Velocix intelligent caching and optimized replication implementation optimizes the streaming performance, sources the content from the most appropriate point relative to the delivery appliance requiring the content and dynamically caches content to minimize cache misses.
Several techniques have been used to optimize the streaming performance in delivery appliances. The software has being designed as a set of multithreaded highly scalable modules specifically designed to use multi-core processors and multiple disk storage.
To reduce the number of cache misses content is dynamically cached using the Last Recently Used (LRU) algorithm, which adds new content to the cache when requested and removes last recently used content when the cache fills. The Velocix delivery appliance implements a caching virtual file system with dynamic multi-level caching in memory and disk that maximizes performance and efficiency by keeping most popular content in memory.
When the delivery appliances receive a request for content that it cannot find in its cache it attempts to obtain it from another device in the CDN hierarchy. Two complementary acquisition techniques that handle different types of content are available.
- Acquisition from other member of a Velocix Inter-Cache Protocol (VXICP) group. A VXICP group comprises a number of delivery appliances typically in the same location. When an appliance receives a request it cannot serve, it attempts to acquire the content from other member of its group. If the requested content is not available from the VXICP group it is requested from higher up in the hierarchy. This approach minimizes both the response time and traffic on the transit network.
- Multi-source acquisition. Velocix has developed a unique file chunking and delivery capability that enables appliances to acquire content from multiple locations in parallel. Using multiple delivery servers increases the total bandwidth available and significantly improves resilience of the connection.
To maximize the caching capacity of a node location and as a result maximize the cache hit rate, the Velocix CDN directs repeated requests for a given piece of content to the appliance in the node that has the highest probability to have cached the requested content. This avoids having several copies of the same piece of content in the node which in turn frees memory for other pieces of content.
For those objects where responsiveness is paramount, the Velocix CDN allows the service provider to configure the operation so that response time is minimized at the expense of reducing the cache hit rate. In this case the CDN will contact the origin server if it cannot quickly find the object requested in the cache. This is contrary to the process for cache hit rate maximization where the origin server will only be contacted after a thorough search concludes that the object requested is no longer cached.
The Velocix CDN implements G2, a flexible and advanced request routing engine capable of taking into consideration a number of factors when selecting from where best to deliver content to a consumer. In addition, through G2 the service provider defines policies related to where content can be stored, where it can be served from and where it can be delivered. Among the factors considered for request routing are: the maximization of the client experience, the minimization of transit costs, the policies defined and network condition.
Velocix´s solution supports also token authentication as a mechanism to ensure that only valid requests for content are delivered by the CDN. When an end-user device is connected to a Delivery Appliance, the system decodes the token and checks that the token has not expired yet -a timestamp is applied to invalidate the address after a defined session timeout-, it is for the object specified in the request and it is 'valid'. For example, an unauthenticated user is not allowed access to content from a particular region, whereas an authenticated user is redirected to the CDN with an authorization token. If the token is valid, the CDN delivers the content.
For maximum security, in a token-based authorization scheme, it is esential to keep duration and reuse of tokens to a minimum, any concessions we make to usability could reduce security, For example, we could set a reuse property on the token, and set the duration to exceed the expected length of the content. This would make it likely that a disconnected consumer would be able to restart their content but it would also make the tokenised link vulnerable to malicious redistribution. This risk increases the more reuse we allow and the longer we make the duration of tokens. For the greatest security, Velocix provides some recommended deployment methods to get the expected customer quality of service.
The Velocix solution supports secure tokens, Hash-based Message Authentication Code (HMAC) tokens, as well as, Shock Wave Format (SWF) verification. With secure tokens a token generation library is used to add a secure token to any request, which is then validated against a shared secret or key.
Velocix has actively supported the move to HMAC tokens based on industry standard token-generating utilities that generate standard libraries of tokens in languages such as Java and C#. The Velocix solution also supports SWF verification to ensure the Flash application requesting content matches a copy of the application registered with the CDN.
Content Aware Cache Selection
In POP locations where multiple Delivery Appliances are deployed Content Aware Caching can improve cache efficiency by directing repeated requests for a given piece of content to the appliance in the node that has the highest probability to have cached the requested content thus freeing memory for other content and therefore increasing the cache hit rate.
Velocix´s solution supports also integrated geo-configuration which applies policy to content delivery using an associated set of rights to determine how and where content can be served and delivered.
The Velocix solution allows blocking certain subscribers or suspicious IP addresses within a generally allowed IP address block. Customer IP blocks are easily imported and updated to the Velocix Digital Media Delivery Platform to ensure accurate checking of the requester to grant access if the user is in the white list or deny access if it is in the blacklist.