Mat*_*kin 13 networking security
在对我们网络上的性能问题进行故障排除时,我traceroute在各种网站上运行。以下网站将反复无法完成traceroute:
traceroute无法完成?$ traceroute ebay.com
traceroute: Warning: ebay.com has multiple addresses; using 66.135.205.13
traceroute to ebay.com (66.135.205.13), 64 hops max, 52 byte packets
1 10.10.100.1 (10.10.100.1) 56.518 ms 2.390 ms 2.082 ms
2 mo-69-34-118-1.sta.embarqhsd.net (69.34.118.1) 9.943 ms 10.007 ms 10.177 ms
3 mo-69-68-209-249.dyn.embarqhsd.net (69.68.209.249) 10.976 ms 21.159 ms 10.015 ms
4 ge-6-20.car1.stlouis1.level3.net (4.53.160.13) 26.562 ms 26.278 ms 25.818 ms
5 ae-11-11.car2.stlouis1.level3.net (4.69.132.186) 26.393 ms 26.519 ms 79.884 ms
6 ae-4-4.ebr2.chicago1.level3.net (4.69.132.190) 32.965 ms 26.123 ms 48.123 ms
7 ae-5-5.ebr2.chicago2.level3.net (4.69.140.194) 27.308 ms 26.784 ms 26.693 ms
8 ae-2-52.edge4.chicago3.level3.net (4.69.138.166) 27.137 ms 26.473 ms 27.047 ms
9 chp-brdr-03.inet.qwest.net (63.146.27.17) 26.315 ms 26.329 ms 26.449 ms
10 dvr-edge-13.inet.qwest.net (67.14.24.89) 51.270 ms 51.355 ms 51.134 ms
11 * * *
12 * * *
. . . . .
33 * * *
34 * *^C
Jon*_*oss 16
如果出于防火墙或其他原因阻止了某些 ICMP 流量,则跟踪路由将无法完全工作。它们通常是 UDP(DNS 查找)和 ICMP 的混合。
如果你运行traceroute -I yahoo.com或者traceroute -T yahoo.com你应该看到不同的结果(yahoo.com 为我完成)。这使用 ICMP 回显和 TCP SYN。
从Linux 上的traceroute命令手册页:
In the modern network environment the traditional traceroute methods can not be always applicable, because of widespread use of
firewalls. Such firewalls filter the "unlikely" UDP ports, or even ICMP echoes. To solve this, some additional tracerouting methods are implemented (including tcp), see LIST OF AVAILABLE METHODS below. Such methods try to use particular protocol and
source/destination port, in order to bypass firewalls (to be seen by firewalls just as a start of allowed type of a network session).
小智 15
Traceroute 使用 ICMP 消息组。每个都有 3 个 ICMP 消息。(每组消息中的 HOP 计数递增 1)。
通常管理员会阻止 ICMP 数据包以“保护”他们的网络。(主要是为了掩盖网络和 DoS 的结构)。
这就是你得到星星的原因。
| 归档时间: |
|
| 查看次数: |
9310 次 |
| 最近记录: |