The Central Repository Is Getting Faster! Are you ready for the new IPs?

July 27, 2011 By Brian Fox

3 minute read time

We’ve made several improvements to the Central Repository (Maven Central) to support the incredible growth in both the number of components and the number of developers using it. If you use specific IPs to allow access to Central, you’ll need to update your firewall as described below.

Since 2007, Central has been hosted at Contegix in a shared rack with 100mbps data connections to the Internet. We've worked with Contegix to acquire a new dedicated switch that will have a 1gb connection directly to their core routers. The routing to the switches is done at the Layer 3 (IP) level and this means we are moving to a new dedicated ip subnet:

  • 207.223.241.64/27 (207.223.241.65 - 207.223.241.95)

In addition to the network upgrade, we've added an entirely new tool to our belts: Dyn (formerly DynDNS.com) is partnering with us to provide active monitoring, failover and global load balancing along with enterprise DNS services for maven.org via their DynECT Managed DNS solution. DNS resolution time should be noticeably faster as Dyn has DNS servers all around the world.

Availability will be improved as we have added geographic diversity with servers located in both the US and the UK. The DynECT Active monitoring service monitors http://repo1.maven.org/maven2 every 60 seconds and if any timeouts or errors are detected, the system will instantly switch over to alternate Central servers.

Although traffic to Central from Europe represents nearly 50% of overall load, the UK servers are serving less than 2%. This means most of our European users aren't using the http://uk.maven.org/maven2 urls directly. DynECT has a load balancing solution, Global Server Load Balancer (GSLB), that will transparently direct traffic to our servers based on the user’s location. While our bandwidth costs are higher in the UK, the enhanced experience for almost half of our users is well worth the investment.

Firewall Updates May Be Required

These changes that provide the community benefit of increased stability, uptime and geographic load balancing required us to change our IP addressing such that we can no longer offer a single, static IP address for Central.

If your organization utilizes firewall rules with specific IPs, please allow this list so that you won't be affected by any failover or balancing that may occur:

  • 207.223.241.90 : Current US primary
  • 207.223.241.91 : Current US staging
  • 207.223.241.92 : Current US standby
  • 207.223.241.64/27 (207.223.241.65 - 207.223.241.95) Future US Subnet
  • 89.167.251.252: UK Primary
  • 89.167.251.253: UK standby
  • 89.167.251.249: UK standby

We anticipate the cutover to the new switch and IP addresses to occur between August 1, 2011 and August 5th, 2011. Shortly after that, we will slowly start to roll out the global load balancing. As long as you have allowed the IPs listed above and use the http://repo1.maven.org/maven2 url in your systems, the only things you should notice are faster resolution and download times.

Thanks again to Contegix and Dyn for helping us to provide enterprise level services to the development community.

Tags: Nexus Repo Reel, Sonatype Says, Sonatype, Everything Open Source

Written by Brian Fox

Brian Fox is a software developer, innovator and entrepreneur. He is an active contributor within the open source development community, most prominently as a member of the Apache Software Foundation and former Chair of the Apache Maven project. As the CTO and co-founder of Sonatype, he is focused on building a platform for developers and DevOps professionals to build high-quality, secure applications with open source components.