4 Comments

Hello Alex,

thanks for posting this in-depth article about CDNs.

If I might provide a small critic though, I find it unnecessary complicated.

Steps 1-9 are not very different from what happens when resolving a DNS entry to an IP address.

The few differences are:

- the DNS entry www.myshop.com always returns the IP of a DNS Server that is managed by the CDN provider

- This last DNS Server (what you called the CDN load balancer) returns a different IP for the CDN edge servers that changes at every client requests depending its geographical location, the CDN current load, the number of edge servers available, and many other factors that might depends from the type of content or the application.

As a famous example of a CDN, Netflix has a network of servers (acting effectively as a CDN) that are co-located within major ISPs around the globe.

Their CDN strategy is a mix of what is currently popular in a specific region, the release of new content (that might expect to become popular), and various other factors.

You can learn more at https://openconnect.netflix.com/en_gb/.

As a side note, I recently published an article about the role of CDNs in System Design at https://cloudnativeengineer.substack.com/p/the-role-of-content-delivery-networks. I doesn't explain the Netflix use case but it provides a good overview of why you might need a CDN in your architecture.

Expand full comment

How do we ensure the authenticity of user accessing the CDN ?

Expand full comment

I assume that depends from what is between the CDN and the final user. In the case of Netflix, I guess is the app (phone, tv, tablet) to take care of verifying the authenticity of the user.

In other cases I assume there is no checks.

Are you asking so that the CDN provider can avoid DDoS attacks? Do you have a use case?

Expand full comment

Thank you !

Expand full comment