Search RPD Archives
Limit search to: Subject & Body Subject Author
Sort by:

[AfriNIC-rpd] Anycast prefix's

Andrew Alston aa at
Fri May 11 13:41:27 UTC 2007

Anycast can be run for a number of reasons, a classic example would be
as follows:

Institution has a high traffic web server, that's accessed from all over
the world.

A.) they want to cut costs but having multiple cheapest point access to
the server (national versus international bandwidth etc)
B.) they want redundancy for the server
C.) they want a form of load balancing 

There could be a number of additional reasons, but anyway...

Said server then gets 2 addresses, a unicast and an anycast address.

The web server will listen on the unicast address at each point, it will
also use the unicast interface to synchronize with the other servers or
a central point

On the anycast address, the web server will run a DNS Server.

Each DNS server will have a different A record for the web server dns
entry, that point to the servers unicast.


Three Servers:

Server 1: Unicast
Server 2: Unicast
Server 3: Unicast
Server 4: Unicast

Anycast across all servers: 

Server 1's DNS entry for responds with
Server 2's DNS entry for responds with
Server 3's DNS entry for responds with
Server 4's DNS entry for responds with

Client queries authorative nameserver (
and gets back the closest entry, being, and starts downloading a
large file from it.

Routing changes occur, suddenly server 2 is closest entry.

Due to the fact that the DNS is anycast, and the web server itself is
TCP based unicast he doesn't drop connection, UNTIL another query is
done (typically the A records here would have very low expiry times on
them), at which point he would get a new A record pointing to server 2.
Almost a... protected version of anycast for TCP.

This would be ONE of MANY possibilities for using Anycast.  Would this
qualify as "critical infrastructure?"  I'm not sure...



-----Original Message-----
From: rpd-bounces at [mailto:rpd-bounces at] On Behalf
Of Michuki Mwangi
Sent: Friday, May 11, 2007 1:46 PM
To: AfriNIC Resource Policy Discussion List
Subject: Re: [AfriNIC-rpd] Anycast prefix's

Hi Andrew,

Andrew Alston wrote:
> Very basic concept:
> Because you cannot announce anything smaller than a /24 into the
> tables, in order to provide for anycast you need to announce an entire
> /24, and in an anycast situation this is announced from multiple
> AfriNIC's current v4 policy states that the minimum allocation size on
> initial is a /22.  To use a /22 for anycast when you potentially are
> only using 3 addresses in the block is a huge waste.

If the minimal allocation is a /22 there is no written rule that one
should aggregate and announce the entire /22 it can be de-aggregated to
announce a /24 from the allocation for anycast purposes.

> To my knowledge RIPE also has a policy that allows for this kind of
> allocation. 

Question would be "who runs anycast and why?.If they form part of the
critical infrastructure there is room for them to apply additional /24
for anycasting as per the current AfriNIC IPv4 policy for critical

Michuki Mwangi
rpd mailing list
rpd at

More information about the RPD mailing list