In most cases, you probably aren't interested in the path that network traffic takes through the Internet. You will be interested, however, when connection problems bring a call from the CFO, who can’t communicate with a partner company's Web site that he has used every day for the last year. The CFO needs to access the site today, and you are charged with troubleshooting the problem. You try it yourself and can't access the site. You contact the company that operates the site (this isn't always possible), and it says that everything is fine on that end. Now you are much more interested in how your data gets from your location to this Web site, the path that it takes, and where the problem may lie on the Internet.
Of course, you can call your ISP and get the standard "We’ll look into it" response. But you still don't have an explanation for the CFO about the cause of the problem or who is to blame. The last thing you want to do is to simply say, “Our ISP is looking into it. Since we seem to be the only ones who are having the problem, it could take a long time, and I don’t know when the ISP will get back to us.”
So, how does the traffic get from point A to point B? There are two ways to look at this path: from the IP perspective and from the BGP perspective.
If you already administer your own BGP AS, this article is probably not for you. However, if you have basic or intermediate TCP/IP knowledge and are interested in learning more about Internet routing, read on.
The IP perspective is straightforward as compared to BGP. There are tons of tools to trace your IP traffic. You could do a standard Traceroute from the command line in Windows and Linux/UNIX. You could also use a tool such as AnologX's free HyperTrace utility to do a little bit faster and more flexible trace. Another option is Visualware’s VisualRoute, software that can graphically display the IP path that your traffic takes through the Internet. You can use its Live Demo to trace the Internet route to and from a number of locations around the globe.
For another perspective, you can go to Traceroute.org and trace the IP path from hundreds of locations on the Internet back to the IP address or Web site in question. The combination of this service and a standard Traceroute from your location can be very useful in troubleshooting.
From the BGP perspective, tracing traffic is a little more complex. First, you should understand thatBGP is the routing protocol of the Internet. BGP is a path-vector routing protocol. Just as a standard routing protocol such as RIP selects the best route based on hop count, BGP selects the best path based on the shortest AS path. BGP routing domains are identified by an autonomous system number (ASN). The American Registry for Internet Numbers (ARIN), which regulates IP addresses, also regulates AS numbers.
For more on BGP
If you are unfamiliar with BGP, I recommend reading Internet Routing Architectures, a book many consider the definitive reference on BGP.
So you can use the IP tools to see, possibly, where your traffic is failing. But what if it is simply an IP address that is failing? What if you want to identify the ISP that is causing the problem? What if you want to know if Internet routing is the problem or if the return traffic to your Web request is being sent somewhere else (not back to you) due to routing table issues? Insight into BGP can help answer these questions.
To start, you will need to know your public Internet IP address. You should be able to get this from a variety of sources. If you know your AS number, that is helpful, too. If not, you’ll soon find out. If you are at a larger site, you may have your own AS number. Or, like me, you could have a DSL connection from an ISP. In that case, your IP address would end at your provider's AS number. With your public Internet IP address, go to Traceroute.org. You can get a ton of great BGP information here from two types of sources.
First, there are Looking Glass servers. These are Web servers that are running software that can perform commands for you on BGP routers. While some will let you run only ping and traceroute commands, others will let you do BGP commands. There are hundreds of these Looking Glass servers at Traceroute.org. Using these servers is simplified because the service is Web based and limited to only a few commands. For instance, Figure A shows a Looking Glass server provided by the BBC.
Note that I clicked on BGP and typed in my IP address. When I clicked Submit, I got the output shown in Figure B.
If you have never seen BGP output info before, then the data in Figure B may look a bit daunting, but you just have to know what to look for. Take a look at the second line down; in this case it says that there is one available path from this network (the BBC) to mine. That is important because, many times, there may be multiple paths from one network to another. Then, it shows you the paths this router would take to get to your AS (which leads to your network). The fifth line down reads "6461 23215."
What do these numbers mean? BGP paths are listed starting from the source to the destination. So, the start (in this case, the BBC network, AS number not shown) first goes to AS 6461 and then to AS 23215, which is the AS where my IP address (the IP address I entered at the beginning) is located.
So, who are the providers running these autonomous systems? Let’s look it up at ARIN. At the ARIN Web site, enter 6461 in the Search box on the home page. You will find that the BBC network first goes through Abovenet Communications in White Plains, NY. From there it goes to AS 23215. If we, again, do a whois lookup on ARIN, we see that AS 23215 is Megapath Networks, the ISP where my DSL line is located. So, traffic from BBC goes to Abovenet and then to Megapath. This is a simple example, but it can be used for Internet traffic from any network to any other network.
Second, if you want to go a little further and are interested in BGP, some very cool tools are the (telnet-accessible) BGP route servers on the Internet. These are real BGP routers, with full Internet routes, that you can log in to and do a limited set of BGP commands. Again, go to Traceroute.org and click on Route Servers. You’ll get a list of about 20 route servers, each a telnet link.
The best one of the route servers listed is the Oregon-ix.net Route Server. This router is freely accessible to perform BGP commands. It has about 36 BGP peers, over 800,000 BGP paths, and entries for over 129,000 Internet networks. Using my example information on this route server, I can issue the following command:
show ip bgp 18.104.22.168
That command will result in the output shown in Listing A.
As you can see from the link, this router has 52 paths to get to the BGP AS where my IP address is located. It says that path #26 is the best route (based on BGP metrics). You can also do a BGP regular expression, with AS numbers, like this one:
show ip bgp regexp 23215$
This regular expression asks for every IP network in BGP that terminates at AS 23215. I won’t include the full output since it is hundreds of lines long, but Listing B is a truncated look at the output.
Basically, this router has hundreds of networks that terminate at the AS number given. This command may be useful for troubleshooting BGP paths, especially if your AS is advertising fewer routes. For explanations of what each command does, please refer to Cisco’s Web site on Configuring BGP and the Command Reference for BGP. For more information on how BGP works, configuring BGP, and doing BGP "show" commands, check out these links:
- · TechRepublic: How to use BGP to achieve Internet Redundancy
- · Internet Traffic Report
- · Joe’s BGP Page
- · Cisco: BGP Technical Tips
- · Cisco: Internetworking Technology Overview—Border Gateway Protocol (BGP)
- · Cisco: Configuring BGP
- · Cisco: Command Reference for BGP
- · Cisco: BGP Frequently Asked Questions (FAQ)
- · Cisco: Using Regular Expressions in BGP
- · Cisco: BGP Case Studies
- · Cisco: Internetworking Case Studies—Using BGP for Interdomain Routing
Lower the frustration level
Because the Internet is a most complex network in the world and is run by thousands of different providers, getting problems resolved can be frustrating and time consuming. The next time you are in need of some Internet troubleshooting tools, you may be able to use these examples and tips to pinpoint the problem and get it resolved faster or perhaps tell your ISP where the problem is so that it can be resolved faster.