Ownership of Routers on Both Ends of Transnational Links

Pengxiong Zhu pzhu011 at ucr.edu
Sun May 12 00:24:27 UTC 2019


Thanks again for your insightful responses!

The case we discuss above is Chinese ISPs renting routers located outside
China and the IPs belong to other ISPs.

How about the case that the IP belongs to a Chinese ISP and is located in
US(from RTT result), can we say it is very likely or definitely
owned/operated by the Chinese ISP? Why would some ISP try to rent routers
of Chinese ISP in US?

For example, a traceroute from Ohio to an IP in China. Hop 17 and hop 18
should be located in US based on the RTT, and yet they belong to a Chinese
AS(China Telecom). Does this mean that Chinese Telecom is managing these
two hops?

  HOST:                        Loss%   Snt   Last   Avg  Best  Wrst StDev
  6. AS???    100.65.11.97      0.0%   100    2.0   1.0   0.4  12.6   1.3
  7. AS???    52.93.15.238      0.0%   100    2.4   2.0   1.5  11.4   1.1
  8. AS???    52.93.14.134      0.0%   100   21.9  26.3   4.2  54.4  11.3
  9. AS???    52.93.14.119      0.0%   100    2.6   2.1   1.6  10.8   1.2
 10. AS???    100.91.27.86      0.0%   100   25.8  26.2  25.6  34.9   1.2
 11. AS???    54.239.42.197     0.0%   100   25.5  25.9  25.4  35.8   1.5
 12. AS???    100.91.4.218      0.0%   100   25.9  26.2  25.1  38.3   1.6
 13. AS???    100.91.4.217      0.0%   100   25.4  26.0  25.3  41.4   2.0
 14. AS???    100.91.5.85       0.0%   100   25.3  25.8  25.2  29.1   0.9
 15. AS???    54.239.103.86     0.0%   100   25.6  30.0  25.2  49.1   3.8
 16. AS???    54.239.103.77     0.0%   100   25.3  25.6  25.2  28.1   0.5
 17. AS4134   218.30.53.1       0.0%   100   28.0  29.1  25.2  33.1   2.3
 18. AS4134   202.97.50.21      0.0%   100   32.4  29.1  25.2  33.5   2.4
 19. AS???    ???              100.0   100    0.0   0.0   0.0   0.0   0.0
 20. AS???    ???              100.0   100    0.0   0.0   0.0   0.0   0.0
 21. AS4134   202.97.94.121     0.0%   100  186.8 185.6 181.8 189.8   2.3
 22. AS4816   119.147.222.6     0.0%   100  182.6 183.5 182.4 195.8   1.8
 23. AS4816   183.2.182.130     0.0%   100  181.7 183.3 181.5 207.0   3.9
 24. AS???    ???              100.0   100    0.0   0.0   0.0   0.0   0.0
 25. AS45102  116.251.113.158   0.0%   100  176.7 177.9 176.5 186.7   2.1
 26. AS45102  116.251.115.141   0.0%   100  213.2 213.4 213.1 218.5   0.6


Best,
Pengxiong Zhu
Department of Computer Science and Engineering
University of California, Riverside


On Tue, Apr 16, 2019 at 7:37 PM Erik Sundberg <ESundberg at nitelusa.com>
wrote:

