nanog mailing list archives
Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Sun, 6 May 2007 20:47:23 -0400
On Sun, 06 May 2007 20:27:20 -0400 Joe Maimon <jmaimon () ttec com> wrote:
Lincoln Dale wrote:traceroute/tcptraceroute show packet loss and MUCH higher rtt than the corresponding direct pings on the reported hop entries. Is this some sort of massaging or plain just "faking it"? Or is such things merely net-urban myth?the vast majority of routers on the internet respond very differently totraffic 'directed at them' as opposed to traffic 'routed through them'.Thanks for your reply. I did include icmp echo directly to each hop as a comparison.
Right, but from what you posted you didn't send 1500-byte packets. My
reaction was the same as Lincoln's -- it smells like a Path MTU
problem. To repeat -- ping and traceroute RTT from intermediate nodes
is at best advisory, especially on timing.
I should add -- DSL lines often use PPPoE, which in turn cuts the
effective MTU available for user packets. If the PMTUD ICMP packets
don't get through -- and they often don't, because of misconfigured
firewalls -- you're likely to see problems like this.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Adrian Chadd (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Steven M. Bellovin (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 06)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Jo Rhett (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Peter Dambier (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Jo Rhett (May 07)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 06)
- RE: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Lincoln Dale (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Min (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Joe Maimon (May 07)
- Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec Adrian Chadd (May 07)