Curious question on hop identity...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This may be far afield insofar as topic fodder, but I am curious if anyone knows exactly what these two hops [9] [10] below, actually are? [snip] [...] 5 165 ms 161 ms 183 ms 10g-9-1-ur04.sanjose.ca.sfba.comcast.net [68.87. 192.49] 6 155 ms 156 ms 149 ms 10g-7-1-ur03.sanjose.ca.sfba.comcast.net [68.87. 192.41] 7 * * 163 ms 10g-9-1-ar01.sfsutro.ca.sfba.comcast.net [68.87. 192.37] 8 161 ms 157 ms * 68.87.226.130 9 169 ms 185 ms 171 ms 12.116.90.17 10 197 ms 198 ms 196 ms 12.122.114.66 11 157 ms 169 ms 175 ms ggr3-ge110.sffca.ip.att.net [12.122.82.169] 12 145 ms 149 ms 148 ms 192.205.33.82 13 182 ms 196 ms 209 ms ae-2-54.bbr2.SanJose1.Level3.net [4.68.123.97] 14 344 ms 332 ms 339 ms as-0-0.mp2.Stockholm1.Level3.net [4.68.128.70] 15 330 ms 343 ms 390 ms ge-1-1.car2.Stockholm1.Level3.net [4.68.96.226] [...] [snip] I have asked SBC/AT&T folks and received no reply at all... Cheers, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.1 (Build 1557) wj8DBQFFgPw+q1pz9mNUZTMRAiFEAJ9y481aCutAqVuQrLcMPa3iC6SoXwCgigNC ZE+BBNraVc4VMlUKfyzYNJg= =34zg -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
On Thu, 14 Dec 2006, Fergie wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This may be far afield insofar as topic fodder, but I am curious if anyone knows exactly what these two hops [9] [10] below, actually are?
Wouldn't you like to know? -- Alex Pilosov | DSL, Colocation, Hosting Services President | alex@pilosoft.com 877-PILOSOFT x601 Pilosoft, Inc. | http://www.pilosoft.com
On 2006-12-14-02:24:52, Fergie <fergdawg@netzero.net> wrote:
This may be far afield insofar as topic fodder
Not in the slightest. To the contrary, it's one of the more on-topic postings I've seen as of late, and I mean that with all sincerity.
I am curious if anyone knows exactly what these two hops [9] [10] below, actually are? [...] 8 161 ms 157 ms * 68.87.226.130 9 169 ms 185 ms 171 ms 12.116.90.17 10 197 ms 198 ms 196 ms 12.122.114.66 11 157 ms 169 ms 175 ms ggr3-ge110.sffca.ip.att.net [12.122.82.169] 12 145 ms 149 ms 148 ms 192.205.33.82 13 182 ms 196 ms 209 ms ae-2-54.bbr2.SanJose1.Level3.net
If I had to guess, I'd say 9 is a /30 (/31?) on Comcast's transit interface, and 10 is a backbone device of some sort. Suffice it to say, AT&T doesn't consider maintaining accurate (or even inaccurate, for that matter) PTR records a priority. Some recent faves include: 6 ggr3-ge00.n54ny.ip.att.net (12.123.0.97) 1.538 ms 1.400 ms 1.422 ms 7 att-gw.dc.aol.com (192.205.32.2) 1.775 ms 1.816 ms 1.847 ms 8 0.ge-5-1-0.XL4.NYC4.ALTER.NET (152.63.3.121) 1.701 ms 1.742 ms 14.988 ms 5 cw-gw.n54ny.ip.att.net (192.205.32.197) 0.648 ms 0.635 ms ggr3-p3122.n54ny.ip.att.net (192.205.33.117) 0.838 ms 6 tbr1-p012204.sl9mo.ip.att.net (12.122.82.22) 1.596 ms 1.759 ms 1.466 ms 4 savvis-gw.cgcil02ck4.ip.att.net (208.175.10.94) [AS 3561] 56 msec 60 msec allegiance-gw.dlstx.ip.att.net (192.205.32.225) [AS 7018] 196 msec 5 tbr1-p014001.cgcil.ip.att.net (12.123.6.34) [AS 7018] 4 ggr2-p310.sffca.ip.att.net (12.123.12.18) [AS 7018] 32 msec 16 msec 20 msec 5 att-gw.ashburn.eli.net (192.205.32.74) [AS 7018] 20 msec 20 msec 20 msec 6 0.so-2-0-0.XL1.SCL2.ALTER.NET (152.63.57.50) [AS 701] 20 msec 16 msec 16 msec -a
i'm sure someone knows -exactly- what those two hops are, but they may not be willing to say. http://lists.elistx.com/archives/interesting-people/200605/msg00250.html might be an explaination for the paranoid. --bill On Thu, Dec 14, 2006 at 07:24:52AM +0000, Fergie wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This may be far afield insofar as topic fodder, but I am curious if anyone knows exactly what these two hops [9] [10] below, actually are?
[snip]
[...]
