexec/ftpd</command>: FreeBSD's own ftpd
can be used. Be sure to read &man.ftpd.8;.</para>
</listitem>
<listitem>
<para><filename role="package">ftp/ncftpd</filename>: A commercial package,
free for educational use.</para>
</listitem>
<listitem>
<para><filename role="package">ftp/oftpd</filename>: An ftpd designed with
security as a main focus.</para>
</listitem>
<listitem>
<para><filename role="package">ftp/proftpd</filename>: A modular and very flexible ftpd.</para>
</listitem>
<listitem>
<para><filename role="package">ftp/pure-ftpd</filename>: Another ftpd developed with
security in mind.</para>
</listitem>
<listitem><para><filename role="package">ftp/twoftpd</filename>: As above.</para></listitem>
<listitem><para><filename role="package">ftp/vsftpd</filename>: The <quote>very secure</quote> ftpd.</para></listitem>
<listitem>
<para><filename role="package">ftp/wu-ftpd</filename>: The ftpd from Washington
University. It has become infamous, because of the huge
amount of security issues that have been found in it.
If you do choose to use this software be sure to
keep it up to date.
</para>
</listitem>
</itemizedlist>
FreeBSD's <application>ftpd</application>, <application>proftpd</application>,
<application>wu-ftpd</application> and maybe <application>ncftpd</application>
are among the most commonly used FTPds.
The others do not have a large userbase among mirror sites. One
thing to consider is that you may need flexibility in limiting
how many simultaneous connections are allowed, thus limiting how
much network bandwidth and system resources are consumed.
</para>
</sect3>
<sect3 id="mirror-serv-rsync">
<title>Rsync (optional for FTP fileset)</title>
<para>
<application>Rsync</application> is often offered for access to the
contents of the FTP area of FreeBSD, so other mirror sites can use your system as their source. The
protocol is different from FTP in many ways.
It is much more
bandwidth friendly, as only differences between files
are transferred instead of whole files when they change.
<application>Rsync</application> does require a significant amount of memory for
each instance. The size depends on the size of
the synced module in terms of the number of directories and
files. <application>Rsync</application> can use <command>rsh</command> and
<command>ssh</command> (now default) as a transport,
or use its own protocol for stand-alone access
(this is the preferred method for public rsync servers).
Authentication, connection limits, and other restrictions
may be applied. There is just one software package
available:
<itemizedlist>
<listitem><para><filename role="package">net/rsync</filename></para></listitem>
</itemizedlist>
</para>
</sect3>
<sect3 id="mirror-serv-http">
<title>HTTP (required for web pages, optional for FTP fileset)</title>
<para>
If you want to offer the FreeBSD web pages, you will need
to install a web server.
You may optionally offer the FTP fileset via HTTP.
The choice of web server software is left up to the mirror administrator.
Some of the most popular choices are:
<itemizedlist>
<listitem>
<para><filename role="package">www/apache13</filename>:
<application>Apache</application> is the most widely
deployed web server on the Internet. It is used
extensively by the FreeBSD Project. You may also wish to
use the next generation of the
<application>Apache</application> web server, available
in the ports collection as <filename
role="package">www/apache22</filename>.</para>
</listitem>
<listitem>
<para><filename role="package">www/thttpd</filename>:
If you are going to be serving a large amount of static content
you may find that using an application such as thttpd is more
efficient than <application>Apache</application>. It is
optimized for excellent performance on FreeBSD.</para>
</listitem>
<listitem>
<para><filename role="package">www/boa</filename>:
<application>Boa</application> is another alternative to
<application>thttpd</application> and
<application>Apache</application>. It should provide
considerably better performance than
<application>Apache</application> for purely static
content. It does not, at the time of this writing,
contain the same set of optimizations for FreeBSD that
are found in <application>thttpd</application>.</para>
</listitem>
</itemizedlist>
</para>
</sect3>
<sect3 id="mirror-serv-cvsup">
<title>CVSup (desired for CVS repository)</title>
<para>
<application>CVSup</application> is a very efficient way of distributing files.
