[clamav-users] We STILL cannot reliably get virus updates (since new mirrors)

Brian Morrison bdm at fenrir.org.uk
Mon Jul 2 13:45:15 EDT 2018


On Mon, 2 Jul 2018 19:17:32 +0200
Reindl Harald wrote:

> Am 02.07.2018 um 19:07 schrieb Brian Morrison:
> > On Mon, 2 Jul 2018 10:26:34 +0200
> > Reindl Harald wrote:
> >   
> >> Am 02.07.2018 um 08:44 schrieb Bill Maidment:  
> >>> Maybe these are dumb questions; if so, please ignore.
> >>> But doesn't it make more sense to update all the mirrors first,
> >>> before changing the DNS? Is there some mechanism to do it that way
> >>> round?    
> >>
> >> i wonder why all the linux distributions with update mirrors don't
> >> need that DNS theatre to start with....  
> > 
> > Because the rate of updates is much less frequent, the more often
> > you need to check the higher the mirror load becomes. Much of this
> > load is telling people that there is no newer version...  
> 
> says who?

I am basing my comments on the distributed.net experience during the
mid to late 90s. At the time they used one of the first DNS-based TXT
record update mechanisms, it's broadly similar to how all of these work.
At the time this made a very big difference to the load their mirrors
were dealing with.

> 
> on a typical setup freshclam is running once or twice *daily* while a
> webserver these days can spit out the same small static txt file many
> thousands of times per seond with zero load
> 

For me freshclam runs roughly every 2 hours, so I think that the load
is an order of magnitude higher than you state. I will confess that I
don't know about the capability of web servers in this regard, but the
point that d.net made was that the DNS server would always be more
capable in this regard than a web server.

-- 

Brian



More information about the clamav-users mailing list