[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Monitoring from one place on the globe

Harald,

> Example output:

> 2000-08-14T12:05 SUCCESS 20 574.342 embratel-fapesp.NewYork.cw.net
> ^                ^       ^    ^     ^
> timestamp        result  hops delay last router before aroot.psg.com

> The result is SUCCESS if the last response came from aroot.psg.com,
> FAILURE otherwise (and the router name is then the last router on
> traceroute output).

for people who happen to hit the aroot server in Geneva, your script
will always return FAILURE, because the last line of traceroute output
will show the unicast address of that machine:

: leinen@babar[leinen]; /usr/sbin/traceroute aroot.psg.com
traceroute to aroot.psg.com (192.83.230.1), 30 hops max, 40 byte packets
 1  swiCS2-F2-0-0.switch.ch (130.59.4.203)  7.859 ms  0.636 ms  0.692 ms
 2  swiEZ1-F1-0-0.switch.ch (130.59.20.206)  1.075 ms  1.004 ms  1.231 ms
 3  swiCE1-A4-0-0-1.switch.ch (130.59.33.25)  13.913 ms  7.972 ms  8.105 ms
 4  mbone-cern.switch.ch (192.65.185.100)  8.070 ms *  9.098 ms

Note that this is correct behavior, so the output of your script is
confusing.  When you send DNS queries to the server through the
anycast address, the response will have the anycast address in the
source address.  That's what counts.  Traceroute prints the address
from which the last ICMP packet (UDP port unreachable) is sent, and
that source address can belong to a different interface of the host.
As tcpdump shows, the anycast address is included in the ICMP UDP port
unreachable packet, but not as the source address:

16:21:37.595779 mbone-cern.switch.ch > babar: icmp: aroot.psg.com udp port 33443 unreachable (DF)

So I'm afraid that standard traceroute is not sufficient to perform
the SUCCESS/FAILURE indication that you have in mind.  Maybe you
should just ping the anycast address to find out reachability and
response time.

Regards,
-- 
Simon.