6.0 Northern California earthquake

[monochr]

$ sudo ping -f www.mit.edu

PING e9566.b.akamaiedge.net (184.24.249.86) 56(84) bytes of data.

....^C

--- e9566.b.akamaiedge.net ping statistics ---

728 packets transmitted, 724 received, 0% packet loss, time 10177ms

rtt min/avg/max/mdev = 25.935/38.167/131.406/16.421 ms, pipe 11, ipg/ewma 13.999/35.015 ms

http://www.geoiptool.com/en/?IP=184.24.249.86

My the server I'm testing this on is in Sydney, the server info on the geoip says I'm pinging somewhere in Cambridge, Massachusetts.

[dekhn]

There are many explanations which are simpler, that don't require faster than light photons.

In particular, your network path is sending you to a server which is in australia.

$ host 184.24.249.86 86.249.24.184.in-addr.arpa domain name pointer a184-24-249-86.deploy.static.akamaitechnologies.com.

trimmed mtr output:

19. sun1-ge5-0.gw.optusnet.com.au 57.1% 8 186.4 184.9 182.1 186.4 2.3 20. 198.142.144.70 42.9% 8 186.9 182.6 180.3 186.9 2.9 21. sun1-ge12-0-0-500.gw.optusnet.com.au 0.0% 7 179.7 180.3 179.5 182.3 0.8 a184-24-249-86.deploy.static.akamaitechnologies.com 22. 198.142.144.70 0.0% 7 185.6 184.6 179.5 194.2 4.9 a184-24-249-86.deploy.static.akamaitechnologies.com 23. a184-24-249-86.deploy.static.akamaitechnologies.com 0.0% 7 185.1 184.0 178.8 187.8 2.8

that's a cache of MIT's web site hosted in Australia (Akamai edge cache)

http://research.microsoft.com/en-us/um/people/ratul/akamai.h...

geoip is worthless in many situations, this being one of them.

[dekhn]

Also, most routers implement ICMP on a slow path (not on the data plane) so the reported latency can be higher than the path latency.

[jayd16]

The real wtf is that you need root to ping.

[ryan-c]

Sending ICMP traffic requires a raw socket which needs root to open. To that end, the ping command is normally installed suid root, though these days there are ways to selectively give programs extended privileges like that. Sometimes people do system hardening which removes the setuid bit on ping, requiring sudo to make it work.

[jayd16]

What do you know... TIL.

[koenigdavidmj]

The -f (flood) option requires that you be root, even when the binary is setuid root.

[wglb]

Check your local linux box with:

  file /bin/ping

and you will see that it is setuid to root.

[dekhn]

I think it depends on the distribution: https://wiki.archlinux.org/index.php/Capabilities seems to imply that ping could be used with CAP_NET_RAW capability instead of setuid root. http://blog.siphos.be/2013/05/capabilities-a-short-intro/ suggests that as well.