Budget CDNs Bunny­CDN, Key­CDN, and CDN­Sun compared

Here is my quick comparison and micro-review of three budget content delivery networks (CDN) for speeding up your website’s page load times.

A content delivery network is a marketing phrase meaning “a service that provides caching servers located all over the world.” The idea being that your webpages will load faster if they’re located physically closer to the people that want to visit them. A content delivery network will request pages, images, and other assets from your origin server; store it on their own servers, and then deliver those cached copies to your visitors.

I’ll focus the review on how they perform as standard-compliant HTTP caching proxies (“pull CDN”), and not look into more specialized features. I’ll also not bother with performance as they’re all excellent, and there are already websites that specializes in daily automated testing of CDN performance.

All of these are budget options with low transfer costs. I’ll not include their actual transfer rates — it changes all the time and it’s practically the same for all providers. I’ll include their minimum yearly fee, which is the biggest price differentiator between the services and the least likely to change before tomorrow.

I’ll proceed to review each provider listed alphabetically. Coincidentally this also lists the best and cheapest provider at the top and the worst at the bottom.


BunnyCDN is very easy to set-up and use compared with CDNSun and KeyCDN. Their web dashboard has clear instructions and is neat and logically organized. There are some shortcomings such as the quite confusing Network Limit configuration, where you can set up per-IP bandwidth and connection limits.

Configuration changes take less than three minutes to apply.

The documentation is very sparse, and communication about service changes and features happens primarily on Twitter and Facebook (you won’t find the same information in both places). Despite this, BunnyCDN’s website is the best out of the bunch and the most informative.

Respects the origin’s Cache-Control header by default. When I first started evaluating BunnyCDN, they didn’t support RFC 5861 asynchronously. They enabled it after a quick email exchange. This allow you to set relatively short cache expiration times, but quickly serve old copies from the cache while the CDN updates their cached copy of pages and assets. Preserves but ignores the standard Vary header mechanism.

Provides free automated TLS certificates from Let’s Encrypt, or you can upload your custom certificates. The setup process only takes about a minute.

Bills on a pay-as-you-go model with minimum account charges of just 10 USD. Credits expire after one year, but unlike CDNSun and KeyCDN any remaining credits roll over into a new period when you add more account credit. BunnyCDN also accepts payments in Bitcoin through Coinify.

BunnyCDN advertise themselves as an “IPv6 Enabled CDN”. However, at least since to now in , no part of their service is in fact IPv6 capable. BunnyCDN’s service status page doesn’t mention any connectivity problems with IPv6 and just says “Hopping Smoothly. We aren’t detecting any problems with our network.”

Update (): BunnyCDN’s service status page now lists “IPv6 Maintenance” as a low priority issue.

I reached out to BunnyCDN regarding the IPv6 issues, and got a reply from Dejan Pelzel assuring me that “We are currently performing a maintenance of the IPv6 system to improve monitoring and performance.” Upon pressing him further for why this wasn’t considered to be service downtime, I got a follow up reply “While I would technically not consider it downtime […], it might alert people who aren’t familiar with IPv6 thinking that their site isn’t accessible at all.”

BunnyCDN has 22 POPs but non in Northern Asia. Continents are priced differently, and you can opt-out of individual continents (except South Africa which has no opt-out or price information) to limit costs. The company is based in the Slovenia.


CDNSun blocked my IP from accessing their entire website about 10 minutes after I signed up for a trial account. Blocking me from even obtaining information about how to contact their support department doesn’t seem like a good business practice and it didn’t leave a good first impression. I tried again a few days later, but was still blocked. Two weeks later, I switched ISP and was then finally able to sign up.

The web dashboard isn’t pretty but it’s easy to understand and you’ll be up and running in no time. CDNSun is more focused on video delivery than any of the other services. This can be beneficial if you’re looking for this, but it creates a lot of clutter in the web dashboard if you’re just looking for a pull CDN for webpages and media assets.

Configuration changes take about half a minute to apply, but CDNSun suggest it can “take up to 20 minutes” before changes apply globally.

The documentation is okay but is limited in technical details and seems to be incomplete.

Respects the origin’s Cache-Control header by default but doesn’t support the stale-if-error/stale-while-revalidate extension. This means performance on pages with shorter expiration dates can be degraded compared to a CDN provider that support this feature. Preserves but ignores the standard Vary header mechanism.

Update (): KeyCDN now supports asynchronous background revalidation.

Provides free automated TLS certificates from Let’s Encrypt, or you can upload your custom certificates.

Bills on a pay-as-you-go model with minimum account charge of 49 USD. Credits expire after one year. Pricing information is scattered on different pages. This seems to have been done to hide the minimum yearly charge from prospecting customers.

CDNSun doesn’t support IPv6.

