WP What is Anycast Routing | Anycast DNS | CDN Guide | Imperva

Anycast

54.7k views
CDN Guide

What is Anycast?

Anycast is a routing method that groups numerous routing paths to a collection of endpoints and assigns them the same IP address. On the network, each device in the routing group displays the same address. Routing protocols determine the ideal traffic destination.

By organizing many nodes behind the same IP address, it enables an organization to scale DNS or HTTP services. A request to the IP address can be resolved by any data center where the DNS service operates versus one specific, designated server.

Key features of Anycast routing:

  • Shared IP – Multiple endpoints share a common IP address or range.
  • Localization – Traffic is routed to the topologically nearest endpoint server.
  • Redundancy – Automatically switches to alternate servers if one goes down.
  • Scalability – Seamlessly scales capacity by adding more Anycast nodes.
  • Load Distribution – Spreading requests across endpoints balances load efficiently.

What is Anycast DNS?

Anycast DNS is a traffic routing algorithm that uses one IP address on multiple nodes to increase the speed of website content delivery. It can improve uptime for the DNS server and reduce latency.

User requests are directed to specific nodes based on factors like the capacity and health of the server, as well as the distance between it and the website visitor.

Why use Anycast DNS?

There are four common reasons why Anycast DNS provides an advantage:

  1. Faster connection: The Anycast routing method prevents overcapacity and mitigates service interruptions to the origin server. Routing users through the nearest intermediary node minimizes round-trip time (RTT). This decreases the number of hops and reduces latency.
  2. Simplified server configuration: Anycast lets a single DNS server configuration be distributed to all network nodes.
  3. High availability: Advertising an IP address on multiple nodes creates redundancy, providing backup in the event a node becomes overloaded or fails.
  4. DDoS mitigation: Anycast can help mitigate DDoS attacks by offering failover alternatives if a node is attacked or goes down.

Anycast Implementation

Deploying Anycast involves configuring routers and utilizing routing protocols like BGP that factor server proximity and policy into routing decisions:

  • Routers – Configure routers to advertise routes for the Anycast IP ranges.
  • BGP – Manipulate BGP attributes like local preference and AS path prepending to influence routing.
  • Consistency – Use routing policies to ensure regional servers are preferred.
  • Monitoring – Track metrics like round-trip latencies, prefixes, and bandwidth.
  • Capacity Planning – Add Anycast servers to meet demands and keep load balanced.

Careful planning and monitoring helps maximize the advantages of Anycast routing.

Anycast DNS Alternatives: Unicast and Multicast

Unicast

Unicast involves assigning a single node to an IP address and connecting senders and receivers using static routes. Regardless of a request’s origin, it goes through the same routing path.

Anycast and Unicast routing
Anycast and Unicast routing

Multicast

In multicast routing, a source IP sends data to an intermediary multicast node, identifying and distributing the data to a group of recipients.

What are the Differences Between Anycast, Unicast, and Multicast?

Both unicast and multicast are effective traffic routing solutions, but they have limitations that make them less practical in comparison to anycast.

Anycast

Anycast can make a network more resilient because it is routing traffic to the best possible path, versus relying on one destination. Many root DNS servers and CDNs providers rely on Anycast DNS.

Unicast

The majority of internet traffic uses this routing scheme. In this approach, each node is assigned an IP address. This becomes a scalability challenge when the infrastructure experiences higher volumes of traffic, which can lead to service outages or DDoS.

Additionally, individual connections between nodes and a host server can be resource intensive, especially when large files or applications (e.g., videos and software) are distributed.

Multicast

In contrast to unicast, multicast is scalable—the source IP only needs to send a packet once for it to be distributed to users en masse. This can be a viable solution for the distribution of larger data streams (e.g., streaming videos, online stock exchanges, and online games).

There are disadvantages associated with multicast routing. In the event that a node becomes overloaded or fails, the data stream has to be redirected, which can lead to latency. Lastly, operating multicast nodes can be costly.

Why Do CDNs Use Anycast Routing?

Many CDN providers use anycast routing to distribute site content on a large, global scale. This is enabled by the strategic placement of point of presence (PoPs) globally, using similar IP address ranges.

CDNs also provide anycast DNS resolution. They do so by setting up a series of name servers and providing low-latency name lookup to ISP-resolving host names. This translates to faster name lookups and file downloads. Local internet service providers (ISPs) can then choose from multiple access points and determine the most optimized path to route traffic. As a result, a web application operates with faster connection times, increased security, and emergency failover in the event of a server overload.

How Does an Anycast CDN Network Mitigate a DDoS Attack?

When a CDN network uses anycast routing, it distributes traffic more strategically, based on several factors. This approach increases the surface area of the receiving network and helps filter high volumes of traffic to more data centers. A large, distributed network makes it harder for an attacker to successfully execute a DDoS attack without substantial resources to increase the volume of malicious traffic through a botnet.

In comparison, a network using unicast routing could more easily be overwhelmed by a DDoS attack because traffic is going to a single designated location. This makes it more challenging to filter high levels of traffic and prevent the server from being overwhelmed.

See how Imperva CDN can help you with website performance.

Different Uses of the Term Anycast

Note that Anycast in the context of networking, refers specifically to the routing technique described in this article.

The term Anycast is also sometimes used for other unrelated concepts like:

  • Mobile apps to broadcast device screens
  • Screen mirroring from phones to TVs

These uses of Anycast are for entirely different protocols and purposes unrelated to Anycast routing. This article focuses exclusively on Anycast IP routing in networks and CDNs.