• Home
Home
Anti-DDoS CDNStatic & dynamic acceleration, edge scrubbingAnti-DDoS IP forwardingL4 forwarding with protected IPsSDK game shieldClient SDK for gaming workloadsAnti-DDoS serversDedicated compute with high availabilityLearn more
Gaming solutionLow latency + protectionFinancial solutionCompliance & scrubbingLive streaming solutionPush/pull at the edgeBlockchain solutionWeb3 infra protectionExplore
DocumentationAPIs & onboardingHelp centerFAQs & ticketsBlog & newsUpdates & best practicesGlobal speed testMulti-region performance checksTag cloudTopic map across the siteOpen docs
AboutMission & visionCareersHiringPartnersEcosystemContactSales & supportContact us

Documentation

  • Introduction
  • Best Practices
Docs/Domain Management/Origin Configuration

Origin Configuration

速盾网络 Team
Docs

On this page

No outline

Share

𝕏fin

Enterprise CDN & acceleration with AI-driven monitoring and full-spectrum, real-time DDoS/CC protection. Trusted by tens of thousands of companies for fast, secure, and reliable content delivery and DDoS mitigation.

Product

  • Anti-DDoS CDN
  • Anti-DDoS IP forwarding
  • SDK game shield
  • Anti-DDoS servers

Solutions

  • Gaming solution
  • Financial solution
  • Live streaming solution
  • Blockchain solution

Resources

  • Documentation
  • Help center
  • Blog & news
  • Global speed test

Company

  • About
  • Careers
  • Partners
  • Contact

© 2026-2028 sudun.com 保留所有权利

  • Privacy
  • Terms
  • Cookies

Origin Configuration

The origin server is where your actual content resides. Sundun fetches content from your origin and caches it at edge locations worldwide. This guide covers origin server configuration options.

Understanding Origin Servers

code
User → Sundun Edge (cache) → Origin Server (your server) ↓ Cache HIT: Serve from edge Cache MISS: Fetch from origin

Your origin server can be:

  • A web server (Apache, Nginx, IIS)
  • A cloud provider (AWS, GCP, Azure)
  • An object storage service (S3, GCS, Azure Blob)
  • A load balancer or API gateway

Adding an Origin Server

  1. Go to Domains → Select your domain
  2. Navigate to Origin tab
  3. Click Add Origin

Origin Settings

SettingDescriptionExample
Origin AddressIP address or hostnameorigin.example.com or 203.0.113.50
Origin PortHTTP/HTTPS port80, 443, or custom
Origin ProtocolHTTP or HTTPSHTTPS recommended
WeightLoad balancing weight1-100

Origin Address Types

Hostname Origin

Use a domain name for your origin:

code
Origin: origin.example.com

Advantages:

  • Easy to update (just change DNS)
  • Supports multiple backend IPs
  • Works with load balancers

DNS Requirements:

  • Origin hostname must resolve to your server IP
  • Cannot be the same as your accelerated domain

IP Address Origin

Use a direct IP address:

code
Origin: 203.0.113.50

Advantages:

  • Faster resolution (no DNS lookup)
  • More predictable routing

Considerations:

  • Requires manual update if IP changes
  • No automatic failover

Origin Protocol

HTTPS Origin (Recommended)

code
Edge Server ──HTTPS──▶ Origin Server

Configure HTTPS origin:

  • Port: 443 (default) or custom
  • Certificate: Valid SSL certificate on origin
  • Verification: Enable certificate validation

HTTP Origin

code
Edge Server ──HTTP──▶ Origin Server

Warning: HTTP origins transmit data unencrypted between edge and origin. Only use for non-sensitive content or when origin is on a private network.

The Host header tells your origin which site is being requested. Configure this when:

  • Your origin hosts multiple websites
  • Your origin expects a specific hostname
  • You're using shared hosting

Host Header Options

OptionBehavior
Accelerated DomainSends the user's requested domain
Origin DomainSends the origin server hostname
CustomSends a custom hostname you specify

Example:

code
User requests: www.example.com Origin server: origin.example.com # Option 1: Accelerated Domain Host: www.example.com # Option 2: Origin Domain Host: origin.example.com # Option 3: Custom Host: backend.example.com

Origin Timeouts

Configure timeout values for origin connections:

TimeoutDefaultRangeDescription
Connect5s1-60sTime to establish TCP connection
Read30s1-300sTime to receive response
Send30s1-300sTime to send request

Configuring Timeouts

json
{ "origin": { "connect_timeout": 5, "read_timeout": 60, "send_timeout": 30 } }

Tip: Increase read timeout for APIs that perform heavy processing.

