🧩Core Building Blocks·6 min read

Content Delivery Networks (CDNs)

Cache static content at the edge, close to users, to cut latency and offload origins.

A Content Delivery Network (CDN) is a globally distributed layer of cache servers that serves content from edge POPs(points of presence) near users instead of making every request travel to one faraway origin. It improves latency, absorbs traffic spikes, and keeps your application servers from becoming expensive file servers.

🔭Think of it like…

A CDN is like stocking a bestselling book in local bookstores around the world. Without it, every reader mails a request to the publisher's warehouse and waits. With it, most readers pick up a nearby copy; only a bookstore with an empty shelf asks the warehouse for another shipment.

The problem: distance and origin overload

The failure mode CDNs solve is deceptively simple: the internet is physical. A user in Singapore fetching a 4 MB hero image from an origin in Virginia pays for many network hops, multiple round trips, and trans-ocean congestion. Multiply that by millions of page views and your origin spends its day serving identical bytes again and again.

without a CDN, every user hits the origin

User in Mumbai ───────┐
User in Paris  ───────┼──▶ origin.example.com ──▶ app / S3
User in Sydney ───────┘        (same logo, same CSS, same video chunk)

High latency: even small files feel slow when the TCP/TLS handshake and bytes cross continents.
Origin hot spots: one viral asset can saturate your storage bucket, web server, or load balancer.
Expensive repeated work: the same public image, script, or video segment is fetched thousands of times when it could be fetched once per region and reused.

The core idea

Put cacheable bytes close to users. Your origin remains the source of truth, but it should only see cache misses, revalidations, purges, and truly dynamic requests.

How edge POPs, routing, and cache hits work

A CDN operates many edge POPs in large internet exchange locations. When a browser requests https://cdn.example.com/app.8fd1.css, DNS and/or anycast routing steer the request to a nearby healthy POP. Anycast lets many POPs advertise the same IP prefix; internet routers naturally choose the shortest available path.

Users are routed to nearby edge POPs; only misses travel to the origin.

request path through a pull CDN

1. Browser requests /images/hero.jpg from cdn.example.com
2. Anycast/DNS routes the browser to a nearby edge POP
3. Edge checks its cache key: host + path + selected query/header values
4. HIT: edge returns bytes immediately
5. MISS: edge fetches from origin, stores the response with its TTL, then returns it

The cache key is important. If you include every query parameter or cookie, two users may produce different keys for identical content and destroy the hit rate. If you ignore a header that changes the response, such as language or image format, you may serve the wrong variant.

What to cache and how TTLs control freshness

CDNs are best for content that is expensive to move and safe to reuse: images, fonts, JavaScript and CSS bundles, downloadable files, video segments, public product photos, documentation assets, and selected API responses. The origin tells the edge how long a response can be reused with HTTP caching headers.

typical Cache-Control choices

# fingerprinted build artifact: safe for a year because URL changes on deploy
Cache-Control: public, max-age=31536000, immutable

# product image that may be replaced: cache briefly and revalidate
Cache-Control: public, max-age=300, stale-while-revalidate=60

# private dashboard JSON: do not share through a public CDN cache
Cache-Control: private, no-store

Content	Good CDN policy	Why
app.8fd1.js / styles.71c.css	Very long TTL + immutable	Filename fingerprint changes when bytes change
Public product image	Minutes to hours	Reusable across shoppers, but may need replacement
Video HLS/DASH chunks	Long TTL for completed chunks	Large, popular, naturally split into cacheable pieces
Per-user account page	Private or no-store	One user's data must not be served to another

Versioned URLs beat frantic purges

For deploy artifacts, prefer content-hashed filenames such asapp.8fd1c0.js. You can cache them for a year because a new deploy creates a new URL. Purge is then reserved for emergencies and mutable assets.

Pull CDNs, push CDNs, and origin shielding

Most web CDNs are pull CDNs: the edge pulls content from the origin on the first miss. A push CDN requires you to upload content to the CDN ahead of time. Pull is operationally simpler for web assets; push can be useful for very large media libraries and workflows where publishing is explicit.

Mode	How content gets to the edge	Best for	Trade-off
Pull CDN	Edge fetches from origin on first request	Web apps, images, public downloads	First request in a region pays miss latency
Push CDN	Publisher uploads content to CDN storage before users ask	Large media catalogs, game downloads	More release orchestration and storage management

Many CDNs also support origin shielding: instead of every edge POP fetching from your origin during a global miss storm, all edges fetch through one regional shield cache. The shield collapses duplicate misses, so your S3 bucket or origin server sees one refill rather than thousands.

origin shield collapses a miss storm

many edge POPs miss /trailer.mp4 at once
          │
          ▼
   regional shield cache  ── one fetch ──▶ origin
          │
          └─ fills edges as they request the object

Invalidation, purge, and private content

Cache invalidation is the price of caching. If the origin changes a file while edges still have a fresh copy, users may see stale bytes until the TTL expires. You have three common tools: wait for TTL, deploy a new versioned URL, or explicitly purge the old cache entry.

Purge by URL: fast for a small set of known objects, such as one incorrect image.
Purge by prefix or tag: useful for a product category or tenant, but can be slower or costlier.
Soft purge: marks content stale so the next request revalidates, often safer than deleting everything at once.

Private content can still use a CDN, but access control must move to the edge. Use signed URLs or signed cookies that encode an expiry, allowed path, and sometimes IP or policy claims. The CDN verifies the signature before serving the cached object, while the origin remains hidden and protected.

signed CDN URL for private media

GET https://cdn.example.com/private/video/lesson-42.m3u8
  ?expires=1790000000
  &policy=path:/private/video/lesson-42/*
  &signature=HMAC(policy + expires)

Gotchas that hurt production systems

Do not cache personalized responses unless the cache key includes the personalization dimension and the data is safe to share. Be careful with query strings, cookies, compression variants, CORS headers, and purge delays. A CDN makes good cache decisions very powerful and bad cache decisions very global.

Real-world CDN patterns

Next.js assets: hashed JavaScript chunks, CSS, and images are ideal long-TTL CDN content.
Video streaming: HLS/DASH manifests and segments are cached at the edge so seeking and playback avoid origin round trips.
Software downloads: release binaries and installers use CDNs to avoid melting one origin during launch day.
Private training content: the object is cached, but only users with valid signed URLs or cookies can access it.

Related design pattern

See the CDN pattern for a more end-to-end architecture view, including cache keys, origin failover, and deployment strategy.

Key takeaways

A CDN places cache servers in edge POPs near users, reducing physical distance and keeping repeated bytes away from your origin.
Cache-Control headers, TTLs, and cache keys decide what is reused, for how long, and across which request variants.
Pull CDNs fetch from origin on misses; push CDNs receive content ahead of time. Origin shielding collapses global miss storms.
Invalidation is handled with versioned URLs, TTL expiry, and explicit purges; each has latency, cost, and operational trade-offs.
Private content can still be CDN-delivered with signed URLs or signed cookies, but personalized data must be cached with extreme care.

The URL changes whenever the bytes change, so old and new versions can safely coexist. That lets you use a very long TTL andimmutable without worrying that a user will keep receiving stale code after a deploy.

Without shielding, many edge POPs can miss at the same time and all fetch the same object from the origin. A shield cache collapses those misses so the origin sees far fewer requests, protecting storage, bandwidth, and upstream services.

Use a stable CDN path for cacheability, but require a signed URL or signed cookie. The CDN verifies the signature, expiry, and path policy at the edge before serving the cached bytes.

Finished this lesson?

Mark it complete to track your progress through the workbook.