[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Load Balancing/High Availability Hidden Services



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I can talk all day about optimising and making a HS faster, but
nothing matches a DNS-round-robin pool for example in that respect.
Most optimisations you can make will be down to software you run and
splitting loads. So for example, if you have a high traffic site, you
can pan it out to 2-3 hidden services. So HS1 serves the general
requests, HS2 serves the static/cached content like images, and you
perhaps run the heavy downloads from HS3, so high load on any
particular one won't effect others and also split the web page loads
between several HS addresses and it won't be very noticeable to the user.

Use my XMPP (below in my signature) to get in touch if you want to
discuss in more detail. I have my own hidden service projects open
right now and in development to handle high loads so we can exchange
notes and release our info with others once we know what does and
doesn't work in each particular use case.

T



On 11/03/2015 15:27, MacLemon wrote:
> Hoi!
> 
> I'm looking into ideas for creating “load balanced” or “high
> availability” hidden services. Mostly pertaining to web servers
> serving large-ish static files. (Let's say 5-100MB each.)
> 
> Load balanced as in not all requests end up at the same box to
> speed up downloads. High availability as in the service is still
> available if one box goes down or is taken offline for
> maintenance.
> 
> So, not exactly your usual distributed-cluster setup.
> 
> 
> From what I understand it would not make sense to run the same HS
> Key on multiple boxes since the descriptors would overwrite each
> other every few minutes.
> 
> I don't think one can do something like Round-Robin DNS with HS.
> 
> So the only way I can imagine this to work is a central redirection
> node that know about all the nodes and more or less
> intelligently/randomly 302 redirects each file request to a
> known-to-it server.
> 
> This still leaves a single-point-of-failure in form of the
> redirection server but would at least distribute the traffic load
> across multiple servers and cope for nodes coming and going.
> 
> Has anyone done something like this?
> 
> Thanks a bunch! MacLemon
> 
> 
> 

- -- 
Activist, anarchist and a bit of a dreamer.
Keybase: https://keybase.io/thomaswhite

PGP Keys: https://www.thecthulhu.com/pgp-keys/
Current Fingerprint: BA81 407C BD61 CD15 E5D9 ADA9 5FA2 426F F34E 0FD4
Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0

Twitter: @CthulhuSec
XMPP: thecthulhu at jabber.ccc.de
XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJVAJeAAAoJEF+iQm/zTg/U30MP/RlMFa53FYFGHtj0igUMf9Z9
lZlE4EKAfoh2ZyqV27y85IR50/gK1kbQYGk3VNEh5lbvcLWqNpvpRie1rK3RnChl
3n+Qdf3A3psz2s9X+kRjR4tMwD85irtWo0Pik6pJWoN4lANoeag4PGjfekIJsfda
XKa/rAriJ+ZzEy5yPlfg/zrRWusNAUd8f719PhG32eycrJuTzUYmygtEUPaw4ndX
wdN3RZZI2yx0jbGSNwmXftGgQ9FKn38uOy7sq7OqjLiQ/yUKZRn0grezvcAyZlwg
wkWNSyz9R31CI4Wqv+EiQD3rRRoLmKHHRG5SdPXHOBCFoJz2iMat7eZ2yde9NLwP
E1vgOZc/0JzqXbzAK924tfE4pWqRgXdnzRgLbILQIJEEt4faXg654cPqGmhhD8lL
6FpJbJLHVHtCiGJoYLm6NyPI5KTORcB894q13VcGt+NzGFh/zc9V3Oh9Xfu2mM6P
pX7d0W9tT9mW31NW6ac91e9M/MCDwcqiXcVvGazzT7x4b7bv+PbTugoNfx5fHt7L
CozNwSUPrUaRAmG07gb7fw916APmDjR9TEG4F0M7+dri41aLlnFO4+YxP7mA3fvC
da6Vxc9v9vvMZPSIIxU3x5Fna524+ur0i8hvaCSpmERHlOmObMUGzh2FdsNBJCLU
SnU0kg3rprDEZloRevsa
=YLLX
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk