The following sections describe the Cisco Enterprise Content Delivery System (ECDS):
•What is Cisco ECDS
•How Cisco ECDS Works
•Content Delivery System Architecture
•Where to Go Next
What is Cisco ECDS
The Cisco ECDS is a distributed network of Media Delivery Engines (MDEs) running Content Delivery Applications (CDAs) that collaborate with each other to deliver multi-format content to a variety of client devices. The client devices supported are personal computers and Wi-Fi-enabled mobile devices, such as personal digital assistants (PDAs).
The ECDS supports a variety of mechanisms to accelerate the distribution of content within the content delivery network. The ECDS offers an end-to-end solution for enterprises to ingest and stream video to viewers throughout the enterprise.
The ECDS functionality can be separated into four areas:
Each MDE in the ECDS contributes to one or more of these functions as determined by the CDAs running on it. Table 1-1 describes the relationship between the CDA names and the Cisco Enterprise Content Delivery System Manager (CDSM) device names.
Table 1-1 CDA Mapping to Functionality and CDSM
Media Streamer (+ Content Acquirer)
Ingest, distribution, and delivery
Service Engine (SE)
Redirect client requests for delivery
Service Router (SR)
Enterprise Content Delivery System Manager
The Service Engine can function as a Content Acquirer (CA) and Media Streamer, or just as a Media Streamer.
Figure 1-1 shows the major elements of an ECDS network. How content flows, from ingest to distribution within the ECDS, to delivery to client devices, is dictated by the content delivery services defined for each Content Origin. A delivery service is a configuration defined by using the CDSM and consists of configuration parameters that dictate how content is ingested and distributed, and what content is delivered to the client devices. Some of the primary delivery service definition parameters include:
•Service routing domain name
•Service Engines participating in the delivery service
•Service Engine designated as the Content Acquirer
The Content Acquirer is only active on one Service Engine in each delivery service.
Figure 1-1 High-Level View of the Cisco ECDS
How Cisco ECDS Works
The following sections briefly describe the elements of the ECDS:
•Ingest and Distribution
For more detailed information, see the "Content Delivery System Architecture" section.
Ingest and Distribution
The Service Engine designated as the Content Acquirer for a delivery service is the ingest device. Cisco ECDS supports the following methods of content ingest:
•Live Stream Ingest and Split
The distribution of content within the ECDS is determined by the method of ingest used.
Note The maximum supported number of prefetched content items is 200,000.
The Content Acquirer receives metadata from the backoffice in the form of an XML-formatted Manifest file, which pulls the content into storage on the Content Acquirer using the information in the Manifest file. The content can be ingested by using the following supported protocols:
•Local files, which are files copied to the Service Engine
The ingested content is then distributed to all Service Engines in the content delivery service. The content is stored on each Service Engine's hard disk for a configurable amount of time or until the content entry gets deleted from the Manifest file. This is called content pinning.
The Manifest file can be used to specify different policies for content ingest and also for streaming the prefetched content. For example, the policy could include specifying the expiry of the content, setting time windows in which the content is made available to users, and so on.
Note The maximum supported number of content files that can be prefetched on each SE is 200,000.
Content can be dynamically ingested into the ECDS. Dynamic ingest is triggered when a Service Engine's Media Streamer application does not find a client's requested content in its local hard disk storage. All Service Engines participating in the content delivery service coordinate to form a content distribution tunnel starting at the origin server and ending at the Service Engine responding to the client request. As the content flows through this tunnel, the participating Service Engines cache a copy of the content. Subsequent requests for the same content are served off the ECDS network. Content ingested and distributed by this method is deleted if clients do not request it frequently.
The Cisco CDSM manages this ingest method internally, not by instructions embedded in a Manifest file, and manages the storage automatically. The Cisco CDSM also provides the ability to purge any dynamically ingested content out of the Service Engines. Content is identified by a URL, which is also used to delete the content.
The hybrid ingest method provides a very powerful solution by combining the features of the prefetch ingest and the dynamic ingest methods. The metadata and control information about the content, defined in the Manifest file, is propagated and pinned to all Service Engines participating in the content delivery service. However, the content is not prefetched. Ingest occurs upon user request for the content. Content that is cached on the Service Engines by using this method is subject to the same deletion rules as the dynamic ingest method. The metadata that is propagated can be used to specify explicit controls and policies for streaming the content.
Note In the current release, the origin server OFQDN is always used, and the hostname/port in the Manifest file is ignored.
See the following sections for more information:
•"Content Acquirer Selection for Dynamic or Hybrid Ingest" section
•"Specifying Hybrid Ingest Content" section
Live Stream Ingest and Split
The live stream ingest method distributes a live content feed to all the Service Engines participating in the content delivery service and helps to scale the content delivery to a very large audience. This method leverages the live stream splitting capabilities of the Media Streamer application and optimizes the access by doing a one-to-many split to all Service Engines in the content delivery service. The Cisco EDSM provides the necessary interface to schedule the streaming of live programs. Advanced techniques are used to enhance the performance of live streaming.
The Service Router handles client requests for content and determines the best Service Engine to deliver it based on proximity, load, and health states.
Once the best Service Engine has been determined, the content is delivered to the client device by means of one of the following mechanisms:
•Static Content Download Using HTTP—Content is downloaded by the client device before it can be rendered to the user.
•Progressive Content Download Using HTTP—Content is rendered in segments to the user before it has been fully downloaded.
•Content Streaming Using HTTP, RTMP, RTSP, or RTP—Content is streamed to the client device, Service Engines collect feedback and can fine-tune streaming. Advanced error recovery can also be performed. This is a very common method of streaming video content to client devices. Real-Time Messaging Protocol (RTMP) is part of the Flash Media Streaming feature. RTMP support is for managed domains only.
ECDS supports two types of routing:
•Routing Using WCCP—In the WCCP transparent routing method, requests for content made to an origin server are intercepted by a WCCP-enabled router. The WCCP-enabled router transparently redirects the request to a Service Engine. This type of transparent redirection allows traffic interception on any traffic port on a specific router. WCCP contains many fail-safe mechanisms to ensure that the request interception remains entirely transparent to the end user. See the "Routing Using WCCP" section for more information.
•Routing Using the Service Router—The Service Router mediates requests from the client devices and redirects the requests to the most appropriate Service Engine. It monitors the load of the devices and does automatic load balancing.
The Service Router is the authoritative Domain Name System (DNS) server for the routed request for the fully qualified domain name (FQDN) of the origin server. In other words, the Request Routing Engine responds to any DNS queries for that domain.
This type of Request Routing uses RFQDN-based redirection. See the "RFQDN Redirection" section for more information.
The Enterprise CDSM, a secure Web browser-based user interface, is a centralized system management device that allows an administrator to manage and monitor the entire ECDS network. All devices, Service Engines and Service Routers, in the ECDS are registered to the Enterprise CDSM.
Service Engines can be organized into user-defined device groups to allow administrators to apply configuration changes and perform other group operations on multiple devices simultaneously. One device may belong to multiple device groups.
The Enterprise CDSM also provides an automated workflow to apply a software image upgrade to a device group.
Content Delivery System Architecture
The ECDS consists of an Enterprise CDSM, one or more Service Engines, and one Service Router. For full redundancy, an ECDS would include an additional CDSM and Service Router. The Service Engine handles content ingest, content distribution within the ECDS, and content delivery to client devices. The Service Router handles client requests and redirects the client to the most appropriate Service Engine. The Enterprise CDSM manages and monitors the ECDS, the delivery services, and all the devices in the ECDS.
This section describes the following:
•Content Delivery System Manager
•Resiliency and Redundancy
Each Service Engine can function both as a Content Acquirer and Media Streamer, or just as a Media Streamer. Based on the Service Engines' assignments to different delivery services, the right set of applications supporting the functions is enabled. For example, only one Service Engine is assigned the role of Content Acquirer in each delivery service. In addition, the Service Engine assigned as the Content Acquirer in a delivery service also includes the functions of an Media Streamer.
