โš ๏ธ This guide is AI-generated and may contain inaccuracies. Always verify against authoritative sources and real-world documentation.
Home โ†’ System Design โ†’ CDN & Content Distribution

๐ŸŒ CDN & Content Distribution

Geographically distributed network of edge servers that cache content close to users. Reduces latency, offloads origin servers, and improves availability for global audiences.

Easy-Medium High Frequency

Architecture Diagram

ORIGIN SERVER S3 / App Server CDN Edge Network Edge US-West ๐Ÿ“ San Francisco Edge EU ๐Ÿ“ Frankfurt Edge Asia ๐Ÿ“ Tokyo User A Cache HIT โœ“ User B Cache MISS โœ• User C Cache HIT โœ“ ~5ms MISS Fetch origin ~8ms Pull CDN

How It Works

A CDN places edge servers in data centers around the world. When a user requests content, DNS routes them to the nearest edge server. If the content is cached (HIT), it's served immediately โ€” ~5ms instead of ~200ms from a distant origin. On a cache MISS, the edge fetches from the origin, caches it, and serves subsequent requests locally.

Pull vs Push CDN

Pull CDN

Edge fetches from origin on first request (cache miss), then caches locally. Simpler to manage โ€” no need to pre-upload. Most common model. Works great for long-tail content. Examples: CloudFront, Cloudflare, Fastly.

Push CDN

You explicitly upload content to CDN edge nodes. Used for large, predictable files (video, software updates). More control over what's cached where, but requires upload pipeline. Example: Netflix Open Connect pre-fills OCAs overnight.

Content Types

  1. Static content โ€” Images, CSS, JS, fonts, videos. Perfect for CDN. Long cache TTLs (hours to days). Use versioned URLs (app.v2.js) for instant invalidation.
  2. Dynamic content โ€” API responses, personalized pages. Harder to cache. Use edge computing (Cloudflare Workers, Lambda@Edge) to compute at the edge.
  3. Streaming media โ€” Video chunks served from edge. Adaptive bitrate: client requests quality based on connection speed.

Cache Invalidation Strategies

Updating content cached at 200+ edge locations is the hardest part of CDN management:

  • Versioned URLs โ€” app.abc123.js โ€” new version = new URL, no invalidation needed. Best approach.
  • TTL-based โ€” Content expires after a set time. Simple but imprecise โ€” users may see stale content until TTL expires.
  • Purge API โ€” Explicitly invalidate specific URLs or patterns. Takes seconds to propagate across all edge nodes.
  • Origin Shield โ€” Mid-tier cache between edge and origin. Reduces origin load during cache misses and simplifies invalidation.

Key Design Decisions

โšก

Pull vs Push: Pull is simpler โ€” content is fetched on demand. Push gives control but requires upload pipelines. Use pull for web assets, push for large media (video catalogs). Netflix uses predictive push โ€” ML predicts regional popularity and pre-fills edge nodes overnight.

๐Ÿ”„

TTL length: Long TTL (24h+) = better cache hit rate, staler content. Short TTL (5min) = fresher content, more origin hits. The answer: long TTL + versioned URLs for static assets, short TTL for dynamic content.

๐Ÿ›ก๏ธ

Origin Shield: Without it, a cache miss at each of 200 edge nodes means 200 requests hit origin simultaneously. Origin shield adds a mid-tier cache โ€” edge nodes fetch from shield, shield fetches from origin once. Reduces origin load by 10-50ร—.

๐Ÿ”’

Private content on CDN: Signed URLs or signed cookies restrict access. CloudFront signed URLs expire after a set time. Don't cache user-specific content on shared edge nodes without proper access controls.

When to Use

CDN should be part of almost every system design that serves content to users. Mention it early when discussing global scale.

  • "Design an image-sharing app" โ€” CDN for all uploaded images, thumbnails at multiple resolutions
  • "How do you handle users worldwide?" โ€” CDN for static assets, multi-region for dynamic content
  • "How do you handle viral content?" โ€” CDN absorbs the spike; origin is protected by cache
  • "How do you reduce latency?" โ€” CDN cuts 100-300ms by eliminating cross-continent round trips

Interview signal: The interviewer wants to see you can separate static from dynamic content and understand the tradeoff between cache freshness and origin load.

Real-World Examples

  • Netflix Open Connect โ€” Built its own CDN. ~18,000 servers inside ISP data centers across 175+ countries. Serves 100% of video from edge, zero origin hits during playback. Uses predictive push: ML pre-fills content during off-peak hours.
  • Cloudflare โ€” 300+ edge locations. Runs JavaScript at the edge (Workers) for dynamic content. Discord uses Cloudflare for DDoS protection + edge caching.
  • AWS CloudFront โ€” 400+ edge locations. Integrates with S3, Lambda@Edge for compute at edge. Signed URLs for private content distribution.
  • Akamai โ€” One of the oldest CDNs. Powers ~30% of global web traffic. Handles delivery for major media companies, game publishers, and software update distribution.

Back-of-Envelope Numbers

Metric Value
Latency from CDN edge (same region)~5โ€“20 ms
Latency from origin (cross-continent)~100โ€“300 ms
Cache hit rate (popular content)95โ€“99%
Netflix OCA storage per server100โ€“280 TB SSD
Netflix peak global traffic~500 Tbps
CloudFront edge locations400+
Cache invalidation propagation~5โ€“30 seconds globally
CDN bandwidth cost (typical)$0.02โ€“0.08 per GB