Anycast
Anycast is a network addressing and
routing scheme whereby data is routed to the "nearest"
or "best" destination.
The term is intended to echo the terms unicast, broadcast and multicast.
- In unicast, there is a one-to-one association between network address and network endpoint: each destination address uniquely identifies a single receiver endpoint.
- In broadcast and multicast, there is a many-to-one association between network addresses and network endpoints: each destination address identifies a set of receiver endpoints, to which all information is replicated.
- In anycast, there is also a many-to-one association between network addresses and network endpoints: each destination address identifies a set of receiver endpoints, but only one of them is chosen at any given time to receive information from any given sender.
On the Internet, anycast is usually implemented by using
BGP to simultaneously announce the same destination IP
address range from many different different places on
the Internet. This results in packets addressed to destination
addresses in this range being routed to the "nearest"
point on the net announcing the given destination IP address.
Anycast is best suited to connectionless protocols like
UDP, rather than connection-oriented protocols such as
TCP, since the receiver selected for any given source
may change from time to time as optimal routes change,
silently breaking any conversations that may be in progress
at the time.
For this reason, anycast is generally used as a way to provide high availability and load balancing for stateless services such as access to replicated data.
Use of anycast to implement DNS
A number of the Internet root nameservers are implemented
as large numbers of clusters of machines using anycast.
The C, F, I, J and K servers exist in multiple locations
on different continents, using anycast announcements to
provide a decentralized service. As a result most of the
physical, rather than nominal, root servers are now outside
the United States.
Use of anycast to implement IPv6 transition
There is a 6to4 (IPv6 transition protocol) anycast default gateway available with the IP address 192.88.99.1. (See RFC 3068 for details.) This allows multiple providers to implement 6to4 gateways without hosts needing to know each individual provider's gateway addresses.
Security of anycast
Anycast allows any operator whose routing information is accepted by an intermediate router to hijack any packets intended for the anycast address. Whilst this at first sight appears insecure, it is no different to the routing of ordinary IP packets, and no more or less secure. As with conventional IP routing, careful filtering of who is and is not allowed to propagate route announcements is crucial to prevent man-in-the-middle or blackhole attacks.
Reliability of anycast
Anycast is normally highly reliable, as it can provide automatic failover. Anycast applications typically feature external "heartbeat" monitoring of the server's function, and withdraw the route announcement if the server fails.
If the announcement continues for a failed server, the server will act as a "black hole" for nearby clients; this failure mode is the most serious mode of failure for an anycast system. Even in this event, this kind of failure will only cause a total failure for clients that are closer to this server than any other, and will not cause a global failure.
DynoHosts.com
- Special Web Site Hosting Offer: Economy Plan:
• 5 GB Space • 250 GB Transfer
• 500 Email Accounts • FREE! Software
• 10 MySQL Databases • 50 Email Forwards
• Forums, Blogging, Photo Galleries • No ads
24/7 Live Toll Free Support, 30 Day Money Back Guarantee,
SSL, eCommerce &
more..
