Skip to content

Trial deployment of Snowflake with Turbo Tunnel

We now have a turbotunnel branch of Snowflake that uses an inner transport protocol to migrate session across multiple proxies.

I want to deploy a bridge that supports Turbo Tunnel, then make Tor Browser builds and invite testers to test them.

There's the question of whether to run the Turbo Tunnel code on the existing public bridge, or to set up a second bridge reserved for the Turbo Tunnel experiment. I propose to run the Turbo Tunnel code on the existing public bridge (i.e., snowflake.torproject.net). This is because (1) the Turbo Tunnel server is backward-compatible with non–Turbo Tunnel clients, and (2) we would need to somehow provide proxy capacity for the second bridge, which our current proxy code cannot easily handle. Running a separate bridge would have the advantage, though, that because we would have to run our own special proxy-go instances to support it, we could closely control the proxy environment; but part of my goal in an experimental deployment is to see how the Turbo Tunnel code fares with the organic proxies we have now.

I've have versions of the code using two different session/reliability protocol libraries: kcp-go and quic-go. Other than to note that the two libraries are basically equivalent in features, I haven't done much to compare them as to performance. kcp-go is more mature and stable, while quic-go adds fewer dependencies to the Tor Browser build.

We could make use of this opportunity to compare the two options. We set up a triple-mode bridge: supporting legacy, KCP, and QUIC clients. We make two Tor Browser builds, one with KCP and one with QUIC, and invite testing of both. Based on the results of user testing, we decide which we like better, and finally deploy only that option (and the backward-compatible mode). The only thing is, giving people two options to test is more confusing than giving them one.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information