[c-nsp] Anycast services
Terry Baranski
tbaranski at mail.com
Fri May 19 17:02:14 EDT 2006
On Thu, 18 May 2006 18:27:58 -0400, Alexander Gall said:
> We actually use anycast inside our AS for one particular web
> application with fairly short lived sessions (on the order of seconds)
> and no state between sessions. This works well because our IGP is
> very stable. The time scale of link failures is days or even weeks
> and many failures would probably not even change the affinity of
> active sessions. I'm pretty sure that anycast would work just fine
> for a web proxy in our environment.
>
> You have to know your network and your application to make a sensible
> decision, but anycast is probably applicable to more stateful
> applications than many people are prepared to believe :-)
Indeed. We use "preferential anycast" (preferencing the routes so that one
device is primary and the others are backups) for site-to-site IPSec VPNs.
Works like a champ -- failover occurs within seconds after routing
converges. Takes all the redundancy/determinism complexity away from the
remote client devices -- they only need to have one tunnel endpoint
configured.
-Terry
More information about the cisco-nsp
mailing list