Updating Ports on 15.0-RELEASE-p5
0 views
Skip to first unread message
Washington Odhiambo
Apr 4, 2026, 7:53:10 AMApr 4
to questions
This is a pkgbasified system.
What's going on here?
root@gw:/home/wash # pkg repos
FreeBSD-ports: {
url : "pkg+https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkg"
}
FreeBSD-ports-kmods: {
url : "pkg+https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkg"
}
FreeBSD-base: {
url : "pkg+https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkgbase-15"
}
root@gw:/home/wash # pkg update
Updating FreeBSD-ports repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.txz: Timeout was reached
repository FreeBSD-ports has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.tzst: Timeout was reached
Unable to update repository FreeBSD-ports
Updating FreeBSD-ports-kmods repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.txz: Timeout was reached
repository FreeBSD-ports-kmods has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.tzst: Timeout was reached
Unable to update repository FreeBSD-ports-kmods
Updating FreeBSD-base repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/meta.txz: Timeout was reached
repository FreeBSD-base has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/packagesite.tzst: Timeout was reached
Unable to update repository FreeBSD-base
Error updating repositories!
root@gw:/home/wash # ping pkg.FreeBSD.org
PING pkgmir.geo.FreeBSD.org (96.47.72.71): 56 data bytes
64 bytes from 96.47.72.71: icmp_seq=0 ttl=52 time=249.443 ms
64 bytes from 96.47.72.71: icmp_seq=1 ttl=52 time=248.192 ms
^C
--- pkgmir.geo.FreeBSD.org ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 248.192/248.817/249.443/0.625 ms
root@gw:/home/wash # uname -a
FreeBSD gw.wash.lan 15.0-RELEASE-p5 FreeBSD 15.0-RELEASE-p5 releng/15.0-n281018-0730d5233286 GENERIC amd64
root@gw:/home/wash #
FreeBSD-ports: {
url : "pkg+https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkg"
}
FreeBSD-ports-kmods: {
url : "pkg+https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkg"
}
FreeBSD-base: {
url : "pkg+https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0",
enabled : yes,
priority : 0,
mirror_type : "SRV",
signature_type : "FINGERPRINTS",
fingerprints : "/usr/share/keys/pkgbase-15"
}
root@gw:/home/wash # pkg update
Updating FreeBSD-ports repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.txz: Timeout was reached
repository FreeBSD-ports has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.tzst: Timeout was reached
Unable to update repository FreeBSD-ports
Updating FreeBSD-ports-kmods repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.txz: Timeout was reached
repository FreeBSD-ports-kmods has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.tzst: Timeout was reached
Unable to update repository FreeBSD-ports-kmods
Updating FreeBSD-base repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/meta.txz: Timeout was reached
repository FreeBSD-base has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/packagesite.tzst: Timeout was reached
Unable to update repository FreeBSD-base
Error updating repositories!
root@gw:/home/wash # ping pkg.FreeBSD.org
PING pkgmir.geo.FreeBSD.org (96.47.72.71): 56 data bytes
64 bytes from 96.47.72.71: icmp_seq=0 ttl=52 time=249.443 ms
64 bytes from 96.47.72.71: icmp_seq=1 ttl=52 time=248.192 ms
^C
--- pkgmir.geo.FreeBSD.org ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 248.192/248.817/249.443/0.625 ms
root@gw:/home/wash # uname -a
FreeBSD gw.wash.lan 15.0-RELEASE-p5 FreeBSD 15.0-RELEASE-p5 releng/15.0-n281018-0730d5233286 GENERIC amd64
root@gw:/home/wash #
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
In an Internet failure case, the #1 suspect is a constant: DNS.
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
"Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-)
[How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
Philip Paeps
Apr 22, 2026, 1:58:38 AM (yesterday) Apr 22
to Washington Odhiambo, questions
I just noticed this message from a couple of weeks ago. The problem
might have been transient but ...
On 2026-04-04 19:50:48 (+0800), Washington Odhiambo wrote:
> What's going on here?
It looks like you're getting timeouts because you're talking to a
pkg.FreeBSD.org mirror very far from where you are.
> pkg: Failed to fetch
> https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout was
> reached
>
> [...]
GeoDNS should be sending you to Fastly infrastructure in Cape Town or
our mirror in Johannesburg. Both are still a long way away but 70ms is
a lot better than 250ms!
