drayon Posted March 11, 2009 Share Posted March 11, 2009 (edited) I'd like some trace data to a given destination IP 203.16.214.172 from users serviced with CAT, TOT + True. If users can note their service provider and paste the output of a trace to this IP : 203.16.214.172 i'd appreciate it. Edited March 11, 2009 by drayon Link to comment Share on other sites More sharing options...
malcolmswaine Posted March 11, 2009 Share Posted March 11, 2009 CAT Telecom Tracing route to securemail.internode.on.net [203.16.214.172] over a maximum of 50 hops: 1 4294967290 ms 1 ms 1 ms xxx.xxx. xxx. xxx 2 1 ms 1 ms 1 ms xxx. xxx. xxx. xxx 3 * 9 ms 9 ms xxx. xxx. xxx. xxx 4 * 30 ms 30 ms 61.7.148.33 5 22 ms 22 ms 22 ms 202.47.247.254 6 31 ms 31 ms 30 ms 202.47.254.141 7 30 ms 30 ms 30 ms 202.47.253.150 8 235 ms 232 ms 237 ms 202.47.253.233 9 225 ms 233 ms 233 ms ge-1-1.r01.lsanca03.us.bb.gin.ntt.net [204.1.253 .73] 10 238 ms 249 ms 238 ms ae-2.r20.lsanca03.us.bb.gin.ntt.net [129.250.3.1 25] 11 247 ms 246 ms 254 ms as-0.r21.snjsca04.us.bb.gin.ntt.net [129.250.4.9 6] 12 242 ms 235 ms 242 ms po-2.r02.snjsca04.us.bb.gin.ntt.net [129.250.4.1 0] 13 336 ms 337 ms 338 ms gig0-2.bdr1.sjc2.internode.on.net [129.250.11.98 ] 14 508 ms 507 ms 507 ms pos7-0.bdr1.syd7.internode.on.net [203.16.213.16 1] 15 490 ms 491 ms 489 ms pos2-3.bdr1.adl6.internode.on.net [203.16.212.22 ] 16 509 ms 513 ms 507 ms gi1-17.cor3.adl2.internode.on.net [150.101.134.6 2] 17 * * * Request timed out. 18 * * * Request timed out. 19 * * * Request timed out. 20 * * * Request timed out. 21 * * * Request timed out. 22 * * * Request timed out. 23 * * * Request timed out. 24 * * * Request timed out. 25 gi1-17.cor3.adl2.internode.on.net [150.101.134.62] reports: Destination ne t unreachable. Trace complete. Link to comment Share on other sites More sharing options...
sniffdog Posted March 11, 2009 Share Posted March 11, 2009 TOT TraceRoute to 203.16.214.172 [securemail.internode.on.net] Hop (ms) (ms) (ms) IP Address Host name 1 12 7 9 72.249.134.177 - 2 105 7 6 8.9.232.73 xe-5-3-0.edge3.dallas1.level3.net 3 13 19 15 4.68.19.254 vlan99.csw4.dallas1.level3.net 4 18 18 18 4.69.136.165 ae-93-93.ebr3.dallas1.level3.net 5 48 39 50 4.69.132.77 ae-3.ebr2.losangeles1.level3.net 6 52 39 50 4.69.137.22 ae-72-72.csw2.losangeles1.level3.net 7 40 49 42 4.68.20.69 ae-23-79.car3.losangeles1.level3.net 8 42 47 56 4.71.32.62 internode-s.car3.losangeles1.level3.net 9 252 243 243 203.16.213.190 pos3-2.bdr1.syd6.internode.on.net 10 243 241 243 150.101.199.230 pos4-1.bdr2.adl2.internode.on.net 11 244 244 245 150.101.225.102 gi1-19.cor1.adl6.internode.on.net 12 Timed out Timed out Timed out - 13 Timed out Timed out Timed out - 14 Destination network unreachable Timed out Timed out - 15 Timed out Timed out Timed out - Trace aborted. Link to comment Share on other sites More sharing options...
