Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4...
Transcript of Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4...
![Page 1: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/1.jpg)
Best Practices inIPv4 Anycast Routing
PacNOG6Nadi, Fiji. November 2009
Jonny MartinPacket Clearing House
![Page 2: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/2.jpg)
What isnʼt Anycast?‡ Not a protocol, not a different version of
IP, nobodyʼs proprietary technology.
‡ Doesnʼt require any special capabilities in the servers, clients, or network.
‡ Doesnʼt break or confuse existing infrastructure.
![Page 3: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/3.jpg)
What is Anycast?‡ Just a configuration methodology.
‡ Mentioned, although not described in detail, in numerous RFCs since time immemorial.
‡ Itʼs been the basis for large-scale content-distribution networks since at least 1995.
‡ Itʼs gradually taking over the core of the DNS infrastructure, as well as much of the periphery of the world wide web.
![Page 4: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/4.jpg)
How Does Anycast Work?‡ The basic idea is extremely simple:
‡ Multiple instances of a service share the same IP address.
‡ The routing infrastructure directs any packet to the topologically nearest instance of the service.
‡ What little complexity exists is in the optional details.
![Page 5: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/5.jpg)
Example
Client
Server Instance A
Server Instance B
Router 1
Router 3
Router 2
Router 4
![Page 6: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/6.jpg)
Example
Client
Server Instance A
Server Instance B
Router 1
Router 3
Router 2
Router 4
10.0.0.1
10.0.0.1
192.168.0.1
192.168.0.2
![Page 7: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/7.jpg)
Client Router 1
Example
Server Instance A
Server Instance BRouter 3
Router 2
Router 4
10.0.0.1
10.0.0.1
192.168.0.1
192.168.0.2
DNS lookup for http://www.server.com/produces a single answer:www.server.com. IN A 10.0.0.1
![Page 8: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/8.jpg)
Router 1
Example
Client
Server Instance A
Server Instance BRouter 3
Router 2
Router 4
10.0.0.1
10.0.0.1
192.168.0.1
192.168.0.2
Routing Table from Router 1:Destination Mask Next-Hop Distance192.168.0.0 /29 127.0.0.1 010.0.0.1 /32 192.168.0.1 110.0.0.1 /32 192.168.0.2 2
![Page 9: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/9.jpg)
Router 1
Example
Client
Server Instance A
Server Instance BRouter 3
Router 2
Router 4
10.0.0.1
10.0.0.1
192.168.0.1
192.168.0.2
Routing Table from Router 1:Destination Mask Next-Hop Distance192.168.0.0 /29 127.0.0.1 010.0.0.1 /32 192.168.0.1 110.0.0.1 /32 192.168.0.2 2
![Page 10: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/10.jpg)
Router 1
Example
Client
Server Instance A
Server Instance BRouter 3
Router 2
Router 4
10.0.0.1
10.0.0.1
192.168.0.1
192.168.0.2
Routing Table from Router 1:Destination Mask Next-Hop Distance192.168.0.0 /29 127.0.0.1 010.0.0.1 /32 192.168.0.1 110.0.0.1 /32 192.168.0.2 2
![Page 11: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/11.jpg)
Router 1
Example
Client Server
Router 3
Router 2
Router 4
10.0.0.1
192.168.0.1
192.168.0.2
Routing Table from Router 1:Destination Mask Next-Hop Distance192.168.0.0 /29 127.0.0.1 010.0.0.1 /32 192.168.0.1 110.0.0.1 /32 192.168.0.2 2
What the routers think the topology looks like:
![Page 12: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/12.jpg)
Building an Anycast Server Cluster‡ Anycast can be used in building either
local server clusters, or global networks, or global networks of clusters, combining both scales.
‡ F-root is a local anycast server cluster, for instance.
![Page 13: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/13.jpg)
Building an Anycast Server Cluster‡ Typically, a cluster of servers share a
common virtual interface attached to their loopback devices, and speak an IGP routing protocol to an adjacent BGP-speaking border router.
‡ The servers may or may not share identical content.
![Page 14: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/14.jpg)
Example
Router Eth0192.168.1.2/30
Lo010.0.0.1/32
Eth0192.168.2.2/30
Eth0192.168.3.2/30
Lo010.0.0.1/32
Lo010.0.0.1/32
Server Instance A
Server Instance B
Server Instance C
BGP IGPRedistribution
![Page 15: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/15.jpg)
Router
Example
Eth0192.168.1.2/30
Lo010.0.0.1/32
Eth0192.168.2.2/30
Eth0192.168.3.2/30
Lo010.0.0.1/32
Lo010.0.0.1/32
Server Instance A
Server Instance B
Server Instance C
BGP IGPRedistribution
Destination Mask Next-Hop Dist0.0.0.0 /0 127.0.0.1 0192.168.1.0 /30 192.168.1.1 0192.168.2.0 /30 192.168.2.1 0192.168.3.0 /30 192.168.3.1 010.0.0.1 /32 192.168.1.2 110.0.0.1 /32 192.168.2.2 110.0.0.1 /32 192.168.3.2 1
![Page 16: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/16.jpg)
Router
Example
Eth0192.168.1.2/30
Lo010.0.0.1/32
Eth0192.168.2.2/30
Eth0192.168.3.2/30
Lo010.0.0.1/32
Lo010.0.0.1/32
Server Instance A
Server Instance B
Server Instance C
BGP IGPRedistribution
Destination Mask Next-Hop Dist0.0.0.0 /0 127.0.0.1 0192.168.1.0 /30 192.168.1.1 0192.168.2.0 /30 192.168.2.1 0192.168.3.0 /30 192.168.3.1 010.0.0.1 /32 192.168.1.2 110.0.0.1 /32 192.168.2.2 110.0.0.1 /32 192.168.3.2 1
Round-robin load balancing
![Page 17: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/17.jpg)
Building a Global Network of Clusters
‡ Once a cluster architecture has been established, additional clusters can be added to gain performance.
‡ Load distribution, fail-over between clusters, and content synchronization become the principal engineering concerns.
![Page 18: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/18.jpg)
Example
Router 2
Serv
er In
stan
ce D
Serv
er In
stan
ce E
Serv
er In
stan
ce F
Router
3Router 1
Server
Instan
ce A
Server
Instan
ce B
Server
Instan
ce C
Server Instance G
Server Instance H
Server Instance I
![Page 19: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/19.jpg)
Example
Router 2
Serv
er In
stan
ce D
Serv
er In
stan
ce E
Serv
er In
stan
ce F
Router
3Router 1
Server
Instan
ce A
Server
Instan
ce B
Server
Instan
ce C
Server Instance G
Server Instance H
Server Instance I
Region 1
Region 2
Region 3
![Page 20: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/20.jpg)
Example
Router 2
Serv
er In
stan
ce D
Serv
er In
stan
ce E
Serv
er In
stan
ce F
Router
3Router 1
Server
Instan
ce A
Server
Instan
ce B
Server
Instan
ce C
Server Instance G
Server Instance H
Server Instance I
BGP Announcements
10.0.0.1 /32192.168.0.0 /22192.168.0.0 /16
10.0.0.1 /32192.168.8.0 /22192.168.0.0 /16
10.0.0.1 /32192.168.4.0 /22192.168.0.0 /16
![Page 21: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/21.jpg)
Example
Router 2
Serv
er In
stan
ce D
Serv
er In
stan
ce E
Serv
er In
stan
ce F
Router
3Router 1
Server
Instan
ce A
Server
Instan
ce B
Server
Instan
ce C
Server Instance G
Server Instance H
Server Instance I
IGP 1 Announcements
10.0.0.1 /3210.0.0.1 /3210.0.0.1 /32
192.168.1.0 /30192.168.2.0 /30192.168.3.0 /30
10.0.0.1 /3210.0.0.1 /3210.0.0.1 /32
192.168.9.0 /30192.168.10.0 /30192.168.11.0 /3010.0.0.1 /32
10.0.0.1 /3210.0.0.1 /32
192.168.5.0 /30192.168.6.0 /30192.168.7.0 /30
![Page 22: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/22.jpg)
Example
Router 2
Serv
er In
stan
ce D
Serv
er In
stan
ce E
Serv
er In
stan
ce F
Router
3Router 1
Server
Instan
ce A
Server
Instan
ce B
Server
Instan
ce C
Server Instance G
Server Instance H
Server Instance I
IGP 2 Announcements
10.0.0.1 /32192.168.1.0 /30192.168.2.0 /30192.168.3.0 /30
10.0.0.1 /32192.168.9.0 /30
192.168.10.0 /30192.168.11.0 /30
10.0.0.1 /32192.168.5.0 /30192.168.6.0 /30192.168.7.0 /30
![Page 23: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/23.jpg)
Performance-Tuning Anycast Networks
‡ Server deployment in anycast networks is always a tradeoff between absolute cost and efficiency.‡ The network will perform best if servers are
widely distributed, with higher density in and surrounding high demand areas.‡ Lower initial cost sometimes leads
implementers to compromise by deploying more servers in existing locations, which is less efficient.
![Page 24: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/24.jpg)
ExampleGeographic plot of user population density
![Page 25: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/25.jpg)
ExampleGeographic plot of user population density
Server deployment
![Page 26: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/26.jpg)
ExampleGeographic plot of user population density
Server deploymentTraffic Flow
![Page 27: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/27.jpg)
ExampleGeographic plot of user population density
Server deploymentTraffic Flow
![Page 28: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/28.jpg)
ExampleGeographic plot of user population density
Server deploymentTraffic Flow
![Page 29: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/29.jpg)
ExampleGeographic plot of user population density
Server deploymentTraffic Flow
![Page 30: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/30.jpg)
ExampleDrawing traffic growth away from a hot-spot
![Page 31: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/31.jpg)
ExampleDrawing traffic growth away from a hot-spot
![Page 32: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/32.jpg)
ExampleDrawing traffic growth away from a hot-spot
![Page 33: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/33.jpg)
ExampleDrawing traffic growth away from a hot-spot
![Page 34: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/34.jpg)
ExampleDrawing traffic growth away from a hot-spot
![Page 35: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/35.jpg)
ExampleDrawing traffic growth away from a hot-spot
Topological watershed
![Page 36: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/36.jpg)
ExampleDrawing traffic growth away from a hot-spot
![Page 37: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/37.jpg)
Caveats and Failure Modes‡ DNS resolution fail-over
‡ Long-lived connection-oriented flows
‡ Identifying which server is giving an end-user trouble
![Page 38: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/38.jpg)
DNS Resolution Fail-Over‡ In the event of poor performance from a
server, DNS servers will fail over to the next server in a list.‡ If both servers are in fact hosted in the same
anycast cloud, the resolver will wind up talking to the same instance again.‡ Best practices for anycast DNS server
operations indicate a need for two separate overlapping clouds of anycast servers.
![Page 39: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/39.jpg)
Long-Lived Connection-Oriented Flows‡ Long-lived flows, typically TCP file-transfers or interactive
logins, may occasionally be more stable than the underlying Internet topology.
‡ If the underlying topology changes sufficiently during the life of an individual flow, packets could be redirected to a different server instance, which would not have proper TCP state, and would reset the connection.
‡ This is not a problem with web servers unless theyʼre maintaining stateful per-session information about end-users, rather than embedding it in URLs or cookies.
‡ Web servers HTTP redirect to their unique address whenever they need to enter a stateful mode.
‡ Limited operational data shows underlying instability to be on the order of one flow per ten thousand per hour of duration.
![Page 40: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/40.jpg)
Identifying Problematic Server Instances
‡ Some protocols may not include an easy in-band method of identifying the server which persists beyond the duration of the connection.‡ Traceroute always identifies the current
server instance, but end-users may not even have traceroute.
![Page 41: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/41.jpg)
A Security Ramification‡ Anycast server clouds have the useful
property of sinking DOS attacks at the instance nearest to the source of the attack, leaving all other instances unaffected.‡ This is still of some utility even when
DOS sources are widely distributed.
![Page 42: Best Practices in IPv4 Anycast Routing - PacNOG: The ... · PDF fileBest Practices in IPv4 Anycast Routing PacNOG6 Nadi, Fiji. ... 192.168.5.0 /30 192.168.6.0 /30 ... ‡The network](https://reader031.fdocuments.us/reader031/viewer/2022021817/5a9ac2947f8b9a18628dece6/html5/thumbnails/42.jpg)
Thanks, and Questions?
Copies of this presentation can be foundin Keynote, PDF, QuickTime and PowerPoint formats at:
http:// www.pch.net / resources / tutorials / anycast
Jonny MartinInternet Analyst
Packet Clearing [email protected]