Trace Dump Required Cat, Tot + True

[drayon]

I'd like some trace data to a given destination IP 203.16.214.172 from users serviced with CAT, TOT + True.

If users can note their service provider and paste the output of a trace to this IP : 203.16.214.172 i'd appreciate it.

Edited March 11, 2009 by drayon

[malcolmswaine]

CAT Telecom

Tracing route to securemail.internode.on.net [203.16.214.172]

over a maximum of 50 hops:

1 4294967290 ms 1 ms 1 ms xxx.xxx. xxx. xxx

2 1 ms 1 ms 1 ms xxx. xxx. xxx. xxx

3 * 9 ms 9 ms xxx. xxx. xxx. xxx

4 * 30 ms 30 ms 61.7.148.33

5 22 ms 22 ms 22 ms 202.47.247.254

6 31 ms 31 ms 30 ms 202.47.254.141

7 30 ms 30 ms 30 ms 202.47.253.150

8 235 ms 232 ms 237 ms 202.47.253.233

9 225 ms 233 ms 233 ms ge-1-1.r01.lsanca03.us.bb.gin.ntt.net [204.1.253

.73]

10 238 ms 249 ms 238 ms ae-2.r20.lsanca03.us.bb.gin.ntt.net [129.250.3.1

25]

11 247 ms 246 ms 254 ms as-0.r21.snjsca04.us.bb.gin.ntt.net [129.250.4.9

6]

12 242 ms 235 ms 242 ms po-2.r02.snjsca04.us.bb.gin.ntt.net [129.250.4.1

0]

13 336 ms 337 ms 338 ms gig0-2.bdr1.sjc2.internode.on.net [129.250.11.98

]

14 508 ms 507 ms 507 ms pos7-0.bdr1.syd7.internode.on.net [203.16.213.16

1]

15 490 ms 491 ms 489 ms pos2-3.bdr1.adl6.internode.on.net [203.16.212.22

]

16 509 ms 513 ms 507 ms gi1-17.cor3.adl2.internode.on.net [150.101.134.6

2]

17 * * * Request timed out.

18 * * * Request timed out.

19 * * * Request timed out.

20 * * * Request timed out.

21 * * * Request timed out.

22 * * * Request timed out.

23 * * * Request timed out.

24 * * * Request timed out.

25 gi1-17.cor3.adl2.internode.on.net [150.101.134.62] reports: Destination ne

t unreachable.

Trace complete.

[sniffdog]

TOT

TraceRoute to 203.16.214.172 [securemail.internode.on.net]

Hop (ms) (ms) (ms) IP Address Host name

1 12 7 9 72.249.134.177 -

2 105 7 6 8.9.232.73 xe-5-3-0.edge3.dallas1.level3.net

3 13 19 15 4.68.19.254 vlan99.csw4.dallas1.level3.net

4 18 18 18 4.69.136.165 ae-93-93.ebr3.dallas1.level3.net

5 48 39 50 4.69.132.77 ae-3.ebr2.losangeles1.level3.net

6 52 39 50 4.69.137.22 ae-72-72.csw2.losangeles1.level3.net

7 40 49 42 4.68.20.69 ae-23-79.car3.losangeles1.level3.net

8 42 47 56 4.71.32.62 internode-s.car3.losangeles1.level3.net

9 252 243 243 203.16.213.190 pos3-2.bdr1.syd6.internode.on.net

10 243 241 243 150.101.199.230 pos4-1.bdr2.adl2.internode.on.net

11 244 244 245 150.101.225.102 gi1-19.cor1.adl6.internode.on.net

12 Timed out Timed out Timed out -

13 Timed out Timed out Timed out -

14 Destination network unreachable Timed out Timed out -

15 Timed out Timed out Timed out -

Trace aborted.

