Refusing Pings on Core Routers??? A new trend?

Deepak Jain deepak at
Thu Oct 19 23:18:01 UTC 2006

This week, at least a dozen "troublesome" or "problematic" routes our 
NOC has investigated due to customer complaints all have double or 
triple digit latencies, jitter and/or packet loss.

Not really that surprising... a normal week when you are looking at the 
entire Internet.

What is interesting about *this* dozen that I am talking about is that 
the problematic hops (or just before the problematic hops) have all had 
various levels of filtering (trace, icmp trace, icmp everything, etc) 
that (or at least make more difficult) real corroboration of the "spot" 
samples that a trace route gives.

1 NOC (that will remain nameless even though they should really be 
shamed) said the following in response to the question -- when we were 
trying to diagnose +50ms jumps in their latency within a single POP.

Q: "As part of this, can you tell me why your router is prohibiting packets
being sent to our interface?"

A:"	The reason you cannot hit your interface is it is blocked for
security reasons."

When we saw this (below) en route to our interface moving ~500mb/s from 
outside of our network (you know, that pesky symmetrical problem 
resolution). We were investigating the hop immediately after this hop.

   9  bcs1-so-3-1-0.y.x.z (x.x.x.x)  12.395 ms !N
   11.824 ms !N  14.162 ms !N

[Clever folks will know by the interface naming who I am talking about].

What the heck is going on lately? Have we returned to the time where 
we've started trying to hide lacks of capacity instead of fixing them??


Did I miss the conspiracy?? I know my membership dues are all paid up.
If this has been going on a while, I apologize I guess I've just noticed 
the trend in our shift reports.

Deepak Jain

More information about the NANOG mailing list