|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec
On Sun, 06 May 2007 20:27:20 -0400 Joe Maimon <[email protected]> wrote: > > > > Lincoln Dale wrote: > > >>traceroute/tcptraceroute show packet loss and MUCH higher rtt than > >>the corresponding direct pings on the reported hop entries. > >> > >>Is this some sort of massaging or plain just "faking it"? Or is such > >>things merely net-urban myth? > > > > the vast majority of routers on the internet respond very > > > > differently to > > traffic 'directed at them' as opposed to traffic 'routed through > > them'. > > Thanks for your reply. > > I did include icmp echo directly to each hop as a comparison. > Right, but from what you posted you didn't send 1500-byte packets. My reaction was the same as Lincoln's -- it smells like a Path MTU problem. To repeat -- ping and traceroute RTT from intermediate nodes is at best advisory, especially on timing. I should add -- DSL lines often use PPPoE, which in turn cuts the effective MTU available for user packets. If the PMTUD ICMP packets don't get through -- and they often don't, because of misconfigured firewalls -- you're likely to see problems like this. --Steve Bellovin, http://www.cs.columbia.edu/~smb
|