barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
Steven M. Bellovin
smb at cs.columbia.edu
Mon May 7 00:47:23 UTC 2007
On Sun, 06 May 2007 20:27:20 -0400
Joe Maimon <jmaimon at ttec.com> wrote:
> Lincoln Dale wrote:
> >>traceroute/tcptraceroute show packet loss and MUCH higher rtt than
> >>the corresponding direct pings on the reported hop entries.
> >>Is this some sort of massaging or plain just "faking it"? Or is such
> >>things merely net-urban myth?
> > > > the vast majority of routers on the internet respond very
> > > > differently to
> > traffic 'directed at them' as opposed to traffic 'routed through
> > them'.
> Thanks for your reply.
> I did include icmp echo directly to each hop as a comparison.
Right, but from what you posted you didn't send 1500-byte packets. My
reaction was the same as Lincoln's -- it smells like a Path MTU
problem. To repeat -- ping and traceroute RTT from intermediate nodes
is at best advisory, especially on timing.
I should add -- DSL lines often use PPPoE, which in turn cuts the
effective MTU available for user packets. If the PMTUD ICMP packets
don't get through -- and they often don't, because of misconfigured
firewalls -- you're likely to see problems like this.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
More information about the NANOG