Re: When traceroute exceeded 30 hops !! Need Telco Expert !!

wchew · ‎04-04-2005

Hi,

The smtp/pop3 server is located in Malaysia and we have a branch office located in Shanghai, China. Users ta branch office is able to access internet without problem. The only problem is accessing the server back in Malaysia. When I was there to rectify this problem, I did a traceroute back to my server in Malaysia and most of the time hops exceeded 30 hops !!

How can the telco helps improve the situation or are there any technologies currently that is able to do this ?!

Best regards,

Lawrence

maher · ‎04-04-2005

Hi there,

Not pretty sure how the telco could improve on this BGP connectvity unless the telco is a service provider. Perhaps you need to check with your service provider regarding your peering in Malaysia.

regards,

maher

wchew · ‎04-04-2005

Hi Maher,

I am using a Cisco 1720 router, probably will be taxing on the router's CPU if I am using BGP peering. Basically, the router just configured to have a default static route point out to serial (leased line) to access the internet.

Thanks !! Anymore ideas !!

Best regards,

Lawrence

dlasher · ‎04-04-2005

You might think about using some sort of tunnel between the two, (GRE or IPSEC) which would "hide" almost all the hops, and should get around the 30-hop issue.

You'll need hardware at both ends able to do it, which almost every Cisco router made will do a GRE tunnel, given the right code, and enough RAM.

Report Inappropriate Content · ‎04-04-2005

wchew · ‎04-04-2005

Hi,

Thanks for reply. I am thinking of using tunnelling from China back to Malaysia. But tunneling will means the destination is reachable, than the tunnel will be created or otherwise it is unreachable or timeout.

Wondering whether the telco is able to do some form of tunnelling at their end.

Best regards,

Lawrence

wchew · ‎04-04-2005

Hi,

Thanks for reply. I am thinking of using tunnelling from China back to Malaysia. But tunneling will means the destination is reachable, than the tunnel will be created or otherwise it is unreachable or timeout.

Wondering whether the telco is able to do some form of tunnelling at their end.

Best regards,

Lawrence

Richard Burts · ‎04-04-2005

Lawrence

Perhaps you could clarify what the problem really is, because right now I am a bit confused. If the problem is that traceroute does not show the complete path because there are more than 30 hops then the tunneling suggestion is an incomplete solution. Going through the tunnel will look like one hop, so traceroute will complete easily (assuming that there is IP connectivity through the way to the destination) but you will lose all visibility of what the path looks like getting to the destination which is the real point of traceroute.

Have you looked at extended trace in privilege mode to see what control it gives you over the hopcount of traceroute?

HTH

Rick

HTH

Rick

wchew · ‎04-04-2005

Hi Rick,

Let me clarify further, I have a Cisco 1720 at Shanghai office. This router is also acting as PAT/NAT to allow internet access. I intend to let the users in Shanghai to have access to smtp/pop3 server located in Malaysia and cooperate domain name.

By doing PING and TRACEROUTE or TRACERT, the packets get timeout or exceeded 30 hops ! I am thinking of how to resolve this issue.

Currently the users are accessing smtp/pop3 hosting by a IT company in China with a diferent domain name all together.

What I am trying to do is to consolidate the email users in China to access the smtp/pop3 in Malaysia. This is my ultimate solution.

Best regards,

Lawrence

Richard Burts · ‎04-05-2005

Lawrence

If the issue is that traceroute goes more than 30 hops to reach the destination and does not complete, then the best solution is to use extended trace (from privilege mode) and set the maximum number of hops to a larger value like this:

lab_router#trace

Protocol [ip]:

Target IP address: 198.133.219.25

Source address:

Numeric display [n]:

Timeout in seconds [3]:

Probe count [3]:

Minimum Time to Live [1]:

Maximum Time to Live [30]:

The fact that it is more than 30 hops would be a problem for application traffic (like SMTP) only if the TTL of the application packets is 30 which is unlikely.

If the problem is that having such a long path introduces latency and possibly packet loss which may impact your application traffic, then do not worry about traceroute, worry about the applications. Using tunnels would obscure the problem but would not solve this problem because the data traffic still has a long path. If this is the problem then about the only thing you can do is to complain to the provider and ask if there is anything they can do to improve your connectivity.

HTH

Rick

HTH

Rick

wchew · ‎04-05-2005

Hi Rick,

I have also tested the smtp/pop3, it is almost timeout all the time. This is my problem.

It is true I could set the traceroute to higher value, than what the application level ?

I did consult the China Telco to improve or to influence the routes or even IPVPN just for us. No news yey !!

Best regards,

Lawrence

Richard Burts · ‎04-05-2005

Lawrence

I believe that we are now beginning to focus on the more important issues. If application performance is impacted, that is where you need to concentrate (whether traceroute works or not is much less important). And knowing what the real problem is will help to identify the most appropriate solutions.

If applications are not performing well because of high latency and or high packet loss, then tunneling will not fix the problem. Tunnels will hide the number of hops, but they will not change the number of routers that forward the packet, or the latency of the path, or the degree of packet loss. Tunnels will not find lost packets or retransmit lost packets. So I suggest that you do not need to think much about tunnels as part of the solution.

If you believe that the number of hops is an issue, then you might check how your mail server (or servers for other applications) is setting the time to live (TTL) in the IP packets. If it is set low, it could cause packet loss. But I doubt that this is the case.

As I said before if the problem is high latency and high packet loss then you need to look for ways to improve them. And I do not know of anything that you can do other than to ask your provider for help. Or perhaps to look around and see if there are alternate providers who can give you better service.

HTH

Rick

HTH

Rick

neclink · ‎04-04-2005

What kind of connection do you have between two locations? It seems more of a provider issue. However need more specific detail to understand the problem.

markausten · ‎04-05-2005

Hello Lawrence,

What you are experiencing is the reason why it's more expensive to buy a point-to-point Frame-Relay circuit compared to an Internet connection.

People buy a Internet connection on each end, run a tunnel between the two sites and expect the performance of a dedicated WAN link, it's not going to happen.

About the only expectation the Internet can meet is the speed between you and the first hop router. Delay and the ammount of hops is out of your control and the ISP you use, unless you connect to the same ISP on both ends. If so the ISP may be able to look into your concerns.

If you have high expectations the Internet is not the place to run your private WAN. Another option may be a Provider that offers an MPLS VPN service. The cost may be slighty higher but the VPN runs over the Providers private network that can offer SLAs.