[c-nsp] Anycast services

Terry Baranski tbaranski at mail.com
Fri May 19 17:02:14 EDT 2006


On Thu, 18 May 2006 18:27:58 -0400, Alexander Gall said:

> We actually use anycast inside our AS for one particular web
> application with fairly short lived sessions (on the order of seconds)
> and no state between sessions.  This works well because our IGP is
> very stable.  The time scale of link failures is days or even weeks
> and many failures would probably not even change the affinity of
> active sessions.  I'm pretty sure that anycast would work just fine
> for a web proxy in our environment.
> 
> You have to know your network and your application to make a sensible
> decision, but anycast is probably applicable to more stateful
> applications than many people are prepared to believe :-)

Indeed.  We use "preferential anycast" (preferencing the routes so that one
device is primary and the others are backups) for site-to-site IPSec VPNs.
Works like a champ -- failover occurs within seconds after routing
converges.  Takes all the redundancy/determinism complexity away from the
remote client devices -- they only need to have one tunnel endpoint
configured.

-Terry



More information about the cisco-nsp mailing list