Closed realkinetix closed 3 years ago
When a server doesn't return any ping, it might be because the ICMP port is closed to outside traffic, which doesn't say much about how healthy it is.
Well, except that it generally means that too much is filtered, which often brings about other basic network health issues. People went a little crazy a decade (and more) ago with blocking ping as a security practice, but unless it's filtered carefully (which generally means leaving echo-reply on), it winds up being worse than not filtering at all.
A few outside resources on this, and I apologise if you're already familiar with all of this:
http://shouldiblockicmp.com/ https://blog.paessler.com/disabling-icmp-and-snmp-wont-increase-security-but-will-impact-network-monitoring https://blog.securityevaluators.com/icmp-the-good-the-bad-and-the-ugly-130413e56030?gi=1bb97124826f
There definitely has been a lot to think about with it over the years, so take any of those for what they're worth. From my experience, though, running a server and service online is not really a good place to stop icmp-echo.
Relating strictly to the friendica server directory, it increases the time to evaluate a server (all other metrics being equal), and reduces the number of metrics one could be using to try and produce a useful health score for users, so, just on those points I would be tempted to push for a score modification based on the (lack of) icmp echo response.
Ah, thanks for the elaboration, I didn't think about that. I guess we can substract a few max points if the ping doesn't go through.
I would suggest doing a $delta -= 5 instead (or maybe even less than 5... whatever you consider one 'notch', I suppose)?
There are two different ways of impacting the score: Either limiting the maximum score for a structural issue (unstable version, no access to ping) and delta for a temporary issue (HTML error code for expected accessible endpoints). This delta will be applied every time the server is checked and the temporary condition still occurs, possibly sinking the score into the negative. I don't think the blocked ping should produce this kind of outcome, but it should limit the maximum score a server can get even if everything else checks out.
Ah, ok, yes, lowering it every check wouldn't be the desired outcome.
In reading src/classes/Pollers/Server.php, it appears that if a server doesn't respond to ping, avg_ping and speed_score are set to NULL values, but then it doesn't appear that the NULL is taken in to account later on.
I believe a server returning a healthy ping should influence/modify the rest of the http probe speed results, and if a server doesn't ping it should have a health penalty applied.