Personally, I'd think twice before putting a box that does unthrottled reflection of ICMP packets to their claimed source anywhere, especially not one with a well-known address. Matthew Kaufman On Sat, Sep 10, 2016 at 2:01 AM James Greig <james@mor-pah.net> wrote:
On one of these lists around 6 months ago a Google network engineer confirmed they do rate limit icmp (aside from prioritisation).
Unless there's a real issue here this is more about educating people. It's amazing how many still miss interpret trace routes these days.
Kind regards
James Greig
Accedian NIDs are good at this (exceptionally low jitter) accept they throttle at 500 pings per second.
I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE, perhaps that card and code could be used to do 40G ICMP responder?
The trouble is, LOTS of people want to ping something "out on the internet" to verify their connectivity, and things like GOOG's 8.8.8.8 DNS servers are a popular lighthouse. I know from first hand experience (dealing with customers complaining about it), that GOOG, at least at some of the anycast nodes for the service, polices ICMP echo requests aimed at 8.8.8.8 due to the quantity of those unwanted packets.
Having a cheap/small/powerful device that can be used as a ping target, and getting the masses to use it are two very different things.
Dan, are your customers missing DNS responses, or just echo replies from 8.8.8.8? If the latter, ask what they'd do if thousands of people pinged one of their servers constantly.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On 9 Sep 2016, at 23:29, Jon Lewis <jlewis@lewis.org> wrote:
On Fri, 9 Sep 2016, Jared Mauch wrote:
On Sep 9, 2016, at 4:08 PM, Dan White <dwhite@olp.net> wrote:
We're being caught up in some sort of peering dispute between Level 3 and Google (in the Dallas area), and we've fielded several calls from larger customers complaining of 40-50% packet loss (to 8.8.8.8) when there appears to be no actual service impacting loss.
We currently suggest customers use a Linux server to ping against, or another public host.
Ideally we'd like to use a hardware based ICMP system for customer use