BitTorrent For Enterprise File Distribution?

HotTuna writes "I'm responsible for a closed, private network of retail stores connected to our corporate office (and to each other) with IPsec over DSL, and no access to the public internet. We have about 4GB of disaster recovery files that need to be replicated at each site, and updated monthly. The challenge is that all the enterprise file replication tools out there seem to be client/server and not peer-to-peer. This crushes our bandwidth at the corporate office and leaves hundreds of 7Mb DSL connections (at the stores) virtually idle. I am dreaming of a tool which can 'seed' different parts of a file to different peers, and then have those peers exchange those parts, rapidly replicating the file across the entire network. Sounds like BitTorrent you say? Sure, except I would need to 'push' the files out, and not rely on users to click a torrent file at each site. I could imagine a homebrew tracker, with uTorrent and an RSS feed at each site, but that sounds a little too patchwork to fly by the CIO. What do you think? Is BitTorrent an appropriate protocol for file distribution in the business sector? If not, why not? If so, how would you implement it?"

Different torrent client ?

[drsmithy]

No need to get fancy with an "RSS feed". rTorrent, at least, can be configured to monitor a directory for .torrent files and automatically start downloading when one appears. You could set this up, then simply push out your .torrent file to each site with something like scp or rsync.

ask us

[TheSHAD0W]

Next time you should ask at the official BitTorrent IRC channel [irc].

The Python BitTorrent client [bittorrent.com], which runs on Unix, has a version called "launchmany" which is easily controlled via script. It should fit your needs very nicely.

rsync

[timeOday]

How much do these disaster recovery files change every month? If they stay mostly the same, using rsync (or some other binary-diff capable tool) may let you keep your simple client/server model while bringing bandwidth under control.

In a word, Yes

[cullenfluffyjennings]

I've seen bittorrent used for several business critical functions. One example is world of warcraft distributing updates using it.

Cisco already makes a product to do this - WAAS

[colinmcnamara]

It is like Rsync on steroids. Cisco's Wan optimization and Application Acceleration product allows you to "seed" your remote locations with files. It also utilizes some advanced technology called Dynamic Redundancy Elimination that replaces large data segments that would be sent over your WAN with small signatures.

What this means in a functional sense is that you would push that 4 Gig file over the WAN one time. Any subsequent pushes you would only sync the bit level changes. Effectively transferring only the 10 megabytes that actually changed.

While it is nice to get the propeller spinning, there is no sense reinventing the wheel.

Cisco WAAS - http://www.cisco.com/en/US/products/ps5680/Products_Sub_Category_Home.html [cisco.com]

If the CIO expects "official" support...

[aktzin]

Personally I like the portable media shipment suggestions. But if your CIO/company requires enterprise software from a large vendor with good support, have a look at IBM's Tivoli Provisioning Manager for Software:

http://www-01.ibm.com/software/tivoli/products/prov-mgrproductline/ [ibm.com]

Besides the usual software distribution, this package has a peer-to-peer function. It also senses bandwidth. If there's other traffic it slows down temporarily so it won't saturate the link. Once the other traffic is done (like during your off-hours or maintenance windows) it'll go as fast as it can to finish distributing files.

WAFS from GlobalScape

[Anonymous Coward]

We do something similiar using WAFS by GlobalScape (Previously Availl).

http://www.globalscape.com/wafs/

It provides bit-level updates to data either on a schedule or continuously, and can keep a specified file version archive too. The continuous update to HQ should keep DSL utilisation low.

Re:Bittorrent is not secure

[jd142]

While security is always something to be considered, this from the question:

"private network of retail stores connected to our corporate office (and to each other) with IPsec over DSL, and no access to the public internet"

Private network? Check.
No access to public internet? Check.

So pretty much no way for the files to be seeded outside the company.

And even if there were a way to seed on the internet when they don't have access to it, password protect the file so only a client with the password can download it. That's not unbreakable, but if a competitor wanted the information there are easier ways to get it.

Captain disillusion

[jonaskoelker]

with IPsec over DSL, and no access to the public internet.

Unless you have very long wires, some box is going to route them. Are those your own?

Otherwise, your ISP's router, diligent in separating traffic though it may be, can get hacked.