CDNSun has 70 POPs including South Africa and the Middle East, and in the middle of Siberia (Northern Asia). Each POP is priced separately, and you can opt-out of individual POPs to limit your costs. The company is based in the Czech Republic.


When I first signed up for a free trial account, KeyCDN responded by immediately blocking my IP address from accessing the client dashboard. I submitted a support form on their main website, which I could still access, and it took them two attempts and as many days to unblock my IP address. After my account was unlocked, they also blocked my IP address again a few weeks later as I was tweaking some configuration. This time they unblocked my IP after roughly half an hour had passed. I don’t know what caused them to block me, but frankly — it wasn’t at all confidence inspiring.

KeyCDN’s web dashboard looks tidy at first, but it’s quite difficult to use. KeyCDN includes more inline documentation in the configuration interface than the other two combined. However, both the settings and their help texts are confusing. It’s unclear what effect each setting has, which is mostly caused by badly written copy.

Configuration changes take several minutes to apply.

KeyCDN has tons of documentation and blog posts filled with details about CDNs in general and caching. They also have a lot of pages which are clearly aimed at search engines and not written for people (repeated terms set in bold and included in pointless headlines on content-thin pages). The documentation is technically quite good but they don’t clarify whether they’re speaking in general terms or specifically about the capabilities of their own service. Again, this seem to be a strategy to attract search traffic more than an attempt at providing good documentation.

Account passwords must be 8–32 characters. This upper limit on password length may indicate that they store passwords in plain-text rather than following the best-practice of password storage by only storing a cryptographic hash of the password (which would have the same length regardless of the length of the actual password).

It doesn’t respect the origin’s Cache-Control header by default. The standard cache control mechanism should be the default way to control caching. The configuration required to make it support it’s complicated and frankly overly complicated to work out. KeyCDN only partially supports the stale-if-error/stale-while-revalidate extension, but only non-asynchronously — meaning some visitors will get slow page loads. Ignores and overwrite the origin’s Vary header.

Provides free automated TLS certificates from Let’s Encrypt, or you can upload your custom certificates. Setting up Let’s Encrypt requires quite a few extra steps including going back into different configuration and saving the configuration (unchanged) multiple times.

Bills on a pay-as-you-go model with minimum account charge of 49 USD. Credits expire after one year, and they’re very open about it prices. KeyCDN also charges extra if you want to see access logs, or if you configure more than 5 unique caches.

KeyCDN doesn’t support IPv6.

KeyCDN has 25 POPs but none in Africa (planned), or Middle East (planned), or Northern Asia. The company is based in Switzerland.


I already revealed that I preferred BunnyCDN before I got wound in the details. They’re been the CDN provider for this website for over a month already as you’re reading this!

Although I haven’t included prices in this article (they’d be out-of-date before I clicked ‘Publish,’) BunnyCDN won on feature support and price. At the time of publishing, for traffic in Europe and North America, BunnyCDN costs ¼ the price of KeyCDN — the second cheapest option.

BunnyCDN’s failure to own up to their IPv6 connectivity issue and failing to list it as a service outage is probably my biggest worry about their service. I want to know about problems, and they’ve a clear channel to communicate it through. IPv4 is slower on some mobile networks, and mobile performance. Seeing how none of the other CDN providers are offering IPv6 support, BunnyCDN gets points for at least trying even though they’re failing to live up to their advertised feature set.

CDNSun seems like a solid second option. Their lack of RFC 5861 support means they’ll be at a performance disadvantage to the other two for serving less popular pages and assets. They have three POPs in South America, three in Australia, one in New Zealand, and even in the middle of the populated parts of Siberia. They’ve got you covered where ever on Earth your visitors may be located. I’d not be surprised to see them open up of the first CDN service on the Moon and Mars colonies some day in the future — assuming they can roll out IPv6 by then.

I’m not sure what to say about KeyCDN. Their website is built to attract traffic from search engines at the cost of content quality and its ability to convey useful information, they charge extra for things the others include for free, and they just generally don’t leave a good impression. Their service works just as well as the two others, but there’s nothing about them that makes me want to be their customer.

I don’t know what alarm bells my account registrations triggered at KeyCDN or CDNSun. At any rate, I don’t appreciate being blocked by some automated process. Do they randomly block paying customers too? I just don’t know and neither companies were communicative about the incidents. I’m a heavy keyboard user and maybe I didn’t move my mouse cursor enough, or they didn’t like that I used a residential IP address. In any case, it can’t be good for their business to block prospecting new customers just as they’re signing up to become new customers.

I’ve made it through this entire article without making any bunny jokes. Here at the close I’ll recommend you hop along over to BunnyCDN if you’re looking for a cost effective CDN for a small to medium website. For ones, the cheapest option also appears to be the best option. (Oh, and they don’t block your IP for signing up to be a customer!)

P.S.: I do apologize to New Zealanders for leaving you out of the world map in the illustration.