Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cisco Content Delivery Solutions

Published byJonas Antony Singleton Modified over 5 years ago

Similar presentations

Presentation on theme: "Cisco Content Delivery Solutions"— Presentation transcript:

1 Cisco Content Delivery Solutions
Fabrice Serey Zagreb 23/09/02

2 Agenda What is CDN ? Content Switches and their applications in Data Centers. Caching or how to increase end users response time. IP Video or how to build a Pay Per View Streaming solution Conclusion

3 Overcomes Performance Bottlenecks
Origin Server Scalability, Speed of Light Peering Point Congestion Last Mile Bandwidth “Middle Mile” We know that by bringing applications like e-learning, customer support and ecommerce to the Web, we can begin to solve problems around scaling, cost reductions and availability. But today’s Internet can’t handle the kind of rich content needed to enable these applications. As we see from this graphic, there are multiple opportunities for congestion points – all the way from the Internet Backbone to the Premises Network. The “middle mile” problem refers to the peering points within the internet The “last mile” problem refers to the connection of an enterprise site to the network. These are generally 1 – 3 mb/s AT MOST. This is a problem – most F500 companies have a less than T1 connection to their branch offices. If you try to deliver a TV-quality broadcast of your CEO, one user will chew up that entire connection. By bringing content closer to the user – the web page and the rich content it includes – we can overcome bandwidth bottlenecks and open up all kinds of new services at the edge. T1, DSL, Cable Modem Dial-up Peering Capacity, ISP Network Capacity 10 Mb to 1 Gb Ethernet Gigabit Optical Network Cross-Internet connections Premises Network Internet Backbone Local Loop

4 CDN definition “CDNs accelerate the delivery of Web contents by solving access and congestion problems. They open the way to new high-rate service (audiovisual applications, games). After first being only dedicated to Internet, CDNs have now spread to the market of multi-site companies and companies implementing high rate services on their Intranet.” Major incumbent PTT operator

5 5 Key Elements of Content Networks
Content Services Content Delivery Network Management Content Switching Content Routing Content Distribution & Delivery

6 Agenda CDN technical introduction. Content Switches and their applications in data centers. Caching or how to increase end users response time. IP Video or how to build a Pay Per View Streaming solution Conclusion

7 Traditional Load Balancing : DNS round robin
; PC based load balancers and Layer 4 switches provided rudimentary “load balancing” or “TCP traffic management.” The resulting configurations, however, are content blind and unable to direct Web traffic based on the content being requested. In addition, these configurations are complex, difficult to manage and maintain, and limited in their scalability and performance. First generation load-balancing solutions provided the intelligence to balance the load between multiple local Web servers, but are limited in the selection process by their inability to analyze web flows based on content type and location. As a result, all content must be mirrored among every server being load balanced. In addition, these devices sit in line on the network creating a single point of failure, and for larger Web sites, a bottleneck in performance. Layer 4 switches and load balancers, route incoming requests based on the combination of destination IP address, and TCP port. They immediately “bind” a Web browser to a Web server based on the initial TCP SYN request. Therefore the content request is routed before the switch receives the actual HTTP request, making it incapable of optimizing flows based on URL. This can be problematic in a Web environment. To a Layer 4 load balancer, all Web applications appear to be using TCP port 80 (well-known port for HTTP), making them indistinguishable from one another. Therefore, a CGI request looks no different from a Web-enabled SAP application or streaming audio request, even though all of these requests have very different requirements or may be found on different servers. Internet User Web Server Farm Load Balancing not mapped to the real load of the server DNS does not know state of the server Client interprets differently DNS A record with multiple

8 How Content Services Switching Works
Step 1: User clicks: Browser talks to DNS for IP Address Browser sends TCP SYN (connect?) Internet Step 2: Switch Sends TCP SYN ACK to browser Step 3: Browser sends URL: Current Layer 4 switches and load balancers, route incoming requests based on the combination of destination IP address, and TCP port. They immediately “bind” a Web browser to a Web server based on the initial TCP SYN request. Therefore the content request is routed before the switch receives the actual HTTP request, making it incapable of optimizing flows based on URL. This can be problematic in a Web environment. To a Layer 4 load balancer, all Web applications appear to be using TCP port 80 (well-known port for HTTP), making them indistinguishable from one another. Therefore, a CGI request looks no different from a Web-enabled SAP application or streaming audio request, even though all of these requests have very different requirements or may be found on different servers. In contrast, Web switches use URLs to route incoming requests to target servers. By looking deep into the HTTP payload, down to the URL and cookie, a Web switch “knows” what content is being requested. This provides unprecedented flexibility in defining policies for security and traffic prioritization – enabling tiered services and ensuring Service Level Agreements are met. Further, the ability to use cookies enables sticky connections – a critical requirement for e-commerce. There are 5 basic steps involved in web switching: 1. User makes a content request by typing a URL into a browser. 2. Web switch with virtual IP of the requested URL intercepts the request. 3a. Web switch spoofs TCP ACK back to client. 3b. The Web switch examines HTTP header and URL and compares to current content rules to select best server or cache to satisfy the request. 4. A flow is created between the switch and the optimal server and “snaps” together with the flow from the client to the switch. 5. All subsequent packets for that Web flow are forwarded without intervention by the switch controllers. Step 4: Switch determines Best Server Step 5: Switch connects to Best Server and splices TCP connection

9 Content Intelligence Defined
Content Services Switch L4 extended with URL filtering L4 “session” Switch Full content switching on: Host Tag Entire URL Dynamic Cookie location File extension 000’s of rules 000’s of services 00’s of services per content rule L3 Switch Session load balancing by IP address and TCP port Policy based on TCP port Limited URL filtering on: Non HTTP GET HTTP w/ Cookies File extension Limited URL visibility 64 strings <=40 bytes 32 rules <= 8 bytes Switching on MAC address, VLANs IP Routing 802.1 P/Q policy The Cisco CSS series is unique in its ability to perform content discovery, the key to achieving content or name-based switching. Content discovery requires: 1) spoofing the TCP using the entire URL and cookie; 2) providing content based keep-alives to detect changes in content; 3) probing the server automatically to determine content attributes then dynamically selecting the best connection for the keep alive. Conventional load balancers and Layer 4 switches were designed for address-based switching, and differentiate applications based on identity of well-known TCP ports: Port 80 for HTTP and Port 21 for FTP. However, even as more and more information is based on HTTP requests, load balancers cannot differentiate between multiple HTTP requests for different content. The Cisco CSS series switches were designed for name-based switching and are the only switches to use the entire URL and cookie to select the best site and server.

10 What is being requested?
Why a content switch ? Platinum Account Trading Flash Crowd Insurance What is being requested? Who is requesting it? Provide redundancy Location of best server? Real-time Stock Quotes media.com The Cisco CSS series was designed for switching Web flows and is unique in its ability to perform content discovery, the key to achieving content or name-based switching. Content discovery requires understanding completely what content is being requested by whom and determining the best location to obtain the content. To do this, the Cisco CSS series switches: use the entire URL and cookie during flow setup to select the best site and server. provide content based keep-alives to detect changes in content; probe the server automatically to determine content attributes then dynamically selecting the best connection for the keep alive. The content intelligence of the Cisco CSS series delivers many benefits: optimized content delivery, 100% available web sites and content, superior scalability e-commerce transaction integrity, enhanced site security ability to offer new services Investor Chat Room Account Browsing & Customer Service

11 Site & System Security Web site Security
Prevents Denial of Service attacks Stateful access control Firewall Load Balancing Attacker Internet The challenge for any successful public Web site is to attract and retain users while eliminating any undesired or malicious traffic. Web site security requirements cannot be fully met using traditional methods. Firewalls, for example, are optimized to prevent access to a network and they do not scale well for today's extremely high-traffic Web environments. This is particularly true for software-based proxy firewall services, which are limited in the number of sessions they support. Each session requires a unique process, placing a heavy processing burden on the CPU, representing a serious performance bottleneck. FlowWall Security includes Web site security capabilities available in the Cisco CSS series switches. The first tier security services include: DoS Attack Prevention - Web switches validate every session flow at initial flow setup and eliminate all connection-based DoS attacks and other attempted malicious or abnormal connections with no impact on the performance of the Web switch. Network Address Translation - Wire speed NAT capabilities on Web switches effectively hide the IP addresses for all devices located behind the Web switch, such as Web servers and caches, eliminating the ability of hackers to attack servers directly by using explicit IP addresses. Web switches provide firewall services including high speed access control lists that block particular content requests by IP address, TCP port, Host Tag, complete URL, or file type. For the maximum access control when separate firewall services are required, Cisco CSS series switches can load balance the firewalls. Firewall Load Balancing - When full firewall security is needed either in the path from the Internet, or to protect mission-critical backend systems or networks, Web switches can prevent bottlenecks and eliminate single points of failure by distributing traffic among multiple load-balanced firewalls. Secure Services DMZ

12 Intelligent redirection Cookie sticky Automatic Content Replication
And even more… Intelligent redirection Cookie sticky Automatic Content Replication Data Centers load balancing User-tailored Web Services SSL termination Box to box redundancy On May 17, 2000, Spanish Internet service provider Terra Networks (SA) agreed to pay $12.5 billion in stock for Lycos so it could gain a source of online content. Both Terra and Lycos achieve a significant part of their revenues from online advertising. Their online advertising exploits are based on accurate traffic statistics that they relay to customers and use to favorably influence advertising contracts. Using the Cisco CSS switch, Lycos is still a “separate entity” from Terra. This allows Lycos to maintain their revenue stream from advertising activities because they can still report accurate traffic statistics… This is how it works: 1) User makes a request by typing into a browser. 2) Cisco CSS switch intercepts the request. 2a. Switch sends an HTTP redirect to 3) Browser sends 4) Switch finds most suitable server for content request 5) Switch connects to best server 6) Connected In the scenario above, logs the web page hit like it normally would - without requiring the user to go directly to

13 Cisco 1150X Content Services Switch
40 Gbps Switch Fabric Up to 6 modules Up to 80 FE plus 2GE Up to 12 GE Redundant AC or DC CSS 11506 CSS 11503

14 Content Switching Module
High-performance layer 4-7 load balancer of servers, firewalls, caches and more Single-slot linecard for catalyst 6500 Custom network-processor-based hardware Full regular expression support (URLs, cookies, HTTP header parsing)

15 Reasons for a data center ?
For operator internal use (ISP services, hosting operator portal, internal services) To sell new commercial services (with or without VPNs)

16 Data Center ”Layered model”
Internet Shared Hosting Dedicated Hosting Co-Location Streaming Managed Security VPN (FR or ATM PVC, MPLS VPN)

17 Data Center Load Balancing For Internet and Intranet
ISP-1 ISP-2 Content Switch SSL Content Accelerator Hosting Solution Engine PIX™ Firewall Web Servers Content Switch Database Servers

18 Agenda CDN technical introduction. Content Switches and their applications in data centers. Caching or how to increase end users response time. IP Video or how to build a Pay Per View Streaming solution Conclusion

19 How to cache the content ?
PROXY caching TRANSPARENT caching REVERSE PROXY caching

20 Proxy Caching Cache Miss Example: Internet Cache 200.200.200.1
Enterprise Network Internet Cache Origin Server Client 1. Client request to proxy cache 2. Cache Miss 4. Content request to Origin Dest. IP: Dest. Port: 8080 Get: “// No DNS lookup required by client In a proxy cache, users request pages from a local cache instead of direct from the source. The local cache gets the page, saves it on disk and forwards it to the user. Subsequent requests from other users of the cache get the saved copy, which is much faster and does not consume Internet bandwidth. In this case the cache acts on behalf of the client. The example above outlines the operation and characteristics of a proxy cache miss as follows: 1. The client’s browser is configured with the IP address and destination port number of the cache in which it is to send all HTTP requests. Because the client is configured to send all requests to the cache no DNS lookup is required. Instead it becomes the job of the proxy cache to resolve the name only when it does not contain a copy of the requested content. The domain name is included as part of the URL in the HTTP header so that when the cache does not contain the requested content it will use this domain name to resolve the source address for the content. 2. In this example we assume the cache does not contain a copy of the requested content. This is known as a cache miss. 3. The cache performs DNS resolution for the domain name provided as part of the URL. 4. With the name resolved the cache performs a request for a copy of the content from the source. 5. Content is returned from the source to the cache. 6. If the content is cacheable it is stored on the cache for future requests. 7. The requested content is sent to the client. Notes: 3. DNS resolve of 5. Origin returns content 7. Content sent to client 6. Content stored on cache

