MacNN Forums (http://forums.macnn.com/)
-   Networking (http://forums.macnn.com/networking/)
-   -   Traceroute (http://forums.macnn.com/92/networking/502567/traceroute/)

 
subego Jul 27, 2013 03:13 AM
Traceroute
I'm having issues communicating with the CrashPlan servers in Atlanta. We think it's a routing issue because I'm not having the problem with their Minnesota server.

Traceroute says I'm on Comcast the whole way through, I make one hop to a server which is ignoring my traceroute request, and then end up in Atlanta.

Doing a traceroute via TCP will be a pain in my ass, but if there's a plausible chance it will get me a result on that missing hop, I don't mind the effort. AFAICT, I'll need to get a Linux machine on my network and use tcptraceroute. Plain traceroute appears to have a TCP option, but I'm not having success.

Here is what I tried:

Code:

traceroute -P TCP -p 80 domain.com

This is all above my pay grade, so any help would be appreciated. I have easier access to a Windows machine, so if you know how to work it from there, that's an option.
 
besson3c Jul 27, 2013 04:08 AM
Wouldn't each hop need to have TCP 80 unblocked in their firewall ruleset for this to work?

Because of firewalls rules I don't think traceroute is a terribly useful tool in providing these sorts of specifics aside from determining whether traffic is leaving a network.

Have you tried looking for a service that will initiate a telnet port check from different parts of the world? The various monitoring services (including free ones like uptimerobot should help you here.
 
subego Jul 27, 2013 04:20 AM
Well, yeah. I'm assuming there's a decent chance they aren't blocking HTTP.

I normally wouldn't think traceroute would help, but everybody's stumped. The only lead I have is who's behind the dropped ICMP requests.

I'll check into the telnet monitoring. Thanks!
 
besson3c Jul 27, 2013 04:54 AM
Quote, Originally Posted by subego (Post 4240315)
Well, yeah. I'm assuming there's a decent chance they aren't blocking HTTP.

I normally wouldn't think traceroute would help, but everybody's stumped. The only lead I have is who's behind the dropped ICMP requests.

I'll check into the telnet monitoring. Thanks!

Actually, I would think that most of those hops are switches and various network infrastructure that are not running web servers.
 
subego Jul 27, 2013 05:28 AM
Well, if I knew a Canadian trumpeter with a Linux fetish they could...

Code:

traceroute -T -p 80 poop.org
...and see if it works.

Would you know where I'd find such a person?
 
besson3c Jul 27, 2013 06:28 AM
$ sudo traceroute -T -p 80 steal.org
traceroute to steal.org (82.98.86.169), 30 hops max, 60 byte packets
1 Floozy (192.168.0.1) 0.376 ms 0.489 ms 0.797 ms
2 c-98-223-176-1.hsd1.in.comcast.net (98.223.176.1) 20.623 ms 20.701 ms 27.303 ms
3 * * *
4 * * *
5 te-2-2-0-8-ar01.area4.il.chicago.comcast.net (69.139.185.141) 15.665 ms * 19.514 ms
6 pos-1-13-0-0-ar01.area4.il.chicago.comcast.net (68.86.187.245) 26.050 ms 23.728 ms 23.791 ms
7 he-3-5-0-0-cr01.350ecermak.il.ibone.comcast.net (68.86.95.237) 21.341 ms 21.092 ms 21.064 ms
8 he-1-2-0-0-cr01.chicago.il.ibone.comcast.net (68.86.88.25) 24.542 ms 28.986 ms 29.052 ms
9 xe-9-2-0.edge1.Chicago2.Level3.net (4.71.248.25) 26.983 ms 27.929 ms 28.007 ms
10 4.69.158.226 (4.69.158.226) 131.960 ms 129.847 ms 4.69.158.230 (4.69.158.230) 132.954 ms
11 ae-6-6.ebr2.Washington12.Level3.net (4.69.148.145) 125.751 ms 128.145 ms 128.169 ms
12 ae-5-5.ebr2.Washington1.Level3.net (4.69.143.221) 129.103 ms 128.188 ms 128.138 ms
13 ae-43-43.ebr2.Paris1.Level3.net (4.69.137.57) 123.568 ms ae-44-44.ebr2.Paris1.Level3.net (4.69.137.61) 127.579 ms 127.426 ms
14 ae-48-48.ebr1.Frankfurt1.Level3.net (4.69.143.145) 127.802 ms ae-45-45.ebr1.Frankfurt1.Level3.net (4.69.143.133) 127.182 ms 127.413 ms
15 ae-81-81.csw3.Frankfurt1.Level3.net (4.69.140.10) 129.597 ms ae-91-91.csw4.Frankfurt1.Level3.net (4.69.140.14) 128.593 ms 129.524 ms
16 ae-4-90.edge4.Frankfurt1.Level3.net (4.69.154.200) 125.689 ms ae-3-80.edge4.Frankfurt1.Level3.net (4.69.154.136) 128.632 ms ae-4-90.edge4.Frankfurt1.Level3.net (4.69.154.200) 125.150 ms
17 te2-2.c102.f.de.plusline.net (212.162.24.58) 313.642 ms 310.252 ms 309.132 ms
18 c321.f.de.plusline.net (82.98.98.10) 126.668 ms 127.106 ms 128.075 ms
19 82.98.92.146 (82.98.92.146) 126.787 ms 125.909 ms 127.293 ms
20 gw-dist-pl-a.fhe3rz.net (91.195.240.2) 127.994 ms 131.297 ms 129.312 ms
21 www169.sedoparking.com (82.98.86.169) 126.929 ms 126.527 ms 125.914 ms
 
