fail fast and display hint when --first_ttl=x --max_ttl=y and x>y #521
Comments
|
mtr should report "actual measurements" as much as possible, and not try to second-guess what you're trying to do or want to see. The --minttl and --maxttl options seem to work. I can "chop" part of a route from the results with them. Similarly it behaves as you expect when I specify a min and max between actual hops and 30. This would indicate to me that the OS might be preventing us from sending packets with the TTL set to 90.... |
|
Thanks for your prompt response !
Trying on my system to set the ttl for the nc command to assign ttl and inspect it using tcpdump and tshark confirms that the OS is properly sending the traffic with IPV4 ttl higher than 30 (90). nc --help
#> nc: invalid option -- '-'
#> usage: nc [-46CDdFhklNnrStUuvZz] [-I length] [-i interval] [-M ttl]
#> [-m minttl] [-O length] [-P proxy_username] [-p source_port]
#> [-q seconds] [-s sourceaddr] [-T keyword] [-V rtable] [-W recvlimit]
#> [-w timeout] [-X proxy_protocol] [-x proxy_address[:port]]
#> [destination] [port]
man nc
#> -M ttl Set the TTL / hop limit of outgoing packets.
#>
#> -m minttl
#> Ask the kernel to drop incoming packets whose TTL / hop limit is under minttl.
sudo tcpdump -n -i any host 192.168.25.3 -w /tmp/nc.pcap
nc -M 90 -v myhost.my-redacted-domain.org443
#> Connection to myhost.my-redacted-domain.org(192.168.25.3) 443 port [tcp/https] succeeded!
tshark -V -r /tmp/nc.pcap | grep "Time to Live"
#> Time to Live: 90
#> Time to Live: 49
#> Time to Live: 90
#> Time to Live: 90
#> Time to Live: 49
#> Time to Live: 49
#> Time to Live: 64
#> Time to Live: 64Surprisingly, I don't observe TTL higher than 30 for mtr mtr -v
#> mtr 0.95
tcpdump -n -i any host 192.168.25.3 -w /tmp/mtr.pcap &
mtr -j --first-ttl 90 --max-ttl 90 myhost.my-redacted-domain.org:443
#> {
#> "report": {
#> "mtr": {
#> "src": "42d4442c-6276-4f04-b496-9638245cd4e4",
#> "dst": "myhost.my-redacted-domain.org",
#> "tos": 0,
#> "tests": 10,
#> "psize": "64",
#> "bitpattern": "0x00"
#> },
#> "hubs": [
#> {
#> "count": 30,
#> "host": "myhost.my-redacted-domain.org",
#> "Loss%": 0.0,
#> "Snt": 10,
#> "Last": 2.429,
#> "Avg": 2.578,
#> "Best": 2.148,
#> "Wrst": 3.566,
#> "StDev": 0.528
#> }
#> ]
#> }
#> }
tshark -V -r /tmp/mtr.pcap | grep "Time to Live"
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 31
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49
#> Time to Live: 30
#> Time to Live: 49 |
|
Haha! Found it! You cannot set first ttl larger than last(max) ttl. Duh! This is checked at the time of parsing the arguments. So first set max to 90 THEN set first to 90 as well. Works! Checked! If you wish to get just one probe depth, then set max to the desired probe depth and then set min to 1000.... less variables involved. |
|
Thanks a lot ! Inverting the two options , mtr indeed preserves the request TTL as shown in tcpdump captures, and properly returns the count to the assigned TTL for the outgoing tcp connection (not the one received from the response tcp packets, which are likely hidden by the posix interface that mtr uses to open the tcp connection) Sample output with --max-ttl 90 --first-ttl 1000tcpdump -n -i any host 10.118.43.212 -w /tmp/mtr.pcap &
# mtr -j --max-ttl 90 --first-ttl 1000 myhost.my-redacted-domain.org 443
#{
# "report": {
# "mtr": {
# "src": "42d4442c-6276-4f04-b496-9638245cd4e4",
# "dst": "myhost.my-redacted-domain.org",
# "tos": 0,
# "tests": 10,
# "psize": "64",
# "bitpattern": "0x00"
# },
# "hubs": [
# {
# "count": 90,
# "host": "myhost.my-redacted-domain.org",
# "Loss%": 0.0,
# "Snt": 10,
# "Last": 2.22,
# "Avg": 2.553,
# "Best": 2.182,
# "Wrst": 3.834,
# "StDev": 0.492
# }
tshark -V -r /tmp/mtr.pcap | grep "Time to Live"
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49
# Time to Live: 90
# Time to Live: 49 Would it make sense to have mtr fail-fast upon receiving apparently conflicting options, and possibly hinting about the flag order for when it is intended that first-ttl >= max_ttl ? Lines 478 to 486 in c68adc1 |
gberche-orange
changed the title
|
How about: "Warning: unable to set first-ttl to %d limited to max-ttl=%d. " On the other hand. Just moving the check to AFTER all arguments have been parsed is probably better. And maybe we should bomb out if you set them "wrong". On the other hand, someone might have stumbled on the "funny" behavior and now depend on it.... |
|
How is this? |
This seems right to me, thanks ! |
|
What happens with --first-ttl=91 --max-ttl=91 in you upcoming version ? |
|
On Tue, Feb 04, 2025 at 01:17:57PM -0800, Guillaume Berche wrote:
What happens with --first-ttl=91 --max-ttl=91 in you upcoming version ?
It will do exactly just 91 and report count=91 in the json.
|
|
I used -r this time as it shows exactly the same behavior as the json output. First is old second is new otherwise same commandline. |
|
Looks great, thanks! Are the related code changes already available on github ? |
|
Now it is.
|
|
thanks for 7a8f545 ! |
|
BTW, I noticed the tests are failing fot this commit see https://github.com/traviscross/mtr/actions/runs/13157461888/job/36717793013, is it unrelated false detection or a regression ? |
|
There was a previous issue, it seems someone added tests that require "root" to run (mtr sends funky packets which require root to submit to the networking stack), which of course on github isn't going to fly. |
Hi everyone, it runs inside of VM in scopes of which its privileges are granted. I.e. something like |
Following thread at #505 (comment) thanks to @rewolff explaining behavior of mtr for tcp protocol below
When specifying
--first-ttl 90 --max-ttl 90 --tcp ..., I'm surprised to see that the single reported host in thehubssection (which is also the final destination) has an associatedcount=30in the json report, and the interactive display.sample json report output with --first-ttl 90 --max-ttl 90
How is computed this
30value ?I suspect this comes from the
30default value.mtr/man/mtr.8.in
Lines 420 to 422 in c68adc1
Shouldn't instead the
countbe assigned the specified value by the-min--ttlflag (which is equal to--max-ttlflag) instead ?If I understand correctly,
countinhubsrepresents the number of index of the intermediate gateway discovered before reaching the destinationsample json report output with --first-ttl 1 --max-ttl 90
The text was updated successfully, but these errors were encountered: