What a CDN Does
A Content Delivery Network caches content at edge Points of Presence (PoPs) geographically close to users, reducing latency and origin server load. A user in Tokyo hitting a CDN-cached asset fetches from a Tokyo PoP instead of a US-East origin — 5ms vs 200ms.
Architecture
Client → GeoDNS/Anycast → Edge Server → (cache hit: return)
→ (cache miss: L2 PoP cache)
→ (L2 miss: origin pull)
- GeoDNS: maps client IP to nearest PoP. Returns PoP’s IP in DNS response.
- Anycast: same IP advertised from multiple PoPs; BGP routes to nearest.
- Origin shield: designate one PoP as the sole origin gateway — all other PoPs pull through it, collapsing N PoP requests into 1 origin request.
Cache Hierarchy
- L1: edge server in-memory cache, TTL 5 minutes, ~10GB per server
- L2: shared SSD cache across servers in the PoP, TTL 1 hour, ~10TB per PoP
- L3: origin pull (with request coalescing to prevent thundering herd)
Cache Key and TTL
Cache key = scheme + host + path + normalized_query_string. Strip tracking params (utm_source, fbclid) before hashing. Support Vary: Accept-Encoding for gzip/br variants.
TTL from origin: Cache-Control: max-age=3600 sets both browser and CDN TTL. s-maxage=86400 overrides CDN TTL only (browser still gets 1h). Cache-Control: private prevents CDN caching entirely (for user-specific responses).
Request Coalescing
On a cache miss, if 100 concurrent requests arrive for the same URL, the edge server makes exactly one origin request and queues the other 99. When the origin responds, all 100 requests are served from the single fetched copy. Without coalescing, a cold edge server would fire 100 origin requests simultaneously (thundering herd).
Cache Invalidation
- URL purge: DELETE /cache?url=https://example.com/image.jpg — propagated to all PoPs via control plane message bus within seconds.
- Tag-based purge: tag assets with logical keys (e.g.,
product:42). When product 42 updates, purge all assets with that tag across all PoPs with one API call. Store tag→URL mapping in a distributed key-value store. - Prefix purge: purge all URLs matching /api/v1/products/* in bulk.
- Surrogate-Key header: origin sends
Surrogate-Key: product-42 category-5; CDN indexes assets by these tags.
Security at the Edge
- TLS termination at edge (not origin) — reduces handshake latency, centralizes cert management
- DDoS absorption: PoPs absorb volumetric attacks; origin never sees flood traffic
- WAF rules evaluated at edge: block SQLi, XSS, bad bots before requests reach origin
- Rate limiting per IP at edge layer
Dynamic Content Acceleration
For non-cacheable dynamic content: route through CDN for network optimization (TCP connection reuse, TLS pre-warming to origin, faster routing than public internet). Edge Side Includes (ESI) cache page fragments — cache the static header/footer, fetch only the personalized body from origin.
Data Model
CacheEntry: url_hash, etag, content_type, body_bytes, expires_at, tags[] PurgeJob: purge_id, type (URL|TAG|PREFIX), key, status, created_at, propagated_at PoP: pop_id, region, anycast_ip, capacity_tb, status
Key Design Decisions
- Cache at the edge, not in a central datacenter — the whole point is geographic proximity
- Coalesce origin requests to prevent thundering herd on cold cache or after purge
- Tag-based invalidation scales better than URL-by-URL purge for content-heavy sites
- Origin shield reduces origin load from O(PoPs) to O(1) per unique URL
Amazon system design interviews cover CDN and content delivery at scale. See common questions for Amazon interview: CDN and content delivery system design.
Netflix system design covers CDN and adaptive video delivery. Review design patterns for Netflix interview: CDN and video delivery system design.
Snap system design covers media delivery and CDN architecture. See patterns for Snap interview: media delivery and CDN system design.