I would argue against this as a general feature and plead for very careful consideration of any default values offered to the user.
ICMP Echo across a ISP network no longer reflects the behaviour of forwarded packets. Firstly, on each processor us ISPs rate limit responds to ping. So if you don't get a response you don't know if it is the rate-limiting or a failure. Secondly, to prevent ping flooding ICMP Echo (and some other misused protocols) often get their own QoS class with limited bacndwidth. That class can experience congestion not seen by non-diagnostic traffic. Thirdly, if the ping target filters ICMP Echo -- viewing your non-diagnostic use as misuse -- then you will declare the link down. Based on the unfortunate experience with NTP I can tell you that some embedded systems will hardcode the target IP address and the bandwidth implications of pings from millions of embedded systems will cause the target to drop pings, even if that drops people's connections. If you are going to offer a default address then that address should refer to your own global anycast network of ping responders. Furthermore you should be prepared to cope with the high administration cost of dealing with misuse of that service (for example, you'd need to use enough prefixes via enough ASs to prevent a simple BGP hiajack from taking all the systems offline). That's fine for Microsoft, less so for Linux distributors. You should certainly not use the addresses of the root nameservers or of other network infrastructure. What I would suggest instead is a kernel patch to monitor TCP connection dropouts from TCP connection timeouts, user abandonments and ICMP unreachables. If you get an episode where all connections routing out the same interface experience connection loss then punt that into userspace. NetworkManager could then use that signalling to attempt to reestablish the interface's link (after logging the interface stats and link stats to allow for post-episode investigation). You'd want to show some care automatically restarting links, as some technologies have a small charge for a new link connection and this can rapidly add up. I think there's a good argument for an exponential backoff and that if a link is substantially dodgy then NM simply abandons attempts at link restart and leaves it to the network administration to actually fix the issue. I hope this mail suggests that NetworkManager is part of a network ecosystem and for this particular feature fitting into the ecosystem well is vital and needs close consideration. -glen -- Glen Turner <http://www.gdt.id.au/~gdt/> _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
