Anyone seeing ping corruption?
Sean Donelan
sean at donelan.com
Mon Dec 20 21:50:00 UTC 2021
On Sun, 19 Dec 2021, J Doe wrote:
>> --- 8.8.8.8 ping statistics ---
>> 1 packets transmitted, 1 received, 0% packet loss, time 0ms
>> rtt min/avg/max/mdev = 5.657/5.657/5.657/0.000 ms
>> lukas at dev:~$ ping 1.1.1.1 -c1 -s1000
>> PING 1.1.1.1 (1.1.1.1) 1000(1028) bytes of data.
>> 1008 bytes from 1.1.1.1: icmp_seq=1 ttl=58 time=15.8 ms
>
> Out of curiosity - does anyone know why Google is truncating ICMP responses ?
Assuming (not confirmed) mitigating old-style DOS attacks. See "ping
of death." ICMP packets should be small enough to never require
fragmentation. But large enough to contain at least the header of the
original packet.
When I used to write firewall stuff, there was a great debate about how
much data to return in an ICMP error/reply packet. I don't think the
debate was ever resolved.
More information about the NANOG
mailing list