Friday, March 27, 2009

Route Servers and Looking Glasses

One of my favorite Internet troubleshooting website's is http://traceroute.org. It hosts a collection of links to BGP Looking Glasses and Route Servers all over the Internet. This is extremely useful when trying to track down why people in various parts of the Internet cannot reach your public IP space by being able to make sure that the routes that you are advertising are propagated properly and that someone else is not stepping on your routes.

For example, I was troubleshooting a problem where users in my network were not able to get out to the Internet. After checking our firewalls and routers I found that the traffic was indeed leaving the network out to the Internet but I wasn't getting any return traffic. I saw that I was advertising the return routes out to the Internet, but by logging into a Route Server I found that there was a more specific route that was being advertised by AT&T (who was not our carrier) than what I was advertising to the Internet. Because of this I was able to start advertising more specific ranges than what AT&T was sending to work around the problem until I tracked someone down at AT&T.

Once I got a hold of someone we found that someone was turning up a new AT&T customer who had a very similar address range as my IP space and had fat fingered the IP address when they put in the route. This in turn started advertising my space more specifically than mine which sent all of my return traffic to AT&T. Had I not been able to look at how the "Internet" was routing my IP space I would have never been able to find this problem.

Most of the providers even have the ability to ping and traceroute from various points around the world as well which is sometimes helpful as well.

No comments: