ICMP Blocking Woes

Stephen J. Wilcox steve at telecomplete.co.uk
Thu Oct 2 16:58:22 UTC 2003



Lo! On Thu, 2 Oct 2003, Sean Donelan did sayeth:

> Various ISPs have been trying lots of different ICMP filters.  You can
> see some of the impact on the Internet average graphs from XAffire.
> 
> http://www.xaffire.com/press/ea/EA20030902_images?rf=EM005
> 
> Xaffire/Matrix Systems apparently used ping packets that were the
> same size as those being filtered by some ISPs.  According to Xaffire
> service providers implementing filters included Cable & Wireless and
> Level 3.

It does raise the question of whether ICMP Echo is a good mechanism for 
monitoring systems that are across third party networks. 

I personally think that filtering ICMP is becoming less useful and you would get 
better results using other probe methods eg SYN/RST as deployed by numerous port 
scanning tools eg nmap

Steve




More information about the NANOG mailing list