1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
<table id=results>
<tr>
<th></th>
<th class="TTitem">
<div class="hoverWrapper0">
FTP
<div id="hoverShow0">
<h1>FTP tests</h1>
<p>The FTP tests have not been written yet.</p>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
HTTP
<div id="hoverShow0">
<h1>HTTP tests</h1>
<p>There are two styles of HTTP tests - actual HTTP downloads and HTTP HEAD tests.
Actual downloads happen when other tests need the files to be downloaded.
HEAD tests are where apt-panopticon probes things in detail.
For each mirror (including the DNS round robin domain), and for each IP of that mirror -
</p>
<ul>
<li>Chose a small collection of package files to test, and the Release files for each release.</li>
<li>Send a HTTP HEAD request for each of those files.</li>
<li>Carefully inspect and log the response.</li>
<li>Retry the request if needed, and log that.</li>
<li>If the mirror replies with a redirect to the same mirror, then try that and keep checking.</li>
<li>If the mirror replies with a redirect to a different server, then probe that mirror the same way.</li>
<li>If a redirect loop is detected, log that and give up.</li>
</ul>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
HTTPS
<div id="hoverShow0">
<h1>HTTPS tests</h1>
<p>The HTTPS tests are very similar to the HTTP tests detailed above, though obviously they are tried with HTTPS requests instead of HTTP requests.
The validity of the HTTPS certificate for each server is tested as well.
</p>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
RSYNC
<div id="hoverShow0">
<h1>RSYNC tests</h1>
<p>The RSYNC tests have not been written yet.</p>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
DNS round robin
<div id="hoverShow0">
<h1>DNS round robin</h1>
<p>The "DNS round robin" column lists the IP addresses for each mirror that is part of the DNS round robin, or DNS-RR.
The IPs are linked to the log for that specific IP when used via the DNS round robin, and is followed by the number of ERRORs, WARNINGs, or TIMEOUTs if any.
</p>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
Protocol
<div id="hoverShow0">
<h1>Protocol tests</h1>
<p>The Protocol test will give a WARNING if the protocol is changed during a redirect, HTTP -> HTTPS for example.
While apt HTTPS transport is now the default in Beowulf / Buster, not everyone with an older release will have that installed,
so redirecting HTTP to HTTPS will break apt for those people.
An ERROR is given instead if that happens for mirrors in the DNS round robin.
Servers in the DNS round robin will not have the HTTPS certificate for the round robin domain, so redirecting to HTTPS for that is an ERROR.
</p>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
Redirects
<div id="hoverShow0">
<h1>Redirect tests</h1>
<p>Mirrors that redirect /DEVUAN/ back out to deb.devuan.org is an ERROR.
/DEBIAN-SECURITY/ packages must be redirected to a Debian mirror, specifically a mirror hosting Debian security updates.
However, some Devuan mirrors might also be Debian mirrors, so this is just a WARNING.
</p>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
URL sanity
<div id="hoverShow0">
<h1>URL sanity tests</h1>
<p>The URL sanity test replaces "/" in URLS with "///", to see if the mirror can cope with that.
This might happen due to a minor mis-configuration by the apt user, but decent web servers should cope with that.
The result for a mirror that does not cope is a failed download for that user, so this is an ERROR.
We care about this coz apt has had multiple bugs in the past where they might let URLs like that slip through.
</p>
</div>
</div>
</th>
<th class="TTitem">
<div class="hoverWrapper0">
Integrity
<div id="hoverShow0">
<h1>Integrity tests</h1>
<p>Actually download files, then check things like PGP keys, SHA256 check sums, and file size.
For packages, pick the smallest one that has been recently updated.
</p>
</div>
</div>
</th>
<th class="TTitem" colspan='2'>
<div class="hoverWrapper0">
Updated
<div id="hoverShow0">
<h1>Updated tests</h1>
<p>Make sure the Release files are up to date by checking their internal "Date" field.
If they are up to date, download and check updated Packages.xz files, and actual packages.
For actual packages, pick the smallest one that has been recently updated.
</p>
<p>Also shown is the mirrors scheduled time between updates, with "m" meaning minutes and "h" meaning hours.
If this is showing a WARNING, it's likely that the mirror hasn't updated yet, but is due to update after this test was run.
</p>
<p>
pkgmaster.devuan.org is the master that the other mirrors sync to, so it's untested.
</p>
</div>
</div>
</th>
<th class="TTitem" colspan='2'>
<div class="hoverWrapper0">
Speed range
<div id="hoverShow0">
<h1>Speed range</h1>
<p>The speed test tries to guess at a minimum and maximum speed range for each mirror.
It does this by measuring the reported speeds from the curl commands that actually download files.
Since apt-panopticon is trying hard to download everything from all mirrors all at the same time, this guess will be low.
Also, the computer running the apt-panopticon might have a network connection that is busy with other things.
Not to mention that obviously if the computer this is running on is one of the mirrors, it might get a wildly exaggerated speed,
not having to go through the rest of the Internet tends to help.
Finally, the tested mirror may have a bigger network connection than the computer running the test, so wont show it's true maximum.
So take this speed measurement with a grain of salt, it's more of an indication, the <a href="../apt-panopticon_cgp/index.php">full graphs</a> might be more useful.
</p>
</div>
</div>
</th>
<th class="TTitem" colspan='2'>
<div class="hoverWrapper0">
Weekly statistics
<div id="hoverShow0">
<h1>Weekly statistics</h1>
<p>This is the percentage of time, over the last week, that the mirror was up, and the percentage of time the mirror was up to date.
Note that if the mirror has a low uptime, then there wasn't much chance to check if it was up to date.
</p>
</div>
</div>
</th>
</tr>
|