December 31, 2014

The State of Streaming Protocols - December 2014

WMSPanel team continues analyzing the state of streaming protocols. December showed a lot of views which means more of interesting content to look at.

We expectantly see the increase of HLS share (it's 70% now). The share of RTMP (22%) has been decreasing along with RTSP (2.5%) while progressive download showed good growth (~5%).

All these metrics calculations are based on 3 billion views.

The State of Streaming Protocols December, 2014

You can compare that with November stats below.

December 29, 2014

Cross-domain policy and access control in Nimble Streamer

Protecting web clients against vulnerabilities is one of the core features for safe web browsing. This is why popular platforms use various mechanisms to improve the security. This also includes video playback scenarios. Typically it's covered cross-origin resource sharing (CORS) mechanisms. Nimble Streamer needs to handle those cases.

Cross-domain policy file


For instance, many web media players use the "crossdomain.xml" file. It's a cross-domain policy file which gives the player permission to talk to servers other than the one it's hosted on.

As per Adobe, a cross-domain policy file is an XML document that grants a web client permission to handle data across multiple domains. When a client hosts content from a particular source domain and that content makes requests directed towards a domain other than its own, the remote domain would need to host a cross-domain policy file that grants access to the source domain, allowing the client to continue with the transaction.

Nimble Streamer allows specifying this file content. It is done via configuration file located at /etc/nimble/nimble.conf . Please refer to Nimble config file format for more details.

Use the following parameter to specify the domain within the XML file:
crossdomain_xml_allow_access_from_domain = <your.domain>
E.g. crossdomain_xml_allow_access_from_domain = wmspanel.com

If you'd like to define complete file content, you can create crossdomain.xml with XML based on Adobe's spec examples, like this:
<?xml version="1.0"?><cross-domain-policy><allow-access-from domain="*" secure="false"/></cross-domain-policy>
Once it's ready, save it to local directory and point Nimble to it via crossdomain_xml parameter:
crossdomain_xml = /etc/nimble/crossdomain.xml
The file content will be returned to a client as soon as it's requested.

Cross-origin resource sharing


Another technique is cross-origin resource sharing. Players may require Access-Control-Allow* headers in server responses. You can use the following parameters for that:
access_control_allow_origin = <some value>
access_control_allow_credentials = <some value>
access_control_expose_headers = <content-length>
access_control_allow_headers = <some value>
Some of possible values are
access_control_allow_origin = *
access_control_allow_credentials = true
access_control_expose_headers = 2459768
access_control_allow_headers = Range
or
access_control_allow_origin = http://your.domain.com
You may refer to W3C to get more details.


Important
: to apply config changes, please re-start Nimble instance by running:
sudo service nimble restart

Please read more about config file format here.

P2P streaming


You can also see example of CORS headers usage in the StreamRoot P2P streaming article featuring Nimble Streamer.


Related documentation


Nimble StreamerNimble Streamer APINimble Streamer configurationNimble Streamer performance tuning, SSL support for HLS, DASH, Icecast and MPEG-TS streaming,

Geo-location statistics for states and regions

WMSPanel reporting for media servers of various types has several types of metrics. Geo-location reporting is one of the most popular ones. It's part of daily statistics for particular data slice and it shows total number of connections established within selected dates range.

Today we introduce a highly anticipated improvement - geo-location stats how have extra information about regions within countries. Best example is a state within countries the United States of America or Brazil.

You can go to Reporting -> Geo stats menu to see a reporting page. This page contains a map representing views share and a list of countries, each having total number of connections and percents of share. You may select dates range to report and also export your data via CSV file.

List of countries in geo-location reporting.

Clicking on country name shows list of regions (e.g. states) list, each having total connections number and percentage.

List of states for USA in geo-location reporting.

Clicking on a region shows the list of cities in it, each having its own stats.

List of cities of a country in geo-location report.

With the additional regions metrics you will have full picture of your audience in any given country.

Read more about WMSPanel streaming reporting. Contact us if you have any questions about it.


Related documentation


End user reporting for WowzaDaily statisticsISP networks reportData slices for statisticsDevices and Players report for WowzaStreamed slices for WowzaScreencast for daily statisticsStatistics import APIGeo and IP range restriction for WowzaNimble Streamer geo-location restriction

This product includes GeoLite data created by MaxMind(c), available from http://www.maxmind.com

December 25, 2014

SSL support for HLS, MPEG-DASH, Icecast and MPEG-TS

Secure streaming is required in several scenarios in our customers' environments. This is why we are working on implementing security feature set. One of the high-demand features is SSL streaming for HLS, MPEG-DASH, MPEG-TS, Icecast and progressive download via Nimble Streamer. In this case streams are available via HTTPS protocols stack.

Nimble Streamer team has implemented this feature.

To set up HTTPS streaming, you need to generate SSL certificate first. This is done separately and you can read articles here to see an example of such activity. Usually SSL certificates are purchased by some provider like GoDaddy and these companies provide plenty of information about this process.

In this article we assume:

  • you already have a certificate for further setup,
  • your certificate and its key are located at your server and 
  • they are ready for further usage.

You will need to make changes to Nimble Streamer settings to make it work for your media streaming. These settings are stored in /etc/nimble/nimble.conf file.

Add the following parameters:

  • ssl_port - this is port number for SSL connections.
  • ssl_certificate - full path to certificate located at your server
  • ssl_certificate_key - full path to certificate key located at your server
  • ssl_certificate_key_pass - if you use encryption for your certificate key, you need to specify a password here. This is optional parameter, so if you don't use encryption, just don't add it into the config.

By default, Nimble Streamer handles connections via the port specified in config at "port" parameter. Usually it's port 8081. If you need Nimble Streamer to handle connections via SSL only, please set this parameter to 0, like this:
port = 0

If it has some other value, Nimble still handles streaming connections through 2 ports via both HTTP and HTTPS. If you remove "port" parameter, Nimble will use default value "8081"

Here's an example of SSL config parameters:
ssl_port = 443
ssl_certificate = /etc/nimble/yourdomain.com/yourdomain.com.crt
ssl_certificate_key = /etc/nimble/yourdomain.com/yourdomain.com.key


To apply config changes please re-start Nimble by running:
sudo service nimble restart

You can read more about Nimble Streamer parameters in this reference article.

With these settings you can stream MPEG-DASH, HLS, Icecast, MPEG-TS and progressive download via HTTPS.

If you need more sophisticated protection for HLS, please consider using HLS AES-128 DRM encryption supported by Nimble.

Troubleshooting


Some browsers or client software may fail to recognize your certificate even though it's valid. In this case you may need to get SSL certificate chain (root and intermediate certificates) combined into a single .crt file and use that file with Nimble Streamer. If you use Linux, you can do that by concatenating both files using this command:
cat your_site_certificate.crt root_certificate.crt > your_site_chained_certificate.crt



Please feel free to install Nimble Streamer to try this and other security-related features in action. Contact us in case of any questions.

Related documentation


WMSPanelNimble StreamerHotlink protection for Nimble StreamerPaywall for Nimble Streamer, Live streaming, VOD streaming,

December 24, 2014

MPEG-DASH hotlink protection and paywall

Nimble Streamer team keeps working on MPEG-DASH feature set. In addition to MPEG-DASH VOD streaming and RTMP to DASH live transmuxing, we've continued implementing features already existing for HLS.

One of the most popular feature sets of Nimble Streamer and WMSPanel is content protection. It allows creating easy-to-use paywalls and embedding them into existing websites. Major available features are hotlinking protection and pay-per-view framework.

Hotlinking protection


Hotlinking protection allows preventing "links hi-jacking". When you publish some media behind the paywall, anyone can take the direct URL to content and pass it to anyone else. Nimble Streamer allows preventing that. This is how it works.

  1. You modify a webpage which shows a media link to include a "signature" - the URL parameter which is based on a secret password and viewer's IP address
  2. You also set up protection rules in WMSPanel where you describe which streams are affected and what password will be used.
  3. When a viewer requests the media from the media server, Nimble Streamer checks the signature against the viewer's IP and encrypted password. If they match, the connection is established, if they don't then it will be forbidden.