Both the Content Acquirer and the Media Streamer applications have storage and distribution functions within the ECDS, which include the following:
•Management of content and metadata physical storage. Content URLs are translated into their physical file paths for content retrieval, deletion, and update.
•Management of dynamically ingested content and periodic replacement of content not frequently accessed. Content replacement is performed by sophisticated content-replacement algorithms. The algorithms add "weight" to the content according to size, frequency of access, and other attributes to produce the list of content that needs to be purged.
•Ingest of prefetched content and retrieval of such content for distribution to other Service Engines in the same delivery service.
•Maintenance of information about the entire ECDS topology and all the delivery services. This includes upkeep of a list of Service Engines in the same delivery service that is used for distributing prefetched, dynamic, and live stream content.
•Maintenance of the database that stores and distributes metadata about the content, and the topology and delivery service information.
•Distribution of content on a per-delivery service basis, where the flow path of content could differ from one delivery service to another.
See the following sections for more information:
Every delivery service requires a Content Acquirer, which is a CDA that resides on every Service Engine. The Content Acquirer CDA becomes active when the Service Engine is designated as the Content Acquirer in a delivery service. The Content Acquirer has the following functions and capabilities:
•Fetches content from origin servers using HTTP, HTTPS, or CIFS (Dynamic ingest supports HTTP only).
•Supports the NT LAN Manager (NTLM) and basic authentication for ingesting content from the origin servers.
•Creates and distributes the metadata for each of the prefetched contents according to the Manifest file and the information returned by the origin server.
Once the Content Acquirer has ingested the content and distributed the metadata, it creates a database record for the metadata and marks the content ready for distribution. All other types of ingest (dynamic, hybrid, and live stream) are handled by the Content Acquirer as well.
All Media Streamers participating in a delivery service pull the metadata from a peer Media Streamer called a forwarder, which is selected by the internal routing module. Each Media Streamer participating in a delivery service has a forwarder Media Streamer. The Content Acquirer is the top-most forwarder in the distribution hierarchy. In the case of prefetched ingest, each Media Streamer in the delivery service looks up the metadata record and fetches the content from its forwarder. For live or cached content metadata, only the metadata is distributed.
The content associated with the metadata for live and cached content is fetched by the specified protocol engine, which uses the dynamic ingest mechanism. When a request for a non-prefetched content arrives at a Media Streamer, the protocol engine application gets the information about the set of upstream Media Streamers through which the content can be acquired. In the case of dynamic ingest, the Media Streamer uses the cache routing function to organize itself as a hierarchy of caching proxies and performs a native protocol cache fill. Live stream splitting is used to organize the Media Streamers into a live streaming hierarchy to split a single incoming live stream to multiple clients. The live stream can originate from external servers or from ingested content. Live stream splitting is supported on the following:
•Windows Media Engine
•Movie Streamer Engine
•Flash Media Streaming Engine
The Media Streamers use service control to filter and control incoming requests for content. The service rules are encapsulated under the Service Control option in the Enterprise CDSM.
The Media Streamers send keep-alive and load information to the Service Router that is participating in the same delivery service. This information is used by the Service Router to choose the most appropriate Media Streamer to handle the request.
The Media Streamer function is implemented as a set of protocol engine applications. The protocol engine applications include the following:
•Windows Media Engine
•Movie Streamer Engine
•Flash Media Streaming Engine
All HTTP(S) client requests that are redirected to a Service Engine by the Service Router are handled by the Web Engine. On receiving the request, the Web Engine uses its best judgment and either handles the request or forwards it to another component within the Service Engine. The Web Engine, using HTTP(S), can serve the request from locally stored content in the ECDS or from any upstream proxy or origin server.
An HTTP(S) client request that reaches the Service Engine can either be from a Service Router redirect or from a direct proxy request.
On receiving an HTTP(S) request for content, the Web Engine decides whether the content needs to be streamed by the Windows Media Engine, and if so, hands the request over to the Windows Media Engine, otherwise the request is handled by the Web Engine.
For more information, see the following sections:
The Web Engine interfaces with the storage function in the Service Engine to determine whether the content is present locally or whether the content needs to be fetched from either an upstream Service Engine or the origin server.
The Web Engine communicates to the upstream Service Engine for cache-fill operations. This interaction is based on HTTP(S). This cache-fill operation is on demand and hence only occurs when the content is not stored locally. The upstream Service Engine can be selected dynamically by means of the Hierarchical Cache Routing Module, or can be configured statically through the Enterprise CDSM. The Hierarchical Cache Router generates a list of upstream Service Engines that are alive, ready to serve the request, and part of the delivery service. If the Web Engine is unsuccessful in locating the content on one of these Service Engines, the content is retrieved from the origin server.
Whether the content is found locally or retrieved and stored through the cache-fill operation, the Web Engine serves the content based on the following:
•Freshness of content—The freshness of prefetched content is governed by a time-to-live (TTL) value set for the content in the delivery service configuration. The TTL specifies the rate at which content freshness is checked. This setting is configured for each delivery service either by using the CDSM or by specifying this setting in the Manifest file for the delivery service.
For cached content, which is content ingested by means of the dynamic ingest or the hybrid ingest method, the freshness check is performed by the Web Engine in compliance with RFC 2616. If the origin server does not provide an expiry time, the Web Engine uses the age multiplier setting, the minimum TTL setting, and the maximum TTL setting to determine the freshness of the content.
Note This algorithm is used to determine freshness for cached content based on the expire time. It is not used to determine the popularity of the content.
This expiry header validation is just one case to decide whether content revalidation is needed or not. Revalidation is also decided based on cache control headers that are part of request headers, and the min-fresh, max-stale, max-age parameters that can come in both request and response headers.
If the origin server provides the expire time, it is used to determine the freshness of the content. If the expire time is not available, the expire time of the content is calculated as follows:
Expire_time = (Create_time - Last_modified_time_from_origin_server) * age multiplier
The create time is the time on the ECDS when the content was cached. The last modified time is the time the content was last modified on the origin server. The age multiplier value (as a percentage) is used to shorten the time it takes to have the content revalidated.
For example, if the create time was May 5, 2009 12:00 and the origin server last modified the content on May 1, 2009 12:00, then the expire time would be 4 days. If the age multiplier was set to 50 percent, the expire time would be 2 days.
The calculated expire time is compared with the minimum TTL and maximum TTL settings. If the expire time is greater than the maximum TTL, the maximum TTL is used as the expire time. If the expire time is less than the minimum TTL, the minimum TTL is used as the expire time.
Using the example above, if the minimum TTL was 3 days and the calculated expire time was 2 days, then the minimum TTL is used as the expire time. If the maximum TTL is 10 days, then the calculated expire time still uses the minimum TTL of 3 days as the expire time. The min/max TTL algorithm follows:
Expire_time = if (MINTTL < Expire_time < MAXTTL), then Expire_time
else if Expire_time < MINTTL, then MINTTL
The expire time is compared with the cache age in order to determine whether the content needs to be revalidated by the origin server. If the cache age is less than or equal to the expire time, then the content is considered fresh. The following calculation is used to determine the cache age:
Cache_age = Current_time - Create_time
In our example, if the current time is May 25, 2009 12:00 and the create time is May 5, 2009 12:00, then the cache age is 20 days. The cache age of 20 days is compared to the expire time, which in our example is 2 days, and because the cache age is greater than the expire time the content is revalidated with the origin server. When the content is revalidated it gets a new create time. To compute a more accurate cache age, the response delay is considered. The response delay is calculated as follows:
Response_delay = Create_time - Time_request_sent_to_origin_server
In our example, the create time is May 5, 2009 12:00, and if the origin server takes 2 minutes to respond to the request for content (because of network-imposed delays), the response delay is May 5, 2009 11:58. This allows the cache age to be calculated based on the time the request was initiated, not the time the response was received.
•Rate of data transfer—The rate at which the content is sent can be configured on a per-delivery basis. By default, LAN bandwidth is used.
