Patching an upgraded version

Question

EDIT (ADDED): I am unable to patch after doing do-release-upgrade from 14 to 16. It is very clear that there is a newer kernel and file package based on scanning the security notices, but they are not "seen", thus cannot be applied.

I use debmirror to create a local repo. It's an older version as I had to run it on Debian 7.

After some fiddling around, I managed to figure out everything I needed to get do-release-upgrade working. For example, debmirror would not get any of the dist-upgrader-all directories.

So I got a handful of systems to upgrade from 14 to 16, but now I'm stuck.

Is there any kind of breakdown (or extra debugging?) that APT (1.2.29) goes through?

I'm looking at network traces. I see that get-apt update fails to pull down files like "Packages.xz". Also, debmirror doesn't support any of the by-hash stuff. Are either of these absolutely required in XENIAL?

I see Packages.gz getting pulled down and also tweaked the repository to also get InRelease files, but get-apt upgrade fails:

root@FOO:~# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following package was automatically installed and is no longer required:
  libio-string-perl
Use 'apt autoremove' to remove it.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

I don't quite know where to start. Some have mentioned to "restore sources.list", but I do believe this is the expected format, and that this is not my issue. Here's my client configuration:

deb http://my_ip:my_port/ubuntu xenial main
deb http://my_ip:my_port/ubuntu xenial-updates main
deb http://my_ip:my_port/ubuntu xenial-security main

The above worked 100% for do-release-upgrade (except for "xenial" replaced with "trusty").

apt-get update does list quite a few "Ign" lines, hence some of my questions above about any additional requirements in XENIAL, again, since v14 was working.