5 165 ms 161 ms 183 ms 10g-9-1-ur04.sanjose.ca.sfba.comcast.net [68.87. 192.49] 6 155 ms 156 ms 149 ms 10g-7-1-ur03.sanjose.ca.sfba.comcast.net [68.87. 192.41] 7 * * 163 ms 10g-9-1-ar01.sfsutro.ca.sfba.comcast.net [68.87. 192.37] 8 161 ms 157 ms * 68.87.226.130 9 169 ms 185 ms 171 ms 12.116.90.17 10 197 ms 198 ms 196 ms 12.122.114.66 11 157 ms 169 ms 175 ms ggr3-ge110.sffca.ip.att.net [12.122.82.169] 12 145 ms 149 ms 148 ms 192.205.33.82 13 182 ms 196 ms 209 ms ae-2-54.bbr2.SanJose1.Level3.net [4.68.123.97] 14 344 ms 332 ms 339 ms as-0-0.mp2.Stockholm1.Level3.net [4.68.128.70] 15 330 ms 343 ms 390 ms ge-1-1.car2.Stockholm1.Level3.net [4.68.96.226]
[...]
[snip]
I have asked SBC/AT&T folks and received no reply at all...
Cheers,
- - ferg
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.1 (Build 1557)
wj8DBQFFgPw+q1pz9mNUZTMRAiFEAJ9y481aCutAqVuQrLcMPa3iC6SoXwCgigNC ZE+BBNraVc4VMlUKfyzYNJg= =34zg -----END PGP SIGNATURE-----
-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Bah, Humbug. Optical taps don't decrement TTLs or generate ICMP packets. San Francisco Bay Area cable modem networks have transitioned from @Home to AT&T Broadband to Comcast, so there is probably all sorts of expedient things done to keep it working through those transitions and IP addresses and IN-ADDR.ARPA files don't always align with how routers were divided up when companies buy/sell/exchange networks. There are probably still networks in NCR/Lucent/Olivette/AT&T that have odd IP addresses from various mergers and splits over the years. Occam's razor suggests those two hops are two routers in San Francisco connecting Comcast regional network to the AT&T common IP backbone for transit to AT&T's peering connections with other Internet backbones. Besides, why do you believe the text in an in-addr.arpa record? Or why do you think the absence of an in-addr.arpa record is meaningful? On Thu, 14 Dec 2006, bmanning@karoshi.com wrote:
i'm sure someone knows -exactly- what those two hops are, but they may not be willing to say. http://lists.elistx.com/archives/interesting-people/200605/msg00250.html might be an explaination for the paranoid.
On Thu, Dec 14, 2006 at 07:24:52AM +0000, Fergie wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
This may be far afield insofar as topic fodder, but I am curious if anyone knows exactly what these two hops [9] [10] below, actually are?
[snip]
[...]
5 165 ms 161 ms 183 ms 10g-9-1-ur04.sanjose.ca.sfba.comcast.net [68.87. 192.49] 6 155 ms 156 ms 149 ms 10g-7-1-ur03.sanjose.ca.sfba.comcast.net [68.87. 192.41] 7 * * 163 ms 10g-9-1-ar01.sfsutro.ca.sfba.comcast.net [68.87. 192.37] 8 161 ms 157 ms * 68.87.226.130 9 169 ms 185 ms 171 ms 12.116.90.17 10 197 ms 198 ms 196 ms 12.122.114.66 11 157 ms 169 ms 175 ms ggr3-ge110.sffca.ip.att.net [12.122.82.169] 12 145 ms 149 ms 148 ms 192.205.33.82 13 182 ms 196 ms 209 ms ae-2-54.bbr2.SanJose1.Level3.net [4.68.123.97] 14 344 ms 332 ms 339 ms as-0-0.mp2.Stockholm1.Level3.net [4.68.128.70] 15 330 ms 343 ms 390 ms ge-1-1.car2.Stockholm1.Level3.net [4.68.96.226]
[...]
[snip]
I have asked SBC/AT&T folks and received no reply at all...
Cheers,
- - ferg
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.1 (Build 1557)
wj8DBQFFgPw+q1pz9mNUZTMRAiFEAJ9y481aCutAqVuQrLcMPa3iC6SoXwCgigNC ZE+BBNraVc4VMlUKfyzYNJg= =34zg -----END PGP SIGNATURE-----
-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Besides, why do you believe the text in an in-addr.arpa record? Or why do you think the absence of an in-addr.arpa record is meaningful?
'cause i am a trusting sort... i tend to believe the DNS. even more so when i can validate the signed replys... the absence of DNS entries (forward or reverse) leads me to beleive that address literals are still a useful attribute... (although I find it tough to justify using octal representations) --bill
Besides, why do you believe the text in an in-addr.arpa record? Or why do you think the absence of an in-addr.arpa record is meaningful?
Back in the old days, say 10 years ago, you could run a network by the seat of your pants using rules of thumb about interpretation of in-addr.arpa records. And you could be quite successful at running a network using such techniques because everybody else was doing pretty much the same thing. Because of this uniformity, you could make a lot of intelligent guesses and resolve problems. However, I think times have changed, there is no longer uniformity among the people making technical decisions about Internet networks and many rules of thumb don't work any more even though they are still out there in network operator folklore. In fact, most people making network architectural decisions about Internet networks don't participate in NANOG any more. Most people making network operational decisions also do not participate in NANOG anymore. It's not just that many people have left NANOG behind, but a lot of newcomers to the industry over the past few years have not joined NANOG because they don't get why it is relevant to them. Not that I'm complaining about the message quoted above. It is a great example of the useful information that one can find in this mailing list. I wish there were more messages like this one, i.e. people sharing info rather than complaints and pleas for help. --Michael Dillon
AT&T's 'internet free' mpls core? randy ___ sent from a handheld, so even more terse than usual :-)
participants (7)
-
Adam Rothschild
-
alex@pilosoft.com
-
bmanning@karoshi.com
-
Fergie
-
Michael.Dillon@btradianz.com
-
Randy Bush
-
Sean Donelan