Azure CDN is the buzzword and very much in the news now a days. The simple use of Azure CDN is to distribute large files. Use of Azure CDN will reduce the download time of the large files since it will cache the file to the nearest data center of the users who are accessing the file. To test the speed of file download with CDN we have done a simple POC with 1000 MB of file. The detail steps of the POC I will write in a different post however let’s discuss what we know about CDN.
Features of Azure CDN
- Azure CDN has been used for delivering high bandwidth content that is stored in Azure or other location.
- The major advantages of using the CDN are lower latency and faster delivery of content to users irrespective of their geographical location in relation to the datacenter where the content is hosted.
- The CDN is typically used for delivering static content such as images, style sheets, documents, files, client-side scripts, and HTML pages.
- Using the CDN should also help to reduce the load on application because it is relieved of the processing required to access and deliver the content. This reduction in load can help to increase the performance and scalability of the application, as well as minimizing hosting costs by reducing the processing resources required to achieve a specific level of performance and availability.
- The CDN can deliver content over HTTPS (SSL) using the certificate provided by the CDN, but it will also be available over HTTP as well. In our demo we have used secure content over HTTPS(Port 443).
Fig: POC Architecture for downloading a file.
- A user requests a file (also called an asset) using a URL with a special domain name, such as <endpointname>.azureedge.net. DNS routes the request to the best performing Point-of-Presence (POP) location. Usually this is the POP that is geographically closest to the user.
- If the edge servers in the POP do not have the file in their cache, the edge server requests the file from the origin. The origin can be an Azure Web App, Azure Cloud Service, Azure Storage account, or any publicly accessible web server.
- The origin returns the file to the edge server, including optional HTTP headers describing the file’s Time-to-Live (TTL).
- The edge server caches the file and returns the file to the original requestor. The file remains cached on the edge server until the TTL expires. If the origin didn’t specify a TTL, the default TTL is seven days.
- Additional users may then request the same file using that same URL, and may also be directed to that same POP.
- If the TTL for the file hasn’t expired, the edge server returns the file from the cache. This results in a faster, more responsive user experience.
Azure CDN – Advantages and Security
The Azure Content Delivery Network (CDN) caches static web content at strategically placed locations to provide maximum throughput for delivering content to users. The users will generally receive the content from it’s nearest location. The EDGE servers (Point of Presence) is distributed across the globe to meet this need. Azure CDN Provides the following benefits.
- Better performance and user experience for end users, especially when using applications where multiple round-trips are required to load content.
- Large scaling to better handle instantaneous high load, like at the start of a product launch event.
- By distributing user requests and serving content from edge servers, less traffic is sent to the origin.
- Security can be achieved by deploying token authentication. The token authentication is a mechanism that allows to prevent Azure CDN from serving assets to unauthorized clients. This is typically done to prevent “hotlinking” of content, where a different website, often a message board, uses your assets without permission. This can have an impact on the content delivery costs. By enabling this feature on CDN, requests will be authenticated by CDN edge POPs before delivering the content. Token authentication is only available with Verizon Premium Storage Tier.
Securing Azure CDN Asset with token Authentication- How it works
- Token authentication verifies requests are generated by a trusted site by requiring requests to contain a token value containing encoded information about the requester. Content will only be served to requester when the encoded information meet the requirements, otherwise requests will be denied. You can set up the requirement using one or multiple parameters below.
- Country: allow or deny requests that originated from specified countries.
- URL: only allow specified asset or path to request.
- Host: allow or deny requests using specified hosts in the request header.
- Referrer: allow or deny specified referrer to request.
- IP address: only allow requests that originated from specific IP address or IP subnet.
- Protocol: allow or block requests based on the protocol used to request the content.
- Expiration time: assign a date and time period to ensure that a link only remains valid for a limited time period.
The POC result of the file download with Azure CDN is as follows. (It has been tested from the same network in Bangalore, India, with ACT ISP)
||File Size (MB)
||CDN End Point (Time)
||Direct Blob Storage (Time)
|A ZIP File
||3 Min. 26 Sec. 64 Ms.
||9 Min. 48 Sec. 79 Ms.
Assuming CDN has cached the file to the nearest EDGE server,it’s very clear from the POC that organisation who would like to give solutions of faster file download to their customers can opt for Azure CDN, which is currently available in all the Azure regions.
More details about Azure CDN can be found here.