nanog mailing list archives
Re: ICMP Blocking Woes
From: "Stephen J. Wilcox" <steve () telecomplete co uk>
Date: Thu, 2 Oct 2003 16:58:22 +0000 (GMT)
Lo! On Thu, 2 Oct 2003, Sean Donelan did sayeth:
Various ISPs have been trying lots of different ICMP filters. You can see some of the impact on the Internet average graphs from XAffire. http://www.xaffire.com/press/ea/EA20030902_images?rf=EM005 Xaffire/Matrix Systems apparently used ping packets that were the same size as those being filtered by some ISPs. According to Xaffire service providers implementing filters included Cable & Wireless and Level 3.
It does raise the question of whether ICMP Echo is a good mechanism for monitoring systems that are across third party networks. I personally think that filtering ICMP is becoming less useful and you would get better results using other probe methods eg SYN/RST as deployed by numerous port scanning tools eg nmap Steve
Current thread:
- Re: ICMP Blocking Woes Kevin Oberman (Oct 01)
- <Possible follow-ups>
- Re: ICMP Blocking Woes Sean Donelan (Oct 01)
- Re: ICMP Blocking Woes Stephen J. Wilcox (Oct 02)
- PING monitoring (was Re: ICMP Blocking Woes) Sean Donelan (Oct 03)
- Re: ICMP Blocking Woes Stephen J. Wilcox (Oct 02)