> On Sep 24, 2016, at 7:47 AM, John Levine <jo...@iecc.com> wrote: > >>> Well...by anycast, I meant BGP anycast, spreading the "target" >>> geographically to a dozen or more well connected/peered origins. At that >>> point, your ~600G DDoS might only be around >> >> anycast and tcp? the heck you say! :) > > People who've tried it say it works fine. Routes don't flap that often. >
There are a number of companies terminating anycasted TCP endpoints without issue. It’s not exactly turnkey, but it’s hardly black magic either. Here’s Nick Holt @Microsoft presenting their experience: https://www.youtube.com/watch?v=40MONHHF2BU <https://www.youtube.com/watch?v=40MONHHF2BU> -Chris