Next message: Steven M. Bellovin: "Re: barak-online.net icmp performance vs. traceroute/tcptraceroute, ssh, ipsec"
> > the vast majority of routers on the internet respond very differently to
> > traffic 'directed at them' as opposed to traffic 'routed through them'.
>
> Thanks for your reply.
>
> I did include icmp echo directly to each hop as a comparison.
i guess what i'm saying is that you can't read much from the backscatter of
what a either:
- ping of each hop
- eliciting a response from each hop (as traceroute does)
as the basis for determining much.
you can perhaps derive SOME meaning from it, but that meaning rapidly
diminishes when there are multiple intermediate networks involved, some of
which you have no direct connectivity to verify problems with easily, likely
different return path for traffic (asymmetric routing) etc.
as i said before, if you have such terrible ssh/IPSec type performance, far
less than you think is reasonable, then my money is on a MTU issue, and
probably related to your DSL-based final hops.
cheers,
lincoln.
