The Internet was not designed to support the fast delivery of website applications. And caching– does not adequately address the performance requirements of dynamic, web-based applications. In this presentation, we will go over the differences, challenges and methodology for accelerating dynamic and static/cached content with a content delivery network (CDN). These slides were presented at the 2014 Velocity conference at the Santa Clara Convention Center in Santa Clara, CA United States For more information please visit cdnetworks.com.

1. CDNETWORKS.COM
CONTENT ACCELERATION
BEYOND CACHING
UNDERSTANDING DYNAMIC CONTENT
By CDNetworks

2.  CONTENT ACCELERATION – BEYOND CACHING
 CHALLENGES
 REPLICATION STRATEGIES
 CDN VISUALIZED
 BEST PRACTICES
COVERED
CDNETWORKS.COM

3. GLOBAL INTERNET CHALLENGES
CDNETWORKS.COM

4. CDNETWORKS.COM
PoP 3
PoP 2
PoP 1
Tier 3 Networks
(Multi-homed ISP)
IXC
Tier 1 Networks
Tier 3 Networks
(single homed ISP)
Tier 2 ISPs
Global Network
Providers
Internet Users
Broadband
Providers
Tier 2 Networks
Regional
ISPs,
University
Networks
Transit
Transit
Transit
Transit
Peering
THE GLOBAL INTERNET IS COMPLEX

5. INTERNET RTT LATENCY
 DISTANCE
 SPEED OF LIGHT
70 ms
150 ms
LONDON
NEW YORK
500 ms SHANGHAI
GLOBAL INTERNET CHALLENGES
CDNETWORKS.COM
SAN FRANCISCO

6. GLOBAL INTERNET CHALLENGES
NETWORK PROBLEMS
 NETWORK OF NETWORKS BOTTLENECKS
 PACKET LOSS
 CONGESTION
 RETRANSMISSION
CDNETWORKS.COM
SAN FRANCISCO
USER

7. MULTIPLE RTTs FOR CONNECTION NEGOTIATION
GLOBAL INTERNET CHALLENGES
INEFFICIENT PROTOCOLS / RTT MULTIPLIER
•CHATTY PROTOCOL
•TCP SLOW START
•TENS OF BACK & FORTH ROUND TRIPS
•30-50 RTTs FOR ONLY 1 PAGE
•CONNECTION LOAD AT ORIGIN
CDNETWORKS.COM
SAN FRANCISCO
FILE
USER

8. LATENCY VISUALIZEDWashington
Philadelphia
Atlanta
Boston
Chicago
Toronto
KansasCity
Denver
LosAngeles
SanDiego
SanJose
Dublin
Amsterdam
Vancouver
Dortmund
Hamburg
Berlin
London
Vienna
Milan
Madrid
Moscow
Istanbul
Tokyo
Mumbai
Sydney
NewDelhi
KualaLumpur
Shanghai
Chengdu
Bangalore
DL TIME 24kB OBJECT FROM ORIGIN LOCATION IN WASHINGTON DC, USA
5XSLOWER
9XSLOWER
14XSLOWER
30XSLOWER
Source: Compuware Gomez backbone agents
50XSLOWER
3XSLOWER
Beijing
SITE PERFORMANCE DEGRADES AS DISTANCE INCREASES
CDNETWORKS.COM
MORE DISTANCE  INCREASED LATENCY LONGER RTT  SLOWER DL SLOWER PAGE LOAD

9. WEB PAGES DO NOT HELP
CDNETWORKS.COM

10. PERSONALIZED AND REAL TIME
Ebay, AspenTech, LightSpeed
CDNETWORKS.COM

11. WEB SITE COMPLEXITY & SECURITY
Source: http://www.webperformancetoday.com/
CDNETWORKS.COM

12. EXTERNAL LINKS
ajax.googleapis.com
fast.fonts.com
brightcove.com
google-analytics.com
platform.twitter.com
google-analytics.com
BLOCKING!!
WORST CASE: CHINA – MANY DOMAINS BLOCKED
YOU HAVE NO CONTROLS OVER PERFORMANCE
CDNETWORKS.COM

13. DOMAIN ARCHITECTURE
CDNETWORKS.COM

14. 2 TYPES OF CONTENT
STATIC
DYNAMIC
STATIC & DYNAMIC CONTENT
CDNETWORKS.COM

15. http://www.mobify.com/blog/beginners-guide-to-http-cache-headers/
STATIC CONTENT
CDNETWORKS.COM

16. http://www.mobify.com/blog/beginners-guide-to-http-cache-headers/
DYNAMIC CONTENT
CDNETWORKS.COM

17. STATIC (http/s)
 SET TTL
DYNAMIC (http/s)
 DYNAMIC ACCELERATION VS. WHOLE SITE DELIVERY
ENCRYPTED
 SOME CDNs CAN ACCEPT ENCRYPTED TCP CONNECTION & ACCELERATE IT
CONTENT TYPES
CDNETWORKS.COM

18. CACHING STATIC CONTENT IS EASY
CDNETWORKS.COM

19. STATIC REPLICATION
 EASY – USE CDN
 FROM “FREE” TO “ENTERPRISE”
 CONTENT HAS TTL
 CDN REPLICATES CONTENT GLOBALLY
 HONORS TTL
 CAN DELETE FROM CDN CACHE
CDNETWORKS.COM

20. CACHING
NO: CACHING
LONGER ROUND TRIPS = LONGER RESPONSE TIME
DWA EDGE
WITH: CACHING
SHORTER ROUND TRIPS = SHORTER RESPONSE TIME
ORIGIN ORIGIN
CDNETWORKS.COM

21. CACHING AND COMPRESSION
NO: CACHING, COMPRESSION
DWA EDGE
WITH: CACHING, COMPRESSION
REDUCES ROUND TRIP OBJECT SIZE
ORIGIN ORIGIN
FILEPARTSNOTCOMPRESSED
FILECOMPRESSED CDNETWORKS.COM

22. DYNAMIC CONTENT IS NOT SO EASY
CDNETWORKS.COM

23. DYNAMIC REPLICATION
 GENERALLY CANNOT CACHE/REPLICATE PERSONALIZED RESULTS
 NEED TO DETERMINE CONSISTENCY REQUIREMENTS
 THEN DESIGN ORIGIN ARCHITETURE TO SUPPORT
CDNETWORKS.COM

24. REPLICATION – DYNAMIC CONTENT
CONSISTENCY QUESTIONS
 HOW MANY HITS ON MY WEB PAGE?
 CLOSE ENOUGH IS OK
 HOW MANY PEOPLE VIEWED MY LINKEDIN PROFILE?
 UPDATED HOURLY IS OK
 I WANT TO BUY SEAT 11B ON AN AIRPLANE?
 CAN ONLY SELL 1X
 PROBLEMS IF SOLD MORE THAN 1X
CDNETWORKS.COM

25. REPLICATION – DYNAMIC CONTENT
CONSISTENCY APPROACHES
 WEAK
 BEST EFFORT
 ACCEPTABLE FOR SOME LOST DATA
 EXAMPLE: WEB PAGE COUNTER OR VOIP
 EVENTUAL
 DATA OFTEN PUT IN “WORK QUEUE”
 EXAMPLE: PROFILE VIEWS
 STRONG
 RELATIONAL DATABASES
 USE TRANSACTIONS
 WAITS FOR CONFIRMATION
 EXAMPLE: SEAT 11B
CDNETWORKS.COM

26. REPLICATION – DYNAMIC CONTENT
DATACENTER IMPACT:
 WHAT ABOUT SINGLE DATACENTER?
 WEAK, EVENTUAL, STRONG:
 EASY, BUT SPOF
 SPEED & RELIABILITY EXCELLENT
 WHAT ABOUT MULTI DATACENTER?
 WEAK, EVENTUAL:
 RELATIVELY EASY, HARDER THAN SINGLE DATACENTER THOUGH…
 STRONG
 MUCH MORE DIFFICULT
 THINK BANK TRANSACTION
CDNETWORKS.COM

27. • What About Multi-Datacenter?
– If you need to do it, you need to do it…
Source: http://www.cs.usfca.edu/~srollins/courses/cs682-s08/web/notes/transactions.html
REPLICATION – DYNAMIC CONTENT
CDNETWORKS.COM

28. Source: http://www.cs.usfca.edu/~srollins/courses/cs682-s08/web/notes/transactions.html
REPLICATION – DYNAMIC CONTENT
OPTIONS FOR MULTI-DATACENTER
DON’T
 JUST BUILD AS RELIABLE OF A SINGLE DATACENTER SOLUTION AS YOU
CAN
2+ DATACENTERS - GOOD
 MASTER/REPLICA, MULTI-MASTER
 GENERALLY NOT STRONG CONSISTENCY (TERMS VARY)
 MIGHT LOSE SOME ACTIVE AND VERY RECENT DATA
2+ DATACENTERS - EXCELLENT
 2 PHASE COMMIT/PAXOS
 THINK OF BANKING & SEAT 11B
CDNETWORKS.COM

29. REPLICATION – DYNAMIC CONTENT
Single Origin
3 Datacenters
CDN (CDNetworks)
ASSUME YOU HAVE A 2 OR 3 DATACENTER SOLUTION
DO YOU STILL NEED A CDN?
CDNETWORKS.COM

30. DYNAMIC CDN ARCHITECTURE
CDNETWORKS.COM

31.  THESE ARE SOME COMMON TECHNIQUES
 DIFFERENT CDNs USE DIFFERENT TECHNIQUES
 MOST CDNs DO NOT SHARE TECHNIQUES
 BOTTOM LINE – PERFORMANCE RESULTS MATTER!
DISCLAIMER: DYNAMIC ACCELERATION
CDNETWORKS.COM

32. TCP CAN BE VERY SLOW
http://asperasoft.com/technology/transport/fasp/#tcp-464

33. TCP PERFORMANCE DEGRADES
http://esj.com/articles/2007/10/23/accelerating-file-transfers-in-the-midsize-enterprise.aspx

34. 0.0
5.0
10.0
15.0
20.0
20 40 60 80 100Source: RFC 1323
0.0
20.0
40.0
60.0
0 60 120 180 240 300
RTT (ms) 65kB window
RTT (ms)
MAX THROUGHPUT (Mbps)
65kB window
30ms  100ms
70% reduction!
TCP MATH
MAX THROUGHPUT (Mbps)
CDNETWORKS.COM

35. TLS/SSL OFFLOAD
NO: SSL OFFLOADING
DWA EDGE
WITH: SSL OFFLOAD
EDGE SERVER WITH SSL CERTIFICATION ENCRYPTS & DECRYPTS ON IT’S
OWN TO REDUCE ORIGIN LOAD
ORIGIN ORIGIN
CDNETWORKS.COM

36. DYNAMIC CONTENT
NO: CACHING, COMPRESSION,
CONN. POOLING OR KEEP ALIVE
DWA EDGE
WITH: COMPRESSION,
CONN. POOLING AND KEEP ALIVE
CONTINUOUS CONNECTIONS BETWEEN EDGE & SHIELD; & SHIELD + ORIGIN REDUCE
ROUND TRIPS FOR TCP OPEN & CLOSE CONNECTION
DWA SHIELD
PERSISTANTCONNECTIONS
ORIGINORIGIN
FILEPARTSNOTCOMPRESSED
CDNETWORKS.COM

37. OPTIMALLY TUNED TCP LINKS
LONGRESPONSETIME
HIGH LATENCY
DWA Edge
LOW LATENCY
WITH LARGE WINDOWS, FAST RETRANSMIT, FINE GRAINED RETRANSMISSION TIMEOUTS
AND FAST RECOVERY
DWA Shield
LOW LATENCY
ORIGIN
CDNETWORKS.COM

38. MOBILE ACCELERATION
CDNETWORKS.COM

39. DYNAMIC - ENCRYPTED
HAVEN’T TALKED ABOUT THIS YET
 SOME BANKING & ECOMMERCE TRANSACTIONS WANT
ACCELERATION, BUT CAN’T SHARE CERTIFICATE
NETWORK ACCELERATION
 SIMILAR TO DYNAMIC ACCELERATION, BUT NOT HTTP, SO CAN’T
READ HEADERS, JUST SEE IP PACKETS
 ACCELERATION TECHNIQUES AT LOWER LAYER
CDNETWORKS.COM

40. USER
CDNETWORKS.COM
ORIGIN
SSL
SSL
ENCRYPTED ACCELERATION
NO CACHING
ACCELERATES SSL TRAFFIC WITHOUT DECRYPTING CONTENT
TERMINATES AT REQUESTING/RESPONDING ENDPOINTS

41. CDNETWORKS.COM
COMPLEX ARCHITECTURE
Proxy
Server
TCPHTTPS
TCP
TCP
TCP
TCPHTTPS
HTTPS
Proxy
Server
CDN POP
CDN POP
HTTPS
Main
Server
Proxy
Server

42. DNS IS CRITICAL
CDNETWORKS.COM

43. DOMAIN NAME SYSTEM
EVERY LINK
UNICAST
 UNIQUE IP ADDRESS
ANYCAST
 SAME IP ADDRESS
LDNS
 REALLY, WHAT IS USED FOR GEO LOCATION
EDNS CLIENT SUBNET
 WAY FOR LDNS TO PASS BACK END USER NETWORK ADDRESS CDNETWORKS.COM

44. PSECURITY IS THE NEW MUST HAVE
CDNETWORKS.COM

45. WEB APPLICATION FIREWALL
ORIGIN
USER
Data
CDNETWORKS.COM
XSS
iSQL

46. DISTRIBUTED DENIAL OF SERVICE
ORIGIN
CDNETWORKS.COM
USER
Dynamic Content
logo.gif File
(Static Content)
BIG.pdf File
(Static Content)

47. BEST PRACTICES
CDNETWORKS.COM

48. CDN BEST PRACTICES
 DETERMINE DOMAINS: STATIC, DYNAMIC, & ENCRYPTED CONTENT
 GLOBAL CUSTOMERS = GLOBAL CDN & GLOBAL DNS
 DON’T USE ROOT DOMAIN FOR WEBSITE
 HAVE PRIMARY & BACKUP ORIGINS
 SET TTL HEADERS ON CONTENT & DNS
 BE AWARE CDNS SEND EXTRA HEADERS, USE IF DESIRED
 USE APIs FOR CDN AUTOMATION
CDNETWORKS.COM

49. CDNS CAN OVERRIDE
SOME CDNS CAN RUN “RULES” AT EDGE
 OVERRIDE MARKETING TEAM
 IMMEDIATE EFFECT
REWRITE URL
 SEND REQUESTS FROM “1.JPG” TO “OLD/1.JPG”
REDIRECT URL (301/302)
 “http” to “https”
OVERRIDE HEADER
 CACHE-CONTROL: MAX-AGE
 CACHE-CONTROL: NO-STORE
CDNETWORKS.COM

50. CDNS CAN OVERRIDE
CONTENT VARIATION
 USE CORRECT index.html BASED ON COOKIE OR GEO LOCATION
REFERRER CHECKING
 BLACK/WHITE LIST
GEO CONTROL
 ALLOW/DENY CONTENT BASED ON GEOGRAPHY
ORIGIN REQUEST HEADERS
 PASS
ORIGIN FAILURE
 SET BACKUP
 DELIVER STALE CONTENT
 RETURN 503 (REDUCE ORIGIN LOAD)
CDNETWORKS.COM

51. CDNETWORKS.COM
CONTENT ACCELERATION
BEYOND CACHING
UNDERSTANDING DYNAMIC CONTENT
Presented by CDNetworks
For more information visit CDNetworks.com