[c-nsp] Anycast Questions

Phil Mayers p.mayers at imperial.ac.uk
Tue Feb 15 03:59:09 EST 2011 

On 02/15/2011 08:48 AM, Aaron Riemer wrote:
> Hi Guys,
>
> Has anyone had experience with or knowledge of IP Anycast?

It's best to start a new thread, rather than hijacking someone elses.

>
> I am a little confused as to how the advertisement of the same Anycast
> address is possible at different routers in the network at possibly separate
> locations. Let's say I have a web service and I would like to Anycast the
> service to my national organisation with the help of my IGP. Am I right in
> thinking that each site location that has an instance of the Anycast service
> would need to advertise this Anycast address (typically a host route) into
> the routing table, and that routers within the organisation will simply use
> the mechanics of the routing protocol to direct client communication to the
> Anycast service via the best path or route?

Yes.

Minor note: it's common to hear "don't use anycast for TCP services it's 
only any good for DNS", but that's not the whole story. As long as the 
path stability matches your application stickiness needs, anycast works 
fine for all kinds of services.

Obviously if the path isn't sticky at all e.g. there are >1 path in the 
FIB and you do per-packet load-balancing, you've the potential to run 
into serious problems with TCP services.

Do you mind one request hitting one server and another seconds later 
hitting a different one? For web services with state (e.g. cookies) 
that's often problematic.

Anycast is great, but it's not a universal solution.

>
> Is the idea that the host route being advertised will have a longer match
> than any potential summarised network that may cover the range of Anycast IP
> addresses used? Is this why it is preferred to have a dedicated network that
> is not summarised at any point in the network to advertise Anycast services?

It depends. Obviously your anycast needs to be more specific than any 
conflicting routes. We anycast /32s internally, so a dedicated network 
is irrelevant. That's a non-starter in the global table, hence some of 
the well-known anycast services (root DNS) using as you say a dedicated /24.

>
> I guess when it came to Anycast services over the Internet It would be
> fairly simple process to advertise your own Anycast addresses at any of your
> border routers around the world and AS-PATH would take care of the rest?

Maybe. Assuming the announcement isn't filtered.

I would be a bit cautious about recommending anycast for use in the 
global table; it chews up yet more routing space, and for applications 
which use DNS there are products that will "do it for you" e.g. global 
server load-balancing. Be friendly to the routing table!

More information about the cisco-nsp mailing list