Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Access to the Internic Blocked -- LSRR, traceroute with ICMP

  • From: Owen DeLong
  • Date: Thu Aug 22 11:28:10 1996

> >	Speaking of which, is anyone going to implement traceroute
> >for UNIX which using icmp echo requests, instead of (semi-)random
> >udp packets, as the ammo?  This is one way which I think Microsoft out
> >did the old UNIX implementations.
> 
Then how come UNIX traceroute works in so many places where MSloth's
traceroute falls flat on it's face?  Remember, an ICMP packet doesn't
generate TIME EXCEEDED messages in many applications.  It's listed
as something the system MAY implement, not SHOULD or MUST.  Time exceeded
messages are a MUST for UDP and TCP packets.

>    They're not semi (or quasi) random udp packets.  They're sequential
>    packets.
> 
>    Secondly, current router vendors' decisions to prioritize ICMP echo
>    request as dung-level packets means that traceroute's UDP packets 
>    actually get through at times when pings don't.
> 
This is both good and bad.

>    Third, I'd be happy to implement it... but I'm not sure this would 
>    be a win.  I can see the loss (see paragraph 2), but WHAT is the
>    big win???
> 
Compatibility with Whine-Doze?  :-)

>    E
>    p.s. The original question was based on Vadim's rhetorical query
>         as to router vendors.  Learn to differentiate between WISHFUL
>         THINKING and routing reality.  When router vendors pledge to
>         not drop, and properly route lsrr icmp echo request/reply 
>         that code will be online within 24 hours.
> 
> 
:-)

Owen

> >	The combination of the above and the below would give us
> >the usefulness we want and the security we want.  (I don't think
> >the below would work with Van Jacobsen's traceroute 1.2)
> 
> >On Wed, 21 Aug 1996, Vadim Antonov wrote:
> 
> >> On itself, LSRR is a godsend to hackers (i can think of about
> >> a dozen of very nasty attacks using general LSRR).  The only
> >> useful application for it is traceroute.
> >>
> >> Why don't router vendors provide an option to turn it
> >> off for everything but ICMP ECHO?
> >>
> >> --vadim
> 
> 
- - - - - - - - - - - - - - - - -




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.