La première que j'en ai parlé ici, c'était sur une autre IPv4 (qui s'est pris un DoS)Tiens, ThePirateBay fait pas mal dans le genre.
Le traceroute est trafiqué:
nico@Gallifrey ~ $ mtr --report-wide 194.71.107.15
HOST: Gallifrey.priv.byme.at Loss% Snt Last Avg Best Wrst StDev
1.|-- nueva.lan 0.0% 10 1.7 1.9 1.6 3.0 0.4
2.|-- 10.100.176.1 0.0% 10 6.5 7.9 5.4 13.3 2.7
3.|-- ip-182.net-80-236-6.static.numericable.fr 0.0% 10 7.2 39.5 5.3 200.3 67.9
4.|-- ip-198.net-80-236-0.static.numericable.fr 0.0% 10 6.4 8.2 6.2 11.4 2.0
5.|-- ip-193.net-80-236-0.static.numericable.fr 10.0% 10 7.2 9.9 7.2 21.5 4.4
6.|-- ip-19.net-80-236-3.static.numericable.fr 0.0% 10 9.8 8.0 6.7 10.7 1.3
7.|-- 213.242.116.17 0.0% 10 6.3 10.0 6.3 26.6 6.1
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
9.|-- ae-58-113.csw1.Paris1.Level3.net 0.0% 10 18.6 26.0 18.3 32.6 5.4
10.|-- ae-1-51.edge4.Paris1.Level3.net 0.0% 10 19.0 19.0 17.1 21.2 1.6
11.|-- verio-level3-xe.paris1.level3.net 0.0% 10 18.2 19.7 17.9 22.5 1.4
12.|-- ae-2.r21.parsfr01.fr.bb.gin.ntt.net 0.0% 10 19.8 20.7 19.3 23.8 1.4
13.|-- as-4.r22.amstnl02.nl.bb.gin.ntt.net 0.0% 10 37.6 35.3 30.3 41.9 3.7
14.|-- ae-1.r02.amstnl02.nl.bb.gin.ntt.net 0.0% 10 30.2 32.4 29.2 36.3 2.2
15.|-- xe-4-1.r02.dsdfge01.de.bb.gin.ntt.net 0.0% 10 32.4 35.3 29.1 56.2 7.7
16.|-- xe-3-4.r00.dsdfge02.de.bb.gin.ntt.net 0.0% 10 33.0 32.8 29.1 39.2 3.0
17.|-- 213.198.77.122 0.0% 10 35.0 32.4 29.6 35.0 1.8
18.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
19.|-- xe-0-1-0-3.r02.frnkge03.de.bb.gin.ntt.net 0.0% 10 31.5 33.7 31.5 36.2 1.6
20.|-- xe-0.level3.frnkge03.de.bb.gin.ntt.net 0.0% 10 51.7 39.2 34.7 51.7 4.7
21.|-- vlan90.csw4.Frankfurt1.Level3.net 0.0% 10 113.8 117.5 113.6 120.6 2.5
22.|-- ae-82-82.ebr2.Frankfurt1.Level3.net 0.0% 10 118.6 118.4 113.7 121.1 2.3
23.|-- ae-61-61.csw1.NewYork1.Level3.net 0.0% 10 126.8 127.5 123.3 132.5 2.8
24.|-- ae-21-70.car1.NewYork1.Level3.net 0.0% 10 131.9 129.1 125.7 132.7 2.3
25.|-- INTELSAT-IN.car1.NewYork1.Level3.net 0.0% 10 128.9 129.9 126.7 133.8 2.1
26.|-- 209.159.170.215 10.0% 10 195.5 199.1 195.5 206.5 3.5
27.|-- 202.72.96.6 10.0% 10 699.6 701.9 695.9 709.8 4.1
28.|-- 175.45.177.217 10.0% 10 712.1 705.0 701.3 713.1 4.4
29.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
De la latence est injecté artificiellement sur tcp/80:
nico@Gallifrey ~ :( $ sudo tcptraceroute 194.71.107.15 80
traceroute to 194.71.107.15 (194.71.107.15), 30 hops max, 60 byte packets
1 nueva.lan (192.168.42.1) 6.329 ms 6.163 ms 6.017 ms
2 10.100.176.1 (10.100.176.1) 7.013 ms 6.930 ms 6.846 ms
3 ip-182.net-80-236-6.static.numericable.fr (80.236.6.182) 199.107 ms 198.986 ms 199.479 ms
4 ip-198.net-80-236-0.static.numericable.fr (80.236.0.198) 10.406 ms 12.159 ms 12.045 ms
5 ip-193.net-80-236-0.static.numericable.fr (80.236.0.193) 11.948 ms 11.861 ms *
6 ip-19.net-80-236-3.static.numericable.fr (80.236.3.19) 13.593 ms 13.215 ms 13.153 ms
7 213.242.116.17 (213.242.116.17) 12.970 ms 9.606 ms 9.345 ms
8 * * *
9 ae-59-114.csw1.Paris1.Level3.net (4.69.161.50) 23.033 ms ae-58-113.csw1.Paris1.Level3.net (4.69.161.46) 31.149 ms ae-56-111.csw1.Paris1.Level3.net (4.69.161.38) 25.830 ms
10 ae-1-51.edge4.Paris1.Level3.net (4.69.139.202) 22.511 ms 17.624 ms 17.563 ms
11 * * *
12 ae-2.r21.parsfr01.fr.bb.gin.ntt.net (129.250.2.218) 21.216 ms 21.111 ms 22.392 ms
13 as-4.r22.amstnl02.nl.bb.gin.ntt.net (129.250.3.84) 33.291 ms 70.471 ms 65.848 ms
14 ae-1.r02.amstnl02.nl.bb.gin.ntt.net (129.250.2.113) 34.890 ms 30.969 ms 34.201 ms
15 xe-4-1.r02.dsdfge01.de.bb.gin.ntt.net (129.250.2.65) 31.049 ms 34.636 ms 35.672 ms
16 * * *
17 213.198.77.122 (213.198.77.122) 37.293 ms 33.769 ms 37.111 ms
18 * * *
19 xe-0-1-0-3.r02.frnkge03.de.bb.gin.ntt.net (129.250.5.62) 37.394 ms 35.088 ms 36.638 ms
20 xe-0.level3.frnkge03.de.bb.gin.ntt.net (129.250.8.202) 35.417 ms 38.146 ms 41.256 ms
21 vlan90.csw4.Frankfurt1.Level3.net (4.69.154.254) 148.415 ms 143.917 ms 136.993 ms
22 ae-82-82.ebr2.Frankfurt1.Level3.net (4.69.140.25) 204.503 ms 204.116 ms 203.936 ms
23 ae-61-61.csw1.NewYork1.Level3.net (4.69.134.66) 204.045 ms 205.188 ms 205.035 ms
24 ae-21-70.car1.NewYork1.Level3.net (4.69.155.67) 204.771 ms 203.218 ms 202.999 ms
25 INTELSAT-IN.car1.NewYork1.Level3.net (64.156.82.14) 204.455 ms 204.108 ms 203.763 ms
26 209.159.170.215 (209.159.170.215) 306.357 ms 306.688 ms 306.448 ms
27 202.72.96.6 (202.72.96.6) 716.926 ms 716.514 ms 716.326 ms
28 175.45.177.217 (175.45.177.217) 717.221 ms 716.991 ms 716.939 ms
29 thepiratebay.org (194.71.107.15) <syn,ack> 818.492 ms 818.275 ms *
Tout comme l'ASPATH
BGP routing table entry for 194.71.107.0/24, version 346010737
Paths: (7 available, best #4, table Default-IP-Routing-Table)
Multipath: eBGP iBGP
Flag: 0x1000
Advertised to update-groups:
3 8 13
46786 39138 22351 131279 51040
199.59.206.97 from 199.59.206.97 (204.26.60.249)
Origin IGP, localpref 102, valid, external, multipath
Community: 5577:2000 5577:2100 5577:2150 5577:2199 5577:5000 5577:5001
46786 39138 22351 131279 51040
199.59.206.29 from 199.59.206.29 (204.26.60.249)
Origin IGP, localpref 102, valid, external, multipath
Community: 5577:2000 5577:2100 5577:2150 5577:2199 5577:5000 5577:5001
46786 39138 22351 131279 51040
199.59.206.25 from 199.59.206.25 (204.26.60.249)
Origin IGP, localpref 102, valid, external, multipath
Community: 5577:2000 5577:2100 5577:2150 5577:2199 5577:5000 5577:5001
46786 39138 22351 131279 51040
199.59.206.17 from 199.59.206.17 (204.26.60.249)
Origin IGP, localpref 102, valid, external, multipath, best
Community: 5577:2000 5577:2100 5577:2150 5577:2199 5577:5000 5577:5001
46786 39138 22351 131279 51040
199.59.206.101 from 199.59.206.101 (204.26.60.249)
Origin IGP, localpref 102, valid, external, multipath
Community: 5577:2000 5577:2100 5577:2150 5577:2199 5577:5000 5577:5001
3549 2914 39138 22351 131279 51040
208.178.63.97 from 208.178.63.97 (67.17.80.136)
Origin IGP, metric 100, localpref 49, valid, external
Community: 3549:2699 3549:31528 5577:1000 5577:1001 5577:5000 5577:5001
1299 2914 39138 22351 131279 51040
213.248.95.181 from 213.248.95.181 (80.91.242.33)
Origin IGP, metric 100, localpref 49, valid, external
Community: 1299:20000 5577:1000 5577:1002 5577:5000 5577:5006
as51040 <=> Piratpartiet North Korea
as131279 <=> STAR-KP (ISP unique NK)
as22351 <=> INTELSAT
as39138 <=> rrbone UG (haftungsbeschraenkt)
De Numericable, le fake est assez flagrant: on sort de Level3 pour entrer dans NTT pour réentrer dans Level3.