Why am I saying this? Not to make you don your tinfoil hat, certainly, but just to point out that if the scenario is as I describe, you're not 100% GUARANTEED to be invulnerable. Maybe a few tinfoil strips in your hair would look nice... ;)

About the actual question: bit torrent would probably be fine, but if most of the data is unchanged between updates, you may want to compute the diff and then BT-share that. How do you store the data? If it's just a big tar(.gz|.bz2) archive, bsdiff might be your friend.

If you push from a single seeder to many clients, maybe multicast would be a good solution. But that's in the early design phase I think, which is not what you need :)

Best of luck!

How is the VPN setup

[eagle486]

If the VPN is setup in a standard hub and spoke configuration then bittorrent would not help since all traffic between sites has to go via the central site.

Your best bet is multicast, there are programs for software distribution that use multicast.

Cleversafe?

[Anonymous Coward]

You should take a look at cleversafe.org - it's an opensource 'dispersed storage' infrastructure which allows you to slice up files and distribute them across a network of storage servers. Not sure if this would get you what you want, but it's worth looking into.

Re:it's called dsync

[slashdotmsiriv]

I hate to reply to my posts, but this link has an even shorter description of the tool:

conferences.sigcomm.org/sigcomm/2008/papers/p505-puchaA.pdf

Foldershare?

[MunkieLife]

I like the bittorrent idea more... but if you're looking for something simple and free - Foldershare. Not sure if this works for you, but I use Foldershare to sync files between several of my offices. It is peer to peer, with a central server to initiate the connection. If you have a 4GB file, perhaps you could rar it into smaller pieces, then this could work for you. If you don't have an internet connection though, this totally won't work for you. Heh.

Windows DFS -- Dont use FRS

[anexkahn]

In windows 2003 R2/Windows Server 2008 they really improved DFS. It lets you set up throttling in 15 minute increments, and with Full Mesh replication, it decentralizes your replication..kind of like bit torrent. However, you have to make sure you don't accidentally use FRS, because it sucks. Where I work we have 5 branches that pull data from our data center. I have DFS replication setup so I can have all our software distribution at the local site. I need to keep the install points at all the sites the same, so I use DFS to replicate all the data, then to get to it I type \\mydomain.com\DFSSharename Active Directory determines what site I am in, then points me to the local share. If the local share is not available, it points me to the remote share, or to a secondary share in the same site...so it gives you failover for your file servers. If you don't have any windows boxes, this wont work, and this really locks you into Microsoft, but it won't cost you anything more than what you have already paid. Below is a link to Microsoft's page with more information, including how to set it up: http://www.microsoft.com/windowsserver2003/technologies/storage/dfs/default.mspx [microsoft.com]

Re:Cisco already makes a product to do this - WAAS

[Anpheus]

BitTorrent is not very flexible in this regard and so if you have bits -added- to the middle, then everything after the first added bit will need to be updated.

The worse case is of course, if you have new material at the beginning and everything is shifted. BitTorrent is not designed for that.

Re:Sure, why not?

[Xugumad]

One of the things that always amused was when people claimed Bram Cohen was "selling out" by working with the movie/music industry. BitTorrent was never intended for piracy use, it's merely it's most common use.

It's very regularly used for Linux distros, game patches (World of Warcraft!), etc.

Kontiki

[MikeD83]

I work for a large company (>50,000 employees). IT recently rolled out a new "video delivery service." The system delivers videos to everyone's desktop. The system is designed by Kontiki [kontiki.com]. It's basically an enterprise BitTorrent tool which Kontiki prefers to call, "peer-assisted."

Re:Sure, why not?

[Jbcarpen]

Um, he's pushing files to retail stores that are part of a chain. He's doing this from the corporate office. I don't think the retail stores get much say in the matter, since they aren't customers, they're subsidiaries.

Re:Cisco already makes a product to do this - WAAS

[Anonymous Coward]

>BitTorrent is not very flexible in this regard and so if you have bits -added- to the middle, then everything after the first added bit will need to be updated.

I disagree. Your point holds true if and only if we are talking about a single large file (e.g. a dvd image). As the question pertains to replicating fileS, bittorrent does appear to have the neccessary flexibility. Adding a new file or modifying a file in the middle of a torrent does not force the redownloading of the entire torrent or even any files that appear after the addition - it simply requires downloading the file that has been changed/added.

