Sort:  

Hey @somethingsubtle, if you're still curious about Gladius' architecture we can answer that.

Gladius pools would run their own DNS service that a website owner would set as their nameservers just like Cloudflare. These DNS servers would first direct a client to the closest node to them, then if that node is at capacity they would direct to the next closest node and so on. Static files are served and traffic is verified by the nodes, then any non static requests are passed through the master node to the destination server. The master node serves to mask the IP of the destination server from any potentially malicious node in the pool.

Thanks for the walkthrough.

So, to clarify, there would be no redundancy in the DNS servers? You would direct to ns1/2.poolname.com which would then send requests to the nearest capable pool.

A DNS-reflection attack of any scale, including the Mirai botnet, would then topple the entire system.