It works similar to <application>rsync</application>, but was specially designed for
use with CVS repositories. If you want to offer the
FreeBSD CVS repository, you really want to consider
offering it via <application>CVSup</application>. It is possible to offer
the CVS repository via <application>AnonCVS</application>, FTP,
<application>rsync</application> or HTTP, but
people would benefit much more from <application>CVSup</application> access.
<application>CVSup</application> was developed by &a.jdp;.
It is a bit tricky to install on non-FreeBSD platforms,
since it is written in Modula-3 and therefore requires
a Modula-3 environment. John Polstra has built a
stripped down version of M3 that is sufficient to
run <application>CVSup</application>, and can be installed much easier.
See <ulink url="http://www.polstra.com/projects/freeware/ezm3/">Ezm3</ulink>
for details. Related ports are:
<itemizedlist>
<listitem>
<para><filename role="package">net/cvsup</filename>: The native CVSup port (client and server)
which requires <filename role="package">lang/ezm3</filename> now.</para>
</listitem>
<listitem>
<para><filename role="package">net/cvsup-mirror</filename>: The CVSup mirror kit, which requires
<filename role="package">net/cvsup-without-gui</filename>, and configures it mirror-ready. Some
site administrators may want a different setup though.
</para>
</listitem>
</itemizedlist>
There are a few more like
<filename role="package">net/cvsup-without-gui</filename> you might want to have
a look at. If you prefer a static binary package, take a look
<ulink url="http://people.FreeBSD.org/~jdp/s1g/">here</ulink>.
This page still refers to the S1G bug that was present
in <application>CVSup</application>. Maybe
John will set up a generic download-site to get
static binaries for various platforms.
</para>
<para>
It is possible to use <application>CVSup</application> to offer
any kind of fileset, not just CVS repositories,
but configuration can be complex.
<application>CVSup</application> is known to eat some CPU on both the server and the
client, since it needs to compare lots of files.
</para>
</sect3>
<sect3 id="mirror-anoncvs">
<title>AnonCVS (optional for CVS repository)</title>
<para>
If you have the CVS repository, you may want to offer
anonymous CVS access. A short warning first:
There is not much demand for it,
it requires some experience, and you need to know
what you are doing.
</para>
<para>
Generally there are two ways
to access a CVS repository remotely: via
<emphasis>pserver</emphasis> or via <command>ssh</command>
(we do not consider <command>rsh</command>).
For anonymous access, <emphasis>pserver</emphasis> is
very well suited, but some still offer <command>ssh</command>
access as well. There is a custom crafted
<ulink url="ftp://ftp.FreeBSD.org/pub/FreeBSD/development/FreeBSD-CVS/anoncvs.shar">wrapper</ulink>
in the CVS repository, to be used as a login-shell for the
anonymous ssh account. It does a chroot, and therefore
requires the CVS repository to be available under the
anonymous user's home-directory. This may not be possible
for all sites. If you just offer <emphasis>pserver</emphasis>
this restriction does not apply, but you may run with
more security risks. You do not need to install any special
software, since &man.cvs.1; comes with
FreeBSD. You need to enable access via <command>inetd</command>,
so add an entry into your <filename>/etc/inetd.conf</filename>
like this:
<programlisting>
cvspserver stream tcp nowait root /usr/bin/cvs cvs -f -l -R -T /anoncvstmp --allow-root=/home/ncvs pserver
</programlisting>
See the manpage for details of the options. Also see the CVS <emphasis>info</emphasis>
page about additional ways to make sure access is read-only.
It is advised that you create an unprivileged account,
preferably called <username>anoncvs</username>.
Also you need to create a file <filename>passwd</filename>
in your <filename>/home/ncvs/CVSROOT</filename> and assign a
CVS password (empty or <literal>anoncvs</literal>) to that user.
The directory <filename>/anoncvstmp</filename> is a special
purpose memory based file system. It is not required but
advised since &man.cvs.1; creates a shadow directory
structure in your <filename>/tmp</filename> which is
not used after the operation but slows things
dramatically if real disk operations are required.
Here is an excerpt from <filename>/etc/fstab</filename>,
how to set up such a MFS:
<programlisting>
/dev/da0s1b /anoncvstmp mfs rw,-s=786432,-b=4096,-f=512,-i=560,-c=3,-m=0,nosuid,nodev 0 0
</programlisting>
This is (of course) tuned a lot, and was suggested by &a.jdp;.