•Content completeness—Prefetched content is stored locally in the ECDS in its entirety. For cached content, there are two cases when the content is not complete:
–The Web Engine process halts or the Service Engine experiences a failure in the process of caching the content. In this case, the subsequent request starts the cache fill anew.
–The content is in the process of being cached by another request. In this case, the subsequent request is served from the cached content.
The Web Engine supports a pass-through mode of authentication, whereby the origin server negotiates authentication and the Web Engine passes the requests and responses between the client device and the origin server. Content that requires authentication is not cached by the Service Engine, so all requests for authenticated content are retrieved from the origin server.
Service rules can be configured that dictate how the Web Engine responds when client requests match specific patterns. The patterns can be a domain or host name, certain header information, the request source IP address, or a Uniform Resource Identifier (URI). Some of the possible responding actions are to allow or block the request, or rewrite or redirect the URL.
Windows Media Engine
The Windows Media Engine uses Windows Media Technology (WMT), a set of streaming solutions for creating, distributing, and playing back digital media files across the Internet. WMT includes the following applications:
•Windows Media Player—End-user application
•Windows Media Server—Server and distribution application
•Windows Media Encoder—Encodes media files for distribution
•Windows Media Codec—Compression algorithm applied to live and on-demand content
•Windows Media Rights Manager (WMRM)—Encrypts content and manages user privileges
The Windows Media Engine streams Windows Media content, with the capability of acting both as a server and as a proxy. It streams prefetched content to the Windows Media Player, acts as a proxy for client requests, splits a live stream into multiple live streams, and caches content requested from remote servers.
Windows Media Engine acts as Windows Media Server for prefetched or cached content stored locally. The request is served by RTSP and HTTP. Windows Media Engine checks with the storage function on the Service Engine to see whether the content is stored locally; if the content is not found, the Windows Media Engine engages the Windows Media Proxy.
The WMT Proxy works like the cache-fill operation in the Web Engine. See the "Cache-Fill Operations" section. There are two options:
•Hierarchical Caching Proxy—If content is not found locally, the Windows Media Engine checks the upstream Service Engines first before pulling the content from the origin server.
•Static Caching Proxy—The administrator statically configures Service Engines as upstream proxies.
The WMT Proxy accepts and serves streaming requests over RTSP and HTTP.
For more information, see the following sections:
•Fast Stream Start
•Live Stream Splitting
•Policy Server Integration
Fast Start provides data directly to the Windows Media Player buffer at speeds higher than the bit rate of the requested content. After the buffer is filled, prefetched, cached, or live content stream at the bit rate defined by the content stream format. Fast Start does not apply to content that is dynamically ingested. Only Windows Media 9 Players that connect to unicast streams using MMS-over-HTTP or RTSP can use Fast Start. The Fast Start feature is used only by clients that connect to a unicast stream. With live content, the Windows Media Engine needs to hold the content in its buffer for a few seconds. This buffer is used to serve Fast Start packets to subsequent clients that request the same stream as the initiating first client request. The first client triggers the process, with the subsequent clients benefitting from Fast Start.
Fast Cache allows clients to buffer a much larger portion of the content before rendering it. Fast Cache is supported only for TCP. The Windows Media Engine streams content at a much higher data rate than specified by the stream format. For example, using Fast Cache, the Windows Media Engine can transmit a 128-kilobit per second (Kbps) stream at 700 Kbps. This allows the client to handle variable network conditions without perceptible impact on playback quality. Only MMS-over-HTTP and RTSP requests for prefetched or cached content support Fast Cache. The speed is determined by the client's maximum rate and the configured Fast Cache rate—whichever is smaller.
Fast Stream Start
The first client requesting a live stream often experiences the longest wait time for the content to begin playing. Users can experience long wait times because of the full RTSP or HTTP negotiation that is required to pull the live stream from the source. Delays can also occur if the edge Service Engine has not buffered enough stream data to fill the player's buffer at the time the content is requested. When the buffer is not filled, some data to the client might be sent at the linear stream rate, rather than at the Fast Start rate. With Fast Stream Start, when a live stream is primed, or scheduled and pulled, a live unicast-out stream is pulled from the origin server to a Service Engine before a client ever requests the stream. When the first request for the stream goes out, the stream is already in the delivery service.
Live Stream Splitting
Live stream splitting is a process whereby a single live stream from the origin server is split and shared across multiple streams, each serving a client that requested the stream. When the first client that requested the stream disconnects, the Windows Media Engine continues to serve the subsequent requesting clients until all requesting clients have disconnected. Live stream splitting using content that is already stored locally is generally better than using content from the origin server; this is because the Service Engine is typically closer to the requesting clients, and therefore network bandwidth to the origin server is freed up.
Note When using Windows Media Server 2008 as the origin server, the source content type must be a playlist or encoder type.
Live stream splitting can either be unicast or multicast, depending on the configuration, capabilities and limitations of the network. The Windows Media Engine can receive and deliver Windows Media content over IP multicast or unicast transmission in the following combinations:
Note For multicast-in (to the SE) to work, the network needs to be multicast-enabled.
The Windows Media Engine can be used in a live or rebroadcast program to deliver multicast streams to client devices. The source of the stream can be multicast, unicast, or a local file. The program can be scheduled, continuous, or play once. The content can be either live or rebroadcast. The Windows Media Engine creates a Windows Media file (.nsc) that contains session information including the multicast IP address, port, time-to-live (TTL), and so on. The client requests the .nsc file using HTTP. Once the file is downloaded, the client parses it and sends an Internet Group Management Protocol (IGMP) join to receive the multicast stream. A client can start and stop the stream, but cannot pause, fast-forward, or rewind it.
The Windows Media Engine can act as a broadcast publishing point to deliver live streams, prefetched/cached content, or content from dynamic ingest, to a requesting client. The source of the stream can be multicast, unicast, or a local file. The Windows Media Engine can also perform live stream splitting if more than one client requests the same content. The delivery service can be used to simulate an experience similar to viewing a TV program even if the source of the stream is a Video On Demand (VOD) file. A client can start and stop the stream but cannot pause, fast-forward, or rewind it. When a delivery service is configured, a client makes a request to the Windows Media Engine, which is acting as the Windows Media Server, and the Windows Media Engine checks to see whether the incoming stream is present. If it is, the Windows Media Engine joins the stream and splits it to the new client. If the request is the first client request for this stream, the Windows Media Engine sends the request to the origin server and then serves it to the new client.
The Windows Media Engine supports pass-through authentication. The following authentication mechanisms are supported in pass-through mode:
•Digest access authentication
With pass-through authentication, the Windows Media Engine establishes a tunnel between the client and the origin server so that the origin server can authenticate the client.
Bandwidth management of Windows Media content can be controlled by setting limits for incoming and outgoing bandwidth and session bit rate and Fast Start maximum bandwidth. In addition, in the case of live streaming, contributing origin servers can by identified to allow incoming content to exceed the bandwidth check to support high demand scenarios. The Windows Media bandwidth management capabilities are described in Table 1-2.
Tip We recommend that customers with variable bit rates cap the bit rate at the encoder to avoid bit rate spikes, which may result in throughput exceeding the supported throughput allowed in the Cisco ECDS. Use the show bitrate [movie-streamer | wmt] command in EXEC configuration mode to display the bit rate allocated to a particular device. Use the bitrate command in Global configuration mode to configure the maximum pacing bit rate for large files for the Movie Streamer and to separately configure WMT bit-rate settings.
Table 1-2 Bandwidth Management Capabilities
The bandwidth for Windows Media content coming into the Service Engine, from either an upstream Service Engine or from the origin server.
The bandwidth for streaming Windows Media content to the end user from the Service Engine.
Incoming Session Bit Rate
The maximum bit rate per session that can be delivered to the Service Engine from the origin server or upstream Service Engine.
Outgoing Session Bit Rate
The maximum bit rate per session that can be delivered to a client.
Incoming Bandwidth Bypass List
The list of identified hosts allowed to bypass the incoming bandwidth check for broadcast or multicast live content.
Fast Start Maximum Bandwidth
Maximum bandwidth allowed per player when Fast Start is used to serve packets to each player. Increased bandwidth initially used by the Fast Start feature can overburden a network if many players connect to the stream at the same time. To reduce the risk of network congestion caused by the Fast Start feature, limit the amount of bandwidth the Fast Start feature uses to stream to each player.
Policy Server Integration
The Windows Media Engine uses HTTP and RTSP to send start, stop, and pause messages to the policy server.
Movie Streamer Engine
The Movie Streamer Engine is an open-source, standards-based, streaming server that delivers hinted MPEG-4, hinted 3GP, and hinted MOV files to clients over the Internet and mobile networks using the industry-standard RTP and RTSP. Hinted files contain hint tracks, which store packetization information that tell the streaming server how to package content for streaming.
The Movie Streamer Engine is an RTSP streaming engine that supports Third Generation Partnership Project (3GPP) streaming files (.3gp). Support of 3GPP provides for the rich multimedia content over broadband mobile networks to multimedia-enabled cellular phones.
Note The streaming capability of Movie Streamer Engine only depends on the movie file format or stream transport type. It is independent of codec types. Movie Streamer supports any client player that can fetch media streams by way of RTSP or RTP. However, the client player must have the correct codec in order to render the stream correctly.
The Movie Streamer Engine can act as both a server and a proxy. It streams prefetched or RTSP-cached content to RTSP clients, acts as a proxy for client requests, splits a live stream into multiple live streams, and caches content requested from remote servers.
After the RTSP request comes into the Movie Streamer, the URI in the RTSP request is modified to reflect the result of the mobile capability exchange. The Movie Streamer checks with the storage function on the Service Engine to see whether the content is stored locally. If the content is not found or if an RTSP-cached content version needs freshness validation, the Movie Streamer engages the Movie Streamer proxy.
In the case of an RTSP-cached content version verification, the Movie Streamer proxy forwards the DESCRIBE request to the origin server for a response containing the Last-Modified-Time header in the response. If the Last-Modified-Time matches the cached version, the Movie Streamer streams the cached content; otherwise, the Movie Streamer proxy forwards the request to the origin server for RTSP negotiation. A client session and a server session are created with the following attributes:
•Server session is responsible for connecting to the origin server to fetch the content and cache it locally. The server session generates the media cache file and the linear hint files.
•Client session is responsible for streaming the locally cached file to the client.
•Client and server sessions are separated so that multiple server sessions can be spawned for the same URL to cache content from different starting points or at faster speeds, or both. This increases the speed of fetching the content. The client session starts to stream from the cached content that the server session is writing.
The Movie Streamer proxy works like the cache-fill operation in the Web Engine and the Windows Media Engine, except for the minimum TTL value. The Movie Streamer's minimum TTL value is always zero. See the "Cache-Fill Operations" section. There are two options:
•Hierarchical Caching Proxy—If content is not found locally, the Movie Streamer checks the upstream Service Engines first before pulling the content from origin server.
•Static Caching Proxy—The administrator statically configures Service Engines as upstream proxies.
The Movie Streamer supports basic pass-through proxy mode for certain conditions where caching cannot be performed. Such conditions include, but are not limited to, the Service Engine running out of disk space.
For more information, see the following sections:
Prefetched content can be delivered by the non-accelerated method or the accelerated method. Non-prefetched content (proxied or cached content) is always delivered by the accelerated method. The content is delivered to the client device by one of the following mechanisms:
•Non-Accelerated—This method has limited concurrent streams and total throughput, but supports many transport formats. The non-accelerated method supports the following transport formats:
–RTP over UDP
•Accelerated—This method supports only RTP over UDP. Content must be reprocessed by the Movie Streamer Linear Hinter. The linear hinter process can be initiated manually by the administrator or dynamically triggered by the first request for the content.
The Movie Streamer Linear Hinter process may take a while, so the first request that triggers this process is served by the non-accelerated method. All subsequent requests are served by the accelerated method.
The first client request for content that requires proxying or caching experiences a delay, because all proxying and caching requires the accelerated method.
The Movie Streamer Engine supports multicast reference URLs (Announce URLs) for programs that are created through the Enterprise CDSM. The multicast reference URL, which is in the form of http://Service Engine IP address/Program ID.sdp, is resolved by the Movie Streamers that are serving the live program.
QuickTime live typically has a UDP socket pair (for RTP and RTCP) per track, and each client session typically has two tracks (audio and video).
Note The following rules apply to live splitting:
1. For unicast streaming, the client request must be sent by RTSP.
2. For multicast streaming, the client request must be sent by HTTP.
Flash Media Streaming Engine
The Flash Media Streaming Engine incorporates the Adobe Flash Media Server technology into the ECDS platform. The Flash Media Streaming Engine is capable of hosting Flash Media Server applications that are developed using ActionScripts, such as VOD (prefetched content, or dynamic or hybrid ingested content), live streaming, and interactive applications.
Note The Cisco ECDS Flash Media Streaming Engine supports the Adobe Flash Media Rights Management Server (FMRMS) for VOD content; it is not supported for live streaming. Adobe FMRMS protects media content delivered to Adobe Media Player and Adobe AIR applications. FMRMS is also available for proxied content, if Adobe supports the content type. For more information about the Adobe Flash Media Rights Management Server, see www.adobe.com.
Note ECDS supports the Adobe Flash Media Server Administration application programming interfaces (APIs) and the Administration Console that was built using the Administration APIs. These APIs can be used to monitor and manage the Adobe Flash Media Server running on a Cisco ECDS Service Engine. See the "Configuring Flash Media Streaming" section for more information.
Upon receiving a client request for VOD content, the edge Service Engine does the following:
•If the content is present, the edge Service Engine streams it using RTMP.
•If the content is not present, the edge Service Engine uses HTTP to fetch the content from the origin server and serves it using RTMP.
No client information is sent to the origin server. No per-client control connection is present between the edge Service Engine and the origin server for VOD streaming.
Flash Media Streaming encompasses all flash applications, from simple Flash Video (FLV) files to more complex Small Web Format (SWF) files. All HTTP client requests for SWF files, that are redirected to a Service Engine by the Service Router, are handled by the Web Engine. The Web Engine, using HTTP, serves the request from locally stored content in the ECDS or from any upstream Service Engine or origin server. See the "Web Engine" section for more information.
The SWF file is a compiled application that runs on the Adobe Flash Player, and may contain RTMP calls to FLV, MPEG-4 (H.264), or MP3 files. RTMP calls, in the form of URL requests, are routed to a Service Engine by the Service Router.
Flash Media Streaming supports RTMP and RTMPE on port 1935 only. RTMPE is the secure flash streaming technology from Adobe. Encrypted RTMP (RTMPE) is enabled on Flash Media Streaming by default, and allows you to send streams over an encrypted connection without requiring certificate management.
Note The Service Router uses RTMP redirection to direct the client's Flash Player to the best Service Engine based on load balancing and resiliency. RTMP redirections are supported only by Adobe Flash Player 9. All older Flash Players do not support RTMP redirection.
Note For VOD streams, all RTMP calls in the SWF file must be in the following format:
In this format, rfqdn is the routing domain name of the Service Router, vod-edcs is the required directory, and path is the directory path to the content file that conforms to the standard URL specification.
If you are unable to store the VOD content in the required vod-edcs directory on your origin server, you can create a VOD virtual path for all RTMP requests. All client requests for RTMP calls still use the rtmp://rfqdn/vod-edcs/path/foo.flv format for VOD streams, but the SE replaces the vod-edcs directory with the string specified in the flash-media-streaming application-virtual-path vod-edcs map command.
