[Outages-discussion] [outages] Ping to Google 8.8.8.8

Jay R. Ashworth jra at baylink.com
Sat Feb 19 17:46:33 EST 2022 

----- Original Message -----
> From: "Damian Menscher" <damian at google.com>

> On Wed, Feb 9, 2022 at 4:00 PM Jay R. Ashworth <jra at baylink.com> wrote:

>> 2) Device wants to know if it's connected to the Greater Internet
>>
>> 3) Device wants to know *exactly when it loses contact* with the greater
>> Internet.
>>
>> The first two are pretty easy for the Internet (or people who said "y'know
>> what'd be really cool!?  Let's pick an IP for our DNS customer resolver
>> servers that's a really memorable numerical pun!" and then that bit them, like the
>> owners of 1.1.1.1, 4.2.2.x, 8.8.4.4 and 8.8.8.8) to absorb, even at scale, without
>> all that much trouble at the *traffic* layer (which, as I noted, is
>> separate from the layer 8 or 9 bitching).
[ ... ]
>> The 2006 D-Link NTP vandalism incident is the canonical example here:
>>
>> https://web.archive.org/web/20060408150155/http://people.freebsd.org/~phk/dlink/

> To give a sense of scale, 8.8.8.8 receives a steady-state 12Mpps (roughly
> one 10Gbps link) of ICMP ECHO_REQUEST traffic.  This is mostly from
> millions of devices monitoring with one ping each second, but there are a
> few top-talkers just leaving a ping -f running all day.

I have that as 12,000,000 * 64 bytes = 768MB, an order and a half of magnitude 
less than you.  1GB/s.  No?

Sure, it's a big hose, but this *is* Google we're talking about here; if their
aggregate connectivity in the US isn't *well* over 1TB/s, I'll eat it.

> Where do we go from here?  Personally, I'd love to just turn it off for 24h
> each April 1 to help identify all the broken devices that inappropriately
> depend on it.  If this were an annual occurrence perhaps vendors would stop
> producing abusive gear?  (Or perhaps they'd just ping additional unwilling
> victims for redundancy....)

Not a bad idea.

Or we could roll ICMP to high-profile DNS resolvers into BCP38 edge blocking,
though the website below has been up for like 10 years now, with little
wide-scale uptake I can find... :-}

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates       http://www.bcp38.info          2000 Land Rover DII
St Petersburg FL USA      BCP38: Ask For It By Name!           +1 727 647 1274

More information about the Outages-discussion mailing list