SOLUTION TO ASSSIGNMENT

PART B and C: ‘TRACEROUTE’

-Capt Aditya Bhosale, SM

Question

1. What is it used for, and how does it work?

Answer

2. Traceroute. Traceroute is a computer network tool used to show the route path and measuring transit delays of packets across an Internet Protocol (IP) network.

3. Traceroute sends a sequence of three Internet Control Message Protocol (ICMP) echo request packets addressed to a destination host. The time-to-live (TTL) value, also known as hop limit, is used in determining the intermediate routers being traversed towards the destination. Routers decrement packets' TTL value by 1 when routing and discard packets whose TTL value has reached zero, returning the ICMP error message ICMP Time Exceeded. Common default values for TTL are 128 (Windows OS) and 64 (Linux-based OS).

4. Traceroute works by sending packets with gradually increasing TTL value, starting with TTL value = 1. The first router receives the packet, decrements the TTL value and drops the packet because it then has TTL value zero. The router sends an ICMP Time Exceeded message back to the source. The next set of packets are given a TTL value of 2, so the first router forwards the packets, but the second router drops them and replies with ICMP Time Exceeded. Proceeding in this way, traceroute uses the returned ICMP Time Exceeded messages to build a list of routers that packets traverse, until the destination is reached and returns an ICMP Echo Reply message.

5. Each computer on the traceroute is identified by its IP address, which is a 9 digit number separated by periods. The journey from one computer to another is known as a 'hop.' The amount of time it takes to make a hop is measured in milliseconds. The information that travels along the traceroute is known as 'packets.' Generally, a traceroute will display three separate columns for the hop time, as each traceroute sends out three separate packets of information to each computer. At the very top of the list, the traceroute will give the limit of how many lines of hops it will display; 30 hops is a typical maximum number. When a traceroute has difficulty accessing a computer, it will display the message "Request timed out." Each of the hop columns will display an asterisk instead of a millisecond count. On occasion, a traceroute will show one hop time, with the next two columns displaying asterisks. This usually indicates that although one packet was accepted by the computer, the other two packets were discarded. This is not unusual; due to security concerns, many computers routinely reject multiple packages, or forward them to different sources.

Question

6. Perform Trace route between source and destination on the same continent at three different hours of the day.

Answer

7. Traceroute performed on www.iitd.ac.in at three different times:-

(a) At 2209 hrs.

(b) At 1547 hrs.

(c) At 1957 hrs.

Question

8. Try to identify the number of ISP networks that the traceroute packets pass through from source to destination. Routers with the similar names and/or similar IP address should be considered as part of the same ISP. In your experiments, do the largest delays occur at the peering interfaces between adjacent ISPs?

Answer

PART C

Question

10. Choose three destinations from the list above, and use ping and traceroute to collect information about them at three different hours of the day.

(a) Find the average and standard deviation of the RTT at each of the three hours. Do the RTTs vary for all of the destinations, some, or none? What are some reasons why they might vary?

(b) Find the number of routers in the path at each of the three hours. Did the paths change during any of the hours? What are some reasons why paths might change?

Answer

11. The three destinations chosen are www.iitd.ac.in, www.mtu.edu, www.cs.ucla.edu.

(a) At 2220 hrs.

(b) At 1542 hrs.

(c) At 2005 hrs.

12. The average RTTs for the three destinations at three different hours are as below:-

Destination Time2220 hrs 1542 hrs 2005 hrs

www.iitd.ac.in 63 19.62 53 2.44 51 2www.mtu.edu 312 4.58 312 5.57 312 4.69www.cs.ucla.edu 213 1.41 213 3 214 3.464

13. Reasons for Variation in RTT. The RTT varies with time because it is the time taken by the packets to reach the destination and come back which is subject to the network traffic and the route followed by the packet. The data speed over the channel also governs the RTT.

14. The path mostly remained same but changed in certain cases. This may occour if any server in the path is not reachable or switched off thus requiring ICMP to find another alternate path.

Question

15. How can traceroute find at least partial paths to some hosts that you couldn't ping?

Answer

16. There may be some hosts to whom one cannot ping as the host is unreachable or switched off. But that doesent mean that all the routers in the path are unreachable. The packet travels the entire path to the host but if it finds the host unreachable, it gives it as a error. But trace route can trace the path till the host (barring the host).

17. Why does traceroute not find complete paths (but only ***) to some hosts that you can ping?

Answer

18. When a traceroute has difficulty accessing a computer, it will display the message "Request timed out." Each of the hop columns will display an asterisk instead of a millisecond count. It means packet loss. The traceroute continued for the full 30 hops, each reporting * * * as it went. If your trace to the server has many asterisks like this one, that means that the connection was not able to be completed.  This could be for a variety of reasons like :-

(a) A network outage.

(b) High amounts of traffic causing network congestion.

(c) A firewall dropping traffic from your IP.