Recommendation of Tools

• Previous message (by thread): Recommendation of Tools
• Next message (by thread): Recommendation of Tools
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4 dec 2008, at 14.05, Pekka Savola wrote:

> On Wed, 3 Dec 2008, Anders Lindbäck wrote:
>> Mtr is even less usefull then that, in its default mode it does a  
>> traceroute and then proceeds to ICMP Ping flood each IP in the  
>> list generated by the traceroute, the result is usually completly  
>> useless on WAN topologies due to asym-routing, ICMP node  
>> protections by carriers and punting etc..
>
> No, it doesn't try pinging the routers in the middle, at least not  
> anymore (I just re-checked with 0.71 and 0.75).  I vaguely recall  
> behaviour like that in the past, however, so it's possible that  
> long time ago mtr did behave that way.
>

According to the 0.75 sorcecode ICMP is still the default prot used,  
and the definition of MTR from bitwizards homepage disagress with you:

"mtr combines the functionality of the 'traceroute' and 'ping'  
programs in a single network diagnostic tool.
As mtr starts, it investigates the network connection between the  
host mtr runs on and a user-specified destination host. After it  
determines the address of each network hop between the machines, it  
sends a sequence ICMP ECHO requests to each one to determine the  
quality of the link to each machine. As it does this, it prints  
running statistics about each machine. For a preview take a look at  
the screenshots."

Even if you use UDP/TCP or whatever, the return packet will be ICMP  
and that will be ratelimited by any carrier worth there salt...

>> And using UDP will not really provide better results due to the  
>> same thing, and IIRC Cisco from 12.0 has a standard setting of no  
>> more then 1 ICMP Unreach per 500ms..
>
> This is true and the point I was getting at, though I believe the  
> bucket is much larger in any recent software release (also in 12.0  
> series).  Actually, 5 years ago, you could see spot Cisco routers  
> in "traceroute6" because they dropped the rate-limiter didn't  
> respond to the middle packet and it resulted in a star.  The rate- 
> limiter has long since been fixed to be more lenient.
>

According to the 12.4T refrence it is still set to 1 packet / 500ms  
as default, however changes where made to how you can controll this  
in 12.4(2)T.


> -- 
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings


------------------------------
Anders Lindbäck
anders.lindback at dnz.se

• Previous message (by thread): Recommendation of Tools
• Next message (by thread): Recommendation of Tools
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]