</para>
</sect3>
</sect2>
</sect1>
<sect1 id="mirror-howto">
<title>How to Mirror FreeBSD</title>
<para>
Ok, now you know the requirements and how to offer
the services, but not how to get it. :-)
This section explains how to actually mirror
the various parts of FreeBSD, what tools to use,
and where to mirror from.
</para>
<sect2 id="mirror-ftp">
<title>FTP</title>
<para>
The FTP area is the largest amount of data that
needs to be mirrored. It includes the <emphasis>distribution
sets</emphasis> required for network installation, the
<emphasis>branches</emphasis> which are actually snapshots
of checked-out source trees, the <emphasis>ISO Images</emphasis>
to write CD-ROMs with the installation distribution,
a live file system, lots of packages, the ports tree,
distfiles, and a huge amount of packages. All of course
for various FreeBSD versions,
and various architectures.
</para>
<sect3 id="mirror-ftp-ftp">
<title>With FTP mirror</title>
<para>
You can use a <application>FTP mirror</application>
program to get the files. Some of the most commonly used are:
<itemizedlist>
<listitem><para><filename role="package">ftp/mirror</filename></para></listitem>
<listitem><para><filename role="package">ftp/ftpmirror</filename></para></listitem>
<listitem><para><filename role="package">ftp/emirror</filename></para></listitem>
<listitem><para><filename role="package">ftp/spegla</filename></para></listitem>
<listitem><para><filename role="package">ftp/omi</filename></para></listitem>
<listitem><para><filename role="package">ftp/wget</filename></para></listitem>
</itemizedlist>
<filename role="package">ftp/mirror</filename> was very popular, but seemed
to have some drawbacks, as it is written in &man.perl.1;,
and had real problems with mirroring large
directories like a FreeBSD site. There are rumors that
the current version has fixed this by allowing
a different algorithm for comparing
the directory structure to be specified.
</para>
<para>
In general FTP is not really good for mirroring. It transfers
the whole file if it has changed, and does
not create a single data stream which would benefit from
a large TCP congestion window.
</para>
</sect3>
<sect3 id="mirror-ftp-rsync">
<title>With rsync</title>
<para>
A better way to mirror the FTP area is <application>rsync</application>.
You can install the port <filename role="package">net/rsync</filename> and then use
rsync to sync with your upstream host.
<application>rsync</application> is already mentioned
in <xref linkend="mirror-serv-rsync"/>.
Since <application>rsync</application> access is not
required, your preferred upstream site may not allow it.
You may need to hunt around a little bit to find a site
that allows <application>rsync</application> access.
<note>
<para>
Since the number of <application>rsync</application>
clients will have a significant impact on the server
machine, most admins impose limitations on their
server. For a mirror, you should ask the site maintainer
you are syncing from about their policy, and maybe
an exception for your host (since you are a mirror).
</para>
</note>
A command line to mirror FreeBSD might look like:
<screen>&prompt.user; <userinput>rsync -vaz --delete ftp4.de.FreeBSD.org::FreeBSD/ /pub/FreeBSD/</userinput>
</screen>
Consult the documentation for <application>rsync</application>,
which is also available at
<ulink url="http://rsync.samba.org/">http://rsync.samba.org/</ulink>,
about the various options to be used with rsync.
If you sync the whole module (unlike subdirectories),
be aware that the module-directory (here "FreeBSD")
will not be created, so you cannot omit the target directory.
Also you might
want to set up a script framework that calls such a command
via &man.cron.8;.
</para>
</sect3>
<sect3 id="mirror-ftp-cvsup">
<title>With CVSup</title>
<para>
A few sites, including the one-and-only <hostid role="fqdn">ftp-master.FreeBSD.org</hostid>
even offer <application>CVSup</application> to mirror the contents of
the FTP space. You need to install a <application>CVSup</application>
client, preferably from the port <filename role="package">net/cvsup</filename>.
(Also reread <xref linkend="mirror-serv-cvsup"/>.)
