Re: Authoritative Resources for Public DNS Pinging

[Jon Lewis <jlewis () lewis org>]

On Fri, 11 Feb 2022, Mark Tinka wrote:

> 100% - and this is the crux of the issue.
>
> As a community, it is clear that there is a need for this, and if 8.8.8.8 
> stops being an anchor for liveliness detection, users will find something 
> else to replace it with. And we can bet all our Kwacha that it won't have 
> been designed for that purpose, either.

I have to admit, I haven't read most of this thread, but I am well aware 
of the issues with both end users and "routers" / firewalls pinging 
8.8.8.8 as a means of verifying "that path to the Internet is working".  I 
know GOOG doesn't appreciate the amount of ICMP echo requests their 
8.8.8.8 instances receive, and that at various times/places, that ICMP 
traffic is/has been policed by GOOG.

So...here's a pair of "what if"s:

What if instead of pinging 8.8.8.8, all these things using it to "test the 
Internet" sent it DNS requests instead?  i.e.
GOOG=$(dig +short @8.8.8.8 google.com)
if [ -z "$GOOG" ] ; then
  echo FAIL
fi 
Would that make things better or worse for GOOG (Trading lots more DNS 
requests for the ICMP echo requests)?

8.8.8.8 is already anycasted.  What if each large ISP (for whatever 
definition of large floats your boat) setup their own internal instance(s) 
of 8.8.8.8 with a caching DNS server listening, and handled the traffic 
without bothering GOOG?  For users using 8.8.8.8 as a lighthouse, this 
would change the meaning of their test...i.e. a response means their 
connection to their ISP is up, and the ISP's network works at least enough 
to reach an internal 8.8.8.8, but the question of their connectivity to 
the rest of the Internet would be unanswered.

----------------------------------------------------------------------
 Jon Lewis, MCP :)           |  I route
 StackPath, Sr. Neteng       |  therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________