Combining anycast with Openswan can be interesting in two scenarios. The first scenario is when you are moving a certain network and server farm that is announced by BGP from one physical location to the other, using just a single redundant Openswan router.
Let's say you have ColoA and ColoB. ColoA hosts most of the infrastructure, and ColoB has a copy of the Openswan router from ColoA. Depending on the shortest BPG prefix, clients trying to reach the network that is being moved will connect to either ColoA or ColoB. However, there is an IPsec tunnel using PA space from ColoA and ColoB that connects these two Openswan machines that share the same public IP address. By adding or removing tunnels for one machine (/32) or a few machines (e.g. /28), it is possible to tunnel the packets to wherever the physical server is at that point in time. If the server has not yet moved from ColoA to ColoB, and a packet for it reaches ColoB, it will be tunneled to ColoA. When the server is...