Use the flash-media-streaming application-virtual-path vod-ecds map <mapping string> command on each SE participating in a Flash Media Streaming delivery service. The mapping string variable accepts all alphanumeric characters and the slash (/) character, and can be from 1 to 128 characters. For example, to map the "vod-edcs" directory to "media" for the go-tv-stream.com origin server, use the flash-media-streaming application-virtual-path vod-ecds map media command.
If comedy.flv is the content being requested, the RTMP call in the SWF file would be rtmp://go-tv-stream.com/vod/comedy.flv. The SE would replace the "vod" directory and request http://go-tv-stream.com/media/comedy.flv from the upstream SE or origin server.
If just the slash (/) character is used to replace the "vod-edcs" directory, the SE request would be http://go-tv-stream.com/comedy.flv.
For prefetched and cached content, the Flash Media Streaming Engine uses RTMP or RTMPE over port 1935. For content that is not found locally, the Flash Media Streaming Engine communicates with the Web Engine, that in turn communicates with the upstream Service Engine for cache-fill operations. See the "Cache-Fill Operations" section. This interaction uses HTTP. Once the content is in the process of being retrieved by the Web Engine, the Flash Media Streaming Engine uses RTMP to begin streaming the content.
The following describes the characteristics of caching content using HTTP for RTMP client requests:
1. Origin server-based cache validation is still honored for the cached content.
2. Client-side Web Engine rules are bypassed for the RTMP client request.
3. If HTTP headers from the origin server have the "no-cache" attribute set, content is not cached, and transparent proxy is performed to stream RTMP.
4. Transparent proxy from HTTP to RTMP is supported. Flash Media Streaming Engine begins RTMP streaming while content is still being fetched using HTTP proxy mode.
Any HTTP configuration that prevents content from being cached still applies for RTMP requests. The Flash Media Streaming Engine uses multiple HTTP-based range requests in such cases.
Multi-Bit Rate Streaming
Flash Media Streaming supports multi-bit rate streaming, also known as dynamic streaming. Dynamic streaming offers the ability to adjust the bit rate used to stream video to clients in order to adapt to changes in network conditions.
Multi-bit rate streaming has the following requirements:
•Origin server must be running Flash Media Server 3.5
•Client must be using Flash Media Player 10 or higher
•Encoder for VOD must be running Flash Media Encoder CS4
•Encoder for live streaming must be running Flash Media Live Encoder 3
For VOD, the encoder creates different bit rates for the content. For live streaming, the encoder publishes three streams with different bit rates to the origin server.
With Flash Media Player 10, there are new QoS properties that provide information about the stream and video performance and network capabilities; for example, when the NetStreamInfoBytesPerSecond field changes, the client can request a different bit rate for the stream.
See the "Configuring Delivery Services" section for more information about QoS.
The client player sends the command to switch or swap the stream. When network changes occur, the client sends a switch command to request the content be streamed with a higher or lower bit rate. Swap is used when swapping streams in a playlist (for example, advertisements). The bit rate change request works for both VOD and live streaming. The supported formats are H.264 and FLV. The client-side ActionScripts should use play2() instead of play() for smooth stream transitions.
Flash Media Streaming Proxy
The Flash Media Streaming Engine can deliver content acting as an origin server or as a proxy server. The Flash Media Streaming Engine acts as a proxy server when content cannot be cached due to the origin server's configuration or due to the Service Engine's Web Engine configuration. Content is ingested and distributed using HTTP, whether the client request for the content used HTTP or RTMP.
Note Any content that does not contain "live" or "vod-edcs" in the path is automatically proxied.
The Flash Media Streaming Engine supports unicast flash streaming.
Flash Media Streaming supports the On2 VP6 codec, as well as those listed in Table 1-3.
Table 1-3 Codecs Supported in Flash Media Streaming
MPEG-4 Part 3, also known as AAC+, HE-AAC. A set of compression codecs for perpetual coding of audio signals, including some variations of Advanced Audio Coding (AAC), as well as AAC Main, AAC LC, and SBR.
Advanced Video Coding (AVC), also known as H.264/AVC.
All levels of applications are supported, Base (BP), Main (MP), High (HiP), High 10 (Hi10P), and High 4:2:2 Profile (Hi422P).
This standard is technically identical to the ITU-T H.264 standard.
ISO Base Media File Format. A file format for storing media content containing one audio track (either ISO/IEC 14496-3 [AACPlus] or MP3), and one video track (either ISO/IEC 14496-10 [H.264 or AVC] or VP6).
3GPP TS 26.245
Time text format.
Flash Media Streaming uses RTMP to stream live content by dynamic proxy. Configuration of live or rebroadcast programs is not required. When the first client requests live streaming content, the stream is created. There are no limits to the number of live streams other than the system load. Live streaming uses distributed content routing to distribute streams across multiple Service Engines.
Upon receiving a client request for live content, the edge Service Engine does the following:
•If the live stream is already present, the edge Service Engine attaches the new client to the existing stream. No message is sent to the origin server and no connection is set up.
•If the live stream is not present, ECDS creates a connection to the origin server to get the stream. No client information is sent to the origin server.
No per-client control connection is present between the edge Service Engine and the origin server for live streaming.
For Flash Media Streaming, a delivery service can be used for prefetched content, cached content, dynamically cached content, and live content. Because Flash Media Streaming uses dynamic proxy to stream live content, no disk space is used to store content. A Service Engine can act as the origin server for streaming live content, provided the SE designated as the origin server is not assigned to the delivery service that is streaming the live content.
The Flash Media Streaming Engine automatically retries a connection to an upstream Service Engine or the origin server if the upstream live-splitting connection fails. This switchover does not require any additional retries from the client side. Clients see a subsecond buffering, after which video continues to play. This feature does not address switchover when the Service Engine that is streaming to the client fails. The primary advantage is increased resiliency in the ECDS infrastructure. In other words, if a Service Engine fails, the downstream Service Engine automatically tries to connect to an upstream Service Engine in the path, and if it fails to connect, then a connection to the origin server is automatically made.
The Adobe Flash Media Encoder can publish the streams to any Adobe Flash Media Server acting as the origin server. Clients use the RFQDN to get the live content. The request from the client for "streamname" is mapped to origin_appinst_streamname internally in the ECDS to differentiate between two streams with the same name in two different delivery services.
Note All RTMP calls for live content in the SWF file must be in the following format:
In this format, rfqdn is the routing domain name of the Service Router, live is the required directory, and path is the directory path to the content file that conforms to the standard URL specification.
Flash Media Streaming supports live stream splitting. For more information about live stream splitting, see the "Live Stream Splitting" section.
Flash Media Streaming supports pass-through (proxy) functionality for interactive applications (non-VOD and non-live). The interactive applications are hosted on a Flash Media Interactive Server that is external to the ECDS.
Note For the edge server proxy to function correctly, the origin server must be running Adobe Flash Media Server 3.5.
Direct routing from the Service Engine, acting as the Flash Media Streaming edge server proxy, to the origin server (the Flash Media Interactive Server) is supported by way of the hierarchical path of Service Engines to the origin server. Every Service Engine that receives the request proxies it to the next SE along the path, where it reaches the origin server. Using the delivery service framework, the origin server is abstracted from the client request by using the Service Router Domain Name (SRDN), which resolves to the Service Engine that accepts the user connection and forwards the request to the origin server. Flash Media Streaming includes the edge server (proxy) mode, and by default, all non-live and non-VOD applications are proxied by using the edge server. Flash Media Streaming selectively picks connections for processing in edge server mode and aggregates connections to the origin servers.
Note The video and audio content used in an interactive application is cached on the SE acting as the Flash Media Streaming edge server proxy and is not removed when Flash Media Streaming is disabled. The maximum storage allowed for cached content associated with interactive applications is 2 GB. The only way to delete this cached content is to use the clear cache flash-media-streaming command or to reload the ECDS software on the SE.
