Manually control ECDN server selection
IBM Cloud Video player during playback, by default, connects to the nearest available ECDN servers which are dynamically determined. In this article we describe how you can precisely control which ECDN servers the player can connect to.
IBM Cloud Video player during playback, by default, connects to the nearest available ECDN servers. Player sends a HTTPS ping request to all the registered ECDN servers for that location to determine the nearest server. The server that responds the quickest is designated the nearest one, and player connects to it to download the video stream. This dynamic selection works for most deployments, and is repeated periodically to ensure a smooth viewing experience.
Optionally, you can also precisely control what ECDN servers players connect to. On a per-location basis you may specify a blacklist or whitelist of local IP address subnets. When enabled, ECDN servers will only respond to playback requests as per this list.
While this capability gives you the most control, you also have to regularly update the configured local IP address list, as and when local subnets change in your network.
Enabling manual ECDN server selection
These settings are enabled on a per-location basis. In the ECDN web portal navigate to the locations detail page. Click "CHANGE CONFIGURATION" to edit the location definition.
Enable the checkbox to all players to connect to ECDN servers at this location. This setting needs to be enabled before you can enter the list of local IP address ranges.
This will enable the "Client connection restrictions" dropdown widget. It will display the default value of "No restrictions".
- No restrictions
This is the default value. When picked there are no restrictions enforced on which players can connect to ECDN servers in this location.
- Blacklist: Prevent IP addresses in this list
This option will let you enter a list of local IP address ranges that are NOT allowed to connect to any ECDN servers in this location.
- Whitelist: Allow IP addresses in this list
This option will let you enter a list of local IP address ranges that are allowed to connect to any ECDN servers in this location. ECDN server will reject connections from all other IP address ranges not in the list.
Pick Blacklist or Whitelist from the dropdown menu as needed. This will then show you a text box where you can enter the list of local IP addresses.
In this example, only players with IP addresses in these local ranges will be able to ECDN servers in this location.
Click "Save". The changes will take about 60 seconds to go into effect .
Adding or removing local IP address ranges
Follow the same process to make changes. In the text box add or remove address ranges and click "Save".
Frequently asked questions
What is an example use case for enable manual server selection?
Consider the following scenario.
- A company has offices in four locations in San Francisco, Oakland, San Jose, and Foster City. Each location has two ECDN servers installed.
- They have their data center in the San Jose location. Only the data center has direct network egress to the Internet.
- The remaining three locations have private MPLS circuits connecting them to the data center. All network traffic to the Internet first flows over the MPLS circuit to the San Jose data center, and then out to the destination in the Internet.
- ECDN deployment architecture has:
- San Jose as the parent ECDN location. As this is the only location with direct egress to the Internet, the location definition in the ECDN portal includes the public external IP addresses.
- San Francisco, Oakland, and Foster City as the child ECDN location.
- Each location has 2 ECDN servers each, for a total of 8 ECDN servers.
- Any video playback request from any of the four locations will be redirected towards any of the 8 ECDN servers, as all of them have the same external IP.
- Lets say a person in Oakland initiates a video playback. It will be given the list of 8 ECDN servers available. The player will initiate the HTTPS ping process to determine the nearest ECDN server.
- In most cases the local ECDN server in Oakland will respond first, and the players will connect to the server in Oakland to download the video stream data. The server will download the stream data from the ECDN server in the parent location in San Jose, which in turn will download from the external IBM Cloud midgress server in San Jose. This is the normal path, and flow of data is optimal and as-designed.
- It is possible that under some exceptional network and server load connections the first ECDN server to respond to the HTTPS ping is the server in parent San Jose location. In this case all viewers in Oakland will now connect to ECDN servers in San Jose over the MPLS circuit. This is not optimal, as the network connection between Oakland and San Jose does not have the capacity to support so many concurrent download streams, and still support the business critical network traffic.
- To handle such situations, you may want to consider enabling this manual server selection capability. Each location, will have a whitelist of local IP address ranges configured. This will prevent remote ECDN servers in San Francisco, San Jose and Foster City to respond to the HTTPS ping requests from players in Oakland. The net effect will be that video playback requests from Oakland will only be served by ECDN servers in Oakland.
- Similarly, you can restrict the video playback requests for the other sites. As mentioned before, there is additional management overhead on behalf of the person responsible for maintaining the whitelist of IP addresses in the ECDN web portal. They will have to track the changes made by their local networking team, and then manually update the list in the ECDN web portal.