Hi RIPE NCC, hi all,
In today's troubleshooting adventure, an operator experienced difficulty
pinpointing where exactly a connectivity issue between them and
rpki.ripe.net (193.0.6.138 + 2001:67c:2e8:22::c100:68a) resided.
It would be helpful if RIPE NCC reverted disabling responding to ICMP
echo requests originating from the Internet. Would it be possible to
adjust the firewall settings to accomodate troubleshooting and
monitoring?
Right now connectivity testing has to be performed directly against the
rsync daemon's internet-exposed TCP port (873) - but it would be much
cheaper and faster for both the tester and the service hoster if instead
ICMP echo requests could be used as an early warning system (rather than
the rsync service itself).
$ ping -c 6
rpki.ripe.net PING
rpki.ripe.net (193.0.6.138): 56 data bytes
---
rpki.ripe.net ping statistics ---
6 packets transmitted, 0 packets received, 100.0% packet loss
The above test result differs compared to sending echo requests to
molamola.ripe.net or
manus.authdns.ripe.net.
Kind regards,
Job