1 ## IOAM and SRv6 for M-Anycast service selection {#ioam_manycast_doc}
3 Anycast is often used to have a client choose one out of multiple servers.
4 This might be due to performance, scale, or availability reasons.
5 If a client initiates a TCP connection in an anycast scenario,
6 the TCP session is usually established with the server which answers the quickest.
8 There are cases where it is desirable to:
9 - allow choosing the destination server not based on "fastest response time",
10 but based on the delay between server and client (e.g. for a streaming application).
11 - allow choosing the destination server based on other parameters,
12 such as server load information.
13 - ensure that all TCP connections of a particular client are hooked up to the same
14 server, i.e. that all TCP sessions following the first one are connected to the same server as the first session.
16 M-anycast combines IOAM and Segment Routing v6 (SRv6) to provide for a solution:
17 - IOAM information is added to the initial TCP SYN packet to understand the transmit delay, as well as to the SYN-ACK packet to understand the return delay.
18 - SRv6 is used to steer traffic to the set of servers, rather than rely on anycast procedures.
19 Client and Servers can be left unchanged.
20 SRv6 and iOAM information is added and removed "in transit"
22 Introduce M-Anycast Server as a solution component to leverage Segment Routing to steer
23 traffic, IOAM for optimized service selection.
25 - Hosts the Anycast address of the services
26 - Intercepts TCP-SYN, replicates the SYN and sends to a selected subset of all services using SRv6 spray policy
27 - Chooses an appropriate SYN-ACK using embedded in-band OAM data and forwards that SYN-ACK to the client with SRv6 header intact. The SRv6 header in the SYN-ACK received by the client is used to reach the selected server for subsequent packet exchange.
29 VPP can function as an M-Anycast server. VPP can also be used as a IOAM and SRv6 decapsulating node at the application server edge. This allows for caching of IOAM and reattaching it to correlate the path performance across request-response (SYN/SYN-ACK) forwarding path.
32 Example: Highly redundant video-caches as micro-services hosted in multiple public clouds. All Services have an IPv6 address allocated from anycast IPv6 prefix (db06::/64).
33 Here configuration to enable VPP as an M-Anycast server and IOAM caching/reattach node is provided.
36 - Enable M-Anycast service selection using:
39 set ioam ip6 sr-tunnel-select [disable] [oneway|rtt] [wait_for_responses <n|default 3>] sr_localsid <IPv6 address>
44 set ioam ip6 sr-tunnel-select oneway sr_localsid db0a::2
46 - Enable IOAM tracing. Override node for selected traffic processing
48 To enable M-Anycast service selection with IOAM tracing enabled for db06::/64 prefix and on the return path to process service selection for SRv6 localsid db0a::2:
51 classify table acl-miss-next ip6-node ip6-lookup mask hex 000000000000ffffffffffffffff0000 buckets 2 skip 2 match 1
53 classify session acl-hit-next ip6-node ip6-add-syn-hop-by-hop table-index 0 match hex 0000000000000000000000000000000000000000000000000000000000000000000000000000db060000000000000000 ioam-encap anycast
55 classify session acl-hit-next ip6-node ip6-lookup table-index 0 match hex 0000000000000000000000000000000000000000000000000000000000000000000000000000db0a0000000000000000 ioam-decap anycast
57 set int input acl intfc GigabitEthernet0/4/0 ip6-table 0
58 set int input acl intfc GigabitEthernet0/5/0 ip6-table 0
59 set ioam-trace profile trace-type 0x09 trace-elts 3 trace-tsp 1 node-id 0x1
60 set ioam rewrite trace
63 - Enable SRv6 spray policy for steering traffic towards M-Anycast prefix.
65 To steer anycast prefix db06::/64 towards servers with address db07::1, db08::1, db09::1:
68 sr policy add bsid db11::2 next db07::1 insert spray
69 sr policy mod add sl bsid db11::2 next db08::1
70 sr policy mod add sl bsid db11::2 next db09::1
71 sr steer l3 db06::/64 via sr policy bsid db11::2
72 sr localsid address db0a::2 behavior end
75 ### IOAM Caching/reattach at application service edge
76 - Enable IOAM data caching
79 set ioam ip6 cache sr_localsid <ip6 address> [disable]
84 set ioam ip6 cache sr_localsid db07::1
87 Example: To decap IOAM and cache the data towards db06::/64 and reinsert the data towards db04::/64:
90 classify table acl-miss-next ip6-node ip6-lookup mask hex 000000000000ffffffffffffffff0000 buckets 2 skip 2 match 1
92 classify session acl-hit-next ip6-node ip6-lookup table-index 0 match hex 0000000000000000000000000000000000000000000000000000000000000000000000000000db060000000000000000 ioam-decap anycast
94 classify session acl-hit-next ip6-node ip6-lookup table-index 0 match hex 0000000000000000000000000000000000000000000000000000000000000000000000000000db070000000000000000 ioam-decap anycast
96 classify session acl-hit-next ip6-node ip6-add-from-cache-hop-by-hop table-index 0 match hex 0000000000000000000000000000000000000000000000000000000000000000000000000000db040000000000000000 ioam-encap anycast-response
98 set int input acl intfc GigabitEthernet0/4/0 ip6-table 0
100 set ioam-trace profile trace-type 0x1f trace-elts 4 trace-tsp 1 node-id 0x3 app-data 0x1234
102 - Enable SRv6 localsid processing to strip SRv6 header before forwarding towards application service
105 sr localsid address db07::1 behavior end psp