large organization nameservers sending icmp packets to dns servers.

• Previous message (by thread): large organization nameservers sending icmp packets to dns servers.
• Next message (by thread): large organization nameservers sending icmp packets to dns servers.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Drew Weaver wrote:
> Is it a fairly normal practice for large companies such as Yahoo! And
> Mozilla to send icmp/ping packets to DNS servers? If so, why? And a
> related question would be from a service provider standpoint is there
> any reason to deny ICMP/PING packets to name servers within your
> organization?

Wearing my Mozilla hat here...

I blogged about this (blog.mozilla.com/mrz, somewhere there) and Asa 
blog'd about it over at 
http://weblogs.mozillazine.org/asa/archives/2007/03/trying_to_load.html .

Mozilla uses Citrix Netscalers and we're currently using dynamic 
proximity for load balancing between data centers.

After Asa's post, we found poorly documentation that led to 
misconfiguration of the probe settings.  I've cut down the number of 
probes (default was icmp, udp and tcp:80 to a nameserver) and instead of 
the ~10 complaints a day I was getting, I get many one a month.

If you're still annoyed by the probes, ping me off-list.

- mz

• Previous message (by thread): large organization nameservers sending icmp packets to dns servers.
• Next message (by thread): large organization nameservers sending icmp packets to dns servers.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]