Why does no distro utilise BitTorrent to distribute packages?
from moreeni@lemm.ee to linux@lemmy.ml on 10 Jun 10:23
https://lemm.ee/post/34239123
from moreeni@lemm.ee to linux@lemmy.ml on 10 Jun 10:23
https://lemm.ee/post/34239123
Just had this idea pop up in my mind. Instead of relying on volunteers mirroring package repositories all around the world, why not utilise BitTorrent protocol to move at the very least some some load unto the users and thus increase download speeds as well as decrease latency?
threaded - newest
.
I suspect if this was enabled by default there would be uproar from people annoyed the distro was stealing their bandwidth, and if it were opt-in then very few people would do it.
Windows Update uses peer to peer to distribute updates. It’s one of the first things I always disabled.
.
Do you have an example? Or is there a distro that does this by default? I’m pretty new to Linux and have never heard of it before
I think they mean the distro iso/zip download
.
Aren’t those the distros? Which one pulls packages using torrent
Most common/relevant/larger distros do that at least for the install/live ISO.
OP is taking about packages and updates using peer to peer, not just the install media. AFAIK no distro does that.
At least Kali and Arch do
Doesn’t Arch rely on mirrors to distribute packages?
You’re right - I misunderstood the question and thought you meant the distribution images
Reminds me of the Talk about distributing firmware.
Bittorrent is poorly pretty suspicious which may be used as an argument. But I dont see the reason really.
That’s actually a really interesting idea. Windows even does something, or at a point did something, similar with system updates.
Peer to peer packages would have some privacy, and potential security issues of course but I like the thought
Good lord, and windows doesn’t have a way to verify their ISOs are authentic. Do they sign this p2p payload in any way? Seems like a great opportunity to spread a worm
One reason is privacy and hence security. If you share a package, you also share the information that your system contains the oudtated package “xy” which has a backdoor and can be accessed by a hacker.
I’m not sure if that is a valid argument with atomic image distros since you share the whole image. And the tracker could just disable the old image as soon as the new image arrives.
It no more says that than hosting an HTTP mirror currently does.
But as a third party you can not know which clients are using this outdated http mirror. On BitTorrent you can see every participating peers and some of them are probably enduser machines (depending on the actual implementation of OP’s suggestion).
You could just check the signature
FWIW the “opposite”, namely Webseed, exists bittorrent.org/beps/bep_0019.html so… maybe some already do but it’s not even noticed because Wedseed of mirrors handle the load?
wiki.debian.org/DebTorrent
wiki.debian.org/DebTorrent/SolutionIdeas
BitTorrent would likely increase latency, not lower it. The bit torrent protocol is very inefficient for small files and large numbers of files (wiki.debian.org/DebTorrent - see “Problems”).
But I think your question is more “why not use p2p to download files” for which I think the answer is likely “because they don’t need to.” It would add complication and overhead to maintain. An FTP/HTTP server is pretty simple to setup / maintain and the tools already exist to maintain them. You can use round-robin DNS to gain some redundancy and a bit of load spread without much effort either.
Bittorrent is nice for getting isos, but it would pul my hair out if I tried to download patches with it.
What are you talking about? All that torrent traffic that my ISP sees is definitely Linux ISOs.
Just doing my part
Whatever I’m talking about is not Linux ISOs.
I think they were joking.
Woosh
They were joking about whole other thing. My topic has nothing to do with distro ISOs, I was talking about packages
A “joke” often references material that is related, but not the same.
Uhhh no, judging by the others, people definitely seem to have problem with confusing what I was talking about exactly
Linux ISO is slang for pirated content. They were clearly joking. www.urbandictionary.com/define.php?term=Linux+ISO
Dude, I get their joke, but Linux ISOs are irrelevant to the conversation. That’s what I wanted to point out, because many people get confused and think I was talking about them specifically
I don’t think people were confused so much as bending the point a little to make a joke topical. It’s both “downloading Linux stuff”.
HTTP 420
Ohhhh I thought we were talking about ISOs this whole time! We love these ISOs, don’t we?
Over time I’ve seen several groups tinker with p2p protocols for packages. Latest using gnunet/ipfs for Guix packages. But I’ve never seen a working/integrated system. Weird…
Another thing not mentioned yet is maintenance overhead. These distros operate around the clock, all over the world, with talent from the likes of RH and co. There are far fewer people (who run your mirrors) who know how to maintain a torrent tracker (or similar), and on top of that, I haven’t really seen any good BitTorrent caching methods. Support would need to be added to your package manager of choice.
It also comes down to most client having asymmetric bandwidth, and that most users do not have every package installed and therefore can only distribute a very small amount of the total distro. Those users probably don’t want to be constantly uploading, either. I also can’t imagine torrents are too fun to work with when it comes to distributing constantly changing package manager metadata, too.
That what Debian does with ISOs. However, no one uses it.
If anything IPFS might be good for packages as the IPFS program could he embedded into the package manager.
We do use it! I download several Linux ISOs from bittorrent every week!
I use bittorrent for isos and the files usually have hundreds of seeds. They are used.
Same for Armbian.
Source?
I use torrents/magnets for ISOs whenever i can.
Literally get isos faster from torrents than from the mirrors lol.
There is an apt variant that can do this, but nobody uses it. BitTorrent isn’t great for lots of small files overhead wise.
IPFS is better for this than torrents. The question is always “how much should the client seed before they stop seeding and how longs should they attempt to seed before they give up”. I agree something like this should exist, I have no problem quickly re-donating any bandwidth I use.
Nix has an open issue on integrating IPFS support.
There’s also an old tutorial.
Guix supports now. As does nerdctl of oci things
I support this proposal.
Metallica ruined it. They made it seem as though torrenting was evil because their content was being downloaded. Poor babies.
Lars ruined Napster. BitTorrent came around some time later after Limewire, Soulseek, and DirectConnect. Lars might have had something to say about Bit Torrent, but by that point no one was listening.
Besides, back then, we really were using BitTorrent mostly for Linux ISOs. At the time it was more reliable than http. It really sucked having to download an entire ISO again because it failed the checksum. BitTorrent alleviated that.
Because HTTP is simpler, faster, easier, more reliable.
The motivation for a a lot of p2p is to make it harder to shut down, but there is no danger of that for Linux distros. The other would be to save money, but Debian/Arch/etc. get more than enough bandwidth/server donations, so they’re not paying for that anyway.
p2p is also cheaper, bandwidth-wise, but packages are usually not that big to justify it.
Some distros do this already.
ubuntu.com/download/alternative-downloads
That’s not packages, that’s images. People download images relatively infrequently, but with rolling release distros, people download hundreds of packages on a regular basis
They’re talking about packages you install, not the ISOs.
Ah, oops!
To add to everything else mentioned, many places (schools, workplaces) don’t allow any usage of BitTorrent, even legal. A guy at my uni got yelled at for torrenting a Linux iso. Not to mention depending on where you live your ISP might be interested in that activity unless you’re using a vpn.