Making the Internet fast, reliable and secure. DE-CIX Customer Summit - 2014. Steven Schecter <schecter@akamai.com>

Similar documents
BGP and Traffic Engineering with Akamai. Caglar Dabanoglu Akamai Technologies AfPIF 2015, Maputo, August 25th

BGP and Traffic Engineering with Akamai. Christian Kaufmann Akamai Technologies MENOG 14

Akamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies DENOG 5 14 th November 2013

AKAMAI SOLUTION BROCHURE CLOUD SECURITY SOLUTIONS FAST RELIABLE SECURE.

Akamai CDN, IPv6 and DNS security. Christian Kaufmann Akamai Technologies APNIC th August 2013

Distributed Systems. 23. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2015

Distributed Systems. 25. Content Delivery Networks (CDN) 2014 Paul Krzyzanowski. Rutgers University. Fall 2014

How To Understand The Power Of A Content Delivery Network (Cdn)

THE MASTER LIST OF DNS TERMINOLOGY. v 2.0

Data Center Content Delivery Network

THE MASTER LIST OF DNS TERMINOLOGY. First Edition

Automated Mitigation of the Largest and Smartest DDoS Attacks

F5 Silverline DDoS Protection Onboarding: Technical Note

Measuring the Web: Part I - - Content Delivery Networks. Prof. Anja Feldmann, Ph.D. Dr. Ramin Khalili Georgios Smaragdakis, PhD

Traffic Diversion Techniques for DDoS Mitigation using BGP Flowspec. Leonardo Serodio May 2013

AKAMAI WHITE PAPER. Delivering Dynamic Web Content in Cloud Computing Applications: HTTP resource download performance modelling

Building a Resilient World Wide Web

A Link Load Balancing Solution for Multi-Homed Networks

DE-CIX Premium Internet Exchange Services

The Role IXPs and Peering Play in the Evolution of the Internet

The Value of Content Distribution Networks Mike Axelrod, Google Google Public

Distributed Systems 19. Content Delivery Networks (CDN) Paul Krzyzanowski

Indirection. science can be solved by adding another level of indirection" -- Butler Lampson. "Every problem in computer

high-quality steaming over the Internet

Accelerate Private Clouds with an Optimized Network

Distributed Systems. 24. Content Delivery Networks (CDN) 2013 Paul Krzyzanowski. Rutgers University. Fall 2013

SSDP REFLECTION DDOS ATTACKS

Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS

Automated Mitigation of the Largest and Smartest DDoS Attacks

FortiBalancer: Global Server Load Balancing WHITE PAPER

WAN Traffic Management with PowerLink Pro100

Global Server Load Balancing (GSLB) Concepts

Deploying in a Distributed Environment

Cisco Dynamic Workload Scaling Solution

Data Center Use Cases and Trends

Global Server Load Balancing

Demonstrating the high performance and feature richness of the compact MX Series

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution

Intelligent Routing Platform White Paper

SecurityDAM On-demand, Cloud-based DDoS Mitigation

PowerLink Bandwidth Aggregation Redundant WAN Link and VPN Fail-Over Solutions

Stop DDoS Attacks in Minutes

Intelligent Content Delivery Network (CDN) The New Generation of High-Quality Network

Internet Traffic Evolution

The OpenDNS Global Network Delivers a Secure Connection Every Time. Everywhere.

Whitepaper. A Practical Guide to ISP Redundancy and Uninterrupted Internet Connectivity

Mitigating DDoS Attacks at Layer 7

Burning Bridges - Routing Your Bridged WISP Network With MikroTik

Web Caching and CDNs. Aditya Akella

State of Texas. TEX-AN Next Generation. NNI Plan

Overlay Networks. Slides adopted from Prof. Böszörményi, Distributed Systems, Summer 2004.

ANATOMY OF A DDoS ATTACK AGAINST THE DNS INFRASTRUCTURE

DATA COMMUNICATOIN NETWORKING

Service Description DDoS Mitigation Service

Lifesize Cloud, Architecture. A comprehensive guide

Department of Computer Science Institute for System Architecture, Chair for Computer Networks. Caching, Content Distribution and Load Balancing

Large-Scale Distributed Systems. Datacenter Networks. COMP6511A Spring 2014 HKUST. Lin Gu

Data Sheet. V-Net Link 700 C Series Link Load Balancer. V-NetLink:Link Load Balancing Solution from VIAEDGE

DEFENSE NETWORK FAQS DATA SHEET

Arbor s Solution for ISP

DDoS Attack Mitigation Report. Media & Entertainment Finance, Banking & Insurance. Retail

How To Understand The Power Of Icdn

How To Stop A Malicious Dns Attack On A Domain Name Server (Dns) From Being Spoofed (Dnt) On A Network (Networking) On An Ip Address (Ip Address) On Your Ip Address On A Pc Or Ip Address

Basheer Al-Duwairi Jordan University of Science & Technology

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

Content Distribu-on Networks (CDNs)

Lecture 3: Scaling by Load Balancing 1. Comments on reviews i. 2. Topic 1: Scalability a. QUESTION: What are problems? i. These papers look at

Stress Testing and Distributed Denial of Service Testing of Network Infrastructures

Global Load Balancing Solutions

Ensighten Tag Delivery Network. Advanced Infrastructure for Enterprise-Class Tag Management

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

DEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager

Subscriber Guide. Everstream Subscriber Guide version

BEST PRACTICES FOR IMPROVING EXTERNAL DNS RESILIENCY AND PERFORMANCE

Claudio Jeker. RIPE 41 Meeting Amsterdam, 15. January Using BGP topology information for DNS RR sorting

[Restricted] ONLY for designated groups and individuals Check Point Software Technologies Ltd.

The server will respond to the client with a list of instances. One such attack was analyzed by an information security researcher in January 2015.

STATE OF DNS AVAILABILITY REPORT

Availability Digest. Prolexic a DDoS Mitigation Service Provider April 2013

Microsoft s Cloud Networks

Experimentation with the YouTube Content Delivery Network (CDN)

ExamPDF. Higher Quality,Better service!

F5 Intelligent DNS Scale. Philippe Bogaerts Senior Field Systems Engineer mailto: Mob.:

Trends in Internet Traffic Patterns Darren Anstee, EMEA Solutions Architect

Approaches for DDoS an ISP Perspective.

Routing Security Server failure detection and recovery Protocol support Redundancy

The Application Front End Understanding Next-Generation Load Balancing Appliances

Transcription:

Making the Internet fast, reliable and secure DE-CIX Customer Summit - 2014 Steven Schecter <schecter@akamai.com>

What is a Content Distribution Network RFCs and Internet Drafts define a CDN as: Content Delivery Network or Content Distribution Network. A type of content network in which the content network elements are arranged for more effective delivery of content to clients. In English: A CDN is an overlay network, designed to delivery content from the optimal location Very Generally: Users in Tokyo should go to a server in Tokyo, users in Frankfurt go to a server in Frankfurt

The Akamai Intelligent Platform A Global Platform 154,000+ Servers 2,500+ Locations 1,250+ Networks 650+ Cities 92+ Countries A Global Platform With Enormous Scale &&154,000&servers& &&&&&&2,500&loca=ons& Traffic over 20 Tbps 30+ million hits per second Over 2 trillion deliveries/daily Protection against DDoS attacks up to 250 Gbps &&&&&&1,250&networks& &&&&&&&&&650&ci=es& &&&&&&&&&&&92&countries& With&Enormous&Scale& Traffic&over&20&Tbps& 30+&million&hits&per&second& Over&2&trillion&deliveries/day& 100+&petabytes/day& Protec=on&against&DDoS&& aaacks&up&to&250&gbps&

How Akamai Works When content is requested from Akamai, multiple criteria is examined to choose the optimal server: Latency & Packet Loss CPU load, memory, and HD space on server Network utilization Example of Akamai mapping: [NYC]% host www.symantec.com www.symantec.com CNAME e5211.b.akamaiedge.net. e5211.b.akamaiedge.net. A 207.40.194.46 e5211.b.akamaiedge.net. A 207.40.194.49 [Boston]% host www.symantec.com www.symantec.com CNAME e5211.b.akamaiedge.net. e5211.b.akamaiedge.net. A 81.23.243.152 e5211.b.akamaiedge.net. A 81.23.243.145

Mapping (simplified) 1 example.com? 5.6.7.8 5 ISP NS 1.2.3.4 example.com? 2 a212.g.akamai.net root/tld/intermediate NS (recursive lookup until reaching authoritative NS) 3 NS 1.2.3.4? best cluster = 5.6.7.8 6 4 Akamai NS Local Akamai Cluster at ISP 5.6.7.8 1. End-user requests www.example.com from ISP NS 2. ISP NS recursively looks up www.example.com being referred to authoritative Akamai NS (by cname) 3. ISP NS asks authoritative Akamai NS 4. Akamai NS looks up the IP of requestor (ISP NS) and replies with IP of optimal cluster to serve content 5. ISP NS replies to end-user who 6. Requests content from the optimal cluster

Akamai s CDN Akamai s CDN is comprised of distinct, geographically & topologically disparate nodes We believe having lots of nodes in lots of places gives us better performance than a few large sites It is important to realize there is no network interconnecting Akamai nodes; each node is effectively a private island

Akamai Accelerated Network Partner (AANP) Deployment of Akamai edge servers direct in ISP networks Eyeball networks are able to receive the fastest access to some of the most popular content Deliver peak performance for maximum competitive advantage Reduce transit bandwidth expense Increase subscriber satisfaction Take full advantage of technical and marketing support

Why peer with Akamai? Open Peering Policy Promotes Performance & Redundancy Removing intermediate AS hops may yield higher peak traffic for the same demand profile Burstability During large events, having direct connectivity to multiple networks allows for higher burstability than a single connection to a transit provider AANP and non-aanp participants are encouraged to peer For AANP s, peering can act as a backup during downtime and overflow Helps keep traffic off your transit Faster resolution of thousands of domains Provides access to more types of content In some cases, SSL may not be served from local on-net deployments, establishing peering with Akamai provides fast access to SSL content

How Akamai uses Internet Exchanges Akamai typically does not announce large blocks of address space because no single location has a large number of servers It is not uncommon to see a single /24 from Akamai at an IX This does not mean you won t see a lot of traffic How many servers does it take to fill 10 gigabits these days?

How Akamai uses Internet Exchanges Peer Network Akamai uses transit to pull content into the server Content is then served to peers over the IX IX Content Transit Origin Server

Why don t I get all Akamai traffic over peering? CDN Servers No single cluster can accommodate all Akamai content Peer with Akamai in different locations to access different Akamai Content profiles ISP prefers customers over peers Akamai prefers on-net cluster over peering Do you want to host an Akamai cluster?

Akamai Internet Exchange Point Details Akamai is active at over 90 Internet Exchange Points worldwide! Akamai has over 3.5 Tbps to Internet Exchange Points alone! 100 90 80 70 60 50 40 30 20 10 0 2007 2008 2009 2010 2011 2012 2013 2014

Akamai s Internet Exchange Point Capacity Growth 4000000 3500000 3000000 2500000 2000000 1500000 1000000 500000 0 2007 2008 2009 2010 2011 2012 2013 2014

Prolexic Acquisition Prolexic, now part of Akamai, is the leading Distributed Denial of Service mitigation service provider Global network operating under ASN 32787 Public peering at many Internet Exchanges BBIX Tokyo, DE-CIX Frankfurt, LINX, Equinix IAD & SJC, HKIX, JPIX Operating 8 scrubbing centers worldwide Uses GRE to construct virtual connections to your routers BGP is used to communicate network advertisements from your site to Prolexic Prolexic advertises your routes via their global network from each scrubbing center; traffic is cleansed and forwarded across the tunnel(s) to the customer s router(s).

Questions? Steven Schecter <schecter@akamai.com> More information: http://as20940.peeringdb.com http://www.akamai.com/60seconds

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information