Scalable Holo Proxy === [Diagram]( ) ## Q1: Why would one want to use this vs our existing proxy set up? A:there are multiple problems with current setup: A) in current proxy setup, entity that does proxying and mapping of hosts to zerotier ip addreses is coupled together. kong doesn't have a good proxy route distribution story. which means, strictly speaking, that with the exact current setup can only ever vertically scale. this is bad for many reasons: 1) proxies should ideally be as close to the user as possible, reducing amount of hosts/improving the latency 2) centralized setup doesn't scale beyond bandwidth available to a single box 3) if proxy goes down, entire holo hosting system goes down with it B) current proxy is completely insecure and does no validation or authentication checks whatsoever. this means that at this moment, anyone can bring the whole holo hosting system down just by overwriting all dns records to a fake value C) The overall hosting cost for this system is a fraction of the cost for using something like Kong when many nodes are connected (no matter the host) as a result of depending on a single box, we can't leverage cheap egress because the only boxes with high throughput are aws/packet with expensive egress that will cost us $27k+ dollars to use monthly for just maintaining 1Gbps egress (can only maintain 10 typical saturated residential connections), it doesn't make any sense to host proxies on aws or packet ## Q2: Why would we not want to use cloudflare to do this proxying? because all options that cloudflare supports mean that cloudflare has access to the entirety of holo hosting traffic. This proposed solution is lower cost, easier to manage than cloudflare solution, and offers privacy promised to our users in IGG campaign, out of the box ## Q3: Why can't cloudflare magic transit work? it appears as if cloudflare magic transit can't make a host that is under nat and doesn't have a public address publicly routable which is why we need proxy in the first place. This solution will require argo tunnels. + $5/Month First 1 GB of transfer free; $0.10 per GB thereafter. Argo tunnels are prohibitvely expensive, even if we create a commercial account deal, the prices will still be massive. ## Q4: ## Proxy infrastructure cost comparisons 1Gbps (worth 10 average saturated residential connections) = 324 TB/mo 1Gbps price: - AWS/kong solution: $25538.56/mo (after discount: $0.15/GB * 10TB + $0.10/GB * 40TB + $0.08/GB * 100TB + $0.07/GB * 100TB + $0.06/GB * 74TB) - Argo Tunnels: $5/mo per HoloPort + $33177.60/mo - Packet + Yegor proxy solution + zt: anywhere from $1658.88/mo to $16588.8/mo depending on discount - OVH + Yegor proxy solution + zt: $180.24/mo