Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
National broadband plan: What’s in it for businesses?
Mobile developers take measure of Windows Phone 7
Comcast, ISC offer IPv6 transition tool
New Cisco Ethernet switches to play broader video, security roles
Windows XP: No IE9 for you
Microsoft lowers Windows licensing costs for virtual desktops
Apple's Ban on Screen Protectors Makes (Some) Sense
Corporate IT eager to deploy Windows 7, survey shows
MIT researchers enable self-assembling of chips
8 things you didn't know about Windows Phone 7
Microsoft touts 'browser with no name' in Windows Phone 7
Microsoft touts speed, HTML 5 support in IE9
It's Official: Facebook Rules the Web
It does not take a village -- or a country
New Internet browser threat sneaks by traditional defenses
/

Housekeeping for traceroute and instant messaging

Today's breaking news
Send to a friendFeedback

By Mark Gibbs
Network World, 08/09/99

Gearhead has a little housekeeping to do: To wit, wrapping up the discussion of traceroute (NW, July 12, page 42).

A number of you wrote to argue that traceroute doesn't use Internet Control Message Protocol (ICMP) echo commands as Gearhead claimed. For example, astute and informed reader Michael Borowiec wrote pointing out that the original author of traceroute, Van Jacobson of Lawrence Berkeley Labs, included the following comments in the source code:

"Probe packets are UDP format. We don't want the destination host to process them so the destination port is set to an unlikely value (if some clod on the destination is using that value, it can be changed with the -p flag)."

Borowiec went on to note that, "Probe packets are sent to UDP ports starting at 33434, incrementing by 1 for each hop, up to 30 hops (by default, ending at 33464). Here's the declaration for the starting port number: u_short port = 32768+666; Curious how the author . . . derives the starting port number as 32K plus the number of the Beast!"

This was an interesting observation on the numerological significance of port assignments and how ports are used. And the reader is quite correct: Unix systems do indeed use only UDP packets, and I did neglect to mention this.

It turns out that the use of ICMP echo requests is a Microsoft perversion implemented in the version of traceroute the company calls tracert. Microsoft's reason for the use of ICMP over UDP can only be guessed at, but the theories could probably keep the Justice Department busy for another year or two.

Amazingly brainy reader Allen Robel noted, "What [Microsoft] has done is not bad, just different. The difference is important to know about though, since you may get varied results depending on [whose] implementation you use. For example, differences may be observed when traversing firewalls, or [quality-of-service] capable switches, depending on how these are configured."

Another reader, the excellently informed Ron Atkinson, pointed out that there are some consequences to this difference in how routers respond:

"You'll notice the ones that don't report . . . are the newer routers that connect different backbones. For the past 10 years that I've run TCP/IP, all the routers have always reported back. If you run 'tracert' you'll notice some don't report, but quite often (not always though) the missing routers will report when you do a 'traceroute'."

Atkinson also points out that another reason some routers don't respond is many ISPs configure their routers so ICMP echo requests are a very low priority.

"You might ping a router sometime and have something like 128 msec round-trip, then you ping a computer behind the router and have a 60 msec round-trip," he says.

As if that weren't enough, Atkinson also says that firewalls and packet filters may make routers "nonpingable" from outside the network to prevent hackers from performing denial-of-service attacks.

So there you are, the final clinical details of traceroute. Don't you feel a better person? Fresh like as a mountain spring? OK, so it's been a long week.

Another issue that Gearhead would like to mention is Backspin's recent comment on the instant messaging fracas (NW, Aug. 2, page 54). The column read, "I'd love to see the Internet Engineering Task Force or the World Wide Web Consortium get ultradynamic and get involved."

That made it sound like there's nothing that either group is doing. Actually, the IETF has a proposal on the table (www.ietf.org/html.charters/impp-charter.html, but to be fair to Backspin, it is still a long way from the marketplace.

Route messages instantly to gh@gibbs.com.

RELATED LINKS


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.