ES EN
Under attack?
CONTACT US
CONTACT US
Under attack?


Español English
Home Blog

Oscar Dorrego

Los invisibles de la CDN

06 Feb 26

Dedicated mid-tier: the bodyguard your origin needs (and your CFO too)

If you work in the world of digital television or OTT streaming, you know the cold sweat that runs down your back when there’s a massive premiere or a football final. The fear isn’t so much that the CDN won’t respond, but that your origin server will decide to “shut down” due to the avalanche of requests.

If that’s your situation, I’ll tell you why you need a mid-tier layer. This layer, in addition to acting as a second-level (L2) cache, functions as an intelligence filter, a shield, and, if that weren’t enough, also as a cost-saving manager. All in one.

The funnel effect with “request coalescing” so your origin can live peacefully

Imagine 10,000 users simultaneously requesting the same video clip. Without a mid-tier, your origin receives 10,000 cries for the same thing. However, with a mid-tier, the magic of request coalescing happens.

The mid-tier server receives the requests, realizes they’re all looking for the same .ts file, and tells the rest: “Wait a minute, I’ll get it.” It makes a single request to the origin, saves the file in its L2 cache, and distributes it to everyone simultaneously. Your origin server doesn’t even realize there’s an entire stadium watching the screen.

Each device is a world unto itself.

An older Smart TV, an iPhone, a game console, or any other device, has its own quirks. Some send unusual headers, others insert telemetry parameters into the URL, like ?user_id=123&session=abc. For a standard cache, each of these variations represents a separate file. This results in chaos and cache failures.

Header normalization

Using the same technology it uses to resolve these types of situations in CDN nodes, the Transparent Edge mid-tier applies header and query string normalization by doing the following:

  • Smart cleaning: ignores parameters that do not affect the content (such as user ID) for cache search.
  • Canonization: reorders and standardizes requests so that video.mp4?a=1&b=2 and video.mp4?b=2&a=1 are recognized as what they are: the same blessed file.
  • You’ll get an additional benefit: your cache hit ratio (CHR) will skyrocket, rising above 98%.

Goodbye to “evictions”: elephant memory for your video

At edge nodes, space is expensive and content disappears quickly. If a video isn’t trending in the last five minutes, it’s evicted to make room for new content.

The dedicated mid-tier, however, has massive storage capacity. It acts as intermediate video storage where long-tail content resides. Because it doesn’t suffer constant evictions, it prevents edge nodes from having to search for that old episode of a series all the way back to the origin. The mid-tier always has it readily available.

Multi-CDN environments: put your mid-tier in charge of conducting the orchestra

If you manage a video platform, you know that the edge is like the front row of a festival: noisy, with people asking for different things, and generally chaotic. Traditionally, you want to trust the edge to handle everything, but when we’re talking about digital television at scale, you need a conductor.

That’s the function of the dedicated mid-tier. Besides offering you a larger cache, it’s where the magic of normalization and efficiency happens.

The master of headers: taming the Vary

In the edge, the Vary header is both a blessing and a curse. If not handled properly, it can fragment your cache into a thousand pieces. The Transparent Edge mid-tier acts as a universal translator for the most common scenarios:

  • Compression (Gzip vs. Brotli): Why save the same thing twice? The mid-tier can normalize Accept-Encoding requests. If the origin only needs to send one version, the mid-tier ensures efficient caching, preventing the origin from doing double the work.
  • CORS: Managing Origin and Access-Control-Allow-Origin headers can be chaotic if you have multiple domains. The mid-tier standard normalizes these headers so that the cache key isn’t broken by a simple domain change, serving the correct content without having to return to the origin to ask, “Do I grant permission to this?
  • Multi-language support: If your content relies on Accept-Language, the mid-tier system groups the requests. We don’t need 50 variants for 50 nuances of Spanish; the mid-tier system standardizes the request so the origin can rest easy.

In summary: the mid-tier cleans up the “noise” coming from the edge and is the one who decides what information is really important to go and find at the origin.

Multi-CDN scenario: the one ring to rule them all

This is where the mid-tier goes from being interesting to being essential. Many broadcasters use several CDNs (CDN1 for some countries, CDN2 for others, CDN3 for live broadcasts…).

The problem without a mid-tier system: every time a CDN fails a cache lookup, it goes straight to your origin. If you have three CDNs, your origin receives triple the load! It’s like three different delivery services, with all their minions, knocking on your door to order the same pizza.

The solution with a dedicated mid-tier involves making the mid-tier the single entry point for all your CDNs. This way you achieve:

  1. Load consolidation: it doesn’t matter how many CDNs you have; for your origin, there’s only one: your mid-tier. The savings in egress costs are simply massive.
  2. Unified logic: If you want to purge content or change a CORS rule, you don’t have to do it in three different control panels. You do it in your mid-tier and it propagates to all CDNs.
  3. Independence: If one CDN has performance issues, you can move traffic to another without fear of the new traffic saturating your origin, because the mid-tier already has the content ready to serve.

Multi-layer failover proof

In television, making a mistake is not an option. That’s why we’ve designed a Murphy’s Law-proof redundancy system:

  1. Dedicated standby mid-tier (Active-Passive): If the primary mid-tier cluster experiences a problem, traffic is automatically diverted to a second dedicated mid-tier that remains on standby. It’s like having a spare tire, but of the same quality as the original.
  2. Jump to the shared mid-tier: What if all the dedicated infrastructure fails? Don’t panic. The system routes traffic to our shared global platform. It might not be as exclusive as your dedicated tier, but it ensures that streaming doesn’t stop and that the origin remains protected.
  3. Origin Health Checks: If the origin has high latency, the mid-tier can serve stale (obsolete but valid) content so that the viewer does not see a loading circle while you recover the server.

The savings scenario, the numbers that make the CFO smile

Let’s talk about money. In the cloud, egress (outgoing traffic) is the tax that hurts the most.

CONCEPTWITHOUT MID-TIER (standard L1 cache)WITH DEDICATED MID-TIER
Traffic served to users1  Petabyte1  Petabyte
Traffic delivered from the origin to the edge nodes~15% (150 TB)~1-2% (10 TB)
Egress cloud invoice$$$ (high)$ (minimum)
Load on servers/packagersHigh (dangerous peaks)Flat and predictable

Estimated annual savings

In a scenario of 1PB per month, the savings in egress costs can exceed €84,000 per year.

DDoS attack protection

In a DDoS cyberattack scenario, the mid-tier is your first line of defense. Your origin server is no longer exposed to the internet and becomes isolated. It only communicates with the mid-tier server. And if someone tries to take down the service with a Layer 7 flood attack, the mid-tier server absorbs the impact. It’s much harder to overwhelm Transparent Edge’s dedicated infrastructure than a conventional origin server.

To take home

Implementing a mid-tier is a sound technical decision because you protect your origin, make your operations team happy, and, incidentally, save the company a fortune in infrastructure costs.

Furthermore, in a world where traffic is volatile and devices are infinite, the mid-tier is the piece that brings sanity, as it manages Vary like an expert, unifies your CDNs, and allows you to sleep soundly knowing that, even if you have a record-breaking audience success, your origin server will be as relaxed as if it were a Sunday morning.

Let’s talk about how to secure your platform and start saving on your next cloud bill?

Oscar Dorrego is Presales at Transparent Edge.

Psychologist by training, computer scientist by hobby, pre-sales by profession, new romantic at heart. He does so many things that he doesn’t even remember what he really does. More left hand than Nadal. Living between business and technology allows him to have half the joys and twice the worries, but it is impossible to make a dent in the spirit of our favorite snake charmer.




Artículos Relacionados