Multiple Origins (Load Balancing)

Configure multiple origin servers for high availability:

Round Robin

Distribute requests evenly across origins:

code
Origin 1: 203.0.113.50 (weight: 50) Origin 2: 203.0.113.51 (weight: 50)

Weighted Distribution

Send more traffic to faster servers:

code
Origin 1: 203.0.113.50 (weight: 70) ← 70% of traffic Origin 2: 203.0.113.51 (weight: 30) ← 30% of traffic

Primary/Backup (Failover)

Use backup origin when primary fails:

code
Origin 1: 203.0.113.50 (primary) Origin 2: 203.0.113.51 (backup)

Health Checks

Monitor origin server health to route traffic away from unhealthy servers:

Health Check Configuration

SettingDescriptionDefault
PathURL path to check/health
IntervalCheck frequency30 seconds
TimeoutResponse timeout5 seconds
ThresholdFailures before unhealthy3

Health Check Response

Your origin should return:

http
HTTP/1.1 200 OK Content-Type: text/plain OK

Any 2xx response marks the origin as healthy.

Origin Shield

Origin Shield adds an additional caching layer between edge servers and your origin, reducing origin load:

code
User → Edge PoP → Origin Shield → Origin Server

Benefits

  • Reduces origin requests by 90%+
  • Protects origin during traffic spikes
  • Improves cache hit ratio

Enabling Origin Shield

  1. Go to Origin → Origin Shield
  2. Select shield location (choose closest to your origin)
  3. Click Enable

Recommended Shield Locations:

Origin LocationShield Location
US EastWashington DC
US WestLos Angeles
EuropeFrankfurt
Asia PacificSingapore

Origin Pull Configuration

Follow Redirects

Configure how Sundun handles origin redirects:

OptionBehavior
DisabledReturn redirect to user
EnabledFollow redirect at edge

Request Headers

Add custom headers to origin requests:

code
X-Forwarded-For: Client IP address X-Real-IP: Client IP address X-Forwarded-Proto: https X-Sundun-Request-ID: Unique request identifier

Preserve Query String

Forward query parameters to origin:

code
# Enabled (default) User: /page?id=123 Origin: /page?id=123 # Disabled User: /page?id=123 Origin: /page

Object Storage Origins

Amazon S3

code
Origin Address: bucket-name.s3.amazonaws.com Origin Protocol: HTTPS Host Header: bucket-name.s3.amazonaws.com

S3 Bucket Policy:

json
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::bucket-name/*", "Condition": { "IpAddress": { "aws:SourceIp": ["Sundun IP ranges"] } } }] }

Google Cloud Storage

code
Origin Address: storage.googleapis.com Origin Protocol: HTTPS Path Prefix: /bucket-name

Troubleshooting

502 Bad Gateway

Origin server is unreachable:

  1. Verify origin IP/hostname is correct
  2. Check firewall allows Sundun IPs
  3. Confirm origin server is running
  4. Test origin connectivity directly

504 Gateway Timeout

Origin server is too slow:

  1. Increase read timeout settings
  2. Optimize origin response time
  3. Enable origin shield to reduce load

SSL Handshake Failed

Certificate issues with HTTPS origin:

  1. Ensure origin certificate is valid
  2. Check certificate chain is complete
  3. Verify certificate matches origin hostname

API Reference

Configure origin via API:

bash
# Get origin configuration curl -X GET https://api.Sundun.com/v1/domains/example.com/origin \ -H "Authorization: Bearer YOUR_API_KEY" # Update origin curl -X PUT https://api.Sundun.com/v1/domains/example.com/origin \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "origins": [{ "address": "origin.example.com", "port": 443, "protocol": "https", "weight": 100 }], "health_check": { "path": "/health", "interval": 30 } }'

Need help with origin configuration? Contact support@Sundun.com