> May sure when you are dealing with transnational links to watch the
> latency so you can tell when the link goes international. Just because you
> are going from a US Network provider to China Telecom doesn't mean that
> your not connecting to them in the united states.
>
>
>
> For example a traceroute from Denver to 27.29.128.1 which is an IP in
> China Telecom's network.
>
> It's about 26ms between Denver and Los Angeles. Hop 5 to Hop 6
>
> China Telecom connects to GTT in Los Angeles Hop7/8
>
> On Hop 8 is in the United State and Hop 9 is across the pacific. Because
> the latency goes from 31 ms to 183 ms.
>
>
> Just something to keep in mind.
>
>
>
>  Packets               Pings
>  Host
> Loss%   Snt   Last   Avg  Best  Wrst StDev
>  1. _gateway
> 0.0%    14    1.0   1.2   1.0   2.8   0.5
>  2. te-0-0-26.ear2.den1.us.nitelusa.net
>  0.0%    14    0.9   1.0   0.8   2.1   0.4
>  3. te-0-0-26.ear1.den1.us.nitelusa.net
>  0.0%    14    1.1   1.6   1.1   2.9   0.7
>  4. te-0-0-1-0.cr1.den1.us.nitelusa.net
>  0.0%    14    1.0   1.0   1.0   1.1   0.0
>  5. ae1-122.cr0-den2.ip4.gtt.net
> 0.0%    14    0.5   1.2   0.3   6.9   2.0
>  6. et-0-0-47.cr3-lax2.ip4.gtt.net
> 0.0%    14   26.5  26.4  26.2  26.7   0.2
>  7. as4134.lax20.ip4.gtt.net
> 0.0%    14   27.7  28.7  26.8  30.1   1.1
>  8. 202.97.50.29
> 0.0%    14   31.4  30.6  26.8  34.1   2.4
>  9. 202.97.41.129
>  0.0%    14  183.3 187.1 183.3 190.8   2.4
> 10. 202.97.94.101
>  0.0%    14  187.9 188.6 186.1 211.2   6.8
> 11. 202.97.94.141
>  0.0%    13  177.8 180.7 177.2 184.2   2.3
> 12. 202.97.67.54
> 0.0%    13  199.5 201.2 197.4 205.1   2.6
> 13. 111.177.110.62
> 0.0%    13  205.9 206.3 205.9 208.2   0.7
> 14. 27.29.128.1
>  0.0%    13  202.6 202.8 202.5 203.9   0.4
>
>
> Erik Sundberg
>
> Sr. Network Engineer
>
> Nitel
>
> 350 N Orleans Street
>
> Suite 1300N
>
> Chicago, Il 60654
>
> Desk: 773-661-5532
>
> Cell: 708-710-7419
>
> NOC: 866-892-0915
>
> Email: esundberg at nitelusa.com
>
> web: www.nitelusa.com
>
> ------------------------------
> *From:* Zhiyun Qian <zhiyunq at cs.ucr.edu>
> *Sent:* Tuesday, April 16, 2019 1:02:36 PM
> *To:* Erik Sundberg
> *Cc:* Pengxiong Zhu; Zhiyun Qian; Zhongjie Wang; Keyu Man
> *Subject:* Re: Ownership of Routers on Both Ends of Transnational Links
>
> Erik,
>
> Thanks a lot for the information! This is extremely helpful. We are
> conducting an analysis on performance/policy-related study on transnational
> links. We are hoping to submit a paper soon. Will be glad to share all the
> details once we have a draft!
>
> Best,
> -Zhiyun
>
>
> On Tue, Apr 16, 2019 at 10:35 AM Erik Sundberg <ESundberg at nitelusa.com>
> wrote:
>
> CPE is usually ran by the customer. Some provider do offer managed routers
> for a fee. Kinda like renting a cable modem from your provider.
>
>
> What are your guys trying to accomplish or find out?
>
> Erik
>
>
>
> Erik Sundberg
> Sr. Network Engineer
> Nitel
> 350 N Orleans Street
> Suite 1300N
> Chicago, Il 60654
> Desk: 773-661-5532
> Cell: 708-710-7419
> NOC: 866-892-0915
> Email: esundberg at nitelusa.com
> web: www.nitelusa.com
>
> ------------------------------
> *From:* Pengxiong Zhu <pzhu011 at ucr.edu>
> *Sent:* Tuesday, April 16, 2019 12:32 PM
> *To:* Erik Sundberg
> *Cc:* Zhiyun Qian; Zhongjie Wang; Keyu Man
> *Subject:* Re: Ownership of Routers on Both Ends of Transnational Links
>
> Thanks a lot!
>
> Are the Customer Devices managed by Telia or the customer?
>
> Best,
> Pengxiong Zhu
> Department of Computer Science and Engineering
> University of California, Riverside
>
>
> On Tue, Apr 16, 2019 at 7:43 AM Erik Sundberg <ESundberg at nitelusa.com>
> wrote:
>
> I hope this helps with the breakdown for telia.
>
>
>
>
> Telia i think is using /31's for there serial blocks now
>
> 62.115.170.56 (Telia Edge Rotuer)
>
> 62.115.170.57 (Customer Device)
>
>
>
> chinaunicom-ic-341501-sjo-b21.c.telia.net.
>
>
> <Customername>-<CircuitID>-<POP>-<router>.c.telia.net
>
>
>
> Customer: ChinaUnicom
>
> Telia Circuit ID's are: ic-123456
>
> POP: SJO (Airport code)
>
> Router: b21
>
> Doamin: c.telia.net "Customer.telia.net"
>
>
>
>
> Erik Sundberg
>
> Sr. Network Engineer
>
> Nitel
>
> 350 N Orleans Street
>
> Suite 1300N
>
> Chicago, Il 60654
>
> Desk: 773-661-5532
>
> Cell: 708-710-7419
>
> NOC: 866-892-0915
>
> Email: esundberg at nitelusa.com
>
