System Design FAQ: Top Questions
58. How would you design a Content Delivery Network (CDN)?
A Content Delivery Network (CDN) caches and delivers static or dynamic content closer to users via a network of geographically distributed edge servers. CDNs help reduce latency, improve availability, and offload traffic from origin servers.
📋 Functional Requirements
- Serve static content (JS, CSS, images, videos)
- Geographically distributed caching
- Configurable cache expiration
- Origin fallback and purging
📦 Non-Functional Requirements
- Low latency and high throughput
- Scalability across regions
- DDoS mitigation and TLS support
🏗️ Architecture Components
- DNS-Based Routing: Edge selection using GeoDNS (e.g., Route 53, NS1)
- Edge Cache Nodes: NGINX, Varnish, or commercial CDNs like Cloudflare
- Origin Server: S3, GCS, or on-prem web servers
- Control Plane: Configuration management, invalidation APIs
🔁 Content Lifecycle
- User requests
https://cdn.example.com/logo.png - DNS resolves to nearest edge location
- Edge checks cache → miss → fetch from origin
- Cache response using TTL/header rules
- Subsequent requests served from edge
🛠️ Real-World NGINX CDN Config Example
http {
proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=1g;
server {
listen 80;
server_name cdn.example.com;
location / {
proxy_pass http://origin.example.com;
proxy_cache STATIC;
proxy_cache_valid 200 302 10m;
proxy_cache_use_stale error timeout invalid_header updating;
add_header X-Cache-Status $upstream_cache_status;
}
}
}
📄 Cache Invalidation Patterns
- Time-based expiration (Cache-Control, Expires headers)
- Manual purge via API or CLI
- ETag/If-Modified-Since support
📈 Monitoring Metrics
- Cache hit/miss ratio
- Origin fetch latency
- Throughput per region
- HTTP status distribution (2xx/4xx/5xx)
🔐 Security Features
- TLS termination at edge
- DDoS protection and rate limiting
- WAF (Web Application Firewall)
- Token-based signed URLs (e.g., for private video)
🧰 Tools and Infrastructure
- Edge Stack: NGINX, Envoy, Varnish
- Cloud CDNs: Cloudflare, AWS CloudFront, GCP Cloud CDN
- Analytics: Datadog, Prometheus, Grafana
📌 Final Insight
Designing a CDN involves edge distribution, intelligent caching, and secure content delivery. Use cache headers wisely, monitor hit ratios, and protect origins with edge-first principles.