Top-Level Relays

Fake Root is what it has been called, but I suppose there is no official term.

You can do this also if you have control over the DNS of the machines at the remote location. You can just set the DNS they use to resolve the root server as a local relay. You probably could even use DNS load balancing to have the DNS resolve the hostname of the local relays randomly instead of always returning the same IP, though it would need to return the same IP for the same connecting client for things to really work well.

The “Fake Root” concept goes even further and has the root DNS name ALWAYS resolve to a single top level relay instead of the root server. This allows you to more easily restrict access to the root server. It also allows you to keep load off of the root server and put as much load as possible on this single top level relay that can be swapped out much more easily than the root server. You can put a lot of storage on the cache of this top level relay and set it to do internet downloads so that they are not done by the root and reduce the storage needs of the root server. You can also have this top level relay be the one responsible for decrypting reports. You could set it to hold onto more reports for longer so that it can send them up to the root in larger batches to further reduce load on the root server.