ECDS supports implicit URI as the method that allows the client to connect with the edge server without exposing the origin server. The URI would look like this:
Request routing based on SWF files or using RTMP redirection is supported. However, RTMP redirection requires more changes in the client code. SWF file-based redirection is recommended. SWF redirection works as follows:
1. SWF files and associated HTML pages are either prefetched or hosted in the origin server.
2. Client uses a web browser to access the HTML page, which also loads the SWF file.
3. SWF file is accessed using the SRDN.
4. Service Router redirects the request to a Service Engine.
5. SWF file is downloaded to the web browser.
6. ActionScript in the SWF file attempts to connect to the same host from where the SWF file was downloaded. This is an RTMP connection that reaches the Service Engine.
7. Service Engine checks for the application type in the URI and, if it is not VOD or live, the processing is moved to the edge server mode and the connection is forwarded to the origin server.
8. Service Engine tunnels the data between the client and the origin server.
Note Changes to a delivery service do not affect existing connections to the Flash Media Interactive Server (origin server). Only new connections are affected by changes to a delivery service.
In Cisco ECDS Release 2.5.x the Service Router acts only as a Request Routing Engine, as described in the following sections:
•Request Routing Engine
Request Routing Engine
See the following sections:
•Coverage Zone File
•Request Routing Engine Workflow of Coverage Zone Routing
There are a number of ways for client requests to get routed to the Request Routing Engine and on to the Service Engine, including the following:
•RFQDN Redirection—Router fully qualified domain name (RFQDN) redirection.
•IP-Based Redirection—(Not supported) IP-based redirection.
RFQDN redirection is the default configuration. With RFQDN redirection, client requests are resolved to the Request Routing Engine by the DNS server and the Request Routing Engine redirects the request to the Service Engine based on route tables created from the Coverage Zone File and the current load of the Service Engines. The redirected URL is http://SENAME.SE.RFQDN/relative_path_of_content, where SENAME is the hostname of the Service Engine.
Note The redirected URL for Flash Media Streaming requests is: rtmp://SENAME.SE.RFQDN/application_name/encoded (relative_path_of_streamname), where SENAME is the hostname of the Service Engine.
Figure 1-2 describes the Request Routing Engine workflow for RFQDN redirection.
Figure 1-2 Request Routing Engine Workflow for RFQDN Redirection
In Figure 1-2, the client sends a request for a video file (for example, sample.wmv) to http://video.cds.com. The browser in turn sends a recursive DNS request to resolve video.cds.com through the DNS proxy.
The Service Router is configured to be the authoritative DNS for video.cds.com. The DNS proxy resolves video.cds.com to the Service Router's Request Routing Engine and sends the Service Router IP address back to the client. The client then sends a request for sample.wmv to the Service Router.
The Request Routing Engine chooses the Service Engine to redirect the request to based on load, location, and other factors. A 302 redirect message is sent to the client with the redirected URL http://se1.se.cds.com/sample.wmv.
A DNS request is sent to the Request Routing Engine again through the DNS proxy to resolve se1.se.cds.com. The Request Routing Engine returns the IP address (se1) to the DNS proxy which is forwarded to the client. The client then contacts the Service Engine (se1) directly and requests the sample.wmv. The Service Engine streams the requested content to the client.
IP-Based Redirection is not supported in this release of ECDS.
Coverage Zone File
When a Service Engine is registered to the CDSM, it is assigned a default Coverage Zone file that is created by the CDSM using the interface IP address of the Service Engine. The default Coverage Zone file can be unassigned, and a custom coverage zone can be created using the Coverage Zone file.
A Coverage Zone file is an XML file containing coverage zone entries for each client IP address range, the Service Engine serving that range, the latitude and longitude of the Service Engine, and a metric value. The Coverage Zone file can be referenced by a URL and imported into the CDSM, or uploaded from a local machine. The Coverage Zone file can be set as the default for a specific Service Router or for all Service Routers in the ECDS network.
Note The coverage zone file is limited to 40,000 entries.
When content is requested by a client, the Request Routing Engine checks the client's IP address to find the coverage zone that contains that IP address. The Request Routing Engine then selects the Service Engine that serves this coverage zone. If a specific IP address is in multiple coverage zones, the one with the more specific range is selected. If the Request Routing Engine is unable to redirect the request, the Request Routing Engine sends an error response to the client.
A coverage zone can be associated with one or more Service Engines. Each Service Engine can have its own unique coverage zone, or the Service Engines can be associated with more than one coverage zone and have over lapping coverage zones. In Figure 1-3, all Service Engines serve Coverage Zone 1, and Service Engine 1 is specifically associated with Coverage Zone 2, a subset of Coverage Zone 1.
Figure 1-3 Coverage Zone Example
If a coverage zone is served by multiple Service Engines, all Service Engines are put in the routing table. The metric value, entered in the Coverage Zone file, indicates the proximity of the Service Engine to the client. When multiple Service Engines serving a coverage zone are on the same subnet and have the same metric value, and load-based routing is not enabled, the Request Routing Engine uses round-robin routing to redirect the client. If load-based routing is enabled, the load of the Service Engines are used to determine the best Service Engine to redirect the client.
For more information about Coverage Zone files, see "Creating Coverage Zone Files."
The Request Routing Engine chooses the best Service Engine based on whether the Service Engine is participating in the delivery service for which the origin server matches that of the requested domain, and whether the Service Engine is assigned to serve the client's network region.
The Request Routing Engine uses the following methods:
•Load-based routing (least loaded)
•Last-resort routing (all Service Engines are overloaded)
•Service aware routing
Note The keepalive messages between the Service Router and Service Engine are transmitted and received on port 2323. However, the software interoperates with older software releases that do not use port 2323 for keepalive messages. If a firewall is configured between the Service Engine and the Service Router, port 2323 (UDP) must be opened for the keepalive message to go through.
See the following sections for more information about supported routing methods:
•Service Aware Routing
Load-based routing is enabled by default and cannot be disabled. In load-based routing, the routing decision is made according to the capacity and load of the Service Engines.
The load of the Service Engine is determined by different parameters, such as processor usage, memory usage, disk usage, the number of current Windows Media streams being served, and so on. The current load is compared with the thresholds configured for the Service Engine. If a threshold has been exceeded for a Service Engine it is excluded from the routing table.
Last-resort routing is useful when all Service Engines have exceeded their thresholds or all Service Engines in the domain are offline, or the client is unknown. If last-resort routing is configured, the Request Routing Engine redirects requests to a configurable alternate domain when all Service Engines serving a client network region are unavailable, or the client is unknown. A client is considered unknown if the client's IP address is not part of a subnet range listed in the Coverage Zone file, or part of a defined geographical area listed in the Coverage Zone file.
Last-resort routing works dynamically. When the load of one or more Service Engines in the original host domain is reduced below threshold limits or the Service Engines are reactivated, new requests are routed to the original host domain automatically.
Note If the last-resort domain is not configured and the Service Engine thresholds are exceeded, known client requests are redirected to the origin server and unknown clients either receive an error URL (if the Error Domain and Error Filename fields are configured), or a 404 "not found" message.
Note Unknown clients are only redirected to the alternate domain (last-resort domain) when the Allow Redirect All Client Request check box is checked or the equivalent service-router last-resort domain <RFQDN> allow all command is entered.
Last-resort routing supports requests from RTSP, HTTP (including MMS-over-HTTP), and RTMP clients.
Location-based routing and integration with Geo-Location servers are not supported in this release.
Service Aware Routing
Service-aware routing is enabled by default and cannot be disabled. In service aware routing, the Request Routing Engine redirects the request to the Service Engine that has the required protocol engine enabled, the required protocol engine is functioning properly and has not exceeded its threshold, and the SE has not exceeded its thresholds as configured. See the "Setting Service Monitor Thresholds" section for more information.
The following user agents are served by the Windows Media Engine:
•Natural Selection (NS) player and server
•Windows Media player and server
The following user agents are served by the Movie Streamer Engine:
•Quicktime player and server
•VideoLAN VLC media player
When a request reaches the Service Router, the Request Routing Engine generates a hash from the URI. The Request Routing Engine first generates a list of Service Engines to best serve the request based on service aware routing. The Request Routing Engine then reorders the list based on the hash and selects the best Service Engine. Because the hash generated for the same URI is equal, typically the same Service Engine is selected. If the Service Engine is overloaded, the next Service Engine in the list is selected.
