BGP is a complex routing protocol used to exchange routing information between Autonomous Systems.
Deploying Anycast using BGP is the most common with Internet Service Providers (ISPs), but can also be used if you are a large enterprise customer needing to interconnect networks across disparate geographical or administrative locations.
Anycast BGP with DNS Servers
Deploying Anycast BGP on a managed DNS Server turns it into a fully-fledged BGP router in the network, capable of establishing connection with a BGP peer, participating in BGP routing processes, accepting and distributing dynamic routing information through BGP, and so forth.
Anycast BGP on a managed DNS Server provides functionality in both IPv4 and IPv6 address families. The DNS Server can communicate with an IPv4 BGP router and exchange IPv4 routing information as well as communicate with an IPv6 BGP router and exchange IPv6 routing information. One instance of BGP on the DNS Server can run simultaneously and independent in both IPv4 and IPv6 address families.
In the diagram below, Anycast BGP is configured to route DNS service from a primary DNS Server
(ASN 65001) and a secondary DNS Server (ASN 65002). ASN 64999 is the Automated System comprised
on BGP Peers, routers, and switches. The “Short path” provides the fewest number of hops between
the DNS client and ASN 65001. Anycast BGP routes DNS service via this “short path” to provide
the most efficient service.
In the next diagram, a DNS failure has occurred at ASN 65001. Anycast BGP instantly re-routes
DNS service via the “Long path” to ASN 65002 in order to maintain DNS service to the
MD5 authentication with Anycast BGP
MD5 authentication requires a case-sensitive alphanumeric password of up to a maximum of 25 characters; no spaces. The following special characters are permitted: @ - . : _ [ ] .MD5 authentication with Anycast BGP
If MD5 authentication passwords are configured incorrectly, the DNS Server will not be able to establish the BGP peering session. BlueCat recommends verifying that the BGP peering session is established after configuring MD5 authentication.
Prefix Lists in Anycast BGP
- one prefix list to filter INPUT IPv4 routing information
- one prefix list to filter OUTPUT IPv4 routing information
- one prefix list to filter INPUT IPv6 routing information
- one prefix list to filter OUTPUT IPv6 routing information
These lists are independent from each other—you can have only one of them defined at a time or both. Each deployed prefix list is automatically bound to a related BGP peer.