I remember reading about OnionBalance a while back when it first came out and I was wondering if any of the market admins or anyone with experience running large darknet sites would chime in on why they seem to prefer to have multiple onion addresses vs a single onion address with OnionBalance. Was this attempted and didn't work out? Or where there any security issues with Onion Balance itself?
OnionBalance, if spread-out over a number of machines will help alleviate some DDoS attacks, but if the number of zombie machines used in an attack are of significant number...a single address (with multiple machines) could still be easily ground to a halt. Killing/suspending some of the addresses and generating new ones leaves the attack dead in the water until they are re-targeted to the new address(es). This is what Dream did for quite a while when they were under a sustained attack.
The markets (at least the bigger ones) most likely use OnionBalance as a way to ensure their markets are zippy/responsive, but likely have to also consider temporarily suspending some addresses and generating new ones regularly in the face of DDoS attacks (or, just wait-out the storm until the person paying for the attack gets bored or runs out of money).