Could you tell me your source IP address please? I can optimise the
routing.
Asante.
Philip [hat: cluster babysit]
might have been transient but ...
On 2026-04-04 19:50:48 (+0800), Washington Odhiambo wrote:
> What's going on here?
pkg.FreeBSD.org mirror very far from where you are.
> pkg: Failed to fetch
> https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout was
> reached
>
>
> root@gw:/home/wash # ping pkg.FreeBSD.org
> PING pkgmir.geo.FreeBSD.org (96.47.72.71): 56 data bytes
> 64 bytes from 96.47.72.71: icmp_seq=0 ttl=52 time=249.443 ms
> 64 bytes from 96.47.72.71: icmp_seq=1 ttl=52 time=248.192 ms
> ^C
> --- pkgmir.geo.FreeBSD.org ping statistics ---
> 2 packets transmitted, 2 packets received, 0.0% packet loss
> round-trip min/avg/max/stddev = 248.192/248.817/249.443/0.625 ms
> root@gw:/home/wash # uname -a
> FreeBSD gw.wash.lan 15.0-RELEASE-p5 FreeBSD 15.0-RELEASE-p5
> releng/15.0-n281018-0730d5233286 GENERIC amd64
> root@gw:/home/wash #
It's very odd to see you being sent all the way to New Jersey. Our
> root@gw:/home/wash # ping pkg.FreeBSD.org
> PING pkgmir.geo.FreeBSD.org (96.47.72.71): 56 data bytes
> 64 bytes from 96.47.72.71: icmp_seq=0 ttl=52 time=249.443 ms
> 64 bytes from 96.47.72.71: icmp_seq=1 ttl=52 time=248.192 ms
> ^C
> --- pkgmir.geo.FreeBSD.org ping statistics ---
> 2 packets transmitted, 2 packets received, 0.0% packet loss
> round-trip min/avg/max/stddev = 248.192/248.817/249.443/0.625 ms
> root@gw:/home/wash # uname -a
> FreeBSD gw.wash.lan 15.0-RELEASE-p5 FreeBSD 15.0-RELEASE-p5
> releng/15.0-n281018-0730d5233286 GENERIC amd64
> root@gw:/home/wash #
GeoDNS should be sending you to Fastly infrastructure in Cape Town or
our mirror in Johannesburg. Both are still a long way away but 70ms is
a lot better than 250ms!
Could you tell me your source IP address please? I can optimise the
routing.
Asante.
Philip [hat: cluster babysit]
Washington Odhiambo
Apr 22, 2026, 2:46:33 AM (23 hours ago) Apr 22
to Philip Paeps, questions
I *was* technically in New Jersey as my VM was routed via my VPN tunnel.
I have since routed the VM via my WAN, but the issue still persists:
root@gw:/home/wash # !trace
traceroute pkg.FreeBSD.org
traceroute to pkgmir.geo.FreeBSD.org (96.47.72.71), 64 hops max, 40 byte packets
1 192.168.69.1 (192.168.69.1) 0.430 ms 0.428 ms 0.361 ms
2 192.168.1.1 (192.168.1.1) 1.037 ms 0.922 ms 1.058 ms
3 192.168.222.1 (192.168.222.1) 2.406 ms 2.685 ms 2.354 ms
4 * * 41.215.131.9 (41.215.131.9) 3.135 ms
5 41.215.128.162 (41.215.128.162) 9.518 ms * *
6 195.229.27.133 (195.229.27.133) 60.395 ms 59.662 ms 58.977 ms
7 5.195.70.160 (5.195.70.160) 59.607 ms 59.758 ms 59.768 ms
8 195.229.5.217 (195.229.5.217) 175.001 ms
195.229.3.179 (195.229.3.179) 172.950 ms
195.229.3.177 (195.229.3.177) 172.966 ms
9 80.249.213.240 (80.249.213.240) 175.938 ms * *
10 * * *
11 * * *
12 * * *
13 ae4.cs2.lga5.us.zip.zayo.com (64.125.28.71) 246.216 ms * *
14 ae34.mpr1.ewr4.us.zip.zayo.com (64.125.20.85) 245.481 ms 245.694 ms 246.955 ms
15 208.184.34.238.IPYX-076763-900-ZYO.zip.zayo.com (208.184.34.238) 245.855 ms 244.600 ms 243.344 ms
16 cs90.cs89new.v.ewr.nyinternet.net (96.47.77.210) 249.689 ms 248.070 ms 249.946 ms
17 96.47.66.42.static.nyinternet.net (96.47.66.42) 250.092 ms 247.004 ms 246.283 ms
