So, I happened to see this and will try to add info…
The way things work is:
dnf reads it’s config for repos in /etc/yum.repos.d/*conf for enabled repos and uses that to find mirrors. By default the fedora/fedora-updates repos have a mirrors.fedoraproject.org metalink link there.
So, dnf queries https://mirrors.fedoraproject.org and gets back a metalink.
mirrors.fedoraproject.org in DNS is split up into regions. North america, south america, eu, apac, etc. What mirrors server you query will depend on what region we think the request is coming from. Sometimes this is wrong/not up to date. Or sometimes the mirror in your ‘region’ is actually slower/further from you than one in another region. It’s sadly not an exact thing, we just do the best we can.
In the metalink is a bunch of checksums and list of mirrors that mirrormanager has generated based on your region and if they are up to date and if they have set things like ‘I am the best mirror for this ASN or network’. private mirrors get their private mirror address here. AWS networks should get a cloudfront cache. At the end of the list the master mirrors are listed as a ‘mirror of last resort’ if everything else has problems.
dnf then queries those mirrors for that repomd.xml file.
It checks that it has the same checksum as the metalink (The metalink also has the previous repomd.xml to avoid problems when the master mirrors change).
Once it gets a valid repomd.xml it pulls the rest of the repodata (which has checksums listed in repomd.xml) and solves for whatever you asked it to do (install something, update, etc).
Then, those requests for packages pull from the mirror.
So from the end client you will have a request to mirrors.fedoraproject.org (which is a bunch of different ip’s depending on your region/which one is first in dns) and then you will have a request to one of the mirrors returned for repomd.xml (or more if that one is not right) and then finally more connections to actually download repodata and/or packages.
Is that the kind of info you are seeking?