How to Build Scalable Internet Architecture with DNS, Load Balancing, and API Gateways

Overall Architecture

Clients (APP, PC, third‑party) obtain the load‑balancer IP via traditional LocalDNS or real‑time HttpDNS, then reach a unified access layer that maintains long connections. The API gateway serves as the entry point for micro‑services, handling protocol conversion, routing, authentication, traffic control, and caching. Business servers use PUSH for real‑time notifications and communicate via a proprietary RPC protocol, with NAT gateways for external services.

Domain Name Resolution

Traditional DNS

DNS translates domain names to IP addresses through a distributed directory service. The resolution process involves recursive queries to the ISP’s LocalDNS and iterative queries to obtain the final IP.

HttpDNS

HttpDNS sends DNS requests over HTTP, avoiding ISP LocalDNS hijacking and cross‑network issues. Compared with LocalDNS, HttpDNS offers higher speed, security (no hijacking), intelligence (accurate node selection), and reliability (multi‑region clusters with SLA >99%).

Load Balancing

Load balancers distribute traffic across multiple servers to solve single‑machine performance and single‑point‑failure problems. They perform health checks and remove faulty nodes to ensure high availability. Implementations include hardware (e.g., F5) and software solutions (LVS, NGINX, HAProxy) with L4 (transport‑layer) and L7 (application‑layer) modes.

L4 vs L7

L4 load balancing forwards packets based on transport‑layer information, while L7 terminates client connections, parses application‑layer requests, and proxies them to backend servers.

LVS Forwarding Modes

DR (Direct Routing): rewrites MAC address, requires servers in the same subnet and a VIP.

NAT: rewrites destination address; servers respond directly to clients.

TUNNEL: forwards packets via IP tunnel; servers return responses directly.

FULL NAT: performs source NAT for return traffic, allowing the balancer to operate without being a gateway.

Scheduling Algorithms

Round‑Robin

Weighted Round‑Robin

Least Connections

Hash

Consistent Hash (handles node changes with minimal redistribution)

API Gateway

The API gateway is a cluster that provides a single external entry point, encapsulating internal architecture and exposing REST/HTTP APIs. It also handles authentication, monitoring, load balancing, caching, and traffic control.

API Management

Supports full lifecycle: creation, maintenance, publishing, running, and decommissioning, with versioning and rollback capabilities.

Full Asynchronous Processing

Uses non‑blocking I/O and multiplexing (e.g., Netty+NIO, Spring WebFlux) to achieve high throughput with few threads.

Chain Processing

Implements a filter chain (responsibility‑pattern) for routing, protocol conversion, caching, rate limiting, monitoring, and logging.

Rate Limiting

Protects the system from overload; can be cluster‑wide (Redis) or single‑node (in‑memory). Common algorithms: counter, leaky bucket, token bucket (recommended).

Circuit Breaker & Degradation

When downstream services become unavailable or slow, upstream services stop calling them to preserve overall stability. Degradation can return cached data or fallback responses, applied at API, feature, or system level.

Business Isolation

Isolation is achieved via cluster isolation rather than thread‑pool isolation for Java services.

PUSH Notification

The push system supports multiple channels (Apple, Huawei, Xiaomi, FCM) and provides both console‑driven and server‑side integration. It handles device connection, registration, user binding, and message delivery, persisting messages for offline users and ensuring reliable delivery through retries and deduplication.

Microservice System

Illustrates a typical microservice architecture diagram (image).