[c-nsp] Anycast services

Capron, Mathew mcapron at aimnetsolutions.com
Thu May 18 12:24:58 EDT 2006



Usually Anycast is best suited for failover.  (i.e. BGP with the same IP
from two different locations with prepending making one less prefered.)
This provides the failover, but not load-balancing.  

If you need regional load-balancing (some site use one anycast location,
while the rest use the other anycast location) you really need to review
your network and ensure that each region will use a single path until it
is removed from the routing table by a fault.  Then that region could
failover to the other anycast address.  But again, this takes a very
careful design. 


-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Sam Stickland
Sent: Thursday, May 18, 2006 12:03 PM
To: 'Tim Durack'
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Anycast services

Imagine that you announcing the Anycast address 10.10.10.10 into the
routing
table from a three separate points. Which of these points your packets
get
routed to depends on which way the routing protocols sends your packets.
Different bits of the network will see 10.10.10.10 in multiple places,
and
which one they pick will depend on many aspects, some of them transient,
such as interface/route metrics, route-dampening etc.

Say you start a TCP/IP session with 10.10.10.10. There is nothing to
guarantee that your packets will keep going to the server you first
opened
the session to. At any point they could go to another 10.10.10.10 server
that the routing protocols have now decided is a better bet and your
session
would break.

In fact, the sudden switch of servers in response to network changes is
the
whole point of Anycast. ;)

S

> -----Original Message-----
> From: Tim Durack [mailto:tdurack at gmail.com]
> Sent: 18 May 2006 16:57
> To: Sam Stickland
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Anycast services
> 
> Okay, assuming I'm not doing per-packet load balancing (because that
> breaks lots of things.)
> 
> I don't see why I can't run something simple like a web proxy anycast.
> Even if I load balance per session, and have multiple equal cost paths
> to the anycast address, I don't see how this would break.
> 
> But I have also never tried it...
> 
> Tim:>
> 
> On 5/18/06, Sam Stickland <sam_mailinglists at spacething.org> wrote:
> > Hi,
> >
> > Comments inline.
> >
> > > -----Original Message-----
> > > From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> > > bounces at puck.nether.net] On Behalf Of Tim Durack
> > > Sent: 18 May 2006 16:20
> > > To: cisco-nsp at puck.nether.net
> > > Subject: [c-nsp] Anycast services
> > >
> > > The subject of Anycast DNS has raised my curiosity. Anyone tried
> > > anycast of other services, such as a web proxy? Or is there a
better
> > > way to do this?
> > >
> > > I'm interested in this from a geographical redundancy perspective,
as
> > > opposed to purely clustering for load-balancing/redundancy.
> >
> > You can't ensure that packets routed to an Anycast address will
always
> > arrive at the same end point. They might arrive at a different node.
> >
> > Hence, you can't use Anycast for any kind of stateful service (e.g.
> TCP/IP).
> > The correct approach to using it here would be to Anycast your DNS
> servers,
> > and only have your DNS return entries for servers/cluster-groups
that
> are
> > known to be up.
> >
> > Sam
> >
> >

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list