To deliver content from the closest server to the user, Content Delivery Networks generally use two main methods of routing: Anycast and GeoIP. While both achieve the same result, they are two very different systems. In this blog post, we will describe both and compare the differences between them.
First, let's have a look at anycast. Anycast is a network and routing method in which multiple servers will announce the same IP address. When a computer connects to such an address, it will be automatically routed to the server with the closest logical path. The system also takes care of automatic failover in an event where a server would stop working. This happens by simply stopping announcing the IP address at the given location, making the address to look for an alternative path to find a working destination.
By working on such a low networking level, Anycast can very efficiently handle DDoS attacks by automatically spreading traffic to multiple servers around the world. There is no way for an attacker to target a single physical server since they are all listening on the same address.
The downside of Anycast is that the system is not aware of actual physical distance, but instead follows the shortest logical path, which requires constant maintenance to ensure the correct routes are being chosen, which can be costly and time intensive.
- Slightly better performance
- Better redundancy
- Easier DDoS mitigation
- Difficult to maintain
- Requires constant optimisations
- Harder to tweak routes
Unlike Anycast, GeoIP routing works higher on the network layer and is handled by the DNS system. In order to provide failover and load balancing, the DNS system requires a lower lived TTL cache value. This means a tiny overhead in performance since the computer needs to resolve the domain name more frequently. Before it can connect to a domain name, the computer will first contact the nameservers that will then map its IP to a physical location with the help of a geolocation database. In cases where the computer does not connect directly to the DNS server but through an ISP or service such as Google DNS, a special EDNS0 header is used that holds the IP or subnet of the requesting machine.
Based on this information, the DNS server can then decide where the user comes from as well as which edge server would be the best fit for the user, allowing for advanced load balancing and easy ability to manage traffic since the DNS has complete control of the routing.
The downside with GeoIP routing is that some DNS providers do not support the EDNS0 header or that the IP has not yet been correctly mapped into the GeoIP database. This can cause incorrect routing as well, although usually not as pronounced as with an incorrectly set up anycast.
- Advanced load balancing
- Easier to set up and maintain
- Lower cost
- Simple traffic management
- Less accurate routing
- Slightly worse performance
- Harder to disperse DDoS attacks
- Slower downtime mitigation
In conclusion, both systems on their own can perform well, but they are different beasts to maintain. At BunnyCDN we use a mix of both GeoIP and Anycast to provide the best of both worlds. We use Anycast to power our global DNS network and after that use GeoIP to route users to the closest server based on their IP address. This allows us to do precise traffic control, load balancing and easy scaling while providing the performance and redundancy benefits to the anycast DNS network.