Routers direct packets addressed to this destination to the location nearest the sender, using their normal decision-making algorithms, typically the lowest number of BGP network hops.

Many initial anycast deployments consisted of DNS servers, using principally UDP transport.

[6] And some TCP-based protocols, notably HTTP, incorporated "redirect" mechanisms, whereby anycast service addresses could be used to locate the nearest instance of a service, whereupon a user would be redirected to that specific instance prior to the initiation of any long-lived stateful transaction.

Many commercial DNS providers have switched to an IP anycast environment to increase query performance and redundancy, and to implement load balancing.

Content delivery networks may use anycast for actual HTTP connections to their distribution centers, or for DNS.

Because most HTTP connections to such networks request static content such as images and style sheets, they are generally short-lived and stateless across subsequent TCP sessions.

The general stability of routes and statelessness of connections makes anycast suitable for this application, even though it uses TCP.

The former can also be prevented by encrypting and authenticating messages, such as using Transport Layer Security, while the latter can be frustrated by onion routing.

Anycast is normally highly reliable, as it can provide automatic failover without adding complexity or new potential points of failure.

In some cases this is done by the actual servers announcing the anycast prefix to the router over OSPF or another IGP.

However, even the automation necessary to implement "heartbeat" routing withdrawal can itself add a potential point of failure, as seen in the 2021 Facebook outage.

Anycast methodologies on the Internet may be exploited to distribute DDoS attacks and reduce their effectiveness: As traffic is routed to the closest node, a process over which the attacker has no control, the DDoS traffic flow will be distributed amongst the closest nodes.