18 pkg0.nyi.freebsd.org (96.47.72.71) 251.058 ms 251.621 ms 246.661 ms
root@gw:/home/wash #
root@gw:/home/wash # !trace
traceroute pkg.FreeBSD.org
traceroute to pkgmir.geo.FreeBSD.org (96.47.72.71), 64 hops max, 40 byte packets
1 192.168.69.1 (192.168.69.1) 0.430 ms 0.428 ms 0.361 ms
2 192.168.1.1 (192.168.1.1) 1.037 ms 0.922 ms 1.058 ms
3 192.168.222.1 (192.168.222.1) 2.406 ms 2.685 ms 2.354 ms
4 * * 41.215.131.9 (41.215.131.9) 3.135 ms
5 41.215.128.162 (41.215.128.162) 9.518 ms * *
6 195.229.27.133 (195.229.27.133) 60.395 ms 59.662 ms 58.977 ms
7 5.195.70.160 (5.195.70.160) 59.607 ms 59.758 ms 59.768 ms
8 195.229.5.217 (195.229.5.217) 175.001 ms
195.229.3.179 (195.229.3.179) 172.950 ms
195.229.3.177 (195.229.3.177) 172.966 ms
9 80.249.213.240 (80.249.213.240) 175.938 ms * *
10 * * *
11 * * *
12 * * *
13 ae4.cs2.lga5.us.zip.zayo.com (64.125.28.71) 246.216 ms * *
14 ae34.mpr1.ewr4.us.zip.zayo.com (64.125.20.85) 245.481 ms 245.694 ms 246.955 ms
15 208.184.34.238.IPYX-076763-900-ZYO.zip.zayo.com (208.184.34.238) 245.855 ms 244.600 ms 243.344 ms
16 cs90.cs89new.v.ewr.nyinternet.net (96.47.77.210) 249.689 ms 248.070 ms 249.946 ms
17 96.47.66.42.static.nyinternet.net (96.47.66.42) 250.092 ms 247.004 ms 246.283 ms
18 pkg0.nyi.freebsd.org (96.47.72.71) 251.058 ms 251.621 ms 246.661 ms
root@gw:/home/wash #
root@gw:/home/wash # pkg update
Updating FreeBSD-ports repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.txz: Timeout was reached
repository FreeBSD-ports has no meta file, using default settings
repository FreeBSD-ports has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.tzst: Failed writing received data to disk/application
Unable to update repository FreeBSD-ports
Updating FreeBSD-ports-kmods repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.txz: Timeout was reached
repository FreeBSD-ports-kmods has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.tzst: Failed writing received data to disk/application
Unable to update repository FreeBSD-ports-kmods
Updating FreeBSD-base repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/meta.txz: Timeout was reached
repository FreeBSD-base has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/data.tzst: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/base_release_0/packagesite.tzst: Timeout was reached
Unable to update repository FreeBSD-base
Error updating repositories!
root@gw:/home/wash #
Philip Paeps
Apr 22, 2026, 3:18:15 AM (23 hours ago) Apr 22
to Washington Odhiambo, questions
nearby. Are you perhaps using a DNS server far away, or one that strips
ECS information? E.g. 9.9.9.9 will do this - 9.9.9.11 will work much
better.
See https://quad9.net/service/service-addresses-and-features/#ecssec
Or is your origin network (masked by the NAT hops) in another netblock
that isn't geolocated to Kenya?
What does this tell you?
% curl http://ip.wtf
> 18 pkg0.nyi.freebsd.org (96.47.72.71) 251.058 ms 251.621 ms
> 246.661 ms
> root@gw:/home/wash #
> root@gw:/home/wash # pkg update
> Updating FreeBSD-ports repository catalogue...
> pkg: Failed to fetch
> https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout was
> reached
> pkg: Failed to fetch
the path. And who knows what those first couple of hops are doing. :)
For what it's worth, from WaveX in Nairobi I get sent to Fastly in Cape
Town.
