Anycast Stateless Services with NSX-T, Implementation

First off, let's cover what's been built so far:

Lab Diagram

To set up an anycast vIP in NSX-T after standing up your base infrastructure (already depicted and configured), all you have to do is stand up a load balanced vIP at multiple sites. NSX-T takes care of the rest. Here's how:
Create a new load balancing pool.

Server pools

Pool Member

Create a new load balancer:

Load Balancer

Create a new virtual server:

Virtual Server

If your Tier-1 gateways have the following configured, you should see a new /32 in your routing table:

Route Advertisement

Repeat the process for creating a new load balancer and virtual server on your second Tier-1 interface, pinned to a completely separate Tier-0. If multipath is enabled, you should see entries like this in your routing table:

Routing Table

It really is that easy. This process can be repeated for load balancers, and (when eventually supported) multisite network segments.

A few caveats:

  • State isn't carried through: if you're using a stateful service, use your routing protocols (AS-PATH is an easy one) to ensure that devices consistently forward to the same load balancer
  • Anycast isn't load balancing: This is easy here, as NSX-T can do both. This won't protect your servers from overload unless you use one.
  • Use the same server pool: It was (hopefully) apparent that I used the same pool everywhere. Try to keep regional configurations consistent, to ensure that new additions aren't missed for a pool. Server pools should be configured on a per region or per transport zone basis.

Some additional light reading on anycast implementations:

Cloudflare's Anycast

Google Public DNS

F5 BIG-IP DNS