03-12-2009 04:49 PM - edited 03-06-2019 04:33 AM
Hi everybody!
\Documents and Settings\zee>tracert http://www.yahoo.com
acing route to www-real.wa1.b.yahoo.com [209.131.36.158]
er a maximum of 30 hops:
1 2 ms 2 ms 1 ms 192.168.0.1
2 11 ms * 9 ms 67-61-144-1.cpe.cableone.net [67.61.144.1]
3 10 ms 10 ms 10 ms 192.168.41.33
4 11 ms 11 ms 11 ms phx-edge-11.inet.qwest.net [65.121.93.229]
5 13 ms 11 ms 24 ms phx-core-01.inet.qwest.net [205.171.129.45]
6 23 ms 23 ms 23 ms lap-brdr-03.inet.qwest.net [67.14.22.74]
7 26 ms 35 ms 35 ms if-12-1.icore1.EQL-LosAngeles.as6453.net [206
29.33]
8 40 ms 36 ms 34 ms Vlan1114.icore1.PDI-PaloAlto.as6453.net [209.
.5]
9 32 ms 33 ms 32 ms if-6-0-0-1144.mcore3.PDI-PaloAlto.as6453.net
6.29.101]
0 34 ms 34 ms 33 ms ix-11-0-4.mcore3.PDI-PaloAlto.as6453.net [64.
.150]
1 33 ms 36 ms 176 ms ae0-p151.msr2.sp1.yahoo.com [216.115.107.75]
2 34 ms 35 ms 32 ms te-8-1.bas-a1.sp1.yahoo.com [209.131.32.17]
3 35 ms 35 ms 35 ms f1.www.vip.sp1.yahoo.com [209.131.36.158]
trace complete.
Based on above output, can i deduce the following:
1) yahoo.com is using the isp"aloAlto.as6453.net" ?
2 is my isp cableone.net peering with qwest.net which is peering with Losangeles.net which is peering with Paloalto.net which is finally peering with yahoo.com?
3) When we use the word" peering" as above do we mean running bgp. For example, abc.com is peering with cde.net, does it mean abc is running bgp with cde.net?
thanks a lot!
Solved! Go to Solution.
03-12-2009 05:46 PM
Hi Sarah,
BGP is the de facto standard for dynamic routing protocol in the internet. Since your traceroute is illustrating internet routes the next-hop reachability between providers is done via BGP.
With that said, yahoo.com may be using 'PaloAlto' to reach your network because it may be the best path based on BGP attribute but it does not imply that yahoo.com only peers with that device.
As you can see from my traceroute:
>>>eliminating some cisco internal hops<<<
13 31 ms 32 ms 30 ms 12.86.208.45
14 41 ms 42 ms 41 ms cr2.rlgnc.ip.att.net [12.123.152.86]
15 40 ms 39 ms 39 ms cr1.wswdc.ip.att.net [12.122.3.170]
16 42 ms 39 ms 37 ms 12.122.135.41
17 40 ms 51 ms 39 ms 12.86.111.22
18 41 ms 41 ms 39 ms ae1-p160.msr1.re1.yahoo.com [216.115.108.25]
19 47 ms 42 ms 42 ms te-9-4.bas-a2.re1.yahoo.com [66.196.112.203]
20 40 ms 39 ms 39 ms f1.www.vip.re1.yahoo.com [69.147.76.15]
I'm not using PaloAlto, so Yahoo is peering with a backbone router that has all internet routes and based on the source of the traffic it uses one path over another relying on BGP Best path selection. The same can be said for my ISP when going towards yahoo.com
HTH,
__
Edison.
03-12-2009 07:52 PM
Yes, the peering concept is used when you establish a neighbor connection between BGP speaking routers.
The 3 values from traceroute indicates the latency from the source to that specific hop. Traceroute sends 3 packets and the 3 values represent the latency on each of the packets.
HTH,
_
Edison.
03-13-2009 05:20 AM
Edison correctly notes peering is between BGP neighbors, but that often is unrelated to your question about DNS domains, i.e. abc.net and abc.com.
On the Internet, peering is often thought of as the relationship between BGP routers of different ASs (autonomous systems).
If you researched what AS owned each tracert hop, you would be able to determine the AS peering locations. It's very likely there are multi-hops within some ASs.
Only one organization would "own" each AS, but many, many DNS domains might reside there, e.g., single organization that owns multiple DNS domains and/or single organization that hosts many DNS domains.
03-13-2009 10:31 AM
Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.
Am i correct?
Amazing Sarah, I couldn't have said it better myself :)
__
Edison.
