Who Is Steering Internet Traffic? Understanding Opacity in CDN Replica Selection
In short:
- The traffic steering decisions that content delivery networks (CDNs) choose affect latency, resilience, and sovereignty..
- A recent study shows that DNS-based steering is the most common strategy used by content delivery networks, but providers do not always rely on a single steering mechanism and may use a combination of approaches.
- The results and open-source methodology provide a basis for classifying CDN strategies and enabling more informed discussions about accountability in Internet infrastructure.
Behind many website requests, especially those hosted by Content Delivery Networks (CDNs), is a largely unseen decision about which server will respond. That decision influences how quickly a page loads, whether data remains within national borders or travels abroad, and how resilient online services are during network disruptions.
In our study published at NINeS’26, we introduce a methodology to infer the mechanism behind that decision, known as replica selection, which has become one of the Internet’s quiet control points.
Why Understanding CDN Traffic Decisions Matters
CDNs run large distributed systems that place copies of content on servers around the world. When you open a site, the CDN has to decide which replica server should respond to your request. That may sound like a routine engineering choice, but it carries real consequences.
Replica selection affects latency, resilience, and even sovereignty, especially when requests from local users are steered through infrastructure in other countries. The problem is that these steering decisions are usually invisible outside the CDN itself, including to users, regulators, and even many network operators.
That opacity matters even more because the Domain Name System (DNS) ecosystem is becoming increasingly concentrated. For CDNs that rely on DNS-based steering, the resolver’s location serves as a proxy for the users. But centralized public resolvers can serve users across wide regions, making them an imperfect stand-in for where users actually are. As a result, the geographic position and policy choices of third-party DNS resolvers can influence where traffic goes.
In other words, the entity shaping a user’s experience may not be the user or even the user’s network, but an opaque combination of CDN logic and centralized DNS infrastructure.
Can We Infer How CDNs Steer Traffic?
To answer this question, we used RIPE Atlas probes as client vantage points and resolved the same CDN-hosted content through DNS resolvers at different geographic scopes, from nearby to far away. We then measured how the latency to the assigned server changed.
- DNS-based steering: latency distributions separate more strongly as resolver scope changes, because different resolver locations can lead to different replicas.
- IP anycast: the distribution remains largely unchanged because the same anycast IP is routed to a nearby instance regardless of resolver choice.
- Regional anycast falls in between: it tends to resemble IP anycast within a region, but looks more like DNS-based steering across regions.
We first validated this method on well-known providers. It correctly recovered Akamai as DNS-based, Cloudflare as anycast-based, and Edgio as regional anycast.
12 of 17 CDNs Use DNS-based Redirection
While the replica selection approaches of a few major providers are already fairly well understood, much less is known about the many regionally important CDNs.
We applied our methodology to 17 unique CDNs serving the top 1,000 websites across 19 countries, a set that covers about 66 percent of the world’s Internet users. These CDNs include both hyperscalers and regionally important providers such as Azion, Medianova, and NGENIX.
The central finding is: DNS-based steering still dominates. Across our dataset, 12 of the 17 CDNs used DNS-based redirection, and by delivered bytes, DNS-based systems dominated across most regions. That matters because, in practice, it means consolidation among resolvers can shape where traffic goes, how failures propagate, and how much control local networks retain.
| Location | Users (%) | DNS-based (%) | Anycast (%) | Regional Anycast ( | Mixed (%) |
|---|---|---|---|---|---|
| Europe | 60 | 27.6 | 41.4 | 2.6 | 28.4 |
| France | 1.1 | 27.5 | 38.5 | 3.9 | 30.2 |
| Germany | 1.5 | 30.8 | 42.2 | 1.6 | 25.4 |
| Russia | 2.3 | 9.9 | 63.1 | 0.6 | 26.4 |
| Spain | 0.8 | 44.5 | 27.4 | 3.1 | 25 |
| Turkey | 1.3 | 26.7 | 46 | 3.3 | 24 |
| United Kingdom | 1.2 | 28 | 33.8 | 3 | 35.3 |
| North America | 89.3 | 34.7 | 32.3 | 3.8 | 29.1 |
| US | 5.5 | 34.7 | 32.3 | 3.8 | 29.1 |
| South America | 60 | 35.5 | 33.1 | 1.4 | 30 |
| Argentina | 0.8 | 34.2 | 33.7 | 1.1 | 31 |
| Brazil | 3.3 | 35.7 | 33.1 | 1.8 | 29.5 |
| Asia | 70.1 | 26.3 | 43.8 | 1.8 | 28.1 |
| China | 18.8 | 48.1 | 30 | 1.3 | 20.6 |
| India | 15.5 | 28.1 | 40.1 | 0.8 | 31.1 |
| Indonesia | 3.9 | 13.6 | 53.5 | 2.7 | 30.2 |
| United Arab Emirates | 0.2 | 20.5 | 40 | 1.8 | 37.7 |
| Oceania | 75 | 40.1 | 27.1 | 1.8 | 30.6 |
| Australia | 0.4 | 40.1 | 27.1 | 1.8 | 30.6 |
| Africa | 50.1 | 56.7 | 26.1 | 0.9 | 16.4 |
| Algeria | 0.7 | 22.1 | 51 | 1.7 | 25.1 |
| Egypt | 1 | 16.9 | 55.4 | 0.3 | 27.4 |
| Ghana | 0.3 | 82 | 9.6 | 0.4 | 8 |
| Nigeria | 2.9 | 36.5 | 37.3 | 2.5 | 23.7 |
| South Africa | 0.6 | 14.3 | 52.9 | 0.9 | 31.9 |
| World Total | 66 | 40.9 | 33.6 | 1.7 | 23.9 |
By delivered bytes, DNS steering dominates globally, suggesting that heavier traffic more often relies on DNS-based selection.
We also found that providers do not always rely on a single steering strategy. Google, for example, showed a roughly even split between DNS-based and anycast behavior across the resources we studied. First-party services such as Google and YouTube tended to appear DNS-steered, while some third-party content hosted on Google infrastructure appeared more anycast-steered.
This shows that even within one provider, different services can be steered in different ways, differences that our methodology can distinguish without privileged access.
Why Does it Matter Which Steering Approach Dominates?
Because replica selection shapes more than performance alone. It raises questions about
- Resilience: Should so much rerouting power rest with a small number of resolvers and opaque CDN policies, and what does that mean for fault tolerance during network failures?
- Sovereignty: When regional or government traffic is steered abroad, what does that mean for jurisdiction and autonomy?
- Control: Does global anycast, while operationally simple, cede too much control to BGP, and do hybrid systems that mix DNS and anycast compound that opacity?
By turning replica selection into something measurable from the outside, our methodology provides a basis for classifying CDN strategies and enabling more informed discussions about accountability in Internet infrastructure. If we want meaningful discussions about accountability, digital sovereignty, and concentration in Internet infrastructure, we first need visibility into how steering actually works.
For more details on the methodology and results, read our paper.
Rashna Kumar is a final-year PhD candidate in Prof. Bustamante’s AquaLab research group in the Department of Computer Science at Northwestern University.
Contributors: Fabián E. Bustamante (Northwestern University), Marcel Flores (Netflix)
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of the Internet Society.
Photo by Eric Via Wikimedia Commons
