How does Cloudflare DNS / CDN work?
When I do a DNS lookup for google.com from various locations, I get different IP addresses -- DNS load balancing. When I do DNS lookup for my website hosted on Cloudflare from different locations, I expected to see the same thing. I expected to get the IP of a Cloudflare edge server near my location (which would then reverse-proxy to my origin server). But this is not what I see. DNS lookup is always giving me the same IP address 104.31.79.208 regardless of where I do DNS lookup from. And geo-IP lookup tools do not agree on where this IP is located. Can someone explain what is happening here?
Google
It's called Anycast. Basically, you can publush multiple routes for one IP address. Your router wants to route a packet to 1.2.3.4, so it sends it along whatever route it's told is shortest. It just happens that there are multiple routers on the internet that claim to have short routes to that address, so your router will send packets to whichever is closest, without realising that some of the available routes to that address actually go to completely different pieces of hardware.
Thanks!
Yes. They use ECMP protocol.
Anycast. Source: I work here
Cloudflare relies on the DNS to allow them to manage your internet traffic. That way they can guide all traffic through their network, mask your origin servers (that's how they secure your website wherever your main server/s are located in the world), and spread your content around the world so your origin servers does not need to. It runs on an Anycast architecture like others have mentioned here. Akamai, one of Cloudflare's competitors uses Unicast. Amazon started their CDN copying Cloudflare's Anycast architecture and calling their product, Cloudfront. https://blog.cloudflare.com/a-brief-anycast-primer/ https://www.cloudflare.com/learning/cdn/glossary/anycast-network/
I don't know much about DNS but if I had to guess, Google might be giving you the optimal IP, maybe updating their dns cache for subsequent requests in the background while Cloudfare gives you back the same cached IP with typical ttl
A basic website might have all of its traffic going to 1 server with 1 IP address. Because Cloudflare is a CDN, they should be routing traffic to nearby edge servers, not one central origin server. So we see (as other poster explained) that there isn't always a 1:1 relationship from IP to server
Thanks