Content Delivery Network (CDN)

A content delivery network (CDN) is a geographically distributed system of proxy servers and data centers that caches and delivers web content from locations physically close to end users, reducing latency, improving load times, and absorbing traffic spikes.

Definition

A content delivery network (CDN) is a distributed system of servers deployed across multiple geographic locations—called points of presence (PoPs) or edge nodes—that caches copies of static and dynamic content closer to end users than a single origin server could provide. When a user requests a resource (an HTML page, an image, a JavaScript bundle, an API response), the CDN routes that request to the nearest PoP, which either serves a cached copy or fetches the content from the origin server and caches it for subsequent requests.

The first CDN, Akamai Technologies, was founded in 1998 by MIT mathematicians seeking to solve the “flash crowd” problem—the tendency of popular web content to overwhelm origin servers. Today, CDNs serve an estimated 60-70% of all internet traffic, according to Cisco’s Annual Internet Report.

Why It Matters

Latency is the tax users pay for distance. A request from Tokyo to a server in Virginia traverses approximately 18,000 kilometers of fiber optic cable, incurring a minimum round-trip time of ~120ms due to the speed of light alone. Add TCP handshake, TLS negotiation, and server processing time, and the total page load latency easily exceeds 500ms.

Google’s research has consistently shown that each additional 100ms of latency reduces conversion rates by approximately 1%. Amazon reported that every 100ms increase in page load time costs roughly 1% of sales. Akamai found in 2024 that 47% of users expect a web page to load in 2 seconds or less, and 40% will abandon a page that takes more than 3 seconds.

CDNs collapse this distance penalty by placing content within 20-50ms of most users worldwide. Cloudflare’s network spans 310+ cities across 120+ countries. AWS CloudFront operates in 450+ PoPs. Fastly focuses on fewer but more strategic locations with higher compute capacity per PoP.

Beyond performance, CDNs absorb distributed denial-of-service (DDoS) attacks by distributing traffic across a network with aggregate bandwidth often exceeding 200 Tbps—far more than any single origin server could withstand.

How It Works

CDN operation combines several layers of technology:

Anycast routing: CDNs use Anycast DNS to route user requests to the geographically nearest PoP. Multiple servers share the same IP address; the network’s BGP routing protocols direct packets to the closest one.
Caching: Static assets (images, CSS, JavaScript, fonts) are cached at edge PoPs based on HTTP caching headers (Cache-Control, ETag, Last-Modified). Dynamic content can be cached using configurable rules or edge-side includes.
TLS termination: The CDN terminates the user’s TLS connection at the edge, eliminating the latency of establishing an encrypted connection to a distant origin. The CDN-to-origin connection uses a separate TLS session.
Origin shielding: To prevent cache stampedes (many PoPs simultaneously requesting the same uncached content from the origin), CDNs designate a shield server that aggregates origin requests.
Edge compute: Modern CDNs (Cloudflare Workers, Fastly Compute, AWS CloudFront Functions) allow custom code to execute at edge PoPs, transforming CDNs from passive caches into active compute platforms.

The evolution from passive cache to active compute platform is what makes CDNs relevant to privacy architecture—edge compute means data can be processed close to the user without traversing the public internet to a centralized data center.

Stealth Cloud Relevance

Stealth Cloud leverages Cloudflare’s CDN infrastructure not for caching (Ghost Chat content is never cached—every response is marked Cache-Control: no-store) but for proximity. By processing API requests at the nearest Cloudflare Workers PoP, Stealth Cloud minimizes the number of network hops between the user and the compute environment—reducing both latency and the number of intermediate systems that could inspect or log traffic.

This is the architectural basis of Stealth Cloud’s sub-200ms TTFB target. The user’s encrypted prompt travels to the nearest Cloudflare PoP (typically within the same city), is processed in a V8 isolate, forwarded to the LLM provider via Cloudflare’s backbone, and the response streamed back—all without the prompt ever traversing the open internet to a centralized cloud region.

The Stealth Cloud Perspective

A conventional CDN caches content to bring it closer to users. Stealth Cloud uses the CDN’s edge network to bring compute closer to users—so that data travels the shortest possible path, touches the fewest possible systems, and exists in transit for the shortest possible time. Proximity is a privacy property, not just a performance optimization.