Building an anycast DNS/CDN/WAF
It was 2012 and I was the head of the web department at a local small ad agency.
My friend from IRC told me about a company who rented VPS with a dedicated IP and root access for $5 a month. And, it only took 60 seconds to spin one up. This was nuts! I was getting a dedicated IP and root access in under 60 seconds. It usually took Nic Cage that long to boost a car.
That same year I discovered a CDN that was fairly new. They had a free plan. Free as in they didn't even ask for a credit card. Unlimited bandwidth?
This was nuts! I was still running Linux servers at home to host my websites. I was using Apache with VirtualHost blocks so I could have multiple domains on a single IP address. Now, it was so easy to spin up a new VPS and point this CDN at it, and my imagination was the only limit on what I could build.
I never did think of anything cool to build back then. But that's never stopped me from building and learning. I often build things out of frustration or curiosity. And, this time is no different. This time, I'm building because I was frustrated and curious.
I'm not the first person to build an anycast network. Lots of people do it. I wouldn't even say there is anything unique about mine. But, I've still decided to build one. Most of the current CDNs out there are either heavily tied into the cloud or unreliable. The only one I like is bunny.net. They began their journey as I'm beginning mine now.
My goal is to replace a CDN I've been using since 2012. I met the CEO once at Google's first AMP conference in NYC. In the Akamai building in London, I asked if they had heard of Bunny (they hadn't).
What I want is simple. I want DNS, caching, and a WAF on top of an anycast network. The control plane might be tricky, but I have a few ideas. I'll probably use BIRD, WireGuard, Caddy, Knot DNS, rqlite, prometheus, grafana, and maybe I'll write a little bit of Go.
I'll probably start off running this on VPS, maybe one day use some dedicated hardware. But, the great part about this, a VPS is still cheap. The VPS provider handles all of the hardware and transit costs. I'll start it off with an anycast DNS service for myself. Maybe, if others are interested, have some other people use it. Then, I'll add CDN caching/proxy'ing, and then a WAF. I just want something simple and reliable.
I got tired of providers changing the names of their products seven different times, promising they'll do better when they have a major outage, only to have another major outage a week later, then make another promise. Well, after 14 years, I'm getting off this ride.