Deksan Posted March 11, 2009 Share Posted March 11, 2009 True 2M : traceroute to 203.16.214.172 (203.16.214.172), 64 hops max, 40 byte packets 1 192.168.1.1 2.328 ms 1.270 ms 1.249 ms 2 124.121.245.1 20.012 ms 19.636 ms 20.531 ms 3 210.86.189.33 21.805 ms 19.806 ms 19.967 ms 4 10.169.33.1 24.514 ms 23.597 ms 22.907 ms 5 58.97.25.102 27.465 ms 61.90.133.238 21.294 ms 61.90.254.118 20.809 ms 6 61.90.254.117 20.373 ms 20.849 ms 20.951 ms 7 * * * 8 203.144.144.27 20.658 ms 20.493 ms 21.482 ms 9 61.91.210.1 22.656 ms 20.704 ms 20.462 ms 10 122.144.28.145 21.110 ms 21.143 ms 21.623 ms 11 122.144.26.210 90.958 ms 91.894 ms 91.163 ms 12 122.144.26.226 58.703 ms 58.693 ms 59.385 ms 13 122.144.26.86 93.203 ms 95.690 ms 92.980 ms 14 203.131.243.141 99.422 ms 203.601 ms 204.490 ms 15 203.131.240.217 116.976 ms 92.542 ms 92.999 ms 16 203.131.240.185 92.372 ms 91.008 ms 92.728 ms 17 129.250.2.38 144.535 ms 144.906 ms 144.027 ms 18 61.213.162.234 145.134 ms 143.055 ms 144.036 ms 19 203.105.72.10 144.576 ms 145.345 ms 143.717 ms 20 203.105.73.82 143.690 ms 142.827 ms 143.750 ms 21 203.105.73.138 368.089 ms 367.901 ms 366.570 ms 22 203.16.211.33 291.210 ms 291.275 ms 290.964 ms 23 150.101.134.157 290.135 ms 290.124 ms 290.863 ms 24 150.101.225.110 288.613 ms 287.605 ms 287.213 ms 25 * 150.101.225.110 291.111 ms !X * 26 * * * 27 150.101.225.110 289.739 ms !X * * 28 * * * 29 * * * 30 * 150.101.225.110 288.186 ms !X Link to comment Share on other sites More sharing options...
Prasert Posted March 11, 2009 Share Posted March 11, 2009 gi1-21.cor1.adl6.internode.on.net (150.101.134.54) is blocking icmp traffic, probably with an access-list. If that system is yours Drayon, open icmp for ping and traceroutes (icmp types echo, echo-reply and ttl-exceeded). Link to comment Share on other sites More sharing options...
joncl Posted March 11, 2009 Share Posted March 11, 2009 I'd like some trace data to a given destination IP 203.16.214.172 from users serviced with CAT, TOT + True. If users can note their service provider and paste the output of a trace to this IP : 203.16.214.172 i'd appreciate it. securemail.internode.on.net is alive and well but your icmp packets (traceroute) are all being blocked by their box at 150.101.134.54 A small scan shows; Scanning securemail.internode.on.net (203.16.214.172) Discovered open port 25/tcp on 203.16.214.172 all other ports deleted So your email port (inbound) is open if this is what you are after? But as the name suggests it is secure mail and does not like un-registered domains and IP's by the looks of it; Connected to securemail.internode.on.net (203.16.214.172). Escape character is '^]'. 220-ipmail01.adl6.internode.on.net ESMTP 220 ESMTP; my.ip.address.changed.here [124.xxx.xxx.xxx] in MTA's None; drivin' into the sunset Link to comment Share on other sites More sharing options...
drayon Posted March 13, 2009 Author Share Posted March 13, 2009 securemail.internode.on.net is alive and well but your icmp packets (traceroute) are all being blocked by their box at 150.101.134.54A small scan shows; Scanning securemail.internode.on.net (203.16.214.172) Discovered open port 25/tcp on 203.16.214.172 all other ports deleted So your email port (inbound) is open if this is what you are after? But as the name suggests it is secure mail and does not like un-registered domains and IP's by the looks of it; Connected to securemail.internode.on.net (203.16.214.172). Escape character is '^]'. 220-ipmail01.adl6.internode.on.net ESMTP 220 ESMTP; my.ip.address.changed.here [124.xxx.xxx.xxx] in MTA's None; drivin' into the sunset Big thanks to every participant. joncl-> I can confirm ICMP packets and UDP packets are getting blocked by 150.101.134.54 (perhaps a layer 4 server load-balancing switch) TCP trace rolls out to the host without issue. As you noted the host is secure using SSL ports. Still this leaves holes in any explanation as to why I'm experiencing significantly degraded performance access this mail server ie: approx 5 mins from connection establishment to final connection tear down. This process should take 10 seconds as is the case with my other IMAP accounts (based in the US). My ISP is looking into it. My ISP Internode is currently commissioning and alternative path from Asia to Perth via the 'Sea-Me-We-3 ' cable, hopefully this is not to far off completion. Far to excursive going from Bangkok to San Jose and back across the Pacific to Australia ;-) Link to comment Share on other sites More sharing options...
drayon Posted March 13, 2009 Author Share Posted March 13, 2009 Looks like some significant routing changes have occurred in the last hour @ True. Connection went offline for about 30 mins, my packets are no longer routing thru CAT routers. As can be seen in malcolmswaine trace hops 7-8 there is a huge latency of around 200ms. I was also seeing this anomaly. Now packets are going thru trueinternetgateway.com which has sliced off approx 180ms. I'm now routing to HK then to JP and back to Australia, which is much nicer than going to the US an back to Australia. Hopefully Internode is close to commissioning a path thru the Sea-Me-We-3 cable down to Perth, which should be even better. Current path ================================================================================ ============== WoRMhoLE:~ drayon$ lft securemail.internode.on.net Tracing ..........*.*.*.*.*..*.*...!*.*............T TTL LFT trace to securemail.internode.on.net (203.16.214.172):25/tcp 1 10.0.0.1 18.2/1.9ms 2 192.168.1.1 2.0/2.0ms 3 ppp-58-8-217-1.revip2.asianet.co.th (58.8.217.1) 25.3/26.2ms 4 ppp-210-86-189-26.revip.asianet.co.th (210.86.189.26) 26.6ms 5 10.169.26.1 30.3/30.1ms 6 61-90-254-114.static.asianet.co.th (61.90.254.114) 25.4ms 7 58-97-4-41.static.asianet.co.th (58.97.4.41) 28.1/27.9ms 8 61-91-210-50.static.asianet.co.th (61.91.210.50) 26.7ms 9 203-144-144-28.static.asianet.co.th (203.144.144.28) 28.2/25.8ms 10 61-91-210-5.static.asianet.co.th (61.91.210.5) 25.7/28.3ms 11 TIG-Net28-157.trueinternetgateway.com (122.144.28.157) 26.6/27.2ms ** [neglected] no reply packets received from TTL 12 13 tig-net26-86.trueinternetgateway.com (122.144.26.86) 97.7/95.3ms 14 203.131.243.141 96.8ms ** [neglected] no reply packets received from TTL 15 16 203.131.240.185 101.3/99.8ms ** [neglected] no reply packets received from TTL 17 18 xe-3-0-0.a21.tokyjp01.jp.ra.gin.ntt.net (61.213.162.98) 165.1ms ** [neglected] no reply packets received from TTL 19 20 203.105.73.78 147.9 203.105.73.82 148.8ms 21 203.105.73.138 392.7ms 22 pos3-3.bdr1.syd7.internode.on.net (203.16.211.33) 296.2ms 23 pos2-0.bdr1.adl6.internode.on.net (203.16.212.182) 296.3ms 24 gi1-14.cor1.adl6.internode.on.net (150.101.225.90) 289.6ms 25 [target open] securemail.internode.on.net (203.16.214.172):25 295.3ms ================================================================================ ===================== Link to comment Share on other sites More sharing options...
Prasert Posted March 13, 2009 Share Posted March 13, 2009 ...I can confirm ICMP packets and UDP packets are getting blocked by 150.101.134.54 (perhaps a layer 4 server load-balancing switch) TCP trace rolls out to the host without issue. As you noted the host is secure using SSL ports. Still this leaves holes in any explanation as to why I'm experiencing significantly degraded performance access this mail server ie: approx 5 mins from connection establishment to final connection tear down. This process should take 10 seconds as is the case with my other IMAP accounts (based in the US). My ISP is looking into it. ... icmp is not only used by ping and traceroute, it's mainly used to return information to the sender if a destination is unreachable, if packets are too big, etc. Blocking icmp will kill these control messages, either making communication impossible or slowing it down like hel_l. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now