A sample <filename>supfile</filename> suitable for <hostid role="fqdn">ftp-master.FreeBSD.org</hostid>
looks like this:
<programlisting>
#
# FreeBSD archive supfile from master server
#
*default host=ftp-master.FreeBSD.org
*default base=/usr
*default prefix=/pub
#*default release=all
*default delete use-rel-suffix
*default umask=002
# If your network link is a T1 or faster, comment out the following line.
#*default compress
FreeBSD-archive release=all preserve
</programlisting>
It seems <application>CVSup</application> would be the best
way to mirror the archive in terms of efficiency, but
it is only available from few sites.
<note id="mirror-cvsup-s-option">
<para>
Please have look at the <application>CVSup</application> documentation
like &man.cvsup.1; and consider using the <option>-s</option>
option. This reduces I/O operations by assuming the
recorded information about each file is correct.</para>
</note>
</para>
</sect3>
</sect2>
<sect2 id="mirror-cvs">
<title>Mirroring the CVS repository</title>
<para>There are various ways to mirror the CVS repository.
<application>CVSup</application> is the most common method.</para>
<sect3 id="mirror-cvs-cvsup">
<title>Using CVSup</title>
<para>
<application>CVSup</application> is described in some
detail in <xref linkend="mirror-serv-cvsup"/> and <xref linkend="mirror-ftp-cvsup"/>.
</para>
<para>It is very easy to setup a
<application>CVSup</application> mirror. Installing
<filename role="package">net/cvsup-mirror</filename> will
make sure all of the needed programs are installed and then
gather all the needed information to configure the mirror.</para>
<note>
<para>
Please do not forget to consider the hint
mentioned in <link linkend="mirror-cvsup-s-option">this note</link>
above.
</para>
</note>
</sect3>
<sect3 id="mirror-cvs-other">
<title>Using other methods</title>
<para>
Using other methods than <application>CVSup</application> is
generally not recommended. We describe them in short here
anyway. Since most sites offer the CVS repository as
part of the FTP fileset under the path
<filename>/pub/FreeBSD/development/FreeBSD-CVS</filename>,
the following methods could be used.
<itemizedlist>
<listitem><para><application>FTP</application></para></listitem>
<listitem><para><application>Rsync</application></para></listitem>
<listitem><para><application>HTTP</application></para></listitem>
</itemizedlist>
<important>
<para>AnonCVS cannot be used to mirror the CVS repository
since CVS does not allow you to access the repository
itself, only checked out versions of the modules.</para>
</important>
</para>
</sect3>
</sect2>
<sect2 id="mirror-www">
<title>Mirroring the WWW pages</title>
<para>
The best way is to check out the <emphasis>www</emphasis>
distribution from CVS. If you have a local mirror of the
CVS repository, it is as easy as:
<screen>&prompt.user; <userinput>cvs -d /home/ncvs co www</userinput></screen>
and a <emphasis>cronjob</emphasis>, that calls <command>cvs up -d -P</command>
on a regular basis, maybe just after your repository was updated.
Of course, the files need to remain in a directory available
for public WWW access. The installation and configuration of a
web server is not discussed here.
</para>
<para>
If you do not have a local repository, you can use
<application>CVSup</application> to maintain an <quote>up to date copy</quote>
of the www pages. A sample supfile can be found in
<filename>/usr/share/examples/cvsup/www-supfile</filename> and
could look like this:
<programlisting>
#
# WWW module supfile for FreeBSD
#
*default host=cvsup3.de.FreeBSD.org
*default base=/usr
*default prefix=/usr/local
*default release=cvs tag=.
*default delete use-rel-suffix
# If your network link is a T1 or faster, comment out the following line.
*default compress
# This collection retrieves the www/ tree of the FreeBSD repository
www
</programlisting>
</para>
<para>
Using <filename role="package">ftp/wget</filename> or other web-mirror tools is
not recommended.
</para>
<sect3 id="mirror-www-doc">
<title>Mirroring the FreeBSD documentation</title>
<para>
Since the documentation is referenced a lot from the
web pages, it is recommended that you mirror the
FreeBSD documentation as well. However, this is not
as trivial as the www-pages alone.
</para>
<para>
First of all, you should get the doc sources,
again preferably via <application>CVSup</application>.
Here is a corresponding sample supfile:
<programlisting>
#
# FreeBSD documentation supfile
#
*default host=cvsup3.de.FreeBSD.org
*default base=/usr
*default prefix=/usr/share
*default release=cvs tag=.
*default delete use-rel-suffix
# If your network link is a T1 or faster, comment out the following line.
#*default compress
# This will retrieve the entire doc branch of the FreeBSD repository.
# This includes the handbook, FAQ, and translations thereof.
doc-all
</programlisting>
</para>
<para>
Then you need to install a couple of ports.
You are lucky, there is a meta-port:
<filename role="package">textproc/docproj</filename> to do the work
for you. You need to set up some
environment variables, like
<literal>SGML_CATALOG_FILES</literal>.
Also have a look at your <filename>/etc/make.conf</filename>
(copy <filename>/usr/share/examples/etc/make.conf</filename> if
you do not have one), and look at the
<literal>DOC_LANG</literal> variable.
Now you are probably ready to run <command>make</command>
in your doc directory (<filename>/usr/share/doc</filename>
by default) and build the documentation.
Again you need to make it accessible for your web server
and make sure the links point to the right location.
<important>
<para>
The building of the documentation, as well as lots
of side issues, is documented itself in the
<ulink url="&url.books.fdp-primer;">&os; Documentation
Project Primer</ulink>.
Please read this piece of documentation, especially if you
have problems building the documentation.
</para>
</important>
</para>
</sect3>
</sect2>
<sect2 id="mirror-how-often">
<title>How often should I mirror?</title>
<para>
Every mirror should be updated on a regular
basis. You will certainly need some script
framework for it that will be called by
&man.cron.8;. Since nearly every admin
does this his own way, we cannot give
specific instructions. It could work
like this:
</para>
<procedure>
<step>
<para>
Put the command to run your mirroring application
in a script. Use of a plain <command>/bin/sh</command>
script is recommended.
</para>
</step>
<step>
<para>
Add some output redirections so diagnostic
messages are logged to a file.
</para>
</step>
<step>
<para>
Test if your script works. Check the logs.
</para>
</step>
<step>
<para>
Use &man.crontab.1; to add the script to the
appropriate user's &man.crontab.5;. This should be a
different user than what your FTP daemon runs as so that
if file permissions inside your FTP area are not
world-readable those files can not be accessed by anonymous
FTP. This is used to <quote>stage</quote> releases —
making sure all of the official mirror sites have all of the
necessary release files on release day.
</para>
</step>
</procedure>
<para>
Here are some recommended schedules:
<itemizedlist>
<listitem><para>FTP fileset: daily</para></listitem>
<listitem><para>CVS repository: hourly</para></listitem>
<listitem><para>WWW pages: daily</para></listitem>
</itemizedlist>
</para>
</sect2>
</sect1>
<sect1 id="mirror-where">
<title>Where to mirror from</title>
<para>
This is an important issue. So this section will
spend some effort to explain the backgrounds. We will say this
several times: under no circumstances should you mirror from
<hostid role="fqdn">ftp.FreeBSD.org</hostid>.
</para>
<sect2 id="mirror-where-organization">
<title>A few words about the organization</title>
<para>
Mirrors are organized by country. All
official mirrors have a DNS entry of the form
<hostid role="fqdn">ftpN.CC.FreeBSD.org</hostid>.
<emphasis>CC</emphasis> (i.e. country code) is the
<emphasis>top level domain</emphasis> (TLD)
of the country where this mirror is located.
<emphasis>N</emphasis> is a number,
telling that the host would be the <emphasis>Nth</emphasis>
mirror in that country.
(Same applies to <hostid>cvsupN.CC.FreeBSD.org</hostid>,
<hostid>wwwN.CC.FreeBSD.org</hostid>, etc.)
There are mirrors with no <emphasis>CC</emphasis> part.
These are the mirror sites that are very well connected and
allow a large number of concurrent users.
<hostid role="fqdn">ftp.FreeBSD.org</hostid> is actually two machines, one currently
located in Denmark and the other in the United States.
