Re: Anycast but for egress

[Christopher Morrow <morrowc.lists () gmail com>]

On Thu, Jul 29, 2021 at 4:58 PM Joe Maimon <jmaimon () jmaimon com> wrote:

> Vimal wrote:
> > (Unsure if this is the right forum to ask this question, but here goes:)
> >
> > From what I understand, IP Anycast can be used to steer traffic into a
> > server that's close to the client.
> >
> > I am curious if anyone here has/encountered a setup where they use
> > anycast IP on their gateways... to have a predictable egress IP for
> > their traffic, regardless of where they are located?
> >
> > For example, a search engine crawler could in principle have the same
> > IP advertised all over the world, but it looks like they don't...  I
> > wonder why?
> >
> > --
> > Vimal
> Its definitely possible, but would need a layer of software (kernel
> mode) on all the anycast holders synchronizing state to ensure
> asymmetric replies/connections get forwarded/shifted to the correct host.
is it actually that hard? isn't it more like:
  "use an outbound path local to that inbound path cone which NAT's (or
proxy's or...) to a small set of staticlly assigned addresses"

Provided you don't re-use the outbound addresses on different deployments
this should 'just work'[tm]

'anycast but outbound' is really: "get me local nat pools for my service by
locality"
I think this is, bascially, what every enterprise network in the world
does, effectively.


If the goals are worth that kind of effort is another question. And
> performance is likely to be "tricky".