nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Access to the Internic Blocked -- LSRR, traceroute with ICMP

From: owen () DeLong SJ CA US (Owen DeLong)
Date: Thu, 22 Aug 1996 08:23:51 -0700


    Speaking of which, is anyone going to implement traceroute
for UNIX which using icmp echo requests, instead of (semi-)random
udp packets, as the ammo?  This is one way which I think Microsoft out
did the old UNIX implementations.



Then how come UNIX traceroute works in so many places where MSloth's
traceroute falls flat on it's face?  Remember, an ICMP packet doesn't
generate TIME EXCEEDED messages in many applications.  It's listed
as something the system MAY implement, not SHOULD or MUST.  Time exceeded
messages are a MUST for UDP and TCP packets.


   They're not semi (or quasi) random udp packets.  They're sequential
   packets.

   Secondly, current router vendors' decisions to prioritize ICMP echo
   request as dung-level packets means that traceroute's UDP packets 
   actually get through at times when pings don't.


This is both good and bad.


   Third, I'd be happy to implement it... but I'm not sure this would 
   be a win.  I can see the loss (see paragraph 2), but WHAT is the
   big win???


Compatibility with Whine-Doze?  :-)


   E
   p.s. The original question was based on Vadim's rhetorical query
        as to router vendors.  Learn to differentiate between WISHFUL
        THINKING and routing reality.  When router vendors pledge to
        not drop, and properly route lsrr icmp echo request/reply 
        that code will be online within 24 hours.



:-)

Owen


    The combination of the above and the below would give us
the usefulness we want and the security we want.  (I don't think
the below would work with Van Jacobsen's traceroute 1.2)



On Wed, 21 Aug 1996, Vadim Antonov wrote:



On itself, LSRR is a godsend to hackers (i can think of about
a dozen of very nasty attacks using general LSRR).  The only
useful application for it is traceroute.

Why don't router vendors provide an option to turn it
off for everything but ICMP ECHO?

--vadim




- - - - - - - - - - - - - - - - -
Previous By Date Next
Previous By Thread Next

Current thread: