Re: Bug#104450: ITP: tcptraceroute -- A traceroute implementation using TCP packets

["Michael C. Toren" <mct@toren.net>]

christophe.barbe@lineo.fr writes:

> When I saw your ITP mail I said myself that tcptraceroute could be
> usefull to find non ecn compliant server. In fact when you turn on ecn
> on a 2.4 kernel you expose yourself to unreachable sites due to broken
> server on the road.  You can't find the broken server with traceroute
> because it doesn't send tcp packets.  So I've tried tcptraceroute and
> surprisingly it is not concerned by ecn.

tcptraceroute isn't affected by /proc/sys/net/ipv4/tcp_ecn because it
constructs TCP SYN packets on it's own (with the help of libnet) and
writes them to a raw socket, as oppose to requesting that the kernel
establish a TCP connection.  You are correct, the SYN packets it
constructs do not have the TH_ECN or TH_CWR bits set.

jpenny@debian.org writes:

> Ahh, but is it?  How does one track down which device is ECN
> blocking?  It would be very useful to have something that would
> perform traceroute type functionality but show the first device
> which was blocking ECN, or flag ECN incompatibility.

It's fairly trivial to hack tcptraceroute so that it has the ability to
send SYN packets with the ECN bits set.  I've included a patch against 1.1
at the bottom of this message which adds a -E command line option:

# ./tcptraceroute -f 10 oss.software.ibm.com
Selected device eth0, address 207.8.132.210, port 3171 for outgoing packets
Tracing the path to oss.software.ibm.com (129.42.244.202) on TCP port 80 (www), 30 hops max
10  gbr1-p80.cb1ma.ip.att.net (12.122.5.54)  13.747 ms
11  gar2-p360.cb1ma.ip.att.net (12.123.40.137)  13.861 ms
12  12.125.33.54 (12.125.33.54)  14.573 ms
13  oss.lotus.com (129.42.244.202) [open]  14.628 ms

# ./tcptraceroute -f 10 -E oss.software.ibm.com
Selected device eth0, address 207.8.132.210, port 3172 for outgoing packets
Tracing the path to oss.software.ibm.com (129.42.244.202) on TCP port 80 (www), 30 hops max
10  gbr1-p80.cb1ma.ip.att.net (12.122.5.54)  13.834 ms
11  gar2-p360.cb1ma.ip.att.net (12.123.40.137)  13.864 ms
12  12.125.33.54 (12.125.33.54)  14.822 ms
13  *
14  *

I'm hoping to release 1.2 sometime in the next two weeks, which will
include this patch, plus a few other things.  If all goes well, perhaps
David will be able to upload 1.2 to woody before the freeze.

Thanks,

-mct


diff -ru tcptraceroute-1.1/tcptraceroute.c tcptraceroute-1.1+ecn/tcptraceroute.c
--- tcptraceroute-1.1/tcptraceroute.c	Sun Jul  1 15:37:57 2001
+++ tcptraceroute-1.1+ecn/tcptraceroute.c	Sat Jul 14 00:47:47 2001
@@ -70,6 +70,16 @@
 #include <stdarg.h>
 #include <stdio.h>
 
+/*
+ * ECN (RFC 2481)
+ */
+#ifndef TH_ECN
+#define TH_ECN  0x40
+#endif
+#ifndef TH_CWR
+#define TH_CWR  0x80
+#endif
+
 /* Buffer size used for a few strings, including the pcap filter */
 #define TEXTSIZE	1024
 
@@ -91,7 +101,7 @@
 u_long dst_ip, src_ip;
 u_short src_prt, dst_prt;
 int	sockfd, datalink, offset, minttl, maxttl, timeout;
-int o_debug, o_numeric;
+int o_debug, o_numeric, o_ecn;
 char *device, *name, *dst, *src;
 char dst_name[TEXTSIZE+1], dst_prt_name[TEXTSIZE+1], filter[TEXTSIZE+1];
 pcap_t *pcap;
@@ -389,7 +399,7 @@
 		dst_prt,				/* dest port	*/
 		0,						/* seq number	*/
 		0,						/* ack number	*/
-		TH_SYN,					/* control		*/
+		TH_SYN | (o_ecn ? TH_CWR|TH_ECN : 0),	/* control		*/
 		0,						/* window		*/
 		0,						/* urgent?		*/
 		NULL,					/* data			*/
@@ -625,6 +635,7 @@
 	maxttl	= 30;
 	o_debug	= 0;
 	o_numeric = 0;
+	o_ecn	= 0;
 	device	= NULL;
 	dst_prt	= 0;
 	timeout	= 3;
@@ -707,6 +718,11 @@
 					if (getuid()) fatal("Sorry, must be root to use -s\n");
 					src = argv[1];
 					argc--, argv++;
+					break;
+
+				case 'E':
+					o_ecn = 1;
+					debug("Enabled ECN support\n");
 					break;
 
 				default: