North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Refusing Pings on Core Routers??? A new trend?

  • From: Deepak Jain
  • Date: Thu Oct 19 19:20:46 2006

This week, at least a dozen "troublesome" or "problematic" routes our NOC has investigated due to customer complaints all have double or triple digit latencies, jitter and/or packet loss.

Not really that surprising... a normal week when you are looking at the entire Internet.

What is interesting about *this* dozen that I am talking about is that the problematic hops (or just before the problematic hops) have all had various levels of filtering (trace, icmp trace, icmp everything, etc) that (or at least make more difficult) real corroboration of the "spot" samples that a trace route gives.

1 NOC (that will remain nameless even though they should really be shamed) said the following in response to the question -- when we were trying to diagnose +50ms jumps in their latency within a single POP.

Q: "As part of this, can you tell me why your router is prohibiting packets
being sent to our interface?"

A:" The reason you cannot hit your interface is it is blocked for
security reasons."

When we saw this (below) en route to our interface moving ~500mb/s from outside of our network (you know, that pesky symmetrical problem resolution). We were investigating the hop immediately after this hop.

9 bcs1-so-3-1-0.y.x.z (x.x.x.x) 12.395 ms !N
11.824 ms !N 14.162 ms !N

[Clever folks will know by the interface naming who I am talking about].

What the heck is going on lately? Have we returned to the time where we've started trying to hide lacks of capacity instead of fixing them??


Did I miss the conspiracy?? I know my membership dues are all paid up.
If this has been going on a while, I apologize I guess I've just noticed the trend in our shift reports.

Deepak Jain