Problem description
After you enable Alibaba Cloud CDN acceleration, your website may load slowly. Slow access can be caused by many factors. It is critical to analyze the root cause, optimize website performance, and resolve the issue. This topic describes how to perform these tasks.
Solution
Alibaba Cloud provides the following reminders:
If you perform risky operations, such as modifying instances or data, ensure that your instance has sufficient disaster recovery and fault tolerance capabilities to protect your data.
If you modify the configurations or data of instances, such as ECS or RDS instances, create snapshots in advance or enable the RDS log backup feature.
If you have submitted security information, such as login credentials, on the Alibaba Cloud platform, change the credentials immediately.
If your website loads slowly after you enable Alibaba Cloud CDN acceleration, follow the steps in this topic to resolve the issue.
Analysis approach
Before you start troubleshooting, you must understand how CDN acceleration works. For more information, see What is Alibaba Cloud CDN. This helps you identify the potential causes of the issue. In summary, CDN adds a layer of cache nodes to the existing network. It distributes the resources from your origin server to the node that is closest to the user. When a client requests a resource, the client accesses the nearest CDN node to retrieve the cached content. This reduces the number of origin fetches and improves website speed. The possible causes of slow access include the following:
Local network issues on the client, such as insufficient downstream bandwidth or an incorrect DNS configuration.
Poor network quality between the client and the CDN node, which results in high latency.
Abnormal CDN node behavior that causes slow responses.
Large resource size, which leads to long download times.
Poor network quality during CDN origin fetches.
Slow response from the origin server.
To narrow down the scope of troubleshooting, you must gather information about the symptoms. This is a crucial step.
First, determine whether the slow access affects all users, only specific users, or users in a specific region or from a specific ISP. Alibaba Cloud provides products such as Application Real-Time Monitoring Service (ARMS) and Cloud Monitor. You can use these products to deploy probes in specific regions or for specific ISPs to obtain more accurate diagnostic results.
If only a few users experience slow access, the issue is likely caused by their local networks.
Check whether the affected users are located in a specific area. For example, if many China Mobile users in a city report slow access but China Unicom and China Telecom users in the same city do not, the issue may be related to the ISP in that region. You can use a diagnostic tool to run probes from that location.
If all users experience slow access, the issue is likely caused by the origin server or a configuration. It is highly unlikely that all CDN nodes or networks fail at the same time. For example, you can check whether the acceleration region is misconfigured, whether requests are for dynamic or uncacheable content, or whether the origin server responds slowly.
Determine whether slow or abnormal requests are served from the CDN cache.
If a request hits the CDN cache, an origin fetch is not required. The CDN node returns the cached data directly to the client. In this case, the origin server is not involved.
If a request misses the cache, you must check whether the slowdown occurs between the client and the CDN node or at the origin server.
Key metrics
In addition to standard monitoring metrics, CDN acceleration involves scenario-specific indicators. You can track these metrics to evaluate CDN performance and optimize your business configurations. For more information, see CDN key metrics.
Information gathering
A complete HTTP request follows this sequence: DNS resolution > TCP connection > SSL handshake (for HTTPS) > client request > server response. A deep understanding of this process helps you analyze issues. You must gather the following information from the client.
Obtain the client network status and the IP address of the CDN node
You can run the ping command to test the accelerated domain name. This lets you verify that the domain name is correctly resolved to a CDN node and check the network connectivity and latency between the client and the CDN node. If the ping command fails, you can perform link diagnostics. For more information, see Link diagnostics methods.
Obtain the client IP address and LocalDNS
CDN node scheduling relies on the client's LocalDNS. Make sure that the client uses the correct LocalDNS for its region and ISP. You can visit the Ali Kunlun User Diagnostic Tool to obtain the client's IP address and DNS settings.
Identify the URLs of slow-loading resources
You can open the developer tools of your browser, go to the Network tab, enter the URL, and then review all HTTP requests. Click the Time column to sort the requests by duration and identify slow-loading resources. In the Domain column, you can find the URLs of slow-loading resources under your CDN-accelerated domain name.
Typically, a website loads many resources. Some URLs may not be accelerated by CDN. If resources that are not accelerated by CDN load slowly, the entire page appears to load slowly even if CDN-accelerated resources load quickly. You can sort the requests by time to identify the exact URLs of the slow-loading resources.
Obtain the HTTP request and response headers
In the Network tab, click the Name of the slow request. In the Headers section, you can view the General, Response Headers, and Request Headers sections. These headers indicate whether the request is for a static resource and whether the request hit the cache.
If the issue occurs on a mobile 4G connection, capturing packets on the mobile phone may be difficult. In this case, you can enable a mobile hotspot and connect a PC to the hotspot. Then, you can obtain diagnostic information from the PC.
Obtain the HTTP request Timing data
The Timing tab shows the time spent in each phase of the request lifecycle.
Common cases
After you understand the principles of CDN acceleration and the HTTP request process, you can combine the observed symptoms with the client-side data to identify or locate issues. The following sections describe common scenarios.
Case 1: Poor network quality between client and CDN node
When a client runs the ping command to test the accelerated domain name, the client may observe high latency or packet loss. You must obtain the client's IP address, DNS settings, ping results, and MTR screenshots. Because CDN scheduling uses the client's DNS, this data helps you verify whether the scheduling is correct. The ping and MTR results show where latency occurs in the network path. The following sections provide two examples.
Incorrect acceleration region configuration
Users in the Chinese mainland are routed to nodes outside the Chinese mainland, or users outside the Chinese mainland are routed to nodes in the Chinese mainland. Examples are provided below.
In this case, you must set the acceleration region to Global.
If the acceleration region is set to Mainland China Only, users outside the Chinese mainland are routed to CDN nodes in the Chinese mainland.
If the acceleration region is set to Global (Excluding Mainland China), users in the Chinese mainland are routed to CDN nodes outside the Chinese mainland.
Incorrect client DNS configuration
Clients must use DNS servers that match their region and ISP.
A China Mobile user in Guangdong that uses a China Unicom DNS server is routed to a China Unicom CDN node. This increases the network distance.
A China Mobile user in Guangdong that uses a Harbin Mobile DNS server is routed to a Harbin Mobile CDN node. This increases the network distance.
If both the acceleration region and DNS settings are correct but the network quality is still poor, you can obtain traceroute and MTR data for further diagnosis.
Case 2: Low cache hit ratio or frequent origin fetches
In static resource acceleration scenarios, CDN caches static content on the node that is closest to the client. Users can retrieve resources directly from the cache. This avoids long-distance origin fetch paths. A low cache hit ratio increases the load on the origin server and reduces the acceleration efficiency for static resources. The cache hit ratio directly affects user experience. Therefore, achieving a high cache hit ratio is a core goal of CDN. You must optimize configurations based on the specific causes of a low cache hit ratio. For more information, see Improve the cache hit ratio of Alibaba Cloud CDN. You can check the X-Cache field in the CDN response header to verify whether a request hits the cache.
X-Cache: MISS indicates that the request missed the cache and an origin fetch was required. HIT indicates that the request hit the CDN cache and the cached data was returned.
X-Swift-CacheTime: This field indicates the period of time that the file can be cached on the CDN node. A value of 0 indicates that the requested content cannot be cached.
The following sections describe the symptoms and optimization strategies for low cache hit ratios or frequent origin fetches:
The first-time access to a resource is slower than direct access to the origin server. This is because the CDN node does not have the resource and must first retrieve it from the origin server. You can use the URL prefetch feature to preload content onto CDN nodes. For more information, see Purge and prefetch resources. This ensures that first-time users can hit the cache, which improves the loading speed.
Resources with low traffic have low popularity. CDN nodes are shared among all users. Cache rules define the maximum cache duration. If your accelerated domain name has low traffic, files may be evicted early based on their popularity. Popularity is defined by access frequency. Files with low popularity are removed from the cache sooner.
A poor cache configuration with a short cache duration leads to frequent origin fetches.
If you do not configure custom cache rules, static files that do not have ETag or Last-Modified response headers cannot be cached. To resolve this issue, you can add these headers at the origin server or configure CDN cache rules. For more information, see Configure cache rules.
If you do not configure custom cache rules, CDN uses the default policies. For more information, see Default cache rules of Alibaba Cloud CDN and their priorities. The default cache durations are short, for example, 3,600 seconds or less. This causes frequent expiration and origin fetches. You must set appropriate cache durations based on your business needs.
If the origin server sends Cache-Control headers that disable caching, such as s-maxage=0, max-age=0, no-cache, no-store, or private, or a Pragma: no-cache header, CDN ignores your cache rules because the headers have a higher priority. You must modify these headers at the origin server to cacheable values, such as Public. For more information, see Configure an NGINX HTTP caching policy and Configure an Apache caching policy.
URLs with variable parameters: If resource URLs include changing parameters, CDN treats each unique URL as a new request, even if the URLs point to the same file. This triggers unnecessary origin fetches. You can enable parameter filtering. For more information, see Ignore parameters.
Range origin fetch for large files: For large files, you can enable range origin fetch to optimize origin retrieval. For more information, see Configure range origin fetch.
Case 3: Slow dynamic requests
If slow requests are for dynamic content, each client request must be sent to your origin server to generate real-time data. CDN cannot cache dynamic content. Therefore, CDN does not provide acceleration benefits and only forwards requests to the origin server. If your website or application has many dynamic elements, such as API operations, you can consider the following solutions:
Separate static and dynamic content. You can use a CDN-accelerated domain name for static resources and a separate domain name that points directly to the origin server for dynamic requests.
Use Dynamic Route for CDN (DCDN) to accelerate dynamic requests. For more information, see What is DCDN?. Note: DCDN accelerates dynamic requests using Layer 4 routing and transmission optimizations to reach your origin server faster. However, if your origin server responds slowly, you must optimize the origin server.
Case 4: Slow cross-border origin fetches
If your origin server and primary users are in different countries, CDN origin fetches may be affected by undersea cable capacity limits and public network congestion. This can cause unstable origin fetch quality, slow content retrieval, and high failure rates, which affects CDN caching and delivery. To resolve this issue, you can integrate Global Accelerator (GA) to accelerate your origin server for specific countries and then configure region-specific CDN back-to-origin policies.
Depending on your origin server type, you can see the following topics to configure GA acceleration:
Accelerate ECS origin servers. For more information, see Use GA with CDN to accelerate origin fetches.
Accelerate ALB origin servers. For more information, see Use GA to accelerate ALB backend applications.
Accelerate OSS origin servers. For more information, see Access OSS using transfer acceleration.
Case 5: Slow homepage loading
When a client accesses http://www.example.com/, the browser requests the homepage. After the request is successful, the server returns HTML code. The browser then requests additional resources, such as images, JS files, and CSS files, that are referenced in the HTML code. If the homepage is dynamic or uncacheable, every request triggers an origin fetch. A slow origin server causes slow homepage loading, which is displayed as a long Pending state in the Network tab. To verify whether a request hits the cache, see Case 2: Low cache hit ratio or frequent origin fetches.
In this scenario, the homepage request remains in the Pending state until data is returned. After the homepage is loaded, static resources are loaded quickly.
Case 6: Large website resources
If your website loads large resources, you can enable performance optimization for your accelerated domain name. For more information, see Performance optimization. This feature can reduce file sizes and improve acceleration efficiency and page readability. The following file formats are supported for intelligent compression: text/html, text/xml, text/plain, text/css, application/javascript, application/x-javascript, application/rss+xml, text/javascript, image/tiff, image/svg+xml, application/json, and application/xmltext.
Case 7: Slow access for users of a specific ISP in a region
Sometimes, affected clients have common characteristics. For example, many China Mobile users in a city report slow access during a specific period, whereas China Unicom and China Telecom users do not. This issue is likely related to the local ISP network or the CDN node that serves that region. You can start troubleshooting by obtaining ping data from affected users to check the latency between the client and the CDN node.
In addition, you can bind your test machine to the IP address of the CDN node that is reported by users and run tests. This is similar to binding the test machine directly to the origin server, but you use the IP address of the CDN node instead. Before you run tests, verify whether the node itself responds slowly. If the node responds slowly, check whether requests hit the cache and check the resource size. Then, analyze the issue based on the preceding cases. If you cannot identify the issue, you can submit a ticket to Alibaba Cloud.
Applies to
CDN
DCDN