[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Recommendation of Tools

Subject: Recommendation of Tools
From: list-only at dnz.se (Anders Lindbäck)
Date: Thu, 4 Dec 2008 17:05:53 +0100
In-reply-to: <[email protected]>
References: <084962C061414240A0CDB4BE328A9B2D0BB10BAED8@GVW1100EXC.americas.hpqcorp.net> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

On 4 dec 2008, at 14.05, Pekka Savola wrote:

> On Wed, 3 Dec 2008, Anders Lindb?ck wrote:
>> Mtr is even less usefull then that, in its default mode it does a  
>> traceroute and then proceeds to ICMP Ping flood each IP in the  
>> list generated by the traceroute, the result is usually completly  
>> useless on WAN topologies due to asym-routing, ICMP node  
>> protections by carriers and punting etc..
>
> No, it doesn't try pinging the routers in the middle, at least not  
> anymore (I just re-checked with 0.71 and 0.75).  I vaguely recall  
> behaviour like that in the past, however, so it's possible that  
> long time ago mtr did behave that way.
>

According to the 0.75 sorcecode ICMP is still the default prot used,  
and the definition of MTR from bitwizards homepage disagress with you:

"mtr combines the functionality of the 'traceroute' and 'ping'  
programs in a single network diagnostic tool.
As mtr starts, it investigates the network connection between the  
host mtr runs on and a user-specified destination host. After it  
determines the address of each network hop between the machines, it  
sends a sequence ICMP ECHO requests to each one to determine the  
quality of the link to each machine. As it does this, it prints  
running statistics about each machine. For a preview take a look at  
the screenshots."

Even if you use UDP/TCP or whatever, the return packet will be ICMP  
and that will be ratelimited by any carrier worth there salt...

>> And using UDP will not really provide better results due to the  
>> same thing, and IIRC Cisco from 12.0 has a standard setting of no  
>> more then 1 ICMP Unreach per 500ms..
>
> This is true and the point I was getting at, though I believe the  
> bucket is much larger in any recent software release (also in 12.0  
> series).  Actually, 5 years ago, you could see spot Cisco routers  
> in "traceroute6" because they dropped the rate-limiter didn't  
> respond to the middle packet and it resulted in a star.  The rate- 
> limiter has long since been fixed to be more lenient.
>

According to the 12.4T refrence it is still set to 1 packet / 500ms  
as default, however changes where made to how you can controll this  
in 12.4(2)T.

> -- 
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

------------------------------
Anders Lindb?ck
anders.lindback at dnz.se

Follow-Ups:
- Recommendation of Tools
  - From: grinch at panix.com (Craig Holland)

References:
- Recommendation of Tools
  - From: kin-wei.lee at hp.com (Lee, Steven (NSG Malaysia))
- Recommendation of Tools
  - From: andy-nanog at bash.sh (Andrew Mulholland)
- Recommendation of Tools
  - From: pekkas at netcore.fi (Pekka Savola)
- Recommendation of Tools
  - From: tony at lava.net (Antonio Querubin)
- Recommendation of Tools
  - From: pekkas at netcore.fi (Pekka Savola)
- Recommendation of Tools
  - From: list-only at dnz.se (Anders Lindbäck)
- Recommendation of Tools
  - From: pekkas at netcore.fi (Pekka Savola)

Prev by Date: Telecom Collapse?
Next by Date: Telecom Collapse?
Previous by thread: Recommendation of Tools
Next by thread: Recommendation of Tools
Index(es):
- Date
- Thread