For service aware routing, some of the services running on a Service Engine are protocol based. When protocol-based services associated with a protocol engine are stopped on a Service Engine, the Request Routing Engine excludes this Service Engine from the list of possible Service Engines that can serve requests for this type of content. The Request Routing Engine identifies the protocol engine that serves the request based on the user-agent in the request. For example, if some Windows Media Engine-related services are stopped, the Service Engine can still serve Web Engine requests. However, if the request for Web Engine content is sent from a Windows Media Player, the Request Routing Engine excludes the Service Engine from the list of possible Service Engines that can serve the request.
Note For service aware routing, if a threshold is exceeded for all Service Engines, the Request Routing Engine redirects the client request to the origin server if a last-resort alternate domain is not configured. If a last-resort alternate domain is configured, the alternate domain takes precedence over the origin server. For a managed-live URL, if the origin server does not match the source of the live program, the above case fails. For the above case to work, the origin server host must be configured to match the live program source. In addition, the origin server stream name must be the same as the live program name.
In content-based routing, the Request Routing Engine redirects the request based on the URI. Requests for the same URI are redirected to the same Service Engine, provided the Service Engine's thresholds are not exceeded.
The same content can be stored in more than one Service Engine if the number of redundant copies is set to more than one. Redundancy is used to maximize the cache-hit ratio. If redundancy is configured with more than one copy, multiple Service Engines are picked for a request with the same URI hash.
Content-based routing is best suited for cache, prefetched, and live program requests to maximize the cache-hit ratio.
Note A client RTMP URL request for Flash Media Streaming does not contain the stream name; therefore, a client's URL requests for different RTMP streams could seem the same. For this reason, content-based routing may not be efficient for Flash Media Streaming because a different directory needs to be created for each stream to differentiate the content.
Request Routing Engine Workflow of Coverage Zone Routing
The Request Routing Engine workflow for clients connected to the network is as follows:
1. The client sends the DNS query for the routed FQDN to the local DNS server.
2. The DNS server replies with the Service Router IP address.
3. The client issues an HTTP, RTMP, or RTSP request to the Service Router.
4. If the Request Routing Engine finds the client's subnet in the Coverage Zone file, the following occurs:
a. The Request Routing Engine chooses the appropriate Service Engine and performs a protocol-specific redirection.
b. The client issues an HTTP, RTMP, or RTSP request to the Service Engine.
c. The Service Engine serves the content.
When a Service Router is registered with the CDSM, the CDSM propagates the Service Router's IP address to all the registered devices. The Service Engine sends a keep-alive message to the Service Router on a periodic interval, which consists of information about the SE resources (such as disk, CPU, memory, and network interface usage). The Request Routing Engine uses the Service Engine's load and liveness information for generating the routes.
The Enterprise CDS can have more than one Service Router to support Service Router failover. In line with failover, the DNS server should be configured with multiple Service Routers for the same routed FQDN.
Note DNS entries for all FQDNs must be delegated to the Service Router. In the DNS server's database file, a name server record must be entered for each FQDN that routes to the Service Router.
Table 1-4 lists supported Request Routing Engine redirections. See also the "Content Delivery System Manager" section.
Table 1-4 Request Routing Engine Redirections
Used if the requested file has an.asx extension. This redirection method is used for Windows Media Technology. To use the HTTP 302 redirection instead, see the "Configuring Application Control" section.
Normal requests for files with an .asx extension returns a status 200, unless HTTP 302 redirection is enabled.
Used if the protocol is HTTP and the file extension is not .asx. This is the native HTTP redirection.
Used if the protocol is RTSP and the client is QuickTime or Windows Media. This is the native RTSP redirection.
Used if the protocol is RTMP and the client is Adobe Flash Player, Adobe Media Player, or Adobe Flash Lite Player.
For Flash Media Streaming, when a client requests content from a portal. and the content contains a request to a different remote domain (the origin server in the case of the ECDS), the request cannot be served unless the remote domain (origin server) has a crossdomain.xml that grants access to the original portal.
For example, if a client request is for abc.com/streaming.html, and the content in streaming.html has a request to cds-origin.com/vod-edcs/sample.flv, the client requests a crossdomain.xml. The crossdomain.xml allows access to abc.com, which allows the streaming of sample.flv.
If the cds-origin.com does not have crossdomain.xml, then the request is denied.
Note For Flash Media Streaming, the remote domain request is looked up in the crossdomain.xml file. For Microsoft Silverlight, the remote domain request is looked up in the clientaccesspolicy.xml file.
In the ECDS, instead of directly going to cds-origin.com, the request first comes to the Service Router. When the request for crossdomain.xml comes to the Service Router, the Request Routing Engine sends it to the client. This XML file grants access to the portal for the file requested. The client then sends the request for the file, which is then served.
Note For Windows Media Streaming Silverlight the clientaccesspolicy.xml file is requested only when web service calls are made. Depending on the client player, for both Windows Media Streaming Silverlight and Flash Media Streaming applications, the clientaccesspolicy.xml and crossdomain.xml need to be provisioned on the origin server.
Note Flash Media client players that use FLVPlaybackComponent do not currently request the crossdomain XML file for video files. The crossdomain request is issued only when a query string is present. In such cases, the video gets downloaded but does not play.
Configuring and Monitoring the Cross-Domain Policy Feature
To enable the Cross-Domain Policy feature on the Service Router, enter the service-router access-policy enable command.
To disable the Cross-Domain Policy feature, enter the no service-router access-policy enable command.
To display the Cross-Domain Policy setting, enter the show service-router access-policy command. The following is displayed:
Service Router access policy enabled
Logging information can be found in the /local/local1/errorlog/service_router_errorlog.current file. When the Request Routing Engine sends the crossdomain.xml to a client, the "crossdomain.xml served to client" message is logged. When the Request Routing Engine sends the clientaccesspolicy.xml file to a client, the "clientaccesspolicy.xml served to client" message is logged.
The show statistics service-router summary command displays an increase in the number of the HTTP Requests (normal) in Request Received section of the output.
Note The crossdomain.xml or clientaccesspolicy.xml file served by the SR is logged as 200 OK, and the request redirect is logged as a 302.
Although the proximity engine settings appear in the interface and are configurable, this feature is not supported in the Cisco Enterprise CDS releases 2.5.3 through 2.5.5.
Routing Using WCCP
An alternative to Service Router routing is to use an enterprise router that supports the Web Cache Communication Protocol (WCCP) and is configured to intercept and route requests for content. WCCP detects client requests and routes the request to a Service Engine within the same network. WCCP does not require the presence of a Service Router.
WCCP is a Cisco-developed protocol that allows for the integration of web caches into the network infrastructure. It provides the mechanism to create transparent redirection of selected traffic from a group of routers to a group of web caches within the Enterprise. The main goal of WCCP is to lower response times by optimizing resource use. WCCP and transparent proxy is available for all supported media protocols in ECDS without requiring DNS or URL changes.
WCCP services are deployed for intercepting and redirecting traffic. The standard service is web cache, which intercepts TCP destination port 80 (HTTP) traffic and redirects that traffic to the cache engines. Adding more service engines and routers allows more bandwidth and flexibility in load balancing. With WCCP, you can use a "cache cluster" for load balancing, scaling, and fault tolerance.
WCCP Version 2 enables a series of Service Engines, called a Service Engine cluster, to connect to multiple routers. This feature provides redundancy and a more distributed architecture for instances when a Service Engine needs to connect to a large number of interfaces. WCCP Version 2 also balances traffic load across a cache cluster and ensures fault-tolerant and fail-safe operation. As Service Engines are added to or deleted from a cache cluster, the WCCP-aware router or switch dynamically adjusts its redirection map to reflect the currently available caches.
