Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Bronze

output of "tracert yahoo.com"

Hi everybody!

\Documents and Settings\zee>tracert http://www.yahoo.com

acing route to www-real.wa1.b.yahoo.com [209.131.36.158]

er a maximum of 30 hops:

1 2 ms 2 ms 1 ms 192.168.0.1

2 11 ms * 9 ms 67-61-144-1.cpe.cableone.net [67.61.144.1]

3 10 ms 10 ms 10 ms 192.168.41.33

4 11 ms 11 ms 11 ms phx-edge-11.inet.qwest.net [65.121.93.229]

5 13 ms 11 ms 24 ms phx-core-01.inet.qwest.net [205.171.129.45]

6 23 ms 23 ms 23 ms lap-brdr-03.inet.qwest.net [67.14.22.74]

7 26 ms 35 ms 35 ms if-12-1.icore1.EQL-LosAngeles.as6453.net [206

29.33]

8 40 ms 36 ms 34 ms Vlan1114.icore1.PDI-PaloAlto.as6453.net [209.

.5]

9 32 ms 33 ms 32 ms if-6-0-0-1144.mcore3.PDI-PaloAlto.as6453.net

6.29.101]

0 34 ms 34 ms 33 ms ix-11-0-4.mcore3.PDI-PaloAlto.as6453.net [64.

.150]

1 33 ms 36 ms 176 ms ae0-p151.msr2.sp1.yahoo.com [216.115.107.75]

2 34 ms 35 ms 32 ms te-8-1.bas-a1.sp1.yahoo.com [209.131.32.17]

3 35 ms 35 ms 35 ms f1.www.vip.sp1.yahoo.com [209.131.36.158]

trace complete.

Based on above output, can i deduce the following:

1) yahoo.com is using the isp"aloAlto.as6453.net" ?

2 is my isp cableone.net peering with qwest.net which is peering with Losangeles.net which is peering with Paloalto.net which is finally peering with yahoo.com?

3) When we use the word" peering" as above do we mean running bgp. For example, abc.com is peering with cde.net, does it mean abc is running bgp with cde.net?

thanks a lot!

4 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Bronze

Re: output of "tracert yahoo.com"

Hi Sarah,

BGP is the de facto standard for dynamic routing protocol in the internet. Since your traceroute is illustrating internet routes the next-hop reachability between providers is done via BGP.

With that said, yahoo.com may be using 'PaloAlto' to reach your network because it may be the best path based on BGP attribute but it does not imply that yahoo.com only peers with that device.

As you can see from my traceroute:

>>>eliminating some cisco internal hops<<<

13 31 ms 32 ms 30 ms 12.86.208.45

14 41 ms 42 ms 41 ms cr2.rlgnc.ip.att.net [12.123.152.86]

15 40 ms 39 ms 39 ms cr1.wswdc.ip.att.net [12.122.3.170]

16 42 ms 39 ms 37 ms 12.122.135.41

17 40 ms 51 ms 39 ms 12.86.111.22

18 41 ms 41 ms 39 ms ae1-p160.msr1.re1.yahoo.com [216.115.108.25]

19 47 ms 42 ms 42 ms te-9-4.bas-a2.re1.yahoo.com [66.196.112.203]

20 40 ms 39 ms 39 ms f1.www.vip.re1.yahoo.com [69.147.76.15]

I'm not using PaloAlto, so Yahoo is peering with a backbone router that has all internet routes and based on the source of the traffic it uses one path over another relying on BGP Best path selection. The same can be said for my ISP when going towards yahoo.com

HTH,

__

Edison.

Hall of Fame Super Bronze

Re: output of "tracert yahoo.com"

Yes, the peering concept is used when you establish a neighbor connection between BGP speaking routers.

The 3 values from traceroute indicates the latency from the source to that specific hop. Traceroute sends 3 packets and the 3 values represent the latency on each of the packets.

HTH,

_

Edison.

Super Bronze

Re: output of "tracert yahoo.com"

Edison correctly notes peering is between BGP neighbors, but that often is unrelated to your question about DNS domains, i.e. abc.net and abc.com.

On the Internet, peering is often thought of as the relationship between BGP routers of different ASs (autonomous systems).

If you researched what AS owned each tracert hop, you would be able to determine the AS peering locations. It's very likely there are multi-hops within some ASs.

Only one organization would "own" each AS, but many, many DNS domains might reside there, e.g., single organization that owns multiple DNS domains and/or single organization that hosts many DNS domains.

Hall of Fame Super Bronze

Re: output of "tracert yahoo.com"

Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.

Am i correct?

Amazing Sarah, I couldn't have said it better myself :)

__

Edison.

10 REPLIES
Hall of Fame Super Blue

Re: output of "tracert yahoo.com"

Sarah

Thanks for this. Is there a question to go with the tracert :-)

Jon

Bronze

Re: output of "tracert yahoo.com"

Wow you have already guessed what i am going to ask next.

Hall of Fame Super Bronze

Re: output of "tracert yahoo.com"

Hi Sarah,

BGP is the de facto standard for dynamic routing protocol in the internet. Since your traceroute is illustrating internet routes the next-hop reachability between providers is done via BGP.

With that said, yahoo.com may be using 'PaloAlto' to reach your network because it may be the best path based on BGP attribute but it does not imply that yahoo.com only peers with that device.

As you can see from my traceroute:

>>>eliminating some cisco internal hops<<<

13 31 ms 32 ms 30 ms 12.86.208.45

14 41 ms 42 ms 41 ms cr2.rlgnc.ip.att.net [12.123.152.86]

15 40 ms 39 ms 39 ms cr1.wswdc.ip.att.net [12.122.3.170]

16 42 ms 39 ms 37 ms 12.122.135.41

17 40 ms 51 ms 39 ms 12.86.111.22

18 41 ms 41 ms 39 ms ae1-p160.msr1.re1.yahoo.com [216.115.108.25]

19 47 ms 42 ms 42 ms te-9-4.bas-a2.re1.yahoo.com [66.196.112.203]

20 40 ms 39 ms 39 ms f1.www.vip.re1.yahoo.com [69.147.76.15]

I'm not using PaloAlto, so Yahoo is peering with a backbone router that has all internet routes and based on the source of the traffic it uses one path over another relying on BGP Best path selection. The same can be said for my ISP when going towards yahoo.com

HTH,

__

Edison.

Bronze

Re: output of "tracert yahoo.com"

Thanks for your reply Edison.

I want to understand few terms If you don't mind.

Peering?When we say abc.net is peering with abc.com, does it mean abc.net is running bgp with abc.com?

timers?1" 31 ms 32 ms 30 ms"what do these these three value indicate?

thanks a lot!

Hall of Fame Super Bronze

Re: output of "tracert yahoo.com"

Yes, the peering concept is used when you establish a neighbor connection between BGP speaking routers.

The 3 values from traceroute indicates the latency from the source to that specific hop. Traceroute sends 3 packets and the 3 values represent the latency on each of the packets.

HTH,

_

Edison.

Bronze

Re: output of "tracert yahoo.com"

Thanks Edison!

For tracert, three packets are sent and then latency for each is recorded.

each of these values indicates propagation delay(both ways), processing time(consumed by sending and receiving nodes).

Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.

Am i correct?

Thanks a lot and have a nice weekend!

Hall of Fame Super Bronze

Re: output of "tracert yahoo.com"

Just by looking at these values, we can not be sure how long it take icmp packet to get to destination and return to the source.It might be possible the receiving node is heavily loaded and thus take longer to process the packet and sends the reply back to sender.

Am i correct?

Amazing Sarah, I couldn't have said it better myself :)

__

Edison.

Bronze

Re: output of "tracert yahoo.com"

Thanks Edison for your kind remarks!

Super Bronze

Re: output of "tracert yahoo.com"

Edison correctly notes peering is between BGP neighbors, but that often is unrelated to your question about DNS domains, i.e. abc.net and abc.com.

On the Internet, peering is often thought of as the relationship between BGP routers of different ASs (autonomous systems).

If you researched what AS owned each tracert hop, you would be able to determine the AS peering locations. It's very likely there are multi-hops within some ASs.

Only one organization would "own" each AS, but many, many DNS domains might reside there, e.g., single organization that owns multiple DNS domains and/or single organization that hosts many DNS domains.

Hall of Fame Super Silver

Re: output of "tracert yahoo.com"

Hello Sarah,

in addition to all the good notes from Edison and Joseph.

Actually, the penultimate AS hop to yahoo is someone having a direct BGP session with a yahoo's router (most of the times see below)

The DNS resolution influence what ip address is the actual destination of the traceroute allowing for web caches and mirror sites.

For example for me here in Europe http://www.yahoo.com is resolved in a totally different ip address probably a mirror site.

The Internet place from where the traceroute starts influences also the path that is observed.

Using the links to different looking glasses one could try to guess who are the "Internet neighbors" of yahoo.

For example using routing glasses listed in

http://www.traceroute.org

Several years ago we had tried to develop a tool to perform this kind of analysis.

The problems that nowdays can happen are:

not always you are able to reach a router that belongs to the intended destination

if security mechanisms are used like

no ip icmp-unreachables for example.

Also the mirror sites can be hosted by some other company (not for yahoo I suppose)

New emerging technologies are making the picture less clear:

the usage of BGP sessions over EoMPLS links is becoming common they are called wide area peering

in this case the ISP providing a L2 MPLS service to the two BGP peers is hidden and cannot be determined with the traceroute test because it is not on the L3 path.

However, this kind of approach is the only experimental test that can validate the Internet routing tables.

see for example

http://www.caida.org/home/

Hope to help

Giuseppe

1092
Views
0
Helpful
10
Replies
CreatePlease to create content