Looking for recommendations for a dedicated ping responder
Are there any products you're using which are dedicated to responding to customer facing pings? -- Dan White BTC Broadband Network Admin Lead Ph 918.366.0248 (direct) main: (918)366-8000 Fax 918.366.6610 email: dwhite@olp.net http://www.btcbroadband.com
Can you elaborate? On Sep 9, 2016 2:54 PM, "Dan White" <dwhite@olp.net> wrote:
Are there any products you're using which are dedicated to responding to customer facing pings?
-- Dan White BTC Broadband Network Admin Lead Ph 918.366.0248 (direct) main: (918)366-8000 Fax 918.366.6610 email: dwhite@olp.net http://www.btcbroadband.com
We're being caught up in some sort of peering dispute between Level 3 and Google (in the Dallas area), and we've fielded several calls from larger customers complaining of 40-50% packet loss (to 8.8.8.8) when there appears to be no actual service impacting loss. We currently suggest customers use a Linux server to ping against, or another public host. Ideally we'd like to use a hardware based ICMP system for customer use - Accedian NIDs are good at this (exceptionally low jitter) accept they throttle at 500 pings per second. On 09/09/16 15:00 -0500, Josh Reynolds wrote:
Can you elaborate?
On Sep 9, 2016 2:54 PM, "Dan White" <dwhite@olp.net> wrote:
Are there any products you're using which are dedicated to responding to customer facing pings?
-- Dan White BTC Broadband Network Admin Lead Ph 918.366.0248 (direct) main: (918)366-8000 Fax 918.366.6610 email: dwhite@olp.net http://www.btcbroadband.com
On Sep 9, 2016, at 4:08 PM, Dan White <dwhite@olp.net> wrote:
We're being caught up in some sort of peering dispute between Level 3 and Google (in the Dallas area), and we've fielded several calls from larger customers complaining of 40-50% packet loss (to 8.8.8.8) when there appears to be no actual service impacting loss.
We currently suggest customers use a Linux server to ping against, or another public host.
Ideally we'd like to use a hardware based ICMP system for customer use - Accedian NIDs are good at this (exceptionally low jitter) accept they throttle at 500 pings per second.
I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE, perhaps that card and code could be used to do 40G ICMP responder? - Jared
On Fri, Sep 9, 2016 at 4:17 PM, Jared Mauch <jared@puck.nether.net> wrote:
On Sep 9, 2016, at 4:08 PM, Dan White <dwhite@olp.net> wrote:
We're being caught up in some sort of peering dispute between Level 3 and Google (in the Dallas area), and we've fielded several calls from larger customers complaining of 40-50% packet loss (to 8.8.8.8) when there appears to be no actual service impacting loss.
We currently suggest customers use a Linux server to ping against, or another public host.
Ideally we'd like to use a hardware based ICMP system for customer use - Accedian NIDs are good at this (exceptionally low jitter) accept they throttle at 500 pings per second.
I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE, perhaps that card and code could be used to do 40G ICMP responder?
or, alternately test some useful application instead? I mean, 'wget' will tell you stats about the bw/etc... apache-bench will as well, and you can probably whip up some custom python/etc that'd do the same sort of thing.
On Fri, 9 Sep 2016, Jared Mauch wrote:
On Sep 9, 2016, at 4:08 PM, Dan White <dwhite@olp.net> wrote:
We're being caught up in some sort of peering dispute between Level 3 and Google (in the Dallas area), and we've fielded several calls from larger customers complaining of 40-50% packet loss (to 8.8.8.8) when there appears to be no actual service impacting loss.
We currently suggest customers use a Linux server to ping against, or another public host.
Ideally we'd like to use a hardware based ICMP system for customer use - Accedian NIDs are good at this (exceptionally low jitter) accept they throttle at 500 pings per second.
I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE, perhaps that card and code could be used to do 40G ICMP responder?
