![]() That’s great: it means fewer headaches and more uptime for you, the end user. ![]() whether or not it’s part of, say, a DDoS attack), and passes it on if the lava lamps say it’s okay. Whenever someone requests your site, Cloudflare intercepts that request, measures whether or not the request is legitimate (i.e. This is because Cloudflare enables an HTTP proxy by default. (Probably involves the lava lamps.) But it also means that if you’re used to connecting to your VPS using your domain, you’re going to wind up hanging. Trouble timeĬloudflare does a pretty complicated little ballet with your data as well, to keep attackers away and keep your site running. That means that when someone in Sheffield wants to visit your site, it doesn’t matter where you got your domain from, or where your original nameservers are located-you’ll be using Cloudflare’s nameservers in Britain. There’s no special data in Singapore or New Zealand that you won’t find on all of the other Cloudflare nameservers. But for whatever reason, every time someone wants to visit your site, they’ve got to pass through some nameserver on the other end of the globe before they even get the first byte out of your beautiful website banquet.Ĭloudflare, however, runs a network of nameservers all over the globe, and makes sure that they all keep in sync with one another. Remember when that one phonebook sent you all the way to Singapore and back? Well, maybe the company you bought your domain from owns a bunch of nameservers in Singapore because it’s cheaper or maybe they’re based in New Zealand for tax reasons. ![]() Specifically, they manage a set of nameservers (essentially, the computers that do the phonebook-lookup for you) that can handle your DNS lookup way faster than your generic out-of-the-box nameservers. But while all those DNS phonebook computers are talking to each other, you’ll just be sitting around looking at this:įortunately, Cloudflare hauls out their wall of lava lamps generating cryptographic entropy on the regular to help us out. You’re not just going to one phonebook: you’re going to look up a phonebook of phonebooks, and that phonebook will direct you to another phonebook, which will direct you to yet a third, master phonebook, which will send you on to another phonebook, but this one is in Singapore for some reason, and that phonebook will send you back to another phonebook in good ol’ Blighty, and so on and so forth.Ĭomputers are pretty good at this, and pretty fast, too, so you won’t be sitting around long. Check out Cloudflare’s great intro to DNS if you’re looking for the full scoop.īut so going to look up a site in the Big Internet Phonebook In the Sky (BIPIS) takes a hot second, since it’s actually more like the Big Library of Internet Phonebooks In the Sky. The prototypical explanation is that DNS is the phonebook of the Internet-it tells your computer where .uk, or, or can actually be found. But what do you know but a TLS handshake can actually be pretty expensive, time-wise.Īnd of course, no time-to-first-byte discussion can be complete without complaining about awful DNS lookup times. We also tend to be freaks about security, so we make sure to secure all of our sites with Let’s Encrypt certificates. Even though your data is moving at the speed of light, it takes a little time to send a bunch of data through the wires and down to your computer. For instance, physical distance from the server can introduce a not insignificant amount of latency into any page load. We’re speed freaks (the good kind).īut there are certain parts of the page loading process that are going to take time no matter what. We’re always looking at ways to speed up the sites that we build-whether we’re caching page requests, optimising assets by minifying and compressing, or lazy loading assets once a full paint has been performed. ) or at your server’s raw IP address (like 12.345.67.890). To get around this, you’ll have to access your server either at a custom subdomain not managed by Cloudflare (e.g. Cloudflare’s global DNS can significantly improve your DNS lookup and time to first byte, but it comes with the downside of filtering out all but HTTP(S) requests.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |