Path: utzoo!attcan!uunet!lll-winken!lll-tis!ames!hc!hi.unm.edu!cyrus From: cyrus@hi.unm.edu (Tait Cyrus) Newsgroups: comp.protocols.tcp-ip Subject: Re: ICMP's & IP src addrs Message-ID: <23641@hi.unm.edu> Date: 20 Sep 88 00:23:08 GMT References: <23634@hi.unm.edu> <8809151450.AA23101@ucbvax.Berkeley.EDU> <24915@bu-cs.BU.EDU> <22185@sgi.SGI.COM> Reply-To: cyrus@hi.unm.edu (Tait Cyrus) Distribution: na Organization: U. of New Mexico, Albuquerque Lines: 45 In article <22185@sgi.SGI.COM> vjs@rhyolite.SGI.COM (Vernon Schryver) writes: >In article <24915@bu-cs.BU.EDU>, kwe@bu-cs.BU.EDU (kwe@bu-it.bu.edu (Kent W. England)) writes: >> No, no, no. ICMP messages are special, because they are error >> messages. They must be treated carefully and conservatively. > >That means my favorite diagnostic tool and stress test will go away: >`ping -f', where 'ping' takes '-f' as 'flood the target at >100 packets/sec.' (100 p/s * >100 hosts = ?) Believe it or not, this >can be quite useful for constructive purposes. Tho it will break my >heart, this tool should go to the same retirement home as the old >Atoms-for-Piece plan for digging a new Panama canal. > >The usefulness of the relatively innocuous 'ping ' to see >what's there can be duplicated with a small program which sends to all >possible host addresses (paying attention to netmask). Modern machines >can generate at least a couple hundred packets/sec from user code. (At >least our's and our competator's are much better than that. :-) Thus >in any situation where you don't expect too many responses for the test >to social acceptible, it would take the new program only seconds to do >the same thing. I agree, though there are some problems. I have a class B address with a netmask giving me 2k possible addresses. Assuming 100 p/s, that is about 20 seconds. Although this is not a very long period of time, you would never see this speed because for each IP address, your machine has to arp the IP address. Since most IP addresses are not used, at least on our net at the current time, a lot of time would be spent waiting for the arp replies. Besides, I would probably blow out my machines arp table with 2k entries. As far as what the correct response to such a "request" should be, we will have to wait for the new hosts requirements RFC (any ideas where I can get a copy of the draft???). >Vernon Schryver -- Silicon Graphics --- @__________@ W. Tait Cyrus (505) 277-0806 /| /| University of New Mexico / | / | Dept of ECE - Parallel Processing Research Group @__|_______@ | Albuquerque, New Mexico 87131 | | | | | | hc | | e-mail: | @.......|..@ cyrus@pprg.unm.edu | / | / @/_________@/