Analyzing FreeBSD’s Package Mirror GeoDNS
https://antranigv.am/posts/2025/06/analyzing-freebsds-package-mirror-geodns/
One of the things that makes FreeBSD an amazing operating system is its package manager, pkg(8). Many people will keep arguing with me saying that apt or pacman is better, but pkg has some of the best features out there. Don’t even get me started on number of packages. A friend was telling me “but how can I use FreeBSD when you have 1/3rd number of packages that Debian has?”. Again, this is a lie. While Debian has 80K packages, each software is divided into -doc and -dev, while on FreeBSD a simple pkg install will install everything that a package needs.
But let’s not talk about how awesome FreeBSD’s pkg is, let’s talk about it’s issues.
Couple of years ago, I noticed that downloading from FreeBSD package mirror was veeeeeery slow. Turns out that based on GeoDNS Armenia was connecting to the South African package mirror pkg0.jinx.FreeBSD.org by default.
Lucky for me, there was a package to help you figure out which one is fastest for you, named fastest_pkg. I ran it and I learned that the Frankfurt package mirror was the fastest for me.
Initially, I changed the config in FreeBSD.conf as recommended by fastest_pkg, but I’m not a single server guy, I have dozens of hosts with hundreds of jails.
Solution? I asked the Cluster Admins to set Armenia’s GeoDNS to pkg0.fra.FreeBSD.org.
But servers come and go, and the Frankfurt server got decommissioned a while back. Luckily the project now has a server in… Sweden!
But my download speed is slow. Somehow Armenia defaulted back to South Africa.
Is this an issue for me, or is this an issue for everybody?
(Sidenote: turns out fastest_pkg has been broken for a while, ever since pkg moved to a new package format, so we also made a patch and submitted a PR)
During today’s FreeBSD “Ask the experts: AMA” we used RIPE Atlas to measure the speeds from all around the world, to all package mirror hosts.
All of the measurements can be found here.
So, here’s the goal
- Measure from around the world to all of the package mirror hosts (done).
- Measure from around the world to
pkg.FreeBSD.org to get the default GeoDNS host for each area/country/network (in progress, recurring every 6 hours for the next 6 days) - Find mis-configurations between “fastest” and “default” (TODO).
While the big measurements is still running I tried to use my eyes to see if there’s anything GREEN (aka fast connection) in direct package mirror host measurements whilst being YELLOW/RED (aka bad connection) when connecting to pkg.FreeBSD.org.
Unsurprisingly, we found one! It was in Mombasa, Kenya.
Here’s what it looks like while connecting directly:
{ "fw": 5080, "mver": "2.6.2", "lts": 25, "dst_name": "pkg0.jinx.freebsd.org", "ttr": 10639.830509, "af": 4, "dst_addr": "196.10.53.168", "src_addr": "160.119.216.205", "proto": "ICMP", "ttl": 59, "size": 1000, "result": [ { "rtt": 47.434297 }, { "rtt": 47.39957 }, { "rtt": 47.412379 }, { "rtt": 47.369089 }, { "rtt": 47.851894 } ], "dup": 0, "rcvd": 5, "sent": 5, "min": 47.369089, "max": 47.851894, "avg": 47.493445799999996, "msm_id": 110487154, "prb_id": 22215, "timestamp": 1750269643, "msm_name": "Ping", "from": "160.119.216.205", "type": "ping", "group_id": 110487154, "step": null, "stored_timestamp": 1750269644}
And here it is via GeoDNS’s defaults:
{ "fw": 5080, "mver": "2.6.2", "lts": 10, "dst_name": "pkg.freebsd.org", "ttr": 10465.87807, "af": 4, "dst_addr": "173.228.147.98", "src_addr": "160.119.216.205", "proto": "ICMP", "ttl": 52, "size": 1000, "result": [ { "rtt": 240.19025 }, { "rtt": 244.967071 }, { "rtt": 236.466414 }, { "rtt": 238.189775 }, { "rtt": 233.570938 } ], "dup": 0, "rcvd": 5, "sent": 5, "min": 233.570938, "max": 244.967071, "avg": 238.6768896, "msm_id": 110489920, "prb_id": 22215, "timestamp": 1750270943, "msm_name": "Ping", "from": "160.119.216.205", "type": "ping", "group_id": 110489920, "step": null, "stored_timestamp": 1750270944}
Clearly, it’s set to pkg0.chi.freebsd.org (173.228.147.98) by default. That’s Chicago. That’s halfway around the world. It took it 238ms on average. While it took the same probe 47ms on average when connecting to pkg0.jinx.freebsd.org directly.
Clearly, I’m not the only one.
Hopefully after collecting data for 6 days, we can start analyzing and improving the GeoDNS setup that we have.
A good suggestion from crest was to have a pkg plugin that does the work of fastest_pkg on the fly. We’ll try that one day.
If anyone is interested in helping me out, feel free to contact me over email, IRC or Discord.
That’s all folks…
#DNS #FreeBSD #GeoDNS #pkg #RIPE #RIPEAtlas
