[c-nsp] Unicast as Anycast

JJ morph at 0z0ne.com
Mon Nov 25 10:58:55 EST 2013 

Hi Gert

I´d love to see my unicast network announced from Miami and Madrid :) !!
But I have two different ASN, I don´t know if this is a problem.
No load balancing and yes, I think I have a problem with objects and
Level3. I don´t know how Level3 in US will open their filters for a RIPEs
/24.

The /24 seems to be announced only from Spain (I searched through  one of
my carriers looking glass in Miami and the  prefix is seeing only from
Spain).

cheers!




On Mon, Nov 25, 2013 at 3:33 PM, Gert Doering <gert at greenie.muc.de> wrote:

> Hi,
>
> On Mon, Nov 25, 2013 at 02:06:30PM +0100, JJ wrote:
> > I´m looking to make some tests with anycast(for DDoS mitigation). Does
> > someone tried to achieve this with unicast IPs?.
> >
> > You know it´s not possible to get more IP assignments from RIPE, and
> after
> > asking RIPE for anycast assignments, they told me we still  could use
> > unicast for this purpose.
> > It sounds a bit weird to me...but  I made a try and configured a /24
> being
> > announced in our AS(different ASN) in Miami and Madrid(Spain), then I
> just
> > asked my carriers to open their filters and... It doesn´t work.
> >
> > Have you ever tried a configuration like this? (and successful :) ) ,or,
> > perhaps, am I trying the impossible?
>
> There are no "anycast" IPs in IPv4.  There is just unicast networks
> announced
> from multiple places, and that works great :-)
>
> The "anycast" thing in the RIPE policies is "if you plan to do anycast
> deployment, and have no existing addresses you can use for that, there
> was a special policy to give out /24s from a well-known block for that
> particular purpose".  It's still unicast IPs.
>
> If it's not working for you, you're likely missing route: objects (so your
> announcements are getting filtered), or you're trying TCP traffic with
> some loadbalancing in the mix, with half the packets going to the one
> site and the other half going to the other site -> TCP won't work.
>
> gert
> --
> USENET is *not* the non-clickable part of WWW!
>                                                            //
> www.muc.de/~gert/
> Gert Doering - Munich, Germany
> gert at greenie.muc.de
> fax: +49-89-35655025
> gert at net.informatik.tu-muenchen.de
>

More information about the cisco-nsp mailing list