CDN Performance Optimization for DeWu App: TLS 1.3 Upgrade and Monitoring

Background : The DeWu app experienced slow loading and stuttering for images and videos delivered via Alibaba Cloud CDN. Network latency between the client and CDN significantly impacted user experience.

Data Analysis : Ten CDN domains serve the app, with cdn.poizon.com accounting for 92% of traffic. Monitoring from 2021‑06‑17 to 2021‑06‑24 showed iOS connection times >600 ms (peak 779 ms) and Android >350 ms (peak 369 ms). TLS handshake time was the main bottleneck: iOS TLS >177 ms (32% of total) and Android TLS >80 ms (22% of total).

Problem Identification : Alibaba Cloud CDN only supported TLS 1.2, requiring a 2‑RTT handshake, which caused the high TLS latency.

Solution Idea : Upgrade the CDN TLS version to 1.3 to leverage 0‑RTT/1‑RTT handshakes and improve security.

Research : TLS 1.3 reduces handshake rounds, removes insecure algorithms (CBC, RC4, SHA‑1), and disables compression. Comparative diagrams show TLS 1.2 needing two round‑trips versus TLS 1.3 needing one.

Expected Benefits : Offline tests indicated iOS total connection time reduced by 18.26% and TLS time by 30.83%; Android total reduced by 28.7% and TLS by 26.6%. Overall online latency expected to drop ~10%.

Implementation Plan :

Add a mirror of cdn.poizon.com on Qiniu CDN (40% traffic weight) as a fallback.

On 2021‑06‑25 02:00, enable TLS 1.3 on Alibaba Cloud CDN.

Configure monitoring points for request error rate, total latency, TLS latency, and response size.

Rollback Plan : If issues arise, shift traffic back to Qiniu, disable TLS 1.3 on Alibaba Cloud, and gradually restore weight while monitoring metrics.

Verification : Release package testing, regression on main app flows (home, detail pages, video, live, order), and continuous monitoring of crash rates and CDN metrics.

Results : After enabling TLS 1.3, iOS total latency dropped from 281 ms to 237 ms (‑15%), connection latency from 704 ms to 574 ms (‑18%), TLS latency from 210 ms to 137 ms (‑34%). Android total latency dropped from 307 ms to 269 ms (‑12%), connection latency from 369 ms to 325 ms (‑12%), TLS latency from 83 ms to 71 ms (‑14%).

References : Links to TLS 1.3 overview, protocol analysis, TCP best practices, and HTTPS adoption guides.