> The thing is that 1000s of people come to their desks at 8:00, they turn on
> their financial application - which uses TCP - and
And, some people will suffer from OS crash before 17:00.
Masataka Ohta
Maybe .. but I am not sure about you and others but I do not remember when was the last time any of my linux or my windows crashed.
Apples - sure I do remember, but do not use it. iOS and Android too - do crash from time to time.
But the point was that using a real wild Internet TCP session can stay for hours or days irrespective of Internet routing or ECMP hashing when you set it up with non anycast addresses.
Thx,
R.
PS. Someone keeps mentioning DDoS ... so how do you protect anycast addresses from DDoS ? Today the most common method is to blacklist destination ip address + port(s)... irrespective if it is done by NOC or with automation using RFC5575(bis) I co-authored.
But if this protection as it should is happening as fast from target as as possible, if you happen to use anycast your service is dead with not too much effort from the attacker. To me actually the risk of DDoS would be something to seriously consider before advertising anycast as a service destination.