When operating with WCCP Version 2, the Service Engine performs a clean shutdown after reboot to prevent broken TCP connections. See the "Graceful (Clean) Shutdown" section for more information.
Figure 1-4 shows how requests for content are routed using the WCCP transparent interception method. For more information about WCCP, see the following chapters:
•Chapter 2 "Network Design"
•Chapter 7 "Configuring WCCP"
Figure 1-4 Request Interception Using WCCP
1. A user requests a web page from a browser.
2. The WCCP-enabled router intercepts the request, and based on the TCP destination port number, the router determines whether it should transparently redirect the request to a Service Engine. Access lists are used to control which requests can be redirected.
3. If the Service Engine does not have the requested content, it sets up a separate TCP connection to the origin server to retrieve the content (3a in Figure 1-4). The content returns to, and is stored on, the Service Engine (3b in Figure 1-4). Content is stored and streamed simultaneously.
4. The Service Engine sends the content to the client. Upon subsequent requests for the same content, the Service Engine transparently fulfills the request from its local storage.
WCCP can also handle asymmetric packet flows and always maintains a consistent mapping of web servers to Service Engines regardless of the number of routers used in a WCCP service group (up to 32 routers communicating with up to 32 Service Engines in a cluster).
There are some significant advantages to using a WCCP-enabled router for request routing interception in transparent mode:
•No end user configuration—Users do not have to point their browsers to the Service Engine.
•Fail-safe—Service Engines are automatically fault-tolerant and fail-safe. Any Service Engine failure does not cause denial of service to the end user.
•Scalable—Cache services can be scaled by deploying multiple Service Engines.
Figure 1-5 shows the packet flow between a Service Engine and a router.
Figure 1-5 Packet Flow Diagram
In Figure 1-5, if the Service Engine does not have the requested object, a cache miss occurs, and the Service Engine sends the request to the origin server. As the Service Engine receives the response from the origin server, it saves a local copy of the requested object and delivers it to the client at the same time.
See the following sections for more information Chapter 7 "Configuring WCCP" for more information.
Content Delivery System Manager
The Enterprise Content Delivery System Manager (CDSM) is a web browser-based user interface. The Enterprise CDSM allows the administrator to configure, manage, and monitor delivery services and devices in the Cisco Enterprise Content Delivery System (ECDS). APIs are provided for backoffice integration with the Enterprise CDSM.
•Authentication, Authorization, and Accounting
•Delivery Services Management
Authentication, Authorization, and Accounting
The Enterprise CDSM uses HTTPS to secure the administrator's session. Multiple users can perform administrative operations by using the Enterprise CDSM. The administrator can configure certain users to have either view-only rights for monitoring the ECDS, or full rights that allow configuration changes as well as monitoring capabilities.
User accounts and groups can be added to the Enterprise CDSM and given roles and rights for accessing configuration information. It is also possible to segregate and group objects and give access to a limited group of users.
User authentication can be configured to use RADIUS servers when available, otherwise the Enterprise CDSM provides its own authentication server.
The ECDS-wide policy and status information is maintained in a relational database on the Enterprise CDSM. This information is propagated and synchronized with all devices in the ECDS network.
As part of the network management process, the administrator can perform basic administration operations on the Enterprise CDSM database, including backup and restore.
The Enterprise CDSM sends device configuration changes to the selected device or group of devices once the change has been submitted. The device sends any configuration changes that were made locally to the CDSM, and also provides periodic status information.
Devices can be organized into user-defined device groups, which allow administrators to apply configuration changes and perform other group operations on multiple devices simultaneously. Because a device can belong to multiple device groups, this reduces the management overhead of the administrator. Device groups allow for a single instance of management thus eliminating the need to repeat the same step for each device.
The Enterprise CDSM also provides an automated workflow to apply software upgrades to the devices in a device group.
Higher Storage Utilization of ECDS
Storage across multiple Service Engines is virtually divided into buckets where each Service Engine serves only a subset of the total content. Both the local storage and RAM of the Service Engines can function as an aggregated distributed service, providing unlimited scalability. Linear scaling of the ECDS storage is accomplished by adding more Service Engines to one location. This addresses the demands of the "Long Tail" use case relevant to the Service Engines. The Long Tail is the realization that the sum of many small markets is worth as much, if not more, than a few large markets. Long-tail distribution is the possibility that extremely infrequent occurrences in traffic are more likely than anticipated.
This higher storage utilization provides the following:
•Overall better system performance
•Higher in-memory cache hit ratio
•Deterministic resiliency in case of failures or overload due to very popular content (This is useful when customers have live, prefetched, and cached assets more than 4.5 terabytes of content on one Service Engine.)
The content distribution is resilient and stateless. If the load of all content mapped to one Service Engine increases, the load is automatically spread to other Service Engines without requiring any administrator intervention.
Delivery Services Management
The Enterprise CDSM provides the configuration and monitoring of delivery services, which defines how content is ingested, stored, cached, and published. The Enterprise CDSM provides the Service Engines with information about the delivery services and which Service Engines are participating in the delivery service.
In addition to using the Enterprise CDSM to define delivery services, an XML file called a Manifest file can be used to define a delivery service. The Manifest file and APIs serve as the basis for backoffice integration. For more information about the Manifest file, see the "Manifest File" section.
Resiliency and Redundancy
An ECDS that is designed with full redundancy and no single point of failure includes redundant Enterprise CDSMs and Service Routers. The redundancy mechanisms for the Content Acquirer and Media Streamer applications running on the Service Engines operate differently.
•Content Acquirer Redundancy
•Media Streamer Redundancy
•Service Router Redundancy
•Enterprise CDSM Redundancy
Content Acquirer Redundancy
In the event of a primary failure on the Content Acquirer, the failover mechanism supports the election of a backup Content Acquirer. A failover requires that both the primary and backup Content Acquirer be located in the root location of the delivery service.
If the Content Acquirer receives a live program as a multicast stream from the origin server, upon failure of the primary, the backup Content Acquirer assumes control of that program's streaming and the program continues without interruption. This process is transparent to the end user. When the primary Content Acquirer comes back online, it receives the live stream from the active secondary Content Acquirer and does not fall back (regain its primary status) until the live program has finished or has been restarted.
If the Content Acquirer receives the program as a unicast stream from the origin server, the failover mechanism is not supported. If the primary Content Acquirer fails while a program is playing, the person viewing the program must re-request the program.
Media Streamer Redundancy
If a Service Engine running the Media Streamer application fails, the Service Router stops receiving keep-alive messages from that Service Engine. When a new request comes in, the Service Router does not redirect the request to that Service Engine; instead, it redirects the request to other Service Engines within the same delivery service. All the existing sessions on the failed Service Engine terminate and the affected end users must re-request the content.
Service Router Redundancy
If the ECDS network is designed with multiple Service Routers, all Service Routers are aware of all Service Engines in the ECDS. The DNS servers must be configured with multiple Service Routers and the failover is handled by the DNS servers.
Enterprise CDSM Redundancy
The Enterprise CDSM can operate in two different roles: primary and standby. The primary role is the default. There can only be one primary active in the ECDS network; however, you can have any number of Enterprise CDSMs operating in standby to provide redundancy and failover capability.
Primary and standby CDSMs must be running the same version of software. We recommend that the standby CDSM be upgraded first, followed by the primary CDSM.
The Enterprise CDSM design principle is that the management device is never in the service delivery path. When the CDSM fails, the rest of the ECDS continues to operate. A CDSM failure does not affect any services delivered to end users, and all content ingest continues. The only negative effect is that the administrator cannot change configurations or monitor the ECDS. As soon as a failure to connect to the CDSM is noticed, the administrator can activate the standby CDSM. For information on making the standby CDSM the primary CDSM, see the "Changing a Standby to a Primary Enterprise CDSM" section.
Where to Go Next
Proceed to Chapter 2 "Network Design" for information about the basics of provisioning a Cisco ECDS network and how metadata and content flow through the Cisco ECDS.