Awesome! Thanks Ben!
On Thu, Sep 10, 2009 at 10:33 AM, Ben Scott <mailvor...@gmail.com> wrote: > On Thu, Sep 10, 2009 at 10:07 AM, Jon D <rekcahp...@gmail.com> wrote: >> I've never paid enough attention. When youguys do a tracert to your >> wan links, is it normal to get a timeout somewhere along the way, like >> maybe right after your border router? > > It depends. > > Traceroute works by crafting packets with a deliberately low TTL and > sending them to the target you specify. It starts with a TTL of one, > so the first hop should expire the packet and return an ICMP "Time > Exceeded" message to the source (your node). Traceroute reports the > sender of that ICMP message to you, increments the TTL to two, and > tries again. It repeats that until it gets a response from the target > (or hits the hop limit, 30 by default). > > If any given hop fails to send ICMP "Time Exceeded" messages, you'll > see a timeout at that hop, but hops past it will work. Typically > looks something like this: > > 1 <1ms <1ms <1ms foo > 2 * * * Request timed out > 3 5 ms 5 ms 5 ms bar > 4 7 ms 6 ms 7 ms baz > ... > > If any given hop fails to *forward* ICMP "Time Exceeded" messages, > then you'll traceroute returns up to that hop, and then timeouts from > that point forward. For example: > > 1 <1ms <1ms <1ms foo > 2 5 ms 5 ms 5 ms bar > 3 7 ms 6 ms 7 ms baz > 4 * * * Request timed out > 5 * * * Request timed out > ... > > Some routers don't generate or forward "Time Exceeded" messages like > they should. Sometimes that's due to brain damaged > design/implementation by the router manufacturer. Other times it's > because a brain damaged operator thinks ICMP is a virus, rather than > an essential part of IP. (Such people are IWF -- Idiot With > Firewall.) > >> ... traffic is getting through despite the timeout ... > > That almost certainly means the traceroute timeout for a single hop > is spurious and should be ignored. > >> ... I see some high latency ... > > You want to see where the latency is coming from. Compare the > latency between hops. Large increases across two hops narrow the > problem down to there. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~