[32910] in North American Network Operators' Group
RE: Pinging routers for network status
daemon@ATHENA.MIT.EDU (Matt Levine)
Mon Dec 18 05:44:32 2000
From: "Matt Levine" <mlevine@efront.com>
To: "Miguel A.L. Paraz" <map@internet.org.ph>, <nanog@merit.edu>
Date: Mon, 18 Dec 2000 02:41:38 -0800
Message-ID: <BEEPLMELPMPANJHCBHJEEEAOFGAA.mlevine@efront.com>
MIME-Version: 1.0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
In-Reply-To: <20001218173823.C5679@mail.q-linux.com>
Errors-To: owner-nanog-outgoing@merit.edu
No, we don't actually perform a dns request, as that wouldn't be measuring
the network latency, we simply start a timer, wait for the tcp connection to
negotiate, and stop the timer. The connection is then closed. Currently we
do this every 2 minutes, which shouldn't be perceived as an attack of any
kind by a large nameserver, or at least no more so then sending icmp echo's
to their routers :)
Matt
--
Matt Levine, CTO <mlevine@efront.com>
eFront Media, Inc. - http://www.efront.com
Phone: +1 714 428 8500 ext. 504
Fax : +1 949 203 2156
ICQ : 17080004
-----Original Message-----
From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of
Miguel A.L. Paraz
Sent: Monday, December 18, 2000 1:38 AM
To: nanog@merit.edu
Subject: Re: Pinging routers for network status
On Mon, Dec 18, 2000 at 01:12:17AM -0800, Matt Levine wrote:
> Well, although there's no entirely fool-proof way, We've found a better
way
> of monitoring "real" outages/issues is to monitor the time required to
setup
> a tcp connection to some "trusted" machines. For example, in our VA
> datacenter we monitor the time required to setup a connection with tier1
> providers (UU,BBN,DIGEX for example) nameservers (on port 53).. We've
found
> it slightly more reliable than ICMP reqs, especially since when routers
get
> busy, it shows as degradation vs. outage.
How does your "DNS ping" work, do you just open and close a TCP connection?
Or make actual requests? Like, "dig soa provider.net @ns.provider.net".
But perhaps if everyone starts doing this to the same box, it could be seen
as DoS?
--
http://www.internet.org.ph Internet and ISP's in the Philippines
http://www.ASARproject.org Artists for Social Action and Response
GSM Mobile: +63-917-810-9728
