nanog mailing list archives
Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
From: Adrian Chadd <adrian () creative net au>
Date: Mon, 7 May 2007 09:49:48 +0800
On Sun, May 06, 2007, Joe Maimon wrote:
When the cards consistently fall in certain patterns, you can actually read them quite easily.
Not if the cardplayer is lying..
The standard control plane arguments dont apply when the pattern holds all the way through to equipment under your {remote-}control. In this specific instance, I find interesting the disparity of results between each hop ICMP echo and traceroute time exceeded processing, all the way up to the final hop. I wouldnt care if the application protocols rode well, but they dont seem to.
Have you fired up ethereal/wireshark at either end and sniffed the packet flow to see exactly whats going on under these circumstances? Is there a difference between IPSEC and normal TCP traffic? Whats handling your IPSEC at either end? etc, etc. I've got plenty of graphs available which show modern Cisco equipment holding -horrible- ping variance compared to forwarding variance. Eg - Cat 4500 acting as LAN router and switch having ping RTT between <1ms and 15ms, but forwarding ping RTT (ie, to a PC at the other end doing 100% bugger all) is flat sub-1ms. (Makes for some -very- interesting VoIP statistics if you're not careful.) I say "You need more information before jumping to conclusions" and "the information you have, whilst probably quite valid when correlated with other information, isn't going to be very helpful by itself." Adrian
Current thread:
- barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Adrian Chadd (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Steven M. Bellovin (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Jo Rhett (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Peter Dambier (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Jo Rhett (May 07)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Min (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 07)