Llarp - Distributed VPN Load Balancer¶
Source:
extern/llarp/README.mdLast updated: 2024-10
Version 1.5.0 - Production-ready VPN load balancer with 16 geographic VPN exit points across the United States.
Simple, Reliable Proxy Load Balancing¶
The Lazarus Network provides HTTP/HTTPS proxy load balancing where every request automatically exits through different VPN workers across multiple US regions:
- 16 VPN Workers - 17.0.0.10 through 17.0.0.25
- Round-robin load balancing - Different VPN exit IP per request
- Geographic diversity - Multiple US cities (Chicago, Dallas, New York, Atlanta, Los Angeles, etc.)
- Simple explicit proxy - Configure once:
http://17.0.0.1:8888
Key Features¶
- Simple Explicit Proxy - One-time configuration:
http://17.0.0.1:8888 - True Load Balancing - Round-robin across 16 VPN workers
- Geographic Diversity - Different US city per request
- Reboot Resilient - All configuration persists across reboots
- Passwordless Management - SSH keys configured between all routers
- Real-time Monitoring - HAProxy statistics dashboard
Architecture¶
┌──────────────────────────────────────────────────────────┐
│ YOUR DEVICE/APPLICATION │
│ Configure proxy: http://17.0.0.1:8888 │
└────────────────────────┬─────────────────────────────────┘
│
↓
┌──────────────────────────────────────────────────────────┐
│ MASTER (17.0.0.1) │
│ HAProxy - Round-robin load balancer │
└────────────────────────┬─────────────────────────────────┘
│
┌───────────────┼───────────────┐
↓ ↓ ↓
Worker 10 Worker 11 Worker 12 ... (16 total)
TinyProxy TinyProxy TinyProxy
+ VPN + VPN + VPN
Chicago Dallas New York
16 Workers: 17.0.0.10-25 Master: 17.0.0.1 (HAProxy on port 8888) Gateway: 17.0.0.2 (DNS and network services)
Quick Start¶
Configure Your Device¶
Set your HTTP/HTTPS proxy to:
Linux/macOS Terminal¶
export http_proxy=http://17.0.0.1:8888
export https_proxy=http://17.0.0.1:8888
# Test it
curl http://ipinfo.io/ip
# Returns a VPN exit IP
Management Interface¶
# HAProxy Statistics Dashboard (real-time monitoring)
http://17.0.0.1:8404/stats
# SSH to master for management
ssh root@17.0.0.1
System Components¶
Network Infrastructure¶
- 1 Master Router (17.0.0.1) - HAProxy load balancer (port 8888)
- 16 VPN Workers (17.0.0.10-25) - TinyProxy + individual VPN tunnels
- 1 Gateway Router (17.0.0.2) - DNS and network services
Software Stack¶
- OpenWRT 24.x - Router firmware on all devices
- HAProxy 3.0 - HTTP proxy load balancer (master only)
- TinyProxy 1.11 - HTTP/HTTPS proxy service on each worker
- ProtonVPN - 16 different geographic VPN connections
- OpenVPN - VPN client on each worker
Network Segments¶
- Core Network: 17.0.0.0/24 (Master, Gateway, and all Workers)
- VPN Tunnels: 10.x.x.x (OpenVPN addressing on tun0 interfaces)
Testing Load Balancing¶
export http_proxy=http://17.0.0.1:8888
export https_proxy=http://17.0.0.1:8888
for i in {1..10}; do
echo "Request $i: $(curl -s http://ipinfo.io/ip)"
sleep 1
done
You should see different IP addresses as requests rotate through the 16 workers.
Performance¶
- Workers: 16 active (17.0.0.10-25)
- VPN Tunnels: All workers connected via tun0
- Load Algorithm: Round-robin (evenly distributed)
- Proxy Mode: Explicit HTTP/HTTPS proxy
- Uptime: Reboot-resilient configuration
- Management: Passwordless SSH between all devices