It is <emphasis>NOT</emphasis> a master site and should never be
used to mirror from. Lots of online documentation leads
<quote>interactive</quote>users to
<hostid role="fqdn">ftp.FreeBSD.org</hostid> so automated mirroring
systems should find a different machine to mirror from.
</para>
<para>
Additionally there exists a hierarchy of mirrors, which
is described in terms of <emphasis>tiers</emphasis>.
The master sites are not referred to but can be
described as <emphasis>Tier-0</emphasis>. Mirrors
that mirror from these sites can be considered
<emphasis>Tier-1</emphasis>, mirrors of <emphasis>Tier-1</emphasis>-mirrors,
are <emphasis>Tier-2</emphasis>, etc.
Official sites are encouraged to be of a low <emphasis>tier</emphasis>,
but the lower the tier the higher the requirements in
terms as described in <xref linkend="mirror-requirements"/>.
Also access to low-tier-mirrors may be restricted, and
access to master sites is definitely restricted.
The <emphasis>tier</emphasis>-hierarchy is not reflected
by DNS and generally not documented anywhere except
for the master sites. However, official mirrors with low numbers
like 1-4, are usually <emphasis>Tier-1</emphasis>
(this is just a rough hint, and there is no rule).
</para>
</sect2>
<sect2 id="mirror-where-where">
<title>Ok, but where should I get the stuff now?</title>
<para>
Under no circumstances should you mirror from <hostid
role="fqdn">ftp.FreeBSD.org</hostid>.
The short answer is: from the
site that is closest to you in Internet terms, or gives you
the fastest access.
</para>
<sect3 id="mirror-where-simple">
<title>I just want to mirror from somewhere!</title>
<para>
If you have no special intentions or
requirements, the statement in <xref linkend="mirror-where-where"/>
applies. This means:
</para>
<procedure>
<step>
<para>
Look at available mirrors in your country.
The <ulink url="http://mirrorlist.FreeBSD.org/">FreeBSD
Mirror Database</ulink> can help you with this.
</para>
</step>
<step>
<para>
Check for those which provide fastest access
(number of hops, round-trip-times)
and offer the services you intend to
use (like <application>rsync</application>
or <application>CVSup</application>).
</para>
</step>
<step>
<para>
Contact the administrators of your chosen site stating your
request, and asking about their terms and
policies.
</para>
</step>
<step>
<para>
Set up your mirror as described above.
</para>
</step>
</procedure>
</sect3>
<sect3 id="mirror-where-official">
<title>I am an official mirror, what is the right site for me?</title>
<para>
In general the description in <xref linkend="mirror-where-simple"/>
still applies. Of course you may want to put some
weight on the fact that your upstream should be of
a low tier.
There are some other considerations about <emphasis>official</emphasis>
mirrors that are described in <xref linkend="mirror-official"/>.
</para>
</sect3>
<sect3 id="mirror-where-master">
<title>I want to access the master sites!</title>
<para>
If you have good reasons and good prerequisites,
you may want and get access to one of the
master sites. Access to these sites is
generally restricted, and there are special policies
for access. If you are already an <emphasis>official</emphasis>
mirror, this certainly helps you getting access.
In any other case make sure your country really needs another mirror.
If it already has three or more, ask the <quote>zone administrator</quote> (<email>hostmaster@CC.FreeBSD.org</email>) or &a.hubs; first.</para>
<para>
Whoever helped you become, an <emphasis>official</emphasis>
should have helped you gain access to an appropriate upstream
host, either one of the master sites or a suitable Tier-1
site. If not, you can send email to
<email>mirror-admin@FreeBSD.org</email> to request help with
that.
</para>
<para>
There are three master sites for the FTP fileset and
one for the CVS repository (the web pages and docs are
obtained from CVS, so there is no need for master).
</para>
<sect4 id="mirror-where-master-ftp">
<title>ftp-master.FreeBSD.org</title>
<para>
This is the master site for the FTP fileset.
</para>
<para>
<hostid>ftp-master.FreeBSD.org</hostid> provides
<application>rsync</application> and <application>CVSup</application>
access, in addition to FTP.
