barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
Joe Maimon
jmaimon at ttec.com
Mon May 7 01:12:34 UTC 2007
Lincoln Dale wrote:
>>
>>I did include icmp echo directly to each hop as a comparison.
>
>
> i guess what i'm saying is that you can't read much from the backscatter of
> what a either:
> - ping of each hop
> - eliciting a response from each hop (as traceroute does)
> as the basis for determining much.
>
> you can perhaps derive SOME meaning from it, but that meaning rapidly
> diminishes when there are multiple intermediate networks involved, some of
> which you have no direct connectivity to verify problems with easily, likely
> different return path for traffic (asymmetric routing) etc.
When the cards consistently fall in certain patterns, you can actually
read them quite easily.
The standard control plane arguments dont apply when the pattern holds
all the way through to equipment under your {remote-}control.
In this specific instance, I find interesting the disparity of results
between each hop ICMP echo and traceroute time exceeded processing, all
the way up to the final hop.
I wouldnt care if the application protocols rode well, but they dont
seem to.
>
> as i said before, if you have such terrible ssh/IPSec type performance, far
> less than you think is reasonable, then my money is on a MTU issue, and
> probably related to your DSL-based final hops.
>
>
> cheers,
>
> lincoln.
>
>
>
More information about the NANOG
mailing list