21 Transparent Caching Cache Miss Example:
3. Intercepts TCP port 80 traffic and forwards request to cache Enterprise Network Internet 1. DNS resolve of 2. Client request to origin Dest. IP: Dest. Port: 80 Get: “/training” Host: Cache Origin Server 4. Cache Miss In a transparent cache, users request content directly from the source. The request is intercepted and the cache checks to see if it contains a copy of the requested content. If the cache does not contain a copy it gets the page, saves it on disk and forwards it to the user. Subsequent requests from other users get the saved copy, which is much faster and does not consume Internet bandwidth. In this case the cache acts on behalf of the client. The example above outlines the operation and characteristics of a transparent cache miss as follows: 1. The client’s browser performs a DNS lookup to resolve the IP address of the source for the requested content. 2. With the resolved address the client initiates a TCP session to request content from the source. Note that the client is unaware of the cache. In other words the cache is transparent to the client. 3. The client’s request is intercepted and directed to the cache. 4. In this example we assume a cache miss. 5. Using the IP address resolved by the client the cache performs a request for the content from the source. 6. A copy of the content is returned from the source to the cache. 7. If the content is cacheable it is stored on the cache for future requests. 8. The requested content is sent to the client. Notes: 5. Content request to Origin Client 8. Content sent to client 6. Origin returns content 7. Content stored on cache

22 Why caching ? Faster network response time
Decrease traffic load on expensive peering links Ease traffic monitoring and management (filtering)

23 Internet access for residential customers
BGP peering with External AS As#124 As#12 As#317 POP1 POP2 Service Provider WAN POP4 POP3 Dial-Up Cable ADSL ETH

24 Faster network response time
ce590#sh stat http perf Statistics - Performance Avg Min Max Last Requests / Second: Bytes / Second: Seconds / Request: Seconds / Hit: Seconds / Miss: Cache eliminate this delay Seconds/Miss depends on peering links to the internet (typically 1-6 seconds) RT = RTSP + RTinternet + RTwebserver

25 Decrease traffic load on expensive peering links
ce590#show stat http saving Statistics - Savings Requests Bytes Total: Hits: Miss: Savings: % % Bandwidth saving depends on country and type of users Typical residential and university saving = 30% - 50% Business Users, Saving = 20% - 40%

26 Cost Saving Calculation
Monthly savings = Bandwidth (Mbps) x Monthly BW cost/Mbps x Percent HTTP traffic x Byte hit rate Payback period = purchase price / monthly savings

27 Filtering Web Sense : The best URL database
Out of the box Web Sense server Smart Filter : The most common tools Inside the box Smart Filter agent Smart Filter GUI + License N2H2

28 Agenda CDN technical introduction. Content Switches and their applications in data centers. Caching or how to increase end users response time. IP Video or how to build a Pay Per View Streaming Solution Conclusion

29 Content Delivery Networks Bringing Content Closer to Users
Server Load Balancer and Content Servers Server Load Balancer and Content Servers Content Router Origin Web Server Server Load Balancer and Content Servers Server Load Balancer and Content Servers Local DNS Server

30 Streaming technology Live Traffic Video On Demand Transparent Caching and CONTENT PREPOSITIONING (E-CDN, I-CDN) Managed Streaming Server* Stream Splitting Un-managed Streaming Server** Stream Splitting Transparent Caching *Managed streaming server : Owned by the SP in one location **Un-managed streaming server : Server on the internet

31 Content Engine Streaming capabilities
Full support of RealNetwork functionalities (Proxy, Subscribers, Servers) Full support of Windows Media functionalities (Native WMS, v4.1)

32 Pay Per View Service SP are willing to sell more than just Internet access and VPN. Interest in voice and video. New promising service: Video and Interactive gaming PPV is ONE possible video service Video technology is still in its infancy. Microsoft is taking large market share.