Refer to <xref linkend="mirror-ftp-rsync"/> and
<xref linkend="mirror-ftp-cvsup"/> how to access
via these protocols.
</para>
<para>
Mirrors are also encouraged to allow <application>rsync</application>
access for the FTP contents, since they are
<emphasis>Tier-1</emphasis>-mirrors.
</para>
</sect4>
<sect4 id="mirror-where-master-cvsup">
<title>cvsup-master.FreeBSD.org</title>
<para>
This is the master site for the CVS repository.
</para>
<para>
<hostid>cvsup-master.FreeBSD.org</hostid> provides
<application>CVSup</application> access only.
See <xref linkend="mirror-cvs-cvsup"/> for details.
</para>
<para>
To get access, you need to contact the &a.cvsup-master;.
Make sure you read the
<ulink url="http://people.FreeBSD.org/~jdp/cvsup-access/">FreeBSD CVSup Access Policy</ulink>
first!
</para>
<para>
Set up the required authentication by following
<ulink url="http://people.FreeBSD.org/~jdp/cvpasswd/">these
instructions</ulink>. Make sure you specify the server as
<hostid>freefall.FreeBSD.org</hostid> on the <command>cvpasswd</command>
command line, as described in this document,
even when you are contacting
<hostid>cvsup-master.FreeBSD.org</hostid>
</para>
</sect4>
</sect3>
</sect2>
</sect1>
<sect1 id="mirror-official">
<title>Official Mirrors</title>
<para>
Official mirrors ¯¸¬°¨ã¦³¤U¦C±ø¥óªº mirror ¯¸
<itemizedlist>
<listitem>
<para>
a) ¦³ <hostid>FreeBSD.org</hostid> DNS entry
(³q±`¬° CNAME ¬ö¿ý)¡C
</para>
</listitem>
<listitem>
<para>
b) ³Q FreeBSD ¤å¥ó¦C¬° offical mirror ¯¸(¹³¬O handbook)¡C
</para>
</listitem>
</itemizedlist>
°£¤F¥H¤Wz¤è¦¡¨Ó¤À¿ë¬O§_¬° official mirrors ¯¸¤§¥~¡A
Official mirrors ¯¸¤£¤@©w±o¬° <emphasis>Tier-1</emphasis>-mirrors ¯¸¡C
µM¦Ó¡A¥un¬O <emphasis>Tier-1</emphasis>-mirror ¯¸ªº¸Ü¡A´N¤@©w·|¬O
official mirrors ¯¸¡C
</para>
<sect2 id="mirror-official-requirements">
<title>Special Requirements for official (tier-1) mirrors</title>
<para>
It is not so easy to state requirements for all
official mirrors, since the project is sort of
tolerant here. It is more easy to say,
what <emphasis>official tier-1 mirrors</emphasis>
are required to. All other official mirrors
can consider this a big <emphasis>should</emphasis>.
<note>
<para>
The following applies mainly to the FTP fileset,
since a CVS repository should always be mirrored
completely, and the web pages are a case of
its own.
</para>
</note>
</para>
<para>
Tier-1 mirrors are required to:
<itemizedlist>
<listitem><para>carry the complete fileset</para></listitem>
<listitem><para>allow access to other mirror sites</para></listitem>
<listitem><para>provide <application>FTP</application> and
<application>rsync</application> access</para></listitem>
</itemizedlist>
Furthermore, admins should be subscribed to the &a.hubs;.
See <ulink url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL">this link</ulink> for details, how to subscribe.
</para>
<important>
<para>It is <emphasis>very</emphasis> important for a hub administrator, especially
Tier-1 hub admins, to check the
<ulink url="http://www.FreeBSD.org/releng/">release schedule</ulink>
for the next FreeBSD release. This is important because it will tell you when the
next release is scheduled
to come out, and thus giving you time to prepare for the big spike of traffic which follows it.
</para>
<para>
It is also important that hub administrators try to keep their mirrors as up-to-date as
possible (again, even more crucial for Tier-1 mirrors). If Mirror1 does not update for a
while, lower tier mirrors will begin to mirror old data from Mirror1 and thus begins
a downward spiral... Keep your mirrors up to date!
