The Power of Proxies in HTTP Streaming
On the 5th of December 2012, Budget Day, we had 59,689 unique viewers who generated 1.85 Gbit/s of traffic and 642 request per second as peak.
On the 6th / 7th of February 2013, the Government’s all-night session, to pass the Irish Bank Resolution Corporation Bill 2013, had 8,168 unique viewers, who generate 2.2 Gbit/s of traffic and 657 request per second.
Interesting that 8,000 viewers generate more traffic than nearly 60,000. This is because nearly everyone watching the all night session was watching from home rather than work, meaning more direct requests from viewers to our servers rather than via corporate HTTP proxies that would have cached the requests. A very good demonstration of the scalability of HTTP Adaptive Streaming.
Secure Microsoft DNS
Trying to setup a Windows domain with a publicly accessible domain name is more difficult than I had expected.
The setup
Setup two servers as domain controllers with DNS installed. Have all the servers in the domain use the domain controllers as their DNS servers, which means recursive DNS is enabled on the domain’s DNS servers / domain controllers.
The problem
If the DNS servers are publicly accessible and recursion is enabled, they are a security risk. But if I switch off recusion the servers within the domain can’t find anything outside the domain, including security updates.
First try
Change the DNS setting on the servers in the domain to use a properly configured recursive DNS server (non-Microsoft) and switch off recursion on the domain controllers. This didn’t work since the new DNS servers did not return the needed SRV records to find the domain controllers. This can be setup but seemed like a lot of work and a fragile setup.
Second try
The domain controllers have recursion switched on, but only respond to servers within the domain’s network and the two non-Microsoft DNS servers. The non-Microsoft DNS servers act as secondary DNS. So when a DNS query is done externally, the secondaries respond since the primaries block the external queries. This worked reasonable well, but there were failed and slow DNS queries because the primaries don’t responded.
Solution
The solution I have currently is; domain controllers respond to external queries and have recursion switched off. The servers in the domain use two Microsoft DNS, not the domain controllers, which have recursion switched on and do not respond to queries from outside the domain. These new DNS servers also have conditional forwarders setup for the domain’s dns name pointing at the domain controllers.
The domain controllers and DNS servers are virtual machines, so the resource usage is not as bad a having four physical servers.
The ideal solution would be that Microsoft fixed their DNS server to allow recursion from defined address ranges.
New Hyper-V servers
Just installed 4 new servers to run a Hyper-V cluster.
PowerEdge 1950
Quad 12 core with 256GB of RAM
8 x 1 Gbit/s and 4 x 10 Gbit/s NICs
Live 4K streaming from RED camera
Live 4K streaming from a RED camera using a custom designed board built by the Pozan Supercomputing and Networking Centre in Poland.
Recycling bin design with a suggestive lid
Recycling bin design with a suggestive lid
My biggest pet peeve about cleaning up the photo studio I run is picking other people’s trash out of the recycling bin. Yes, it’s a waste pail just like the garbage pail, but is it not clear that this one’s for bottles and that one is for your half-finished pizza, you freaking Philistine?
So I’m digging Qualy Design’s recycling bin, which is not only recycleable itself but also has the recycling logo cleverly worked into its lid.
But who am I fooling, this probably isn’t going to stop careless rubbish-tossers. What I need is for the lid to be modified into a mechanical aperture that closes shut on a recycling offender’s arm, pinning it with the arrow’s points.
Snowy Dublin Quay
A shot taken near the Samuel Beckett bridge and the Jeanie Johnston ship.