Massively Distributed CDN

M

mic_y

Expert Member
Joined
Dec 23, 2004
Messages
1,646
Reaction score
10
Location
Slaapstad
This post goes out to some of the sys-admins that lurk in these parts of the forum. Do you have any unused server capacity that you would like to monetize? The basic idea is that you run a client application on these under-utilized servers that serve CDN traffic to users and get paid for it.

If you are interested please dont hesitate to get in touch.

Cheers,
Michael
 
Nature of traffic, volume of traffic, nature of app, and how much money?
 
mic_y said:
This post goes out to some of the sys-admins that lurk in these parts of the forum. Do you have any unused server capacity that you would like to monetize? The basic idea is that you run a client application on these under-utilized servers that serve CDN traffic to users and get paid for it.

If you are interested please dont hesitate to get in touch.

Cheers,
Michael
Click to expand...

First question, what type of traffic are you talking about, what type of applications, what rights would it need on the systems etc etc etc...
 
Thanks for all the responses so far guys. I will work on getting answers to all of your questions to the best of my abilities. Keep the questions coming.
 
Last edited:
I like this I had a similar idea too well the exact same idea haha. This can be big!
 
Thor187 said:
I like this I had a similar idea too well the exact same idea haha. This can be big!
Click to expand...
Except there has to be a level of trust involved. No adequate system admin will run unknown apps on their system from a third party. Could be used for anything including money laundering, porn, phishing, etc
 
imranpanji said:
Except there has to be a level of trust involved. No adequate system admin will run unknown apps on their system from a third party. Could be used for anything including money laundering, porn, phishing, etc
Click to expand...

Given that this is a CDN so there will potentially be large volumes of traffic, most sysadmins will be wary of these because the possibility for negative impact to their own production systems will be pretty damn high if you ask me.

Also how will one differentiate traffic to this "CDN" in terms of billing, and who will be reponsible for paying that specific tab?
 
imranpanji said:
Except there has to be a level of trust involved. No adequate system admin will run unknown apps on their system from a third party. Could be used for anything including money laundering, porn, phishing, etc
Click to expand...

This was also a major concern for me when I was approached by the developers. I would agree that the source code for the "seed" would need to be public to ensure no funny business. Given how simple it is, I don't think that combing through the source code would be too much of a problem.

I am still waiting on some feedback from the Devs regarding the above security concerns.
 
mic_y said:
This was also a major concern for me when I was approached by the developers. I would agree that the source code for the "seed" would need to be public to ensure no funny business. Given how simple it is, I don't think that combing through the source code would be too much of a problem.

I am still waiting on some feedback from the Devs regarding the above security concerns.
Click to expand...

Since this is a CDN rollout there is likely to be an SLA, the availability aspect to content distribution networks… how would they measure the monetisation? Why not go true P2P or has the devs used P2P tech in their said CDN?
 
Fulcrum29 said:
Since this is a CDN rollout there is likely to be an SLA, the availability aspect to content distribution networks… how would they measure the monetisation? Why not go true P2P or has the devs used P2P tech in their said CDN?
Click to expand...

Basically the idea behind this is that with a large number of seeds the content will always be delivered to you from your own network or a node that is closest to your network.

There are separate "Routers" on the CDN that decide which Seed to route a particular request to (based on speed, location, etc). Obviously the higher the seed's rating, the the more requests would be routed to it, the more content it would serve, and hence the higher income that seed owner would receive. The "Routers" also keep track of things such as logging of connections. Obviously all this data is then sent to accounting servers which allows the CDN to bill clients and pay their suppliers (the seeds).
 
imranpanji said:
Except there has to be a level of trust involved. No adequate system admin will run unknown apps on their system from a third party. Could be used for anything including money laundering, porn, phishing, etc
Click to expand...

Definitely. Hence why I wanted/still want to.

Create a local version of maxcdn and cdnjs for static files and libraries

This was back in 2014 so not sure if hosting it locally (sa) would still be a big improvement.
 
I'm going to approach this from a different direction than the other replies here:

What happens if one of the sysadmins are compromised and start serving malicious data? Are you going to audit the security of every partner regularly?

Also take into account that tech savvy people will notice when website traffic originates from seemingly random IP addresses not related to the service they're using (if it is web-based at all). This will also interfere with anything that depends on whitelisting domains and IP ranges.
 
Elite Override said:
Also take into account that tech savvy people will notice when website traffic originates from seemingly random IP addresses not related to the service they're using (if it is web-based at all). This will also interfere with anything that depends on whitelisting domains and IP ranges.
Click to expand...

How is this any different from using any other CDN? Do you notice when an image is loaded from Akamai or MaxCDN when you go to a website that uses either of these services as a CDN?

Regarding compromised Seeds, I will ask the developers what their thoughts are regarding this.
 
mic_y said:
How is this any different from using any other CDN? Do you notice when an image is loaded from Akamai or MaxCDN when you go to a website that uses either of these services as a CDN?

Regarding compromised Seeds, I will ask the developers what their thoughts are regarding this.
Click to expand...

You do and it can cause a k@k long waiting time for the page to load.

Trello is a great example they cdn everything all over the place. One would have thought a site that big would cdn.trello. But no they cdn from 50 different IPs

Also if your office white list IPs chances are those sites won't work
 
mic_y said:
How is this any different from using any other CDN? Do you notice when an image is loaded from Akamai or MaxCDN when you go to a website that uses either of these services as a CDN?
Click to expand...

I do notice when assets are loaded from, for example, Akamai among others, but that's not the issue I had in mind.

There are two ways you can go about this:

1. You have a CDN domain with a server that acts as a load balancer between the clients and the seeds. This ensures that all requests (from the client's perspective at least) come from a domain controlled by you. This has the disadvantage that you still have to pay for all the bandwidth involved on that server.

2. Your CDN domain redirects/reroutes requests directly to seeds IPs. This creates the problem I mentioned earlier, and also discloses the addresses of your seeds for potential attacks.

Something I didn't mention earlier is that HTTPS/TLS is vital in both cases. And in the first case you need a secure connection between the client and CDN, as well as betwen the CDN and the seeds.
 
Anycast can be used and is used in most big CDN companies.... like CloudFlare. You don't see a South African IP address, you see their normal range of IP's, that IP is then just routed to the closest server to the person requesting it. So the case of whitelisting and IP would only ever have to happen once.
 
halfmoonforever said:
Anycast can be used and is used in most big CDN companies.... like CloudFlare. You don't see a South African IP address, you see their normal range of IP's, that IP is then just routed to the closest server to the person requesting it. So the case of whitelisting and IP would only ever have to happen once.
Click to expand...

If only trello knew about this
 
ToxicBunny said:
First question, what type of traffic are you talking about, what type of applications, what rights would it need on the systems etc etc etc...
Click to expand...

Ah... just a bit of tor, dark web stuff - a few dodgy transactions or pics here or there... lol
JK!
 
Thor187 said:
You do and it can cause a k@k long waiting time for the page to load.

Trello is a great example they cdn everything all over the place. One would have thought a site that big would cdn.trello. But no they cdn from 50 different IPs

Also if your office white list IPs chances are those sites won't work
Click to expand...

Yeh... best practice - introduce fewer DNS queries if you don't want bottlenecks.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X