aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/explanations.html
blob: a101a0816e7ebe1be53e6b893847ebc7a4eed867 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
<html><head><title>apt-panopticon explanations</title>
</head><body bgcolor="black" text="white"><h1>Welcome to the apt-panopticon explanations page.</h1>
<p>The purpose of this page is to try to explain everything shown on <a href="Report-web.html">the results page</a>, 
so that the results page can link to the various parts for the curious.<p>

<hr><h1 id="IPv4">IPV4 tests</h1>
<p>Tests are tested over IPv4 if the mirror has IPv4 addresses.</p>

<hr><h1 id="IPv6">IPv6</h1>
<p>Tests are tested over IPv6 if the mirror has IPv6 addresses.</p>

<hr><h1 id="FTP">FTP tests</h1>
<p>The FTP tests have not been written yet.</p>

<hr><h1 id="HTTP">HTTP tests</h1>
<p>There are two styles of HTTP tests - actual HTTP downloads and HTTP HEAD tests.  &nbsp;
Actual downloads happen when other tests need the files to be downloaded. &nbsp;
HEAD tests are where apt-panopticon probes things in detail. &nbsp;
For each mirror (including the DNS round robin domain), and for each IP of that mirror -
</p>
<ul>
<li>Chose a small collection of package files to test, and the Release files for each release.</li>
<li>Send a HTTP HEAD request for each of those files.</li>
<li>Carefully inspect and log the response.</li>
<li>Retry the request if needed, and log that.</li>
<li>If a redirect loop is detected, log that and give up.</li>
<li>If the mirror replies with a redirect to the same mirror, then try that and keep checking.</li>
<li>If the mirror replies with a redirect to a different server, then probe that mirror the same way.</li>
</ul>

<hr><h1 id="HTTPS">HTTPS tests</h1>
<p>The HTTPS tests are very similar to the HTTP tests detailed above, though obviously they are tried with HTTPS requests intead of HTTP requests. &nbsp;
The validity of the HTTPS certificate for each server is tested as well.
</p>

<hr><h1 id="RSYNC">rsync tests</h1>
<p>The RSYNC tests have not been written yet.</p>

<hr><h1 id="DNS-RR">DNS round robin tests</h1>
<p>The "DNS round robin" column lists the IP addresses for each mirror that is part of the DNS round robin, or DNS-RR. &nbsp;
The IPs are linked to the log for that specific IP when used via the DNS round robin, and is followed by the number of errors, warnings, or timeouts of any.
</p>

<hr><h1 id="Protocol">Protocol tests</h1>
<p>The Protocol test will give a warning if the protocol is changed during a redirect, HTTP -> HTTPS for example. &nbsp;
While apt HTTPS transport is now the default in Beowulf / Buster, not everyone with an older release will have that installed,
so redirecting HTTP to HTTPS will break apt for those people. &nbsp;
An error is given instead if that happens for mirrors in the DNS round robin. &nbsp;
Servers in the DNS round robin will not have the HTTPS certificate for the round robin domain, so redirecting to HTTPS for that is a mistake.
</p>

<hr><h1 id="URL-Sanity">URL sanity tests</h1>
<p>The URL sanity test replaces "/" in URLS with "///", to see if the mirror can cope with that. &nbsp;
This might happen due to a minor mis-configuration by the apt user, but decent web servers should cope with that. &nbsp;
The result for a mirror that does not cope is a failed download for that use, so this is an error.
</p>

<hr><h1 id="Integrity">Integrity tests</h1>
<p>Actually download files, then check things like PGP keys, SHA256 check sums, and file size. &nbsp;
For actual packages, pick the smallest one that has been recently updated.
</p>

<hr><h1 id="Updated">Updated tests</h1>
<p>Make sure the Release files are up to date by checking their internal "Date" field. &nbsp;
If they are up to date, download and check updated Packages.xz files, and actual packages. &nbsp;
For actual packages, pick the smallest one that has been recently updated.
</p>

<hr><h1 id="Speed">Speed test</h1>
<p>The speed test tries to guess at a minimum and maximum speed range for each mirror. &nbsp;
It does this by measuring the reported speeds from the curl commands that actually download files. &nbsp;
Since apt-panopticon is trying hard to download everything from all mirrors all at the same time, this guess will be low. &nbsp;
Also, the computer running the apt-panopticon might have a network connection that is busy with other things. &nbsp;
Finally, the tested mirror may have a bigger network connection than the computer running the test, so wont show it's true maximum. &nbsp;
So take this speed measurement with a grain of salt, it's more of an indication, the <a href="../apt-panopticon_cgp/index.php">full graphs</a> might be useful.
</p>

</body></html>