Use Aspera Upload Acceleration

This client quickly transfers content from your local system to NetStorage using Asperasoft's accelerated transfer protocol, “FASP."

Aspera Upload Acceleration (Aspera) utilizes a high-speed, third-party client (the "Aspera Client") that has been developed for Akamai by Asperasoft. This protocol consists of two channels:

  • Control Channel: This channel grants access to the Aspera binary via an SSH connection.
  • Transfer Channel. This channel conducts the transfer via a negotiated port (encrypted or unencrypted) using Aspera's UDP-based protocol.

FASP offers fairness along with significant performance enhancements when compared to NetStorage's traditional access methods. (For example, it is faster than uploads performed via SFTP, SCP and FTP.)

Before you get started with Aspera

Review these requirements and considerations before starting with Aspera Upload Acceleration.

Aspera Upload Acceleration must be on your contract. You need to purchase Aspera Upload Acceleration, and it must exist on your contract for NetStorage. Contact your Account Representative for assistance.

You need to setup firewall support on your local system

The "Aspera Client" application used with Aspera Upload Acceleration requires specific ports for file transfer. If your local system is behind a firewall that does not allow outbound connections, you need to do the following:

  • Allow outbound connections from the Aspera Client on the TCP port (TCP/33001), as well as the “fasp UDP” port (33001).
  • If you have a local firewall on your system (for example, “iptables” for Linux, “ipfw” for Mac OS X or Windows Firewall), verify that it is not blocking your SSH (TCP/22), and "fasp" transfer ports (for example, TCP/UDP 33001).

Upload domain

Each NetStorage access method has an optimized upload domain. Use <Domain name prefix> for Aspera uploads.


Use Aspera only when uploading to NetStorage

NetStorage doesn't support Aspera for downloads or any other content-management operations.

Aspera Requirements

What's required for Aspera Upload Acceleration use? Multiple requirements must be met:
  • “NetStorage::Aspera” must be on your contract. It's included by default with all contracts that have NetStorage.
  • Aspera must be enabled for at least one NetStorage Storage Group Upload Account, on that contract.
  • Each Upload Account must be configured with an SSH Key--the Public instance of the key must be properly associated with the Upload Account, while the matching Private instance must be applied via the Aspera Client in use.
  • An appropriate version of Aspera software must be installed:
    • Aspera Client . Must be v4.0.0.182279
    • ASCP CLI . Must be v4.0.0.182279
Is there an Aspera license? No.

What ports does Aspera Upload Acceleration use? Aspera requires two ports:
  • TCP 22 - For ssh connection and file browsing, and
  • TCP/UDP 33001 - For file transfers
Minimum performance requirement for your network client. Minimum performance requirements are 300 mbits per second, per connected session. If your client system or network is incapable of transfer rates of at least this speed, you should look into a traditional NetStorage transfer method, such as FTP, SCP, etc.).

Aspera support

What NetStorage Usage API operations are supported for use with Aspera Upload Acceleration?Currently all basic NetStorage API operations are supported, except for the following:
  • rename
  • quick-delete - Recursive directory deletion requires the NetStorage quick-delete option, which is not currently supported by the Aspera Client.
  • mtime (the time can be preserved during upload, but it cannot be explicit set/changed for a file already on NetStorage.
  • symlink - Source (“src”) symlinks can be preserved during uploads, but a destination (“dest”) symlink cannot be explicitly created.
What features in the Aspera Client UI and Aspera CLI (ASCP) aren't supported for use?Non-supported features are as follows:

Aspera Client UI

  • Rename
  • Resume
  • Cut, Copy and Paste
  • Password Authentication
  • Preservation of access, modification, and creation times
  • Preservation of owner and group modifications
  • Multi-byte filenames
  • File Properties


  • -K PROBE-RATE: Probing rate for bandwidth measurement
  • -k RESUME-LEVEL: Enable resume. RESUME-LEVEL: 0,1,2,3
  • -C N-ID:N-COUNT: Parallel transfer.
  • -@ RANGE-LOW:RANGE-HIGH: Transfer only ranges within file
  • --preserve-file-owner-uid
  • --preserve-file-owner-gid
  • -p: Preserve file timestamp
  • --delete-before-transfer: Delete files that exist at the destination but not at the source, before any files are transferred.
What features in an upload account aren't supported for use with Aspera Upload Acceleration?
  • Directory Limit
  • Default Directory
  • Subdirectory Restrictions
Aspera Upload Acceleration requires an Upload Account with an SSH key. Can I use an existing key?Yes. However, the Aspera Client requires that the public instance of the key exist in the “.ssh” directory (in your home directory) on the local system. You can copy the key to this directory and access it via the Aspera Client. However, using the built-in tool offered in the Aspera Client to generate an SSH Key and apply it is the recommended method of use.
How do I import an SSH Key for use with the Aspera Client?The Aspera Client does not allow for import of an existing SSH key. It can be used to create a new key, or you can copy an existing key to the “.ssh” directory on your local system. (The former of these two is the recommended and documented method.)
What is “Aspera Server?”The Aspera Server is actually a package, comprised of Client and Server components, as well as other environment and workflow pieces. This is exclusively available from Asperasoft. (It is not available through Akamai--we only offer the client component). The Client is what is used to perform uploads to NetStorage.
Is the Aspera web client supported? Is password authentication supported?The web client is not currently supported because it can only work in "password authentication" mode, and Aspera Upload Acceleration requires SSH authentication.
Can I employ the Aspera SDK?Typically, no. However, special circumstances may arise. Contact your account representative for more information.
Is encryption supported?The Aspera Client can perform transport layer encryption as well as file encryption. Both are configurable in the applicable client. For ASCP, the flags are “-T” and “--file-crypt,” respectively.
Note: Transport layer encryption is only between the client and the NetStorage server. (Server to backend storage is not encrypted.)
Can Aspera Secure Copy (ASCP) replace standard Secure Copy (SCP)?Yes. Aspera has replicated most of the common use functions of SCP, and have replicated its functionality in ASCP. In most cases, you would only need to change SCP to ASCP in order to use Aspera with an existing workflow.
The Aspera Client UI offers options for “Resume” and “Overwrite”. Are these supported with Aspera Upload Acceleration?NetStorage does not support resume operations. Appending to a partially uploaded file is not supported. However, the resume option (“ -k”) and the “--overwrite” option can be used via the CLI to control whether an existing file will be overwritten by a new upload--either overwrite partially uploaded content, or leave it as is (but no resume will take place).
Are multi-byte (multi-lingual UTF8) file names supported?No. They are currently not supported. Support is planned for a future release.
Will “ssh key agent” work with Aspera Upload Acceleration?While the ssh key agent does work with the command-line ASCP executable, it does not work with the Aspera Client UI. There is a restriction on how many keys NetStorage will allow for authentication, and this could possibly cause authentication failures.
I currently use specific firewall rules which restrict NetStorage Server access, as well as specific IP Address lists for NetStorage use. Can I incorporate them with Aspera?No. Aspera hosts are part of a specific Akamai network -- “C2S”. To access this network, a client system will need to be able to transfer on ports “22” and “33001”. Port 22 is the command/authentication port, and 33001 serves as the UDP transfer port.
Note: C2S is included as a category in the “Firewall Rules” section of Control Center, but it is not currently populated. If necessary, contact your Account Representative for assistance in setting these Firewall Rules.