Philip
Washington Odhiambo
Apr 22, 2026, 3:45:13 AM (22 hours ago) Apr 22
to Philip Paeps, questions
root@gw:/home/wash # nslookup
> pkg.freebsd.org
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
Name: pkgmir.geo.freebsd.org
Address: 96.47.72.71
Name: pkgmir.geo.freebsd.org
Address: 2610:1c1:1:606c::50:1
>
root@gw:/home/wash # lsof -i -P -n | grep :53
unbound 46811 unbound 3u IPv4 0xfffff800063af540 0 UDP 127.0.0.1:53->*:*
unbound 46811 unbound 4u IPv4 0xfffff80006dff540 0 TCP 127.0.0.1:53->*:* (LISTEN)
root@gw:/home/wash # cat /var/unbound/forward.conf
forward-zone:
name: .
forward-tls-upstream: yes
forward-first: no
forward-addr: 1.0.0.1@53 #cloudflare
root@gw:/home/wash #
I then changed my /etc/resolv.conf to point to 9.9.9.11
root@gw:/home/wash # nslookup
> pkg.freebsd.org
Server: 9.9.9.11
Address: 9.9.9.11#53
Non-authoritative answer:
pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
Name: pkgmir.geo.freebsd.org
Address: 96.47.72.71
Name: pkgmir.geo.freebsd.org
Address: 2610:1c1:1:606c::50:1
> pkg.freebsd.org
Server: 127.0.0.1
Address: 127.0.0.1#53
Non-authoritative answer:
pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
Name: pkgmir.geo.freebsd.org
Address: 96.47.72.71
Name: pkgmir.geo.freebsd.org
Address: 2610:1c1:1:606c::50:1
>
root@gw:/home/wash # lsof -i -P -n | grep :53
unbound 46811 unbound 3u IPv4 0xfffff800063af540 0 UDP 127.0.0.1:53->*:*
unbound 46811 unbound 4u IPv4 0xfffff80006dff540 0 TCP 127.0.0.1:53->*:* (LISTEN)
root@gw:/home/wash # cat /var/unbound/forward.conf
forward-zone:
name: .
forward-tls-upstream: yes
forward-first: no
forward-addr: 1.0.0.1@53 #cloudflare
root@gw:/home/wash #
I then changed my /etc/resolv.conf to point to 9.9.9.11
root@gw:/home/wash # nslookup
> pkg.freebsd.org
Server: 9.9.9.11
Address: 9.9.9.11#53
Non-authoritative answer:
pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
Name: pkgmir.geo.freebsd.org
Address: 96.47.72.71
Name: pkgmir.geo.freebsd.org
Address: 2610:1c1:1:606c::50:1
>
root@gw:/home/wash # pkg update
Updating FreeBSD-ports repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.tzst: Failed writing received data to disk/application
Unable to update repository FreeBSD-ports
Updating FreeBSD-ports-kmods repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.txz: Timeout was reached
repository FreeBSD-ports-kmods has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/data.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/packagesite.tzst: Failed writing received data to disk/application
Unable to update repository FreeBSD-ports
Updating FreeBSD-ports-kmods repository catalogue...
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.conf: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/meta.txz: Timeout was reached
repository FreeBSD-ports-kmods has no meta file, using default settings
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/data.tzst: Failed writing received data to disk/application
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.pkg: Timeout was reached
pkg: Failed to fetch https://pkg.FreeBSD.org/FreeBSD:15:amd64/kmods_latest_0/packagesite.tzst: Failed writing received data to disk/application
Unable to update repository FreeBSD-ports-kmods
Updating FreeBSD-base repository catalogue...
PS: I am using Jamii Telecommunications in Nairobi.
Philip Paeps
Apr 22, 2026, 4:20:54 AM (22 hours ago) Apr 22
to Washington Odhiambo, questions
On 2026-04-22 15:44:05 (+0800), Washington Odhiambo wrote:
> On Wed, Apr 22, 2026 at 10:17 AM Philip Paeps <phi...@freebsd.org>
> wrote:
>> On 2026-04-22 14:45:25 (+0800), Washington Odhiambo wrote:
>>> On Wed, Apr 22, 2026 at 8:58 AM Philip Paeps <phi...@freebsd.org>
>>> wrote:
>>>> I just noticed this message from a couple of weeks ago. The
>>>> problem
>>>> might have been transient but ...
>>>>
>>>> On 2026-04-04 19:50:48 (+0800), Washington Odhiambo wrote:
>>>>> What's going on here?
>>>>
>>>> It looks like you're getting timeouts because you're talking to a
>>>> pkg.FreeBSD.org mirror very far from where you are.
>>>>
>>>>> pkg: Failed to fetch
>>>>> https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout
>>>>> was reached
>>>>>
>>>>> [...]
>>>>
> On Wed, Apr 22, 2026 at 10:17 AM Philip Paeps <phi...@freebsd.org>
> wrote:
>> On 2026-04-22 14:45:25 (+0800), Washington Odhiambo wrote:
>>> On Wed, Apr 22, 2026 at 8:58 AM Philip Paeps <phi...@freebsd.org>
>>> wrote:
>>>> I just noticed this message from a couple of weeks ago. The
>>>> problem
>>>> might have been transient but ...
>>>>
>>>> On 2026-04-04 19:50:48 (+0800), Washington Odhiambo wrote:
>>>>> What's going on here?
>>>>
>>>> It looks like you're getting timeouts because you're talking to a
>>>> pkg.FreeBSD.org mirror very far from where you are.
>>>>
>>>>> pkg: Failed to fetch
>>>>> https://pkg.FreeBSD.org/FreeBSD:15:amd64/latest/meta.conf: Timeout
>>>>> was reached
>>>>>
>>>>> [...]
>>>>
>>>> It's very odd to see you being sent all the way to New Jersey. Our
>>>> GeoDNS should be sending you to Fastly infrastructure in Cape Town
>>>> or
>>>> our mirror in Johannesburg. Both are still a long way away but
>>>> 70ms
>>>> is a lot better than 250ms!
>>>>
>>>> Could you tell me your source IP address please? I can optimise
>>>> the
>>>> routing.
>>>
>>> [...]
>>>> GeoDNS should be sending you to Fastly infrastructure in Cape Town
>>>> or
>>>> our mirror in Johannesburg. Both are still a long way away but
>>>> 70ms
>>>> is a lot better than 250ms!
>>>>
>>>> Could you tell me your source IP address please? I can optimise
>>>> the
>>>> routing.
>>>
> root@gw:/home/wash # nslookup
>> pkg.freebsd.org
> Server: 127.0.0.1
> Address: 127.0.0.1#53
>
> Non-authoritative answer:
> pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
> Name: pkgmir.geo.freebsd.org
> Address: 96.47.72.71
> Name: pkgmir.geo.freebsd.org
> Address: 2610:1c1:1:606c::50:1
>>
> root@gw:/home/wash # lsof -i -P -n | grep :53
> unbound 46811 unbound 3u IPv4 0xfffff800063af540 0 UDP
> 127.0.0.1:53->*:*
> unbound 46811 unbound 4u IPv4 0xfffff80006dff540 0 TCP
> 127.0.0.1:53->*:* (LISTEN)
> root@gw:/home/wash # cat /var/unbound/forward.conf
> forward-zone:
> name: .
> forward-tls-upstream: yes
> forward-first: no
> forward-addr: 1.0.0.1@53 #cloudflare
>
This is your problem. Cloudflare does not send the EDNS Client Subnet
>> pkg.freebsd.org
> Server: 127.0.0.1
> Address: 127.0.0.1#53
>
> Non-authoritative answer:
> pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
> Name: pkgmir.geo.freebsd.org
> Address: 96.47.72.71
> Name: pkgmir.geo.freebsd.org
> Address: 2610:1c1:1:606c::50:1
>>
> root@gw:/home/wash # lsof -i -P -n | grep :53
> unbound 46811 unbound 3u IPv4 0xfffff800063af540 0 UDP
> 127.0.0.1:53->*:*
> unbound 46811 unbound 4u IPv4 0xfffff80006dff540 0 TCP
> 127.0.0.1:53->*:* (LISTEN)
> root@gw:/home/wash # cat /var/unbound/forward.conf
> forward-zone:
> name: .
> forward-tls-upstream: yes
> forward-first: no
> forward-addr: 1.0.0.1@53 #cloudflare
>
(ECS) to our authoritative servers so we have no way of determining
where your query comes from. In the absence of a geographic origin, we
point you at our site of last resort: New Jersey.
One option is to configure a stub-zone for geo.FreeBSD.org, e.g.:
stub-zone:
name: geo.FreeBSD.org
stub-host: gns1.FreeBSD.org
stub-host: gns2.FreeBSD.org
stub-first: yes
The "stub-first: yes" will ensure you can still resolve geo.FreeBSD.org
if we ever decide to rename our servers something else and save you some
debugging. (Note that we don't plan to rename these servers but, if
ever the operational need arises, we might.)
Note that this will send us queries without TLS (we don't do
DNS-over-TLS) but your ISP already sees your traffic to FreeBSD.org -
sending us a couple of DNS queries won't give them much more
information.
You could also work around this with another forward-zone block for
geo.FreeBSD.org that points to a DNS server that sends us client
information, e.g.:
forward-zone:
name: .
forward-tls-upstream: yes
forward-addr: 9.9.9.11@53 #quad9 with ECS
The "forward-first: yes" will make Unbound fall back to regular
resolving from the root, which is a good idea for robustness. If you
feel strongly about TLS, you might want to turn this off. In that case,
it'll break if you can't reach 9.9.9.11.
Before you embark on this adventure though, please do a quick test with
e.g. nameserver 9.9.9.11 (or your ISP's DNS servers) in /etc/resolv.conf
(i.e. bypass your local-unbound for testing). If that also sends you to
New Jersey, I might be talking out of my hat and we can try something
else. :) (I don't think I'm talking out of my hat though.)
> PS: I am using Jamii Telecommunications in Nairobi.
all being sent to Fastly (probably Cape Town) with a fallback to Europe
(Sweden).
Isn't DNS fun?! ;)
Philip
Philip Paeps
Apr 22, 2026, 4:28:00 AM (22 hours ago) Apr 22
to Washington Odhiambo, questions
On 2026-04-22 16:20:09 (+0800), Philip Paeps wrote:
> You could also work around this with another forward-zone block for
> geo.FreeBSD.org that points to a DNS server that sends us client
> information, e.g.:
>
> forward-zone:
> name: .
> forward-tls-upstream: yes
> forward-first: yes
> forward-addr: 9.9.9.11@53 #quad9 with ECS
Sorry, this should have been:
> You could also work around this with another forward-zone block for
> geo.FreeBSD.org that points to a DNS server that sends us client
> information, e.g.:
>
> forward-zone:
> name: .
> forward-tls-upstream: yes
> forward-first: yes
> forward-addr: 9.9.9.11@53 #quad9 with ECS
forward-zone:
name: geo.FreeBSD.org
forward-tls-upstream: yes
forward-first: yes
forward-addr: 9.9.9.11@53 #quad9 with ECS
I.e. send all your queries to Cloudflare except for queries for
forward-first: yes
forward-addr: 9.9.9.11@53 #quad9 with ECS
geo.FreeBSD.org - send those to Quad9 with ECS instead.
Philip
Dan Mahoney (ports)
Apr 22, 2026, 5:31:56 AM (20 hours ago) Apr 22
to Philip Paeps, Washington Odhiambo, questions
I wanted to jump in and point out that since dayjob often sets up weird BSD boxes in odd corners of the world, we've found it useful to throw something together to find the fastest mirror, with no system dependencies on any ports.
(There is a similar python-based tool in ports, but that requires...being able to fetch packages).
-Dan
Marco Moock
Apr 22, 2026, 10:24:43 AM (16 hours ago) Apr 22
to ques...@freebsd.org
Am 22.04.26 um 09:44 schrieb Washington Odhiambo:
--
Gruß
Marco
Junk-Mail bitte an tras...@stinkedores.dorfdsl.de
> Non-authoritative answer:
> pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
> Name: pkgmir.geo.freebsd.org
> Address: 96.47.72.71
> Name: pkgmir.geo.freebsd.org
> Address: 2610:1c1:1:606c::50:1
Can you ping both of them?
> pkg.freebsd.org canonical name = pkgmir.geo.freebsd.org.
> Name: pkgmir.geo.freebsd.org
> Address: 96.47.72.71
> Name: pkgmir.geo.freebsd.org
> Address: 2610:1c1:1:606c::50:1
--
Gruß
Marco
Junk-Mail bitte an tras...@stinkedores.dorfdsl.de
Reply all
Reply to author
Forward
0 new messages