This article is more than 1 year old
Mozilla dusts off old servers, lights up Tor relays
Worst outcome means 50 percent capacity hit
Mozilla has given the Tor network a capacity kick with the launch of 14 relays that will help distribute user traffic.
It included a pair of Juniper EX4200 switches and three HP SL170zG6 (48GB ram, 2*Xeon L5640, 2*1Gbps NIC) servers, along with a dedicated existing IP transit provider (2 X 10Gbps).
French Mozilla engineer Arzhel Younsi (@xionoxfr) said its network was designed to fall no lower than half of its network capacity in the event of maintenance or failure.
"The current design is fully redundant [which] allows us to complete maintenance or have node failure without impacting 100 percent of traffic ... the worst case scenario is a 50 percent loss of capacity," he said in a post.
"The design also allows us to easily add more servers in the event we need more capacity, with no anticipated impact."
The platform is not close to filling its bandwidth capacity and could receive further improvements including being moved into Mozilla's managed infrastructure and having IPv6 support.
Younsi noted the Tor element of Polaris was still considered an experiment as factors in running effective nodes such as throughput limits for middle and exit relays had to be better understood.
It used the open source Ansible platform for configuration management, a tool under consideration for in-house engineering use, and was secured with strict firewall filters, hardened operating systems and network devices, and edge filters.
"It is important to note that many of the security requirements align nicely with what's considered a good practices in general system and network administration," Younsi said.
Periodic internal and external security checks were set while graphs for 'everything' will be published using Observium to track efficiency.
The Polaris initiative was a effort of Mozilla, the Tor Project and the Centre for Democracy and Technology to help build more privacy controls into technology. ®