Authoritative Resources for Public DNS Pinging

J. Hellenthal jhellenthal at DataIX.net
Wed Feb 9 15:08:44 UTC 2022 

Not to mention. It is viable traffic to monitor, if I know that I get X
number of icmp traffic through a point in tranfer consistently and that
starts to drop off considerably that it may be a failing connection due
to some circumstance I should start checking that equipment.

And if im that connection in the middle... that is money !

On Wed, Feb 09, 2022 at 03:02:19PM +0000, J. Hellenthal wrote:
> 
> Just think of all the smokeping probes that are out there plus services
> like UptimeRobot and similiar.
> 
> you can't just put something up as a provider of a service and say ...
> ya know im not going to plan for this... traffic for them of any kind is
> money... not only to them but to their IX's as well.
> 
> ya just don't willy nilly cut that shit down and not expect a huge
> blowup to happen.
> 
> On Wed, Feb 09, 2022 at 03:53:15PM +0100, Łukasz Bromirski wrote:
> > 
> > Yup. And Google folks accounted for the world pinging them all day long.
> > 
> > I wouldn't call using DNS resolvers as best "am I connected to internet over this interface" tool though. A day, year or 5 years from now the same team may decide to drop/filter and then thousands of hardcoded "handmade automation solutions" will break. And I believe that's closer to what Masataka was trying to convey.
> > 
> > — 
> > Łukasz Bromirski
> > 
> > > On 9 Feb 2022, at 14:23, Mark Tinka <mark at tinka.africa> wrote:
> > > 
> > >> On 2/9/22 15:00, Masataka Ohta wrote:
> > >> 
> > >> 
> > >> Wrong. It is not bad, at least not so bad, pinging properly
> > >> anycast DNS servers.
> > >> 
> > >> The point of anycast is resistance to DDoS.
> > >> 
> > >> But, relying on hard coded 8.8.8.8 is not a good idea because
> > >> DNS service of the address may be terminated.
> > >> 
> > >> Instead, properly anycast root name servers are authoritative
> > >> resources provided for public DNS queries which can be used for
> > >> pinging, though pinging so with ICMP should be less painful
> > >> for the servers.
> > > 
> > > That's like saying you won't have an egg for dinner because it's typically had for breakfast.
> > > 
> > > Users don't care what infrastructure has been designated for. If they can find another use for it other than designed, which serves their interests, they will use it.
> > > 
> > > We need to allow, and account, for that.
> > > 
> > > Mark.
> 
> -- 
> The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.



-- 
The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 533 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20220209/327b4c33/attachment.sig>

More information about the NANOG mailing list