[Fwd: Re: Making ICMP the default traceroute protocol?]

[Clark Gaylord]

Marian Durkovic wrote:

>   seems that in today's networking environment the original traceroute 
>concept utilising high UDP ports no longer works - since those ports
>are now typically blocked by firewalls.
>
>   However, when traceroute is performed using ICMP protocol, the results
>are much better.
>
>   Therefore, I'd like to propose to patch
>
>src/contrib/traceroute/traceroute.c
>
>   so the ICMP protocol is the first one in 

I disagree.  Firstly, IWFs tend to also block ICMP.  Secondly, routers 
sometimes queue ICMP differently than UDP (not just in their own 
processing, which they almost always do, but also in their forwarding), 
giving even more distortion to these data than they naturally possess 
otherwise.  In particular, if filtering happens, this becomes obvious; 
if differential queueing happens, it is difficult to notice that is 
likely what is happening as it doesn't break the trace, it just distorts 
the data.  Finally, knowing that there is some IWF between me and the 
destination is usually a good indication of where a performance problem 
resides. ;-)

This is most likely to make a difference at the end hop itself, though 
of course filtering can happen anywhere along the path.

If you are finding that your destinations tend to need ICMP, I'd 
recommend aliasing traceroute to "traceroute -I".

--ckg