I learned recently that traceroute doesn't mean what I think it does [source].
I'm troubleshooting a VPN connection, to our firewall, from a certain source IP across the country. All other VPN connections, both inside and outside our firewall, connect without issues. I'm beginning to suspect network issues somewhere near the client's end, as I've fairly well ruled out issues on our end, and during a remote desktop session, I've confirmed the client software installed on the actual endpoint looks correct. Yet it still gives me erratic/intermittent behavior: connection attempts often fail outright, but inconsistently.
Just for giggles I fired up an mtr and pointed it at their public NAT/PAT IP. This is what came up.
The n00b in me wants to laugh and point at hop 10 (sjc20.tbone.rr.com) as the culprit, seeing as how starting at that hop, the trace stabilizes on ~80% loss, all the way to hop 26.
But I remember that a network node dropping ICMP/UDP doesn't necessarily mean there is any problem with traffic forwarding on the data plane, as rate limiting or a host of other factors may cause a drop. But I'm not sure.
So what, if anything, can I reasonably infer from the following trace?
NOTE: The trace below is using ICMP, but I got nearly identical results from UDP.
host.example.org (0.0.0.0) Tue Oct 9 14:28:25 2018 Keys: Help Display mode Restart statistics Order of fields quit Packets Pings Host Loss% Snt Last Avg Best Wrst StDev 1. hop1 0.0% 42 0.4 0.3 0.3 0.6 0.1 2. hop2 0.0% 42 0.4 0.5 0.4 0.6 0.0 3. hop3 0.0% 42 0.5 0.5 0.5 0.5 0.0 4. hop4 0.0% 42 5.5 3.4 1.0 7.9 2.1 5. hop5 0.0% 42 1.6 1.3 1.1 1.6 0.1 6. hop6 0.0% 42 5.3 5.1 4.9 5.7 0.1 7. oak-agg4--sac-agg4--100ge.cenic.net 0.0% 41 6.7 6.7 6.4 7.1 0.2 8. svl-agg4--oak-agg4-100ge-#2.cenic.net 0.0% 41 7.9 7.8 7.6 8.1 0.2 9. xe-0-1-0.0.rtsw.paix.net.internet2.edu 0.0% 41 8.0 11.3 7.9 45.8 9.4 10. sjc20.tbone.rr.com 90.0% 41 8.0 8.0 8.0 8.1 0.0 11. bu-ether15.snjucacl67w-bcr00.tbone.rr.com 82.9% 41 81.6 79.7 76.9 82.5 2.1 12. bu-ether13.lsancarc0yw-bcr00.tbone.rr.com 80.0% 41 82.3 81.1 78.3 82.9 1.7 13. bu-ether45.chctilwc00w-bcr00.tbone.rr.com 85.0% 41 76.3 80.8 76.3 83.7 3.4 14. bu-ether16.dllstx976iw-bcr00.tbone.rr.com 80.0% 41 81.9 82.0 79.6 84.2 1.7 15. bu-ether34.atlngamq46w-bcr00.tbone.rr.com 82.5% 41 78.7 79.9 77.0 83.7 2.8 16. bu-ether12.atlngamq46w-bcr00.tbone.rr.com 85.0% 41 83.5 81.3 76.1 83.5 2.7 17. 66.109.6.83 92.5% 41 84.9 84.3 83.4 84.9 0.8 18. be1.apexncco01r.southeast.rr.com 82.5% 41 86.3 86.4 86.3 86.5 0.1 19. 24.93.67.74 92.3% 40 86.5 86.4 86.4 86.5 0.0 20. cpe-024-025-062-001.ec.res.rr.com 94.9% 40 80.4 80.4 80.4 80.4 0.0 21. rrcs-24-172-67-65.midsouth.biz.rr.com 84.6% 40 98.4 90.3 86.1 98.8 6.4 22. mail.rduweb.com 86.5% 38 87.6 87.7 87.6 87.7 0.0 23. 199.231.216.4 85.7% 36 89.3 89.3 89.3 89.4 0.1 24. 199.231.216.3 90.9% 34 89.7 89.6 89.5 89.7 0.1 25. 10.0.16.22 84.4% 33 91.5 91.7 91.5 92.3 0.3 26. ???
No comments:
Post a Comment