[fedora-virt] Slow virtual ping

Dennis Jacobfeuerborn dennisml at conversis.de
Tue Jan 17 21:07:50 UTC 2012 

Nowhere did he indicate that he used a ping flood. Just having ping run for 
some time isn't a flood.

Regards,
   Dennis

On 01/17/2012 09:56 PM, Anthony Vanover wrote:
> Yeah, you're sending a ping flood to your virtual host. Be sure to
> terminate ping after a few replies with Ctrl+C. Anyways, a ping flood is
> a DDoS attack which overwhelms the victim with ICMP Echo Requests or
> "Ping Packets". An attacker hopes that the victim will respond with ICMP
> Echo Reply packets so that both incoming and outgoing traffic bandwidth
> is consumed. Eventually, the target host's CPU cycles will be filled and
> the system will notice a major slowdown. Obviously, this attack is most
> successful when the attacker's bandwidth is greater than the hosts. In
> your case, your host is virtual. So, it's fair to say that the virtual
> host has either equal or less than your physical bandwidth. In short,
> that's normal to see such a slowdown (either from consumed CPU cycles or
> policy of the host being set not to send ICMP Echo Reply). Why would you
> want to ping for several hours anyways?
>
> On Tue, 2012-01-17 at 12:00 +0000, virt-request at lists.fedoraproject.org
> wrote:
>> Message: 2
>> Date: Mon, 16 Jan 2012 18:56:38 +0100
>> From: Andrés García<andres at verot.com>
>> To: virt at lists.fedoraproject.org
>> Subject: [fedora-virt] Slow virtual ping
>> Message-ID:<4F1464D6.7000702 at verot.com>
>> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>>
>> Hello,
>>
>> I am having a problem trying to setup a F16 machine as a virtual host.
>>
>> For example, I have another F16 installed as a virtual guest. If I ping it
>> just after the host boots I get something like:
>>
>> PING 192.168.0.158 (192.168.0.158) 56(84) bytes of data.
>> 64 bytes from 192.168.0.158: icmp_seq=1 ttl=64 time=0.358 ms
>> 64 bytes from 192.168.0.158: icmp_seq=2 ttl=64 time=0.377 ms
>> 64 bytes from 192.168.0.158: icmp_seq=3 ttl=64 time=0.317 ms
>> 64 bytes from 192.168.0.158: icmp_seq=4 ttl=64 time=0.336 ms
>> 64 bytes from 192.168.0.158: icmp_seq=5 ttl=64 time=0.293 ms
>> 64 bytes from 192.168.0.158: icmp_seq=6 ttl=64 time=0.334 ms
>> 64 bytes from 192.168.0.158: icmp_seq=7 ttl=64 time=0.353 ms
>> 64 bytes from 192.168.0.158: icmp_seq=8 ttl=64 time=0.350 ms
>> 64 bytes from 192.168.0.158: icmp_seq=9 ttl=64 time=0.291 ms
>> [...]
>>
>> Which is very reasonable, but after some time, I can't tell you
>> how much exactly, maybe half an hour, I get:
>>
>> PING 192.168.0.158 (192.168.0.158) 56(84) bytes of data.
>> 64 bytes from 192.168.0.158: icmp_seq=1 ttl=64 time=22.5 ms
>> 64 bytes from 192.168.0.158: icmp_seq=2 ttl=64 time=20.8 ms
>> 64 bytes from 192.168.0.158: icmp_seq=3 ttl=64 time=19.1 ms
>> 64 bytes from 192.168.0.158: icmp_seq=4 ttl=64 time=17.9 ms
>> 64 bytes from 192.168.0.158: icmp_seq=5 ttl=64 time=16.8 ms
>> 64 bytes from 192.168.0.158: icmp_seq=6 ttl=64 time=15.2 ms
>> 64 bytes from 192.168.0.158: icmp_seq=7 ttl=64 time=14.1 ms
>> 64 bytes from 192.168.0.158: icmp_seq=8 ttl=64 time=13.2 ms
>> 64 bytes from 192.168.0.158: icmp_seq=9 ttl=64 time=11.7 ms
>> 64 bytes from 192.168.0.158: icmp_seq=10 ttl=64 time=9.76 ms
>> 64 bytes from 192.168.0.158: icmp_seq=11 ttl=64 time=7.86 ms
>> 64 bytes from 192.168.0.158: icmp_seq=12 ttl=64 time=6.63 ms
>> 64 bytes from 192.168.0.158: icmp_seq=13 ttl=64 time=5.27 ms
>> 64 bytes from 192.168.0.158: icmp_seq=14 ttl=64 time=3.79 ms
>> 64 bytes from 192.168.0.158: icmp_seq=15 ttl=64 time=1.83 ms
>> 64 bytes from 192.168.0.158: icmp_seq=16 ttl=64 time=99.8 ms
>> 64 bytes from 192.168.0.158: icmp_seq=17 ttl=64 time=97.9 ms
>> 64 bytes from 192.168.0.158: icmp_seq=18 ttl=64 time=96.8 ms
>> 64 bytes from 192.168.0.158: icmp_seq=19 ttl=64 time=95.2 ms
>> 64 bytes from 192.168.0.158: icmp_seq=20 ttl=64 time=94.5 ms
>> 64 bytes from 192.168.0.158: icmp_seq=21 ttl=64 time=92.9 ms
>> 64 bytes from 192.168.0.158: icmp_seq=22 ttl=64 time=91.9 ms
>> 64 bytes from 192.168.0.158: icmp_seq=23 ttl=64 time=90.7 ms
>> 64 bytes from 192.168.0.158: icmp_seq=24 ttl=64 time=88.9 ms
>> 64 bytes from 192.168.0.158: icmp_seq=25 ttl=64 time=87.9 ms
>> 64 bytes from 192.168.0.158: icmp_seq=26 ttl=64 time=87.7 ms
>> 64 bytes from 192.168.0.158: icmp_seq=27 ttl=64 time=85.9 ms
>> 64 bytes from 192.168.0.158: icmp_seq=28 ttl=64 time=84.8 ms
>> [...]
>>
>> Now ping answers are much slower for no reason I can see and
>> they don't get back to 'normal' unless I reboot the host.
>>
>> I have two network interfaces, the one in the motherboard for the
>> host to use and another one (PCI) which is bridged for the guests.
>>
>> The host keeps answering pings in less than 1ms without a problem.
>>
>> The guest has a virtio network interface.
>>
>> During these tests the F16 guests is the only guest running, I have also
>> tried them with a Win7 guest and pretty much the same thing happens.
>>
>> Do you have any idea what could be the problem?
>>
>> Thanks,
>> Andres
>>
>
>
>
> _______________________________________________
> virt mailing list
> virt at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/virt

More information about the virt mailing list