I've been collecting information for a "Practical Guide to Linux Networking" by reading material I can find. Two things I've been reading recently are:
- A Practical Guide to (Correctly) Troubleshooting with Traceroute
- a presentation by Richard A Steenbergen
- Compute Networking: A Top Down Approach
- a textbook by Kurose and Ross
In the traceroute guide, Richard mentions that it's useful to find the boundaries of your network and that it's also useful to be able to translate DNS names to ISP's. It seemed highly unlikely that I would ever be able to do this translation given the examples shown, like:
p16-1-0-0.r21.asbnva01.us.bb.verio.net ldn-bb2-link.telia.net tbr2.wswdc.ip.att.net xe-3-0-0.cr1.nyc3.us.nlayer.net te2-4.ar5.PAO2.gblx.net
Sure, I can see that there are some words just before the
.net, but I don't have any mapping of what that means. I was imagining a list of international Comcasts that I would never be able to remember. However, "Computer Networking", they mention that the list of T1 ISP's is actually pretty small!
Here they are:
|CenturyLink (formerly Level3, Global Crossing (gblx) and some others)||USA|
|Deutsche Telekom AG (ICSS)||Germany|
|GTT (formerly Tinet & nLayer)||USA|
|NTT Communications (formerly Verio)||Japan|
|PCCW Global||Hong Kong|
|Telecom Italia Sparkle||Italy|
|Telxius (subsidiary Telefonica)||Spain|
|Verizon Enterprise Solutions (UUNET & XO Communications)||USA|
|Zayo Group (formerly AboveNet)||USA|
Granted, that's still a lot, but at least it's tractable. And knowing there's a small list makes it more tractable to look up when I don't see one I recognize (rather than google "All names of internet providers, ever...")
I wanted to find what some of their hostnames looked like. So I tried some random tracerouting starting with the company name
.net also trying some variations of former names. This worked pretty well! I also tried in TCP mode with
sudo traceroute -T which uncovered a few that eluded the first attempts. Here are the non-exhaustive results.
$ traceroute att.net ... 8 cr2.sffca.ip.att.net (220.127.116.11) 75.585 ms 76.402 ms 75.958 ms ... 10 cr2.dlstx.ip.att.net (18.104.22.168) 78.300 ms 77.370 ms 78.694 ms
We can see we jumped from SF over to Dallas Texas!
centurylink.com but that didn't give me anything, so I tried:
$ traceroute level3.net ... 6 lag-14.ear2.SanJose1.Level3.net (22.214.171.124) 18.185 ms 16.268 ms 17.309 ms 7 * * * 8 126.96.36.199 (188.8.131.52) 39.986 ms 41.772 ms 41.428 ms 9 * * * 10 Level3IsNowCenturylink.com (184.108.40.206) 41.310 ms 41.700 ms 36.501 ms # Similarly for globalcrossing.com 10 thenewcenturylink.com (220.127.116.11) 43.422 ms 37.603 ms 37.615 ms
Deutsche Telekom AG (ICSS)
$ sudo traceroute -T telekom.com ... 9 m-eb7-i.M.DE.NET.DTAG.DE (18.104.22.168) 180.473 ms 175.974 ms 176.948 ms
$ traceroute tinet.net ... 8 xe-7-3-0.cr0-trn3.ip4.gtt.net (22.214.171.124) 180.859 ms 179.917 ms 181.247 ms 9 it-farm-gw2.ip4.gtt.net (126.96.36.199) 203.231 ms 198.183 ms 203.110 ms
$ traceroute kpn.com 6 lag-14.ear2.SanJose1.Level3.net (188.8.131.52) 25.916 ms 17.694 ms 18.140 ms 7 ae-237-3613.edge6.Amsterdam1.Level3.net (184.108.40.206) 158.544 ms 151.896 ms 153.006 ms 8 IPTRIPLEPLA.edge6.Amsterdam1.Level3.net (220.127.116.11) 157.888 ms 159.041 ms 158.746 ms 9 * * * 10 cca-iaas-cr01.net.kpnvdc.nl (18.104.22.168) 159.382 ms 159.334 ms 159.067 ms 11 22.214.171.124 (126.96.36.199) 159.278 ms 159.481 ms 159.424 ms 12 apd-iaas-cr01.net.kpnvdc.nl (188.8.131.52) 171.001 ms 165.615 ms 165.130 ms 13 * * * 14 static.kpnvdc.nl (184.108.40.206) 160.604 ms 161.201 ms 161.399 ms
$ sudo traceroute -T sprint.net ... 18 sl-sprin881-320471-0.sprintlink.net (220.127.116.11) 85.353 ms 84.287 ms 97.713 ms
After digging in to this stuff, I still had some questions.
- What is an AS number? And how does it translate to IP CIDR ranges?
- Is there a map of T1 endpoints somewhere?
- How much does someone pay to send traffic over a T1?
- Wikipedia: Tier 1 Network
mtris like traceroute but continuous (I wanted easy copy-pasteable output, so I stuck with traceroute.)
traceroute bad.horse(Just try it)
openssl s_client -connect signed.bad.horse:443 -servername signed.bad.horse < /dev/null