This scenario works already for HLS and progressive download already. Now it works perfectly for MPEG-DASH.

Hotlinking protection for MPEG-DASH workflow diagram.

December 16, 2014

Making MPEG-DASH from RTMP: ABR streaming via Nimble Streamer

Nimble Streamer team keeps exploring MPEG-DASH capabilities. In addition to MPEG-DASH VOD streaming introduced, we've continued moving towards live streaming support. Today we release RTMP to MPEG-DASH transmuxing. Nimble Streamer may take published RTMP as well as pull stream from RTMP source and transmux it into DASH in live mode.

To use this capability you need to install Nimble Streamer and then define RTMP settings - either specify RTMP publish settings or RTMP pulled streams. Once it's done, you'll be able to get live MPEG-DASH streams for single bitrates as well as make ABR streams from them. Notice that H.264 content is supported at the moment.

Let's go step by step and see how it works.

December 3, 2014

MPEG-DASH support for VOD playback in Nimble Streamer

Through past several years, MPEG-DASH has gone a long path from a basic concept to industry standard. Thanks to contributions from a lot of companies and stakeholders, this technology can now be used in a variety of scenarios, including video on demand.

Nimble Streamer team is up for HTTP streaming technologies like HLS or Icecast. So moving towards DASH is a great step forward to better user experience for our customers who would like to try advantages of this HTTP-based protocol.

Today we introduce VOD playback for MPEG-DASH in Nimble Streamer. Is allows transmuxing MP4 files to DASH stream on-the-fly with very low resources consumption.


You can follow these easy steps to set up DASH VOD streaming.

1. Install Nimble Streamer


Use this installation instruction. Or just ask us to install it for you, we can do it free of charge.

2. Prepare content


Upload your MP4 file encoded with H.264/AAC or H.265 to a designated location on the server. The user called "nimble" must have read access to this directory and its contents. Let's say it would be /home/user/video directory

3. Set up VOD streaming


Click on Nimble Streamer -> Edit Nimble Routes menu to open streaming routes setup page.


Clicking on Set up VOD streaming button you will see the following dialog.

Adding VOD transmuxing route for DASH, HLS and progressive download.
In section 1 "Where incoming requests are coming" you may see the following fields.

  • Path field contains the URL name part which will then be used for accessing streams. You need to enter some value here, it shouldn't be blank because it's used for stats calculation purposes. It's /vod/ in this example. 
  • You may also set up Domain if you'd like this route to process only specific domains. You may leave it blank if you don't plan putting any limitations.

In section 2 you need to fill in Path field with full path to your content in your file system.

Then you need to select which Nimble Streamer instances will get these settings. So you may apply them to any number of instances at once in just a few clicks.

Once the route is set up, you may request any of the uploaded files via any protocol you need:

  • http://server_IP:8081/vod/sample_file.mp4/manifest.mpd - DASH
  • http://server_IP:8081/vod/sample_file.mp4/playlist.m3u8 - HLS
  • http://server_IP:8081/vod/sample_file.mp4 - progressive download

You may also change default port 8081 to any other port by changing server config.

If you'd like to have better viewing experience you may also consider using adaptive bitrate for VOD MPEG-DASH by using SMIL files.

4. Stream the content


With streaming URLs ready for further use, you may now add them to your player. MPEG-DASH streaming of Nimble Streamer was tested with DASH reference player as well as with Bitmovin's bitdash™ player. If you find any other players more suitable for you - please share your experience with us.

Using Nimble Streamer in your streaming infrastructure, you can get DASH streaming statistics via WMSPanel reporting SaaS. It has built-in support so you don't need to parse logs or anything like that - Nimble will send required metrics to central service for your convenience.


WMSPanel is currently an associate member of DASH Industry Forum. We will extend DASH feature set with all scenarios available for HLS. Check also MPEG-DASH live streaming via RTMP transmuxing, Please contact us if you need to cover some specific use cases or if you just have any feedback about DASH handling in Nimble Streamer.

Related documentation


Nimble Streamer, MPEG-DASH live streaming from RTMPDASH industry forum, HLS VOD streaming, HLS live streaming, Hotlink protection and paywall for MPEG-DASH