Re: ping_test

I would argue against this as a general feature and plead for very careful 
consideration of any default values offered to the user.

ICMP Echo across a ISP network no longer reflects the behaviour of 
forwarded packets.

Firstly, on each processor us ISPs rate limit responds to ping. So if you 
don't get a response you don't know if it is the rate-limiting or a 

Secondly, to prevent ping flooding ICMP Echo (and some other misused 
protocols) often get their own QoS class with limited bacndwidth. That 
class can experience congestion not seen by non-diagnostic traffic.

Thirdly, if the ping target filters ICMP Echo -- viewing your 
non-diagnostic use as misuse -- then you will declare the link down. Based 
on the unfortunate experience with NTP I can tell you that some embedded 
systems will hardcode the target IP address and the bandwidth implications 
of pings from millions of embedded systems will cause the target to drop 
pings, even if that drops people's connections.

If you are going to offer a default address then that address should refer 
to your own global anycast network of ping responders. Furthermore you 
should be prepared to cope with the high administration cost of dealing 
with misuse of that service (for example, you'd need to use enough 
prefixes via enough ASs to prevent a simple BGP hiajack from taking all 
the systems offline). That's fine for Microsoft, less so for Linux 
distributors. You should certainly not use the addresses of the root 
nameservers or of other network infrastructure.

What I would suggest instead is a kernel patch to monitor TCP connection 
dropouts from TCP connection timeouts, user abandonments and ICMP 
unreachables. If you get an episode where all connections routing out the 
same interface experience connection loss then punt that into userspace. 
NetworkManager could then use that signalling to attempt to reestablish 
the interface's link (after logging the interface stats and link stats to 
allow for post-episode investigation).

You'd want to show some care automatically restarting links, as some 
technologies have a small charge for a new link connection and this can 
rapidly add up. I think there's a good argument for an exponential backoff 
and that if a link is substantially dodgy then NM simply abandons attempts 
at link restart and leaves it to the network administration to actually 
fix the issue.

I hope this mail suggests that NetworkManager is part of a network 
ecosystem and for this particular feature fitting into the ecosystem well 
is vital and needs close consideration.


Glen Turner <>

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]