Revealed: The Internet's well known BGP behavior

Thu Aug 28 04:10:43 UTC 2008

On Aug 27, 2008, at 11:47 PM, John Lee wrote:

> The traceroute utility that I used gave me a list of hops that the  
> packet I was interested in transited and a time when it transited  
> the hop. When the TTL was reached it would terminate the listing.

You are very confused how traceroute works.

Being confused is fine.  Lots of people are confused & ignorant.  In  
fact, everyone is ignorant about more things than they are educated  
about.  However, when people like Adrian, who are clearly more versed  
in the technology than you are, try to educate you, ignoring his kind  
help and repeating your confusion to 10s of 1000s of your not-so-close  
friends is not fine.

Please read Adrian's post again, read about traceroute, and try not to  
post until you have understood them.  (To be clear, if you come to the  
conclusion you are right and Adrian is wrong it means you have _not_  
understood them.)

> When ever I had performance issues on my networks or with my  
> networks links it would indicate if the standard route was being  
> taken or another one. When certain links went down several  
> additional hops would be added to the list.

The fact you do not understand how traceroute works makes it obvious  
why you misunderstand how to diagnosis something from that lack of  
understanding.

>> VPN's and MPLS control intermediate hops and IPsec and SSL do not  
>> allow the info to be seen.
>>

"VPNs" do no such thing.  To prove this to yourself, realize that  
IPsec and SSL are both types of "VPNs".

Encrypting the data is very useful.  Hell, Anthony & Alex say so  
themselves.  But that wasn't the point of the presentation.  (And  
we'll ignore the fact that the size, speed, and even existence of a  
data stream - encrypted or not - might be useful information to a  
miscreant.)

Lastly, can you show me a single inter-AS MPLS deployment?  When you  
can, then you can use that as a method to avoid this h4x0r.

-- 
TTFN,
patrick