Best practices for MediaConnect - AWS Elemental MediaConnect

Best practices for MediaConnect

For the best performance and availability, follow best practices when you configure your AWS Elemental MediaConnect flows.

Performance

The following best practices describe how to optimize the performance of transport stream flows:

  • Ensure you have set up your transport stream flows with an aggregate output bandwidth of up to 400 Mb/s. MediaConnect is designed to work with an aggregate output bandwidth of 400 Mb/s.

    aggregate output bandwidth = (bitrate of the source) x (number of outputs)

    For example, if your flow has a source with a bitrate of 80 Mb/s and 5 outputs, the aggregate output bandwidth is 400 Mb/s. Likewise, a flow that has a source with a bitrate of 20 Mb/s and sends content to 20 outputs also has an aggregate output bandwidth of 400 Mb/s.

    Note

    Because you can specify two destinations for a single ST 2110 JPEG XS output, those outputs should be counted twice in this calculation.

  • You can set up transport stream flows with bitrates up to 120 megabits per second (Mb/s) with mezzanine-quality live video.

  • You can use up to 20 Fujitsu outputs. In addition to the 20 Fujitsu outputs, you can use up to 30 of any other non-Fujitsu outputs. Aggregate output bandwidth must not exceed 400 Mb/s.

The following best practices describe how to optimize the performance of CDI flows:

  • You can use up to 10 outputs for CDI flows. In addition, 4Kp60 CDI flows support 10 ST 2110 JPEG XS outputs, but only 4 CDI outputs.

The following best practices describe how to optimize the performance of Gateways:

  • The API can be used to start multiple bridges at one time. If you are starting multiple bridges using the API, we recommend starting no more than 10 at one time. If you need to start more than 10 bridges, use multiple requests.

The following best practices describe how to optimize the performance of flows with managed output types:

  • You can use managed outputs to send content exclusively between MediaConnect flows and MediaLive channels. For instructions on creating these output types, see Setting up for a MediaConnect input in the MediaLive User Guide.

  • For flows with managed output types, we recommend an aggregate bitrate limitation of 160 Mbps. For example, if a flow has a source bitrate of 4.5 Mbps, the total number of managed outputs shouldn't exceed 35.

  • For flows with both managed outputs and transport stream outputs, apply the same 160 Mbps aggregate limitation.

Availability

  • To minimize packet loss, use Forward Error Correction (FEC) or automatic repeat request (ARQ) based protocols such as the Zixi or RTP-FEC protocol. These protocols are designed to minimize packet loss between the source and destination devices.

  • Because packet loss is present on any network, even in fully managed networks such as the AWS Cloud, you should create and manage redundant connections throughout your workflows. In MediaConnect, there are multiple ways to add redundancy to your workflow:

    • Create flows in at least two different Availability Zones.

    • Add a second source to each flow. If there are errors in the stream, MediaConnect can use packets from a redundant source or switch to the redundant source completely.

  • We recommend that your organization create a VPC specifically for all AWS Media Services. A single VPC will help to ensure the availability of IP addresses, help in setting up appropriate rules in the security groups, and help to ensure that a network administrator doesn't accidentally delete elastic network interfaces.

Reliability

  • Set up Amazon CloudWatch metrics and alarms to track the health of your source. For information about which metrics to monitor, see Monitoring and tagging.

Security

  • The CIDR block on the flow source should be as precise as possible. Include only the IP addresses that you want to contribute content to your flow. If the CIDR block is too wide, it allows for the possibility of outside parties sending content to your flow.

  • When you create a new SRT password to encrypt an SRT output, you must create that password in AWS Secrets Manager. AWS Secrets Manager does not enforce a specific password policy. However, we recommend the following password policy:

    • Minimum password length of 10 characters and a maximum length of 80 characters

    • Minimum of three of the following mix of character types: uppercase, lowercase, numbers, and ! @ # $ % ^ & * ( ) _ + - = [ ] { } | ' symbols

    • Not be identical to your AWS account name or email address