The trouble is, LOTS of people want to ping something "out on the internet" to verify their connectivity, and things like GOOG's 8.8.8.8 DNS servers are a popular lighthouse. I know from first hand experience (dealing with customers complaining about it), that GOOG, at least at some of the anycast nodes for the service, polices ICMP echo requests aimed at 8.8.8.8 due to the quantity of those unwanted packets. Having a cheap/small/powerful device that can be used as a ping target, and getting the masses to use it are two very different things. Dan, are your customers missing DNS responses, or just echo replies from 8.8.8.8? If the latter, ask what they'd do if thousands of people pinged one of their servers constantly. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On one of these lists around 6 months ago a Google network engineer confirmed they do rate limit icmp (aside from prioritisation). Unless there's a real issue here this is more about educating people. It's amazing how many still miss interpret trace routes these days. Kind regards James Greig
On 9 Sep 2016, at 23:29, Jon Lewis <jlewis@lewis.org> wrote:
On Fri, 9 Sep 2016, Jared Mauch wrote:
On Sep 9, 2016, at 4:08 PM, Dan White <dwhite@olp.net> wrote:
We're being caught up in some sort of peering dispute between Level 3 and Google (in the Dallas area), and we've fielded several calls from larger customers complaining of 40-50% packet loss (to 8.8.8.8) when there appears to be no actual service impacting loss.
We currently suggest customers use a Linux server to ping against, or another public host.
Ideally we'd like to use a hardware based ICMP system for customer use - Accedian NIDs are good at this (exceptionally low jitter) accept they throttle at 500 pings per second.
I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE, perhaps that card and code could be used to do 40G ICMP responder?
The trouble is, LOTS of people want to ping something "out on the internet" to verify their connectivity, and things like GOOG's 8.8.8.8 DNS servers are a popular lighthouse. I know from first hand experience (dealing with customers complaining about it), that GOOG, at least at some of the anycast nodes for the service, polices ICMP echo requests aimed at 8.8.8.8 due to the quantity of those unwanted packets.
Having a cheap/small/powerful device that can be used as a ping target, and getting the masses to use it are two very different things.
Dan, are your customers missing DNS responses, or just echo replies from 8.8.8.8? If the latter, ask what they'd do if thousands of people pinged one of their servers constantly.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Personally, I'd think twice before putting a box that does unthrottled reflection of ICMP packets to their claimed source anywhere, especially not one with a well-known address. Matthew Kaufman On Sat, Sep 10, 2016 at 2:01 AM James Greig <james@mor-pah.net> wrote:
On one of these lists around 6 months ago a Google network engineer confirmed they do rate limit icmp (aside from prioritisation).
Unless there's a real issue here this is more about educating people. It's amazing how many still miss interpret trace routes these days.
Kind regards
James Greig
Accedian NIDs are good at this (exceptionally low jitter) accept they throttle at 500 pings per second.
I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE, perhaps that card and code could be used to do 40G ICMP responder?
The trouble is, LOTS of people want to ping something "out on the internet" to verify their connectivity, and things like GOOG's 8.8.8.8 DNS servers are a popular lighthouse. I know from first hand experience (dealing with customers complaining about it), that GOOG, at least at some of the anycast nodes for the service, polices ICMP echo requests aimed at 8.8.8.8 due to the quantity of those unwanted packets.
Having a cheap/small/powerful device that can be used as a ping target, and getting the masses to use it are two very different things.
Dan, are your customers missing DNS responses, or just echo replies from 8.8.8.8? If the latter, ask what they'd do if thousands of people pinged one of their servers constantly.
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route | therefore you are _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
On 9 Sep 2016, at 23:29, Jon Lewis <jlewis@lewis.org> wrote:
On Fri, 9 Sep 2016, Jared Mauch wrote:
On Sep 9, 2016, at 4:08 PM, Dan White <dwhite@olp.net> wrote:
We're being caught up in some sort of peering dispute between Level 3 and Google (in the Dallas area), and we've fielded several calls from larger customers complaining of 40-50% packet loss (to 8.8.8.8) when there appears to be no actual service impacting loss.
We currently suggest customers use a Linux server to ping against, or another public host.
Ideally we'd like to use a hardware based ICMP system for customer use
Hello Dan, I think that Personar meets your needs Take a look at: http://www.perfsonar.net/about/what-is-perfsonar/ Regards, Pablo On Fri, Sep 9, 2016 at 4:52 PM, Dan White <dwhite@olp.net> wrote:
Are there any products you're using which are dedicated to responding to customer facing pings?
-- Dan White BTC Broadband Network Admin Lead Ph 918.366.0248 (direct) main: (918)366-8000 Fax 918.366.6610 email: dwhite@olp.net http://www.btcbroadband.com
participants (9)
-
Christopher Morrow -
Dan White -
James Greig -
Jared Mauch -
Jon Lewis -
Josh Reynolds -
Laszlo Hanyecz -
Matthew Kaufman -
Pablo Costa