#17890 closed task (fixed)

Separate the meek bridge backing paid CDNs from the one we tell the general public to use

Reported by: dcf Owned by: dcf
Priority: High Milestone:
Component: Obfuscation/meek Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

In source code and examples, we recommend https://meek.bamsoftware.com/ (port 443) for use by the general public. But that's also the backing bridge for meek-azure, and it's rate-limited to reduce costs.

We should split it into two bridges (e.g. running on different ports). Rate-limit the one behind the paid CDN, because that's the expensive one. Make the other one unlimited (if someone else is paying the CDN fees, they can use all the bandwidth they want).

This will enable more people to use the default meek-azure at the same speed, while enabling people who set up their own to go fast.

Child Tickets

Change History (2)

comment:1 Changed 23 months ago by dcf

My plan is to change our paid CDN configuration to point to

https://meek.bamsoftware.com:7443/

which will hold the current bridge and its current fingerprint. Then establish a new bridge at

https://meek.bamsoftware.com/ (port 443)

with a new fingerprint that will be the unlimited one.

This way all the users who go through our CDN will get the rate-limited service, while others who set up their own CDN will get the faster service. The only thing that might go wrong is if someone is currently using port 443 and has hardcoded a bridge fingerprint.

The Azure CDN doesn't let you change the CDN origin without issuing a support request. I sent a message to get that started.

comment:2 Changed 22 months ago by dcf

Resolution: fixed
Status: newclosed

This is done. Here is the rate-limited bridge backing the paid CDN (same identity key as before):

https://meek.bamsoftware.com:7443/
https://globe.torproject.org/#/bridge/AA033EEB61601B2B7312D89B62AAA23DC3ED8A34

Here is the new unlimited bridge for others to use with their own CDN setup (different identity key):

https://meek.bamsoftware.com:443/
https://globe.torproject.org/#/bridge/C20658946DD706A7A2181159A1A04CD838570D04

Note: See TracTickets for help on using tickets.