Server Infrastructure - China / Australia

Question

I've been working for a while on developing a custom intranet for a client in Australia for the last few years. The difficult part is that, it needs to be accessed as much by the Chinese team as the Australian team and the data must be the same for each

FIY: The software is a PHP application + Mysql Database (used by ~20 people daily).

TRY 1

We first started with a dedicated OVH server from Canada, which work great for the australian team but the chinese team had very slow speed while accessing it.

TRY 2

We tried a server hosted in HongKong which did not change much.

TRY 3

We then tried migrating to AWS China with a EC2 server + RDS DB which work decently for the chinese team and average speed for the australian team.

This has been our setup for the last 3 years, it's not perfect but it works more or less for everyone and we have real time data between us.

However lately, after decent speed in the morning for the AUS team, the afternoon are crippled with lags and packets loss. (AWS RESPONSE: due to the Chinese ISP's international link congestion/ CN Firewall).

They suggested we tried their direct connect service. We trialed it for a few weeks and it is was for sure more stable but did not justify the benefits versus the costs (it's not cheap)

So that's it. I'm at loss to find a solution that works for everyone and would like to know if you guys have any ideas/thoughts on how to improve this situation or any counsel on a better architecture/setup.

PS: Let me know if you guys need more details.

EDIT 1 : 6-03-2020

I've setup a NGINX proxy server in a different region in china which is less congested during peak times and redirecting all AUS traffic there (who then get redirected to our normal server). This seems to have improve stability quite a bit (2%-10% packets loss VS 40%-75% before). Not a perfect solution but a temporary solution. I'll monitor and keep updated.

Answer 1

There is no neatly packaged answe for this question. There are a few thoughts, some of which may be valid, some of which may make your particular situation work and some of which may or may not be practical.

Thought 1 - What about trying colocating somewhere else in Asia outside of China? I'm thinking of Singapore. I doubt the Great firewall is a monolithic machine equally capping all traffic - if you can find a less heavily congested route, the firewall maintaining it could cope better. (I might be inclined to try Thailand, Malaysia or the Philippines as well)

Thought 2 - Revisit your setup. Are you able to do some kind of multi-master replication of your data? (Maybe something like Gluster or MooseFS, or, at a file level, maybe Owncloud or similar). This is more complex and may be trading in 1 headache for another - how this works really depends on the kind of server.

You haven't talked much about your application/server. If, for example, its a database, you may be able to replicate the database and have reads happen at a local site, with writes being written to a single source of authority. This won't fix the problem, but could mitigate it.

Have you tried a different protocol. A VPN might improve (or make worse) your issues, depending on how the great firewall chooses to classify the traffic.