Looking for recommendations for a dedicated ping responder
matthew at matthew.at
Sat Sep 10 16:21:02 UTC 2016
Personally, I'd think twice before putting a box that does unthrottled
reflection of ICMP packets to their claimed source anywhere, especially not
one with a well-known address.
On Sat, Sep 10, 2016 at 2:01 AM James Greig <james at mor-pah.net> wrote:
> On one of these lists around 6 months ago a Google network engineer
> confirmed they do rate limit icmp (aside from prioritisation).
> Unless there's a real issue here this is more about educating people.
> It's amazing how many still miss interpret trace routes these days.
> Kind regards
> James Greig
> > On 9 Sep 2016, at 23:29, Jon Lewis <jlewis at lewis.org> wrote:
> >> On Fri, 9 Sep 2016, Jared Mauch wrote:
> >>> On Sep 9, 2016, at 4:08 PM, Dan White <dwhite at olp.net> wrote:
> >>> We're being caught up in some sort of peering dispute between Level 3
> >>> Google (in the Dallas area), and we've fielded several calls from
> >>> customers complaining of 40-50% packet loss (to 188.8.131.52) when there
> >>> to be no actual service impacting loss.
> >>> We currently suggest customers use a Linux server to ping against, or
> >>> another public host.
> >>> Ideally we'd like to use a hardware based ICMP system for customer use
> >>> Accedian NIDs are good at this (exceptionally low jitter) accept they
> >>> throttle at 500 pings per second.
> >> I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE,
> >> perhaps that card and code could be used to do 40G ICMP responder?
> > The trouble is, LOTS of people want to ping something "out on the
> internet" to verify their connectivity, and things like GOOG's 184.108.40.206 DNS
> servers are a popular lighthouse. I know from first hand experience
> (dealing with customers complaining about it), that GOOG, at least at some
> of the anycast nodes for the service, polices ICMP echo requests aimed at
> > 220.127.116.11 due to the quantity of those unwanted packets.
> > Having a cheap/small/powerful device that can be used as a ping target,
> and getting the masses to use it are two very different things.
> > Dan, are your customers missing DNS responses, or just echo replies from
> 18.104.22.168? If the latter, ask what they'd do if thousands of people pinged
> one of their servers constantly.
> > ----------------------------------------------------------------------
> > Jon Lewis, MCP :) | I route
> > | therefore you are
> > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG