Content Delivery Network
On This Page:
F5® Distributed Cloud Content Delivery Network (CDN) is a geographically distributed set of highly efficient servers that cache and deliver static and dynamic content. The CDN servers are positioned close to end users, and work in concert to optimize delivery to end users.
CDN traffic is globally distributed to all Sites with a CDN Distribution. The CDN Control Plane routes end user requests to a geographically proximate and healthy node.
Support for TLS authentication with policy-based authorization on the CDN Distribution enforces end-to-end security of application traffic.
Origin health is constantly monitored to ensure optimal uptime.
Introduction to CDN
With Distributed Cloud CDN, you have the ability to leverage the Distributed Cloud network to distribute static and dynamic content.
A cache miss occurs when a client device makes a request to the CDN and the CDN cache does not have the requested content.
A cache hit occurs when the CDN cache has the requested content.
Content is delivered with lower Time-To-First-Byte (TTFB) on a cache hit because the CDN can immediately deliver the content to the end user without having to make an origin pull.
An origin pull occurs anytime the CDN server needs to pass a request to the origin server. This typically occurs on a cache miss. On an origin pull, the CDN will cache the content contained in the origin server's response.
Subsequent requests for the same content will result in a cache hit and lower latency for end users.
Static and Dynamic Caching to Reduce Latency
End to End Security
Distributed Cloud CDN supports multiple delivery and origin security capabilities. Support for TLS is available from Client to CDN as well as from CDN to Origin.
Domains TLS certificate can be securely hosted with F5 Distributed Cloud’s unique solution called Blindfold and/or integration to external secrets management solutions such as Hashicorp Vault.
Global Load Balancing
Global Scale – Optimum DNS-based request routing across global Geo-distributed Data-plane
Geo-based Load-balancing – Matching clients to the closest available edge nodes based on Geo proximity
Resource-based Load-balancing – Matching clients to available edge nodes based on edge node resource consumption policies on network, CPU and storage utilization
The F5 Distributed Cloud CDN service will honor the
cache-control header returned by your origin application. If
cache-control is not returned by your origin application, the CDN service does not consider the response cacheable. If this is not the desired behavior, it is recommended you set the cache control using the
Cache TTL option in CDN configuration. In case the cache control is set in the application header, the behavior is as follows:
- If the cache TTL is set to
Default Cache TTL, Configured Cache TTL is applied only if origin is not sending any Cache-control headers.
- If the cache TTL is set to
Override Cache TTL, that directive is applied irrespective of Cache-control header sent by origin.
Set-Cookie Response Header and Cache Control
In case the
set-cookie response header is set by the origin server, then CDN service treats it as a cache MISS regardless of the
cache-control directive set in origin's response or default/override TTL set on the CDN distribution.
set-cookie header indicates that the response pertains to a specific user and should not be cached and served to other users.
Note: In order for CDN service to cache the asset, the following are the required criteria:
- HTTP request methods must be one of
- HTTP response codes must be one of 200, 206, 301, or 302.
- Response must contain one of the cache directives
Content Revalidation & Purging
In case of content updates in your origin servers, you can force the CDN servers to fetch the updated content using the
purge option in the F5® Distributed Cloud Console (Console). This option enables the CDN service to initiate purge for all the cache servers. Purging manually does not immediately delete content, but marks content as expired. When expired content is requested, the CDN service performs a
HEAD request to the origin. If the CDN finds that the content time-stamp is not changed, the existing expired entry is marked as active. This prevents a re-fetch from the origin and saves time and bandwidth in redownloading the content.