ICMP limiting by a device in the network path detected

A form of rate limiting of ICMP packets has been detected. This is typically due to a firewall or similar device which purposely treats ICMP differently from other protocols.

Recommended action

  • Disregard Delivery monitoring tests at this hop and any downstream hops.
  • To produce reliable test results for these hops, try reducing packets per burst value to 5 and retest.
  • If the limiting device is a firewall and you wish to eliminate the rate limiting of ICMP packets, try reconfiguring the firewall.

Detailed explanation

Most of the Delivery monitoring test results rely on the fact that ICMP packet patterns are treated equally to other protocols. In this case, the rate of ICMP packets is limited to the extent that the majority of Delivery monitoring results are not measurable. Typically this behavior is exhibited by IP handsets and firewalls, such as those produced by Checkpoint and other vendors.

To allow the Delivery monitoring test traffic to escape the effects of the limiter, try reducing the packets per burst value to 5. This may allow Delivery monitoring to produce complete performance and diagnostic results. In the case of firewalls, another possible solution would be to reconfigure the firewall to allow Delivery monitoring test traffic to pass without impairment. This would require administrative access to the firewall device. In the case of IP handsets, a rate limiting diagnostic is not normally a cause for concern because it merely reflects that handsets are not designed to process application data and don't have the internal networking power required to do so.

Possible secondary messages

  • "Checkpoint firewall is likely device"
  • "May be due to a firewall or similar border device"