Path: utzoo!mnetor!uunet!husc6!cmcl2!brl-adm!umd5!ames!ucbcad!ucbvax!LANL.GOV!cpw%sneezy
From: cpw%sneezy@LANL.GOV (C. Philip Wood)
Newsgroups: comp.protocols.tcp-ip
Subject: MILNET/?/UMDNET/SURA/GWU-GATE traffic question
Message-ID: <8801052325.AA00729@sneezy.lanl.gov>
Date: 5 Jan 88 23:25:41 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 58

LANL is used by a number of folks on (or with access to) the Internet.
When they cannot 'telnet' to our hosts here, they start calling us up
and telling us how to do our job.  So far, none of the suggestions have
been very appealing.  The current problem causing some users grief manifests
itself as follows:

	1. A user on GWUVM.GWU.EDU attempts to telnet to MILNET-GW.LANL.GOV.
	2. The connection times out.
	3. The user is pissed and calls us up.

I have tried various things on our end to find out what is going on.  Here
are the things I found out when the problem was first reported:

	1. I could talk to GWUVM.GWU.EDU from our subnets but not
	   directly from MILNET-GW.LANL.GOV.
	   This made absolutely no sense.

	2. I sent 100 ICMP ECHO request's from MILNET-GW.LANL.GOV
	   and 100 reply's were received.  But, of the 100 reply's
	   received about 20% had DUPLICATE SEQUENCE NUMBERS!

I was getting curious.

	3. I sent a more sophisticated ICMP ECHO packet with out much
	   hope of a response.  This one is coded up with the IP RECORD
	   ROUTE option.  Some hosts on the Internet actually respond
	   to these, like our 4.3BSD hosts (a local modification),
	   and A.ISI.EDU.  I wish others would.

	   Low and Behold, back came the following IP header and option:

	   x00: x4f001400	IP header
	   x04: x86450000	    "
	   x08: x11010000	    "
	   x0c: x80a401ea	IP source	GWU-GATE host GWUVM.GWU.EDU
	   x10: x1a00005a 	IP destination 	MILNET host MILNET-GW.LANL.GOV
	   x14: x01072728	IP option field	NOP | RR option header
	   x18: x80080a0e	The		UMDNET host TRANTOR.UMD.EDU
	   x1c: x81020101 	route		UMD-BOGON-NET host 129.2.1.1
	   x20: x80a70101	traversed	SURA host 128.167.1.1
	   x24: x80a70201	as		SURA host 128.167.2.1
	   x28: x80a70102	far		SURA host 128.167.1.2
	   x2c: x80a72101	as		SURA host 128.167.33.1
	   x30: x80a72101	allowed		SURA host 128.167.33.1
	   x34: x80a72101	by		SURA host 128.167.33.1
	   x38: x80a72101	option.		SURA host 128.167.33.1

Unfortunately, thats all you get in an IP option.

So, what's going on?  For sure, if a packet has to hop around in the
SURA network before it (goes to/comes from) GWU-GATE, its going to take
some time.  Maybe get lost?  Maybe get duplicated?

What kind of network media/link levels do packets traverse here? I want to
make sure that LANL doesn't acquire (as in purchase) any hardware/protocols
that behave as above.  Maybe we already have.  Yikes!

Phil Wood  (cpw@lanl.gov)