Neat Technical Project Idea (Personal Project)

[Roy 10,832 / 0]

Hey everyone,

 

I just wanted to share an idea for a project I'm probably going to be working on in the future.

 

As many of you know, Bifrost is a huge project Dreae and I are working on. This will be a firewall that supports features such as forwarding traffic and blocking specific (malicious) traffic via BGP Flowspec (so the upstreams filter the attack instead of our POPs). With that said, we will be implementing a module-like system. But what will be neat is Dreae and I also plan on making our own programming language for writing these modules. While this will be additional work, it is very good experience to obtain and it's very interesting to me. I've been reading up on how to create your own programming language and there are many open source guides out there that includes source code such as this article. I'm also thinking about buying this book. We're likely going to be making a compiled programming language since performance is obviously the most important for packet processing, etc. However, I need to confirm with Dreae. We can also make this compiled language using an existing compiled language such as C or C++ which is even better (gain more experience in C while making the new programming language for example).

 

Anyways, with the above said, I also want to implement a very flexible API with Bifrost. This leads to another idea for a personal project I have. Once Bifrost is finished, I'd like to buy my own personal /24 IPv4 block, setup two small VPSs (e.g. one in North America while the other in Europe), and setup my own Anycast network. The POPs will be running Bifrost and I'd like to make a website that'll act as a demo. In this demo, users will be able to securely sign up and if they reach out to me, I can give them credits that'll allow them to setup either a protected IP or a website.

 

For the protected IP, the user will be able to setup forwarding rules that'll utilize Bifrost's forwarding module API. This part should be more simpler since it's simply just sending POST/PUT/DELETE requests to the Bifrost API to add/remove forwarding rules and this should all be done securely (over HTTPS/SSL).

 

In regards to the website packages, this is where it gets fun. I'd really like to make it so when a user orders a website, it gives them basic SFTP access to the site's files. I'd also like to use Kubernetes and setup a container within a cluster for each website for security and scaling. With that said, each POP on the Anycast network would serve all static files like images, CSS, and JavaScript which will operate like a CDN. The actual server-side scripts should be deployed on one of the VPSs as well.

 

Again, this would all be a demo website. However, it could turn into something bigger if development goes well.

 

My main goal with this is to gain experience with Kubernetes along with setting up my own CDN and load balance traffic. Perhaps down the line, I can try to find out how to setup high availability (so each POP would serve the server-side scripts so if one POP goes down, the other will pick everything back up). I'd also like to setup MySQL/SQL for high availability under this network too. This also gives me the opportunity to do a lot more with BGP without fearing I could bring a production network offline (such as GFL's, since that's the only network I perform BGP changes on at the moment). I think gaining this experience and being able to put it on a resume will look pretty good too

 

Finally, I'd really like to get my personal website up with a blog and document ALL of this down publicly.

 

What do you guys think of this idea and if there is anybody interested in helping or the progress of the project, I'll be posting a lot more updates on this when we complete Bifrost.

 

Thank you!