33 PPV foundation: Video Streaming
2. Streaming protocol Video library VideoServer IP network Codec on PC Content VoD Content Live 1. Encoding = codec, bit rate, image size, frame per second, key image intervall

34 …with DRM and Billing Encrypted Stream License aquisition Residential
User buy the rights to view a file for a limited amount of time (1 day) Can not store the file on his PC Residential Service Provider Backbone Datacenter 300kbit/s streams 900kbit/s streams VideoServer Encrypted Stream Video Library License aquisition Broadband access ADSL, Cable, ETTH DRM : Digital Right Mngt Server Unique Per Content Provider Billing (Outsourced)

35 Codec: Which quality to expect?
Image quality Bandwith (Codec) Access Type Bad VHS on TV & PC 360kbps ADSL 512Kbps, Cable* 512kbps ETTH VHS on TV 700kbps ADSL 1Mbps, ETTH Corporate Access DVD on TV >900kbps ETTH Corporate Access DVD on PC 2000kbps *might have an issue with QoS Assumption: Video are streamed on TV, not stored and play

36 How can Cisco help ? Residential Service Provider Backbone Datacenter
VideoServer Video Library 300kbit/s streams 900kbit/s streams Broadband access ADSL, Cable, ETTH

37 Agenda CDN technical introduction. Content Switches and their applications in data centers. Caching or how to increase end users response time. IP Video or how to build a Pay Per View Streaming Solution Conclusion

38 Content Delivery Networks System Building Blocks
Highly available, scalable, performance network at Layer 2/3 Streaming Applications E-Commerce Web Hosting Content Delivery Services Content Delivery Networks L2/L3 Networks Intelligent Network Services Content Distribution & Management Content Routing Switching Edge Delivery Major messages: Enhance your infrastructure to support next generation content delivery services, DON’T buy products to support any single content delivery application Cisco has taken a holistic approach to solving the problem, and has defined the 5 key elements of content networking. By integrating these technologies with your infrastructure, you can leverage the access technologies that you require, AND support a wide range of content netrworking applications now, and in the future. ONLY CISCO HAS A COMPELTE SOLUTION TO CONTENT DELIVERY NETWORKS Mobile Fixed Wireless Cable DSL Dedicated/ ATM/FR ISDN/Dial

39 Thank You !!!

Download ppt "Cisco Content Delivery Solutions"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.

Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.

1 Content Delivery Networks iBAND2 May 24, 1999 Dave Farber CTO Sandpiper Networks, Inc.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.
Networking Components Chad Benedict – LTEC 4550 1.

Networking Components Chad Benedict – LTEC
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Chapter 4: Managing LAN Traffic

Chapter 4: Managing LAN Traffic
1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.

1 3 Web Proxies Web Protocols and Practice. 2 Topics Web Protocols and Practice WEB PROXIES  Web Proxy Definition  Three of the Most Common Intermediaries.
1 © 2001 Cisco Systems, Inc. All rights reserved. Cisco Content Delivery Solutions Fabrice Serey Zagreb 23/09/02.

1 © 2001 Cisco Systems, Inc. All rights reserved. Cisco Content Delivery Solutions Fabrice Serey Zagreb 23/09/02.
Web Cache Redirection using a Layer-4 switch: Architecture, issues, tradeoffs, and trends Shirish Sathaye Vice-President of Engineering.

Web Cache Redirection using a Layer-4 switch: Architecture, issues, tradeoffs, and trends Shirish Sathaye Vice-President of Engineering.
Kiew-Hong Chua a.k.a Francis Computer Network Presentation 12/5/00.

Kiew-Hong Chua a.k.a Francis Computer Network Presentation 12/5/00.
Firewall Security.

Firewall Security.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
NT1210 Introduction to Networking

NT1210 Introduction to Networking

Similar presentations

Ads by Google