Official FreeBSD Binary Packages now available for pkgng

Matthew Seaman matthew at
Sat Nov 2 08:35:33 UTC 2013

On 02/11/2013 01:55, Eric van Gyzen wrote:
> This kind of proxy configuration is not uncommon.  It would be awesome
> if this would Just Work.  It would remove an impediment to adoption,
> which is especially important in the kind of environments that have this
> kind of proxy configuration.
> Simply adding the mirrors' A (and AAAA) records to might
> suffice.

You seem hung up on the idea that should resolve to a
list of IP addresses.  It doesn't and for very good reasons.
Admittedly, using eg. 'http://' as the URL scheme for PACKAGESITE URLs
was an error -- it contravenes RFC 2616 -- which is why we will be
switching to a new 'pkg+http://' (or 'pkg+https://', 'pkg+ftp://', etc.)
set of URL schemes with pkg-1.2.x

There certainly are all of the necessary A and AAAA records in the DNS
for the real servers that host the repositories.

If I understand what you're complaining about is that you see behavious
like the following:

   * You download package foo-1.2.3.txz from

   * Internally, that gets resolved to an HTTP request to eg.

   * Your web proxy caches this package

   * On another host, you also want to download foo-1.2.3.txz

   * This time the SRV record gets resolved to a different mirror,

   * Your proxy has no way of knowing that foo-1.2.3.txz from pkg1.nyi
     is exactly the same file as foo-1.2.3.txz from pkg0.isc so it
     downloads the whole package all over again.

Yes, this is certainly undesirable behaviour.  I need to run some tests
to determine if this is actually what does happen in practice.  If so,
I've an idea about how this problem might be addressed, but it will
require some changes to the repository configuration.

In the mean time, I suggest just choosing which ever of the repositories is closest to you and using it directly -- eg.

cat <<EOF > /usr/local/etc/pkg/repos/myrepo.conf
pkg0.isc {
    enabled: yes
    mirror_type: none

Obviously, substitute which ever one of   (US West)   (US East)   (Europe)

is appropriate.  And be prepared to deal with that specific mirror being
down or replaced by some other server.

> Alternatively, running an HTTP-redirection service on a host named
> would offer as much flexibility as the SRV records, if
> not more.  However, it would require maintenance of yet another central
> service.

This is already supported in pkg when using the HTTP mirror type.  This
would entail significantly more administrative effort and hardware
requirement to maintain and keep consistent in the specific case of  which is exactly why the SRV mirror type was selected.



Dr Matthew J Seaman MA, D.Phil.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1036 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the freebsd-current mailing list