Re:rsync

[Anonymous Coward]

Yes, and there are ways you can use rsync from well-planned scripts that are very powerful beyond just file transfer.

1. The basic case of "transfer or update existing files at destination to match source." It always takes advantage of existing destination data to reduce network transfers.

2. The creation of a new destination tree that efficiently reuses existing destination data in another tree without modifying the old tree. See --copy-dest option.

3. In addition to the previous, don't even create local disk traffic of copying existing files from the old tree to new, but just hard link them. This is useful for things like incremental backup snapshots. See --link-dest option.

It may not be as sexy as p2p protocols, but you can implement your own "broadcast" network via a scattered set of rsync jobs that incrementally push their data between hops in your network. And a final rsync with the master as the source can guarantee that all data matches source checksums while having pre-fetched most of the bulk data from other locations.

I've been enjoying various rsync applications such as the following (to give you an idea of its power): Obtain any old or partial mirror of a Fedora repository and update it from an appropriate rsync-enabled mirror site, to fill in any missing packages. This is a file tree of packages and other metadata. Concatenate all of the tree's files into one large file. Then use rsync to "update" this file to match a correponding DVD re-spin image on a distro website. Rsync will figure out when most of those file extents cooked into the ISO image are already in the destination file, and just go about repositioning them and filling in the ISO filesystem's metadata. An incredibly small amount of traffic is spent performing this amazing feat.

Re:How I would do it...

[msoftsucks]

Not necessarily true. PGP allows you to sign with multiple keys. Each site would have their own key that they would use to decrypt the file. One file, multiple keys, multiple users. Simple.

Re:The question remains..

[itzdandy]

I also assumed that this was hub and spoke and that the "to each other" statement was just routing. Depending on the number of remote sites, and that he did not mention a specific hardware supplier, I would assume that a meshed ipsec VPN setup would be a task to maintain as it would likely be all manual.

I am all for open source systems but find that Cisco 8xx series routers are well priced(under $500) and easily managed for easy mesh vpn setups for up to 20 links. I run this setup with a ASA5510 at the center and each site connected to the ASA and 4 other sites for remote administration office and any other connections are just routed. Basically a hybrid hub&spoke + appropriate meshing.

Re:Sure, why not?

[nog_lorp]

You're talking about the difference between the provider pirates and the end-user pirates. SCENE people hate p2p. Average Joe-wants-stuff-for-free doesn't know what the "scene" is, and uses p2p (always wondering why torrents say RELOADED or RAZOR1911).

Re:Cisco already makes a product to do this - WAAS

[he-sk]

Even with a large file only the differences can be retransmitted with bittorrent, provided that the overall filesize doesn't change. At startup, bittorrent will verify the local data and then discard and redownload the chunks that don't match the checksum in the torrent file.

But rsync would be a better solution in this scenario as it was explicitly designed for such a use and will handle changes to the file much better.

Re:Chained client/server

[Anonymous Coward]

Bittorrent will do this for you.
Especially with Super-seeding/Initial seeding.

Re:Kontiki

[thintz]

I too work for a large company that rolled out Kontiki. Like the previous poster mentioned Kontiki is a commercial, enterprise class BitTorrent like tool. We also use it to deliver video to the desktop. I havn't worked directly with those guys for years but believe you could use it for most any type of content. I believe they can handle your security needs as well as dynamically adjust how much bandwidth they are using based on a number of different criteria. I'd give them a call to at least inquire further. http://www.kontiki.com/ [kontiki.com]

Re:Snail-mail USB sticks

[JamesTRexx]

If it's between Windows servers, you can try DFS (although I haven't seen it really do one-way replication) or just use robocopy.
We use both to replicate data between windows servers internally and on external sites.

Re:rsync

[timeOday]

I swear by cygwin, which lets you use rsync plus hundreds of other POSIX/Linux applications [cygwin.com]. These are the real McCoy, not half-baked re-implementations.

Re:BitTorrent not efficient for this scenario

[iammani]

uTorrent supports this. It is called Initial Seeding. And it does exactly what your script intended.