[191353] in North American Network Operators' Group
Re: Looking for recommendations for a dedicated ping responder
daemon@ATHENA.MIT.EDU (James Greig)
Sat Sep 10 04:58:05 2016
X-Original-To: nanog@nanog.org
From: James Greig <james@mor-pah.net>
In-Reply-To: <Pine.LNX.4.61.1609091819270.26305@soloth.lewis.org>
Date: Sat, 10 Sep 2016 09:57:50 +0100
To: Jon Lewis <jlewis@lewis.org>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On one of these lists around 6 months ago a Google network engineer confirme=
d they do rate limit icmp (aside from prioritisation).
Unless there's a real issue here this is more about educating people. It's a=
mazing how many still miss interpret trace routes these days.
Kind regards
James Greig
> On 9 Sep 2016, at 23:29, Jon Lewis <jlewis@lewis.org> wrote:
>=20
>> On Fri, 9 Sep 2016, Jared Mauch wrote:
>>=20
>>=20
>>> On Sep 9, 2016, at 4:08 PM, Dan White <dwhite@olp.net> wrote:
>>>=20
>>> We're being caught up in some sort of peering dispute between Level 3 an=
d
>>> Google (in the Dallas area), and we've fielded several calls from larger=
>>> customers complaining of 40-50% packet loss (to 8.8.8.8) when there appe=
ars
>>> to be no actual service impacting loss.
>>>=20
>>> We currently suggest customers use a Linux server to ping against, or
>>> another public host.
>>>=20
>>> Ideally we'd like to use a hardware based ICMP system for customer use -=
>>> Accedian NIDs are good at this (exceptionally low jitter) accept they
>>> throttle at 500 pings per second.
>>=20
>> I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE,
>> perhaps that card and code could be used to do 40G ICMP responder?
>=20
> The trouble is, LOTS of people want to ping something "out on the internet=
" to verify their connectivity, and things like GOOG's 8.8.8.8 DNS servers a=
re a popular lighthouse. I know from first hand experience (dealing with cu=
stomers complaining about it), that GOOG, at least at some of the anycast no=
des for the service, polices ICMP echo requests aimed at
> 8.8.8.8 due to the quantity of those unwanted packets.
>=20
> Having a cheap/small/powerful device that can be used as a ping target, an=
d getting the masses to use it are two very different things.
>=20
> Dan, are your customers missing DNS responses, or just echo replies from 8=
.8.8.8? If the latter, ask what they'd do if thousands of people pinged one=
of their servers constantly.
>=20
> ----------------------------------------------------------------------
> Jon Lewis, MCP :) | I route
> | therefore you are
> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