subego Jul 27, 2013 04:18 PM
Awesome!

You know, we take a similar route to poop.org once we hit Comcast and the ibone (which is the best name ever). Would it be a drag to run it again to http://atlproaw5.crashplanpro.com/ with the same flags?



Code:

traceroute -T -p 80 http://atlproaw5.crashplanpro.com/
 
besson3c Jul 27, 2013 04:41 PM
$ sudo traceroute -T -p 80 atlproaw5.crashplanpro.com
traceroute to atlproaw5.crashplanpro.com (209.208.241.165), 30 hops max, 60 byte packets
1 Floozy (192.168.0.1) 0.379 ms 0.488 ms 0.633 ms
2 c-98-223-176-1.hsd1.in.comcast.net (98.223.176.1) 25.271 ms 26.424 ms 31.330 ms
3 * * *
4 * * *
5 te-0-6-0-3-ar01.indianapolis.in.indiana.comcast.net (69.139.185.149) 16.248 ms * 23.841 ms
6 pos-1-15-0-0-ar01.area4.il.chicago.comcast.net (68.87.230.9) 29.344 ms 26.366 ms 26.338 ms
7 he-3-6-0-0-cr01.350ecermak.il.ibone.comcast.net (68.86.95.9) 25.234 ms 24.355 ms 20.475 ms
8 pos-1-5-0-0-pe01.350ecermak.il.ibone.comcast.net (68.86.87.126) 20.594 ms 24.478 ms 25.467 ms
9 as4323-pe01.350ecermak.il.ibone.comcast.net (75.149.230.142) 22.134 ms 23.091 ms 23.161 ms
10 atl1-ar3-ge-1-0-0-0.us.twtelecom.net (66.192.246.238) 47.720 ms 48.031 ms 47.777 ms
11 ten7-1.core2.atl1.qualitytech.com (64.88.184.18) 44.248 ms 50.492 ms 48.507 ms
12 central.crashplan.com (209.208.241.165) 42.899 ms 42.784 ms 46.482 ms
 
subego Jul 27, 2013 07:58 PM
First off, you are ****ing awesome! Thanks so much!

Very interesting result. We both leave Comcast from the same node. It goes to twtelecom.net, qualitytech.com, and then hits CrashPlan.

Exact same for me. Same nodes, same addresses, but it then takes a ghost hop before CrashPlan.

Hmmmm...
 
Waragainstsleep Jul 28, 2013 05:43 AM
Surely its just the NSA?
 
subego Jul 30, 2013 09:01 PM
Well, this gave me an excuse to fire up the Raspberry Pi, but the NSA dropped my http request anyway.

Regardless, thanks again M. besson!
 
iMOTOR Aug 7, 2013 01:23 AM
I arrived at this thread a little late but: tcptraceroute is available for Mac through MacPorts.

The MacPorts Project -- Available Ports

Most linux binaries are available there.
 
All times are GMT -4. The time now is 12:40 AM.

Copyright © 2005-2007 MacNN. All rights reserved.
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2016, vBulletin Solutions, Inc.


Content Relevant URLs by vBSEO 3.3.2