> web: www.nitelusa.com
>
> ------------------------------
> *From:* NANOG <nanog-bounces at nanog.org> on behalf of Pengxiong Zhu <
> pzhu011 at ucr.edu>
> *Sent:* Monday, April 15, 2019 11:36:45 PM
> *To:* nanog at nanog.org
> *Cc:* Keyu Man; Zhiyun Qian; Zhongjie Wang
> *Subject:* Ownership of Routers on Both Ends of Transnational Links
>
> Howdy folks,
>
> We are a group of researchers at UC Riverside conducting some measurement
> about transnational networks. In particular, we are interested in studying
> the ownership of routers on the two sides of transnational links.
>
> We have some concrete questions which we hope someone can shed some light
> on. Basically when we send packets from US/Canada to China, through
> traceroute and the RTT of each hop, we can locate the last hop in the US
> before the packets enter China (*there is a large jump of RTT of 100+ms
> from this hop onwards*). Oftentimes the ownership of such routers is
> ambiguous.
>
> These hops whose IPs seem to belong to US or European ISPs (*according to
> BGP info*) but their reverse DNS names have *chinaunicom* in it, which is
> a Chinese ISP.
> AS1299 Telia Company AB
> 62.115.170.57    name = chinaunicom-ic-341501-sjo-b21.c.telia.net.
> 62.115.33.230    name = chinaunicom-ic-302366-las-bb1.c.telia.net.
> 213.248.73.190  name = chinaunicom-ic-127288-sjo-b21.c.telia.net.
>
> AS701 Verizon Business
> 152.179.103.254  name = chinaunicom-gw.customer.alter.net.
>
> While the following routers, they don't have a reverse DNS name at all,
> which seem to be uncommon if they were managed by US or European ISPs but
> quite common for Chinese ISPs.
> AS6453 TATA COMMUNICATIONS (AMERICA) INC
> 63.243.205.90
> 66.110.59.118
>
> Can anyone confirm that these are indeed managed by the Chinese ISPs (even
> though they are physically located in the US according to the traceroute
> and RTT analysis)?
>
>
> Best,
> Pengxiong Zhu
> Department of Computer Science and Engineering
> University of California, Riverside
>
> ------------------------------
>
> CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files
> or previous e-mail messages attached to it may contain confidential
> information that is legally privileged. If you are not the intended
> recipient, or a person responsible for delivering it to the intended
> recipient, you are hereby notified that any disclosure, copying,
> distribution or use of any of the information contained in or attached to
> this transmission is STRICTLY PROHIBITED. If you have received this
> transmission in error please notify the sender immediately by replying to
> this e-mail. You must destroy the original transmission and its attachments
> without reading or saving in any manner. Thank you.
>
>
> ------------------------------
>
> CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files
> or previous e-mail messages attached to it may contain confidential
> information that is legally privileged. If you are not the intended
> recipient, or a person responsible for delivering it to the intended
> recipient, you are hereby notified that any disclosure, copying,
> distribution or use of any of the information contained in or attached to
> this transmission is STRICTLY PROHIBITED. If you have received this
> transmission in error please notify the sender immediately by replying to
> this e-mail. You must destroy the original transmission and its attachments
> without reading or saving in any manner. Thank you.
>
>
> ------------------------------
>
> CONFIDENTIALITY NOTICE: This e-mail transmission, and any documents, files
> or previous e-mail messages attached to it may contain confidential
> information that is legally privileged. If you are not the intended
> recipient, or a person responsible for delivering it to the intended
> recipient, you are hereby notified that any disclosure, copying,
> distribution or use of any of the information contained in or attached to
> this transmission is STRICTLY PROHIBITED. If you have received this
> transmission in error please notify the sender immediately by replying to
> this e-mail. You must destroy the original transmission and its attachments
> without reading or saving in any manner. Thank you.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20190511/4d6a3b8d/attachment.html>


More information about the NANOG mailing list