Traces what a CDN really does on a request: how anycast and BGP pick a point of presence, how the edge/shield/origin cache tiers fit together, how cache keys decide what is a hit, and where TLS terminates.
Traces how the same IP prefix advertised from hundreds of locations lets BGP route every user to a nearby instance, how DNS roots and CDNs use it, how failover works, and where TCP state breaks the model.
A reference on steering traffic through DNS answers: round-robin, weighted, latency and geo-based responses, health checks, EDNS Client Subnet, and the TTL and caching limits that make DNS an approximate load balancer.
Traces what a CDN actually puts in its cache key, how unkeyed headers and parser discrepancies turn a shared cache into an exploit delivery system, and the defenses that hold up against poisoning and deception.
A primary-source reference tracing how Cloudflare Workers, AWS Lambda@Edge and CloudFront Functions, and Fastly Compute isolate tenants, what their cold-start numbers actually mean, and which workloads each runtime can run.
Traces how large networks soak up terabit floods: anycast catchment that splits attack load across hundreds of sites, scrubbing-center diversion via BGP, RTBH and flowspec, and the capacity headroom that makes it pay.
Traces web cache deception from Omer Gil's 2017 PayPal disclosure through the 2020 and 2022 measurement studies to the 2024 delimiter research, and the defenses that actually close the cache-versus-origin gap.
A single-incident deep dive into the June 2024 Polyfill.io attack: the February domain sale, the conditional payload injected into hundreds of thousands of sites, the evasion logic that hid it, and the takedown that followed.
Traces Cloudflare from its Project Honey Pot origins and 2010 free-CDN launch through the 2019 IPO, Workers and the edge platform, bot management and Turnstile, to the 2025 pay-per-crawl move.
Traces the content delivery network from the flash-crowd problem and Akamai's 1998 MIT spinout, through Limelight, EdgeCast and CloudFront, to Cloudflare's free tier and the shift to programmable edge compute.