nanog mailing list archives

Re: large organization nameservers sending icmp packets to dns servers.

From: matthew zeier <mrz () velvet org>
Date: Mon, 06 Aug 2007 09:07:30 -0700




Drew Weaver wrote:

Is it a fairly normal practice for large companies such as Yahoo! And
Mozilla to send icmp/ping packets to DNS servers? If so, why? And a
related question would be from a service provider standpoint is there
any reason to deny ICMP/PING packets to name servers within your
organization?


Wearing my Mozilla hat here...

I blogged about this (blog.mozilla.com/mrz, somewhere there) and Asablog'd about it over athttp://weblogs.mozillazine.org/asa/archives/2007/03/trying_to_load.html .

Mozilla uses Citrix Netscalers and we're currently using dynamicproximity for load balancing between data centers.

After Asa's post, we found poorly documentation that led tomisconfiguration of the probe settings. I've cut down the number ofprobes (default was icmp, udp and tcp:80 to a nameserver) and instead ofthe ~10 complaints a day I was getting, I get many one a month.


If you're still annoyed by the probes, ping me off-list.

- mz

Current thread:

Re: large organization nameservers sending icmp packets to dns servers., (continued)
- - - Re: large organization nameservers sending icmp packets to dns servers. Stephane Bortzmeyer (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Chris L. Morrow (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. Duane Wessels (Aug 06)
    - Re: large organization nameservers sending icmp packets to dns servers. Steve Atkins (Aug 06)
    - Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 06)
  - Re: large organization nameservers sending icmp packets to dns servers. Leigh Porter (Aug 06)
    - Re: large organization nameservers sending icmp packets to dns servers. Owen DeLong (Aug 06)
    - Message not available
    - Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 06)
    - Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 06)
- Re: large organization nameservers sending icmp packets to dns servers. Simon Waters (Aug 06)
- Re: large organization nameservers sending icmp packets to dns servers. matthew zeier (Aug 06)
- Re: large organization nameservers sending icmp packets to dns servers. Sean Donelan (Aug 06)
- Re: large organization nameservers sending icmp packets to dns servers. Doug Barton (Aug 09)
- Re: large organization nameservers sending icmp packets to dns servers. Jason J. W. Williams (Aug 07)
- Re: large organization nameservers sending icmp packets to dns servers. Mark Andrews (Aug 09)
  - Re: large organization nameservers sending icmp packets to dns servers. Mark Andrews (Aug 09)
    - Re: large organization nameservers sending icmp packets to dns servers. Crist Clark (Aug 10)
    - Re: large organization nameservers sending icmp packets to dns servers. Mark Andrews (Aug 10)