[Deksan]

True 2M :

traceroute to 203.16.214.172 (203.16.214.172), 64 hops max, 40 byte packets

1 192.168.1.1 2.328 ms 1.270 ms 1.249 ms

2 124.121.245.1 20.012 ms 19.636 ms 20.531 ms

3 210.86.189.33 21.805 ms 19.806 ms 19.967 ms

4 10.169.33.1 24.514 ms 23.597 ms 22.907 ms

5 58.97.25.102 27.465 ms 61.90.133.238 21.294 ms 61.90.254.118 20.809 ms

6 61.90.254.117 20.373 ms 20.849 ms 20.951 ms

7 * * *

8 203.144.144.27 20.658 ms 20.493 ms 21.482 ms

9 61.91.210.1 22.656 ms 20.704 ms 20.462 ms

10 122.144.28.145 21.110 ms 21.143 ms 21.623 ms

11 122.144.26.210 90.958 ms 91.894 ms 91.163 ms

12 122.144.26.226 58.703 ms 58.693 ms 59.385 ms

13 122.144.26.86 93.203 ms 95.690 ms 92.980 ms

14 203.131.243.141 99.422 ms 203.601 ms 204.490 ms

15 203.131.240.217 116.976 ms 92.542 ms 92.999 ms

16 203.131.240.185 92.372 ms 91.008 ms 92.728 ms

17 129.250.2.38 144.535 ms 144.906 ms 144.027 ms

18 61.213.162.234 145.134 ms 143.055 ms 144.036 ms

19 203.105.72.10 144.576 ms 145.345 ms 143.717 ms

20 203.105.73.82 143.690 ms 142.827 ms 143.750 ms

21 203.105.73.138 368.089 ms 367.901 ms 366.570 ms

22 203.16.211.33 291.210 ms 291.275 ms 290.964 ms

23 150.101.134.157 290.135 ms 290.124 ms 290.863 ms

24 150.101.225.110 288.613 ms 287.605 ms 287.213 ms

25 * 150.101.225.110 291.111 ms !X *

26 * * *

27 150.101.225.110 289.739 ms !X * *

28 * * *

29 * * *

30 * 150.101.225.110 288.186 ms !X

[Prasert]

gi1-21.cor1.adl6.internode.on.net (150.101.134.54) is blocking icmp traffic, probably with an access-list. If that system is yours Drayon, open icmp for ping and traceroutes (icmp types echo, echo-reply and ttl-exceeded).

[joncl]

I'd like some trace data to a given destination IP 203.16.214.172 from users serviced with CAT, TOT + True.

If users can note their service provider and paste the output of a trace to this IP : 203.16.214.172 i'd appreciate it.

securemail.internode.on.net is alive and well but your icmp packets (traceroute) are all being blocked by their box at 150.101.134.54

A small scan shows;

Scanning securemail.internode.on.net (203.16.214.172)

Discovered open port 25/tcp on 203.16.214.172

all other ports deleted

So your email port (inbound) is open if this is what you are after?

But as the name suggests it is secure mail and does not like un-registered domains and IP's by the looks of it;

Connected to securemail.internode.on.net (203.16.214.172).

Escape character is '^]'.

220-ipmail01.adl6.internode.on.net ESMTP

220 ESMTP; my.ip.address.changed.here [124.xxx.xxx.xxx] in MTA's None; drivin' into the sunset

[drayon]

securemail.internode.on.net is alive and well but your icmp packets (traceroute) are all being blocked by their box at 150.101.134.54

A small scan shows;

Scanning securemail.internode.on.net (203.16.214.172)

Discovered open port 25/tcp on 203.16.214.172

all other ports deleted

So your email port (inbound) is open if this is what you are after?

But as the name suggests it is secure mail and does not like un-registered domains and IP's by the looks of it;

Connected to securemail.internode.on.net (203.16.214.172).

Escape character is '^]'.

220-ipmail01.adl6.internode.on.net ESMTP

220 ESMTP; my.ip.address.changed.here [124.xxx.xxx.xxx] in MTA's None; drivin' into the sunset

Big thanks to every participant.

joncl-> I can confirm ICMP packets and UDP packets are getting blocked by 150.101.134.54 (perhaps a layer 4 server load-balancing switch) TCP trace rolls out to the host without issue. As you noted the host is secure using SSL ports. Still this leaves holes in any explanation as to why I'm experiencing significantly degraded performance access this mail server ie: approx 5 mins from connection establishment to final connection tear down. This process should take 10 seconds as is the case with my other IMAP accounts (based in the US). My ISP is looking into it.

My ISP Internode is currently commissioning and alternative path from Asia to Perth via the 'Sea-Me-We-3 ' cable, hopefully this is not to far off completion.

Far to excursive going from Bangkok to San Jose and back across the Pacific to Australia ;-)

[drayon]

Looks like some significant routing changes have occurred in the last hour @ True. Connection went offline for about 30 mins, my packets are no longer routing thru CAT routers. As can be seen in malcolmswaine trace hops 7-8 there is a huge latency of around 200ms. I was also seeing this anomaly. Now packets are going thru trueinternetgateway.com which has sliced off approx 180ms. I'm now routing to HK then to JP and back to Australia, which is much nicer than going to the US an back to Australia. Hopefully Internode is close to commissioning a path thru the Sea-Me-We-3 cable down to Perth, which should be even better.

Current path

================================================================================

==============

WoRMhoLE:~ drayon$ lft securemail.internode.on.net

Tracing ..........*.*.*.*.*..*.*...!*.*............T

TTL LFT trace to securemail.internode.on.net (203.16.214.172):25/tcp

1 10.0.0.1 18.2/1.9ms

2 192.168.1.1 2.0/2.0ms

3 ppp-58-8-217-1.revip2.asianet.co.th (58.8.217.1) 25.3/26.2ms

4 ppp-210-86-189-26.revip.asianet.co.th (210.86.189.26) 26.6ms

5 10.169.26.1 30.3/30.1ms

6 61-90-254-114.static.asianet.co.th (61.90.254.114) 25.4ms

7 58-97-4-41.static.asianet.co.th (58.97.4.41) 28.1/27.9ms

8 61-91-210-50.static.asianet.co.th (61.91.210.50) 26.7ms

9 203-144-144-28.static.asianet.co.th (203.144.144.28) 28.2/25.8ms

10 61-91-210-5.static.asianet.co.th (61.91.210.5) 25.7/28.3ms

11 TIG-Net28-157.trueinternetgateway.com (122.144.28.157) 26.6/27.2ms

** [neglected] no reply packets received from TTL 12

13 tig-net26-86.trueinternetgateway.com (122.144.26.86) 97.7/95.3ms

14 203.131.243.141 96.8ms

** [neglected] no reply packets received from TTL 15

16 203.131.240.185 101.3/99.8ms

** [neglected] no reply packets received from TTL 17

18 xe-3-0-0.a21.tokyjp01.jp.ra.gin.ntt.net (61.213.162.98) 165.1ms

** [neglected] no reply packets received from TTL 19

20 203.105.73.78 147.9 203.105.73.82 148.8ms

21 203.105.73.138 392.7ms

22 pos3-3.bdr1.syd7.internode.on.net (203.16.211.33) 296.2ms

23 pos2-0.bdr1.adl6.internode.on.net (203.16.212.182) 296.3ms

24 gi1-14.cor1.adl6.internode.on.net (150.101.225.90) 289.6ms

25 [target open] securemail.internode.on.net (203.16.214.172):25 295.3ms

================================================================================

=====================

[Prasert]

...

I can confirm ICMP packets and UDP packets are getting blocked by 150.101.134.54 (perhaps a layer 4 server load-balancing switch) TCP trace rolls out to the host without issue. As you noted the host is secure using SSL ports. Still this leaves holes in any explanation as to why I'm experiencing significantly degraded performance access this mail server ie: approx 5 mins from connection establishment to final connection tear down. This process should take 10 seconds as is the case with my other IMAP accounts (based in the US). My ISP is looking into it.

...

icmp is not only used by ping and traceroute, it's mainly used to return information to the sender if a destination is unreachable, if packets are too big, etc.

Blocking icmp will kill these control messages, either making communication impossible or slowing it down like hel_l.