Troubleshooting routing issues
Recently I’ve received reports from clients on a particular ISP are having trouble reaching services on a particular server in a data centre.
Although they did first report it as “the internet is down”, I soon discovered it was actually just their email and home page which they were having trouble reaching.
Once I had told them to visit “www.google.com” in Internet Explorer, I could confirm that this was in fact a routing issue.
So how do you troubleshoot and diagnose a routing issue to identify the problem? That’s what we’re going to find out…
To get the full picture of exactly what is happening we need to run diagnostics software at each end.
A good choice is MTR type software, which combines the functions of traceroute and ping into one application. This means you can send a ping (ICMP “echo request” packet) to each node/host between you and the host you’re trying to reach and in return each host should reply as “received”, if it doesn’t this is known as a loss.
We’ll be using this software to find out which node is giving us the most loss.
Here are the choices:
- MTR (Open Source) for Linux
- PathPing (Bundled) for Windows
- WinMTR (Open Source) for Windows
- Ping Plotter (Commercial/Freeware) for Windows
- VisualRoute (Commercial/Freeware) for Windows
- Path Analyzer Pro (Commercial) for Windows/Mac OS X
- 3D Traceroute (Freeware) for Windows
In most cases, MTR and PathPing will be sufficient, but if you like a visual aid, you may wish to use one of the more advanced software suites.
Note: PathPing allows no more than 255 queries per hop, so you may wish to use WinMTR.
Often internet traffic will go one way to a destination, and then come back via another route to the source. We’re going to check both ways.
- On the source computer
- Run WinMTR
- Set the host as the target server
- Wait until over 1000 packets have been sent
- Export the results as a TEXT file and/or take a screenshot
- On the target server
- Run MTR with the host as the source computer
- Wait until over 1000 packets have been sent
- Copy the results into a TEXT file and/or take a screenshot
To diagnose, you’re looking for hosts/nodes that are reporting a loss.
- If you’re seeing a large losses from the source computer (running WinMTR), you should report it to your ISP
- If you are seeing large losses from the target server (running MTR) you should report it to your hosting provider
Note: Some nodes may return “No response from host” and have 100% loss, this is usually nothing to worry about as it’s ICMP response is purposely blocked by a firewall. You probably don’t report these, unless your connection is totally down.
Comments