| AKAMAI TECHNOLOGIES, INC. Patent applications |
| Patent application number | Title | Published |
|---|
| 20130114744 | SEGMENTED PARALLEL ENCODING WITH FRAME-AWARE, VARIABLE-SIZE CHUNKING - The subject matter herein generally relates to transcoding content, typically audio/video files though not limited to such, from one version to another in preparation for online streaming or other delivery to end users. Such transcoding may involve converting from one format to another (e.g., changing codecs or container formats), or creating multiple versions of an original source file in different bitrates, frame-sizes, or otherwise, to support distribution to a wide array of devices and to utilize performance-enhancing technologies like adaptive bitrate streaming. A transcoding platform is described herein that, in certain embodiments, leverages distributed computing techniques to transcode content in parallel across a platform of machines that are preferably idle or low-utilization resources of a content delivery network. The transcoding system also utilizes, in certain embodiments, improved techniques for segmenting the original source file so as to enable different segments to be sent to different machines for parallel transcodes. | 05-09-2013 |
| 20130103782 | APPARATUS AND METHOD FOR CACHING OF COMPRESSED CONTENT IN A CONTENT DELIVERY NETWORK - A content delivery network (CDN) edge server is provisioned to provide last mile acceleration of content to requesting end users. The CDN edge server fetches, compresses and caches content obtained from a content provider origin server, and serves that content in compressed form in response to receipt of an end user request for that content. It also provides “on-the-fly” compression of otherwise uncompressed content as such content is retrieved from cache and is delivered in response to receipt of an end user request for such content. A preferred compression routine is gzip, as most end user browsers support the capability to decompress files that are received in this format. The compression functionality preferably is enabled on the edge server using customer-specific metadata tags. | 04-25-2013 |
| 20130097291 | Hybrid content delivery network (CDN) and peer-to-peer (P2P) network - A content delivery network (CDN) typically includes a mapping system for directing requests to CDN servers. One or more peer machines become associated with the CDN, and the CDN mapping system is then used to enable a given peer to locate another peer in the P2P network, and/or a CDN server. Using this hybrid approach, CDN customer content may be delivered from the CDN edge network, from the P2P network, or from both networks. In one embodiment, customer content is uploaded to the CDN and stored in the edge network, or in a storage network associated therewith. The CDN edge network is then used to prime the P2P network, which may be used to take over some of the content delivery requirements for the customer content. The decision of whether to use edge network or peer network resources for delivery may be based on load and traffic conditions. | 04-18-2013 |
| 20130042328 | Enforcing single stream per sign-on from a content delivery network (CDN) media server - An apparatus for enforcing a media stream delivery restriction uses a stream control service (SCS). The SCS is implemented in a distributed network, such as a CDN, in which a given media stream is delivered to authorized end users from multiple delivery servers, but where an authorized end user is associated with a single log-in identifier that is not intended to be shared with other end users. According to the method, an enforcement server of the SCS identifies first and second copies of the given media stream associated with the single log-in identifier being delivered from multiple delivery servers. It then issues message to terminate delivery of the given media stream from at least one of the multiple delivery servers. | 02-14-2013 |
| 20130024503 | Using virtual domain name service (DNS) zones for enterprise content delivery - A domain to be published to an enterprise ECDN is associated with a set of one or more enterprise zones configurable in a hierarchy. When a DNS query arrives for a hostname known to be associated with given content within the control of the ECDN, a DNS server responds by handing back an IP address, by executing a zone referral to a next (lower) level name server in a zone hierarchy, or by CNAMing to another hostname, thereby restarting the lookup procedure. At any level in the zone hierarchy, there is an associated zone server that executes logic that applies the requested hostname against a map. A name query to ECDN-managed content may be serviced in coordination with various sources of distributed network intelligence. | 01-24-2013 |
| 20130019311 | Method and system for handling computer network attacks - A method and apparatus for serving content requests using global and local load balancing techniques is provided. Web site content is cached using two or more point of presences (POPs), wherein each POP has at least one DNS server. Each DNS server is associated with the same anycast IP address. A domain name resolution request is transmitted to the POP in closest network proximity for resolution based on the anycast IP address. Once the domain name resolution request is received at a particular POP, local load balancing techniques are performed to dynamically select the appropriate Web server at the POP for use in resolving the domain name resolution request. Approaches are described for handling bursts of traffic at a particular POP, security, and recovering from the failure of various components of the system. | 01-17-2013 |
| 20120324227 | System For Generating Fingerprints Based On Information Extracted By A Content Delivery Network Server - A dynamic multimedia fingerprinting system is provided. A user requests multimedia content from a Web cache server that verifies that the user is authorized to download the content. A custom fingerprint specific to the user is generated and dynamically inserted into the content as the content is delivered to the user. The custom fingerprint can be generated on the Web cache server or at the content provider's server. The system allows a content provider to specify where the custom fingerprint is inserted into the content or where the fingerprint is to replace a placeholder within the content. | 12-20-2012 |
| 20120324060 | Method of data collection among participating content providers in a distributed network - A content delivery network (CDN) service provider extends a content delivery network to gather information on atomically identifiable web clients (called “user agents”) as such computer-implemented entities interact with the CDN across different domains being managed by the CDN service provider. The data system tracks user agents, preferably via cookies, although one or more passive techniques may be used. A user agent may be a cookie-able device having a cookie store. As the user agent navigates across sites, a CDN-specific unique identifier used by the system to correlate user agents is generated. Preferably, the unique identifier is stored as an encrypted cookie. The unique identifier represents one user agent (and, thus, one cookie-able device's store). The system tracks user agent behavior on and across customer sites that are served by the CDN, and these behaviors are classified into identifiable “segments” that may be used to create a profile. | 12-20-2012 |
| 20120311648 | Automatic migration of data via a distributed computer network - A method and apparatus for the automatic migration of data via a distributed computer network allows a customer to select content files that are to be transferred to a group of edge servers. Origin sites store all of a customer's available content files. An edge server maintains a dynamic number of popular files in its memory for the customer. The files are ranked from most popular to least popular and when a file has been requested from an edge server a sufficient number of times to become more popular than the lowest popular stored file, the file is obtained from an origin site. The edge servers are grouped into two service levels: regional and global. The customer is charged a higher fee to store its popular files on the global edge servers compared to a regional set of edge servers because of greater coverage. | 12-06-2012 |
| 20120303804 | Method and system for providing on-demand content delivery for an origin server - An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism. | 11-29-2012 |
| 20120290737 | Method and system for enhancing live stream delivery quality using prebursting - A method accelerates the delivery of a portion of a data stream across nodes of a stream transport network. A portion of a live stream is forwarded from a first node to a second node in a transport network at a high bitrate as compared to the stream's encoded bitrate, and thereafter, the stream continues to be forwarded from the first node to the second node at or near the encoded bitrate. This technique provides significant advantages in that it reduces stream startup time, reduces unrecoverable stream packet loss, and reduces stream rebuffers as the stream is viewed by a requesting end user that has been mapped to a media server in a distributed computer network such as a content delivery network. | 11-15-2012 |
| 20120275597 | Extending data confidentiality into a player application - In a content protection scheme, and in response to a request for a content segment received by a server, the server generates and associates with the segment a message that confers entitlement to a session-specific key from which one or more decryption keys may be derived. The decryption keys are useful to decrypt the segment at runtime as it is about to be rendered by a player. Before delivery, the server encrypts the segment to generate an encrypted fragment, and it then serves the encrypted fragment (and the message) in response to the request. At the client, information in the message is used to obtain the session-specific key. Using that key, the decryption keys are derived, and those keys are then used to decrypt the received encrypted fragment. The decryption occurs at runtime. The approach protects content while in transit to and at rest in the client browser environment. | 11-01-2012 |
| 20120265853 | FORMAT-AGNOSTIC STREAMING ARCHITECTURE USING AN HTTP NETWORK FOR STREAMING - This patent document describes, among other things, distributed computer platforms for online delivery of multimedia, including HD video, at broadcast audience scale to a variety of runtime environments and client devices in both fixed line and mobile environments. The teachings hereof can be applied to deliver live and on-demand content streams via computer networks. The teachings also relate to the ingestion of content streams in a given source format and the serving of the stream in a given target format. For example, a system might have machines in a content delivery network that ingest live streams in a source format, use an intermediate format to transport the stream within the system, and output the stream in a target format to clients that have requested (e.g., with an HTTP request) the stream. The streams may be archived for later playback. | 10-18-2012 |
| 20120259942 | Proxy server with byte-based include interpreter - According to this disclosure, a proxy server is enhanced to be able to interpret instructions that specify how to modify an input object to create an output object to serve to a requesting client. Typically the instructions operate on binary data. For example, the instructions can be interpreted in a byte-based interpreter that directs the proxy as to what order, and from which source, to fill an output buffer that is served to the client. The instructions specify what changes to make to a generic input file. This functionality extends the capability of the proxy server in an open-ended fashion and enables it to efficiently create a wide variety of outputs for a given generic input file. The generic input file and/or the instructions may be cached at the proxy. The teachings hereof have applications in, among other things, the delivery of web content, streaming media, and the like. | 10-11-2012 |
| 20120246273 | Optimal route selection in a content delivery network - A routing mechanism operable in a distributed networking environment, such as a content delivery network (CDN), provides improved connectivity back to an origin server, especially for HTTP traffic. The technique enables an edge server operating within a given edge region to retrieve content (cacheable, non-cacheable and the like) from an origin server more efficiently by selectively routing through the network's own nodes, thereby avoiding network congestion and hot spots. The technique enables an edge server to fetch content from an origin server through an intermediate edge server or, more generally, enables an edge server within a given first region to fetch content from the origin server through an intermediate edge region. | 09-27-2012 |
| 20120226649 | Content delivery network (CDN) cold content handling - A method of content delivery in a content delivery network (CDN), where the CDN is deployed, operated and managed by a content delivery network service provider (CDNSP). The CDN comprises a set of content servers and a domain name system (DNS). For a given content provider, a determination is first made whether the content provider has “cold content” delivery requirements by evaluating one or more factors that include: total content size, size of content objects expected to be served, uniqueness of content, total number of content objects, and a percentage of the total content size that is expected to account for a given percentage of traffic. Upon a determination that the content provider has cold content delivery requirements, a subset of the CDN content servers are configured to implement a set of one or handling rules for managing delivery of the cold content from the CDN content servers. | 09-06-2012 |
| 20120215938 | Reliable, high-throughput, high-performance transport and routing mechanism for arbitrary data flows - The present invention leverages an existing content delivery network infrastructure to provide a system that enhances performance for any application that uses the Internet Protocol (IP) as its underlying transport mechanism. An overlay network comprises a set of edge nodes, intermediate nodes, and gateway nodes. This network provides optimized routing of IP packets. Internet application users can use the overlay to obtain improved performance during normal network conditions, to obtain or maintain good performance where normal default BGP routing would otherwise force the user over congested or poorly performing paths, or to enable the user to maintain communications to a target server application even during network outages. | 08-23-2012 |
| 20120204025 | SYSTEM AND METHOD FOR CLIENT-SIDE AUTHENTICATION FOR SECURE INTERNET COMMUNICATIONS - A system and method for client-side authentication for secure Internet communications is disclosed. In one embodiment, an intermediate device receives a web browser secure socket layer certificate from a web browser, authenticates the web browser using the secure socket layer certificate, and then re-signs the secure socket layer certificate with an intermediate device public key and an intermediate device certificate authority signature. The intermediate device sends the re-signed secure socket layer certificate to a web server and the web server authenticates the intermediate device using the re-signed secure socket layer certificate. In another embodiment, an intermediate device receives a web browser secure socket layer certificate from a web browser, inserts the web browser secure socket layer certificate into a HTTP header of a packet, and sends the packet to a web server. | 08-09-2012 |
| 20120203873 | Dynamic content assembly on edge-of-network servers in a content delivery network - Content is dynamically assembled at the edge of the Internet, preferably on content delivery network (CDN) edge servers. A content provider leverages an “edge side include” (ESI) markup language that is used to define Web page fragments for dynamic assembly at the edge. Dynamic assembly improves site performance by caching objects that comprise dynamically-generated pages at the edge of the Internet, close to the end user. Instead of being assembled by an application/web server in a centralized data center, the application/web server sends a page template and content fragments to a CDN edge server where the page is assembled. Each content fragment can have its own cacheability profile to manage the “freshness” of the content. Once a user requests a page, the edge server examines its cache for the included fragments and assembles the page on-the-fly. | 08-09-2012 |
| 20120203861 | METHODS AND SYSTEMS FOR DELIVERING CONTENT TO DIFFERENTIATED CLIENT DEVICES - Methods and systems are disclosed for delivery of tailored content to differentiated devices, such as desktop, mobile, and tablet devices, over a computer network. In one embodiment, a proxy cache server has a content cache for storing previously retrieved objects like web pages or multimedia files. For at least some objects, several versions are stored, each version representing an object suited for a given set of client device characteristics. A device-equivalency data structure maintained at the proxy facilitates a determination of whether such cached versions can be used to service a current request. The versions might represent, for example, modified versions created using, e.g., mobile device transcoding techniques, in response to prior requests. They may also represent a set of alternate content created by a content provider and available from an origin server. Such methods and systems may be implemented in a distributed computing networks, e.g., a content delivery network. | 08-09-2012 |
| 20120179814 | Determination and use of metrics in a domain name service (DNS) system - A method for determining metrics of a content delivery and global traffic management network provides service metric probes that determine the service availability and metric measurements of types of services provided by a content delivery machine. Latency probes are also provided for determining the latency of various servers within a network. The latency probe calculates, for example, the latency from its location to a client's location using the round trip time for sending a packet to the client to obtain the latency value for that client. DNS servers use the latency test results, along with traffic weightings, to determine a server to return for a given DNS name. | 07-12-2012 |
| 20120166650 | Method of load balancing edge-enabled applications in a content delivery network (CDN) - A method and system of load balancing application server resources operating in a distributed set of servers is described. In a representative embodiment, the set of servers comprise a region of a content delivery network. Each server in the set typically includes a server manager process, and an application server on which edge-enabled applications or application components are executed. As service requests are directed to servers in the region, the application servers manage the requests in a load-balanced manner, and without any requirement that a particular application server spawned on-demand. | 06-28-2012 |
| 20120166589 | CONTENT DELIVERY NETWORK FOR RFID DEVICES - A method and mechanism for a distributed on-demand computing system. The system automatically provisions distributed computing servers with customer application programs. The parameters of each customer application program are taken into account when a server is selected for hosting the program. The system monitors the status and performance of each distributed computing server. The system provisions additional servers when traffic levels exceed a predetermined level for a customer's application program and, as traffic demand decreases to a predetermined level, servers can be un-provisioned and returned back to a server pool for later provisioning. The system tries to fill up one server at a time with customer application programs before dispatching new requests to another server. The customer is charged a fee based on the usage of the distributed computing servers. | 06-28-2012 |
| 20120151016 | Content delivery network (CDN) content server request handling mechanism with metadata framework support - To serve content through a content delivery network (CDN), the CDN must have some information about the identity, characteristics and state of its target objects. Such additional information is provided in the form of object metadata, which according to the invention can be located in the request string itself, in the response headers from the origin server, in a metadata configuration file distributed to CDN servers, or in a per-customer metadata configuration file. CDN content servers execute a request identification and parsing process to locate object metadata and to handle the request in accordance therewith. Where different types of metadata exist for a particular object, metadata in a configuration file is overridden by metadata in a response header or request string, with metadata in the request string taking precedence. | 06-14-2012 |
| 20120150993 | ASSISTED DELIVERY OF CONTENT ADAPTED FOR A REQUESTING CLIENT - Disclosed herein are methods and apparatus facilitating delivery of web content that has adapted for particular client devices, such as mobile devices. Doing so may involve assisting a server without the adaptation logic necessary to deliver adapted content to a particular client device. For example, a given web server may adapt content and serve website content to a requesting client, but another server may take over when the client desires to make a purchase at the site. That other server, while perhaps qualified to process payment information, may not be able to provide adapted content. The content adaptation web server can assist that other server to do so. In other embodiments, such a content adapting server may provide such services to a range of other servers, and itself may not serve content directly to the client. The teachings herein may be implemented within a content delivery network. | 06-14-2012 |
| 20120130871 | Content delivery network service provider (CDNSP)-managed content delivery network (CDN) for network service provider (NSP) - A CDN service provider shares its CDN infrastructure with a network to enable a network service provider (NSP) to offer a private-labeled network content delivery network (NCDN or “private CDN”) to participating content providers. The CDNSP preferably provides the hardware, software and services required to build, deploy, operate and manage the CDN for the NCDN customer. Thus, the NCDN customer has access to and can make available to participating content providers one or more of the content delivery services (e.g., HTTP delivery, streaming media delivery, application delivery, and the like) available from the global CDN without having to provide the large capital investment, R&D expense and labor necessary to successfully deploy and operate the network itself. Rather, the global CDN service provider simply operates the private CDN for the network as a managed service. | 05-24-2012 |
| 20120124372 | Protecting Websites and Website Users By Obscuring URLs - Websites and website users are subject to an increasing array of online threats and attacks. Disclosed herein are, among other things, approaches for protecting websites and website users from online threats. For example, a content server, such as a proxying content delivery network (CDN) server that is delivering content on behalf of an origin server, can modify URLs as they pass through the content server to obscured values that are given to the end-user client browser. The end-user browser can use the obscured URL to obtain content from the content server, but the URL may be valid only for a limited time, and may be invalid for obtaining content from the origin. Hence, information is hidden from the client, making attacks against the website more difficult and frustrating client-end malware that leverages knowledge of browsed URLs. | 05-17-2012 |
| 20120110148 | DOMAIN NAME RESOLUTION USING A DISTRIBUTED DNS NETWORK - A distributed DNS network includes a central origin server that actually controls the zone, and edge DNS cache servers configured to cache the DNS content of the origin server. The edge DNS cache servers are published as the authoritative servers for customer domains instead of the origin server. When a request for a DNS record results in a cache miss, the edge DNS cache servers get the information from the origin server and cache it for use in response to future requests. Multiple edge DNS cache servers can be deployed at multiple locations. Since an unlimited number of edge DNS cache servers can be deployed, the system is highly scalable. The disclosed techniques protect against DoS attacks, as DNS requests are not made to the origin server directly. | 05-03-2012 |
| 20120096546 | Edge server HTTP POST message processing - A CDN edge server process receives an HTTP message, takes a given action with respect to that message, and then forwards a modified version of the message to a target server, typically a server associated with a CDN customer. The process may include an associated intermediate processing agent (IPA) or a sub-processing thread to facilitate the given action. In one embodiment, the message is an HTTP POST, and the given action comprises the following: (i) recognizing the POST, (ii) removing given data from the POST, (iii) issuing an intermediate (or subordinate) request to another process (e.g., a third party server), passing the given data removed from the POST to the process, (iv) receiving a response to the intermediate request, (v) incorporating data received from or associated with the response into a new HTTP message, and (vi) forwarding the new HTTP message onto the target server. In this manner, the given data in the POST may be protected as the HTTP message “passes through” the edge server on its way from the client to the target (merchant) server. In an alternative embodiment, data extracted from the POST message is enhanced by passing the data to an externalized process and adding a derived value (such as a fraud risk score based on the data) back into the message. | 04-19-2012 |
| 20120096106 | Extending a content delivery network (CDN) into a mobile or wireline network - A content delivery network (CDN) comprises a set of edge servers, and a domain name service (DNS) that is authoritative for content provider domains served by the CDN. The CDN is extended into one or more mobile or wireline networks that cannot or do not otherwise support fully-managed CDN edge servers. In particular, an “Extender” is deployed in the mobile or wireline network, preferably as a passive web caching proxy that is beyond the edge of the CDN but that serves CDN-provisioned content under the control of the CDN. The Extender may also be used to transparently cache and serve non-CDN content. An information channel is established between the Extender and the CDN to facilitate the Extender functionality. | 04-19-2012 |
| 20120036238 | Method and system for providing on-demand content delivery for an origin server - An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism. | 02-09-2012 |
| 20120016933 | Dynamic Image Delivery System - A dynamic image delivery system receives a client request for an image at an image caching server. The image caching server measures the client's network access speed and looks for an appropriate pre-rendered copy of the requested image that is rendered for the client's network access speed in local storage. If the appropriate rendered copy is found, then the image caching server sends the rendered image to the client. If it is not found, then the image caching server dynamically renders a copy of the image and sends it to the client. | 01-19-2012 |
| 20110307584 | HTML delivery from edge-of-network servers in a content delivery network (CDN) - A content delivery network is enhanced to provide for delivery of cacheable markup language content files such as HTML. To support HTML delivery, the content provider provides the CDNSP with an association of the content provider's domain name (e.g., www.customer.com) to an origin server domain name (e.g., html.customer.com) at which one or more default HTML files are published and hosted. The CDNSP provides its customer with a CDNSP-specific domain name. The content provider, or an entity on its behalf, then implements DNS entry aliasing (e.g., a CNAME of the host to the CDNSP-specific domain) so that domain name requests for the host cue the CDN DNS request routing mechanism. This mechanism then identifies a best content server to respond to a request directed to the customer's domain. The CDN content server returns a default HTML file if such file is cached; otherwise, the CDN content server directs a request for the file to the origin server to retrieve the file, after which the file is cached on the CDN content server for subsequent use in servicing other requests. The content provider is also provided with log files of CDNSP-delivered HTML. | 12-15-2011 |
| 20110296048 | Method and system for stream handling using an intermediate format - A method of delivering a live stream is implemented within a content delivery network (CDN) and includes the high level functions of recording the stream using a recording tier, and playing the stream using a player tier. The step of recording the stream includes a set of sub-steps that begins when the stream is received at a CDN entry point in a source format. The stream is then converted into an intermediate format (IF), which is an internal format for delivering the stream within the CDN and comprises a stream manifest, a set of one or more fragment indexes (FI), and a set of IF fragments. The player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the HTTP proxy of a request for the stream or a portion thereof, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index. Using the fragment index, the IF fragments are retrieved to the HTTP proxy, converted to a target format, and then served in response to the client request. The source format may be the same or different from the target format. Preferably, all fragments are accessed, cached and served by the HTTP proxy via HTTP. | 12-01-2011 |
| 20110289214 | Content delivery network map generation using passive measurement data - A routing method operative in a content delivery network (CDN) where the CDN includes a request routing mechanism for routing clients to subsets of edge servers within the CDN. According to the routing method, TCP connection data statistics are collected are edge servers located within a CDN region. The TCP connection data statistics are collected as connections are established between requesting clients and the CDN region and requests are serviced by those edge servers. Periodically, e.g., daily, the connection data statistics are provided from the edge servers in a region back to the request routing mechanism. The TCP connection data statistics are then used by the request routing mechanism in subsequent routing decisions and, in particular, in the map generation processes. Thus, for example, the TCP connection data may be used to determine whether a given quality of service is being obtained by routing requesting clients to the CDN region. If not, the request routing mechanism generates a map that directs requesting clients away from the CDN region for a given time period or until the quality of service improves. | 11-24-2011 |
| 20110283018 | Method and apparatus for correlating nameserver IPv6 and IPv4 addresses - A method of correlating nameserver addresses is implemented in a multi-tier name server hierarchy comprising a first level authority for a domain, and one or more second level authorities to which the first level authority delegates with respect to a particular sub-domain associated with the domain. Preferably, the first level authority is IPv4-based and at least one second level authority is IPv6-based. The first level authority responds to a request issued by a client caching nameserver (a “CCNS”) and returns an answer that includes both IPv4 and IPv6 authorities for the domain. The CCNS is located at an IPv4 source address that is passed along to the first level authority with the CCNS request. According to a feature of this disclosure, the first level authority encodes the CCNS IPv4 source address in the IPv6 destination address of at least one IPv6 authority. Then, when the CCNS then makes a follow-on IPv6 request (with respect to the sub-domain) directed to the IPv6 authority, the IPv6 authority knows both the IPv6 address of the CCNS (by virtue of having received it in association with the request) as well as its IPv4 address (by virtue of the encoding). The IPv6 authority maintains the IPv4-IPv6 correlation. Over time (i.e., as other CCNSs make requests), the IPv6 authority builds up a database of these CCNS IPv6-IPv4 associations. | 11-17-2011 |
| 20110282990 | Method and system for constraining server usage in a distributed network - A “velvet rope” mechanism that enables customers of a shared distributed network (such as a content delivery network) needing to control their costs to control the amount of traffic that is served via the shared network. A given server in the distributed network identifies when a customer is about to exceed a bandwidth quota as a rate (bursting) or for a given billing period (e.g., total megabytes (MB) served for a given period) and provides a means for taking a given action based on this information. Typically, the action taken would result in a reduction in traffic served so that the customer can constrain its usage of the shared network to a given budget value. | 11-17-2011 |
| 20110231515 | Transparent Session Persistence Management by a Server in a Content Delivery Network - A method and apparatus for establishing session persistence between a client and an origin server are provided. The session persistence can be managed by an intermediate cache server. The persistence is established by inserting an identifier and origin server address in a cookie or URL. Alternatively, the persistence is established by a table mapping a source IP address or a session ID to a specific origin server. Subsequent requests from the same client are mapped to the same origin server using these methods of establishing persistence. | 09-22-2011 |
| 20110225647 | Cloud Based Firewall System And Service - A cloud-based firewall system and service is provided to protect customer sites from attacks, leakage of confidential information, and other security threats. In various embodiments, such a firewall system and service can be implemented in conjunction with a content delivery network (CDN) having a plurality of distributed content servers. The CDN servers receive requests for content identified by the customer for delivery via the CDN. The CDN servers include firewalls that examine those requests and take action against security threats, so as to prevent them from reaching the customer site. The CDN provider implements the firewall system as a managed firewall service, with the operation of the firewalls for given customer content being defined by that customer, independently of other customers. In some embodiments, a customer may define different firewall configurations for different categories of that customer's content identified for delivery via the CDN. | 09-15-2011 |
| 20110219108 | Scalable, high performance and highly available distributed storage system for Internet content - A method for content storage on behalf of participating content providers begins by having a given content provider identify content for storage. The content provider then uploads the content to a given storage site selected from a set of storage sites. Following upload, the content is replicated from the given storage site to at least one other storage site in the set. Upon request from a given entity, a given storage site from which the given entity may retrieve the content is then identified. The content is then downloaded from the identified given storage site to the given entity. In an illustrative embodiment, the given entity is an edge server of a content delivery network (CDN). | 09-08-2011 |
| 20110213882 | Method and system for handling computer network attacks - A method and apparatus for serving content requests using global and local load balancing techniques is provided. Web site content is cached using two or more point of presences (POPs), wherein each POP has at least one DNS server. Each DNS server is associated with the same anycast IP address. A domain name resolution request is transmitted to the POP in closest network proximity for resolution based on the anycast IP address. Once the domain name resolution request is received at a particular POP, local load balancing techniques are performed to dynamically select the appropriate Web server at the POP for use in resolving the domain name resolution request. Approaches are described for handling bursts of traffic at a particular POP, security, and recovering from the failure of various components of the system. | 09-01-2011 |
| 20110196943 | Optimal route selection in a content delivery network - A routing mechanism, service or system operable in a distributed networking environment. One preferred environment is a content delivery network (CDN) wherein the present invention provides improved connectivity back to an origin server, especially for HTTP traffic. In a CDN, edge servers are typically organized into regions, with each region comprising a set of content servers that preferably operate in a peer-to-peer manner and share data across a common backbone such as a local area network (LAN). The inventive routing technique enables an edge server operating within a given CDN region to retrieve content (cacheable, non-cacheable and the like) from an origin server more efficiently by selectively routing through the CDN's own nodes, thereby avoiding network congestion and hot spots. The invention enables an edge server to fetch content from an origin server through an intermediate CDN server or, more generally, enables an edge server within a given first region to fetch content from the origin server through an intermediate CDN region. | 08-11-2011 |
| 20110191449 | Automatic migration of data via a distributed computer network - A method and apparatus for the automatic migration of data via a distributed computer network allows a customer to select content files that are to be transferred to a group of edge servers. Origin sites store all of a customer's available content files. An edge server maintains a dynamic number of popular files in its memory for the customer. The files are ranked from most popular to least popular and when a file has been requested from an edge server a sufficient number of times to become more popular than the lowest popular stored file, the file is obtained from an origin site. The edge servers are grouped into two service levels: regional and global. The customer is charged a higher fee to store its popular files on the global edge servers compared to a regional set of edge servers because of greater coverage. | 08-04-2011 |
| 20110173345 | Method and system for HTTP-based stream delivery - A method of delivering a live stream is implemented within a content delivery network (CDN) and includes the high level functions of recording the stream using a recording tier, and playing the stream using a player tier. The step of recording the stream includes a set of sub-steps that begins when the stream is received at a CDN entry point in a source format. The stream is then converted into an intermediate format (IF), which is an internal format for delivering the stream within the CDN and comprises a stream manifest, a set of one or more fragment indexes (FI), and a set of IF fragments. The player process begins when a requesting client is associated with a CDN HTTP proxy. In response to receipt at the HTTP proxy of a request for the stream or a portion thereof, the HTTP proxy retrieves (either from the archive or the data store) the stream manifest and at least one fragment index. Using the fragment index, the IF fragments are retrieved to the HTTP proxy, converted to a target format, and then served in response to the client request. The source format may be the same or different from the target format. Preferably, all fragments are accessed, cached and served by the HTTP proxy via HTTP. In another embodiment, a method of delivering a stream on-demand (VOD) uses a translation tier (in lieu of the recording tier) to manage the creation and/or handling of the IF components. | 07-14-2011 |
| 20110167111 | METHOD FOR OPERATING AN INTEGRATED POINT OF PRESENCE SERVER NETWORK - A method for operating a network of point of presence servers sharing a hostname includes receiving a request from a user for a web page at a first web address, determining traffic loads of a plurality of customer web servers, determining a customer web server from the plurality of customer web servers, the customer web server having a traffic load lower than traffic loads of remaining customer web servers, directing the request from the user to the customer web server, receiving a request from the user for static content on the web page at a second web address, determining the point of presence server from the network of point of presence servers that is appropriate for the request, the point of presence server having service metrics more appropriate than service metrics of remaining point of presence servers from the network. | 07-07-2011 |
| 20110113152 | Method and system for enhancing live stream delivery quality using prebursting - The subject matter herein relates to a method to “accelerate” the delivery of a portion of a data stream across nodes of a stream transport network. A portion of a live stream is forwarded from a first node to a second node in a transport network at a high bitrate as compared to the stream's encoded bitrate, and thereafter, the stream continues to be forwarded from the first node to the second node at or near the encoded bitrate. The disclosed technique of forwarding a portion of a stream at a high bitrate as compared to the encoded bitrate of the stream is sometimes referred to as “prebursting” the stream. This technique provides significant advantages in that it reduces stream startup time, reduces unrecoverable stream packet loss, and reduces stream rebuffers as the stream is viewed by a requesting end user that has been mapped to a media server in a distributed computer network such as a content delivery network. | 05-12-2011 |
| 20110099290 | METHOD FOR DETERMINING METRICS OF A CONTENT DELIVERY AND GLOBAL TRAFFIC MANAGEMENT NETWORK - A method for determining metrics of a content delivery and global traffic management network provides service metric probes that determine the service availability and metric measurements of types of services provided by a content delivery machine. Latency probes are also provided for determining the latency of various servers within a network. Service metric probes consult a configuration file containing each DNS name in its area and the set of services. Each server in the network has a metric test associated with each service supported by the server which the service metric probes periodically performs metric tests on and records the metric test results which are periodically sent to all of the DNS servers in the network. DNS servers use the test result updates to determine the best server to return for a given DNS name. The latency probe calculates the latency from its location to a client's location using the round trip time for sending a packet to the client to obtain the latency value for that client. The latency probe updates the DNS servers with the clients' latency data. The DNS server uses the latency test data updates to determine the closest server to a client. | 04-28-2011 |
| 20100293281 | Managing web tier session state objects in a content delivery network (CDN) - Business applications running on a content delivery network (CDN) having a distributed application framework can create, access and modify state for each client. Over time, a single client may desire to access a given application on different CDN edge servers within the same region and even across different regions. Each time, the application may need to access the latest “state” of the client even if the state was last modified by an application on a different server. A difficulty arises when a process or a machine that last modified the state dies or is temporarily or permanently unavailable. The present invention provides techniques for migrating session state data across CDN servers in a manner transparent to the user. A distributed application thus can access a latest “state” of a client even if the state was last modified by an application instance executing on a different CDN server, including a nearby (in-region) or a remote (out-of-region) server. | 11-18-2010 |
| 20100293229 | Highly scalable, fault tolerant file transport using vector exchange - A file transport mechanism according to the invention is responsible for accepting, storing and distributing files, such as configuration or control files, to a large number of field machines. The mechanism is comprised of a set of servers that accept, store and maintain submitted files. The file transport mechanism implements a distributed agreement protocol based on “vector exchange.” A vector exchange is a knowledge-based algorithm that works by passing around to potential participants a commitment bit vector. A participant that observes a quorum of commit bits in a vector assumes agreement. Servers use vector exchange to achieve consensus on file submissions. Once a server learns of an agreement, it persistently marks (in a local data store) the request as “agreed.” Once the submission is agreed, the server can stage the new file for download. | 11-18-2010 |
| 20100274819 | Dynamic content assembly on edge-of-network servers in a content delivery network - The disclosed technique enables a content provider to dynamically assemble content at the edge of the Internet, preferably on content delivery network (CDN) edge servers. Preferably, the content provider leverages an “edge side include” (ESI) markup language that is used to define Web page fragments for dynamic assembly at the edge. Dynamic assembly improves site performance by catching the objects that comprise dynamically generated pages at the edge of the Internet, close to the end user. The content provider designs and develops the business logic to form and assemble the pages, for example, by using the ESI language within its development environment. Instead of being assembled by an application/web server in a centralized data center, the application/web server sends a page template and content fragments to a CDN edge server where the page is assembled. Each content fragment can have its own cacheability profile to manage the “freshness” of the content. Once a user requests a page (template), the edge server examines its cache for the included fragments and assembles the page on-the-fly. | 10-28-2010 |
| 20100250742 | Global load balancing across mirrored data centers - An intelligent traffic redirection system that performs global load balancing can be used in any situation where an end-user requires access to a replicated resource. The method directs end-users to the appropriate replica so that the route to the replica is good from a network standpoint and the replica is not overloaded. The technique preferably uses a Domain Name Service (DNS) to provide IP addresses for the appropriate replica. The most common use is to direct traffic to a mirrored web site. | 09-30-2010 |
| 20100217801 | Network performance monitoring in a content delivery system - A method for Internet content delivery in a content delivery network established at network locations, the content delivery network comprising a plurality of content servers for serving content resources. The plurality of content servers includes a plurality of subsets of content servers, each subject being located at one of a plurality of Internet data centers. For each Internet Protocol (IP) address block from which requests for content resources are expected to be received, the method generates a candidate list of Internet data centers to be used to service the requests for content resources. For the IP address block, the method selects at least one of the Internet data centers from the candidate list to be used to service the requests for content resources. The selected Internet data center for the IP address block is written into a network map. The selecting step is carried out concurrently for each IP address block from which requests for content resources are expected to be received such that the network map comprises the selected Internet data center for each IP address block. The network map is then provided to a domain name service (DNS) associated with the content delivery network. In response to a DNS query received at the domain name service associated with the content delivery network, the network map is used to identify one of the Internet data centers from the candidate list to be used to service a request for a content resource. | 08-26-2010 |
| 20100005175 | DISTRIBUTED ON-DEMAND COMPUTING SYSTEM - A method and mechanism for a distributed on-demand computing system. The system automatically provisions distributed computing servers with customer application programs. The parameters of each customer application program are taken into account when a server is selected for hosting the program. The system monitors the status and performance of each distributed computing server. The system provisions additional servers when traffic levels exceed a predetermined level for a customer's application program and, as traffic demand decreases to a predetermined level, servers can be un-provisioned and returned back to a server pool for later provisioning. The system tries to fill up one server at a time with customer application programs before dispatching new requests to another server. The customer is charged a fee based on the usage of the distributed computing servers. | 01-07-2010 |
| 20090259853 | DYNAMIC MULTIMEDIA FINGERPRINTING SYSTEM - A dynamic multimedia fingerprinting system is provided. A user requests multimedia content from a Web cache server that verifies that the user is authorized to download the content. A custom fingerprint specific to the user is generated and dynamically inserted into the content as the content is delivered to the user. The custom fingerprint can be generated on the Web cache server or at the content provider's server. The system allows a content provider to specify where the custom fingerprint is inserted into the content or where the fingerprint is to replace a placeholder within the content. | 10-15-2009 |
| 20090210528 | METHOD FOR DETERMINING METRICS OF A CONTENT DELIVERY AND GLOBAL TRAFFIC MANAGEMENT NETWORK - A method for determining metrics of a content delivery and global traffic management network provides service metric probes that determine the service availability and metric measurements of types of services provided by a content delivery machine. Latency probes are also provided for determining the latency of various servers within a network. Service metric probes consult a configuration file containing each DNS name in its area and the set of services. Each server in the network has a metric test associated with each service supported by the server which the service metric probes periodically performs metric tests on and records the metric test results which are periodically sent to all of the DNS servers in the network. DNS servers use the test result updates to determine the best server to return for a given DNS name. The latency probe calculates the latency from its location to a client's location using the round trip time for sending a packet to the client to obtain the latency value for that client. The latency probe updates the DNS servers with the clients' latency data. The DNS server uses the latency test data updates to determine the closest server to a client. | 08-20-2009 |
| 20090119397 | Using virtual domain name service (DNS) zones for enterprise content delivery - A domain to be published to an enterprise ECDN is associated (either by static configuration or dynamically) with a set of one or more enterprise zones configurable in a hierarchy. When a DNS query arrives for a hostname known to be associated with given content within the control of the ECDN, a DNS server preferably responds in one of three (3) ways: (a) handing back an IP address, e.g., for an ECDN intelligent node that knows how to obtain the requested content from a surrogate or origin server; (b) executing a zone referral to a next (lower) level name server in a zone hierarchy, or (c) CNAMing to another hostname, thereby essentially restarting the lookup procedure. In the latter case, this new CNAME causes the resolution process to start back at the root and resolve a new path, probably along a different path in the hierarchy. At any particular level in the zone hierarchy, preferably there is an associated zone server. That server preferably executes logic that applies the requested hostname against a map, which, using known techniques, may be generated from given (static, dynamic, internally-generated or third party-sourced) performance metrics. Thus, a given name query to ECDN-managed content may be serviced in coordination with various sources of distributed network intelligence. As a result, the invention provides for a distributed, dynamic globally load balanced name service. | 05-07-2009 |
| 20090106411 | SCALABLE, HIGH PERFORMANCE AND HIGHLY AVAILABLE DISTRIBUTED STORAGE SYSTEM FOR INTERNET CONTENT - A method for content storage on behalf of participating content providers begins by having a given content provider identify content for storage. The content provider then uploads the content to a given storage site selected from a set of storage sites. Following upload, the content is replicated from the given storage site to at least one other storage site in the set. Upon request from a given entity, a given storage site from which the given entity may retrieve the content is then identified. The content is then downloaded from the identified given storage site to the given entity. In an illustrative embodiment, the given entity is an edge server of a content delivery network (CDN). | 04-23-2009 |
| 20080320160 | Method and system for enhancing live stream delivery quality using prebursting - The subject matter herein relates to a method to “accelerate” the delivery of a portion of a data stream across nodes of a stream transport network. A portion of a live stream is forwarded from a first node to a second node in a transport network at a high bitrate as compared to the stream's encoded bitrate, and thereafter, the stream continues to be forwarded from the first node to the second node at or near the encoded bitrate. The disclosed technique of forwarding a portion of a stream at a high bitrate as compared to the encoded bitrate of the stream is sometimes referred to as “prebursting” the stream. This technique provides significant advantages in that it reduces stream startup time, reduces unrecoverable stream packet loss, and reduces stream rebuffers as the stream is viewed by a requesting end user that has been mapped to a media server in a distributed computer network such as a content delivery network. | 12-25-2008 |
| 20080282112 | Method and apparatus for testing request-response service using live connection traffic - The subject matter herein provides for a method and apparatus for comparison of network systems using live traffic in real-time. The inventive technique presents real-world workload in real-time with no external impact (i.e. no impact on the system under test), and it enables comparison against a production system for correctness verification. A preferred embodiment of the invention is a testing tool for the pseudo-live testing of CDN content staging servers, According to the invention, traffic between clients and the live production CDN servers is monitored by a simulator device, which then replicates this workload onto a system under test (SUT). The simulator detects divergences between the outputs from the SUT and live production servers, allowing detection of erroneous behavior. To the extent possible, the SUT is completely isolated from the outside world so that errors or crashes by this system do not affect either the CDN customers or the end users. Thus, the SUT does not interact with end users (i.e., their web browsers). Consequently, the simulator serves as a proxy for the clients. By basing its behavior off the packet stream sent between client and the live production system, the simulator can simulate most of the oddities of real-world client behavior, including malformed packets, timeouts, dropped traffic and reset connections, among others. | 11-13-2008 |
| 20080281946 | Automatic migration of data via a distributed computer network - A method and apparatus for the automatic migration of data via a distributed computer network allows a customer to select content files that are to be transferred to a group of edge servers. Origin sites store all of a customer's available content files. An edge server maintains a dynamic number of popular files in its memory for the customer. The files are ranked from most popular to least popular and when a file has been requested from an edge server a sufficient number of times to become more popular than the lowest popular stored file, the file is obtained from an origin site. The edge servers are grouped into two service levels: regional and global. The customer is charged a higher fee to store its popular files on the global edge servers compared to a regional set of edge servers because of greater coverage. | 11-13-2008 |
| 20080222243 | Client-side method for identifying an optimal server - A client player performs a query to a nameserver against a network map of Internet traffic conditions. The query is made asking for a particular service (e.g., RTSP) via a particular protocol (TCP) in a particular domain. In response, the nameserver returns a set of one or more tokens, with each token defining a machine or, in the preferred embodiment, a group of machines, from which the player should seek to obtain the stream. The player may then optionally perform one or more tests to determine which of a set of servers provides a best quality of service for the stream. That server is then used to retrieve the stream. Periodically, the client player code repeats the query during stream playback to determine whether there is a better source for the stream. If a better source exists, the player performs a switch to the better stream source “on the fly” if appropriate to maintain and/or enhance the quality of service. Preferably, the client player publishes data identifying why it selected a particular server, and such data may be used to augment the network map used for subsequent request routing determinations. | 09-11-2008 |
