RE: Keep-alive traffic (was iSCSI: more on StatRN)

["Douglas Otis" <dotis@sanlight.net>]

Glen,

No, there is a response within the SCSI transport protocol that is used to
inspect the connection.  ICMP could not provide that function.

Doug

> Charles Monia wrote:
> >
> > I assume the objection is only to mandatory keep alive.
> >
> > In high-availabilty scenarios, pinging of some sort goes on all
> the time to
> > detect when an otherwise long-dormant node loses connectivity or becomes
> > brain-dead.
>
> I hope you don't mean ICMP Echo Request and ICMP Echo Reply.  These
> are unreliable across the Internet, as backbone ISPs rate limit them
> to reduce the impact of denial of service attacks.
>
> Ironically, the more available the Internet infrastructure, the stricter
> the ICMP rate limiting that needs to be performed.  So an application
> that uses ICMP Echo Request to enhance availability is counter-productive,
> as it will fail when running over a public Internet that is designed
> to have high availability.
>
> It is desirable that high-availability applications can run across
> a high-availability public Internet as this allows geographical
> redundancy.
>
> Thus the need for an iSCSI Echo Request and Echo Reply.  As these run
> over an authenticated link, the ISP need not rate limit these.  The
> iSCSI protocol does need to be careful not to allow unauthenticated
> Echo Replies to become a channel that can be used to launch a DoS
> attack (eg: from a public iSCSI server such as a CD-ROM jukebox).
>
> Glen
>
> PS: A bit of background.  I'm a network engineer for the Australian
>     Academic and Research Network.  We are in the process of constructing
>     a multi-gigabit public Internet with 99.999% availability.
>