03-12-2009 04:51 PM
Sarah
Thanks for this. Is there a question to go with the tracert :-)
Jon
03-12-2009 04:59 PM
Wow you have already guessed what i am going to ask next.
03-12-2009 05:46 PM
Hi Sarah,
BGP is the de facto standard for dynamic routing protocol in the internet. Since your traceroute is illustrating internet routes the next-hop reachability between providers is done via BGP.
With that said, yahoo.com may be using 'PaloAlto' to reach your network because it may be the best path based on BGP attribute but it does not imply that yahoo.com only peers with that device.
As you can see from my traceroute:
>>>eliminating some cisco internal hops<<<
13 31 ms 32 ms 30 ms 12.86.208.45
14 41 ms 42 ms 41 ms cr2.rlgnc.ip.att.net [12.123.152.86]
15 40 ms 39 ms 39 ms cr1.wswdc.ip.att.net [12.122.3.170]
16 42 ms 39 ms 37 ms 12.122.135.41
17 40 ms 51 ms 39 ms 12.86.111.22
18 41 ms 41 ms 39 ms ae1-p160.msr1.re1.yahoo.com [216.115.108.25]
19 47 ms 42 ms 42 ms te-9-4.bas-a2.re1.yahoo.com [66.196.112.203]
20 40 ms 39 ms 39 ms f1.www.vip.re1.yahoo.com [69.147.76.15]
I'm not using PaloAlto, so Yahoo is peering with a backbone router that has all internet routes and based on the source of the traffic it uses one path over another relying on BGP Best path selection. The same can be said for my ISP when going towards yahoo.com
HTH,
__
Edison.
03-12-2009 06:22 PM
Thanks for your reply Edison.
I want to understand few terms If you don't mind.
Peering?When we say abc.net is peering with abc.com, does it mean abc.net is running bgp with abc.com?
timers?1" 31 ms 32 ms 30 ms"what do these these three value indicate?
thanks a lot!
03-12-2009 07:52 PM
Yes, the peering concept is used when you establish a neighbor connection between BGP speaking routers.
The 3 values from traceroute indicates the latency from the source to that specific hop. Traceroute sends 3 packets and the 3 values represent the latency on each of the packets.
HTH,
_
Edison.
03-13-2009 09:09 AM
Thanks Edison!
For tracert, three packets are sent and then latency for each is recorded.
each of these values indicates propagation delay(both ways), processing time(consumed by sending and receiving nodes).
Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.
Am i correct?
Thanks a lot and have a nice weekend!
03-13-2009 10:31 AM
Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.
Am i correct?
Amazing Sarah, I couldn't have said it better myself :)
__
Edison.
03-14-2009 06:59 PM
Thanks Edison for your kind remarks!
03-13-2009 05:20 AM
Edison correctly notes peering is between BGP neighbors, but that often is unrelated to your question about DNS domains, i.e. abc.net and abc.com.
On the Internet, peering is often thought of as the relationship between BGP routers of different ASs (autonomous systems).
If you researched what AS owned each tracert hop, you would be able to determine the AS peering locations. It's very likely there are multi-hops within some ASs.
Only one organization would "own" each AS, but many, many DNS domains might reside there, e.g., single organization that owns multiple DNS domains and/or single organization that hosts many DNS domains.
03-13-2009 12:53 PM
Hello Sarah,
in addition to all the good notes from Edison and Joseph.
Actually, the penultimate AS hop to yahoo is someone having a direct BGP session with a yahoo's router (most of the times see below)
The DNS resolution influence what ip address is the actual destination of the traceroute allowing for web caches and mirror sites.
For example for me here in Europe http://www.yahoo.com is resolved in a totally different ip address probably a mirror site.
The Internet place from where the traceroute starts influences also the path that is observed.
Using the links to different looking glasses one could try to guess who are the "Internet neighbors" of yahoo.
For example using routing glasses listed in
Several years ago we had tried to develop a tool to perform this kind of analysis.
The problems that nowdays can happen are:
not always you are able to reach a router that belongs to the intended destination
if security mechanisms are used like
no ip icmp-unreachables for example.
Also the mirror sites can be hosted by some other company (not for yahoo I suppose)
New emerging technologies are making the picture less clear:
the usage of BGP sessions over EoMPLS links is becoming common they are called wide area peering
in this case the ISP providing a L2 MPLS service to the two BGP peers is hidden and cannot be determined with the traceroute test because it is not on the L3 path.
However, this kind of approach is the only experimental test that can validate the Internet routing tables.
see for example
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide