> On Nov 14, 2019, at 7:39 AM, Anoop Ghanwani <an...@alumni.duke.edu> wrote:
> RFC 7094 (https://tools.ietf.org/html/rfc7094) describes the pitfalls & risks
> of using TCP with an anycast address. It recognizes that there are valid use
> cases for it, though.
> Specifically, section 3.1 says this:
> Most stateful transport protocols (e.g., TCP), without modification, do
> not understand the properties of anycast; hence, they will fail
> probabilistically, but possibly catastrophically, when using anycast
> addresses in the presence of "normal" routing dynamics.
> This can lead to a protocol working fine in, say, a test lab but not in
> the global Internet.
>
> On Thu, Nov 14, 2019 at 12:25 AM Matt Corallo <na...@as397444.net> wrote:
> > This sounds like a bug on Cloudflare’s end (cause trying to do anycast TCP
> > is... out of spec to say the least),
No. We have been doing anycast TCP for more than _thirty years_, most of that
time on a global scale, without operational problems.
There were people who seemed gray-bearded at the time, who were scared of
anycast because it used IP addresses _non uniquely_ and that wasn’t how they’d
intended them to be used, and these kids these days, etc. What you’re seeing
is residuum of their pronouncements on the matter, carrying over from the
mid-1990s.
It’s very true that anycast can be misused and abused in a myriad of ways,
leading to unexpected or unpleasant results, but no more so than other routing
techniques. We and others have published on many or most of the potential
issues and their solutions over the years. That RFC has never actually been a
comprehensive source of information on the topic, and it contains a lot of
scare-mongering.
-Bill
