Re: Looking for recommendations for a dedicated ping responder

[Matthew Kaufman <matthew () matthew at>]

Personally, I'd think twice before putting a box that does unthrottled
reflection of ICMP packets to their claimed source anywhere, especially not
one with a well-known address.

Matthew Kaufman

On Sat, Sep 10, 2016 at 2:01 AM James Greig <james () mor-pah net> wrote:

> On one of these lists around 6 months ago a Google network engineer
> confirmed they do rate limit icmp (aside from prioritisation).
>
>  Unless there's a real issue here this is more about educating people.
> It's amazing how many still miss interpret trace routes these days.
>
> Kind regards
>
> James Greig
>
> > On 9 Sep 2016, at 23:29, Jon Lewis <jlewis () lewis org> wrote:
> >
> > > On Fri, 9 Sep 2016, Jared Mauch wrote:
> > >
> > >
> > > > On Sep 9, 2016, at 4:08 PM, Dan White <dwhite () olp net> wrote:
> > > >
> > > > We're being caught up in some sort of peering dispute between Level 3
> and
> > > > Google (in the Dallas area), and we've fielded several calls from
> larger
> > > > customers complaining of 40-50% packet loss (to 8.8.8.8) when there
> appears
> > > > to be no actual service impacting loss.
> > > >
> > > > We currently suggest customers use a Linux server to ping against, or
> > > > another public host.
> > > >
> > > > Ideally we'd like to use a hardware based ICMP system for customer use
> -
> > > > Accedian NIDs are good at this (exceptionally low jitter) accept they
> > > > throttle at 500 pings per second.
> > >
> > > I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE,
> > > perhaps that card and code could be used to do 40G ICMP responder?
> >
> > The trouble is, LOTS of people want to ping something "out on the
> internet" to verify their connectivity, and things like GOOG's 8.8.8.8 DNS
> servers are a popular lighthouse.  I know from first hand experience
> (dealing with customers complaining about it), that GOOG, at least at some
> of the anycast nodes for the service, polices ICMP echo requests aimed at
> > 8.8.8.8 due to the quantity of those unwanted packets.
> >
> > Having a cheap/small/powerful device that can be used as a ping target,
> and getting the masses to use it are two very different things.
> > Dan, are your customers missing DNS responses, or just echo replies from
> 8.8.8.8?  If the latter, ask what they'd do if thousands of people pinged
> one of their servers constantly.
> > ----------------------------------------------------------------------
> > Jon Lewis, MCP :)           |  I route
> >                             |  therefore you are
> > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________