Configuring the GSS Network with Anycast
This chapter describes how to enable anycast on a GSS network. Anycast is a Cisco IOS network routing feature that provides a Layer 3 network virtual address. The GSS can leverage this network-wide virtual address to provide GSS redundancy. A single anycast address can represent the entire GSS cluster by allowing the mapping of the GSS anycast loopback address to the virtual network-wide anycast address. The network-wide anycast address can represent up to 16 GSS devices in a single cluster or multiple GSS clusters.
A failure of any GSS behind the anycast address is transparent to the end user. Also, since anycast leverages the network's routing tables, the traffic destined to the GSS is based on routing metrics.
This chapter contains the following major sections:
•Understanding the Anycast Network Addressing and Routing Scheme
•Configuring Anycast on a GSS
Understanding the Anycast Network Addressing and Routing Scheme
The anycast network addressing and routing scheme (anycast) provides high availability and load balancing for stateless services, such as access to replicated data. For example, the Domain Name Service (DNS) is a distributed service over multiple geographically dispersed servers.
Anycast works with the routing topology to route data to the nearest or best destination. Anycast has a one-to-many association between network addresses and network endpoints, which means that each destination address identifies a set of receiver endpoints, only one of which receives information from a sender at any time.
Anycast is usually implemented by using the Border Gateway Protocol (BGP) to simultaneously announce the same destination IP address range from many different devices. Packets that are addressed to destination IP addresses in a specific range are routed to the nearest point that announces the given destination IP address.
Anycast is best suited to connectionless protocols (generally built on the User Datagram Protocol (UDP)), rather than connection-oriented protocols such as the Transmission Control Protocol (TCP), that keep their own state. The designated receiving device may change from time to time as optimal routes change, terminating any connections currently in progress without sending out broadcast messages that indicate the connections have been terminated.
IP anycast allows the use of the same public IP address for multiple devices (in this case, multiple GSSs). In IPv4, an IP anycast IP address is treated the same as any other routable, public IP address. The difference is that the anycast IP address is announced from multiple sites and the service provider with multiple routes finds the closest exit.
It is critical that your pair core sites with Solution Provider (SP) routers or Points Of Presence
(POPs) within the same city or region. Otherwise, anycast may degrade your network performance.
Configuring Anycast on a GSS
The GSS uses the loopback interface (lo:1) internally to assign an anycast IP address to a GSS device. The advantage of the loopback interface is that the anycast IP address is not broadcast on the network, so you can easily deploy multiple GSSs in the same data center or across multiple data centers without an IP address conflict. Because IP anycast configuration is performed per GSS, you must configure IP anycast individually on each GSS.
The GSLB listens on an anycast IP address in addition to the following Ethernet interfaces:
•TCP: port 53
•UDP: port 53, port 5300 (AS), port 5301 (NS)
The anycast IP interface is not supported on the following features:
•Director Response Protocol (DRP) agent
•All types of keepalives
•Administration, including programs such as TELNET, SSH, SNMP, FTP, NTP, and HTTPS
•DDoS with anti-spoofing enabled
You can configure a GSS with an anycast IP address by using the ip anycast command in global configuration mode. Use the no form of this command to remove the configuration of an anycast IP address.
The syntax of this command is as follows:
ip anycast ipaddress
no ip anycast ipaddress
The ipaddress argument specifies the anycast IP address. The netmask for the anycast IP address is always 255.255.255.255.
You cannot enter the ip anycast command when the GSS is running. You must first enter the gss stop command as shown in the following example:
gss1.example.com# gss stop
gss1.example.com(config)# ip anycast 220.127.116.11
The interface lo:1 is configured with the anycast IP address in addition to the other interface configurations during system startup and also when you change the anycast IP address by entering the ip anycast command.
Use the show running-config command to display the anycast IP address as follows:
gss1.example.com# show running-config
ip address 18.104.22.168 255.0.0.0
ip address 22.214.171.124 255.255.255.252
ip default-gateway 126.96.36.199
ip name-server 188.8.131.52