Hands-on 4: Internet Routes and Measuring Round Trip Times

Today's assignment is your fourth hands-on exercise. You will get a chance to experiment with two very useful and widely-used diagnostic tools, traceroute and ping, to expose you to some of the interesting quirks in network routing and packet round trip times. Do the following six exercises and hand in your results during recitation. Please also include the amount of time that the assignment took to complete.

Understanding Internet routes using traceroute

As the name implies, traceroute essentially allows you to trace the entire route from your machine to a remote machine. The remote machine can be specified either as a name or as an IP address.

We include a sample output of an execution of traceroute and explain the salient features. The command:

   % traceroute www.yahoo.com

tries to determine the path from the source machine (sure.lcs.mit.edu) to www.yahoo.com. The machine encountered on the path after the first hop is anacreon.lcs.mit.edu, the next is radole.lcs.mit.edu, and so on. In all, it takes 20 hops to reach w10.dcx.yahoo.com. The explanation of the remaining fields on each of the lines can be understood by typing:

   % man traceroute

at the command prompt of any Athena workstation running some flavor of Unix. We recommend, but do not require, that you perform this assignment on Athena. Please note that the TAs cannot guarantee tech support if you do not use an Athena workstation.

% traceroute www.yahoo.com
traceroute to www.yahoo.akadns.net (64.58.76.225), 64 hops max, 40 byte packets
 1  anacreon (18.26.4.1)  0.726 ms  0.584 ms  0.515 ms
 2  radole (18.24.10.3)  1.653 ms  1.418 ms  1.438 ms
 3  B24-RTR-1-LCS-LINK.MIT.EDU (18.201.1.1)  3.658 ms  4.412 ms  4.549 ms
 4  EXTERNAL-RTR-2-BACKBONE.MIT.EDU (18.168.0.27)  2.266 ms  1.321 ms  2.740 ms
 5  p4-1.cambridge1-cr1.bbnplanet.net (4.1.80.29)  9.344 ms  7.629 ms  7.748 ms
 6  p4-2.cambridge1-nbr1.bbnplanet.net (4.1.80.6)  7.918 ms  6.250 ms  6.428 ms
 7  p5-0.cambridge1-nbr2.bbnplanet.net (4.0.1.110)  5.964 ms  5.419 ms  8.474 ms
 8  so-4-2-0.bstnma1-nbr2.bbnplanet.net (4.0.2.249)  7.913 ms  11.161 ms  15.277 ms
 9  p9-0.nycmny1-nbr2.bbnplanet.net (4.24.6.50)  12.509 ms  14.115 ms  13.352 ms
10  so-7-0-0.nycmny1-hcr3.bbnplanet.net (4.0.7.13)  14.922 ms  21.573 ms  15.526 ms
11  acr2-so-3-1-0.NewYork.cw.net (206.24.193.149)  16.543 ms  16.252 ms  15.715 ms
12  agr4-loopback.NewYork.cw.net (206.24.194.104)  18.082 ms  11.023 ms  12.224 ms
13  dcr1-so-7-3-0.NewYork.cw.net (206.24.207.77)  16.423 ms dcr2-so-7-3-0.NewYork.cw.net (206.24.207.205)  21.666 ms  14.700 ms
14  dcr1-loopback.Washington.cw.net (206.24.226.99)  21.879 ms  24.402 ms dcr2-loopback.Washington.cw.net (206.24.226.100)  24.212 ms
15  bhr1-pos-10-0.Sterling1dc2.cw.net (206.24.238.166)  22.868 ms  23.379 ms  30.506 ms
16  csr12-ve241.Sterling2dc3.cw.net (216.109.66.91)  31.083 ms  41.196 ms  23.394 ms
17  216.109.84.166 (216.109.84.166)  26.127 ms  23.551 ms  30.587 ms
18  ge-0-3-0-p38.msr1.dcn.yahoo.com (216.109.120.177)  24.039 ms  37.197 ms  29.592 ms
19  vl43.bas1.dcx.yahoo.com (216.109.120.190)  26.913 ms  24.655 ms  25.114 ms
20  w4.dcx.yahoo.com (64.58.76.225)  23.952 ms  21.724 ms  24.004 ms

1. Warmup:

In at most 50 words, explain how traceroute discovers a path to a remote host. The man page might be useful in answering this question. You also might find some helpful information in chapter 4 of the lecture notes.

2. Routing Asymmetries:

For this exercise, you need to use the traceroute server at http://www.getnet.com/cgi-bin/trace. Enter the name or IP address of your machine where it says "Enter search keywords:" and press return. The traceroute server will execute traceroute on the machine running the webserver (trojan.neta.com, in this case) to your machine. Now run

   % traceroute dragon.getnet.net 

on your machine.

a) Show the output of traceroute in each of the above two cases.

b) Draw a picture depicting the route between you and the traceroute server. Include the

• the two end hosts
• the routers
• the names and IP addresses for each port used on each machine
• the links between the machines

Note that these two traceroutes may not provide enough information to identify every router that handled the packet. In your drawing, include as much information as you can with the traceroute data you collected.

Here is an example showing the route between ws14.mit.edu and poserver.mit.edu:

     ----                      ----                         ----
     |  |                      |  |                         |  |
     |  |ws14.mit.edu          |  |b24p4.mit.edu            |  |
     |  |18.26.0.44            |  |18.17.1.1                |  |
     |  |----------------------|  |-------------------------|  |
     |  |         b24p3.mit.edu|  |         poserver.mit.edu|  |
     |  |             18.26.0.1|  |               18.17.0.45|  |
     ----                      ----                         ----

c) Describe anything unusual about the output. Are the same machines traversed in both directions? Give one reason why this could be happening.

3. Blackholes:

At the command prompt, type

   % traceroute 18.31.0.200

a) Show the output of the above command.

b) Describe what is strange about the observed output, and why traceroute gives you such an output. The man page has useful hints to help you understand the output better.

4. Border Gateway Protocol (BGP):

For this last question on the topic of internet routing, you need to refer to the BGP routing table data below. This table shows some of the BGP routing entries that a particular router refers to when forwarding any packets to MIT (IP Address 18.*.*.*). As described in the Internet routing paper, recall that BGP is a path vector protocol.

BGP table version is 6855710, local router ID is 198.32.162.100
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network		    Next Hop            Metric       LocPrf Weight Path
*  18.0.0.0         165.87.32.5                            0 2685 1 3 e
*                   157.22.9.7                             0 715 1 3 ?
*                   205.215.45.50                          0 4006 1 3 ?
*                   195.211.29.22                          0 5409 6667 8543 12885 9057 3356 1 3 ?
*                   207.172.6.173           83             0 6079 4530 10578 3 ?
*                   206.220.240.222                        0 10764 11537 10578 3 ?
*                   204.29.239.1                           0 6066 3549 1 3 ?
*                   216.140.2.63             9             0 6395 1 3 ?
*                   207.126.96.1          4325             0 6461 1 1 1 1 3 ?
*                   203.181.248.242                        0 7660 11537 10578 3 ?
*                   157.130.185.17                         0 701 1 3 ?
*                   144.228.241.81          14             0 1239 1 3 ?
*                   212.4.193.253                          0 8918 1 3 ?
*                   207.45.223.244                         0 6453 1 3 ?
*                   134.24.127.30           35             0 1740 7018 1 3 ?
*>                  4.0.0.2                                0 1 3 ?
*                   204.70.4.89                            0 3561 1 3 ?
*                   202.232.1.91                           0 2497 1 3 ?
*                   207.172.6.221           81             0 6079 4530 10578 3 ?
*                   204.42.253.253                         0 267 2914 1 3 ?
*                   129.250.0.11             0             0 2914 1 3 ?

a) From the path entry data, can you determine which Autonomous System (AS) number corresponds to MIT?

b) Referring back to your traceroute data, which AS number do you think corresponds to bbnplanet?

c) Would you guess that the inter-AS relationship between MIT and bbnplanet is a peering or transit relationship?

If you'd like to explore BGP and Internet routing in more depth, be sure to take 6.829 Computer Networks, which is taught by Professor Hari Balakrishnan in the Fall!

Measuring Round Trip Times With Ping

In these final two exercises, you will use the ping utility to send echo requests to a number of different hosts. The ping utility is one of the more useful utilities for testing a network. The ping utility works by sending a short message of type echo-request to a host using a network protocol called ICMP, the Internet Control Message Protocol. A host that supports ICMP (and most do) and receives an echo-request message simply replies by sending a short ICMP message of type echo-response back to the originating host.

For more information, look at the man page on ping and the specifications for ICMP, located in RFC 792. To get to RFC 792 on Athena, type

    % attach rfc
    % more /mit/rfc/rfc792.txt

To get to the man page on ping, type

    % man ping

To use the ping command on Athena, simply type the letters ping on the command line. A list of possible options will appear. You may use any other form of the ping utility so long as it sends ICMP echo-request packets and can report the number of echo-response packets and the round trip time per packet. If you do use a non-Athena workstation, please make sure you use ping from some machine connected to the MIT network. Please also note that the TAs cannot guarantee tech support if you do not use an Athena Sun workstation.

On the Sun workstations on Athena, the ping utility is located in /usr/sbin/ping. On the SGI workstations on Athena, the ping utility is located in /usr/etc/ping. If you use the ping from a Sun workstation, you may have to use the -s option to get it to display the results that you want. Type machtype to determine the type of machine you are using. If you have any more questions, see the man pages for more details on how to use ping.

5. Round Trip Times:

a) For the following hosts, send 20 packets, each with a length of 56 data bytes. Indicate what percent of the packets resulted in a successful response. For the packets from which you received a response, write down the minimum, average, and maximum round trip times in milliseconds. Note that ping reports these times to you if you tell it how many packets to send on the command line.

The list of hosts are:

   www.lcs.mit.edu       
   www.stanford.edu 
   www.cs.vu.nl           (Vrije Univeristy, Prof. Kaashoek's alma mater)
   www.kyoto-u.ac.jp      (Kyoto University)
   rufus.w3.org           (A RedHat Linux mirror located at LCS on MIT's campus)

Note: You may find that the packet responses are 64 bytes instead of 56 bytes. Look at RFC 792 to find out the reason.

b) For 56-byte packets, what can you say about the differences in the minimum round-trip times for pings of www.lcs.mit.edu, www.stanford.edu, www.cca.vu.nl and www.kyoto-u.ac.jp and rufus.w3.org? What reason can you give to explain why these differences occur?

c) For same hosts listed above, send 20 packets that have lengths of 512 data bytes and 1024 data bytes. Write down the minimum, average, and maximum round trip times in milliseconds.

d) When comparing 56-byte packets, 512-byte packets, and 1024-byte packets, what can you say about the difference in minimum round-trip times to the same host?

6. Unanswered Pings:

a) For the following hosts, send 100 packets that have a length of 56 data bytes. Indicate what percent of the packets resulted in a successful response. For the packets that you received a response, write down the minimum, average, and maximum round trip times in milliseconds.

   www.pku.edu.cn         (Peking University)
   www.wits.ac.za         (University of the Witwatersrand, Johannesburg)
   www.microsoft.com 
   18.242.0.5             (A router in Next House, an MIT dormitory)

b) For some of the hosts, you may not have gotten responses for all the packets you sent. Can you think of a few reasons as to why you might have not gotten a response?