Authoritative Resources for Public DNS Pinging
J. Hellenthal
jhellenthal at DataIX.net
Wed Feb 9 15:08:44 UTC 2022
Not to mention. It is viable traffic to monitor, if I know that I get X
number of icmp traffic through a point in tranfer consistently and that
starts to drop off considerably that it may be a failing connection due
to some circumstance I should start checking that equipment.
And if im that connection in the middle... that is money !
On Wed, Feb 09, 2022 at 03:02:19PM +0000, J. Hellenthal wrote:
>
> Just think of all the smokeping probes that are out there plus services
> like UptimeRobot and similiar.
>
> you can't just put something up as a provider of a service and say ...
> ya know im not going to plan for this... traffic for them of any kind is
> money... not only to them but to their IX's as well.
>
> ya just don't willy nilly cut that shit down and not expect a huge
> blowup to happen.
>
> On Wed, Feb 09, 2022 at 03:53:15PM +0100, Łukasz Bromirski wrote:
> >
> > Yup. And Google folks accounted for the world pinging them all day long.
> >
> > I wouldn't call using DNS resolvers as best "am I connected to internet over this interface" tool though. A day, year or 5 years from now the same team may decide to drop/filter and then thousands of hardcoded "handmade automation solutions" will break. And I believe that's closer to what Masataka was trying to convey.
> >
> > —
> > Łukasz Bromirski
> >
> > > On 9 Feb 2022, at 14:23, Mark Tinka <mark at tinka.africa> wrote:
> > >
> > >> On 2/9/22 15:00, Masataka Ohta wrote:
> > >>
> > >>
> > >> Wrong. It is not bad, at least not so bad, pinging properly
> > >> anycast DNS servers.
> > >>
> > >> The point of anycast is resistance to DDoS.
> > >>
> > >> But, relying on hard coded 8.8.8.8 is not a good idea because
> > >> DNS service of the address may be terminated.
> > >>
> > >> Instead, properly anycast root name servers are authoritative
> > >> resources provided for public DNS queries which can be used for
> > >> pinging, though pinging so with ICMP should be less painful
> > >> for the servers.
> > >
> > > That's like saying you won't have an egg for dinner because it's typically had for breakfast.
> > >
> > > Users don't care what infrastructure has been designated for. If they can find another use for it other than designed, which serves their interests, they will use it.
> > >
> > > We need to allow, and account, for that.
> > >
> > > Mark.
>
> --
> The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.
--
The fact that there's a Highway to Hell but only a Stairway to Heaven says a lot about anticipated traffic volume.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 533 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20220209/327b4c33/attachment.sig>
More information about the NANOG
mailing list