CDN A brief introduction to the principle

Chico

Work in 10 Years of operation and maintenance , Good at moving bricks （DevOps）

54 Many people agree with the article

CDN Principle introduction

brief introduction

CDN It is to distribute the content of the origin site to all nodes in the country , This reduces the delay for users to view objects , The technology to improve the response speed of users visiting the website and the usability of the website . It can effectively solve the problem of small network bandwidth 、 Large user visits 、 The problem of uneven distribution of outlets .

CDN It's actually Content Delivery Network Abbreviation , namely “ Content distribution network ”
Origin content (image、html、js、css etc. ) This belongs to content distribution

CDN Born more than twenty years ago , With the increasing pressure on the backbone network , And the increasing demand for long-distance transmission , This makes the backbone network more and more stressed , The long pass effect is getting worse . So in 1995 year ,MIT Professor of Applied Mathematics Tom Leighton Leading graduate students Danny Lewin Try to solve the problem of network congestion with mathematical problems together with several other top researchers .

They use mathematical algorithms , Dynamic routing of content , And finally solved the problem Internet The user's problem . later , Sloan School of Management MBA Student Jonathan Seelig Joined the Leighton In the team of , From then on, they began to implement their own business plan , In the end to 1998 year 8 month 20 The company was officially established on the th , Name it Akamai.

Same year 1998 year , China's first CDN company  ChinaCache establish .

LAN Xun It's the first one in China CDN company

In the following 20 Mid year ,CDN The industry has undergone changes and sustained development , Many clouds have emerged in the industry CDN manufacturer . Alibaba cloud CDN yes 2008 From Taobao in CDN scratch , stay 2014 Officially developed into Alibaba cloud in CDN Of , It not only provides services to all subsidiaries of Alibaba Group , At the same time, it also brings its own resources 、 Technology outputs in the form of cloud computing .

Why CDN

Today's Internet applications contain a lot of static content , But static content and some quasi dynamic content are the most bandwidth consuming , Especially for large websites nationwide and even worldwide , If all these requests are directed to the server of the master station , Not only the master server can't stand , Single port 500M The left and right bandwidth can't be carried , So most websites need CDN service .

The fundamental reason is , Speed of access to the user experience of Internet applications 、 Word of mouth 、 Even the direct revenue has a huge impact , Any enterprise is eager to have faster access to its own site . and HTTP Transmission delay pair web The speed of access has a great impact , It plays a decisive role in most cases , This is from TCP/IP Some characteristics of the agreement determine . The physical reason is that the speed of light is limited 、 Limited channels , Packet loss is caused by the protocol 、 Slow start 、 Congestion control, etc .

That's how you use CDN The first and most important reason for ： In order to speed up the visit to the website .

In addition to accelerating access to the site ,CDN There are also some functions ：

• In order to achieve cross operator 、 Cross regional network coverage

There is no interconnection 、 Area ISP Geographical limitations 、 All kinds of factors, such as the limitation of export bandwidth, cause the regional inaccessibility of the website .CDN Acceleration can cover global lines , By working with operators , Deploy IDC resources , In the national backbone node business , Deploy reasonably CDN Edge distribution storage nodes , Make full use of bandwidth resources , Balance source flow . Alibaba cloud has 500+ node , overseas 300+ node , Covering mainstream countries and regions is not a problem , To ensure that CDN Stable and fast service .

• To keep your website safe

CDN Load balancing and distributed storage technology , Can enhance the reliability of the website , Quite no invisible to your website to add an umbrella , Deal with the vast majority of Internet attacks . The anti attack system can also avoid malicious attacks on the website .

• In order to help in other places

When a server fails unexpectedly , The system will call other nearby health server nodes for services , To provide access to 100% The reliability of the , This allows your site to never go down .

• In order to save cost

Put into use CDN Accelerate can realize the whole nation of website to lay , You don't need to think about buying servers and subsequent hosting operations , Mirror synchronization between servers , Don't worry about managing maintenance technicians , Save manpower 、 Energy and money .

• To make you more focused on the business itself

CDN Acceleration manufacturers usually provide one-stop service , Business is not limited to CDN, There is also supporting cloud storage 、 Big data services 、 Video cloud service, etc , And it usually provides 7x24 O & M monitoring support , Keep the Internet open at any time , You can use . And put more energy into the development of their own core business .

principle

Popular principle （ Must understand ）

Through domain name resolution IP analysis （ Bonus points ）

1. When the user clicks on the content on the website page URL, Through the local DNS System analysis ,DNS The system will finally give the domain name resolution right to  CNAME  Point to the CDN special DNS The server .
2. CDN Of DNS Server will CDN Global load balancing device IP Address returned to user .
3. The user to CDN The global load balancing device initiates content URL Access request .
4. CDN Global load balancing device according to user IP Address , And what the user requested URL, Select a regional load balancing device in the user's area , Tell the user to make a request to the device .
5. After a comprehensive analysis based on the following conditions , The regional load balancing device will return a cache server to the global load balancing device IP Address ：
6. According to the user IP Address , Determine which server is closest to the user ;
7. As requested by the user URL Content name carried in , Determine which server has what the user needs ;
8. Query the current load of each server , Determine which server is still serviceable .
9. The global load balancing device puts the IP Address returned to user .
10. The user makes a request to the cache server , The cache server responds to user requests , Delivers the content required by the user to the user terminal . If there is no content on this cache server that the user wants , And the regional equalization device still assigns it to the user , The server then requests the content from its upper cache server , Until the source server, which traces back to the site, pulls the content locally .

DNS The server is based on the user IP Address , Resolve the domain name to the cache server of the corresponding node IP Address , Enable users to visit nearby . Use CDN Service website , Just give the domain name resolution right to CDN Global load balancing （GSLB） equipment , Inject the content to be distributed into CDN, Content acceleration can be achieved .

frequently-used CDN Cache Software

• Varnish ： Think of it as a memory cache , Top speed , But memory caching also limits its capacity , Caching pages and images is generally good ;
• squid It's the most comprehensive and traditional one web cache server, Has its own storage engine ., But the architecture is too old , Performance is not good .
• nginx It was a reverse agent /web The server , You can do this side business with plug-ins , However, it does not support many functions

Applicable scenario

• Website site / Application acceleration

Generally speaking, it is static Content acceleration , Static content acceleration , Such as ：html image js css etc.

• Video and audio on demand / Large file download distribution acceleration

Basically, they are all video on demand ,MP4、flv Wait for the video file , For example, Youku in China 、 potatoes 、 Tencent video 、 Iqiyi is the same .

• Live video speed up

Live video speed up , Streaming media slice 、 transcoding 、 Code stream conversion, etc .

Panda TV、 Fighting fish 、 Taobao live

• Mobile app acceleration

Move APP Update file （apk file ） distribution , Move APP Inside picture 、 page 、 Short video 、UGC And so on .

ios、 Android End APP 、 Wechat applet 、 Alipay applet, etc. .

Out of question

Traffic hijacking

Actually ,CDN It's a kind of DNS hijacked , It's just benign . It is different from hacker force DNS Resolve the domain name to your own phishing IP On ,CDN Let's DNS Take the initiative to cooperate , Resolve the domain name to a nearby server .

Hijacking usually falls into two categories ：

• Domain name hijacking , also called DNS hijacked , It usually refers to the domain name pointing to an abnormal IP（ malice IP）, The malice IP Through reverse proxy , When the normal content of the web page can be returned , Malicious code may be inserted 、 Monitor Internet users' access 、 Hijacking sensitive information . The usual way to verify whether a domain name has been hijacked is PING A domain name , If you find that PING Coming out IP Your server is not real IP, Then it can be determined that they have been hijacked （ Of course, if you use security acceleration platforms such as know Chuangyu cloud security , Got IP For the platform IP, Not hijacking ）
• The data was hijacked , Usually, some employees of telecom operators collude with criminals , Data support in the public network , Insert , This kind of situation is very hidden , Will not change the user domain name resolution IP, Instead, the direct data flows through the operator's broadband and enters the content in the web page , Such cases , It is recommended that the web page be enabled HTTPS encryption , Can solve this problem （ Communication is encrypted , Operators cannot insert malicious content ）

High imitation 、 Washing flow

CDN It can be done by shunting , Wash away from Ddos Most attacks .