Et étrangement on ne voit pas AS39138 ...
Également l'avant dernier hop (175.45.177.217 qui est STAR-KP) ne passe pas par IntelSat
nico@Gallifrey ~ $ mtr --report-wide 175.45.177.217
HOST: Gallifrey.priv.byme.at Loss% Snt Last Avg Best Wrst StDev
1.|-- nueva.lan 0.0% 10 1.6 1.8 1.6 2.1 0.2
2.|-- 10.100.176.1 0.0% 10 7.3 7.3 5.3 10.7 2.1
3.|-- ip-182.net-80-236-6.static.numericable.fr 0.0% 10 72.6 14.1 5.8 72.6 20.6
4.|-- ip-198.net-80-236-0.static.numericable.fr 0.0% 10 8.2 7.6 6.0 11.6 1.6
5.|-- ip-193.net-80-236-0.static.numericable.fr 20.0% 10 8.7 9.4 6.1 13.3 2.0
6.|-- ip-19.net-80-236-3.static.numericable.fr 0.0% 10 11.1 8.3 6.3 11.1 1.7
7.|-- 213.242.116.17 0.0% 10 8.7 16.1 6.6 68.6 19.1
8.|-- ae-7-7.ebr1.Paris1.Level3.net 0.0% 10 24.5 25.4 24.3 27.5 1.2
9.|-- ae-46-46.ebr1.London1.Level3.net 0.0% 10 24.9 26.3 24.2 28.6 1.5
10.|-- ae-57-112.csw1.London1.Level3.net 0.0% 10 38.0 28.1 24.0 38.0 4.3
11.|-- ae-11-51.car1.London1.Level3.net 0.0% 10 210.6 82.4 23.9 210.6 75.9
12.|-- 213.206.131.21 0.0% 10 25.4 27.8 25.0 42.2 5.3
13.|-- sl-crs2-nyc-0-5-3-0.sprintlink.net 0.0% 10 99.9 101.3 98.9 106.0 2.3
14.|-- 144.232.5.218 0.0% 10 113.6 114.4 113.0 117.2 1.3
15.|-- sl-crs2-chi-0-0-0-1.sprintlink.net 0.0% 10 117.7 116.0 114.5 118.2 1.2
16.|-- 144.232.1.75 0.0% 10 125.3 124.9 122.1 129.9 2.4
17.|-- 144.232.11.19 0.0% 10 174.4 191.8 174.4 257.0 29.2
18.|-- 144.232.12.43 0.0% 10 166.2 166.3 162.7 172.3 3.4
19.|-- 144.232.7.126 0.0% 10 169.1 170.3 168.5 171.6 1.2
20.|-- sl-st20-sj-13-0-0.sprintlink.net 10.0% 10 178.1 176.5 173.2 185.7 3.8
21.|-- sl-china6-192107-0.sprintlink.net 10.0% 10 326.0 327.6 325.3 330.8 2.0
22.|-- 219.158.32.174 10.0% 10 489.8 410.4 387.7 489.8 42.0
23.|-- 175.45.177.217 10.0% 10 388.6 391.2 387.8 396.3 3.0