Thanks to you all for your answers, it has helped me a lot already. My design is very simplistic, I have 2 sets of firewalls that I will have advertising a /32 unicast to the network at each location and it will have a TFTP server behind each firewall. I have no intention to have this be part of the internet as it will be used to serve internal customers devices that require TFTP For the setup where you are running Anycast on a datacenter, are you running it inside the datacenter only or across multiple datacenters? other than having to replicate IPs and file services between datacenters have you seen any other issues? Kind regards, Javier Gutierrez, Network Architect – AS19016 https://www.peeringdb.com/net/4073 Westman Communications Group [cid:2db642a4-fcf9-40b4-a719-2afd8097f2e9]1906 Park Ave. • Brandon, MB • R7B 0R9 [cid:8862c057-cdef-45f6-a0e3-497508d0d64a]204.720.1158 [cid:6a35147d-b3b0-44cf-bc96-6822377f5231] gutierrezj@westmancom.com<mailto:gutierrezj@westmancom.com> [A close up of a sign Description automatically generated]<https://westmancom.com/personal> [cid:486e0290-5d40-48dd-80eb-3be9a705b1e6]<https://www.facebook.com/WestmanCom>[cid:425d7b57-d7e3-491d-9d22-910d4072b88a]<https://twitter.com/WestmanCom> [cid:ee77dd48-8761-498b-b45b-82b00e5bf553] <https://www.youtube.com/user/WestmanCom> [cid:547ce68d-d61c-40e3-b150-39bff72b8d6b] <https://www.instagram.com/westmancom> [cid:ba4751b3-edc0-484e-bb40-731ca94e8c84] <https://www.linkedin.com/company/westmancom> This e-mail and any attachments contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than intended recipient is unauthorized and may be illegal. ________________________________ From: NANOG <nanog-bounces+gutierrezj=westmancom.com@nanog.org> on behalf of Bill Woodcock <woody@pch.net> Sent: Saturday, February 24, 2024 1:09 AM To: Ask Bjørn Hansen <ask@develooper.com> Cc: nanog@nanog.org <nanog@nanog.org> Subject: Re: TFTP over anycast CAUTION: This email is from an external source. Do not click links or open attachments unless you recognize the sender and know the content is safe. The system Ask is describing is the traditional method of using anycast to geographically load-balance long-lived flows. The first time I did that was with FTP servers in Berkeley and Santa Cruz, in 1989. I did a bigger system, also load balancing FTP servers for Oracle, their public-facing documentation stores, with servers in San Jose and Washington DC, a couple of years later. A couple of years further on and the World Wide Web was a thing, and everybody was doing it. -Bill On Feb 24, 2024, at 7:38 AM, Ask Bjørn Hansen <ask@develooper.com> wrote: On Feb 23, 2024, at 20:32, William Herrin <bill@herrin.us> wrote: The relay server `dhcplb` could, maybe, help in that scenario (dhcplb runs on the anycast IP, the “real” DHCP servers on unicast IPs behind dhcplb). Although they used the word "anycast", they're just load balancing. The idea is to run the relays on an anycasted IP (so the load balancer / relay IP is anycasted). [….] Relying on ECMP for anycasted DHCP would be a disaster during any sort of failure. Add or remove a single route from an ECMP set and the hashed path selection changes for most of the connections. Consistent hashing (which I thought was widely supported now in ECMP implementations) and a bit of automation in how announcements are added can greatly mitigate this. Ask