Re: TCP and anycast (was Re: ECN)

[Bill Woodcock <woody () pch net>]

> On Nov 14, 2019, at 7:39 AM, Anoop Ghanwani <anoop () alumni duke edu> wrote:
> RFC 7094 (https://tools.ietf.org/html/rfc7094) describes the pitfalls & risks of using TCP with an anycast address.  
> It recognizes that there are valid use cases for it, though.
> Specifically, section 3.1 says this:
>    Most stateful transport protocols (e.g., TCP), without modification, do not understand the properties of anycast; 
> hence, they will fail
>    probabilistically, but possibly catastrophically, when using anycast addresses in the presence of "normal" routing 
> dynamics.
>    This can lead  to a protocol working fine in, say, a test lab but not in the global Internet.
>
> On Thu, Nov 14, 2019 at 12:25 AM Matt Corallo <nanog () as397444 net> wrote:
> > This sounds like a bug on Cloudflare’s end (cause trying to do anycast TCP is... out of spec to say the least),

No. We have been doing anycast TCP for more than _thirty years_, most of that time on a global scale, without 
operational problems.

There were people who seemed gray-bearded at the time, who were scared of anycast because it used IP addresses _non 
uniquely_ and that wasn’t how they’d intended them to be used, and these kids these days, etc.  What you’re seeing is 
residuum of their pronouncements on the matter, carrying over from the mid-1990s.

It’s very true that anycast can be misused and abused in a myriad of ways, leading to unexpected or unpleasant results, 
but no more so than other routing techniques.  We and others have published on many or most of the potential issues and 
their solutions over the years.  That RFC has never actually been a comprehensive source of information on the topic, 
and it contains a lot of scare-mongering. 

                                -Bill