[j-nsp] Anycast

Kevin Oberman oberman at es.net
Tue Jan 18 15:29:24 EST 2011


> Date: Tue, 18 Jan 2011 19:45:58 +0100
> From: Johan Borch <johan.borch at gmail.com>
> Sender: juniper-nsp-bounces at puck.nether.net
> 
> Hi,
> 
> This is not a specific Juniper question, but there seems to be a lot for
> knowledge on this list so I will give it a shoot :)
> 
> Would web traffic be suitable to use with anycasting? The applications in
> question is a standard website with database backend that I need to load
> balance (active-active) between multiple sites. I've never worked with
> anycast before but as I understand it the anycast-part is merely me
> announcing the server addresses from multiple sites in my IGP?

The short answer is 'no', but the longer on is 'maybe'.

You need to realize that TCP sessions only work if the endpoints are
consistent during the session and anycast may change that at any time,
thus breaking the session. Anycast is well suited to UDP operations that
operate on a simple query/response, single packet type of operation and
almost as well on TCP interactions that also involve a single query,
though may have a multiple packet response. DNS is the obvious case.

There are some cases, though very limited, where http can work with
anycast, but you need to look at them very carefully and assure that no
state information from query to query is required. Cookies and the like
may not allow this to work. even worse is if a connection switches while
processing a transaction. Did the transaction succeed before the link
changed or did it fail? Might be hard to be sure and that road leads
quickly to insanity.

We use http anycast for one very special case which follows the paradigm
of single query/single response with no problem if the query needs to be
re-tried, but this sounds rather different from what you describe.

Much as I loath load balancers, looks to me like they are the only real
solution for you.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751


More information about the juniper-nsp mailing list