</para>
</important>
</sect2>
<sect2 id="mirror-official-become">
<title>How to become official then?</title>
<para>
An interesting question, especially, since the state
of being official comes with some benefits, like a much
higher bill from your ISP as more people will be using
your site. Also it may be a key requirement to get access
to a master site.
</para>
<para>
Before applying, please consider (again) if
another official mirror is really needed for
your region. Check first with your zone administrator (<email>hostmaster@CC.FreeBSD.org</email>) or, if that fails, ask on the &a.hubs;.
</para>
<para>Ok, here is how to do it:</para>
<procedure>
<step>
<para>
Get the mirror running in first place (maybe not
using a master site, yet).
</para>
</step>
<step>
<para>
<ulink url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/eresources.html#ERESOURCES-MAIL">Subscribe</ulink> to the &a.hubs;.
</para>
</step>
<step>
<para>
If everything works so far, contact the DNS administrator responsible
for your region/country, and ask for a DNS entry for your
site. The admin should able to be contacted via
<email>hostmaster@CC.FreeBSD.org</email>, where
<emphasis>CC</emphasis> is your country code/TLD.
Your DNS entry will be as described
in <xref linkend="mirror-where-organization"/>.
</para>
<para>
If there is no subdomain set up for your
country yet, you should contact
<email>mirror-admin@FreeBSD.org</email>,
or you can try the &a.hubs; first.
</para>
</step>
<step>
<para>
Whoever helps you get an official name should send email
to <email>mirror-admin@FreeBSD.org</email> so your site will be
added to the mirror list in the
<ulink url="http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook">FreeBSD
Handbook</ulink>.
</para>
</step>
</procedure>
<para>That is it.</para>
</sect2>
</sect1>
<sect1 id="mirror-statpages">
<title>Some statistics from mirror sites</title>
<para>
Here are links to the stat pages of your favorite mirrors
(a.k.a. the only ones who feel like providing stats).
</para>
<sect2 id="mirror-statpagesftp">
<title>FTP site statistics</title>
<itemizedlist>
<listitem>
<para>ftp.is.FreeBSD.org - <email>hostmaster@is.FreeBSD.org</email> -
<ulink url="http://www.rhnet.is/status/draupnir/draupnir.html">
(Bandwidth)</ulink> <ulink url="http://www.rhnet.is/status/ftp/ftp-notendur.html">(FTP
processes)</ulink> <ulink url="http://www.rhnet.is/status/ftp/http-notendur.html">(HTTP processes)
</ulink>
</para>
</listitem>
<listitem>
<para>ftp.cz.FreeBSD.org - <email>cejkar@fit.vutbr.cz</email> -
<ulink url="http://www.cz.FreeBSD.org/stats/mrtg/net.html">(Bandwidth)</ulink>
<ulink url="http://www.freebsd.cz/stats/mrtg/ftpd.html">(FTP processes)</ulink>
<ulink url="http://www.freebsd.cz/stats/mrtg/rsyncd.html">(rsync processes)</ulink>
</para>
</listitem>
<listitem>
<para>ftp2.ru.FreeBSD.org - <email>mirror@macomnet.ru</email> -
<ulink url="http://mirror.macomnet.net/mrtg/mirror.macomnet.net_195.128.64.25.html">(Bandwidth)</ulink>
<ulink url="http://mirror.macomnet.net/mrtg/mirror.macomnet.net_proc.html">(HTTP and FTP users)</ulink>
</para>
</listitem>
</itemizedlist>
</sect2>
<sect2 id="mirror-statpagescvsup">
<title>CVSup site stats</title>
<itemizedlist>
<listitem>
<para>cvsup[23456].jp.FreeBSD.org - <email>kuriyama@FreeBSD.org</email> - <ulink
url="http://home.jp.FreeBSD.org/stats/mrtg/cvsup/">(CVSup processes)</ulink></para>
</listitem>
<listitem>
<para>cvsup.cz.FreeBSD.org - <email>cejkar@fit.vutbr.cz</email> -
<ulink url="http://www.freebsd.cz/stats/mrtg/cvsupd.html">(CVSup processes)</ulink></para>
</listitem>
</itemizedlist>
</sect2>
</sect1>
</article>
|