Administrators guru Posted August 7, 2024 Administrators Posted August 7, 2024 Many hardware and software solutions exist to implement redundancy and load balancing for hosted services. One way to implement load balancing and redundancy is to use anycast, defined in RFC 1546. In an anycast setup, multiple hosts share the same IP address. This address is announced through a routing protocol, so that packets sent to the anycast address will be routed to the (network topology wise) closest host. A paper from Cisco provides a good background on anycast. Another, more theoretical paper is available from IBM. Because anycast relies only on a routing protocol, no additional hardware or software is needed to implement it. Since it relies on inherently dynamic routing protocols (such as OSPF or BGP) to decide which host packets are routed to, it is generally only useful for protocols that require very little state, such as DNS. According to some, in practice this instability is not significant enough to prevent anycast from being used for TCP-based services. Adds redundancy and load balancing to connectionless client/server services and improve availability and possibly latency. Anycast is a communication model (network service) for IPv4 and IPv6. As originally described in RFC 1546, "Host Anycast Service," the purpose of anycast is to assign an identical anycast address to a group of geographically distributed nodes. IP datagrams approach the nearest destination node in the set of available destination nodes, based on the unicast routing measure of distance transparent to the clients. The network (routing system) decides where to guide the client request. An IPv4 anycast address is distinguishable from a unicast address because they are allocated from a special reserved range. This is different in IPv6. The real-world applications of anycast I am aware of are limited to DNS root server concepts and Protocol Independent Multicast (PIM) rendezvous points, stateless protocols in general. Anycast is usually implemented by using Border Gateway Protocol (BGP) to simultaneously announce the same destination IP address range from many different places on the network. This results in packets addressed to destination addresses in this range being routed to the "nearest" point on the net announcing the given destination IP address. In the past, anycast was suited to connectionless protocols (generally built on UDP), rather than connection-oriented protocols such as TCP that keep their own state. However, there are many cases where TCP anycast is now used. With TCP anycast, there are cases where the receiver selected for any given source may change from time to time as optimal routes change, silently breaking any conversations that may be in progress at the time. These conditions are typically referred to as a "pop switch". To correct for this issue, there have been proprietary advancements within custom IP stacks which allow for healing of stateful protocols where it is required. For this reason, anycast is generally used as a way to provide high availability and load balancing for stateless services such as access to replicated data; for example, DNS service is a distributed service over multiple geographically dispersed servers. Unicast addressing uses a one-to-one association between destination address and network endpoint: each destination address uniquely identifies a single receiver endpoint. Multicast addressing uses a one-to-unique many association, datagrams are routed from a single sender to multiple selected endpoints simultaneously in a single transmission. Broadcast addressing uses a one-to-many association, datagrams are routed from a single sender to multiple endpoints simultaneously in a single transmission. The network automatically replicates datagrams as needed for all network segments (links) that contain an eligible receiver. Anycast addressing routes datagrams to a single member of a group of potential receivers that are all identified by the same destination address. This is a one-to-nearest association. Cisco Router Configuration ip sla 101 dns anycast.example.com name-server 10.10.10.1 frequency 30 ip sla schedule 101 life forever start-time now ! track 101 ip sla 101 ! ip route 10.0.0.1 255.255.255.255 10.10.10.1 track 101 Here is the IP route on the router: router# show ip route 10.0.0.1 Routing entry for 10.0.0.1/32 Known via "static", distance 1, metric 0 Redistributing via eigrp 1234 Advertised by eigrp 1234 route-map STATIC-TO-EIGRP bgp 1234 Routing Descriptor Blocks: * 10.10.10.1 Route metric is 0, traffic share count is 1 Then you can see that this same address is also available from multiple locations: router# show ip eigrp topology 10.0.0.1/32 EIGRP-IPv4 Topology Entry for AS(1234)/ID(10.9.9.1) for 10.0.0.1/32 State is Passive, Query origin flag is 1, 1 Successor(s), FD is 2562560 Descriptor Blocks: 10.10.10.1, from Rstatic, Send flag is 0x0 ... 10.8.8.1 (Vlan20), from 10.6.6.1, Send flag is 0x0 ... 10.7.7.1 (Vlan30), from 10.4.4.1, Send flag is 0x0 On the Unix server I have the following network interfaces setup: eth0 Link encap:Ethernet HWaddr 00:15:17:A6:25:97 inet addr:10.10.10.1 Bcast:10.10.10.255 Mask:255.255.255.0 lo:1 Link encap:Local Loopback inet addr:10.0.0.1 Mask:255.255.255.255 To summarize the whole setup. The router does a DNS query to the DNS server that is directly connected to it every 30 seconds. If the DNS query succeeds the static router stays in the table. If the test fails the route is withdrawn. If a DNS query is sent to 10.0.0.1 the router will process this by sending the query to the IP address the static route points to. The DNS server accepts the query on the management interface, then passes it to the lo:1 interface for processing. Depending on where you are at you automatically get routed to the closest server: dj@thezah:~$ traceroute 10.0.0.1 traceroute to 10.0.0.1 (10.0.0.1), 30 hops max, 60 byte packets 1 l3-core-vl7.nts.example.com (10.50.1.46) 0.309 ms 0.338 ms 0.381 ms 2 anycast.ip.example.com (10.0.0.1) 0.202 ms 0.195 ms 0.180 ms dj@hosangit:~$ sudo traceroute 10.0.0.1 traceroute to 10.0.0.1 (10.0.0.1), 64 hops max, 52 byte packets 1 nts-desk120-brook.nts.example.com (10.50.120.125) 0 ms 0 ms 0 ms 2 anycast.ip.example.com (10.0.0.1) 0 ms 0 ms 0 ms The best thing about this setup is: If a server fails you automatically fail over to the next closest server. This way the client does not have to deal with DNS times outs. Depending on your location you are automatically routed to the closest server. This will help with DNS response time. It is not that hard to setup. Nothing special is needed either the router or the server.
Recommended Posts