cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5922
Views
0
Helpful
10
Replies

output of "tracert yahoo.com"

sarahr202
Level 5
Level 5

Hi everybody!

\Documents and Settings\zee>tracert http://www.yahoo.com

acing route to www-real.wa1.b.yahoo.com [209.131.36.158]

er a maximum of 30 hops:

1 2 ms 2 ms 1 ms 192.168.0.1

2 11 ms * 9 ms 67-61-144-1.cpe.cableone.net [67.61.144.1]

3 10 ms 10 ms 10 ms 192.168.41.33

4 11 ms 11 ms 11 ms phx-edge-11.inet.qwest.net [65.121.93.229]

5 13 ms 11 ms 24 ms phx-core-01.inet.qwest.net [205.171.129.45]

6 23 ms 23 ms 23 ms lap-brdr-03.inet.qwest.net [67.14.22.74]

7 26 ms 35 ms 35 ms if-12-1.icore1.EQL-LosAngeles.as6453.net [206

29.33]

8 40 ms 36 ms 34 ms Vlan1114.icore1.PDI-PaloAlto.as6453.net [209.

.5]

9 32 ms 33 ms 32 ms if-6-0-0-1144.mcore3.PDI-PaloAlto.as6453.net

6.29.101]

0 34 ms 34 ms 33 ms ix-11-0-4.mcore3.PDI-PaloAlto.as6453.net [64.

.150]

1 33 ms 36 ms 176 ms ae0-p151.msr2.sp1.yahoo.com [216.115.107.75]

2 34 ms 35 ms 32 ms te-8-1.bas-a1.sp1.yahoo.com [209.131.32.17]

3 35 ms 35 ms 35 ms f1.www.vip.sp1.yahoo.com [209.131.36.158]

trace complete.

Based on above output, can i deduce the following:

1) yahoo.com is using the isp"aloAlto.as6453.net" ?

2 is my isp cableone.net peering with qwest.net which is peering with Losangeles.net which is peering with Paloalto.net which is finally peering with yahoo.com?

3) When we use the word" peering" as above do we mean running bgp. For example, abc.com is peering with cde.net, does it mean abc is running bgp with cde.net?

thanks a lot!

4 Accepted Solutions

Accepted Solutions

Edison Ortiz
Hall of Fame
Hall of Fame

Hi Sarah,

BGP is the de facto standard for dynamic routing protocol in the internet. Since your traceroute is illustrating internet routes the next-hop reachability between providers is done via BGP.

With that said, yahoo.com may be using 'PaloAlto' to reach your network because it may be the best path based on BGP attribute but it does not imply that yahoo.com only peers with that device.

As you can see from my traceroute:

>>>eliminating some cisco internal hops<<<

13 31 ms 32 ms 30 ms 12.86.208.45

14 41 ms 42 ms 41 ms cr2.rlgnc.ip.att.net [12.123.152.86]

15 40 ms 39 ms 39 ms cr1.wswdc.ip.att.net [12.122.3.170]

16 42 ms 39 ms 37 ms 12.122.135.41

17 40 ms 51 ms 39 ms 12.86.111.22

18 41 ms 41 ms 39 ms ae1-p160.msr1.re1.yahoo.com [216.115.108.25]

19 47 ms 42 ms 42 ms te-9-4.bas-a2.re1.yahoo.com [66.196.112.203]

20 40 ms 39 ms 39 ms f1.www.vip.re1.yahoo.com [69.147.76.15]

I'm not using PaloAlto, so Yahoo is peering with a backbone router that has all internet routes and based on the source of the traffic it uses one path over another relying on BGP Best path selection. The same can be said for my ISP when going towards yahoo.com

HTH,

__

Edison.

View solution in original post

Yes, the peering concept is used when you establish a neighbor connection between BGP speaking routers.

The 3 values from traceroute indicates the latency from the source to that specific hop. Traceroute sends 3 packets and the 3 values represent the latency on each of the packets.

HTH,

_

Edison.

View solution in original post

Edison correctly notes peering is between BGP neighbors, but that often is unrelated to your question about DNS domains, i.e. abc.net and abc.com.

On the Internet, peering is often thought of as the relationship between BGP routers of different ASs (autonomous systems).

If you researched what AS owned each tracert hop, you would be able to determine the AS peering locations. It's very likely there are multi-hops within some ASs.

Only one organization would "own" each AS, but many, many DNS domains might reside there, e.g., single organization that owns multiple DNS domains and/or single organization that hosts many DNS domains.

View solution in original post

Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.

Am i correct?

Amazing Sarah, I couldn't have said it better myself :)

__

Edison.

View solution in original post

10 Replies 10

Jon Marshall
Hall of Fame
Hall of Fame

Sarah

Thanks for this. Is there a question to go with the tracert :-)

Jon

Wow you have already guessed what i am going to ask next.

Edison Ortiz
Hall of Fame
Hall of Fame

Hi Sarah,

BGP is the de facto standard for dynamic routing protocol in the internet. Since your traceroute is illustrating internet routes the next-hop reachability between providers is done via BGP.

With that said, yahoo.com may be using 'PaloAlto' to reach your network because it may be the best path based on BGP attribute but it does not imply that yahoo.com only peers with that device.

As you can see from my traceroute:

>>>eliminating some cisco internal hops<<<

13 31 ms 32 ms 30 ms 12.86.208.45

14 41 ms 42 ms 41 ms cr2.rlgnc.ip.att.net [12.123.152.86]

15 40 ms 39 ms 39 ms cr1.wswdc.ip.att.net [12.122.3.170]

16 42 ms 39 ms 37 ms 12.122.135.41

17 40 ms 51 ms 39 ms 12.86.111.22

18 41 ms 41 ms 39 ms ae1-p160.msr1.re1.yahoo.com [216.115.108.25]

19 47 ms 42 ms 42 ms te-9-4.bas-a2.re1.yahoo.com [66.196.112.203]

20 40 ms 39 ms 39 ms f1.www.vip.re1.yahoo.com [69.147.76.15]

I'm not using PaloAlto, so Yahoo is peering with a backbone router that has all internet routes and based on the source of the traffic it uses one path over another relying on BGP Best path selection. The same can be said for my ISP when going towards yahoo.com

HTH,

__

Edison.

Thanks for your reply Edison.

I want to understand few terms If you don't mind.

Peering?When we say abc.net is peering with abc.com, does it mean abc.net is running bgp with abc.com?

timers?1" 31 ms 32 ms 30 ms"what do these these three value indicate?

thanks a lot!

Yes, the peering concept is used when you establish a neighbor connection between BGP speaking routers.

The 3 values from traceroute indicates the latency from the source to that specific hop. Traceroute sends 3 packets and the 3 values represent the latency on each of the packets.

HTH,

_

Edison.

Thanks Edison!

For tracert, three packets are sent and then latency for each is recorded.

each of these values indicates propagation delay(both ways), processing time(consumed by sending and receiving nodes).

Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.

Am i correct?

Thanks a lot and have a nice weekend!

Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.

Am i correct?

Amazing Sarah, I couldn't have said it better myself :)

__

Edison.

Thanks Edison for your kind remarks!

Edison correctly notes peering is between BGP neighbors, but that often is unrelated to your question about DNS domains, i.e. abc.net and abc.com.

On the Internet, peering is often thought of as the relationship between BGP routers of different ASs (autonomous systems).

If you researched what AS owned each tracert hop, you would be able to determine the AS peering locations. It's very likely there are multi-hops within some ASs.

Only one organization would "own" each AS, but many, many DNS domains might reside there, e.g., single organization that owns multiple DNS domains and/or single organization that hosts many DNS domains.

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Sarah,

in addition to all the good notes from Edison and Joseph.

Actually, the penultimate AS hop to yahoo is someone having a direct BGP session with a yahoo's router (most of the times see below)

The DNS resolution influence what ip address is the actual destination of the traceroute allowing for web caches and mirror sites.

For example for me here in Europe http://www.yahoo.com is resolved in a totally different ip address probably a mirror site.

The Internet place from where the traceroute starts influences also the path that is observed.

Using the links to different looking glasses one could try to guess who are the "Internet neighbors" of yahoo.

For example using routing glasses listed in

http://www.traceroute.org

Several years ago we had tried to develop a tool to perform this kind of analysis.

The problems that nowdays can happen are:

not always you are able to reach a router that belongs to the intended destination

if security mechanisms are used like

no ip icmp-unreachables for example.

Also the mirror sites can be hosted by some other company (not for yahoo I suppose)

New emerging technologies are making the picture less clear:

the usage of BGP sessions over EoMPLS links is becoming common they are called wide area peering

in this case the ISP providing a L2 MPLS service to the two BGP peers is hidden and cannot be determined with the traceroute test because it is not on the L3 path.

However, this kind of approach is the only experimental test that can validate the Internet routing tables.

see for example

http://www.caida.org/home/

Hope to help

Giuseppe

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: