Personally, I'd think twice before putting a box that does unthrottled reflection of ICMP packets to their claimed source anywhere, especially not one with a well-known address.
Matthew Kaufman On Sat, Sep 10, 2016 at 2:01 AM James Greig <ja...@mor-pah.net> wrote: > On one of these lists around 6 months ago a Google network engineer > confirmed they do rate limit icmp (aside from prioritisation). > > Unless there's a real issue here this is more about educating people. > It's amazing how many still miss interpret trace routes these days. > > Kind regards > > James Greig > > > On 9 Sep 2016, at 23:29, Jon Lewis <jle...@lewis.org> wrote: > > > >> On Fri, 9 Sep 2016, Jared Mauch wrote: > >> > >> > >>> On Sep 9, 2016, at 4:08 PM, Dan White <dwh...@olp.net> wrote: > >>> > >>> We're being caught up in some sort of peering dispute between Level 3 > and > >>> Google (in the Dallas area), and we've fielded several calls from > larger > >>> customers complaining of 40-50% packet loss (to 8.8.8.8) when there > appears > >>> to be no actual service impacting loss. > >>> > >>> We currently suggest customers use a Linux server to ping against, or > >>> another public host. > >>> > >>> Ideally we'd like to use a hardware based ICMP system for customer use > - > >>> Accedian NIDs are good at this (exceptionally low jitter) accept they > >>> throttle at 500 pings per second. > >> > >> I know that the NETNOD folks did NTP in a FPGA that can do 4x 10GE, > >> perhaps that card and code could be used to do 40G ICMP responder? > > > > The trouble is, LOTS of people want to ping something "out on the > internet" to verify their connectivity, and things like GOOG's 8.8.8.8 DNS > servers are a popular lighthouse. I know from first hand experience > (dealing with customers complaining about it), that GOOG, at least at some > of the anycast nodes for the service, polices ICMP echo requests aimed at > > 8.8.8.8 due to the quantity of those unwanted packets. > > > > Having a cheap/small/powerful device that can be used as a ping target, > and getting the masses to use it are two very different things. > > > > Dan, are your customers missing DNS responses, or just echo replies from > 8.8.8.8? If the latter, ask what they'd do if thousands of people pinged > one of their servers constantly. > > > > ---------------------------------------------------------------------- > > Jon Lewis, MCP :) | I route > > | therefore you are > > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ > >