Cable Forum - View Single Post - Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797]

rryles · 24-07-2008, 14:17

Here is my attempt at a layman's guide to traceroute. It omits many details, to the point of being technically incorrect, but hopefully not in a way that matters.

The Internet

The internet consists of hundreds of millions of computers all connected together so they can talk to each other. That's a lot of computers! Therefore it should be obvious that it's not practical to connect every computer directly to every other computer. Instead, the internet is designed a bit more like a phone system. Your computer is connected to an exchange. That exchange is connected to some other exchanges. Some of those exchanges are connected to cables that run under the sea to exchanges in other countries. To phone someone in another country your call will have to pass through a number of exchanges. Some clever stuff is used to determine how to get your call to the destination you desire. This is known as routing the call (finding a route). The internet is very similar. Calls are replaced by "packets", phone numbers are replaced by IP addresses and exchanges are replaced by "routers" which route your packet to its destination.

However, the internet is not exactly like a phone system. In some ways it's more like a postal system. Remember I said calls are replaced by packets? Well you can think of them like a postal packet or a letter. You decide you want to send a message to someone. You write what you want to say, in a language that your intended recipient will understand. Then you put your letter inside an envelope and write the address on it that you want to send it to. If you're worried it might not get delivered you might also write a return address on the back. When you're done you pop it in a post box and forget about it for a while. All being well you get a reply delivered a few days later. You might have a lengthy exchange consisting of several letters both ways.

Every time you send a letter or packet you dispatch it and hope/assume it reaches it's destination. You have no idea how it reaches it's destination but it usually does. Sometimes, however, it doesn't. There are two possibilities: it simply gets lost never to be seen again; or it gets returned to you with some explanation as to what went wrong. I'll cover a particular way in which things can go, which is required to understand traceroute.

The internet was designed to be robust and fault tolerant. One fault that can occur is when the routing stops working and sends packets round in a loop. this would cause the packet to continue hoping around, never reaching its destination but forever using resources such as bandwidth. This would not be good. So a feature was included to prevent this. Every packet has a number associated with it called its "Time To Live" or TTL. The TTL starts at say 100. Every time a packet passes through a router the TTL for that packet is decreased by 1. When it reaches zero the router gives up trying to get it to its destination. It then sends a special packet back to the return address that says "Your packet's TTL reached zero so I stopped trying to send it." This prevents your packet from going round in an endless loop.

Trace Route

I said earlier that you don't care how a packet gets delivered. Well sometimes it can be useful to track a packet on its way to it's destination. This might be to locate where a fault or bottleneck in the system is. It might also be to investigate potentially illegal practices of your ISP.

This is quite a common requirement for some techy people so there are software tools to help. Normally they are called something like traceroute. Here is how traceroute works. It sends a series of packets to your chosen destination. However it does something a little unusual with them. The first packet it sends doesn't have a TTL of 100 to start. It has a TTL of 1! This means it will only go as far as the first router it encounters before being returned with an error. Sounds pretty pointless, but you can get two bits of information from that returned packet: which router it got to and how long it took for the packet to get there and back. The second packet that traceroute sends out has a TTL of 2, so it gets as far as the second router before being returned. The next has a TTL of 3 and so on. Eventually your packet reaches its intended destination and you get a normal every day response from it. At this point traceroute stops sending packets. It then prints a list of all of the routers that it found between you and your chosen destination, along with the trip times measured for each.

Problems With TraceRoute

1. Some packets might take a different route to the same destination. It's not possible to track a single packet from start to end using the traceroute method so this can cause errors in the results.

2. The packets that get sent by traceroute can't be blank. They must contain something. Usually they are what are known as ping packets. This are like writing "Are you there?" on a piece of paper and posting it. Normal you get the response "Yes, I'm here", unless the recipient is too rude to reply (quite common these days). For our purposes, we don't want to send a ping packet because it may be identified as such and routed past the phorm stuff without touching it. We want to send what looks like the start of a web page request. To do this we need to send a TCP packet to port 80. This can be done with new versions of traceroute, or a separate program called tcptraceroute.

Hope that helps

P.S. It might be interesting to compare a standard traceroute using ping packets with a tcptraceroute on port 80.

24-07-2008, 14:17	#12629
rryles Inactive Join Date: May 2008 Posts: 147	Re: Virgin Media Phorm Webwise Adverts [Updated: See Post No. 1, 77, 102 & 797] Here is my attempt at a layman's guide to traceroute. It omits many details, to the point of being technically incorrect, but hopefully not in a way that matters. The Internet The internet consists of hundreds of millions of computers all connected together so they can talk to each other. That's a lot of computers! Therefore it should be obvious that it's not practical to connect every computer directly to every other computer. Instead, the internet is designed a bit more like a phone system. Your computer is connected to an exchange. That exchange is connected to some other exchanges. Some of those exchanges are connected to cables that run under the sea to exchanges in other countries. To phone someone in another country your call will have to pass through a number of exchanges. Some clever stuff is used to determine how to get your call to the destination you desire. This is known as routing the call (finding a route). The internet is very similar. Calls are replaced by "packets", phone numbers are replaced by IP addresses and exchanges are replaced by "routers" which route your packet to its destination. However, the internet is not exactly like a phone system. In some ways it's more like a postal system. Remember I said calls are replaced by packets? Well you can think of them like a postal packet or a letter. You decide you want to send a message to someone. You write what you want to say, in a language that your intended recipient will understand. Then you put your letter inside an envelope and write the address on it that you want to send it to. If you're worried it might not get delivered you might also write a return address on the back. When you're done you pop it in a post box and forget about it for a while. All being well you get a reply delivered a few days later. You might have a lengthy exchange consisting of several letters both ways. Every time you send a letter or packet you dispatch it and hope/assume it reaches it's destination. You have no idea how it reaches it's destination but it usually does. Sometimes, however, it doesn't. There are two possibilities: it simply gets lost never to be seen again; or it gets returned to you with some explanation as to what went wrong. I'll cover a particular way in which things can go, which is required to understand traceroute. The internet was designed to be robust and fault tolerant. One fault that can occur is when the routing stops working and sends packets round in a loop. this would cause the packet to continue hoping around, never reaching its destination but forever using resources such as bandwidth. This would not be good. So a feature was included to prevent this. Every packet has a number associated with it called its "Time To Live" or TTL. The TTL starts at say 100. Every time a packet passes through a router the TTL for that packet is decreased by 1. When it reaches zero the router gives up trying to get it to its destination. It then sends a special packet back to the return address that says "Your packet's TTL reached zero so I stopped trying to send it." This prevents your packet from going round in an endless loop. Trace Route I said earlier that you don't care how a packet gets delivered. Well sometimes it can be useful to track a packet on its way to it's destination. This might be to locate where a fault or bottleneck in the system is. It might also be to investigate potentially illegal practices of your ISP. This is quite a common requirement for some techy people so there are software tools to help. Normally they are called something like traceroute. Here is how traceroute works. It sends a series of packets to your chosen destination. However it does something a little unusual with them. The first packet it sends doesn't have a TTL of 100 to start. It has a TTL of 1! This means it will only go as far as the first router it encounters before being returned with an error. Sounds pretty pointless, but you can get two bits of information from that returned packet: which router it got to and how long it took for the packet to get there and back. The second packet that traceroute sends out has a TTL of 2, so it gets as far as the second router before being returned. The next has a TTL of 3 and so on. Eventually your packet reaches its intended destination and you get a normal every day response from it. At this point traceroute stops sending packets. It then prints a list of all of the routers that it found between you and your chosen destination, along with the trip times measured for each. Problems With TraceRoute 1. Some packets might take a different route to the same destination. It's not possible to track a single packet from start to end using the traceroute method so this can cause errors in the results. 2. The packets that get sent by traceroute can't be blank. They must contain something. Usually they are what are known as ping packets. This are like writing "Are you there?" on a piece of paper and posting it. Normal you get the response "Yes, I'm here", unless the recipient is too rude to reply (quite common these days). For our purposes, we don't want to send a ping packet because it may be identified as such and routed past the phorm stuff without touching it. We want to send what looks like the start of a web page request. To do this we need to send a TCP packet to port 80. This can be done with new versions of traceroute, or a separate program called tcptraceroute. Hope that helps P.S. It might be interesting to compare a standard traceroute using ping packets with a tcptraceroute on port 80.