How to set up a global Geolocation DNS load balancing Varnish Cache Content Delivery Network with Bind9, geo-ip database, Varnish Cache and DigtalOcean. DIY High-Availability for your website!

I felt it was time to take Sysadmins of the North to the next level, it was time to expand with my own global DNS load balancing with Bind9 and Varnish Cache CDN. Here is how I set up my geo-location load balancing Varnish Cache HTTP reverse proxy CDN.

It's all for the fun, various configs are not advanced and may not be optimized.

Set up a global website, Varnish Cache and DNS presence

Most static content, like javascript and images, are offloaded through a CDN sub domain, which I conveniently called "". Content is offloaded using IIS Outbound Rules, or directly by DNS records.

By using a geo load balancing DNS set-up, based on Bind9, visitors are directed to the nearest Varnish Cache node. One is based in the US (New York) and one in the EU (Amsterdam, NL). You can easy expand this set up to other locations on the globe. Besides using IIS Outbound Rules to create a Content Delivery Network, you can also create your own CDN with PHP.

A set up like this makes the content physically closer and faster available to your visitors, increasing website loading speed (decreasing loading times).

Geo DNS load balancing and Varnish requirements

First you need some DigitalOcean droplets. I chose Debian 7 (Wheezy), one located in NYC2 and one in AMS2. The smallest instance will do fine for low traffic sites. After your droplets are created, log in as root and change your root password. Add a ordinary user and then disable sshd's PermitRootLogin.

Open up your sshd_config file

vi /etc/ssh/sshd_config

and change PermitRootLogin from yes to no:

PermitRootLogin no

and restart ssh.

Update your packages

apt-get update
apt-get upgrade

Install Bind9 on Debian Wheezy

Now it is time for you to install Bind 9 on your Debian Wheezy droplets. For this, follow the excellent chrooted bind9 with geodns under debian wheezy guide by Pawel Kudzia. This will set up GeoDNS too.

Varnish 4.0 installation on Debian Wheezy

Next, install Varnish 4.0 on your droplets, follow Varnish Caches installation on Debian guide to get you started. For CentOS, you may follow my post installing Varnish Cache on CentOS 6.7.

Create DNS zones

In /etc/bind you have to create a directory zones, and set the owner/permissions correct. Then create two zone files, for example:


Their contents:

; Zone file for
$TTL 14400 86400 IN SOA
2014102909 ;Serial Number
86400 ;refresh
7200 ;retry
3600000 ;expire
) NS 300 IN A
; Zone file for
$TTL 14400 86400 IN SOA (
2014102909 ;Serial Number
86400 ;refresh
7200 ;retry
3600000 ;expire
86400 ) NS 300 IN A

And don't forget your glue- and NS records, see the Bind 9 Administrator Reference Manual for more information on how to set up your zones.

Once you're satisfied with the zone files and Varnish Cache configuration, start bind 9 and varnish:

service bind9 start
service varnish start

Verify the Geo DNS results using and

Saotn global DNS network

Never copy/paste anything to put into production without testing.

References used for this post

This post and set up was inspired by the following articles (in no particular order):

Conclusion creating your global Content Delivery Network

Using the online available guides, some own ready to use knowledge and cheap DigitalOcean droplets, you can easily create your own global Content Delivery Network, or CDN. I created this set up in about one hour.

A global DNS load balancing set up like this, with a Varnish Cache back-end, makes content physically closer to your visitors and speeds up your website. They will like that :-)

Maybe this all is a bit too much for you. You can always use IIS Outbound Rewrite Rules or a PHP and .htaccess configuration to create an Origin Pull Content Delivery Network -or CDN- to offload content to different hostnames.

Donate a cup of coffee
Donate a cup of coffee

Thank you very much! <3 ❤️

1 Comment

Comments are closed