GTEI Filtering ICMP Echo/Echo Replies?
Happy Y2K to all! Looks as if GTEI has begun filtering ICMP type 0 and 8 (I hope that's all) through their backbone. I heard that this was because of DoS threats, but I haven't seen any other commentary on the subject. GTEIs NOC claims that they have made no changes. From some places I can get through the network, but others fail. CERFNet and others are clean. Traceroute works fine everywhere. Has anyone else seen anything similar? Regards, Christian
On Fri, Dec 31, 1999 at 12:14:20PM -0500, Martin, Christian wrote:
Happy Y2K to all! Looks as if GTEI has begun filtering ICMP type 0 and 8 (I hope that's all) through their backbone. I heard that this was because of DoS threats, but I haven't seen any other commentary on the subject. GTEIs NOC claims that they have made no changes. From some places I can get through the network, but others fail. CERFNet and others are clean. Traceroute works fine everywhere. Has anyone else seen anything similar?
Seems normal in their backbone from NYC to PaloAlto jesper@freesbee$ trace www.cisco.com traceroute to www.cisco.com (198.133.219.25), 30 hops max, 40 byte packets 1 eth9-0-0.sltnxt2.ip.tele.dk (193.162.159.76) 0.781 ms 0.572 ms 0.661 ms 2 atm0-0-0-72.60M.kd4nxi2.ip.tele.dk (195.249.7.89) 5.612 ms 5.485 ms 5.499 ms 3 atm0-0-0-76.60M.boanxt1.ip.tele.dk (195.249.7.106) 9.155 ms 8.939 ms 8.821 ms 4 feth4-0-0.100M.boanxi2.ip.tele.dk (195.249.5.202) 9.310 ms 9.295 ms 9.033 ms 5 pos1-0-0.155M.NewYorknxi2.ip.tele.dk (195.249.5.190) 87.537 ms 87.780 ms 87.641 ms 6 s4-0-1.nyc4-cr5.bbnplanet.net (4.1.78.5) 88.158 ms 88.162 ms 88.538 ms 7 p5-1.nyc4-nbr2.bbnplanet.net (4.0.3.158) 87.972 ms 88.012 ms 88.212 ms 8 p5-0.nycmny1-br1.bbnplanet.net (4.0.5.97) 88.870 ms 88.256 ms 88.378 ms 9 p4-0.nycmny1-br2.bbnplanet.net (4.24.6.226) 88.517 ms 88.075 ms 88.443 ms 10 p4-0.sanjose1-nbr2.bbnplanet.net (4.24.7.58) 149.304 ms 149.474 ms 149.642 ms 11 p1-0.sanjose1-nbr1.bbnplanet.net (4.0.5.85) 149.730 ms 150.000 ms 149.484 ms 12 p4-0.paloalto-nbr2.bbnplanet.net (4.0.1.1) 151.274 ms 150.704 ms 150.563 ms 13 p0-0-0.paloalto-cr18.bbnplanet.net (4.0.3.86) 151.082 ms 150.598 ms 153.603 ms 14 h1-0.cisco.bbnplanet.net (4.1.142.238) 149.434 ms 149.397 ms 149.661 ms 15 pigpen.cisco.com (192.31.7.9) 150.003 ms 149.898 ms 149.611 ms 16 www.cisco.com (198.133.219.25) 149.750 ms 149.862 ms 149.408 ms jesper@freesbee$ ping www.cisco.com PING www.cisco.com (198.133.219.25): 56 data bytes 64 bytes from 198.133.219.25: icmp_seq=0 ttl=226 time=150.271 ms 64 bytes from 198.133.219.25: icmp_seq=1 ttl=226 time=150.445 ms 64 bytes from 198.133.219.25: icmp_seq=2 ttl=226 time=149.324 ms /Jesper -- Jesper Skriver, jesper(at)skriver(dot)dk Work: Network manager @ AS3292 (Tele Danmark DataNetworks) Private: Geek @ AS2109 (A much smaller network ;-) One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them.
Martin, Christian writes:
Happy Y2K to all! Looks as if GTEI has begun filtering ICMP type 0 and 8 (I hope that's all) through their backbone.
No sign of this problem pinging to or from the bits of gtei's Florida links I've got systems (via mae-e or mae-w). ping shrike.parview.com ...
From ICON:
root@bigred[/var/www/apache/myadmin]# ping www.bbn.com PING www.bbn.com (128.11.41.197): 56 data bytes ^C --- www.bbn.com ping statistics --- 4 packets transmitted, 0 packets received, 100% packet loss
From Genuity:
motel-6 [/home/spork]# ping www.bbn.com PING www.bbn.com (128.11.41.197): 56 data bytes 64 bytes from 128.11.41.197: icmp_seq=0 ttl=244 time=44.895 ms 64 bytes from 128.11.41.197: icmp_seq=1 ttl=244 time=52.813 ms 64 bytes from 128.11.41.197: icmp_seq=2 ttl=244 time=39.077 ms As a bbn customer, I can say that we have not been informed of any such policy, and they are not filtering for us. Charles On Fri, 31 Dec 1999, Martin, Christian wrote:
Happy Y2K to all! Looks as if GTEI has begun filtering ICMP type 0 and 8 (I hope that's all) through their backbone. I heard that this was because of DoS threats, but I haven't seen any other commentary on the subject. GTEIs NOC claims that they have made no changes. From some places I can get through the network, but others fail. CERFNet and others are clean. Traceroute works fine everywhere. Has anyone else seen anything similar?
Regards, Christian
participants (4)
-
Charles Sprickman
-
Howard Goldstein
-
Jesper Skriver
-
Martin, Christian